Stability checkpoint — README mastery 10-axis blocks (EN + FR partial mirror)
- docs(readme): add 'What this project demonstrates mastery of' 10-axis
block at top
(README.md +16 LOC) — sourced from stable-v1.2.10 tag annotation
themes ; sits ABOVE the badges per the new
~/.claude/CLAUDE.md "Surface the same themes at the TOP of the
README" rule.
- docs(readme.fr): mirror 'mastery' 10-axis block at top — partial sync
(README.fr.md +23 LOC) — FR translation of the same 10 axes added
to maintain parity at the visible-first recruiter-facing piece.
Full body sync deferred (FR is at 365 lines vs EN's 1118 — most
EN content post-2026-04-25 rewrite is not yet translated). An
HTML comment in README.fr.md documents the partial-sync state for
the next contributor.
Cross-repo binding decision : [common ADR-0062](https://gitlab.com/mirador1/mirador-common/-/blob/main/docs/adr/0062-thematic-mastery-tags-readme.md)
landed 2026-04-27 formalising both the verbose tag annotations AND
the README mastery block as cross-repo conventions.
CI :
- ✅ Main pipeline #925 — https://gitlab.com/mirador1/mirador-service-java/-/pipelines/2481892511
- Required jobs all green : ✅ unit-test | ✅ integration-test |
✅ secret-scan | ✅ secret_detection | ✅ semgrep-sast |
✅ owasp-dependency-check | ✅ docker-build | ✅ build-jar |
✅ cosign:verify | ✅ cosign:sign | ✅ dockle | ✅ grype:scan |
✅ sbom:syft | ✅ trivy:scan | ✅ sonar-analysis |
✅ code-quality | ✅ hadolint | ✅ openapi-lint | ✅ terraform-plan
- ✅ MR pipelines for !230 (EN) and !231 (FR) both green individually
before auto-merge fired.
Local test pass :
- ⏭ ./mvnw verify -q — N/A : config-only README docs change, CI ran
the full unit + integration suite on the merged HEAD and is green.
- ⏭ ./mvnw verify -Dcompat -Djava21 -q — N/A : compat matrix is
manual-only on this repo, not triggered by docs-only merges.
- ⏭ bin/dev/api-smoke.sh — N/A : no REST surface change.
- ⏭ bin/dev/stability-check.sh — N/A : no source / quality artefact
change to stress-test.
Manual probe :
- ✅ README.md renders correctly on GitLab + GitHub (banner,
blockquote, badges all in expected order).
- ✅ README.fr.md renders correctly with the partial-sync HTML
comment visible to maintainers.
- ✅ All 11/11 MCP tools reachable from claude session
(mirador-java + 10 others) — `claude --print "Use mirador-java's
list_recent_orders limit=3"` returns 3 (smoke validated this AM).
Regression check vs previous tag (stable-v1.2.10) :
- ✅ Spring AI streamable-http endpoint (config landed 2026-04-27)
still serves /mcp ; `claude mcp list` shows ✓ Connected.
- ✅ ActuatorService Javadoc fix from stable-v1.2.10 still in
place — the constructor still wires 3 providers (health, info,
env) with the corrected wording.
- ✅ grype suppressions in .grype.yaml still in force ; dated
TODO 2026-05-26 still binds (scheduled task
`mirador-grype-mcp-core-cve-revisit` armed).
- 🆕 README mastery blocks (EN + FR) now visible at the top of both
files — recruiters skimming for 30 seconds see the 10 central
IT axes immediately.
- ⏭ N/A — no MCP / Spring AI change in this rev. Documentation
surface DOES advertise the IA mastery (14 in-process MCP tools,
Spring AI 1.1.4 + Ollama, claude-compatible streamable-http) at
the top of both EN + FR READMEs.
- ⏭ N/A — no auth surface change. Documentation surface advertises
JWT + X-API-Key + Auth0 + grype/trivy/cosign/dockle/owasp at the
top of both READMEs.
- ⏭ N/A — no domain change.
- ⏭ N/A — no IaC / cluster change.
- ⏭ N/A — no SLO / dashboard change.
- ⏭ N/A on the source side. Docs surface advertises JaCoCo /
PIT mutation / SonarCloud / Spectral / Checkstyle / SpotBugs
/ findsecbugs / jqwik prominently.
- ✅ All required jobs on main #925 green (19 jobs — same set as
stable-v1.2.10, no regressions).
- ✅ Conventional Commits respected : `docs(readme):` triggers
patch bump → stable-v1.2.11 (was 1.2.10).
- 🆕 README structure now follows the new global rule "Surface the
same themes at the TOP of the README" — formalised in
[common ADR-0062](https://gitlab.com/mirador1/mirador-common/-/blob/main/docs/adr/0062-thematic-mastery-tags-readme.md).
Convention now binding cross-repo (this repo, mirador-service-python,
mirador-ui — all 3 portfolio-facing READMEs updated 2026-04-27).
- File length / root hygiene / subdirectory hygiene : no drift.
- ⏭ N/A — backend repo.
- 🆕 Recruiter-facing surface vastly improved : 30-second skim of
the 10 central mastery axes is now a blockquote at the top of
README.md (EN) + README.fr.md (FR). Closes a 2026-04-25
portfolio-review feedback item.
- 🆕 FR/EN parity at the top of the README (the most-visible
section) — even though the body of FR is still 365/1118 lines
short. Recruiters who land on .fr.md no longer see "le projet
fait des choses backend" before the badges ; they see exactly
the same 10 axes as the EN reader.
- mcp-core 0.17.0 GHSAs (HIGH GHSA-8jxr-pr72-r468 + MEDIUM
GHSA-hv2w-8mjj-jw22) suppressed in .grype.yaml — exit-ticket
2026-05-26 (scheduled task armed).
- Compat matrix only triggered manually on this repo — pre-existing.
- README.fr.md body sync — 365 vs 1118 lines, 700+ lines of
translation work deferred to a dedicated session (tracked in
TASKS.md).
- mirador-python on port 8001 (override) when running parallel to
Java on 8080 — documented in mcp-setup-app.sh ; single-backend
dev runs don't need the override.
- Java + Python README full body sync of FR (700+ lines).
- Pick a fix for the testcontainers network path issue documented
in stable-py-v0.6.10's known limitations (option 1 = GitLab
`services: kafka:` + drop testcontainers for the kafka tests).
- Wire the README mastery block update into release-please /
CHANGELOG tooling so it auto-syncs from tag annotations rather
than drifting between releases.