GameList/REVIEW.md

Maintainability Review - Pick'n'Play

A) Current focus

This document tracks only active work. Completed work is intentionally omitted and can be reviewed in git history.

Active maintainability risks (priority order):

1. Frontend module concentration and global coupling (Critical)

• wwwroot/js/ui.js remains the dominant hotspot and owns rendering, modal flows, admin flows, and vote logic.
• Cross-feature coupling still exists via shared mutable state usage across UI/data modules (wwwroot/js/ui.js:180, wwwroot/js/ui.js:401, wwwroot/js/ui.js:622, wwwroot/js/data.js:82).
• Impact: high regression surface and expensive refactors even after removing global window bridges.

2. Static analysis and frontend lint guardrails are still missing (Medium)

• CI currently gates restore/build/test only (.github/workflows/ci.yml:23-.github/workflows/ci.yml:29).
• Impact: style drift and low-signal warnings can enter the codebase undetected.

B) Active task list

[P1] Decompose frontend UI monolith by feature

• Problem: Severity High, Category Architecture/Complexity. ui.js still mixes rendering, form behavior, and mutation flows.
• Evidence: wwwroot/js/ui.js:180, wwwroot/js/ui.js:401, wwwroot/js/ui.js:622, wwwroot/js/ui.js:903, wwwroot/js/data.js:82.
• Recommendation: split by feature (suggestions-ui, votes-ui, admin-ui, modals-ui) and keep orchestration in a thin composition layer.
• Acceptance criteria (testable): UI behavior is preserved while feature modules own isolated responsibilities and no single file coordinates all vote/admin/modal/suggestion interactions.
• Effort / Risk: L / Med.
• Dependencies (if any): none.

[P2] Add static analysis and JS lint/format guardrails

• Problem: Severity Medium, Category Tooling. CI does not enforce analyzers or JS lint/format checks.
• Evidence: .github/workflows/ci.yml:23-.github/workflows/ci.yml:29.
• Recommendation: add .NET analyzer configuration and ESLint/Prettier checks, then enforce in CI.
• Acceptance criteria (testable): CI fails on analyzer/lint violations; local scripts are documented in root docs.
• Effort / Risk: M / Low.
• Dependencies (if any): none.

[P2] Externalize i18n and FAQ content from executable JS

• Problem: Severity Low, Category Complexity/Documentation. Translation and FAQ payloads are embedded in code.
• Evidence: wwwroot/js/i18n.js:1-wwwroot/js/i18n.js:799.
• Recommendation: move language dictionaries and FAQ markdown into versioned data assets with schema checks.
• Acceptance criteria (testable): i18n.js holds behavior only; assets load and render identical user-facing text.
• Effort / Risk: M / Low.
• Dependencies (if any): frontend module split is helpful but optional.

C) Suggested execution order

1. Decompose ui.js by feature and keep orchestration thin.
2. Add analyzers + JS lint gates in CI.
3. Externalize i18n/FAQ assets.

D) Guardrails

• Keep endpoint handlers transport-focused and move business rules into services/validators.
• Keep reads side-effect free and isolate all persistence changes to explicit command paths.
• Maintain one source of truth per validation rule (backend authoritative, frontend UX hints only).
• Prefer typed DTOs over anonymous response shapes for non-trivial API payloads.