Plan: /Users/reporkey/.claude/plans/noble-tumbling-sparkle.md
Inventory: 33 hedge entries / open verification items across 12 hand-
written pages, clustered into 5 groups by why-they're-not-verified.
Cluster A — closed inline by reading source / running DB queries:
- slices/02-multi-tenancy item 1: edition gating is **not** sVersionFlowId
→ sisversionflow. Verified: `grep sVersionFlowId xly-src --include='*.java'
--include='*.xml'` returns ZERO mapper hits. The actual filter is
`MenuChildServiceImpl.getBuMenuSql` line 64: `AND m.sId in
(#{sVersionFlowId... wait sVerifyLicense})`. sVerifyLicense is sourced
from the TrueLicense-bound `VerifyLicense.getModelAllList()` and
injected via xlyApi RequestAddParamUtil:50 or controller-level param
assembly. sVersionFlowId/Code are catalogue tags, NOT runtime gates.
Wiki body of "How modules are filtered per edition" rewritten.
- slices/02 item 2: closed; cross-link to the activiti.md rewrite that
documents Activiti is wired-but-idle.
- slices/02 item 3: session→tenant chain mapped:
AuthorizationInterceptor.preHandle → RedisTokenManager.getToken
(AES-decrypts bearer, checkToken validates Redis at <sLoginType><userId>)
→ @CurrentUser via CurrentUserMethodArgumentResolver →
RequestAddParamUtil.addParams injects 16 keys.
- slices/04 item 3: bVisible semantics closed.
BusinessGdsconfigformsServiceImpl.java:413-433 — customslave row
matches base by sControlName/sName, REPLACES base. Lines 446-468 —
user-overlay then explicitly sets bVisible=false at line 464 when
user-row hides the field. Hides at either layer; scope differs
(per-tenant vs per-user).
- slices/05 item 1: DbToDbServiceImpl is inter-DB sync (getData/
getDataDetail/etc. over Druid+JDBC), NOT a script-applier.
`grep "script/客户" xly-src --include='*.java'` returns zero. Manual
application via mysql CLI confirmed.
- slices/06 item 2: PlcScheduledTasks ships two @Scheduled cron methods
(`0/30 * * * * ?` line 74, `0/1 * * * * ?` line 105). Per-profile
tuning is parameter-side, not cron-side.
- slices/06 item 3: xlyRxtx git history — added in commit daf581311
("1、添加串口功能"), commented out in cleanup branch for builds where
serial isn't needed. xlyPlc runs without RXTX on TCP/Ethernet press
models; serial-only models would re-enable.
- builder/define-vtable item 1: 11 of 307 sTbName values (3.6 %) don't
resolve to a base table. Breakdown: 4 point at views (viw_*),
3 at procs (Sp_*), 4 at case-drift / dropped tables.
Audit query embedded.
- builder/define-vtable hedge: real worked example added — `包装方式 /
SisPacking` with 10 slave columns mapped to physical columns.
Cluster B — closed via live BACK browser session:
- slices/04 item 1: 界面显示内容配置 (gdsmodule.sId=11, /jmnrpz)
renders three form-master panels. Third panel
(sId=19211681019715596285250620, sTbName=gdsconfigformcustomslave)
is the customslave editor. Verified live via clicking the menu and
inspecting the GET /business/getBusinessDataByFormcustomId call.
Cluster D — left in place with "Deferred (needs populated DB)" admonition:
- slices/03 item 1 (view-with-print-template): no view-backed forms
with a sysreport row — DB query returns 0.
- slices/04 item 4 (real customslave example): COUNT(*) = 0.
- slices/07 stub (active workflow): act_re_procdef = 0; bCheckflowCheck
hard-disabled regardless.
- builder/attach-workflow stub: same — recipe is code-derived
hypothesis, not live-verified.
Cluster E — left in place with "Deferred (outside repository)" admonition:
- slices/06 item 1 (wire protocols): vendor docs, not source.
- deployment.md "Open: production URL routing": nginx config in
deployment ops, not the codebase.
Cluster F — converted to "Future-work backlog" callouts:
- slices/03 hedge "future revision should pick a module with print
template": demoted to a future-work callout adjacent to the open
item.
- slices/05 items 2 & 3: re-cast as "Future-work backlog item — not a
verification claim" with the workable command/mitigation noted.
- concepts/customization-channels line 66: rephrased — the choice is
about *runtime divergence visibility in source control*, not
maintainer opinion.
Bonus closure:
- slices/03 item 3 (tenant-leaky views): DB audit returns 19 of 305
viw_* lacking sBrandsId (~6.2 %). Embedded the SQL + the count.
- slices/04 line-41 hedge ("needs verification by clicking through
BACK"): replaced with the verified mapping from item 1.
After-state: of the original 33 entries:
- 19 newly closed with evidence,
- 4 left as deferred-because-DB-state with concrete blocker query,
- 2 left as deferred-because-outside-repo with concrete blocker note,
- 4 demoted to "Future-work backlog" callouts,
- 4 already closed in earlier passes.
Build verified `mkdocs --strict` green.
