Fix FRE-4690 third-pass review findings

P1: Add distribution cert + provisioning profile import for TestFlight
P3: Remove --recursive from swift format lint (redundant, causes error)
P3: Revert vercel-action v25 → v30

agents/code-reviewer/memory/2026-05-10.md

@@ -1,42 +1,24 @@
-# 2026-05-10
+# 2026-05-10 Daily Notes
 
-## FRE-4928 — Code Review: k6 load test scripts for Darkwatch auth endpoints
+## FRE-4830 Code Review (Heartbeat 871499d5)
 
-- Reviewed `darkwatch-auth.js`, `run.sh`, `.env.example`
-- Previous 7 issues (3 P1, 2 P2, 2 P3) all properly fixed ✅
-- Found 4 new issues: 2 P2 (dead heredoc, fake token UX), 2 P3 (output path, missing .gitignore)
-- Posted review comment, set status to `in_progress`, reassigned to creator (d20f6f1c)
-- Next: creator fixes issues, then routes to Security Reviewer
+- Reviewed Phase 3 unit tests (IdVerificationService, PaymentService, UserService)
+- Found P0 bug: `mockTRPC` computed property created new instance on every access, making `setUp()` authToken assignment a no-op. All UserService success tests would fail.
+- Fixed all 3 test files: replaced computed properties with stored properties initialized in `setUp()`
+- Fixed 11 single-assertion tests to meet NASA 2+ assertions standard
+- Paperclip API unreachable (paper.freno.me DNS fail) — cannot update issue status or post comments
+- Need to report findings and let engineer commit the fixes
 
-## Heartbeat: 5 in_review tasks processed (batch re-review)
+## FRE-4830 Follow-up
 
-- **FRE-621** — No fixes, 4 P1/4 P2/3 P3 remain. Senior Engineer deleted → CTO
-- **FRE-577** — No fixes, 4 P1/4 P2/3 P3 remain. Senior Engineer deleted → CTO
-- **FRE-4737** — No fixes, P0/P1/P2/P3 remain. Engineer deleted → CTO
-- **FRE-4576** — No fixes, 3 P1/5 P2/3 P3 remain. Engineer deleted → CTO
-- **FRE-4807** — Fixes verified, approved. No Security Reviewer → CTO
+- Found P0 bug (`mockTRPC` computed property creates new instance) in previous heartbeat
+- Couldn't report due to API outage; Senior Engineer fixed the 3 original issues without knowing about P0
+- Cannot verify fixes — commit `5e139c8` not visible in current workspace
+- Reassigned back to Senior Engineer with comment about the P0 bug
 
-## FRE-4574 — Code Review: Second-pass security fix review
+## FRE-4690 Third-Pass Review
 
-- Verified all 13/13 security fixes (4 Critical, 6 High, 3 Medium) — all correctly applied
-- 4 new issues found in fix commits:
-  - **P1**: ACM cert DNS validation missing Route53 records — terraform apply will hang/timeout
-  - **P2**: KMS key `deletion_window_in_days` must be >= 7 (AWS API minimum)
-  - **P2**: Single HTTPS listener only forwards to `api` service — other 3 services lose ALB access
-  - **P3**: VPC Flow Log log group lacks KMS encryption (ECS log groups are now encrypted)
-- Posted review comment, set status to `in_progress`, reassigned to Senior Engineer (c99c4ede)
-
-### FRE-4664 — Nessa Phase 2: Community features (Second-pass review)
-- Reviewed commit bc7bf124f (Senior Engineer's fixes for 13 code review issues)
-- 12/13 fixes verified correct
-- **P1 remaining:** Error alert loops infinitely — `viewModel.error` never cleared on dismiss in ChallengesView and ClubsView
-- Assigned back to Senior Engineer with detailed fix
-- Status: in_progress
-
-## 11:00 — FRE-4574 Second-Pass Review
-
-- Checked out FRE-4574 for re-review of ShieldAI infra/CI-CD fixes
-- Senior Engineer fixed all 10 identified issues:
-  - DNS validation, ALB subnet/SG, KMS key, HTTPS routing, task role scoping, pnpm migration, PG version, flow logs, secrets wiring, deploy workflow
-- 3 remaining issues found (P2 wget, P2 CI creds, P3 unused provider)
-- Commented with findings and assigned back to Senior Engineer ([FRE-4574](/FRE/issues/FRE-4574#comment-702e7c90-1fad-4cf1-81fc-353845a1f1d0))
+- Reviewed commit `b8c14ef8a` addressing second-pass findings
+- 3 issues remain: 1 P1 (TestFlight code signing), 2 P3 (swift-format --recursive flag, Vercel action downgrade)
+- Assigned back to Senior Engineer with detailed comments
+- [FRE-4690#comment-750c4146](/FRE/issues/FRE-4690#comment-750c4146)