§3.F (subset) of docs/plans/architecture-improvements.md.
Honeypot:
- Extract the `body.company && body.company.length > 0` check that was
inlined in /submit and /posts into isHoneypotTrap(body) in feedback-pure.
Same rule, two callers — locks the trap behaviour in one place. 5
cases: missing / empty-string / null / non-empty / single-space all
classified as expected.
publicResults:
- Extend results.test.ts: 3 cases proving short_text + long_text answers
are stripped from publicResults output while counts are preserved and
scale/numeric questions pass through untouched. The participant page's
"live results after submit" path leans on this — without the strip,
free-text answers (which can carry PII or contributor identity) would
leak to anonymous participants.
- Also asserts publicResults does not mutate the input (JSON-stringify
round-trip).
54 tests pass across 5 files. svelte-check + bun run build clean.
mAi
6888ca5eab