Inherited Defects Register
Bugs and broken behaviour found in the codebase as received from the third-party handover (Elevare Group). This document tracks what was wrong, how it was discovered, how it was fixed, and the ticket reference.
It exists so that future maintainers understand what the baseline was — what we inherited versus what we introduced — and can trace the reasoning behind any non-obvious fixes.
Status key
| Symbol | Meaning |
|---|---|
| ✅ Fixed | Merged to main |
| 🔶 Deferred | Known, not yet fixed — tracked in To Review |
| ❌ Abandoned | Was in legacy testing/ — no longer relevant |
Backend (django-api)
captcha_token rejects empty string — MWE_TESTING bypass unreachable
| Status | ✅ Fixed — DA-67 |
| File | novahomecareapi/utils/serializers.py |
| Merged | 2026-04-07 |
ReCaptchaProtectedSerializer declared captcha_token = CharField(required=True, write_only=True). DRF's default allow_blank=False caused empty tokens to be rejected at field validation before run_validators ran — meaning the MWE_TESTING bypass in _validate_captcha_token was never reachable. In any environment where VITE_RECAPTCHA_KEY is unset (all local dev, all test environments), the React app sends "" and every application form submission returned 400 {"captcha_token": ["This field may not be blank"]}.
Fix: allow_blank=True. Empty tokens now reach the bypass check.
Discovered during: DA-63 investigation — form appeared stuck on Step 1 with no visible error in the UI.
Frontend (portals)
.pnpm-store/ missing from .gitignore
| Status | ✅ Fixed — DA-24 |
| File | portals/.gitignore |
| Merged | 2026-04-02 |
After a local pnpm install, ~10,000 pnpm cache files appeared as untracked changes. The testing submodule already had the correct ignore entry; it was simply absent from portals.
Testing suite (testing/)
The testing/ submodule was retired in April 2026 and replaced by testing-v2/. The defects below were found during the DA-63 investigation. They are recorded here for completeness — none require fixing in testing/ since that repo is now read-only.
Date inputs passed in wrong format
| Status | ❌ Abandoned (testing/ retired) |
| File | testing/apps/novahomecare/cypress/e2e/features/Application_form_and_approved/*.feature |
All four date fields in the CNA feature file used MM/DD/YYYY format. Cypress's cy.type() on <input type="date"> requires YYYY-MM-DD and throws an internal error otherwise.
Signature step cleared its own canvas
| Status | ❌ Abandoned (testing/ retired) |
| File | testing/apps/novahomecare/cypress/pages/Application_form/application_form.js |
canvaElementSign was targeting .css-18lxp4n — a generated Chakra class that resolved to the Clear button, not a save action. The step drew a valid signature, then immediately erased it by clicking Clear. The SignatureField component has no save button; drawing is sufficient. The step was self-defeating.
SMS consent checkbox never checked
| Status | ❌ Abandoned (testing/ retired) |
| File | testing/apps/novahomecare/cypress/pages/Application_form/application_form.js |
ApplicationStep Yup schema requires smsConsent: mixed().oneOf(['true']). The test never checked the checkbox, causing silent Formik validation failure that prevented Step 4 from submitting.
Brittle Chakra UI selectors throughout
| Status | ❌ Abandoned (testing/ retired) |
| Files | cypress/pages/Login/login.js, cypress/pages/Application_form/application_form.js, others |
Page objects used generated Chakra CSS classes (css-6q9ebm, css-1sggvv9, css-18lxp4n) as selectors. These classes are build-time deterministic but change whenever the component tree changes. At least two had already changed since the tests were written:
css-6q9ebm— role display<p>in the AppBar (login post-assertion)css-1sggvv9— outer Box div of the signature canvascss-18lxp4n— resolved to the signature Clear button, not the canvas
This was the primary structural reason the suite was replaced rather than patched. testing-v2 uses only semantic HTML elements and stable attributes.
URL concatenation in application form step definition
| Status | ❌ Abandoned (testing/ retired) |
| File | testing/apps/novahomecare/cypress/e2e/steps_definitions/Application_form/application_form_mandatory_all.js |
The step the user navigate to the application form concatenated two full URLs:
cy.visit(Cypress.env(enviroment) + Cypress.env(business));
// → "http://localhost:3000/login/<token>http://localhost:3000/apply-now/<token>"Both env vars already contained complete URLs. The result was an invalid URL that hit React Router's wildcard 404 route. Discovered in the 2026-04-03 first application form run.
env.development.example not present at handover
| Status | ❌ Abandoned (testing/ retired) |
| File | testing/apps/novahomecare/.env.development.example |
The .env.development.example template was absent from the repo at handover. Without it, there was no documented set of required env vars and no way to bootstrap the test suite on a fresh clone. The file was reconstructed from context and added to the branch during DA-63 investigation.