BasicFakta

• Overview
• Active Tasks
• Key Decisions
• Project Overview
• Specifications Index

Overview

BasicFakta Overview

SaaS platform — product docs, architecture, deployment.

Owner: John Last Verified: 2026-02-17

Contents

To be populated from BasicFakta project documentation

Active Tasks

Last Verified: 2026-02-17 | Owner: John

BasicFakta — Active Tasks

Open Tasks

No currently active BasicFakta tasks in Mission Control.

Blocked Tasks

• #100 — Improve fake news detection accuracy (BLOCKED)
  • Reason: Backend API code not in repo (hosted separately on basicfakta.no)
  • Cannot proceed: Algorithm source code not accessible
  • Dependency: Backend import required
  • Test status: 23/65 tests fail, factScore > 30 for known fake news
  • Resolution: Need backend source code from Alem

Recently Completed

• 13-item audit — Security, accessibility, UX improvements (commit ce800c2)
• Deployment — Vercel auto-deploy configured
• GitHub auth fix — Switched from SSH to HTTPS (gh CLI token)

Planned Work

• Backend integration — Import backend source code to repo
• Algorithm improvements — Once backend is accessible
• Test coverage — Improve from 42/65 passing to 65/65
• Accuracy tuning — Reduce false positives for known fake news

Key Decisions

Last Verified: 2026-02-17 | Owner: John

BasicFakta — Key Decisions

Strategic Decisions

Backend Separation (Date TBD)

Decision: Host backend API separately from frontend repo. Rationale: Protects proprietary algorithm, easier to scale backend independently. Trade-off: Makes algorithm improvements harder, blocks accuracy work. Current impact: Task #100 blocked pending backend import.

Deployment on Vercel (Date TBD)

Decision: Auto-deploy from GitHub main branch via Vercel. Rationale: Zero-config deployment, global CDN, preview deployments. Status: Active and working.

Technical Decisions

Frontend Stack

• Modern web framework (details in repo)
• Vercel hosting
• GitHub version control (HTTPS auth)

Security Measures (2026-02)

Decision: Implement comprehensive security hardening. Implemented:

• Input sanitization (XSS prevention)
• Rate limiting (authentication bypass fix)
• API key sanitization
• Security headers via vercel.json

Accessibility (2026-02)

Decision: Achieve WCAG 2.1 compliance. Implemented:

• Screen reader support
• Keyboard navigation
• Mobile-friendly touch targets

Development Decisions

GitHub Auth (2026-02)

Decision: Switch from SSH to HTTPS authentication. Reason: ~/.zshenv had GITHUB_TOKEN=CHANGE_ME placeholder that overrode gh CLI token. Fix: Commented out line 40, use gh CLI token (ghp_ PAT in ~/.config/gh/hosts.yml).

Test Strategy (Current)

Status: 42/65 tests passing Blocker: 23 tests fail due to backend algorithm issues (factScore too high for known fake news) Next step: Backend import required before test fixes

Operational Decisions

Email Domain

• Domain: basicfakta.no
• Status: Email monitoring blocked (task #79)
• Issue: Missing IMAP credentials (host/port/user)
• Required from Alem: IMAP access details

Project Overview

Last Verified: 2026-02-17 | Owner: John

BasicFakta — Project Overview

What is BasicFakta?

BasicFakta (basicfakta.no) is a SaaS fact-checking tool that analyzes news articles and claims to detect misinformation. It uses AI-powered algorithms to generate "fact scores" indicating the likelihood that content is fake news.

Current Status

• Phase: Deployed (live at basicfakta.no)
• Type: Internal product / SaaS offering
• Backend: External hosted API (not in main repo)
• Frontend: Repository available

Features

1. Fact Checking — Analyze news articles and claims
2. Fact Scoring — 0-100 score (lower = more likely fake)
3. URL Extraction — Extract and analyze URLs from articles
4. Share Results — Share fact-check results
5. Mobile Support — Responsive design

Tech Stack

• Frontend: Modern web framework
• Backend API: Hosted separately at basicfakta.no
• Algorithm: Proprietary fake news detection (not open source)

Recent Work

Audit & Fixes (2026-02)

13 audit items fixed and deployed (commit ce800c2):

Critical Fixes

• url-extractor.js created — Was missing, causing extraction failures
• XSS vulnerability — Input sanitization implemented
• Rate limit bypass — Fixed authentication bypass
• API key sanitization — Sensitive data protection

Medium Improvements

• Security headers — Added via vercel.json
• Email validation — Enhanced validation
• SEO meta tags — Improved search visibility
• WCAG accessibility — Screen reader support, keyboard navigation
• Mobile UX — Touch-friendly interface
• Share results — Social sharing functionality
• Loading states — Improved user feedback

Known Issues

Backend Separation

• Backend code not in repo — Hosted separately, not accessible for improvements
• Algorithm improvements blocked — Cannot improve detection accuracy without backend access
• Test failures — 23/65 tests fail because factScore > 30 for known fake news
• Resolution needed — Backend must be imported or accessed before further accuracy work

Key Documents

• Repository: GitHub (switched from SSH to HTTPS auth)
• Deployment: Vercel auto-deploy from main branch
• Audit Report: ~/system/reports/ (details TBD)

Specifications Index

Last Verified: 2026-02-17 | Owner: John

BasicFakta — Specifications Index

Frontend Code

• Repository: GitHub (HTTPS auth, gh CLI token)
• Main branch: Auto-deploys to basicfakta.no via Vercel
• Framework: Modern web stack (details in repo)

Backend API

• Hosting: Separate external API at basicfakta.no
• Source code: Not in repo (blocks accuracy improvements)
• Algorithm: Proprietary fake news detection
• Status: Access required for further development

Security Specifications

Implemented (2026-02)

• XSS prevention via input sanitization
• Rate limiting with authentication
• API key sanitization
• Security headers (vercel.json)

Pending

• Backend security audit (requires backend access)
• Penetration testing (scheduled TBD)

Accessibility Specifications

WCAG 2.1 Compliance

• Screen reader support
• Keyboard navigation
• Mobile touch targets (44x44px minimum)
• Color contrast ratios
• Loading state announcements

Testing Specifications

Current Status

• 42/65 tests passing (64.6% pass rate)
• 23 tests failing — factScore > 30 for known fake news sources

Test Categories

1. URL extraction tests
2. Fact scoring accuracy tests
3. XSS prevention tests
4. Rate limiting tests
5. API integration tests

Blockers

• Backend algorithm not accessible
• Cannot tune scoring thresholds
• Cannot improve detection accuracy

Audit Reports

2026-02 Audit (13 items)

Critical:

• url-extractor.js (CREATED)
• XSS fix (FIXED)
• Rate limit bypass (FIXED)
• API key sanitization (FIXED)

Medium:

• Security headers (ADDED)
• Email validation (IMPROVED)
• SEO meta tags (ADDED)
• WCAG accessibility (IMPLEMENTED)
• Mobile UX (IMPROVED)
• Share results (ADDED)
• Loading states (IMPROVED)

Deployment: Commit ce800c2, Vercel auto-deployed

Dependencies

Required from Alem

1. Backend source code — For algorithm improvements (task #100)
2. IMAP credentials — For email monitoring (task #79)
3. Test data — Known fake news URLs for accuracy testing

External Services

• Vercel (hosting)
• GitHub (version control)
• basicfakta.no API (backend)