- **`provision.py` esptool v5 compat** (#391) — Stale `write_flash` (underscore) syntax in the dry-run manual-flash hint now uses `write-flash` (hyphenated) for esptool >= 5.x. The primary flash command was already correct.

- **`provision.py` silent NVS wipe** (#391) — The script replaces the entire `csi_cfg` NVS namespace on every run, so partial invocations were silently erasing WiFi credentials and causing `Retrying WiFi connection (10/10)` in the field. Now refuses to run without `--ssid`, `--password`, and `--target-ip` unless `--force-partial` is passed. `--force-partial` prints a warning listing which keys will be wiped.

- **Firmware: defensive `node_id` capture** (#232, #375, #385, #386, #390) — Users on multi-node deployments reported `node_id` reverting to the Kconfig default (`1`) in UDP frames and in the `csi_collector` init log, despite NVS loading the correct value. The root cause (memory corruption of `g_nvs_config`) has not been definitively isolated, but the UDP frame header is now tamper-proof: `csi_collector_init()` captures `g_nvs_config.node_id` into a module-local `s_node_id` once, and `csi_serialize_frame()` plus all other consumers (`edge_processing.c`, `wasm_runtime.c`, `display_ui.c`, `swarm_bridge_init`) read it via the new `csi_collector_get_node_id()` accessor. A canary logs `WARN` if `g_nvs_config.node_id` diverges from `s_node_id` at end-of-init, helping isolate the upstream corruption path. Validated on attached ESP32-S3 (COM8): NVS `node_id=2` propagates through boot log, capture log, init log, and byte[4] of every UDP frame.

- **CHANGELOG catch-up** (#367) — Added missing entries for v0.5.5, v0.6.0, and v0.7.0 releases.

Model release (no new firmware binary). Firmware remains at v0.6.0-esp32.

- **Camera ground-truth training pipeline (ADR-079)** — End-to-end supervised WiFlow pose training using MediaPipe + real ESP32 CSI.

- `scripts/collect-ground-truth.py` — MediaPipe PoseLandmarker webcam capture (17 COCO keypoints, 30fps), synchronized with CSI recording over nanosecond timestamps.

- `scripts/align-ground-truth.js` — Time-aligns camera keypoints with 20-frame CSI windows by binary search, confidence-weighted averaging.

- `scripts/train-wiflow-supervised.js` — 3-phase curriculum training (contrastive → supervised SmoothL1 → bone/temporal refinement) with 4 scale presets (lite/small/medium/full).

- `scripts/eval-wiflow.js` — PCK@10/20/50, MPJPE, per-joint breakdown, baseline proxy mode.

- `scripts/record-csi-udp.py` — Lightweight ESP32 CSI UDP recorder (no Rust build required).

- **ruvector optimizations (O6-O10)** — Subcarrier selection (70→35, 50% reduction), attention-weighted subcarriers, Stoer-Wagner min-cut person separation, multi-SPSA gradient estimation, Mac M4 Pro training via Tailscale.

- **Scalable WiFlow presets** — `lite` (189K params, ~19 min) through `full` (7.7M params, ~8 hrs) to match dataset size.

- **Pre-trained WiFlow v1 model** — 92.9% PCK@20, 974 KB, 186,946 params. Published to [HuggingFace](https://huggingface.co/ruv/ruview) under `wiflow-v1/`.

- **92.9% PCK@20** pose accuracy from a 5-minute data collection session with one $9 ESP32-S3 and one laptop webcam.

- Training pipeline validated on real paired data: 345 samples, 19 min training, eval loss 0.082, bone constraint 0.008.

- **Pre-trained CSI sensing weights published** — First official pre-trained models on [HuggingFace](https://huggingface.co/ruv/ruview). `model.safetensors` (48 KB), `model-q4.bin` (8 KB 4-bit), `model-q2.bin` (4 KB), `presence-head.json`, per-node LoRA adapters.

- **17 sensing applications** — Sleep monitor, apnea detector, stress monitor, gait analyzer, RF tomography, passive radar, material classifier, through-wall detector, device fingerprint, and more. Each as a standalone `scripts/*.js`.

- **ADRs 069-078** — 10 new architecture decisions covering Cognitum Seed integration, self-supervised pretraining, ruvllm pipeline, WiFlow architecture, channel hopping, SNN, MinCut person separation, CNN spectrograms, novel RF applications, multi-frequency mesh.

- **Kalman tracker** (PR #341 by @taylorjdawson) — temporal smoothing of pose keypoints.

- Security fix merged via PR #310.

- Presence detection: 100% accuracy on 60,630 overnight samples.

- Inference: 0.008 ms per sample, 164K embeddings/sec.

- Contrastive self-supervised training: 51.6% improvement over baseline.

- **WiFlow SOTA architecture (ADR-072)** — TCN + axial attention pose decoder, 1.8M params, 881 KB at 4-bit. 17 COCO keypoints from CSI amplitude only (no phase).

- **Multi-frequency mesh scanning (ADR-073)** — ESP32 nodes hop across channels 1/3/5/6/9/11 at 200ms dwell. Neighbor WiFi networks used as passive radar illuminators. Null subcarriers reduced from 19% to 16%.

- **Spiking neural network (ADR-074)** — STDP online learning, adapts to new rooms in <30s with no labels, 16-160x less compute than batch training.

- **MinCut person counting (ADR-075)** — Stoer-Wagner min-cut on subcarrier correlation graph. Fixes #348 (was always reporting 4 people).

- **CNN spectrogram embeddings (ADR-076)** — Treat 64×20 CSI as an image, produce 128-dim environment fingerprints (0.95+ same-room similarity).

- **Graph transformer fusion** — Multi-node CSI fusion via GATv2 attention (replaces naive averaging).

- **Camera-free pose training pipeline** — Trains 17-keypoint model from 10 sensor signals with no camera required.

- **#348 person counting** — MinCut correctly counts 1-4 people (24/24 validation windows).

<details>

<summary><strong>Camera Ground-Truth Training — 92.9% PCK@20</strong></summary>

**v0.7.0 adds camera-supervised pose training** using MediaPipe + real ESP32 CSI data:

| Capability | What it does | ADR |

|-----------|-------------|-----|

| **Camera ground-truth collection** | MediaPipe PoseLandmarker captures 17 COCO keypoints at 30fps, synced with ESP32 CSI | [ADR-079](docs/adr/ADR-079-camera-ground-truth-training.md) |

| **ruvector subcarrier selection** | Variance-based top-K reduces input by 50% (70→35 subcarriers) | ADR-079 O6 |

| **Stoer-Wagner min-cut** | Person-specific subcarrier cluster separation for multi-person training | ADR-079 O8 |

| **Scalable WiFlow model** | 4 presets: lite (189K) → small (474K) → medium (800K) → full (7.7M params) | ADR-079 |

python scripts/collect-ground-truth.py --duration 300 --preview

python scripts/record-csi-udp.py --duration 300

node scripts/align-ground-truth.js --gt data/ground-truth/*.jsonl --csi data/recordings/*.csi.jsonl

node scripts/train-wiflow-supervised.js --data data/paired/*.jsonl --scale lite

node scripts/eval-wiflow.js --model models/wiflow-real/wiflow-v1.json --data data/paired/*.jsonl

**Result: 92.9% PCK@20** from a 5-minute data collection session with one ESP32-S3 and one webcam.

| Metric | Before (proxy) | After (camera-supervised) |

|--------|----------------|--------------------------|

| PCK@20 | 0% | **92.9%** |

| Eval loss | 0.700 | **0.082** |

| Bone constraint | N/A | **0.008** |

| Training time | N/A | **19 minutes** |

| Model size | N/A | **974 KB** |

Pre-trained model: [HuggingFace ruv/ruview/wiflow-v1](https://huggingface.co/ruv/ruview)

</details>

<details>

| [Architecture Decisions](docs/adr/README.md) | 79 ADRs — why each technical choice was made, organized by domain (hardware, signal processing, ML, platform, infrastructure) |

| [v0.7.0](https://github.com/ruvnet/RuView/releases/tag/v0.7.0) | **Latest** — Camera-supervised WiFlow model (92.9% PCK@20), ground-truth training pipeline, ruvector optimizations | `v0.7.0` |

| [v0.6.0](https://github.com/ruvnet/RuView/releases/tag/v0.6.0-esp32) | [Pre-trained models on HuggingFace](https://huggingface.co/ruv/ruview), 17 sensing apps, 51.6% contrastive improvement, 0.008ms inference | `v0.6.0-esp32` |

- **Status:** Proposed

- **Date:** 2026-04-06

- **Source:** [QE Analysis Gist (2026-04-05)](https://gist.github.com/proffesor-for-testing/a6b84d7a4e26b7bbef0cf12f932925b7)

- **Full Reports:** [proffesor-for-testing/RuView `qe-reports` branch](https://github.com/proffesor-for-testing/RuView/tree/qe-reports/docs/qe-reports)

An 8-agent QE swarm analyzed ~305K lines across Rust, Python, C firmware, and TypeScript on 2026-04-05. The overall score was **55/100 (C+) — Quality Gate FAILED**. This ADR captures the findings and establishes a remediation plan.

Address the 15 prioritized issues from the QE analysis in three waves: P0 (immediate), P1 (this sprint), P2 (this quarter).

- **Location:** `v1/src/middleware/rate_limit.py:200-206`

- **Problem:** Trusts `X-Forwarded-For` without validation. Any client bypasses rate limits via header spoofing.

- **Fix:** Validate forwarded headers against trusted proxy list, or use connection IP directly.

- **Location:** `v1/src/api/routers/pose.py:140`, `stream.py:297`, +5 endpoints

- **Problem:** Stack traces visible regardless of environment.

- **Fix:** Wrap with generic error responses in production; log details server-side only.

- **Location:** `v1/src/api/routers/stream.py:74`, `v1/src/middleware/auth.py:243`

- **Problem:** Tokens in query strings visible in logs/proxies/browser history.

- **Fix:** Use WebSocket subprotocol or first-message auth pattern.

- **Problem:** 2,618 tests across 153K lines of Rust — zero run in any GitHub Actions workflow. Regressions ship undetected.

- **Fix:** Add `cargo test --workspace --no-default-features` to CI. 1-2 hour task.

- **Location:** `ui/mobile/src/services/ws.service.ts:104` constructs `/ws/sensing`, but `constants/websocket.ts:1` defines `WS_PATH = '/api/v1/stream/pose'`.

- **Problem:** Mobile WebSocket silently fails.

- **Fix:** Align paths. Verify which endpoint the server actually serves.

| # | Issue | Location | Impact |

|---|-------|----------|--------|

| 6 | God file: 4,846 lines, CC=121 | `sensing-server/src/main.rs` | Untestable monolith |

| 7 | O(L×V) voxel scan per frame | `ruvsense/tomography.rs:345-383` | ~10ms wasted; use DDA ray march |

| 8 | Sequential neural inference | `wifi-densepose-nn inference.rs:334-336` | 2-4× GPU latency penalty |

| 9 | 720 `.unwrap()` in Rust | Workspace-wide | Each = potential panic in RT paths |

| 10 | 112KB alloc/frame in Python | `csi_processor.py:412-414` | Deque→list→numpy every frame |

| # | Issue | Impact |

|---|-------|--------|

| 11 | 11/12 Python modules have zero unit tests (12,280 LOC) | Services, middleware, DB untested |

| 12 | Firmware at 19% coverage (WASM runtime, OTA, swarm) | Security-critical code untested |

| 13 | MAT screen auto-falls back to simulated data | Disaster responders could monitor fake data |

| 14 | Token blacklist never consulted during auth | Revoked tokens remain valid |

| 15 | 50ms frame budget never benchmarked | Real-time requirement unverified |

- 79 ADRs (exceptional governance)

- Witness bundle system (ADR-028) with SHA-256 proof

- 2,618 Rust tests with mathematical rigor

- Daily security scanning (Bandit, Semgrep, Safety)

- Ed25519 WASM signature verification on firmware

- Clean mobile state management with good test coverage

| Report | What it covers |

|--------|---------------|

| `EXECUTIVE-SUMMARY.md` | Top-level synthesis with all scores and priority matrix |

| `00-qe-queen-summary.md` | Master coordination, quality posture, test pyramid |

| `01-code-quality-complexity.md` | Cyclomatic complexity, code smells, top 20 hotspots |

| `02-security-review.md` | 15 security findings (3 HIGH, 7 MEDIUM), OWASP coverage |

| `03-performance-analysis.md` | 23 perf findings (4 CRITICAL), frame budget analysis |

| `04-test-analysis.md` | 3,353 tests inventoried, duplication, quality grading |

| `05-quality-experience.md` | API/CLI/Mobile/DX UX assessment |

| `06-product-assessment-sfdipot.md` | SFDIPOT analysis, 57 test ideas, 14 session charters |

| `07-coverage-gaps.md` | Coverage matrix, top 20 risk gaps, 8-week roadmap |

- **P0 fixes** eliminate 3 security vulnerabilities and 2 functional bugs

- **P1 fixes** improve performance, reliability, and maintainability

- **P2 fixes** close coverage gaps and harden the system for production

- Target score improvement: 55 → 75+ after P0+P1 completion

*Generated from QE swarm analysis (fleet-02558e91) on 2026-04-05*