# Anti-patterns, Issues and Recommended Fixes

## Rules
- Flagged issues discovered in Phase 1 must be remediated with concrete actions.

## Issues
- pytest is listed as a runtime dependency (pyproject.toml). This increases image size and may pull dev-only transitive deps into production. Evidence: pyproject.toml
- openai is declared but static imports not found; may be unused. Evidence: pyproject.toml, ai_provider.py uses requests and env keys instead of openai imports.
- Many dependencies use permissive ">=" version ranges; no lockfile present. This reduces reproducibility.
- Missing formatting/linting configs (black, ruff, isort, mypy). Recommended to add config and CI steps.
- Broad except Exception used in many places (database.py, ai_provider.py fallback logic, analysis/visualize.py). This can mask bugs and slow debugging.

## Remediations / Recommended fixes
- Move pytest from runtime dependencies to dev-dependencies in pyproject.toml.
  - Suggested patch: under [project.optional-dependencies] or [tool.poetry.dev-dependencies] depending on toolchain.
- Audit `openai` usage. If unused, remove from pyproject.toml. If dynamically imported in runtime, add a small shim or explicit lazy import with documented env var.
- Pin critical dependencies or add upper bounds; generate lockfile (poetry.lock or pip-tools requirements.txt). Add CI job that fails on permissive ranges.
- Add black/ruff/isort/mypy config blocks to pyproject.toml and enable pre-commit hooks. Add CI lint stage.
- Replace broad except Exception with narrower catches and re-raise or log with traceback when unexpected. Example locations: database.py top import, insert_motion broad except, ai_provider fallback blocks.

## Evidence pointers
- pyproject.toml: dependencies list (file: pyproject.toml lines 1-40)
- database.py: multiple broad except blocks (file: database.py top and methods)
- ai_provider.py: uses requests + env keys (file: ai_provider.py)