fix(audit): resolve remaining minor technical debt issues

AI/BYOK:
- generateText now respects tenant BYOK keys via getProvidersForTenant() (was using global registry)
- generateText now applies exponential backoff retry via AIService.withRetry()

Backend:
- notifications.ts: return 503 instead of 200+undefined when VAPID_PUBLIC_KEY absent
- BillingPage: support WA number now reads from VITE_SUPPORT_WA_NUMBER env var (was hardcoded fake number)
- KnowledgeBasePage: show toast.error on delete failure (was silently swallowed)

DB:
- Add @@index([organizationId, exerciseStatus]) on UserProgress for live-feed query performance
- Add @@index([createdAt]) on AuditLog for time-range admin queries
- Migration 20260513000005 applied to production DB

i18n:
- Add knowledge.delete_error translation key to all 4 locales (fr, en, es, pt)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

apps/admin/src/locales/en.json

@@ -159,7 +159,8 @@
     "search_placeholder": "Search chunks...",
     "no_documents": "No chunks found.",
     "import_hint": "Import a document in the AI Agent tab to get started.",
-    "confirm_delete": "Delete this chunk from the knowledge base?"
+    "confirm_delete": "Delete this chunk from the knowledge base?",
+    "delete_error": "Deletion failed"
   },
   "ai_setup": {
     "title": "AI Agent Setup",

apps/admin/src/locales/es.json

@@ -277,7 +277,8 @@
     "search_placeholder": "Buscar fragmentos...",
     "no_documents": "No se encontraron fragmentos.",
     "import_hint": "Importa un documento en la pestaña Agente IA para empezar.",
-    "confirm_delete": "¿Eliminar este fragmento de la base de conocimiento?"
+    "confirm_delete": "¿Eliminar este fragmento de la base de conocimiento?",
+    "delete_error": "Error al eliminar"
   },
   "training": {
     "title": "Training Lab",

apps/admin/src/locales/fr.json

@@ -277,7 +277,8 @@
     "search_placeholder": "Rechercher dans les chunks...",
     "no_documents": "Aucun chunk trouvé.",
     "import_hint": "Importez un document dans l'onglet Agent IA pour commencer.",
-    "confirm_delete": "Supprimer ce chunk de la base de connaissances ?"
+    "confirm_delete": "Supprimer ce chunk de la base de connaissances ?",
+    "delete_error": "Échec de la suppression"
   },
   "training": {
     "title": "Training Lab",

apps/admin/src/locales/pt.json

@@ -277,7 +277,8 @@
     "search_placeholder": "Pesquisar fragmentos...",
     "no_documents": "Nenhum fragmento encontrado.",
     "import_hint": "Importe um documento no separador Agente IA para começar.",
-    "confirm_delete": "Eliminar este fragmento da base de conhecimento?"
+    "confirm_delete": "Eliminar este fragmento da base de conhecimento?",
+    "delete_error": "Falha ao eliminar"
   },
   "training": {
     "title": "Training Lab",

apps/admin/src/pages/BillingPage.tsx

@@ -10,7 +10,10 @@ const CREDIT_PACKS = [
     { label: '5 000 crédits', price: '40 000 FCFA', credits: 5000, popular: false },
 ];
 
-const SUPPORT_WA_URL = 'https://wa.me/221700000000?text=Bonjour%2C%20je%20souhaite%20recharger%20mes%20cr%C3%A9dits%20Xaml%C3%A9.';
+const SUPPORT_WA_NUMBER = import.meta.env.VITE_SUPPORT_WA_NUMBER as string | undefined;
+const SUPPORT_WA_URL = SUPPORT_WA_NUMBER
+    ? `https://wa.me/${SUPPORT_WA_NUMBER}?text=Bonjour%2C%20je%20souhaite%20recharger%20mes%20cr%C3%A9dits%20Xaml%C3%A9.`
+    : null;
 
 const QUICK_QUESTIONS = [
     'Combien de crédits me reste-t-il ?',
@@ -67,8 +70,8 @@ function RechargeModal({ onClose }: { onClose: () => void }) {
                     {CREDIT_PACKS.map(pack => (
                         <a
                             key={pack.credits}
-                            href={`${SUPPORT_WA_URL}%20-%20Pack%20${pack.label}`}
-                            target="_blank"
+                            href={SUPPORT_WA_URL ? `${SUPPORT_WA_URL}%20-%20Pack%20${pack.label}` : '#'}
+                            target={SUPPORT_WA_URL ? '_blank' : undefined}
                             rel="noopener noreferrer"
                             className={`relative flex items-center justify-between p-4 border rounded-xl transition-all group ${pack.popular ? 'border-indigo-400 bg-indigo-50' : 'border-slate-200 hover:border-indigo-300 hover:bg-indigo-50'}`}
                         >

apps/admin/src/pages/KnowledgeBasePage.tsx

@@ -66,8 +66,9 @@ export default function KnowledgeBasePage() {
         try {
             await api.delete(`/v1/organizations/${selectedOrgId}/kb/${id}`, token);
             await fetchEntries(page);
-        } catch (err) {
+        } catch (err: any) {
             logError('[KB] Delete failed:', err);
+            toast.error(err?.message ?? t('knowledge.delete_error'));
         } finally {
             setDeletingId(null);
         }

apps/api/src/routes/notifications.ts

@@ -72,7 +72,9 @@ export async function notificationRoutes(fastify: FastifyInstance) {
      * GET /v1/notifications/vapid-key
      * Returns the public VAPID key for the frontend
      */
-    fastify.get('/vapid-key', async () => {
-        return { publicKey: process.env.VAPID_PUBLIC_KEY };
+    fastify.get('/vapid-key', async (_req, reply) => {
+        const publicKey = process.env.VAPID_PUBLIC_KEY;
+        if (!publicKey) return reply.code(503).send({ error: 'Push notifications not configured' });
+        return { publicKey };
     });
 }

packages/ai-sdk/src/index.ts

@@ -313,18 +313,20 @@ export class AIService {
     }
 
     async generateText(systemPrompt: string, userPrompt: string, temperature: number = 0.7): Promise<{ text: string; aiSource: string; usage: TokenUsage }> {
-        const capability = ProviderCapability.TEXT;
-        const providers = this.registry.getProvidersFor(capability);
+        const organizationId = this.config.getOrganizationId();
+        const providers = await this.getProvidersForTenant(ProviderCapability.TEXT, organizationId);
 
         for (const provider of providers) {
             try {
-                const { text, usage } = await provider.instance.generateText(systemPrompt, userPrompt, temperature);
+                const { text, usage } = await AIService.withRetry(
+                    () => provider.instance.generateText(systemPrompt, userPrompt, temperature)
+                );
                 return { text, aiSource: provider.name, usage };
             } catch (err) {
                 logger.warn(`${provider.name} failed generic text: ${(err as Error).message}.`);
             }
         }
-        throw new Error(`[AI_ERROR] All providers for ${capability} failed.`);
+        throw new Error(`[AI_ERROR] All providers for ${ProviderCapability.TEXT} failed.`);
     }
 
     async handleCrmConversation(

packages/database/prisma/migrations/20260513000005_add_missing_indexes/migration.sql

@@ -0,0 +1,7 @@
+-- Add composite index for PENDING_REVIEW live-feed query (most common admin query pattern)
+CREATE INDEX IF NOT EXISTS "UserProgress_organizationId_exerciseStatus_idx"
+    ON "UserProgress"("organizationId", "exerciseStatus");
+
+-- Add createdAt index on AuditLog for time-range queries
+CREATE INDEX IF NOT EXISTS "AuditLog_createdAt_idx"
+    ON "AuditLog"("createdAt");

packages/database/prisma/schema.prisma

@@ -309,6 +309,7 @@ model UserProgress {
 
   @@unique([userId, trackId])
   @@index([organizationId])
+  @@index([organizationId, exerciseStatus])
 }
 
 model Enrollment {
@@ -612,4 +613,5 @@ model AuditLog {
   @@index([action])
   @@index([actorId])
   @@index([resourceId])
+  @@index([createdAt])
 }