ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

feat(website): finalize public content messaging updates (#396)

Browse Source 
## Summary
- refresh website copy and structured content datasets
- update docs content in EN and default locales
- adjust website UI auth-related components and smoke tests
- add Spec Kit artifacts for feature 404 public content messaging

## Validation
- committed and pushed from branch `404-public-content-messaging`

## Target
- base branch: `website-dev`

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #396
This commit is contained in:
ahmido 2026-05-24 23:06:38 +00:00
parent b9c128163b
commit 44e472ec18
33 changed files with 1663 additions and 174 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Agents.md
View File

@ -945,6 +945,7 @@ ## Active Technologies
- TypeScript 5.9, Astro 6 static components, HTML, CSS + Astro 6.0.0, Tailwind CSS 4.2.2 through CSS-first `@theme` and `@tailwindcss/vite`, `astro-icon`, `@iconify-json/lucide`, Playwright 1.59.1 (400-tenantial-homepage-visual-rebuild)
- TypeScript 5.9.3, Astro 6.0.0, Tailwind CSS v4.2.2 via `@tailwindcss/vite`, `astro-icon`, `@iconify-json/lucide`, and Playwright smoke tests for the static website; no database, CMS, API, customer data, tenant data, or runtime persistence. (401-tenantial-platform-page)
- TypeScript 6.0.3, Astro 6.3.3, Node.js >=20.0.0, pnpm 10.33.0 + Astro, `@astrojs/starlight`, `@astrojs/sitemap`, `@astrojs/mdx`, Tailwind CSS v4, `@tailwindcss/vite`, Preline 4, Lenis, GSAP, Sharp, Playwright; static website content only, no database or product persistence. (feat/403-public-website-launch-readiness)
- No new technology; reuses TypeScript 6.0.3, Astro 6.3.3, Node.js >=20.0.0, pnpm 10.33.0, Starlight, Tailwind CSS v4, Preline, Lenis, GSAP, Sharp, and Playwright for static website content, docs content, route metadata, and generated build output only; no database or product persistence. (404-public-content-messaging)
## Recent Changes
- 066-rbac-ui-enforcement-helper-v2-session-1769732329: Planned UiEnforcement v2 (spec + plan + design artifacts)

14
apps/website/.prettierignore Normal file
View File

@ -0,0 +1,14 @@
node_modules/
dist/
build/
coverage/
.astro/
playwright-report/
test-results/
blob-report/
package-lock.json
yarn.lock
pnpm-lock.yaml
*.log
.env
.env.*

6
apps/website/src/components/sections/misc/ContactSection.astro
View File

@ -44,7 +44,11 @@ const copy = siteCopy[locale].contact;
/* Form for user input with various input fields.-->
{/* Each field utilizes a different input component for the specific type of input (text, email, phone, and textarea)*/
}
<form>
<form
action="mailto:hello@tenantial.com"
method="post"
enctype="text/plain"
>
<div class="grid gap-4">
<div class="grid grid-cols-1 gap-4 sm:grid-cols-2">
<TextInput

4
apps/website/src/components/ui/buttons/LoginBtn.astro
View File

@ -1,5 +1,5 @@
---
const { title = 'Log in' } = Astro.props;
const { title = 'Contact' } = Astro.props;
interface Props {
title?: string;
@ -31,7 +31,7 @@ const userSVG = `<svg
<button
type="button"
class={`${baseClasses} ${hoverClasses} ${darkClasses} ${mdClasses} ${txtSizeClasses}`}
data-hs-overlay="#hs-toggle-between-modals-login-modal"
data-hs-overlay="#hs-public-contact-modal"
>
{
/* About Fragment: https://docs.astro.build/en/basics/astro-syntax/#fragments */

47
apps/website/src/components/ui/forms/LoginModal.astro
View File

@ -1,19 +1,17 @@
---
// Import necessary components from their individual files
import EmailInput from './input/EmailInput.astro';
import PasswordInput from './input/PasswordInput.astro';
import Checkbox from './input/Checkbox.astro';
import TextAreaInput from './input/TextAreaInput.astro';
import AuthBtn from '@components/ui/buttons/AuthBtn.astro';
import GoogleBtn from '@components/ui/buttons/GoogleBtn.astro';
// Variables for customization of the LoginModal Component
// Variables for customization of this legacy contact modal.
const config = {
id: 'hs-toggle-between-modals-login-modal', // Modal IDENTIFIER
title: 'Sign in', // Main HEADING
subTitle: "Don't have an account yet?", // Sub-Heading TEXT
registerBtn: 'Sign up here', // Text for REGISTRATION BUTTON
registerBtnDataHS: '#hs-toggle-between-modals-register-modal', // TARGET LINK for registration button
id: 'hs-public-contact-modal',
title: 'Contact Tenantial',
subTitle: 'Need a scoped evaluation path?',
registerBtn: 'Open scope request',
registerBtnDataHS: '#hs-public-scope-modal',
};
---
@ -49,30 +47,23 @@ const config = {
</p>
</div>
<div class="mt-5">
<GoogleBtn title="Sign in with Google" />
<div
class="flex items-center py-3 text-xs text-neutral-400 uppercase before:me-6 before:flex-[1_1_0%] before:border-t before:border-neutral-200 after:ms-6 after:flex-[1_1_0%] after:border-t after:border-neutral-200 dark:text-neutral-500 dark:before:border-neutral-600 dark:after:border-neutral-600"
>
Or
</div>
{/* The container for the form */}
<form>
<form
action="mailto:hello@tenantial.com"
method="post"
enctype="text/plain"
>
{/* A grid layout for the form fields */}
<div class="grid gap-y-4">
{/* The email input field */}
<EmailInput id="login-email" errorId="login-email-error" />
{/* The password input field */}
<PasswordInput
forgot={true}
id="password"
errorId="login-password-error"
content="8+ characters required"
<EmailInput id="contact-email" errorId="contact-email-error" />
<TextAreaInput
id="contact-context"
name="contact-context"
label="Evaluation context"
/>
{/* The remember-me checkbox */}
<Checkbox id="remember-me" />
{/* The sign-in button */}
<AuthBtn title="Sign in" />
{/* The contact button */}
<AuthBtn title="Prepare contact request" />
</div>
</form>
</div>

34
apps/website/src/components/ui/forms/RecoverModal.astro
View File

@ -1,15 +1,16 @@
---
// Import necessary components from individual files
import EmailInput from './input/EmailInput.astro';
import TextAreaInput from './input/TextAreaInput.astro';
import AuthBtn from '@components/ui/buttons/AuthBtn.astro';
// Config object for customization of the component
const config = {
id: 'hs-toggle-between-modals-recover-modal', // Modal identifier
title: 'Forgot password?', // Main heading
subTitle: 'Remember your password?', // Sub-heading text
loginBtn: 'Sign in here', // Text for login button
loginBtnDataHS: '#hs-toggle-between-modals-login-modal', // Target link for login button
title: 'Prepare email context', // Main heading
subTitle: 'Need a walkthrough instead?', // Sub-heading text
contactBtn: 'Open contact request', // Text for contact button
contactBtnDataHS: '#hs-public-contact-modal', // Target link for contact button
};
---
@ -39,24 +40,33 @@ const config = {
</div>
<p class="mt-2 text-sm text-neutral-600 dark:text-neutral-400">
{config.subTitle}
{/* Button that, when clicked, opens the login modal */}
{/* Button that, when clicked, opens the contact modal */}
<button
class="rounded-lg p-1 font-medium text-orange-400 decoration-2 ring-zinc-500 outline-hidden hover:underline focus-visible:ring-3 dark:text-orange-400 dark:ring-zinc-200 dark:focus:outline-hidden"
data-hs-overlay={config.loginBtnDataHS}
data-hs-overlay={config.contactBtnDataHS}
>
{config.loginBtn}
{config.contactBtn}
</button>
</p>
</div>
<div class="mt-5">
{/* The form for password recovery */}
<form>
{/* The form for public contact context */}
<form
action="mailto:hello@tenantial.com"
method="post"
enctype="text/plain"
>
<div class="grid gap-y-4">
{/* Email input field imported from EmailInput component */}
<EmailInput id="recover-email" errorId="recover-email-error" />
{/* Reset password button imported from AuthBtn component */}
<AuthBtn title="Reset password" />
<EmailInput id="email-context" errorId="email-context-error" />
<TextAreaInput
id="email-notes"
name="email-notes"
label="Notes for Tenantial"
/>
{/* Contact button imported from AuthBtn component */}
<AuthBtn title="Prepare email context" />
</div>
</form>
</div>

69
apps/website/src/components/ui/forms/RegisterModal.astro
View File

@ -1,17 +1,15 @@
---
// Import necessary components from individual files
import EmailInput from './input/EmailInput.astro';
import PasswordInput from './input/PasswordInput.astro';
import Checkbox from './input/Checkbox.astro';
import GoogleBtn from '@components/ui/buttons/GoogleBtn.astro';
import TextAreaInput from './input/TextAreaInput.astro';
import AuthBtn from '@components/ui/buttons/AuthBtn.astro';
// Config object for customization of the component
const config = {
id: 'hs-toggle-between-modals-register-modal', // Modal identifier
title: 'Sign up', // Main heading
subTitle: 'Already have an account?', // Sub-heading text
loginBtn: 'Sign in here', // Text for login button
loginBtnDataHS: '#hs-toggle-between-modals-login-modal', // Target link for login button
id: 'hs-public-scope-modal', // Modal identifier
title: 'Scope request', // Main heading
subTitle: 'Need a lighter contact path?', // Sub-heading text
contactBtn: 'Open contact request', // Text for contact button
contactBtnDataHS: '#hs-public-contact-modal', // Target link for contact button
};
---
@ -40,57 +38,36 @@ const config = {
</div>
<p class="mt-2 text-sm text-neutral-600 dark:text-neutral-400">
{config.subTitle}
{/* Button to toggle login modal */}
{/* Button to toggle the contact modal */}
<button
class="rounded-lg p-1 font-medium text-orange-400 decoration-2 ring-zinc-500 outline-hidden hover:underline focus-visible:ring-3 dark:text-orange-400 dark:ring-zinc-200 dark:focus:outline-hidden"
data-hs-overlay={config.loginBtnDataHS}
data-hs-overlay={config.contactBtnDataHS}
>
{config.loginBtn}
{config.contactBtn}
</button>
</p>
</div>
{/* The form for user registration */}
{/* The form for public scope context */}
<div class="mt-5">
{/* Google signup button */}
<GoogleBtn title="Sign up with Google" />
{/* Dividing line with 'Or' text */}
<div
class="flex items-center py-3 text-xs text-neutral-400 uppercase before:me-6 before:flex-[1_1_0%] before:border-t before:border-neutral-200 after:ms-6 after:flex-[1_1_0%] after:border-t after:border-neutral-200 dark:text-neutral-500 dark:before:border-neutral-600 dark:after:border-neutral-600"
{/* Scope request form */}
<form
action="mailto:hello@tenantial.com"
method="post"
enctype="text/plain"
>
Or
</div>
{/* Registration form */}
<form>
<div class="grid gap-y-4">
{/* Email input field */}
<EmailInput
id="register-email"
errorId="register-email-error"
id="scope-email"
errorId="scope-email-error"
/>
{/* Password input field */}
<PasswordInput
id="create-password"
errorId="register-password-error"
content="8+ characters required"
<TextAreaInput
id="scope-context"
name="scope-context"
label="Rollout or evaluation context"
/>
{/* Password confirmation input field */}
<PasswordInput
label="Confirm Password"
id="confirm-password"
errorId="confirm-password-error"
content="Password does not match the password"
/>
{
/* Checkbox with a label and a link for accepting the terms and conditions */
}
<Checkbox label="I accept the " , id="terms-agree">
<a
class="font-medium text-orange-400 decoration-2 hover:underline dark:text-orange-400 dark:focus:outline-hidden"
href="/terms">Terms and Conditions</a
>
</Checkbox>
{/* Submit button for the registration form */}
<AuthBtn title="Sign up" />
{/* Submit button for the scope form */}
<AuthBtn title="Prepare scope request" />
</div>
</form>
</div>

1
apps/website/src/content/docs/en/guides/first-project-checklist.mdx
View File

@ -11,5 +11,6 @@ Use this checklist before a product walkthrough:
- Confirm which Microsoft tenant workflows are in scope.
- Separate read-only review needs from any future write or restore needs.
- Identify audit and approval expectations.
- Map backup, restore, drift, findings, evidence, auditability, exceptions, and reviews to the buyer questions that matter most.
- Plan staging validation before production rollout.
- Keep private tenant data out of public website communication.

3
apps/website/src/content/docs/en/guides/getting-started.mdx
View File

@ -6,13 +6,14 @@ sidebar:
order: 2
---
Start with a scoped conversation about the tenant governance problem you want to solve.
Start with a scoped conversation about the tenant governance problem you want to solve. The focus is category, risk, decision paths, and review participants, not self-serve access.
Useful preparation:
- Identify the Microsoft tenant administration workflows that need review.
- List which policy families, backup flows, or restore planning scenarios matter first.
- Decide who needs to participate in evidence review and approval.
- Note which findings, exceptions, or auditability expectations would carry the most decision value.
- Avoid sending private tenant exports or credentials through public website contact paths.
Tenantial walkthroughs should stay focused on review clarity, least-privilege rollout planning, and staging validation before production use.

6
apps/website/src/content/docs/en/guides/intro.mdx
View File

@ -6,7 +6,7 @@ sidebar:
order: 1
---
Tenantial is positioned around careful Microsoft tenant governance. Public materials focus on observed inventory, immutable policy snapshots, drift review, findings, exceptions, audit context, and defensive restore planning.
Tenantial is positioned around evidence-first Microsoft tenant governance. Public materials explain how observed inventory, immutable policy snapshots, drift review, findings, exceptions, auditability, and defensive restore planning fit together as one reviewable product model.
The website documentation is intentionally public and static. It does not expose live tenant data, operational evidence, private support material, credentials, or connected Microsoft accounts.
@ -14,5 +14,5 @@ The website documentation is intentionally public and static. It does not expose
- How policy evidence is collected and normalized for review.
- How snapshots support comparison and restore planning.
- How findings and exceptions make decisions attributable.
- How restore is treated as preview-first work.
- How drift, findings, and exceptions make decisions attributable.
- How restore is treated as preview-first work with validation, selective scope, and explicit confirmation.

4
apps/website/src/content/docs/en/platform/evidence-review.mdx
View File

@ -6,7 +6,7 @@ sidebar:
order: 1
---
Evidence review is the public framing for Tenantial's product direction.
Evidence review is the public framing for Tenantial's product direction. This note describes static product concepts and no live tenant connection.
The model is intentionally cautious:
@ -14,4 +14,4 @@ The model is intentionally cautious:
- Snapshots are explicit records for comparison and planning.
- Drift and findings become review work.
- Exceptions and audit notes keep decisions attributable.
- Restore is planned through preview, validation, selective scope, and explicit confirmation.
- Restore is planned through preview, validation, selective scope, and explicit confirmation without promising recovery success.

4
apps/website/src/content/docs/en/welcome-to-docs.mdx
View File

@ -9,7 +9,7 @@ lastUpdated: false
next: false
hero:
title: Tenantial documentation
tagline: Public notes for evidence review, snapshot discipline, drift review, and cautious restore planning.
tagline: Public notes for evidence review, snapshot discipline, drift, findings, auditability, and cautious restore planning.
actions:
- text: Get started
icon: right-arrow
@ -26,6 +26,6 @@ import { Card, CardGrid } from '@astrojs/starlight/components';
</Card>
<Card title="Platform Notes" icon="seti:terraform">
Review how Tenantial frames inventory evidence, snapshots, findings, and restore planning.
Review how Tenantial frames inventory evidence, snapshots, drift, findings, exceptions, reviews, and restore planning.
</Card>
</CardGrid>

1
apps/website/src/content/docs/guides/first-project-checklist.mdx
View File

@ -11,5 +11,6 @@ Nutze diese Checkliste vor einem Produkt-Walkthrough:
- Bestätige, welche Microsoft-Tenant-Workflows im Scope sind.
- Trenne Read-only-Review-Bedarf von künftigem Write- oder Restore-Bedarf.
- Identifiziere Audit- und Approval-Erwartungen.
- Ordne Backup, Restore, Drift, Findings, Evidence, Auditability, Exceptions und Reviews den wichtigsten Buyer-Fragen zu.
- Plane Staging-Validierung vor einem Produktionsrollout.
- Halte private Tenant-Daten aus öffentlicher Website-Kommunikation heraus.

3
apps/website/src/content/docs/guides/getting-started.mdx
View File

@ -6,13 +6,14 @@ sidebar:
order: 2
---
Starte mit einem scoped Gespräch über das Tenant-Governance-Problem, das gelöst werden soll.
Starte mit einem scoped Gespräch über das Tenant-Governance-Problem, das gelöst werden soll. Der Fokus liegt auf Kategorie, Risiko, Entscheidungswegen und Review-Beteiligten, nicht auf Self-Service-Zugang.
Sinnvolle Vorbereitung:
- Identifiziere die Microsoft-Tenant-Administrationsworkflows, die Review brauchen.
- Liste die Policy-Familien, Backup-Flows oder Restore-Planungsszenarien, die zuerst relevant sind.
- Entscheide, wer an Evidence Review und Approval teilnehmen muss.
- Notiere, welche Findings, Exceptions oder Auditability-Erwartungen den größten Entscheidungswert hätten.
- Sende keine privaten Tenant-Exporte oder Credentials über öffentliche Website-Kontaktpfade.
Tenantial Walkthroughs sollten auf Review-Klarheit, Least-Privilege-Rollout-Planung und Staging-Validierung vor Produktionseinsatz fokussiert bleiben.

6
apps/website/src/content/docs/guides/intro.mdx
View File

@ -6,7 +6,7 @@ sidebar:
order: 1
---
Tenantial ist auf vorsichtige Microsoft-Tenant-Governance ausgerichtet. Öffentliche Materialien fokussieren beobachtetes Inventory, unveränderliche Policy-Snapshots, Drift Review, Findings, Exceptions, Audit-Kontext und defensive Restore-Planung.
Tenantial ist auf evidence-first Microsoft-Tenant-Governance ausgerichtet. Öffentliche Materialien erklären, wie beobachtetes Inventory, unveränderliche Policy-Snapshots, Drift Review, Findings, Exceptions, Auditability und defensive Restore-Planung als ein prüfbares Produktmodell zusammenhängen.
Die Website-Dokumentation ist bewusst öffentlich und statisch. Sie legt keine Live-Tenant-Daten, operative Evidence, private Support-Materialien, Credentials oder verbundenen Microsoft-Konten offen.
@ -14,5 +14,5 @@ Die Website-Dokumentation ist bewusst öffentlich und statisch. Sie legt keine L
- Wie Policy Evidence für Reviews gesammelt und normalisiert wird.
- Wie Snapshots Vergleich und Restore-Planung unterstützen.
- Wie Findings und Exceptions Entscheidungen zuordenbar machen.
- Wie Restore als preview-first Arbeit behandelt wird.
- Wie Drift, Findings und Exceptions Entscheidungen zuordenbar machen.
- Wie Restore als preview-first Arbeit mit Validierung, selektivem Scope und expliziter Bestätigung behandelt wird.

4
apps/website/src/content/docs/platform/evidence-review.mdx
View File

@ -6,7 +6,7 @@ sidebar:
order: 1
---
Evidence Review ist die öffentliche Rahmung für Tenantials Produktrichtung.
Evidence Review ist die öffentliche Rahmung für Tenantials Produktrichtung. Die Notiz beschreibt statische Produktkonzepte und keine Live-Tenant-Verbindung.
Das Modell ist bewusst vorsichtig:
@ -14,4 +14,4 @@ Das Modell ist bewusst vorsichtig:
- Snapshots sind explizite Records für Vergleich und Planung.
- Drift und Findings werden zu Review-Arbeit.
- Exceptions und Audit-Notizen halten Entscheidungen zuordenbar.
- Restore wird über Preview, Validierung, selektiven Scope und explizite Bestätigung geplant.
- Restore wird über Preview, Validierung, selektiven Scope und explizite Bestätigung geplant, ohne Recovery-Erfolg zu versprechen.

4
apps/website/src/content/docs/welcome-to-docs.mdx
View File

@ -9,7 +9,7 @@ lastUpdated: false
next: false
hero:
title: Tenantial Dokumentation
tagline: Öffentliche Notizen zu Evidence Review, Snapshot-Disziplin, Drift Review und vorsichtiger Restore-Planung.
tagline: Öffentliche Notizen zu Evidence Review, Snapshot-Disziplin, Drift, Findings, Auditability und vorsichtiger Restore-Planung.
actions:
- text: Starten
icon: right-arrow
@ -26,6 +26,6 @@ import { Card, CardGrid } from '@astrojs/starlight/components';
</Card>
<Card title="Plattform-Notizen" icon="seti:terraform">
Prüfe, wie Tenantial Inventory Evidence, Snapshots, Findings und Restore-Planung rahmt.
Prüfe, wie Tenantial Inventory Evidence, Snapshots, Drift, Findings, Exceptions, Reviews und Restore-Planung rahmt.
</Card>
</CardGrid>

6
apps/website/src/data_files/constants.ts
View File

@ -4,9 +4,9 @@ export const SITE = {
title: 'Tenantial',
tagline: 'Evidenzbasierte Microsoft-Tenant-Governance',
description:
'Tenantial hilft Microsoft-Tenant-Administratoren, Policy-Evidence, Snapshots, Drift, Findings und Restore-Pläne vor kritischen Änderungen zu prüfen.',
'Tenantial hilft Microsoft-Tenant-Teams, Policy-Evidence, Snapshots, Drift, Findings, Exceptions, Auditability und Restore-Pläne in prüfbare Entscheidungen zu übersetzen.',
description_short:
'Evidenzbasierte Governance-Workflows für Microsoft-Tenant-Review, Backup, Drift und Restore-Planung.',
'Evidenzbasierte Governance-Workflows für Microsoft-Tenant-Review, Backup, Drift, Findings und Restore-Planung.',
url: 'https://tenantial.com',
author: 'Tenantial',
};
@ -37,7 +37,7 @@ export const OG = {
url: SITE.url,
title: `${SITE.title}: Evidenzbasierte Microsoft-Tenant-Governance`,
description:
'Prüfe Tenant Inventory, Snapshots, Drift, Findings, Exceptions und Restore-Pläne mit konservativen, auditfreundlichen Workflows.',
'Prüfe Tenant Inventory, Snapshots, Drift, Findings, Evidence, Exceptions und Restore-Pläne mit konservativen, auditfreundlichen Workflows.',
image: ogImageSrc,
};

6
apps/website/src/data_files/faqs.json
View File

@ -3,7 +3,7 @@
"faqs": [
{
"question": "What does Tenantial help teams understand?",
"answer": "Tenantial is positioned around backup evidence, restore planning, drift detection, findings, auditability, exceptions, and reviews for Microsoft tenant configuration."
"answer": "Tenantial explains backup evidence, restore planning, drift detection, findings, evidence, auditability, exceptions, and reviews as one governance model for Microsoft tenant configuration."
},
{
"question": "Does this public website connect to a live tenant?",
@ -11,10 +11,10 @@
},
{
"question": "Is restore positioned as an automatic outcome?",
"answer": "No. Tenantial describes restore as a cautious workflow with preview, validation, selective scope, explicit confirmation, and review context."
"answer": "No. Tenantial describes restore as a cautious workflow with preview, validation, selective scope, explicit confirmation, and review context, without promising recovery success."
},
{
"question": "Does Tenantial publish customer proof here?",
"question": "Does Tenantial publish customer evidence here?",
"answer": "No customer logos, third-party endorsements, external assurance statements, service-level commitments, or recovery promises are published without supplied and reviewed evidence."
}
]

8
apps/website/src/data_files/features.json
View File

@ -1,22 +1,22 @@
[
{
"heading": "Backup evidence",
"content": "Review observed policy metadata and backup snapshots from one readable source before decisions start.",
"content": "Review observed policy metadata and backup snapshots from one readable source before governance decisions start.",
"svg": "frame"
},
{
"heading": "Restore planning",
"content": "Compare immutable snapshots and plan restore work with validation, selective scope, and explicit review.",
"content": "Compare immutable snapshots and plan restore work with validation, selective scope, and explicit review rather than automatic recovery promises.",
"svg": "dashboard"
},
{
"heading": "Drift detection",
"content": "Turn differences, findings, and evidence into readable review work before administrators decide what to change.",
"content": "Turn differences, findings, and evidence into readable review work before administrators decide whether anything should change.",
"svg": "verified"
},
{
"heading": "Auditability and exceptions",
"content": "Keep exceptions, review notes, and auditability visible so decisions stay attributable.",
"content": "Keep exceptions, review notes, and auditability visible so decisions stay attributable and conservative.",
"svg": "checkCircle"
}
]

4
apps/website/src/data_files/pricing.json
View File

@ -1,9 +1,9 @@
{
"title": "Evaluation and rollout options",
"subTitle": "Commercial packaging is intentionally conservative on the public website. No instant payment path or fixed access package is implied.",
"subTitle": "Commercial packaging is intentionally conservative on the public website. No instant payment path, subscription activation, or fixed access package is implied.",
"badge": "Scoped",
"thirdOption": "Need a narrower evaluation conversation?",
"btnText": "Contact Tenantial",
"btnText": "Discuss evaluation",
"starterKit": {
"name": "Evaluation",
"description": "For teams reviewing fit before any rollout commitment.",

102
apps/website/src/data_files/site-copy.ts
View File

@ -37,9 +37,9 @@ export const siteCopy: Record<Locale, any> = {
site: {
tagline: 'Evidenzbasierte Microsoft-Tenant-Governance',
description:
'Tenantial hilft Microsoft-Tenant-Administratoren, Policy-Evidence, Snapshots, Drift, Findings und Restore-Pläne vor kritischen Änderungen zu prüfen.',
'Tenantial hilft Microsoft-Tenant-Teams, Policy-Evidence, Snapshots, Drift, Findings, Exceptions, Auditability und Restore-Pläne in prüfbare Entscheidungen zu übersetzen.',
descriptionShort:
'Evidenzbasierte Governance-Workflows für Microsoft-Tenant-Reviews, Backup, Drift und Restore-Planung.',
'Evidenzbasierte Governance-Workflows für Microsoft-Tenant-Reviews, Backup, Drift, Findings und Restore-Planung.',
},
nav: [
{ name: 'Start', url: '/' },
@ -70,9 +70,9 @@ export const siteCopy: Record<Locale, any> = {
],
},
],
conversationTitle: 'Scoped Conversation starten',
conversationTitle: 'Walkthrough oder Rollout-Gespräch starten',
conversationContent:
'Nutze die Kontaktseite oder E-Mail nur für Business-Kontext. Sende keine Secrets, Credentials oder Tenant-Exporte über die öffentliche Website.',
'Nutze die Kontaktseite oder E-Mail für Business-Kontext, Evaluierungsfragen und Rollout-Scope. Sende keine Secrets, Credentials oder Tenant-Exporte über die öffentliche Website.',
contactButton: 'Kontaktseite öffnen',
copyrightSuffix: 'Nur öffentliche Website-Inhalte.',
},
@ -86,19 +86,19 @@ export const siteCopy: Record<Locale, any> = {
heroTitle:
'Evidenzbasierte Governance für <span class="text-yellow-500 dark:text-yellow-400">Microsoft-Tenant-Konfiguration</span>',
heroSubtitle:
'Tenantial hilft Administratoren, Backup-Evidence, unveränderliche Snapshots, Drift Detection, Findings, Exceptions, Auditability und Restore-Pläne zu prüfen, bevor kritische Änderungen umgesetzt werden.',
'Tenantial macht Backup, Restore, Drift Detection, Findings, Evidence, Exceptions, Auditability und Reviews zu einem prüfbaren Governance-Modell, bevor kritische Änderungen entschieden werden.',
primaryCta: 'Walkthrough anfragen',
secondaryCta: 'Plattform ansehen',
secondaryCta: 'Produktmodell ansehen',
heroAlt: 'Statische Tenantial Governance-Dashboard-Vorschau',
featureTitle: 'Backup, Restore und Drift Detection mit Review-Kontext',
featureTitle: 'Vom beobachteten Zustand zur Review-Entscheidung',
featureSubtitle:
'Tenantial hält Backup-Snapshots, Findings, Evidence, Auditability, Exceptions und Reviews sichtbar, damit Restore-Entscheidungen preview-first bleiben. Die öffentliche Vorschau ist statisch und verbindet sich nicht mit Live-Tenant-Daten.',
'Tenantial hält Backup-Snapshots, Findings, Evidence, Auditability, Exceptions und Reviews als statischen Produktkontext sichtbar, damit Restore-Entscheidungen preview-first, nachvollziehbar und nicht als blinde Automation erscheinen.',
featureAlt: 'Statische Tenantial Review-Board-Vorschau',
workflowTitle:
'Ein <span class="text-yellow-500 dark:text-yellow-400">Review-Workflow</span> für evidenzbasierte Tenant-Governance.',
'Vom <span class="text-yellow-500 dark:text-yellow-400">Snapshot</span> zur Review-Entscheidung.',
tabs: [
{
heading: 'Evidence Intake',
heading: 'Evidence erfassen',
content:
'Normalisiere Inventory-, Backup- und Snapshot-Kontext, damit Reviews mit einer lesbaren Sicht auf den beobachteten Policy-Zustand starten.',
svg: 'frame',
@ -106,7 +106,7 @@ export const siteCopy: Record<Locale, any> = {
first: true,
},
{
heading: 'Decision Review',
heading: 'Findings prüfen',
content:
'Mache Drift Detection, Findings, Exceptions, Auditability und Review-Notizen sichtbar, bevor Administratoren die nächste Aktion wählen.',
svg: 'dashboard',
@ -127,19 +127,19 @@ export const siteCopy: Record<Locale, any> = {
pageTitle: 'Plattform | Tenantial',
metaDescription:
'Tenantial öffentliches Produktmodell für Microsoft-Tenant Backup-Evidence, Restore-Planung, Drift Detection, Findings, Auditability, Exceptions und Reviews.',
heading: 'Plattform-Review-Modell',
heading: 'Öffentliches Produktmodell',
subtitle:
'Tenantial ist auf Backup-Evidence, unveränderliche Policy-Snapshots, strukturierte Diffs, Drift Detection, Findings, Exceptions, Auditability, Governance-Reviews und vorsichtige Restore-Workflows für Microsoft-Tenant-Administratoren ausgerichtet.',
'Tenantial beschreibt ein Governance-of-record-Modell für Microsoft-Tenant-Konfiguration: Backup-Evidence, unveränderliche Policy-Snapshots, strukturierte Diffs, Drift Detection, Findings, Exceptions, Auditability, Governance-Reviews und vorsichtige Restore-Planung.',
backupTitle: 'Backup- und Snapshot-Evidence',
backupSubtitle:
'Administratoren brauchen einen reproduzierbaren Nachweis dessen, was beobachtet wurde, bevor entschieden wird, ob eine Änderung sicher ist. Tenantial rahmt Backup-Snapshots als Review-Evidence, nicht als versteckte Automation.',
'Administratoren brauchen einen reproduzierbaren Nachweis dessen, was beobachtet wurde, bevor entschieden wird, ob eine Änderung sicher ist. Tenantial rahmt Backup-Snapshots als Review-Evidence und nicht als versteckte Automation.',
dashboardAlt: 'Statische Tenantial Inventory-Dashboard-Vorschau',
evidenceAlt: 'Statische Tenantial Evidence-Review-Vorschau',
driftTitle: 'Drift Detection, Findings und Exceptions',
driftSubtitle:
'Unterschiede und Findings sollen lesbare Entscheidungsarbeit werden. Exceptions, Evidence, Review-Notizen und Auditability halten die Begründung sichtbar, ohne zu behaupten, dass die öffentliche Website mit Live-Tenant-Daten verbunden ist.',
driftAlt: 'Statische Tenantial Drift-Workflow-Vorschau',
trustCta: 'Trust-Posture ansehen',
trustCta: 'Trust-Grenzen ansehen',
restoreTitle: 'Restore-Planung bleibt defensiv',
restoreSubtitle:
'Restore-Pfade werden als preview-first Workflows mit Validierung, Konfliktbewusstsein, selektivem Scope und expliziter Bestätigung vor sensiblen Aktionen beschrieben.',
@ -161,9 +161,9 @@ export const siteCopy: Record<Locale, any> = {
pageTitle: 'Preise | Tenantial',
metaDescription:
'Tenantial Preise nutzen konservative Evaluierungs- und Rollout-Gespräche statt sofortiger Zahlung oder Access-Claims.',
heading: 'Preise bleiben scoped',
heading: 'Evaluation bleibt kontaktgeführt',
subtitle:
'Tenantial behauptet auf der öffentlichen Website keine Sofortzahlung, keinen festen Paket-Zugang und keine automatische Tenant-Verbindung.',
'Tenantial beschreibt hier Evaluierungs- und Rollout-Pfade. Die öffentliche Website behauptet keine Sofortzahlung, keinen festen Paket-Zugang und keine automatische Tenant-Verbindung.',
},
contact: {
pageTitle: 'Kontakt | Tenantial',
@ -199,19 +199,19 @@ export const siteCopy: Record<Locale, any> = {
trust: {
pageTitle: 'Vertrauen | Tenantial',
metaDescription:
'Tenantial öffentliche Trust-Posture mit konservativen Claims und klaren Grenzen für statische Previews.',
'Tenantial öffentliche Vertrauensposition mit konservativen Claims und klaren Grenzen für statische Produktvorschauen.',
heading: 'Vertrauen beginnt mit klaren Grenzen',
subtitle:
'Tenantial Public Copy vermeidet Customer-Logo-Proof, Third-Party-Endorsements, externe Assurance-Aussagen, Service-Level-Commitments und Recovery-Versprechen, solange sie nicht geliefert und geprüft wurden.',
'Tenantial vermeidet Kundenlogo-Belege, externe Endorsements, externe Assurance-Aussagen, Service-Level-Zusagen und Recovery-Versprechen, solange sie nicht geliefert und geprüft wurden.',
cta: 'Tenantial kontaktieren',
statsTitle: 'Public Website Posture',
statsTitle: 'Öffentliche Website-Grenzen',
statsSubtitle:
'Die Website beschreibt eine vorsichtige Produktrichtung. Sie legt keine privaten Tenant-Daten offen, führt keine Tenant-Operationen aus und ist kein Support-Evidence-Portal.',
mainStatTitle: 'Statisch',
mainStatSubTitle: 'nur Produkt-Previews',
stats: [
{ stat: 'Kein', description: 'Customer-Logo-Proof' },
{ stat: 'Kein', description: 'externer Endorsement-Claim' },
{ stat: 'Keine', description: 'Kundenlogo-Belege' },
{ stat: 'Keine', description: 'externen Endorsements' },
{ stat: 'Keine', description: 'Live-Tenant-Verbindung' },
],
},
@ -253,9 +253,9 @@ export const siteCopy: Record<Locale, any> = {
site: {
tagline: 'Evidence-first Microsoft tenant governance',
description:
'Tenantial helps Microsoft tenant administrators review policy evidence, snapshots, drift, findings, and restore plans before high-impact changes move forward.',
'Tenantial helps Microsoft tenant teams turn policy evidence, snapshots, drift, findings, exceptions, auditability, and restore plans into reviewable decisions.',
descriptionShort:
'Evidence-first governance workflows for Microsoft tenant review, backup, drift, and restore planning.',
'Evidence-first governance workflows for Microsoft tenant review, backup, drift, findings, and restore planning.',
},
nav: [
{ name: 'Home', url: '/' },
@ -286,9 +286,9 @@ export const siteCopy: Record<Locale, any> = {
],
},
],
conversationTitle: 'Start a scoped conversation',
conversationTitle: 'Start a walkthrough or rollout conversation',
conversationContent:
'Use the contact page or email for business context only. Do not send secrets, credentials, or tenant exports through the public website.',
'Use the contact page or email for business context, evaluation questions, and rollout scope. Do not send secrets, credentials, or tenant exports through the public website.',
contactButton: 'Open contact page',
copyrightSuffix: 'Public website content only.',
},
@ -302,16 +302,16 @@ export const siteCopy: Record<Locale, any> = {
heroTitle:
'Evidence-first governance for <span class="text-yellow-500 dark:text-yellow-400">Microsoft tenant configuration</span>',
heroSubtitle:
'Tenantial helps administrators review backup evidence, immutable snapshots, drift detection, findings, exceptions, auditability, and restore plans before high-impact changes move forward.',
'Tenantial turns backup, restore, drift detection, findings, evidence, exceptions, auditability, and reviews into a governance model before high-impact changes move forward.',
primaryCta: 'Request walkthrough',
secondaryCta: 'Explore platform',
secondaryCta: 'View product model',
heroAlt: 'Static Tenantial governance dashboard preview',
featureTitle: 'Backup, restore, and drift detection with review context',
featureTitle: 'From observed state to reviewable decisions',
featureSubtitle:
'Tenantial keeps backup snapshots, findings, evidence, auditability, exceptions, and reviews visible so restore decisions stay preview-first. The public preview is static and does not connect to live tenant data.',
'Tenantial keeps backup snapshots, findings, evidence, auditability, exceptions, and reviews visible as static product context, so restore decisions stay preview-first, attributable, and never positioned as hidden automation.',
featureAlt: 'Static Tenantial review board preview',
workflowTitle:
'A <span class="text-yellow-500 dark:text-yellow-400">review workflow</span> for evidence-first tenant governance.',
'From <span class="text-yellow-500 dark:text-yellow-400">snapshot</span> to review decision.',
tabs: [
{
heading: 'Evidence intake',
@ -343,12 +343,12 @@ export const siteCopy: Record<Locale, any> = {
pageTitle: 'Platform | Tenantial',
metaDescription:
'Tenantial public product model for Microsoft tenant backup evidence, restore planning, drift detection, findings, auditability, exceptions, and reviews.',
heading: 'Platform review model',
heading: 'Public product model',
subtitle:
'Tenantial is positioned around backup evidence, immutable policy snapshots, structured diffs, drift detection, findings, exceptions, auditability, governance reviews, and cautious restore workflows for Microsoft tenant administrators.',
'Tenantial describes a governance-of-record model for Microsoft tenant configuration: backup evidence, immutable policy snapshots, structured diffs, drift detection, findings, exceptions, auditability, governance reviews, and cautious restore planning.',
backupTitle: 'Backup and snapshot evidence',
backupSubtitle:
'Administrators need a reproducible record of what was observed before deciding whether a change is safe. Tenantial frames backup snapshots as review evidence, not as hidden automation.',
'Administrators need a reproducible record of what was observed before deciding whether a change is safe. Tenantial frames backup snapshots as review evidence and not as hidden automation.',
dashboardAlt: 'Static Tenantial inventory dashboard preview',
evidenceAlt: 'Static Tenantial evidence review panel preview',
driftTitle: 'Drift detection, findings, and exceptions',
@ -376,9 +376,9 @@ export const siteCopy: Record<Locale, any> = {
pageTitle: 'Pricing | Tenantial',
metaDescription:
'Tenantial pricing uses conservative evaluation and rollout conversation paths, not instant public payment or access claims.',
heading: 'Pricing stays scoped',
heading: 'Evaluation stays contact-led',
subtitle:
'Tenantial does not claim instant payment, fixed package access, or automatic tenant connection from the public website.',
'Tenantial describes evaluation and rollout paths here. The public website does not claim instant payment, fixed package access, or automatic tenant connection.',
},
contact: {
pageTitle: 'Contact | Tenantial',
@ -469,25 +469,25 @@ export const featuresByLocale: Record<Locale, Feature[]> = {
{
heading: 'Backup-Evidence',
content:
'Prüfe beobachtete Policy-Metadaten und Backup-Snapshots aus einer lesbaren Quelle, bevor Entscheidungen beginnen.',
'Prüfe beobachtete Policy-Metadaten und Backup-Snapshots aus einer lesbaren Quelle, bevor Governance-Entscheidungen beginnen.',
svg: 'frame',
},
{
heading: 'Restore-Planung',
content:
'Vergleiche unveränderliche Snapshots und plane Restore-Arbeit mit Validierung, selektivem Scope und explizitem Review.',
'Vergleiche unveränderliche Snapshots und plane Restore-Arbeit mit Validierung, selektivem Scope und explizitem Review statt Recovery-Versprechen.',
svg: 'dashboard',
},
{
heading: 'Drift Detection',
content:
'Verwandle Unterschiede, Findings und Evidence in lesbare Review-Arbeit, bevor Administratoren Änderungen entscheiden.',
'Verwandle Unterschiede, Findings und Evidence in lesbare Review-Arbeit, bevor Administratoren entscheiden, ob etwas geändert werden sollte.',
svg: 'verified',
},
{
heading: 'Auditability und Exceptions',
content:
'Halte Exceptions, Review-Notizen und Auditability sichtbar, damit Entscheidungen zuordenbar bleiben.',
'Halte Exceptions, Review-Notizen und Auditability sichtbar, damit Entscheidungen zuordenbar und konservativ bleiben.',
svg: 'checkCircle',
},
],
@ -495,25 +495,25 @@ export const featuresByLocale: Record<Locale, Feature[]> = {
{
heading: 'Backup evidence',
content:
'Review observed policy metadata and backup snapshots from one readable source before decisions start.',
'Review observed policy metadata and backup snapshots from one readable source before governance decisions start.',
svg: 'frame',
},
{
heading: 'Restore planning',
content:
'Compare immutable snapshots and plan restore work with validation, selective scope, and explicit review.',
'Compare immutable snapshots and plan restore work with validation, selective scope, and explicit review rather than automatic recovery promises.',
svg: 'dashboard',
},
{
heading: 'Drift detection',
content:
'Turn differences, findings, and evidence into readable review work before administrators decide what to change.',
'Turn differences, findings, and evidence into readable review work before administrators decide whether anything should change.',
svg: 'verified',
},
{
heading: 'Auditability and exceptions',
content:
'Keep exceptions, review notes, and auditability visible so decisions stay attributable.',
'Keep exceptions, review notes, and auditability visible so decisions stay attributable and conservative.',
svg: 'checkCircle',
},
],
@ -523,10 +523,10 @@ export const pricingByLocale: Record<Locale, Pricing> = {
de: {
title: 'Evaluierungs- und Rollout-Optionen',
subTitle:
'Kommerzielle Pakete bleiben auf der öffentlichen Website bewusst konservativ. Es wird kein Sofortkauf oder fester Access-Plan behauptet.',
'Kommerzielle Pakete bleiben auf der öffentlichen Website bewusst konservativ. Es wird kein Sofortkauf, keine Subscription-Aktivierung und kein fester Access-Plan behauptet.',
badge: 'Scoped',
thirdOption: 'Brauchst du ein engeres Evaluierungsgespräch?',
btnText: 'Tenantial kontaktieren',
btnText: 'Evaluierung besprechen',
starterKit: {
name: 'Evaluation',
description: 'Für Teams, die Fit vor einer Rollout-Zusage prüfen.',
@ -560,10 +560,10 @@ export const pricingByLocale: Record<Locale, Pricing> = {
en: {
title: 'Evaluation and rollout options',
subTitle:
'Commercial packaging is intentionally conservative on the public website. No instant payment path or fixed access package is implied.',
'Commercial packaging is intentionally conservative on the public website. No instant payment path, subscription activation, or fixed access package is implied.',
badge: 'Scoped',
thirdOption: 'Need a narrower evaluation conversation?',
btnText: 'Contact Tenantial',
btnText: 'Discuss evaluation',
starterKit: {
name: 'Evaluation',
description: 'For teams reviewing fit before any rollout commitment.',
@ -617,9 +617,9 @@ export const faqsByLocale: Record<Locale, FaqGroup> = {
'Nein. Tenantial beschreibt Restore als vorsichtigen Workflow mit Preview, Validierung, selektivem Scope, expliziter Bestätigung und Review-Kontext.',
},
{
question: 'Veröffentlicht Tenantial hier Customer Proof?',
question: 'Veröffentlicht Tenantial hier Kundenbelege?',
answer:
'Ohne gelieferte und geprüfte Evidence werden keine Kundenlogos, Third-Party-Endorsements, externen Assurance-Aussagen, Service-Level-Commitments oder Recovery-Versprechen veröffentlicht.',
'Ohne gelieferte und geprüfte Evidence werden keine Kundenlogos, externen Endorsements, externen Assurance-Aussagen, Service-Level-Zusagen oder Recovery-Versprechen veröffentlicht.',
},
],
},
@ -642,7 +642,7 @@ export const faqsByLocale: Record<Locale, FaqGroup> = {
'No. Tenantial describes restore as a cautious workflow with preview, validation, selective scope, explicit confirmation, and review context.',
},
{
question: 'Does Tenantial publish customer proof here?',
question: 'Does Tenantial publish customer evidence here?',
answer:
'No customer logos, third-party endorsements, external assurance statements, service-level commitments, or recovery promises are published without supplied and reviewed evidence.',
},

4
apps/website/tests/smoke/interaction.spec.ts
View File

@ -154,7 +154,7 @@ test('language picker switches between German default and English routes', async
await expect(page).toHaveURL(/\/en\/platform\/?$/);
await expect(
page.getByRole('heading', { name: /Platform review model/i })
page.getByRole('heading', { name: /Public product model/i })
).toBeVisible();
await page.getByLabel('Sprache wechseln').click();
@ -162,6 +162,6 @@ test('language picker switches between German default and English routes', async
await expect(page).toHaveURL(/\/platform\/?$/);
await expect(
page.getByRole('heading', { name: /Plattform-Review-Modell/i })
page.getByRole('heading', { name: /Öffentliches Produktmodell/i })
).toBeVisible();
});

8
apps/website/tests/smoke/public-routes.spec.ts
View File

@ -37,7 +37,7 @@ const routeMetadata = {
},
'/trust': {
title: /Vertrauen \| Tenantial/i,
description: /Trust-Posture.*statische.*Previews/i,
description: /Vertrauensposition.*konservativen Claims.*statische Produktvorschauen/i,
},
'/legal': {
title: /Rechtliches \| Tenantial/i,
@ -160,7 +160,7 @@ test('homepage first viewport explains core Tenantial capabilities', async ({
page.getByRole('link', { name: /Walkthrough anfragen/i }).first()
).toHaveAttribute('href', '/contact');
await expect(
page.getByRole('link', { name: /Plattform ansehen/i }).first()
page.getByRole('link', { name: /Produktmodell ansehen/i }).first()
).toHaveAttribute('href', '/platform');
await expectCoreCapabilitiesVisible(page);
});
@ -171,7 +171,7 @@ test('/platform explains the public product model without internal runtime terms
await page.goto('/platform');
await expect(
page.getByRole('heading', { name: /Plattform-Review-Modell/i })
page.getByRole('heading', { name: /Öffentliches Produktmodell/i })
).toBeVisible();
await expectCoreCapabilitiesVisible(page);
await expect(page.locator('body')).toContainText(/statische Demo-Previews/i);
@ -262,7 +262,7 @@ for (const route of redirectRoutes) {
await expect(page).toHaveURL(new RegExp(`${expected.target}/?$`));
await expect(
page.getByRole('heading', {
name: /Plattform-Review-Modell|Platform review model/,
name: /Öffentliches Produktmodell|Public product model/,
})
).toBeVisible();
});

5
apps/website/tests/smoke/smoke-helpers.ts
View File

@ -88,6 +88,11 @@ const forbiddenPublicPatterns = [
{ label: 'recovery guarantee', pattern: /guaranteed recovery/i },
{ label: 'compliance guarantee', pattern: /guaranteed compliance/i },
{ label: 'fake checkout CTA', pattern: /\b(buy now|checkout)\b/i },
{ label: 'fake newsletter CTA', pattern: /\b(subscribe|newsletter)\b/i },
{
label: 'fake subscription CTA',
pattern: /\b(pay now|start subscription|activate subscription)\b/i,
},
{
label: 'fake trial CTA',
pattern: /\b(start free trial|create account)\b/i,

38
specs/404-public-content-messaging/checklists/requirements.md Normal file
View File

@ -0,0 +1,38 @@
# Specification Quality Checklist: `apps/website` Public Content Architecture & Messaging
**Purpose**: Validate specification completeness and quality before proceeding to planning
**Created**: 2026-05-22
**Feature**: [spec.md](../spec.md)
## Content Quality
- [x] No implementation details (languages, frameworks, APIs)
- [x] Focused on user value and business needs
- [x] Written for non-technical stakeholders
- [x] All mandatory sections completed
## Requirement Completeness
- [x] No [NEEDS CLARIFICATION] markers remain
- [x] Requirements are testable and unambiguous
- [x] Success criteria are measurable
- [x] Success criteria are technology-agnostic (no implementation details)
- [x] All acceptance scenarios are defined
- [x] Edge cases are identified
- [x] Scope is clearly bounded
- [x] Dependencies and assumptions identified
## Feature Readiness
- [x] All functional requirements have clear acceptance criteria
- [x] User scenarios cover primary flows
- [x] Feature meets measurable outcomes defined in Success Criteria
- [x] No implementation details leak into specification
## Notes
- Validation pass 1 completed on 2026-05-22.
- No `[NEEDS CLARIFICATION]` markers were needed; the spec uses the user's explicit scope and conservative defaults.
- Repository validation commands are listed as delivery checks; product requirements remain focused on public content, buyer understanding, CTA consistency, and claim safety.

157
specs/404-public-content-messaging/contracts/public-content-contract.md Normal file
View File

@ -0,0 +1,157 @@
# Public Content Contract: Spec 404 Content Architecture & Messaging
This feature has no REST, GraphQL, Laravel, Filament, Livewire, Microsoft Graph, database, queue, job, policy, RBAC, or product runtime API contract.
The contract is the public static website content behavior that reviewers and smoke tests must verify.
## Core Public Routes
The following German default routes must render intentionally and expose Tenantial-specific content, metadata, and CTAs:
- `/`
- `/platform`
- `/pricing`
- `/contact`
- `/trust`
- `/legal`
- `/privacy`
- `/terms`
- `/imprint`
- `/welcome-to-docs/`
- `/guides/intro/`
- `/guides/getting-started/`
- `/guides/first-project-checklist/`
- `/platform/evidence-review/`
The following English route mirrors must remain consistent where they are intentionally exposed:
- `/en/`
- `/en/platform`
- `/en/pricing`
- `/en/contact`
- `/en/trust`
- `/en/legal`
- `/en/privacy`
- `/en/terms`
- `/en/imprint`
- `/en/welcome-to-docs/`
- `/en/guides/intro/`
- `/en/guides/getting-started/`
- `/en/guides/first-project-checklist/`
- `/en/platform/evidence-review/`
## Homepage Messaging Contract
The homepage must satisfy:
- hero copy identifies Tenantial as evidence-first governance for Microsoft tenant configuration
- first two homepage sections allow a reviewer to name at least three of backup, restore, drift, findings, evidence, audit trail, exceptions, and reviews
- section headings read as a coherent sequence from product category to buyer problem to operating model to capability proof to evaluation
- each major section adds distinct meaning rather than repeating the same product claim
- CTAs match the visitor's likely decision stage
- homepage copy stays suitable for later Spec 405 spacing and visual polish
## `/platform` Product-Model Contract
The public `/platform` route must satisfy:
- explains backup, restore, drift, findings, evidence, auditability, exceptions, and reviews as one operating model
- explains Tenantial as governance-of-record, not helpdesk, device-action, or blind automation
- frames product-like previews as static/demo/illustrative where needed
- does not import, inspect, or cite `apps/platform` as an implementation source
- does not imply that the public website connects to a Microsoft tenant, runs Microsoft Graph calls, or shows live tenant data
## Pricing And Evaluation Contract
Pricing and evaluation copy on `/pricing` and homepage evaluation surfaces must satisfy:
- commercial language is contact-led and framed around evaluation, rollout scope, or scoped conversation
- no checkout, instant subscription activation, self-serve billing, account creation, or fixed unsupported entitlement claims
- managed rollout language reads as a scoped commercial conversation rather than a fake fixed plan
- pricing/evaluation CTAs route to `/contact` or another intentional route/anchor
- visual language requirements are limited to content clarity; broad layout polish remains Spec 405
## Trust, FAQ, Footer, And Legal-Adjacent Contract
Trust-sensitive public copy must avoid unsupported:
- SOC 2, ISO, or other certification claims
- Microsoft endorsement or partnership claims
- compliance guarantees
- recovery guarantees
- uptime guarantees
- fake customer logos
- fake testimonials
- fake "trusted by" claims
- real customer evidence implications
- public website live-tenant-data implications
FAQ and footer copy must close the page intentionally without adding fake workflows, fake proof, or unsupported support commitments.
## CTA Contract
Every public CTA, navigation item, footer link, docs link, and visible form-like control must satisfy:
- resolves to an intentional route, anchor, static asset, mailto link, or legitimate external URL
- no public `href="#"` placeholders
- primary contact/demo paths route to `/contact` or an intentional contact section
- secondary educational paths route to product, pricing, trust, docs, or legal explanations
- localized public links remain in the current locale where a localized route exists
- labels avoid login, signup, account creation, checkout, subscription, instant provisioning, automated scheduling, or guaranteed backend submission implications unless those workflows exist
- CTA language is normalized by intent family before individual labels are rewritten
## Metadata Contract
Each rendered canonical route must provide:
- Tenantial-specific page title
- Tenantial-specific page description
- route-appropriate canonical, Open Graph, and Twitter summary values
- no ScrewFast, construction, hardware, manufacturing, template, TenantAtlas, TenantPilot, or TenantCTRL residue in public metadata
- no unsupported proof claims in title, description, Open Graph, Twitter, schema, or docs metadata
- sitemap and robots behavior preserved from Spec 403 unless a website-scope correction is documented
## Docs Exposure Contract
Exposed docs routes must:
- contain intentional Tenantial-specific content or be hidden from public navigation
- avoid placeholder theme content
- avoid unsupported product behavior claims
- avoid support, legal, integration, compliance, or recovery commitments not supplied by the product/business
- keep public docs separate from `apps/platform` implementation documentation unless a future spec explicitly changes scope
## Product Preview Contract
Static product previews must:
- be framed as illustrative, static, or demo content where needed
- avoid implying live tenant data
- avoid internal Laravel/Filament implementation details
- avoid turning visual labels into product runtime taxonomy
- communicate meaning through text or labels, not color alone
## Browser And Accessibility Contract
Validated public routes must:
- avoid body-level horizontal overflow on representative desktop and mobile viewports
- keep primary navigation, CTAs, footer links, FAQ controls, and visible controls keyboard reachable
- show visible focus states for interactive elements
- remain understandable with reduced motion
- keep primary content and links usable if JavaScript fails where reasonably possible for a static marketing site
## Scope Contract
Implementation and validation must not touch:
- `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/platform`
- Laravel providers, migrations, policies, jobs, queues, database, Filament resources, Livewire components, Blade views, tenant/workspace/RBAC code, Microsoft Graph code, or AuditLog behavior
Scope proof command:
```bash
cd /Users/ahmeddarrazi/Documents/projects/wt-website && git status --short -- apps/platform
```
The command must print no output.

147
specs/404-public-content-messaging/data-model.md Normal file
View File

@ -0,0 +1,147 @@
# Data Model: `apps/website` Public Content Architecture & Messaging
This feature introduces no database tables, product runtime models, persisted entities, enums, status families, provider contracts, or shared product taxonomy.
The records below are planning and validation concepts for static website artifacts only.
## Public Content Surface
Represents an intentional public page, docs page, navigation area, footer area, FAQ area, or metadata surface affected by this content architecture pass.
**Fields**
- `surfaceId`: stable human-readable identifier, such as `homepage`, `platform`, `pricing`, `trust`, `contact`, `docs-intro`, or `footer`
- `path`: public URL path when the surface maps to a route
- `locale`: German default, English mirror, shared, or locale-neutral
- `sourceArea`: page, shared data file, component, docs content, metadata, navigation, footer, or smoke expectation
- `audienceIntent`: first-time visitor, buyer evaluator, security-conscious reviewer, or site owner/reviewer
- `sectionRole`: category definition, problem framing, operating model, capability explanation, evaluation, trust, FAQ, legal-adjacent, or closing CTA
- `readiness`: needs audit, needs rewrite, accepted, or hidden from navigation
**Validation Rules**
- Every exposed core public page must have intentional Tenantial-specific content.
- Homepage surfaces must support a coherent narrative from product category to evaluation.
- `/platform` surfaces must explain the public product model more deeply than the homepage.
- Surfaces must not import, reference, or depend on `apps/platform`.
## Messaging Claim
Represents visible copy or metadata that could create a product, trust, pricing, legal, proof, or workflow claim.
**Fields**
- `surfaceId`: related public content surface
- `claimText`: reviewed phrase or summary of the phrase
- `claimCategory`: product positioning, trust, pricing, restore, audit, compliance, Microsoft relationship, social proof, preview framing, or workflow expectation
- `proofStatus`: verified, conservative positioning, illustrative/static, unsupported, or remove
- `riskLevel`: low, medium, high
- `requiredAction`: keep, rewrite, remove, hide, or verify proof
**Validation Rules**
- Unsupported SOC 2, ISO, Microsoft endorsement, compliance guarantee, recovery guarantee, uptime guarantee, and customer-proof claims must be removed or rewritten.
- Restore language must avoid guaranteed recovery or automatic success.
- Audit/evidence language must avoid legal sufficiency, certification, and guaranteed compliance.
- Public copy must not imply that the website connects to or displays live Microsoft tenant data.
## CTA Intent
Represents a visible CTA, navigation item, footer link, docs link, or form-like public action.
**Fields**
- `label`: visible CTA or link text
- `sourceSurface`: page, component, footer, docs nav, or metadata-adjacent content area where the CTA appears
- `target`: route, anchor, static asset, mailto link, or legitimate external URL
- `intentFamily`: primary contact/demo, secondary product explanation, pricing evaluation, trust/legal review, docs review, or navigation
- `workflowImplied`: contact request, product education, pricing discussion, trust review, docs review, login, signup, checkout, subscription, account creation, automated scheduling, or backend submission
- `supported`: yes or no
**Validation Rules**
- Public CTAs must resolve to intentional routes or anchors.
- Public CTAs must not use `href="#"`.
- CTAs must not imply unavailable login, signup, checkout, account creation, instant provisioning, self-serve billing, automated scheduling, or guaranteed backend submission workflows.
- Primary action language should remain consistent across pages.
## Product Capability Narrative
Represents one Tenantial capability concept that must be explained safely in public copy.
**Fields**
- `capability`: backup, restore, drift, findings, evidence, auditability, exceptions, reviews, or restore planning
- `homepageRole`: category proof, short capability mention, or omitted
- `platformRole`: detailed operating-model explanation, static preview explanation, or related capability
- `claimBoundary`: words or implications to avoid
- `relatedSurfaces`: public pages or docs surfaces where the capability appears
**Validation Rules**
- Homepage copy must mention enough capabilities for product category clarity without repeating the same claims across sections.
- `/platform` must explain the capabilities as one operating model.
- Drift and finding copy must emphasize reviewability and operator decision-making instead of automatic remediation.
- Capability language must remain public positioning, not runtime guarantee.
## Static Preview Reference
Represents product-like static/demo content shown or referenced on public pages.
**Fields**
- `surfaceId`: related route or component
- `previewName`: human-readable preview name
- `framingCopy`: text that identifies the preview as static, illustrative, or demo where needed
- `capabilityShown`: backup, restore, drift, findings, evidence, auditability, exceptions, reviews, or related product positioning
- `dataProvenance`: static/demo only
- `claimRisk`: whether the preview could imply live tenant data, real customer evidence, or active provider integration
**Validation Rules**
- Preview content must not imply live tenant data.
- Preview status-like values must not become shared product taxonomy.
- Preview copy must not rely on color alone for meaning where status-like information is shown.
- Preview wording must avoid internal Laravel/Filament implementation details.
## Route Metadata
Represents public route title, description, canonical, social, and search-facing metadata.
**Fields**
- `path`: public route path
- `title`: route-specific page title
- `description`: route-specific page description
- `canonicalPolicy`: canonical self, localized alternate, redirect-only, or hidden
- `socialSummary`: Open Graph/Twitter-facing summary
- `residueStatus`: clean, needs review, or blocked
- `claimStatus`: conservative, needs rewrite, or blocked
**Validation Rules**
- Core public route titles and descriptions must reflect the revised messaging.
- Metadata must remain Tenantial-specific and residue-free.
- Metadata must avoid unsupported claims just like visible page copy.
- Sitemap and robots behavior from Spec 403 must remain intact unless explicitly corrected within website scope.
## Relationships
- A `Public Content Surface` may contain many `Messaging Claim`, `CTA Intent`, `Product Capability Narrative`, `Static Preview Reference`, and `Route Metadata` review points.
- A `CTA Intent` belongs to one source surface and targets one intentional route, anchor, static asset, or legitimate external URL.
- A `Product Capability Narrative` may appear on multiple public content surfaces, with the homepage carrying concise positioning and `/platform` carrying deeper explanation.
- `Route Metadata` belongs to one public route and must be reviewed with the visible copy for the same route.
## State Transitions
No product runtime state transitions are introduced.
Implementation review may move planning concepts through this non-product workflow:
```text
identified -> audited -> rewritten -> validated
identified -> hidden-from-navigation -> validated
identified -> removed -> validated
```
These are task/review states only and must not become product runtime status families.

220
specs/404-public-content-messaging/plan.md Normal file
View File

@ -0,0 +1,220 @@
# Implementation Plan: `apps/website` Public Content Architecture & Messaging
**Branch**: `404-public-content-messaging` | **Date**: 2026-05-22 | **Spec**: `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/spec.md`
**Input**: Feature specification from `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/spec.md`
## Summary
Stabilize Tenantial's public website messaging before later visual rhythm work. The implementation stays inside `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website` and updates public copy, section intent, CTA language, route metadata, trust/pricing/contact wording, FAQ/footer messaging, and exposed docs navigation/content so the site communicates evidence-first Microsoft tenant governance without unsupported claims or runtime workflow implications.
## Technical Context
**Language/Version**: TypeScript 6.0.3, Astro 6.3.3, Node.js >=20.0.0, pnpm 10.33.0
**Primary Dependencies**: Astro, `@astrojs/starlight`, `@astrojs/sitemap`, `@astrojs/mdx`, Tailwind CSS v4, `@tailwindcss/vite`, Preline 4, Lenis, GSAP, Sharp, Playwright
**Storage**: N/A - static website content, docs content, route metadata, and generated build output only; no database or product persistence
**Testing**: Astro check/build plus Playwright smoke tests under `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/tests/smoke`
**Validation Lanes**: website build, public smoke, manual browser/content review, whitespace check, `apps/platform` scope check
**Target Platform**: Static Astro public website deployed from `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website`, with public site URL `https://tenantial.com`
**Project Type**: Web - standalone Astro public website inside monorepo
**Performance Goals**: Public routes remain static-buildable; validated desktop/mobile routes retain no body-level horizontal overflow; content remains understandable without requiring unavailable backend workflows
**Constraints**: Runtime/source changes are scoped to `apps/website`; Spec Kit artifacts live under `specs/404-public-content-messaging`; preserve Spec 402 ScrewFast-derived substrate and Spec 403 launch-readiness safety; do not add backend contact/demo workflow, authentication, billing, Microsoft Graph, Laravel, Filament, Livewire, database, queue, job, provider, policy, RBAC, or `apps/platform` changes
**Scale/Scope**: Public content architecture pass for homepage, `/platform`, `/pricing`, `/trust`, `/contact`, exposed docs routes, route metadata, navigation, FAQ, footer, CTA labels, static/demo preview framing, and claim-safety review
## UI / Surface Guardrail Plan
- **Guardrail scope**: no admin/operator-facing product surface change; public website content and messaging guardrail only
- **Native vs custom classification summary**: ScrewFast-derived Astro website; no Filament/Blade/admin surface
- **Shared-family relevance**: none for Laravel/Filament shared interaction families; website-local public navigation/CTA/content families remain in scope
- **State layers in scope**: static page content, docs content, public route metadata, navigation/footer link data, preview framing copy, Playwright smoke expectations
- **Audience modes in scope**: public visitor, buyer/reviewer, security-conscious evaluator, site owner/reviewer; no authenticated operator/MSP/support-platform modes
- **Decision/diagnostic/raw hierarchy plan**: public copy must be buyer-decision-first; internal implementation diagnostics stay out of visible copy; static/demo preview context is disclosed where needed
- **Raw/support gating plan**: N/A - no raw/support product evidence surface
- **One-primary-action / duplicate-truth control**: primary CTAs should stay contact-led; secondary CTAs should point to explanatory pages; repeated claims should be consolidated so each section adds new meaning
- **Handling modes by drift class or surface**: public copy/CTA/claim drift is review-mandatory inside this feature; platform/admin drift is a hard stop
- **Repository-signal treatment**: `apps/platform` changes are a hard stop; public website source/output changes are reviewed only inside website scope
- **Special surface test profiles**: N/A - not a Filament surface
- **Required tests or manual smoke**: public smoke plus manual review of homepage narrative, `/platform` product model, pricing/trust/contact claim posture, CTA targets, metadata, light/dark/mobile/desktop, and keyboard reachability
- **Exception path and spread control**: none
- **Active feature PR close-out entry**: Smoke Coverage
## Shared Pattern & System Fit
- **Cross-cutting feature marker**: yes, within public website content only
- **Systems touched**: `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website` public pages, docs content, shared website copy/data files, navigation/footer helpers, metadata helpers, and smoke expectations as needed
- **Shared abstractions reused**: existing Spec 402/403 Astro website structure, Starlight docs, route metadata components, website data files, navigation utilities, and Playwright smoke helper patterns
- **New abstraction introduced? why?**: none planned
- **Why the existing abstraction was sufficient or insufficient**: The existing website structure can express the required copy and route metadata. The insufficiency is content architecture, not framework capability.
- **Bounded deviation / spread control**: no new content framework, design system, API contract, persisted state, or platform abstraction; any new helper must be website-local and justified by repeated existing website content usage
## OperationRun UX Impact
- **Touches OperationRun start/completion/link UX?**: no
- **Central contract reused**: N/A
- **Delegated UX behaviors**: N/A
- **Surface-owned behavior kept local**: N/A
- **Queued DB-notification policy**: N/A
- **Terminal notification path**: N/A
- **Exception path**: none
## Provider Boundary & Portability Fit
- **Shared provider/platform boundary touched?**: no
- **Provider-owned seams**: N/A
- **Platform-core seams**: N/A
- **Neutral platform terms / contracts preserved**: Governance, evidence, findings, drift, restore planning, auditability, exceptions, reviews, evaluation, and rollout remain public positioning terms only
- **Retained provider-specific semantics and why**: Microsoft tenant configuration remains in public product positioning because Tenantial's current public category is Microsoft tenant governance
- **Bounded extraction or follow-up path**: none; Spec 405 may use the stabilized content for visual polish
## Constitution Check
*GATE: Must pass before Phase 0 research. Re-check after Phase 1 design.*
- Inventory-first: PASS - no inventory, snapshot, or backup runtime behavior is changed.
- Read/write separation: PASS - no product write/change behavior is introduced.
- Graph contract path: PASS - no Microsoft Graph calls or contract registry changes.
- Deterministic capabilities: PASS - no capability resolver or capability derivation changes.
- RBAC-UX: PASS - no `/admin`, `/system`, tenant context, workspace context, capability, policy, or authorization behavior changes.
- Workspace isolation: PASS - no workspace data or routes.
- RBAC-UX destructive-like actions: PASS - no destructive actions.
- RBAC-UX global search: PASS - no Filament resources or global search changes.
- Tenant isolation: PASS - no tenant data, tenant routes, or cross-tenant views.
- Run observability: PASS - no long-running, remote, queued, scheduled, or security-relevant DB action.
- OperationRun start UX: PASS - no OperationRun behavior.
- Ops-UX 3-surface feedback: PASS - no OperationRun notifications.
- Ops-UX lifecycle: PASS - no OperationRun status/outcome transitions.
- Ops-UX summary counts: PASS - no summary counts.
- Ops-UX guards: PASS - no Ops-UX guard changes.
- Ops-UX system runs: PASS - no system runs.
- Automation: PASS - no queued/scheduled operations.
- Data minimization: PASS - public copy and static/demo preview content only; no secrets or tokens.
- Test governance (TEST-GOV-001): PASS - Browser/static website classification, explicit website smoke lane, no hidden Laravel/Filament/provider/database setup.
- Proportionality (PROP-001): PASS - local website content architecture, no new product runtime structure.
- No premature abstraction (ABSTR-001): PASS - no new factories, registries, resolvers, strategies, interfaces, or frameworks.
- Persisted truth (PERSIST-001): PASS - no persisted product truth.
- Behavioral state (STATE-001): PASS - no status/state/reason family.
- UI semantics (UI-SEM-001): PASS - static public copy and preview labels remain local and do not become product taxonomy.
- Shared pattern first (XCUT-001): PASS - cross-page website content reuses the existing website structure; no shared operator interaction family is touched.
- Provider boundary (PROV-001): PASS - public Microsoft wording only; no shared provider/platform seam changes.
- V1 explicitness / few layers (V1-EXP-001, LAYER-001): PASS - direct website-local edits only.
- Spec discipline / bloat check (SPEC-DISC-001, BLOAT-001): PASS - no new enum, DTO, presenter, persisted entity, interface, registry, resolver, taxonomy, or cross-domain framework.
- Badge semantics (BADGE-001): PASS - no product badge semantics; preview labels must not become shared status truth.
- Filament-native UI (UI-FIL-001): PASS - no Filament UI.
- UI/UX surface taxonomy: PASS - no operator-facing surface.
- Decision-first operating model: PASS - public website copy is buyer-decision oriented; no operator surface.
- Audience-aware disclosure: PASS - no raw/support product detail surface.
- UI/UX inspect model: PASS - no list/detail operator surface.
- UI/UX action hierarchy: PASS - no Filament actions.
- UI/UX scope, truth, and naming: PASS - no admin scope labels; public copy must avoid implementation-first wording.
- UI/UX placeholder ban: PASS - no Filament action groups.
- UI naming: PASS - no operator-facing action labels, run titles, notifications, or audit prose.
- Operator surfaces: PASS - no `/admin` surface.
- Filament UI Action Surface Contract: PASS - no Filament Resource/RelationManager/Page.
- Filament UI UX-001: PASS - no Filament screen.
- Action-surface discipline: PASS - no operator action surface.
- UI review workflow: PASS - plan carries N/A decisions forward and keeps `apps/platform` as hard stop.
**Initial Gate Result**: PASS - no constitution violations or unresolved clarifications.
## Test Governance Check
- **Test purpose / classification by changed surface**: Browser/static website
- **Affected validation lanes**: website build, public smoke, manual browser/content review, whitespace/scope checks
- **Why this lane mix is the narrowest sufficient proof**: The feature changes public static pages, docs content, route metadata, CTAs, and browser-rendered copy. Laravel/Pest/Filament lanes would not prove the changed behavior and would add hidden platform cost.
- **Narrowest proving command(s)**: `cd /Users/ahmeddarrazi/Documents/projects/wt-website && corepack pnpm build:website`; `cd /Users/ahmeddarrazi/Documents/projects/wt-website && WEBSITE_PORT=4321 corepack pnpm --filter @tenantatlas/website test:smoke`; `cd /Users/ahmeddarrazi/Documents/projects/wt-website && git diff --check`; `cd /Users/ahmeddarrazi/Documents/projects/wt-website && git status --short -- apps/platform`
- **Fixture / helper / factory / seed / context cost risks**: none - no database, provider, workspace, membership, session, queue, Sail, Laravel, Filament, or Livewire setup
- **Expensive defaults or shared helper growth introduced?**: no
- **Heavy-family additions, promotions, or visibility changes**: Browser review remains explicit in website smoke/manual review; no heavy-governance lane
- **Surface-class relief / special coverage rule**: N/A - public website
- **Closing validation and reviewer handoff**: Reviewers should rely on website build, Playwright smoke, manual content review, no unsupported claims, intentional CTAs, no forbidden residue, and `apps/platform` untouched status.
- **Budget / baseline / trend follow-up**: none expected
- **Review-stop questions**: lane fit, browser breadth, hidden platform cost, CTA honesty, unsupported claim posture, route exposure
- **Escalation path**: document-in-feature
- **Active feature PR close-out entry**: Smoke Coverage
- **Why no dedicated follow-up spec is needed**: The browser/static review cost is local to this content architecture pass unless repeated website release gates become a recurring process problem.
## Project Structure
### Documentation (this feature)
```text
/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/
├── plan.md
├── research.md
├── data-model.md
├── quickstart.md
├── contracts/
│ └── public-content-contract.md
├── checklists/
│ └── requirements.md
└── tasks.md
```
### Source Code (repository root)
```text
/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/
├── astro.config.mjs
├── package.json
├── playwright.config.ts
├── process-html.mjs
├── public/
├── src/
│ ├── components/
│ ├── content/
│ ├── data_files/
│ ├── images/
│ ├── layouts/
│ ├── pages/
│ └── utils/
└── tests/
└── smoke/
```
**Structure Decision**: Use the existing `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website` Astro app from Specs 402 and 403. Do not create new base source folders and do not touch `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/platform`.
## Complexity Tracking
| Violation | Why Needed | Simpler Alternative Rejected Because |
|-----------|------------|-------------------------------------|
| None | N/A | N/A |
## Proportionality Review
- **Current operator problem**: Public buyers do not yet get a crisp product story, and claim-sensitive pages need stronger content discipline before layout work.
- **Existing structure is insufficient because**: Specs 402 and 403 established the website foundation and launch-readiness guardrails, but they did not finalize public messaging hierarchy, CTA language, or proof-safe page-level copy.
- **Narrowest correct implementation**: Website-local copy, docs content, route metadata, CTA, trust/pricing/contact/FAQ/footer, and claim-safety updates inside `apps/website`.
- **Ownership cost created**: Future public website changes must preserve the documented claim-safety, CTA consistency, and content hierarchy rules.
- **Alternative intentionally rejected**: Starting with layout rhythm or introducing a broader content framework was rejected because the current need is stable copy and section intent, not new visual or runtime architecture.
- **Release truth**: Current-release public website messaging truth.
## Phase 0 Research
Research output is captured in `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/research.md`.
**Resolved clarifications**:
- The feature uses the existing Astro 6 website and does not need a new framework or design-system decision.
- The public contract is route content, metadata, CTA behavior, docs exposure, and claim posture; there are no API endpoints or data entities to contract.
- The implementation must stabilize content before Spec 405 visual rhythm work.
- Public Microsoft tenant wording is allowed as product positioning but must not imply website runtime provider access, Microsoft endorsement, or Microsoft Graph execution.
- Validation stays in website build, public Playwright smoke, manual browser/content review, and `apps/platform` scope checks.
## Phase 1 Design
Design output is captured in:
- `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/data-model.md`
- `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/contracts/public-content-contract.md`
- `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/quickstart.md`
No REST, GraphQL, database, Laravel, Filament, Livewire, Microsoft Graph, queue, job, policy, RBAC, or product runtime contracts are introduced.
## Post-Design Constitution Check
**Post-Design Gate Result**: PASS
- The Phase 1 design remains website-local.
- All clarification markers are resolved.
- No product persistence, abstractions, state families, provider/platform seams, OperationRun behavior, RBAC behavior, Filament behavior, or Graph calls are introduced.
- Browser/static validation remains explicit and bounded to `apps/website`.
- `apps/platform` remains out of scope and must be verified by `git status --short -- apps/platform`.

153
specs/404-public-content-messaging/quickstart.md Normal file
View File

@ -0,0 +1,153 @@
# Quickstart: Spec 404 Public Content Architecture & Messaging
## Scope
Work only in:
```bash
/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website
/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging
```
Do not touch:
```bash
/Users/ahmeddarrazi/Documents/projects/wt-website/apps/platform
```
## Install Dependencies If Needed
```bash
cd /Users/ahmeddarrazi/Documents/projects/wt-website && corepack pnpm install
```
## Run The Website Locally
```bash
cd /Users/ahmeddarrazi/Documents/projects/wt-website && WEBSITE_PORT=4321 corepack pnpm dev:website
```
Open:
```text
http://127.0.0.1:4321
```
## Read-Only Content Audit
Review public content sources before editing:
```bash
cd /Users/ahmeddarrazi/Documents/projects/wt-website
rg -n "Tenantial|TenantAtlas|TenantPilot|TenantCTRL|ScrewFast|construction|hardware|manufacturing|trusted by|SOC 2|ISO|uptime|checkout|subscribe|sign up|login" apps/website/src
```
Audit these content surfaces:
- `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/pages/index.astro`
- `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/pages/platform.astro`
- `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/pages/pricing.astro`
- `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/pages/trust.astro`
- `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/pages/contact.astro`
- `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content/docs`
- `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files`
- `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/utils/navigation.ts`
- `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/Meta.astro`
## Content Review Checklist
For the homepage:
- hero identifies Tenantial as evidence-first governance for Microsoft tenant configuration
- first two sections mention at least three of backup, restore, drift, findings, evidence, audit trail, exceptions, and reviews
- headings read as a coherent story from product category to evaluation
- each section adds new meaning
- CTAs match buyer stage and route intentionally
For `/platform`:
- explains backup, restore, drift, findings, evidence, auditability, exceptions, and reviews as one model
- stays public and does not cite `apps/platform`
- frames previews as static/demo/illustrative where needed
- does not imply live Microsoft tenant connection or Graph execution
For pricing/evaluation:
- contact-led and scoped
- no checkout, subscription activation, self-serve billing, account creation, or unsupported entitlement claims
- CTAs resolve to `/contact` or another intentional target
For trust/FAQ/footer/legal-adjacent content:
- no unsupported SOC 2, ISO, Microsoft endorsement, uptime, recovery, compliance, or customer-proof claims
- no fake customer logos, testimonials, or "trusted by" claims
- no public website live-tenant-data implication
- no newsletter, login, scheduling, or backend submission implication unless implemented
## Build Validation
```bash
cd /Users/ahmeddarrazi/Documents/projects/wt-website && corepack pnpm build:website
```
## Smoke Validation
```bash
cd /Users/ahmeddarrazi/Documents/projects/wt-website && WEBSITE_PORT=4321 corepack pnpm --filter @tenantatlas/website test:smoke
```
## Static Git Validation
```bash
cd /Users/ahmeddarrazi/Documents/projects/wt-website && git diff --check
cd /Users/ahmeddarrazi/Documents/projects/wt-website && git status --short -- apps/platform
```
The `apps/platform` command must print no output.
## Manual Browser Review
Review these routes in desktop and mobile widths, light and dark modes:
- `/`
- `/platform`
- `/pricing`
- `/contact`
- `/trust`
- `/legal`
- `/privacy`
- `/terms`
- `/imprint`
- `/welcome-to-docs/`
- `/guides/intro/`
- `/guides/getting-started/`
- `/guides/first-project-checklist/`
- `/platform/evidence-review/`
Check:
- product category is clear from the homepage hero and first sections
- homepage headings form a coherent narrative
- `/platform` explains the product model more deeply than the homepage
- pricing remains conservative and contact-led
- trust copy avoids unsupported proof
- CTAs are consistent and targets are intentional
- no `href="#"` placeholders are visible or emitted
- no forbidden public residue terms appear in visible copy or metadata
- static product previews are framed as illustrative/static/demo content where needed
- keyboard users can reach navigation, CTAs, footer links, FAQ controls, and visible controls
- visible focus states are present
- no body-level horizontal overflow occurs
- reduced-motion mode leaves content understandable
## Handoff
Implementation summary must document:
- changed public pages and docs surfaces
- CTA language decisions
- claim-safety decisions
- metadata changes
- validation results
- remaining content follow-ups
- `apps/platform` untouched confirmation

100
specs/404-public-content-messaging/research.md Normal file
View File

@ -0,0 +1,100 @@
# Phase 0 Research: `apps/website` Public Content Architecture & Messaging
## Decision: Keep the Spec 402/403 Astro website foundation
**Rationale**: The active website is a standalone Astro app at `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website` with Starlight docs, sitemap generation, Tailwind v4, Preline, Lenis, and Playwright smoke tests already in place. Spec 404 is a content architecture and messaging pass, not another rebuild.
**Alternatives considered**:
- Rebuild the public website foundation: rejected by scope and unnecessary after Spec 402.
- Introduce a new design system or content framework: rejected because this feature should stabilize copy before Spec 405 visual polish.
- Use `apps/platform` as a content source: rejected because the public `/platform` route is separate from the Laravel/Filament application and `apps/platform` is out of scope.
## Decision: Treat content surfaces, CTAs, metadata, and claim posture as the contract
**Rationale**: This feature has no API endpoints or product runtime entities. The public behavior that matters is expressed through static pages, docs content, navigation/footer links, route metadata, CTA targets, FAQ/trust/pricing/contact copy, and generated public output.
**Alternatives considered**:
- Generate OpenAPI or GraphQL contracts: rejected because the public website exposes no feature API.
- Model messaging readiness as product runtime state: rejected because it would create unnecessary taxonomy or persistence.
- Leave the contract implicit in copy review comments: rejected because later layout work needs stable section intent and CTA rules.
## Decision: Use a homepage narrative from category to evaluation
**Rationale**: The homepage should tell a coherent story when headings are read in order. The content sequence should move from product category, to buyer problem, to evidence-first governance model, to capability groups, to evaluation and next action.
**Alternatives considered**:
- Keep independent theme sections with similar claims: rejected because the spec identifies repetition and weak hierarchy as the core problem.
- Lead with pricing or feature grids: rejected because buyers first need category clarity and trust-safe product framing.
- Optimize layout before copy: rejected because section spacing should follow stable content.
## Decision: Make `/platform` the deeper public product-model page
**Rationale**: The public `/platform` route should explain how backup, restore, drift, findings, evidence, auditability, exceptions, and reviews fit together as one operating model. It must remain public positioning and must not use or imply internal `apps/platform` runtime behavior.
**Alternatives considered**:
- Mirror homepage copy on `/platform`: rejected because the page should carry deeper product-model explanation.
- Reference admin implementation details: rejected because the public route must not be coupled to Laravel, Filament, Livewire, RBAC, tenant data, or Graph runtime code.
- Present previews as live tenant output: rejected because previews are static/demo content only.
## Decision: Keep evaluation and pricing contact-led
**Rationale**: No self-serve billing, checkout, account creation, instant subscription, fixed entitlement, or automated scheduling workflow has been supplied. Pricing and evaluation language should therefore describe scoped conversations, rollout planning, and contact-led evaluation.
**Alternatives considered**:
- Publish fixed SaaS plan entitlements: rejected because entitlement and billing truth is not available.
- Use consumer-style pricing tables with strong contrast: rejected because this spec focuses on calm enterprise trust and content clarity, not fake commercial certainty.
- Hide pricing entirely: rejected because buyers still need evaluation expectations and a credible next step.
## Decision: Build trust through explicit restraint, not fake proof
**Rationale**: The spec assumes no verified customer logos, testimonials, certifications, Microsoft partnership proof, uptime guarantees, recovery guarantees, or compliance guarantees. Trust content should explain what Tenantial is intended to help make reviewable and auditable without claiming proof that has not been supplied.
**Alternatives considered**:
- Use aspirational enterprise proof language: rejected because it creates public trust risk.
- Keep generic "trusted by" or certification placeholders: rejected unless removed or rewritten as neutral proof-safe language.
- Avoid all trust language: rejected because security-conscious buyers need careful explanations of claim boundaries.
## Decision: Normalize CTA intent before changing labels
**Rationale**: CTA consistency should be based on buyer intent. Primary CTAs should lead to contact/demo/walkthrough intent, secondary CTAs should lead to product explanation, trust, pricing, or docs review, and no CTA should imply unavailable workflows.
**Alternatives considered**:
- Let each page invent local CTA language: rejected because CTA inconsistency is a stated problem.
- Use "Sign up", "Start trial", "Subscribe", "Login", or "Buy now": rejected unless those workflows actually exist.
- Route all CTAs to the same page: rejected because secondary educational CTAs should remain useful and contextual.
## Decision: Keep docs exposure intentional
**Rationale**: Exposed docs routes must contain intentional Tenantial-specific content or be hidden from navigation. Docs must not imply product behavior, support commitments, or integration claims that are not available.
**Alternatives considered**:
- Leave placeholder docs visible: rejected because public placeholder content weakens trust.
- Remove all docs routes immediately: rejected unless review shows a route is not ready for intentional content.
- Treat non-navigation docs as irrelevant: rejected because emitted public routes still affect public perception and indexing.
## Decision: Validate with website build, public smoke, manual browser/content review, and scope checks
**Rationale**: The current package scripts support `corepack pnpm build:website` and `WEBSITE_PORT=4321 corepack pnpm --filter @tenantatlas/website test:smoke`. These lanes prove the public static website without pulling in Laravel runtime cost. Manual review remains necessary for narrative quality and claim safety.
**Alternatives considered**:
- Run Laravel/Pest/Filament tests: rejected because this feature does not touch `apps/platform`.
- Rely only on copy review: rejected because public output still needs route, CTA, metadata, responsive, and smoke validation.
- Add new browser test families now: rejected unless implementation changes require them; existing smoke can be updated proportionally during tasks.
## Current Source Observations
- Core public pages are under `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/pages`.
- Shared public copy and constants are likely to involve `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/constants.ts`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/utils/navigation.ts`, and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/Meta.astro`.
- Starlight/docs content is under `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content/docs`.
- Existing smoke tests live under `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/tests/smoke`.
- Public route mirrors exist under `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/pages/en` and should be reviewed consistently with German default routes where currently exposed.
- Placeholder content collections for blog, insights, and products exist in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content`; any public exposure must stay intentional and claim-safe.

451
specs/404-public-content-messaging/spec.md Normal file
View File

@ -0,0 +1,451 @@
# Feature Specification: `apps/website` Public Content Architecture & Messaging
**Feature Branch**: `404-public-content-messaging`
**Created**: 2026-05-22
**Status**: Draft
**Input**: User description: "Create Spec 404 for `apps/website` Public Content Architecture & Messaging before the later homepage layout rhythm and visual productization spec."
## Spec Candidate Check *(mandatory — SPEC-GATE-001)*
- **Problem**: The current public website has a safe foundation, but its copy still reads like a conservative theme adaptation rather than a clear Tenantial product narrative.
- **Today's failure**: Visitors can miss the product category, see repeated claims across sections, or infer unsupported proof, billing, or live-tenant behavior from provisional public copy.
- **User-visible improvement**: Public visitors can understand Tenantial as evidence-first governance for Microsoft tenant configuration, follow the homepage story, and see consistent conservative CTAs and trust language.
- **Smallest enterprise-capable version**: Rewrite and normalize public website copy, headings, CTA labels, route metadata, FAQ/trust/pricing language, and claim-safety wording across the core public routes without changing the website foundation.
- **Explicit non-goals**: No website rebuild, no broad visual redesign, no new design system, no backend workflows, no login/signup/billing/checkout/newsletter behavior, no Microsoft Graph behavior, and no changes to `apps/platform`.
- **Permanent complexity imported**: No persisted models, services, enums, runtime workflows, or product capability layers. The durable complexity is limited to sharper public messaging rules and route-level content ownership.
- **Why now**: Layout polish should follow stable content; otherwise spacing and visual hierarchy would be optimized around copy that may still change.
- **Why not local**: The issue crosses homepage, product, pricing, trust, contact, docs navigation, metadata, footer, and CTA language, so isolated copy fixes would keep the narrative fragmented.
- **Approval class**: Core Enterprise.
- **Red flags triggered**: Public claim-safety risk; cross-route messaging consistency risk. No persistence, taxonomy, or runtime behavior red flags.
- **Score**: Nutzen: 2 | Dringlichkeit: 2 | Scope: 2 | Komplexität: 2 | Produktnähe: 2 | Wiederverwendung: 1 | **Gesamt: 11/12**
- **Decision**: approve.
## Spec Scope Fields *(mandatory)*
- **Scope**: Public website content surfaces in `apps/website`.
- **Primary Routes**: `/`, `/platform`, `/pricing`, `/trust`, `/contact`, exposed docs routes, public navigation, FAQ surfaces, footer, and route metadata.
- **Data Ownership**: No tenant-owned or workspace-owned records are created, changed, or read. This is public website content only.
- **RBAC**: Not applicable. The affected surfaces are public marketing and product explanation pages.
For canonical-view specs, the spec MUST define:
- **Default filter behavior when tenant-context is active**: N/A - no canonical tenant or workspace view is introduced.
- **Explicit entitlement checks preventing cross-tenant leakage**: N/A - no tenant data, entitlement data, or authenticated platform state is involved.
## Cross-Cutting / Shared Pattern Reuse *(mandatory when the feature touches notifications, status messaging, action links, header actions, dashboard signals/cards, alerts, navigation entry points, evidence/report viewers, or any other existing shared operator interaction family; otherwise write `N/A - no shared interaction family touched`)*
- **Cross-cutting feature?**: yes, within public website content only.
- **Interaction class(es)**: public navigation, CTA labels, route metadata, FAQ copy, footer copy, and page-level product messaging.
- **Systems touched**: `apps/website` public routes, shared website copy/components where already used, sitemap/robots-adjacent public route visibility if affected by navigation exposure.
- **Existing pattern(s) to extend**: The current ScrewFast-derived public website structure and Spec 402/403 route model.
- **Shared contract / presenter / builder / renderer to reuse**: Existing website content/component organization; no new shared runtime contract.
- **Why the existing shared path is sufficient or insufficient**: The existing website substrate is sufficient for public content updates, but the current copy does not yet provide a stable Tenantial messaging architecture.
- **Allowed deviation and why**: Bounded copy and metadata changes are allowed. Broad layout redesign and new design-system work are deferred to Spec 405.
- **Consistency impact**: CTA wording, proof-safe trust language, product category language, and static/demo preview framing must stay aligned across all public pages.
- **Review focus**: Reviewers must verify that copy changes do not create parallel brand claims, fake proof, unsupported workflows, or `apps/platform` coupling.
## OperationRun UX Impact *(mandatory when the feature creates, queues, deduplicates, resumes, blocks, completes, or deep-links to an `OperationRun`; otherwise write `N/A - no OperationRun start or link semantics touched`)*
N/A - no OperationRun start, completion, notification, queue, or link semantics are touched.
## Provider Boundary / Platform Core Check *(mandatory when the feature changes shared provider/platform seams, identity scope, governed-subject taxonomy, compare strategy selection, provider connection descriptors, or operator vocabulary that may leak provider-specific semantics into platform-core truth; otherwise write `N/A - no shared provider/platform boundary touched`)*
- **Shared provider/platform boundary touched?**: no.
- **Boundary classification**: N/A.
- **Seams affected**: Public website wording about Microsoft tenant governance only.
- **Neutral platform terms preserved or introduced**: Governance, evidence, findings, drift, restore planning, auditability, exceptions, reviews, evaluation, and rollout.
- **Provider-specific semantics retained and why**: Microsoft tenant configuration remains part of the public product category, but public copy must not imply live provider access, Microsoft endorsement, or Microsoft Graph execution by the website.
- **Why this does not deepen provider coupling accidentally**: The feature changes public positioning, not provider contracts, product runtime, tenant data handling, or platform-core taxonomies.
- **Follow-up path**: Spec 405 may use the stabilized copy for visual rhythm and product preview polish.
## UI / Surface Guardrail Impact *(mandatory when operator-facing surfaces are changed; otherwise write `N/A`)*
N/A - no operator-facing platform surface changes. This feature changes public website content surfaces only.
## Decision-First Surface Role *(mandatory when operator-facing surfaces are changed)*
N/A - no operator-facing decision surface is added or materially changed.
## Audience-Aware Disclosure *(mandatory when operator-facing surfaces are changed)*
N/A - no operator-facing detail or status surface is added or materially changed.
## UI/UX Surface Classification *(mandatory when operator-facing surfaces are changed)*
N/A - no operator-facing list, detail, queue, audit, config, or report surface is added or materially changed.
## Operator Surface Contract *(mandatory when operator-facing surfaces are changed)*
N/A - no operator-facing page or workflow is added or materially refactored.
## Proportionality Review *(mandatory when structural complexity is introduced)*
- **New source of truth?**: no.
- **New persisted entity/table/artifact?**: no.
- **New abstraction?**: no.
- **New enum/state/reason family?**: no.
- **New cross-domain UI framework/taxonomy?**: no.
- **Current operator problem**: Public buyers do not yet get a crisp product story, and claim-sensitive pages still need stronger content discipline before layout work.
- **Existing structure is insufficient because**: Specs 402 and 403 established the website foundation and launch-readiness guardrails, but they did not finalize public messaging hierarchy, CTA language, or proof-safe page-level copy.
- **Narrowest correct implementation**: Update public website copy, route metadata, CTA labels, FAQ/trust/pricing wording, and exposed docs/navigation content only.
- **Ownership cost**: Future public website changes must preserve the same claim-safety and CTA consistency rules.
- **Alternative intentionally rejected**: Starting with homepage spacing and visual productization was rejected because content determines which sections, headings, CTAs, and product previews need visual priority.
- **Release truth**: Current-release public website truth; not future-only preparation.
### Compatibility posture
This feature assumes a pre-production public website content environment.
Backward compatibility, legacy aliases, migration shims, historical fixtures, and compatibility-specific tests are out of scope unless explicitly required by this spec.
Canonical replacement is preferred over preservation.
## Testing / Lane / Runtime Impact *(mandatory for runtime behavior changes)*
- **Test purpose / classification**: Browser/static public website validation.
- **Validation lane(s)**: fast-feedback and public smoke.
- **Why this classification and these lanes are sufficient**: The feature changes public content, route metadata, navigation/CTA wording, and claim safety; build and smoke checks prove the public output still renders and routes correctly.
- **New or expanded test families**: none required by this specification.
- **Fixture / helper cost impact**: none.
- **Heavy-family visibility / justification**: none.
- **Special surface test profile**: N/A.
- **Standard-native relief or required special coverage**: Public website build, smoke, residue, CTA, and scope checks are sufficient.
- **Reviewer handoff**: Reviewers must confirm content quality, conservative claims, intentional CTAs, route safety, and that `apps/platform` remains untouched.
- **Budget / baseline / trend impact**: none expected.
- **Escalation needed**: none.
- **Active feature PR close-out entry**: Smoke Coverage.
- **Planned validation commands**: `corepack pnpm build:website`; `WEBSITE_PORT=4321 corepack pnpm --filter @tenantatlas/website test:smoke`; `git diff --check`; `git status --short -- apps/platform`.
## Depends On
- Spec 402 - `apps/website` ScrewFast Website Rebuild
- Spec 403 - `apps/website` Public Website Launch Readiness
## Scope
This spec is strictly local to `apps/website`.
It focuses on public website content architecture, messaging hierarchy, CTA language, page-level copy, route metadata, and claim safety.
It does not redesign the website layout. It does not rebuild the ScrewFast-derived foundation. It does not recreate `apps/website`.
## Important Scope Clarification
In this feature, the word "platform" refers only to the public website route `/platform` inside `apps/website`.
It does not refer to the Laravel/Filament application in `apps/platform`.
`apps/platform` is completely out of scope:
- do not modify it
- do not import from it
- do not inspect it as a content source
- do not run Laravel, Filament, Livewire, Blade, migrations, policies, providers, jobs, queues, database, tenant/workspace, RBAC, or Microsoft Graph code
- only verify through `git status --short -- apps/platform` that it remains untouched
## Goal
Establish a clear, conservative, enterprise-ready public messaging system for Tenantial before visual layout polish.
The website should communicate:
- what Tenantial is
- who it is for
- which Microsoft tenant governance problems it addresses
- why evidence-first governance matters
- how backup, restore, drift, findings, exceptions, auditability, and reviews fit together
- what a visitor should do next
The content should be strong enough that a later layout-rhythm spec can optimize around stable section intent instead of placeholder copy.
## Non-Goals
This spec does not:
- change the ScrewFast-derived foundation
- rebuild or recreate `apps/website`
- perform broad visual redesign
- introduce a new design system
- add backend forms, auth, billing, newsletter, login, checkout, account creation, or self-serve subscription behavior
- add new product runtime capabilities
- introduce Microsoft Graph calls
- claim integrations or certifications that are not verified
- add customer logos, testimonials, or "trusted by" claims
- touch `apps/platform`
- change Filament, Livewire, Laravel, Blade, providers, policies, migrations, jobs, queues, database, tenant isolation, workspace behavior, RBAC, or AuditLog behavior
## Problem
Spec 402 created the correct website foundation, and Spec 403 made the public website safer for launch. However, the current homepage and public pages still feel like a theme adaptation with conservative placeholder copy. The messaging is directionally correct but not yet sharp enough for an enterprise SaaS buyer.
Current issues:
- Hero messaging is long and visually heavy.
- The homepage repeats similar concepts without a clear content hierarchy.
- Product previews do not yet map to a crisp narrative.
- Pricing/evaluation language feels provisional.
- FAQ answers are safe but not yet strong.
- Trust language is conservative but could better explain what is and is not claimed.
- CTA labels need consistent buyer intent.
- The website does not yet fully express the difference between Tenantial as governance-of-record and a helpdesk/device-action tool.
## Content Positioning Principles
Public copy must follow these principles:
1. **Governance-of-record, not helpdesk**: Tenantial should be positioned as a governance, evidence, review, audit, backup/restore, and drift-control product for Microsoft tenant configuration.
2. **Evidence-first**: The core message is not simply "backup Intune." It is "make tenant configuration changes reviewable, attributable, and recoverable through evidence."
3. **Operator-safe**: Public copy must avoid implying blind automation, automatic restore success, or uncontrolled live tenant action.
4. **Enterprise calm**: Copy should be precise, restrained, and credible. Avoid hype, inflated AI language, fake urgency, and unsupported security/compliance promises.
5. **Public website only**: Marketing language may explain product intent, but must not imply that the public website itself connects to Microsoft tenants, runs Graph calls, or shows live tenant data.
6. **No fake proof**: No customer logos, testimonials, certifications, Microsoft endorsements, uptime guarantees, compliance guarantees, or recovery guarantees unless verified proof is supplied.
## User Scenarios & Testing *(mandatory)*
### User Story 1 - Understand The Product Category (Priority: P1)
A first-time visitor opens the homepage and understands that Tenantial is an evidence-first governance product for Microsoft tenant configuration.
**Why this priority**: If visitors cannot quickly categorize the product, layout polish will not fix the website.
**Independent Test**: Read the hero and first two homepage sections without relying on visuals.
**Acceptance Scenarios**:
1. **Given** a visitor opens `/`, **When** they read the hero, **Then** they can identify Tenantial as a governance/evidence product for Microsoft tenant configuration.
2. **Given** they read the first two sections, **When** they summarize the product, **Then** they mention at least three of: backup, restore, drift, findings, evidence, audit trail, exceptions, reviews.
3. **Given** they compare Tenantial to a helpdesk or device-action product, **When** reading the page, **Then** they understand Tenantial is not positioned as a helpdesk/device-action surface.
---
### User Story 2 - Follow A Clear Website Narrative (Priority: P1)
A buyer scrolls the homepage and sees a deliberate narrative from problem to model to capability to evaluation.
**Why this priority**: A strong homepage needs a content sequence, not just independent sections.
**Independent Test**: Read homepage section headings and subheadings in order.
**Acceptance Scenarios**:
1. **Given** a visitor scans headings only, **When** they move from hero to footer, **Then** the section sequence tells a coherent story.
2. **Given** a visitor reads body copy, **When** moving through sections, **Then** each section adds new meaning instead of repeating the same claims.
3. **Given** a CTA appears, **When** read in context, **Then** it matches the visitor's likely decision stage.
---
### User Story 3 - Explain The Public Product Model On `/platform` (Priority: P1)
A visitor opens `/platform` and understands Tenantial's product model in more detail.
**Why this priority**: The `/platform` route is the main product explanation page and should hold deeper messaging than the homepage.
**Independent Test**: Read `/platform` copy without using admin/platform code as a source.
**Acceptance Scenarios**:
1. **Given** a visitor opens `/platform`, **When** they read the page, **Then** backup, restore, drift, findings, evidence, auditability, exceptions, and reviews are explained as one operating model.
2. **Given** product-like previews are present, **When** copy references them, **Then** they are described as illustrative/static.
3. **Given** the page mentions Microsoft tenants, **When** reviewed, **Then** it remains public product positioning and does not imply website runtime provider access.
---
### User Story 4 - Present Conservative Evaluation And Pricing Language (Priority: P2)
A buyer reads `/pricing` and homepage evaluation copy and understands that commercial packaging is scoped and contact-led.
**Why this priority**: Pricing language is a trust-sensitive surface.
**Independent Test**: Read pricing/evaluation copy and verify it avoids unsupported billing and entitlement claims.
**Acceptance Scenarios**:
1. **Given** pricing is not finalized as self-serve billing, **When** `/pricing` renders, **Then** it does not claim checkout, subscription activation, instant onboarding, or fixed plan entitlements.
2. **Given** evaluation packages are shown, **When** reviewed, **Then** they are framed as scoped conversations or rollout options.
3. **Given** CTAs appear in pricing sections, **When** clicked, **Then** they route to `/contact` or another intentional page.
---
### User Story 5 - Build Trust Without Fake Proof (Priority: P2)
A security-conscious buyer reads trust/legal/FAQ copy and sees clear, conservative trust positioning.
**Why this priority**: Tenantial's buyer will care about governance and evidence. Trust copy must be honest and precise.
**Independent Test**: Read `/trust`, FAQ, legal-adjacent copy, and footer statements.
**Acceptance Scenarios**:
1. **Given** no verified certification proof exists, **When** trust copy is reviewed, **Then** it avoids SOC 2, ISO, Microsoft endorsement, compliance guarantee, uptime guarantee, and recovery guarantee claims.
2. **Given** no customer proof exists, **When** social-proof areas render, **Then** they avoid fake logos, testimonials, and "trusted by" claims.
3. **Given** the public website mentions evidence, **When** reviewed, **Then** it does not imply that public pages expose live tenant data or real customer evidence.
---
### User Story 6 - Normalize CTA Language (Priority: P3)
A visitor sees consistent CTA language across homepage, platform, pricing, trust, docs, and footer.
**Why this priority**: CTA inconsistency makes the site feel unfinished.
**Independent Test**: List all visible CTA labels and target URLs.
**Acceptance Scenarios**:
1. **Given** CTAs appear across pages, **When** labels are compared, **Then** the primary action language is consistent.
2. **Given** secondary CTAs appear, **When** clicked, **Then** they route to explanatory pages or anchors.
3. **Given** a CTA implies a workflow, **When** reviewed, **Then** the workflow is actually available or the CTA is reworded.
### Edge Cases
- If a strong marketing phrase risks unsupported claims, prefer conservative wording.
- If a page is not ready for detailed content, use restrained intentional placeholder copy or hide it from navigation.
- If docs content is exposed, it must not imply product behavior not yet supported.
- If product screenshots/previews show values, they must be framed as illustrative/static.
- If the public website mentions Microsoft, it must not imply Microsoft endorsement.
- If public copy mentions restore, it must avoid guaranteed recovery language.
- If copy mentions audit/compliance, it must avoid guaranteed compliance language.
- If copy mentions security, it must avoid certification or assurance claims unless verified.
- If CTA text references "walkthrough", "demo", or "contact", the target must be intentional and not imply automated scheduling unless implemented.
- If old ScrewFast/source copy remains only in non-public attribution or internal files, it is not a content blocker unless it is emitted into public output.
## Requirements *(mandatory)*
### Assumptions
- Spec 402 and Spec 403 are complete.
- `apps/website` is ScrewFast-derived and currently builds.
- The public website domain is `tenantial.com`.
- No verified customer proof, certification proof, Microsoft partnership proof, or billing model has been supplied.
- No backend form submission, scheduling, login, newsletter, or self-serve purchase workflow exists in website scope.
- Tenantial's intended public positioning is evidence-first governance for Microsoft tenant configuration.
- Tenantial is not positioned as a helpdesk, device-action, or live remediation product.
- `apps/platform` is out of scope and must remain untouched.
### Functional Requirements
#### Scope
- **FR-001**: The implementation MUST remain scoped to `apps/website`.
- **FR-002**: The implementation MUST NOT touch `apps/platform`.
- **FR-003**: The implementation MUST NOT recreate `apps/website`.
- **FR-004**: The implementation MUST NOT replace the ScrewFast-derived foundation.
- **FR-005**: The implementation MUST focus on public content, messaging, metadata, CTA labels, and claim safety.
- **FR-006**: Layout and visual changes SHOULD be limited to what is necessary to support content clarity.
#### Messaging Architecture
- **FR-007**: The homepage MUST have a clear messaging hierarchy from hero to final CTA.
- **FR-008**: Homepage section headings MUST tell a coherent story when read in order.
- **FR-009**: Homepage sections MUST avoid unnecessary repetition.
- **FR-010**: The product MUST be positioned as evidence-first governance for Microsoft tenant configuration.
- **FR-011**: The product MUST NOT be positioned as a helpdesk, device-action, or blind automation tool.
#### Product Capability Copy
- **FR-012**: Public copy MUST explain backup, restore, drift detection, findings, evidence, auditability, exceptions, and reviews.
- **FR-013**: Restore copy MUST avoid guaranteed recovery or automatic success language.
- **FR-014**: Drift/finding copy MUST emphasize reviewability and operator decision-making rather than automatic remediation.
- **FR-015**: Evidence/audit copy MUST avoid claiming legal sufficiency, certification, or guaranteed compliance.
- **FR-016**: Every public product-like preview or status-like preview value MUST be framed as static, demo, or illustrative content and MUST NOT imply live tenant data.
#### Page-Level Content
- **FR-017**: `/` MUST contain finalized homepage copy suitable for layout polish.
- **FR-018**: `/platform` MUST contain deeper product-model copy than the homepage.
- **FR-019**: `/pricing` MUST use conservative evaluation/scoped rollout language.
- **FR-020**: `/trust` MUST use proof-safe trust language.
- **FR-021**: `/contact` MUST set realistic expectations about the contact/demo process.
- **FR-022**: Docs routes exposed in navigation MUST contain intentional Tenantial-specific content or be hidden from navigation.
#### CTA Language
- **FR-023**: Primary CTA language SHOULD be consistent across the site.
- **FR-024**: Secondary CTA language SHOULD clearly indicate informational navigation.
- **FR-025**: CTAs MUST resolve to intentional routes or anchors.
- **FR-026**: CTAs MUST NOT imply unavailable workflow such as login, signup, checkout, account creation, instant provisioning, or automated scheduling.
#### Trust And Claim Safety
- **FR-027**: Public copy MUST NOT include fake customer logos, fake testimonials, or unsupported "trusted by" claims.
- **FR-028**: Public copy MUST NOT claim SOC 2, ISO, Microsoft endorsement, guaranteed uptime, guaranteed recovery, or guaranteed compliance unless verified proof is supplied.
- **FR-029**: Public copy MUST NOT expose ScrewFast, construction, hardware, manufacturing, template, TenantAtlas, TenantPilot, or TenantCTRL as public brand residue.
- **FR-030**: Public copy MUST NOT imply the public website connects to a live Microsoft tenant.
- **FR-031**: Public copy MUST NOT imply the public website displays real tenant data.
#### Metadata
- **FR-032**: Core public route titles and descriptions MUST reflect the revised messaging.
- **FR-033**: Metadata MUST remain Tenantial-specific and residue-free.
- **FR-034**: Sitemap and robots behavior from Spec 403 MUST remain intact.
#### Validation
- **FR-035**: Build validation MUST pass with `corepack pnpm build:website`.
- **FR-036**: Public smoke validation MUST pass with `WEBSITE_PORT=4321 corepack pnpm --filter @tenantatlas/website test:smoke`.
- **FR-037**: Whitespace/conflict validation MUST pass with `git diff --check`.
- **FR-038**: Scope validation MUST confirm `git status --short -- apps/platform` is empty.
- **FR-039**: Implementation summary MUST list changed pages, CTA labels, claim-safety decisions, validation results, and any content follow-ups.
## Success Criteria *(mandatory)*
- **SC-001**: A reviewer can summarize Tenantial's product category from the homepage hero and first two sections in one sentence without using implementation notes.
- **SC-002**: Homepage headings read as a coherent narrative from problem to product model to evaluation when copied into a plain-text outline.
- **SC-003**: `/platform` explains the product model more deeply than the homepage and covers backup, restore, drift, findings, evidence, auditability, exceptions, and reviews as one operating model.
- **SC-004**: Public copy includes backup, restore, drift, findings, evidence, auditability, exceptions, and reviews without unsupported recovery, compliance, certification, or endorsement guarantees.
- **SC-005**: Pricing/evaluation language is conservative and contact-led, with 0 claims of checkout, instant subscription activation, self-serve billing, or fixed unsupported entitlements.
- **SC-006**: Trust copy contains 0 unsupported certifications, endorsements, customer-proof claims, uptime guarantees, recovery guarantees, or compliance guarantees.
- **SC-007**: 100% of visible CTA labels use the normalized buyer-intent language defined by this feature, and 100% of CTA targets resolve to intentional routes or anchors.
- **SC-008**: 0 public `href="#"` placeholders remain.
- **SC-009**: 0 forbidden public residue terms appear in visible copy or metadata.
- **SC-010**: `corepack pnpm build:website` passes.
- **SC-011**: `WEBSITE_PORT=4321 corepack pnpm --filter @tenantatlas/website test:smoke` passes.
- **SC-012**: `git diff --check` passes.
- **SC-013**: `git status --short -- apps/platform` returns empty.
## Implementation Notes For Planning
Planning should preserve the following sequence:
- Start with a read-only content audit of visible headings, body copy, CTA labels, metadata titles, metadata descriptions, FAQ answers, and footer statements across core public routes.
- Define the homepage narrative before rewriting section copy.
- Define `/platform` as the deeper public product-model explanation.
- Normalize primary and secondary CTA language before changing individual labels.
- Keep claim-safety wording conservative for restore, audit, compliance, trust, and pricing.
- Review exposed docs routes and either update them with intentional Tenantial-specific content or hide them from public navigation.
- Preserve sitemap, robots, redirect, and noindex behavior established by Spec 403 unless a website-scope correction is explicitly required.
- Confirm `apps/platform` remains untouched during close-out.
## Suggested Validation Commands
```bash
corepack pnpm build:website
WEBSITE_PORT=4321 corepack pnpm --filter @tenantatlas/website test:smoke
git diff --check
git status --short -- apps/platform
```
## Reviewer Notes
Reviewers should evaluate content quality before requesting spacing or layout refinements.
The review should answer:
1. Is the product category clear?
2. Is the homepage narrative coherent?
3. Does `/platform` explain the product model better than the homepage?
4. Are restore, audit, trust, pricing, and evidence claims conservative?
5. Are CTA labels consistent and honest?
6. Is the public website still free of unsupported claims and residue?
7. Is `apps/platform` untouched?
## Follow-Up
After this spec, the next likely spec is:
- Spec 405 - `apps/website` Homepage Layout Rhythm & Visual Productization
Spec 405 should use the stabilized content from this spec as the basis for spacing, section rhythm, preview sizing, and visual polish.

217
specs/404-public-content-messaging/tasks.md Normal file
View File

@ -0,0 +1,217 @@
# Tasks: `apps/website` Public Content Architecture & Messaging
**Input**: Design documents from `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/`
**Prerequisites**: [plan.md](/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/plan.md), [spec.md](/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/spec.md), [research.md](/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/research.md), [data-model.md](/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/data-model.md), [public-content-contract.md](/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/contracts/public-content-contract.md), [quickstart.md](/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/quickstart.md)
**Tests**: No new test family is required by Spec 404. Use existing website build and Playwright public smoke validation; update smoke expectations only where implementation changes make the existing checks incomplete. Do not add Pest, Laravel, Filament, Livewire, database, Sail, Microsoft Graph, queue, job, policy, RBAC, or `apps/platform` test coverage.
## Phase 1: Setup
**Purpose**: Establish the website-only scope and current public content baseline before editing.
- [X] T001 Confirm current git scope and verify `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/platform` is untouched by running `git status --short -- apps/platform` from `/Users/ahmeddarrazi/Documents/projects/wt-website`
- [X] T002 [P] Inventory homepage and product-route content sources in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/HomePage.astro`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/PlatformPage.astro`, and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T003 [P] Inventory pricing, trust, contact, and legal-adjacent content sources in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/PricingPage.astro`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/TrustPage.astro`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/ContactPage.astro`, and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T004 [P] Inventory exposed docs and placeholder collections in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content/docs`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content/blog`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content/insights`, and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content/products`
- [X] T005 [P] Inventory CTA, navigation, footer, metadata, and smoke-validation surfaces in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/utils/navigation.ts`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/sections/navbar&footer/FooterSection.astro`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/Meta.astro`, and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/tests/smoke`
---
## Phase 2: Foundational
**Purpose**: Normalize shared website copy rules before story-specific page edits.
**Critical**: Complete this phase before user-story implementation.
- [X] T006 Define the normalized primary and secondary CTA intent rules for German default and English mirror copy in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T007 Normalize shared site tagline, short description, navigation labels, and footer conversation wording for evidence-first Microsoft tenant governance in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T008 Remove or rewrite public copy that implies unavailable login, signup, checkout, account creation, self-serve billing, subscription, automated scheduling, newsletter, or guaranteed backend submission workflows in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T009 Review and update forbidden residue or unsupported-claim smoke expectations for Spec 404 content terms in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/tests/smoke/smoke-helpers.ts` and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/tests/smoke/public-routes.spec.ts`
- [X] T010 Confirm foundational edits still leave `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/platform` untouched by running `git status --short -- apps/platform` from `/Users/ahmeddarrazi/Documents/projects/wt-website`
**Checkpoint**: Shared website messaging and CTA guardrails are ready for independently testable user-story work.
---
## Phase 3: User Story 1 - Understand The Product Category (Priority: P1) MVP
**Goal**: A first-time visitor opens `/` and understands that Tenantial is an evidence-first governance product for Microsoft tenant configuration.
**Independent Test**: Read the homepage hero and first two homepage sections without relying on visuals; the product category and at least three core concepts are clear.
- [X] T011 [US1] Rewrite homepage hero title, supporting copy, primary CTA, secondary CTA, and metadata for product-category clarity in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T012 [US1] Rewrite homepage first product section copy to mention backup, restore, drift, findings, evidence, auditability, exceptions, and reviews without unsupported guarantees in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T013 [P] [US1] Review homepage hero and first-section rendering so the updated copy is used without layout redesign in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/HomePage.astro`
- [X] T014 [P] [US1] Align homepage feature labels and FAQ entry points with the evidence-first category message in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/features.json` and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/faqs.json`
- [X] T015 [US1] Validate User Story 1 by reviewing `/` against `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/quickstart.md`
**Checkpoint**: User Story 1 is independently shippable as the MVP.
---
## Phase 4: User Story 2 - Follow A Clear Website Narrative (Priority: P1)
**Goal**: A buyer scrolls the homepage and sees a deliberate narrative from problem to model to capability to evaluation.
**Independent Test**: Copy homepage headings and subheadings into a plain-text outline; the sequence tells a coherent story without repeated claims.
- [X] T016 [US2] Reorder or rewrite homepage section intent copy from category to problem to operating model to capability proof to evaluation in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T017 [US2] Adjust homepage component sequencing only as needed to support the revised narrative without broad layout redesign in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/HomePage.astro`
- [X] T018 [P] [US2] Rewrite homepage workflow tab headings and body copy so each tab adds distinct meaning in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T019 [P] [US2] Confirm homepage evaluation section copy remains calm and contact-led while supporting the narrative handoff in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts` and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/sections/pricing/PricingSection.astro`
- [X] T020 [US2] Validate User Story 2 by reviewing homepage heading order and section repetition against `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/contracts/public-content-contract.md`
**Checkpoint**: User Story 2 is independently shippable once the homepage narrative reads coherently.
---
## Phase 5: User Story 3 - Explain The Public Product Model On `/platform` (Priority: P1)
**Goal**: A visitor opens `/platform` and understands Tenantial's public product model in more detail than the homepage.
**Independent Test**: Read `/platform` without using admin/platform code as a source; backup, restore, drift, findings, evidence, auditability, exceptions, and reviews are explained as one operating model.
- [X] T021 [US3] Rewrite `/platform` page heading, subtitle, backup, drift, restore, and boundary copy for one public operating model in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T022 [US3] Ensure `/platform` renders the deeper product-model copy without importing from or referencing `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/platform` in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/PlatformPage.astro`
- [X] T023 [P] [US3] Tighten static/demo preview framing and alt text for platform product previews in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T024 [P] [US3] Review public docs product-model explanations for alignment with `/platform` in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content/docs/platform/evidence-review.mdx` and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content/docs/guides/intro.mdx`
- [X] T025 [US3] Validate User Story 3 by reviewing `/platform` against `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/contracts/public-content-contract.md`
**Checkpoint**: User Story 3 is independently shippable once `/platform` communicates the public product model safely.
---
## Phase 6: User Story 4 - Present Conservative Evaluation And Pricing Language (Priority: P2)
**Goal**: A buyer reads `/pricing` and homepage evaluation copy and understands that commercial packaging is scoped and contact-led.
**Independent Test**: Read pricing and evaluation copy; there are no checkout, subscription activation, instant onboarding, self-serve billing, or unsupported entitlement claims.
- [X] T026 [US4] Rewrite pricing intro heading, subtitle, title, badges, and metadata as conservative evaluation language in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T027 [US4] Rewrite pricing package names, descriptions, feature lists, button labels, and target links to avoid fake fixed entitlements or purchase claims in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts` and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/pricing.json`
- [X] T028 [P] [US4] Confirm pricing rendering does not add checkout, subscription, billing, account creation, or unsupported plan semantics in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/PricingPage.astro` and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/sections/pricing/PricingSection.astro`
- [X] T029 [P] [US4] Confirm homepage evaluation copy uses the same contact-led commercial posture in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/HomePage.astro`
- [X] T030 [US4] Validate User Story 4 by reviewing `/pricing` and homepage evaluation copy against `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/contracts/public-content-contract.md`
**Checkpoint**: User Story 4 is independently shippable once commercial copy is conservative and contact-led.
---
## Phase 7: User Story 5 - Build Trust Without Fake Proof (Priority: P2)
**Goal**: A security-conscious buyer reads trust, FAQ, legal-adjacent, and footer copy and sees clear conservative trust positioning.
**Independent Test**: Read `/trust`, FAQ, legal-adjacent copy, docs, and footer statements; unsupported certifications, endorsements, customer proof, uptime, recovery, and compliance guarantees do not appear.
- [X] T031 [US5] Rewrite trust page heading, subtitle, CTA, stats, and metadata to explain claim boundaries without fake proof in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T032 [P] [US5] Rewrite FAQ answers for conservative restore, audit, compliance, Microsoft, preview, and evidence language in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/faqs.json`
- [X] T033 [P] [US5] Review legal, privacy, terms, and imprint copy for unsupported claims or placeholder residue in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/LegalPage.astro`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/TextPage.astro`, and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T034 [P] [US5] Rewrite exposed docs content that is not intentionally Tenantial-specific or hide unready docs from public navigation in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content/docs` and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/astro.config.mjs`
- [X] T035 [US5] Validate User Story 5 by scanning `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src` for forbidden proof and residue terms listed in `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/404-public-content-messaging/quickstart.md`
**Checkpoint**: User Story 5 is independently shippable once trust-sensitive public copy is proof-safe.
---
## Phase 8: User Story 6 - Normalize CTA Language (Priority: P3)
**Goal**: A visitor sees consistent CTA language across homepage, platform, pricing, trust, docs, contact, navigation, and footer.
**Independent Test**: List all visible CTA labels and targets; every label maps to a supported buyer intent and every target resolves intentionally.
- [X] T036 [US6] Normalize primary and secondary CTA labels across homepage, platform, pricing, trust, contact, docs, navigation, and footer copy in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`
- [X] T037 [US6] Verify navigation and footer links use only intentional route targets and no placeholder social URLs in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/utils/navigation.ts` and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/sections/navbar&footer/FooterSection.astro`
- [X] T038 [P] [US6] Reframe contact page form labels and instructions so they prepare a contact request without implying backend submission or automated scheduling in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts` and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/ContactPage.astro`
- [X] T039 [P] [US6] Review docs navigation and in-page links for consistent CTA intent and intentional targets in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content/docs`
- [X] T040 [US6] Validate User Story 6 by checking public CTA targets and `href="#"` placeholders in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src`
**Checkpoint**: User Story 6 is independently shippable once CTA language and targets are consistent.
---
## Final Phase: Polish And Cross-Cutting Concerns
**Purpose**: Complete public content validation, smoke checks, and handoff.
- [X] T041 [P] Update route titles, route descriptions, Open Graph summaries, and public metadata affected by the revised copy in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/Meta.astro`, and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/ui/starlight/Head.astro`
- [X] T042 [P] Review German default and English mirror copy for content parity and claim safety in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts` and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/pages/en`
- [X] T043 [P] Review sitemap, robots, redirect, and noindex behavior remains aligned with Spec 403 in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/astro.config.mjs`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/pages/robots.txt.ts`, and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/pages`
- [X] T044 [P] Update Playwright public smoke expectations only for changed public content, CTA, residue, metadata, or route behavior in `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/tests/smoke/smoke-helpers.ts`, `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/tests/smoke/public-routes.spec.ts`, and `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/tests/smoke/interaction.spec.ts`
- [X] T045 Run build validation from `/Users/ahmeddarrazi/Documents/projects/wt-website` with `corepack pnpm build:website`
- [X] T046 Run public smoke validation from `/Users/ahmeddarrazi/Documents/projects/wt-website` with `WEBSITE_PORT=4321 corepack pnpm --filter @tenantatlas/website test:smoke`
- [X] T047 Run whitespace validation from `/Users/ahmeddarrazi/Documents/projects/wt-website` with `git diff --check`
- [X] T048 Run scope validation from `/Users/ahmeddarrazi/Documents/projects/wt-website` with `git status --short -- apps/platform`
- [X] T049 Prepare the final implementation handoff in the PR or final response with changed pages, docs surfaces, CTA language decisions, claim-safety decisions, metadata changes, validation results, remaining content follow-ups, and `apps/platform` untouched confirmation from `/Users/ahmeddarrazi/Documents/projects/wt-website`
---
## Dependencies
**Phase Dependencies**
Setup must complete before Foundational. Foundational must complete before any user story. User Stories 1, 2, and 3 are all P1 and can proceed after Foundational, with US2 benefiting from the US1 homepage category vocabulary. User Stories 4 and 5 can proceed after Foundational and can run in parallel with each other once shared claim vocabulary is stable. User Story 6 should run after the main page copy decisions so CTA language can be normalized across all surfaces.
**User Story Dependencies**
- **US1**: Depends on Phase 2 only.
- **US2**: Depends on Phase 2 and benefits from US1 wording.
- **US3**: Depends on Phase 2 only.
- **US4**: Depends on Phase 2 and pricing/evaluation vocabulary from foundational tasks.
- **US5**: Depends on Phase 2 and claim-safety vocabulary from foundational tasks.
- **US6**: Depends on US1-US5 copy decisions across public pages and docs.
**MVP Scope**
Complete Phase 1, Phase 2, and Phase 3 (US1) for the smallest independently reviewable increment.
---
## Parallel Execution Examples
**After Phase 2**
```text
US1 can update homepage category copy:
- T011 in /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts
- T013 in /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/HomePage.astro
US3 can update product-model copy:
- T021 in /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts
- T024 in /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content/docs/platform/evidence-review.mdx
```
**Pricing And Trust**
```text
US4 pricing work:
- T027 in /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts and /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/pricing.json
- T028 in /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/pages/PricingPage.astro and /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/sections/pricing/PricingSection.astro
US5 trust work:
- T032 in /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/faqs.json
- T034 in /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/content/docs
```
**Final Validation**
```text
Cross-cutting review can run in parallel before final commands:
- T041 in /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/Meta.astro and /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/components/ui/starlight/Head.astro
- T042 in /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/data_files/site-copy.ts and /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/pages/en
- T043 in /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/astro.config.mjs and /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/src/pages/robots.txt.ts
```
---
## Implementation Strategy
1. Finish setup and foundational copy guardrails before page-level rewrites.
2. Ship the MVP with US1 homepage product-category clarity.
3. Complete US2 homepage narrative and US3 `/platform` product-model copy before final CTA normalization.
4. Complete US4 pricing/evaluation and US5 trust/FAQ/legal/docs proof-safety in parallel where files do not overlap.
5. Complete US6 CTA normalization after page copy settles.
6. Finish with metadata, localized mirror review, smoke expectations, build, public smoke, whitespace, and `apps/platform` scope validation.
## Test Governance Notes
The declared test purpose is Browser/static website. The affected validation lanes are website build, Playwright public smoke, manual browser/content review, whitespace validation, and `apps/platform` scope validation. No Pest, Laravel, Filament, Livewire, database, provider, workspace, membership, session, queue, Sail, or heavy-governance setup is introduced. No dedicated follow-up spec is needed unless repeated public-website content validation becomes a recurring release governance problem.