ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
384 Commits 310 Branches 0 Tags 57 MiB
286-ui-copy-ia-localization-neutralization
Commit Graph

15 Commits

Author SHA1 Message Date
Ahmed Darrazi
ae0e0a0674 feat(spec-286): neutralize environment-first admin copy
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 1m21s
Details 
Align chooser, landing, dashboard, shell, and bounded policy helper copy to environment-first terminology for spec 286.

Validation:
- export PATH="/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.nvm/versions/node/v24.11.0/bin:/Users/ahmeddarrazi/.config/herd-lite/bin:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/debugCommand:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/copilotCli:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/opt/homebrew/bin:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/debugCommand:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/copilotCli:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.local/bin:/Users/ahmeddarrazi/.nvm/versions/node/v24.11.0/bin:/Users/ahmeddarrazi/.config/herd-lite/bin:/Users/ahmeddarrazi/.vscode/extensions/ms-python.debugpy-2026.6.0-darwin-arm64/bundled/scripts/noConfigScripts" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Localization/EnvironmentContextTerminologyTest.php tests/Feature/Filament/EnvironmentContextSurfaceCopyTest.php tests/Feature/Filament/Localization/PolicyInventoryLocalizationTest.php tests/Feature/Guards/EnvironmentCopyNeutralizationGuardTest.php
- export PATH="/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.nvm/versions/node/v24.11.0/bin:/Users/ahmeddarrazi/.config/herd-lite/bin:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/debugCommand:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/copilotCli:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/opt/homebrew/bin:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/debugCommand:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/copilotCli:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.local/bin:/Users/ahmeddarrazi/.nvm/versions/node/v24.11.0/bin:/Users/ahmeddarrazi/.config/herd-lite/bin:/Users/ahmeddarrazi/.vscode/extensions/ms-python.debugpy-2026.6.0-darwin-arm64/bundled/scripts/noConfigScripts" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec286EnvironmentCopyNeutralizationSmokeTest.php
- export PATH="/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.nvm/versions/node/v24.11.0/bin:/Users/ahmeddarrazi/.config/herd-lite/bin:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/debugCommand:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/copilotCli:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/opt/homebrew/bin:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/debugCommand:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/copilotCli:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.local/bin:/Users/ahmeddarrazi/.nvm/versions/node/v24.11.0/bin:/Users/ahmeddarrazi/.config/herd-lite/bin:/Users/ahmeddarrazi/.vscode/extensions/ms-python.debugpy-2026.6.0-darwin-arm64/bundled/scripts/noConfigScripts" && cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent

Note: the discovered Capture snapshot modal runtime issue remains out-of-scope runtime debt for spec 286 and is recorded in the spec tasks close-out notes.
 2026-05-10 01:28:07 +02:00
ahmido
e64bae9cfc feat: cut over tenant core to managed environments (#335) 
## Summary
- replace the legacy Tenant and TenantMembership core models with ManagedEnvironment and ManagedEnvironmentMembership
- propagate the managed environment naming and key changes across Filament resources, pages, controllers, jobs, models, and supporting runtime paths
- add feature 279 spec artifacts and focused managed-environment test coverage for model behavior, route binding, panel context, authorization, and legacy guardrails

## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentAuthorizationTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentPanelContextTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentRouteBindingTest.php tests/Unit/ManagedEnvironment/ManagedEnvironmentContextResolverTest.php tests/Unit/ManagedEnvironment/ManagedEnvironmentModelTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`

## Notes
- branch pushed from commit `1123b122`
- browser smoke test file was added but not run in this pass

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #335
 2026-05-07 06:38:14 +00:00
ahmido
1e0f21365b PR: 276-support-access-governance → platform-dev (#332) 
Automated PR created via MCP by Copilot on user request: "pr gegen platform-dev".

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #332
 2026-05-05 21:54:26 +00:00
ahmido
926b0fe4f3 feat(specs/257): governance decision convergence (#304)
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 56s
Details 
Automatisch erstellter PR: Implementiert Spec 257 — Governance decision convergence.

Branch: 257-governance-decision-convergence

Bitte Review und Merge gegen `platform-dev`.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #304
 2026-04-29 22:36:05 +00:00
ahmido
b511b08371 feat: remove findings acknowledged compatibility and unify canonical operation types (#296)
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 1m0s
Details 
This PR removes the legacy "acknowledged" status compatibility for findings and unifies the canonical operation types (e.g., transitioning from baseline_capture to baseline.capture). It includes updated tests, models, and services to reflect these changes.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #296
 2026-04-29 07:34:39 +00:00
ahmido
fb32e9bfa5 feat: canonical operation type source of truth (#276)
Some checks failed
Main Confidence / confidence (push) Failing after 49s
Details 
## Summary
- implement the canonical operation type source-of-truth slice across operation writers, monitoring surfaces, onboarding flows, and supporting services
- add focused contract and regression coverage for canonical operation type handling
- include the generated spec 239 artifacts for the feature slice

## Validation
- browser smoke PASS for `/admin` -> workspace overview -> operations -> operation detail -> tenant-scoped operations drilldown
- spec/plan/tasks/quickstart artifact analysis cleaned up to a no-findings state
- automated test suite not run in this session

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #276
 2026-04-25 18:11:23 +00:00
ahmido
2752515da5 Spec 235: harden baseline truth and onboarding flows (#271)
Some checks failed
Main Confidence / confidence (push) Failing after 54s
Details 
## Summary
- harden baseline capture truth, compare readiness, and monitoring explanations around latest inventory eligibility, blocked prerequisites, and zero-subject outcomes
- improve onboarding verification and bootstrap recovery handling, including admin-consent callback invalidation and queued execution legitimacy/report behavior
- align workspace findings/workspace overview signals and refresh the related spec, roadmap, and spec-candidate artifacts

## Validation
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/BaselineDriftEngine/BaselineCaptureAuditEventsTest.php tests/Feature/BaselineDriftEngine/BaselineSnapshotNoTenantIdentifiersTest.php tests/Feature/BaselineDriftEngine/CaptureBaselineContentTest.php tests/Feature/BaselineDriftEngine/CaptureBaselineFullContentOnDemandTest.php tests/Feature/BaselineDriftEngine/CaptureBaselineMetaFallbackTest.php tests/Feature/Baselines/BaselineCaptureTest.php tests/Feature/Baselines/BaselineCompareFindingsTest.php tests/Feature/Baselines/BaselineSnapshotBackfillTest.php tests/Feature/Filament/BaselineCaptureResultExplanationSurfaceTest.php tests/Feature/Filament/BaselineCompareLandingStartSurfaceTest.php tests/Feature/Filament/BaselineProfileCaptureStartSurfaceTest.php tests/Feature/Filament/OperationRunBaselineTruthSurfaceTest.php tests/Feature/Monitoring/AuditCoverageGovernanceTest.php tests/Feature/Monitoring/GovernanceOperationRunSummariesTest.php tests/Feature/Notifications/OperationRunNotificationTest.php tests/Feature/Authorization/OperatorExplanationSurfaceAuthorizationTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/AdminConsentCallbackTest.php tests/Feature/Filament/WorkspaceOverviewDbOnlyTest.php tests/Feature/Guards/Spec194GovernanceActionSemanticsGuardTest.php tests/Feature/ManagedTenantOnboardingWizardTest.php tests/Feature/Onboarding/OnboardingVerificationTest.php tests/Feature/Operations/QueuedExecutionAuditTrailTest.php tests/Unit/Operations/QueuedExecutionLegitimacyGateTest.php`

## Notes
- browser validation was not re-run in this pass

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #271
 2026-04-24 05:44:54 +00:00
ahmido
bd06b479e1 feat: add governance run summaries (#257)
Some checks failed
Main Confidence / confidence (push) Failing after 43s
Details
Heavy Governance Lane / heavy-governance (push) Has been skipped
Details
Browser Lane / browser (push) Has been skipped
Details 
## Summary
- add the Spec 220 governance run diagnostic summary seam and wire it through the canonical operation run detail presenter
- render summary-first decision guidance for covered governance run families while keeping technical diagnostics secondary
- add focused Pest coverage, spec artifacts, and complete the integrated-browser smoke validation for canonical run detail

## Testing
- cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent
- cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Monitoring/GovernanceOperationRunSummariesTest.php tests/Feature/Filament/OperationRunBaselineTruthSurfaceTest.php tests/Feature/Monitoring/ArtifactTruthRunDetailTest.php tests/Feature/Authorization/OperatorExplanationSurfaceAuthorizationTest.php tests/Feature/RunAuthorizationTenantIsolationTest.php tests/Unit/Support/OpsUx/GovernanceRunDiagnosticSummaryBuilderTest.php tests/Unit/Support/OperatorExplanation/OperatorExplanationBuilderTest.php
- integrated browser smoke pass on localhost:8081 covering summary-first hierarchy, zero-output runs, multi-cause runs, cross-family parity, workspace-wide visibility, and deny-as-not-found tenant safety

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #257
 2026-04-20 20:46:09 +00:00
ahmido
c86b399b43 feat(219): Finding ownership semantics + LEAN-001 constitution + backup_set unification (#256)
Some checks failed
Main Confidence / confidence (push) Failing after 53s
Details 
## Summary

This PR delivers three related improvements:

### 1. Finding Ownership Semantics (Spec 219)
- Add responsibility/accountability labels to findings and finding exceptions
- `owner_user_id` = accountable party (governance owner)
- `assignee_user_id` = responsible party (technical implementer)
- Expose Assign/Reassign actions in FindingResource with audit logging
- Add ownership columns and filters to finding list
- Propagate owner from finding to exception on creation
- Tests: ownership semantics, assignment audit, workflow actions

### 2. Constitution v2.7.0 — LEAN-001 Pre-Production Lean Doctrine
- New principle forbidding legacy aliases, migration shims, dual-write logic, and compatibility fixtures in a pre-production codebase
- AI-agent 4-question verification gate before adding any compatibility path
- Review rule: compatibility shims without answering the gate questions = merge blocker
- Exit condition: LEAN-001 expires at first production deployment
- Spec template: added default "Compatibility posture" block
- Agent instructions: added "Pre-production compatibility check" section

### 3. Backup Set Operation Type Unification
- Unified `backup_set.add_policies` and `backup_set.remove_policies` into single canonical `backup_set.update`
- Removed all legacy aliases, constants, and test fixtures
- Added lifecycle coverage for `backup_set.update` in config
- Updated all 14+ test files referencing legacy types

### Spec Artifacts
- `specs/219-finding-ownership-semantics/` — full spec, plan, tasks, research, data model, contracts, checklist

### Tests
- All affected tests pass (OperationCatalog, backup set, finding workflow, ownership semantics)

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #256
 2026-04-20 17:54:33 +00:00
ahmido
3bdd27f747 feat: finalize global shell context contract (#246)
Some checks failed
Main Confidence / confidence (push) Failing after 43s
Details 
## Summary
- consolidate workspace and tenant shell resolution behind a canonical resolved shell context
- align workspace switching, tenant selection, and tenant clearing with the new recovery and fallback rules
- add focused Pest coverage for shell resolution and update root dev orchestration so platform Vite starts correctly from repo-root commands

## Testing
- cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Monitoring/HeaderContextBarTest.php
- cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Workspaces/GlobalContextShellContractTest.php
- manual integrated-browser smoke for tenant-bound shell actions and context recovery flows
- validated corepack pnpm build:platform, corepack pnpm dev:platform, corepack pnpm dev:website, and corepack pnpm dev

## Notes
- Livewire v4 / Filament v5 remain unchanged and provider registration stays in bootstrap/providers.php
- no new globally searchable resources or destructive Filament actions were introduced

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #246
 2026-04-18 14:00:49 +00:00
ahmido
e02799b383 feat: implement spec 198 monitoring page state contract (#238) 
## Summary
- implement Spec 198 monitoring page-state contracts across Operations, Audit Log, Finding Exceptions Queue, Evidence Overview, Baseline Compare Landing, and Baseline Compare Matrix
- align selected-record and draft/apply behavior with query/session restoration semantics, including canonical navigation and tenant-filter normalization helpers
- add Spec 198 feature and browser coverage, update closure/spec artifacts, and refresh affected regression tests that asserted pre-contract behavior

## Verification
- focused Spec 198 feature pack passed through Sail
- Spec 198 browser smoke passed through Sail
- existing Spec 190 and Spec 194 browser smokes passed through Sail
- targeted fallout tests were updated and rerun during full-suite triage

## Notes
- Livewire v4 / Filament v5 compliant only; no legacy API reintroduction
- no provider registration changes; Laravel 11+ provider registration remains in `bootstrap/providers.php`
- no global-search behavior changed for any resource
- destructive queue decision actions remain confirmation-gated and authorization-backed
- no new Filament assets were added; existing deploy step for `php artisan filament:assets` remains unchanged

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #238
 2026-04-15 21:59:42 +00:00
ahmido
ad16eee591 Spec 204: harden platform core vocabulary (#234) 
## Summary
- add the Spec 204 platform vocabulary foundation, including canonical glossary terms, registry ownership descriptors, canonical operation type and alias resolution, and explicit reason ownership and platform reason-family metadata
- harden platform-facing compare, snapshot, evidence, monitoring, review, and reporting surfaces so they prefer governed-subject and canonical operation semantics while preserving intentional Intune-owned terminology
- extend Spec 204 unit, feature, Filament, and architecture coverage and add the full spec artifacts, checklist, and completed task ledger

## Verification
- ran the focused recent-change Sail verification pack for the new glossary and reason-semantics work
- ran the full Spec 204 quickstart verification pack under Sail
- ran `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- ran an integrated-browser smoke pass covering tenant dashboard, operations, operation detail, baseline compare, evidence, reviews, review packs, provider connections, inventory items, backup schedules, onboarding, and the system dashboard/operations/failures/run-detail surfaces

## Notes
- provider registration is unchanged and remains in `bootstrap/providers.php`
- no new destructive actions or asset-registration changes are introduced by this branch

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #234
 2026-04-14 06:09:42 +00:00
ahmido
acc8947384 feat: harden governance action semantics (#229) 
## Summary
- add the Spec 194 governance action catalog, friction classes, reason policies, and regression guards
- align exception, review, evidence, finding, tenant, provider connection, and system run actions to the shared semantics model
- add focused feature, RBAC, audit, unit, and browser coverage, including the tenant detail triage header consistency update

## Verification
- ran the focused Spec 194 verification pack from the quickstart and task plan
- ran targeted tenant triage coverage after the detail-header update
- ran `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`

## Filament Notes
- Filament v5 / Livewire v4 compliance preserved
- provider registration remains in `apps/platform/bootstrap/providers.php`
- globally searchable resources were not changed
- destructive actions remain confirmation-gated and server-authorized
- no new Filament assets were introduced; the existing `cd apps/platform && php artisan filament:assets` deploy step stays unchanged

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #229
 2026-04-12 21:21:44 +00:00
ahmido
bef9020159 feat: implement spec 193 monitoring action hierarchy (#227) 
## Summary
- codify Spec 193 as an explicit monitoring/workbench surface inventory with validator and guard coverage
- refactor the Finding Exceptions Queue, Operations landing, and tenantless operation viewer into clearer context, navigation, utility, drilldown, and focused-work lanes
- align Alerts, Audit Log, and Alert Deliveries with quiet origin-context handling while preserving calm reference surfaces and the explicit Tenant Diagnostics exception
- add focused feature coverage, guard coverage, browser smoke coverage, and the full spec artifacts for Spec 193

## Verification
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Guards/ActionSurfaceContractTest.php tests/Feature/Guards/ActionSurfaceValidatorTest.php tests/Feature/Guards/Spec193MonitoringSurfaceHierarchyGuardTest.php tests/Feature/OpsUx/OperateHubShellTest.php tests/Feature/Operations/TenantlessOperationRunViewerTest.php tests/Feature/Monitoring/FindingExceptionsQueueHierarchyTest.php tests/Browser/Spec193MonitoringSurfaceHierarchySmokeTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- integrated-browser smoke pass over queue, operations, operation detail, alerts, audit log, and tenant diagnostics

## Notes
- Livewire v4 / Filament v5 stack unchanged
- no provider-registration changes; Laravel 11+ provider registration remains in `bootstrap/providers.php`
- no new global-search behavior was introduced
- destructive and governance-changing actions keep their existing confirmation and authorization semantics
- no new assets or migrations were added

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #227
 2026-04-12 10:48:00 +00:00
ahmido
ce0615a9c1 Spec 182: relocate Laravel platform to apps/platform (#213) 
## Summary
- move the Laravel application into `apps/platform` and keep the repository root for orchestration, docs, and tooling
- update the local command model, Sail/Docker wiring, runtime paths, and ignore rules around the new platform location
- add relocation quickstart/contracts plus focused smoke coverage for bootstrap, command model, routes, and runtime behavior

## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/PlatformRelocation`
- integrated browser smoke validated `/up`, `/`, `/admin`, `/admin/choose-workspace`, and tenant route semantics for `200`, `403`, and `404`

## Remaining Rollout Checks
- validate Dokploy build context and working-directory assumptions against the new `apps/platform` layout
- confirm web, queue, and scheduler processes all start from the expected working directory in staging/production
- verify no legacy volume mounts or asset-publish paths still point at the old root-level `public/` or `storage/` locations

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #213
 2026-04-08 08:40:47 +00:00