Implemented the accepted risk resolution guidance, including the AcceptedRiskResolutionAdapter, guidance cards, and updated related Filament views. Added unit, feature, and browser tests.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #425
Implemented the first version of provider readiness resolution guidance. Added the ProviderReadinessResolutionAdapter, provider readiness guidance card, and updated EnvironmentRequiredPermissions, ProviderConnectionResource, and ListProviderConnections/ViewProviderConnection. Added tests and updated the design coverage matrix.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #424
Implemented the first version of review output resolve actions. Included a ReviewOutputResolveActionMapper, commands to seed browser fixtures, updated CustomerReviewWorkspace, EnvironmentReviewResource, UI enforcement, and related views. Also added extensive unit, feature, and browser tests, and updated the design coverage matrix.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #422
Implemented the first version of the operator resolution guidance framework. Added new foundation classes (ResolutionCase, ResolutionAction) and a ReviewPackOutputResolutionAdapter. Updated the Customer Review Workspace and Environment Review Resource to use the new adapter. Added extensive test coverage for the framework and UI integrations.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #421
Implemented the output resolution guidance for the customer review workspace and internal views. Added ReviewPackOutputResolutionGuidance, updated CustomerReviewWorkspace and EnvironmentReviewResource, and added related blade views and tests.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #420
Implemented the output contract and readiness semantics for review packs. Also added spec 348.
Includes changes to ChooseEnvironment, CustomerReviewWorkspace, GenerateReviewPackJob and related blade views.
Added comprehensive tests.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #419
Implemented the final operator workflow for the Governance Inbox. This includes refactoring the inbox page, updating finding resources, adding UI enforcement policies, updating related blade views, and adding comprehensive tests for operator workflow and scope contracts.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #418
Refactored the customer-review workspace to emphasize the Operator Summary, tightening the hierarchy. Readiness flow and acknowledgment details were adjusted, and supporting proof panels moved to secondary visual weight.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #416
## Summary
- add persisted customer review acknowledgement truth with capability gating and audit emission
- extend the customer review workspace with acknowledgement state, evidence basis details, and accepted-risk lifecycle visibility
- add focused feature and browser coverage plus Spec 343 screenshot artifacts and UI audit updates
## Scope
- Livewire v4 / Filament v5 surface only; no panel provider changes
- no new global assets; no `filament:assets` deployment change for this slice
- includes a PostgreSQL migration for `environment_review_acknowledgements`
## Guardrail / Exception / Smoke Coverage
- reachable UI surface changed: existing `/admin/reviews/workspace` customer-safe page
- UI audit updated in `docs/ui-ux-enterprise-audit/page-reports/ui-006-customer-review-workspace.md`
- screenshot artifacts included under `specs/343-customer-review-attestation-accepted-risk-lifecycle/artifacts/screenshots/`
- spec package includes plan, tasks, repo-truth map, and state contract for the implemented slice
## Notes
- target branch requested: `platform-dev`
- branch pushed from commit `aaaad441fd13dbac54e971ab48765c502ced6b3f`
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #415
## Summary
- finalize the existing Customer Review Workspace as a customer-safe first-screen consumption surface
- lead the page with one review decision card, readiness flow, findings summary, accepted-risk summary, and secondary proof instead of diagnostics-first presentation
- keep evidence, review-pack, export, audit, and operation proof states explicit and separate so the page does not make false readiness or evidence claims
- add focused Spec 342 Feature and Browser coverage plus the spec-local truth map, state contract, and screenshot artifacts
- preserve the existing workspace-wide route with canonical `environment_id` filtering only and no new portal, backend generation flow, or navigation rewrite
## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/Spec342CustomerReviewWorkspaceConsumptionTest.php tests/Feature/Reviews/CustomerReviewWorkspacePageTest.php`
- `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest tests/Browser/Spec342CustomerReviewWorkspaceConsumptionSmokeTest.php tests/Browser/Reviews/CustomerReviewWorkspaceSmokeTest.php --compact`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `git diff --check`
## Notes
- screenshot artifacts are included under `specs/342-customer-review-workspace-final-consumption-productization/artifacts/screenshots/`
- Livewire v4 compliance unchanged
- Filament provider registration remains in `apps/platform/bootstrap/providers.php`
- no globally searchable resource behavior changed in this slice
- no new destructive action behavior was introduced
- no new Filament assets; deploy `filament:assets` posture is unchanged
- full suite was not run in this turn; validation stayed on the focused Spec 342 slices
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #414
## Summary
- align the Baseline Compare landing page with the shared Product Process Flow contract introduced by Spec 332
- add the horizontal flow rendering primitive and update the landing view/state presentation for readiness, proof, evidence, and next action
- add Spec 336 artifacts, screenshots, focused feature coverage, and browser smoke coverage for the aligned states
## Testing
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/BaselineCompareEnvironmentRouteContractTest.php tests/Feature/Filament/Spec330EnvironmentDashboardBaselineCompareProductizationTest.php tests/Feature/Filament/Spec336BaselineCompareProductProcessFlowAlignmentTest.php tests/Browser/Spec330EnvironmentDashboardBaselineCompareSmokeTest.php tests/Browser/Spec336BaselineCompareProductProcessFlowAlignmentSmokeTest.php`
## Notes
- Filament v5 / Livewire v4 stack remains unchanged
- no panel provider registration changes; `bootstrap/providers.php` is unaffected
- no global-search resource behavior changes
- no new destructive actions and no asset registration/deployment changes
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #406
## Summary
- add the baseline compare landing experience for the environment dashboard productization flow
- expand the environment dashboard overview and summary-building logic to support richer baseline comparison states and assessments
- update the supporting Blade templates for the new compare and overview presentation
- add English and German translations for the baseline compare surface
- include the Spec 330 planning and task artifacts alongside the implementation
## Tests
- touched browser, feature, and unit coverage for the new baseline compare flow
- updated test files include `Spec330EnvironmentDashboardBaselineCompareSmokeTest`, `BaselineCompareLandingWhyNoFindingsTest`, `Spec330EnvironmentDashboardBaselineCompareProductizationTest`, `HeaderContextBarTest`, and `ManagedEnvironmentModelTest`
- no additional test run was performed as part of this commit/push/PR workflow
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #392
## Summary
- productize the Monitoring audit log disclosure flow with richer detail inspection and updated disclosure UI
- expand the evidence overview disclosure experience, including filtering and presentation updates
- wire the monitoring pages into the Filament admin panel and workspace sidebar navigation
- add English and German disclosure copy for the new audit and evidence surfaces
- include Spec 329 implementation artifacts and supporting presenter/route updates
## Tests
- added/updated monitoring acceptance and feature coverage for the disclosure flow
- touched tests include `Spec329EvidenceAuditDisclosureSmokeTest`, `Spec329EvidenceAuditDisclosureProductizationTest`, `AuditLogPageTest`, `AuditLogDetailInspectionTest`, `AuditLogInspectFlowTest`, and related monitoring/navigation coverage
- no additional test run was performed as part of this commit/push/PR workflow
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #390
## Summary
- productize the operations hub decision-first workbench and related monitoring page surfaces
- add the operations workbench stats widget plus tenantless run viewer and admin scope updates
- extend monitoring, ops UX, and browser coverage for the new workbench behavior
- add Spec 328 artifacts under `specs/328-operations-hub-decision-first-workbench-productization`
## Testing
- not run as part of this handoff
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #389
## Summary
- productize the governance inbox decision-first workbench surface and related section-building logic
- update the panel theme asset and governance inbox Blade view for the new page treatment
- add Governance Inbox feature coverage and a Spec 327 browser smoke test
- add Spec 327 planning artifacts under `specs/327-governance-inbox-decision-first-workbench-productization`
## Testing
- not run as part of this handoff
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #388
## Summary
- productizes the Customer Review Workspace into a more decision-first, customer-safe review surface
- updates the page class, Blade view, and localized copy for the new workspace presentation
- expands feature and browser coverage for workspace behavior, localization, and access rules
- adds the Spec 326 artifact package for this implementation
## Testing
- not run in this session
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #386
## Summary
- Implement environment filtering across Filament alerts and audit log pages, widgets, and support builders.
- Add a feature test covering the alerts/audit environment filter contract.
- Add the supporting specification and planning artifacts under `specs/`.
## Testing
- Not run in this step.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #378
## Summary
- cut over workspace-owned analysis and library surfaces to workspace shell ownership instead of inheriting remembered environment shell context
- update the affected findings pages, scope resolution, navigation helpers, and related Blade views to keep environment focus explicit instead of implicit
- add and update Spec 320 artifacts plus focused regression coverage for findings navigation context, workspace hub registration, and admin surface scope behavior
## Guardrails
- Filament remains on v5 with Livewire v4 compliance unchanged
- provider registration remains in apps/platform/bootstrap/providers.php
- no new globally searchable resources were introduced or changed
- no new destructive actions were introduced or changed
- no Filament assets were added or changed, so the deploy requirement for filament:assets is unchanged
## Testing
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Findings/FindingsAssignmentHygieneReportTest.php tests/Feature/Findings/FindingsIntakeQueueNavigationContextTest.php tests/Feature/Findings/FindingsIntakeQueueTest.php tests/Feature/Findings/MyFindingsInboxNavigationContextTest.php tests/Feature/Findings/MyWorkInboxTest.php tests/Feature/Navigation/WorkspaceHubRegistryTest.php tests/Unit/Support/OperateHub/OperateHubShellResolutionTest.php tests/Unit/Tenants/AdminSurfaceScopeTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #375
## Summary
- hard-cut environment-owned CTA links into workspace hubs to canonical `environment_id` filters
- add shared workspace-hub environment filter resolution and visible filtered-state rendering across in-scope hubs
- update workspace hub pages, link helpers, and focused test coverage for explicit environment CTA filtering
## Validation
- Not run in this workflow
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #370
## Summary
- consolidate internal platform naming from `Tenant` to `Environment` / `ManagedEnvironment` across models, controllers, services, and Filament resources
- rename environment-scoped UI surfaces such as dashboards, chooser flows, navigation, and related widgets to match the updated environment-first domain language
- align middleware, onboarding/review lifecycle services, jobs, and route/context controllers with the new environment-scoped architecture
## Validation
- not rerun as part of this commit/push/PR request
## Notes
- branch is 1 commit ahead of `platform-dev`
- main commit: `refactor: consolidate internal tenant model naming`
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #355
## Summary
- replace tenant-first operator copy with environment and managed environment terminology across Filament pages, resources, services, Blade views, and localization
- align baseline compare, findings, governance, monitoring, backup schedule, and required-permissions surfaces with the managed-environment vocabulary
- update guard, feature, and browser smoke coverage and add the Spec 298 audit artifacts documenting allowed provider, internal, and regression-guard tenant references
## Validation
- cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Guards
- cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Localization
- cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Workspaces
- cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ProviderConnections
- cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/RequiredPermissions
- cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec190BaselineCompareMatrixSmokeTest.php tests/Browser/Spec281ProviderConnectionScopeSmokeTest.php tests/Browser/Spec285WorkspaceRbacEnvironmentAccessSmokeTest.php tests/Browser/Dashboard/TenantDashboardProductizationSmokeTest.php
- cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent
## Notes
- Filament remains on Livewire v4.
- No panel provider or asset-strategy changes are included in this branch.
- Existing destructive actions retain their confirmation and authorization behavior.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #353
## Summary
Implements feature branch `286-ui-copy-ia-localization-neutralization`.
This change set:
- aligns chooser, managed-environment landing, dashboard, shell, and workspace context copy to environment-first terminology
- neutralizes the bounded policy and baseline helper copy called out by Spec 286
- adds focused feature, guard, and browser coverage plus the complete Spec 286 artifact set
- records the discovered `Capture snapshot` modal issue as out-of-scope runtime debt in the Spec 286 close-out notes
## Validation
- `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Localization/EnvironmentContextTerminologyTest.php tests/Feature/Filament/EnvironmentContextSurfaceCopyTest.php tests/Feature/Filament/Localization/PolicyInventoryLocalizationTest.php tests/Feature/Guards/EnvironmentCopyNeutralizationGuardTest.php`
- `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec286EnvironmentCopyNeutralizationSmokeTest.php`
- `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
## Notes
- Target branch: `platform-dev`
- Filament remains on v5 with Livewire v4.
- Provider registration remains unchanged in `apps/platform/bootstrap/providers.php`.
- No new destructive actions, asset strategy changes, or global-search posture changes are introduced in this slice.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #345
## Summary
- implement the provider capability registry and derived capability evaluation flow
- update provider connections, onboarding, required-permissions diagnostics, and provider blocker translation to use capability-first summaries
- add bounded unit, feature, and browser test coverage plus the prepared Spec 283 artifacts
## Notes
- branch: `283-provider-capability-registry`
- commit: `74e75c3e`
- no additional validation commands were run in this git/PR flow step
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #342
## Summary
- add explicit workspace closure and tenant removal lifecycle truth with a bounded `WorkspaceLifecycleService`
- surface closure and removal posture across admin/system pages, chooser recovery, and canonical historical viewers
- block new review-pack and operation starts for closed workspaces or removed tenants while preserving memberships, audit, and history
- add focused Pest coverage plus the Spec 292 artifacts for the implemented slice
## Testing
- `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/System/Directory/ViewWorkspaceClosureTest.php tests/Feature/System/Ops/ClosedWorkspaceHistoricalAccessTest.php tests/Feature/Filament/Resources/Workspaces/WorkspaceClosureStatusTest.php tests/Feature/Filament/Resources/TenantResource/TenantWorkspaceRemovalTest.php tests/Feature/Filament/Pages/WorkspaceContextClosureRecoveryTest.php`
- `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- manual integrated-browser smoke for admin tenant remove/restore plus chooser recovery and system workspace close/reopen
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #337
## Summary
- replace the legacy Tenant and TenantMembership core models with ManagedEnvironment and ManagedEnvironmentMembership
- propagate the managed environment naming and key changes across Filament resources, pages, controllers, jobs, models, and supporting runtime paths
- add feature 279 spec artifacts and focused managed-environment test coverage for model behavior, route binding, panel context, authorization, and legacy guardrails
## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentAuthorizationTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentPanelContextTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentRouteBindingTest.php tests/Unit/ManagedEnvironment/ManagedEnvironmentContextResolverTest.php tests/Unit/ManagedEnvironment/ManagedEnvironmentModelTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
## Notes
- branch pushed from commit `1123b122`
- browser smoke test file was added but not run in this pass
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #335
This PR contains the committed changes for specs/265-decision-register-approval.
Commit: b5671cbf
Automated PR created by Copilot at user's request.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #321
Automated PR created by Copilot: adds implementation and tests for specs/264 cross-tenant promotion execution.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #320
Automatisch erstellt: Commit aller Änderungen in Branch 260-governance-service-packaging-session-1777640889.
Bitte prüfen und mergen.
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #315
## Summary
- add the localization v1 foundation with request-time locale resolution and workspace or user preference handling
- localize the first-wave platform surfaces for auth, shell, dashboards, findings, baseline compare, and review workspace chrome
- add Pest coverage for locale resolution, preference flows, fallback behavior, notifications, and governance surface localization
## Scope
- active spec: specs/252-platform-localization-v1
- target branch: dev
## Notes
- machine-readable artifacts remain invariant and are not localized in this slice
- the branch includes the related spec kit artifacts for the feature
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #293
## Summary
- add a read-first governance inbox page at `/admin/governance/inbox`
- aggregate assigned findings, intake, stale operations, alert-delivery failures, and review follow-up into one canonical routing surface
- add focused coverage for inbox authorization, navigation context, page behavior, and section builder logic
- include the Spec Kit artifacts for spec 250
## Notes
- branch is synced with `dev`
- this PR supersedes #290 for the governance inbox work
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #291
## Summary
- add derived onboarding readiness to the managed tenant onboarding workflow and multi-draft picker
- keep provider-specific permission diagnostics secondary while preserving canonical `Open operation` and existing onboarding action semantics
- add spec-kit artifacts for `240-tenant-onboarding-readiness` and align roadmap/spec-candidate planning notes
- unify the required-permissions empty state copy to English
## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/RequiredPermissions/RequiredPermissionsEmptyStateTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- browser smoke exercised the onboarding picker, route-bound mismatch readiness state, canonical `Open operation` path, and local fixture cleanup
## Notes
- branch includes the generated spec artifacts under `specs/240-tenant-onboarding-readiness/`
- temporary browser smoke tenants/drafts/runs were cleaned from the local environment after validation
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #277
## Summary
- add the workspace-scoped findings hygiene report, overview signal, and supporting classification service for broken assignments and stale in-progress work
- add Spec 225 artifacts and focused findings hygiene test coverage alongside the new Filament page and workspace overview wiring
- align product roadmap and spec candidates around the layered canonical control catalog, CIS library, and readiness model
- extend SpecKit constitution and templates with the XCUT-001 shared-pattern reuse guidance
## Notes
- validation commands and implementation close-out notes are documented in `specs/225-assignment-hygiene/plan.md` and `specs/225-assignment-hygiene/quickstart.md`
- this PR targets `dev` from `225-assignment-hygiene`
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #264
## Summary
- add the canonical admin-plane `My Findings` inbox at `/admin/findings/my-work`
- add the workspace overview `Assigned to me` signal and inbox-to-detail continuity
- add focused Pest coverage plus the full Spec 221 artifact bundle
## Validation
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Findings/MyWorkInboxTest.php tests/Feature/Authorization/MyWorkInboxAuthorizationTest.php tests/Feature/Dashboard/MyFindingsSignalTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/WorkspaceOverviewNavigationTest.php`
- integrated-browser smoke completed against the browser-facing `tenantatlas` runtime, including seeded positive-path and negative-path checks plus fixture cleanup
## Filament v5 Guardrails
- Livewire v4.0+ compliant
- panel provider registration remains in `apps/platform/bootstrap/providers.php`
- global search behavior is unchanged; `FindingResource` already has a View page and the new inbox is a custom page, not a searchable resource
- no destructive actions were introduced on the inbox or overview signal
- no new assets were added; the existing deploy step for `cd apps/platform && php artisan filament:assets` remains unchanged
- coverage includes the new inbox page, authorization boundaries, the workspace overview signal, and the overview CTA regression
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #258
## Summary
- add the Spec 220 governance run diagnostic summary seam and wire it through the canonical operation run detail presenter
- render summary-first decision guidance for covered governance run families while keeping technical diagnostics secondary
- add focused Pest coverage, spec artifacts, and complete the integrated-browser smoke validation for canonical run detail
## Testing
- cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent
- cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Monitoring/GovernanceOperationRunSummariesTest.php tests/Feature/Filament/OperationRunBaselineTruthSurfaceTest.php tests/Feature/Monitoring/ArtifactTruthRunDetailTest.php tests/Feature/Authorization/OperatorExplanationSurfaceAuthorizationTest.php tests/Feature/RunAuthorizationTenantIsolationTest.php tests/Unit/Support/OpsUx/GovernanceRunDiagnosticSummaryBuilderTest.php tests/Unit/Support/OperatorExplanation/OperatorExplanationBuilderTest.php
- integrated browser smoke pass on localhost:8081 covering summary-first hierarchy, zero-output runs, multi-cause runs, cross-family parity, workspace-wide visibility, and deny-as-not-found tenant safety
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #257
## Summary
- add the Spec 204 platform vocabulary foundation, including canonical glossary terms, registry ownership descriptors, canonical operation type and alias resolution, and explicit reason ownership and platform reason-family metadata
- harden platform-facing compare, snapshot, evidence, monitoring, review, and reporting surfaces so they prefer governed-subject and canonical operation semantics while preserving intentional Intune-owned terminology
- extend Spec 204 unit, feature, Filament, and architecture coverage and add the full spec artifacts, checklist, and completed task ledger
## Verification
- ran the focused recent-change Sail verification pack for the new glossary and reason-semantics work
- ran the full Spec 204 quickstart verification pack under Sail
- ran `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- ran an integrated-browser smoke pass covering tenant dashboard, operations, operation detail, baseline compare, evidence, reviews, review packs, provider connections, inventory items, backup schedules, onboarding, and the system dashboard/operations/failures/run-detail surfaces
## Notes
- provider registration is unchanged and remains in `bootstrap/providers.php`
- no new destructive actions or asset-registration changes are introduced by this branch
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #234
## Summary
- add adaptive baseline compare presentation modes with `auto`, `dense`, and `compact` route handling on the existing matrix page
- compress support surfaces with staged filters, grouped legends, last-updated and passive refresh cues, compact single-tenant results, and dense multi-tenant scan rendering
- extend the matrix builder plus Pest and browser smoke coverage for visible-set-only compact and dense workflows
## Filament / Laravel notes
- Livewire v4 compliance preserved; no legacy Livewire v3 patterns introduced
- provider registration is unchanged; no `bootstrap/providers.php` changes were needed for this feature
- no globally searchable resources were changed by this branch
- no destructive actions were added; the existing compare action remains simulation-only and non-destructive
- asset strategy is unchanged; no new Filament assets were introduced
## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/BaselineCompareMatrixPageTest.php tests/Feature/Baselines/BaselineCompareMatrixBuilderTest.php tests/Feature/Guards/ActionSurfaceContractTest.php tests/Browser/Spec190BaselineCompareMatrixSmokeTest.php`
- `80` tests passed with `673` assertions
- integrated browser smoke run on `http://localhost/admin/baseline-profiles/20/compare-matrix`
## Scope
- Spec 191 implementation
- spec contract updates in `spec.md`, `tasks.md`, and the logical OpenAPI contract
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #224
## Summary
- tighten the baseline compare matrix working surface with active filter scope summaries and clearer visible-set disclosure
- improve matrix scanability with a sticky subject column, calmer attention-first cell styling, and Filament form-based filter controls
- replace the misleading perpetual refresh loading state with a passive auto-refresh note and add focused regression coverage
## Testing
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/BaselineCompareMatrixPageTest.php`
## Notes
- this PR only contains the Spec 190 implementation changes on `190-baseline-compare-matrix`
- follow-up spec drafting for high-density operator mode was intentionally left out of this PR
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #222
