ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

feat(219): Finding ownership semantics + LEAN-001 constitution + backup_set unification #256

Merged
ahmido merged 2 commits from 219-finding-ownership-semantics into dev 2026-04-20 17:54:34 +00:00
Conversation 0 Commits 2 Files Changed 56 +2547 -214
ahmido commented 2026-04-20 17:53:54 +00:00
Owner
Copy Link

Summary

This PR delivers three related improvements:

1. Finding Ownership Semantics (Spec 219)

  • Add responsibility/accountability labels to findings and finding exceptions
  • owner_user_id = accountable party (governance owner)
  • assignee_user_id = responsible party (technical implementer)
  • Expose Assign/Reassign actions in FindingResource with audit logging
  • Add ownership columns and filters to finding list
  • Propagate owner from finding to exception on creation
  • Tests: ownership semantics, assignment audit, workflow actions

2. Constitution v2.7.0 — LEAN-001 Pre-Production Lean Doctrine

  • New principle forbidding legacy aliases, migration shims, dual-write logic, and compatibility fixtures in a pre-production codebase
  • AI-agent 4-question verification gate before adding any compatibility path
  • Review rule: compatibility shims without answering the gate questions = merge blocker
  • Exit condition: LEAN-001 expires at first production deployment
  • Spec template: added default "Compatibility posture" block
  • Agent instructions: added "Pre-production compatibility check" section

3. Backup Set Operation Type Unification

  • Unified backup_set.add_policies and backup_set.remove_policies into single canonical backup_set.update
  • Removed all legacy aliases, constants, and test fixtures
  • Added lifecycle coverage for backup_set.update in config
  • Updated all 14+ test files referencing legacy types

Spec Artifacts

  • specs/219-finding-ownership-semantics/ — full spec, plan, tasks, research, data model, contracts, checklist

Tests

  • All affected tests pass (OperationCatalog, backup set, finding workflow, ownership semantics)
## Summary This PR delivers three related improvements: ### 1. Finding Ownership Semantics (Spec 219) - Add responsibility/accountability labels to findings and finding exceptions - `owner_user_id` = accountable party (governance owner) - `assignee_user_id` = responsible party (technical implementer) - Expose Assign/Reassign actions in FindingResource with audit logging - Add ownership columns and filters to finding list - Propagate owner from finding to exception on creation - Tests: ownership semantics, assignment audit, workflow actions ### 2. Constitution v2.7.0 — LEAN-001 Pre-Production Lean Doctrine - New principle forbidding legacy aliases, migration shims, dual-write logic, and compatibility fixtures in a pre-production codebase - AI-agent 4-question verification gate before adding any compatibility path - Review rule: compatibility shims without answering the gate questions = merge blocker - Exit condition: LEAN-001 expires at first production deployment - Spec template: added default "Compatibility posture" block - Agent instructions: added "Pre-production compatibility check" section ### 3. Backup Set Operation Type Unification - Unified `backup_set.add_policies` and `backup_set.remove_policies` into single canonical `backup_set.update` - Removed all legacy aliases, constants, and test fixtures - Added lifecycle coverage for `backup_set.update` in config - Updated all 14+ test files referencing legacy types ### Spec Artifacts - `specs/219-finding-ownership-semantics/` — full spec, plan, tasks, research, data model, contracts, checklist ### Tests - All affected tests pass (OperationCatalog, backup set, finding workflow, ownership semantics)
ahmido added 2 commits 2026-04-20 17:53:55 +00:00 
- Add LEAN-001 to constitution after BIAS-001: forbids legacy aliases,
  migration shims, dual-write logic, and compatibility fixtures in a
  pre-production codebase
- Add compatibility posture default block to spec template
- Add pre-production compatibility check to agent instructions
- Unify backup_set operation type to canonical backup_set.update
- Remove all legacy backup_set.add_policies/remove_policies references
- Add finding ownership semantics (responsibility/accountability labels)
- Clean up roadmap.md and spec-candidates.md
merge: agent session work (LEAN-001 + finding ownership + backup_set unification)
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 56s
Details
0c78e3e1b0
ahmido merged commit c86b399b43 into dev 2026-04-20 17:54:34 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ahmido/TenantAtlas#256
No description provided.
Delete Branch "219-finding-ownership-semantics"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?