# UI-042 Review Pack Detail | Field | Value | | --- | --- | | Route | `/admin/workspaces/{workspace}/environments/{environment}/review-packs/{record}` | | Source | `ReviewPackResource::view` | | Area / scope | Reviews / environment artifact detail | | Archetype | Evidence / Audit | | Design depth | Strategic Surface | | Repo truth | browser-verified in Specs 372 and 397 | | Screenshot | `specs/372-customer-auditor-surface-safety-pass/artifacts/screenshots/003-review-pack-view-after.png` | | Browser status | Reached in the live in-app browser on 2026-06-05 via the Spec 351 review-output fixture; Spec 397 adds focused textual receipt proof for reduced default internals. | ## First Five Seconds The page should answer three questions immediately: 1. is this pack the current stakeholder-safe export or only a historical artifact 2. should the actor open the rendered report, download the ZIP, or stop 3. does this surface permit operator mutation or only read-first inspection ## Productization Review - Decision-first: Spec 356 moves the primary inspect path to the rendered report instead of treating ZIP download as the first read. - Evidence-first: status, expiry, evidence snapshot linkage, and package contract stay visible as artifact truth. - Context: environment-bound artifact detail with optional customer-workspace return context. - Capability/RBAC awareness: preview and download remain view-authorized; regenerate stays manage-only and confirmation-gated. - Customer/auditor safety: rendered preview is only available for the current ready non-expired review-derived pack. - Diagnostics/default hierarchy: the ZIP remains the structured appendix and downloadable artifact, not the first-read surface. ## Information Inventory Default-visible content should show pack status, generated/expiry timing, linked review/evidence context, sharing boundary, executive entrypoint guidance, and the current rendered-report launch affordance. ## Dangerous Actions - Dangerous or high-impact actions: `regenerate` on the operator detail surface. - Current confirmation/evidence posture: `regenerate` is capability-gated and `->requiresConfirmation()`; customer-workspace flow suppresses it entirely. - Target handling: keep preview and download read-only; do not let historical/expired packs impersonate the current report path. ## Spec 356 Follow-up Spec 356 productizes this page as the owner-side artifact detail: - `Open rendered report` is now the primary action for current ready packs. - ZIP download remains available as the structured appendix artifact. - Customer-workspace detail flow keeps `regenerate` hidden so the page does not compete with read-first stakeholder handoff. ## Target Direction Keep this surface artifact-truth-first and narrowly scoped. Future work should deepen proof hierarchy and browser evidence, not invent a second portal or artifact family. ## Spec 372 Follow-up Spec 372 keeps the existing rendered-report/download action model and reorganizes the detail content. - `Outcome summary` and `Output guidance` now lead the page - `Pack readiness and contents` owns the first artifact-proof block - evidence basis and released-review links appear before storage/operation metadata - options, initiator, customer-workspace link, operation link/count, freshness, SHA, and fingerprints moved into collapsed `Technical pack details` - technical pack details are hidden entirely in customer-workspace flow ### Browser proof - Spec372 screenshot: `specs/372-customer-auditor-surface-safety-pass/artifacts/screenshots/003-review-pack-view-after.png` - Browser smoke verified readiness before technical details and no JavaScript errors or console logs. ## Spec 385 Follow-up Spec 385 extends the existing output-readiness contract on this surface. - baseline publication blockers now map to the existing `Output not customer-ready` guidance state - baseline accepted limitations, foundation-only coverage, and exclusions map to disclosed limitation guidance - customer-safe exports retain baseline state/counts but drop baseline internal diagnostics from customer payloads - rendered-report disclosure policy now includes a baseline readiness proof row for customer-facing profiles ## Spec 397 Follow-up Spec 397 reduces default receipt internals on the Review Pack detail surface. - `Evidence basis` and `Evidence completeness` keep source proof understandable without leading with raw evidence links. - Internal evidence details stay behind the collapsed technical section and are not customer-default dominant. - Focused textual browser proof verifies output guidance, pack readiness, evidence basis, and hidden internal evidence detail hierarchy without JavaScript or console errors.