ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
38f170078a
TenantAtlas/specs/042-inventory-dependencies-graph/checklists/dependencies.md

7.3 KiB
Raw Blame History

Dependencies Checklist: Inventory Dependencies Graph

Purpose: Validate that Spec 042s dependency-graph requirements are complete, unambiguous, and testable ("unit tests for English"). Created: 2026-01-07 Feature: specs/042-inventory-dependencies-graph/spec.md

Note: This checklist is generated by the /speckit.checklist command based on feature context and requirements.

Requirement Completeness

  • CHK001 Are relationship types fully enumerated with definitions and at least one example per type? [Completeness, Spec §FR1]
  • CHK002 Are the minimum required fields for a dependency edge explicitly specified (e.g., source, target, type, directionality, timestamps, provenance)? [Gap, Spec §FR2]
  • CHK003 Are the categories of “other objects” (non-inventory foundations) explicitly enumerated and bounded (what is in-scope vs out-of-scope)? [Completeness, Spec §FR2]
  • CHK004 Are the identifiers/keys used to reference inventory items and foundational objects clearly specified (stable IDs vs display names)? [Gap, Plan §Dependencies]
  • CHK005 Are inbound and outbound edge queries both explicitly required for all supported relationship types (or are exceptions called out)? [Completeness, Spec §FR3]
  • CHK006 Are “missing prerequisites” criteria specified (what counts as missing, and how missing is detected)? [Completeness, Spec §Scenario 2, FR4]
  • CHK007 Are access control requirements defined beyond “access-controlled” (roles/permissions, tenant admin vs read-only, etc.)? [Gap, Spec §FR5]

Requirement Clarity

  • CHK008 Is the meaning of “inbound” vs “outbound” relationships defined unambiguously (especially for asymmetric relations like “assigned to”)? [Clarity, Spec §Scenario 1, FR3]
  • CHK009 Are relationship labels (“uses”, “assigned to”, “scoped by”) defined as a taxonomy with consistent naming, directionality, and semantics? [Clarity, Spec §Scenario 1, FR1]
  • CHK010 Is “blast radius” translated into concrete, observable dependency-graph concepts (e.g., outbound edges only, both directions, depth)? [Ambiguity, Spec §Purpose]
  • CHK011 Is “prerequisite” defined precisely (e.g., hard prerequisite vs informational dependency; required vs optional)? [Ambiguity, Spec §Purpose, Scenario 2]
  • CHK012 Is the filter behavior for relationship types specified (single vs multi-select, default selection, empty selection meaning)? [Gap, Spec §Scenario 3]
  • CHK013 Are “safe warning” requirements specified with a format/fields and where they surface (sync logs, UI banner, audit log)? [Clarity, Spec §NFR2]

Requirement Consistency

  • CHK014 Do “missing prerequisites” requirements align with “no separate deleted state in core inventory” without introducing contradictory states or terminology? [Consistency, Spec §FR4]
  • CHK015 Are the relationship examples in scenarios consistent with the relationship taxonomy required by FR1 (no scenario-only types)? [Consistency, Spec §Scenario 1, FR1]
  • CHK016 Do idempotency requirements (NFR1) align with determinism requirements (SC2) without ambiguity about ordering, deduplication, or normalization? [Consistency, Spec §NFR1, SC2]
  • CHK017 Are tenant-scoping requirements consistent across storage, querying, and UI exposure (no implied cross-tenant joins)? [Consistency, Spec §FR5, Out of Scope]

Acceptance Criteria Quality

  • CHK018 Is SC1 (“under 2 minutes”) made measurable with a defined starting point, scope (single item, depth), and success signal (what the admin must be able to conclude)? [Measurability, Spec §SC1]
  • CHK019 Is SC2 (“deterministic output”) made measurable by defining what equivalence means (edge set equality, stable IDs, normalized relationship types)? [Measurability, Spec §SC2]
  • CHK020 Are acceptance criteria mapped to each Functional Requirement (FR1FR5) so each requirement has an objective pass/fail definition? [Gap, Spec §Functional Requirements]

Scenario Coverage

  • CHK021 Do scenarios cover both inbound and outbound viewing requirements explicitly (or is one direction implicitly assumed)? [Coverage, Spec §Scenario 1, FR3]
  • CHK022 Are scenarios defined for “no dependencies” (zero edges) and how that is communicated to the user? [Gap, Spec §User Scenarios & Testing]
  • CHK023 Are scenarios defined for “only missing prerequisites” (all targets missing) and how that impacts filtering or display? [Gap, Spec §Scenario 2]
  • CHK024 Are scenarios defined for mixed object types (inventory item → foundation object, foundation → inventory item) if both are supported? [Gap, Spec §FR2]

Edge Case Coverage

  • CHK025 Are requirements specified for unknown/unsupported references beyond “record a safe warning” (e.g., whether an edge is skipped, recorded as unknown node, or preserved as raw ref)? [Coverage, Spec §NFR2]
  • CHK026 Are requirements defined for duplicate references within a single item (e.g., same target referenced multiple times) and expected edge deduplication rules? [Gap, Spec §NFR1, SC2]
  • CHK027 Are cyclic dependencies explicitly addressed (allow, detect, show, and/or bound traversal depth)? [Gap, Spec §Purpose]
  • CHK028 Are requirements defined for very large graphs (pagination, depth limits, maximum edges returned) given the stated “edge explosion” risk? [Gap, Plan §Risks]

Non-Functional Requirements

  • CHK029 Does NFR1 define idempotency scope and mechanism expectations (e.g., uniqueness keys, replace-all vs upsert, run-scoped vs global)? [Clarity, Spec §NFR1]
  • CHK030 Does NFR2 define what constitutes “must not fail an inventory sync run” (soft-fail boundary, error severity classes, retries)? [Clarity, Spec §NFR2]
  • CHK031 Are performance requirements (latency, memory, query limits) specified for dependency extraction and for dependency viewing queries? [Gap, Plan §Risks]
  • CHK032 Are security/privacy requirements specified for what dependency data may expose (e.g., names/IDs of foundation objects) and who can see it? [Gap, Spec §FR5]

Dependencies & Assumptions

  • CHK033 Are dependencies on Spec 040 identifiers and Spec 041 UI explicitly stated as hard requirements vs optional integration points? [Clarity, Plan §Dependencies]
  • CHK034 Are assumptions documented about which Intune object types contain references and the reference shapes expected (“heterogeneous reference shapes” risk)? [Assumption, Plan §Risks]
  • CHK035 Are assumptions documented about data freshness (when edges are extracted relative to inventory sync, and how stale edges are handled)? [Gap, Spec §NFR1]

Ambiguities & Conflicts

  • CHK036 Is “foundation object not present in inventory” terminology consistent with “not requiring a deleted state” (missing vs absent vs excluded)? [Ambiguity, Spec §FR4]
  • CHK037 Is it explicitly defined whether cross-item dependencies are limited to within a policy type or across all inventory types? [Gap, Spec §Purpose, FR2]
  • CHK038 Is it clear whether relationship filtering applies only to edge types, or also to node/object types (inventory vs foundations)? [Gap, Spec §Scenario 3]

Notes

  • Check items off as completed: [x]
  • Add findings inline under the relevant checklist item
  • Each /speckit.checklist run creates a new checklist file