780ed0391a
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 1m11s
Added UiBloatRegressionGuardTest to enforce known UI bloat and customer/auditor safety regression patterns across configured runtime UI source paths as defined in Spec 375. Registered the test in Pest.php and added to TestLaneManifest.
46 lines
3.0 KiB
Markdown
46 lines
3.0 KiB
Markdown
# Requirements Checklist: Spec 375 - UI Bloat Regression Guard v1
|
|
|
|
**Purpose**: Validate preparation readiness for Spec 375 before implementation.
|
|
**Created**: 2026-06-13
|
|
**Feature**: `specs/375-ui-bloat-regression-guard/spec.md`
|
|
|
|
## Spec Quality
|
|
|
|
- [x] CHK001 The selected candidate is directly provided by the user as Spec 375 and aligned with the recent Spec 370-374 UI productization sequence.
|
|
- [x] CHK002 The completed-spec guardrail treats Specs 370-374 as completed context only and does not reopen or rewrite their history.
|
|
- [x] CHK003 The spec states the concrete trust/workflow problem: future UI changes can regress into bloat, unsafe customer/auditor copy, or unclear diagnostic entrypoints without early guard feedback.
|
|
- [x] CHK004 The spec defines the smallest enterprise-capable slice: one static guard/scanner entrypoint with warn-first behavior, allowlist policy, and initial report.
|
|
- [x] CHK005 Functional requirements are testable and avoid requiring a broad page refactor.
|
|
- [x] CHK006 Out-of-scope boundaries exclude runtime UI refactors, migrations, models, routes, Filament page/resource changes, browser screenshot infra, and visual regression.
|
|
- [x] CHK007 Risks, assumptions, and non-blocking open questions are recorded.
|
|
|
|
## Constitution And Guardrails
|
|
|
|
- [x] CHK008 UI Surface Impact is completed as `No UI surface impact` with rationale.
|
|
- [x] CHK009 Cross-cutting shared pattern reuse names existing guard/test/script conventions and avoids a runtime UI framework.
|
|
- [x] CHK010 OperationRun UX impact states no OperationRun behavior is touched.
|
|
- [x] CHK011 Provider boundary treatment keeps provider terms as scanner leakage indicators, not platform-core truth.
|
|
- [x] CHK012 Proportionality review justifies the narrow guard and rejects browser visual regression and manual-only review.
|
|
- [x] CHK013 RBAC, workspace/tenant isolation, auditability, and data minimization are addressed as no-runtime-impact constraints.
|
|
- [x] CHK014 Test governance names `surface-guard` / heavy-governance ownership and forbids hidden browser/DB fixture cost.
|
|
- [x] CHK015 Filament v5 / Livewire v4 compliance, provider registration, global search, destructive action, asset, and testing posture are stated in the plan.
|
|
|
|
## Task Readiness
|
|
|
|
- [x] CHK016 `tasks.md` includes repo-truth and source-input tasks before tooling edits.
|
|
- [x] CHK017 `tasks.md` includes spec-local artifact tasks before implementation.
|
|
- [x] CHK018 `tasks.md` includes tests before scanner implementation.
|
|
- [x] CHK019 `tasks.md` includes initial scan, allowlist, validation, and close-out artifact tasks.
|
|
- [x] CHK020 `tasks.md` includes explicit non-goals to prevent runtime UI refactor creep.
|
|
|
|
## Preparation Outcome
|
|
|
|
- [x] CHK021 Candidate Selection Gate result: pass.
|
|
- [x] CHK022 Spec Readiness Gate result: pass for preparation.
|
|
- [x] CHK023 Review outcome class: acceptable-special-case.
|
|
- [x] CHK024 Workflow outcome: keep.
|
|
|
|
## Notes
|
|
|
|
This checklist validates preparation only. It does not claim scanner implementation, initial scan execution, test execution, CI integration, or runtime UI changes.
|