Added documentation and artifacts for Spec 377 regarding post-productization browser reaudit closeout gate. Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #448
33 lines
2.0 KiB
Markdown
33 lines
2.0 KiB
Markdown
# Follow-Up Roadmap
|
|
|
|
Verification level: `derived from existing implementation` for recommendation scope, `browser-verified` for current browser limitations, and `repo-verified` for predecessor guard/fixture context.
|
|
|
|
## Must Fix Before Close
|
|
|
|
None.
|
|
|
|
Verification class: `derived from existing implementation`.
|
|
|
|
## Separate Roadmap Follow-Up
|
|
|
|
| Candidate | Verification class | Why separate | Suggested scope |
|
|
|---|---|---|---|
|
|
| Manual system-panel browser fixture or documented audit procedure | `not verified` for manual access, `repo-verified` for Spec 376 automated proof | Spec 377 is audit-only and must not add auth routes or fixtures. | Provide a documented manual way to review `/system` and `/system/ops/runs`, or explicitly declare Pest Browser as the supported proof path. |
|
|
| Preserve baseline screenshot binaries for future before/after audits | `not available` | Spec 368 scores are present, but historical screenshot binaries are not present in this checkout. | For future audit specs, make screenshot retention part of the artifact checklist. |
|
|
|
|
## Optional Polish
|
|
|
|
| Candidate | Verification class | Notes |
|
|
|---|---|---|
|
|
| Customer/report shell quieting | `browser-verified` | Several customer/auditor pages remain visually inside the full admin shell, but the primary content is customer-safe enough for closeout. |
|
|
| Guard count trend reporting | `repo-verified` | Spec 375 guard has warn-mode counts; trend storage and CI hard-fail expansion should remain future work. |
|
|
|
|
## Not Needed
|
|
|
|
| Item | Verification class | Reason |
|
|
|---|---|---|
|
|
| Broad UI refactor in Spec 377 | `repo-verified` | Explicitly out of scope. |
|
|
| Runtime route/auth changes | `repo-verified` | Explicitly out of scope and not needed for `closed-with-follow-up`. |
|
|
| New fixture creation | `repo-verified` | Explicitly out of scope; existing fixtures were sufficient for 16 current manual captures and Spec 376 automated system proof. |
|
|
| Rewriting completed specs | `repo-verified` | Explicitly forbidden by the implementation loop. |
|