Added `BaselineReadinessGate`, resolution propagation, and disclosure semantics logic per Spec 385. Integrates baseline unreadiness into Customer Review Workspace and Review Packs to prevent report generation when identity bindings are unresolved. Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #456
42 lines
2.3 KiB
Markdown
42 lines
2.3 KiB
Markdown
# UI-046 Evidence Snapshot Detail
|
|
|
|
| Field | Value |
|
|
| --- | --- |
|
|
| Route | `/admin/workspaces/{workspace}/environments/{environment}/evidence/{record}` |
|
|
| Source | `EvidenceSnapshotResource::view` |
|
|
| Area / scope | Evidence / audit |
|
|
| Archetype | Evidence / Audit |
|
|
| Design depth | Strategic Surface |
|
|
| Repo truth | browser-verified in Spec 372 |
|
|
| Screenshot | `specs/372-customer-auditor-surface-safety-pass/artifacts/screenshots/005-evidence-snapshot-view-after-or-blocked.png` |
|
|
| Browser status | Reached through Spec 372 smoke-login fixture; mobile capture also completed. |
|
|
|
|
## First Five Seconds
|
|
|
|
The page should answer what evidence was captured, whether it is complete/current, and which review/report context it supports before showing support diagnostics.
|
|
|
|
## Productization Review
|
|
|
|
- Evidence-first: evidence state, completeness, environment, captured/expires dates, and coverage counts appear before diagnostics.
|
|
- Context: related review/report context now points to review pack and customer workspace, not OperationRun proof.
|
|
- Customer/auditor safety: raw source descriptors, fingerprints, operation count, and raw summary JSON are collapsed.
|
|
- Diagnostics: technical evidence details and technical dimension details remain available for authorized operators.
|
|
|
|
## Dangerous Actions
|
|
|
|
Refresh and expire actions are existing header actions. Expire remains destructive/high-impact and confirmation/authorization/audit behavior is preserved by existing resource tests.
|
|
|
|
## Spec 372 Follow-up
|
|
|
|
- Evidence Snapshot is no longer unresolved for this fixture.
|
|
- OperationRun related-context entry was removed.
|
|
- Browser smoke verified desktop and mobile rendering, section ordering, no JavaScript errors, no console logs, and no mobile horizontal overflow.
|
|
|
|
## Spec 385 Follow-up
|
|
|
|
Spec 385 changes the baseline drift posture item from drift-count-only evidence into a readiness-derived evidence item.
|
|
|
|
- baseline readiness now distinguishes trusted no drift, trusted drift, missing evidence, unresolved identity, unsupported coverage, accepted limitations, exclusions, stale proof, and failed proof
|
|
- legacy compare `reason_code` context alone is not treated as trusted no-drift evidence
|
|
- provider-resource binding decisions are consumed only as internal derived diagnostics, not as raw customer-visible evidence fields
|