ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
92704a2f7e
TenantAtlas/specs/118-baseline-drift-engine/checklists/requirements.md
ahmido 92704a2f7e Spec 118: Resumable baseline evidence capture + snapshot UX (#143) 
Implements Spec 118 baseline drift engine improvements:

- Resumable, budget-aware evidence capture for baseline capture/compare runs (resume token + UI action)
- “Why no findings?” reason-code driven explanations and richer run context panels
- Baseline Snapshot resource (list/detail) with fidelity visibility
- Retention command + schedule for pruning baseline-purpose PolicyVersions
- i18n strings for Baseline Compare landing

Verification:
- `vendor/bin/sail bin pint --dirty --format agent`
- `vendor/bin/sail artisan test --compact --filter=Baseline` (159 passed)

Note:
- `docs/audits/redaction-audit-2026-03-04.md` left untracked (not part of PR).

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #143
2026-03-04 22:34:13 +00:00

2.3 KiB
Raw Blame History

Specification Quality Checklist: Golden Master Deep Drift v2 (Full Content Capture)

Purpose: Validate specification completeness and quality before proceeding to planning
Created: 2026-03-03
Feature: specs/118-baseline-drift-engine/spec.md

Content Quality

  • No implementation details (languages, frameworks, APIs)
  • Focused on user value and business needs
  • Written for non-technical stakeholders
  • All mandatory sections completed

Requirement Completeness

  • No [NEEDS CLARIFICATION] markers remain
  • Requirements are testable and unambiguous
  • Success criteria are measurable
  • Success criteria are technology-agnostic (no implementation details)
  • All acceptance scenarios are defined
  • Edge cases are identified
  • Scope is clearly bounded
  • Dependencies and assumptions identified

Feature Readiness

  • All functional requirements have clear acceptance criteria
  • User scenarios cover primary flows
  • Feature meets measurable outcomes defined in Success Criteria
  • No implementation details leak into specification

Constitution & Spec 118 Gates

  • Cross-tenant subject matching terminology is defined and consistent (subject_key is defined and tied to normalization rules)
  • Workspace-owned snapshot items explicitly forbid persisting tenant identifiers (including tenant IDs and tenant external IDs)
  • Compare behavior for missing/ambiguous cross-tenant matching is specified (gap reason + suppress drift evaluation)
  • Coverage proof guard is specified (missing-policy outcomes suppressed when coverage is unproven)
  • Rollout gate requirement exists for full-content mode (canary flag)
  • Security requirement exists to redact secrets/PII before persistence/fingerprinting
  • Baseline-purpose evidence visibility is explicitly tied to baseline-related capabilities (no tenant.view-only access)
  • Audit events requirement exists for starting capture/compare runs (and includes purpose + summary context)
  • Retention requirement exists for baseline-purpose evidence distinct from long-term backups
  • Findings recurrence identity/lifecycle requirement exists and is independent of fingerprints
  • Ops-UX “no silent zeros” requirement exists (reason codes + UI explanation)

Notes

  • Validated on 2026-03-03; all checks passing.