ahmido
c86b399b43
Some checks failed
Main Confidence / confidence (push) Failing after 53s
## Summary This PR delivers three related improvements: ### 1. Finding Ownership Semantics (Spec 219) - Add responsibility/accountability labels to findings and finding exceptions - `owner_user_id` = accountable party (governance owner) - `assignee_user_id` = responsible party (technical implementer) - Expose Assign/Reassign actions in FindingResource with audit logging - Add ownership columns and filters to finding list - Propagate owner from finding to exception on creation - Tests: ownership semantics, assignment audit, workflow actions ### 2. Constitution v2.7.0 — LEAN-001 Pre-Production Lean Doctrine - New principle forbidding legacy aliases, migration shims, dual-write logic, and compatibility fixtures in a pre-production codebase - AI-agent 4-question verification gate before adding any compatibility path - Review rule: compatibility shims without answering the gate questions = merge blocker - Exit condition: LEAN-001 expires at first production deployment - Spec template: added default "Compatibility posture" block - Agent instructions: added "Pre-production compatibility check" section ### 3. Backup Set Operation Type Unification - Unified `backup_set.add_policies` and `backup_set.remove_policies` into single canonical `backup_set.update` - Removed all legacy aliases, constants, and test fixtures - Added lifecycle coverage for `backup_set.update` in config - Updated all 14+ test files referencing legacy types ### Spec Artifacts - `specs/219-finding-ownership-semantics/` — full spec, plan, tasks, research, data model, contracts, checklist ### Tests - All affected tests pass (OperationCatalog, backup set, finding workflow, ownership semantics) Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #256 |
||
|---|---|---|
| .. | ||
| Alerts | ||
| Audit | ||
| Auth | ||
| BackupScheduling | ||
| Baselines | ||
| Directory | ||
| Drift | ||
| EntraAdminRoles | ||
| Evidence | ||
| Findings | ||
| Graph | ||
| Hardening | ||
| Intune | ||
| Inventory | ||
| Onboarding | ||
| Operations | ||
| PermissionPosture | ||
| PortfolioTriage | ||
| Providers | ||
| Runbooks | ||
| Settings | ||
| System | ||
| SystemConsole | ||
| TenantReviews | ||
| Tenants | ||
| Verification | ||
| AdapterRunReconciler.php | ||
| AssignmentBackupService.php | ||
| AssignmentRestoreService.php | ||
| OperationRunService.php | ||
| ReviewPackService.php | ||