ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
c1f4ebaa05
TenantAtlas/specs/267-artifact-lifecycle-retention/checklists/requirements.md
ahmido 6bf8e7f76b feat: 267-artifact-lifecycle-retention → platform-dev (#323) 
Automated PR to merge `267-artifact-lifecycle-retention` into `platform-dev`.

Created by Copilot.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #323
2026-05-03 20:30:51 +00:00

50 lines
4.3 KiB
Markdown
Raw Blame History

# Specification Quality Checklist: Governance Artifact Lifecycle & Retention v1
**Purpose**: Validate specification completeness, boundedness, and readiness before implementation
**Created**: 2026-05-03
**Feature**: [spec.md](../spec.md)
## Content Quality
- [x] The package stays on one bounded shared lifecycle and retention contract over existing governance artifact families instead of inventing a registry, workflow console, or customer portal.
- [x] The spec remains product- and behavior-oriented rather than reading like a low-level implementation diff.
- [x] The package explicitly names the repo-real anchors it builds on: `ArtifactTruthPresenter`, review-pack download and suspended-read-only behavior, stored-report fingerprint and prune truth, and append-only accepted-risk decision history.
- [x] Mandatory repo sections for scope, RBAC, shared-pattern reuse, testing, proportionality, and candidate rationale are completed.
## Requirement Completeness
- [x] No `[NEEDS CLARIFICATION]` markers remain.
- [x] Requirements are testable and bounded to current evidence, review, review-pack, customer-workspace, signed-download, stored-report, and accepted-risk aggregate seams only.
- [x] The package makes the mutation split gate explicit: hold or deletion-request work ships only when it stays on current owning records, otherwise the slice stops at read-only lifecycle truth plus existing download audit.
- [x] Accepted-risk decision adoption remains headless and leaves current Spec 265 browsing and detail surfaces unchanged in this slice.
- [x] Canonical proof commands now match across `spec.md`, `plan.md`, `quickstart.md`, and `tasks.md`.
- [x] The implementation contract defines reversible `deletion requested` semantics directly and does not rely on an undefined soft-delete requirement.
## Feature Readiness
- [x] The package forbids new panel, provider, global-search, asset-registration, queue-family, and route-family changes.
- [x] Stored reports stay headless and no dedicated stored-report browsing surface is hidden inside this slice.
- [x] `CustomerReviewWorkspace` stays read-only and scan-first with no mutation console growth.
- [x] Existing Spec 265 decision surfaces are treated as unchanged boundaries, not as delivery scope for this package.
- [x] Follow-up ownership stays explicit for Stored Reports Surface, export-before-delete, purge governance, closure lifecycle, and support-access governance.
## Test Governance
- [x] Planned proof stays bounded to one new `Unit` suite plus focused `Feature` suites, with browser checking allowed only as a narrow manual exception.
- [x] No new heavy-governance, discovery, or browser family is introduced by default.
- [x] Fixture growth remains bounded to current factories and `BuildsGovernanceArtifactTruthFixtures` instead of a new full-matrix harness.
- [x] The review outcome, workflow outcome, and test-governance outcome are carried into `plan.md`, `quickstart.md`, and `tasks.md`.
## Notes
- Reviewed against `.specify/memory/constitution.md`, `.specify/templates/checklist-template.md`, `spec.md`, `plan.md`, `research.md`, `data-model.md`, `quickstart.md`, and `tasks.md` on 2026-05-03.
- This checklist is the prep-time outcome record. If implementation later widens mutation scope or requires current Spec 265 surface edits, the workflow outcome must change before merge.
- Implementation close-out on 2026-05-03 delivered the shared read-only lifecycle and retention contract, validated the existing suspended-read-only and audit seams, and explicitly deferred hold or deletion-request persistence because no bounded current-owner mutation path was implemented in this slice.
## Review Outcome
- **Outcome class**: `acceptable-special-case`
- **Workflow outcome**: `split`
- **Test-governance outcome**: `keep`
- **Reason**: The shipped implementation stays bounded because current operator-facing adoption is limited to existing evidence, review, review-pack, customer-workspace, and signed-download surfaces, while stored reports and accepted-risk decision history stay headless. Hold and deletion-request persistence were not added because the bounded current-owner mutation gate did not pass in this slice, so that work is explicitly split instead of being widened implicitly.
- **Final note location**: This checklist during prep, and the active feature PR close-out entry only if implementation forces `split` or `document-in-feature`.
Reference in New Issue View Git Blame Copy Permalink