33 KiB
33 KiB
TenantPilot Implementation Ledger
Status: Active
Last reviewed: 2026-05-01
Use for: Repo-based implementation status and product-surface maturity assessment
Do not use for: Roadmap priority, spec priority, or proof that tests were executed in the current branch Scoped maintenance: 2026-05-01 full repo-based maturity refresh against currentspecs/truth and repo anchors, especially refreshed Spec 043 and Specs 251-260 plus the implemented compare/preflight, governance-package, compliance-interpretation, commercial-lifecycle, and external-support-handoff slices.
Purpose
Dieses Dokument beschreibt den aktuellen repo-basierten Implementierungsstand von TenantPilot. Es ergaenzt roadmap.md und spec-candidates.md, ersetzt sie aber nicht.
Bewertungsregeln fuer dieses Ledger:
- Repo-basiert only: Aussagen zaehlen nur, wenn Code, Datenmodell, Workflow, UI-Adoption oder Test-Artefakte im Repo belastbar darauf hinweisen.
- Keine Roadmap- oder Spec-Absicht ohne Repo-Evidence.
sellablewird nur dort verwendet, wo UI, Workflow, Datenmodell, RBAC/Audit und passende Test-Artefakte plausibel zusammenpassen.- Backend-only bleibt
foundation-only. - UI-only gilt nicht als fertig.
- Wenn Tests unten als vorhanden markiert sind, bedeutet das: passende Test-Dateien existieren im Repo. Sie wurden fuer dieses Ledger nicht ausgefuehrt.
Current Product Position
TenantPilot ist aktuell ein starkes internes Governance- und Operations-Produkt mit belastbaren Foundations fuer Execution Truth, Baselines/Drift, Findings, Evidence, Reviews, Review Packs, Supportability, Telemetry und Safety Controls. Darauf sitzen inzwischen mehrere repo-real productization slices: eine customer-safe Review-/Governance-Package-Surface im Admin-Kontext, released-review detail handoff, compliance interpretation overlays, bounded external support-desk handoff, commercial lifecycle state handling mit read-only gating sowie eine kanonische cross-tenant compare preview mit promotion preflight. Die Repo-Wahrheit liegt damit klar ueber einer simplen Lesart von "R1 done / R2 partial" und auch ueber einer rein foundation-only Interpretation fuer Reviews, Support und Portfolio-Preparation. Gleichzeitig ist das Produkt noch nicht voll als kundenseitig konsumierbare Portfolio- und Commercial-Plattform ausgereift: Es fehlen die letzte customer-safe self-serve productization ueber der Review-Surface, actual portfolio promotion execution und ein breiterer decision workboard/action layer, wiederholbare Billing-/Trial-/Demo-Operations sowie eine AI-governed execution foundation.
Status Model
planned: nur in Roadmap oder Kandidatenliste, ohne belastbare Repo-Evidencespecified: als Spec oder Draft angelegt, aber nicht repo-verifiziert umgesetztimplemented_partial: Teilumsetzung vorhanden, aber noch nicht als fertig bewertbarimplemented_backend: belastbare Backend- oder Modelllogik vorhanden, aber keine ausreichende UI-Adoptionimplemented_ui: sichtbare UI vorhanden, aber Workflow- oder Backend-Proof ist noch zu schwachimplemented_verified: Code, Modell, Workflow und Test-Artefakte sind plausibel vorhandenadopted: implementiert und bereits in zentrale Produktoberflaechen oder Kernablaeufe uebernommendeferred: bewusst verschobenobsolete: durch neuere Repo-Realitaet oder andere Implementierung ueberholt
Evidence-Level im Dokument:
none: keine belastbare Repo-Evidenceweak: duenne Code- oder Doc-Spur, aber kein belastbarer Gesamtworkflowmedium: mehrere Repo-Signale, aber noch nicht durchgaengigstrong: Datenmodell, Workflow, UI- oder Test-Spur greifen konsistent ineinander
Roadmap Coverage Summary
| Roadmap Area | Status | Evidence Level | UI Ready | Tested | Sellable | Notes |
|---|---|---|---|---|---|---|
| R1 Golden Master Governance | adopted | strong | yes | repo tests, not run | yes | Baselines, Drift, Findings und OperationRun-Truth sind breit im Produkt verankert. |
| R2 Tenant Reviews, Evidence & Control Foundation | adopted | strong | yes | repo tests, not run | almost | Reviews, Evidence, Review Packs, Customer Review Workspace, governance-package delivery, compliance interpretation overlays und Control-/Exception-Layer greifen als reale Governance-Surface zusammen, aber die finale customer-safe self-serve productization bleibt offen. |
| Alert escalation + notification routing | implemented_verified | strong | partial | repo tests, not run | yes | Alert-Regeln, Dispatch, Cooldown und Quiet Hours sind real. |
| Governance & Architecture Hardening | implemented_partial | strong | partial | repo tests, not run | foundation-only | Viele Hardening-Slices sind bereits im Code, die Lane bleibt aber aktiv. |
| UI & Product Maturity Polish | implemented_partial | strong | partial | partial repo tests, not run | no | Empty States, Navigation, Localization und read-only Review-Polish sind real, aber kein geschlossenes Theme-Completion-Signal. |
| Secret & Security Hardening | implemented_verified | strong | yes | repo tests, not run | almost | Provider-Verifikation, Permission-Diagnostics und Redaction sind belastbar. |
| Baseline Drift Engine (Cutover) | adopted | strong | yes | repo tests, not run | yes | Compare- und Drift-Workflow wirken als produktive Kernfunktion. |
| R1.9 Platform Localization v1 | implemented_verified | strong | yes | repo tests, not run | foundation-only | Locale-Resolver, Override/Praeferenz, Workspace-Default, Fallback und lokalisierte Notifications sind repo-real. |
| Product Scalability & Self-Service Foundation | implemented_partial | strong | yes | repo tests, not run | almost | Onboarding, Support, Help, Entitlements, commercial lifecycle state handling und bounded support-desk handoff sind repo-real; Billing-, Trial- und Demo-Automation bleiben offen. |
| R2.0 Canonical Control Catalog Foundation | implemented_verified | strong | partial | repo tests, not run | foundation-only | Bereits implementiert und in Evidence/Reviews referenziert, aber kein eigenstaendiger Kundennutzen-Surface. |
| R2 Completion: customer review, support, help | implemented_partial | strong | yes | repo tests, not run | almost | Customer Review Workspace, released-review detail handoff, governance-package delivery, Support Diagnostics/Requests und Help-Katalog sind repo-real, aber die finale customer-safe productization ist noch nicht vollstaendig. |
| Compliance Evidence Mapping v1 | implemented_partial | strong | yes | repo tests, not run | foundation-only | Canonical control interpretation is rendered in tenant reviews and the customer review workspace, but broader framework coverage and auditor-facing mapping remain open. |
| Governance-as-a-Service Packaging v1 | implemented_partial | strong | yes | repo tests, not run | foundation-only | Governance package status, download messaging und current review-pack reuse sind repo-real, aber standalone recurring delivery workflows und breitere management packaging remain open. |
| Findings Workflow v2 / Execution Layer | adopted | strong | yes | repo tests, not run | almost | Triage, Ownership, My Work, Intake, Governance Inbox, Exceptions und Alerts/Hygiene sind real; Cross-Tenant-Decisioning bleibt spaeter. |
| Provider-missing policy visibility follow-up | specified | weak | no | no | no | Spec 261 ist als schmaler policy-only Follow-up vorbereitet; die breitere Lifecycle-Taxonomie bleibt strategisch und unimplementiert. |
| Platform Operations Maturity | implemented_partial | strong | yes | repo tests, not run | almost | System Panel, Control Tower und Ops Controls sind real; CSV/Raw Drilldowns bleiben offen. |
| Product Usage, Customer Health & Operational Controls | adopted | strong | yes | repo tests, not run | almost | Diese Mid-term-Lane ist im Repo bereits substanziell vorhanden. |
| Private AI Execution Governance Foundation | planned | none | no | no | no | Keine belastbare AI-Governance-Foundation im Repo. |
| MSP Portfolio & Operations | implemented_partial | strong | yes | repo tests, not run | foundation-only | Portfolio-Triage, canonical compare preview, preflight audit and launch continuity are repo-real; actual promotion execution and the broader decision workboard remain open. |
| Human-in-the-Loop Autonomous Governance | planned | none | no | no | no | Kein repo-verifizierter Decision-Pack- oder Approval-Workflow jenseits des jetzigen Exception-/Review-Layers. |
| Drift & Change Governance | implemented_partial | strong | yes | repo tests, not run | almost | Drift review, accepted-risk governance, exception validity und Governance-Inbox-Surfaces sind repo-real; portfolio-weite Eskalation bleibt offen. |
| Standardization & Policy Quality | planned | none | no | no | no | Keine starke Repo-Evidence fuer eine Intune-Linting- oder Policy-Quality-Oberflaeche. |
| PSA / Ticketing Handoff | implemented_verified | strong | yes | repo tests, not run | almost | Support Requests now include bounded external create/link handoff on the current tenant and operation-run contexts; broader multi-provider ITSM expansion remains separate work. |
Implemented Capabilities
| Capability | Status | Backend | UI | Tests | RBAC/Audit | Sellable | Evidence |
|---|---|---|---|---|---|---|---|
| OperationRun truth layer | implemented_verified | yes | partial | repo tests, not run | yes | foundation-only | app/Models/OperationRun.php; tests/Feature/System/*; tests/Feature/ReviewPack/* |
| Baseline profiles, snapshots and compare | implemented_verified | yes | yes | repo tests, not run | yes | yes | app/Models/BaselineProfile.php; app/Models/BaselineSnapshot.php; app/Services/Baselines/BaselineCompareService.php |
| Drift findings and governance pressure | adopted | yes | yes | repo tests, not run | yes | yes | app/Models/Finding.php; app/Filament/Widgets/Dashboard/RecentDriftFindings.php; tests/Feature/Findings/* |
| Findings inboxes and governance inbox | implemented_verified | yes | yes | repo tests, not run | yes | almost | app/Filament/Pages/Findings/MyFindingsInbox.php; app/Filament/Pages/Findings/FindingsIntakeQueue.php; app/Filament/Pages/Governance/GovernanceInbox.php; tests/Feature/Findings/MyWorkInboxTest.php; tests/Feature/Governance/* |
| Finding exceptions and risk acceptance workflow | implemented_verified | yes | yes | repo tests, not run | yes | almost | app/Models/FindingException.php; app/Services/Findings/FindingExceptionService.php; app/Filament/Resources/FindingExceptionResource.php; tests/Feature/Findings/FindingExceptionWorkflowTest.php |
| Restore workflow with safety gates | implemented_verified | yes | yes | repo tests, not run | yes | yes | app/Models/OperationRun.php; restore gates and tests in tests/Feature/Restore/* |
| Evidence snapshots | implemented_verified | yes | yes | repo tests, not run | yes | foundation-only | app/Models/EvidenceSnapshot.php; app/Services/Evidence/EvidenceSnapshotService.php; tests/Feature/Evidence/* |
| Tenant reviews | implemented_verified | yes | yes | repo tests, not run | yes | almost | app/Models/TenantReview.php; app/Services/TenantReviews/TenantReviewService.php; tests/Feature/TenantReview/* |
| Review pack generation and export | implemented_verified | yes | yes | repo tests, not run | yes | yes | app/Models/ReviewPack.php; app/Services/ReviewPackService.php; tests/Feature/ReviewPack/* |
| Customer review workspace | implemented_partial | yes | yes | repo tests, not run | yes | almost | app/Filament/Pages/Reviews/CustomerReviewWorkspace.php; tests/Feature/Reviews/*; tests/Browser/Reviews/CustomerReviewWorkspaceSmokeTest.php |
| Governance package delivery surface | implemented_partial | yes | yes | repo tests, not run | yes | almost | app/Filament/Pages/Reviews/CustomerReviewWorkspace.php; app/Filament/Resources/TenantReviewResource.php; tests/Feature/Reviews/CustomerReviewWorkspacePackAccessTest.php; tests/Feature/TenantReview/TenantReviewExplanationSurfaceTest.php |
| Compliance evidence mapping overlay | implemented_partial | yes | yes | repo tests, not run | partial | foundation-only | app/Support/Governance/Controls/ComplianceEvidenceMappingV1.php; app/Services/TenantReviews/TenantReviewSectionFactory.php; tests/Feature/TenantReview/TenantReviewCanonicalControlReferenceTest.php |
| Alerts and notification routing | implemented_verified | yes | partial | repo tests, not run | yes | yes | app/Services/Alerts/AlertDispatchService.php; tests/Feature/*Alert* |
| Provider health, onboarding readiness and required permissions | adopted | yes | yes | repo tests, not run | yes | almost | app/Jobs/ProviderConnectionHealthCheckJob.php; app/Services/Onboarding/OnboardingLifecycleService.php; app/Filament/Pages/TenantRequiredPermissions.php |
| Permission posture reporting | implemented_verified | yes | yes | repo tests, not run | yes | yes | app/Services/PermissionPosture/PermissionPostureFindingGenerator.php; tests/Feature/PermissionPosture/* |
| Entra admin roles reporting | implemented_verified | yes | yes | repo tests, not run | yes | yes | app/Services/EntraAdminRoles/EntraAdminRolesReportService.php; tests/Feature/EntraAdminRoles/* |
| Stored reports substrate | implemented_verified | yes | partial | repo tests, not run | partial | foundation-only | app/Models/StoredReport.php; tests/Feature/PermissionPosture/StoredReportModelTest.php; tests/Feature/EntraAdminRoles/StoredReportFingerprintTest.php |
| Support diagnostics | adopted | yes | yes | repo tests, not run | yes | almost | app/Support/SupportDiagnostics/SupportDiagnosticBundleBuilder.php; app/Filament/Pages/TenantDashboard.php; tests/Feature/SupportDiagnostics/* |
| In-app support requests | implemented_verified | yes | yes | repo tests, not run | yes | almost | app/Models/SupportRequest.php; app/Support/SupportRequests/*; tests/Feature/SupportRequests/* |
| External support-desk handoff | implemented_verified | yes | yes | repo tests, not run | yes | almost | app/Support/SupportRequests/ExternalSupportDeskHandoffService.php; app/Support/SupportRequests/SupportRequestSubmissionService.php; tests/Unit/Support/SupportRequests/ExternalSupportDeskHandoffServiceTest.php |
| Product knowledge and contextual help | implemented_partial | yes | yes | repo tests, not run | partial | almost | app/Support/ProductKnowledge/ContextualHelpCatalog.php; tests/Feature/Onboarding/ProductKnowledgeOnboardingHelpTest.php |
| Localization foundation | implemented_verified | yes | yes | repo tests, not run | partial | foundation-only | app/Services/Localization/LocaleResolver.php; app/Http/Controllers/LocalizationController.php; tests/Feature/Localization/* |
| Product telemetry | implemented_verified | yes | yes | repo tests, not run | yes | almost | app/Models/ProductUsageEvent.php; app/Filament/System/Widgets/ProductTelemetryKpis.php; tests/Feature/System/ProductTelemetry/* |
| Customer health scoring | implemented_verified | yes | yes | repo tests, not run | partial | almost | app/Filament/System/Widgets/CustomerHealthKpis.php; app/Filament/System/Widgets/CustomerHealthTopWorkspaces.php; tests/Feature/System/CustomerHealth/* |
| Operational controls | implemented_verified | yes | yes | repo tests, not run | yes | almost | app/Models/OperationalControlActivation.php; app/Support/OperationalControls/*; tests/Feature/System/OpsControls/* |
| Workspace entitlements | implemented_verified | yes | yes | repo tests, not run | yes | foundation-only | app/Services/Entitlements/WorkspaceEntitlementResolver.php; tests/Feature/Filament/Settings/WorkspaceEntitlementsSettingsPageTest.php |
| Commercial lifecycle state handling | implemented_verified | yes | yes | repo tests, not run | yes | foundation-only | app/Services/Entitlements/WorkspaceCommercialLifecycleResolver.php; app/Filament/System/Pages/Directory/ViewWorkspace.php; tests/Feature/System/ViewWorkspaceEntitlementsTest.php; tests/Unit/Entitlements/WorkspaceCommercialLifecycleResolverTest.php |
| Capability-first RBAC | adopted | yes | yes | repo tests, not run | yes | foundation-only | app/Services/Auth/CapabilityResolver.php; app/Services/Auth/RoleCapabilityMap.php; many tests/Feature/Rbac/* |
| Audit log foundation | adopted | yes | yes | repo tests, not run | yes | foundation-only | app/Models/AuditLog.php; app/Services/Audit/WorkspaceAuditLogger.php; many audit-focused feature tests |
| Canonical control catalog | implemented_verified | yes | partial | repo tests, not run | partial | foundation-only | app/Support/Governance/Controls/CanonicalControlCatalog.php; config/canonical_controls.php; tests/Unit/Governance/* |
| Portfolio triage continuity | implemented_verified | yes | yes | repo tests, not run | yes | foundation-only | app/Services/PortfolioTriage/TenantTriageReviewService.php; app/Support/PortfolioTriage/*; tests/Feature/Filament/TenantRegistryTriageReviewStateTest.php |
| Cross-tenant compare preview and promotion preflight | implemented_verified | yes | yes | repo tests, not run | yes | foundation-only | app/Filament/Pages/CrossTenantComparePage.php; app/Support/PortfolioCompare/CrossTenantComparePreviewBuilder.php; app/Support/PortfolioCompare/CrossTenantPromotionPreflight.php; tests/Feature/PortfolioCompare/*; tests/Unit/Support/PortfolioCompare/* |
Foundation-Only Capabilities
- OperationRun truth and canonical operation typing: starke Execution-Foundation, aber kein eigenstaendiger Kundennutzen-Surface.
- Audit log foundation: breit genutzt und wichtig fuer Governance, aber allein nicht verkaufbar.
- Capability-first RBAC: belastbar und testnah, bleibt aber Enablement-Layer.
- Workspace entitlements und commercial lifecycle policy engine: reale Gate-, Lifecycle- und Override-Logik, aber noch keine volle Billing-/Contract-Ops story.
- Canonical control catalog: starke semantische Foundation fuer Evidence, Findings und Reviews.
- Stored reports substrate: wichtig fuer Reports, Evidence und Diagnostics, aber kein eigenstaendiges Produktversprechen.
- Evidence snapshot substrate: tragende technische Basis fuer Reviews und Exports.
- Localization foundation: resolved locale precedence, Workspace-Default, User-Praeferenz/Override und Notification-Formatting sind real, aber Enablement statt eigener Produkt-Surface.
- Operational control registry and evaluator: starke Safety-Control-Foundation, primar operatorseitig.
- Customer health scoring: reale interne SaaS-Operations-Layer, aber noch keine eigenstaendige Kundenoberflaeche.
- Portfolio triage continuity: sinnvoller Multi-Tenant-Unterbau, aber noch kein vollstaendiges Portfolio-Produkt.
Partial Capabilities
- Customer-facing review consumption: Tenant Reviews, Evidence Snapshots, Review Packs, the Customer Review Workspace, the customer-safe released-review detail mode, governance-package delivery cues, compliance interpretation overlays, and commercial-lifecycle-aware access states are repo-real; broader lifecycle/governance taxonomy work remains separate.
- Findings Workflow v2: Triage, Assignment, My Work, Intake, Governance Inbox, Exceptions, notifications, and the three queue-facing cleanup/hardening follow-through packages are now repo-backed; later cross-tenant action layers remain separate work.
- Product scalability and self-service: Onboarding, Support, Help, Entitlements, commercial lifecycle state handling, and external support-desk handoff are repo-real; broader trial/demo and commercialization layers still remain.
- MSP portfolio operations: Portfolio-Triage plus cross-tenant compare preview and promotion preflight are repo-real; actual promotion execution and broader portfolio action orchestration remain open.
- Platform operations maturity: Control Tower und Ops Controls sind stark, aber einige geplante operatorseitige Drilldowns/Exports fehlen noch.
- Product knowledge rollout: Help-Katalog und Resolver sind real, aber noch nicht breit genug adoptiert fuer "fertig".
Planned But Not Implemented
- Private AI Execution Governance Foundation
- Human-in-the-Loop Autonomous Governance
- Standardization & Policy Quality / Intune Linting
- Provider-Missing Policy Visibility & Restore Continuity v1 (Spec 261, specified only)
- Broader compliance frameworks and auditor-facing mapping beyond the current evidence overlay
Release Readiness
| Release / Theme | Readiness | Notes |
|---|---|---|
| R1 Golden Master Governance | implemented | Die zentrale Governance- und Execution-Layer ist repo-verifiziert und breit adoptiert. |
| R2 Tenant Reviews & Evidence Packs | implemented | Reviews, Evidence Snapshots, Review Packs, Customer Review Workspace, released-review detail handoff, governance-package delivery, compliance interpretation overlays und Exception-/Accepted-Risk-Workflow sind repo-real; die finale customer-safe Productization bleibt als sellability follow-up offen. |
| R3 MSP Portfolio OS | partial | Portfolio-Triage sowie canonical compare preview/preflight sind da, aber actual promotion execution und portfolio-weite Action-Layer fehlen weiter. |
| Compliance Evidence Mapping v1 | partial | Compliance interpretation overlays sind repo-real in Tenant Reviews und Customer Review Workspace, aber breitere Framework-Abdeckung und auditor-facing mapping fehlen weiter. |
| Governance-as-a-Service Packaging v1 | partial | Governance package status, delivery messaging und current review-pack reuse sind repo-real; eine wiederholbare management-taugliche Packaging-Workflow-Layer ist nicht vollstaendig. |
Commercial Readiness
Demo-ready
- Baseline compare and drift walkthroughs
- Review pack generation and export
- Customer review workspace walkthroughs with operator guidance
- Cross-tenant compare preview and promotion preflight walkthroughs
- Provider health, onboarding readiness and required permissions
- Support diagnostics
- Permission posture and Entra admin roles reporting
Almost sellable
- Review-driven governance workflow rund um Tenant Reviews, Customer Review Workspace, governance-package delivery, compliance interpretation overlays, accepted risks und Review Packs, aber noch nicht als vollstaendig productisierte customer-safe consumption experience
- Baseline drift and restore governance
- Findings workflow mit persönlicher Inbox, Intake, Governance Inbox und Exception-Handling
- Alerting and run visibility for governance operations
- Support requests with contextual diagnostics and bounded external create/link handoff
- Provider readiness and permission posture reporting
Foundation-only
- OperationRun truth layer
- Audit foundation
- Capability-first RBAC
- Workspace entitlements
- Canonical control catalog
- Stored reports substrate
- Evidence snapshot substrate
- Localization foundation
- Product telemetry
- Customer health scoring
- Operational controls
- Portfolio triage continuity
Not sellable yet
- Portfolio-wide promotion execution and decision workboard
- Broader compliance evidence mapping surface
- Standalone governance-as-a-service packaging workflow
- Private AI Execution Governance Foundation
Open Gaps & Blockers
Queue audit note: the former queue-facing gap rows for customer review productization, governance convergence, the findings cleanup trio, compare/preflight, commercial lifecycle maturity, compliance evidence mapping, governance packaging, and external support-desk handoff were narrowed or removed here on 2026-05-01 because refreshed Spec 043 and Specs 251-260 now provide prepared or implemented packages for those bounded slices.
| Gap | Type | Impact | Roadmap Area | Recommended Spec |
|---|---|---|---|---|
| No safe automatic next-best-prep target is currently active | Planning blocker | spec-candidates.md had drifted behind current specs/ truth, so automatic next-spec selection would have reopened already prepared or completed packages |
Product planning / queue hygiene | none - require explicit promotion of the next candidate |
| Customer-safe review productization is not fully complete | Productization blocker | Customer review workspace, released-review details, governance-package delivery, compliance overlays, and lifecycle-aware access are repo-real, but the final calmer self-serve customer-safe polish is still incomplete | R2 review consumption | explicit follow-through only if re-promoted; do not reopen completed specs automatically |
| Portfolio promotion execution and the broader decision workboard remain absent | Product blocker | Compare preview and preflight are repo-real, but no execution path, persisted drafts, queueing, or wider portfolio action orchestration exists | MSP Portfolio & Operations | explicit new candidate or follow-up; do not reopen Spec 043 automatically |
| Provider-missing policy visibility follow-up remains specified only | Product blocker | Spec 261 exists as a bounded policy-only correction, but implementation has not landed and the broader lifecycle taxonomy stays deferred | Lifecycle governance / provider truth | Spec 261 if pressure becomes immediate |
| Workspace, Tenant & Managed Object Lifecycle Governance v1 remains deferred by design | Strategic blocker | The lifecycle taxonomy is still intentionally broader than the bounded slices that just landed and should not be auto-selected without an explicit roadmap decision | Lifecycle governance / enterprise trust | deferred strategic candidate only |
| AI governance foundation is absent | Architecture blocker | Future AI features would risk trust and policy drift if added directly | Private AI Execution Governance | P3 Private AI Execution Governance Foundation |
| Roadmap understates current repo truth | Documentation blocker | Prioritization can drift because strategy docs still lag compare/preflight, governance-package delivery, compliance overlays, commercial lifecycle handling, and support handoff slices | Product planning / roadmap maintenance | none - docs alignment |
| Test files were not executed for this ledger update | Testing blocker | This document relies on code plus test presence, not live runtime validation | all areas | none - run targeted suites |
Recommended Next Specs
No safe automatic next-best-prep target: queue hygiene work is complete; do not reopen Specs 043 or 251-260 through another automatic selection pass.Spec 261 execution decision: if provider-missing pressure is immediate, execute the already-prepared policy-only follow-up instead of drafting a broader lifecycle patch.Workspace, Tenant & Managed Object Lifecycle Governance v1: still the main deferred strategic candidate, but only after an explicit roadmap/product decision promotes it into the active queue.P3 Private AI Execution Governance Foundation: should exist before feature-level AI adoption, not after it.
Roadmap Drift Notes
roadmap.mdunderstates current R2 implementation depth, but the ledger had overstated sellability. Customer Review Workspace, published review handoff, review-pack downloads und der Finding-Exception-/Risk-Acceptance-Workflow sind repo-real; the remaining gap is customer-safe productization, not review-foundation absence.roadmap.mdunderstates findings workflow maturity. My Findings, Intake, Governance Inbox und Exception Queue existieren bereits im Repo.roadmap.mdunderstates localization maturity. Locale resolution order, Workspace-Default, User-Praeferenz, lokalisierte Notifications und Fallback-Tests sind implementiert.roadmap.mdunderstates the current R2 control foundation. Canonical controls, stored reports, permission posture and Entra admin roles are already repo-real, not just near-term ideas.roadmap.mdunderstates product supportability. Support diagnostics, in-app support requests and contextual help already exist in the repo.roadmap.mdunderstates operational maturity. Product telemetry, customer health and operational controls are already implemented and wired into the system panel.roadmap.mdunderstates commercial foundations. Workspace entitlements, commercial lifecycle state handling, plan profiles and enforcement points already exist, even though full billing-state maturity does not.roadmap.mdunderstates MSP portfolio preparation. Cross-tenant compare preview, promotion preflight, audit logging and launch continuity are already repo-real.roadmap.mdunderstates governance-package delivery and compliance interpretation. The customer review workspace and released-review detail now expose governance-package status/download cues plus current evidence interpretation overlays.roadmap.mdunderstates bounded external support handoff. Support requests now support current-scope external create/link handoff without introducing a separate support queue product.- Queue-facing drift had become larger than roadmap drift alone: this ledger and
spec-candidates.mdwere still naming already prepared or completed slices as open candidates even though refreshed Spec 043 and Specs 251-260 now carry prep or implementation-close-out evidence. - The main drift pattern is still underestimation, but customer-review sellability now needs a more precise reading: the missing piece is no longer basic review read-only access, but the final customer-safe productization layer over an already real surface.
Evidence Sources
Wichtigste Strategie- und Scope-Quellen:
docs/product/roadmap.mddocs/product/spec-candidates.md
Wichtige Plattform- und UI-Anker:
apps/platform/bootstrap/providers.phpapps/platform/app/Providers/Filament/AdminPanelProvider.phpapps/platform/app/Providers/Filament/SystemPanelProvider.phpapps/platform/app/Filament/Pages/TenantDashboard.phpapps/platform/app/Filament/Pages/CrossTenantComparePage.phpapps/platform/app/Filament/System/Pages/Dashboard.phpapps/platform/app/Filament/Pages/TenantRequiredPermissions.phpapps/platform/app/Filament/Pages/Reviews/CustomerReviewWorkspace.phpapps/platform/app/Filament/Pages/Findings/MyFindingsInbox.phpapps/platform/app/Filament/Pages/Findings/FindingsIntakeQueue.phpapps/platform/app/Filament/Pages/Governance/GovernanceInbox.phpapps/platform/app/Filament/Pages/Monitoring/FindingExceptionsQueue.php
Wichtige Models:
apps/platform/app/Models/OperationRun.phpapps/platform/app/Models/Finding.phpapps/platform/app/Models/FindingException.phpapps/platform/app/Models/FindingExceptionDecision.phpapps/platform/app/Models/FindingExceptionEvidenceReference.phpapps/platform/app/Models/BaselineProfile.phpapps/platform/app/Models/BaselineSnapshot.phpapps/platform/app/Models/EvidenceSnapshot.phpapps/platform/app/Models/TenantReview.phpapps/platform/app/Models/ReviewPack.phpapps/platform/app/Models/StoredReport.phpapps/platform/app/Models/SupportRequest.phpapps/platform/app/Models/ProductUsageEvent.phpapps/platform/app/Models/OperationalControlActivation.phpapps/platform/app/Models/AuditLog.php
Wichtige Services und Jobs:
apps/platform/app/Services/ReviewPackService.phpapps/platform/app/Services/TenantReviews/TenantReviewService.phpapps/platform/app/Services/Evidence/EvidenceSnapshotService.phpapps/platform/app/Services/Baselines/BaselineCompareService.phpapps/platform/app/Services/Entitlements/WorkspaceCommercialLifecycleResolver.phpapps/platform/app/Services/Alerts/AlertDispatchService.phpapps/platform/app/Services/Findings/FindingExceptionService.phpapps/platform/app/Jobs/ProviderConnectionHealthCheckJob.phpapps/platform/app/Services/Onboarding/OnboardingLifecycleService.phpapps/platform/app/Services/Entitlements/WorkspaceEntitlementResolver.phpapps/platform/app/Services/PortfolioTriage/TenantTriageReviewService.phpapps/platform/app/Support/Governance/Controls/ComplianceEvidenceMappingV1.phpapps/platform/app/Support/PortfolioCompare/CrossTenantComparePreviewBuilder.phpapps/platform/app/Support/PortfolioCompare/CrossTenantPromotionPreflight.phpapps/platform/app/Support/SupportRequests/ExternalSupportDeskHandoffService.phpapps/platform/app/Support/Governance/Controls/CanonicalControlCatalog.phpapps/platform/app/Services/Audit/WorkspaceAuditLogger.phpapps/platform/app/Services/Auth/CapabilityResolver.phpapps/platform/app/Services/Localization/LocaleResolver.php
Wichtige Test-Anker im Repo:
apps/platform/tests/Feature/PortfolioCompare/*apps/platform/tests/Feature/ReviewPack/*apps/platform/tests/Feature/Evidence/*apps/platform/tests/Feature/PermissionPosture/*apps/platform/tests/Feature/EntraAdminRoles/*apps/platform/tests/Feature/SupportDiagnostics/*apps/platform/tests/Feature/SupportRequests/*apps/platform/tests/Feature/System/ViewWorkspaceEntitlementsTest.phpapps/platform/tests/Feature/TenantReview/TenantReviewCanonicalControlReferenceTest.phpapps/platform/tests/Feature/System/CustomerHealth/*apps/platform/tests/Feature/System/ProductTelemetry/*apps/platform/tests/Feature/System/OpsControls/*apps/platform/tests/Feature/Filament/TenantRegistryTriageReviewStateTest.phpapps/platform/tests/Unit/Governance/*apps/platform/tests/Unit/Support/PortfolioCompare/*apps/platform/tests/Unit/Support/SupportRequests/ExternalSupportDeskHandoffServiceTest.phpapps/platform/tests/Unit/Entitlements/*
Last Updated
2026-05-01 on branch platform-dev (full repo-based maturity refresh against current specs and repo anchors)