TenantAtlas/docs/ui-ux-enterprise-audit/grouped-follow-up-candidates.md
ahmido 8a889a863e Spec 323: add tenantial enterprise UI audit foundation (#383)
## Summary
- add the Spec 323 Tenantial enterprise UI audit foundation package
- add the UI/UX audit registry artifacts, templates, and supporting brand context placeholder
- update Spec Kit prompts/templates plus PR fast-feedback guardrails for ongoing UI productization coverage

## Scope
- docs-first audit foundation only
- no runtime Laravel, Filament, Livewire, route, auth, or database behavior changes intended

## Validation
- [x] `git diff --check`
- [ ] application test suite run

## Notes
- primary spec: `specs/323-tenantial-enterprise-ui-audit-foundation/`
- this branch also updates `.gitea/pull_request_template.md`, `.gitea/workflows/test-pr-fast-feedback.yml`, and `scripts/check-ui-productization-coverage` to make the coverage gate durable for future UI work

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #383
2026-05-17 17:49:54 +00:00

5.0 KiB

Grouped Follow-Up Candidates

Spec 323 intentionally avoids one follow-up spec per small page. These groups define the next practical design lanes.

Group Covered Pages Shared Problem Recommended Later Spec Type Individual Mockup Need Domain-Pattern Sufficiency Priority
App shell / navigation UI-001, UI-002, UI-003, UI-004, UI-010, UI-011 Workspace/environment context and primary next-action hierarchy. Strategic target spec. Yes for overview/dashboard; no for choosers if pattern-covered. Shell/context pattern for chooser states. P0
Customer review workspace UI-037, UI-038, UI-039, UI-040, UI-041, UI-042, UI-043 Customer-safe review planning, proof, pack/export context, and auditor language. Strategic customer-review spec. Yes for UI-038 and review-pack/detail. Review list tables can use pattern coverage. P0
Governance inbox UI-026, UI-028, UI-029, UI-035, UI-036, UI-057, UI-058, UI-061, UI-076 Decision, accepted-risk, drift, and compare surfaces need common evidence grammar. Strategic governance spec. Yes for inbox, decisions, exception detail, compare. Baseline lists/forms can use domain patterns. P0
Operations UI-016, UI-017, UI-018, UI-019, UI-020, UI-021, UI-022, UI-023, UI-024 Operation and alert states need consistent severity, retry, and diagnostic hierarchy. Domain pattern plus strategic operation detail. Yes for operation hub/detail. Alert resources can use table/form/action pattern. P1
Evidence UI-025, UI-044, UI-045, UI-046, UI-047, UI-048, UI-059, UI-060 Evidence, raw payloads, timestamps, provenance, and export context need progressive disclosure. Evidence/audit pattern spec. Yes for evidence overview and stored report detail. Snapshot/report lists can share pattern. P1
Reviews UI-037, UI-039, UI-040, UI-041, UI-042, UI-043 Review planning, progress, evidence packs, and downloads must read as trustworthy artifacts. Review workflow spec. Yes for workspace and detail/export pages. List/create forms can share review pattern. P1
Drift / findings UI-030, UI-031, UI-032, UI-033, UI-034, UI-055, UI-056, UI-057, UI-058, UI-061, UI-063, UI-069, UI-076 Triage, diff, baseline, assignment, and confidence states need unified status language. Strategic drift/findings spec. Yes for finding detail, baseline compare, policy version detail. Findings list/intake/hygiene can share patterns. P0
Backup / restore UI-049, UI-050, UI-051, UI-052, UI-053, UI-054 Backup truth, restore safety, dry-run, confirmation, partial restore, and audit continuity. Strategic safety workflow spec. Yes for backup sets and restore create/view. Schedule list/form can share backup pattern. P0
Provider / onboarding UI-014, UI-015, UI-072, UI-073, UI-074, UI-077, UI-078 Consent, scopes, provider health, required permissions, and disconnected states need trust copy. Provider onboarding/integration spec. Yes for provider connections and create flow. Required permissions and callback flows can be pattern-covered. P1
Inventory UI-062, UI-063, UI-064, UI-065, UI-066, UI-067, UI-068, UI-069, UI-070, UI-071 Raw provider inventory, policy versions, and coverage confidence need clear provenance and disclosure. Inventory pattern spec. Yes for inventory coverage and policy version detail. Standard inventory lists/details can share pattern. P1
Settings / admin UI-007, UI-008, UI-009, UI-013, UI-021, UI-022, UI-023, UI-024, UI-050, UI-075, UI-087, UI-088, UI-089, UI-090 Workspace, alert, backup, and platform settings need RBAC-aware copy and action safety. Admin/settings pattern spec. Yes for workspace management and environment access scopes. Create/edit forms can share settings pattern. P1
Support / diagnostics UI-012, UI-077, UI-080, UI-091, UI-092, UI-093, UI-096, UI-097 Diagnostics and repair tools should support operators without becoming primary customer surfaces. Support/diagnostics pattern spec. Yes for break-glass/repair controls. Runbook/failure/stuck pages can share pattern. P2
Commercial / entitlements UI-008, UI-075 Plan, ownership, entitlement, and lifecycle language need calm precision. Commercial/admin copy pattern. No standalone mockup unless monetization flows expand. Pattern coverage likely sufficient. P2
Auth / access UI-005, UI-006, UI-013, UI-078, UI-079, UI-083, UI-086, UI-097 Login, denial, external auth, delegated RBAC, and break-glass states must be explicit and safe. Auth/access state pattern. Yes only for access scopes and repair owners. Login/denial/callback flows can share state pattern. P1
Global tables / forms / states Cross-cutting all list/create/edit/detail resources Empty, loading, stale, unknown, failed, disconnected, partial, and unauthorized states need one shared grammar. Design-system cleanup spec. No per-page mockups by default. Shared pattern sufficient unless a page is strategic. P0