TenantAtlas/specs/377-post-productization-browser-reaudit-closeout-gate/artifacts/follow-up-roadmap.md
Ahmed Darrazi f806c6773b
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 1m12s
docs: add spec 377 post-productization browser reaudit closeout gate
Added documentation and artifacts for Spec 377 regarding post-productization browser reaudit closeout gate.
2026-06-13 21:48:59 +02:00

33 lines
2.0 KiB
Markdown

# Follow-Up Roadmap
Verification level: `derived from existing implementation` for recommendation scope, `browser-verified` for current browser limitations, and `repo-verified` for predecessor guard/fixture context.
## Must Fix Before Close
None.
Verification class: `derived from existing implementation`.
## Separate Roadmap Follow-Up
| Candidate | Verification class | Why separate | Suggested scope |
|---|---|---|---|
| Manual system-panel browser fixture or documented audit procedure | `not verified` for manual access, `repo-verified` for Spec 376 automated proof | Spec 377 is audit-only and must not add auth routes or fixtures. | Provide a documented manual way to review `/system` and `/system/ops/runs`, or explicitly declare Pest Browser as the supported proof path. |
| Preserve baseline screenshot binaries for future before/after audits | `not available` | Spec 368 scores are present, but historical screenshot binaries are not present in this checkout. | For future audit specs, make screenshot retention part of the artifact checklist. |
## Optional Polish
| Candidate | Verification class | Notes |
|---|---|---|
| Customer/report shell quieting | `browser-verified` | Several customer/auditor pages remain visually inside the full admin shell, but the primary content is customer-safe enough for closeout. |
| Guard count trend reporting | `repo-verified` | Spec 375 guard has warn-mode counts; trend storage and CI hard-fail expansion should remain future work. |
## Not Needed
| Item | Verification class | Reason |
|---|---|---|
| Broad UI refactor in Spec 377 | `repo-verified` | Explicitly out of scope. |
| Runtime route/auth changes | `repo-verified` | Explicitly out of scope and not needed for `closed-with-follow-up`. |
| New fixture creation | `repo-verified` | Explicitly out of scope; existing fixtures were sufficient for 16 current manual captures and Spec 376 automated system proof. |
| Rewriting completed specs | `repo-verified` | Explicitly forbidden by the implementation loop. |