Skip to content

audit: ship-gate research package (Phases 1–2)#56

Merged
MartinMontero merged 2 commits into
mainfrom
audit/ship-gate-v1
Jul 11, 2026
Merged

audit: ship-gate research package (Phases 1–2)#56
MartinMontero merged 2 commits into
mainfrom
audit/ship-gate-v1

Conversation

@MartinMontero

Copy link
Copy Markdown
Owner

What does this PR do?

The SHIP-effort Phase 1–2 research package, stopped at the mandated gate: audit/AUDIT.md (ranked findings + executed baselines), BACKLOG.md (consolidated ledger + the six gate questions), DESIGN.md (direction + self-critique), audit/screens/ (39 before-screenshots, 13 flows × 3 widths), audit/shoot.mjs (the screenshot tool). Zero product-code changes — the diff is docs + audit tooling under audit/ only. Base confirmed: current remote main (0f61600); this branch is 0f61600 + 2 doc commits.

SHIP-GATE-R1 answers

2a — Backlog sources swept. Consolidated: GitHub issues/PRs via API (0 open / 0 open), repo grep (TODO/FIXME/HACK/XXX), docs-vs-reality diff (README, ROADMAP, CLAUDE.md, runbook, admin spec, TRANSLATIONS, mobile docs), CI workflow inventory, the design kill-list audit, and the stack-currency check. QA-REMEDIATE-v1 and PANEL-RESPEC-v2 are NOT consolidated and are named explicitly as such (BACKLOG.md §D2): both have zero matches anywhere in this repository (grep verified) — they live outside the repo. They are out-of-scope until you supply their contents, at which point they merge into BACKLOG.md as their own section. No silent third backlog: D10 (console) is fenced to token-compliance-only precisely so nothing here preempts PANEL-RESPEC-v2.

2b — P0 #3 reclassified. CLI jargon in the checker verdict is now P1-15 (audit/AUDIT.md amended in this PR). The prompt's ladder puts security/broken/policy at P0; a copy-register defect is UX. The initial P0 overreached; not defended.

2c — G3 mechanics. CI already scopes correctly, in two layers: npm run enforce runs all over --catalog src/content/docs/catalog --recipes src/content/docs/recipes (never touches enforcement/), and verify.yml:42-43 already dogfoods Layers 1–2 with --tree . on the whole repo, green. Only Layer 3 (provider-strings) full-tree is unsatisfiable by construction, because it would scan the denylist's own definitions. Exact exempt paths: enforcement/excluded-organizations.yaml, enforcement/excluded-provider-signals.yaml, enforcement/tests/** (negative fixtures). Verified: zero Layer-3 hits anywhere else in the tree. Therefore: DoD-prose fix, no engine-level exemption — the criterion becomes "Layers 1–2 pass --tree . (CI-enforced); Layer 3 passes on every path outside the three enumerated ones." An engine exemption flag would weaken the engine for cosmetics; declined.

2d — DoD reconciliation. Agreed: one full DoD reconciliation section lands in PLAN.md (Phase 3, post-ruling) rather than line patches — it will restate every DoD item against current topology (Workers + static assets via Workers Builds, not Pages; run_worker_first: ["/api/*"]; wrangler ratelimits GA). The Pages→Workers README drift is already in the E-list as E4; CLAUDE.md's "Cloudflare Pages" phrasing joins it in the same cleanup.

2e — "Admin" surface disambiguated (DESIGN.md §5 amended in this PR): the design row means /console/ — token-compliance of the existing auth screens only (raw hex → tokens, .btn/.field; CSP-standalone and English register unchanged). No feature-room design for the console in this effort — that waits for PANEL-RESPEC-v2. /admin/ (Sveltia CMS) is vendored third-party, barely themeable by design, and explicitly out of design scope.

Provisional rulings — acknowledged

  • G5 (Astro 7 out): noted, reflected in BACKLOG C5.
  • G4 (archive via git mv + reference updates in the same commit): noted for Phase 3. One correction from verification: docs/CONTEXT-MANIFEST.md does not exist in this repository (no manifest-named file is tracked). The rider will be executed against CLAUDE.md plus any real referencing file found at execution time; if you expected CONTEXT-MANIFEST.md to exist, that's a separate drift item to add.
  • G3: refined per 2c above — wording now names paths.
  • G1, G2, G6: held for your reading, as ruled.

Required checks

  • No product code in the diff (docs + audit/ only)
  • Baselines executed and recorded in audit/AUDIT.md (verify:all 352/352 green; full-tree enforcement analysis as per 2c)
  • npm run enforce unaffected (no dependency or engine changes)

🤖 Generated with Claude Code

https://claude.ai/code/session_01LVPyHAtQ1cdK76RpFasafP


Generated by Claude Code

claude added 2 commits July 11, 2026 08:21
Read-only research for the backlog-ship + design-elevation effort, stopped at
the mandated gate. audit/AUDIT.md: ranked P0/P1/P2 findings with file:line
evidence and executed baselines (verify:all 352/352 green; full-tree
enforcement hits are exclusively the engine's own definitions/fixtures — zero
product-code hits). audit/screens/: 39 screenshots, 13 flows x 3 widths.
BACKLOG.md: consolidated ledger (GitHub 0 open items verified; docs-vs-reality
diff; CI inventory; design kill-list) with scope proposals and the six gate
questions. DESIGN.md: extend the existing civic-workshop identity; the receipt
as the signature element; per-surface targets, kill-list mapping, asset plan,
budgets, self-critique.

No product code changed. Root AUDIT.md/PLAN.md (completed Goose-pivot records)
left untouched pending gate question G4.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01LVPyHAtQ1cdK76RpFasafP
…ce console scope, name external backlogs

- audit/AUDIT.md: CLI-jargon-in-verdict reclassified P0->P1-15 per the
  prompt's severity ladder; G3 baseline refined with the verified fact that
  CI already dogfoods Layers 1-2 full-tree (verify.yml:42-43) — only Layer 3
  full-tree is unsatisfiable; exact exempt paths enumerated.
- DESIGN.md: 'admin' surface disambiguated — /console/ token-compliance of
  existing auth screens ONLY; /admin/ (Sveltia, vendored third-party) out of
  design scope; feature-room console design waits for PANEL-RESPEC-v2.
- BACKLOG.md: QA-REMEDIATE-v1 and PANEL-RESPEC-v2 named as external backlogs
  with zero in-repo matches — explicitly not consolidated, out-of-scope until
  the owner supplies their contents. No silent third backlog.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01LVPyHAtQ1cdK76RpFasafP
@cloudflare-workers-and-pages

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
✅ Deployment successful!
View logs
wecanjustbuildthings d78fc97 Jul 11 2026, 09:24 AM

@MartinMontero
MartinMontero merged commit 44f2a82 into main Jul 11, 2026
14 checks passed
@MartinMontero
MartinMontero deleted the audit/ship-gate-v1 branch July 11, 2026 09:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants