edut/web
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Update roadmap status with strict secretapi hardening and split-repo blocker

Browse Source
This commit is contained in:
Joshua 2026-02-18 07:14:00 -08:00
parent fd2f8413aa
commit 84f942d168
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/roadmap-status.md
View File

@ -54,12 +54,16 @@ Implemented now:
25. Owner-gated admin/support model documented in API contracts, terms, and conformance vectors. 25. Owner-gated admin/support model documented in API contracts, terms, and conformance vectors.
26. Local backend implementation (`web/backend/secretapi`) now serves membership endpoints, governance install/lease endpoints, sponsor-aware payer flow, and deterministic integration tests. 26. Local backend implementation (`web/backend/secretapi`) now serves membership endpoints, governance install/lease endpoints, sponsor-aware payer flow, and deterministic integration tests.
27. Local backend member app channel endpoints now serve deterministic register/unregister, poll, idempotent ack, and owner-only support ticket flows with sqlite-backed event/audit state. 27. Local backend member app channel endpoints now serve deterministic register/unregister, poll, idempotent ack, and owner-only support ticket flows with sqlite-backed event/audit state.
28. Membership confirm now supports strict fail-closed mode (`SECRET_API_REQUIRE_ONCHAIN_TX_VERIFICATION`) that requires chain receipt verification when enabled.
29. `secretapi` now validates critical config at startup and fails fast on invalid deploy combinations.
30. `secretapi` now ships an explicit `.env.example` deployment template aligned to current endpoint/runtime requirements.
Remaining in this repo: Remaining in this repo:
1. Wire live store checkout flow to production marketplace APIs when available. 1. Wire live store checkout flow to production marketplace APIs when available.
2. Replace deployment templates with real contract addresses after chain deployment. 2. Replace deployment templates with real contract addresses after chain deployment.
3. Add launcher/governance install UI that consumes governance installer APIs. 3. Add launcher/governance install UI that consumes governance installer APIs.
4. Publish `launcher`, `governance`, and `contracts` split repos to Gitea once PAT/credential-helper auth is available in this environment.
Cross-repo dependencies (kernel/backend/contracts): Cross-repo dependencies (kernel/backend/contracts):