38 lines
1.2 KiB
Markdown
38 lines
1.2 KiB
Markdown
# Release Gate: Membership Platform (v1)
|
|
|
|
This gate controls deploy/no-deploy decisions for membership-gated commerce changes.
|
|
|
|
## Gate Categories
|
|
|
|
1. Contract/API compatibility
|
|
2. Conformance vectors
|
|
3. Security checks
|
|
4. Legal/policy checks
|
|
5. Observability checks
|
|
|
|
## Deploy Criteria (All Required)
|
|
|
|
1. `docs/conformance/membership-gating-vectors.md`: all vectors pass.
|
|
2. OpenAPI and implementation remain compatible.
|
|
3. Signature replay tests pass.
|
|
4. Quote expiry tests pass.
|
|
5. Tx mismatch tests pass.
|
|
6. Membership gate blocks non-members in all checkout paths.
|
|
7. Terms/privacy copy still match utility-access framing.
|
|
8. Structured logs and metrics are emitted for each state transition.
|
|
|
|
## No-Deploy Triggers
|
|
|
|
1. Any conformance vector failure.
|
|
2. Any path that allows purchase without active membership.
|
|
3. Any activation path that proceeds with non-active entitlement.
|
|
4. Any missing audit evidence on successful purchase.
|
|
5. Any breaking API change without version bump and migration note.
|
|
|
|
## Evidence Bundle Required for Release
|
|
|
|
1. Test result artifact references.
|
|
2. Contract address/version snapshot.
|
|
3. Policy hash snapshot.
|
|
4. Change summary and rollback plan.
|