From 7ff1263ac017cd6dcb82197e554656671a9f7407 Mon Sep 17 00:00:00 2001 From: Joseph Doherty Date: Fri, 10 Jul 2026 06:47:44 -0400 Subject: [PATCH] =?UTF-8?q?docs(plans):=20deferred-work=20register=20?= =?UTF-8?q?=E2=80=94=20triage=20the=2023-item=20arch-review=20inventory=20?= =?UTF-8?q?into=20fix-now=20(plan-owned)=20vs=20deferred-with-rationale?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Claude-Session: https://claude.ai/code/session_01MtdgwpEeCUn6cUA5f1LMPj --- .../2026-07-08-deferred-work-register.md | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 docs/plans/2026-07-08-deferred-work-register.md diff --git a/docs/plans/2026-07-08-deferred-work-register.md b/docs/plans/2026-07-08-deferred-work-register.md new file mode 100644 index 00000000..9e71443a --- /dev/null +++ b/docs/plans/2026-07-08-deferred-work-register.md @@ -0,0 +1,44 @@ +# Deferred-Work Register (established 2026-07-08, from architecture review 08) + +Single tracked list of consciously-deferred work. Rules: every deferral gets a row +(rationale + revisit trigger); fix-now items reference the archreview plan that owns +them and are removed from this table when that plan's task lands. + +## Fix-now (owned by archreview plans) +| # | Item | Owner | +|---|------|-------| +| 1 | Transport: Area membership doesn't travel in bundles (EntitySerializer.cs:251,518) | PLAN-05 | +| 2 | CLI.Tests not in slnx | PLAN-08 Task 1 | +| 3 | AuditLog reconciliation dials site NodeA only (SiteEnumerator.cs:32,64) | PLAN-04 | +| 4 | Options validation missing on ~12 components | PLAN-08 Tasks 2โ€“5 | +| 5 | SmsConfiguration.MaxRetryCount stored but not honored | PLAN-06 | +| 6 | Role-check case-sensitivity asymmetry (ManagementActor.cs:1910) | PLAN-07 | +| 23 | Vestigial site-side notification-list surface | PLAN-08 Task 6 | + +## Deferred (with rationale + revisit trigger) +| # | Item | Where noted | Rationale for deferral | Revisit trigger | +|---|------|-------------|------------------------|-----------------| +| 7 | SecuredWrite audit rows leave SourceNode NULL | CLAUDE.md Security | Logged follow-up; low-volume channel | First per-node forensic query against secured writes | +| 8 | Hash-chain tamper evidence (T1); CLI verify-chain is a no-op stub | audit-log roadmap :12 | v1.x by locked decision; append-only DB roles are the control | Compliance requirement for cryptographic tamper evidence | +| 9 | Parquet audit archival (T2); endpoint returns 501 | AuditEndpoints.cs:204 | v1.x; 501 + CLI messaging are honest | AuditLog partition volume nears retention ceiling | +| 10 | Aggregated live alarm stream for Alarm Summary | m7 design :252 | Snapshot fan-out acceptable at current instance counts | Alarm Summary latency complaints or >~50 instances/site | +| 11 | Central-persisted OPC UA cert-trust audit | m7 follow-ups | Broadcast-to-both-nodes covers HA | Governance/audit requirement for trust decisions | +| 12 | Native-alarm-source-override CSV import | m7 follow-ups | Parity gap only; attribute CSV shipped | First bulk native-alarm rollout request | +| 13 | WaitForAttribute quality-gated mode | ScriptRuntimeContext.cs:405 | Planned enhancement per spec ยง4.2 | First script needing Good-only waits | +| 14 | WaitForAttribute in Test-Run sandbox | waitfor-deferred :222 | Test-Run parity gap; production unaffected | Author feedback on Test-Run fidelity | +| 15 | BrowseNext final-page signal not surfaced | BrowseCommands.cs:34 | One wasted round-trip | UX complaint on browse paging | +| 16 | StubOpcUaClient throws on browse | m7 design :245 | Limits offline UI coverage only | Next browse/search UI regression | +| 17 | Unified notifications+site-calls outbox page | stillpending :118 | Explicit M9 decision to keep two pages | Operator confusion reports | +| 18 | Folder drag-drop | same, [PERM] | Permanently closed; menu reorder shipped | โ€” (closed) | +| 19 | Bundle signing / cluster-to-cluster pull / differential bundles | transport-design :402 | v1 manifest hash + AES-GCM held sufficient | Non-repudiation requirement across orgs | +| 20 | Deployment EXPIRED-row purge | DeploymentManagerRepository.cs:310 | Read path already compensates | EXPIRED rows visible in ops queries | +| 21 | SiteAuditBacklogReporter threshold consolidation | SiteAuditBacklogReporter.cs:28 | Config-shape cleanup only | Next SqliteAuditWriterOptions change | +| 22 | KPI history hourly rollups | Component-KpiHistory.md | YAGNI; 90-day retention bounds table | KpiSample query latency on dashboards | + +## New deferrals from review 08 (this plan) +| Item | Rationale | Revisit trigger | +|------|-----------|-----------------| +| Communication โ†’ HealthMonitoring layering (ICentralHealthAggregator consumed by CentralCommunicationActor.cs:351) | Moving the interface + SiteHealthState to Commons ripples across 5 projects for a cosmetic inversion | Next breaking change to ICentralHealthAggregator | +| docs/components reference docs for ScriptAnalysis, KpiHistory, DelmiaNotifier | Reference docs are substantial (StyleGuide-conformant); README claim scoped instead (PLAN-08 Task 10) | Next doc-writing session touching those components | +| Test-coverage backfill: SiteCallAudit.Tests (31 tests/1.6k LOC), DeploymentManager.Tests | No defect identified; coverage partly lives in ManagementService/Host/Integration suites | First regression escaping either component | +| Failover-timing + broader perf envelope (S&F drain rate, per-subscriber backpressure) | Needs PLAN-01 two-node rig; placeholder harness shipped (PLAN-08 Task 8) | PLAN-01 rig landing |