diff --git a/docs/plans/2026-06-11-adminui-disable-login.md.tasks.json b/docs/plans/2026-06-11-adminui-disable-login.md.tasks.json
index 7c088fea..725874d4 100644
--- a/docs/plans/2026-06-11-adminui-disable-login.md.tasks.json
+++ b/docs/plans/2026-06-11-adminui-disable-login.md.tasks.json
@@ -4,15 +4,16 @@
   "branch": "feat/adminui-disable-login",
   "baseBranch": "master",
   "baseSha": "78917673",
-  "status": "pending",
-  "note": "Security:Auth:DisableLogin flag — auto-authenticate AdminUI as multi-role-test with all roles via an AutoLoginAuthenticationHandler registered UNDER the cookie scheme name (so FallbackPolicy + FleetAdmin + DriverOperator keep working unchanged). Enabled in docker-dev central-1/central-2. AdminUI cookie surface only.",
+  "status": "merged-to-master",
+  "mergedSha": "2ad1dbc8",
+  "note": "SHIPPED + merged to master (fast-forward, HEAD 2ad1dbc8; branch deleted). Security:Auth:DisableLogin flag — auto-authenticate AdminUI as multi-role-test with all roles via an AutoLoginAuthenticationHandler registered UNDER the cookie scheme name (so FallbackPolicy + FleetAdmin + DriverOperator keep working unchanged). Enabled in docker-dev central-1/central-2. AdminUI cookie surface only. Live-verified: / loads as multi-role-test (HTTP 200, no /login redirect), FleetAdmin /role-grants 200, loud warning in both node logs. Review caught + fixed a real bug: handler needed no-op IAuthenticationSignInHandler/SignOutHandler or /auth/logout 500s when the flag is on.",
   "tasks": [
-    {"id": 229, "planTask": 0, "subject": "DL-T0: Branch + baseline", "classification": "small", "status": "pending", "blockedBy": []},
-    {"id": 230, "planTask": 1, "subject": "DL-T1: AuthDisableLoginOptions + centralized role list", "classification": "small", "status": "pending", "blockedBy": [229]},
-    {"id": 231, "planTask": 2, "subject": "DL-T2: AutoLoginAuthenticationHandler", "classification": "high-risk", "status": "pending", "blockedBy": [230]},
-    {"id": 232, "planTask": 3, "subject": "DL-T3: Branch AddOtOpcUaAuth on the flag (+ loud warning)", "classification": "high-risk", "status": "pending", "blockedBy": [230, 231]},
-    {"id": 233, "planTask": 4, "subject": "DL-T4: appsettings default + docker-dev enablement", "classification": "small", "status": "pending", "blockedBy": [230], "parallelizableWith": [231, 232]},
-    {"id": 234, "planTask": 5, "subject": "DL-T5: Live-verify (docker-dev /run)", "classification": "verification", "status": "pending", "blockedBy": [232, 233]}
+    {"id": 229, "planTask": 0, "subject": "DL-T0: Branch + baseline", "classification": "small", "status": "completed", "blockedBy": []},
+    {"id": 230, "planTask": 1, "subject": "DL-T1: AuthDisableLoginOptions + centralized role list", "classification": "small", "status": "completed", "commit": "a92ba6a1", "blockedBy": [229]},
+    {"id": 231, "planTask": 2, "subject": "DL-T2: AutoLoginAuthenticationHandler", "classification": "high-risk", "status": "completed", "commit": "caeaae21", "blockedBy": [230]},
+    {"id": 232, "planTask": 3, "subject": "DL-T3: Branch AddOtOpcUaAuth on the flag (+ loud warning)", "classification": "high-risk", "status": "completed", "commit": "82fec753, 2ad1dbc8", "blockedBy": [230, 231]},
+    {"id": 233, "planTask": 4, "subject": "DL-T4: appsettings default + docker-dev enablement", "classification": "small", "status": "completed", "commit": "a27e82c8", "blockedBy": [230], "parallelizableWith": [231, 232]},
+    {"id": 234, "planTask": 5, "subject": "DL-T5: Live-verify (docker-dev /run)", "classification": "verification", "status": "completed", "note": "live-verified on docker-dev 2026-06-11", "blockedBy": [232, 233]}
   ],
   "lastUpdated": "2026-06-11"
 }