From 5492c94e2f806af618fb91d2358ced06f698b96b Mon Sep 17 00:00:00 2001 From: Joseph Doherty Date: Wed, 20 May 2026 22:16:53 -0400 Subject: [PATCH] =?UTF-8?q?docs(audit):=20roadmap=20closeout=20=E2=80=94?= =?UTF-8?q?=20all=208=20milestones=20complete=20(#23)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Audit Log #23 implementation complete. M1-M8 merged to main. Full solution 2,993 tests green, 0 failures. Records final state, the v1.x deferrals (hash chain, Parquet, per-channel retention), and the follow-ups noted during implementation (real gRPC push client, mapper consolidation, Site Calls UI, multi-value filters, grid drag UX). --- .../plans/2026-05-20-audit-log-code-roadmap.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/docs/plans/2026-05-20-audit-log-code-roadmap.md b/docs/plans/2026-05-20-audit-log-code-roadmap.md index aa64509..9483a2b 100644 --- a/docs/plans/2026-05-20-audit-log-code-roadmap.md +++ b/docs/plans/2026-05-20-audit-log-code-roadmap.md @@ -1,5 +1,23 @@ # Audit Log (#23) Code Implementation Roadmap +> **STATUS: COMPLETE — all 8 milestones (M1–M8) implemented and merged to `main` 2026-05-20.** +> Final state: full solution `dotnet build ScadaLink.slnx` clean; `dotnet test ScadaLink.slnx` +> 24 test projects, 2,993 tests, 0 failures, 0 skipped. Each milestone shipped on its own +> `feature/audit-log-mN-*` branch, merged `--no-ff`, with a per-milestone implementation plan +> under `docs/plans/2026-05-20-auditlog-mN-*.md` and downstream roadmap corrections committed +> after each merge. `infra/*` was never touched on any milestone branch. `alog.md` + +> `Component-AuditLog.md` were patched exactly once (M1 vocabulary reconciliation, commit +> `3592e74`, committed before the dependent M1 code merge per the spec-before-code ordering rule). +> +> **Deferred to v1.x (out of scope, intentionally not implemented):** hash-chain tamper +> evidence (`audit verify-chain` ships as a no-op stub), Parquet export (`format=parquet` +> returns HTTP 501), per-channel retention overrides. **Deferred follow-ups noted during +> implementation:** the real site→central gRPC push client (M6 wired the pull RPC + a mockable +> push seam; `NoOpSiteStreamAuditClient` remains the production binding); consolidation of the +> 4 DTO mapper copies; Site Calls UI page + its Audit drill-in; multi-value filter dimensions +> (`AuditLogQueryFilter` is single-value per dimension, so UI chips / CLI flags collapse to the +> first value); audit-results-grid drag resize/reorder UX. +> > **For Claude:** REQUIRED SUB-SKILL FLOW per milestone: `brainstorming` → `writing-plans` → `subagent-driven-development`. Use `docs/requirements/Component-AuditLog.md` + `alog.md` as the spec; this document is the roadmap that sequences milestones and locks acceptance criteria for each. **M1 carries full TDD-level task detail; M2–M8 are milestone-shape detail and will be expanded into bite-sized plans by their own writing-plans pass when their turn comes.** **Goal:** Implement central component #23 Audit Log — append-only forensic + operational record across every script-trust-boundary action — into the existing ScadaLink codebase.