mirror of
https://github.com/affaan-m/everything-claude-code.git
synced 2026-05-20 11:19:58 +08:00
Sync billing gate env-file evidence (#2021)
This commit is contained in:
Affaan Mustafa
@@ -50,10 +50,20 @@ partner/sponsor funnel, consulting/talk funnel, and social launch plan.
|
||||
into this repo as `30f60710d4e0424fc70d9bbdc105009db141d9d8`. The post-merge
|
||||
main CI run `26135974576` completed green across lint, coverage, security,
|
||||
validation, and the full OS/package-manager matrix.
|
||||
- ECC PR #2020 merged the selected-target announcement-gate mirror as
|
||||
`c2471fe5c535310f8a8008c9ed7ea9f6757b33f2`. The post-merge main CI run
|
||||
`26136949698` completed green across lint, coverage, security, validation,
|
||||
and the full OS/package-manager matrix.
|
||||
- ECC-Tools PR #90 added the selected-target official announcement gate for
|
||||
`billing:announcement-gate -- --select-ready-target`; safe production
|
||||
preflight no longer requires a raw GitHub login and now blocks only on the
|
||||
local/internal `INTERNAL_API_SECRET` input before live execution.
|
||||
- ECC-Tools PR #91 added `--env-file` support to both billing gate scripts so
|
||||
ignored local operator credential files can supply `INTERNAL_API_SECRET`,
|
||||
Cloudflare auth, Wrangler auth mode, or target fallbacks without printing
|
||||
secret contents. Verify, Security Audit, and Workers Builds passed before
|
||||
merge as `72119a1`, and main CI run `26137280847` completed successfully after
|
||||
merge.
|
||||
- Linear ITO-54 and the ECC Platform Roadmap now have the May 20 ECC-Tools
|
||||
hosted observability update comments
|
||||
`74dcc101-3be5-4173-be13-62b80d54f569` and
|
||||
@@ -70,6 +80,8 @@ partner/sponsor funnel, consulting/talk funnel, and social launch plan.
|
||||
Pro release-gate comments `467d148a-712a-4777-aad9-95593e9f1739` and
|
||||
`7642ee9c-3107-400c-a229-53e2895a8914`, recording ECC-Tools #89, ECC #2019,
|
||||
the green post-merge CI run, and the remaining internal bearer-token gate.
|
||||
The repo mirror now also records ECC-Tools #90 and #91 as the selected-target
|
||||
announcement gate and billing gate env-file operator-path follow-up.
|
||||
|
||||
## 2026-05-19 Delta
|
||||
|
||||
@@ -498,6 +510,13 @@ As of 2026-05-20:
|
||||
local/internal `INTERNAL_API_SECRET` bearer token. Native-payments copy remains
|
||||
blocked until that token path is available and the live
|
||||
`billing:announcement-gate -- --select-ready-target` call passes.
|
||||
- ECC-Tools PR #91 merged as `72119a1acc6f5a0cd3bb5d90afd6e87fd1fefd05`
|
||||
after Verify, Security Audit, and Workers Builds passed. It adds the billing
|
||||
gate env-file operator path with `--env-file` support for the announcement
|
||||
gate and KV readback scripts, plus sentinel tests proving loaded secrets and
|
||||
account logins are not printed. The local May 20 live recheck still found no
|
||||
usable `INTERNAL_API_SECRET`, and Wrangler readback still failed with
|
||||
Cloudflare auth code `10000`; no native-payments announcement is unblocked.
|
||||
- Handoff `ecc-supply-chain-audit-20260513-0645.md` under
|
||||
`~/.cluster-swarm/handoffs/`
|
||||
records the May 13 supply-chain sweep: no active lockfile/manifest hit for
|
||||
@@ -909,13 +928,13 @@ is not complete unless the evidence column exists and has been freshly verified.
|
||||
| Manage repository discussions | Repo-family discussion recheck plus response playbook | Platform audit reports 0 discussion maintainer-touch gaps and 0 answerable Q&A missing accepted answers; trunk has 59 total discussions after #2003 was routed with a maintainer response; `docs/architecture/discussion-response-playbook.md` distinguishes support, maintainer coordination, stale/concluded, release, informational, and security-sensitive response paths | Complete |
|
||||
| Manage PR discussions | PR review/comment closure plus merge/close state | ECC #1990-#2013 merged through the harness audit, canonical identity, release video suite, growth outreach, evidence refresh, visual QA, suite-count, owner-approval packet, owner-approval dashboard gate, Linear readiness evidence, supply-chain evidence gate, per-project Claude Code adapter, continuous-learning project-registry hygiene, GateGuard quoted git introspection, and deterministic release-approval gate batch; ECC-Tools #79 and JARVIS #15/#16 also merged; no open tracked PRs remain | Complete |
|
||||
| Salvage useful stale work | `docs/stale-pr-salvage-ledger.md` plus `docs/legacy-artifact-inventory.md` | Ledger records salvaged, superseded, skipped, and manual-review tails; #1815-#1818 added cost tracking, skill scout, frontend design guidance, code-reviewer false-positive guardrails, and the May 12 gap pass; #1687, #1609, #1563, #1564, and #1565 localization tails are attached to Linear ITO-55 for language-owner review and no automatic import remains release-blocking | Complete; repeat legacy scan before release |
|
||||
| ECC 2.0 preview pack ready | Release docs, quickstart, publication readiness, release notes | `docs/releases/2.0.0-rc.1/` and readiness docs are in-tree; May 19/20 evidence records queue-zero state, canonical ECC identity, release video suite, growth outreach pack, owner approval packet, local 2568-test suite, PR #2001 merge and GitHub Actions run `26102500291`, PR #2002 owner-approval dashboard gate refresh and GitHub Actions run `26103853507`, PR #2004 Linear readiness evidence sync and GitHub Actions run `26105012698`, PR #2008 supply-chain evidence gate CI run `26108473648`, post-PR #2006 main CI run `26109953093`, PR #2009 project-registry hygiene GitHub Actions run `26111313938`, post-PR #2009 main CI run `26111946778`, post-PR #2011 GateGuard main CI run `26113695068`, post-PR #2013 release-approval main CI run `26128749863`, post-PR #2019 main CI run `26135974576`, May 20 operator dashboard, `owner-approval-packet-2026-05-19.md`, `release-approval-gate.js`, and preview-pack smoke digest `eebb8a66c33e` | Needs final release approval |
|
||||
| ECC 2.0 preview pack ready | Release docs, quickstart, publication readiness, release notes | `docs/releases/2.0.0-rc.1/` and readiness docs are in-tree; May 19/20 evidence records queue-zero state, canonical ECC identity, release video suite, growth outreach pack, owner approval packet, local 2568-test suite, PR #2001 merge and GitHub Actions run `26102500291`, PR #2002 owner-approval dashboard gate refresh and GitHub Actions run `26103853507`, PR #2004 Linear readiness evidence sync and GitHub Actions run `26105012698`, PR #2008 supply-chain evidence gate CI run `26108473648`, post-PR #2006 main CI run `26109953093`, PR #2009 project-registry hygiene GitHub Actions run `26111313938`, post-PR #2009 main CI run `26111946778`, post-PR #2011 GateGuard main CI run `26113695068`, post-PR #2013 release-approval main CI run `26128749863`, post-PR #2019 main CI run `26135974576`, post-PR #2020 main CI run `26136949698`, ECC-Tools #91 main CI run `26137280847`, May 20 operator dashboard, `owner-approval-packet-2026-05-19.md`, `release-approval-gate.js`, and preview-pack smoke digest `eebb8a66c33e` | Needs final release approval |
|
||||
| Hermes specialized skills included safely | Hermes setup/import docs and sanitized skill surface | Hermes setup and import playbook are public; secrets stay local | Needs final release review |
|
||||
| Naming and rename readiness | Naming matrix across package/plugin/docs/social surfaces | `docs/releases/2.0.0-rc.1/naming-and-publication-matrix.md` records current package, repo, Claude plugin, Codex plugin, OpenCode, and npm availability evidence | Complete for rc.1; post-rc rename remains future work |
|
||||
| Claude and Codex plugin publication | Contact/submission path with required artifacts and status | Publication readiness, naming matrix, and May 12 dry-run evidence document plugin validation, clean-checkout Claude tag/install smoke, and Codex marketplace CLI shape | Needs explicit approval for real tag/push and marketplace submission |
|
||||
| Articles, tweets, and announcements | X thread, LinkedIn copy, GitHub release copy, push checklist, partner/sponsor/talk pack | Draft launch collateral and approval-gated outreach copy exist under rc.1 release docs | Needs URL-backed refresh and human approval before posting or sending |
|
||||
| AgentShield enterprise iteration | Policy gates, SARIF, packs, provenance, corpus, HTML reports, exception lifecycle audit, baseline drift Action/CLI surfaces, evidence-pack redaction, harness adapter registry, editor-native Zed/VS Code adapter coverage, Dependabot alert closure, enterprise research roadmap, supply-chain hardened release path, CI-safe baseline fingerprints, corpus accuracy recommendations, remediation workflow phases, env proxy hijack corpus coverage, Mini Shai-Hulud full-campaign package IOCs, CI-provenance evidence packs, plugin-cache runtime-confidence triage, evidence-pack consumer readback, fleet-level evidence-pack routing, fleet review items, fleet review ticket payloads, checksum-backed policy export, checksum-verified policy promotion, policy promotion review items, package-manager hardening drift detection, npm age-gate guidance correction, workflow action-runtime pin refresh, package-manager hardening Action outputs, policy-promotion Action outputs, ECC-Tools hosted consumption of promotion Action outputs, ECC-Tools operator-visible promotion output values, and ECC-Tools hosted promotion judge audit traces | PRs #53, #55-#64, #67-#69, #78-#92, #94, and #95 landed with test evidence, ECC-Tools #76 consumes the fleet-summary output in hosted security review, #77 surfaces source evidence paths in hosted finding output, and #78 links fleet routes to harness owner review; AgentShield #91 adds `agentshield policy export` bundles for branch-protection review and downstream promotion; AgentShield #92 adds `agentshield policy promote` with digest verification, tamper rejection, explicit pack selection, dry-run review, and JSON output before writing active policy; AgentShield #94 adds Zed/VS Code adapter detection, `.zed/settings.json` and `.zed/tasks.json` scan discovery, and `.zed/setup.mjs` AI-tool persistence IOC coverage; AgentShield #95 clears the `brace-expansion` Dependabot alert with a patched lockfile and 0 open Dependabot alerts after merge; AgentShield commit `87aec47` adds `reviewItems` for digest evidence, owner review, protected rollout PR handoff, and runtime smoke testing with green local and remote CI; AgentShield commit `28d08c7` adds package-manager hardening drift detection for plaintext registry credentials, lifecycle-script enablement, and weak pnpm/Yarn release-age cooldowns with green local and remote CI; AgentShield commit `659f569` refreshes all workflow action runtime pins to SHA-pinned checkout v6.0.2 and setup-node v6.4.0 with green remote CI and no remaining action-runtime deprecation annotation; AgentShield commit `ee585cd` corrects npm release-age guidance by flagging unsupported npm age keys and keeping enforceable cooldown findings on pnpm/Yarn with green local and remote CI; AgentShield commit `1124535` exposes package-manager hardening status/count outputs and a redacted job-summary section for registry credentials, lifecycle scripts, and release-age gates with green local and remote CI; AgentShield commit `1593925` exposes policy-promotion status/count/digest outputs plus job-summary review items for owner approval, protected rollout, and runtime smoke, and marks runtime smoke verified when the same Action job scans with the promoted policy; AgentShield commit `840952a` adds Linear/operator-ready fleet review ticket payloads and expands current Mini Shai-Hulud IOC breadcrumbs with green local and remote CI; ECC-Tools commit `8658951` routes those policy-promotion Action outputs into hosted security review findings and Hosted Promotion Readiness scoring; ECC-Tools commit `16c537f` renders policy-promotion status, pack, review item count, action-required count, and digest in hosted security job comments/check-runs; ECC-Tools commit `05d4e82` renders hosted promotion judge request fingerprints and allowed-citation counts without raw provider output; native PDF export deferred in favor of self-contained HTML plus print-to-PDF until explicit enterprise demand appears; `docs/architecture/agentshield-enterprise-research-roadmap.md` now has baseline drift, evidence-pack bundle, redaction, adapter-registry, supply-chain hardening, hashed baseline fingerprints, corpus accuracy recommendation, remediation workflow, env proxy hijack corpus, Mini Shai-Hulud full-campaign package-table, `ci-context.json` provenance, `plugin-cache` confidence, `evidence-pack inspect` readback, `evidence-pack fleet` routing, fleet `reviewItems`, fleet review ticket payloads, policy export, policy promotion, policy promotion `reviewItems`, package-manager hardening Action outputs, policy-promotion Action outputs, hosted consumption of promotion Action outputs, operator-visible promotion output values, hosted promotion judge audit traces, editor-native adapter coverage, and Dependabot closure landed | Next workflow automation should deepen live operator approval/readback after Marketplace/payment gates |
|
||||
| ECC Tools next-level app | Billing audit, PR checks, deep analyzer, sync backlog, evaluator/RAG corpus, hosted promotion judge audit trace, native-payments readback, ready Marketplace Pro target selection, selected-target announcement gate, hosted observability, AgentShield fleet-summary hosted routing, hosted finding evidence paths, harness-route policy linking, policy-promotion Action-output hosted telemetry, and operator-visible promotion output values | PRs #26-#43 plus #53-#90 landed with test evidence across hosted analysis, hosted promotion readiness, model-judge execution, native-payments announcement gating, AgentShield evidence consumption, hosted remediation/Linear sync, hosted observability readback, ready Marketplace Pro target selection, and selected-target official announcement gating; ECC-Tools #89 merged as `512bca6` after Verify, Security Audit, and Workers Builds passed, and the 2026-05-20 production Wrangler OAuth readback found ready-like Marketplace Pro records with webhook provenance, selected a target with both key families, and reported 0 blockers without printing the login; ECC-Tools #90 merged as `16a5bb3` after Verify, Security Audit, and Workers Builds passed, and production preflight now requests `/api/billing/readiness?selectReadyTarget=1` without a raw login | Next work is obtain or rotate the local/internal `INTERNAL_API_SECRET` bearer-token path, then run the live selected-target billing announcement gate before publishing native-payments copy |
|
||||
| ECC Tools next-level app | Billing audit, PR checks, deep analyzer, sync backlog, evaluator/RAG corpus, hosted promotion judge audit trace, native-payments readback, ready Marketplace Pro target selection, selected-target announcement gate, billing gate env-file operator path, hosted observability, AgentShield fleet-summary hosted routing, hosted finding evidence paths, harness-route policy linking, policy-promotion Action-output hosted telemetry, and operator-visible promotion output values | PRs #26-#43 plus #53-#91 landed with test evidence across hosted analysis, hosted promotion readiness, model-judge execution, native-payments announcement gating, AgentShield evidence consumption, hosted remediation/Linear sync, hosted observability readback, ready Marketplace Pro target selection, selected-target official announcement gating, and env-file operator loading; ECC-Tools #89 merged as `512bca6` after Verify, Security Audit, and Workers Builds passed, and the 2026-05-20 production Wrangler OAuth readback found ready-like Marketplace Pro records with webhook provenance, selected a target with both key families, and reported 0 blockers without printing the login; ECC-Tools #90 merged as `16a5bb3` after Verify, Security Audit, and Workers Builds passed, and production preflight now requests `/api/billing/readiness?selectReadyTarget=1` without a raw login; ECC-Tools #91 merged as `72119a1` with `--env-file` support for ignored local billing credentials and sentinel no-secret/no-login output tests | Next work is obtain or rotate the local/internal `INTERNAL_API_SECRET` bearer-token path, via exported env or ignored `--env-file`, then run the live selected-target billing announcement gate before publishing native-payments copy |
|
||||
| GitGuardian/Dependabot/CodeRabbit-style checks | Non-blocking taxonomy, deterministic follow-up checks, and local supply-chain gates | ECC-Tools risk taxonomy check plus follow-up signals landed, including Skill Quality, Deep Analyzer Evidence, Analyzer Corpus Evidence, RAG/Evaluator Evidence, PR Review/Salvage Evidence, and AgentShield evidence-pack evidence; #1846 added npm registry signature gates; #1848 added the supply-chain incident-response playbook and `pull_request_target` cache-poisoning validator guard; #1851 added the privileged checkout credential-persistence guard; AgentShield #78, JARVIS #13, and ECC-Tools #53 applied the same hardening outside trunk | Current supply-chain gate complete; deeper hosted review features remain future |
|
||||
| Harness-agnostic learning system | Audit, adapter matrix, observability, traces, promotion loop | Audit/adapters/observability gates plus `docs/architecture/evaluator-rag-prototype.md`, `examples/evaluator-rag-prototype/`, and ECC-Tools PR #40 define read-only stale-salvage, billing-readiness, CI-failure-diagnosis, harness-config-quality, AgentShield policy-exception, skill-quality evidence, deep-analyzer evidence, and RAG/evaluator comparison scenarios with trace, report, playbook, verifier, and predictive-check artifacts; ECC-Tools PRs #68-#72 now turn that corpus into a deterministic PR check-run gate with cached hosted-output scoring, ranked retrieval candidates, a model prompt seed, a fail-closed hosted model-judge request contract, and opt-in live model execution behind strict hosted-evidence gates | Deterministic hosted PR check, cached output scoring, retrieval planning, judge contract, and gated model execution integrated |
|
||||
| Linear roadmap is detailed | Linear project document/comments plus repo mirror | Repo mirror exists and issue creation works again; the May 19 sync adds post-PR #2002 document `ecc-may-19-post-pr-2002-sync-64cef8f668e0`, project comment `a6411e3a-8c8e-4a58-adba-687e77d4c543`, ITO-44/47/48/49/51/54/56 issue comments, and In Progress state for ITO-47, ITO-48, ITO-49, ITO-51, ITO-54, and ITO-56; the late-pass batch adds document `ecc-may-19-late-queue-zero-and-release-gate-sync-1c26f65e6b3f`, project comment `d42bf0e2-7a8e-4934-9f3f-e281498ee805`, and ITO-44/50/54/56/61 comments for PR #2013, ECC-Tools #79, and JARVIS #15/#16 because project status updates are disabled in the workspace | Needs recurring document/comment updates after each significant merge batch |
|
||||
@@ -939,7 +958,7 @@ repo evidence and merge commits.
|
||||
| Harness OS core | Audit, adapter matrix, observability docs, `ecc2/` | HUD/session-control acceptance spec | Weekly until GA |
|
||||
| Evaluation and RAG | Reference-set validation, harness audit, traces, ECC-Tools corpus | Read-only evaluator/RAG prototype plus stale-salvage, billing-readiness, CI-failure-diagnosis, harness-config-quality, AgentShield policy-exception, skill-quality evidence, deep-analyzer evidence, and RAG/evaluator comparison fixtures; ECC-Tools #68 publishes the corpus as a hosted promotion readiness check-run, #69 scores cached hosted job outputs against the same corpus, #70 emits ranked retrieval candidates plus a model prompt seed, #71 adds a fail-closed hosted model-judge request contract, and #72 executes that judge only when explicitly enabled and backed by hosted retrieval citations; ECC-Tools `16c537f` surfaces policy-promotion Action output values in hosted security comments/checks; ECC-Tools `05d4e82` adds hosted model-judge audit traces with request fingerprints and allowed-citation counts | Marketplace Pro billing-state verification with webhook provenance |
|
||||
| AgentShield enterprise | AgentShield PR evidence and roadmap notes | Fleet routing landed in #89 after evidence-pack inspect/readback shipped in #88; #90 emits fleet `reviewItems`; #91 exports checksum-backed policy bundles; #92 promotes checksum-verified policies from those bundles into active policy files; #94 adds Zed and VS Code adapter detection, Zed project scan discovery, and `.zed/setup.mjs` persistence IOC coverage; #95 closes the `brace-expansion` Dependabot alert with 0 open alerts after merge; AgentShield `87aec47` adds policy promotion `reviewItems`; `28d08c7` adds package-manager hardening drift detection; `659f569` refreshes workflow action runtime pins; `ee585cd` corrects unsupported npm release-age guidance and keeps enforceable cooldown findings on pnpm/Yarn; `1124535` exposes package-manager hardening Action outputs for CI/hosted routing; `1593925` exposes policy-promotion Action outputs and runtime-smoke job-summary evidence; `840952a` adds fleet review ticket payloads and current Mini Shai-Hulud IOC breadcrumbs; ECC-Tools #76 consumes fleet summaries, #77 surfaces source evidence paths in hosted findings, #78 links fleet routes to harness owners, ECC-Tools `8658951` consumes policy-promotion Action outputs, and ECC-Tools `16c537f` renders operator-visible output values | Deepen live operator approval/readback after Marketplace/payment gates |
|
||||
| ECC Tools app | ECC-Tools PR evidence, billing audit, risk taxonomy, evaluator/RAG corpus | ECC-Tools #53 published the supply-chain workflow hardening branch, #54 tracks copy-ready PR drafts in the Linear/project backlog, #55 classifies analysis-depth readiness, #56 exposes the hosted execution plan, #57 executes the first hosted CI diagnostics job, #58 executes the hosted security evidence review job, #59 executes the hosted harness compatibility audit, #60 executes the hosted reference-set evaluation, #61 executes the hosted AI routing/cost review, #62 executes hosted team backlog routing, #63 publishes the hosted depth-plan check-run, #64 dispatches hosted jobs from PR comments, #65 persists hosted result history/check-runs, #66 exposes hosted job status from PR comments, #67 makes depth-plan recommendations cache-aware, #68 publishes hosted promotion readiness from the evaluator/RAG corpus, #69 scores cached hosted job outputs against that corpus, #70 emits ranked retrieval candidates plus a model prompt seed, #71 emits the gated `hosted-promotion-judge.v1` contract without live model calls, #72 adds opt-in live model-judge execution behind hosted-evidence and strict JSON/citation gates, #73 adds a fail-closed native-payments `announcementGate` to billing readiness, #74 adds `npm run billing:announcement-gate` for operator verification, #75 tightens the billing announcement gate for live Marketplace readback, #76 routes AgentShield fleet-summary evidence into hosted security findings, #77 adds source evidence paths to hosted finding output, #78 links AgentShield fleet target paths to hosted harness owner findings, `8658951` routes AgentShield policy-promotion Action outputs into hosted security review and promotion readiness, `16c537f` renders policy-promotion status/pack/count/digest values in hosted security comments/checks, `05d4e82` renders hosted promotion judge request fingerprints plus allowed-citation audit traces, `91a441b` adds billing announcement preflight output for required readback inputs, `eb69412` records the initial production readback state, `95d0bec` adds aggregate `billing:kv-readback` evidence, `2859678` requires Marketplace webhook provenance in billing readiness, `42653f9` adds Wrangler OAuth readback with live aggregate production counts, `632e059` adds sanitized target-account billing readback for the exact Marketplace test account, ECC-Tools #89 adds selected-ready-target KV readback, and ECC-Tools #90 adds selected-target official announcement gating without raw login input | Obtain or rotate the local/internal `INTERNAL_API_SECRET` bearer-token path, then run the live selected-target billing announcement gate |
|
||||
| ECC Tools app | ECC-Tools PR evidence, billing audit, risk taxonomy, evaluator/RAG corpus | ECC-Tools #53 published the supply-chain workflow hardening branch, #54 tracks copy-ready PR drafts in the Linear/project backlog, #55 classifies analysis-depth readiness, #56 exposes the hosted execution plan, #57 executes the first hosted CI diagnostics job, #58 executes the hosted security evidence review job, #59 executes the hosted harness compatibility audit, #60 executes the hosted reference-set evaluation, #61 executes the hosted AI routing/cost review, #62 executes hosted team backlog routing, #63 publishes the hosted depth-plan check-run, #64 dispatches hosted jobs from PR comments, #65 persists hosted result history/check-runs, #66 exposes hosted job status from PR comments, #67 makes depth-plan recommendations cache-aware, #68 publishes hosted promotion readiness from the evaluator/RAG corpus, #69 scores cached hosted job outputs against that corpus, #70 emits ranked retrieval candidates plus a model prompt seed, #71 emits the gated `hosted-promotion-judge.v1` contract without live model calls, #72 adds opt-in live model-judge execution behind hosted-evidence and strict JSON/citation gates, #73 adds a fail-closed native-payments `announcementGate` to billing readiness, #74 adds `npm run billing:announcement-gate` for operator verification, #75 tightens the billing announcement gate for live Marketplace readback, #76 routes AgentShield fleet-summary evidence into hosted security findings, #77 adds source evidence paths to hosted finding output, #78 links AgentShield fleet target paths to hosted harness owner findings, `8658951` routes AgentShield policy-promotion Action outputs into hosted security review and promotion readiness, `16c537f` renders policy-promotion status/pack/count/digest values in hosted security comments/checks, `05d4e82` renders hosted promotion judge request fingerprints plus allowed-citation audit traces, `91a441b` adds billing announcement preflight output for required readback inputs, `eb69412` records the initial production readback state, `95d0bec` adds aggregate `billing:kv-readback` evidence, `2859678` requires Marketplace webhook provenance in billing readiness, `42653f9` adds Wrangler OAuth readback with live aggregate production counts, `632e059` adds sanitized target-account billing readback for the exact Marketplace test account, ECC-Tools #89 adds selected-ready-target KV readback, ECC-Tools #90 adds selected-target official announcement gating without raw login input, and ECC-Tools #91 adds `--env-file` support for ignored local billing credentials without printing secrets or logins | Obtain or rotate the local/internal `INTERNAL_API_SECRET` bearer-token path, via exported env or ignored `--env-file`, then run the live selected-target billing announcement gate |
|
||||
| Linear progress | Linear project status updates, `docs/architecture/progress-sync-contract.md`, generated `operator:dashboard` output, and this mirror | Status update with queue/evidence/missing gates | Every significant merge batch |
|
||||
|
||||
The project status update should always include:
|
||||
@@ -1201,9 +1220,10 @@ Acceptance:
|
||||
ECC-Tools commit `42653f9` adds Wrangler OAuth KV readback and confirms the
|
||||
current blocker is not Cloudflare read access; it is the absence of a
|
||||
ready-like Marketplace Pro billing-state record with webhook provenance.
|
||||
ECC-Tools commit `632e059` adds sanitized target-account readback, so the
|
||||
final operator gate should verify the exact Marketplace test account without
|
||||
printing its login or raw KV key names.
|
||||
ECC-Tools commit `632e059` adds sanitized target-account readback, and PRs
|
||||
#89/#90/#91 move the final operator path to selected-target readback,
|
||||
selected-target announcement gating, and ignored env-file credential loading
|
||||
without printing account logins or raw KV key names.
|
||||
ECC-Tools PR #79 redacts the billing announcement gate account output;
|
||||
PR #80 requires failure reasons in runtime receipts; PRs #81/#82 preserve
|
||||
and render AgentShield fleet approval IDs; PR #83 makes Linear follow-up
|
||||
@@ -1213,9 +1233,10 @@ Acceptance:
|
||||
hosted status comments and hosted depth-plan check-runs; and PR #88 exposes
|
||||
authenticated hosted observability API readback for operator dashboards.
|
||||
2. Run `npm run billing:announcement-gate -- --preflight
|
||||
--select-ready-target`, then run the same command without `--preflight` and
|
||||
require `announcementGate.ready === true` before any native GitHub payments
|
||||
announcement.
|
||||
--select-ready-target`, adding `--env-file /path/to/ecc-tools.env` when the
|
||||
local bearer token is stored in an ignored operator file, then run the same
|
||||
command without `--preflight` and require `announcementGate.ready === true`
|
||||
before any native GitHub payments announcement.
|
||||
3. Enable/configure the merged Linear backlog sync path after workspace issue
|
||||
capacity clears or the Linear workspace is upgraded, then verify PR-draft
|
||||
salvage items land in the expected project.
|
||||
|
||||
@@ -56,7 +56,7 @@ Reason:
|
||||
| Claude marketplace | `.claude-plugin/marketplace.json` points at `ecc` and the public repo | Verify marketplace update/install path after tag exists | External marketplace propagation not verified |
|
||||
| Codex plugin | `codex plugin marketplace` supports local and Git marketplace sources; `.codex-plugin/plugin.json` is present; `.agents/plugins/marketplace.json` exposes `ecc` from the repo root; temp-home local and GitHub-ref marketplace adds passed | Publish rc.1 docs with the repo-marketplace command, then monitor OpenAI's official Plugin Directory path | Do not claim official Plugin Directory listing before OpenAI submission evidence |
|
||||
| OpenCode package | `.opencode/package.json` builds from source and ships inside npm package | Re-run `npm run build:opencode` and package dry-run from release commit | OpenCode CLI 1.2.21 does not expose a separate plugin publication command in this pass |
|
||||
| ECC Tools billing claim | README and launch copy mention ECC Tools / marketplace context | ECC-Tools #73 adds `/api/billing/readiness` `announcementGate`; run it against a Marketplace-managed test account before any payment announcement | Billing announcement code gate exists; live Marketplace account readback still pending |
|
||||
| ECC Tools billing claim | README and launch copy mention ECC Tools / marketplace context | ECC-Tools #89/#90/#91 add selected-target billing readback, selected-target announcement gating, and ignored `--env-file` support for the bearer-token path; run the live selected-target gate before any payment announcement | Billing announcement code gate exists; live selected-target announcement readback still pending |
|
||||
| Social and longform copy | X thread, LinkedIn copy, article outline, GitHub release copy exist | Replace any stale URLs, then publish only after release/npm/plugin URLs work | Public URLs not final until release actions complete |
|
||||
|
||||
## ITO-46 Blocker Register
|
||||
@@ -71,7 +71,7 @@ Reason:
|
||||
| Codex repo marketplace | Local and GitHub-ref temp-home marketplace add smokes passed on Codex CLI `0.131.0` | `.codex-plugin/plugin.json`, `.agents/plugins/marketplace.json`, repo/personal marketplace evidence | Plugin owner | Official Plugin Directory listing requires OpenAI submission/listing evidence |
|
||||
| Codex official Plugin Directory | OpenAI docs describe the curated official directory; ECC has not submitted or received listing evidence | Directory submission link or OpenAI approval path once available | Plugin owner | Track as an ITO-56/ITO-46 follow-up; do not claim an official listing |
|
||||
| OpenCode package | `npm run build:opencode` passed | Built `.opencode` package metadata inside npm tarball | Package owner | No separate public plugin channel identified; follows npm |
|
||||
| Billing/native payments | Marketplace Pro target readback and selected-target announcement preflight passed; live announcement remains blocked by ITO-61 | 2026-05-20 selected-target readback, webhook provenance, selected-target announcement gate, `INTERNAL_API_SECRET`, live announcement gate | ECC Tools owner | Do not include native-payments claim in rc.1 announcement until the live selected-target gate passes |
|
||||
| Billing/native payments | Marketplace Pro target readback, selected-target announcement preflight, and env-file operator path are implemented; live announcement remains blocked by ITO-61 | 2026-05-20 selected-target readback, webhook provenance, selected-target announcement gate, ECC-Tools #91 `--env-file` support, `INTERNAL_API_SECRET`, live announcement gate | ECC Tools owner | Do not include native-payments claim in rc.1 announcement until the live selected-target gate passes |
|
||||
| Social/longform copy | Drafts exist | Final live GitHub, npm, Claude, Codex, billing URLs | Release owner | Publish only after release/package/plugin URLs exist |
|
||||
|
||||
## Package Rename After rc.1
|
||||
|
||||
@@ -2,8 +2,8 @@
|
||||
|
||||
This dashboard is generated by `npm run operator:dashboard`. It is an operator snapshot, not release approval.
|
||||
|
||||
Generated: 2026-05-20T01:57:18.637Z
|
||||
Commit: 59ac4b4a6a3d750326b81ca4e2c22c54ddb5ad5a
|
||||
Generated: 2026-05-20T02:29:26.959Z
|
||||
Commit: 4d3113dd1d40dbc87a5baa351867e50891538220
|
||||
Status: work remaining
|
||||
|
||||
## Current Status
|
||||
@@ -42,7 +42,7 @@ Growth lanes: GitHub Sponsors and OSS partner sponsors; ECC Tools Pro subscripti
|
||||
| Produce the ECC 2.0 release video suite | docs/releases/2.0.0-rc.1/video-suite-production.md and npm run release:video-suite | current | video-suite gate is ready with 15/15 source assets, 13/13 suite artifacts, 12/12 publish candidates, primary self-eval, and zero detected black-frame segments recorded in May 19 evidence | final owner approval, upload, and public video URLs remain approval-gated |
|
||||
| Prepare sponsor, partner, consulting, podcast, talk, and Discussion copy | docs/releases/2.0.0-rc.1/partner-sponsor-talks-pack.md | in_progress | sponsor outbound, platform partner DM, consulting intro, talk/podcast pitch, GitHub Discussion announcement, CTA hooks, and do-not-send gate are drafted | replace final URLs after publication gates, then get explicit approval before outbound or personal-account posts |
|
||||
| Advance AgentShield enterprise iteration | AgentShield PR evidence plus enterprise roadmap | in_progress | AgentShield policy promotion `reviewItems` landed in `87aec47`; package-manager hardening drift detection landed in `28d08c7`; workflow action runtime pins were refreshed in `659f569`; npm age-gate guidance was corrected in `ee585cd`; package-manager hardening Action outputs landed in `1124535`; policy-promotion Action outputs and runtime-smoke job-summary evidence landed in `1593925`; fleet review ticket payloads and current Mini Shai-Hulud IOC breadcrumbs landed in `840952a`; ECC-Tools consumes those outputs in `8658951`, surfaces operator-readable status/pack/count/digest telemetry in `16c537f`, and renders hosted promotion judge audit traces in `05d4e82`; all are mirrored in the GA roadmap | deepen live operator approval/readback after Marketplace/payment gates |
|
||||
| Advance ECC Tools native payments and AI-native harness-agnostic app | ECC Tools PR evidence, billing gate, hosted analysis lanes | in_progress | billing announcement gate, selected-target announcement gate, hosted analysis lanes, AgentShield fleet-summary consumption, hosted finding evidence paths, harness-route policy linking, policy-promotion Action-output telemetry, operator-visible promotion output details, hosted promotion judge audit traces, billing announcement preflight, aggregate production billing KV readback, Wrangler OAuth readback, target-account billing readback, provenance-aware Marketplace billing-state gates, sanitized Marketplace plan/action provenance counts, ready Marketplace Pro target selection, hosted team-learning feedback controls, and ECC-Tools Dependabot alert remediation are mirrored in the GA roadmap | obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, then run the live selected-target billing announcement gate before publishing native-payments copy |
|
||||
| Advance ECC Tools native payments and AI-native harness-agnostic app | ECC Tools PR evidence, billing gate, hosted analysis lanes | in_progress | billing announcement gate, selected-target announcement gate, billing gate env-file operator path, hosted analysis lanes, AgentShield fleet-summary consumption, hosted finding evidence paths, harness-route policy linking, policy-promotion Action-output telemetry, operator-visible promotion output details, hosted promotion judge audit traces, billing announcement preflight, aggregate production billing KV readback, Wrangler OAuth readback, target-account billing readback, provenance-aware Marketplace billing-state gates, sanitized Marketplace plan/action provenance counts, ready Marketplace Pro target selection, hosted team-learning feedback controls, and ECC-Tools Dependabot alert remediation are mirrored in the GA roadmap | obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, via exported env or ignored --env-file, then run the live selected-target billing announcement gate before publishing native-payments copy |
|
||||
| Audit, prune, or attach legacy work | docs/stale-pr-salvage-ledger.md and legacy inventory | current | legacy salvage ledger and inventory are current; all localization tails are attached to Linear ITO-55 for manual language-owner review | repeat legacy scan before release |
|
||||
| Keep Linear roadmap detailed and progress tracking synchronized | Linear project mirror plus progress-sync contract | current | Linear live sync is current with the May 20 Marketplace Pro release-gate comments on ITO-61 and the ECC platform roadmap; progress-sync contract defines the file-backed work-items/status path | repeat Linear/project status update and local work-items sync after each significant merge batch |
|
||||
| Provide ECC 2.0 observability for self-use | observability readiness gate | complete | observability:ready command and readiness doc exist | runtime/dashboard implementation can continue after release gates |
|
||||
@@ -54,7 +54,7 @@ Growth lanes: GitHub Sponsors and OSS partner sponsors; ECC Tools Pro subscripti
|
||||
- `release-notes-and-notifications`: final live release/npm/plugin/billing URLs and publish approval still pending
|
||||
- `partner-sponsor-talks-pack`: replace final URLs after publication gates, then get explicit approval before outbound or personal-account posts
|
||||
- `agentshield-enterprise-iteration`: deepen live operator approval/readback after Marketplace/payment gates
|
||||
- `ecc-tools-next-level`: obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, then run the live selected-target billing announcement gate before publishing native-payments copy
|
||||
- `ecc-tools-next-level`: obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, via exported env or ignored --env-file, then run the live selected-target billing announcement gate before publishing native-payments copy
|
||||
|
||||
## Next Work Order
|
||||
|
||||
@@ -63,4 +63,4 @@ Growth lanes: GitHub Sponsors and OSS partner sponsors; ECC Tools Pro subscripti
|
||||
3. Review the owner-approved primary launch video candidates, choose the final cuts, upload after approval, and attach public video URLs to the release pack.
|
||||
4. Replace final release, npm, plugin, billing, and video URLs in the partner/sponsor/talk pack, then get explicit approval before outbound.
|
||||
5. Repeat ITO-57 Linear/project status sync after the next significant merge batch or advisory-source refresh.
|
||||
6. Obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, then run the live selected-target billing announcement gate before publishing native-payments copy.
|
||||
6. Obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, via exported env or ignored --env-file, then run the live selected-target billing announcement gate before publishing native-payments copy.
|
||||
|
||||
@@ -26,11 +26,11 @@ surfaces, or posting announcements.
|
||||
| `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-16.md` | Current May 16/17 queue cleanup, recsys skill merge, GateGuard triage, PR #1947 supply-chain protection, AgentShield #87 plugin-cache confidence evidence, AgentShield #88 evidence-pack inspect/readback, AgentShield #89 evidence-pack fleet routing, AgentShield #90 fleet review items, AgentShield #91 policy export, AgentShield #92 policy promotion, ECC-Tools #76 fleet-summary consumption, ECC-Tools #77 hosted finding evidence paths, ECC-Tools #78 harness policy-route linking, dashboard refresh, and combined Node/Rust/release-surface gate evidence through the May 16 mirror | Must still be repeated from a strict clean checkout before real publication |
|
||||
| `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-17.md` | May 17 queue-zero state, Japanese localization merge, Dependabot TypeScript and Node type merges, post-merge ja-JP lint repair, Mini Shai-Hulud/TanStack protection recheck, npm audit/signature checks, legacy and Linear progress routing, deterministic preview-pack smoke, operator dashboard refresh, Linear sync, and GitHub CI evidence for `27dc2918` | Superseded by the May 18 evidence snapshot; repeat from a strict clean checkout before real publication |
|
||||
| `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-18.md` | May 18 queue-zero state, #1970/#1971/#1972 merge batch, #1978 review/closure, supply-chain recheck, AgentShield evidence mirror, Linear sync, current-head CI/security scan success for `4470e2e6`, and ITO-46 naming/plugin publication closure | Superseded by the May 19 ECC identity, video, and growth evidence snapshot |
|
||||
| `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-19.md` | Current May 19/20 evidence for canonical ECC identity, release video suite, partner/sponsor/talk outreach pack, owner approval packet, release approval gate, May 20 operator dashboard, preview-pack smoke digest `eebb8a66c33e`, 2568-test local suite, PR #1998 visual QA CI success, PR #1999 dashboard evidence CI success, PR #2000 suite-count evidence success, PR #2001 owner approval packet CI success, PR #2002 owner-approval dashboard gate CI success, PR #2004 Linear readiness evidence sync CI success, PR #2008 supply-chain evidence gate CI success, post-PR #2006 main CI success, PR #2009 project-registry hygiene CI success, post-PR #2009 main CI success, post-PR #2011 GateGuard CI success, post-PR #2013 release-approval-gate CI success, PR #2017/#2018 AgentShield evidence sync, ECC-Tools #79 billing-announcement redaction hardening, ECC-Tools #80-#89 runtime-receipt, AgentShield approval-ID, Linear sync, remediation sync, hosted observability event/status/depth-plan/API readback, Marketplace Pro selected-target readback, AgentShield #94 Zed/VS Code adapter coverage, AgentShield #95 Dependabot alert closure, JARVIS #15/#16 queue/deploy repair, ECC #2019 Marketplace Pro release-gate sync, and the May 19/20 Linear sync comments | Current strongest readiness snapshot; must still be repeated from a strict clean checkout before real publication |
|
||||
| `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-19.md` | Current May 19/20 evidence for canonical ECC identity, release video suite, partner/sponsor/talk outreach pack, owner approval packet, release approval gate, May 20 operator dashboard, preview-pack smoke digest `eebb8a66c33e`, 2568-test local suite, PR #1998 visual QA CI success, PR #1999 dashboard evidence CI success, PR #2000 suite-count evidence success, PR #2001 owner approval packet CI success, PR #2002 owner-approval dashboard gate CI success, PR #2004 Linear readiness evidence sync CI success, PR #2008 supply-chain evidence gate CI success, post-PR #2006 main CI success, PR #2009 project-registry hygiene CI success, post-PR #2009 main CI success, post-PR #2011 GateGuard CI success, post-PR #2013 release-approval-gate CI success, PR #2017/#2018 AgentShield evidence sync, ECC-Tools #79 billing-announcement redaction hardening, ECC-Tools #80-#91 runtime-receipt, AgentShield approval-ID, Linear sync, remediation sync, hosted observability event/status/depth-plan/API readback, Marketplace Pro selected-target readback, selected-target announcement gate, env-file billing operator path, AgentShield #94 Zed/VS Code adapter coverage, AgentShield #95 Dependabot alert closure, JARVIS #15/#16 queue/deploy repair, ECC #2019/#2020 Marketplace Pro gate sync, and the May 19/20 Linear sync comments | Current strongest readiness snapshot; must still be repeated from a strict clean checkout before real publication |
|
||||
| `docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-17.md` | Previous prompt-to-artifact operator dashboard | Superseded by the May 18 generated dashboard |
|
||||
| `docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-18.md` | Previous prompt-to-artifact operator dashboard | Superseded by the May 19 generated dashboard |
|
||||
| `docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-19.md` | Previous prompt-to-artifact operator dashboard | Superseded by the May 20 generated dashboard |
|
||||
| `docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-20.md` | Current prompt-to-artifact operator dashboard | Shows PR/issue/discussion/platform/supply-chain gates current and adds the current `$1,728/mo` to `$10,000/mo` hypergrowth, video owner-approval, Linear release-gate sync, and outbound-pack operating lanes |
|
||||
| `docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-20.md` | Current prompt-to-artifact operator dashboard | Shows PR/issue/discussion/platform/supply-chain gates current and adds the current `$1,728/mo` to `$10,000/mo` hypergrowth, video owner-approval, Linear release-gate sync, selected-target billing gate, env-file bearer-token path, and outbound-pack operating lanes |
|
||||
| `docs/releases/2.0.0-rc.1/owner-approval-packet-2026-05-19.md` | Final human decision sheet for release, package, plugin, video, billing, social, and outbound approvals | Must be reviewed by the owner before any publication or outbound action |
|
||||
| `docs/releases/2.0.0-rc.1/release-url-ledger-2026-05-19.md` | Live URL and approval-gated URL ledger for release copy | Must be regenerated from the final release commit before public announcements |
|
||||
| `docs/releases/2.0.0-rc.1/video-suite-production.md` | Release video production manifest | Gates local media inventory, rough primary render, captions, timeline, self-eval, and no-private-path publication rules |
|
||||
@@ -112,8 +112,10 @@ surfaces exist and are recorded in a final evidence file:
|
||||
availability status;
|
||||
- final announcement URLs in X, LinkedIn, GitHub release, and longform copy;
|
||||
- ECC Tools billing/product readiness evidence, the local/internal announcement
|
||||
bearer-token path, and a live selected-target announcement gate pass before any
|
||||
native-payments announcement copy is published.
|
||||
bearer-token path through exported env or ignored `--env-file`, usable
|
||||
Cloudflare/Wrangler auth for repeat KV evidence, and a live selected-target
|
||||
announcement gate pass before any native-payments announcement copy is
|
||||
published.
|
||||
|
||||
## Result
|
||||
|
||||
|
||||
@@ -8,9 +8,9 @@ social announcement.
|
||||
|
||||
| Field | Evidence |
|
||||
| --- | --- |
|
||||
| Upstream main | `30f60710d4e0424fc70d9bbdc105009db141d9d8` |
|
||||
| Upstream main | `c2471fe5c535310f8a8008c9ed7ea9f6757b33f2` |
|
||||
| Git remote | `https://github.com/affaan-m/ECC.git` |
|
||||
| Evidence scope | Current `main` after PR #1990 harness-audit GitHub integration scoring, PR #1991 canonical ECC identity gate, PR #1992 release video-suite gate, PR #1993 growth outreach pack, PR #1994 May 19 publication evidence refresh, PR #1995 operator dashboard refresh, PR #1996 primary render self-eval gate, PR #1997 publish-candidate gate, PR #1998 visual QA gate, PR #1999 video dashboard evidence refresh, PR #2000 suite-count evidence refresh, PR #2001 owner approval packet addition, PR #2002 owner approval dashboard gate refresh, PR #2004 Linear readiness evidence sync, PR #2005 post-PR #2004 evidence refresh, PR #2008 release supply-chain evidence gate fix, PR #2006 per-project Claude Code adapter, PR #2009 continuous-learning project registry hygiene fix, PR #2011 GateGuard quoted git introspection fix, PR #2013 deterministic release approval gate, PR #2017 AgentShield adapter evidence sync, PR #2018 AgentShield Dependabot evidence sync, ECC-Tools #80-#89 hosted observability/readback and Marketplace Pro selected-target batch, AgentShield #94 Zed/VS Code adapter coverage, AgentShield #95 Dependabot alert closure, and PR #2019 Marketplace Pro release-gate sync |
|
||||
| Evidence scope | Current `main` after PR #1990 harness-audit GitHub integration scoring, PR #1991 canonical ECC identity gate, PR #1992 release video-suite gate, PR #1993 growth outreach pack, PR #1994 May 19 publication evidence refresh, PR #1995 operator dashboard refresh, PR #1996 primary render self-eval gate, PR #1997 publish-candidate gate, PR #1998 visual QA gate, PR #1999 video dashboard evidence refresh, PR #2000 suite-count evidence refresh, PR #2001 owner approval packet addition, PR #2002 owner approval dashboard gate refresh, PR #2004 Linear readiness evidence sync, PR #2005 post-PR #2004 evidence refresh, PR #2008 release supply-chain evidence gate fix, PR #2006 per-project Claude Code adapter, PR #2009 continuous-learning project registry hygiene fix, PR #2011 GateGuard quoted git introspection fix, PR #2013 deterministic release approval gate, PR #2017 AgentShield adapter evidence sync, PR #2018 AgentShield Dependabot evidence sync, ECC-Tools #80-#91 hosted observability/readback, Marketplace Pro selected-target, selected-target announcement gate, and env-file operator-path batch, AgentShield #94 Zed/VS Code adapter coverage, AgentShield #95 Dependabot alert closure, PR #2019 Marketplace Pro release-gate sync, and PR #2020 selected-target announcement gate sync |
|
||||
| Local status caveat | `git status --short --branch` was clean after pulling `origin/main`; generated evidence files are committed after the source snapshot they describe |
|
||||
|
||||
The release operator must repeat all publish-facing checks from the exact final
|
||||
@@ -61,6 +61,7 @@ Tracked repositories in the platform audit were:
|
||||
| PR #2017 | Merged the AgentShield #94 evidence mirror as `906e06406e95742944ccb05065f95a7e4dd4a036`, syncing roadmap, publication evidence, preview-pack manifest, and supply-chain incident-response surfaces after full GitHub CI passed |
|
||||
| PR #2018 | Merged the AgentShield #95 Dependabot evidence mirror as `68b4e45145968acd52e68d900f8422061ed7f4a2`, syncing the roadmap, publication evidence, and preview-pack manifest after full PR CI passed |
|
||||
| PR #2019 | Merged the Marketplace Pro selected-target release-gate sync as `30f60710d4e0424fc70d9bbdc105009db141d9d8`, updating the roadmap, publication evidence, naming matrix, preview manifest, and operator dashboard after full PR CI passed |
|
||||
| PR #2020 | Merged the selected-target announcement gate sync as `c2471fe5c535310f8a8008c9ed7ea9f6757b33f2`, updating the roadmap, publication evidence, naming matrix, preview manifest, release URL ledger, platform audit surfaces, and operator dashboard after full PR CI passed |
|
||||
|
||||
## Post-Queue-Zero Sync - 2026-05-19 Late Pass
|
||||
|
||||
@@ -95,10 +96,14 @@ Tracked repositories in the platform audit were:
|
||||
| ECC-Tools #89 | PR #89 merged as `512bca6b99cdaa67058a6aa9a4e7e7f0b1d9873a` after Verify, Security Audit, and Workers Builds passed. It added `billing:kv-readback -- --select-ready-target --require-ready`, allowing operators to select a ready Marketplace Pro target internally without passing or printing the login. |
|
||||
| Live production readback | The 2026-05-20 Wrangler OAuth readback found ready-like Marketplace Pro records with webhook provenance, selected a target with both key families, seat and webhook readiness, no overage, and 0 blockers, with account details redacted. The old missing Marketplace Pro target-state blocker is cleared. |
|
||||
| ECC #2019 | PR #2019 merged as `30f60710d4e0424fc70d9bbdc105009db141d9d8`, syncing the selected-target readback evidence into the GA roadmap, rc.1 publication evidence, naming matrix, preview manifest, and operator dashboard. |
|
||||
| Post-merge main CI | GitHub Actions run `26135974576` completed successfully on `main` for `30f60710d4e0424fc70d9bbdc105009db141d9d8` across lint, coverage, security, validation, and the full OS/package-manager matrix. |
|
||||
| ECC-Tools #90 | PR #90 merged as `16a5bb33ee5ce7c31d2ad8d041e5afac03308f05` after Verify, Security Audit, and Workers Builds passed. It added the selected-target official announcement gate through `/api/billing/readiness?selectReadyTarget=1` and `npm run billing:announcement-gate -- --select-ready-target`, keeping the raw account login out of command logs. |
|
||||
| ECC #2020 | PR #2020 merged as `c2471fe5c535310f8a8008c9ed7ea9f6757b33f2`, syncing ECC-Tools #90 into the roadmap, publication evidence, naming matrix, preview manifest, publication readiness, release URL ledger, platform audit surfaces, and operator dashboard. |
|
||||
| ECC-Tools #91 | PR #91 merged as `72119a1acc6f5a0cd3bb5d90afd6e87fd1fefd05` after Verify, Security Audit, and Workers Builds passed. It added `--env-file` to the billing announcement and KV readback scripts for ignored local operator credential files, with tests proving sentinel secrets and account logins are not printed. |
|
||||
| May 20 live gate recheck | `npm run billing:announcement-gate -- --preflight --select-ready-target` exited 2 with only `INTERNAL_API_SECRET` missing. `npm run billing:kv-readback -- --wrangler --select-ready-target --require-ready` exited 1 with Cloudflare auth code `10000` on this machine. No live announcement gate passed. |
|
||||
| Post-merge main CI | ECC GitHub Actions runs `26135974576` and `26136949698` completed successfully on `main` for `30f60710d4e0424fc70d9bbdc105009db141d9d8` and `c2471fe5c535310f8a8008c9ed7ea9f6757b33f2` across lint, coverage, security, validation, and the full OS/package-manager matrix. ECC-Tools main CI run `26137280847` completed successfully for `72119a1acc6f5a0cd3bb5d90afd6e87fd1fefd05` across Verify, Security Audit, and Workers Builds. |
|
||||
| Post-merge local gates | `npm run platform:audit -- --json` returned ready true with 0 PRs, 0 issues, 0 discussion gaps, and 0 dirty blockers; `npm run preview-pack:smoke -- --format json` returned ready true with digest `531328aaaa53` before the May 20 dashboard rollover and `eebb8a66c33e` after adding the May 20 dashboard artifact; `git diff --check HEAD~1..HEAD` was clean. |
|
||||
| Linear roadmap sync | Linear ITO-61 comment `467d148a-712a-4777-aad9-95593e9f1739` and ECC Platform Roadmap project comment `7642ee9c-3107-400c-a229-53e2895a8914` record ECC-Tools #89, ECC #2019, the green post-merge CI run, and the remaining internal bearer-token gate. |
|
||||
| Remaining blocker | Native-payments announcement copy remains blocked until the local/internal `INTERNAL_API_SECRET` bearer-token path is available and `npm run billing:announcement-gate -- --select-ready-target` returns ready for the selected Marketplace Pro target. |
|
||||
| Linear roadmap sync | Linear ITO-61 comment `467d148a-712a-4777-aad9-95593e9f1739` and ECC Platform Roadmap project comment `7642ee9c-3107-400c-a229-53e2895a8914` record ECC-Tools #89, ECC #2019, the green post-merge CI run, and the remaining internal bearer-token gate; Linear ITO-44 comment `a9297467-208a-41e4-8dbb-35f0dad5fe2b`, ITO-56 comment `5008b70b-cf98-43cd-a8d4-f098ba9b9780`, ITO-61 comment `5ebf0aaf-e2d3-4537-878f-484f49dcf87a`, and project reply `1c74a3d0-f8ca-4306-997e-a37c53d49f97` record the ECC #2020 selected-target announcement-gate sync and remaining bearer-token/live-gate blocker. |
|
||||
| Remaining blocker | Native-payments announcement copy remains blocked until the local/internal `INTERNAL_API_SECRET` bearer-token path is available via exported env or ignored `--env-file`, Cloudflare/Wrangler auth is usable for repeat KV evidence, and `npm run billing:announcement-gate -- --select-ready-target` returns ready for the selected Marketplace Pro target. |
|
||||
|
||||
## Release And Growth Evidence
|
||||
|
||||
@@ -127,7 +132,9 @@ Tracked repositories in the platform audit were:
|
||||
| Post-PR #2011 main CI | GitHub Actions run `26113695068` | Completed successfully with 37 completed jobs, 0 failed jobs, and `main` advanced to `14d88e517b0c56a80c1a6392b1cde2474948d29f` |
|
||||
| Post-PR #2013 main CI | GitHub Actions run `26128749863` | Completed successfully with `main` advanced to `9819626459a662773be7d0b1c18d82c1316b8c36` |
|
||||
| Post-PR #2019 main CI | GitHub Actions run `26135974576` | Completed successfully with `main` advanced to `30f60710d4e0424fc70d9bbdc105009db141d9d8` |
|
||||
| Linear sync | Linear document `ecc-may-19-post-pr-2002-sync-64cef8f668e0` plus project comment `a6411e3a-8c8e-4a58-adba-687e77d4c543`; late-pass document `ecc-may-19-late-queue-zero-and-release-gate-sync-1c26f65e6b3f` plus project comment `d42bf0e2-7a8e-4934-9f3f-e281498ee805`; May 20 ITO-61 comment `467d148a-712a-4777-aad9-95593e9f1739` plus project comment `7642ee9c-3107-400c-a229-53e2895a8914` | Project and issue lanes record PR #2002 evidence, discussion #2003 routing, owner-approval dashboard gate, and In Progress status for ITO-47, ITO-48, ITO-49, ITO-51, ITO-54, and ITO-56; the late-pass sync attaches PR #2013, ECC-Tools #79, and JARVIS #15/#16 evidence to ITO-44, ITO-50, ITO-54, ITO-56, and ITO-61; the May 20 sync attaches ECC-Tools #89 and ECC #2019 Marketplace Pro selected-target evidence to ITO-61 and the project |
|
||||
| Post-PR #2020 main CI | GitHub Actions run `26136949698` | Completed successfully with `main` advanced to `c2471fe5c535310f8a8008c9ed7ea9f6757b33f2` |
|
||||
| ECC-Tools #91 main CI | GitHub Actions run `26137280847` | Completed successfully on ECC-Tools `main` with `72119a1acc6f5a0cd3bb5d90afd6e87fd1fefd05` after the env-file billing gate support merged |
|
||||
| Linear sync | Linear document `ecc-may-19-post-pr-2002-sync-64cef8f668e0` plus project comment `a6411e3a-8c8e-4a58-adba-687e77d4c543`; late-pass document `ecc-may-19-late-queue-zero-and-release-gate-sync-1c26f65e6b3f` plus project comment `d42bf0e2-7a8e-4934-9f3f-e281498ee805`; May 20 ITO-61 comment `467d148a-712a-4777-aad9-95593e9f1739` plus project comment `7642ee9c-3107-400c-a229-53e2895a8914`; May 20 ITO-44 comment `a9297467-208a-41e4-8dbb-35f0dad5fe2b`, ITO-56 comment `5008b70b-cf98-43cd-a8d4-f098ba9b9780`, ITO-61 comment `5ebf0aaf-e2d3-4537-878f-484f49dcf87a`, and project reply `1c74a3d0-f8ca-4306-997e-a37c53d49f97` | Project and issue lanes record PR #2002 evidence, discussion #2003 routing, owner-approval dashboard gate, and In Progress status for ITO-47, ITO-48, ITO-49, ITO-51, ITO-54, and ITO-56; the late-pass sync attaches PR #2013, ECC-Tools #79, and JARVIS #15/#16 evidence to ITO-44, ITO-50, ITO-54, ITO-56, and ITO-61; the May 20 sync attaches ECC-Tools #89/#90, ECC #2019/#2020 Marketplace Pro selected-target and selected-target announcement-gate evidence, and the remaining env-file/bearer-token gate to ITO-44, ITO-56, ITO-61, and the project |
|
||||
| Public-path sanitization | `node scripts/ci/validate-no-personal-paths.js` through local suite and CI | Passed |
|
||||
| Markdown and whitespace | `markdownlint` focused release docs plus `git diff --check` before PR #1999 | Passed |
|
||||
|
||||
@@ -141,8 +148,8 @@ Tracked repositories in the platform audit were:
|
||||
| Growth proof | `partner-sponsor-talks-pack.md` provides approval-gated copy for sponsors, partners, consulting, talks, podcasts, GitHub Discussion, and video CTAs |
|
||||
| Owner approval proof | `owner-approval-packet-2026-05-19.md` centralizes release, package, plugin, video, billing, social, and outbound decision gates |
|
||||
| Business baseline | Hypergrowth command center and partner pack use `$1,728/mo` current MRR, `$10,000/mo` target MRR, and `$8,272/mo` gap |
|
||||
| Operator dashboard | `operator-readiness-dashboard-2026-05-19.md` pulls the growth baseline into the same queue, publication, video, outbound, AgentShield, ECC Tools, Linear, and supply-chain control surface |
|
||||
| Linear progress proof | Linear project document `ecc-may-19-post-pr-2002-sync-64cef8f668e0` mirrors the post-PR #2002 state and records active lanes for launch materials, AgentShield, ECC Tools deep analysis, observability, and final release publication; Linear document `ecc-may-19-late-queue-zero-and-release-gate-sync-1c26f65e6b3f` adds the PR #2013 approval gate, ECC-Tools #79 redaction hardening, and JARVIS #15/#16 queue/deploy repair evidence; May 20 Linear comments `74dcc101-3be5-4173-be13-62b80d54f569`, `348ea8f5-2a2d-46d9-a0fe-ed99653e7fe5`, `291e2a4b-06e3-4672-a057-cdb141478161`, `b2d35de0-ca49-44cb-982a-ddec229e7691`, `faed69dd-35f5-469d-acb5-ddde6a70d6a1`, `70187c1e-d481-4181-b418-09bd65d54b5e`, `371fc3e4-611f-4d20-a23f-67db1260b418`, `bd06e252-15c1-4256-b667-caa3f64f5968`, and `22c2c388-2fd1-4dea-a939-6141f40c9a21` add ECC-Tools #86/#87/#88 hosted observability readback evidence, AgentShield #94 adapter evidence, and AgentShield #95 Dependabot alert closure to ITO-54, ITO-49, ITO-57, and the project |
|
||||
| Operator dashboard | `operator-readiness-dashboard-2026-05-20.md` pulls the growth baseline into the same queue, publication, video, outbound, AgentShield, ECC Tools billing/env-file gate, Linear, and supply-chain control surface |
|
||||
| Linear progress proof | Linear project document `ecc-may-19-post-pr-2002-sync-64cef8f668e0` mirrors the post-PR #2002 state and records active lanes for launch materials, AgentShield, ECC Tools deep analysis, observability, and final release publication; Linear document `ecc-may-19-late-queue-zero-and-release-gate-sync-1c26f65e6b3f` adds the PR #2013 approval gate, ECC-Tools #79 redaction hardening, and JARVIS #15/#16 queue/deploy repair evidence; May 20 Linear comments `74dcc101-3be5-4173-be13-62b80d54f569`, `348ea8f5-2a2d-46d9-a0fe-ed99653e7fe5`, `291e2a4b-06e3-4672-a057-cdb141478161`, `b2d35de0-ca49-44cb-982a-ddec229e7691`, `faed69dd-35f5-469d-acb5-ddde6a70d6a1`, `70187c1e-d481-4181-b418-09bd65d54b5e`, `371fc3e4-611f-4d20-a23f-67db1260b418`, `bd06e252-15c1-4256-b667-caa3f64f5968`, `22c2c388-2fd1-4dea-a939-6141f40c9a21`, `a9297467-208a-41e4-8dbb-35f0dad5fe2b`, `5008b70b-cf98-43cd-a8d4-f098ba9b9780`, `5ebf0aaf-e2d3-4537-878f-484f49dcf87a`, and `1c74a3d0-f8ca-4306-997e-a37c53d49f97` add ECC-Tools hosted observability readback evidence, AgentShield adapter evidence, AgentShield Dependabot alert closure, and Marketplace selected-target announcement-gate evidence to ITO-44, ITO-49, ITO-54, ITO-56, ITO-57, ITO-61, and the project |
|
||||
|
||||
## Current Publication Blockers
|
||||
|
||||
@@ -154,14 +161,18 @@ Tracked repositories in the platform audit were:
|
||||
official Plugin Directory publishing remains blocked on OpenAI submission or
|
||||
listing evidence.
|
||||
- ECC Tools billing/native-payments copy remains blocked until the
|
||||
local/internal `INTERNAL_API_SECRET` bearer-token path is available and the
|
||||
live `billing:announcement-gate -- --select-ready-target` check passes.
|
||||
local/internal `INTERNAL_API_SECRET` bearer-token path is available via
|
||||
exported env or ignored `--env-file`, Cloudflare/Wrangler auth is usable for
|
||||
repeat KV evidence, and the live `billing:announcement-gate --
|
||||
--select-ready-target` check passes.
|
||||
ECC-Tools PR #89 (`512bca6`) added `billing:kv-readback --
|
||||
--select-ready-target --require-ready`; its 2026-05-20 production run cleared
|
||||
the old missing-target-state blocker without printing the account login.
|
||||
ECC-Tools PR #90 (`16a5bb3`) added the selected-target official announcement
|
||||
gate, so production preflight no longer needs a raw GitHub login and now
|
||||
blocks only on the missing `INTERNAL_API_SECRET` input before live execution.
|
||||
ECC-Tools PR #91 (`72119a1`) added `--env-file` support for ignored local
|
||||
billing credentials without printing loaded secrets or account logins.
|
||||
- Release notes, X, LinkedIn, GitHub release, GitHub Discussion, longform copy,
|
||||
sponsor outreach, partner outreach, consulting copy, conference pitches, and
|
||||
podcast pitches still need final live URLs plus human approval before posting
|
||||
@@ -175,13 +186,14 @@ The tracked public PR queue, issue queue, discussion queue, canonical ECC
|
||||
identity, release video suite, preview pack, growth outreach packet, per-project
|
||||
Claude Code adapter surface, continuous-learning project registry hygiene,
|
||||
GateGuard quoted git introspection fix, deterministic release approval gate,
|
||||
ECC-Tools billing-announcement redaction hardening, ECC-Tools hosted
|
||||
observability readback, AgentShield Zed/VS Code adapter coverage, AgentShield
|
||||
Dependabot alert closure, and JARVIS
|
||||
security/deploy queue repairs are current on May 20, 2026 for ECC `main`
|
||||
through `906e06406e95742944ccb05065f95a7e4dd4a036`, ECC-Tools `main`
|
||||
through `c836ac3fb24ed7e2ae38cd61e41c9651ac9c00f8`, and AgentShield `main`
|
||||
through `25d91f0002214c408da4ceaac7def20bad40ca10`. The remaining video work is owner
|
||||
ECC-Tools billing-announcement redaction hardening, selected-target billing
|
||||
readback, selected-target announcement gate, billing gate env-file operator path,
|
||||
ECC-Tools hosted observability readback, AgentShield Zed/VS Code adapter coverage,
|
||||
AgentShield Dependabot alert closure, and JARVIS security/deploy queue repairs
|
||||
are current on May 20, 2026 for ECC `main` through
|
||||
`c2471fe5c535310f8a8008c9ed7ea9f6757b33f2`, ECC-Tools `main` through
|
||||
`72119a1acc6f5a0cd3bb5d90afd6e87fd1fefd05`, and AgentShield `main` through
|
||||
`25d91f0002214c408da4ceaac7def20bad40ca10`. The remaining video work is owner
|
||||
approval, upload, and public URL attachment, not render or QA production.
|
||||
|
||||
This improves publication readiness but does not replace the approval-gated
|
||||
|
||||
@@ -93,7 +93,7 @@ For the May 19 live/pending release URL ledger after the public repo rename, see
|
||||
| Claude plugin | Manifest validates, marketplace JSON points to public repo, install docs match slug | `claude plugin validate .claude-plugin/plugin.json`; `claude plugin tag .claude-plugin --dry-run`; isolated temp-home install smoke | `Blocker: real tag creation/push requires approval` | Plugin owner | Clean-checkout dry-run and install smoke recorded |
|
||||
| Codex plugin | Manifest version matches package and docs, repo marketplace points at the plugin root, and OpenAI's current official Plugin Directory status is recorded | `node tests/docs/ecc2-release-surface.test.js`; `node tests/plugin-manifest.test.js`; `codex plugin marketplace add --help`; temp-home `codex plugin marketplace add <local-checkout>` | `Blocker: official Plugin Directory listing requires OpenAI submission/listing evidence` | Plugin owner | Repo-marketplace distribution verified; official directory pending |
|
||||
| OpenCode package | Build output is regenerated from source and package metadata is current | `npm run build:opencode` | `Blocker: none for local build; public distribution still follows npm/plugin release` | Package owner | Evidence recorded |
|
||||
| ECC Tools billing reference | Any billing claim links to verified Marketplace/App state | `env -u GITHUB_TOKEN gh repo view ECC-Tools/ECC-Tools --json nameWithOwner,isPrivate,viewerPermission` plus internal `/api/billing/readiness?accountLogin=<marketplace-test-account>` readback | `Blocker: ECC-Tools #73 added announcementGate; live Marketplace test-account readback must return announcementGate.ready === true before payment announcement` | ECC Tools owner | Code gate recorded; live billing readback pending |
|
||||
| ECC Tools billing reference | Any billing claim links to verified Marketplace/App state | `env -u GITHUB_TOKEN gh repo view ECC-Tools/ECC-Tools --json nameWithOwner,isPrivate,viewerPermission` plus internal `/api/billing/readiness?selectReadyTarget=1` readback using exported env or ignored `--env-file` for the bearer token | `Blocker: ECC-Tools #91 added the env-file operator path, but live selected-target announcement readback must return announcementGate.ready === true before payment announcement` | ECC Tools owner | Code gate recorded; live billing readback pending |
|
||||
| Announcement copy | X, LinkedIn, GitHub release, and longform copy point to live URLs | placeholder-marker scan and `release-url-ledger-2026-05-19.md` | `Blocker: final live release/npm/plugin/billing URLs do not exist yet; live and pending URLs are separated in the May 19 ledger` | Release owner | URL ledger recorded; final URLs pending |
|
||||
| Privileged workflow hardening | Release and maintenance workflows avoid persisted checkout tokens | `node scripts/ci/validate-workflow-security.js` | `Blocker:` | Release owner | Evidence recorded in post-hardening refresh |
|
||||
|
||||
@@ -103,7 +103,7 @@ Record the exact commit SHA and command output before any publication action:
|
||||
|
||||
| Evidence | Command | Required result | Recorded output |
|
||||
| --- | --- | --- | --- |
|
||||
| Clean release branch | `git status --short --branch` | On intended release commit; no unrelated files | Current May 19 baseline `bc519e5b8ed42f26c0a5a611756e04351c323f21`: `## main...origin/main`; repeat from the exact final publication commit before release |
|
||||
| Clean release branch | `git status --short --branch` | On intended release commit; no unrelated files | Current May 20 baseline `c2471fe5c535310f8a8008c9ed7ea9f6757b33f2`: `## main...origin/main`; repeat from the exact final publication commit before release |
|
||||
| Preview-pack smoke | `npm run preview-pack:smoke` | Preview pack artifacts, Hermes boundary, final verification command list, and publication blockers pass | `publication-evidence-2026-05-19.md`: ready yes, digest `eebb8a66c33e`, 33 artifacts, 5 passed, 0 failed; repeat in the final strict clean-checkout release pass |
|
||||
| Release approval gate | `npm run release:approval-gate -- --format json` | Ready true only after owner decision rows are approved, live release/package/plugin/video/billing URLs are recorded, and launch/outbound copy has no placeholders or private paths | Current May 19 state is intentionally blocked because owner decisions and live URL readbacks remain approval-gated |
|
||||
| Harness audit | `npm run harness:audit -- --format json` | 80/80 passing | Current release gate: 80/80 across 8 applicable categories, 0 top actions |
|
||||
@@ -116,10 +116,10 @@ Record the exact commit SHA and command output before any publication action:
|
||||
| Package surface | `node tests/scripts/npm-publish-surface.test.js` | 0 failures; no Python bytecode in npm tarball | Current release gate: 2/2 passed |
|
||||
| Release surface | `node tests/docs/ecc2-release-surface.test.js` | 0 failures | Current release gate: 27/27 passed after refreshing the discussion-count assertion to the post-PR #2005 baseline |
|
||||
| Optional Rust surface | `cd ecc2 && cargo test` | 0 failures or explicit deferral | `publication-evidence-2026-05-16.md`: 462/462 passed, existing warnings only |
|
||||
| Queue baseline | `node scripts/platform-audit.js --json` across trunk, AgentShield, JARVIS, ECC Tools, and ECC website | Under 20 open PRs and under 20 open issues | Current May 19 baseline after PR #2009: platform audit ready true, 0 open PRs, 0 open issues, 0 conflicting PRs, and 0 blocking dirty files across tracked repos |
|
||||
| Queue baseline | `node scripts/platform-audit.js --json` across trunk, AgentShield, JARVIS, ECC Tools, and ECC website | Under 20 open PRs and under 20 open issues | Current May 20 baseline after PR #2020: platform audit ready true, 0 open PRs, 0 open issues, 0 discussion gaps, 0 conflicting PRs, and 0 blocking dirty files across tracked repos |
|
||||
| Discussion baseline | `node scripts/platform-audit.js --json` and `node scripts/discussion-audit.js --json` | No unmanaged active discussion queue and no answerable Q&A missing an accepted answer | Post-PR #2005 baseline: platform audit sampled 59 trunk discussions, 0 needing maintainer touch, 0 answerable discussions missing accepted answer; `docs/architecture/discussion-response-playbook.md` records response templates and security escalation rules |
|
||||
| Linear roadmap | Linear project and issue readback | Detailed roadmap exists with release, security, AgentShield, ECC Tools, legacy, and observability lanes | May 18 Linear comments include ITO-57 `3fe5b2b7-c4fe-401c-a317-b40d72119cb3` and ITO-44 `fb4a4f33-6c2d-421a-bbdb-63cfad3e3ee4`; earlier evidence records the project and 16 issue lanes |
|
||||
| Operator readiness dashboard | `npm run operator:dashboard -- --json` | Current queue state mapped to macro-goal deliverables and incomplete gaps | Current May 19 dashboard is refreshed from the post-PR #2009 baseline; platform audit ready true, 0 open PRs, 0 open issues, 0 discussion gaps, 0 dirty files, release video suite current, and publication gates still approval-gated |
|
||||
| Operator readiness dashboard | `npm run operator:dashboard -- --json` | Current queue state mapped to macro-goal deliverables and incomplete gaps | Current May 20 dashboard is refreshed from the post-PR #2020 baseline; platform audit ready true, 0 open PRs, 0 open issues, 0 discussion gaps, 0 dirty files, release video suite current, selected-target billing/env-file path mirrored, and publication gates still approval-gated |
|
||||
| Release URL ledger | `docs/releases/2.0.0-rc.1/release-url-ledger-2026-05-19.md` plus placeholder-marker scan | Live links and approval-gated links are separated before announcement copy is posted | Ledger records public repo/docs/npm/OpenAI Codex documentation URLs and blocks GitHub release/npm/plugin/billing/social URLs until approval-gated checks pass |
|
||||
| Release name and plugin publication checklist | `docs/releases/2.0.0-rc.1/release-name-plugin-publication-checklist-2026-05-18.md` | Name/package/plugin values are frozen, final-release commands are listed, and Claude/Codex publication paths cite current official docs | Checklist keeps `ECC`, `ecc-universal`, and plugin slug `ecc` for rc.1; no npm rename, npm publish, plugin tag, official listing, billing claim, or announcement before final evidence |
|
||||
|
||||
|
||||
@@ -34,7 +34,7 @@ with output from the exact release commit.
|
||||
| npm rc package | <https://www.npmjs.com/package/ecc-universal/v/2.0.0-rc.1> | `npm publish --tag next` approval and post-publish `npm view ecc-universal dist-tags --json` |
|
||||
| Claude plugin tag | `claude plugin tag .claude-plugin --dry-run`, then real tag only after approval | Clean release commit and plugin tag/push approval |
|
||||
| Codex repo marketplace install | `codex plugin marketplace add affaan-m/ECC --ref v2.0.0-rc.1` | GitHub tag must exist; official Plugin Directory submission remains separate |
|
||||
| ECC Tools native-payments announcement | ECC Tools Marketplace/App URL plus billing readiness readback | Marketplace-managed test account must return `announcementGate.ready === true` |
|
||||
| ECC Tools native-payments announcement | ECC Tools Marketplace/App URL plus selected-target billing readiness readback, with bearer token supplied through exported env or ignored `--env-file` | Marketplace-managed selected target must return `announcementGate.ready === true` |
|
||||
| Public announcements | X, LinkedIn, GitHub release, and longform URLs | GitHub release, npm, plugin, and billing URLs must resolve first |
|
||||
|
||||
## Pre-Post Check
|
||||
|
||||
@@ -343,10 +343,12 @@ function agentShieldEnterpriseEvidence(roadmap) {
|
||||
|
||||
function eccToolsNextLevelEvidence(roadmap) {
|
||||
if (roadmap.includes('selected-target official announcement gate')
|
||||
|| roadmap.includes('billing gate env-file operator path')
|
||||
|| roadmap.includes('72119a1')
|
||||
|| roadmap.includes('16a5bb3')
|
||||
|| roadmap.includes('select-ready-target')
|
||||
|| roadmap.includes('f14ed2fe-a219-470c-8119-63429e197027')) {
|
||||
return 'billing announcement gate, selected-target announcement gate, hosted analysis lanes, AgentShield fleet-summary consumption, hosted finding evidence paths, harness-route policy linking, policy-promotion Action-output telemetry, operator-visible promotion output details, hosted promotion judge audit traces, billing announcement preflight, aggregate production billing KV readback, Wrangler OAuth readback, target-account billing readback, provenance-aware Marketplace billing-state gates, sanitized Marketplace plan/action provenance counts, ready Marketplace Pro target selection, hosted team-learning feedback controls, and ECC-Tools Dependabot alert remediation are mirrored in the GA roadmap';
|
||||
return 'billing announcement gate, selected-target announcement gate, billing gate env-file operator path, hosted analysis lanes, AgentShield fleet-summary consumption, hosted finding evidence paths, harness-route policy linking, policy-promotion Action-output telemetry, operator-visible promotion output details, hosted promotion judge audit traces, billing announcement preflight, aggregate production billing KV readback, Wrangler OAuth readback, target-account billing readback, provenance-aware Marketplace billing-state gates, sanitized Marketplace plan/action provenance counts, ready Marketplace Pro target selection, hosted team-learning feedback controls, and ECC-Tools Dependabot alert remediation are mirrored in the GA roadmap';
|
||||
}
|
||||
|
||||
if (roadmap.includes('69ca535')
|
||||
@@ -395,11 +397,13 @@ function eccToolsNextLevelEvidence(roadmap) {
|
||||
|
||||
function eccToolsNextLevelGap(roadmap) {
|
||||
if (roadmap.includes('selected-target official announcement gate')
|
||||
|| roadmap.includes('billing gate env-file operator path')
|
||||
|| roadmap.includes('72119a1')
|
||||
|| roadmap.includes('16a5bb3')
|
||||
|| roadmap.includes('select-ready-target')
|
||||
|| roadmap.includes('f14ed2fe-a219-470c-8119-63429e197027')
|
||||
|| roadmap.includes('old "no Marketplace-managed Pro target billing-state" blocker is cleared')) {
|
||||
return 'obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, then run the live selected-target billing announcement gate before publishing native-payments copy';
|
||||
return 'obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, via exported env or ignored --env-file, then run the live selected-target billing announcement gate before publishing native-payments copy';
|
||||
}
|
||||
|
||||
if (roadmap.includes('1Password CLI authorization timed out')
|
||||
@@ -1013,7 +1017,7 @@ function buildReport(options) {
|
||||
releaseVideoWorkOrder,
|
||||
'Replace final release, npm, plugin, billing, and video URLs in the partner/sponsor/talk pack, then get explicit approval before outbound.',
|
||||
'Repeat ITO-57 Linear/project status sync after the next significant merge batch or advisory-source refresh.',
|
||||
'Obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, then run the live selected-target billing announcement gate before publishing native-payments copy.',
|
||||
'Obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, via exported env or ignored --env-file, then run the live selected-target billing announcement gate before publishing native-payments copy.',
|
||||
],
|
||||
};
|
||||
}
|
||||
|
||||
@@ -493,7 +493,7 @@ test('publication readiness checklist gates public release actions on evidence',
|
||||
assert.ok(may15Evidence.includes('codex plugin marketplace add <local-checkout>'));
|
||||
assert.ok(may15Evidence.includes('Plugin Directory publishing is still blocked'));
|
||||
assert.ok(may15Evidence.includes('announcementGate.ready === true'));
|
||||
assert.ok(source.includes('ECC-Tools #73 added announcementGate'));
|
||||
assert.ok(source.includes('ECC-Tools #91 added the env-file operator path'));
|
||||
assert.ok(source.includes('do not claim official Plugin Directory listing before OpenAI submission evidence'));
|
||||
assert.ok(source.includes('release-name-plugin-publication-checklist-2026-05-18.md'));
|
||||
assert.ok(source.includes('Release name and plugin publication checklist'));
|
||||
|
||||
@@ -79,6 +79,8 @@ function seedRepo(rootDir, overrides = {}) {
|
||||
'632e059',
|
||||
'select-ready-target',
|
||||
'selected-target official announcement gate',
|
||||
'billing gate env-file operator path',
|
||||
'72119a1',
|
||||
'16a5bb3',
|
||||
'f14ed2fe-a219-470c-8119-63429e197027',
|
||||
'old "no Marketplace-managed Pro target billing-state" blocker is cleared',
|
||||
@@ -368,10 +370,11 @@ function runTests() {
|
||||
)));
|
||||
assert.ok(report.requirements.some(item => (
|
||||
item.id === 'ecc-tools-next-level'
|
||||
&& item.gap === 'obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, then run the live selected-target billing announcement gate before publishing native-payments copy'
|
||||
&& item.gap === 'obtain or rotate the local/internal INTERNAL_API_SECRET bearer-token path, via exported env or ignored --env-file, then run the live selected-target billing announcement gate before publishing native-payments copy'
|
||||
&& item.evidence.includes('operator-visible promotion output details')
|
||||
&& item.evidence.includes('hosted promotion judge audit traces')
|
||||
&& item.evidence.includes('selected-target announcement gate')
|
||||
&& item.evidence.includes('billing gate env-file operator path')
|
||||
&& item.evidence.includes('billing announcement preflight')
|
||||
&& item.evidence.includes('aggregate production billing KV readback')
|
||||
&& item.evidence.includes('Wrangler OAuth readback')
|
||||
|
||||
Reference in New Issue
Block a user