Skip to content

docs: reopen v1.1 milestone with hardening block phases 50-55#526

Merged
FSM1 merged 2 commits into
mainfrom
docs/reopen-m3-hardening-phases
Jun 19, 2026
Merged

docs: reopen v1.1 milestone with hardening block phases 50-55#526
FSM1 merged 2 commits into
mainfrom
docs/reopen-m3-hardening-phases

Conversation

@FSM1

@FSM1 FSM1 commented Jun 19, 2026

Copy link
Copy Markdown
Owner

Summary

Reopens Milestone 3 (v1.1) and appends a six-phase hardening block (Phases 50–55) absorbing the tracked tech-debt/security todos surfaced during v1.1 verification and audits. Reopened into M3 rather than opening a v1.2, since Milestone 4 (v2.0) is already defined — a v1.2 would wedge awkwardly between them.

Also backfills the ROADMAP progress table for phases 40–55 (and corrects the stale 38/39 rows, which read "Planned" but are 4/4 complete).

Hardening block

Phase Scope (todos) Req
50 IPFS/IPNS Data-Integrity Fixes unpin-integrity findings (#12), unenroll unloaded subtrees (#14) HARD-01
51 Crypto-Signature & Secret-Leak Hardening IPNS signedRecord validation/verification/zeroization (#5), web logger redaction + Faro (#15) HARD-02
52 Desktop FUSE Durability & At-Rest Safety journal growth + replay timeout + plaintext scrub (#9) HARD-03
53 Release & Supply-Chain Engineering pin Actions to SHAs (#6), Cargo.lock on release (#13), release-please pin automation (#16) HARD-04
54 E2E Test-Infra Typing migrate .mjs helpers to TypeScript (#11) HARD-05
55 Large Source-File Refactor split/dedup oversized files (#17) HARD-06

Recommended execution order (by risk): 50 → 51 → 52 → 53 → 54 → 55.

Todos reconciled

  • #7 (useFolderNavigation consolidation) and #8 (shared-move re-encrypt) were verified already resolved by Phase 49 in live code (useFolderNavigation.ts:240 delegates to client.ensureFolderLoaded; moveInSharedFolder + shared-folder-move.spec.ts exist with re-key-to-dest logic) — moved to completed/, not turned into phases.
  • #10 (gsd-tools STATE regression) excluded — it's GSD's own tooling, not product code.

Files

  • ROADMAP.md — overview reopen note; Milestones 18-49 → 18-55; 6 checklist bullets; 6 Phase Details blocks; progress table backfilled 40–55 + corrected 38/39
  • STATE.mdstatus: Milestone complete → In progress, total_phases 34→40, percent 100→85; Current Position reset to Phase 50; Roadmap-Evolution + Pending-Todos entries
  • PROJECT.md — reopen footer note
  • REQUIREMENTS.mdv1.1 Hardening Requirements (HARD-01…06) + traceability rows
  • todos/#7, #8completed/
  • 6 new phases/5x-*/.gitkeep dirs (so /gsd:plan-phase works)

Verification

  • gsd-tools progress parses the reopened milestone; phases 50–55 register as Pending (0 plans).
  • Progress-table plan counts pulled from disk (PLAN/SUMMARY file counts per phase dir).
  • prettier --check clean on all four docs.

🤖 Generated with Claude Code

Summary by CodeRabbit

  • Chores
    • Reopened v1.1 milestone with extended roadmap phases (50–55) for hardening initiatives.
    • Added six new hardening requirements to project tracking and traceability documentation.
    • Updated project state and progress tracking to reflect milestone reopening and new phase allocation.

Reopen Milestone 3 (v1.1) rather than open a v1.2, since Milestone 4 (v2.0)
is already defined, and append a six-phase hardening block absorbing the
tracked tech-debt/security todos surfaced during v1.1 verification and audits.

Phases:
- 50 IPFS/IPNS data-integrity fixes (unpin-integrity findings, unenroll subtrees)
- 51 crypto-signature & secret-leak hardening (IPNS signedRecord, web logger redaction)
- 52 desktop FUSE durability & at-rest safety (journal growth, replay timeout, plaintext scrub)
- 53 release & supply-chain engineering (pin actions to SHAs, Cargo.lock, release-please pins)
- 54 E2E test-infra typing (migrate .mjs helpers to TypeScript)
- 55 large source-file refactor (split/dedup oversized files)

Todos #7 (useFolderNavigation consolidation) and #8 (shared-move re-encrypt)
were verified already-resolved by Phase 49 in live code and moved to completed/,
so they are not phases. The GSD-tooling STATE regression (#10) is excluded as an
upstream chore. New requirement IDs HARD-01..06 map to phases 50-55.

Also backfill the ROADMAP progress table for phases 40-55 and correct the stale
38/39 rows (were "Planned", actually 4/4 complete). STATE reopened to In progress
(40 phases, 34 complete, 85%).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Entire-Checkpoint: b8539c7b282d
@github-actions

Copy link
Copy Markdown
Contributor

Release Preview

No version bumps detected. All changes are in unversioned paths or use exempt commit types.

@greptile-apps

greptile-apps Bot commented Jun 19, 2026

Copy link
Copy Markdown

Greptile Summary

This documentation-only PR reopens Milestone 3 (v1.1) by appending a six-phase hardening block (Phases 50–55) that formalises tracked tech-debt and security todos from the v1.1 verification and audit cycle into actionable roadmap entries.

  • ROADMAP.md: Phase 50–55 details added, the Progress table relocated to after all Phase Details, execution-order string extended through phase 55, and the previously stale 38/39 rows corrected from "Planned" to "Complete" with accurate plan counts and dates.
  • STATE.md: YAML frontmatter updated (status: In progress, total_phases: 40, percent: 85); Current Position reset to Phase 50; Roadmap-Evolution and Pending-Todos narratives updated.
  • REQUIREMENTS.md: New v1.1 Hardening Requirements section (HARD-01..06) inserted before the existing v1.2 placeholder; traceability rows added for phases 50–55.
  • Todos Fix date inconsistency in TECHNICAL_ARCHITECTURE.md #7 and Fix date inconsistency in DATA_FLOWS.md frontmatter #8 moved from pending/ to completed/ after confirming Phase 49 resolved both in live code.

Confidence Score: 5/5

Documentation-only change with no production code touched; safe to merge.

All changes are confined to planning documents and empty .gitkeep placeholders. The updated figures in STATE.md (total_phases: 40, completed_phases: 34, percent: 85) are arithmetically correct, the execution-order string now runs through phase 55, and the corrected 38/39 rows match the plan counts documented in the Phase Details sections. No code, migrations, or configuration are affected.

No files require special attention.

Important Files Changed

Filename Overview
.planning/ROADMAP.md Adds Phase 50–55 hardening block details, moves Progress table to after all Phase Details, backfills plan counts and completion dates for phases 38–49, and extends the execution-order string through phase 55.
.planning/STATE.md Resets status to 'In progress', updates total_phases from 34→40, percent from 100→85 (34/40 = 85% is correct), and advances Current Position to Phase 50. YAML frontmatter values are internally consistent.
.planning/REQUIREMENTS.md Adds HARD-01..06 requirements section between SHARE and v1.2 sections; adds traceability rows for phases 50–55.
.planning/PROJECT.md Appends a reopen footer note summarising phases 50–55 and the rationale for reopening Milestone 3 rather than creating v1.2.
.planning/todos/completed/2026-06-16-remove-redundant-web-folder-seeding-now-that-sdk-self-bootst.md Todo #7 (useFolderNavigation consolidation) renamed from pending/ to completed/ after verification that Phase 49 resolved it.
.planning/todos/completed/2026-06-17-shared-folder-move-must-reencrypt-file-metadata.md Todo #8 (shared-folder move re-encrypt) renamed from pending/ to completed/ after verification that Phase 49 resolved it.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    M3["Milestone 3 — v1.1\n(Phases 18–49 complete)"]
    M3 -->|reopened 2026-06-19| HB["Hardening Block"]
    HB --> P50["Phase 50\nIPFS/IPNS Data-Integrity Fixes\n(HARD-01)"]
    HB --> P51["Phase 51\nCrypto-Signature & Secret-Leak Hardening\n(HARD-02)"]
    HB --> P52["Phase 52\nDesktop FUSE Durability & At-Rest Safety\n(HARD-03)"]
    HB --> P53["Phase 53\nRelease & Supply-Chain Engineering\n(HARD-04)"]
    HB --> P54["Phase 54\nE2E Test-Infra Typing\n(HARD-05)"]
    HB --> P55["Phase 55\nLarge Source-File Refactor\n(HARD-06)"]
    P50 -->|recommended order| P51 --> P52 --> P53 --> P54 --> P55
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    M3["Milestone 3 — v1.1\n(Phases 18–49 complete)"]
    M3 -->|reopened 2026-06-19| HB["Hardening Block"]
    HB --> P50["Phase 50\nIPFS/IPNS Data-Integrity Fixes\n(HARD-01)"]
    HB --> P51["Phase 51\nCrypto-Signature & Secret-Leak Hardening\n(HARD-02)"]
    HB --> P52["Phase 52\nDesktop FUSE Durability & At-Rest Safety\n(HARD-03)"]
    HB --> P53["Phase 53\nRelease & Supply-Chain Engineering\n(HARD-04)"]
    HB --> P54["Phase 54\nE2E Test-Infra Typing\n(HARD-05)"]
    HB --> P55["Phase 55\nLarge Source-File Refactor\n(HARD-06)"]
    P50 -->|recommended order| P51 --> P52 --> P53 --> P54 --> P55
Loading

Reviews (2): Last reviewed commit: "docs: address greptile review on v1.1 re..." | Re-trigger Greptile

Comment thread .planning/ROADMAP.md Outdated
Comment thread .planning/REQUIREMENTS.md Outdated
Comment thread .planning/ROADMAP.md Outdated
@coderabbitai

coderabbitai Bot commented Jun 19, 2026

Copy link
Copy Markdown

Review Change Stack

Walkthrough

Planning documents for the cipher-box project are updated to reopen milestone v1.1 on 2026-06-19 with a new hardening block. Six hardening requirements (HARD-01..HARD-06) covering IPFS/IPNS integrity, crypto/secret-leak hardening, FUSE durability, supply-chain engineering, E2E typing, and a large refactor are added across phases 50–55. Roadmap, requirements traceability, and state/progress metadata are updated accordingly.

Changes

v1.1 Hardening Block Reopen

Layer / File(s) Summary
HARD-01..HARD-06 requirements and traceability
.planning/REQUIREMENTS.md
Adds "v1.1 Hardening Requirements (Phases 50–55)" section defining HARD-01..HARD-06 with topics and phase numbers, extends the traceability table with HARD-01..HARD-06 → phases 50–55 (Planned), and updates the coverage summary and footer.
Roadmap reopen notice, hardening block, and phase scaffolding
.planning/ROADMAP.md
Adds the 2026-06-19 reopen notice and expands the v1.1 milestone to phases 18–55; inserts the hardening block checklist (phases 50–55); introduces placeholder sections for each new phase; removes the misplaced progress table anchor before phase 27; and extends the progress and execution-order tables with the new phases under the v1.1-hardening label.
Project key decisions and state metadata
.planning/PROJECT.md, .planning/STATE.md
Records the v1.1 reopen decision in PROJECT.md; updates STATE.md milestone status to "In progress", recalculates progress to 34/40 (85%), rewrites the current focus to Phase 50 with a next-phase execution order, adds a roadmap evolution bullet for the hardening reopen, and revises the pending todos count from 9 to 15 with annotations.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~4 minutes

Possibly related PRs

  • FSM1/cipher-box#77: The hardening block (phases 50–55) explicitly covers IPNS sequence fallback, plaintext filename scrubbing (FUSE), and debug eprintln! leakage — the same pending todos captured in PR #77.
  • FSM1/cipher-box#512: PR #512 completed phases 47–49 and updated the same .planning/ROADMAP.md and .planning/STATE.md files that this PR extends to reopen v1.1 at phase 50.
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Title check ✅ Passed The pull request title clearly and accurately describes the main objective: reopening the v1.1 milestone and adding hardening block phases 50-55, which is the central purpose of the changeset across all planning documents.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch docs/reopen-m3-hardening-phases

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

- ROADMAP execution-order line: extend to phases 50-55 and drop the dangling
  trailing arrow that ended at "49 -> " (prettier had auto-extended it to 49
  without the new hardening phases)
- ROADMAP footer: add a 2026-06-19 "Last updated" entry for the reopen and note
  the 6-phase hardening block in the totals line
- REQUIREMENTS footer: reorder the two 2026-06-19 entries so the reopen note
  follows the PERF verification note (was reverse-insertion order)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Entire-Checkpoint: 05036e2382fd
@FSM1 FSM1 changed the title docs: reopen v1.1 milestone with hardening block (phases 50-55) docs: reopen v1.1 milestone with hardening block phases 50-55 Jun 19, 2026
@FSM1 FSM1 merged commit f41cda4 into main Jun 19, 2026
18 of 19 checks passed
@FSM1 FSM1 deleted the docs/reopen-m3-hardening-phases branch June 19, 2026 14:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant