ui progressing

docs/modules/ui/v2-rewire/authority-matrix.md

@@ -1,7 +1,7 @@
-# UI v2 Rewire Authority Matrix
+# UI v2 Rewire Authority Matrix
 
 Status: Canonical planning reference
-Date: 2026-02-18
+Date: 2026-02-20
 
 This matrix defines which pack is authoritative for each capability and which packs are superseded.
 
@@ -9,56 +9,60 @@ This matrix defines which pack is authoritative for each capability and which pa
 
 | Capability area | Authoritative pack(s) | Superseded packs | Notes |
 | --- | --- | --- | --- |
-| Dashboard mission board | `pack-16.md` | `pack-01.md`, `pack-04.md`, `pack-08.md`, `pack-11.md` | Keep release-centric board with SBOM/CritR/Data Integrity signals. |
-| Release bundles and organizer | `pack-12.md`, `pack-21.md` | `pack-01.md`, `pack-02.md`, `pack-04.md`, `pack-08.md`, `pack-11.md` | Pack 21 sets placement; Pack 12 keeps detailed builder and lifecycle flows. |
-| Releases promotion flow | `pack-13.md` | `pack-01.md`, `pack-04.md`, `pack-08.md` | Bundle-version anchored promotion model. |
-| Approvals detailed decision flow | `pack-17.md` and `pack-13.md` | `pack-01.md`, `pack-04.md`, `pack-08.md` | Pack 17 overrides approval detail/tab model; Pack 13 still provides base coupling to promotions. |
-| Run timeline / rollback / replay context | `pack-14.md` | Earlier implicit run views in packs 1/4/8 | Canonical run lifecycle and checkpoint model. |
-| Environment detail standard | `pack-18.md` | `pack-01.md`, `pack-04.md`, `pack-08.md`, `pack-11.md` | Standardized header and env tab set. |
-| Security decision-first console | `pack-19.md` plus `pack-21.md` (advisory mapping) | `pack-03.md`, `pack-07.md` | Pack 19 is base Security model; Pack 21 adds Advisory Sources split intent. |
-| Evidence and audit chain | `pack-20.md` | `pack-03.md`, `pack-09.md`, `pack-11.md` | Pack 20 is authoritative except Trust ownership override from Pack 21. |
-| Ops data confidence model | `pack-15.md`, `pack-21.md`, `pack-10.md` | `pack-03.md`, `pack-06.md`, `pack-09.md`, `pack-11.md` | Pack 15 defines Data Integrity; Pack 21 defines ops taxonomy; Pack 10 retains feeds/airgap detail. |
-| Integrations structure | `pack-21.md`, `pack-10.md` | `pack-02.md`, `pack-05.md`, `pack-09.md` | Pack 21 sets taxonomy; Pack 10 keeps concrete hub/detail flows. |
-| Administration structure | `pack-21.md` | `pack-02.md`, `pack-05.md`, `pack-09.md`, `pack-11.md` | Canonical A0..A7 admin model. |
+| Global IA and naming | `pack-23.md`, `pack-22.md` | `pack-21.md` and lower for overlaps | Canonical roots are Dashboard, Releases, Security, Evidence, Topology, Platform, Administration. |
+| Dashboard mission control | `pack-22.md`, `pack-16.md` | `pack-01.md`, `pack-04.md`, `pack-08.md`, `pack-11.md` | Pack 22 defines posture framing; Pack 16 keeps detailed signal cards where unchanged. |
+| Releases lifecycle consolidation | `pack-22.md`, `pack-12.md`, `pack-13.md`, `pack-14.md`, `pack-17.md` | Standalone lifecycle module variants in older packs | Runs/deployments/promotions/hotfixes are views under Releases, not roots. |
+| Topology inventory and setup | `pack-22.md`, `pack-18.md` | Prior placements under Release Control and Platform Ops | Regions/env/targets/hosts/agents/workflows/gate profiles belong to Topology. |
+| Security consolidation | `pack-22.md`, `pack-19.md` | `pack-03.md`, `pack-07.md` and split-view variants | Findings + Disposition + SBOM Explorer as consolidated IA. |
+| Evidence and audit chain | `pack-22.md`, `pack-20.md` | `pack-03.md`, `pack-09.md`, `pack-11.md` | Evidence must be linked from Releases and Security decisions. |
+| Operations runtime posture | `pack-23.md`, `pack-15.md`, `pack-10.md` | `pack-03.md`, `pack-06.md`, `pack-09.md`, `pack-11.md` | Ops runs under Platform and owns runtime operability state; agents stay in Topology. |
+| Integrations configuration | `pack-23.md`, `pack-10.md`, `pack-21.md` | `pack-02.md`, `pack-05.md`, `pack-09.md` | Integrations runs under Platform and is limited to external systems/connectors. |
+| Administration governance | `pack-22.md`, `pack-21.md` | `pack-02.md`, `pack-05.md`, `pack-09.md`, `pack-11.md` | Identity/tenant/notification/usage/policy/system remain Administration-owned. |
 
 ## B) Explicit higher-pack overrides
 
 | Decision | Replaced guidance | Canonical guidance |
 | --- | --- | --- |
-| Policy Governance location | Release Control variants in Packs 5 and 9 | `Administration -> Policy Governance` (`pack-21.md`) |
-| Trust & Signing ownership | Evidence ownership in Packs 9, 11, and 20 | `Administration -> Trust & Signing` with Evidence/Security cross-links (`pack-21.md`) |
-| System location | Operations Platform Admin in Pack 9, root System in Pack 11 | `Administration -> System` with Platform Ops drilldowns (`pack-21.md`) |
-| Legacy Security Data split | Mixed settings-placement drafts in Packs 2/5/9/10 | Connectivity in Integrations/Ops, decision impact in Security (`pack-21.md`) |
+| Root domain naming | `Release Control`, `Security & Risk`, `Evidence & Audit`, `Platform Ops` roots | `Releases`, `Security`, `Evidence`, `Platform`, plus `Topology` root (`pack-23.md`) |
+| Bundle naming | Bundle-first labels in packs 12/21 | UI term is `Release`; bundle semantics remain in data model (`pack-22.md`) |
+| Lifecycle menu sprawl | Standalone Promotions, Deployments, Runs, Hotfixes menus | Lifecycle surfaces live under `Releases` list/detail/activity/approvals (`pack-22.md`) |
+| Region/environment nav placement | Deep menu under release-control variants | Global context selectors + Topology inventory pages (`pack-22.md`) |
+| Security navigation split | Separate VEX, Exceptions, SBOM Graph, SBOM Lake menus | Consolidated `Disposition` and `SBOM Explorer` surfaces (`pack-22.md`) |
+| Feed and VEX source setup placement | Security-owned advisory sources setup variants | Integrations-owned feed/source configuration (`pack-22.md`) |
+| Agent module placement | Platform Ops ownership variants | `Topology -> Agents` (`pack-22.md`) |
 
 ## C) Pack lifecycle classification
 
 | Pack | Status for planning | Primary reason |
 | --- | --- | --- |
-| `pack-01.md` | Superseded baseline | Early release-control draft replaced by later domain packs. |
+| `pack-01.md` | Superseded baseline | Early drafts replaced by higher packs. |
 | `pack-02.md` | Superseded baseline | Early settings/admin/integration placement replaced. |
-| `pack-03.md` | Superseded baseline | Early security/evidence/ops model replaced by 15/19/20/21. |
-| `pack-04.md` | Superseded baseline | Early Release Control model replaced by 12/13/16/17/18/21. |
-| `pack-05.md` | Superseded baseline | Transitional admin/integration moves replaced by 21. |
-| `pack-06.md` | Superseded baseline | Ops structure replaced by 15 and 21 taxonomy. |
-| `pack-07.md` | Superseded baseline | Security model replaced by 19. |
-| `pack-08.md` | Partially superseded reference | Useful as RC nesting reference only; most details replaced. |
-| `pack-09.md` | Superseded baseline | Settings migration draft overridden by 21. |
-| `pack-10.md` | Active partial authority | Still needed for detailed Integrations/Feeds/AirGap flows. |
-| `pack-11.md` | Superseded baseline | Replaced by 12-21 and overridden by 21 on key ownerships. |
-| `pack-12.md` | Active authority | Bundle organizer deep specification. |
-| `pack-13.md` | Active authority | Promotion flow baseline; approvals partially overridden by 17. |
-| `pack-14.md` | Active authority | Run timeline, checkpoints, rollback/replay hooks. |
+| `pack-03.md` | Superseded baseline | Early security/evidence/ops model replaced. |
+| `pack-04.md` | Superseded baseline | Early release control model replaced. |
+| `pack-05.md` | Superseded baseline | Transitional admin/integration moves replaced. |
+| `pack-06.md` | Superseded baseline | Ops structure replaced by packs 15 and 22. |
+| `pack-07.md` | Superseded baseline | Security model replaced by packs 19 and 22. |
+| `pack-08.md` | Superseded baseline | Historical reference only. |
+| `pack-09.md` | Superseded baseline | Settings migration draft replaced. |
+| `pack-10.md` | Active partial authority | Integrations/feeds/airgap detail where not overridden. |
+| `pack-11.md` | Superseded baseline | Replaced by packs 12-22. |
+| `pack-12.md` | Active authority | Release composition deep specification. |
+| `pack-13.md` | Active authority | Promotion flow baseline for Releases. |
+| `pack-14.md` | Active authority | Run timeline/checkpoint semantics. |
 | `pack-15.md` | Active authority | Data Integrity operations model. |
-| `pack-16.md` | Active authority | Dashboard v3 canonical model. |
-| `pack-17.md` | Active authority | Approvals v2 canonical detail model. |
-| `pack-18.md` | Active authority | Environment detail canonical standard. |
-| `pack-19.md` | Active authority | Security consolidation baseline. |
-| `pack-20.md` | Active authority with override | Evidence consolidation; Trust ownership overridden by 21. |
-| `pack-21.md` | Highest-precedence authority | Final admin/integration/settings split and top-level grouping intent. |
+| `pack-16.md` | Active authority | Dashboard signal-level model. |
+| `pack-17.md` | Active authority | Approvals detail model. |
+| `pack-18.md` | Active authority | Environment/topology detail shell standard. |
+| `pack-19.md` | Active authority | Security decision model details. |
+| `pack-20.md` | Active authority | Evidence chain structure. |
+| `pack-21.md` | Active fallback authority | Pre-Pack-22 admin/integration organization details where not overridden. |
+| `pack-23.md` | Highest-precedence authority | Platform global menu with Ops/Integrations/Setup consolidation and ownership boundaries. |
+| `pack-22.md` | Active authority | IA consolidation baseline and naming model before Platform delta in Pack 23. |
 
 ## D) Raw pack usage policy
 
 For sprint planning, use raw packs only through this sequence:
+
 1. Find capability in Section A.
 2. Start with listed authoritative pack(s).
 3. Open superseded packs only for migration context or missing implementation detail.