e2e observation fixes

docs/modules/ui/v2-rewire/S00_contract_ledger_template.md

@@ -0,0 +1,48 @@
+# S00 Contract Ledger Template
+
+Status: Template
+Purpose: classify backend readiness for each UI screen in v2 rewire
+
+## Classification values
+
+Use exactly one status value per row:
+- `EXISTS_COMPAT`: endpoint exists and contract already matches target behavior.
+- `EXISTS_ADAPT`: endpoint exists but requires request/response/schema/semantic adaptation.
+- `MISSING_NEW`: no suitable endpoint exists; new contract required.
+
+## Required columns
+
+| Domain | Screen/Page | Canonical source refs | Current route/page | Current endpoint candidate(s) | Status | Owner module | Auth scope impact | Schema delta summary | Decision/risk notes | Action ticket |
+| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
+| `<Dashboard/Release Control/etc>` | `<screen>` | `<source-of-truth section + authority-matrix row + pack section>` | `<current path>` | `<service + path>` | `<EXISTS_COMPAT/EXISTS_ADAPT/MISSING_NEW>` | `<src module>` | `<none/new/changed>` | `<1-2 lines>` | `<risk + mitigation>` | `<ticket id>` |
+
+## Validation checklist
+
+- [ ] Every active-authority screen from `authority-matrix.md` has a row.
+- [ ] No row has empty `Status`.
+- [ ] Every `MISSING_NEW` row includes a concrete proposed endpoint in notes.
+- [ ] Every `EXISTS_ADAPT` row identifies schema or semantic delta.
+- [ ] Every row lists owner module and auth scope impact.
+
+## Owner module reference set
+
+Use these module names consistently:
+- `ReleaseOrchestrator`
+- `Policy`
+- `EvidenceLocker`
+- `Attestor`
+- `Signer`
+- `Integrations`
+- `Scanner`
+- `Orchestrator`
+- `Scheduler`
+- `Authority`
+- `Web`
+
+## Optional extension columns
+
+Add only if needed:
+- `Data freshness contract`
+- `Determinism/offline constraints`
+- `Telemetry events`
+- `Deprecation/redirect dependency`

docs/modules/ui/v2-rewire/S00_sprint_spec_package.md

@@ -0,0 +1,166 @@
+# S00 Sprint Spec Package - v2 Rewire Spec Freeze
+
+Status: Draft for transfer into `docs/implplan`
+Date: 2026-02-18
+Working directory: `docs/modules/ui/v2-rewire`
+Canonical source: `source-of-truth.md`, `authority-matrix.md`, `multi-sprint-plan.md`
+
+## Sprint identity seed
+
+Recommended target filename when write scope includes `docs/implplan`:
+- `SPRINT_20260218_001_DOCS_ui_v2_rewire_spec_freeze.md`
+
+## Topic and scope
+
+- Freeze unresolved IA and ownership decisions so implementation sprints do not fork behavior.
+- Produce authoritative specs for unresolved `Advisory Sources`, nav rendering policy, trust ownership transition, and route deprecation baseline.
+- Establish a first complete endpoint contract ledger covering all root domains.
+- Working directory: `docs/modules/ui/v2-rewire` (planning docs only).
+- Expected evidence: signed decision records, canonical mapping tables, completed contract ledger v1.
+
+## Dependencies and concurrency
+
+- Upstream: none.
+- Downstream blocked by incomplete S00 decisions: S01, S02, S03.
+- Safe parallelism inside S00:
+  - T01 and T02 can run in parallel.
+  - T03 depends on T01 and T02 outputs.
+  - T04 can run in parallel with T01/T02.
+  - T05 starts after T01-T04 freeze points are approved.
+
+## Documentation prerequisites
+
+Must be read before any task enters DOING:
+- `docs/modules/ui/v2-rewire/source-of-truth.md`
+- `docs/modules/ui/v2-rewire/authority-matrix.md`
+- `docs/modules/ui/v2-rewire/sprint-planning-guide.md`
+- `docs/modules/ui/v2-rewire/multi-sprint-plan.md`
+- `docs/modules/ui/v2-rewire/pack-19.md`
+- `docs/modules/ui/v2-rewire/pack-20.md`
+- `docs/modules/ui/v2-rewire/pack-21.md`
+
+## Delivery tracker
+
+### S00-T01 - Security and Risk Advisory Sources final spec
+Status: TODO
+Dependency: none
+Owners: Product Manager, Documentation Author
+Task description:
+- Define full screen-level specification for `Security and Risk -> Advisory Sources`, including navigation entry, filters, primary data objects, decision impact fields, and drilldown links to Integrations and Platform Ops.
+- Resolve the split contract between advisory connectivity/freshness ownership and release-gating interpretation ownership.
+- Produce concrete UI behavior for stale, unavailable, and conflicting advisory-source states.
+
+Completion criteria:
+- [ ] Canonical screen definition exists with sections: purpose, layout, primary actions, empty/error states, and deep links.
+- [ ] Ownership boundary is explicit for each field on the screen (`Security and Risk`, `Integrations`, `Platform Ops`).
+- [ ] Required backend contract list exists for this screen with preliminary status (`EXISTS_COMPAT` / `EXISTS_ADAPT` / `MISSING_NEW`).
+- [ ] Source references cite canonical files and authoritative pack sections.
+
+### S00-T02 - Release Control capability rendering policy
+Status: TODO
+Dependency: none
+Owners: Project Manager, UX Lead
+Task description:
+- Freeze navigation rendering rule for Release Control-owned capabilities (`Releases`, `Approvals`, `Deployments`, `Regions and Environments`, `Bundles`):
+  - either direct root shortcuts + domain ownership,
+  - or strictly nested navigation under `Release Control`.
+- Define one allowed rendering pattern for desktop and mobile nav.
+
+Completion criteria:
+- [ ] One rendering policy selected and documented, including rationale and migration impact.
+- [ ] Breadcrumb and route naming convention for selected policy is documented.
+- [ ] Policy includes explicit do/do-not guidance to prevent mixed rendering in downstream sprints.
+- [ ] Policy references route migration obligations captured in S00-T04.
+
+### S00-T03 - Trust and signing ownership transition policy
+Status: TODO
+Dependency: S00-T01, S00-T02
+Owners: Product Manager, Security Architect, Documentation Author
+Task description:
+- Finalize ownership transition where `Administration` owns `Trust and Signing` while `Evidence and Audit` and `Security and Risk` consume trust state.
+- Define canonical link model, breadcrumbs, and allowed alias behavior during migration.
+
+Completion criteria:
+- [ ] Ownership statement is explicit and unambiguous.
+- [ ] Allowed cross-links from `Evidence and Audit` and `Security and Risk` are defined by page.
+- [ ] Legacy route behavior is specified (`redirect`, `alias`, or `deprecated`) with timelines.
+- [ ] Auth scope impact and role expectations are documented.
+
+### S00-T04 - Route deprecation baseline map
+Status: TODO
+Dependency: none
+Owners: Project Manager, Frontend Lead
+Task description:
+- Build baseline route map from current routing to target IA naming and ownership.
+- Include historical aliases and required compatibility redirects.
+
+Completion criteria:
+- [ ] Route map covers all root domains and major child routes.
+- [ ] Every legacy route has exactly one mapped target action (`keep`, `redirect`, `alias`, `remove-later`).
+- [ ] Risk list exists for high-churn routes and deep links.
+- [ ] Deprecation map references the selected nav rendering policy from S00-T02.
+
+### S00-T05 - Endpoint contract ledger bootstrap (v1)
+Status: TODO
+Dependency: S00-T01, S00-T02, S00-T03, S00-T04
+Owners: Project Manager, API Architect, Module Leads
+Task description:
+- Produce contract ledger v1 across all root domains using the canonical template in `S00_contract_ledger_template.md`.
+- Classify each screen/API dependency as `EXISTS_COMPAT`, `EXISTS_ADAPT`, or `MISSING_NEW`.
+
+Completion criteria:
+- [ ] Ledger includes every root domain and all screens identified as active authority in `authority-matrix.md`.
+- [ ] Every row includes owner module, auth scope impact, and schema delta notes.
+- [ ] `MISSING_NEW` rows include explicit proposed endpoint and schema action item.
+- [ ] Ledger reviewed by frontend and backend owners.
+
+### S00-T06 - S00 sign-off and handoff packet
+Status: TODO
+Dependency: S00-T01, S00-T02, S00-T03, S00-T04, S00-T05
+Owners: Project Manager
+Task description:
+- Compile decision outputs and publish an implementation-ready handoff packet for S01-S03.
+
+Completion criteria:
+- [ ] Final S00 summary includes frozen decisions, unresolved risks, and downstream constraints.
+- [ ] Handoff packet links all approved artifacts and identifies owners for S01, S02, S03.
+- [ ] All S00 tasks are either DONE or explicitly BLOCKED with mitigation.
+
+## Acceptance gate (sprint-level)
+
+S00 is considered DONE only if all checks pass:
+- [ ] Advisory Sources final spec completed and approved.
+- [ ] Release Control rendering policy frozen and approved.
+- [ ] Trust ownership transition policy frozen and approved.
+- [ ] Route deprecation baseline map completed.
+- [ ] Endpoint contract ledger v1 completed with zero unclassified rows.
+- [ ] Handoff packet published for S01-S03.
+
+## Execution log
+
+| Date (UTC) | Update | Owner |
+| --- | --- | --- |
+| 2026-02-18 | S00 package drafted in v2-rewire directory for transfer into implplan sprint workflow. | Project Manager |
+
+## Decisions and risks
+
+- Risk: unresolved nav rendering decisions can cause parallel implementation divergence; mitigate via mandatory S00-T02 freeze before S01 merge windows.
+- Risk: trust ownership transition can break existing deep links; mitigate with explicit alias policy and deprecation calendar.
+- Risk: missing backend contracts may be underestimated; mitigate by requiring v1 ledger coverage before implementation sprint kickoff.
+- Risk: Advisory Sources boundary ambiguity can duplicate logic across Security, Integrations, and Ops; mitigate via field-level ownership matrix.
+
+## Next checkpoints
+
+- Checkpoint 1: S00-T01 and S00-T02 draft completion review.
+- Checkpoint 2: S00-T03 and S00-T04 policy review and sign-off.
+- Checkpoint 3: S00-T05 ledger review with module leads.
+- Checkpoint 4: S00-T06 handoff publication and S01-S03 planning launch.
+
+## Artifacts to produce in this directory
+
+- `S00_advisory_sources_spec.md`
+- `S00_nav_rendering_policy.md`
+- `S00_trust_ownership_transition.md`
+- `S00_route_deprecation_map.md`
+- `S00_endpoint_contract_ledger_v1.md`
+- `S00_handoff_packet.md`