27 lines
1.7 KiB
Markdown
27 lines
1.7 KiB
Markdown
# Docs Guild Update — 2025-10-28
|
||
|
||
## Console security posture draft
|
||
|
||
- Published `docs/security/console-security.md` covering console OIDC/DPoP flow, scope map, fresh-auth sequence, CSP defaults, evidence handling, and monitoring checklist.
|
||
- Authority owners (`AUTH-CONSOLE-23-003`) to verify `/fresh-auth` token semantics (120 s OpTok, 300 s fresh-auth window) and confirm scope bundles before closing the sprint task.
|
||
- Security Guild requested to execute the compliance checklist in §9 and record sign-off in SPRINT 23 log once alerts/dashboards are wired (metrics references: `ui_request_duration_seconds`, `ui_dpop_failure_total`, Grafana board `console-security.json`).
|
||
|
||
## Console CLI parity matrix
|
||
|
||
- Added `/docs/cli-vs-ui-parity.md` with feature-level status tracking (✅/🟡/🟩). Pending commands reference CLI backlog (`CLI-EXPORT-35-001`, `CLI-POLICY-23-005`, `CONSOLE-DOC-23-502`).
|
||
- DevEx/CLI Guild to wire parity CI workflow when CLI downloads commands ship; Downloads workspace already links to the forthcoming parity report slot.
|
||
|
||
## Accessibility refresh
|
||
|
||
- Published `/docs/accessibility.md` describing keyboard flows, screen-reader behaviour, colour tokens, testing rig (Storybook axe, Playwright a11y), and offline guidance.
|
||
- Accessibility Guild (CONSOLE-QA-23-402) to log the next Playwright a11y sweep results against the new checklist; design tokens follow-up tracked via CONSOLE-FEAT-23-102.
|
||
|
||
Artifacts:
|
||
|
||
- Doc: `/docs/security/console-security.md`
|
||
- Doc: `/docs/cli-vs-ui-parity.md`
|
||
- Doc: `/docs/accessibility.md`
|
||
- Sprint tracker: `../implplan/SPRINTS.md` (DOCS-CONSOLE-23-012 now DONE)
|
||
|
||
cc: `@authority-core`, `@security-guild`, `@docs-guild`
|