90c244948a
- Modified task status update instructions in AGENTS.md files to refer to corresponding sprint files as `/docs/implplan/SPRINT_*.md` instead of `docs/implplan/SPRINTS.md`. - Added a comprehensive document for Secret Leak Detection operations detailing scope, prerequisites, rule bundle lifecycle, enabling the analyzer, policy patterns, observability, troubleshooting, and references.
1.3 KiB
1.3 KiB
Implementation plan — Authority
Current objectives
- Maintain deterministic behaviour and offline parity across releases.
- Keep documentation, telemetry, and runbooks aligned with the latest sprint outcomes.
Workstreams
- Backlog grooming: reconcile open stories in ../../TASKS.md with this module's roadmap.
- Implementation: collaborate with service owners to land feature work defined in SPRINTS/EPIC docs.
- Validation: extend tests/fixtures to preserve determinism and provenance requirements.
Epic milestones
- Epic 1 – AOC enforcement: deliver OpTok scopes, guardrails, and AOC verifier hooks for ingestion services.
- Epic 2 – Policy Engine & Editor: support policy evaluator flows (device-code, client credentials, scope sandboxing).
- Epic 4 – Policy Studio: provide registry/promotion signing, approvals, and fresh-auth prompts.
- Epic 14 – Identity & Tenancy: implement tenant isolation, RBAC hierarchies, audit trails, and PoE integration.
- Track additional work (DOCS-SEC-62-001, AUTH-POLICY-20-001/002) in ../../TASKS.md and src/Authority/**/TASKS.md.
Coordination
- Review ./AGENTS.md before picking up new work.
- Sync with cross-cutting teams noted in
/docs/implplan/SPRINT_*.md. - Update this plan whenever scope, dependencies, or guardrails change.