santhoshj/headroom
1
0
Fork 0
Code Issues 18 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
04022b7e0b0d33111aae8cf7589f1ad592281e13
headroom/openspec/changes/headroom-foundation/tasks.md

442 lines
22 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
## 1. Project Setup & Infrastructure
- [ ] 1.1 Create Docker Compose configuration (frontend, backend, postgres, redis containers)
- [ ] 1.2 Configure Dockerfile for Laravel backend (PHP 8.4-FPM, use :latest tag)
- [ ] 1.3 Configure Dockerfile for SvelteKit frontend (Node:latest)
- [ ] 1.4 Set up volume mounts for code (hot reload) and data (PostgreSQL, Redis)
- [ ] 1.5 Configure environment variables (.env files for frontend and backend)
- [ ] 1.6 Test Docker Compose startup (all 4 containers running)
- [ ] 1.7 Configure Nginx Proxy Manager routes (/api/* → Laravel, /* → SvelteKit)
## 2. Backend Foundation (Laravel)
- [ ] 2.1 Initialize Laravel 12 (latest) project with required dependencies
- [ ] 2.2 Install tymon/jwt-auth, predis/predis, knuckleswtf/scribe
- [ ] 2.3 Install pestphp/pest, laravel/pint for testing and linting
- [ ] 2.4 Configure PostgreSQL connection in config/database.php
- [ ] 2.5 Configure Redis connection for cache and sessions
- [ ] 2.6 Set up JWT authentication configuration (60min access, 7day refresh)
- [ ] 2.7 Configure CORS for SvelteKit frontend origin
- [ ] 2.8 Create API route structure (api.php)
## 3. Frontend Foundation (SvelteKit)
- [ ] 3.1 Initialize SvelteKit project with TypeScript
- [ ] 3.2 Install Tailwind CSS and DaisyUI
- [ ] 3.3 Install Recharts, TanStack Table (@tanstack/svelte-table)
- [ ] 3.4 Install Superforms (sveltekit-superforms) and Zod
- [ ] 3.5 Install Vitest and Playwright for testing
- [ ] 3.6 Configure Tailwind with DaisyUI theme
- [ ] 3.7 Create API client service (fetch wrapper with JWT token handling)
- [ ] 3.8 Create auth store (Svelte store for user, token management)
- [ ] 3.9 Create layout components (+layout.svelte, navigation)
## 4. Database Schema & Migrations
- [ ] 4.1 Create migration: roles table (id, name, description)
- [ ] 4.2 Create migration: project_statuses table (id, name, order, is_active, is_billable)
- [ ] 4.3 Create migration: project_types table (id, name, description)
- [ ] 4.4 Create migration: team_members table (id UUID, name, role_id, hourly_rate, active)
- [ ] 4.5 Create migration: projects table (id UUID, code unique, title, status_id, type_id, approved_estimate, forecasted_effort JSON)
- [ ] 4.6 Create migration: allocations table (id UUID, project_id, team_member_id, month, allocated_hours)
- [ ] 4.7 Create migration: actuals table (id UUID, project_id, team_member_id, month, hours_logged)
- [ ] 4.8 Create migration: holidays table (id UUID, date, name, description)
- [ ] 4.9 Create migration: ptos table (id UUID, team_member_id, start_date, end_date, reason, status)
- [ ] 4.10 Create migration: users table (id UUID, name, email, password, role enum)
- [ ] 4.11 Add indexes (composite on allocations/actuals for project+month, member+month)
- [ ] 4.12 Run migrations and verify schema
## 5. Database Seeders
- [ ] 5.1 Create seeder: roles (Frontend Dev, Backend Dev, QA, DevOps, UX, PM, Architect)
- [ ] 5.2 Create seeder: project_statuses (13 statuses with correct order)
- [ ] 5.3 Create seeder: project_types (Project, Support)
- [ ] 5.4 Create seeder: users (create superuser account for testing)
- [ ] 5.5 Run seeders and verify master data populated
## 6. Laravel Models & Relationships
- [ ] 6.1 Create TeamMember model with role relationship
- [ ] 6.2 Create Project model with status, type relationships, casts for forecasted_effort JSON
- [ ] 6.3 Create Allocation model with project, team_member relationships
- [ ] 6.4 Create Actual model with project, team_member relationships
- [ ] 6.5 Create Role, ProjectStatus, ProjectType models
- [ ] 6.6 Create Holiday, PTO models
- [ ] 6.7 Create User model with JWT authentication traits
- [ ] 6.8 Define model factories for testing (TeamMemberFactory, ProjectFactory, etc.)
## 7. Authentication (Backend)
- [ ] 7.1 Create AuthController (login, logout, refresh methods)
- [ ] 7.2 Implement login endpoint (validate credentials, generate JWT tokens)
- [ ] 7.3 Implement logout endpoint (invalidate refresh token in Redis)
- [ ] 7.4 Implement refresh endpoint (validate refresh token, rotate tokens)
- [ ] 7.5 Create JWT middleware for protecting routes
- [ ] 7.6 Store refresh tokens in Redis with 7-day TTL
- [ ] 7.7 Write unit tests for AuthController
- [ ] 7.8 Write feature tests for auth endpoints
## 8. Authentication (Frontend)
- [ ] 8.1 Create login page (/login route)
- [ ] 8.2 Create login form with Superforms + Zod validation
- [ ] 8.3 Implement auth API client methods (login, logout, refresh)
- [ ] 8.4 Create auth store (persist tokens in localStorage)
- [ ] 8.5 Implement token refresh logic (interceptor for 401 responses)
- [ ] 8.6 Create auth guard for protected routes (hooks.server.ts)
- [ ] 8.7 Add logout functionality to navigation
- [ ] 8.8 Write E2E test for login flow (Playwright)
## 9. Team Member Management (Backend)
- [ ] 9.1 Create TeamMemberController (index, store, show, update, destroy)
- [ ] 9.2 Create TeamMemberRequest for validation (name required, hourly_rate > 0)
- [ ] 9.3 Create TeamMemberResource for JSON transformation
- [ ] 9.4 Create TeamMemberPolicy for authorization (managers can CRUD)
- [ ] 9.5 Implement soft delete prevention (cannot delete if allocations exist)
- [ ] 9.6 Add API routes for team members
- [ ] 9.7 Write unit tests for TeamMember model
- [ ] 9.8 Write feature tests for team member endpoints
## 10. Team Member Management (Frontend)
- [ ] 10.1 Create team members list page (/team-members route)
- [ ] 10.2 Create team member create/edit form with Superforms + Zod
- [ ] 10.3 Implement team member API client methods (CRUD)
- [ ] 10.4 Display team members in TanStack Table (sortable, filterable)
- [ ] 10.5 Add active/inactive toggle UI
- [ ] 10.6 Add hourly rate display (formatted as currency)
- [ ] 10.7 Implement delete with confirmation modal
- [ ] 10.8 Write unit tests for team member components (Vitest)
- [ ] 10.9 Write E2E test for team member CRUD (Playwright)
## 11. Project Management (Backend)
- [ ] 11.1 Create ProjectController (index, store, show, update, destroy)
- [ ] 11.2 Create ProjectRequest for validation (code unique, approved_estimate > 0 if status >= Approved)
- [ ] 11.3 Create ProjectResource for JSON transformation
- [ ] 11.4 Create ProjectPolicy for authorization (managers can edit own projects)
- [ ] 11.5 Implement project status state machine validation
- [ ] 11.6 Implement forecasted effort validation (sum must equal approved estimate ±5%)
- [ ] 11.7 Add API routes for projects
- [ ] 11.8 Write unit tests for Project model and status transitions
- [ ] 11.9 Write feature tests for project endpoints
## 12. Project Management (Frontend)
- [ ] 12.1 Create projects list page (/projects route)
- [ ] 12.2 Create project create/edit form with Superforms + Zod
- [ ] 12.3 Implement project API client methods (CRUD)
- [ ] 12.4 Display projects in TanStack Table (sortable, filterable by status/type)
- [ ] 12.5 Add status dropdown (reflect state machine transitions)
- [ ] 12.6 Add forecasted effort input (JSON editor or month-by-month fields)
- [ ] 12.7 Display validation warnings (forecasted effort ≠ approved estimate)
- [ ] 12.8 Write unit tests for project components (Vitest)
- [ ] 12.9 Write E2E test for project creation and status transitions (Playwright)
## 13. Capacity Planning (Backend)
- [ ] 13.1 Create HolidayController (index, store, destroy)
- [ ] 13.2 Create PTOController (index, store, update, destroy with approval workflow)
- [ ] 13.3 Create CapacityService for capacity calculations
- [ ] 13.4 Implement calculateIndividualCapacity method (working days × availability - PTO - holidays)
- [ ] 13.5 Implement calculateTeamCapacity method (sum of individual capacities for active members)
- [ ] 13.6 Implement calculatePossibleRevenue method (capacity × hourly rates)
- [ ] 13.7 Add API routes for capacity endpoint (/api/capacity?month=YYYY-MM)
- [ ] 13.8 Implement Redis caching for capacity calculations (1 hour TTL)
- [ ] 13.9 Write unit tests for CapacityService
- [ ] 13.10 Write feature tests for capacity endpoints
## 14. Capacity Planning (Frontend)
- [ ] 14.1 Create capacity planning page (/capacity route)
- [ ] 14.2 Create calendar component for displaying month grid
- [ ] 14.3 Implement availability editor (click day to set 0, 0.5, 1.0)
- [ ] 14.4 Display holidays (H marker on dates)
- [ ] 14.5 Display weekends (O marker on dates)
- [ ] 14.6 Create PTO request form
- [ ] 14.7 Display individual and team capacity summary
- [ ] 14.8 Display possible revenue calculation
- [ ] 14.9 Write unit tests for capacity components (Vitest)
- [ ] 14.10 Write E2E test for capacity planning workflow (Playwright)
## 15. Resource Allocation (Backend)
- [ ] 15.1 Create AllocationController (index, store, update, destroy, bulk methods)
- [ ] 15.2 Create AllocationRequest for validation (hours >= 0, month format YYYY-MM)
- [ ] 15.3 Create AllocationResource for JSON transformation
- [ ] 15.4 Create AllocationPolicy for authorization (managers can allocate own team members)
- [ ] 15.5 Implement allocation validation service (check capacity, approved estimate)
- [ ] 15.6 Implement bulk allocation endpoint (create/update multiple allocations)
- [ ] 15.7 Add API routes for allocations (/api/allocations?month=YYYY-MM)
- [ ] 15.8 Implement Redis cache invalidation on allocation mutations
- [ ] 15.9 Write unit tests for allocation validation logic
- [ ] 15.10 Write feature tests for allocation endpoints
## 16. Resource Allocation (Frontend)
- [ ] 16.1 Create allocation matrix page (/allocations route)
- [ ] 16.2 Create allocation matrix component using TanStack Table
- [ ] 16.3 Implement inline editing for allocation hours
- [ ] 16.4 Display projects as rows, team members as columns
- [ ] 16.5 Display row totals (total hours per project)
- [ ] 16.6 Display column totals (total hours per team member)
- [ ] 16.7 Display utilization percentages per team member
- [ ] 16.8 Implement color-coded indicators (GREEN/YELLOW/RED for over/under allocation)
- [ ] 16.9 Add "Untracked" resource column
- [ ] 16.10 Implement month selector (navigate between months)
- [ ] 16.11 Add bulk allocation actions (copy previous month, clear all)
- [ ] 16.12 Write unit tests for allocation matrix logic (Vitest)
- [ ] 16.13 Write E2E test for allocation workflow (Playwright)
## 17. Actuals Tracking (Backend)
- [ ] 17.1 Create ActualController (index, store, update, bulk methods)
- [ ] 17.2 Create ActualRequest for validation (hours >= 0, cannot log future months)
- [ ] 17.3 Create ActualResource for JSON transformation
- [ ] 17.4 Create ActualPolicy for authorization (developers can log own hours only)
- [ ] 17.5 Implement validation: cannot log to completed/cancelled projects (configurable)
- [ ] 17.6 Implement bulk actuals endpoint
- [ ] 17.7 Add API routes for actuals (/api/actuals?month=YYYY-MM)
- [ ] 17.8 Implement Redis cache invalidation on actuals mutations
- [ ] 17.9 Write unit tests for actuals validation
- [ ] 17.10 Write feature tests for actuals endpoints
## 18. Actuals Tracking (Frontend)
- [ ] 18.1 Create actuals entry page (/actuals route)
- [ ] 18.2 Create actuals matrix component (similar to allocations matrix)
- [ ] 18.3 Display allocated hours vs actual hours side by side
- [ ] 18.4 Highlight variances (over/under delivery)
- [ ] 18.5 Allow developers to see only their own actuals (RBAC check)
- [ ] 18.6 Implement bulk update for multiple projects
- [ ] 18.7 Write unit tests for actuals components (Vitest)
- [ ] 18.8 Write E2E test for actuals logging (Playwright)
## 19. Utilization Calculations (Backend)
- [ ] 19.1 Create UtilizationService for utilization calculations
- [ ] 19.2 Implement calculateRunningUtilization method (YTD allocated / YTD capacity)
- [ ] 19.3 Implement calculateOverallUtilization method (monthly allocated / monthly capacity)
- [ ] 19.4 Implement calculateActualUtilization method (monthly actuals / monthly capacity)
- [ ] 19.5 Implement team-level utilization aggregation
- [ ] 19.6 Add utilization data to allocation and actuals responses
- [ ] 19.7 Write unit tests for UtilizationService
- [ ] 19.8 Write feature tests for utilization calculations
## 20. Reporting - Forecast (Backend)
- [ ] 20.1 Create ReportController with forecast method
- [ ] 20.2 Implement forecast report query (multi-period allocations)
- [ ] 20.3 Calculate revenue forecast (allocations × hourly rates)
- [ ] 20.4 Display variance indicators (forecasted vs approved estimate)
- [ ] 20.5 Implement filters (project, status, type, team, date range)
- [ ] 20.6 Create ForecastReportResource for JSON transformation
- [ ] 20.7 Add API route /api/reports/forecast
- [ ] 20.8 Implement Redis caching for forecast reports (15 min TTL)
- [ ] 20.9 Write unit tests for forecast report logic
- [ ] 20.10 Write feature tests for forecast endpoint
## 21. Reporting - Forecast (Frontend)
- [ ] 21.1 Create forecast report page (/reports/forecast route)
- [ ] 21.2 Create forecast report table component
- [ ] 21.3 Display multi-period view (month columns)
- [ ] 21.4 Display variance indicators (GREEN/YELLOW/RED)
- [ ] 21.5 Implement date range selector
- [ ] 21.6 Implement filters (project, status, type, team)
- [ ] 21.7 Display summary aggregations (total approved, total allocated, variance)
- [ ] 21.8 Add revenue forecast chart (Recharts line chart)
- [ ] 21.9 Write E2E test for forecast report (Playwright)
## 22. Reporting - Utilization (Backend)
- [ ] 22.1 Add utilization method to ReportController
- [ ] 22.2 Implement utilization report query (team and individual trends)
- [ ] 22.3 Calculate planned vs actual utilization
- [ ] 22.4 Implement filters (team member, role, date range)
- [ ] 22.5 Create UtilizationReportResource for JSON transformation
- [ ] 22.6 Add API route /api/reports/utilization
- [ ] 22.7 Implement Redis caching for utilization reports
- [ ] 22.8 Write feature tests for utilization endpoint
## 23. Reporting - Utilization (Frontend)
- [ ] 23.1 Create utilization report page (/reports/utilization route)
- [ ] 23.2 Display team-level utilization summary
- [ ] 23.3 Display individual utilization breakdown
- [ ] 23.4 Add utilization trend chart (Recharts line chart)
- [ ] 23.5 Color-code utilization bands (< 70% blue, 80-100% green, > 100% yellow/red)
- [ ] 23.6 Implement filters (team member, role, date range)
- [ ] 23.7 Display utilization distribution chart (how many in each band)
- [ ] 23.8 Write E2E test for utilization report (Playwright)
## 24. Reporting - Cost (Backend)
- [ ] 24.1 Add cost method to ReportController
- [ ] 24.2 Implement cost report query (allocations × hourly rates)
- [ ] 24.3 Calculate possible revenue (full capacity utilization)
- [ ] 24.4 Calculate forecasted revenue (current allocations)
- [ ] 24.5 Calculate revenue gap (possible - forecasted)
- [ ] 24.6 Implement filters (project, client, type, team, date range)
- [ ] 24.7 Create CostReportResource for JSON transformation
- [ ] 24.8 Add API route /api/reports/cost
- [ ] 24.9 Implement Redis caching for cost reports
- [ ] 24.10 Write feature tests for cost endpoint
## 25. Reporting - Cost (Frontend)
- [ ] 25.1 Create cost report page (/reports/cost route)
- [ ] 25.2 Display monthly revenue forecast
- [ ] 25.3 Display cost breakdown by project
- [ ] 25.4 Display possible revenue vs forecasted revenue
- [ ] 25.5 Display revenue gap analysis
- [ ] 25.6 Implement filters (project, type, team, date range)
- [ ] 25.7 Add revenue chart (Recharts bar chart)
- [ ] 25.8 Write E2E test for cost report (Playwright)
## 26. Reporting - Allocation (Backend)
- [ ] 26.1 Add allocation method to ReportController
- [ ] 26.2 Implement allocation report query (monthly matrix view)
- [ ] 26.3 Include utilization percentages
- [ ] 26.4 Implement filters (team, role, project, status)
- [ ] 26.5 Create AllocationReportResource for JSON transformation
- [ ] 26.6 Add API route /api/reports/allocation
- [ ] 26.7 Implement Redis caching for allocation reports
- [ ] 26.8 Write feature tests for allocation endpoint
## 27. Reporting - Allocation (Frontend)
- [ ] 27.1 Create allocation report page (/reports/allocation route)
- [ ] 27.2 Display allocation matrix with totals
- [ ] 27.3 Display utilization percentages
- [ ] 27.4 Highlight recent allocation changes (NEW/UPDATED badges)
- [ ] 27.5 Implement multi-month view option
- [ ] 27.6 Implement filters (team, role, project, status)
- [ ] 27.7 Write E2E test for allocation report (Playwright)
## 28. Reporting - Variance (Backend)
- [ ] 28.1 Add variance method to ReportController
- [ ] 28.2 Implement variance report query (planned vs actual comparison)
- [ ] 28.3 Calculate variance (actual - planned) and percentage
- [ ] 28.4 Flag over-delivery and under-delivery patterns
- [ ] 28.5 Implement filters (project, team, person, date range)
- [ ] 28.6 Create VarianceReportResource for JSON transformation
- [ ] 28.7 Add API route /api/reports/variance
- [ ] 28.8 Implement Redis caching for variance reports
- [ ] 28.9 Write feature tests for variance endpoint
## 29. Reporting - Variance (Frontend)
- [ ] 29.1 Create variance report page (/reports/variance route)
- [ ] 29.2 Display variance table (planned, actual, variance, variance %)
- [ ] 29.3 Color-code variances (positive green, negative red)
- [ ] 29.4 Display project-level variance aggregations
- [ ] 29.5 Display person-level variance aggregations
- [ ] 29.6 Add variance trend chart (Recharts)
- [ ] 29.7 Implement filters (project, team, person, date range)
- [ ] 29.8 Write E2E test for variance report (Playwright)
## 30. Role-Based Access Control (Backend)
- [ ] 30.1 Create role middleware for route protection
- [ ] 30.2 Implement permission checks in controllers
- [ ] 30.3 Create policies for all models (TeamMember, Project, Allocation, Actual)
- [ ] 30.4 Implement Superuser full access (bypass all checks)
- [ ] 30.5 Implement Manager permissions (own projects, own team allocations)
- [ ] 30.6 Implement Developer permissions (own allocations, own actuals)
- [ ] 30.7 Implement Top Brass permissions (read-only all reports)
- [ ] 30.8 Write unit tests for policies
- [ ] 30.9 Write feature tests for authorization (401, 403 responses)
## 31. Role-Based Access Control (Frontend)
- [ ] 31.1 Add role to auth store
- [ ] 31.2 Implement route guards based on role (hooks.server.ts)
- [ ] 31.3 Hide UI elements based on permissions (v-if directives)
- [ ] 31.4 Show read-only state for Top Brass users
- [ ] 31.5 Filter visible projects for Managers (own projects editable, others read-only)
- [ ] 31.6 Filter visible data for Developers (only assigned projects)
- [ ] 31.7 Write E2E tests for RBAC (different user roles)
## 32. Master Data Management (Backend)
- [ ] 32.1 Create MasterDataController (roles, statuses, types endpoints)
- [ ] 32.2 Create RoleController for managing roles (Superuser only)
- [ ] 32.3 Create ProjectStatusController for managing statuses (Superuser only)
- [ ] 32.4 Create ProjectTypeController for managing types (Superuser only)
- [ ] 32.5 Implement validation: cannot delete role/status/type in use
- [ ] 32.6 Add API routes for master data endpoints
- [ ] 32.7 Implement Redis caching for master data (24 hour TTL)
- [ ] 32.8 Write feature tests for master data endpoints
## 33. Master Data Management (Frontend)
- [ ] 33.1 Create master data management page (/admin/master-data route, Superuser only)
- [ ] 33.2 Display roles list with CRUD actions
- [ ] 33.3 Display project statuses list with reordering and CRUD actions
- [ ] 33.4 Display project types list with CRUD actions
- [ ] 33.5 Implement master data forms (create/edit)
- [ ] 33.6 Write E2E test for master data management (Playwright)
## 34. API Documentation (Backend)
- [ ] 34.1 Add Scribe annotations to all controllers (@group, @response tags)
- [ ] 34.2 Configure Scribe (scribe.php config file)
- [ ] 34.3 Generate API documentation (php artisan scribe:generate)
- [ ] 34.4 Verify SwaggerUI accessible at /api/documentation
- [ ] 34.5 Add example requests and responses to documentation
- [ ] 34.6 Add authentication section to API docs
## 35. Testing & Code Quality
- [ ] 35.1 Write comprehensive unit tests (backend models, services, utilities)
- [ ] 35.2 Write feature tests for all API endpoints (Laravel Pest)
- [ ] 35.3 Write unit tests for frontend components (Vitest)
- [ ] 35.4 Write E2E tests for critical flows (Playwright: login, allocate, report)
- [ ] 35.5 Configure pre-commit hooks (Laravel Pint, ESLint, Prettier)
- [ ] 35.6 Run PHPStan static analysis (level 5+)
- [ ] 35.7 Generate code coverage report (verify >70%)
- [ ] 35.8 Fix all linting errors (Laravel Pint, ESLint)
- [ ] 35.9 Run security audit (composer audit, npm audit)
## 36. Polish & UX
- [ ] 36.1 Add loading states (spinners, skeleton loaders)
- [ ] 36.2 Add error states (toast notifications, error pages)
- [ ] 36.3 Add empty states (no data placeholders)
- [ ] 36.4 Implement form validation feedback (inline errors, success messages)
- [ ] 36.5 Add confirmation modals for destructive actions (delete)
- [ ] 36.6 Implement responsive design (mobile-friendly tables, navigation)
- [ ] 36.7 Add keyboard shortcuts (ESC to close modals, etc.)
- [ ] 36.8 Add accessibility features (ARIA labels, focus management)
- [ ] 36.9 Test in multiple browsers (Chrome, Firefox, Safari)
## 37. Documentation & Deployment
- [ ] 37.1 Write README.md with setup instructions
- [ ] 37.2 Document environment variables (.env.example files)
- [ ] 37.3 Create Quick Start guide for managers (capacity → allocate → reports)
- [ ] 37.4 Document API authentication flow
- [ ] 37.5 Create deployment guide (Docker Compose production setup)
- [ ] 37.6 Add health check endpoints (/api/health)
- [ ] 37.7 Configure logging (Laravel logs to stdout, Svelte client errors to console)
- [ ] 37.8 Test full deployment workflow (fresh Docker Compose up)
- [ ] 37.9 Create superuser via seeder for initial login
- [ ] 37.10 Verify Nginx Proxy Manager routing
## 38. Final Verification
- [ ] 38.1 Run full test suite (unit + E2E) and verify all pass
- [ ] 38.2 Verify code coverage >70%
- [ ] 38.3 Run linters and fix all issues
- [ ] 38.4 Test complete user flow: capacity → allocate → log actuals → reports
- [ ] 38.5 Verify RBAC working for all 4 personas
- [ ] 38.6 Verify Redis caching working (check cache hit rate)
- [ ] 38.7 Verify API documentation accessible and accurate
- [ ] 38.8 Verify Docker Compose startup works cleanly
- [ ] 38.9 Verify database migrations and seeders work
- [ ] 38.10 Conduct final security review (no secrets in code, HTTPS enforced)
Reference in New Issue View Git Blame Copy Permalink