1.4 KiB
1.4 KiB
Issue #753 — KBN-010 threat, authorization, and constraint-impact gate
Objective
Complete the mandatory threat/auth/constraint-impact analysis that gates KBN-100 schema implementation.
Scope
- In: threat matrix, frozen-control mapping, schema/API/test impact inventory, security evidence plan.
- Out: runtime, schema, migration, API, dependency, CI, deployment, and secret changes.
- Canonical requirements:
docs/requirements/native-kanban-sot.md. - Frozen contract:
docs/native-kanban-sot/SHARED-CONTRACT.mdandcontracts/*.v1.ts. - Tracking: Mosaic Stack issue #753.
Plan
- Independently inspect current-main implementation and frozen canon.
- Enumerate tenant, identity, health-proof, approval, fencing, proposal, audit, token, and outage threats.
- Map every threat to required constraints, command behavior, negative tests, and owning future slice.
- Surface any unresolved schema impact as a blocker; do not silently amend the frozen contract.
- Run documentation/static validation and submit for independent SecReview.
Execution log
- 2026-07-14: KBN-000 completed through PR #752 and post-merge pipeline #1798.
- 2026-07-14: KBN-010 issue #753 created; task marked in progress; fresh GPT worker pending dispatch.
Verification evidence
Pending worker validation, independent SecReview, Ultron gate, PR merge, post-merge CI, and issue closure.