Open items
The actionable set: capabilities still PARTIAL or NON-COMPLIANT, plus pending attestations (manual sign-offs and partner-track commitments). Sources:_state.json, _attestations.json.
Non-compliant
1
verified failure
Partial
6
in progress / incomplete
Pending attestations
38
41 have no owner assigned
Non-compliant capabilities
- non-compliant
demo-try-end-to-end-flowcapability · phase ?Scripted end-to-end demo at /try/end-to-end orchestrates subscribe → cart → confirm → portal → admin → CTA against the visitor's connected store; mute-by-default Web Speech narration, manual + auto-advance controls
Sister-slice components (5a CredentialsBanner, 5b WidgetHost, 5c SyntheticSubscriptionList, 5d AdminTilesDemo) render via local placeholders pending their respective merges. Mechanical 4-line import swap once 5a-5d land.
Hive #1259 (AC-5e), dossier docs/handoffs/hive-1143-ac5e-demo-end-to-end-flow.md, parent Hive #1143 AC-5
Pending attestations (by gating class)
- market
bc-corp-coordinationcoordination · owner: unassignedBC corporate coordination — partner agreements, certifications, and listing approval
Related: #1269
- market
marketplace-listing-copygo-to-market · owner: unassignedBC marketplace listing copy — reviewed and approved
Related: #1269
- market
bc-marketplace-tech-reviewsecurity-compliance · owner: unassignedBC marketplace technical review — submission + approval
Related: #1269
- market
bc-marketplace-technical-reviewsecurity-compliance · owner: unassignedBC marketplace technical review
Related: #1269
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
dsar-financial-retentionsecurity-compliance · owner: operator + legal + paymentsDSAR erasure — financial-record retention vs deletion (legal + payments decision)
Related: #1636
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- ga
- soft
hiring-decisionscoordination · owner: unassignedHiring plan — roles needed for Phase 2 engineering and merchant support
Related: #1269
- soft
roadmap-planningcoordination · owner: unassignedRoadmap planning — Phase 2 priorities documented and stakeholder-aligned
Related: #1269
- soft
- soft
launch-announcementgo-to-market · owner: unassignedLaunch announcement — blog post or press release drafted and reviewed
Related: #1269
- soft
sales-enablementgo-to-market · owner: unassignedSales enablement materials — one-pager, demo script, competitive positioning
Related: #1269
- soft
incident-review-templateoperations · owner: unassignedIncident review template — first post-mortem completed
Related: #1269
- soft
regression-suite-coveragetesting · owner: unassignedManual regression suite — coverage of auto-test gaps
Related: #1269
Partial capabilities
6 rows — in-progress or partial implementations
- partial
brd-us-16-3-admin-bundle-detailAdmin bundle detail view: line-item → subscription attribution + lifecycle events
- partial
brd-us-17-1-expired-link-shows-reuse-pageExpired or reused magic link shows "Request a new link" page
- partial
brd-us-18-6-quantity-silent-clampOut-of-range quantity is silently clamped to [1..100] rather than rejected; audit event records original_quantity + clamped:true
- partial
brd-us-23-12-magic-link-email-pipelinePortal login magic-link sent with 32-byte opaque token, 15-min TTL, single-use bcrypt lookup; dunning PM-update link has 7-day TTL; domain mismatch rejected
- partial
brd-us-25-2-subscribe-and-save-badgePlan whose amount_cents is below the one-time product price renders a "Subscribe and save X%" badge in the storefront widget; the discount applies at checkout without coupon-code entry because the cart line uses plan.amount_cents directly.
- partial
demo-try-connect-formDemo "connect your store" connect form — store_hash + Storefront API token, validated client-side, session stored in sessionStorage only (spec #1254 AC-2)
All attestations42 total, all statuses
Full list — passed, expired, and gap-documented included, not just pending. Grouped by gating impact: marketplace-blocking first, then GA-blocking, then soft-gating, then informational.
Total
42
Passed
0
In review
2
Pending
38
Gap-documented
2
Expired
0
Marketplace-blocking4 attestations
bc-corp-coordination
pendingBC corporate coordination — partner agreements, certifications, and listing approval
category: coordinationphase: launchowner: TBDexpires after: 90dhive: #1269marketplace-listing-copy
pendingBC marketplace listing copy — reviewed and approved
category: go-to-marketphase: launchowner: TBDexpires after: 365dhive: #1269bc-marketplace-tech-review
pendingBC marketplace technical review — submission + approval
category: security-compliancephase: launchowner: TBDexpires after: 180dhive: #1269bc-marketplace-technical-review
pendingBC marketplace technical review
category: security-compliancephase: pre-launchowner: TBDexpires after: 365dhive: #1269
GA-blocking30 attestations
cross-browser
pendingCross-browser QA — Chrome, Firefox, Safari, Edge
category: design-uxphase: pre-launchowner: TBDexpires after: 180dhive: #1269,#1280,#1346heuristic-review
pendingHeuristic evaluation — full merchant admin UI
category: design-uxphase: pre-launchowner: TBDexpires after: 180dhive: #1269,#1280,#1348mobile-responsive
pendingMobile responsive QA — admin + portal + try page
category: design-uxphase: pre-launchowner: TBDexpires after: 180dhive: #1269,#1280,#1347real-merchant-usability
pendingReal-merchant usability sessions (≥3 merchants)
category: design-uxphase: pre-launchowner: TBDexpires after: 180dhive: #1269,#1280,#1349wcag-2-2-aa-admin
pendingWCAG 2.2 AA conformance — admin surface
category: design-uxphase: pre-launchowner: TBDexpires after: 180dhive: #1269,#1278,#1290,#1299wcag-2-2-aa-portal
pendingWCAG 2.2 AA conformance — subscriber portal
category: design-uxphase: pre-launchowner: TBDexpires after: 180dhive: #1269,#1278,#1291api-reference
gap-documentedAPI reference — OpenAPI spec published and developer-accessible
category: documentationphase: pre-launchowner: TBDexpires after: 365dhive: #1269,#1283,#1311developer-integration-guide
pendingDeveloper integration guide — Catalyst and headless storefront integration
category: documentationphase: pre-launchowner: TBDexpires after: 365dhive: #1269,#1283,#1312merchant-docs-site
pendingMerchant-facing documentation site — install, configure, and manage subscriptions
category: documentationphase: pre-launchowner: TBDexpires after: 365dhive: #1269,#1283,#1313,#1314beta-program-design
pendingBeta merchant program — invite criteria, support SLA, and exit criteria
category: go-to-marketphase: pre-launchowner: TBDexpires after: 365dhive: #1269,#1284onboarding-email-sequence
pendingMerchant onboarding email sequence — written and delivery-tested
category: go-to-marketphase: pre-launchowner: TBDexpires after: 365dhive: #1269,#1284pricing-decision
pendingPricing and packaging decision — documented and stakeholder-approved
category: go-to-marketphase: pre-launchowner: TBDexpires after: 365dhive: #1269,#1284on-call-rotation
pendingOn-call rotation defined — schedule, alerts, and escalation paths
category: operationsphase: pre-launchowner: TBDexpires after: 90dhive: #1269,#1282runbook-database-recovery
pendingRunbook — database backup verification and recovery procedure
category: operationsphase: pre-launchowner: TBDexpires after: 90dhive: #1269,#1282runbook-subscription-failures
pendingRunbook — subscription charge failures and dunning escalation
category: operationsphase: pre-launchowner: TBDexpires after: 90dhive: #1269,#1282slo-definitions
pendingSLO definitions — uptime, charge success rate, and API latency
category: operationsphase: pre-launchowner: TBDexpires after: 90dhive: #1269,#1282status-page-setup
pendingExternal status page — configured, monitored, and merchant-accessible
category: operationsphase: pre-launchowner: TBDexpires after: 90dhive: #1269,#1282support-macros
pendingSupport macros and playbooks — common merchant support scenarios
category: operationsphase: pre-launchowner: TBDexpires after: 90dhive: #1269,#1282dsar-financial-retention
pendingDSAR erasure — financial-record retention vs deletion (legal + payments decision)
category: security-compliancephase: pre-launchowner: operator + legal + paymentshive: #1636gdpr-review
pendingGDPR compliance review — data subject rights + processor agreements
category: security-compliancephase: pre-launchowner: TBDexpires after: 180dhive: #1269,#1279,#1309,#1319,#1320,#1321,#1323,#1324pci-scope-verification
pendingPCI scope verification — no raw card data in our systems
category: security-compliancephase: pre-launchowner: TBDexpires after: 180dhive: #1269,#1279,#1306penetration-test
pendingThird-party penetration test — full app surface
category: security-compliancephase: pre-launchowner: TBDexpires after: 180dhive: #1269,#1279secret-scanning-audit
pendingSecret scanning audit — gitleaks + environment secret hygiene
category: security-compliancephase: ongoingowner: TBDexpires after: 180dhive: #1269,#1279,#1304,#1305stride-payment-flows
in-reviewSTRIDE threat model — payment authorization and capture flows
category: security-compliancephase: pre-launchowner: TBDexpires after: 180dhive: #1269,#1279,#1308,#1332,#1333,#1334,#1336,#1338stride-subscription-lifecycle
in-reviewSTRIDE threat model — subscription lifecycle operations
category: security-compliancephase: pre-launchowner: TBDexpires after: 180dhive: #1269,#1279,#1307,#1327,#1328,#1329,#1330,#1331adversarial-testing
pendingAdversarial and edge-case testing — concurrent operations + destructive inputs
category: testingphase: pre-launchowner: TBDexpires after: 90dhive: #1269,#1281exploratory-testing
pendingExploratory testing session — unscripted, independent tester
category: testingphase: pre-launchowner: TBDexpires after: 90dhive: #1269,#1281manual-test-execution
pendingFull manual test plan execution against staging environment
category: testingphase: pre-launchowner: TBDexpires after: 90dhive: #1269,#1281test-data-prep
pendingStaging test data — realistic multi-merchant, multi-subscription dataset
category: testingphase: pre-launchowner: TBDexpires after: 90dhive: #1269,#1281test-plan-extraction
pendingManual test plan extracted from BDD scenarios + AC
category: testingphase: pre-launchowner: TBDexpires after: 90dhive: #1269,#1281
Soft-gating7 attestations
hiring-decisions
pendingHiring plan — roles needed for Phase 2 engineering and merchant support
category: coordinationphase: launchowner: TBDexpires after: 90dhive: #1269roadmap-planning
pendingRoadmap planning — Phase 2 priorities documented and stakeholder-aligned
category: coordinationphase: launchowner: TBDexpires after: 90dhive: #1269migration-guides
pendingMigration guides — from Recharge, WooCommerce Subscriptions, and build-native
category: documentationphase: launchowner: TBDexpires after: 365dhive: #1269,#1316,#1345launch-announcement
pendingLaunch announcement — blog post or press release drafted and reviewed
category: go-to-marketphase: launchowner: TBDexpires after: 365dhive: #1269sales-enablement
pendingSales enablement materials — one-pager, demo script, competitive positioning
category: go-to-marketphase: launchowner: TBDexpires after: 365dhive: #1269incident-review-template
pendingIncident review template — first post-mortem completed
category: operationsphase: launchowner: TBDexpires after: 90dhive: #1269regression-suite-coverage
pendingManual regression suite — coverage of auto-test gaps
category: testingphase: ongoingowner: TBDexpires after: 90dhive: #1269
Informational1 attestation
wcag-2-2-aa-try-page
gap-documentedWCAG 2.2 AA conformance — /try storefront page (RETIRED — surface deleted)
category: design-uxphase: pre-launchowner: TBDexpires after: 180dhive: #1269,#1278,#1292