{
  "claim_rows_written": [],
  "current_operating_state": {
    "einvoicing_leased_count": 14,
    "leased_count": 14,
    "leased_task_ids": [
      "lane07_einvoicing_retrieval_qa_demo_surge_23369",
      "lane02_einvoicing_rag_manifest_chunk_surge_23373",
      "lane05_einvoicing_api_status_demo_parity_surge_26020",
      "lane06_einvoicing_full_index_meili_parity_surge_26021",
      "lane03_einvoicing_concept_card_source_card_surge_26022",
      "lane04_einvoicing_graph_patch_surge_26023",
      "lane01_einvoicing_public_source_inventory_surge_26025",
      "mtl03_hermes1_einvoicing_annuaire_aife_chorus_surge_26014",
      "mtl03_hermes2_einvoicing_ppf_pdp_ereporting_surge_26015",
      "mtl03_hermes3_einvoicing_shared_gate_raw_capture_surge_26018",
      "mtl03_hermes4_einvoicing_fec_obligation_graph_surge_26016",
      "mtl03_hermes5_einvoicing_source_cards_qa_surge_26012",
      "mtl03_hermes6_einvoicing_index_status_parity_surge_26017",
      "mtl03_hermes7_einvoicing_demo_regression_closeout_surge_26019"
    ],
    "queue_focus": {
      "active_corpus": "einvoicing",
      "enabled": true,
      "preempt_other_leases": true,
      "reason": "restore_14_active_after_lane05_repair_and_concurrent_closeouts",
      "source_ref": "data/ops/legipro_rotor_focus.json",
      "updated_utc": "2026-06-29T07:09:17Z"
    },
    "queue_generated_utc": "2026-06-30T10:21:36Z",
    "queue_status_counts": {
      "blocked": 1,
      "deferred": 0,
      "done": 141,
      "in_progress": 0,
      "leased": 14,
      "ready": 0
    },
    "status_snapshot": {
      "generated_utc": "2026-06-30T10:21:52Z",
      "path": "site/legipro-fr/assets/legipro-status-snapshot.json",
      "snapshot_id": "legipro-status-20260630T102152Z"
    }
  },
  "generated_utc": "2026-06-30T10:22:15Z",
  "readiness_flags": {
    "answer_ready": false,
    "client_reliance": false,
    "human_review_complete": false,
    "professional_certification": false,
    "promotion_allowed": false,
    "scenario_ready": false,
    "semantic_search_active": false
  },
  "schema_version": "legipro_saas_readiness_roadmap.v1",
  "source_files_read": [
    "data/ops/legipro_scenario_unlock_task_queue.json",
    "data/ops/legipro_saas_readiness_roadmap_claims.jsonl",
    "/root/docs/4939-legipro-saas-external-review-claude-recommendations-2026-06-27.md",
    "/root/docs/4940-legipro-architecture-current-and-target-saas-2026-06-27.md",
    "/root/docs/4941-legipro-review-runtime-iteration-proposal-2026-06-27.md",
    "/root/docs/4946-legipro-product-runtime-optimization-response-2026-06-27.md",
    "docs/product/cegid-api-integration-check-2026-06-28.md",
    "docs/product/strategic-accounting-api-integration-map-2026-06-28.md"
  ],
  "tasks": [
    {
      "acceptance": [
        "All active e-invoicing leases close with rotor receipts and no duplicate task ownership.",
        "Status page, coverage map, API guide and CLI docs show the same e-invoicing state.",
        "Meilisearch/live index and local corpus assets have a dated parity receipt.",
        "Scenario, answer, promotion, human-review, client-reliance and semantic flags remain false unless a separate launch gate proves otherwise."
      ],
      "claim_note": "Live continuity proof refreshed: data/ops/legipro_saas_0001_einvoicing_continuity_latest.json now reports status=machine_verified_active_leases with 14/14 expected e-invoicing lanes active, 14 covered by recent closeouts, 11 fresh closeouts, latest closeout 2026-06-28T10:35:14Z, missing_lanes=0 and no bounded automint pass needed. The final gate remains machine_verified_in_progress with no readiness/professional flag violations. SAAS-0001 stays open until active leases close with receipts, public/status/API surfaces stay aligned, and the legacy e-invoicing queue is fully closed.",
      "claimable": true,
      "closeout_to_changelog": "Record the demo-ready machine state, counts, smoke receipts and remaining caveats.",
      "depends_on": [],
      "last_claim_utc": "2026-06-28T10:35:55Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Keep all available lanes focused on e-invoicing until the public demo surfaces, graph/RAG artifacts, Meili status and receipts agree around the September 2026 rollout narrative.",
      "status": "in_progress",
      "task_id": "SAAS-0001",
      "title": "Complete the e-invoicing demo corpus to the strongest machine-verified state",
      "why": "The official French e-invoicing rollout begins on 1 September 2026, so the strongest near-term product proof is PPF/PDP, AIFE/annuaire, Chorus, FEC and VAT/accounting-treatment evidence parity."
    },
    {
      "acceptance": [
        "Postgres has canonical task, lease, heartbeat, closeout and event tables with migration receipt.",
        "Atomic claim-and-next replaces read-only next-task polling.",
        "Duplicate closeout submissions are idempotent by closeout_id or payload hash.",
        "File-backed JSON becomes export/cache only, not canonical state."
      ],
      "claim_note": "Closed with Postgres migration/status/lane-registry receipts, atomic FOR UPDATE SKIP LOCKED claim regression, protected API 403 probe, and SaaS-0002 closeout receipt data/ops/legipro_saas_0002_closeout_2026-06-27.json.",
      "claimable": true,
      "closeout_to_changelog": "Record migration path, table counts, tests and rollback/export command.",
      "depends_on": [],
      "last_claim_utc": "2026-06-27T07:35:56Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Backfill current queue rows, leases, heartbeats, closeouts and idempotency keys into the Postgres control-plane schema.",
      "status": "done",
      "task_id": "SAAS-0002",
      "title": "Migrate rotor queue and lease state into Postgres",
      "why": "The file-backed rotor state is the largest orchestration risk under remote workers and many lanes."
    },
    {
      "acceptance": [
        "Warehouse row counts, chunk counts and checksum counts are non-zero and dated.",
        "Meili live count, local full-index count and warehouse count differences are explained.",
        "A warehouse-to-Meili rebuild drill proves the live search index can be recreated from durable corpus state.",
        "Deletes, stale rows and corpus-family mappings have a deterministic conflict rule.",
        "Backfill receipt lists source files, rejected rows and retry plan."
      ],
      "claim_note": "Live Postgres warehouse status/parity verified: 59,627 chunks match local full-index rows; live Meili is +33 operational rows; source file/rejected-row/retry-policy receipt added; semantic and Scenario flags remain false.",
      "claimable": true,
      "closeout_to_changelog": "Record parity counts and the source-of-truth rebuild command.",
      "depends_on": [
        "SAAS-0002"
      ],
      "last_claim_utc": "2026-06-27T07:46:35Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Load current corpus documents, chunks, manifests, graph/RAG metadata and checksums into the warehouse on mtl-02, then compare against Meilisearch.",
      "status": "done",
      "task_id": "SAAS-0003",
      "title": "Backfill the corpus warehouse and prove Meili/Warehouse parity",
      "why": "The warehouse is valuable only after it contains auditable corpus rows and can rebuild the live search index deterministically."
    },
    {
      "acceptance": [
        "Each lane has one canonical worker identity and scoped route permissions.",
        "mtl-01 and mtl-03 workers submit claims, heartbeats and closeouts through CLI/REST, not direct queue file mutation.",
        "The status page displays roster freshness without reading terminal history.",
        "Fallback model policy is visible per lane."
      ],
      "claim_note": "Accepted: 14-lane canonical roster, remote mtl-03 control-plane heartbeat fallback, status page model/fallback visibility. Receipt: data/ops/legipro_saas_0004_acceptance_closeout_2026-06-27.json",
      "claimable": true,
      "closeout_to_changelog": "Record active lanes by host, profile and queue mode.",
      "depends_on": [
        "SAAS-0002"
      ],
      "last_claim_utc": "2026-06-27T08:55:06Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Expose worker registration, model profile, host id, lane id, heartbeat and claim scope through CLI/REST against the Postgres control plane.",
      "status": "done",
      "task_id": "SAAS-0004",
      "title": "Make mtl-01 and mtl-03 first-class worker rosters",
      "why": "Worker lanes should not depend on tmux pane scraping or host-specific memory."
    },
    {
      "acceptance": [
        "A dead worker lease is evicted after the configured heartbeat timeout.",
        "Two workers cannot own the same task unless the task explicitly permits shared work.",
        "Duplicate closeout and interrupted closeout tests pass.",
        "Readiness false flags are enforced at API, DB and CLI boundaries."
      ],
      "claim_note": "Implemented Postgres stale-lease dry-run/execute recovery, metronome stale-lease reporting, closed-task lease pruning, focused tests, and public CLI docs. Receipts: data/ops/legipro_codex_freeze_recovery_followup_2026-06-27.json",
      "claimable": true,
      "closeout_to_changelog": "Record new tests and the reaper service status.",
      "depends_on": [
        "SAAS-0002",
        "SAAS-0004"
      ],
      "last_claim_utc": "2026-06-27T08:45:22Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Add reaper logic, stale lease eviction, single-owner proofs, checksum-required closeouts and race-condition tests.",
      "status": "done",
      "task_id": "SAAS-0005",
      "title": "Implement lease expiry, dead-worker recovery and negative orchestration tests",
      "why": "A SaaS control plane must survive duplicate signals, dead lanes, partial receipts and network failures without human rescue."
    },
    {
      "acceptance": [
        "Every rotor closeout can trigger status refresh without interrupting active TUI agents.",
        "bureau-status.html, bureau-api.html, CLI docs and coverage map cite the same counts.",
        "Public pages identify local-only vs live-indexed deltas without implying deployment failure.",
        "Roadmap tasks link to receipts and move to changelog only when acceptance is met."
      ],
      "claim_note": "Accepted: exact docs sync audit includes status/API/CLI/coverage-map counts, local/live parity wording, rotor closeout refresh wiring, done-task receipt links, and changelog rule. Receipt: data/ops/legipro_saas_0006_acceptance_closeout_2026-06-27.json",
      "claimable": true,
      "closeout_to_changelog": "Record the automation trigger and latest published receipt.",
      "depends_on": [
        "SAAS-0001"
      ],
      "last_claim_utc": "2026-06-27T09:12:20Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Route every corpus closeout through docs/status refresh hooks and publish a compact receipt when public pages change.",
      "status": "done",
      "task_id": "SAAS-0006",
      "title": "Keep public status, coverage, CLI docs and API docs auto-synchronized",
      "why": "External reviewers now use the status page as diligence evidence; stale or contradictory counters hurt credibility."
    },
    {
      "acceptance": [
        "Each worker token is scoped to heartbeat, claim, closeout and artifact checksum routes.",
        "Non-allowlisted Postgres routes fail closed and are tested.",
        "Secrets are absent from public docs and receipts.",
        "Token rotation and revocation runbooks exist."
      ],
      "claim_note": "Scoped rotor worker auth implemented and verified: admin bearer compatibility retained; worker tokens now require rotor route scopes; public/demo tokens without scopes refused; mtl-02 Postgres firewall/pg_hba boundary checked; runbook and receipt written.",
      "claimable": true,
      "closeout_to_changelog": "Record token scopes, deny-path tests and rotation procedure.",
      "depends_on": [
        "SAAS-0004"
      ],
      "last_claim_utc": "2026-06-27T09:32:45Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Replace broad admin bearer use with short-lived scoped worker tokens, keep Postgres IP-locked, and log worker actions by host/lane.",
      "status": "done",
      "task_id": "SAAS-0007",
      "title": "Harden security boundaries for remote workers and warehouse access",
      "why": "The current stage is acceptable with static IP allowlists, but SaaS needs scoped tokens and revocation."
    },
    {
      "acceptance": [
        "Backups cover Postgres, Meili index config/data and mtl-02 corpus artifacts.",
        "A restore drill creates a dated receipt with counts and checksums.",
        "RPO/RTO targets are documented for prototype and SaaS stages.",
        "Backups do not expose secrets in public status artifacts."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0008_closeout_2026-06-27.json and data/ops/legipro_backup_restore_drill_2026-06-27.json. Backup/restore drill implemented and executed with Postgres custom dump, pg_restore list proof, Meili health/full-index checksum, critical artifact manifest and RPO/RTO runbook; readiness flags remain false.",
      "claimable": true,
      "closeout_to_changelog": "Record backup schedule and latest restore receipt.",
      "depends_on": [
        "SAAS-0003"
      ],
      "last_claim_utc": "2026-06-27T16:49:00Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Schedule pg_dump/WAL or equivalent, Meili export, artifact checksum manifests and restore drills.",
      "status": "done",
      "task_id": "SAAS-0008",
      "title": "Add backup, restore and disaster-recovery drills for Postgres, Meili and artifacts",
      "why": "Corpus value becomes real only when it can be restored without replaying weeks of ingest work."
    },
    {
      "acceptance": [
        "OpenAPI includes /v0, /v1/search, /v1/retrieve and /v0/rotor bounded routes.",
        "GraphQL and MCP examples are smoke-tested with demo tokens.",
        "The API page separates active bounded surfaces from planned Scenario/semantic work.",
        "Partner one-pager links to CLI verification commands."
      ],
      "claim_note": "Closed API contract/onboarding proof: REST/GraphQL/MCP smoke 9/9, GraphQL/MCP CLI examples verified, static partner contract asset published, OpenAPI JSON public-route caveat documented. Receipt data/ops/legipro_saas_0009_api_contract_receipt_2026-06-27.json.",
      "claimable": true,
      "closeout_to_changelog": "Record spec paths and smoke receipt.",
      "depends_on": [
        "SAAS-0002",
        "SAAS-0004"
      ],
      "last_claim_utc": "2026-06-27T09:55:50Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Generate OpenAPI fragments for REST/rotor, GraphQL introspection examples, MCP tool contracts and a public demo-token test path.",
      "status": "done",
      "task_id": "SAAS-0009",
      "title": "Publish OpenAPI/GraphQL/MCP contracts and partner onboarding proof",
      "why": "Partner diligence needs machine-readable API contracts, not only narrative docs."
    },
    {
      "acceptance": [
        "Embedding dimensions are model-versioned, not hard-coded to one provider.",
        "Benchmark includes BOFiP, PCG/ANC, URSSAF, Code de commerce and e-invoicing queries.",
        "Precision/recall and failure examples are documented.",
        "semantic_search_active remains false until the activation gate passes."
      ],
      "claim_note": "Receipt: data/ops/legipro_semantic_retrieval_strategy_benchmark_2026-06-27.json. Semantic retrieval benchmark closed with Meili 10/10, Postgres lexical 1/10, pgvector MiniLM 384 candidate 6/10 and 15,949 candidate vectors registered; semantic_search_active remains false.",
      "claimable": true,
      "closeout_to_changelog": "Record selected model, rejected models, cost estimate and activation blocker.",
      "depends_on": [
        "SAAS-0003"
      ],
      "last_claim_utc": "2026-06-27T16:49:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Compare Meili keyword, Postgres lexical, pgvector candidates and at least one multilingual/French embedding model on a fixed QA set.",
      "status": "done",
      "task_id": "SAAS-0010",
      "title": "Choose and benchmark the French legal/accounting embedding strategy",
      "why": "Semantic search can be a moat only if retrieval quality is proven on French legal/accounting questions."
    },
    {
      "acceptance": [
        "Scenario has fixture, graph, RAG, retrieval and source-card gates per corpus family.",
        "No client-usable Scenario conclusion is exposed before the launch gate.",
        "The page explains Scenario locked vs review/demo-mode without ambiguity.",
        "If all machine gates pass, the final professional-review switch remains separate."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0011_scenario_gate_matrix_closeout_2026-06-27.json and data/ops/legipro_saas_0011_scenario_gate_matrix_2026-06-27.json. Scenario gate matrix recorded; Scenario remains locked with launch_allowed=false and client-reliance/readiness flags false.",
      "claimable": true,
      "closeout_to_changelog": "Record Scenario gate matrix and whether it remains locked.",
      "depends_on": [
        "SAAS-0001",
        "SAAS-0003",
        "SAAS-0005",
        "SAAS-0010"
      ],
      "last_claim_utc": "2026-06-27T16:49:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Create a machine-verified Scenario readiness gate that uses corpus coverage, source cards, retrieval QA, graph/RAG and explicit client-reliance false boundaries.",
      "status": "done",
      "task_id": "SAAS-0011",
      "title": "Unlock Scenario only after corpus, retrieval and guardrail gates pass",
      "why": "Scenario is the product payoff, but enabling it before data and guardrails are ready would create professional reliance risk."
    },
    {
      "acceptance": [
        "Tenant/workspace auth paths are documented and smoke-tested.",
        "Demo tokens are clearly separated from partner tokens.",
        "Rate limits and usage logs are visible for REST, GraphQL, MCP and CLI.",
        "No paying-users or ARR claim is made until real contracts exist."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_foundations_contract_2026-06-27.json. SaaS foundations contract closed with org/workspace/RBAC/token classes/quota/usage/billing skeleton, 52 focused tests and no live billing or ARR claim.",
      "claimable": true,
      "closeout_to_changelog": "Record tenant model and demo/partner boundary.",
      "depends_on": [
        "SAAS-0007",
        "SAAS-0009"
      ],
      "last_claim_utc": "2026-06-27T16:49:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Define organization/workspace roles, demo vs partner tokens, rate limits, audit logs and pricing/billing skeletons.",
      "status": "done",
      "task_id": "SAAS-0012",
      "title": "Build SaaS organization, workspace, RBAC, quota and billing foundations",
      "why": "A buyer or partner needs tenant separation, usage controls and commercial packaging before production pilots."
    },
    {
      "acceptance": [
        "Dashboard reads canonical Postgres/warehouse state, not terminal buffers.",
        "It shows stale leases and next action for every lane.",
        "It links to latest artifact checksums and receipts.",
        "It stays public-safe or has explicit auth separation."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0013_operator_dashboard_receipt_2026-06-27.json. Postgres-first operator dashboard slice closed: status and lane telemetry prefer canonical rotor Postgres state over terminal buffers and expose lane next actions; readiness/professional flags remain false.",
      "claimable": true,
      "closeout_to_changelog": "Record dashboard URL and current health snapshot.",
      "depends_on": [
        "SAAS-0002",
        "SAAS-0004",
        "SAAS-0005"
      ],
      "last_claim_utc": "2026-06-27T16:49:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Expose live worker roster, leases, closeouts, queue depth, stale tasks, parity, backup state and blocker classes.",
      "status": "done",
      "task_id": "SAAS-0013",
      "title": "Create the operator dashboard for queue, leases, workers, parity and blockers",
      "why": "tmux is useful for humans, but it cannot be the nervous system of a SaaS corpus factory."
    },
    {
      "acceptance": [
        "Adapter schema covers source owner, license, authority tier, date validity and jurisdiction.",
        "FR behavior is not hard-coded into generic retrieval or Scenario logic.",
        "UK/Canada pilots are documented as planned, not live."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0014_multi_country_adapter_design_2026-06-27.json and data/ops/legipro_saas_0014_adapter_schema_smoke_2026-06-27.json. Multi-country adapter contract/schema created for FR/UK/Canada planning only; no live foreign corpus or readiness claim widening.",
      "claimable": true,
      "closeout_to_changelog": "Record adapter design and first non-FR pilot boundary.",
      "depends_on": [
        "SAAS-0003",
        "SAAS-0010",
        "SAAS-0011"
      ],
      "last_claim_utc": "2026-06-27T16:49:00Z",
      "owner": "/rook-410",
      "phase": "Later",
      "priority": "P2",
      "scope": "Define corpus adapter contracts, language/local-law metadata, source-rights gates and retrieval benchmarks before adding foreign corpora.",
      "status": "done",
      "task_id": "SAAS-0014",
      "title": "Design multi-country corpus adapters for France, UK and Canada",
      "why": "Country expansion is cheaper if source ownership, citation, date validity and authority tiers are modeled now."
    },
    {
      "acceptance": [
        "The pack cites live public pages and local receipts.",
        "It does not claim ARR, paying users, trademark clearance, legal opinion or client-ready Scenario.",
        "It includes public demo bearer API tests for reviewers.",
        "Known limitations sit in a clear final section instead of reading like a wall of negatives."
      ],
      "claim_note": "Closed diligence refresh: regenerated docs/diligence/legipro_buyer_readiness_2026-06-27 with live public-page checks, 9/9 API smoke, demo bearer auth/search proofs, Meili/Warehouse counts, valuation/source-rights caveats and final limitations; receipt data/ops/legipro_buyer_readiness_pack_2026-06-27.json.",
      "claimable": true,
      "closeout_to_changelog": "Record pack path, receipt and public pages used.",
      "depends_on": [
        "SAAS-0006",
        "SAAS-0009"
      ],
      "last_claim_utc": "2026-06-27T10:23:06Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Regenerate buyer-readiness, source-rights, valuation posture, CLI/API proof, coverage snapshot and limitations docs.",
      "status": "done",
      "task_id": "SAAS-0015",
      "title": "Refresh the diligence pack and external narrative from live evidence",
      "why": "External reviewers should see working APIs, corpus counts, rights caveats and roadmap status without stale valuation claims."
    },
    {
      "acceptance": [
        "A public roadmap page exists and links from API/status surfaces.",
        "Each roadmap item has a SAAS-#### task number, claim state, dependencies and acceptance criteria.",
        "Initial claims are recorded without preempting current e-invoicing leases.",
        "Future completions have a documented changelog closeout rule."
      ],
      "claim_note": "Accepted: public roadmap exists, API/status link to it, task cards have SAAS ids/dependencies/acceptance, claim journal is present, and changelog closeout rule plus changelog entry are recorded. Receipt: data/ops/legipro_saas_0016_acceptance_closeout_2026-06-27.json",
      "claimable": true,
      "closeout_to_changelog": "Record this roadmap publication, receipt and static publish path.",
      "depends_on": [],
      "last_claim_utc": "2026-06-27T09:18:10Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Generate the roadmap JSON/Markdown/site page, wire docs update publish support, seed initial claims and write a receipt.",
      "status": "done",
      "task_id": "SAAS-0016",
      "title": "Publish claimable roadmap and changelog workflow",
      "why": "The team needs one visible plan with task numbers, claim state and a clear route from roadmap to changelog."
    },
    {
      "acceptance": [
        "One dated JSON snapshot includes warehouse counts, Meili counts, active leases, stale leases, closeouts and false readiness flags.",
        "bureau-status.html, bureau-roadmap.html and API/status docs cite the same snapshot id.",
        "A validation command fails if public pages would publish mixed timestamps or contradictory counts.",
        "Snapshot generation is low-priority and does not run broad repository scans."
      ],
      "claim_note": "Closed atomic status snapshot; status and roadmap cite the same snapshot asset/id with verifier receipt.",
      "claimable": true,
      "closeout_to_changelog": "Record the canonical snapshot path, validation command and first no-skew publish receipt.",
      "depends_on": [
        "SAAS-0002",
        "SAAS-0003",
        "SAAS-0006"
      ],
      "last_claim_utc": "2026-06-27T12:04:17Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Generate one canonical status snapshot from Postgres, Meili and rotor state, then make status page, roadmap, API docs and receipts read that same artifact.",
      "status": "done",
      "task_id": "SAAS-0017",
      "title": "Build one atomic status snapshot for all public and diligence surfaces",
      "why": "Claude's review flagged independently timed status reads as a source of confusing count skew for buyers and operators."
    },
    {
      "acceptance": [
        "A script inventory maps supported operational flows to `python3 -m legipro_cli.main ...` commands.",
        "Unsupported historical scripts are documented as receipts/helpers/attic candidates and excluded from new lane prompts.",
        "CLI help documents the supported rotor, warehouse, docs, status and diligence commands.",
        "No historical artifact or receipt is removed during quarantine."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0018_script_inventory_receipt_2026-06-27.json and data/ops/legipro_saas_0018_script_quarantine_closeout_2026-06-27.json. CLI-supported operations inventory and script quarantine documented; historical artifacts preserved.",
      "claimable": true,
      "closeout_to_changelog": "Record the script inventory path, CLI help update and excluded historical directories.",
      "depends_on": [
        "SAAS-0006",
        "SAAS-0017"
      ],
      "last_claim_utc": "2026-06-27T16:49:00Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Classify scripts into supported CLI-backed operations, library helpers, generated receipts and attic candidates without deleting evidence.",
      "status": "done",
      "task_id": "SAAS-0018",
      "title": "Quarantine ad-hoc scripts and consolidate supported operations into legipro-cli",
      "why": "The external review identified script sprawl as the main elegance and maintainability drag after the control-plane hardening."
    },
    {
      "acceptance": [
        "A fresh worker can register, claim, heartbeat and close out a safe task using only documented configuration.",
        "The worker writes no canonical state outside the control-plane API and artifact output paths.",
        "The same container image can run on mtl-01 or mtl-03 with host-specific secrets injected externally.",
        "A rollback path returns the lane to the existing Hermes/tmux posture if needed."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0019_reference_worker_container_closeout_2026-06-27.json. Reference worker container proof built and smoked with CLI dry-run; no live queue claim or readiness flag widening.",
      "claimable": true,
      "closeout_to_changelog": "Record image/build path, smoke receipt, rollback command and remaining non-container lanes.",
      "depends_on": [
        "SAAS-0004",
        "SAAS-0007",
        "SAAS-0018"
      ],
      "last_claim_utc": "2026-06-27T16:49:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Package a single bounded worker with environment contract, model profile, scoped token, heartbeat, claim, closeout and low-I/O guardrails.",
      "status": "done",
      "task_id": "SAAS-0019",
      "title": "Containerize one reference worker lane as the pets-to-cattle proof",
      "why": "The target SaaS architecture is credible only after one worker can be recreated without tmux history or host-local state."
    },
    {
      "acceptance": [
        "A single `docs/diligence/current.md` points to the latest active documents and receipts.",
        "The one-pager frames LegiPro as an asset-sale/platform-readiness story, not an ARR valuation.",
        "Negative caveats are grouped in a clear limitations section rather than scattered as alarm copy.",
        "Public docs link to current API/status/roadmap evidence without exposing secrets."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0020_diligence_pointer_closeout_2026-06-27.json. Current diligence pointer and one-page buyer narrative created with public API/status/roadmap/Scenario evidence.",
      "claimable": true,
      "closeout_to_changelog": "Record diligence pointer path, one-pager path and source receipts used.",
      "depends_on": [
        "SAAS-0006",
        "SAAS-0015",
        "SAAS-0017"
      ],
      "last_claim_utc": "2026-06-27T16:49:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Create a stable current pointer to the latest architecture, source-rights, status, smoke, roadmap and limitation evidence, plus a short buyer-facing summary.",
      "status": "done",
      "task_id": "SAAS-0020",
      "title": "Publish a current diligence-room pointer and one-page buyer narrative",
      "why": "Reviewers should not have to infer the current asset story from many dated docs and terminal receipts."
    },
    {
      "acceptance": [
        "Phase 0 hygiene, Phase 1 containerization and Phase 2 managed/HA Postgres have explicit owners, receipts and rollback gates.",
        "Secrets move from host files into a documented KMS/Vault-compatible path before enterprise pilots.",
        "Gateway, SSO, telemetry and SLO tasks are sequenced after data/control-plane stability.",
        "The moat remains corpus/trace/guardrail quality; infrastructure migration does not widen readiness claims."
      ],
      "claim_note": "Accepted: staged SaaS substrate migration plan created at docs/product/saas-substrate-migration-plan.md with owners, receipts, rollback gates, KMS/Vault sequencing, managed/HA Postgres sequencing, and no readiness flag widening. Receipt: data/ops/legipro_saas_0021_substrate_migration_plan_2026-06-27.json.",
      "claimable": true,
      "closeout_to_changelog": "Record phased migration status and which SaaS substrate risks remain open.",
      "depends_on": [
        "SAAS-0017",
        "SAAS-0018",
        "SAAS-0019"
      ],
      "last_claim_utc": "2026-06-27T12:42:28Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Turn the architecture target into phased work for stateless serving, managed/HA data tier, KMS/Vault secrets, gateway/SSO, observability and compliance drills.",
      "status": "done",
      "task_id": "SAAS-0021",
      "title": "Execute the staged SaaS substrate migration plan",
      "why": "Claude's target architecture argues the gap is substrate re-platforming, not product rewrite; the roadmap needs that work claimable."
    },
    {
      "acceptance": [
        "`rotor_tasks_archive` exists with archived rows and false readiness constraints.",
        "`legipro rotor db-archive-done-tasks` is dry-run by default and rejects live statuses such as `leased`.",
        "At least one bounded execute batch archives closed rows without touching active leases.",
        "CLI docs and public API docs document the archive command and audit boundary."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0022_done_task_archive_closeout_2026-06-27.json and data/ops/legipro_saas_rotor_done_task_archive_2026-06-27.json. Rotor done-history archive path implemented and exercised: 500 closed unleased rows archived, active leases untouched, readiness flags false.",
      "claimable": true,
      "closeout_to_changelog": "Record archive counts, command, tests and remaining archive candidates.",
      "depends_on": [
        "SAAS-0002",
        "SAAS-0005",
        "SAAS-0018"
      ],
      "last_claim_utc": "2026-06-27T16:49:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Add a Postgres archive table and CLI command that moves closed, unleased task rows out of rotor_tasks while preserving closeouts, events and false readiness flags.",
      "status": "done",
      "task_id": "SAAS-0022",
      "title": "Archive closed rotor task history out of the hot claim table",
      "why": "External review flagged the large done_machine_safe_delta history as buyer-visible operational drag; hot claim scans should stay small without losing audit evidence."
    },
    {
      "acceptance": [
        "Each legacy frontend stub has a disposition: active, redirected, archived, or deleted.",
        "Public navigation and docs do not link to retired stubs.",
        "Any removed/redirected public page has a rollback note and no broken internal links.",
        "The script inventory remains the operational source for CLI-first processing."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0023_frontend_stub_disposition_2026-06-27.json and data/ops/legipro_saas_0023_frontend_stub_hygiene_verify_2026-06-27.json. Frontend stub hygiene completed with legacy route canonicalization, canonical page checks and rollback notes.",
      "claimable": true,
      "closeout_to_changelog": "Record stub disposition counts, changed routes/files and rollback notes.",
      "depends_on": [
        "SAAS-0018",
        "SAAS-0020"
      ],
      "last_claim_utc": "2026-06-27T16:49:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P2",
      "scope": "Inventory legacy pages such as ai-chat/basic-chat/bureau0/bureau2 variants, decide redirect/archive/delete per page, and publish a buyer-safe hygiene receipt.",
      "status": "done",
      "task_id": "SAAS-0023",
      "title": "Retire or quarantine dead frontend stubs for buyer-facing repo hygiene",
      "why": "External review flagged historical frontend stubs and a large scripts directory as sprawl; SAAS-0018 narrowed script operations, but visible dead UI surfaces still need explicit cleanup."
    },
    {
      "acceptance": [
        "The contract includes answerability status, applicability, effective dates, sources, missing facts, risk flags, export_bundle_id and audit_id.",
        "At least one smoke fixture returns `insufficient_evidence` or `conflicting_sources` when sources do not support a safe answer.",
        "The public API guide documents this as a bounded review workflow, not a certified professional conclusion.",
        "Scenario, answer-ready, promotion, human-review, client-reliance and semantic flags remain false."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0024_review_runtime_contract_2026-06-27.json. Review Runtime preview contract closed with schema, 3 fixtures, CLI schema wrapper and public API docs; /v1/review remains planned_preview_not_live and Scenario/answer/promotion/human-review/client-reliance/semantic/professional-certification flags remain false.",
      "claimable": true,
      "closeout_to_changelog": "Record contract path, smoke fixtures and false-readiness boundary.",
      "depends_on": [
        "SAAS-0009",
        "SAAS-0012"
      ],
      "last_claim_utc": "2026-06-27T20:26:42Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Create the endpoint/workflow contract for professional answer review across REST, GraphQL and MCP without unlocking Scenario or client reliance.",
      "status": "done",
      "task_id": "SAAS-0024",
      "title": "Define and smoke the Review Answer Runtime contract",
      "why": "The buyer-facing product should return a current, cited, reviewable answer with missing facts, risk flags, and an export bundle, not just raw search results."
    },
    {
      "acceptance": [
        "API docs separate product endpoints, MCP tools and internal rotor worker routes.",
        "Worker tokens cannot call partner-only product mutations or queue-minting commands.",
        "Partner examples use product/search/review/export flows, not rotor control-plane flows.",
        "The architecture map and public API page use the same surface names."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0025_api_surface_separation_2026-06-27.json. Separated Partner Product API, AI Tool Runtime/MCP and Internal Control Plane/rotor in API docs, CLI docs, C4 map and static contract taxonomy; tests pass and no runtime/readiness claims widened.",
      "claimable": true,
      "closeout_to_changelog": "Record docs paths, route-scope checks and architecture map update.",
      "depends_on": [
        "SAAS-0007",
        "SAAS-0009",
        "SAAS-0024"
      ],
      "last_claim_utc": "2026-06-27T20:41:34Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Document and enforce the three runtime surfaces: partner product API, controlled MCP/tool runtime and internal rotor/corpus control plane.",
      "status": "done",
      "task_id": "SAAS-0025",
      "title": "Separate Partner Product API, AI Tool Runtime and Internal Control Plane docs",
      "why": "Reviewers should not see buyer-facing product flows adjacent to queue minting and worker closeouts without a clear internal boundary."
    },
    {
      "acceptance": [
        "Retrieval fixtures cover BOFiP, PCG/ANC, URSSAF, Code de commerce and e-invoicing examples.",
        "Every returned answer candidate carries source IDs, passage IDs, artifact IDs and date/asOf metadata.",
        "Older/superseded sources are marked or demoted in fixtures.",
        "semantic_search_active remains false until the separate SAAS-0010 activation gate passes."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0026_decision_grade_evidence_2026-06-27.json. Added decision-grade evidence packet schema, five-corpus fixture bundle, CLI schema wrapper, docs/API references and tests; source/artifact/passage/date envelopes plus supersession/contradiction metadata are covered while semantic_search_active and readiness flags remain false.",
      "claimable": true,
      "closeout_to_changelog": "Record retrieval fixtures, metrics and activation boundary.",
      "depends_on": [
        "SAAS-0003",
        "SAAS-0010",
        "SAAS-0024"
      ],
      "last_claim_utc": "2026-06-27T20:51:24Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Layer authority filters, temporal checks, source hierarchy, lexical recall, semantic candidates, reranking and contradiction/supersession detection behind the review workflow.",
      "status": "done",
      "task_id": "SAAS-0026",
      "title": "Upgrade retrieval from search access to decision-grade evidence",
      "why": "Premium accounting/legal answers need authority, temporal validity, contradiction handling and citation envelopes, not keyword hits alone."
    },
    {
      "acceptance": [
        "A status/dashboard artifact shows p50/p95 search/review/export latency and error counts.",
        "Answerability, insufficient-evidence and conflicting-source rates are tracked without private prompt leakage.",
        "Per-tenant cost units, throttles and denied-scope attempts are visible to operators.",
        "Metrics feed docs/status snapshots without broad repository scans."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0027_product_observability_2026-06-27.json. Added product observability schema/asset/docs/tests and status-snapshot wiring for p50/p95 latency, answerability, export, tenant cost/throttle and MCP metrics with no raw prompt storage; no traction/revenue/SLA/readiness claims widened.",
      "claimable": true,
      "closeout_to_changelog": "Record metrics schema, dashboard path and snapshot receipt.",
      "depends_on": [
        "SAAS-0013",
        "SAAS-0017",
        "SAAS-0024"
      ],
      "last_claim_utc": "2026-06-27T21:04:56Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Emit and display product metrics for latency, zero-result rate, citation coverage, stale-source rate, answerability, export success, per-tenant usage and MCP tool errors.",
      "status": "done",
      "task_id": "SAAS-0027",
      "title": "Add product observability for answer, retrieval, export and partner value",
      "why": "Receipts are good diligence evidence, but daily SaaS operation needs live metrics around user value and degraded behavior."
    },
    {
      "acceptance": [
        "Export bundle schema includes tenant/workspace, source IDs, passage IDs, dates, caveats, revision id and audit id.",
        "A buyer-branded export fixture is generated without exposing private prompts or secrets.",
        "Failed export returns a queued job id or clear retry state rather than blocking the review workflow.",
        "Exports remain review-gated and do not imply client reliance or professional certification."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0028_export_bundle_contract_2026-06-27.json. Added export bundle schema, buyer-branded generated and queued-retry fixtures, CLI wrapper, API/product docs and partner contract references; exports remain draft/review-gated and no Scenario/answer/promotion/human-review/client-reliance/semantic/professional-certification flags widened.",
      "claimable": true,
      "closeout_to_changelog": "Record export schema, fixture output and tenant/audit fields.",
      "depends_on": [
        "SAAS-0012",
        "SAAS-0024"
      ],
      "last_claim_utc": "2026-06-27T21:33:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Make every review answer capable of producing a cited memo, source pack, buyer-branded export, JSON evidence bundle and revisioned workspace artifact.",
      "status": "done",
      "task_id": "SAAS-0028",
      "title": "Productize export bundles and revisioned dossiers",
      "why": "For professional users and API buyers, the durable cited dossier may be more valuable than the chat/search interaction."
    },
    {
      "acceptance": [
        "Source records expose last_checked_at, last_changed_at, content hash, valid_from/valid_until and supersession status where known.",
        "A fixture shows a changed source and the affected saved dossier/export ids.",
        "Public docs explain freshness as product intelligence, not a professional review claim.",
        "Stale-source warnings appear before answer/export confidence fields."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0029_source_freshness_impact_2026-06-27.json. Added source freshness/impact schema, fixtures, CLI wrapper, API/product docs and partner contract references; warnings are fixed before answer/export confidence and no Scenario/answer/promotion/human-review/client-reliance/semantic/professional-certification flags widened.",
      "claimable": true,
      "closeout_to_changelog": "Record source freshness fields, impact fixture and public docs update.",
      "depends_on": [
        "SAAS-0003",
        "SAAS-0026",
        "SAAS-0028"
      ],
      "last_claim_utc": "2026-06-27T21:58:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Add runtime fields and status views for current/stale/superseded sources, source-change diffs and impacted prior dossiers/workspaces.",
      "status": "done",
      "task_id": "SAAS-0029",
      "title": "Expose source freshness, supersession and dossier impact analysis",
      "why": "The corpus factory becomes a moat when the product can tell which sources changed and which saved work may need review."
    },
    {
      "acceptance": [
        "Meili-down, warehouse-slow, assistant-unavailable, export-unavailable, worker-down and stale-index fixtures exist.",
        "Each degraded mode returns a clear status, warning and next action or job id.",
        "The status page and API docs identify last-known-good corpus/index timestamps.",
        "No degraded mode widens Scenario, answer-ready, promotion, client-reliance or professional-certification flags."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0030_degraded_mode_behavior_2026-06-27.json. Added degraded-mode schema, fixtures, CLI wrapper, API/product/status docs and static partner contract references; warnings are fixed before answer/export confidence and no Scenario/answer/promotion/human-review/client-reliance/semantic/professional-certification flags widened.",
      "claimable": true,
      "closeout_to_changelog": "Record degraded-mode fixtures, API behavior and status docs update.",
      "depends_on": [
        "SAAS-0013",
        "SAAS-0024",
        "SAAS-0027"
      ],
      "last_claim_utc": "2026-06-27T22:16:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Specify and smoke-test behavior when Meilisearch, warehouse reads, assistant, export, workers or index freshness are degraded.",
      "status": "done",
      "task_id": "SAAS-0030",
      "title": "Define and test degraded-mode behavior for product runtime dependencies",
      "why": "Buyers test failure behavior; a useful system should degrade into source packs, queued exports or last-known-good corpus rather than fail ambiguously."
    },
    {
      "acceptance": [
        "Each recurring CLI command has a scheduled/admin/CI owner or explicit break-glass label.",
        "Scheduled jobs write the same receipts as CLI runs and are visible in telemetry.",
        "Manual CLI use remains possible for local QA and rollback.",
        "No scheduled job performs broad repository scans or mints queue rows outside mtl-01."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0031_ops_automation_map_2026-06-27.json. Recurring CLI operations now have a scheduled/admin/CI/break-glass ownership map, static asset and CLI/schema discovery; mtl-01 remains the only queue builder, broad scans/fanout are disabled, and readiness flags remain false.",
      "claimable": true,
      "closeout_to_changelog": "Record scheduled/admin/CI mapping and first automated receipt.",
      "depends_on": [
        "SAAS-0006",
        "SAAS-0013",
        "SAAS-0018",
        "SAAS-0027"
      ],
      "last_claim_utc": "2026-06-27T22:26:22Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Promote repeated docs/status refresh, automint, lease reaping, parity checks, backup drills and API contract checks into scheduled or CI/admin surfaces while retaining CLI parity.",
      "status": "done",
      "task_id": "SAAS-0031",
      "title": "Move recurring CLI operations into scheduled jobs, admin APIs and CI gates",
      "why": "The CLI is excellent proof and break-glass tooling, but production paths should not depend on a human operating terminal commands."
    },
    {
      "acceptance": [
        "Public roadmap and API docs list SDKs as planned/not shipped, with TypeScript/Node as the first target and Python as the second target.",
        "SDK generation depends on a stable OpenAPI/contract artifact and does not hand-maintain business logic outside REST, GraphQL, MCP and Review Runtime contracts.",
        "Examples cover search, retrieve, review-preview, export bundle and MCP tool calls with tenant/workspace/cost-unit headers.",
        "SDK docs warn against embedding bearer keys in browser/mobile clients and preserve Scenario, answer-ready, client-reliance and semantic-search false boundaries."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0032_partner_sdk_plan_2026-06-27.json. SDK plan now documents TypeScript/Node first, Python second, generation sources, server-side examples for search/retrieve/review-preview/export/MCP, contract-test checklist and no browser/mobile bearer-token boundary; SDK remains planned_not_shipped.",
      "claimable": true,
      "closeout_to_changelog": "Record SDK roadmap, generated-client source, examples and contract-test receipt.",
      "depends_on": [
        "SAAS-0009",
        "SAAS-0024",
        "SAAS-0025",
        "SAAS-0028",
        "SAAS-0030"
      ],
      "last_claim_utc": "2026-06-27T22:34:27Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Define the SDK track for TypeScript/Node first, Python second, plus examples, generated clients, sandbox keys and contract tests over REST, GraphQL and MCP.",
      "status": "done",
      "task_id": "SAAS-0032",
      "title": "Roadmap partner SDKs and generated client workflow",
      "why": "Partners should be able to integrate LegiPro quickly from their own product surfaces without copying curl snippets or learning rotor internals."
    },
    {
      "acceptance": [
        "A public static OpenAPI JSON asset exists and parses as OpenAPI 3.1.",
        "The snapshot covers /v0/search/health, /v0/search, /v1/search, /v1/retrieve, /graphql, /mcp and protected /v0/rotor worker routes.",
        "The API contract and API guide point to the static asset while still saying /openapi.json is not a live JSON route.",
        "The snapshot keeps SDK status planned/not shipped and preserves Scenario, answer-ready, client-reliance, semantic-search and professional-certification false boundaries."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0033_static_openapi_snapshot_2026-06-27.json. Static OpenAPI snapshot generated at site/legipro-fr/assets/legipro-openapi-2026-06-27.json with 10 paths / 10 operations covering search health, v0/v1 search, retrieve, GraphQL, MCP and protected rotor worker routes. API contract and API guide point to the static asset while preserving live /openapi.json as not active and all readiness/professional flags false.",
      "claimable": true,
      "closeout_to_changelog": "Record static OpenAPI snapshot, asset URL, contract wiring and tests.",
      "depends_on": [
        "SAAS-0009",
        "SAAS-0025",
        "SAAS-0032"
      ],
      "last_claim_utc": "2026-06-27T23:46:30Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Generate and publish a static OpenAPI 3.1 snapshot for bounded REST, GraphQL, MCP and protected rotor worker routes, clearly marked as a reviewer/codegen artifact rather than a live OpenAPI route.",
      "status": "done",
      "task_id": "SAAS-0033",
      "title": "Publish static OpenAPI snapshot for partner SDK codegen",
      "why": "Partner SDK generation needs a machine-readable contract before the live /openapi.json route is promoted."
    },
    {
      "acceptance": [
        "A public quickstart asset exists for server-side partner integration.",
        "The quickstart covers health, search, retrieve, GraphQL and MCP tool-call flows.",
        "The API contract and API guide link the quickstart alongside the static OpenAPI snapshot.",
        "The quickstart forbids browser/mobile bearer-token exposure and product-token rotor calls.",
        "Scenario, answer-ready, client-reliance, semantic-search and professional-certification flags remain false."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0034_partner_quickstart_2026-06-27.json. Published docs/api/partner-quickstart-2026-06-27.md and site/legipro-fr/assets/legipro-partner-quickstart-2026-06-27.md covering health, v1 search, retrieve, GraphQL and MCP tool-call flows, with server-side bearer-token usage only, product-token rotor denial, static OpenAPI/contract links and all readiness/professional flags false.",
      "claimable": true,
      "closeout_to_changelog": "Record partner quickstart asset, public URL, contract wiring and tests.",
      "depends_on": [
        "SAAS-0009",
        "SAAS-0025",
        "SAAS-0033"
      ],
      "last_claim_utc": "2026-06-27T23:57:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Publish a concise quickstart for health, search, retrieve, GraphQL and MCP calls, with required tenant/workspace/cost headers, static contract links and explicit token boundaries.",
      "status": "done",
      "task_id": "SAAS-0034",
      "title": "Publish partner API quickstart pack",
      "why": "A buyer should be able to run the first server-side integration checks without reading the whole API guide."
    },
    {
      "acceptance": [
        "A generated TypeScript/Node beta client exists with a documented package/version source and no hand-maintained business logic fork.",
        "Server-side examples cover search, retrieve, review-preview, export bundle preview and MCP tool calls with tenant/workspace/cost-unit headers.",
        "Contract tests prove the generated client matches the static OpenAPI and partner contract artifacts and reject browser/mobile bearer-token usage.",
        "The public roadmap, API guide and partner contract asset identify the TypeScript/Node SDK as the first delivery target while keeping SDK status pre-GA and all readiness/professional flags false."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0035_typescript_sdk_beta_2026-06-28.json. Generated the first repo-only TypeScript/Node beta package at sdk/legipro-typescript-beta/ from the bounded partner contract, with package metadata, server-side demo, typed/runtime methods for search/retrieve/review-preview/export/MCP/search-health, no public npm release, and all readiness/professional flags still false; Python remains planned as SAAS-0036.",
      "claimable": true,
      "closeout_to_changelog": "Record generated TypeScript/Node SDK beta package, examples, contract-test receipt and public docs update.",
      "depends_on": [
        "SAAS-0032",
        "SAAS-0033",
        "SAAS-0034"
      ],
      "last_claim_utc": "2026-06-28T01:10:00Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Generate the first TypeScript/Node beta client from the static OpenAPI and partner contract artifacts, publish server-side examples for search/retrieve/review-preview/export/MCP, and ship contract tests plus package metadata without widening any product boundary.",
      "status": "done",
      "task_id": "SAAS-0035",
      "title": "Ship the first generated TypeScript/Node partner SDK beta",
      "why": "The SDK roadmap needs a concrete first delivery so partner teams can integrate LegiPro from Node services without assembling thin wrappers by hand."
    },
    {
      "acceptance": [
        "A generated Python beta client exists with packaging metadata and no handwritten business-logic divergence from the bounded REST/GraphQL/MCP contracts.",
        "Python examples cover search, retrieve, review-preview, export bundle preview and MCP tool calls with tenant/workspace/cost-unit headers.",
        "Contract tests prove the Python client matches the static OpenAPI and partner contract artifacts and keep rotor/control-plane helpers out of scope.",
        "Public docs keep Python as the second SDK target, still server-side only, with Scenario, answer-ready, client-reliance, semantic-search and professional-certification flags false."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0036_python_sdk_beta_2026-06-28.json. Generated the first repo-only Python beta package at sdk/legipro-python-beta/ from the bounded partner contract, with pyproject metadata, typed runtime methods for search/retrieve/review-preview/export/GraphQL/MCP/search-health, a server-side example, updated static OpenAPI/partner-contract/public API docs, and no public PyPI release; all readiness/professional flags remain false.",
      "claimable": true,
      "closeout_to_changelog": "Record generated Python SDK beta package, examples, contract-test receipt and public docs update.",
      "depends_on": [
        "SAAS-0032",
        "SAAS-0033",
        "SAAS-0035"
      ],
      "last_claim_utc": "2026-06-28T01:22:15Z",
      "owner": "/rook-410",
      "phase": "Later",
      "priority": "P2",
      "scope": "Generate the first Python beta client from the same bounded contract surface as the Node SDK, reusing the static OpenAPI and partner contract artifacts, examples and contract tests without introducing a second business-logic layer.",
      "status": "done",
      "task_id": "SAAS-0036",
      "title": "Ship the first generated Python partner SDK beta",
      "why": "Audit, QA, data and internal automation teams will want a supported Python path once the Node/server integration lane is proven."
    },
    {
      "acceptance": [
        "A single public integration-pack asset exists and links the OpenAPI snapshot, partner contract, quickstart and SaaS roadmap.",
        "The public API guide links the pack explicitly for acquirer/reviewer use.",
        "CLI docs mention the pack as the canonical diligence handoff for bounded integration surfaces.",
        "The pack keeps SDK beta status repo-only and preserves Scenario, answer-ready, client-reliance, semantic-search and professional-certification false boundaries."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0037_partner_integration_pack_2026-06-28.json. Published one explicit public integration-pack handoff at site/legipro-fr/assets/legipro-partner-integration-pack-2026-06-28.json and wired it into the public API guide plus CLI docs, linking the bounded OpenAPI snapshot, partner contract, quickstart, roadmap and repo-only SDK beta evidence while keeping all readiness/professional flags false.",
      "claimable": true,
      "closeout_to_changelog": "Record the public partner integration-pack asset, API-page wiring and CLI-doc mention.",
      "depends_on": [
        "SAAS-0033",
        "SAAS-0034",
        "SAAS-0035",
        "SAAS-0036"
      ],
      "last_claim_utc": "2026-06-28T02:10:30Z",
      "owner": "/rook-410",
      "phase": "Later",
      "priority": "P2",
      "scope": "Publish one public integration-pack index for acquirers/reviewers that centralizes the bounded OpenAPI, partner contract, quickstart, roadmap and repo-only SDK evidence without widening any runtime or readiness claim.",
      "status": "done",
      "task_id": "SAAS-0037",
      "title": "Publish a single partner integration-pack handoff",
      "why": "Reviewers should be able to fetch one explicit pack rather than infer the bounded integration surface from several scattered assets."
    },
    {
      "acceptance": [
        "The current Product API gains in-repo runtime modules for review orchestration, retrieval, applicability, answer contract, citation verification, dossier handling and audit emission.",
        "The implementation reuses existing search/retrieve/export contracts and does not create a second business-logic brain beside REST, GraphQL, MCP and CLI.",
        "Exactly two LLM stages are allowed in the runtime path: request normalization and answer synthesis; citation verification remains deterministic/mechanical.",
        "The delivery may remain preview/private and does not require a live public /v1/review route; Scenario, answer-ready, promotion, human-review, client-reliance, semantic-search and professional-certification flags remain false."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0038_review_runtime_kernel_2026-06-28.json. Implemented the internal Review Runtime kernel under anc_pcg_api/review_runtime_kernel/ with explicit request-context, policy-gate, retrieval, applicability, answer-contract, deterministic citation-verifier, dossier, audit and orchestrator modules plus compatibility wrapper anc_pcg_api/review_runtime.py; focused tests passed 14/14 and /v1/review remains planned_preview_not_live with all readiness/professional flags false.",
      "claimable": true,
      "closeout_to_changelog": "Record the runtime module paths, tests, and the first bounded preview wiring without widening any readiness claim.",
      "depends_on": [
        "SAAS-0024",
        "SAAS-0025",
        "SAAS-0026",
        "SAAS-0028",
        "SAAS-0030"
      ],
      "last_claim_utc": "2026-06-28T13:01:42Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Add the internal runtime modules beneath the current Product API: request context/policy gate, review orchestrator, retrieval engine, applicability engine, answer contract, citation verifier, dossier service and runtime audit hooks, while keeping the deployable as one modular monolith.",
      "status": "done",
      "task_id": "SAAS-0038",
      "title": "Implement the Review Runtime kernel inside the current modular monolith",
      "why": "External reviews now agree the next multiplier is a professional review workflow engine, not more standalone surface area or more infrastructure prose."
    },
    {
      "acceptance": [
        "Review requests can pin corpus/index snapshot IDs as inputs, not only receive them as outputs.",
        "Applicability checks cover jurisdiction, effective dates, supersession, source hierarchy and missing-fact detection with deterministic receipts or fixtures.",
        "Refusal taxonomy is explicit: insufficient_evidence requires missing_facts with remedies, conflicting_sources requires contradiction pairs with authority_rank and remedy guidance, and partially_answerable remains distinct from answerable.",
        "A validate/confirm-refute workflow exists as a bounded mode for checking a proposed treatment without claiming professional certification or client reliance."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0039_snapshot_applicability_receipt_2026-06-29.json. Snapshot pins are now explicit request inputs and audit outputs in the preview Review Runtime contract; result.applicability.checks covers jurisdiction, effective dates, source hierarchy, supersession, missing facts and source conflicts with remedies for blocking states. Focused tests passed: 15 passed, 3 subtests; golden gate still passes; all readiness/professional flags remain false.",
      "claimable": true,
      "closeout_to_changelog": "Record snapshot-pinned request/response examples, applicability checks, validate-mode proof and refusal-remedy fixtures.",
      "depends_on": [
        "SAAS-0024",
        "SAAS-0026",
        "SAAS-0029",
        "SAAS-0038"
      ],
      "last_claim_utc": "2026-06-29T07:39:32Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Extend the review runtime preview and its first implementation path so corpus_snapshot_id and index_snapshot_id become valid request inputs, temporal/source applicability is checked deterministically, and refusal states carry required remedies.",
      "status": "done",
      "task_id": "SAAS-0039",
      "title": "Add snapshot-pinned review requests, applicability checks and refusal remedies",
      "why": "A buyer-grade review workflow must be replayable against a dated corpus state and must know when to refuse, what is missing, and which sources conflict."
    },
    {
      "acceptance": [
        "A labeled golden review set exists with answerable, partially_answerable, insufficient_evidence, conflicting_sources and validate-mode cases.",
        "Runtime audit events record audit_id, tenant/workspace scope, latency, answerability status, citation coverage, missing-fact count, contradiction count and snapshot IDs without storing raw private prompts in public-safe assets.",
        "CI or CLI gates fail closed when the review runtime regresses on golden answerability/refusal/citation checks.",
        "The public observability/docs surfaces describe this as bounded quality evidence, not a claim of human review, client reliance or professional certification."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0040_review_runtime_golden_eval_2026-06-29.json. Published the first labeled Review Runtime golden eval set, runtime audit-event schema, public-safe summary and CLI gate legipro qa review-golden-gate; five cases cover answerable, partially_answerable, insufficient_evidence, conflicting_sources and validate mode; focused tests passed and all readiness/professional flags remain false.",
      "claimable": true,
      "closeout_to_changelog": "Record the golden eval-set paths, runtime audit schema, gating command and the first passing receipt.",
      "depends_on": [
        "SAAS-0027",
        "SAAS-0038",
        "SAAS-0039"
      ],
      "last_claim_utc": "2026-06-29T07:26:39Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Create the first labeled golden review dataset plus runtime audit/eval emission for answerability, citation coverage, latency, refusal types, contradiction surfacing and validate-mode quality.",
      "status": "done",
      "task_id": "SAAS-0040",
      "title": "Build the golden review eval set and runtime audit sink",
      "why": "The review runtime only becomes diligence-grade when every run is measurable and regressions are caught against labeled professional cases, including refusal and contradiction scenarios."
    },
    {
      "acceptance": [
        "The review runtime can create or update a draft dossier with revision id, audit id, corpus/index snapshots, source refs and review_status=draft.",
        "Exports remain tenant/workspace scoped, buyer-brandable, retryable and auditable through the existing export-bundle contract rather than a parallel artifact path.",
        "A reviewer can reopen a bounded dossier/export preview without losing its snapshot-pinned evidence lineage.",
        "The feature remains draft/review-gated and does not imply answer-ready, Scenario-ready, human-reviewed, client-reliable or professionally certified output."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0041_review_runtime_dossier_export_receipt_2026-06-29.json. Review Runtime preview packets now carry first-class draft dossier metadata: dossier_id, revision_id, previous_revision_id, audit_id, corpus/index snapshots, source refs and export_bundle_contract_v1 linkage. build_export_bundle_contract_from_review_packet projects packets into the existing buyer-brandable/retryable export bundle contract. Focused tests passed: 22 passed, 3 subtests; golden gate ok=true; all readiness/professional flags remain false.",
      "claimable": true,
      "closeout_to_changelog": "Record dossier/export runtime wiring, revisioned fixtures, reopen proof and the preserved draft-only boundary.",
      "depends_on": [
        "SAAS-0028",
        "SAAS-0038",
        "SAAS-0039",
        "SAAS-0040"
      ],
      "last_claim_utc": "2026-06-29T07:50:57Z",
      "owner": "/rook-410",
      "phase": "Later",
      "priority": "P2",
      "scope": "Bind the review runtime to revisioned dossier/export creation so each bounded review can produce a draft dossier, evidence pack and export artifact with snapshot-pinned provenance.",
      "status": "done",
      "task_id": "SAAS-0041",
      "title": "Make draft dossiers and exports first-class outputs of the review runtime",
      "why": "For buyers and professional users, the durable object is the dossier or export bundle they can reopen, review, defend and pass downstream."
    },
    {
      "acceptance": [
        "A changed source can be linked to affected draft dossier/workspace/export ids with severity and recommended next action.",
        "Impact analysis uses source freshness/supersession evidence and does not require semantic-search activation or Scenario unlock.",
        "Public docs and status surfaces explain this as bounded change intelligence over draft/review artifacts, not as automatic legal/accounting sign-off.",
        "All protected readiness/professional flags remain false unless a separate launch gate proves otherwise."
      ],
      "claimable": true,
      "closeout_to_changelog": "Record the change-impact contract, affected-dossier fixture, and the first bounded status/docs wiring.",
      "depends_on": [
        "SAAS-0029",
        "SAAS-0041"
      ],
      "owner": "",
      "phase": "Later",
      "priority": "P2",
      "scope": "Map source changes to affected draft dossiers, workspaces, saved exports and buyer-visible review queues using the existing freshness and supersession evidence paths.",
      "status": "ready",
      "task_id": "SAAS-0042",
      "title": "Expose source-change impact against saved dossiers and workspaces",
      "why": "The corpus factory becomes a product moat when source changes can trigger bounded impact signals over prior draft work instead of only refreshing the index silently."
    },
    {
      "acceptance": [
        "The public architecture/C4 surface includes a visible legend for current, planned and target components.",
        "Meilisearch is explicitly presented as a derived cache and the corpus warehouse as the durable source of truth in both diagram and adjacent text.",
        "A readiness matrix distinguishes current active, current bounded, planned and target SaaS items without widening any readiness claim.",
        "Scenario, answer-ready, client-reliance, semantic-search and professional-certification boundaries remain false and are repeated beside the matrix."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0043_architecture_legend_readiness_matrix_2026-06-29.json. Public C4 SVG now includes visible current/bounded/planned/target legend plus source-of-truth boundary; readiness matrix JSON/MD published and linked from API guide/partner pack; Meilisearch remains derived cache, Corpus Warehouse remains durable source of truth; all readiness/professional flags remain false; tests/test_legipro_c4_readiness_matrix.py passed.",
      "claimable": true,
      "closeout_to_changelog": "Record the legend/matrix assets, public URLs and the unchanged false-readiness boundary.",
      "depends_on": [
        "SAAS-0025",
        "SAAS-0038"
      ],
      "last_claim_utc": "2026-06-29T06:39:34Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Add a clear current/planned/target legend, make the Meilisearch-derived-cache versus warehouse-source-of-truth distinction visually prominent, and publish a readiness matrix beside the architecture surfaces.",
      "status": "done",
      "task_id": "SAAS-0043",
      "title": "Publish a current/planned/target architecture legend and readiness matrix",
      "why": "External reviewers now understand the C4 better, but they still need a one-glance legend showing what is live today, what is planned inside the current monolith, and what belongs to the target SaaS substrate."
    },
    {
      "acceptance": [
        "A public 'Partner Integration Without UI Adoption' architecture view exists and shows buyer product -> REST/GraphQL/MCP -> evidence/dossier outputs.",
        "A public 'Corpus Factory and Readiness Gates' architecture view exists and shows worker claim/heartbeat/closeout, warehouse/index separation, backup proof and false-readiness gates.",
        "Both views stay aligned with the canonical workspace DSL and are linked from the API or architecture surfaces without inventing a second source of truth.",
        "The views remain bounded and do not imply Scenario launch, professional sign-off or semantic-search activation."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0044_dedicated_architecture_views_2026-06-29.json. Published dedicated public SVGs for Partner Integration Without UI Adoption and Corpus Factory and Readiness Gates; linked both from API guide and partner integration pack; derived from canonical C4 workspace flows; all readiness/professional flags remain false; tests/test_legipro_c4_dedicated_views.py plus matrix regression passed.",
      "claimable": true,
      "closeout_to_changelog": "Record the new rendered views, their public links and the DSL/source files they derive from.",
      "depends_on": [
        "SAAS-0025",
        "SAAS-0043"
      ],
      "last_claim_utc": "2026-06-29T06:46:20Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Render and publish dedicated architecture views for partner integration without Bureau UI adoption and for the corpus factory plus readiness gates path.",
      "status": "done",
      "task_id": "SAAS-0044",
      "title": "Add dedicated buyer integration and corpus-factory architecture views",
      "why": "The strongest acquirer story is now the embed-without-UI path and the receipt-backed corpus factory flow; those deserve first-class diagrams instead of being implied across one larger map."
    },
    {
      "acceptance": [
        "A buyer-facing risk register exists with current risk, mitigation status, linked SAAS tasks and explicit hard boundaries.",
        "The register includes host/substrate coupling, tenant/auth maturity, source-rights diligence, Scenario locked state, semantic-search planned state and professional-review/client-reliance boundaries.",
        "The register is linked from the architecture or diligence pack and stays consistent with the public roadmap and changelog.",
        "The document does not overclaim legal clearance, customer traction, Scenario launch, answer-ready status or professional certification."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0045_architecture_risk_register_2026-06-29.json. Published buyer-facing architecture risk register in Markdown/JSON, linked from API guide, C4 README and partner integration pack; covers host/substrate coupling, tenant/auth maturity, source-rights diligence, Scenario lock, semantic-search boundary, professional review/client reliance, third-party adapter maturity, observability/SLO maturity, data recovery and active e-invoicing corpus work; all readiness/professional flags remain false; focused tests passed.",
      "claimable": true,
      "closeout_to_changelog": "Record the risk register path, public linkage and the roadmap tasks it references.",
      "depends_on": [
        "SAAS-0020",
        "SAAS-0021",
        "SAAS-0043",
        "SAAS-0044"
      ],
      "last_claim_utc": "2026-06-29T06:57:04Z",
      "owner": "/rook-410",
      "phase": "Later",
      "priority": "P2",
      "scope": "Create a concise public-safe risk register covering host coupling, auth posture, source-rights diligence, Scenario lock, semantic-search boundary and other active platform caveats, with links to the mitigating roadmap tasks.",
      "status": "done",
      "task_id": "SAAS-0045",
      "title": "Publish a buyer-facing architecture risk register and mitigation map",
      "why": "Diligence reviewers are now reading the architecture as an acquisition artifact, so the open risks should be explicit, bounded and paired with active mitigations instead of being scattered across reviews and notes."
    },
    {
      "acceptance": [
        "A two-page memo exists that can be read by a non-technical executive assistant and routed to product/ISV/API owners.",
        "The memo proposes one narrow e-invoicing/VAT/accounting-treatment proof workflow rather than a broad platform pitch.",
        "The memo uses the official 1 September 2026 e-invoicing rollout as the market urgency and does not say the legal trigger is October.",
        "The memo states that LegiPro has no paying users/ARR, Scenario is locked, semantic search is planned, professional certification is not claimed and human/professional review remains a boundary.",
        "The memo includes the exact ask: 30-minute partner/product screening and sandbox/API access path, not CEO/COO sponsorship."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0046_einvoicing_partner_screening_memo_2026-06-29.json. Published two-page e-invoicing-first partner/product screening memo in docs/product/einvoicing-partner-product-screening-memo-2026-06-29.md plus public MD/HTML/PDF assets under site/legipro-fr/assets/; memo is non-technical, credential-free, uses official 1 September 2026 rollout timing, states current boundaries, and asks for a 30-minute product/partner screening and later sandbox/API access path rather than CEO/COO sponsorship. Verified by tests/test_einvoicing_partner_screening_memo.py.",
      "claimable": true,
      "closeout_to_changelog": "Record the Cegid memo path, source evidence and unchanged executive-escalation boundary.",
      "depends_on": [
        "SAAS-0037",
        "SAAS-0038"
      ],
      "last_claim_utc": "2026-06-29T06:08:12Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Create a concise partner-facing memo that names one e-invoicing/VAT/accounting-treatment workflow, integration point, demo flow, API evidence, source-rights posture, liability boundary, traction status and exact ask.",
      "status": "done",
      "task_id": "SAAS-0046",
      "title": "Prepare the e-invoicing-first partner/product screening memo",
      "why": "The right first ask is a product/ISV/API screen around the September 2026 e-invoicing workflow, not COO/GM sponsorship or a broad architecture pitch."
    },
    {
      "acceptance": [
        "A repo-only adapter stub exists with no embedded credentials and no live network calls by default.",
        "The stub models partner-style auth/header assumptions, company-file context and retry policy without claiming approved platform access.",
        "Fixture examples cover one low-risk e-invoicing/VAT path: source-backed review dossier export mapped to a document/workspace handoff.",
        "Tests prove missing credentials fail closed and public/demo LegiPro tokens cannot mutate third-party systems or rotor state."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0047_cegid_loop_expert_adapter_stub_2026-06-29.json. Published scripts/build_legipro_cegid_loop_expert_adapter_stub.py, docs/api/cegid-loop-expert-einvoicing-adapter-stub-2026-06-29.md, data/fixtures/partner_integrations/cegid_loop_expert_einvoicing_adapter_stub_2026-06-29.json and site/legipro-fr/assets/legipro-cegid-loop-expert-einvoicing-adapter-stub-2026-06-29.json; Cegid Loop/Expert-shaped dry-run maps a LegiPro e-invoicing/VAT review packet to a cabinet/company-file document-or-dossier handoff, models server-side auth headers, company-file context and retry/fail-closed policy, makes no live Cegid/third-party call, embeds no credentials, denies public/demo tokens for rotor/live API mutation, and keeps all readiness/professional flags false. Verified with tests/test_cegid_loop_expert_adapter_stub.py plus first-wave/harness regressions: 11 passed.",
      "claimable": true,
      "closeout_to_changelog": "Record the adapter stub paths, fixture names, tests and explicit no-live-Cegid-call boundary.",
      "depends_on": [
        "SAAS-0034",
        "SAAS-0035",
        "SAAS-0036",
        "SAAS-0046"
      ],
      "last_claim_utc": "2026-06-29T06:22:49Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Model one accounting-platform auth/header shape, company-file context, document/store/import concepts and retry behavior using public docs and local fixtures only; do not make live third-party calls.",
      "status": "done",
      "task_id": "SAAS-0047",
      "title": "Build the first e-invoicing/VAT proof-of-fit adapter stub",
      "why": "Partner API access often requires credentials and product-owner approval, so LegiPro needs a credential-free e-invoicing/VAT proof fixture before asking for sandbox access."
    },
    {
      "acceptance": [
        "A single Cegid screening pack exists with index, links and local/public evidence paths.",
        "The pack maps LegiPro REST/GraphQL/MCP/SDK surfaces to likely Cegid Loop/partner API touchpoints without claiming an approved Cegid partnership.",
        "The pack includes runnable local commands for LegiPro API smoke, SDK example smoke and Cegid adapter fixture smoke.",
        "The pack repeats the no-SLA/no-ARR/no-client-reliance/no-professional-certification boundaries."
      ],
      "claim_note": "Closed Cegid technical screening pack: public-safe index with SAAS-0049 proof path, API/OpenAPI/SDK assets, Cegid Loop/Expert public-doc touchpoints, runnable local API/SDK/adapter commands and explicit no-credentials/no-live-Cegid/no-reliance boundaries.",
      "claimable": true,
      "closeout_to_changelog": "Record the Cegid screening pack path, commands, tests and public-safe publication state.",
      "depends_on": [
        "SAAS-0045",
        "SAAS-0046",
        "SAAS-0047"
      ],
      "last_claim_utc": "2026-06-29T08:15:41Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Bundle the partner integration pack, OpenAPI snapshot, SDK beta examples, Cegid adapter stub, API smoke receipts, warehouse/Meili parity and risk register into a public-safe technical screening appendix.",
      "status": "done",
      "task_id": "SAAS-0048",
      "title": "Create the Cegid technical screening pack",
      "why": "A partner/product reviewer needs one narrow package: how to test LegiPro, what Cegid APIs it could map to, what is active, what is not and what evidence proves it."
    },
    {
      "acceptance": [
        "The demo path uses one bounded workflow and includes screenshots or command receipts from public-safe LegiPro surfaces.",
        "The output includes answerability status, sources, applicability, missing facts/risks if any, draft dossier/export id and audit id.",
        "The partner adapter fixture consumes the export/dossier metadata without live third-party credentials.",
        "The demo does not claim Scenario launch, client reliance, human review, semantic search activation or a third-party partnership."
      ],
      "claim_note": "Closed end-to-end e-invoicing/VAT partner proof path: regenerated no-credential proof fixture with first-class dossier/export fields, regenerated shared adapter harness and Cegid Loop/Expert-shaped stub, verified matching dossier/export/audit IDs through the chain, added public proof-path asset, API page, partner pack and changelog evidence. No live third-party API call or readiness/professional flags changed.",
      "claimable": true,
      "closeout_to_changelog": "Record the Cegid-style pilot demo receipt, fixture output and screenshots or public-safe command evidence.",
      "depends_on": [
        "SAAS-0039",
        "SAAS-0041",
        "SAAS-0047"
      ],
      "last_claim_utc": "2026-06-29T08:07:15Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Create and verify a single demo path for e-invoicing/VAT/accounting-treatment review that starts from a buyer product context and ends in a draft evidence bundle suitable for handoff into document/workspace flows.",
      "status": "done",
      "task_id": "SAAS-0049",
      "title": "Run the e-invoicing/VAT partner proof path end to end",
      "why": "A credible screening call should show one professional workflow tied to the September 2026 rollout, not just architecture: question or document input, source-backed review packet, draft dossier/export and partner-shaped handoff fixture."
    },
    {
      "acceptance": [
        "A Cegid escalation checklist exists with required evidence for Partner/Product, AI/Product, Startup Program and COO/GM routes.",
        "The checklist states that COO/GM escalation is blocked until at least one product/partner owner validates fit or requests senior sponsorship.",
        "The checklist includes the exact diligence artifacts to send at each stage and the artifacts to withhold from first contact.",
        "The checklist stays aligned with current product boundaries: no ARR, no paying users, Scenario locked and professional reliance not certified."
      ],
      "claim_note": "Closed Cegid escalation gate: product/partner, AI/product, Startup Program and COO/GM route checklist; COO/GM escalation blocked until product/partner validation or senior sponsorship request; send/withhold artifacts and current boundaries documented.",
      "claimable": true,
      "closeout_to_changelog": "Record the Cegid escalation gate path and the evidence threshold for executive-ready status.",
      "depends_on": [
        "SAAS-0046",
        "SAAS-0048",
        "SAAS-0049"
      ],
      "last_claim_utc": "2026-06-29T08:28:20Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Define the evidence threshold for moving from partner/product screening to senior executive escalation: technical fit, sandbox/API access, pilot interest, risk acceptance and strategic value.",
      "status": "done",
      "task_id": "SAAS-0050",
      "title": "Define the Cegid escalation gate",
      "why": "COO/GM presentation should be a gated escalation after partner/product validation, not the first outreach step."
    },
    {
      "acceptance": [
        "The map covers Cegid Loop, Cegid Expert/Quadra, Cegid XRP, Sage Accounting, Sage Active, Pennylane, EBP, Odoo, Abby, Inqom, ACD/i-Suite, RCA/MEG, Tiime, Yooz, Macompta.fr, Sellsy, Dext, Indy and Axonaut.",
        "Each vendor row records API/doc posture, auth/access signal, LegiPro wedge and uncertainty.",
        "The document is included as a roadmap source and does not claim live third-party API access or approved partnerships.",
        "The closeout keeps all ARR, Scenario, professional-certification and client-reliance boundaries unchanged."
      ],
      "claim_note": "Receipt: data/ops/legipro_strategic_accounting_api_integration_map_2026-06-28.json. Published docs/product/strategic-accounting-api-integration-map-2026-06-28.md covering Cegid, Sage, Pennylane, EBP, Odoo, Abby, Inqom, Sellsy, Dext, ACD, RCA, Tiime, Yooz, Macompta.fr, Indy and Axonaut, ranked into proof-stub, partner-gated fixture and watchlist tiers with source URLs and no live third-party access or partnership claims.",
      "claimable": true,
      "closeout_to_changelog": "Record the strategic API map path, sources used and unchanged third-party partnership boundary.",
      "depends_on": [
        "SAAS-0037",
        "SAAS-0046"
      ],
      "last_claim_utc": "2026-06-28T13:18:20Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Create a public-source integration map that ranks vendor API surfaces into proof-stub, partner-gated fixture and watchlist tiers, with source URLs and no partnership overclaims.",
      "status": "done",
      "task_id": "SAAS-0051",
      "title": "Publish the strategic accounting API integration map",
      "why": "Strategic interest is easier to provoke when LegiPro can show exactly how it could embed into the full French accounting platform ecosystem without requiring the buyer to adopt the Bureau UI."
    },
    {
      "acceptance": [
        "A shared adapter fixture schema exists for request context, credential posture, dry-run target, idempotency key, source refs and output artifact refs.",
        "The harness fails closed when credentials are absent and defaults to no live network calls.",
        "Tests prove demo/public LegiPro tokens cannot call protected rotor routes or third-party live APIs through the harness.",
        "Fixture outputs can be attached to a buyer screening pack without exposing secrets or claiming certification."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0052_shared_adapter_fixture_harness_2026-06-29.json. Published schemas/partner_adapter_fixture_v1.schema.json, scripts/build_legipro_partner_adapter_fixture_harness.py, data/fixtures/partner_integrations/shared_einvoicing_adapter_fixture_harness_2026-06-29.json and site/legipro-fr/assets/legipro-shared-adapter-fixture-harness-2026-06-29.json; linked the harness from the partner integration pack and API guide; verified dry-run/no-live-call defaults, missing credential fail-closed behavior, idempotency key, source/output refs and demo/public token denial for rotor plus live third-party paths with tests/test_partner_adapter_fixture_harness.py.",
      "claimable": true,
      "closeout_to_changelog": "Record the shared adapter harness paths, fixture schema, tests and no-live-third-party-call boundary.",
      "depends_on": [
        "SAAS-0035",
        "SAAS-0036",
        "SAAS-0041",
        "SAAS-0051"
      ],
      "last_claim_utc": "2026-06-29T05:27:04Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Define a credential-free adapter fixture harness for third-party accounting platforms that accepts a LegiPro e-invoicing/VAT review-preview or export-bundle payload and emits vendor-shaped dry-run requests only.",
      "status": "done",
      "task_id": "SAAS-0052",
      "title": "Build the shared e-invoicing-first buyer adapter fixture harness",
      "why": "Per-vendor stubs should consume the same LegiPro review/export payload so strategic demos prove a repeatable integration pattern, not one-off glue."
    },
    {
      "acceptance": [
        "At least three first-wave adapters exist and consume the shared adapter fixture harness.",
        "The first-wave candidate list is explicit: Cegid Loop/Expert, Sage Accounting/Active, Pennylane, Odoo, Abby and Inqom.",
        "Each adapter maps one bounded LegiPro output to a plausible vendor object flow such as document handoff, invoice/customer sync, dossier/context sync or accounting-entry handoff.",
        "Each adapter includes public-doc citations, dry-run sample output, fail-closed credential behavior and tests.",
        "No adapter makes live API calls unless an explicit non-default credentialed mode is later added and separately documented."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0053_first_wave_adapter_stubs_2026-06-29.json. Published scripts/build_legipro_first_wave_adapter_stubs.py, docs/api/first-wave-adapter-stubs-2026-06-29.md and site/legipro-fr/assets/legipro-first-wave-adapter-stubs-2026-06-29.json; six fixture-only adapters for Cegid Loop/Expert, Sage Accounting/Active, Pennylane Company/Firm API, Odoo JSON-2, Abby and Inqom consume the SAAS-0052 shared harness, include public-doc citations, dry-run sample request/output, fail-closed credential behavior and no-live-third-party-call boundaries verified by tests/test_first_wave_adapter_stubs.py.",
      "claimable": true,
      "closeout_to_changelog": "Record the first-wave adapter paths, sample outputs, tests and no-live-call boundary.",
      "depends_on": [
        "SAAS-0052"
      ],
      "last_claim_utc": "2026-06-29T05:43:48Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Implement fixture-only adapters for the strongest public-doc targets, starting from the proven first fixture and expanding to Sage, Pennylane, Odoo, Abby and Inqom.",
      "status": "done",
      "task_id": "SAAS-0053",
      "title": "Ship first-wave self-serve adapter stubs",
      "why": "After one proof fixture exists, Cegid Loop/Expert, Sage, Pennylane, Odoo, Abby and Inqom have enough public API detail to support additional no-credential stubs that demonstrate LegiPro as an embeddable source-review engine."
    },
    {
      "acceptance": [
        "A runnable fixture command or test exists for one platform-shaped flow and requires no third-party credentials.",
        "The fixture input includes partner product context, workspace/tenant scope, professional question and relevant facts.",
        "The fixture output includes answerability status, cited source refs, applicability/date notes, missing facts or risk flags, draft dossier/export id, audit id and partner-shaped handoff payload.",
        "The fixture can be explained in one paragraph to a non-technical executive assistant and in one packet to a product/API owner.",
        "The fixture fails closed for absent credentials and emits a receipt proving no live third-party API call occurred.",
        "The artifact is suitable for a 30-minute partner/product screening and preserves all no-partnership, no-client-reliance, no-human-review-complete and no-professional-certification boundaries."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0057_einvoicing_vat_no_credential_proof_fixture_2026-06-29.json. Published the no-credential e-invoicing/VAT proof fixture at site/legipro-fr/assets/legipro-einvoicing-vat-proof-fixture-2026-06-29.json, linked it from the partner quickstart, API contract, integration pack and API guide, and verified the dry-run plus missing-token fail-closed path with tests/test_einvoicing_partner_proof_fixture.py.",
      "claimable": true,
      "closeout_to_changelog": "Record the first proof fixture command, sample payload, receipt, tests and no-live-third-party-call boundary.",
      "depends_on": [
        "SAAS-0038",
        "SAAS-0041",
        "SAAS-0052"
      ],
      "last_claim_utc": "2026-06-29T04:57:51Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Build one dry-run adapter proof around an e-invoicing / VAT / accounting-treatment workflow: partner context in, LegiPro review payload out, draft dossier/export id, audit id, and partner-shaped handoff payload.",
      "status": "done",
      "task_id": "SAAS-0057",
      "title": "Ship the September 2026 e-invoicing/VAT no-credential proof fixture",
      "why": "The reviewer correctly says the next credibility jump is not more architecture: it is a single working partner-shaped e-invoicing/VAT fixture tied to the official 1 September 2026 rollout and requiring no live credentials."
    },
    {
      "acceptance": [
        "Each brief states verified public docs, missing access details, likely integration objects and exact partner/sandbox ask.",
        "The briefs clearly separate public-doc facts, inference and unresolved access questions.",
        "The partner-gated list is explicit: EBP, Cegid XRP, ACD/i-Suite, RCA/MEG, Sellsy, Dext, Tiime, Yooz, Macompta.fr, Indy and Axonaut.",
        "No brief claims an approved partnership, live credential, customer integration, SLA or professional reliance."
      ],
      "claimable": true,
      "closeout_to_changelog": "Record the partner-gated brief paths, vendors covered and unresolved access questions.",
      "depends_on": [
        "SAAS-0051"
      ],
      "owner": "",
      "phase": "Next",
      "priority": "P1",
      "scope": "Create short adapter briefs for EBP, Cegid XRP, ACD/i-Suite, RCA/MEG, Sellsy, Dext, Tiime, Yooz, Macompta.fr, Indy and Axonaut that separate verified public facts from assumptions and access requests.",
      "status": "ready",
      "task_id": "SAAS-0054",
      "title": "Create partner-gated strategic adapter briefs",
      "why": "Some of the most strategically useful buyers have gated or partial public API docs; LegiPro should still show the intended integration shape without inventing endpoint details."
    },
    {
      "acceptance": [
        "Value cards exist for Cegid Loop, Cegid Expert/Quadra, Cegid XRP, Sage Accounting, Sage Active, Pennylane, EBP, Odoo, Abby, Inqom, ACD/i-Suite, RCA/MEG, Tiime, Yooz, Macompta.fr, Sellsy, Dext, Indy and Axonaut.",
        "Each card states client value, likely object flow, integration readiness tier, public-doc confidence and unresolved access questions.",
        "The cards avoid vendor-specific overclaims and can be reused in outbound notes to multiple platforms.",
        "The cards preserve all no-partnership, no-live-third-party-call, no-ARR, no-client-reliance and no-professional-certification boundaries."
      ],
      "claim_note": "Closed per-platform value cards for 19 accounting platforms: client value, likely object flow, readiness tier, public-doc confidence and unresolved access questions, with no partnership/live-API/client-reliance overclaims.",
      "claimable": true,
      "closeout_to_changelog": "Record the per-platform value card paths, vendors covered and reusable outbound/public-safe status.",
      "depends_on": [
        "SAAS-0051",
        "SAAS-0052"
      ],
      "last_claim_utc": "2026-06-29T08:51:31Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Create concise per-platform value cards that explain what LegiPro brings to each vendor's clients, likely workflow, adapter posture, and access dependency.",
      "status": "done",
      "task_id": "SAAS-0056",
      "title": "Create per-platform value cards for the full accounting ecosystem",
      "why": "The integration roadmap should be readable by any mapped accounting platform, not only a single strategic contact."
    },
    {
      "acceptance": [
        "The pack explains the early-screening advantage without threatening a bidding process or claiming competing partnerships.",
        "The pack shows which integration decisions remain shapeable before the generic adapter kit hardens.",
        "The pack includes the first proof fixture receipt and the full vendor map.",
        "The pack is reusable for Cegid, Sage, Pennylane, EBP, Odoo, Abby, Inqom, ACD/RCA/Tiime/Yooz/Macompta/Sellsy/Dext/Indy/Axonaut-style conversations."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0058_einvoicing_first_screening_comparison_pack_2026-06-29.json. Published docs/api/einvoicing-first-screening-comparison-pack-2026-06-29.md and site/legipro-fr/assets/legipro-einvoicing-first-screening-comparison-pack-2026-06-29.json; linked the pack from the partner integration pack and API guide; verified no-pressure/no-partnership boundaries, six shapeable decisions, SAAS-0057 proof fixture receipt inclusion and 19-platform vendor map with tests/test_einvoicing_screening_comparison_pack.py.",
      "claimable": true,
      "closeout_to_changelog": "Record the first-mover proof pack path, included fixture evidence and public-safe outbound boundary.",
      "depends_on": [
        "SAAS-0051",
        "SAAS-0057"
      ],
      "last_claim_utc": "2026-06-29T05:10:42Z",
      "owner": "/rook-410",
      "phase": "Next",
      "priority": "P1",
      "scope": "Create a concise public-safe pack that compares the first e-invoicing/VAT proof fixture against the wider vendor map and explains what an early screening can influence: workflow language, handoff object, evidence format, sandbox scope and evaluation questions.",
      "status": "done",
      "task_id": "SAAS-0058",
      "title": "Create the e-invoicing proof and first-screening comparison pack",
      "why": "The outreach should create urgency from the September 2026 rollout, not pressure tactics: early product screens can shape the proof workflow while it is still concrete and not yet a generic adapter kit."
    },
    {
      "acceptance": [
        "The sendable note names the official 1 September 2026 e-invoicing rollout and avoids the incorrect October-as-legal-trigger wording.",
        "The first paragraph is non-technical and explains partner value before API surfaces.",
        "Public roadmap/API docs identify the next proof as e-invoicing/VAT/accounting-treatment review, not a broad chatbot or architecture memo.",
        "The C4 map shows the e-invoicing/VAT proof fixture as the current near-term partner-integration wedge.",
        "Boundaries remain explicit: no partnership, no live third-party credentials, no paying users/ARR, no client-ready reliance, no certified professional review."
      ],
      "claim_note": "Receipt: data/ops/legipro_saas_0059_einvoicing_screening_note_public_docs_2026-06-29.json. Published/verified the non-technical e-invoicing-first screening note and aligned public API, roadmap and C4 wording around a credential-free e-invoicing/VAT proof path; boundaries remain no partnership, no live third-party credentials, no ARR, no client reliance, no Scenario launch and no professional certification.",
      "claimable": true,
      "closeout_to_changelog": "Record updated outreach note, public docs, C4 source path and unchanged readiness/professional boundaries.",
      "depends_on": [
        "SAAS-0046",
        "SAAS-0057",
        "SAAS-0058"
      ],
      "last_claim_utc": "2026-06-29T04:46:21Z",
      "owner": "/rook-410",
      "phase": "Now",
      "priority": "P0",
      "scope": "Update the sendable note, API/roadmap docs and architecture wording so the near-term pitch is one credential-free e-invoicing/VAT proof, with broader French accounting/legal coverage as the platform behind it.",
      "status": "done",
      "task_id": "SAAS-0059",
      "title": "Publish the e-invoicing-first screening note and public docs update",
      "why": "The first outreach should be readable by a non-technical executive assistant and should make the September 2026 e-invoicing/VAT workflow the obvious route into product/partner screening."
    },
    {
      "acceptance": [
        "A credentialed sandbox gate document exists with required security, auth, test and rollback evidence.",
        "The gate requires scoped secrets, no browser/mobile tokens, audit IDs, tenant/workspace isolation and no protected rotor mutation.",
        "The gate requires dry-run fixture parity before any live third-party sandbox call.",
        "The gate explicitly blocks production/customer data use until a separate legal/security/product approval path exists."
      ],
      "claimable": true,
      "closeout_to_changelog": "Record the sandbox promotion gate, security requirements and live-call approval boundary.",
      "depends_on": [
        "SAAS-0020",
        "SAAS-0025",
        "SAAS-0052",
        "SAAS-0053"
      ],
      "owner": "",
      "phase": "Later",
      "priority": "P2",
      "scope": "Create a promotion gate for enabling any third-party credentialed adapter mode, covering token storage, scopes, audit logs, network allowlists, dry-run parity, tests and rollback.",
      "status": "ready",
      "task_id": "SAAS-0055",
      "title": "Define the credentialed sandbox promotion gate",
      "why": "Moving from fixture stubs to live third-party sandbox calls should be deliberate, auditable and reversible, especially for accounting and cabinet workflows."
    }
  ]
}
