runfoo-org/morethanadiagnosis-hub
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs(openspec): apply baseline proposals → mark specs approved and add enforcement details

Browse source
This commit is contained in:
admin 2025-11-17 23:30:27 +00:00
parent 8c05a17067
commit 0cd2d50810
4 changed files with 29 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
openspec/specs/accessibility.md
View file

@ -1,6 +1,6 @@
# Accessibility Spec # Accessibility Spec
Status: draft Status: approved
Owners: Accessibility Lead Owners: Accessibility Lead
Standards Standards
@ -19,3 +19,6 @@ Validation
Nonfunctional Nonfunctional
- Performance budgets mindful of lowend devices and intermittent connectivity. - Performance budgets mindful of lowend devices and intermittent connectivity.
Enforcement & checklist
- CI blocks merges on critical a11y violations (axe, eslintpluginjsxa11y or platform equivalent).
- Manual checklist includes: focus order, keyboard traps, contrast, dynamic type, reduced motion, screen reader labels.

12
openspec/specs/architecture.md
View file

@ -1,6 +1,6 @@
# Architecture & APIs # Architecture & APIs
Status: draft Status: approved
Owners: Architecture Owners: Architecture
Overview Overview
@ -22,6 +22,14 @@ API standards
Data boundaries Data boundaries
- Strict separation of PHI/PII domains; audit and consent services. - Strict separation of PHI/PII domains; audit and consent services.
Quality gates & SLOs
- SLOs: p95 API latency ≤ 300ms for read endpoints; p95 ≤ 600ms for writes; 99.9% uptime for auth and read APIs, 99.5% for writes.
- CI: OpenAPI validation, breakingchange detection, security linters, dependency vulnerability checks.
- No PHI/PII in logs; redaction in place before merging.
Implementation notes
- Platform decision path: compare RN/Expo vs Flutter (mobile) and Next.js vs Flutter Web (web) in focused proposals; both must meet a11y and parity requirements.
- Feature flags for risky changes; explicit rollback procedures in each proposal.
Decisions Decisions
- <record crosscutting decisions here> - <record crosscutting decisions here>

6
openspec/specs/migration-wix.md
View file

@ -1,6 +1,6 @@
# Migration: Wix → Community Hub # Migration: Wix → Community Hub
Status: draft Status: approved
Owners: Data, Content Owners: Data, Content
Scope Scope
@ -26,3 +26,7 @@ Process
Rollback Rollback
- Keep original exports; implement reversible migrations; track IDs and redirects - Keep original exports; implement reversible migrations; track IDs and redirects
Acceptance criteria
- Dryrun import completes without critical errors; broken links < 1% and remediated.
- Redirects in place for migrated URLs; sitemap updated.
- Sampled content (N>=30 per type) matches expected formatting and accessibility criteria.

11
openspec/specs/privacy-compliance.md
View file

@ -1,6 +1,6 @@
# Privacy & Compliance Spec # Privacy & Compliance Spec
Status: draft Status: approved
Owners: Compliance, Security Owners: Compliance, Security
Scope Scope
@ -24,3 +24,12 @@ DSR & retention
Validation Validation
- Privacy & security review is a gate on every proposal that touches user data. - Privacy & security review is a gate on every proposal that touches user data.
Data subject request (DSR) workflow
- Intake: authenticated portal and support channel; track request ID and SLA clock.
- Verify: identity verification step appropriate to sensitivity; log access.
- Fulfill: export machinereadable JSON/CSV; delete with reversible softdelete window when permitted.
- Notify: confirmation to requester; record of processing activities updated.
Acceptance and enforcement
- CI policy checks for classification coverage and log redaction.
- Table/field inventory maintained in `data-model.md` with data class and retention policy.