Context and Problem Statement
Current merge flow emits WP lifecycle transitions but does not produce a dedicated post-merge audit lifecycle, and does not persist audit status in feature metadata.
At the same time, dossier contracts already exist in spec-kitty-events and SaaS dossier projection exists, but current SaaS ingestion is focused on MissionDossierArtifactIndexed dispatch and not a post-merge mission-audit lifecycle.
As a result:
- There is no canonical "did delivered software match spec/plan/tasks" artifact at merge boundary.
- Event stream consumers cannot reliably project post-merge quality status.
- Dashboard and dossier views cannot consistently show post-merge audit outcomes.
Decision Drivers
- Ensure post-merge quality evaluation is auditable and replayable.
- Keep local-first execution authority while supporting SaaS projection parity.
- Provide deterministic artifact/event links for mission dossier materialization.
- Support human decision checkpoints for low-confidence or ambiguous audit results.
Considered Options
- Keep audit as manual command only, no merge integration.
- Trigger audit on merge when mission policy enables it; emit canonical events + artifact (chosen).
- Make SaaS perform post-merge audit independently.
Decision Outcome
Chosen option: "Trigger audit on merge when mission policy enables it; emit canonical events + artifact", because it preserves local authority and gives deterministic post-merge evidence.
Contract Details
- Merge MUST evaluate mission policy for audit trigger mode.
- If policy includes post-merge audit:
- initiate audit run,
- persist audit metadata in feature state,
- emit canonical mission-audit lifecycle events,
- materialize a dossier-indexed audit artifact.
- If policy does not include post-merge audit:
- do not run audit,
- emit explicit skip reason where applicable.
- Human clarification checkpoints are first-class decision events and appear in decision inbox projections.
Consequences
Positive
- Merge boundary gains deterministic quality evidence.
- Dashboard can reliably surface latest post-merge audit state.
- Dossier and event streams stay aligned for replay/debug.
Negative
- Merge flow complexity increases.
- Additional contract coordination required across repositories.
Neutral
- Some missions can remain manual-only audit by policy.
Confirmation
This decision is validated when:
- Merge-triggered audits produce canonical event sequences and artifact refs.
- Feature metadata reflects latest audit run/verdict deterministically.
- SaaS dashboard and dossier show the same audit result as local state.
Pros and Cons of the Options
Option 1: Manual-only audit
Post-merge quality checks are user-invoked only.
Pros:
- Simplest implementation.
- No merge-path latency impact.
Cons:
- Easy to skip accidentally.
- No reliable merge-boundary evidence.
Option 2: Merge-triggered policy-aware audit with events/artifact
Run audit from merge when mission policy declares post-merge behavior.
Pros:
- Deterministic post-merge quality traceability.
- Strong alignment with mission-driven execution.
Cons:
- Requires cross-repo implementation coordination.
- Must handle blocking/advisory behavior carefully.
Option 3: SaaS-side independent audit
Perform audit in SaaS materialization layer.
Pros:
- Keeps local merge path simpler.
- Centralized compute in cloud layer.
Cons:
- Breaks local-first authority model.
- Risks divergence from canonical local artifacts/events.
More Information
- PRD reference:
<spec-kitty-planning-repo>/product-ideas/mission-collaboration-platform-ddd/prd-mission-post-merge-audit-and-verify-repurpose-v1.md - Current merge command:
src/specify_cli/cli/commands/merge.py - Existing event emitter contracts:
src/specify_cli/sync/emitter.py - Existing dossier event/indexer model:
src/specify_cli/dossier/events.pysrc/specify_cli/dossier/indexer.py