docs: add legal readiness release gate#515
Merged
Merged
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 85acdc2cc8
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Adds a “legal readiness” release gate by introducing static guard scripts and updating documentation to consistently avoid absolute compliance claims while pinning legal/module OpenAPI surfaces.
Changes:
- Add shell/Node guard scripts to block absolute compliance wording and assert required OpenAPI endpoints exist in the snapshot.
- Add a new operator-facing “Legal Readiness Hub” doc and wire it into the release checklist and README/feature docs.
- Run the new guards as part of the local CI workflow.
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| scripts/tests/test-legal-readiness-wording.sh | Adds a ripgrep-based scan plus required-text assertions to prevent absolute compliance wording drift. |
| scripts/tests/test-legal-openapi-contract.sh | Adds a Node-based contract check against the committed OpenAPI snapshot for required legal/module endpoints. |
| docs/release-checklist.md | Adds a Legal readiness section and references the new guard scripts/hub. |
| docs/legal-readiness.md | Introduces the operator-facing legal-readiness hub with evidence map and review flow. |
| docs/GDPR.md | Softens absolute compliance language and adds a “Legal Readiness Checklist” framing. |
| docs/FEATURES.md | Replaces absolute compliance claims and clarifies module risk/enablement expectations. |
| docs/COMPLIANCE.md | Reframes compliance claims as “support/readiness” and updates checklists accordingly. |
| README.md | Replaces absolute badges/text with readiness framing and links to the new hub/checklist. |
| .github/scripts/fop-local-ci.sh | Runs the new legal-readiness wording and OpenAPI contract scripts in local CI. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds the ParkHub PHP legal-readiness release gate and operator evidence package
for German, EU, international, personal, and business deployment review.
Scope
docs/legal-readiness.mdas the operator-facing audit hub.docs/deployment-readiness-record.mdfor per-deployment jurisdiction,module/plugin, processor, CI/CD evidence, review status, and final human
go-live signoff.
docs/legal-readiness-parity.mdto keep Rust/PHP legal-readiness gates,module/plugin review policy, and operator boundaries aligned.
docs/release-checklist.mdso legal-readiness, deployment-readiness,parity, and legal/module OpenAPI review are part of release review.
scripts/tests/test-legal-readiness-wording.shscripts/tests/test-legal-openapi-contract.shfop legal catalogreference-only. Attorney review, citationverification, deployment-specific configuration review, human signoff, and
final legal judgment remain required.
Verification
git diff --check: passed.bash scripts/tests/test-legal-readiness-wording.sh: passed through fop.bash scripts/tests/test-legal-openapi-contract.sh: passed through fop..fop/reports/local-ci-pr-6a3db6981db1ef7c48e6a799888696ff34081b02.jsonpassed.
6a3db6981db1ef7c48e6a799888696ff34081b02.Review Boundary
This PR improves engineering evidence, release gates, and operator-facing
review workflow. It does not assert that any deployment is legally compliant.
Production use still requires qualified review of the actual operator,
jurisdiction, enabled modules, processors, retention settings, accessibility
scope, AI/ML features, and final legal texts.
Rust parity work exists locally on
t-6382-legal-readiness-rustand is waitingfor a green fop capacity window before the normal Rust pre-push path can run.