{
  "phases": [
    {
      "id": "phase-01",
      "step": "Phase 01",
      "name": "Overview & Scope",
      "summary": "master root, project scope, manifest and continuity checkpoint.",
      "badge": "overview_scope",
      "layers": [
        {
          "title": "Overview & Scope",
          "desc": "master registration, project framing, entry manifest and continuity checkpoint.",
          "chips": [
            "master root",
            "project scope",
            "entry manifest",
            "checkpoint"
          ]
        }
      ]
    },
    {
      "id": "phase-02",
      "step": "Phase 02",
      "name": "Architecture & Engineering Canon",
      "summary": "cognitive architecture, governance, artifact structure, contracts, naming, state legitimacy, build promotion, deployment structure and contextual satellites.",
      "badge": "architecture_engineering_canon",
      "layers": [
        {
          "title": "Architecture & Engineering Canon",
          "desc": "authority and satellite documents that define Devon structural canon.",
          "chips": [
            "architecture",
            "governance",
            "contracts",
            "naming",
            "state legitimacy",
            "deployment"
          ]
        }
      ]
    },
    {
      "id": "phase-03",
      "step": "Phase 03",
      "name": "Cognitive Flow Canon",
      "summary": "deterministic orchestration, LLM role, retrieval role, validation order and execution gating.",
      "badge": "cognitive_flow_canon",
      "layers": [
        {
          "title": "Cognitive Flow Canon",
          "desc": "interpreter, decision, validation, execution, memory and retrieval in governed flow.",
          "chips": [
            "interpreter",
            "FSM",
            "validation",
            "execution",
            "memory",
            "retrieval"
          ]
        }
      ]
    },
    {
      "id": "phase-04",
      "step": "Phase 04",
      "name": "Containerization Canon",
      "summary": "container topology, isolation and host versus container runtime boundaries.",
      "badge": "containerization_canon",
      "layers": [
        {
          "title": "Containerization Canon",
          "desc": "runtime boundaries and isolation, without redefining sovereign architecture.",
          "chips": [
            "topology",
            "isolation",
            "runtime boundaries"
          ]
        }
      ]
    },
    {
      "id": "phase-05",
      "step": "Phase 05",
      "name": "Latency & Performance Canon",
      "summary": "latency model, hot path versus cold path, bounded execution and fallback behavior.",
      "badge": "latency_performance_canon",
      "layers": [
        {
          "title": "Latency & Performance Canon",
          "desc": "time traceability across modules, stages and end-to-end lifecycle.",
          "chips": [
            "latency",
            "hot path",
            "cold path",
            "fallback"
          ]
        }
      ]
    },
    {
      "id": "phase-06",
      "step": "Phase 06",
      "name": "Noise Reduction Canon",
      "summary": "signal preservation, redundancy elimination and unnecessary hop reduction.",
      "badge": "noise_reduction_canon",
      "layers": [
        {
          "title": "Noise Reduction Canon",
          "desc": "remove architectural waste and keep deterministic path lean.",
          "chips": [
            "signal",
            "redundancy elimination",
            "less path"
          ]
        }
      ]
    },
    {
      "id": "phase-07",
      "step": "Phase 07",
      "name": "Observability & Audit Canon",
      "summary": "audit-linked visibility, evidence continuity and operational observability.",
      "badge": "observability_audit_canon",
      "layers": [
        {
          "title": "Observability & Audit Canon",
          "desc": "traceability for runtime, memory and protected execution.",
          "chips": [
            "observability",
            "audit",
            "evidence continuity"
          ]
        }
      ]
    },
    {
      "id": "phase-08",
      "step": "Phase 08",
      "name": "Security Canon",
      "summary": "security governance, trust model, access boundaries, memory protection and monitoring.",
      "badge": "security_canon",
      "layers": [
        {
          "title": "Security Canon",
          "desc": "security governance with structured implementation artifacts.",
          "chips": [
            "zero trust",
            "access control",
            "memory protection",
            "monitoring"
          ]
        }
      ]
    },
    {
      "id": "phase-09",
      "step": "Phase 09",
      "name": "Operational Flows Canon",
      "summary": "execution sequence, operating flow mapping and operational order integrity.",
      "badge": "operational_flows_canon",
      "layers": [
        {
          "title": "Operational Flows Canon",
          "desc": "runtime sequence and flow order without redefining sovereign authorities.",
          "chips": [
            "operational flow",
            "sequence",
            "order integrity"
          ]
        }
      ]
    },
    {
      "id": "phase-10",
      "step": "Phase 10",
      "name": "Monitoring & Real-time Observability",
      "summary": "real-time host, container and service monitoring with SSE transport to the Operator Panel.",
      "badge": "monitoring_observability",
      "layers": [
        {
          "title": "Monitoring & Real-time Observability",
          "desc": "CPU, memory, disk, network, container health, security services and SSE bridge canon.",
          "chips": [
            "cpu",
            "memory",
            "containers",
            "network",
            "security",
            "SSE"
          ]
        }
      ]
    },
    {
      "id": "phase-11",
      "step": "Phase 11",
      "name": "Client Provisioning & Server Plans",
      "summary": "Client-owned server planning, billing authorization, provider provisioning and commercial guardrails before autonomous infrastructure action.",
      "badge": "client_provisioning_server_plans",
      "layers": [
        {
          "title": "Client provisioning control",
          "desc": "Defines the contract, billing, provider and purchase boundary before DEVON can provision or request client infrastructure.",
          "chips": [
            "client plan",
            "billing gate",
            "provider control",
            "purchase policy"
          ]
        }
      ]
    },
    {
      "id": "phase-12",
      "step": "Phase 12",
      "name": "Bootstrap Security & Runtime Installation",
      "summary": "Bootstrap authority, runtime installation, credential boundaries and first-server preparation before managed execution begins.",
      "badge": "bootstrap_security_runtime_installation",
      "layers": [
        {
          "title": "Secure bootstrap boundary",
          "desc": "Defines how a fresh client server becomes eligible for DEVON runtime installation without ad hoc shell trust.",
          "chips": [
            "bootstrap",
            "runtime install",
            "secret boundary",
            "first server"
          ]
        }
      ]
    },
    {
      "id": "phase-13",
      "step": "Phase 13",
      "name": "Backup Server & Recovery Infrastructure",
      "summary": "Backup node, encrypted recovery policy, restore validation and rollback infrastructure before fleet recovery claims are trusted.",
      "badge": "backup_server_recovery_infrastructure",
      "layers": [
        {
          "title": "Recovery infrastructure control",
          "desc": "Defines how backup and recovery infrastructure are planned before failover, rollback or restore operations become operational.",
          "chips": [
            "backup node",
            "restore proof",
            "encrypted recovery",
            "rollback"
          ]
        }
      ]
    },
    {
      "id": "phase-14",
      "step": "Phase 14",
      "name": "Fleet Monitoring, Mirror & Failover",
      "summary": "Fleet monitoring, mirror readiness, standby promotion and failover exposure after provisioning, bootstrap and backup foundations exist.",
      "badge": "fleet_monitoring_mirror_failover",
      "layers": [
        {
          "title": "Fleet continuity control",
          "desc": "Defines how monitored servers, mirrors and standby promotion gates become visible before autonomous fleet action.",
          "chips": [
            "fleet monitoring",
            "mirror",
            "standby",
            "failover"
          ]
        }
      ]
    }
  ],
  "categories": [
    {
      "id": "overview_scope",
      "title": "Overview & Scope",
      "sub": "master registration, project scope, manifest and continuity checkpoint.",
      "badge": "phase 01",
      "docs": [
        {
          "id": "master_architecture_index",
          "path": "../panel/data/master_architecture_index.md",
          "phase": "phase-01",
          "layer": "overview_scope",
          "role": "Supreme canonical root and registration authority.",
          "fits": "Defines registration, precedence, authority ownership and completeness rules.",
          "depends_on": [
            "panel_manifest",
            "project_scope"
          ],
          "used_by": [],
          "architecture_view": "Supreme human-readable root for all Devon canon.",
          "label": "Master Architecture Index",
          "type": "text"
        },
        {
          "id": "devon_dev_mission",
          "label": "Mission Canonical",
          "type": "json",
          "path": "../panel/data/devon_dev_mission_canonical.json",
          "phase": "phase-01",
          "layer": "overview_scope",
          "role": "Mission authority for DEVON-DEV identity, execution purpose and downstream operational legitimacy.",
          "fits": "Defines why DEVON-DEV exists before scope, sandbox, server registry, panel contracts, runtime execution or AI implementation are treated as executable work.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [
            "project_scope",
            "deployment_order",
            "sandbox_environment",
            "sandbox_manager",
            "server_registry",
            "panel_manifest"
          ],
          "architecture_view": "Primary mission authority for the DEVON-DEV execution model."
        },
        {
          "id": "project_scope",
          "path": "../panel/data/project_scope_canonical.json",
          "phase": "phase-01",
          "layer": "overview_scope",
          "role": "Machine-readable project scope authority.",
          "fits": "Defines project framing and scope surface.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Scope anchor for the project overview.",
          "label": "Project Scope Canonical",
          "type": "json"
        },
        {
          "id": "deployment_order",
          "path": "../panel/data/deployment_order_canonical.json",
          "phase": "phase-01",
          "layer": "overview_scope",
          "role": "Machine-readable deployment order authority.",
          "fits": "Defines canonical installation and configuration order.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Deployment order reference.",
          "label": "Deployment Order Canonical",
          "type": "json"
        },
        {
          "id": "sandbox_environment",
          "path": "../panel/data/sandbox_environment_canonical.json",
          "phase": "phase-01",
          "layer": "overview_scope",
          "role": "Machine-readable sandbox environment authority.",
          "fits": "Defines sandbox execution boundaries and environment expectations.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Sandbox boundary reference.",
          "label": "Sandbox Environment Canonical",
          "type": "json"
        },
        {
          "id": "sandbox_manager",
          "label": "Sandbox Manager Canonical",
          "type": "json",
          "path": "../panel/data/sandbox_manager_canonical.json",
          "phase": "phase-01",
          "layer": "overview_scope",
          "role": "Sandbox custody authority that keeps every DEVON-DEV change inside a controlled rehearsal boundary before production can be touched.",
          "fits": "Owns sandbox preparation, production mirroring, credential separation, preview isolation, sandbox logs, local rollback and promotion eligibility.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "project_scope",
            "deployment_order",
            "sandbox_environment"
          ],
          "used_by": [
            "server_registry",
            "panel_manifest",
            "devon_dev_work_policy_center",
            "requirements_scope_engine",
            "tool_registry",
            "validation_matrix",
            "artifact_registry"
          ],
          "architecture_view": "Sandbox custody and production-protection authority for the DEVON-DEV execution model."
        },
        {
          "id": "server_registry",
          "path": "../panel/data/server_registry_canonical.json",
          "phase": "phase-01",
          "layer": "overview_scope",
          "role": "Machine-readable server registry authority.",
          "fits": "Defines canonical server identities and registry surface.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Server registry reference.",
          "label": "Server Registry Canonical",
          "type": "json"
        },
        {
          "id": "panel_manifest",
          "path": "../panel/data/panel_manifest.json",
          "phase": "phase-01",
          "layer": "overview_scope",
          "role": "Entry manifest and machine-readable panel entry point.",
          "fits": "Belongs to project overview and registration surface.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Entry manifest for the panel and documentation surface.",
          "label": "Panel Manifest",
          "type": "json"
        },
        {
          "id": "project_progress_canonical",
          "path": "../panel/data/project_progress_canonical.json",
          "phase": "phase-01",
          "layer": "overview_scope",
          "role": "Sovereign canonical model for global project progress calculation.",
          "fits": "Defines the only valid calculation mode and required fields for global progress.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [
            "project_progress_model"
          ],
          "architecture_view": "Global progress canonical authority.",
          "label": "Project Progress Canonical",
          "type": "json"
        },
        {
          "id": "project_progress_model",
          "path": "../panel/data/project_progress_model.json",
          "phase": "phase-01",
          "layer": "overview_scope",
          "role": "Sovereign stage weighting model for global project progress.",
          "fits": "Defines explicit weights per stage for the global progress donut.",
          "depends_on": [
            "project_progress_canonical",
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Stage weight authority for global progress.",
          "label": "Project Progress Model",
          "type": "json"
        }
      ],
      "phase_id": "phase-01",
      "subcategories": [
        {
          "id": "prerequisites",
          "label": "prerequisites",
          "status": "ACTIVE",
          "buckets": [
            {
              "title": "Purpose",
              "items": [
                "Define the mandatory preconditions that must exist before Devon can be considered structurally valid as a canonical program, not merely as an isolated UI, host or runtime implementation.",
                "Answer without ambiguity what must exist before downstream phases can be trusted, why each prerequisite exists, which phase boundary it belongs to, which authority artifact governs it, which supporting artifacts operationalize it, which dependency chain it unlocks, and how Documentation Hub and Operator Panel must project it downstream.",
                "Treat the prerequisite model as program-wide, covering the full path from canonical registration and deployment order through architecture, runtime publication, trust controls, memory governance and monitoring exposure."
              ]
            },
            {
              "title": "Sovereign rule",
              "items": [
                "No downstream phase may be treated as structurally valid unless its upstream prerequisites are materially registered, bounded by authority, and observable through the canonical roots.",
                "Mandatory root split: panel/data = system state, contracts, schemas, DH bridge, runtime and support artifacts.",
                "Mandatory root split: canon = operational governance, rules, decisions, scope and continuity.",
                "Both roots are mandatory and may not be collapsed into a single mixed source of truth."
              ]
            },
            {
              "title": "Prerequisite classification model",
              "items": [
                "Canon prerequisites: these define whether the project is canonically registered and structurally governable.",
                "Canon prerequisites require a sovereign root reference, explicit file ownership and precedence, one concept = one primary authority, explicit phase/category/subcategory organization, and unambiguous deployment and reading order.",
                "Operational prerequisites: these define whether the project can be executed under the Devon operating law.",
                "Operational prerequisites require mandatory context reconstruction, no analysis without dump, no patch without dump, observable evidence before validation, and status restricted to PASS / FAIL / MISSING / PLANNED.",
                "Infrastructure prerequisites: these define whether the host and deployment substrate materially exist.",
                "Infrastructure prerequisites require an observable Devon host baseline, material base tooling, bounded security/network baseline, and explicit declaration of missing infrastructure as MISSING.",
                "Publication prerequisites: these define whether Devon can publish machine-readable truth to downstream consumers.",
                "Publication prerequisites require canonical runtime contracts, a publication bridge, contract-bounded exported runtime artifacts, and downstream UI consumption of published truth instead of local invention.",
                "Projection prerequisites: these define whether the Documentation Hub and Operator Panel are allowed to project the canon.",
                "Projection prerequisites require DH to project category/document authority correctly, Panel to read declared semantics correctly, navigation to preserve Phase -> Category, center workflow to preserve Subcategory -> Bucket -> Item, and no layer abstraction replacing documentary ownership."
              ]
            },
            {
              "title": "Global project prerequisites",
              "items": [
                "P01. Canonical root registration: Devon must have a sovereign architectural root that registers canonical existence, role, precedence, ownership and dependency mapping.",
                "P01 unlocks phase registration, category ownership, DH navigation integrity and downstream artifact legitimacy.",
                "P02. Source-of-truth separation: the project must preserve the hard split between governance and system state.",
                "P02 unlocks clean governance, safe DH projection, safe Panel consumption and conflict resolution.",
                "P03. Evidence-first operating law: all work must start from server evidence, never from chat memory.",
                "P03 requires /home/yeff/public_html/devon/context_dump.sh before analysis and patch generation, and unlocks valid diagnostics, valid status attribution and continuity integrity.",
                "P04. Global status model: every prerequisite must resolve into PASS, FAIL, MISSING or PLANNED.",
                "P04 unlocks deterministic validation, non-fictional progress reporting and project-wide boolean reading.",
                "P05. Structural organization model: the project must be organized through Phase, Category, Subcategory and installation / configuration order.",
                "P05 unlocks DH structure, category authority mapping and predictable downstream rendering."
              ]
            },
            {
              "title": "Cross-phase prerequisites",
              "items": [
                "P06. Deployment order must exist before expansion.",
                "P06 unlocks phase gating, dependency sequencing and non-chaotic implementation.",
                "P07. Authority ownership must exist before category materialization.",
                "P07 requires each phase/category to be bound to a sovereign authority document or tightly bounded documentary group, and unlocks category legitimacy, DH item binding and traceable document authority.",
                "P08. Contract artifacts must exist before runtime/UI truth claims.",
                "P08 requires runtime_expected_manifest.json, runtime_probe_registry.json, build_runtime_contracts.py, runtime_row_semantics_canonical.json, project_progress_canonical.json and project_progress_model.json, and unlocks trustworthy progress, stage-level reading and semantic completion logic.",
                "P09. Publication bridge must exist before downstream projection is trusted.",
                "P09 requires export_panel_runtime.sh and published artifacts such as runtime_snapshot.json, runtime_status.json, host_runtime.json, docker_runtime.json and project_progress.json, and unlocks real runtime visibility, panel synchronization and DH / Panel downstream consistency.",
                "P10. Semantic reading rules must exist before completion is shown.",
                "P10 requires deployment_stage, subcategory, row_kind, semantic_scope, counts_toward_completion, display_in_cards, display_in_donuts, ui_group and source_contract, and unlocks valid donuts, valid stage rollups and non-corrupt progress presentation."
              ]
            },
            {
              "title": "Infrastructure and environment prerequisites",
              "items": [
                "P11. Host baseline must be observable.",
                "P11 observed baseline includes Ubuntu 22.04.5 LTS, Linux 5.15.0-170-generic, x86-64, 6 vCPU, 11 GiB RAM, 100 GB disk and SSH exposed on port 22 only.",
                "P11 unlocks installation planning, security hardening and runtime deployment feasibility.",
                "P12. Security baseline must be bounded.",
                "P12 observed conditions include firewall active, UFW deny incoming / allow outgoing, inbound rule 22/tcp and iptables INPUT DROP / FORWARD DROP / OUTPUT ACCEPT.",
                "P12 observed missing conditions include reverse proxy = MISSING and TLS baseline = MISSING.",
                "P12 unlocks trusted service exposure, future publication hardening and runtime trust boundary expansion.",
                "P13. Base tooling must exist materially.",
                "P13 observed present tooling includes Python3, Git and Curl; observed missing tooling includes Docker, Docker Compose and Nginx.",
                "P13 unlocks container runtime, service publication, reverse proxy layer and operational packaging."
              ]
            },
            {
              "title": "Documentation Hub and Operator Panel prerequisites",
              "items": [
                "P14. Documentation Hub must preserve documentary authority.",
                "P14 requires left navigation to prioritize Phase -> Category and center workflow to render Subcategory -> Bucket -> Item, and unlocks readable canonical navigation and authority-safe documentation projection.",
                "P15. Panel must remain consumer-only.",
                "P15 requires Operator Panel to consume published runtime truth and never invent or patch semantic meaning ad hoc, and unlocks operational trust, reproducible progress and elimination of manual UI workaround logic.",
                "P16. Panel/DH bridge artifacts must exist.",
                "P16 observed support artifacts include hub_index.json, panel_manifest.json, panel_canonical_tree.json, panel_content_index.json, panel_navigation_spec.json, panel_component_contract.json, panel_data_contract.json, panel_sync_contract.json, panel_ui_blueprint.json and panel_runtime_bridge.json.",
                "P16 unlocks stable rendering, structural projection and future synchronization integrity."
              ]
            },
            {
              "title": "Program maturity prerequisites still open",
              "items": [
                "The project must explicitly preserve unresolved prerequisites as unresolved.",
                "Currently evidenced open prerequisites include reverse proxy, TLS baseline, Docker, Docker Compose, Nginx, full SSE bridge authority and full runtime publication maturity across all views.",
                "Open prerequisites may block downstream maturity, but they must never be hidden by UI completion cosmetics."
              ]
            },
            {
              "title": "Exit rule",
              "items": [
                "The prerequisites section is structurally complete only when it can answer, for every major project block: what exists.",
                "The prerequisites section is structurally complete only when it can answer, for every major project block: why it exists.",
                "The prerequisites section is structurally complete only when it can answer, for every major project block: where it enters the phase model.",
                "The prerequisites section is structurally complete only when it can answer, for every major project block: who governs it.",
                "The prerequisites section is structurally complete only when it can answer, for every major project block: what it depends on.",
                "The prerequisites section is structurally complete only when it can answer, for every major project block: what it unlocks next.",
                "The prerequisites section is structurally complete only when it can answer, for every major project block: which artifact is sovereign.",
                "The prerequisites section is structurally complete only when it can answer, for every major project block: which artifacts support it.",
                "The prerequisites section is structurally complete only when it can answer, for every major project block: how DH and Panel must project it downstream.",
                "If any of these questions cannot be answered materially, the prerequisite remains incomplete."
              ]
            }
          ]
        },
        {
          "id": "installation",
          "label": "installation",
          "status": "ACTIVE",
          "buckets": [
            {
              "title": "Installation scope",
              "items": [
                "define that installation covers the full project path from server baseline to final Devon UI",
                "define that installation is phase-ordered, not random",
                "define that no downstream installation is valid without upstream dependency readiness"
              ]
            },
            {
              "title": "Host and operating system baseline",
              "items": [
                "provision server",
                "validate OS baseline",
                "validate kernel / architecture / disk / memory baseline",
                "create canonical paths",
                "create service users / permissions model",
                "define filesystem ownership"
              ]
            },
            {
              "title": "Base tooling installation",
              "items": [
                "Python3",
                "Git",
                "Curl",
                "package manager dependencies",
                "shell/runtime helpers",
                "archive / compression / transport utilities",
                "cron / timers if required"
              ]
            },
            {
              "title": "Network, reverse proxy and transport baseline",
              "items": [
                "DNS / hostname binding",
                "firewall policy",
                "SSH baseline",
                "reverse proxy installation",
                "Nginx installation",
                "TLS baseline",
                "certificate renewal path",
                "exposed port policy"
              ]
            },
            {
              "title": "Container and service runtime",
              "items": [
                "Docker installation",
                "Docker Compose installation",
                "image pull policy",
                "container network model",
                "persistent volume model",
                "restart policy",
                "service boot order"
              ]
            },
            {
              "title": "Devon core path materialization",
              "items": [
                "/opt/devon baseline",
                "canon directories",
                "bin directories",
                "runtime publication directories",
                "export/sync directories",
                "environment files",
                "permissions and executable bits"
              ]
            },
            {
              "title": "Runtime contract base installation",
              "items": [
                "runtime_expected_manifest.json",
                "runtime_probe_registry.json",
                "build_runtime_contracts.py",
                "runtime row semantics base",
                "project progress calculation base",
                "contract compilation flow"
              ]
            },
            {
              "title": "Collector and publication pipeline",
              "items": [
                "collect_runtime.py placement",
                "export bridge installation",
                "export_panel_runtime.sh",
                "publication target paths",
                "runtime artifact write permissions",
                "sync execution trigger",
                "failure-safe publication order"
              ]
            },
            {
              "title": "Canon and governance layer installation",
              "items": [
                "canon root materialization",
                "rules of operation",
                "decisions registry",
                "scope registry",
                "next action registry",
                "continuity file",
                "checkpoint strategy"
              ]
            },
            {
              "title": "Architecture and authority document installation",
              "items": [
                "master root registration",
                "scope authority",
                "deployment order authority",
                "phase 02 authority docs",
                "phase 03 contextual docs",
                "supporting JSON artifacts",
                "sovereign/support separation rule"
              ]
            },
            {
              "title": "Security and trust installation",
              "items": [
                "host security artifacts",
                "app security artifacts",
                "module security artifacts",
                "runtime security artifacts",
                "delivery security artifacts",
                "approval policy",
                "memory isolation controls",
                "security monitoring controls"
              ]
            },
            {
              "title": "Memory, reasoning and tool execution installation",
              "items": [
                "memory architecture",
                "memory lifecycle",
                "learning governance",
                "planning/reasoning controls",
                "tool execution controls",
                "knowledge ingestion",
                "trust-bound activation sequence"
              ]
            },
            {
              "title": "Documentation Hub installation",
              "items": [
                "hub_index.json",
                "source bindings",
                "structured category renderer",
                "navigation tree",
                "subcategory workflow rendering",
                "canon-source viewer integration"
              ]
            },
            {
              "title": "Operator Panel / UI installation",
              "items": [
                "panel manifest",
                "panel canonical tree",
                "panel navigation spec",
                "panel content index",
                "panel UI blueprint",
                "panel runtime bridge",
                "component contracts",
                "data contracts",
                "sync contracts"
              ]
            },
            {
              "title": "Monitoring and real-time observability installation",
              "items": [
                "monitoring canonical",
                "SSE bridge canonical",
                "host/container/service metrics path",
                "refresh/transport model",
                "alert and threshold base",
                "publication to UI path"
              ]
            },
            {
              "title": "Installation dependency gates",
              "items": [
                "host before runtime",
                "runtime contracts before collector",
                "collector before publication",
                "canon before DH/UI reflection",
                "trust before memory-bearing runtime",
                "monitoring before real-time operational completeness"
              ]
            },
            {
              "title": "Open installation blockers",
              "items": [
                "reverse proxy if still missing",
                "TLS if still missing",
                "Docker if still missing",
                "Docker Compose if still missing",
                "Nginx if still missing",
                "SSE if still planned only",
                "incomplete runtime publication maturity if still open"
              ]
            },
            {
              "title": "Installation exit rule",
              "items": [
                "installation is complete only when every required layer is materially present",
                "no phase is install-complete if downstream UI depends on artifacts that are still missing",
                "installation completion must be evidence-based, never inferred"
              ]
            }
          ]
        },
        {
          "id": "configuration",
          "label": "configuration",
          "status": "ACTIVE",
          "buckets": [
            {
              "title": "Configuration scope",
              "items": [
                "define that configuration covers the full project path from server baseline to final Devon UI",
                "define that configuration is phase-ordered and dependency-bound",
                "define that no downstream configuration is valid without upstream installation readiness",
                "define that configuration completion must remain evidence-based and never inferred"
              ]
            },
            {
              "title": "Host and operating system baseline configuration",
              "items": [
                "hostname and server identity",
                "timezone, locale and clock baseline",
                "user, group and permission model",
                "filesystem ownership and path policy",
                "environment variable baseline",
                "service user boundaries",
                "resource baseline for CPU, memory and disk"
              ]
            },
            {
              "title": "Base tooling and shell/runtime configuration",
              "items": [
                "Python runtime path and execution policy",
                "Git baseline and repository access model",
                "Curl and transport utility baseline",
                "package manager sources and update policy",
                "shell helpers and runtime aliases if required",
                "archive / compression / transfer utility policy",
                "scheduler / cron / timer baseline if required"
              ]
            },
            {
              "title": "Network, reverse proxy and transport configuration",
              "items": [
                "DNS and hostname binding",
                "firewall rules and exposure policy",
                "SSH access baseline",
                "reverse proxy routing model",
                "Nginx vhost / upstream baseline",
                "TLS certificate and renewal baseline",
                "port exposure policy",
                "transport hardening and external access boundaries"
              ]
            },
            {
              "title": "Container and service runtime configuration",
              "items": [
                "Docker daemon baseline",
                "Docker Compose project model",
                "container network policy",
                "persistent volume policy",
                "image pull / version pinning policy",
                "restart policy",
                "service dependency order",
                "container environment file loading policy"
              ]
            },
            {
              "title": "Devon core paths and environment configuration",
              "items": [
                "/opt/devon path policy",
                "canon directory layout",
                "bin directory layout",
                "runtime publication directory policy",
                "export/sync directory policy",
                "environment file placement",
                "permissions and executable bits",
                "write/read ownership boundaries"
              ]
            },
            {
              "title": "Runtime contracts and semantic model configuration",
              "items": [
                "runtime_expected_manifest.json baseline",
                "runtime_probe_registry.json baseline",
                "build_runtime_contracts.py compilation path",
                "runtime row semantics configuration",
                "project progress model configuration",
                "stage completion semantic boundaries",
                "contract ownership and source-of-truth alignment"
              ]
            },
            {
              "title": "Collector and publication pipeline configuration",
              "items": [
                "collect_runtime.py execution model",
                "publication target path mapping",
                "export_panel_runtime.sh configuration",
                "artifact write permissions",
                "sync trigger policy",
                "failure-safe publication order",
                "consumer-side read-only expectations on Waresite"
              ]
            },
            {
              "title": "Canon and governance layer configuration",
              "items": [
                "canon root separation from panel/data",
                "rules of operation in force",
                "decision registry policy",
                "scope registry policy",
                "next action continuity policy",
                "checkpoint strategy",
                "context reconstruction rule"
              ]
            },
            {
              "title": "Architecture and authority document configuration",
              "items": [
                "master root registration policy",
                "scope authority boundaries",
                "deployment order authority boundaries",
                "phase 02 authority ownership",
                "phase 03 contextual ownership",
                "supporting JSON artifact alignment",
                "sovereign/support separation rule"
              ]
            },
            {
              "title": "Security and trust configuration",
              "items": [
                "host security baseline",
                "application security baseline",
                "module security baseline",
                "runtime security baseline",
                "delivery security baseline",
                "approval policy",
                "memory isolation boundaries",
                "security monitoring boundaries"
              ]
            },
            {
              "title": "Memory, reasoning and tool execution configuration",
              "items": [
                "memory architecture baseline",
                "memory lifecycle policy",
                "learning governance boundaries",
                "planning/reasoning control model",
                "tool execution permission model",
                "knowledge ingestion boundaries",
                "trust-bound activation order"
              ]
            },
            {
              "title": "Documentation Hub configuration",
              "items": [
                "hub_index.json structure",
                "source binding rules",
                "structured category renderer behavior",
                "navigation tree policy",
                "subcategory workflow rendering",
                "canon-source viewer integration",
                "DH projection must remain subordinate to canon"
              ]
            },
            {
              "title": "Operator Panel / UI configuration",
              "items": [
                "panel manifest configuration",
                "panel canonical tree configuration",
                "panel navigation spec configuration",
                "panel content index configuration",
                "panel UI blueprint configuration",
                "panel runtime bridge configuration",
                "component contract alignment",
                "data contract alignment",
                "sync contract alignment"
              ]
            },
            {
              "title": "Monitoring and real-time observability configuration",
              "items": [
                "monitoring canonical baseline",
                "SSE bridge configuration baseline",
                "host/container/service metric routing",
                "refresh / transport cadence",
                "alert and threshold baseline",
                "runtime-to-UI publication path",
                "real-time observability trust boundaries"
              ]
            },
            {
              "title": "Configuration dependency gates",
              "items": [
                "host before runtime",
                "runtime contracts before collector",
                "collector before publication",
                "canon before DH/UI reflection",
                "trust before memory-bearing runtime",
                "monitoring before real-time operational completeness"
              ]
            },
            {
              "title": "Open configuration blockers",
              "items": [
                "reverse proxy if still missing",
                "TLS if still missing",
                "Docker if still missing",
                "Docker Compose if still missing",
                "Nginx if still missing",
                "SSE if still planned only",
                "incomplete runtime publication maturity if still open"
              ]
            },
            {
              "title": "Configuration exit rule",
              "items": [
                "configuration is complete only when every required layer is materially aligned",
                "no phase is config-complete if downstream UI depends on artifacts that remain missing or misconfigured",
                "configuration completion must be evidence-based, never inferred"
              ]
            }
          ]
        },
        {
          "id": "validation",
          "label": "validation",
          "status": "ACTIVE",
          "buckets": [
            {
              "title": "Validation scope",
              "items": [
                "define that validation covers the full project path from server baseline to final Devon UI",
                "define that validation must be phase-ordered and dependency-aware",
                "define that no downstream layer may be treated as valid without upstream validation readiness",
                "define that validation completion must be evidence-based, never inferred"
              ]
            },
            {
              "title": "Validation model and status law",
              "items": [
                "validation resolves only through PASS, FAIL, MISSING or PLANNED",
                "PASS means observable evidence exists and validation succeeds",
                "FAIL means observable evidence exists and validation fails",
                "MISSING means required evidence does not exist materially",
                "PLANNED means the layer is formally defined but not materially present"
              ]
            },
            {
              "title": "Host and operating system validation",
              "items": [
                "validate server existence and host identity",
                "validate OS baseline",
                "validate kernel and architecture compatibility",
                "validate disk and memory baseline",
                "validate service exposure baseline",
                "validate user, group and permission baseline"
              ]
            },
            {
              "title": "Filesystem and path validation",
              "items": [
                "validate canonical root paths",
                "validate /opt/devon baseline",
                "validate /home/yeff/public_html/devon baseline",
                "validate canon directory layout",
                "validate bin directory layout",
                "validate runtime publication directories",
                "validate export/sync directories",
                "validate environment files and permission bits"
              ]
            },
            {
              "title": "Base tooling validation",
              "items": [
                "validate Python3 availability and execution path",
                "validate Git availability and repository access",
                "validate Curl availability",
                "validate package/runtime helpers if required",
                "validate archive / compression / transport utilities if required",
                "validate cron / timers if required"
              ]
            },
            {
              "title": "Network, proxy and transport validation",
              "items": [
                "validate DNS / hostname binding",
                "validate firewall policy",
                "validate SSH baseline",
                "validate reverse proxy presence and routing",
                "validate Nginx presence and configuration",
                "validate TLS presence and renewal path",
                "validate exposed port policy",
                "validate transport hardening boundaries"
              ]
            },
            {
              "title": "Container and service runtime validation",
              "items": [
                "validate Docker presence and daemon state",
                "validate Docker Compose presence",
                "validate container network model",
                "validate persistent volume model",
                "validate image pull / version pinning policy",
                "validate restart policy behavior",
                "validate service dependency order",
                "validate container environment loading"
              ]
            },
            {
              "title": "Runtime contract and semantic validation",
              "items": [
                "validate runtime_expected_manifest.json",
                "validate runtime_probe_registry.json",
                "validate build_runtime_contracts.py execution path",
                "validate runtime row semantics alignment",
                "validate project progress model alignment",
                "validate stage completion semantic boundaries",
                "validate source-of-truth ownership"
              ]
            },
            {
              "title": "Collector and publication pipeline validation",
              "items": [
                "validate collect_runtime.py execution",
                "validate collector output completeness",
                "validate export_panel_runtime.sh execution",
                "validate publication target paths",
                "validate runtime artifact write permissions",
                "validate sync trigger behavior",
                "validate failure-safe publication order",
                "validate Waresite consumer-side artifact refresh"
              ]
            },
            {
              "title": "Runtime artifact validation",
              "items": [
                "validate runtime_snapshot.json",
                "validate runtime_status.json",
                "validate host_runtime.json",
                "validate docker_runtime.json",
                "validate project_progress.json",
                "validate artifact refresh behavior",
                "validate artifact content against declared semantic contract"
              ]
            },
            {
              "title": "Canon and governance validation",
              "items": [
                "validate canon root existence and separation from panel/data",
                "validate rules of operation in force",
                "validate decisions registry",
                "validate scope registry",
                "validate next action registry",
                "validate continuity file",
                "validate checkpoint strategy",
                "validate context reconstruction rule compliance"
              ]
            },
            {
              "title": "Architecture and authority validation",
              "items": [
                "validate master root registration",
                "validate scope authority boundaries",
                "validate deployment order authority boundaries",
                "validate phase 02 authority docs",
                "validate phase 03 contextual docs",
                "validate supporting JSON artifacts",
                "validate sovereign/support separation"
              ]
            },
            {
              "title": "Security and trust validation",
              "items": [
                "validate host security baseline",
                "validate application security baseline",
                "validate module security baseline",
                "validate runtime security baseline",
                "validate delivery security baseline",
                "validate approval policy",
                "validate memory isolation boundaries",
                "validate security monitoring boundaries"
              ]
            },
            {
              "title": "Memory, reasoning and tool execution validation",
              "items": [
                "validate memory architecture baseline",
                "validate memory lifecycle policy",
                "validate learning governance boundaries",
                "validate planning/reasoning control model",
                "validate tool execution permission model",
                "validate knowledge ingestion boundaries",
                "validate trust-bound activation order"
              ]
            },
            {
              "title": "Documentation Hub and Panel validation",
              "items": [
                "validate hub_index.json readability and structure",
                "validate source binding rules",
                "validate structured category renderer behavior",
                "validate navigation tree integrity",
                "validate subcategory workflow rendering",
                "validate canon-source viewer integration",
                "validate panel manifest, tree, content index and blueprint alignment",
                "validate that UI reads published truth rather than inventing local state"
              ]
            },
            {
              "title": "Monitoring and real-time observability validation",
              "items": [
                "validate monitoring canonical baseline",
                "validate SSE bridge baseline or explicit planned status",
                "validate host/container/service metric routing",
                "validate refresh / transport cadence",
                "validate alert and threshold baseline",
                "validate runtime-to-UI publication path",
                "validate real-time observability trust boundaries"
              ]
            },
            {
              "title": "Validation dependency gates",
              "items": [
                "validate host before runtime",
                "validate runtime contracts before collector",
                "validate collector before publication",
                "validate canon before DH/UI reflection",
                "validate trust before memory-bearing runtime",
                "validate monitoring before real-time operational completeness"
              ]
            },
            {
              "title": "Open validation blockers",
              "items": [
                "reverse proxy if still missing",
                "TLS if still missing",
                "Docker if still missing",
                "Docker Compose if still missing",
                "Nginx if still missing",
                "SSE if still planned only",
                "incomplete runtime publication maturity if still open",
                "any downstream UI claim not backed by deterministic evidence"
              ]
            },
            {
              "title": "Validation exit rule",
              "items": [
                "validation is complete only when every required layer has deterministic proof of correctness",
                "no phase is validation-complete if downstream UI depends on missing, broken or non-validated artifacts",
                "validation completion must be evidence-based, never inferred"
              ]
            }
          ]
        },
        {
          "id": "observable_evidence",
          "label": "observable_evidence",
          "status": "ACTIVE",
          "buckets": [
            {
              "title": "Evidence scope",
              "items": [
                "define that observable evidence covers the full project path from server baseline to final Devon UI",
                "define that only materially observable state counts as valid evidence",
                "define that no downstream phase may claim readiness without upstream observable evidence",
                "define that evidence must be server-bound, artifact-bound or runtime-bound, never inferred"
              ]
            },
            {
              "title": "Host and operating system evidence",
              "items": [
                "server exists materially",
                "hostname is observable",
                "operating system baseline is observable",
                "kernel and architecture are observable",
                "disk and memory baseline are observable",
                "exposed listening services are observable",
                "user, group and permission baseline are observable"
              ]
            },
            {
              "title": "Filesystem and path evidence",
              "items": [
                "canonical root paths exist materially",
                "/opt/devon baseline is observable",
                "/home/yeff/public_html/devon baseline is observable",
                "canon directories are observable",
                "bin directories are observable",
                "runtime publication directories are observable",
                "export/sync directories are observable",
                "environment files and permission bits are observable"
              ]
            },
            {
              "title": "Base tooling evidence",
              "items": [
                "Python3 is observable",
                "Git is observable",
                "Curl is observable",
                "package/runtime helpers are observable if required",
                "archive / compression / transport utilities are observable if required",
                "cron / timers are observable if required"
              ]
            },
            {
              "title": "Network, proxy and transport evidence",
              "items": [
                "DNS / hostname binding is observable",
                "firewall policy is observable",
                "SSH baseline is observable",
                "reverse proxy presence is observable",
                "Nginx presence is observable",
                "TLS material presence is observable",
                "certificate renewal path is observable",
                "exposed port policy is observable"
              ]
            },
            {
              "title": "Container and service runtime evidence",
              "items": [
                "Docker presence is observable",
                "Docker Compose presence is observable",
                "container runtime state is observable",
                "image pull state is observable",
                "container network state is observable",
                "persistent volumes are observable",
                "restart policy behavior is observable",
                "service boot order effects are observable"
              ]
            },
            {
              "title": "Devon core path and environment evidence",
              "items": [
                "/opt/devon structure exists materially",
                "canon files exist materially",
                "executable scripts exist materially",
                "runtime publication paths exist materially",
                "export/sync paths exist materially",
                "environment file placement is observable",
                "permissions and executable bits are observable",
                "ownership boundaries are observable"
              ]
            },
            {
              "title": "Runtime contract evidence",
              "items": [
                "runtime_expected_manifest.json exists",
                "runtime_probe_registry.json exists",
                "build_runtime_contracts.py exists",
                "runtime row semantics base exists",
                "project progress calculation base exists",
                "contract compilation output is observable",
                "semantic field preservation is observable in published artifacts"
              ]
            },
            {
              "title": "Collector and publication pipeline evidence",
              "items": [
                "collect_runtime.py exists materially",
                "collector output is observable",
                "export_panel_runtime.sh exists materially",
                "publication target paths are observable",
                "runtime artifact writes are observable",
                "sync execution is observable",
                "failure-safe publication order is observable",
                "Waresite consumer-side artifacts are observable after export"
              ]
            },
            {
              "title": "Runtime artifact evidence",
              "items": [
                "runtime_snapshot.json exists",
                "runtime_status.json exists",
                "host_runtime.json exists",
                "docker_runtime.json exists",
                "project_progress.json exists",
                "artifact timestamps and refresh behavior are observable",
                "artifact content matches declared semantic contract"
              ]
            },
            {
              "title": "Canon and governance evidence",
              "items": [
                "canon root exists materially",
                "rules of operation file exists",
                "decisions registry exists",
                "scope registry exists",
                "next action registry exists",
                "continuity file exists",
                "checkpoint materialization is observable",
                "root separation between canon and panel/data is observable"
              ]
            },
            {
              "title": "Architecture and authority evidence",
              "items": [
                "master root registration is observable",
                "scope authority is observable",
                "deployment order authority is observable",
                "phase 02 authority docs are observable",
                "phase 03 contextual docs are observable",
                "supporting JSON artifacts are observable",
                "sovereign/support separation is observable in file placement and usage"
              ]
            },
            {
              "title": "Security and trust evidence",
              "items": [
                "host security artifacts exist",
                "app security artifacts exist",
                "module security artifacts exist",
                "runtime security artifacts exist",
                "delivery security artifacts exist",
                "approval policy artifact exists",
                "memory isolation controls are observable",
                "security monitoring controls are observable"
              ]
            },
            {
              "title": "Memory, reasoning and tool execution evidence",
              "items": [
                "memory architecture artifact exists",
                "memory lifecycle artifact exists",
                "learning governance artifact exists",
                "planning/reasoning artifact exists",
                "tool execution artifact exists",
                "knowledge ingestion artifact exists",
                "trust-bound activation sequence is observable in canon and downstream projection"
              ]
            },
            {
              "title": "Documentation Hub evidence",
              "items": [
                "hub_index.json exists and is readable",
                "source bindings are observable",
                "structured category renderer behavior is observable",
                "navigation tree is observable",
                "subcategory workflow rendering is observable",
                "canon-source viewer integration is observable",
                "DH projection remains subordinate to canon"
              ]
            },
            {
              "title": "Operator Panel / UI evidence",
              "items": [
                "panel manifest exists",
                "panel canonical tree exists",
                "panel navigation spec exists",
                "panel content index exists",
                "panel UI blueprint exists",
                "panel runtime bridge exists",
                "component contracts exist",
                "data contracts exist",
                "sync contracts exist",
                "UI reads published truth rather than inventing state locally"
              ]
            },
            {
              "title": "Monitoring and real-time observability evidence",
              "items": [
                "monitoring canonical exists",
                "SSE bridge canonical exists or remains explicitly planned",
                "host/container/service metric path is observable",
                "refresh/transport behavior is observable",
                "alert and threshold baseline is observable",
                "publication to UI path is observable",
                "real-time observability boundaries are observable"
              ]
            },
            {
              "title": "Evidence dependency gates",
              "items": [
                "host evidence before runtime evidence",
                "runtime contract evidence before collector evidence",
                "collector evidence before publication evidence",
                "canon evidence before DH/UI reflection evidence",
                "trust evidence before memory-bearing runtime evidence",
                "monitoring evidence before real-time operational completeness evidence"
              ]
            },
            {
              "title": "Open evidence gaps",
              "items": [
                "reverse proxy if still missing",
                "TLS if still missing",
                "Docker if still missing",
                "Docker Compose if still missing",
                "Nginx if still missing",
                "SSE if still planned only",
                "incomplete runtime publication maturity if still open",
                "any downstream UI claim not backed by server or artifact evidence"
              ]
            },
            {
              "title": "Observable evidence exit rule",
              "items": [
                "observable evidence is complete only when every required layer has material proof",
                "no phase is evidence-complete if downstream UI depends on missing or non-observable artifacts",
                "evidence completion must be based on observable server state, published artifacts or deterministic UI projection of those artifacts",
                "anything not materially observable remains MISSING"
              ]
            }
          ]
        },
        {
          "id": "failure_modes_recovery",
          "label": "failure_modes_recovery",
          "status": "ACTIVE",
          "buckets": [
            {
              "title": "Failure modes scope",
              "items": [
                "define that failure modes and recovery cover the full project path from server baseline to final Devon UI",
                "define that failure modes must be treated as operational realities, not edge-case afterthoughts",
                "define that recovery paths must be deterministic, evidence-based and phase-aware",
                "define that no downstream layer may hide upstream failure conditions"
              ]
            },
            {
              "title": "Host and operating system failures",
              "items": [
                "server unavailable or partially degraded",
                "OS baseline drift",
                "kernel or architecture mismatch",
                "disk exhaustion",
                "memory pressure or swap exhaustion",
                "permission or ownership corruption",
                "service user or execution boundary failure"
              ]
            },
            {
              "title": "Filesystem and path failures",
              "items": [
                "missing canonical root paths",
                "missing /opt/devon baseline",
                "broken canon directory layout",
                "missing runtime publication directories",
                "broken export/sync paths",
                "missing environment files",
                "incorrect executable bits",
                "write path denied by ownership or permissions"
              ]
            },
            {
              "title": "Base tooling failures",
              "items": [
                "Python runtime unavailable or mismatched",
                "Git unavailable or repository access broken",
                "Curl unavailable or transport helpers missing",
                "package/runtime helper mismatch",
                "archive / compression / transfer utilities unavailable",
                "scheduler / cron / timer path missing if required"
              ]
            },
            {
              "title": "Network, proxy and transport failures",
              "items": [
                "DNS or hostname mismatch",
                "firewall policy blocks expected exposure",
                "SSH baseline unavailable",
                "reverse proxy missing or misrouted",
                "Nginx missing or misconfigured",
                "TLS missing, expired or broken",
                "certificate renewal path broken",
                "port exposure diverges from policy"
              ]
            },
            {
              "title": "Container and service runtime failures",
              "items": [
                "Docker unavailable or daemon not running",
                "Docker Compose unavailable",
                "container network broken",
                "persistent volume path missing or detached",
                "restart policy not honored",
                "service boot order broken",
                "image pull or version pinning failure",
                "container environment loading failure"
              ]
            },
            {
              "title": "Runtime contract and semantic failures",
              "items": [
                "runtime_expected_manifest.json missing or stale",
                "runtime_probe_registry.json missing or stale",
                "build_runtime_contracts.py missing or failing",
                "runtime row semantics missing or inconsistent",
                "project progress model drift",
                "stage completion semantics corrupted",
                "source-of-truth boundary violated"
              ]
            },
            {
              "title": "Collector and publication pipeline failures",
              "items": [
                "collect_runtime.py missing or failing",
                "collector output incomplete or stale",
                "export_panel_runtime.sh missing or failing",
                "publication target path broken",
                "runtime artifact writes denied",
                "sync trigger missing or unreliable",
                "publication order not failure-safe",
                "Waresite consumer artifacts stale after export"
              ]
            },
            {
              "title": "Runtime artifact failures",
              "items": [
                "runtime_snapshot.json missing or stale",
                "runtime_status.json missing or stale",
                "host_runtime.json missing or stale",
                "docker_runtime.json missing or stale",
                "project_progress.json missing or stale",
                "artifact timestamps no longer refresh",
                "artifact content no longer matches semantic contract"
              ]
            },
            {
              "title": "Canon and governance failures",
              "items": [
                "canon root missing or mixed with panel/data",
                "rules of operation drift or absence",
                "decisions registry drift or absence",
                "scope registry drift or absence",
                "next action registry missing",
                "continuity file missing or stale",
                "checkpoint strategy broken",
                "context reconstruction rule bypassed"
              ]
            },
            {
              "title": "Architecture and authority failures",
              "items": [
                "master root registration broken",
                "scope authority drift",
                "deployment order authority drift",
                "phase 02 authority docs missing or stale",
                "phase 03 contextual docs missing or stale",
                "supporting JSON artifacts missing or stale",
                "sovereign/support separation violated"
              ]
            },
            {
              "title": "Security and trust failures",
              "items": [
                "host security artifacts missing",
                "app security artifacts missing",
                "module security artifacts missing",
                "runtime security artifacts missing",
                "delivery security artifacts missing",
                "approval policy missing or bypassed",
                "memory isolation broken",
                "security monitoring absent or stale"
              ]
            },
            {
              "title": "Memory, reasoning and tool execution failures",
              "items": [
                "memory architecture artifact missing",
                "memory lifecycle artifact missing",
                "learning governance artifact missing",
                "planning/reasoning artifact missing",
                "tool execution artifact missing",
                "knowledge ingestion artifact missing",
                "trust-bound activation order violated"
              ]
            },
            {
              "title": "Documentation Hub and UI failures",
              "items": [
                "hub_index.json unreadable or structurally broken",
                "source bindings broken",
                "structured category renderer drift",
                "navigation tree broken",
                "subcategory workflow rendering broken",
                "canon-source viewer integration broken",
                "UI projects stale or invented state instead of published truth"
              ]
            },
            {
              "title": "Monitoring and real-time observability failures",
              "items": [
                "monitoring canonical missing or stale",
                "SSE bridge canonical missing or only planned",
                "host/container/service metric path broken",
                "refresh / transport cadence broken",
                "alert and threshold baseline absent",
                "publication to UI path broken",
                "real-time observability trust boundaries violated"
              ]
            },
            {
              "title": "Recovery model",
              "items": [
                "restore source-of-truth boundaries first",
                "restore upstream dependency before downstream projection",
                "restore paths and permissions before runtime execution",
                "restore contracts before collector",
                "restore collector before publication",
                "restore publication before DH/UI trust"
              ]
            },
            {
              "title": "Recovery dependency gates",
              "items": [
                "host recovery before runtime recovery",
                "runtime contract recovery before collector recovery",
                "collector recovery before publication recovery",
                "canon recovery before DH/UI recovery",
                "trust recovery before memory-bearing runtime recovery",
                "monitoring recovery before real-time operational completeness recovery"
              ]
            },
            {
              "title": "Failure visibility rule",
              "items": [
                "any missing observable layer remains MISSING",
                "any broken but observable layer remains FAIL",
                "no UI completion may conceal unresolved failure state",
                "no recovery may be declared complete without material evidence"
              ]
            },
            {
              "title": "Failure modes and recovery exit rule",
              "items": [
                "failure handling is complete only when every required broken layer has a deterministic recovery path",
                "recovery is complete only when upstream dependencies are restored before downstream consumers rely on them",
                "recovery completion must be evidence-based, never inferred"
              ]
            }
          ]
        },
        {
          "id": "completion_promotion",
          "label": "completion_promotion",
          "status": "ACTIVE",
          "buckets": [
            {
              "title": "Completion and promotion scope",
              "items": [
                "define that completion and promotion cover the full project path from server baseline to final Devon UI",
                "define that completion is phase-ordered and dependency-bound",
                "define that promotion is only valid after upstream completion is materially proven",
                "define that no downstream layer may be promoted if upstream completion remains missing, failed or unvalidated"
              ]
            },
            {
              "title": "Completion model and promotion law",
              "items": [
                "completion must be determined by observable evidence, not by declared intent",
                "promotion must follow dependency order rather than cosmetic UI readiness",
                "no phase is complete if downstream consumers still depend on missing or broken upstream artifacts",
                "promotion must remain blocked when source-of-truth boundaries are unresolved",
                "completion and promotion must resolve through PASS, FAIL, MISSING or PLANNED"
              ]
            },
            {
              "title": "Host and operating system completion",
              "items": [
                "server baseline exists materially",
                "OS baseline is stable and validated",
                "kernel, architecture, disk and memory baseline are validated",
                "service exposure baseline is validated",
                "user, group and permission model is stable",
                "host is ready to unblock downstream runtime and publication layers"
              ]
            },
            {
              "title": "Filesystem and path completion",
              "items": [
                "canonical root paths exist materially",
                "/opt/devon baseline is complete",
                "/home/yeff/public_html/devon baseline is complete",
                "canon directory layout is complete",
                "bin directory layout is complete",
                "runtime publication directories are complete",
                "export/sync directories are complete",
                "environment files, permissions and executable bits are complete"
              ]
            },
            {
              "title": "Base tooling completion",
              "items": [
                "Python3 is installed, observable and validated",
                "Git is installed, observable and validated",
                "Curl is installed, observable and validated",
                "package/runtime helpers are complete if required",
                "archive / compression / transport utilities are complete if required",
                "cron / timers are complete if required"
              ]
            },
            {
              "title": "Network, proxy and transport completion",
              "items": [
                "DNS / hostname binding is complete",
                "firewall policy is complete",
                "SSH baseline is complete",
                "reverse proxy is complete if required",
                "Nginx is complete if required",
                "TLS baseline is complete if required",
                "certificate renewal path is complete if required",
                "port exposure policy is complete"
              ]
            },
            {
              "title": "Container and service runtime completion",
              "items": [
                "Docker is complete if required",
                "Docker Compose is complete if required",
                "container network model is complete",
                "persistent volume model is complete",
                "image pull / version pinning policy is complete",
                "restart policy behavior is complete",
                "service dependency order is complete",
                "container environment loading is complete"
              ]
            },
            {
              "title": "Runtime contract and semantic completion",
              "items": [
                "runtime_expected_manifest.json is complete and current",
                "runtime_probe_registry.json is complete and current",
                "build_runtime_contracts.py path and execution are complete",
                "runtime row semantics are complete and stable",
                "project progress model is complete and aligned",
                "stage completion semantic boundaries are complete",
                "source-of-truth ownership is complete and stable"
              ]
            },
            {
              "title": "Collector and publication pipeline completion",
              "items": [
                "collect_runtime.py is complete and validated",
                "collector output is complete",
                "export_panel_runtime.sh is complete and validated",
                "publication target paths are complete",
                "runtime artifact write permissions are complete",
                "sync trigger behavior is complete",
                "failure-safe publication order is complete",
                "Waresite consumer-side artifact refresh is complete"
              ]
            },
            {
              "title": "Runtime artifact completion",
              "items": [
                "runtime_snapshot.json is complete and current",
                "runtime_status.json is complete and current",
                "host_runtime.json is complete and current",
                "docker_runtime.json is complete and current",
                "project_progress.json is complete and current",
                "artifact refresh behavior is complete",
                "artifact content remains aligned with the semantic contract"
              ]
            },
            {
              "title": "Canon and governance completion",
              "items": [
                "canon root is complete and separated from panel/data",
                "rules of operation are complete and in force",
                "decisions registry is complete",
                "scope registry is complete",
                "next action registry is complete",
                "continuity file is complete",
                "checkpoint strategy is complete",
                "context reconstruction rule remains enforced"
              ]
            },
            {
              "title": "Architecture and authority completion",
              "items": [
                "master root registration is complete",
                "scope authority boundaries are complete",
                "deployment order authority boundaries are complete",
                "phase 02 authority docs are complete",
                "phase 03 contextual docs are complete",
                "supporting JSON artifacts are complete",
                "sovereign/support separation is complete"
              ]
            },
            {
              "title": "Security and trust completion",
              "items": [
                "host security baseline is complete",
                "application security baseline is complete",
                "module security baseline is complete",
                "runtime security baseline is complete",
                "delivery security baseline is complete",
                "approval policy is complete",
                "memory isolation boundaries are complete",
                "security monitoring boundaries are complete"
              ]
            },
            {
              "title": "Memory, reasoning and tool execution completion",
              "items": [
                "memory architecture baseline is complete",
                "memory lifecycle policy is complete",
                "learning governance boundaries are complete",
                "planning/reasoning control model is complete",
                "tool execution permission model is complete",
                "knowledge ingestion boundaries are complete",
                "trust-bound activation order is complete"
              ]
            },
            {
              "title": "Documentation Hub and Panel completion",
              "items": [
                "hub_index.json structure is complete and readable",
                "source binding rules are complete",
                "structured category renderer behavior is complete",
                "navigation tree integrity is complete",
                "subcategory workflow rendering is complete",
                "canon-source viewer integration is complete",
                "panel manifest, tree, content index and blueprint are complete",
                "UI reads published truth rather than inventing local state"
              ]
            },
            {
              "title": "Monitoring and real-time observability completion",
              "items": [
                "monitoring canonical baseline is complete",
                "SSE bridge baseline is complete or remains explicitly planned",
                "host/container/service metric routing is complete",
                "refresh / transport cadence is complete",
                "alert and threshold baseline is complete",
                "runtime-to-UI publication path is complete",
                "real-time observability trust boundaries are complete"
              ]
            },
            {
              "title": "Promotion dependency gates",
              "items": [
                "host completion before runtime promotion",
                "runtime contract completion before collector promotion",
                "collector completion before publication promotion",
                "canon completion before DH/UI reflection promotion",
                "trust completion before memory-bearing runtime promotion",
                "monitoring completion before real-time operational completeness promotion"
              ]
            },
            {
              "title": "Promotion blockers",
              "items": [
                "reverse proxy if still missing",
                "TLS if still missing",
                "Docker if still missing",
                "Docker Compose if still missing",
                "Nginx if still missing",
                "SSE if still planned only",
                "incomplete runtime publication maturity if still open",
                "any downstream UI claim not backed by completed and validated upstream layers"
              ]
            },
            {
              "title": "Completion and promotion exit rule",
              "items": [
                "completion is valid only when every required layer has material proof of readiness",
                "promotion is valid only when upstream dependencies are complete, validated and stable",
                "no phase is promotion-complete if downstream UI depends on missing, broken or unstable artifacts",
                "completion and promotion must remain evidence-based, never inferred"
              ]
            }
          ]
        }
      ]
    },
    {
      "id": "architecture_engineering_core",
      "title": "Architecture & Engineering Canon",
      "sub": "authority and satellite documents for architecture, governance, contracts, naming, deployment and contextual boundaries.",
      "badge": "phase 02",
      "docs": [
        {
          "id": "cas",
          "path": "../panel/data/cas.md",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Primary authority for cognitive architecture placement.",
          "fits": "Owns architecture layers and separation between probabilistic and deterministic components.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [
            "cfc",
            "ccc",
            "lpc",
            "sec",
            "ofc"
          ],
          "architecture_view": "Sovereign architecture meaning.",
          "label": "CAS · Cognitive Architecture Spec",
          "type": "text"
        },
        {
          "id": "cgs",
          "path": "../panel/data/cgs.md",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Primary governance authority.",
          "fits": "Owns governance structure and canonical responsibility boundaries.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Governance backbone of the structural canon.",
          "label": "CGS · Canonical Governance Spec",
          "type": "text"
        },
        {
          "id": "devon_dev_work_policy_center",
          "label": "Work Policy Center Canonical",
          "type": "json",
          "path": "../panel/data/devon_dev_work_policy_center_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Policy authority that turns DEVON-DEV work rules into a consultable governance center before execution, tooling, planning or promotion can be trusted.",
          "fits": "Centralizes project instructions, coding standards, patch policy, sandbox policy, production policy, documentation policy, planning policy, validation policy, rollback policy, security policy, memory policy, learning policy, UI policy and server operation policy.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs"
          ],
          "used_by": [
            "documentation_before_code",
            "requirements_scope_engine",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry",
            "validation_matrix",
            "artifact_registry"
          ],
          "architecture_view": "Primary work-policy authority for DEVON-DEV execution governance."
        },
        {
          "id": "documentation_before_code",
          "label": "Documentation Before Code Canonical",
          "type": "json",
          "path": "../panel/data/documentation_before_code_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Pre-code documentation authority that blocks DEVON-DEV from touching implementation before task intent, scope, risk, validation and rollback are structurally declared.",
          "fits": "Forces every technical task to expose objective, scope, out-of-scope boundaries, likely files, operational risk, validation path and rollback path before code, shell, patch or deployment work can start.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center"
          ],
          "used_by": [
            "requirements_scope_engine",
            "project_dependency_graph",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry",
            "validation_matrix",
            "artifact_registry"
          ],
          "architecture_view": "Primary pre-code documentation authority for DEVON-DEV execution governance."
        },
        {
          "id": "requirements_scope_engine",
          "label": "Requirements & Scope Engine Canonical",
          "type": "json",
          "path": "../panel/data/requirements_scope_engine_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Executable-scope authority that turns user demand into a bounded contract before planning, dependency mapping, tooling or implementation can begin.",
          "fits": "Produces objective, scope, out-of-scope boundaries, affected files, affected directories, affected services, affected database objects, risk, assumptions to block, acceptance criteria, validation plan and rollback plan.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code"
          ],
          "used_by": [
            "project_dependency_graph",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry",
            "validation_matrix",
            "artifact_registry"
          ],
          "architecture_view": "Primary executable-scope authority for DEVON-DEV task intake and downstream planning."
        },
        {
          "id": "project_dependency_graph",
          "label": "Project Dependency Graph Canonical",
          "type": "json",
          "path": "../panel/data/project_dependency_graph_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Dependency-impact authority that maps how a declared change can propagate across files, imports, routes, endpoints, views, components, modules, database objects, services, configs and downstream consumers.",
          "fits": "Turns executable scope into an impact graph before DEVON-DEV is allowed to patch, run tools, validate or promote work that may affect connected surfaces.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine"
          ],
          "used_by": [
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry",
            "validation_matrix",
            "artifact_registry"
          ],
          "architecture_view": "Primary dependency-impact mapping authority for DEVON-DEV execution safety."
        },
        {
          "id": "validation_matrix",
          "label": "Validation Matrix Canonical",
          "type": "json",
          "path": "../panel/data/validation_matrix_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Validation-selection authority that binds each change type to mandatory checks before DEVON-DEV can accept a patch, command result, migration, config change or deployment candidate.",
          "fits": "Maps PHP, JavaScript, CSS/HTML, database, server configuration and production deployment changes to required checks such as syntax validation, build, console check, render check, backup, dry-run, rollback, config test, health check, approval and post-deploy validation.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph"
          ],
          "used_by": [
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry",
            "artifact_registry"
          ],
          "architecture_view": "Primary validation-routing authority for DEVON-DEV execution safety."
        },
        {
          "id": "artifact_registry",
          "label": "Artifact Registry Canonical",
          "type": "json",
          "path": "../panel/data/artifact_registry_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Execution-artifact authority that binds patches, diffs, backups, test reports, releases, rollbacks, affected files, operator, environment and status into traceable DEVON-DEV work records.",
          "fits": "Prevents DEVON-DEV from leaving patches, backups, reports, releases and rollback records as loose outputs disconnected from the task, validation route and affected environment.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix"
          ],
          "used_by": [
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry"
          ],
          "architecture_view": "Primary artifact traceability authority for DEVON-DEV execution evidence."
        },
        {
          "id": "fsm_absolute_decision",
          "label": "FSM Absolute Decision Canonical",
          "type": "json",
          "path": "../panel/data/fsm_absolute_decision_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Absolute decision authority that strips decision power from the LLM and assigns every executable transition to the FSM.",
          "fits": "Defines that the LLM interprets while the FSM decides planning, file access, writes, directory creation, command execution, external knowledge use, source acceptance, patch application, REPLACE, APPEND, tests, deploy, rollback and promotion.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix",
            "artifact_registry"
          ],
          "used_by": [
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry",
            "config_registry",
            "architecture_decision_records",
            "architecture_source_registry"
          ],
          "architecture_view": "Primary decision sovereignty authority for DEVON-DEV execution governance."
        },
        {
          "id": "decision_rule_registry",
          "label": "Decision Rule Registry Canonical",
          "type": "json",
          "path": "../panel/data/decision_rule_registry_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Decision-rule authority that turns FSM sovereignty into concrete rule records with conditions, allowed decisions, blocked decisions, required evidence, gates, fallback state and human approval requirements.",
          "fits": "Stores the objective rules consumed by the FSM so DEVON-DEV can decide APPEND, production promotion, high-risk commands, external source use and rollback requirements without relying on prompt interpretation.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix",
            "artifact_registry",
            "fsm_absolute_decision"
          ],
          "used_by": [
            "policy_compiler",
            "tool_registry",
            "config_registry",
            "architecture_decision_records",
            "architecture_source_registry"
          ],
          "architecture_view": "Primary decision-rule registry authority for DEVON-DEV FSM execution."
        },
        {
          "id": "policy_compiler",
          "label": "Policy Compiler Canonical",
          "type": "json",
          "path": "../panel/data/policy_compiler_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Policy-compilation authority that transforms human DEVON-DEV policies into operational rule material consumable by the FSM and Decision Rule Registry.",
          "fits": "Converts coding, patch, server, sandbox, production, internet, memory, security and validation policies into executable conditions such as BLOCK_APPEND when APPEND is requested while a canonical REPLACE point exists.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix",
            "artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry"
          ],
          "used_by": [
            "tool_registry",
            "config_registry",
            "architecture_decision_records",
            "architecture_source_registry"
          ],
          "architecture_view": "Primary policy-to-rule compilation authority for DEVON-DEV governance."
        },
        {
          "id": "tool_registry",
          "label": "Tool Registry Canonical",
          "type": "json",
          "path": "../panel/data/tool_registry_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Tool-catalog authority that defines which DEVON-DEV actions exist and the operational conditions required before each action can be exposed or executed.",
          "fits": "Declares tools such as read_file, write_file, replace_block, create_file, create_directory, move_file, copy_file, delete_file, list_directory, search_files, diff_file, run_shell, run_tests, run_build, deploy, rollback, restart_service, install_package, search_web and fetch_url with environment, risk, gate, backup, approval, timeout, log, rollback and status rules.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix",
            "artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler"
          ],
          "used_by": [
            "config_registry",
            "architecture_decision_records",
            "architecture_source_registry",
            "devon_dev_admin_console",
            "floating_chat",
            "modal_action_system",
            "ui_state_machine"
          ],
          "architecture_view": "Primary tool catalog and execution-permission authority for DEVON-DEV operations."
        },
        {
          "id": "config_registry",
          "label": "Config Registry Canonical",
          "type": "json",
          "path": "../panel/data/config_registry_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Non-secret configuration authority that version-controls and validates operational parameters across DEVON-DEV services, environments, workers and preview flows.",
          "fits": "Governs non-secret environment variables, ports, paths, runtime flags, feature flags, service parameters, internal URLs, timeout limits, resource limits, cache policy, sandbox/prod mode, worker configuration and preview configuration while keeping secrets under separate authority.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix",
            "artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry"
          ],
          "used_by": [
            "architecture_decision_records",
            "architecture_source_registry",
            "devon_dev_admin_console",
            "floating_chat",
            "modal_action_system",
            "ui_state_machine"
          ],
          "architecture_view": "Primary non-secret configuration authority for DEVON-DEV runtime consistency."
        },
        {
          "id": "human_approval_service",
          "label": "Human Approval Service Canonical",
          "path": "../panel/data/human_approval_service_canonical.json",
          "type": "json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Register human approvals required by FSM-controlled critical actions.",
          "fits": "Create auditable approval records for risky operations, including operator identity, requested action, environment, evidence snapshot, risk level, expiration, revocation and approval status.",
          "depends_on": [
            "fsm_absolute_decision",
            "modal_action_system",
            "audit_trail"
          ],
          "used_by": [
            "production_deployment_gate",
            "migration_runner",
            "filesystem_operations",
            "security_governance"
          ],
          "architecture_view": "FSM remains the decision authority. Modal Action System presents the interaction. Audit Trail preserves evidence. Production Deployment Gate, migration flow, destructive filesystem operations and policy changes can all require this approval record before they proceed.",
          "contract_view": "Approval without this service is only visual consent. A production deploy, destructive migration, server change or policy mutation can appear approved while leaving no durable proof that the right operator authorized the right action against the right evidence at the right time."
        },
        {
          "id": "architecture_decision_records",
          "label": "Architecture Decision Records Canonical",
          "type": "json",
          "path": "../panel/data/architecture_decision_records_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Architecture-decision memory authority that records why DEVON-DEV made structural choices before those choices become policy, rules, tooling, runtime behavior or UI constraints.",
          "fits": "Preserves decisions such as LLM never decides, FSM decides everything, sandbox first, REPLACE first, APPEND exception, internet as candidate evidence and production requiring gates with adr_id, decision, context, rejected alternatives, impact, status and date.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix",
            "artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry",
            "config_registry"
          ],
          "used_by": [
            "architecture_source_registry",
            "devon_dev_admin_console",
            "floating_chat",
            "modal_action_system",
            "ui_state_machine"
          ],
          "architecture_view": "Primary architectural decision provenance authority for DEVON-DEV governance."
        },
        {
          "id": "architecture_source_registry",
          "label": "Architecture Source Registry Canonical",
          "type": "json",
          "path": "../panel/data/architecture_source_registry_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Architecture-source authority that indexes which DH documents, canon files, project sources, operational rules, accepted official documentation and decision records may guide DEVON-DEV architecture.",
          "fits": "Prevents architecture guidance from being scattered across chats, loose files, unverified references or stale memory by giving every accepted source a registry entry and provenance role.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix",
            "artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry",
            "config_registry",
            "architecture_decision_records"
          ],
          "used_by": [
            "devon_dev_admin_console",
            "floating_chat",
            "modal_action_system",
            "ui_state_machine"
          ],
          "architecture_view": "Primary canonical-source authority for DEVON-DEV architecture governance."
        },
        {
          "id": "acs",
          "path": "../panel/data/acs.md",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Primary artifact canon authority.",
          "fits": "Defines artifact structure and canonical placement logic.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Artifact structure ownership.",
          "label": "ACS · Artifact Canon Structure",
          "type": "text"
        },
        {
          "id": "css",
          "path": "../panel/data/css.md",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Primary contracts and schemas authority.",
          "fits": "Owns contracts, schema legitimacy and structured interfaces.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Schema and contract sovereignty.",
          "label": "CSS · Contracts & Schemas Spec",
          "type": "text"
        },
        {
          "id": "ncs",
          "path": "../panel/data/ncs.md",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Primary naming authority.",
          "fits": "Owns naming legitimacy across canon artifacts.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Naming governance surface.",
          "label": "NCS · Naming Canon Spec",
          "type": "text"
        },
        {
          "id": "sts",
          "path": "../panel/data/sts.md",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Primary state legitimacy authority.",
          "fits": "Owns state legitimacy and transition boundary rules.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [
            "cfc",
            "ofc"
          ],
          "architecture_view": "State governance authority.",
          "label": "STS · State Transition Spec",
          "type": "text"
        },
        {
          "id": "brps",
          "path": "../panel/data/brps.md",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Primary release and promotion authority.",
          "fits": "Owns build, release and promotion rules, including packaging audit, SBOM, sourcemap blocking, sensitive artifact protection and environment-aware promotion safeguards.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Promotion governance surface with release packaging safeguards.",
          "label": "BRPS · Build Release Promotion Spec",
          "type": "text"
        },
        {
          "id": "cdms",
          "path": "../panel/data/cdms.md",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Primary deployment structure authority.",
          "fits": "Owns deployment structure and placement boundaries.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Deployment structure authority.",
          "label": "CDMS · Canonical Deployment Model Spec",
          "type": "text"
        },
        {
          "id": "ris",
          "path": "../panel/data/ris.md",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Satellite contextual document.",
          "fits": "Provides role interaction context without redefining sovereign authority.",
          "depends_on": [
            "cas",
            "cfc"
          ],
          "used_by": [],
          "architecture_view": "Contextual relation layer.",
          "label": "RIS · Role Interaction Spec",
          "type": "text"
        },
        {
          "id": "ofms",
          "path": "../panel/data/ofms.md",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Satellite contextual document.",
          "fits": "Provides contextual flow mapping without redefining canonical flow.",
          "depends_on": [
            "cfc",
            "ofc"
          ],
          "used_by": [],
          "architecture_view": "Contextual flow map.",
          "label": "OFMS · Operational Flow Mapping Spec",
          "type": "text"
        },
        {
          "id": "card_contract_minimums",
          "path": "../panel/data/card_contract_minimums.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Structured contract support artifact.",
          "fits": "Defines minimum card contract fields for panel and documentation surfaces.",
          "depends_on": [
            "css"
          ],
          "used_by": [],
          "architecture_view": "Contract minimum support layer.",
          "label": "Card Contract Minimums",
          "type": "json"
        },
        {
          "id": "panel_data_contract",
          "path": "../panel/data/panel_data_contract.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Structured panel data contract authority.",
          "fits": "Defines machine-readable panel data contract boundaries.",
          "depends_on": [
            "css"
          ],
          "used_by": [],
          "architecture_view": "Panel data contract support layer.",
          "label": "Panel Data Contract",
          "type": "json"
        },
        {
          "id": "panel_component_contract",
          "path": "../panel/data/panel_component_contract.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Structured panel component contract authority.",
          "fits": "Defines machine-readable component contract boundaries.",
          "depends_on": [
            "css"
          ],
          "used_by": [],
          "architecture_view": "Panel component contract support layer.",
          "label": "Panel Component Contract",
          "type": "json"
        },
        {
          "id": "panel_sync_contract",
          "path": "../panel/data/panel_sync_contract.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Structured panel sync contract authority.",
          "fits": "Defines machine-readable sync contract boundaries.",
          "depends_on": [
            "css"
          ],
          "used_by": [],
          "architecture_view": "Panel sync contract support layer.",
          "label": "Panel Sync Contract",
          "type": "json"
        },
        {
          "id": "panel_canonical_tree",
          "path": "../panel/data/panel_canonical_tree.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Primary panel canonical tree authority.",
          "fits": "Defines structural panel tree and canonical UI grouping.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Panel tree authority.",
          "label": "Panel Canonical Tree",
          "type": "json"
        },
        {
          "id": "panel_navigation_spec",
          "path": "../panel/data/panel_navigation_spec.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Primary panel navigation authority.",
          "fits": "Defines canonical panel navigation structure.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Panel navigation authority.",
          "label": "Panel Navigation Spec",
          "type": "json"
        },
        {
          "id": "panel_ui_blueprint",
          "path": "../panel/data/panel_ui_blueprint.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Primary panel UI blueprint authority.",
          "fits": "Defines canonical panel UI blueprint expectations.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Panel UI blueprint authority.",
          "label": "Panel UI Blueprint",
          "type": "json"
        },
        {
          "id": "devon_dev_admin_console",
          "label": "Admin Console Canonical",
          "type": "json",
          "path": "../panel/data/devon_dev_admin_console_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Administrative control-surface authority that moves DEVON-DEV platform management out of direct terminal dependency and into gated UI operations.",
          "fits": "Defines the administrative area for containers, services, users, permissions, policies, tools, environments, models, queues, integrations, masked keys, health checks, jobs, releases, incidents, configs and approval records.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix",
            "artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry",
            "config_registry",
            "architecture_decision_records",
            "architecture_source_registry"
          ],
          "used_by": [
            "floating_chat",
            "modal_action_system",
            "ui_state_machine"
          ],
          "architecture_view": "Primary administrative UI authority for DEVON-DEV platform governance."
        },
        {
          "id": "devon_dev_ui_workspace",
          "label": "UI Workspace Canonical",
          "path": "../panel/data/devon_dev_ui_workspace_canonical.json",
          "type": "json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Define the operational workspace where DEVON-DEV exposes code, preview, files, terminal evidence, diffs, modals and chat without losing execution focus.",
          "fits": "Govern the primary UI workspace layout contract that hosts editor, preview, file tree, terminal output, diff viewer, log panel, modal action system and floating chat as one controlled operator surface.",
          "depends_on": [
            "ui_state_machine",
            "floating_chat",
            "modal_action_system"
          ],
          "used_by": [
            "devon_dev_admin_console",
            "preview_engine",
            "terminal_output_panel",
            "human_approval_service"
          ],
          "architecture_view": "Floating Chat, Modal Action System and UI State Machine are downstream interface mechanisms. Admin Console governs administrative control. Preview Engine renders sandbox evidence. The workspace category is the structural host that decides how those UI capabilities can be composed without breaking operator cognition.",
          "contract_view": "When the workspace is missing, DEVON-DEV can still have isolated UI components, but no governed operating room. Code, preview, logs, chat and approvals compete for space; the operator loses context exactly when execution decisions require concentrated evidence."
        },
        {
          "id": "floating_chat",
          "label": "Floating Chat Canonical",
          "type": "json",
          "path": "../panel/data/floating_chat_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Floating interaction authority that keeps DEVON-DEV guidance available without converting the engineering workspace into a fixed chat layout.",
          "fits": "Defines chat as a suspended, minimizable, expandable and movable UI component inside devon-web-ui, controlled by UI state and allowed to hand contextual demands to modal actions without occupying fixed editor or preview space.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix",
            "artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry",
            "config_registry",
            "architecture_decision_records",
            "architecture_source_registry",
            "devon_dev_admin_console"
          ],
          "used_by": [
            "modal_action_system",
            "ui_state_machine"
          ],
          "architecture_view": "Primary floating-chat interaction authority for DEVON-DEV workspace ergonomics."
        },
        {
          "id": "modal_action_system",
          "label": "Modal Action System Canonical",
          "type": "json",
          "path": "../panel/data/modal_action_system_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Contextual action authority that routes DEVON-DEV decisions, approvals, diffs, errors, tests, deploys, rollbacks, logs, memory, learning and server configuration into modal workflows instead of cluttering the workspace.",
          "fits": "Defines Planning Modal, Policy Modal, Diff Modal, Approval Modal, Error Modal, Test Modal, Deploy Modal, Rollback Modal, Logs Modal, Memory Modal, Learning Modal and Server Config Modal as focused UI surfaces integrated with FSM and approval state.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix",
            "artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry",
            "config_registry",
            "architecture_decision_records",
            "architecture_source_registry",
            "devon_dev_admin_console",
            "floating_chat"
          ],
          "used_by": [
            "ui_state_machine"
          ],
          "architecture_view": "Primary contextual-modal authority for DEVON-DEV operational UI."
        },
        {
          "id": "ui_state_machine",
          "label": "UI State Machine Canonical",
          "type": "json",
          "path": "../panel/data/ui_state_machine_canonical.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Interface-state authority that keeps DEVON-DEV visual state synchronized with real FSM-backed execution state.",
          "fits": "Controls UI transitions for IDLE, PLANNING, WAITING_APPROVAL, EDITING_SANDBOX, RUNNING_TESTS, TEST_FAILED, READY_TO_DEPLOY, DEPLOY_BLOCKED, DEPLOYED and ROLLBACK_REQUIRED without becoming a separate decision engine.",
          "depends_on": [
            "master_architecture_index",
            "devon_dev_mission",
            "cas",
            "cgs",
            "devon_dev_work_policy_center",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix",
            "artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "policy_compiler",
            "tool_registry",
            "config_registry",
            "architecture_decision_records",
            "architecture_source_registry",
            "devon_dev_admin_console",
            "floating_chat",
            "modal_action_system"
          ],
          "used_by": [
            "floating_chat",
            "modal_action_system"
          ],
          "architecture_view": "Primary UI state-transition authority for DEVON-DEV operational interface."
        },
        {
          "id": "canonical_matrix_v1",
          "path": "../panel/data/canonical_matrix_v1.json",
          "phase": "phase-02",
          "layer": "architecture_engineering_core",
          "role": "Primary canonical matrix authority.",
          "fits": "Defines machine-readable canonical matrix structure.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Canonical matrix authority.",
          "label": "Canonical Matrix v1",
          "type": "json"
        }
      ],
      "phase_id": "phase-02",
      "subcategories": [
        {
          "id": "prerequisites",
          "label": "prerequisites",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "installation",
          "label": "installation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "configuration",
          "label": "configuration",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "validation",
          "label": "validation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "observable_evidence",
          "label": "observable_evidence",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "failure_modes_recovery",
          "label": "failure_modes_recovery",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "completion_promotion",
          "label": "completion_promotion",
          "status": "MISSING",
          "buckets": []
        }
      ]
    },
    {
      "id": "cognitive_flow",
      "title": "Cognitive Flow Canon",
      "sub": "deterministic orchestration, validation order, execution gating and flow control.",
      "badge": "phase 03",
      "docs": [
        {
          "id": "cfc",
          "path": "../panel/data/cfc.md",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Primary authority for deterministic orchestration.",
          "fits": "Owns governed flow, validation order and execution permission.",
          "depends_on": [
            "cas",
            "sts"
          ],
          "used_by": [
            "ofc",
            "lpc",
            "ris"
          ],
          "architecture_view": "Sovereign flow meaning.",
          "label": "CFC · Cognitive Flow Canon",
          "type": "text"
        },
        {
          "id": "local_llm_runtime",
          "label": "Local LLM Runtime Canonical",
          "type": "json",
          "path": "../panel/data/local_llm_runtime_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Local interpretive-runtime authority that keeps DEVON-DEV's language layer self-hosted, benchmark-gated and subordinate to FSM decision control.",
          "fits": "Declares that the LLM runtime is local/self-hosted, external APIs are not decision dependencies, final runtime selection remains MISSING until benchmark, GPU is not mandatory without explicit decision, and the current server is baseline rather than final ceiling.",
          "depends_on": [
            "cfc",
            "fsm_absolute_decision",
            "tool_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "qwen_coder_model",
            "qwen_data_interpreter",
            "internal_rag",
            "retrieval_engine",
            "embeddings_engine",
            "vector_index"
          ],
          "architecture_view": "Primary local LLM runtime authority for DEVON-DEV interpretation."
        },
        {
          "id": "qwen_coder_model",
          "label": "Qwen Coder Model Canonical",
          "type": "json",
          "path": "../panel/data/qwen_coder_model_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Development-model authority that identifies Qwen3-Coder-Next as the strategic code interpreter for DEVON-DEV while keeping material readiness blocked until runtime, installation and benchmark evidence exist.",
          "fits": "Declares the coder model role for code, patches, architecture, debug, file reading, technical analysis and candidate generation without allowing the model to decide execution, gates, deployment or promotion.",
          "depends_on": [
            "cfc",
            "local_llm_runtime",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "tool_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "internal_rag",
            "retrieval_engine",
            "prompt_governance",
            "prompt_instruction_assembly",
            "modelops_llmops",
            "benchmark_evaluation_harness",
            "code_quality_learning"
          ],
          "architecture_view": "Primary coder-model authority for DEVON-DEV technical interpretation."
        },
        {
          "id": "qwen_data_interpreter",
          "label": "Qwen Data Interpreter Canonical",
          "type": "json",
          "path": "../panel/data/qwen_data_interpreter_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Operational-data model authority that separates logs, JSON payloads, runtime snapshots, status files, command outputs, metrics and validation evidence from code-specialist interpretation.",
          "fits": "Declares the local Qwen data-interpreter role while keeping final model version MISSING until benchmark proves that operational evidence can be read without forcing the coder model to interpret every non-code signal.",
          "depends_on": [
            "cfc",
            "local_llm_runtime",
            "qwen_coder_model",
            "fsm_absolute_decision",
            "artifact_registry",
            "validation_matrix",
            "architecture_source_registry"
          ],
          "used_by": [
            "internal_rag",
            "retrieval_engine",
            "evidence_store",
            "runtime_status",
            "observability_core",
            "execution_logs",
            "prompt_governance",
            "modelops_llmops",
            "benchmark_evaluation_harness"
          ],
          "architecture_view": "Primary operational-data interpretation authority for DEVON-DEV cognitive flow."
        },
        {
          "id": "internal_rag",
          "label": "Internal RAG Canonical",
          "type": "json",
          "path": "../panel/data/internal_rag_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Internal-evidence retrieval authority that forces DEVON-DEV interpretation to start from project evidence instead of model memory, prompt habit or inference.",
          "fits": "Retrieves DH, canon, JSON mirrors, project files, logs, backups, patches, runtime snapshots, policies and memory before interpretation, using a future Python RAG service with retrieval pipeline, context builder and evidence resolver.",
          "depends_on": [
            "cfc",
            "local_llm_runtime",
            "qwen_coder_model",
            "qwen_data_interpreter",
            "architecture_source_registry",
            "artifact_registry",
            "validation_matrix",
            "fsm_absolute_decision"
          ],
          "used_by": [
            "retrieval_engine",
            "embeddings_engine",
            "vector_index",
            "evidence_store",
            "knowledge_conflict_resolver",
            "prompt_governance",
            "prompt_instruction_assembly",
            "observability_core"
          ],
          "architecture_view": "Primary internal RAG authority for DEVON-DEV evidence-first interpretation."
        },
        {
          "id": "retrieval_engine",
          "label": "Retrieval Engine Canonical",
          "type": "json",
          "path": "../panel/data/retrieval_engine_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Evidence-search authority that turns Internal RAG from a retrieval intention into concrete technical search by path, doc_id, category_id, phase_id, status, branch, text, contract, command, log and error.",
          "fits": "Defines file search, index search, metadata search and hybrid search as the mechanism that finds material evidence before context building, model interpretation, validation reasoning or recovery analysis.",
          "depends_on": [
            "cfc",
            "local_llm_runtime",
            "qwen_coder_model",
            "qwen_data_interpreter",
            "internal_rag",
            "architecture_source_registry",
            "artifact_registry",
            "validation_matrix",
            "fsm_absolute_decision"
          ],
          "used_by": [
            "embeddings_engine",
            "vector_index",
            "evidence_store",
            "knowledge_conflict_resolver",
            "prompt_governance",
            "prompt_instruction_assembly",
            "observability_core",
            "self_monitoring"
          ],
          "architecture_view": "Primary technical retrieval authority for DEVON-DEV evidence search."
        },
        {
          "id": "embeddings_engine",
          "label": "Embeddings Engine Canonical",
          "type": "json",
          "path": "../panel/data/embeddings_engine_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Semantic-representation authority that converts DEVON-DEV text, code and evidence into comparable vectors for retrieval ranking, duplicate detection, category comparison and context selection.",
          "fits": "Defines local embeddings as the semantic layer behind searching DH excerpts, comparing categories, detecting duplicated text, recovering similar patches, finding relevant context and ranking evidence without replacing material provenance.",
          "depends_on": [
            "cfc",
            "local_llm_runtime",
            "qwen_coder_model",
            "qwen_data_interpreter",
            "internal_rag",
            "retrieval_engine",
            "architecture_source_registry",
            "artifact_registry",
            "fsm_absolute_decision"
          ],
          "used_by": [
            "vector_index",
            "evidence_store",
            "knowledge_conflict_resolver",
            "prompt_governance",
            "prompt_instruction_assembly",
            "self_monitoring",
            "retrieval_quality_scorer"
          ],
          "architecture_view": "Primary semantic representation authority for DEVON-DEV retrieval and context ranking."
        },
        {
          "id": "vector_index",
          "label": "Vector Index Canonical",
          "type": "json",
          "path": "../panel/data/vector_index_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Vector persistence authority that stores and queries embeddings for retrieval, memory and context without locking DEVON-DEV into a vector vendor before benchmark evidence exists.",
          "fits": "Declares vector database or vector extension as MISSING until benchmark, forbids premature commitment to Qdrant, Chroma, pgvector, Redis, Pinecone or any other product, and defines the future devon-vector-index target when a dedicated service is justified.",
          "depends_on": [
            "cfc",
            "local_llm_runtime",
            "internal_rag",
            "retrieval_engine",
            "embeddings_engine",
            "architecture_source_registry",
            "artifact_registry",
            "fsm_absolute_decision"
          ],
          "used_by": [
            "evidence_store",
            "knowledge_conflict_resolver",
            "prompt_governance",
            "prompt_instruction_assembly",
            "memory_lifecycle",
            "partitioned_memory",
            "retrieval_quality_scorer",
            "self_monitoring"
          ],
          "architecture_view": "Primary vector persistence authority for DEVON-DEV semantic retrieval and memory."
        },
        {
          "id": "external_knowledge_access",
          "label": "External Knowledge Access Canonical",
          "type": "json",
          "path": "../panel/data/external_knowledge_access_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "External-evidence access authority that lets DEVON-DEV research outside material without allowing internet results to override internal evidence, FSM gates or source trust decisions.",
          "fits": "Defines governed access to web search, HTTP fetch, browser automation, crawler, content extraction, web cache, citation registry, freshness validation and source conflict detection as candidate-evidence flow, not decision authority.",
          "depends_on": [
            "cfc",
            "local_llm_runtime",
            "internal_rag",
            "retrieval_engine",
            "embeddings_engine",
            "vector_index",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "tool_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "source_trust_registry",
            "evidence_store",
            "knowledge_conflict_resolver",
            "prompt_governance",
            "prompt_instruction_assembly",
            "observability_core"
          ],
          "architecture_view": "Primary governed external knowledge authority for DEVON-DEV internet and external evidence acquisition."
        },
        {
          "id": "source_trust_registry",
          "label": "Source Trust Registry Canonical",
          "type": "json",
          "path": "../panel/data/source_trust_registry_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "External-source trust authority that classifies outside material before DEVON-DEV can treat it as usable evidence.",
          "fits": "Defines TRUSTED, PARTIAL, CONFLICTED, STALE, UNVERIFIED and BLOCKED_SOURCE states so official documentation can outrank auxiliary sources while external material never overrides current internal server evidence.",
          "depends_on": [
            "cfc",
            "external_knowledge_access",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "tool_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "evidence_store",
            "knowledge_conflict_resolver",
            "prompt_governance",
            "prompt_instruction_assembly",
            "internal_rag",
            "observability_core"
          ],
          "architecture_view": "Primary trust-classification authority for DEVON-DEV external evidence."
        },
        {
          "id": "evidence_store",
          "label": "Evidence Store Canonical",
          "type": "json",
          "path": "../panel/data/evidence_store_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Evidence-persistence authority that records what DEVON-DEV used as internal or external evidence before model interpretation, FSM acceptance, prompt assembly, recovery or audit.",
          "fits": "Stores source, path_or_url, timestamp, hash, excerpt, status, freshness, used_by_task and accepted_by_fsm so evidence remains provable after retrieval, trust classification, prompt injection and decision review.",
          "depends_on": [
            "cfc",
            "internal_rag",
            "retrieval_engine",
            "embeddings_engine",
            "vector_index",
            "external_knowledge_access",
            "source_trust_registry",
            "artifact_registry",
            "fsm_absolute_decision",
            "architecture_source_registry"
          ],
          "used_by": [
            "knowledge_conflict_resolver",
            "prompt_governance",
            "prompt_instruction_assembly",
            "modelops_llmops",
            "benchmark_evaluation_harness",
            "observability_core",
            "self_monitoring"
          ],
          "architecture_view": "Primary evidence persistence authority for DEVON-DEV interpretive auditability."
        },
        {
          "id": "knowledge_conflict_resolver",
          "label": "Knowledge Conflict Resolver Canonical",
          "type": "json",
          "path": "../panel/data/knowledge_conflict_resolver_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Knowledge-conflict authority that resolves disagreements between internal evidence, external sources, DH, canon, JSON mirrors, runtime state and model interpretation before context is accepted.",
          "fits": "Defines conflict handling when sources disagree, freshness differs, trust levels diverge, runtime evidence contradicts documentation, or retrieved context cannot be safely merged into a prompt.",
          "depends_on": [
            "cfc",
            "internal_rag",
            "retrieval_engine",
            "embeddings_engine",
            "vector_index",
            "external_knowledge_access",
            "source_trust_registry",
            "evidence_store",
            "fsm_absolute_decision",
            "architecture_source_registry"
          ],
          "used_by": [
            "prompt_governance",
            "prompt_instruction_assembly",
            "planning_engine",
            "impact_analysis_engine",
            "modelops_llmops",
            "benchmark_evaluation_harness",
            "observability_core",
            "self_monitoring"
          ],
          "architecture_view": "Primary knowledge conflict authority for DEVON-DEV context acceptance."
        },
        {
          "id": "prompt_governance",
          "label": "Prompt Governance Canonical",
          "type": "json",
          "path": "../panel/data/prompt_governance_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Prompt-audit authority that governs what policy, evidence, exclusions, context, instruction structure and model response entered the LLM boundary before interpretation was accepted or rejected.",
          "fits": "Versions, tests and audits prompts by recording which policy entered, which evidence entered, which context was excluded, which prompt was assembled, which response returned and which interpretation the FSM accepted or rejected.",
          "depends_on": [
            "cfc",
            "local_llm_runtime",
            "qwen_coder_model",
            "qwen_data_interpreter",
            "internal_rag",
            "retrieval_engine",
            "embeddings_engine",
            "vector_index",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "prompt_instruction_assembly",
            "planning_engine",
            "impact_analysis_engine",
            "modelops_llmops",
            "benchmark_evaluation_harness",
            "self_monitoring",
            "observability_core"
          ],
          "architecture_view": "Primary prompt governance authority for DEVON-DEV interpretive auditability."
        },
        {
          "id": "prompt_instruction_assembly",
          "label": "Prompt / Instruction Assembly Canonical",
          "type": "json",
          "path": "../panel/data/prompt_instruction_assembly_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Prompt-construction authority that turns operator intent, accepted evidence, active policy, scope, files, environment, FSM state and restrictions into a controlled instruction payload.",
          "fits": "Builds the exact prompt and instruction package sent to the LLM after evidence retrieval, trust classification, conflict handling and prompt governance have determined what is allowed to cross the model boundary.",
          "depends_on": [
            "cfc",
            "local_llm_runtime",
            "qwen_coder_model",
            "qwen_data_interpreter",
            "internal_rag",
            "retrieval_engine",
            "embeddings_engine",
            "vector_index",
            "external_knowledge_access",
            "source_trust_registry",
            "evidence_store",
            "knowledge_conflict_resolver",
            "prompt_governance",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "planning_engine",
            "impact_analysis_engine",
            "attention_focus_manager",
            "goals_manager",
            "modelops_llmops",
            "benchmark_evaluation_harness",
            "observability_core",
            "self_monitoring"
          ],
          "architecture_view": "Primary prompt assembly authority for DEVON-DEV controlled model input."
        },
        {
          "id": "planning_engine",
          "label": "Planning Engine Canonical",
          "type": "json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "path": "../panel/data/planning_engine_canonical.json",
          "role": "Execution-planning authority that converts approved scope and assembled context into an ordered technical plan before DEVON-DEV touches files, commands, directories, tests, rollback or gates.",
          "fits": "Defines action order, files to read, files to alter, directories to create, required commands, dependencies, mandatory tests, operational risk, rollback path and FSM gates so execution cannot degrade into improvised command sequence.",
          "depends_on": [
            "cfc",
            "documentation_before_code",
            "requirements_scope_engine",
            "project_dependency_graph",
            "validation_matrix",
            "artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "tool_registry",
            "prompt_governance",
            "prompt_instruction_assembly",
            "knowledge_conflict_resolver",
            "evidence_store",
            "architecture_source_registry"
          ],
          "used_by": [
            "impact_analysis_engine",
            "attention_focus_manager",
            "goals_manager",
            "modelops_llmops",
            "benchmark_evaluation_harness",
            "observability_core",
            "execution_ledger",
            "simulation_dry_run_engine"
          ],
          "architecture_view": "Primary planning authority for DEVON-DEV controlled execution sequencing."
        },
        {
          "id": "impact_analysis_engine",
          "label": "Impact Analysis Engine Canonical",
          "type": "json",
          "path": "../panel/data/impact_analysis_engine_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Pre-execution consequence authority that classifies what a planned DEVON-DEV action can affect before the system reads, edits, runs, tests, deploys or promotes anything.",
          "fits": "Assigns NO_IMPACT, LOW_IMPACT, MEDIUM_IMPACT, HIGH_IMPACT, CRITICAL_IMPACT or UNKNOWN_IMPACT to planned actions, with UNKNOWN_IMPACT blocking or requiring analysis and approval before execution can continue.",
          "depends_on": [
            "cfc",
            "project_dependency_graph",
            "planning_engine",
            "requirements_scope_engine",
            "validation_matrix",
            "artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "tool_registry",
            "prompt_governance",
            "prompt_instruction_assembly",
            "knowledge_conflict_resolver",
            "evidence_store",
            "architecture_source_registry"
          ],
          "used_by": [
            "attention_focus_manager",
            "goals_manager",
            "simulation_dry_run_engine",
            "test_validation_runner",
            "execution_ledger",
            "security_risk_engine",
            "observability_core",
            "self_monitoring"
          ],
          "architecture_view": "Primary impact classification authority for DEVON-DEV pre-execution safety."
        },
        {
          "id": "attention_focus_manager",
          "label": "Attention / Focus Manager Canonical",
          "type": "json",
          "path": "../panel/data/attention_focus_manager_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Task-focus authority that keeps DEVON-DEV cognitively bound to the active task, project, file set, risk profile and accepted context instead of drifting across unrelated material.",
          "fits": "Prevents scope drift, task mixing, project switching, irrelevant lateral context and prompt saturation while preserving only the evidence, plan, impact state and goal material that belongs to the active execution thread.",
          "depends_on": [
            "cfc",
            "prompt_governance",
            "prompt_instruction_assembly",
            "planning_engine",
            "impact_analysis_engine",
            "knowledge_conflict_resolver",
            "evidence_store",
            "goals_manager",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "goals_manager",
            "modelops_llmops",
            "benchmark_evaluation_harness",
            "observability_core",
            "self_monitoring",
            "execution_ledger"
          ],
          "architecture_view": "Primary focus-control authority for DEVON-DEV active task cognition."
        },
        {
          "id": "goals_manager",
          "label": "Goals Manager Canonical",
          "type": "json",
          "path": "../panel/data/goals_manager_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Goal-integrity authority that keeps DEVON-DEV bound to the requested operational objective, completion criteria, allowed scope, blocked scope, status and dependencies.",
          "fits": "Registers goal_id, current objective, completion criteria, allowed scope, blocked scope, status and dependencies so the system cannot deliver technically valid work that solves the wrong problem.",
          "depends_on": [
            "cfc",
            "requirements_scope_engine",
            "prompt_governance",
            "prompt_instruction_assembly",
            "planning_engine",
            "impact_analysis_engine",
            "attention_focus_manager",
            "knowledge_conflict_resolver",
            "evidence_store",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "planning_engine",
            "impact_analysis_engine",
            "attention_focus_manager",
            "modelops_llmops",
            "benchmark_evaluation_harness",
            "observability_core",
            "self_monitoring",
            "execution_ledger"
          ],
          "architecture_view": "Primary goal-integrity authority for DEVON-DEV task completion control."
        },
        {
          "id": "modelops_llmops",
          "label": "ModelOps / LLMOps Canonical",
          "type": "json",
          "path": "../panel/data/modelops_llmops_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Model-operations authority that governs DEVON-DEV local models, runtimes, versions, benchmarks, regressions, prompt evaluations, token/context metrics, latency metrics, health checks and promotion gates.",
          "fits": "Controls model evolution so Qwen Coder, Qwen Data Interpreter, embeddings models and future local model variants cannot be swapped, promoted, rolled back or trusted without benchmark evidence and regression visibility.",
          "depends_on": [
            "cfc",
            "local_llm_runtime",
            "qwen_coder_model",
            "qwen_data_interpreter",
            "embeddings_engine",
            "vector_index",
            "prompt_governance",
            "prompt_instruction_assembly",
            "planning_engine",
            "impact_analysis_engine",
            "attention_focus_manager",
            "goals_manager",
            "evidence_store",
            "knowledge_conflict_resolver",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "model_artifact_registry",
            "benchmark_evaluation_harness",
            "observability_core",
            "self_monitoring",
            "runtime_status",
            "execution_ledger",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary model operations authority for DEVON-DEV local LLM lifecycle and regression control."
        },
        {
          "id": "model_artifact_registry",
          "label": "Model Artifact Registry Canonical",
          "type": "json",
          "path": "../panel/data/model_artifact_registry_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Model-artifact provenance authority that registers every local model file before DEVON-DEV can load, benchmark, promote, roll back or audit it.",
          "fits": "Records model_id, model_family, model_name, model_role, file_format, quantization, file_path, checksum, source_url, license, download_date, benchmark_id, runtime_compatibility, status and promotion_gate for Qwen, embeddings and future auxiliary models.",
          "depends_on": [
            "cfc",
            "local_llm_runtime",
            "qwen_coder_model",
            "qwen_data_interpreter",
            "embeddings_engine",
            "modelops_llmops",
            "benchmark_evaluation_harness",
            "evidence_store",
            "source_trust_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "modelops_llmops",
            "benchmark_evaluation_harness",
            "local_llm_runtime",
            "qwen_coder_model",
            "qwen_data_interpreter",
            "embeddings_engine",
            "observability_core",
            "runtime_status",
            "self_monitoring",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary model artifact provenance authority for DEVON-DEV local AI assets."
        },
        {
          "id": "benchmark_evaluation_harness",
          "label": "Benchmark & Evaluation Harness Canonical",
          "type": "json",
          "path": "../panel/data/benchmark_evaluation_harness_canonical.json",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Benchmark authority that measures DEVON-DEV model, runtime, prompt, retrieval, planning and validation behavior before any local AI component can be promoted as viable.",
          "fits": "Measures whether the system can read errors, locate causes, generate clean REPLACE patches, avoid improper APPEND, follow policy, use correct evidence, respect FSM, interpret external documentation, plan sandbox work and validate without touching production.",
          "depends_on": [
            "cfc",
            "local_llm_runtime",
            "qwen_coder_model",
            "qwen_data_interpreter",
            "embeddings_engine",
            "vector_index",
            "external_knowledge_access",
            "source_trust_registry",
            "evidence_store",
            "knowledge_conflict_resolver",
            "prompt_governance",
            "prompt_instruction_assembly",
            "planning_engine",
            "impact_analysis_engine",
            "attention_focus_manager",
            "goals_manager",
            "modelops_llmops",
            "model_artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "validation_matrix",
            "artifact_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "modelops_llmops",
            "model_artifact_registry",
            "local_llm_runtime",
            "qwen_coder_model",
            "qwen_data_interpreter",
            "embeddings_engine",
            "observability_core",
            "self_monitoring",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary benchmark authority for DEVON-DEV model, runtime and cognitive viability."
        },
        {
          "id": "ccc",
          "path": "../panel/data/ccc.md",
          "phase": "phase-03",
          "layer": "cognitive_flow",
          "role": "Contextual component reference.",
          "fits": "Describes cognitive component relationships without redefining sovereign flow authority.",
          "depends_on": [
            "cfc",
            "cas"
          ],
          "used_by": [],
          "architecture_view": "Contextual support layer for Phase 03 cognitive flow.",
          "label": "CCC · Cognitive Component Context",
          "type": "text"
        }
      ],
      "phase_id": "phase-03",
      "subcategories": [
        {
          "id": "prerequisites",
          "label": "prerequisites",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "installation",
          "label": "installation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "configuration",
          "label": "configuration",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "validation",
          "label": "validation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "observable_evidence",
          "label": "observable_evidence",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "failure_modes_recovery",
          "label": "failure_modes_recovery",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "completion_promotion",
          "label": "completion_promotion",
          "status": "MISSING",
          "buckets": []
        }
      ]
    },
    {
      "id": "containerization",
      "title": "Containerization Canon",
      "sub": "deployment topology, service isolation and runtime/container boundaries under sovereign Phase 04 authority.",
      "badge": "phase 04",
      "docs": [
        {
          "id": "cdms",
          "path": "../panel/data/cdms.md",
          "phase": "phase-04",
          "layer": "containerization",
          "role": "Primary deployment structure and containerization authority.",
          "fits": "Owns container topology, isolation boundaries and deployment placement for Phase 04.",
          "depends_on": [
            "cas",
            "cfc",
            "server_registry"
          ],
          "used_by": [],
          "architecture_view": "Sovereign Phase 04 containerization authority.",
          "label": "CDMS · Canonical Deployment Model Spec",
          "type": "text"
        },
        {
          "id": "server_workspace_manager",
          "label": "Server Workspace Manager Canonical",
          "type": "json",
          "path": "../panel/data/server_workspace_manager_canonical.json",
          "phase": "phase-04",
          "layer": "containerization",
          "role": "Server workspace authority that defines where DEVON-DEV may place project, sandbox, production, backup, log, temporary, build, release, config and script material on the server.",
          "fits": "Controls project_root, sandbox_root, production_root, backup_root, logs_root, temp_root, build_root, release_root, config_root and scripts_root so containerized execution does not scatter files into arbitrary host locations.",
          "depends_on": [
            "cdms",
            "server_registry",
            "sandbox_environment",
            "deployment_order",
            "tool_registry",
            "config_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "environment_registry",
            "container_image_registry_build_pipeline",
            "container_network_policy",
            "volume_persistence_governance",
            "filesystem_operations",
            "shell_execution",
            "backup_rollback",
            "execution_ledger",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary workspace-root authority for DEVON-DEV server and containerized execution."
        },
        {
          "id": "environment_registry",
          "label": "Environment Registry Canonical",
          "type": "json",
          "path": "../panel/data/environment_registry_canonical.json",
          "phase": "phase-04",
          "layer": "containerization",
          "role": "Environment identity authority that defines every DEVON-DEV operating environment before runtime, deployment, validation, container networking, persistence or server operations can target it.",
          "fits": "Registers project_id, environment_id, environment_type, sandbox_path, production_path, runtime, webserver, database, ports, domain, branch, deploy_policy, status, owner and last_validation so sandbox, production and runtime targets cannot be confused.",
          "depends_on": [
            "cdms",
            "server_workspace_manager",
            "server_registry",
            "sandbox_environment",
            "deployment_order",
            "tool_registry",
            "config_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "container_image_registry_build_pipeline",
            "container_network_policy",
            "volume_persistence_governance",
            "filesystem_operations",
            "shell_execution",
            "production_deployment_gate",
            "backup_rollback",
            "test_validation_runner",
            "execution_ledger",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary environment identity authority for DEVON-DEV containerized execution."
        },
        {
          "id": "container_image_registry_build_pipeline",
          "label": "Container Image Registry & Build Pipeline Canonical",
          "type": "json",
          "path": "../panel/data/container_image_registry_build_pipeline_canonical.json",
          "phase": "phase-04",
          "layer": "containerization",
          "role": "Container image provenance authority that governs how DEVON-DEV builds, tags, stores, promotes and rolls back container images before any environment can run them.",
          "fits": "Controls image name, tag, version, hash/digest, Dockerfile origin, source branch, build_id, target environment, build date, build status, promotion approval and rollback image so sandbox and production cannot run untraceable builds.",
          "depends_on": [
            "cdms",
            "server_workspace_manager",
            "environment_registry",
            "deployment_order",
            "artifact_registry",
            "validation_matrix",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "tool_registry",
            "config_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "container_network_policy",
            "volume_persistence_governance",
            "production_deployment_gate",
            "backup_rollback",
            "test_validation_runner",
            "execution_ledger",
            "runtime_status",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary image build and registry authority for DEVON-DEV containerized delivery."
        },
        {
          "id": "container_network_policy",
          "label": "Container Network Policy Canonical",
          "type": "json",
          "path": "../panel/data/container_network_policy_canonical.json",
          "phase": "phase-04",
          "layer": "containerization",
          "role": "Container communication authority that defines which DEVON-DEV services may talk, which ports are public, which ports stay internal, and which flows are blocked before runtime traffic exists.",
          "fits": "Declares internal networks, public networks, exposed ports, blocked ports, permitted service communication, forbidden service communication, public/internal/restricted service class, backend-only access and FSM/Tool Boundary-only access.",
          "depends_on": [
            "cdms",
            "server_workspace_manager",
            "environment_registry",
            "container_image_registry_build_pipeline",
            "deployment_order",
            "tool_registry",
            "config_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "volume_persistence_governance",
            "production_deployment_gate",
            "runtime_status",
            "host_runtime_support",
            "docker_runtime_support",
            "security_monitoring",
            "rbac_permissions",
            "secrets_management",
            "observability_core",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary container network boundary authority for DEVON-DEV containerized execution."
        },
        {
          "id": "volume_persistence_governance",
          "label": "Volume & Persistence Governance Canonical",
          "type": "json",
          "path": "../panel/data/volume_persistence_governance_canonical.json",
          "phase": "phase-04",
          "layer": "containerization",
          "role": "Persistence authority that defines which DEVON-DEV data must survive container rebuilds, removals, cleanup, migration, rollback and host maintenance.",
          "fits": "Governs Docker volumes, controlled bind mounts, volume labels, backup hooks, retention policy and storage registry for relational data, cache/queue, vector index, local models, embeddings, logs, backups, artifacts, snapshots, evidence, uploads, policies, source registry, execution ledger and audit trail.",
          "depends_on": [
            "cdms",
            "server_workspace_manager",
            "environment_registry",
            "container_image_registry_build_pipeline",
            "container_network_policy",
            "artifact_registry",
            "validation_matrix",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "tool_registry",
            "config_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "filesystem_operations",
            "shell_execution",
            "backup_rollback",
            "production_deployment_gate",
            "test_validation_runner",
            "execution_ledger",
            "evidence_store",
            "vector_index",
            "model_artifact_registry",
            "observability_core",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary persistence and mounted-storage authority for DEVON-DEV containerized execution."
        }
      ],
      "phase_id": "phase-04",
      "subcategories": [
        {
          "id": "prerequisites",
          "label": "prerequisites",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "installation",
          "label": "installation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "configuration",
          "label": "configuration",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "validation",
          "label": "validation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "observable_evidence",
          "label": "observable_evidence",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "failure_modes_recovery",
          "label": "failure_modes_recovery",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "completion_promotion",
          "label": "completion_promotion",
          "status": "MISSING",
          "buckets": []
        }
      ]
    },
    {
      "id": "observability_audit",
      "title": "Observability & Audit Canon",
      "sub": "documentation-facing audit model, evidence traceability and observability control, including distribution/package failure visibility, with runtime audit delegated to the Operator Panel.",
      "badge": "phase 07",
      "docs": [
        {
          "id": "oac",
          "path": "../panel/data/oac.md",
          "phase": "phase-07",
          "layer": "observability_audit",
          "role": "Primary observability and audit authority for the documentation side.",
          "fits": "Owns evidence traceability, audit-linked visibility, distribution/package failure visibility and the canonical audit model expected by runtime operations.",
          "depends_on": [
            "cfc",
            "sec"
          ],
          "used_by": [],
          "architecture_view": "Documentation-side audit canon and observability authority, including distribution failure visibility.",
          "label": "OAC · Observability & Audit Canon",
          "type": "text"
        },
        {
          "id": "execution_ledger",
          "label": "Execution Ledger Canonical",
          "type": "json",
          "path": "../panel/data/execution_ledger_canonical.json",
          "phase": "phase-07",
          "layer": "observability_audit",
          "role": "Action-record authority that turns every DEVON-DEV operation into a reconstructable execution event before observability, audit, recovery or learning can trust the run.",
          "fits": "Registers task_id, action, environment, FSM decision, tool used, command, output, affected files, backup_id, result, evidence and timestamp so no server action, patch, test, deploy, rollback, approval or block remains undocumented.",
          "depends_on": [
            "oac",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "tool_registry",
            "artifact_registry",
            "validation_matrix",
            "server_workspace_manager",
            "environment_registry",
            "filesystem_operations",
            "shell_execution",
            "backup_rollback",
            "production_deployment_gate",
            "runtime_status_support",
            "architecture_source_registry"
          ],
          "used_by": [
            "execution_logs",
            "audit_trail",
            "runtime_row_semantics",
            "observability_core",
            "self_monitoring",
            "patch_outcome_tracker",
            "governed_feedback_loop",
            "incident_management",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary execution action ledger authority for Phase 07 observability and audit."
        },
        {
          "id": "execution_logs",
          "label": "Execution Logs Canonical",
          "type": "json",
          "path": "../panel/data/execution_logs_canonical.json",
          "phase": "phase-07",
          "layer": "observability_audit",
          "role": "Readable-log authority that turns DEVON-DEV execution events into inspectable operational narratives without replacing the Execution Ledger as the source of truth.",
          "fits": "Captures structured logs, human-readable messages, severity, stream, correlation_id, task_id, tool, command, environment, runtime component, elapsed time, error text, retry context and retention class for later debugging and panel display.",
          "depends_on": [
            "oac",
            "execution_ledger",
            "runtime_status_support",
            "runtime_row_semantics",
            "tool_registry",
            "server_workspace_manager",
            "environment_registry",
            "filesystem_operations",
            "shell_execution",
            "test_validation_runner",
            "backup_rollback",
            "production_deployment_gate",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "audit_trail",
            "runtime_row_semantics",
            "observability_core",
            "self_monitoring",
            "incident_management",
            "notification_service",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary readable execution log authority for Phase 07 observability and operational diagnosis."
        },
        {
          "id": "audit_trail",
          "label": "Audit Trail Canonical",
          "type": "json",
          "path": "../panel/data/audit_trail_canonical.json",
          "phase": "phase-07",
          "layer": "observability_audit",
          "role": "Accountability authority that converts selected DEVON-DEV ledger events, approvals, gates, operator actions and evidence references into audit-grade responsibility records.",
          "fits": "Records who requested, what was done, when it happened, where it ran, which gate authorized it, which evidence supported it, which approval applied, which result occurred and which ledger/log records prove the event.",
          "depends_on": [
            "oac",
            "execution_ledger",
            "execution_logs",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "human_approval_service",
            "artifact_registry",
            "evidence_store",
            "environment_registry",
            "production_deployment_gate",
            "backup_rollback",
            "security_risk_engine",
            "rbac_permissions",
            "architecture_source_registry"
          ],
          "used_by": [
            "observability_core",
            "incident_management",
            "release_governance",
            "compliance_legal_guardrails",
            "self_monitoring",
            "governed_feedback_loop",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary accountability and audit-grade trace authority for Phase 07 observability and audit."
        },
        {
          "id": "panel_runtime_bridge",
          "path": "../panel/data/panel_runtime_bridge.json",
          "phase": "phase-04",
          "layer": "observability_audit",
          "role": "Runtime bridge authority.",
          "fits": "Connects canonical runtime expectations to observable runtime support artifacts.",
          "depends_on": [
            "panel_data_contract",
            "panel_sync_contract"
          ],
          "used_by": [],
          "architecture_view": "Runtime bridge support layer.",
          "label": "Panel Runtime Bridge",
          "type": "json"
        },
        {
          "id": "host_runtime_support",
          "path": "../panel/data/host_runtime.json",
          "phase": "phase-04",
          "layer": "observability_audit",
          "role": "Runtime support artifact.",
          "fits": "Observable host runtime support record.",
          "depends_on": [
            "panel_runtime_bridge"
          ],
          "used_by": [],
          "architecture_view": "Host runtime support evidence.",
          "label": "Host Runtime Support",
          "type": "json"
        },
        {
          "id": "docker_runtime_support",
          "path": "../panel/data/docker_runtime.json",
          "phase": "phase-04",
          "layer": "observability_audit",
          "role": "Runtime support artifact.",
          "fits": "Observable docker runtime support record.",
          "depends_on": [
            "panel_runtime_bridge"
          ],
          "used_by": [],
          "architecture_view": "Docker runtime support evidence.",
          "label": "Docker Runtime Support",
          "type": "json"
        },
        {
          "id": "runtime_status_support",
          "path": "../panel/data/runtime_status.json",
          "phase": "phase-04",
          "layer": "observability_audit",
          "role": "Runtime support artifact.",
          "fits": "Observable pipeline/runtime status support record.",
          "depends_on": [
            "panel_runtime_bridge"
          ],
          "used_by": [],
          "architecture_view": "Runtime status support evidence.",
          "label": "Runtime Status Support",
          "type": "json"
        },
        {
          "id": "runtime_row_semantics",
          "path": "../panel/data/runtime_row_semantics_canonical.json",
          "phase": "phase-07",
          "layer": "observability_audit",
          "role": "Canonical semantic typing contract for every runtime row published by Devon.",
          "fits": "Defines row_kind, semantic_scope and completion eligibility rules for runtime rows.",
          "depends_on": [
            "oac",
            "panel_runtime_bridge"
          ],
          "used_by": [],
          "architecture_view": "Runtime row semantic contract authority.",
          "label": "Runtime Row Semantics Canonical",
          "type": "json"
        }
      ],
      "phase_id": "phase-07",
      "subcategories": [
        {
          "id": "prerequisites",
          "label": "prerequisites",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "installation",
          "label": "installation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "configuration",
          "label": "configuration",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "validation",
          "label": "validation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "observable_evidence",
          "label": "observable_evidence",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "failure_modes_recovery",
          "label": "failure_modes_recovery",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "completion_promotion",
          "label": "completion_promotion",
          "status": "MISSING",
          "buckets": []
        }
      ]
    },
    {
      "id": "latency_performance",
      "title": "Latency & Performance Canon",
      "sub": "latency model, hot path, cold path and bounded performance design.",
      "badge": "phase 05",
      "docs": [
        {
          "id": "lpc",
          "path": "../panel/data/lpc.md",
          "phase": "phase-05",
          "layer": "latency_performance",
          "role": "Primary latency budget authority.",
          "fits": "Owns latency model, fallback rules and performance law.",
          "depends_on": [
            "cfc"
          ],
          "used_by": [],
          "architecture_view": "Performance governance authority.",
          "label": "LPC · Latency & Performance Canon",
          "type": "text"
        },
        {
          "id": "resource_governance",
          "label": "Resource Governance Canonical",
          "type": "json",
          "path": "../panel/data/resource_governance_canonical.json",
          "phase": "phase-05",
          "layer": "latency_performance",
          "role": "Resource-control authority that prevents DEVON-DEV from exhausting CPU, RAM, disk, jobs, model runtime, embeddings, cache, crawler throughput, build slots, backup windows and server concurrency.",
          "fits": "Defines resource budgets, pressure guards, concurrency locks, job timeouts, heavy-model restrictions, indexing/deploy exclusion, build/backup exclusion, crawler throttling and no-GPU saturation boundaries before the system can schedule expensive work.",
          "depends_on": [
            "lpc",
            "server_registry",
            "server_workspace_manager",
            "environment_registry",
            "container_image_registry_build_pipeline",
            "volume_persistence_governance",
            "local_llm_runtime",
            "embeddings_engine",
            "vector_index",
            "external_knowledge_access",
            "planning_engine",
            "impact_analysis_engine",
            "modelops_llmops",
            "benchmark_evaluation_harness",
            "execution_ledger",
            "runtime_status_support",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "tool_registry",
            "config_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "scheduler",
            "job_queue",
            "worker_pool",
            "external_knowledge_access",
            "retrieval_engine",
            "embeddings_engine",
            "vector_index",
            "modelops_llmops",
            "container_image_registry_build_pipeline",
            "backup_rollback",
            "test_validation_runner",
            "runtime_status_support",
            "observability_core",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary resource budget and concurrency authority for DEVON-DEV latency and server safety."
        }
      ],
      "phase_id": "phase-05",
      "subcategories": [
        {
          "id": "prerequisites",
          "label": "prerequisites",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "installation",
          "label": "installation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "configuration",
          "label": "configuration",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "validation",
          "label": "validation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "observable_evidence",
          "label": "observable_evidence",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "failure_modes_recovery",
          "label": "failure_modes_recovery",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "completion_promotion",
          "label": "completion_promotion",
          "status": "MISSING",
          "buckets": []
        }
      ]
    },
    {
      "id": "noise_reduction",
      "title": "Noise Reduction Canon",
      "sub": "signal preservation, redundancy elimination and hop reduction.",
      "badge": "phase 06",
      "docs": [
        {
          "id": "nrc",
          "path": "../panel/data/nrc.md",
          "phase": "phase-06",
          "layer": "noise_reduction",
          "role": "Primary noise reduction authority.",
          "fits": "Owns anti-redundancy and anti-waste architectural guidance.",
          "depends_on": [
            "lpc",
            "cfc"
          ],
          "used_by": [],
          "architecture_view": "Path simplification authority.",
          "label": "NRC · Noise Reduction Canon",
          "type": "text"
        }
      ],
      "phase_id": "phase-06",
      "subcategories": [
        {
          "id": "prerequisites",
          "label": "prerequisites",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "installation",
          "label": "installation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "configuration",
          "label": "configuration",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "validation",
          "label": "validation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "observable_evidence",
          "label": "observable_evidence",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "failure_modes_recovery",
          "label": "failure_modes_recovery",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "completion_promotion",
          "label": "completion_promotion",
          "status": "MISSING",
          "buckets": []
        }
      ]
    },
    {
      "id": "security_governance",
      "title": "Security Canon",
      "sub": "security governance authority plus structured implementation artifacts, including environment-specific memory/data exposure policy and operator/runtime/debug separation.",
      "badge": "phase 08",
      "docs": [
        {
          "id": "sec",
          "path": "../panel/data/sec.md",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Primary security governance authority.",
          "fits": "Owns trust model, access control, memory protection, environment-specific memory/data exposure policy, operator/runtime/debug separation and security monitoring expectations.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [
            "host_security",
            "app_security",
            "module_security",
            "runtime_security",
            "delivery_security",
            "approval_policy",
            "memory_isolation",
            "security_monitoring"
          ],
          "architecture_view": "Sovereign security meaning with environment exposure boundaries.",
          "label": "SEC · Security Canon",
          "type": "text"
        },
        {
          "id": "rbac_permissions",
          "label": "RBAC / Permissions Canonical",
          "type": "json",
          "path": "../panel/data/rbac_permissions_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Permission-boundary authority that defines which operator, system role, service or tool may read, write, execute, install, configure, deploy, roll back, delete, access production, access secrets or perform external search.",
          "fits": "Controls operation-level authorization before DEVON-DEV can run filesystem, shell, deploy, rollback, secret, production, external search, policy or administrative actions.",
          "depends_on": [
            "sec",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "tool_registry",
            "policy_compiler",
            "config_registry",
            "human_approval_service",
            "audit_trail",
            "execution_ledger",
            "environment_registry",
            "secrets_management",
            "architecture_source_registry"
          ],
          "used_by": [
            "secrets_management",
            "multi_project_isolation",
            "data_governance",
            "compliance_legal_guardrails",
            "dependency_vulnerability_scanner",
            "license_third_party_governance",
            "filesystem_operations",
            "shell_execution",
            "production_deployment_gate",
            "backup_rollback",
            "external_knowledge_access",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary operation-permission authority for Phase 08 security governance."
        },
        {
          "id": "secrets_management",
          "label": "Secrets Management Canonical",
          "type": "json",
          "path": "../panel/data/secrets_management_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Secret-boundary authority that prevents DEVON-DEV from exposing .env values, tokens, passwords, keys, credentials, production secrets or raw secret material to logs, UI, LLM prompts, external tools or unauthorized operators.",
          "fits": "Controls secret discovery, masking, alias/fingerprint registration, sandbox/production credential separation, secret_access enforcement, prompt redaction, log redaction, rotation metadata and leak-response behavior.",
          "depends_on": [
            "sec",
            "rbac_permissions",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "tool_registry",
            "policy_compiler",
            "config_registry",
            "environment_registry",
            "multi_project_isolation",
            "data_governance",
            "compliance_legal_guardrails",
            "execution_ledger",
            "execution_logs",
            "audit_trail",
            "architecture_source_registry"
          ],
          "used_by": [
            "app_security",
            "runtime_security",
            "delivery_security",
            "security_monitoring",
            "multi_project_isolation",
            "data_governance",
            "compliance_legal_guardrails",
            "filesystem_operations",
            "shell_execution",
            "production_deployment_gate",
            "external_knowledge_access",
            "prompt_governance",
            "prompt_instruction_assembly",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary credential and secret-isolation authority for Phase 08 security governance."
        },
        {
          "id": "multi_project_isolation",
          "label": "Multi-Project Isolation Canonical",
          "type": "json",
          "path": "../panel/data/multi_project_isolation_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Project-boundary authority that prevents DEVON-DEV from mixing workspace, memory, policies, logs, sandbox, production, permissions, secrets, evidence and artifacts between YEFF projects.",
          "fits": "Enforces project_id scoped isolation so one project cannot read another project workspace, operational memory, policy set, logs, sandbox state, production target, permissions, secrets, evidence store, artifact chain or audit trail without explicit authorization.",
          "depends_on": [
            "sec",
            "rbac_permissions",
            "secrets_management",
            "memory_isolation",
            "data_governance",
            "environment_registry",
            "server_workspace_manager",
            "volume_persistence_governance",
            "execution_ledger",
            "execution_logs",
            "audit_trail",
            "evidence_store",
            "artifact_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "data_governance",
            "compliance_legal_guardrails",
            "host_security",
            "app_security",
            "runtime_security",
            "security_monitoring",
            "memory_arch",
            "memory_lifecycle",
            "knowledge_ingestion",
            "external_knowledge_access",
            "filesystem_operations",
            "shell_execution",
            "production_deployment_gate",
            "backup_rollback",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary project-boundary and cross-project contamination prevention authority for Phase 08 security governance."
        },
        {
          "id": "data_governance",
          "label": "Data Governance Canonical",
          "type": "json",
          "path": "../panel/data/data_governance_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Data-control authority that governs the origin, permission, quality, lineage, retention, masking and allowed use of technical data read, produced, logged, indexed or reused by DEVON-DEV.",
          "fits": "Controls Data Catalog, Data Lineage, Data Quality Rules, Sensitive Data Detector, Data Access Policy, Data Retention Policy, Data Masking and Project Data Isolation so logs, outputs, files, evidence, uploads and derived records cannot be treated as ordinary text.",
          "depends_on": [
            "sec",
            "rbac_permissions",
            "secrets_management",
            "multi_project_isolation",
            "memory_isolation",
            "compliance_legal_guardrails",
            "evidence_store",
            "source_trust_registry",
            "execution_ledger",
            "execution_logs",
            "audit_trail",
            "volume_persistence_governance",
            "environment_registry",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "compliance_legal_guardrails",
            "dependency_vulnerability_scanner",
            "license_third_party_governance",
            "memory_arch",
            "knowledge_ingestion",
            "knowledge_versioning",
            "memory_lifecycle",
            "learning_gov",
            "external_knowledge_access",
            "prompt_governance",
            "prompt_instruction_assembly",
            "security_monitoring",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary data origin, permission, retention, masking and lineage authority for Phase 08 security governance."
        },
        {
          "id": "compliance_legal_guardrails",
          "label": "Compliance / Legal Guardrails Canonical",
          "type": "json",
          "path": "../panel/data/compliance_legal_guardrails_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Compliance boundary authority that prevents DEVON-DEV from treating sensitive files, logs, secrets, credentials, client data, retained records, masked content and access decisions as purely technical material.",
          "fits": "Defines minimum legal and compliance guardrails for sensitive data handling, retention, masking, access, prompt reuse, logging, external transmission and project/client data exposure before execution, indexing, storage or UI display can proceed.",
          "depends_on": [
            "sec",
            "rbac_permissions",
            "secrets_management",
            "multi_project_isolation",
            "data_governance",
            "license_third_party_governance",
            "execution_ledger",
            "execution_logs",
            "audit_trail",
            "evidence_store",
            "source_trust_registry",
            "prompt_governance",
            "prompt_instruction_assembly",
            "external_knowledge_access",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "dependency_vulnerability_scanner",
            "license_third_party_governance",
            "security_monitoring",
            "host_security",
            "app_security",
            "runtime_security",
            "delivery_security",
            "memory_arch",
            "knowledge_ingestion",
            "knowledge_versioning",
            "learning_gov",
            "external_knowledge_access",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary compliance, legal-risk and sensitive-data guardrail authority for Phase 08 security governance."
        },
        {
          "id": "dependency_vulnerability_scanner",
          "label": "Dependency & Vulnerability Scanner Canonical",
          "type": "json",
          "path": "../panel/data/dependency_vulnerability_scanner_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Vulnerability-gate authority that prevents DEVON-DEV from installing, building, promoting or operating packages, libraries, images or base systems with unknown or unacceptable vulnerability exposure.",
          "fits": "Scans npm packages, pip packages, composer dependencies, Docker images, container base OS packages, known CVEs, obsolete versions, problematic licenses and packages without trusted origin before install, build, deploy or promotion can proceed.",
          "depends_on": [
            "sec",
            "rbac_permissions",
            "secrets_management",
            "multi_project_isolation",
            "data_governance",
            "compliance_legal_guardrails",
            "license_third_party_governance",
            "container_image_registry_build_pipeline",
            "model_artifact_registry",
            "artifact_registry",
            "execution_ledger",
            "execution_logs",
            "audit_trail",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "license_third_party_governance",
            "host_security",
            "app_security",
            "module_security",
            "runtime_security",
            "delivery_security",
            "security_monitoring",
            "production_deployment_gate",
            "container_image_registry_build_pipeline",
            "test_validation_runner",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary dependency, package, image and vulnerability gate authority for Phase 08 security governance."
        },
        {
          "id": "license_third_party_governance",
          "label": "License & Third-Party Governance Canonical",
          "type": "json",
          "path": "../panel/data/license_third_party_governance_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Third-party legal-use authority that prevents DEVON-DEV from incorporating models, libraries, packages, images, snippets, templates, UI dependencies or server dependencies without license, allowed-use and restriction evidence.",
          "fits": "Registers dependency_id, package_name, source, version, license, allowed_use, restricted_use, commercial_use_allowed, attribution_required, security_status, approved_by_fsm and evidence_path before third-party material can be promoted or reused.",
          "depends_on": [
            "sec",
            "rbac_permissions",
            "secrets_management",
            "multi_project_isolation",
            "data_governance",
            "compliance_legal_guardrails",
            "dependency_vulnerability_scanner",
            "model_artifact_registry",
            "container_image_registry_build_pipeline",
            "artifact_registry",
            "source_trust_registry",
            "evidence_store",
            "execution_ledger",
            "audit_trail",
            "fsm_absolute_decision",
            "decision_rule_registry",
            "architecture_source_registry"
          ],
          "used_by": [
            "dependency_vulnerability_scanner",
            "modelops_llmops",
            "model_artifact_registry",
            "container_image_registry_build_pipeline",
            "host_security",
            "app_security",
            "module_security",
            "runtime_security",
            "delivery_security",
            "compliance_legal_guardrails",
            "production_deployment_gate",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary license, attribution and third-party usage authority for Phase 08 security governance."
        },
        {
          "id": "host_security",
          "path": "../panel/data/host_security_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Structured host security implementation.",
          "fits": "Machine-readable host security canon.",
          "depends_on": [
            "sec"
          ],
          "used_by": [],
          "architecture_view": "Host security implementation layer.",
          "label": "Host Security Canonical",
          "type": "json"
        },
        {
          "id": "app_security",
          "path": "../panel/data/app_security_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Structured app security implementation.",
          "fits": "Machine-readable application security canon.",
          "depends_on": [
            "sec"
          ],
          "used_by": [],
          "architecture_view": "Application security implementation layer.",
          "label": "App Security Canonical",
          "type": "json"
        },
        {
          "id": "module_security",
          "path": "../panel/data/module_security_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Structured module security implementation.",
          "fits": "Machine-readable module security canon.",
          "depends_on": [
            "sec"
          ],
          "used_by": [],
          "architecture_view": "Module security implementation layer.",
          "label": "Module Security Canonical",
          "type": "json"
        },
        {
          "id": "runtime_security",
          "path": "../panel/data/runtime_security_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Structured runtime security implementation.",
          "fits": "Machine-readable runtime security canon.",
          "depends_on": [
            "sec"
          ],
          "used_by": [],
          "architecture_view": "Runtime security implementation layer.",
          "label": "Runtime Security Canonical",
          "type": "json"
        },
        {
          "id": "delivery_security",
          "path": "../panel/data/delivery_security_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Structured delivery security implementation.",
          "fits": "Machine-readable delivery security canon.",
          "depends_on": [
            "sec"
          ],
          "used_by": [],
          "architecture_view": "Delivery security implementation layer.",
          "label": "Delivery Security Canonical",
          "type": "json"
        },
        {
          "id": "approval_policy",
          "path": "../panel/data/approval_canonization_policy.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Structured approval and canonization policy.",
          "fits": "Machine-readable approval guardrails.",
          "depends_on": [
            "sec"
          ],
          "used_by": [],
          "architecture_view": "Approval policy implementation layer.",
          "label": "Approval Canonization Policy",
          "type": "json"
        },
        {
          "id": "memory_isolation",
          "path": "../panel/data/memory_isolation_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Structured memory isolation canon.",
          "fits": "Machine-readable memory partition and isolation rules.",
          "depends_on": [
            "sec"
          ],
          "used_by": [],
          "architecture_view": "Memory isolation implementation layer.",
          "label": "Memory Isolation Canonical",
          "type": "json"
        },
        {
          "id": "security_monitoring",
          "path": "../panel/data/security_monitoring_canonical.json",
          "phase": "phase-08",
          "layer": "security_governance",
          "role": "Structured security monitoring canon.",
          "fits": "Machine-readable security monitoring rules.",
          "depends_on": [
            "sec"
          ],
          "used_by": [],
          "architecture_view": "Security monitoring implementation layer.",
          "label": "Security Monitoring Canonical",
          "type": "json"
        }
      ],
      "phase_id": "phase-08",
      "subcategories": [
        {
          "id": "prerequisites",
          "label": "prerequisites",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "installation",
          "label": "installation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "configuration",
          "label": "configuration",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "validation",
          "label": "validation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "observable_evidence",
          "label": "observable_evidence",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "failure_modes_recovery",
          "label": "failure_modes_recovery",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "completion_promotion",
          "label": "completion_promotion",
          "status": "MISSING",
          "buckets": []
        }
      ]
    },
    {
      "id": "memory_learning_reasoning",
      "title": "Memory, Learning & Reasoning Governance",
      "sub": "trust-bound memory, learning and reasoning expansion activated from Phase 08 and maintained as post-core canonical expansion.",
      "badge": "phase 08 / post-core",
      "docs": [
        {
          "id": "memory_arch",
          "path": "../panel/data/memory_canonical_architecture.json",
          "phase": "phase-08",
          "layer": "memory_learning_reasoning",
          "role": "Structured memory architecture canon.",
          "fits": "Machine-readable memory architecture baseline.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Memory architecture support layer.",
          "label": "Memory Canonical Architecture",
          "type": "json"
        },
        {
          "id": "knowledge_ingestion",
          "path": "../panel/data/knowledge_ingestion_canonical.json",
          "phase": "phase-08",
          "layer": "memory_learning_reasoning",
          "role": "Structured knowledge ingestion canon.",
          "fits": "Machine-readable ingestion and indexing boundaries.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Knowledge ingestion support layer.",
          "label": "Knowledge Ingestion Canonical",
          "type": "json"
        },
        {
          "id": "knowledge_versioning",
          "label": "Knowledge Versioning Canonical",
          "type": "json",
          "path": "../panel/data/knowledge_versioning_canonical.json",
          "phase": "phase-08",
          "layer": "memory_learning_reasoning",
          "role": "Knowledge-version authority that prevents DEVON-DEV from using policies, sources, promoted memories, decisions, instructions or knowledge bases without knowing which version is active, superseded, expired, conflicted or approved.",
          "fits": "Versions policies, sources, promoted memories, decisions, instructions, knowledge bases, document hashes, source snapshots and promotion records so the platform cannot treat old knowledge as current truth.",
          "depends_on": [
            "memory_arch",
            "knowledge_ingestion",
            "memory_lifecycle",
            "learning_gov",
            "evidence_store",
            "source_trust_registry",
            "knowledge_conflict_resolver",
            "architecture_source_registry",
            "policy_compiler",
            "decision_rule_registry",
            "fsm_absolute_decision",
            "execution_ledger",
            "audit_trail",
            "data_governance",
            "compliance_legal_guardrails"
          ],
          "used_by": [
            "memory_lifecycle",
            "learning_gov",
            "rl_engine",
            "governed_feedback_loop",
            "patch_outcome_tracker",
            "code_quality_learning",
            "planning_reasoning",
            "tool_execution",
            "prompt_governance",
            "prompt_instruction_assembly",
            "future_execution_monitoring_panel"
          ],
          "architecture_view": "Primary version-control authority for Phase 08 memory, knowledge, policy and learning continuity."
        },
        {
          "id": "partitioned_memory",
          "label": "Partitioned Memory Canonical",
          "path": "../panel/data/partitioned_memory_canonical.json",
          "type": "json",
          "phase": "phase-08",
          "layer": "memory_learning_reasoning",
          "role": "Govern memory separation by observable namespace before any remembered material can influence DEVON-DEV execution.",
          "fits": "Define memory partition boundaries by project, workspace, agent, user, session and memory class so retrieval, write, update and delete operations cannot cross scope without explicit policy approval.",
          "depends_on": [
            "security_governance",
            "memory_lifecycle",
            "knowledge_versioning"
          ],
          "used_by": [
            "memory_lifecycle",
            "knowledge_versioning",
            "learning_gov",
            "retrieval_engine"
          ],
          "architecture_view": "Memory Lifecycle controls duration and disposal. Knowledge Versioning controls revision history. Learning Governance decides whether a memory-derived signal may teach the system. Partitioned Memory sits upstream of those categories because none of them are safe if the original memory scope is ambiguous.",
          "contract_view": "The damage pattern is cross-scope contamination: a client memory can influence another workspace, a session residue can look institutional, or a global note can be retrieved as if it were approved canon. This category keeps memory useful without letting it become uncontrolled authority."
        },
        {
          "id": "memory_lifecycle",
          "path": "../panel/data/memory_lifecycle_canonical.json",
          "phase": "phase-08",
          "layer": "memory_learning_reasoning",
          "role": "Structured memory lifecycle canon.",
          "fits": "Machine-readable consolidation and lifecycle rules.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Memory lifecycle support layer.",
          "label": "Memory Lifecycle Canonical",
          "type": "json"
        },
        {
          "id": "learning_gov",
          "path": "../panel/data/learning_governance_canonical.json",
          "phase": "phase-08",
          "layer": "memory_learning_reasoning",
          "role": "Structured learning governance canon.",
          "fits": "Machine-readable learning guardrails.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Learning governance support layer.",
          "label": "Learning Governance Canonical",
          "type": "json"
        },
        {
          "id": "rl_engine",
          "label": "RL Engine Canonical",
          "type": "json",
          "path": "../panel/data/rl_engine_canonical.json",
          "phase": "phase-08",
          "layer": "memory_learning_reasoning",
          "depends_on": [
            "learning_gov",
            "governed_feedback_loop",
            "patch_outcome_tracker",
            "code_quality_learning"
          ],
          "used_by": [
            "future_execution_monitoring_panel",
            "planning_reasoning",
            "tool_execution"
          ]
        },
        {
          "id": "governed_feedback_loop",
          "label": "Governed Feedback Loop Canonical",
          "type": "json",
          "path": "../panel/data/governed_feedback_loop_canonical.json",
          "phase": "phase-08",
          "layer": "memory_learning_reasoning",
          "depends_on": [
            "learning_gov",
            "patch_outcome_tracker",
            "memory_lifecycle"
          ],
          "used_by": [
            "rl_engine",
            "code_quality_learning",
            "future_execution_monitoring_panel"
          ]
        },
        {
          "id": "patch_outcome_tracker",
          "label": "Patch Outcome Tracker Canonical",
          "type": "json",
          "path": "../panel/data/patch_outcome_tracker_canonical.json",
          "phase": "phase-08",
          "layer": "memory_learning_reasoning",
          "depends_on": [
            "execution_ledger",
            "observable_evidence",
            "validation_outcome_tracker"
          ],
          "used_by": [
            "governed_feedback_loop",
            "rl_engine",
            "code_quality_learning"
          ]
        },
        {
          "id": "code_quality_learning",
          "label": "Code Quality Learning Canonical",
          "type": "json",
          "path": "../panel/data/code_quality_learning_canonical.json",
          "phase": "phase-08",
          "layer": "memory_learning_reasoning",
          "depends_on": [
            "patch_outcome_tracker",
            "validation_outcome_tracker",
            "governed_feedback_loop"
          ],
          "used_by": [
            "learning_gov",
            "planning_reasoning",
            "tool_execution"
          ]
        },
        {
          "id": "planning_reasoning",
          "path": "../panel/data/planning_reasoning_canonical.json",
          "phase": "phase-08",
          "layer": "memory_learning_reasoning",
          "role": "Structured planning and reasoning canon.",
          "fits": "Machine-readable planning and reasoning boundaries.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Planning governance support layer.",
          "label": "Planning Reasoning Canonical",
          "type": "json"
        },
        {
          "id": "tool_execution",
          "path": "../panel/data/tool_execution_canonical.json",
          "phase": "phase-08",
          "layer": "memory_learning_reasoning",
          "role": "Structured tool execution canon.",
          "fits": "Machine-readable permission and execution boundaries.",
          "depends_on": [
            "master_architecture_index"
          ],
          "used_by": [],
          "architecture_view": "Tool execution governance support layer.",
          "label": "Tool Execution Canonical",
          "type": "json"
        }
      ],
      "phase_id": "phase-08",
      "subcategories": [
        {
          "id": "prerequisites",
          "label": "prerequisites",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "installation",
          "label": "installation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "configuration",
          "label": "configuration",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "validation",
          "label": "validation",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "observable_evidence",
          "label": "observable_evidence",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "failure_modes_recovery",
          "label": "failure_modes_recovery",
          "status": "MISSING",
          "buckets": []
        },
        {
          "id": "completion_promotion",
          "label": "completion_promotion",
          "status": "MISSING",
          "buckets": []
        }
      ]
    },
    {
      "id": "client_provisioning_server_plans",
      "title": "Client Provisioning & Server Plans Canonical",
      "sub": "client plan, billing, provider, purchase and provisioning registry",
      "badge": "phase 11",
      "docs": [
        {
          "id": "standard_client_server_plan",
          "label": "Standard Client Server Plan Canonical",
          "phase": "phase-11",
          "layer": "client_provisioning_server_plans",
          "type": "json",
          "path": "../panel/data/standard_client_server_plan.json",
          "depends_on": [],
          "used_by": []
        },
        {
          "id": "client_plan_contract",
          "label": "Client Plan Contract Canonical",
          "phase": "phase-11",
          "layer": "client_provisioning_server_plans",
          "type": "json",
          "path": "../panel/data/client_plan_contract.json",
          "depends_on": [],
          "used_by": []
        },
        {
          "id": "billing_authorization",
          "label": "Billing Authorization Canonical",
          "phase": "phase-11",
          "layer": "client_provisioning_server_plans",
          "type": "json",
          "path": "../panel/data/billing_authorization.json",
          "depends_on": [],
          "used_by": []
        },
        {
          "id": "provider_api_provisioning",
          "label": "Provider API Provisioning Canonical",
          "phase": "phase-11",
          "layer": "client_provisioning_server_plans",
          "type": "json",
          "path": "../panel/data/provider_api_provisioning.json",
          "depends_on": [],
          "used_by": []
        },
        {
          "id": "server_purchase_policy",
          "label": "Server Purchase Policy Canonical",
          "phase": "phase-11",
          "layer": "client_provisioning_server_plans",
          "type": "json",
          "path": "../panel/data/server_purchase_policy.json",
          "depends_on": [],
          "used_by": []
        },
        {
          "id": "commercial_limit_guardrails",
          "label": "Commercial Limit Guardrails Canonical",
          "phase": "phase-11",
          "layer": "client_provisioning_server_plans",
          "type": "json",
          "path": "../panel/data/commercial_limit_guardrails.json",
          "depends_on": [],
          "used_by": []
        },
        {
          "id": "provisioning_request_registry",
          "label": "Provisioning Request Registry Canonical",
          "phase": "phase-11",
          "layer": "client_provisioning_server_plans",
          "type": "json",
          "path": "../panel/data/provisioning_request_registry.json",
          "depends_on": [],
          "used_by": []
        }
      ],
      "phase_id": "phase-11",
      "subcategories": [
        "standard client plan",
        "client contract",
        "billing authorization",
        "provider provisioning",
        "purchase policy",
        "commercial guardrails",
        "provisioning registry"
      ]
    },
    {
      "id": "bootstrap_security_runtime_installation",
      "title": "Bootstrap Security & Runtime Installation Canonical",
      "sub": "bootstrap security, installer authority and runtime installation gate",
      "badge": "phase 12",
      "docs": [
        {
          "id": "bootstrap_agent_installer",
          "label": "Bootstrap Agent / Installer Canonical",
          "phase": "phase-12",
          "layer": "bootstrap_security_runtime_installation",
          "type": "json",
          "path": "../panel/data/bootstrap_agent_installer.json",
          "depends_on": [],
          "used_by": []
        }
      ],
      "phase_id": "phase-12",
      "subcategories": [
        "bootstrap agent",
        "server hardening",
        "secure access",
        "network exposure",
        "encrypted storage",
        "runtime installation",
        "installation validation"
      ]
    },
    {
      "id": "backup_server_recovery_infrastructure",
      "title": "Backup Server & Recovery Infrastructure Canonical",
      "sub": "backup topology, encrypted recovery, restore tests and recovery infrastructure",
      "badge": "phase 13",
      "docs": [
        {
          "id": "encrypted_backup_policy",
          "label": "Encrypted Backup Policy Canonical",
          "phase": "phase-13",
          "layer": "backup_server_recovery_infrastructure",
          "type": "json",
          "path": "../panel/data/encrypted_backup_policy.json",
          "depends_on": [],
          "used_by": []
        }
      ],
      "phase_id": "phase-13",
      "subcategories": [
        "backup topology",
        "backup nodes",
        "encrypted backup",
        "key management",
        "backup manifest",
        "restore test",
        "recovery runbook"
      ]
    },
    {
      "id": "fleet_monitoring_mirror_failover",
      "title": "Fleet Monitoring, Mirror & Failover Canonical",
      "sub": "central fleet monitoring, client server monitoring, mirror readiness and standby promotion",
      "badge": "phase 14",
      "docs": [
        {
          "id": "central_fleet_monitoring",
          "label": "Central Fleet Monitoring Canonical",
          "phase": "phase-14",
          "layer": "fleet_monitoring_mirror_failover",
          "type": "json",
          "path": "../panel/data/central_fleet_monitoring.json",
          "depends_on": [],
          "used_by": []
        },
        {
          "id": "standby_promotion_gate",
          "label": "Standby Promotion Gate Canonical",
          "phase": "phase-14",
          "layer": "fleet_monitoring_mirror_failover",
          "type": "json",
          "path": "../panel/data/standby_promotion_gate.json",
          "depends_on": [],
          "used_by": []
        }
      ],
      "phase_id": "phase-14",
      "subcategories": [
        "fleet monitoring",
        "client monitoring",
        "mirror readiness",
        "failover",
        "standby promotion",
        "incident visibility"
      ]
    }
  ],
  "canon_meta": {
    "canonical_hierarchy": [
      "phase",
      "category",
      "subcategory",
      "bucket",
      "item"
    ]
  }
}
