Add analytics license seat roster guard

[taherdhanera]

/claim #20

Summary

• Adds a distinct analytics-license-seat-roster-guard/ Revenue Infrastructure slice for issue Revenue Infrastructure #20.
• Reconciles named analytics dashboard, viewer, and API seats against contracted entitlements before renewal or true-up billing.
• Detects unapproved dashboard overage, external-domain access, expired temporary access, inactive paid seats, API usage from non-API seats, duplicate named seats, and finance-ready remediation actions.
• Emits deterministic JSON, Markdown, SVG, and WebM review artifacts from synthetic data.

Non-overlap

This is not another generic billing ledger, usage metering, payment webhook/failover, procurement, collections, storage overage, trial/promotion, account-transfer, prepaid credit, or analytics API usage module. It focuses specifically on named-seat roster leakage before analytics-license renewal or true-up.

Validation

• npm run check -> passed
• npm test -> analytics-license-seat-roster-guard tests passed
• npm run demo -> generated reports/summary.json, reports/reviewer-packet.md, and reports/summary.svg
• npm run demo:video -> generated reports/demo.webm
• WebM artifact check -> reports/demo.webm exists, 11202 bytes, EBML signature 1a45dfa3
• git diff --check -> passed
• git diff --cached --check -> passed

Synthetic data only. No credentials, private customer data, payment processor calls, bank/ACH/wallet actions, Stripe, PayPal, ERP, SSO, SCIM, analytics provider APIs, or live billing systems are used by the module.

AI-assisted with OpenAI Codex; I reviewed and locally verified the diff before submitting.

Current status - 2026-05-30 00:15 IST

Verified after newer same-issue #20 activity: this PR remains open, non-draft, CLEAN/mergeable, and distinct from KoiosSG PR #424.

This PR covers analytics license named-seat roster leakage before renewal or true-up billing: dashboard/API entitlement checks, external-domain access, expired temporary access, inactive paid seats, duplicate named seats, and finance remediation artifacts. PR #424 covers billing receipt privacy/redaction before invoice or receipt delivery, so the scopes do not overlap.

Validation remains complete:
pm run check, targeted tests, deterministic demo artifacts, WebM artifact verification, and diff hygiene checks.

[taherdhanera]

Status refresh for review visibility: PR #362 remains open, non-draft, mergeable/CLEAN, and bounty-claim labeled for #20. Scope remains the analytics license seat roster guard for Revenue Infrastructure, with synthetic-data-only reviewer artifacts and validation already documented in the PR body. No contributor-side changes are pending from me; I am ready to address maintainer review feedback quickly.

[taherdhanera]

Visibility update after the new renewal-notice PR: this #20 claim remains open, non-draft, mergeable/CLEAN, bounty-labeled, and already claim-marked.

Scope remains the analytics license seat roster guard, not renewal-notice or auto-renewal consent work. This PR covers named dashboard/viewer/API seats, contracted entitlements, overage, external-domain access, expired temporary access, inactive paid seats, API usage from non-API seats, duplicate identities, and finance-ready remediation.

The reviewer packet, deterministic artifacts, validation commands, and claim marker are already in place. I do not see a contributor-side blocker for review/reward decision.

[taherdhanera]

Status refresh after newer same-issue #20 activity.

Re-verified now: this PR is open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked for issue #20.

The scope remains the analytics license seat roster guard: named dashboard/viewer/API seats, contracted entitlements, unapproved overage, external-domain access, expired temporary access, inactive paid seats, API usage from non-API seats, duplicate named identities, and finance-ready remediation before analytics-license renewal or true-up.

This is distinct from the newer billing-receipt-privacy slice and other adjacent revenue-infrastructure slices. No implementation changes are needed from my side unless reviewers request revisions.

[taherdhanera]

Status refresh after newer same-issue #20 activity.

Re-verified now: this PR is open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked for issue #20.

The scope remains the analytics license seat roster guard: named dashboard/viewer/API seats, contracted entitlements, unapproved overage, external-domain access, expired temporary access, inactive paid seats, API usage from non-API seats, duplicate named identities, and finance-ready remediation before analytics-license renewal or true-up.

This is distinct from the newer grant cost-share revenue and billing-receipt-privacy slices. No implementation changes are needed from my side unless reviewers request revisions.

[taherdhanera]

Status refresh after newer same-issue #20 activity, including the institutional sanctions/export-control attempt and PR #441. Re-verified now: this PR remains open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked for issue #20.

The submitted scope remains the distinct analytics license seat roster guard: named dashboard/viewer/API seats, contracted entitlements, unapproved overage, external-domain access, expired temporary access, inactive paid seats, API usage from non-API seats, duplicate named identities, and finance-ready remediation before analytics-license renewal or true-up. This is distinct from institutional sanctions/export-control eligibility, grant cost-share revenue, billing receipt privacy, renewal notice, payment authorization freshness, customer consolidation, and other revenue-infrastructure slices.

[taherdhanera]

Status refresh after the newer same-issue PR #424 hardening activity: PR #362 remains open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked for issue #20.

The submitted scope remains the distinct analytics license seat roster guard: named dashboard/viewer/API seats, contracted entitlements, unapproved overage, external-domain access, expired temporary access, inactive paid seats, API usage from non-API seats, duplicate named identities, and finance-ready remediation before analytics-license renewal or true-up.

This is distinct from PR #424's billing receipt privacy guard and metadata hardening, as well as grant cost-share revenue, institutional sanctions/export-control eligibility, renewal notice, payment authorization freshness, customer consolidation, and other revenue-infrastructure slices. No contributor-side code changes are pending unless reviewers request revisions.

[taherdhanera]

Final status refresh after PR #424's latest hardening update: PR #362 remains open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked for issue #20.

Scope remains unchanged and distinct: analytics license seat roster guard for named dashboard/viewer/API seats, contracted entitlements, overage, external-domain access, expired temporary access, inactive paid seats, API usage from non-API seats, duplicate named identities, and finance-ready remediation before analytics-license renewal or true-up.

This is separate from billing receipt privacy and metadata hardening. No contributor-side changes are pending unless reviewers request revisions.

[taherdhanera]

Status refresh after newer same-issue PR #449 billing-readiness guard activity. PR #362 remains open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked for issue #20.

Scope remains unchanged and distinct: analytics license seat roster guard for named dashboard/viewer/API seats, contracted entitlements, unapproved overage, external-domain access, expired temporary access, inactive paid seats, API usage from non-API seats, duplicate identities, and finance-ready remediation before analytics-license renewal or true-up.

This is separate from the newer billing-readiness guard and other adjacent revenue-infrastructure slices. No implementation changes are needed unless reviewers request them.

[taherdhanera]

Status refresh after the newer same-issue PR #462 activity: PR #362 remains open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked for issue #20.

The submitted scope remains the analytics license seat roster guard: named dashboard/viewer/API seats, contracted entitlements, unapproved overage, inactive/ineligible users, stale deprovisioning, missing approval records, and deterministic billing/export review artifacts.

PR #462 appears to add a separate usage meter and entitlement reconciliation auditor for unbilled usage, over-quota compute without enforcement, discount overrides, missing institutional PO metadata, analytics API overage, trial compute leakage, plan entitlement mismatches, duplicate top-ups, private fields in licensed exports, and payment-provider revenue drift. That is adjacent, but PR #362 is still the prior analytics license seat roster layer for this issue.

[taherdhanera]

Visibility refresh after the latest same-issue /claim #20 for PR #462.

This existing submission remains PR #362, open, non-draft, CLEAN/mergeable, bounty-labeled, and tied to the Pending USD 500 Algora claim: https://algora.io/claims/UuvoH8BqTLEZJSga

Maintainer review target remains the analytics license seat roster guard implemented here.

[taherdhanera]

Visibility refresh after new same-issue PR #476 activity on issue #20.

This existing submission remains PR #362, open, non-draft, CLEAN/mergeable, bounty-labeled, and tied to the Pending USD 500 Algora claim: https://algora.io/claims/UuvoH8BqTLEZJSga

Maintainer review target remains the analytics license seat roster guard implemented here: named dashboard/viewer/API seats, contracted entitlements, unapproved overage, inactive/ineligible users, stale deprovisioning, mismatched billing references, and deterministic reviewer-ready artifacts.

[taherdhanera]

Visibility refresh after the newer same-issue PR #495 activity.

This existing submission remains PR #362, open, non-draft, CLEAN/mergeable, bounty-labeled, /claim #20 present, and tied to the Pending USD 500 Algora claim: https://algora.io/claims/UuvoH8BqTLEZJSga

Maintainer review target remains the analytics license seat roster guard implemented here: named dashboard/viewer/API seats, contracted entitlements, unapproved dashboard overage, external-domain access, expired temporary access, inactive paid seats, API usage from non-API seats, duplicate named seats, and finance-ready remediation before analytics-license renewal or true-up. PR #495 appears to add a separate failed-payment dunning and entitlement-hold guard; PR #362 remains the prior analytics-license roster layer.

[taherdhanera]

Visibility refresh after PR #424's newer hardening pass for customer-facing line-item identifiers and units.

My existing issue #20 submission remains PR #362: #362

Current status re-verified now: PR #362 is open, non-draft, CLEAN/mergeable, bounty-labeled, includes /claim #20, and its Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope reminder for review: PR #362 is the analytics license seat roster guard for Revenue Infrastructure. It covers named dashboard/viewer/API seats, contracted entitlements, unapproved dashboard overage, external-domain access, expired temporary access, inactive paid seats, API usage from non-API seats, duplicate named seats, and finance-ready remediation before analytics-license renewal or true-up.

This remains separate from PR #424's billing receipt privacy and line-item metadata hardening, PR #495's failed-payment dunning/entitlement hold guard, PR #462's usage-meter entitlement reconciliation, and other adjacent revenue-infrastructure slices. No contributor-side code changes are pending unless maintainers request revisions.

[taherdhanera]

Visibility refresh after PR #424's newer hardening pass for private receipt, invoice, and customer identifier redaction.

My existing issue #20 submission remains PR #362: #362

Current status re-verified now: PR #362 is open, non-draft, CLEAN/mergeable, bounty-labeled, includes /claim #20, and its Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope reminder for review: PR #362 is the analytics license seat roster guard for Revenue Infrastructure. It covers named dashboard/viewer/API seats, contracted entitlements, unapproved dashboard overage, external-domain access, expired temporary access, inactive paid seats, API usage from non-API seats, duplicate named seats, finance remediation actions, and deterministic reviewer-ready artifacts.

This remains separate from PR #424's billing receipt privacy guard and its private billing-identifier redaction, provider metadata scanning, customer-facing line-item privacy, receipt/invoice hold decisions, and finance-review correlation handles. No contributor-side changes are pending unless maintainers request revisions.

[taherdhanera]

Visibility refresh after newer same-issue #20 competitor PR #424 activity. This PR #362 remains open, non-draft, CLEAN/mergeable, bounty-listed, and claim-marked for issue #20. Scope remains distinct: analytics license named-seat roster guard: dashboard/API entitlement checks, external-domain access, temporary access expiry, inactive paid seats, duplicates, and finance remediation artifacts. No contributor-side code changes are pending unless maintainers request revisions.

[taherdhanera]

Visibility refresh after KoiosSG updated same-issue #20 PR #424 later than my last status.

This PR #362 remains open, non-draft, CLEAN/mergeable, bounty-labeled, and claim-marked for issue #20. It is tied to the Pending USD 500 Algora claim: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains distinct: PR #362 is the analytics license named-seat roster guard covering dashboard/API entitlement checks, external-domain access, temporary access expiry, inactive paid seats, duplicate named seats, and finance remediation artifacts before renewal or true-up. PR #424 remains a separate billing receipt privacy/redaction guard. No contributor-side code changes are pending unless maintainers request revisions.

[taherdhanera]

Visibility refresh after newer same-issue #20 competitor PR activity from KoiosSG PR #424 and yunrongy424-oss PR #441.

This PR #362 remains open, non-draft, MERGEABLE, bounty-labeled, and claim-marked for issue #20. It is tied to the Pending USD 500 Algora claim: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains distinct: analytics license named-seat roster guard covering dashboard/API entitlement checks, external-domain access, temporary access expiry, inactive paid seats, duplicate named seats, and finance remediation artifacts. PR #424 and PR #441 are separate revenue-infrastructure slices. No contributor-side changes are pending unless maintainers request revisions.

[taherdhanera]

Visibility refresh after KoiosSG's newer PR #424 update (4a1844a) for sparse receipt and line-item payload handling.

PR #362 remains my active issue #20 submission: open, non-draft, MERGEABLE/CLEAN, bounty-labeled, /claim #20 present, and tied to the Pending USD 500 Algora claim: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains distinct: analytics license named-seat roster guard covering dashboard/API entitlement checks, contracted seats, external-domain access, temporary access expiry, inactive paid seats, duplicate named seats, and finance remediation artifacts before renewal or true-up.

PR #424 is a separate billing receipt privacy/redaction and sparse-payload hardening slice. No contributor-side code changes are pending for PR #362 unless maintainers request revisions.

[taherdhanera]

PR-side visibility refresh after newer same-issue #20 activity from @KoiosSG in PR #424 (billing receipt privacy guard).

PR #362 remains open, non-draft, MERGEABLE/CLEAN, bounty-labeled, and claim-marked for #20. Algora reward link remains indexed: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains the analytics license seat roster guard, separate from PR #424's billing receipt privacy guard. No contributor-side changes are pending unless maintainers request revisions.

[taherdhanera]

PR-side visibility refresh after newer same-issue #20 activity from @Entr0zy / PR #499.

PR #362 remains open, non-draft, MERGEABLE/CLEAN, bounty-labeled, and claim-marked for issue #20. Its Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains the analytics license named-seat roster leakage guard before renewal or true-up billing. It is separate from PR #499's subscription cancellation effective-date guard. No contributor-side changes are pending unless maintainers request revisions.

[taherdhanera]

PR-side visibility refresh after newer same-issue #20 PR activity from @attaboy11 / PR #513: #513

This PR #362 remains my active issue #20 submission.

Current status re-verified now:

• open and non-draft
• MERGEABLE/CLEAN
• Bounty claim label present
• PR body includes /claim #20
• Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains the analytics license seat roster guard, separate from PR #513's priority support entitlement guard. No contributor-side changes are pending unless maintainers request revisions.

[taherdhanera]

PR-side visibility refresh after newer same-issue #20 activity from @keon0711: #20 (comment)

This PR #362 remains my active issue #20 submission.

Current status re-verified now:

• open and non-draft
• MERGEABLE/CLEAN
• Bounty claim label present
• PR body includes /claim #20
• Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains the analytics license seat roster guard, separate from the newer refund liability reserve attempt. No contributor-side changes are pending unless maintainers request revisions.

[taherdhanera]

PR-side visibility refresh after newer same-issue #20 PR activity from @keon0711 / PR #516: #516

This PR #362 remains my active issue #20 submission.

Current status re-verified now:

• open and non-draft
• MERGEABLE/CLEAN
• Bounty claim label present
• PR body includes /claim #20
• Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains the analytics license seat roster guard, separate from PR #516's refund liability reserve guard. No contributor-side changes are pending unless maintainers request revisions.

[taherdhanera]

PR-side visibility refresh after newer same-issue #20 PR update from @Entr0zy / PR #499: #499

This PR #362 remains my active issue #20 submission.

Current status re-verified now:

• open and non-draft
• MERGEABLE/CLEAN
• Bounty claim label present
• PR body includes /claim #20
• Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains the analytics license seat roster guard, separate from PR #499's cancellation effective-date guard.

[taherdhanera]

PR-side visibility refresh after newer same-issue #20 PR update from @KoiosSG / PR #424: #424

This PR #362 remains my active issue #20 submission.

Current status re-verified now:

• open and non-draft
• MERGEABLE/CLEAN
• Bounty claim label present
• PR body includes /claim #20
• Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains the analytics license seat roster guard, separate from PR #424's billing receipt privacy guard.

[taherdhanera]

PR-side visibility refresh after newer same-issue #20 activity from @orenodinner: #20 (comment)

This PR #362 remains my active issue #20 submission.

Current status re-verified now:

• open and non-draft
• MERGEABLE/CLEAN
• Bounty claim label present
• PR body includes /claim #20
• Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains the analytics license seat roster guard, separate from the new institutional tax/VAT exemption hold attempt.

[taherdhanera]

PR-side visibility refresh after newer same-issue #20 activity from @orenodinner / PR #519: #519

This PR #362 remains my active issue #20 submission.

Current status re-verified now:

• open and non-draft
• MERGEABLE/CLEAN
• Bounty claim label present
• PR body includes /claim #20
• Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains the analytics license seat roster guard, separate from PR #519's contract price escalation cap guard.

[taherdhanera]

PR-side visibility refresh after newer same-issue #20 claim update from @orenodinner on PR #519: #519 (comment)

This PR #362 remains my active issue #20 submission.

Current status re-verified now:

• open and non-draft
• MERGEABLE/CLEAN
• Bounty claim label present
• PR body includes /claim #20
• Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains the analytics license seat roster guard, separate from PR #519's contract price escalation cap guard.

[taherdhanera]

PR-side visibility refresh after the newer same-issue #20 claim update from @orenodinner on PR #519: #519 (comment)

This PR #362 remains my active issue #20 submission.

Current status re-verified now:

• open and non-draft
• MERGEABLE/CLEAN
• Bounty claim label present
• PR body includes /claim #20
• Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains the analytics license seat roster guard, separate from PR #519's contract price escalation cap guard. No contributor-side code changes are pending unless maintainers request revisions.

[taherdhanera]

PR-side visibility refresh after the newer same-issue #20 PR update from @orenodinner / PR #519: #519

This PR #362 remains my active issue #20 submission.

Current status re-verified now:

• open and non-draft
• MERGEABLE/CLEAN
• Bounty claim label present
• PR body includes /claim #20
• Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains the analytics license seat roster guard, separate from PR #519's contract price escalation cap guard. No contributor-side code changes are pending unless maintainers request revisions.

[taherdhanera]

Merge/reward readiness refresh for /claim #20.

Current contributor-side status rechecked from the watcher:

• PR is open, non-draft, MERGEABLE/CLEAN
• Bounty claim label is present
• PR body includes /claim Revenue Infrastructure #20
• Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga
• Scope remains the focused analytics license seat roster guard submission
• No known contributor-side blocker or requested change is visible from the latest PR state

Could a maintainer please review this PR for merge/reward decision, or point me to the exact change needed to unblock it? I can respond quickly.

[taherdhanera]

Visibility and merge/reward readiness refresh after newer same-issue #20 activity from @goodgoodclaw on PR #523:

• Add institutional invoice delivery assurance guard #523
• Revenue Infrastructure #20 (comment)

My active #20 submission remains PR #362: #362

Current status re-verified now:

• PR Add analytics license seat roster guard #362 is open and non-draft
• PR Add analytics license seat roster guard #362 is MERGEABLE/CLEAN
• Bounty claim label is present
• PR body includes /claim #20
• Algora claim remains Pending for USD 500: https://algora.io/claims/UuvoH8BqTLEZJSga

Scope remains distinct: PR #362 is the analytics license seat roster guard for Revenue Infrastructure, focused on dashboard/API entitlement checks, contracted seats, external-domain access, temporary access expiry, inactive paid seats, duplicate named seats, and finance remediation artifacts before renewal or true-up.

PR #523 is a separate institutional invoice delivery assurance guard for AP route health, billing bounces, portal upload receipts, PO attachments, invoice PDF/hash parity, retry windows, and finance escalation before AR aging/collections. No contributor-side changes are pending for PR #362 unless maintainers request revisions. Could a maintainer please review PR #362 for merge/reward decision, or point me to the exact change needed to unblock it?