Add project visibility transition guard#378
Conversation
|
Reviewer-ready checkpoint for /claim #11. This PR is open, non-draft, mergeable/CLEAN, Bounty claim labeled, and the body contains /claim #11. Scope remains the project-visibility transition guard: owner/data-steward/institution approvals, object-level permissions, restricted-data labels, profile exposure consent, and audit-ready transition decisions using synthetic data only. |
|
Current visibility checkpoint after PR #413: this /claim #11 PR remains open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked. Scope for PR #378 remains the submitted project visibility-transition guard: safe public release of private, institutional-only, or invitation-only research workspaces, including owner/data-steward/institution approvals, profile-exposure consent, object-level permissions, restricted-data labels, anonymous-review exposure, IRB/funder holds, external partner access, redistribution risk, and immutable transition audit evidence. PR #413 appears to target a separate researcher-reputation anomaly and badge-publication safety guard. That is adjacent to, but does not replace, this PR's visibility-transition implementation. PR #378 remains ready for maintainer review and reward consideration for issue #11. |
|
Status refresh after the new same-issue PR #437 activity: PR #378 remains open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked for issue #11. The submitted scope remains the project visibility-transition guard: approvals, collaborator consent, object-level permissions, restricted-data labels, anonymous-review exposure, IRB/funder holds, external partner access, redistribution risk, and immutable audit evidence before a private/institutional/invitation-only workspace is made public. This is distinct from project session step-up, object permission inheritance drift, project provisioning baseline, researcher reputation anomaly, and the other #11 slices. |
|
Status refresh after newer same-issue PR #454 activity plus claim-body PRs #437 and #304: PR #378 remains open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked for issue #11. The submitted scope remains the project visibility-transition guard: owner/data-steward/institution approvals, collaborator consent, object-level document/code/data permissions, restricted datasets, human-derived data, anonymous-review comments, sensitive labels, public-readiness flags, owner attribution, IRB/funder holds, external partner redistribution risk, and immutable transition audit evidence. PR #454 appears to add deletion/archive escrow, PR #437 adds session/device step-up checks, and PR #304 adds funding/institution attribution. Those are adjacent, but PR #378 is still the prior project visibility-transition decision layer for this issue. |
|
Status refresh after the newer same-issue PR #464 activity: PR #378 remains open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked for issue #11. The submitted scope remains the project visibility-transition guard: owner/data-steward/institution approvals, collaborator consent, object-level document/code/data permissions, restricted datasets, human-derived data, anonymous-review comments, sensitive labels, public-readiness flags, owner attribution, IRB/funder holds, external partner redistribution risk, and immutable transition audit evidence before private or restricted workspaces become public. PR #464 appears to add a separate invitation and object-level access policy auditor for expired active invitations, role escalation without owner approval, restricted dataset download bypasses, institutional-domain mismatches, unverified elevated roles, anonymous private access, audit-log gaps, missing download deny rules, and stale external collaborators. That is adjacent, but PR #378 is still the prior project visibility-transition decision layer for this issue. |
|
Status refresh after the new same-issue PR #482 activity: PR #378 remains open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked for issue #11. The submitted scope remains the project visibility-transition guard: owner/data-steward/institution-admin approvals, collaborator exposure consent, object-level document/code/data permissions, restricted dataset labels, IRB/funder holds, public-readiness checks, external partner redistribution risk, and immutable transition audit evidence before restricted or private research workspaces change visibility. PR #482 appears to add a collaborator/reviewer/data-steward conflict-of-interest access guard using coauthor, institution, funding, competing-project, ORCID/MFA, and affiliation checks. That is adjacent User & Project Management work, but it does not replace PR #378's existing visibility-transition decision layer. Local validation for PR #378 already passed: |
|
Status refresh after the new same-issue PR #483 activity: PR #378 remains open, non-draft, mergeable/CLEAN, bounty-labeled, and claim-marked for issue #11. The submitted scope remains the project visibility-transition guard: owner/data-steward/institution approvals, collaborator consent, object-level document/code/data permissions, restricted datasets, human-derived data, anonymous-review comments, sensitive labels, public-readiness flags, owner attribution, IRB/funder holds, external partner redistribution risk, and immutable transition audit evidence before private or restricted workspaces become public. PR #483 appears to add a project data-residency transfer guard for cross-institution, jurisdiction, residency, DPA/DUA, embargo, external partner restrictions, and data-steward transfer evidence. That is adjacent User & Project Management work, but it does not replace PR #378's existing visibility-transition decision layer. Local validation for PR #378 already passed: |
|
Visibility refresh after newer same-issue #11 PR activity from @codeaustral-oss / PR #304. PR #378 remains open, non-draft, CLEAN, bounty-labeled, and claim-marked for issue #11. Its Algora claim remains Pending for USD 500: https://algora.io/claims/NCdzkTskasF2A8WV Scope remains the project visibility transition guard for project/user management state changes. It is separate from PR #304's project funding attribution guard. No contributor-side changes are pending unless maintainers request revisions. |
|
PR-side visibility refresh after newer same-issue #11 activity from @attaboy11 at #11 (comment). This PR #378 remains my active issue #11 submission. Current status re-verified now:
Scope remains the project visibility-transition guard, separate from the newer project-space authoring artifact integrity guard attempt. No contributor-side changes are pending unless maintainers request revisions. |
|
PR-side visibility refresh after newer same-issue #11 PR activity from @attaboy11 / PR #505: #505 This PR #378 remains my active issue #11 submission. Current status re-verified now:
Scope remains the project visibility-transition guard, separate from PR #505's project-space authoring artifact integrity guard. No contributor-side changes are pending unless maintainers request revisions. |
|
PR-side visibility refresh after newer same-issue #11 activity from @keon0711 at #11 (comment). This PR #378 remains my active issue #11 submission. Current status re-verified now:
Scope remains the project visibility-transition guard, separate from the newer ORCID publication claim disambiguation guard attempt. No contributor-side changes are pending unless maintainers request revisions. |
|
PR-side visibility refresh after newer same-issue #11 PR activity from @keon0711 / PR #511: #511 This PR #378 remains my active issue #11 submission. Current status re-verified now:
Scope remains the project visibility-transition guard, separate from PR #511's ORCID publication claim disambiguation guard. No contributor-side changes are pending unless maintainers request revisions. |
|
Merge/reward readiness refresh for /claim #11. Current contributor-side status rechecked from the watcher:
Could a maintainer please review this PR for merge/reward decision, or point me to the exact change needed to unblock it? I can respond quickly. |
1 participant
/claim #11
Summary
Adds
project-visibility-transition-guard, a self-contained User & Project Management slice that checks private, institutional-only, or invitation-only scientific workspaces before public visibility changes are applied.The guard evaluates:
Non-overlap
This is not a broad workspace/RBAC ledger, privacy access review, identity recovery guard, member lifecycle/offboarding flow, institutional recertification, anonymous-review escrow, identity merge/export, data-room consent ledger, researcher profile sync, archive handoff, access-audit anomaly monitor, role delegation guard, invitation-domain/MFA guard, funding-attribution guard, service-token governance guard, deletion/erasure guard, break-glass access guard, or contribution-credit gate. It focuses specifically on safe public visibility transitions.
Local validation
Run from
project-visibility-transition-guard/:npm run check npm test npm run demo npm run demo:videoAll four commands passed locally.
Reviewer artifacts
reports/summary.jsonreports/reviewer-packet.mdreports/summary.svgreports/demo.webmSafety
All data is synthetic. The module does not call OAuth, SAML, ORCID, storage, profile, permission, email, audit-log, or external services. It does not include private project data, credentials, real users, human-subject records, or access-control mutations.