tractatus/SCHEDULED_TASKS.md

# Scheduled Tasks - Tractatus Framework
**Last Updated:** 2025-10-19
**Purpose:** Track optional future work items identified during development

---

## 🎯 High Priority

### 1. CSP Violation Cleanup
**Scheduled:** Next available session
**Effort:** Medium (2-3 hours)
**Status:** ✅ COMPLETED (2025-10-19)

**Description:**
Clean up 114 Content Security Policy violations across 17 HTML/JS files.

**Files Affected:**
- `public/about.html` (1 violation)
- `public/architecture.html` (19 violations)
- `public/case-submission.html` (4 violations)
- `public/implementer.html` (1 violation)
- `public/index.html` (31 violations)
- `public/leader.html` (1 violation)
- `public/media-inquiry.html` (2 violations)
- `public/researcher.html` (5 violations)
- `public/js/admin/audit-analytics.js` (3 violations)
- `public/js/admin/auth-check.js` (6 violations)
- `public/js/admin/claude-md-migrator.js` (2 violations)
- `public/js/admin/dashboard.js` (4 violations)
- `public/js/admin/project-editor.js` (4 violations)
- `public/js/admin/project-manager.js` (5 violations)
- `public/js/admin/rule-editor.js` (9 violations)
- `public/js/admin/rule-manager.js` (6 violations)
- `public/js/components/coming-soon-overlay.js` (11 violations)

**Violation Types:**
- Inline style attributes: 91
- Inline event handlers: 23

**Action Items:**
1. ✅ Run `node scripts/check-csp-violations.js` to analyze violations
2. ✅ Run automated fix scripts to remediate violations
3. ✅ Manual review of auto-fixes
4. ✅ Test all affected pages
5. ✅ Commit fixes (3 commits: public pages, admin pages, event delegation)
6. ⏳ Deploy to production (pending)

**Benefits:**
- Improved security posture
- Better browser compatibility
- Cleaner code architecture
- Eliminate pre-commit hook bypasses

**Notes:**
- Already has auto-fix script available
- Currently bypassing pre-commit hook with `--no-verify`
- Non-blocking for security work (deferred during emergency)

---

### 2. Admin UI for Publish Workflow
**Scheduled:** Week of 2025-10-21
**Effort:** Medium (3-4 hours)
**Status:** ✅ COMPLETED (2025-10-19)

**Description:**
Create admin user interface for document publish/unpublish workflow. Currently API-only.

**Current State:**
- ✅ API endpoints working (POST /api/documents/:id/publish, /api/documents/:id/unpublish)
- ✅ Backend validation complete
- ✅ Audit trail implemented
- ✅ Admin UI implemented in dashboard (publish/unpublish modals)

**Requirements:**

**1. Document List View Enhancements:** ✅ COMPLETE
- ✅ Add "Status" column showing workflow_status (draft, review, published)
- ✅ Add "Visibility" badge (internal, public, confidential, archived)
- ✅ Add "Publish" button for draft documents
- ✅ Add "Unpublish" button for published documents

**2. Publish Modal:** ✅ COMPLETE
- ✅ Category dropdown (required) with all 7 categories
- ✅ Order number input (optional, default to doc.order)
- ✅ Preview of document metadata
- ✅ Validation feedback (category required)

**3. Unpublish Modal:** ✅ COMPLETE
- ✅ Reason textarea (required for audit trail)
- ✅ Confirmation workflow
- ✅ Show current visibility and category

**4. Drafts Dashboard:** ⏳ DEFERRED (optional enhancement)
- New admin page: GET /api/documents/drafts
- Show all pending documents
- Quick publish from this view
- Sort by date_created (oldest first)

**Files to Create/Modify:**
- `public/admin/document-publish.html` (new)
- `public/js/admin/document-publish.js` (new)
- `public/admin/dashboard.html` (modify - add Drafts link)
- `public/js/admin/dashboard.js` (modify - add publish buttons)

**API Endpoints (Already Exist):**
- `POST /api/documents/:id/publish` ✅
- `POST /api/documents/:id/unpublish` ✅
- `GET /api/documents/drafts` ✅

**Benefits:**
- Admins can publish without API calls
- Visual workflow status tracking
- Easier content management
- Clear audit trail visibility

---

## 📋 Medium Priority

### 3. Legacy `public` Field Migration
**Scheduled:** Week of 2025-10-28
**Effort:** Low (1-2 hours)
**Status:** Analysis complete, ready for implementation

**Description:**
Migrate all documents from legacy `public: true/false` field to modern `visibility` field.

**Current State:**
- New documents use `visibility: 'public'|'internal'|'confidential'|'archived'`
- Old documents may have `public: true` instead
- Public API supports both (backward compatible)
- No data loss risk

**Migration Script:**
```javascript
// scripts/migrate-public-to-visibility.js
async function migrate() {
  const collection = await getCollection('documents');

  // Find documents with public field but no visibility
  const docsToMigrate = await collection.find({
    public: { $exists: true },
    visibility: { $exists: false }
  }).toArray();

  for (const doc of docsToMigrate) {
    const visibility = doc.public ? 'public' : 'internal';
    await collection.updateOne(
      { _id: doc._id },
      {
        $set: { visibility },
        $unset: { public: "" }
      }
    );
  }
}
```

**Action Items:**
1. ⏳ Create migration script
2. ⏳ Test on local database
3. ⏳ Backup production database
4. ⏳ Run migration on production
5. ⏳ Verify all documents have `visibility` field
6. ⏳ Update Document.model.js to remove `public` field
7. ⏳ Update API filters to use only `visibility`

**Benefits:**
- Cleaner data model
- Single source of truth
- Remove backward compatibility code
- Simplify API logic

**Risk:** Low (backward compatible migration)

---

## 🔍 Low Priority

### 4. Workflow Status UI Indicators
**Scheduled:** Week of 2025-11-04
**Effort:** Low (1-2 hours)
**Status:** Design concept only

**Description:**
Show draft/review/published states in document viewer and admin interfaces.

**Ideas:**
- Badge in document cards showing status
- Color-coded status indicators:
  - 🟡 Draft (yellow)
  - 🟠 Review (orange)
  - 🟢 Published (green)
- Filter documents by workflow status
- Admin dashboard showing status distribution

**Benefits:**
- Visual clarity for admins
- Quick status overview
- Better content management

---

### 5. Performance Optimization
**Scheduled:** Week of 2025-11-11
**Effort:** Medium (3-4 hours)
**Status:** Audit needed

**Description:**
Improve Lighthouse scores and overall performance.

**Target Metrics:**
- Performance: >90 (current: unknown)
- Accessibility: >90
- Best Practices: >95
- SEO: >95

**Action Items:**
1. ⏳ Run Lighthouse audit on all key pages
2. ⏳ Optimize images (WebP conversion)
3. ⏳ Minify CSS/JS (already using tractatus-theme.min.css)
4. ⏳ Implement lazy loading
5. ⏳ Add service worker caching
6. ⏳ Optimize font loading

**Pages to Audit:**
- https://agenticgovernance.digital (homepage)
- https://agenticgovernance.digital/docs.html (documentation viewer)
- https://agenticgovernance.digital/about.html
- https://agenticgovernance.digital/researcher.html

---

### 6. Accessibility Audit
**Scheduled:** Week of 2025-11-18
**Effort:** Medium (3-4 hours)
**Status:** Not started

**Description:**
WCAG 2.1 AA compliance audit and remediation.

**Action Items:**
1. ⏳ Run axe DevTools audit
2. ⏳ Fix keyboard navigation issues
3. ⏳ Add ARIA labels where needed
4. ⏳ Test with screen readers (NVDA, JAWS)
5. ⏳ Ensure color contrast ratios
6. ⏳ Add skip links for navigation

---

## 📊 Tracking

### Completed This Session (2025-10-19)
- ✅ CSP Violation Cleanup (114 violations → 0 violations)
  - Fixed all public-facing HTML pages (75 violations)
  - Fixed all admin JS files (39 violations)
  - Added event delegation for CSP compliance
- ✅ Admin UI for Publish Workflow
  - Document list view enhancements (badges, buttons)
  - Publish modal with category selection
  - Unpublish modal with audit trail
  - Full event delegation integration

### In Progress
- None

### Blocked
- None

### Postponed
- Māori translation outreach (until December 2025)

---

## 🎯 Sprint Planning

### Sprint 1 (Week of 2025-10-21)
1. CSP violation cleanup (High)
2. Admin UI for publish workflow (High)

**Estimated Effort:** 5-7 hours
**Expected Completion:** 2025-10-25

### Sprint 2 (Week of 2025-10-28)
1. Legacy `public` field migration (Medium)
2. Workflow status UI indicators (Low)

**Estimated Effort:** 2-3 hours
**Expected Completion:** 2025-11-01

### Sprint 3 (Week of 2025-11-04)
1. Performance optimization (Low)
2. Accessibility audit (Low)

**Estimated Effort:** 6-8 hours
**Expected Completion:** 2025-11-22

---

## 📈 Success Metrics

### Quality Gates
- [x] Zero CSP violations (completed 2025-10-19)
- [x] All admin workflows have UI (not just API) (completed 2025-10-19)
- [ ] Single data model for document visibility (next priority)
- [ ] Lighthouse performance >90
- [ ] WCAG 2.1 AA compliance

### Timeline
- **Sprint 1:** 2025-10-21 to 2025-10-25
- **Sprint 2:** 2025-10-28 to 2025-11-01
- **Sprint 3:** 2025-11-04 to 2025-11-22

### Review Points
- End of each sprint: Review completed tasks
- Mid-sprint check-in: Adjust priorities if needed
- Monthly review: Reassess roadmap

---

**Notes:**
- All tasks are optional and non-blocking
- Can be reprioritized based on user needs
- Each task has clear success criteria
- Effort estimates assume world-class quality standards

**Last Review:** 2025-10-19 (initial creation)
**Next Review:** 2025-10-25 (after Sprint 1)