docs: update milestones and pilot evidence artifacts

Author: brianfunk

README.md

@@ -127,6 +127,7 @@ Before deploying, ensure quality gates pass:
 - **[API_V1.md](docs/API_V1.md)** - Public and agency API contract (v1)
 - **[DATA_DICTIONARY.md](docs/DATA_DICTIONARY.md)** - Canonical domain field definitions
 - **[RBAC_ACCOUNT_ORG_MANAGEMENT.md](docs/RBAC_ACCOUNT_ORG_MANAGEMENT.md)** - Enterprise role, account, and organization management model
+- **[MIGRATION_VALIDATION.md](docs/MIGRATION_VALIDATION.md)** - Fresh database migration replay validation process
 - **[AGENCY_ONBOARDING.md](docs/AGENCY_ONBOARDING.md)** - First-time agency setup guide
 - **[AGENCY_ADMIN_GUIDE.md](docs/AGENCY_ADMIN_GUIDE.md)** - Guide for government staff
 - **[PUBLIC_USER_GUIDE.md](docs/PUBLIC_USER_GUIDE.md)** - Guide for citizens
@@ -135,6 +136,9 @@ Before deploying, ensure quality gates pass:
 - **[SECURITY_AUDIT_GUIDE.md](docs/SECURITY_AUDIT_GUIDE.md)** - Security audit procedures
 - **[CONTROL_MAPPING.md](docs/CONTROL_MAPPING.md)** - Federal-ready control evidence mapping
 - **[ACCESSIBILITY_TRACKER.md](docs/ACCESSIBILITY_TRACKER.md)** - Accessibility compliance tracking
+- **[RELEASE_EVIDENCE_INDEX.md](docs/RELEASE_EVIDENCE_INDEX.md)** - Consolidated release evidence mapping
+- **[PILOT_EXECUTION_GUIDE.md](docs/PILOT_EXECUTION_GUIDE.md)** - Pilot execution procedure and evidence requirements
+- **[PILOT_FINDINGS.md](docs/PILOT_FINDINGS.md)** - Append-only pilot findings log
 - **[PERFORMANCE_NOTES.md](docs/PERFORMANCE_NOTES.md)** - Performance optimization guide
 
 ## 🤝 Contributing

docs/ACCESSIBILITY_TRACKER.md

@@ -22,6 +22,14 @@ Accessibility work is tracked in `/docs/plan/M07-ux-accessibility-and-design-sys
   - `/comments/search`
   - `/contact`
   - `/agency/login`
+  - `/about`
+  - `/faqs`
+  - `/onboarding`
+  - `/status`
+  - `/data-access`
+  - `/accessibility`
+  - `/privacy`
+  - `/terms`
 - Result: no Axe `critical` violations detected on covered routes.
 
 ## Verification Checklist (WCAG 2.1 AA)

docs/PILOT_EXECUTION_GUIDE.md

@@ -0,0 +1,29 @@
+# Pilot Execution Guide
+
+This guide defines the minimum pilot required before `v1.0.0` release.
+
+## Objective
+
+Validate one real agency workflow end-to-end in a controlled production-like environment.
+
+## Pilot Scope
+
+- Agency onboarding and membership setup.
+- Docket creation and publication.
+- Public comment submission.
+- Moderation and publication decision.
+- Export generation and retrieval.
+
+## Exit Criteria
+
+- All scoped workflow steps execute without Sev-1/Sev-2 incidents.
+- Findings are logged in `docs/PILOT_FINDINGS.md`.
+- Mitigations are either completed or tracked with owner/severity.
+
+## Evidence to capture
+
+- Role assignments and membership screenshots (or SQL evidence).
+- Docket lifecycle timestamps.
+- Comment moderation logs.
+- Export job and downloaded artifact checksum.
+- Any defects, severity, and mitigation decision.

docs/PILOT_FINDINGS.md

@@ -0,0 +1,10 @@
+# Pilot Findings Log
+
+| ID | Date | Scenario | Severity | Finding | Resolution Status | Owner |
+| --- | --- | --- | --- | --- | --- | --- |
+| P-001 | TBD | TBD | TBD | TBD | Open | TBD |
+
+## Notes
+
+- Replace seed row with real pilot findings.
+- Keep this file append-only during pilot execution.

docs/RBAC_ACCOUNT_ORG_MANAGEMENT.md

@@ -30,6 +30,12 @@ Database-enforced guardrails are implemented in `supabase/migrations/20260211000
 - Role self-downgrades require ownership transfer flow.
 - Self profile updates cannot modify protected fields (`role`, `email`, `agency_name`) unless platform-admin.
 
+Platform-scope guardrails are implemented in `supabase/migrations/20260211000700_platform_role_scope_hardening.sql`:
+
+- `super_user` cannot assign `owner` role through platform invite flows.
+- `super_user` cannot change owner/admin agency memberships.
+- Ownership transfer through platform admin requires `super_owner`.
+
 ## Primary Workflows
 
 ### 1. Member self-service

docs/RELEASE_EVIDENCE_INDEX.md

@@ -0,0 +1,31 @@
+# Release Evidence Index
+
+This index tracks release-readiness evidence artifacts for `v1.0.0`.
+
+## Engineering Quality
+
+- `docs/RELEASE_READINESS_CHECKLIST.md`
+- `docs/RELEASE_NOTES.md`
+- `docs/OPERATIONS_RUNBOOK.md`
+
+## Security and Controls
+
+- `docs/CONTROL_MAPPING.md`
+- `docs/SECURITY_AUDIT_GUIDE.md`
+- `docs/RBAC_ACCOUNT_ORG_MANAGEMENT.md`
+
+## Data and Schema
+
+- `docs/MIGRATION_VALIDATION.md`
+- `docs/DATAMODEL.md`
+- `docs/API_V1.md`
+- `docs/DATA_DICTIONARY.md`
+
+## Accessibility
+
+- `docs/ACCESSIBILITY_TRACKER.md`
+
+## Pilot
+
+- `docs/PILOT_EXECUTION_GUIDE.md`
+- `docs/PILOT_FINDINGS.md`

docs/plan/M01-schema-and-contract-reconciliation.md

@@ -23,17 +23,19 @@ Align database schema/RPC contracts with application code expectations.
 - [x] Add platform and agency management RPCs.
 - [x] Add compatibility wrapper for `get_public_dockets`.
 - [x] Add baseline RLS for newly introduced tables.
+- [x] Add reproducible fresh migration replay validation command.
 
 ## Acceptance criteria
 
 - [x] Frontend no longer references non-existent schema objects.
 - [x] Core RPC calls resolve at runtime.
-- [ ] Migration applies cleanly on a fresh database.
+- [x] Migration applies cleanly on a fresh database.
 
 ## Risks/blockers
 
 - Existing enum values may conflict with planned canonical status model.
 - RPC behavior may need iterative refinement for production constraints.
+- Supabase runtime-specific behaviors still require staging verification beyond SQL replay.
 
 ## Decision log
 
@@ -52,3 +54,5 @@ Align database schema/RPC contracts with application code expectations.
 - 2026-02-11: Added follow-up migration `20260211000500_security_audit_and_abuse_events.sql` to introduce immutable audit trails and abuse-event telemetry primitives.
 - 2026-02-11: Added automated contract test `tests/schema-contracts.test.js` validating all `.from()` and `.rpc()` references in app/edge code map to objects defined by migrations.
 - 2026-02-11: Attempted fresh local migration validation with `supabase db reset --local --yes`; blocked because Docker daemon is unavailable in current environment.
+- 2026-02-11: Added `scripts/validate-migrations-fresh.sh` and `npm run db:validate:fresh` to validate migration replay using a temporary local PostgreSQL instance (no Docker dependency).
+- 2026-02-11: Executed `npm run db:validate:fresh`; all migrations through `20260211000700_platform_role_scope_hardening.sql` applied successfully on a fresh database.

docs/plan/M02-auth-rbac-and-multi-tenancy.md

@@ -48,3 +48,4 @@ Implement real agency membership and permission checks with tenant isolation.
 - 2026-02-11: Added `tests/tenant-isolation-policies.test.js` to verify RLS enablement and tenant predicates exist across agency-scoped tables.
 - 2026-02-11: Added migration `20260211000600_rbac_account_management_hardening.sql` to tighten `is_agency_admin` semantics (owner/admin only), enforce enterprise role/status guardrails in membership RPCs, and protect restricted profile fields from self-escalation.
 - 2026-02-11: Expanded agency user experience with self-service profile management and role-permission catalog while retaining admin workflows for invite/role/status/ownership management.
+- 2026-02-11: Added migration `20260211000700_platform_role_scope_hardening.sql` to enforce super-user scope boundaries (no owner assignment/transfer via super-user), while retaining super-owner authority for platform-level governance.

docs/plan/M07-ux-accessibility-and-design-system.md

@@ -41,3 +41,4 @@ Consolidate UX architecture and enforce accessible, coherent UI patterns.
 - 2026-02-11: Removed unused legacy pages (`src/pages/AgencyDashboard.tsx`, `src/pages/AgencyLogin.tsx`) that contained stale placeholder/duplicate agency UI, leaving canonical `/pages/agency/*` surfaces as the single implementation path.
 - 2026-02-11: Added Playwright + Axe automated accessibility baseline (`tests/playwright/accessibility.pw.ts`) and verified no `critical` violations on primary entry routes; recorded in `docs/ACCESSIBILITY_TRACKER.md`.
 - 2026-02-11: Refined `Users & Access` IA so all agency roles have a single profile/access surface, with admins getting advanced management controls and role catalog context in the same page.
+- 2026-02-11: Expanded automated accessibility baseline coverage to additional core informational/public routes and added landmark/heading smoke assertions in `tests/playwright/accessibility.spec.ts`.

docs/plan/M09-release-readiness-and-pilot.md

@@ -38,3 +38,4 @@ Complete production readiness verification and pilot execution.
 - 2026-02-11: Published `docs/RELEASE_READINESS_CHECKLIST.md` and executed current engineering quality gates (lint/typecheck/test/build) as readiness evidence.
 - 2026-02-11: Expanded `docs/OPERATIONS_RUNBOOK.md` from placeholder to actionable incident and rollback playbooks for production operations.
 - 2026-02-11: Published `docs/RELEASE_NOTES.md` with milestone-driven v1.0.0-rc1 candidate notes and open GA blockers.
+- 2026-02-11: Added pilot execution artifacts: `docs/PILOT_EXECUTION_GUIDE.md`, `docs/PILOT_FINDINGS.md`, and consolidated evidence map in `docs/RELEASE_EVIDENCE_INDEX.md`.