{"id":"bumpgrade-admin-roadmap-source-data","source":"d1","loadError":null,"counts":[{"status":"live","count":21},{"status":"active","count":3},{"status":"blocked","count":0},{"status":"pending","count":3},{"status":"idea","count":0},{"status":"parked","count":0}],"records":[{"id":"roadmap-cloudflare-foundation","title":"Cloudflare app foundation","status":"live","issueNumber":4,"featureId":"feature-cloudflare-foundation","groupName":"Platform","summary":"Next/OpenNext Worker app, D1 binding, R2 cache binding, DNS, core routes, screenshots, and deploy path.","publicEvidence":["PR #23 merged.","Cloudflare deployment and live route smoke checks recorded on PR #23."],"nextMilestone":"Keep using this as the base for every issue slice.","markAttention":null,"sortOrder":10,"updatedAt":"2026-05-18T10:12:07.000Z"},{"id":"roadmap-comparison-hub","title":"Comparison hub and alternative pages","status":"live","issueNumber":5,"featureId":"feature-compare-source-data","groupName":"SEO and agent discovery","summary":"Shopify-inspired compare hub, nine alternative pages, source-linked competitor data, and /compare/source-data.","publicEvidence":["PR #25 merged.","Live edge checks and screenshot URLs recorded on PR #25."],"nextMilestone":"Refresh competitor sources when pricing or packaging copy is used in user-facing answers.","markAttention":null,"sortOrder":20,"updatedAt":"2026-05-18T10:12:07.000Z"},{"id":"roadmap-feature-catalog","title":"Public feature catalog","status":"live","issueNumber":6,"featureId":"feature-public-feature-catalog","groupName":"SEO and agent discovery","summary":"Aspirational /features page with live and pending badges, stable feature IDs, issue links, and /features/source-data.","publicEvidence":["PR #26 merged.","Live edge checks and feature JSON parse checks recorded on PR #26."],"nextMilestone":"Keep feature records current as product slices move from pending to shipped.","markAttention":null,"sortOrder":30,"updatedAt":"2026-05-18T10:12:07.000Z"},{"id":"roadmap-public-roadmap","title":"Public roadmap from main feature set","status":"live","issueNumber":7,"featureId":"feature-public-roadmap","groupName":"Roadmap","summary":"Public roadmap lanes connected to the feature catalog, GitHub issues, public-safe blockers, and deploy evidence.","publicEvidence":["Issue #7 owns this feature slice.","PR #27 carries the source, screenshots, validation, and deploy evidence for this issue."],"nextMilestone":"Replace shared static records with D1-backed admin state in #8.","markAttention":null,"sortOrder":40,"updatedAt":"2026-05-18T10:12:07.000Z"},{"id":"roadmap-admin-surfaces","title":"D1-backed admin roadmap, work log, journeys, and owner-attention surfaces","status":"live","issueNumber":8,"featureId":"feature-admin-state","groupName":"Admin and operations","summary":"Owner and agent coordination surfaces backed by D1 instead of static foundation copy.","publicEvidence":["Tracked by issue #8.","Current admin routes read this D1-backed surface when available."],"nextMilestone":"Keep private admin pages behind Better Auth while adding confirmed write APIs and richer agent contracts.","markAttention":null,"sortOrder":50,"updatedAt":"2026-05-18T10:40:52.000Z"},{"id":"roadmap-paid-publisher-subdomains","title":"Paid publisher tenants and Bumpgrade subdomains","status":"live","issueNumber":222,"featureId":"feature-better-auth","groupName":"Accounts and domains","summary":"Publisher account setup now has paid-plan entitlement records, D1-backed tenant rows, idempotent default subdomain reservation, and cross-subdomain Better Auth cookie configuration for bumpgrade.com subdomains.","publicEvidence":["Issue #222 tracks paid publisher tenants and Bumpgrade subdomain reservation.","/account/setup is the signed-in publisher setup surface.","/account/source-data exposes the public-safe tenant/subdomain contract.","POST /api/account/publisher/subdomain reserves a unique *.bumpgrade.com hostname only after email verification and active paid-plan or launch-pilot entitlement."],"nextMilestone":"Use the paid-gated account and default subdomain foundation as the base for custom-domain DNS onboarding, domain purchase, and publisher site auth.","markAttention":null,"sortOrder":52,"updatedAt":"2026-05-20T12:20:51.000Z"},{"id":"roadmap-custom-domain-onboarding","title":"Custom domain DNS onboarding and verification","status":"live","issueNumber":223,"featureId":"feature-better-auth","groupName":"Accounts and domains","summary":"Paid publishers can add an existing custom domain, receive deterministic CNAME instructions, and re-check DNS verification state from account setup without exposing private DNS credentials.","publicEvidence":["Issue #223 tracks custom-domain onboarding with DNS guidance and verification state.","PR #228 merged and deployed existing-domain DNS onboarding.","/account/setup is the signed-in publisher setup surface for custom domains.","/account/source-data exposes the public-safe custom-domain DNS contract.","POST /api/account/publisher/custom-domain starts onboarding and re-checks DNS for paid, email-confirmed publishers with a default Bumpgrade hostname.","Cloudflare Worker version 11dc5b0a-468a-44dd-9e8a-3e5769795076 deployed the route, screenshot asset, and wildcard route binding."],"nextMilestone":"Add custom-domain auth semantics in issue #224, then domain purchase decisions in issue #225.","markAttention":null,"sortOrder":53,"updatedAt":"2026-05-20T12:30:45.000Z"},{"id":"roadmap-cross-subdomain-customer-auth","title":"Customer login across Bumpgrade-hosted publisher sites","status":"live","issueNumber":224,"featureId":"feature-better-auth","groupName":"Accounts and domains","summary":"Bumpgrade-hosted publisher subdomains share the central Better Auth identity session while tenant access remains scoped per hostname, checkout, entitlement, and membership state.","publicEvidence":["Issue #224 tracks the publisher-site auth boundary.","PR #230 merged and deployed the cross-subdomain customer auth contract.","/account/source-data exposes the Bumpgrade-subdomain session-sharing contract and custom-domain caveat.","Production Better Auth uses the bumpgrade.com cookie domain and https://*.bumpgrade.com trusted origin pattern.","Custom domains cannot receive the bumpgrade.com browser cookie directly, so they use a central Bumpgrade login handoff before returning to tenant-scoped access checks.","Cloudflare Worker version cd663146-20c5-4899-a43f-5faec8c720a5 deployed the account source-data and Better Auth boundary update."],"nextMilestone":"Decide and expose the domain-purchase path in issue #225, then align pricing/signup copy in issue #226.","markAttention":null,"sortOrder":54,"updatedAt":"2026-05-20T13:21:34.000Z"},{"id":"roadmap-codex-email","title":"Codex project email and reply monitor","status":"live","issueNumber":10,"featureId":"feature-codex-email","groupName":"Operations","summary":"Cloudflare Email Routing is enabled for bumpgrade.com, shipped PR notices can send from codex@bumpgrade.com, and inbound replies route through the Worker into D1/R2 evidence.","publicEvidence":["Issue #10 owns Codex project email and reply monitoring.","Cloudflare Email Routing required MX, SPF, and DKIM records were installed on 2026-05-18.","A delayed PR #40 notice from codex@bumpgrade.com to a private trusted sender returned delivered and is stored in private operational records.","Cloudflare routes codex@bumpgrade.com to Worker bumpgrade.","R2 bucket private mail storage stores raw mail content under codex/email/inbound/."],"nextMilestone":"Harden inbound Codex mail so only explicitly private runtime authenticated senders can steer Codex.","markAttention":"Owner policy requires private runtime sender rules before inbound email can steer Codex; From text alone is not trusted.","sortOrder":60,"updatedAt":"2026-05-25T11:33:45.000Z"},{"id":"roadmap-better-auth","title":"Publisher and admin authentication","status":"live","issueNumber":9,"featureId":"feature-better-auth","groupName":"Accounts","summary":"Better Auth email/password accounts, D1-backed sessions, API routes, login/signup UI, and owner-gated admin pages.","publicEvidence":["Issue #9 owns the Better Auth foundation slice.","Login/signup, D1 auth tables, Better Auth API routes, and owner-gated admin pages are included in the issue #9 implementation.","Issue #55 adds owner verification resend UX and last-sent status for protected admin gates.","Issue #53 documents phone verification and SMS provider options before any phone collection, SMS OTP, or SMS marketing exists."],"nextMilestone":"Keep phone verification out of launch scope until a specific abuse, account-recovery, publisher-trust, or customer-communication need is recorded; if needed, build it through Better Auth with Cloudflare secrets, rate limits, and redaction.","markAttention":"Production admin access requires a verified owner email; project email remains tracked in #10.","sortOrder":70,"updatedAt":"2026-05-21T14:40:30.000Z"},{"id":"roadmap-competitor-importers","title":"Easy importers from ClickFunnels and competitor platforms","status":"live","issueNumber":467,"featureId":"feature-competitor-importers","groupName":"Migration","summary":"Importer center, dedicated platform import paths, public redacted review maps, private draft creation, checkout rebuild readiness, private subscriber import records, owner-only private subscriber inspection, imported-pending audience review-list promotion, owner-only private subscriber CSV export, and reusable source-data contract for moving competitor platform context into private Bumpgrade launch workspaces before go-live.","publicEvidence":["Issue #467 tracks easy importers from ClickFunnels and first-wave competitor platforms.","`/imports` lists supported importer paths.","Dedicated importer pages can show a redacted preflight review map before sign-in or private draft creation, including platform-specific source-guide readiness.","Public preflight review can parse small CSV, JSON, HTML, or text exports for structure without saving raw files, rows, file names, or pasted text.","Public preflight review matches parsed export structure against platform-specific templates before private draft creation.","Dedicated importer pages list platform-specific source guides for the URLs, exports, files, and notes Bumpgrade can use.","Dedicated importer pages support private Free Build import-plan creation.","Private importer writes persist the safe importReview export analysis, platform export matches, and recognized match IDs on new private draft metadata.","Private importer writes create structured private import records for matched offer, product, audience, checkout, funnel/page, sequence, and asset review areas.","Verified publishers can open a private importer record review route for their own importer-created plan after creation.","Verified publishers can mark private import records ready or needing cleanup without triggering buyer-facing changes.","Verified publishers can record checkout migration readiness on private checkout-offer and product-catalog records without creating checkout intents, Stripe sessions, live payment credentials, public checkout routes, account transfer, domains, fulfillment, subscriber sends, or go-live effects.","Private importer records include safe extracted field plans that show owner-review target fields without raw row values or private source content.","Verified publishers can edit safe extracted field labels, review status, and prompts without storing raw extracted values or triggering buyer-facing changes.","Private audience import records include safe subscriber import depth with aggregate row counts and identity, tag, consent, and sequence signals before any subscriber write exists.","Verified publishers can record subscriber import preflight decisions for private audience records without creating subscriber rows, sequence enrollments, sends, private exports, or go-live effects.","Verified publishers can create private importer subscriber records from a confirmed fresh upload or paste without sequence enrollments, sends, private exports, or go-live effects.","Verified publishers can inspect saved private importer subscriber records from the same-owner private review page while public source-data and unauthenticated responses expose counts only.","Verified publishers can add saved importer contacts to the audience review list as imported-pending subscriber rows without consent events, sequence enrollments, sends, private exports, or go-live effects.","Verified publishers can download owner-only private subscriber CSV files from saved importer contacts after exact confirmation while public source-data, unauthenticated responses, and JSON API responses expose counts and redaction rules only.","`/imports/source-data` exposes platform IDs, input kinds, platform-specific source checklists, export match templates, preflight signal labels, export-file parser fields, private structured import-record fields, extracted field plans, checkout migration readiness actions, subscriber import depth, subscriber import preflight actions, subscriber import creation actions, subscriber audience promotion actions, owner-only private subscriber record inspection rules, owner-only private subscriber export actions, private record review routes, review-action routes, extracted-field edit actions, saved private plan parts, preflight review routes, private-draft API routes, safety gates, limitations, and source evidence IDs for agents.","Private importer writes reuse an existing draft when the same platform, workspace, normalized title, and source URL or export file name match.","Private importer rollback routes archive private import plans without deleting saved plan content, structured private import records, steps, or audit history so the same source can be restarted."],"nextMilestone":"Parent importer scope is shipped; keep sequence enrollment and sends, live checkout creation, payment credential migration, account transfer, domains, and fulfillment parked behind their dedicated confirmed-write workstreams.","markAttention":null,"sortOrder":72,"updatedAt":"2026-05-26T22:18:27.000Z"},{"id":"roadmap-stripe-commerce","title":"Stripe payments and checkout architecture","status":"live","issueNumber":11,"featureId":"feature-stripe-commerce","groupName":"Payments","summary":"Stripe architecture, secret mapping, D1 commerce schema, billing-safe agent contract, live self-serve Bumpgrade subscription checkout, sandbox publisher-offer checkout, webhooks, and audit trails.","publicEvidence":["Issue #11 owns the Stripe architecture slice.","Issue #34 owns the first sandbox Checkout Session and webhook ingestion path.","Issue #99 owns the constrained order-bump checkout start.","Issue #101 grants sandbox product entitlements from trusted paid webhook evidence.","Issue #111 attaches public-safe referral click evidence to checkout intents.","Issue #113 creates non-payable commission ledger evidence from checkout attribution.","Issue #115 adds owner-gated commission review/reversal actions without payout mutation.","Issue #195 adds affiliate payout preparation as read-only readiness evidence without Stripe payouts.","Issue #316 adds live self-serve Bumpgrade plan checkout for Experiment, Grow, and optional White glove setup."],"nextMilestone":"Add live webhook signing secret handling and customer portal/self-service subscription management before claiming renewal and cancellation automation.","markAttention":"Cloudflare secret inventory includes the live Stripe secret but not a live webhook signing secret, so the first self-serve activation verifies Checkout Session success server-side on /pricing/success.","sortOrder":80,"updatedAt":"2026-05-22T08:56:01.000Z"},{"id":"roadmap-agent-contracts","title":"Agent-ready docs, manifests, APIs, and MCP","status":"live","issueNumber":12,"featureId":"feature-agent-ready-contracts","groupName":"Developers and agents","summary":"Public agent docs, source evidence, /agent-docs/source-data manifest, server-side read contracts, and future MCP resources are published.","publicEvidence":["Issue #12 owns the agent-ready docs, manifests, APIs, and MCP roadmap slice.","/agent-docs/source-data exposes public-safe docs, read contracts, source evidence routes, MCP plan, and write-safety boundaries.","/agent-docs/bumpgrade-mcp documents MCP resources and planned confirmed-write tools."],"nextMilestone":"Implement the first MCP resource server on top of the documented read contracts.","markAttention":null,"sortOrder":90,"updatedAt":"2026-05-18T17:00:17.000Z"},{"id":"roadmap-mobile-admin","title":"Publisher admin apps for iOS and Android","status":"active","issueNumber":414,"featureId":"feature-mobile-admin","groupName":"Mobile","summary":"Current follow-up for installable private mobile admin parity after the completed read-only dashboard, Director workstream digest, iOS foundation, Android foundation, live-hydration, owner-session/confirmed-action contract, owner-gated private-row inspection, low-risk private-row workflow actions, owner-confirmed Director workstream reviews, owner-confirmed commerce-health reviews, owner-gated audit-only action-intent API, and push/distribution readiness-boundary slices.","publicEvidence":["Current active follow-up tracked by issue #414.","Original foundation contract tracked by issue #13.","iOS app slice tracked by issue #67.","Android app slice tracked by issue #68.","Live dashboard source-data slice tracked by issue #153.","Mobile dashboard foundation rendering tracked by issue #155.","Mobile dashboard live network hydration tracked by issue #157.","Issue #414 renders the owner-session and confirmed-action contract in the Expo, iOS, and Android app foundations while keeping production mobile mutations disabled.","Issue #414 adds owner-gated GET /api/mobile-admin/private-rows for read-only private mobile row inspection through the shared Better Auth owner session.","Issue #428 adds owner-gated POST /api/mobile-admin/private-rows/actions for low-risk private-row workflow actions with exact confirmation, idempotency, stale row revision, stale-state token, audit-correlation, and redaction checks.","Issue #414 adds owner-gated POST /api/mobile-admin/director-reviews for low-risk Director workstream acknowledgements with exact confirmation, idempotency, current Director generated-at checks, stale-state token, audit-correlation, and redaction checks.","Issue #414 adds owner-gated POST /api/mobile-admin/commerce-reviews for low-risk commerce-health acknowledgements with exact confirmation, idempotency, current commerce generated-at checks, stale-state token, audit-correlation, and redaction checks.","Issue #414 adds owner-gated POST /api/mobile-admin/actions for audit-only action intents with exact confirmation, idempotency, stale-state, contract revision, source-route, audit-correlation, and redaction checks.","Issue #414 exposes the public-safe Director workstream digest inside /mobile-admin/dashboard/source-data for mobile CEO-style nesting.","Issue #414 exposes a public-safe push-notification boundary for APNs/FCM requirements, disabled send status, blockers, and redaction flags.","Issue #414 exposes a public-safe distribution boundary that separates simulator/emulator proof from physical-device, App Store/TestFlight, and Play Store/internal-testing claims.","`/mobile-admin/source-data` exposes the shared mobile contract, private-auth boundary, private-row API summary, private-row action API summary, Director review API summary, commerce review API summary, action-intent API summary, push boundary, distribution boundary, confirmed-action requirements, and no-installable-app caveat.","`/mobile-admin/dashboard/source-data` exposes the public-safe dashboard digest plus the redacted Director workstream brief and redacted private-row, private-row action, Director review, commerce review, and action-intent summaries for mobile clients.","`/mobile-admin/ios/source-data` exposes the iOS foundation, fixture, simulator smoke command, owner-session contract, private-row API panel, private-row action API panel, Director review API panel, commerce review API panel, action-intent API panel, confirmed-action cards, and screenshot path.","`/mobile-admin/android/source-data` exposes the Android foundation, fixture asset, emulator smoke command, owner-session contract, private-row API panel, private-row action API panel, Director review API panel, commerce review API panel, action-intent API panel, confirmed-action cards, and screenshot path."],"nextMilestone":"Add higher-risk billing, fulfillment, publishing, and other production confirmed-write APIs, physical-device proof, private APNs/FCM credential/device-token plumbing, and actual App Store/TestFlight or Play Store/internal-testing evidence without claiming parity early.","markAttention":null,"sortOrder":100,"updatedAt":"2026-05-26T23:03:55.000Z"},{"id":"roadmap-funnels","title":"Funnel and page builder MVP","status":"live","issueNumber":14,"featureId":"feature-funnel-builder","groupName":"Funnels and pages","summary":"Multi-step funnel model, source-data contract, read-only seeded preview foundation, owner-gated editable draft foundation with step edit/reorder controls, granular block title/body editing, reusable block add/remove controls, owner-session visual style controls, bounded owner-session canvas layout controls, owner-session within-step block reordering, owner-session cross-step block moves, owner-gated private preview, exact-confirmed public publishing, reusable template and block-template library records including webinar/resource page shapes, owner-confirmed template-to-draft creation, owner-confirmed private draft duplication, owner-confirmed checkout-offer linking on private draft steps, public sandbox checkout start rendering from published linked checkout blocks, owner-confirmed archive/unpublish lifecycle actions, owner-confirmed archived-draft purge with tombstone evidence, owner-confirmed bulk archived-draft purge with one tombstone per draft, owner-confirmed resource delivery links to product/access catalog assets, funnel-scoped private download-token delivery from published linked resource blocks, owner-confirmed webinar event/replay links to public-safe external URLs, and safe draft proposals.","publicEvidence":["Tracked by issue #14.","Issue #79 adds the first /funnels/source-data contract and /funnels/indie-launch-sandbox preview foundation.","Issue #91 adds owner-gated /admin/funnels, /api/admin/funnels/drafts, and D1 draft/audit tables.","Issue #93 adds owner-gated step title, goal, kind, and order editing on private D1 drafts.","Issue #95 adds owner-gated private draft preview from current D1 draft state.","Issue #135 adds exact-confirmed public publishing from D1 draft funnels to stable public /funnels/{slug} routes.","Issue #159 adds reusable funnel templates and block-template library records to /funnels/source-data and the seeded preview route.","Issue #161 adds owner-confirmed template-to-draft creation from reusable funnel templates.","Issue #163 adds owner-confirmed checkout-offer linking to private draft checkout blocks.","Issue #165 adds public sandbox checkout start rendering on published funnel checkout blocks with owner-confirmed checkout links.","Issue #213 adds webinar and resource funnel template/block contracts plus D1 step-kind storage readiness.","Issue #215 adds owner-confirmed private draft duplication with checkout-link metadata stripped by default.","Issue #341 adds owner-confirmed archive/unpublish lifecycle actions that preserve audit evidence and remove published routes from source data.","Issue #409 links owner-created product test checkout links to the seeded offer/funnel delivery gates without live billing or private fulfillment delivery.","Issue #417 tracks advanced funnel editing, resource delivery, webinar integrations, physical deletion policy, and direct agent-safe write tools after the MVP closeout."],"nextMilestone":"Keep arbitrary uploaded private asset delivery, live fulfillment automation, full webinar integrations, unauthenticated public agent-created delivery tokens, non-archived purge, and unauthenticated public agent publishing in issue #417; keep live publisher-offer billing in issue #219.","markAttention":null,"sortOrder":110,"updatedAt":"2026-05-26T23:51:18.000Z"},{"id":"roadmap-advanced-funnel-builder-parity","title":"Advanced funnel editing, resource delivery, and agent-safe writes","status":"active","issueNumber":417,"featureId":"feature-funnel-builder","groupName":"Funnels and pages","summary":"Active post-MVP funnel parity for visual funnel editing, resource delivery, webinar integrations, unauthenticated public agent writes, and stronger resource fulfillment; owner-confirmed checkout unlinking, resource delivery links, funnel-scoped private download-token delivery, owner-session agent-created resource delivery tokens, redacted resource-delivery receipt evidence after successful private download redemption, webinar event/replay links, visual block style controls, bounded canvas layout controls, archived-draft purge, bulk archived-draft purge, within-step block reordering, drag/drop block placement through existing move endpoints, cross-step block moves, and owner-session direct agent-safe draft writes are now part of this bucket's shipped evidence.","publicEvidence":["Issue #417 tracks this active post-MVP funnel parity bucket.","Issue #417 adds funnel-scoped private download-token delivery from published linked resource blocks after checkout intent, entitlement, product, and file asset scope match.","Issue #417 adds owner-session agent-created resource delivery tokens through /api/agent/funnels/resource-delivery-tokens after exact confirmation, idempotency, current published revision checks, entitlement checks, and audit correlation.","Issue #417 records redacted funnel resource-delivery receipts when the existing private download route successfully redeems a funnel-scoped token; receipt source-data exposes safe funnel, block, product, asset, and aggregate source counts without raw buyer, checkout, entitlement, token, R2, or signed URL data.","Issue #417 adds owner-session direct agent-safe draft writes through /api/agent/funnels/draft-writes for block copy edits, visual style presets, bounded canvas layouts, reusable block add/remove, checkout linking/unlinking, resource-delivery linking, webinar-event linking, block movement, private duplication, public publishing, archive/unpublish, archived-draft purge, and bulk archived-draft purge after exact confirmation, idempotency, current revision checks, and audit correlation.","Issue #219 tracks live publisher-offer billing separately from advanced funnel editing and resource delivery."],"nextMilestone":"Keep arbitrary uploaded private asset delivery, signed URLs, live fulfillment task automation, full webinar provider integrations, unauthenticated public agent-created delivery tokens, unauthenticated public agent publishing, non-archived purge, and live billing mutation parked until stronger rollback, provider, and payment safety can be designed together.","markAttention":null,"sortOrder":115,"updatedAt":"2026-05-27T01:48:19.000Z"},{"id":"roadmap-checkout-offers","title":"Checkout, order bump, upsell, and downsell MVP","status":"live","issueNumber":15,"featureId":"feature-checkout-offers","groupName":"Checkout and offers","summary":"Stripe-backed checkout flows, confirmed sandbox checkout start with a constrained order bump, optional referral-click attribution evidence, review-only commission ledger evidence, owner review/reversal actions, non-billing post-purchase upsell/downsell decision evidence, subscriptions, coupons, and audit trails.","publicEvidence":["Tracked by issue #15.","Depends on Stripe architecture in #11.","Issue #81 adds the first /offers/source-data contract and /offers/indie-launch-stack preview foundation.","Issue #99 adds confirmed sandbox checkout start support for the seeded primary offer plus pre-payment order bump.","Issue #111 adds public-safe referral-click attribution evidence to checkout intent creation.","Issue #113 creates review-only commission ledger evidence from trusted checkout attribution.","Issue #115 adds owner-gated review/reversal actions for commission evidence.","Issue #117 records non-billing post-purchase upsell/downsell decisions from trusted checkout evidence.","Issue #133 gates the checkout success CTA on trusted webhook state before opening the post-purchase path.","Issue #165 renders the existing sandbox checkout start surface from published linked funnel checkout blocks."],"nextMilestone":"Keep live publisher-offer billing separated in issue #219 until the first live package, amount, and webhook secret are confirmed; one-click post-purchase charging and fulfillment remain future confirmed-write work.","markAttention":null,"sortOrder":120,"updatedAt":"2026-05-24T00:59:50.000Z"},{"id":"roadmap-live-publisher-offer-billing","title":"Live publisher-offer checkout and webhook rollout","status":"pending","issueNumber":219,"featureId":"feature-checkout-offers","groupName":"Checkout and offers","summary":"Pending live-mode publisher-offer billing after the first package, amount, Stripe Price policy, and live webhook secret are confirmed. Bumpgrade account-plan self-serve checkout remains separate.","publicEvidence":["Issue #219 tracks the live publisher-offer billing decision and rollout.","Production publisher-offer checkout remains sandbox-only until the first live package, amount, live Stripe Price policy, and live webhook secret are confirmed.","`/pricing` self-serve Bumpgrade subscription checkout is separate from customer-facing publisher-offer billing."],"nextMilestone":"Confirm the first live publisher package/amount and STRIPE_WEBHOOK_SECRET_LIVE, then add live-mode checkout and signed webhook proof without exposing provider IDs.","markAttention":null,"sortOrder":125,"updatedAt":"2026-05-24T06:23:26.000Z"},{"id":"roadmap-products-access","title":"Products, downloads, courses, memberships, and subscriptions","status":"live","issueNumber":16,"featureId":"feature-products-access","groupName":"Products and access","summary":"Digital product records, seeded payment-plan read records, owner-created product test checkout links, owner product delivery-gate links, product/access source data, sandbox webhook-backed entitlement grants, owner entitlement inspection, customer entitlement lookup, private R2-backed fixture delivery with redemption revalidation, owner-confirmed private asset upload intents, owner-confirmed non-destructive revocation intents, protected content readiness, checkout-intent-scoped protected fixture delivery, subscription-backed membership access, fulfillment task evidence, access rules, and subscriptions.","publicEvidence":["Tracked by issue #16.","Issue #83 adds the first /products/source-data contract and /products/indie-launch-library preview foundation.","Issue #101 adds idempotent sandbox entitlement rows and fulfillment task evidence from trusted paid checkout webhook events.","Issue #139 adds /admin/products owner entitlement inspection and aggregate public redaction flags.","Issue #141 adds /products/entitlements and /api/products/entitlements for customer-safe checkout intent entitlement lookup.","Issue #143 adds one-use download tokens for active file entitlements without exposing private R2 keys or signed object URLs.","Issue #146 streams a seeded private R2-backed fixture through Bumpgrade without exposing private object keys.","Issue #147 revalidates current entitlement and trusted checkout state before redemption.","Issue #151 adds owner-confirmed private product asset upload records.","Issue #179 adds owner-visible revocation intent readiness without destructive entitlement mutation.","Issue #181 adds protected content readiness metadata.","Issue #185 adds checkout-intent-scoped protected fixture delivery.","Issue #187 syncs checkout-linked membership access from trusted Stripe Billing subscription state.","Issue #251 adds owner-confirmed non-destructive revocation intent records with exact confirmation, idempotency, stale-state checks, and public redaction.","Issue #403 adds owner-confirmed draft product creation records without Stripe product/price creation or fulfillment mutation.","Issue #405 adds owner-confirmed test offer/funnel links and direct test access grants for owner-created products.","Issue #407 adds owner-confirmed buyer-facing test checkout links and public test checkout completion for owner-created products without Stripe Checkout Sessions, live charges, or public buyer exposure.","Issue #409 links owner-created product test checkout links to the seeded offer/funnel delivery gates with stale-state checks and aggregate public redaction.","Issue #16 exposes seeded pay-in-full, installment, and subscription payment-plan read records without live amounts, Stripe Price creation, Checkout Sessions, or customer data exposure.","PR #412 merged and deployed product payment-plan readiness with production smoke evidence.","Issue #16 is ready to close; live self-serve billing remains tracked separately in issue #219."],"nextMilestone":"Keep live product payment-plan checkout, Stripe Price creation, first package/amount selection, webhook-secret confirmation, Customer Portal actions, and live fulfillment tracked separately in issue #219.","markAttention":null,"sortOrder":130,"updatedAt":"2026-05-24T05:27:41.000Z"},{"id":"roadmap-email-automation","title":"Email marketing, list growth, CRM-lite, and automations","status":"live","issueNumber":17,"featureId":"feature-email-automation-crm","groupName":"Growth system","summary":"Subscriber segments, consent-backed opt-in capture, suppression evidence, owner CRM notes, sequence and broadcast dry-run gates, sender/provider/queue readiness, and owner-only broadcast plus sequence test-send execution paths.","publicEvidence":["Tracked by issue #17 and post-MVP execution issue #420.","Issue #420 adds owner-confirmed broadcast and sequence test-send paths that send only to the verified owner-session email through the configured Cloudflare Email binding or test capture.","The sequence test-send record stores recipient and actor hashes, confirmation hash, idempotency key, audit correlation, provider status, and redaction flags without raw recipient email, subscriber payloads, Queue messages, provider message IDs, or public agent sends."],"nextMilestone":"Expand from owner-only test sends to Queue-backed subscriber delivery only after verified sender/domain alignment, recipient-payload creation, suppression/footer checks, provider response handling, retries, and dead-letter handling are enforced together.","markAttention":null,"sortOrder":140,"updatedAt":"2026-05-25T04:39:42.000Z"},{"id":"roadmap-live-email-delivery-execution","title":"Live email delivery, automation execution, and agent-safe writes","status":"pending","issueNumber":420,"featureId":"feature-email-automation-crm","groupName":"Growth system","summary":"Pending post-MVP execution bucket for sender/domain/provider setup, Cloudflare Queue producer and consumer execution, recipient payload generation, provider calls, delivery attempts, results, webhooks, polling, receipts, live imports, exports, automation execution, and direct agent-safe write APIs.","publicEvidence":["Tracked by issue #420.","Issue #17 remains the shipped email automation MVP for consent-backed opt-ins, unsubscribe/suppression, owner subscriber inspection, CRM-lite notes, dry-run broadcast and sequence readiness, and source-data contracts.","The issue #17 closeout deliberately stops creating more single-gate proof slices unless they directly unlock live execution."],"nextMilestone":"Design and ship the real broadcast and sequence execution path as one coherent workflow with consent, suppression, unsubscribe, sender-domain, provider, Queue, idempotency, audit, redaction, retry, dead-letter, webhook, receipt, and confirmed-write checks.","markAttention":null,"sortOrder":145,"updatedAt":"2026-05-24T08:16:46.000Z"},{"id":"roadmap-analytics-testing","title":"Analytics, A/B testing, and conversion tracking","status":"live","issueNumber":18,"featureId":"feature-analytics-testing","groupName":"Optimization","summary":"Privacy-safe analytics event capture, session-idempotent funnel page-view beacons with deterministic variant and normalized source attribution evidence, public-safe custom source/campaign routing rules, owner-confirmed winner rollout and rollback routing for unmatched experiment traffic, dashboard-visible fixed-window aggregate source breakdowns, deterministic seeded experiment assignment, aggregate funnel conversion reports, aggregate report exports, owner-reviewed cohort comparison evidence, owner-reviewed alert threshold/anomaly-review evidence, owner-reviewed notification delivery readiness evidence, owner-confirmed notification inbox records, owner-confirmed dispatch preflights, owner-reviewed provider/domain readiness records, owner-reviewed content/consent readiness records, owner-reviewed send-payload readiness records, owner-reviewed queue-producer readiness records, owner-reviewed queue-consumer readiness records, owner-reviewed provider-call readiness records, owner-reviewed delivery-attempt readiness records, owner-reviewed delivery-result readiness records, owner-reviewed delivery-status-webhook readiness records, owner-reviewed provider-polling readiness records, owner-reviewed receipt-payload readiness records, owner-reviewed delivery-receipt readiness records, owner-reviewed provider-status reconciliation readiness records, owner-confirmed experiment decision evidence, attribution boundaries, and source-linked reporting.","publicEvidence":["Tracked by issue #18.","Issue #87 adds the first /analytics/source-data contract and /analytics/indie-launch-dashboard preview foundation.","Issue #105 adds POST /api/analytics/events with seeded event validation, idempotency, hashed request evidence, and aggregate-only source-data reporting.","Issue #107 adds POST /api/analytics/assignments with seeded experiment validation, deterministic weighted variant assignment, hashed visitor evidence, and aggregate-only assignment reporting.","Issue #119 adds aggregate funnel conversion report rows from captured test events without exposing raw analytics rows.","Issue #121 adds browser-side funnel page-view beacons with server-side bot and preview suppression.","Issue #123 attaches deterministic seeded assignment evidence to captured funnel page views and exposes aggregate variant counts.","Issue #125 attaches normalized UTM/source attribution to captured funnel page views and exposes aggregate source counts.","Issue #127 renders aggregate source attribution rows in the analytics dashboard preview.","Issue #129 adds fixed all-time, 24-hour, 7-day, and 30-day aggregate source and conversion windows to source-data and the dashboard preview.","Issue #261 adds owner-confirmed experiment decision evidence without routing traffic, assigning cookies, selecting automated winners, exposing raw event rows, or exposing raw assignment rows.","Issue #263 adds aggregate report export metadata and fixture cohort comparison definitions without raw analytics exports.","Issue #265 adds owner-reviewed cohort comparison evidence without raw analytics exports, automated winners, or revenue claims.","Issue #267 adds owner-reviewed alert threshold and anomaly-review evidence without automated alerts, traffic routing, automated winners, or revenue claims.","Issue #269 adds owner-reviewed notification delivery readiness evidence without alert sends, inbox writes, traffic routing, automated winners, or revenue claims.","Issue #271 adds owner-confirmed notification inbox records without owner email sends, queue dispatch, customer alerts, recipients, email bodies, traffic routing, automated winners, or revenue claims.","Issue #284 adds owner-confirmed notification dispatch preflights without owner email sends, provider calls, queue dispatch, customer alerts, recipients, email bodies, provider message IDs, queue payloads, traffic routing, automated winners, or revenue claims.","Issue #286 adds owner-reviewed provider/domain readiness records without provider configuration, provider secrets, sender credentials, private DNS credentials, provider sends, provider calls, queue dispatch, customer alerts, recipients, email bodies, provider message IDs, queue payloads, traffic routing, automated winners, or revenue claims.","Issue #288 adds owner-reviewed content/consent readiness records without body templates, unsubscribe URLs, owner email sends, provider sends, provider calls, queue dispatch, customer alerts, recipients, email bodies, provider message IDs, queue payloads, traffic routing, automated winners, or revenue claims.","Issue #290 adds owner-reviewed send-payload readiness records without creating recipient payloads, personalized bodies, raw payload bodies, queue messages, provider responses, owner email sends, provider sends, provider calls, queue dispatch, customer alerts, recipients, email bodies, provider message IDs, queue payloads, traffic routing, automated winners, or revenue claims.","Issue #292 adds owner-reviewed queue-producer readiness records without enabling Queue producers, creating queue messages or queue payload bodies, dispatching queues, calling providers, creating provider responses, sending owner email, exposing recipients, or making revenue claims.","Issue #294 adds owner-reviewed queue-consumer readiness records without enabling Queue consumers, consuming or acknowledging Queue messages, creating retry/dead-letter rows, reading queue payload bodies, calling providers, creating provider responses, sending owner email, exposing recipients, or making revenue claims.","Issue #297 adds owner-reviewed provider-call readiness records without enabling provider sends or calls, configuring providers, storing provider secrets or sender credentials, creating provider responses, sending owner email, exposing recipients, or making revenue claims.","Issue #299 adds owner-reviewed delivery-attempt readiness records without enabling provider sends or calls, attempting delivery, configuring providers, storing provider secrets or sender credentials, creating provider responses, sending owner email, exposing recipients, or making revenue claims.","Issue #301 adds owner-reviewed delivery-result readiness records without enabling provider sends or calls, attempting delivery, creating delivery results, processing status webhooks, polling providers, configuring providers, storing provider secrets or sender credentials, creating provider responses, exposing provider message IDs, creating delivery receipts, sending owner email, exposing recipients, or making revenue claims.","Issue #303 adds owner-reviewed delivery-status-webhook readiness records without enabling provider sends or calls, attempting delivery, creating delivery results, processing delivery-status webhooks, polling providers, configuring providers, storing provider secrets or sender credentials, creating provider responses, exposing provider message IDs, creating delivery receipts, sending owner email, exposing recipients, or making revenue claims.","Issue #305 adds owner-reviewed provider-polling readiness records without enabling provider sends or calls, attempting delivery, processing delivery-status webhooks, polling providers, creating delivery receipts, configuring providers, storing provider secrets or sender credentials, creating provider responses, exposing provider message IDs, sending owner email, exposing recipients, or making revenue claims.","Issue #307 adds owner-reviewed receipt-payload readiness records without enabling provider sends or calls, attempting delivery, polling providers, processing status webhooks, creating delivery receipts, exposing receipt payloads, configuring providers, storing provider secrets or sender credentials, creating provider responses, exposing provider message IDs, sending owner email, exposing recipients, or making revenue claims.","Issue #309 adds owner-reviewed delivery-receipt readiness records without enabling provider sends or calls, attempting delivery, polling providers, processing status webhooks, creating delivery receipts, exposing receipt payloads, configuring providers, storing provider secrets or sender credentials, creating provider responses, exposing provider message IDs, sending owner email, exposing recipients, or making revenue claims.","Issue #311 adds owner-reviewed provider-status reconciliation readiness records without enabling provider sends or calls, attempting delivery, polling providers, processing status webhooks, processing delivery receipts, reconciling provider statuses, exposing receipt payloads, configuring providers, storing provider secrets or sender credentials, creating provider responses, exposing provider message IDs, sending owner email, exposing recipients, or making revenue claims.","Issue #422 routes the sandbox opt-in hero copy through public-safe source/campaign rules first, then seeded session assignment with a baseline holdout and without cookies, and tracks the remaining live analytics automation, custom/non-seeded event schemas, winner selection, notification execution, and direct agent-safe write parity as one post-MVP execution bucket."],"nextMilestone":"Keep custom analytics schemas beyond the current seeded boundary, notification execution, Queue producer/consumer execution, provider calls, delivery results, raw exports, and direct agent-safe write tools in issue #422 until they have execution-safe contracts.","markAttention":null,"sortOrder":150,"updatedAt":"2026-05-27T02:41:47.000Z"},{"id":"roadmap-live-analytics-execution","title":"Live analytics automation, experiment routing, notification execution, and agent-safe writes","status":"active","issueNumber":422,"featureId":"feature-analytics-testing","groupName":"Optimization","summary":"Active post-MVP execution bucket for custom/non-seeded analytics event schemas beyond the current seeded boundary, owner-confirmed winner rollout and rollback routing, automated alert/notification execution, Cloudflare Queue producer and consumer execution, provider calls, delivery attempts, results, webhooks, polling, receipts, raw/private exports, and direct agent-safe analytics write APIs. Public-safe source/campaign rules, seeded sandbox funnel copy routing, baseline holdout, and owner-confirmed winner rollout contracts are now live through the existing assignment API.","publicEvidence":["Issue #422 tracks this active post-MVP execution bucket.","Issue #18 remains the shipped analytics MVP for privacy-safe events, deterministic assignments, aggregate conversion reporting, fixed-window attribution, owner decision evidence, aggregate exports, and notification readiness proof.","Seeded sandbox funnel copy routing applies public-safe source/campaign rules first, then uses the same deterministic assignment API and session-scoped anonymous key as the page-view beacon, with a 10% baseline holdout for unmatched traffic.","Owner-confirmed winner rollouts can route future unmatched assignment traffic to a selected treatment variant and can be rolled back with exact-confirmed audit evidence.","Custom routing rule matches store only the matched public rule ID in assignment metadata; winner rollout matches store only the rollout ID; raw routing URLs, cookies, visitor keys, and contact analytics remain excluded."],"nextMilestone":"Continue the remaining analytics execution work with privacy review, idempotency, audit correlation, stale-state checks, redaction, Queue/provider safety, rollback, sample-size caveats, and confirmed-write checks.","markAttention":null,"sortOrder":155,"updatedAt":"2026-05-27T02:41:47.000Z"},{"id":"roadmap-affiliates-referrals","title":"Affiliate and referral management","status":"live","issueNumber":19,"featureId":"feature-affiliates-referrals","groupName":"Growth system","summary":"Affiliate and referral evidence now includes partner links, privacy-safe click capture, checkout attribution evidence, review-only commission ledger rows, owner review/reversal actions, public-safe partner reports, read-only payout preparation, owner-confirmed payout preparation records, owner-reviewed fraud review records, owner-reviewed partner notification readiness records, owner-reviewed partner notification send preflight records, and owner-reviewed partner notification provider readiness records before payable commissions, partner sends, or Stripe payouts exist.","publicEvidence":["Tracked by issue #19.","Issue #89 adds the first /affiliates/source-data contract and /affiliates/indie-launch-partners preview foundation.","Issue #109 adds POST /api/affiliates/clicks with seeded referral link validation, idempotency, hashed request evidence, and aggregate-only click reporting.","Issue #111 attaches validated referral click evidence to sandbox checkout intents without creating commissions.","Issue #113 creates review-only commission ledger evidence from trusted checkout attribution without making commissions payable.","Issue #115 adds owner-gated review, hold, and reversal actions without creating payout state.","Issue #193 adds public-safe partner reports without exposing buyer, payout, tax, Stripe, raw click, raw checkout, or private actor data.","Issue #424 adds public-safe partner portal status pages and statement snapshots without private partner auth, payable statements, buyer data, payout accounts, tax forms, Stripe payout IDs, provider secrets, message bodies, queue rows, raw rows, or direct public agent writes.","Issue #195 adds read-only payout preparation without Stripe payouts, payout account storage, tax collection, partner notifications, payable commission finalization, or direct agent writes.","Issue #273 adds owner-confirmed payout preparation records without payable commission state, Stripe payouts, payout account storage, tax collection, partner notifications, buyer data, raw ledger rows, fraud enforcement, or direct agent writes.","Issue #275 adds owner-reviewed fraud review records without fraud enforcement, payable commission state, Stripe payouts, payout account storage, tax collection, partner notifications, buyer data, raw ledger/click/checkout rows, private fraud signals, or direct agent writes.","Issue #277 adds owner-reviewed partner notification readiness records without partner sends, provider calls, queue dispatch, recipient emails, message bodies, provider message IDs, fraud enforcement, payable commission state, Stripe payouts, payout accounts, tax data, buyer data, raw rows, private fraud signals, or direct agent writes.","Issue #279 adds owner-reviewed partner notification send preflight records without partner sends, provider-send enablement, provider calls, send payloads, queue dispatch, recipient emails, message bodies, provider message IDs, fraud enforcement, payable commission state, Stripe payouts, payout accounts, tax data, buyer data, raw rows, private fraud signals, or direct agent writes.","Issue #281 adds owner-reviewed notification provider readiness records without provider configuration, provider secrets, sender credentials, partner sends, provider-send enablement, provider calls, send payloads, queue dispatch, recipient emails, message bodies, provider message IDs, fraud enforcement, payable commission state, Stripe payouts, payout accounts, tax data, buyer data, raw rows, private fraud signals, or direct agent writes.","Issue #424 adds owner-confirmed fraud enforcement records without payable commission state, Stripe payouts, payout accounts, tax data, partner sends, provider calls, buyer data, raw rows, private fraud signals, or direct agent writes.","Issue #424 still tracks live payout execution, partner notifications, private payout/tax data, authenticated private partner portals, payable statement creation, and direct agent-safe write parity as one pending post-MVP execution bucket."],"nextMilestone":"Keep payable statements, payable commissions, Stripe payout execution, partner notification sends, provider configuration, private payout/tax data, authenticated private partner portals, and agent-safe write tools in issue #424 instead of reopening isolated readiness-gate slices.","markAttention":null,"sortOrder":160,"updatedAt":"2026-05-27T00:21:18.000Z"},{"id":"roadmap-live-affiliate-execution","title":"Live affiliate payout execution, partner notifications, fraud enforcement, and agent-safe writes","status":"pending","issueNumber":424,"featureId":"feature-affiliates-referrals","groupName":"Growth system","summary":"Pending post-MVP execution bucket for payable commission finalization, private payout account and tax boundaries, Stripe payouts/transfers/reversals/receipts/reconciliation, payable statement creation, partner notification execution, provider configuration and sends, authenticated private partner portals, buyer attribution finalization, and direct agent-safe affiliate/referral write APIs. Owner-confirmed fraud enforcement records, public-safe partner portal status pages, and public-safe partner statement snapshots are live as non-payout issue #424 slices.","publicEvidence":["Issue #424 tracks this pending post-MVP execution bucket.","Issue #424 adds public-safe partner portal status pages for aggregate partner report, payout-readiness, fraud, and notification status without private payout, tax, buyer, provider, or raw-row data.","Issue #424 adds public-safe partner statement snapshots for review-only partner totals, payout-preparation blockers, fraud status, notification readiness status, and redaction flags without payable statement creation.","Issue #424 adds owner-confirmed fraud enforcement records with exact confirmation, idempotency, stale-state checks, D1 audit evidence, and redaction.","Issue #19 remains the shipped affiliate/referral MVP for source data, partner links, privacy-safe clicks, checkout attribution, review-only commission evidence, owner review/reversal, public-safe partner reports, payout preparation, fraud review records, and partner notification readiness/preflight/provider-readiness proof."],"nextMilestone":"Design and ship the remaining live affiliate execution workflow with payable statement creation, payout safety, tax/private-data boundaries, authenticated private partner portals, partner notification execution, direct agent-safe writes, audit correlation, stale-state checks, redaction, refund-window checks, provider/payment safety, rollback, dispute paths, and confirmed-write checks.","markAttention":null,"sortOrder":165,"updatedAt":"2026-05-27T00:21:18.000Z"},{"id":"roadmap-marketing-surfaces","title":"Users, developers and agents, resources, pricing, and blog surfaces","status":"live","issueNumber":20,"featureId":"feature-resources-use-cases-pricing","groupName":"Marketing surfaces","summary":"Users, developers and agents, resources, self-serve pricing, pricing-v2, metadata, sitemap entries, and /content/source-data contract.","publicEvidence":["Tracked by issue #20.","/users, /developers-and-agents, /resources, /pricing, and /pricing-v2 are public destinations.","/pricing offers self-serve Experiment and Grow subscriptions plus a White glove setup add-on.","/content/source-data exposes stable audience, resource, pricing, and signup-policy records for agents.","Issue #316 moves pricing from launch conversation copy to a self-serve Stripe Checkout path."],"nextMilestone":"Promote planned migration guides, launch playbooks, and blog posts into dedicated pages as funnel, checkout, automation, and analytics slices ship.","markAttention":null,"sortOrder":170,"updatedAt":"2026-05-22T08:56:01.000Z"},{"id":"roadmap-free-build-before-go-live","title":"Free build-before-go-live pricing model","status":"live","issueNumber":466,"featureId":"feature-resources-use-cases-pricing","groupName":"Marketing surfaces","summary":"Defines the $0 private-building path, logged-out browser playground recovery, signed-in Free Build workspace creation, paid go-live gates, and the handoff before public, billing, sending, domain, or fulfillment actions are treated as live.","publicEvidence":["Issue #466 tracks the Free Build pricing model and optional anonymous playground.","/pricing explains the build-first message in plain public copy.","/pricing/source-data exposes the Free Build design, live anonymous playground state, and paid go-live gates.","/account/setup lets verified signed-in users create a private Free Build workspace before payment.","/account/source-data exposes the signed-in Free Build workspace contract and paid go-live gates.","/playground lets logged-out visitors save structured offer, audience, product, opt-in, checkout, delivery, follow-up, and migration-starting-point progress in this browser.","/playground/source-data exposes browser recovery, structured builder fields, cookie, save-limit, additive claim merge, owner cleanup, scheduled cleanup, retention, redaction, and go-live gate contracts.","Claiming a browser playground reuses an existing Free Build workspace when present and adds a private launch draft plus private claim records without replacing existing workspace work.","/api/playground/cleanup is an owner-gated cleanup route for expiring old anonymous recovery without exposing private draft content.","A Cloudflare Cron trigger runs the same expired-recovery cleanup boundary daily without touching claimed private records or go-live state.","/content/source-data ties the pricing policy into audience and resource discovery records."],"nextMilestone":"Parent scope is shipped; future expansion belongs in the relevant paid go-live workstream for publishing, checkout, subscriber sends, domains, fulfillment, or billing changes.","markAttention":null,"sortOrder":205,"updatedAt":"2026-05-26T14:39:49.000Z"}]}