41c676a78e
Enterprise Features: - Hosted mode with remote sync for team pattern aggregation - Community sharing with privacy-preserving anonymization - LLM-based semantic claim extraction with Gemini integration - Pattern learning with promotion to declarative extractors - High-entropy secrets extractor with configurable thresholds - Auth bypass and insecure cookies extractors Module Refactoring: - Split oversized files to comply with 500-line limit - Config split: types/core.rs, types/extractors.rs, types/hosted.rs, etc. - Handlers split: scan.rs, policy.rs, report.rs modules - Extractors split: declarative/, high_entropy_secrets/, insecure_cookies/ - Learning split: store modules with metrics and persistence SDK & Ontology: - stemedb-ontology SDK with fluent builders and StemeDB client - Pharma domain extractors for FDA Orange Book data - Consumer health UAT test infrastructure Code Quality: - Fixed clippy warnings (needless_borrows_for_generic_args) - Added KVStore trait imports where needed - Fixed utoipa path re-exports for OpenAPI docs Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
49 lines
1.5 KiB
Markdown
49 lines
1.5 KiB
Markdown
# RFCs (Request for Comments)
|
|
|
|
This directory contains formal specification documents for significant Episteme/Aphoria features.
|
|
|
|
## RFC Index
|
|
|
|
| RFC | Title | Status | Date |
|
|
|-----|-------|--------|------|
|
|
| [RFC-001](./rfc-001-enterprise-policy-aliases.md) | Enterprise Policy Alias System | Proposed | 2026-02-05 |
|
|
|
|
## RFC Process
|
|
|
|
### Status Lifecycle
|
|
|
|
- **Proposed:** Initial draft, open for feedback
|
|
- **Accepted:** Approved for implementation
|
|
- **Implemented:** Feature shipped in a release
|
|
- **Superseded:** Replaced by a newer RFC
|
|
- **Withdrawn:** No longer pursued
|
|
|
|
### Creating a New RFC
|
|
|
|
1. Copy the template from `rfc-001-enterprise-policy-aliases.md`
|
|
2. Use the next sequential number (RFC-002, RFC-003, etc.)
|
|
3. Fill in all sections
|
|
4. Submit for review
|
|
5. Update this index
|
|
|
|
### RFC Sections
|
|
|
|
Every RFC should include:
|
|
|
|
- **Executive Summary:** One paragraph overview
|
|
- **Problem Statement:** What problem are we solving?
|
|
- **Design Goals:** Numbered list of principles
|
|
- **Technical Architecture:** How it works (with diagrams)
|
|
- **Security Considerations:** Trust model, threat vectors
|
|
- **Performance Analysis:** Complexity, benchmarks
|
|
- **Backward Compatibility:** Migration path
|
|
- **Alternative Approaches:** What we didn't do and why
|
|
- **Implementation Roadmap:** Phased delivery plan
|
|
- **Open Questions:** Decisions needing stakeholder input
|
|
|
|
## Related Documentation
|
|
|
|
- [Architecture Overview](../architecture.md)
|
|
- [Aphoria Product Spec](../../applications/aphoria/spec.md)
|
|
- [Aphoria Architecture Docs](../../applications/aphoria/docs/architecture/)
|