R-Plan Wave 0 SHIPPED 2026-04-28: repo ARJ999/r-plan private LIVE at g…

Decision

R-Plan Wave 0 SHIPPED 2026-04-28: repo ARJ999/r-plan private LIVE at github.com/ARJ999/r-plan; local /opt/infra/r-plan/. Two commits: 16b0b2e scaffold (40 files — apps/web Next 16 + 5 packages + ADRs 0001-0002 + CI + Docker + Compose + runbooks + PILOT-READINESS) and 96ff9e8 authz scope (ADR-0003 three-layer authorization model: system role + project membership + activity assignment, 404-not-403, defense-in-depth via Server Actions + RLS + audit log). Smoke PASS: pnpm install 427 pkgs / typecheck 6 workspaces clean / Next 16.2.4 dev boot 697ms / HTTP 200. 3 security hooks fired + fixed at-pattern. Wave 1 hand-off captured (14-table schema + Better-Auth + WBS CRUD + first deploy + pg_dump + Frappe FF/SF spike).

Rationale

Reasoning chain on session f36e5833 (4 thoughts: analysis on hook handling + evaluation of authz architectural weight + premortem on 5 authz failure modes + conclusion on durability). Authorization model (ADR-0003) elevated from omission to load-bearing in same session per AJ’s twice-emphasized “very, very important” directive. Three-layer scoping is industry-standard for multi-team construction PM but cleanly implemented (capability/visibility decoupled). Wave 0 cleanly bridges to Wave 1 with concrete deliverables list. architecture,real-estate,reversible,st-derived

Alternatives Rejected

Outcome

Pending

Related

• r-plan-layer-2-architecture-locked-2026-04-28-nextjs-16-pnpm
• snowflake
• docker
• sequential-thinking
• r-plan-layer-2-architecture-locked-2026-04-28-re-record-for
• r-plan-wave-0-shipped-adr-0003-authz-scope-captured-repo-liv
• wave-4-pass-4a-architecture-serwistnext-9510-workbox-style-s
• wave-4-pass-4a-residual-risk-register-accepted-3-risks-ident
• treat-gate-driven-collateral-criticals-as-in-scope-for-the-s