From d7c614a5fb735a536e7030a1bef93815bde5bbd0 Mon Sep 17 00:00:00 2001
From: yhryzy <yhryzy@yhryzydeMacBook-Air.local>
Date: Tue, 16 Jun 2026 14:42:14 +0100
Subject: [PATCH] docs: record workspace membership gate merge

---
 .../14-release-readiness-evidence-gate.md     | 19 ++++++-----
 ...5-workspace-production-persistence-spec.md | 32 ++++++++++++-------
 docs/review-context/CHANGELOG.md              | 20 ++++++++++++
 docs/review-context/MANIFEST.json             |  3 +-
 .../release-readiness/M5-CLOSEOUT.md          | 15 ++++++---
 .../m5-closeout-summary.json                  | 10 ++++--
 docs/review-context/source-index.md           | 25 +++++++++++++--
 .../workspace-durable/README.md               | 21 ++++++++----
 8 files changed, 109 insertions(+), 36 deletions(-)

diff --git a/docs/review-context/14-release-readiness-evidence-gate.md b/docs/review-context/14-release-readiness-evidence-gate.md
index 93b7a3be..ed52765a 100644
--- a/docs/review-context/14-release-readiness-evidence-gate.md
+++ b/docs/review-context/14-release-readiness-evidence-gate.md
@@ -117,24 +117,27 @@ Current evidence:
   production fail-closed save/clear behavior without trusted upstream actor
   headers, clear restricted to `release_owner`, `repo_owner`, or `system`, and
   actor id/role metadata in save/clear audit events.
+- Platform PR #39 adds database-backed `workspace_review_memberships` and
+  requires production save/clear operations on the compatibility route to
+  match an active repo membership for the trusted actor id and role.
 - `15-workspace-production-persistence-spec.md` defines the product design for
   database-backed storage, authorization, conflict handling, audit events, and
   multi-instance behavior.
 
 Remaining boundary:
 
-- PR #37 proves a trusted-header compatibility actor gate, but does not prove
-  full user/JWT authentication, repo membership authorization, typed Workspace
-  aggregates, release-owner human audit semantics, operation-specific writes,
-  ingress header-stripping configuration, or multi-instance acceptance
-  behavior.
+- PR #39 proves a compatibility-route active membership check for production
+  save/clear, but does not prove full user/JWT authentication, read
+  authorization, membership management APIs/UI, typed Workspace aggregates,
+  release-owner human audit semantics, operation-specific writes, ingress
+  header-stripping configuration, or multi-instance acceptance behavior.
 
 Blocked until:
 
 - the compatibility snapshot slice is supplemented by production-grade access
-  boundaries beyond trusted headers, typed durable records, operation-specific
-  frontend writes, release-owner audit semantics, and multi-instance evidence
-  for the demo path.
+  boundaries beyond trusted headers and save/clear membership checks, typed
+  durable records, operation-specific frontend writes, release-owner audit
+  semantics, and multi-instance evidence for the demo path.
 
 ### Gate 2: Artifact Ingestion
 
diff --git a/docs/review-context/15-workspace-production-persistence-spec.md b/docs/review-context/15-workspace-production-persistence-spec.md
index f46af7b0..1b4188b8 100644
--- a/docs/review-context/15-workspace-production-persistence-spec.md
+++ b/docs/review-context/15-workspace-production-persistence-spec.md
@@ -15,7 +15,7 @@ readiness.
 
 ## Current Baseline
 
-The current platform state has six relevant merged slices:
+The current platform state has seven relevant merged slices:
 
 - PR #31 adds the Workspace review product shell.
 - PR #32 adds local durable review state and release-owner audit trail
@@ -33,14 +33,19 @@ The current platform state has six relevant merged slices:
   including production fail-closed save/clear behavior unless trusted upstream
   actor headers carry a 32+ character
   `WORKSPACE_REVIEW_ACTOR_HEADER_SECRET`.
+- PR #39 adds a database-backed `workspace_review_memberships` table and
+  requires production save/clear operations on that same compatibility
+  endpoint to match an active repo membership for the trusted actor id and
+  role.
 
 The baseline now proves product direction, a shared API surface, and
 database-backed compatibility snapshot persistence with basic revision conflict
-audit evidence plus a compatibility-route trusted actor gate. It does not prove
-the full production persistence model, user/JWT authorization, repo membership
-authorization, typed object aggregates, release-owner human audit semantics,
-operation-specific writes, ingress header-stripping proof, or multi-instance
-acceptance behavior.
+audit evidence plus compatibility-route trusted actor and active-membership
+gates for production save/clear. It does not prove the full production
+persistence model, user/JWT authorization, read authorization, membership
+management APIs/UI, typed object aggregates, release-owner human audit
+semantics, operation-specific writes, ingress header-stripping proof, or
+multi-instance acceptance behavior.
 
 ## Product Position
 
@@ -211,7 +216,7 @@ Rules:
 
 ## Migration From Current Slice
 
-Migration from PR #34, PR #35, PR #36, and PR #37 should be staged:
+Migration from PR #34, PR #35, PR #36, PR #37, and PR #39 should be staged:
 
 1. Keep the existing review-state endpoint as the frontend compatibility route.
 2. Add database tables and service-layer operations behind the endpoint.
@@ -235,14 +240,16 @@ Current implementation evidence:
   production fail-closed save/clear behavior without trusted upstream headers,
   clear restricted to `release_owner`, `repo_owner`, or `system`, and actor
   metadata in save/clear audit events.
+- PR #39 extends that compatibility slice with active repo membership checks
+  for production save/clear, backed by `workspace_review_memberships`.
 - PR #35 does not yet implement typed service-layer operations for
   `CreativeRepo`, `ReviewItem`, `EvidencePack`, `ReleaseGate`, or
   `AuditEvent`.
-- PR #37 does not yet implement full user/JWT authentication, repo membership
-  authorization, typed service-layer operations, release-owner human audit
-  semantics, seeded repo migration, operation-specific frontend writes,
-  ingress/gateway header-stripping proof, or multi-instance acceptance
-  evidence.
+- PR #39 does not yet implement full user/JWT authentication, read
+  authorization, membership management APIs/UI, typed service-layer operations,
+  release-owner human audit semantics, seeded repo migration,
+  operation-specific frontend writes, ingress/gateway header-stripping proof,
+  or multi-instance acceptance evidence.
 
 ## Acceptance Gates
 
@@ -283,3 +290,4 @@ This spec does not upgrade current release status by itself.
 - `yha9806/vulca-platform` PR #35.
 - `yha9806/vulca-platform` PR #36.
 - `yha9806/vulca-platform` PR #37.
+- `yha9806/vulca-platform` PR #39.
diff --git a/docs/review-context/CHANGELOG.md b/docs/review-context/CHANGELOG.md
index 5ebaeb98..ed045c2b 100644
--- a/docs/review-context/CHANGELOG.md
+++ b/docs/review-context/CHANGELOG.md
@@ -4,6 +4,26 @@ Vault status: append-only change log.
 
 ## 2026-06-16
 
+### Recorded Platform Workspace Membership Gate Merge
+
+- Recorded platform PR #39 as merged to `master` with a database-backed
+  `workspace_review_memberships` table for the existing Workspace
+  review-state compatibility endpoint.
+- Clarified that #39 requires production save/clear operations to match an
+  active repo membership for the trusted actor id and role, after the trusted
+  actor-header gate added in #37.
+- Preserved the boundary that #39 is still a compatibility-route authorization
+  slice: full user/JWT identity, read authorization, membership management
+  APIs/UI, typed Workspace aggregates, release-owner human semantics,
+  operation-specific writes, ingress header stripping proof, and multi-instance
+  acceptance evidence remain gated.
+
+Source basis:
+
+- `yha9806/vulca-platform` PR #39.
+- Merge commit `dff2331f95161ec909a07b76ef7e94ae7def3cfe`.
+- Remote checks: `Run Tests` and `security` passed on PR #39.
+
 ### Recorded Platform Workspace Trusted Actor Gate Merge
 
 - Recorded platform PR #37 as merged to `master` with a trusted actor/role
diff --git a/docs/review-context/MANIFEST.json b/docs/review-context/MANIFEST.json
index 472aa74e..74926a3b 100644
--- a/docs/review-context/MANIFEST.json
+++ b/docs/review-context/MANIFEST.json
@@ -55,11 +55,12 @@
   "core_sources": {
     "sdk_mainline": "cb6d52fe",
     "workspace_context_baseline": "6efef07",
-    "workspace_latest_observed": "0faf874",
+    "workspace_latest_observed": "dff2331",
     "workspace_shared_review_state_merge": "d06a713b",
     "workspace_db_review_state_merge": "24efaab5",
     "workspace_revision_conflict_audit_merge": "3310093",
     "workspace_trusted_actor_gate_merge": "0faf874",
+    "workspace_membership_gate_merge": "dff2331",
     "artifact_bridge_spec": "11-artifact-bridge-spec.md",
     "m3_bridge_fixture": "artifact-bridge/m3-demo-bridge-fixture.json",
     "m3_durable_review_fixture": "workspace-durable/m3-durable-review-fixture.json",
diff --git a/docs/review-context/release-readiness/M5-CLOSEOUT.md b/docs/review-context/release-readiness/M5-CLOSEOUT.md
index 0fd6ba3f..3b5e2d3a 100644
--- a/docs/review-context/release-readiness/M5-CLOSEOUT.md
+++ b/docs/review-context/release-readiness/M5-CLOSEOUT.md
@@ -60,6 +60,12 @@ As of 2026-06-16:
   metadata, and deployment notes for
   `WORKSPACE_REVIEW_ACTOR_HEADER_SECRET`. Its PR gate passed remote
   `Run Tests` and `security`.
+- Platform PR #39, `feat: add workspace review memberships`, merged to
+  `master` at `dff2331f95161ec909a07b76ef7e94ae7def3cfe` from head
+  `b793c50`. It adds database-backed `workspace_review_memberships`, enforces
+  active repo membership and role matching for production save/clear on the
+  compatibility endpoint, and documents the fail-closed deployment boundary.
+  Its PR gate passed remote `Run Tests` and `security`.
 
 These PRs improve R5 evidence, but they do not change the product-level
 decision above.
@@ -87,10 +93,10 @@ blocker is `15-workspace-production-persistence-spec.md`.
 ## Remaining R5 Blockers
 
 - production-grade Workspace persistence beyond the DB-backed compatibility
-  snapshot, including typed durable records, full user/JWT and membership
-  authorization beyond trusted headers, release-owner human audit semantics,
-  operation-specific writes, ingress header-stripping proof, and multi-instance
-  behavior;
+  snapshot, including typed durable records, full user/JWT authorization, read
+  authorization, membership management APIs/UI beyond the save/clear
+  compatibility check, release-owner human audit semantics, operation-specific
+  writes, ingress header-stripping proof, and multi-instance behavior;
 - repeated bridge ingestion across more than one workflow;
 - production EvidencePack rendering evidence;
 - human-owned release workflow implementation evidence;
@@ -111,3 +117,4 @@ blocker is `15-workspace-production-persistence-spec.md`.
 - `yha9806/vulca-platform` PR #35.
 - `yha9806/vulca-platform` PR #36.
 - `yha9806/vulca-platform` PR #37.
+- `yha9806/vulca-platform` PR #39.
diff --git a/docs/review-context/release-readiness/m5-closeout-summary.json b/docs/review-context/release-readiness/m5-closeout-summary.json
index c2c49e1d..65ce142d 100644
--- a/docs/review-context/release-readiness/m5-closeout-summary.json
+++ b/docs/review-context/release-readiness/m5-closeout-summary.json
@@ -42,6 +42,11 @@
       "status": "indexed",
       "source": "docs/review-context/workspace-durable/README.md"
     },
+    {
+      "name": "Workspace review-state membership gate evidence",
+      "status": "indexed",
+      "source": "docs/review-context/workspace-durable/README.md"
+    },
     {
       "name": "Workspace production persistence product spec",
       "status": "indexed",
@@ -78,11 +83,12 @@
     "max_allowed_level": "R4",
     "example_scope": "public-example-key-visual-v1",
     "human_owner": null,
-    "boundary_notes": "R4 example-specific public copy is allowed only within RR4/RR5 scope. Product-level R5 remains blocked. Platform PR #37 adds a trusted-header actor gate for the compatibility snapshot route, not full user/JWT authorization, repo membership authorization, typed aggregates, release-owner human audit semantics, operation-specific writes, ingress header-stripping proof, or multi-instance release readiness."
+    "boundary_notes": "R4 example-specific public copy is allowed only within RR4/RR5 scope. Product-level R5 remains blocked. Platform PR #39 adds an active membership gate for production save/clear on the compatibility snapshot route, not full user/JWT authorization, read authorization, membership management APIs/UI, typed aggregates, release-owner human audit semantics, operation-specific writes, ingress header-stripping proof, or multi-instance release readiness."
   },
   "remaining_blockers": [
     "typed Workspace persistence records beyond the compatibility snapshot",
-    "full user/JWT Workspace authorization and repo membership evidence beyond trusted headers",
+    "full user/JWT Workspace authorization and read authorization",
+    "membership management APIs/UI beyond the compatibility save/clear check",
     "release-owner human audit semantics beyond compatibility snapshot events",
     "operation-specific Workspace write evidence",
     "ingress header-stripping proof for trusted Workspace actor headers",
diff --git a/docs/review-context/source-index.md b/docs/review-context/source-index.md
index e614a5ee..c7713553 100644
--- a/docs/review-context/source-index.md
+++ b/docs/review-context/source-index.md
@@ -158,6 +158,12 @@ check before changing high-level VULCA claims.
     user/JWT identity, repo membership, typed aggregates, release-owner human
     semantics, operation-specific writes, ingress header stripping, and
     multi-instance acceptance remain gated.
+  - Platform PR #39 adds `workspace_review_memberships` and requires
+    production save/clear operations on the compatibility route to match an
+    active repo membership for the trusted actor id and role. Full user/JWT
+    identity, read authorization, membership management APIs/UI, typed
+    aggregates, release-owner human semantics, operation-specific writes,
+    ingress header stripping, and multi-instance acceptance remain gated.
 - Public example gate:
   - `docs/review-context/public-examples/m3-public-example-gate.json`
   - Protected RR4 reference for one example-specific public artifact and copy
@@ -182,8 +188,8 @@ Workspace product code lives in the separate `vulca-platform` repository.
   `/Users/yhryzy/.config/superpowers/worktrees/vulca-platform/workspace-interactive-demo`
 - Context baseline: `6efef07 fix: align workspace context review controls`
 - Latest merged platform master:
-  `0faf8748181c4d65f83b22b9a0b6ecfb10409b14` from PR #37,
-  `feat: gate workspace review actors`.
+  `dff2331f95161ec909a07b76ef7e94ae7def3cfe` from PR #39,
+  `feat: add workspace review memberships`.
 - Important files:
   - `wenxin-moyun/src/content/workspaceDemo.ts`
   - `wenxin-moyun/src/components/workspace/`
@@ -245,6 +251,21 @@ Workspace product code lives in the separate `vulca-platform` repository.
     CreativeRepo/ReviewItem/EvidencePack/ReleaseGate aggregates, not
     operation-specific frontend writes, not release-owner human audit
     semantics, and not ingress/gateway header-stripping proof.
+- Workspace membership gate compatibility merge:
+  - `yha9806/vulca-platform` PR #39.
+  - Merge commit: `dff2331f95161ec909a07b76ef7e94ae7def3cfe`.
+  - Evidence: SQLAlchemy `WorkspaceReviewMembership` model, Alembic migration
+    for `workspace_review_memberships`, active membership lookup by repo and
+    trusted actor id, role-mismatch 403 responses, production save/clear
+    membership enforcement, README deployment notes, and tests for non-member,
+    inactive member, role mismatch, OpenAPI contract, and DB dependency
+    fallback.
+  - Boundary: compatibility-route save/clear membership gate only; not full
+    user/JWT authentication, not read authorization, not membership management
+    APIs/UI, not typed CreativeRepo/ReviewItem/EvidencePack/ReleaseGate
+    aggregates, not operation-specific frontend writes, not release-owner human
+    audit semantics, not ingress/gateway header-stripping proof, and not
+    multi-instance acceptance evidence.
 - Production persistence design:
   - `docs/review-context/15-workspace-production-persistence-spec.md`.
   - This is the next product-layer design reference before changing the
diff --git a/docs/review-context/workspace-durable/README.md b/docs/review-context/workspace-durable/README.md
index ec3f0f8e..ff488622 100644
--- a/docs/review-context/workspace-durable/README.md
+++ b/docs/review-context/workspace-durable/README.md
@@ -12,7 +12,7 @@ blocker, decision-state, and human-audit boundaries.
 
 ## Product Implementation Status
 
-As of 2026-06-16, the platform implementation has six merged PRs on
+As of 2026-06-16, the platform implementation has seven merged PRs on
 `yha9806/vulca-platform` `master`:
 
 - PR #31, `[codex] Workspace review product shell`, merged at
@@ -45,17 +45,23 @@ As of 2026-06-16, the platform implementation has six merged PRs on
   behavior without a trusted upstream actor secret, clear restricted to
   `release_owner`, `repo_owner`, or `system`, audit metadata for actor id and
   role, and deployment notes for `WORKSPACE_REVIEW_ACTOR_HEADER_SECRET`.
+- PR #39, `feat: add workspace review memberships`, merged at
+  `dff2331f95161ec909a07b76ef7e94ae7def3cfe`. It adds the
+  `workspace_review_memberships` table and requires production save/clear
+  operations on the compatibility endpoint to match an active repo membership
+  for the trusted actor id and role.
 
 PR #32 is intentionally a local durability slice. PR #34 is intentionally a
 shared in-process backend slice. PR #35 upgrades that compatibility route to
 database-backed snapshot persistence. PR #36 adds compatibility-route revision
 conflict checks and snapshot audit events. PR #37 adds a trusted-header actor
-gate for that compatibility route. Together they improve Workspace persistence
-evidence, but they do not certify the full production model: user/JWT identity,
-repo membership authorization, typed CreativeRepo/ReviewItem/EvidencePack
-aggregates, release-owner human audit semantics, operation-specific writes,
-multi-instance acceptance, ingress header-stripping proof, or product-level
-release readiness.
+gate for that compatibility route. PR #39 adds an active-membership check for
+production save/clear on that same route. Together they improve Workspace
+persistence evidence, but they do not certify the full production model:
+user/JWT identity, read authorization, membership management APIs/UI, typed
+CreativeRepo/ReviewItem/EvidencePack aggregates, release-owner human audit
+semantics, operation-specific writes, multi-instance acceptance, ingress
+header-stripping proof, or product-level release readiness.
 
 Use `../15-workspace-production-persistence-spec.md` for the product design
 that turns these slices into the full production persistence model.
@@ -88,3 +94,4 @@ that turns these slices into the full production persistence model.
 - `yha9806/vulca-platform` PR #35.
 - `yha9806/vulca-platform` PR #36.
 - `yha9806/vulca-platform` PR #37.
+- `yha9806/vulca-platform` PR #39.