Prepare whynot npm token handoff
This commit is contained in:
parent
06f2f4e315
commit
e3147b7fd5
2 changed files with 185 additions and 0 deletions
|
|
@ -275,6 +275,17 @@ remains `readiness: template` and `resolvable: false`. Added guarded
|
|||
reviewed non-secret policy and auth-role commands without hand-writing them;
|
||||
secret value provisioning and verification remain under approved custody.
|
||||
|
||||
**2026-06-28:** After correcting the tenant/org to `coulomb`, the corrected
|
||||
approval was synced from State Hub decision
|
||||
`e6381a56-6b04-4fd5-b2de-f3ef59cde888`; `CCR-2026-0001` is approved and
|
||||
`apply_allowed: true` for
|
||||
`platform/workloads/coulomb/whynot-design/npm-publish`. The operator reported
|
||||
secret provisioning likely completed, but Codex metadata-only verification still
|
||||
received `403 permission denied`. Prepared
|
||||
`docs/whynot-design-npm-publish-handoff.md` as the next-session checklist for
|
||||
policy, auth-role, metadata verification, positive verification, negative
|
||||
verification, and activation without printing the token.
|
||||
|
||||
## T08 - Add deactivation, rotation, and compromise flows
|
||||
|
||||
```task
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue