Roadmap backlog — master tracker
Purpose: Single source of truth for everything in EHX_Roadmap.md that is not fully shipped.
Rule: Every remaining item has a GitHub issue and a priority (P0–P4). Update this file when milestones ship or issues close.
Granular tasks (97+): roadmap-task-registry.md — every deliverable as [P0]–[P4] GitHub task with parent→child map.
Legend
| Status | Meaning |
|---|---|
| Shipped | Live on ehxlabs.xyz, documented in milestone runbook |
| Preview | Works in stub/preview form — not production-grade |
| Planned | Documented, issue open, not started |
| Epic | Umbrella issue — child tasks may still be filed |
Priority
| Tier | When |
|---|---|
| P0 | Next — blocks credible SaaS beta or operator visibility |
| P1 | Soon — product trust, auth completeness, UX foundations, operator user directory enrichment (M5.10a–b) |
| P2 | Core product depth — AI, catalog, dashboard |
| P3 | Phase 4 — live Web3/monitoring/security |
| P4 | Long-term — retention, teams, enterprise, org hygiene |
P0 — Next (SaaS beta blockers)
No open P0 items. REBRAND shipped 2026-05-20 — milestone-rebrand-ehxlabs.md, ehx-kb#44 closed.
M5.8, M5.9, M5.10 core, and REBRAND are shipped — see roadmap-task-registry.md.
P1 — Soon (trust, auth, UX)
In flight (2026-05-20): M5.2.9 operator commerce slice shipped (grants, promos, oracle, pricing runbook #42); M5.10.13 unified admin shell (#58). Next: OPS.4 k6/ZAP (#43), M5.10.12 token rotation (#38).
| ID | Roadmap | Status | Remaining work | Issue |
|---|---|---|---|---|
| M5.4 | Password auth (gaps) | Shipped | Signup verify + password reset — milestone-5-4 | #29, #30 closed |
| M5.5 | Session management | Shipped | Revoke all sessions — milestone-5-5 | #31, ehx-api#32 closed |
| M5.2.9 | Operator grants, promos, dynamic quotes | Shipped | milestone-5-2h, operator-pricing runbook | ehx-kb#42 closed |
| M3.4a | Abuse & quotas (auth-backed) | Preview | Account-scoped quotas (M5.8 shipped) | ehx-api#29 |
| UX | Dark-first UI | Planned | Design tokens, dark-first polish | ehx-web#5 |
| UX | Persona onboarding | Planned | First-run / get-started completion flows | ehx-web#6 |
| Edge | TLS / compose runbook | Planned | Hardening, www canonical, ops checklist | ehx-kb#11 |
| OPS | CI before push | Shipped (runbook) | scripts/ci-check.sh + ci-before-push.md on ehx-api / ehx-web; api .pre-commit-config.yaml (Ruff) — stops OpenAPI drift + F401 on main | |
| OPS.4 | Pre-P1 QA gate | In progress | Automated + post-rebrand prod smoke pass (2026-05-20); checkout confirm + k6 + ZAP pending — signoff log | ehx-kb#43 |
| M5.11 | Public docs platform | Shipped | Docusaurus on docs.ehxlabs.xyz — milestone-5-11 | #39, #40, #45, ehx-web#59–60, #64 closed |
| M5.11b | Docs user content | Planned | User guides, IA, FAQ, integrator section — milestone-5-11-docs-content | ehx-kb#47–53 (P1: #47–49) |
P2 — Product depth (Phase 2–3)
| ID | Roadmap | Status | Remaining work | Issue |
|---|---|---|---|---|
| M3.0–3.6 | AI generator MVP (full) | Preview | LLM orchestration all surfaces, composable gen, hard validation, RAG automation | ehx-kb#12 |
| M3.3 | Dashboard (full) | Preview | Saved projects, named workspaces, re-download from history | ehx-web#14 |
| M3.4 | LLM + RAG (gaps) | Preview | RAG reindex webhook; LLM turn metering | ehx-api#4 |
| M3.6 | Validation (hard) | Preview | terraform validate, kubeconform — not just heuristics | ehx-api#5 |
| M3.5 | Composable generation (gaps) | Preview | Pack manifest tags, dynamic slot-filling, full coverage matrix | ehx-kb#12 |
| M2.3 | Generation API (gaps) | Preview | Multi-cloud variables, batch export, API-only clients | ehx-kb#12 |
| M2.1 | Infrastructure modules | Preview | Versioning, more packs, repo conventions | ehx-modules#1 |
| M2.2 | Knowledge base | Preview | Expand articles, search, editorial workflow | ehx-kb#13 |
| M1.2 | Template libraries (repos) | Preview | Terraform/K8s/Helm/monitoring packs in ehx-templates | ehx-templates#1, ehx-templates#2 |
| M5.3 | Infrastructure library | Preview | Curated public architectures, example deployments | ehx-web#15 |
| MVP #2 | Infrastructure Project Builder | Planned | Guided wizard (cloud, region, HA, budget → blueprint) | ehx-web#16 |
| API | OpenAPI + packaging | Planned | Export, container sketch, CI publish | ehx-api#2 |
P3 — Phase 4 (Web3 intelligence — live systems)
| ID | Roadmap | Status | Remaining work | Issue |
|---|---|---|---|---|
| M4.1 | Web3 templates | Preview | Mainnet-hardened Helm per chain; explorer/indexer packs | ehx-kb#14 |
| M4.2 | Monitoring intelligence | Preview | Live RPC health API, anomaly detection, chain metric catalogs | ehx-api#6 |
| M4.3 | Security analysis | Preview | Trivy/Kubescape/Falco integration; exposure discovery | ehx-api#7 |
| M4.x | Monitoring repo | Planned | Baseline observability stack layout | ehx-monitoring#1 |
P4 — Long-term
| ID | Roadmap | Status | Remaining work | Issue |
|---|---|---|---|---|
| Retention | Retention strategy MVP | Epic | Health score, drift detection, cost signals, ongoing value | ehx-kb#10 |
| Team | Pro/Team plan — seats & shared projects | Planned | Collaboration, seat model, permissions (post M5.8) | ehx-web#17 |
| M1.3 | First customers | In progress | Approved case studies on /design-partners | ehx-web#18 |
| Phase 1 | First paying engagements | Epic | Consulting revenue, reusable patterns | ehx-kb#4 |
| Org | Branch protection & security | Epic | GitHub org defaults | ehx-kb#2 |
| Org | GitHub Projects | Meta | Token scope for project boards | ehx-kb#9 |
| Future | AI incident detection | Roadmap only | RPC degradation, validator instability | ehx-kb#15 |
| Future | Cost estimation in chat | Roadmap only | Cost signals in generation output | ehx-kb#15 |
Shipped (reference — not backlog)
| Milestone | Notes |
|---|---|
| M1.1 Branding & website | Live — ehx-web#2, #3 closed |
| M1.2 in-product catalog | Preview on /templates |
| M2.1–2.3 | Preview on /modules, /kb, /generate |
| M3.1–3.2, 3.4–3.6 | Preview on /chat |
| M3.4a quotas | Preview enforced |
| M4.1–4.3 | Preview bundles (Team+) |
| M5.1 account dashboard | Preview |
| M5.2 / M5.2b | Preview auth + custodial checkout |
| M5.2.3 HD wallet | Shipped — unique deposit per session; ehx-api#13 closed — milestone-5-2c |
| M5.2.4 Settlement reconcile | Shipped — ehx-api#14 — milestone-5-2d |
| M5.2.5 Renew / cancel | Shipped — ehx-api#15 — milestone-5-2e |
| M5.2.6 Invoice PDF | Shipped — ehx-api#16 — milestone-5-2f |
| M5.2 P0 UX slice | Shipped — stuck panel, confirmed panel, admin finance CSV — #27, #28, ehx-api#17 |
Checkout /checkout crash fix | Shipped — AccountAuthProvider on product routes — web a33108a |
| Checkout HD UI hydration | Shipped — no stub warning while session loads; HD callout when hd_wallet — web 8aa2197 |
| M5.2.8 Checkout commerce UX | Shipped — milestone-5-2g, #61, #62 |
| M5.8 Auth-required product | Shipped + enabled — milestone-5-8, ehx-web #19–#21, ehx-api #8–#11 |
| M5.9 Operator analytics | Shipped — analytics-preview, ehx-web #22–#26, ehx-api #12 |
| M5.10 User directory (core + M5.10a) | Shipped — /admin/users, /admin/users/[id], filters, activity, column picker, Lock console — milestone-5-10, ehx-web #52��–#54, ehx-api #41–#43 |
| M5.10b Support actions | Shipped — resend recovery, support bundle, audit log, suspend/unsuspend, plan grant — ehx-web #55–#56, ehx-api #44, #52, #53 |
| M5.10 admin session & auth | Shipped — verify before panel, stale-verify race, shared AdminSessionProvider across /admin/* (no re-unlock on tab switch) — web 5232c98…6fae044, b98ee4b; api 0f70d62 |
| OPS CI gates | Shipped — ci-before-push.md, scripts/ci-check.sh — api 626cdd5, web ab4be75/a8931e0, kb 48616c0 |
| M5.4–5.5 | Preview password + logout |
| M5.6 Auth0 | Shipped — ehx-web#8 closed |
| M5.7 Recovery email | Shipped — ehx-web#9 closed |
| Linked browsers + unlink | Shipped — api a4f1629, web 1083ece |
Epic index (ehx-kb)
| Issue | Phase |
|---|---|
| #1 | Phase 1 — Branding & public site |
| #3 | Phase 1 — Baseline templates |
| #4 | Phase 1 — First paying engagements |
| #5 | Phase 2 — Productized infrastructure |
| #6 | Phase 3 — AI generator MVP |
| #7 | Phase 4 — Web3 intelligence |
| #8 | Phase 5 — SaaS beta |
| #10 | Retention strategy |
| #12 | Phase 3.4–3.6 orchestration |
Recommended build order
- OPS.4 — pre-P1 QA gate (#43, runbook)
M5.10.11— email masking shipped (#57);M5.2.9.5runbook shipped (#42); M5.10.12 token rotation (#38)- M5.2 production — processor billing polish (epic remains open)
- M5.4/5.5 gaps — password reset, revoke all sessions
- M3.3 + kb#12 — saved projects + AI orchestration hardening
- Phase 4 live — monitoring and security integrations
- Team/seats + retention — after single-user SaaS is solid
Last updated: 2026-05-20 (M5.2.9.5 runbook + M5.10.13 admin shell shipped). Home milestone rows: home-milestone-status.md ↔ ehx-web/lib/milestone-status.ts.