Release: merge development into beta#2
Conversation
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
PHPUnit Tests
Integration Tests (Newman)
E2E Tests (Playwright)
Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (215 total)
PHPUnit TestsPHPUnit tests were not enabled for this run. Integration Tests (Newman)Newman integration tests were not enabled for this run. E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
PHPUnit Tests
Integration Tests (Newman)
E2E Tests (Playwright)
Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (215 total)
PHPUnit TestsPHPUnit tests were not enabled for this run. Integration Tests (Newman)Newman integration tests were not enabled for this run. E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (215 total)
PHPUnit TestsPHPUnit tests were not enabled for this run. Integration Tests (Newman)Newman integration tests were not enabled for this run. E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (215 total)
PHPUnit TestsPHPUnit tests were not enabled for this run. Integration Tests (Newman)Newman integration tests were not enabled for this run. E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (215 total)
PHPUnit TestsPHPUnit tests were not enabled for this run. Integration Tests (Newman)Newman integration tests were not enabled for this run. E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (215 total)
PHPUnit TestsPHPUnit tests were not enabled for this run. Integration Tests (Newman)Newman integration tests were not enabled for this run. E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Code coverage: 0% (0 / 3 statements) Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Integration Tests (Newman)
E2E Tests (Playwright)
Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Code coverage: 0% (0 / 3 statements) Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Integration Tests (Newman)
E2E Tests (Playwright)
Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Code coverage: 0% (0 / 3 statements) Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Integration Tests (Newman)
E2E Tests (Playwright)
Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
npm dependencies (416 total)
PHPUnit Tests
Integration Tests (Newman)
E2E Tests (Playwright)
Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Code coverage: 0% (0 / 3 statements) Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Code coverage: 0% (0 / 3 statements) Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
PHPUnit Tests
Integration Tests (Newman)
E2E Tests (Playwright)
Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Code coverage: 0% (0 / 3 statements) Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Code coverage: 0% (0 / 3 statements) Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Code coverage: 0% (0 / 3 statements) Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
npm dependencies (416 total)
PHPUnit Tests
Integration Tests (Newman)
E2E Tests (Playwright)
Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Code coverage: 0% (0 / 3 statements) Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
npm dependencies (416 total)
PHPUnit Tests
Integration Tests (Newman)
E2E Tests (Playwright)
Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Code coverage: 0% (0 / 3 statements) Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Code coverage: 0% (0 / 3 statements) Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report
Summary
PHP Quality
Vue Quality
Security
License Compliance
composer dependencies (100 total)
npm dependencies (416 total)
PHPUnit Tests
Code coverage: 0% (0 / 3 statements) Integration Tests (Newman)
E2E Tests (Playwright)Playwright E2E tests were not enabled for this run. Generated automatically by the Quality workflow.
|
Quality Report — ConductionNL/decidesk @
|
| Check | Result |
|---|---|
| PHP lint | ✅ |
| PHP phpcs | ✅ |
| PHP phpmd | ✅ |
| PHP psalm | ✅ |
| PHP phpstan | ✅ |
| PHP phpmetrics | ✅ |
| eslint | ✅ |
| stylelint | ✅ |
| Security (composer) | ✅ |
| Security (npm) | ✅ |
| License (composer) | ✅ 100/100 |
| License (npm) | ✅ 416/416 |
| PHPUnit | ✅ |
| Newman | ✅ |
| Playwright | ⏭️ |
Coverage: 0% (0/3 statements)
Quality workflow — 2026-04-13 18:03 UTC
Download the full PDF report from the workflow artifacts.
Quality Report — ConductionNL/decidesk @
|
| Check | PHP | Vue | Security | License | Tests |
|---|---|---|---|---|---|
| lint | ✅ | ||||
| phpcs | ✅ | ||||
| phpmd | ✅ | ||||
| psalm | ✅ | ||||
| phpstan | ✅ | ||||
| phpmetrics | ✅ | ||||
| eslint | ✅ | ||||
| stylelint | ✅ | ||||
| composer | ✅ | ✅ 100/100 | |||
| npm | ✅ | ❌ | |||
| PHPUnit | ❌ | ||||
| Newman | ❌ | ||||
| Playwright | ❌ |
Quality workflow — 2026-04-13 18:11 UTC
Download the full PDF report from the workflow artifacts.
…hive-audit-changes into development
…dive Full opsx-ff artifact sets (proposal, specs, design, tasks) for the six evidence-backed feature gaps identified in the 2026-07-16 market deep-dive (iBabs/Notubiz duopoly analysis, OpenSlides parity check, Digimonitor/ Digitoegankelijk accessibility data, intelligence-DB demand scores, live RIS tender mining — logged to the spectr register and intelligence DB): - records-management-archiving: Archiefwet/MDTO lifecycle, Selectielijst retention, e-depot transfer packages, destruction workflow + verklaring, compliance dashboard (demand 1317/1170/913; vendors exclude archiving) - meeting-pack-board-book: compiled vergaderbundel PDF via Docudesk merge, versioning, confidentiality filtering, offline delivery (demand 482-201) - document-annotations: private/faction/body annotations on meeting documents, version-anchored, GDPR export (demand 334-226) - toezeggingen-ingekomen-stukken: standalone griffie registers with declarative lifecycles, rappels, hamerstuk bulk confirmation, WOO-aware publication (GO Toezeggingen parity) - urgent-decision-procedure: guarded spoedprocedure with emergency-meeting or expedited written round + mandatory ratification stage (demand 1467) - document-accessibility-check: pre-publication PDF accessibility gate + toegankelijkheidsverklaring reporting (demand 846; 46% of RIS at status E) Canonical specs decision-management, meeting-management, process-configuration, decidesk-notifications and public-publication marked in-progress with their new change references.
docs(openspec): six market-gap changes from the 2026-07-16 Decidesk deep-dive
…deep-dive Full opsx-ff artifact sets (proposal, specs, design, tasks) for all 19 gap candidates that survived bulk novelty-checking against the 97 canonical specs: works-council-consultation, constituency-consultation, vragenuur-interpellatie, termijnagenda, raadsinformatiebrieven, pc-cyclus, verordeningenregister, delegatie-mandaatregister, governing-documents-register, shared-governance-bodies, vve-alv-pack, woo-diwoo-publication, member-onboarding, advisory-opinion-workflow, appointments-and-terms, interests-and-integrity, member-proxy-authorization, inspreekrecht-plenair, embargo-geheimhouding. All strict-valid; register fragments 47-65 assigned centrally; public-publication canonical spec gains the vragenuur-interpellatie change reference.
docs(openspec): nineteen market-gap changes — wave 2 of the Decidesk deep-dive
…hipped records stack The change was drafted on a false premise: that decidesk must build dossier assembly, MDTO mapping, Selectielijst retention rules, transfer packages, a destruction workflow, the verklaring and the dashboard, consuming only OR's '_retention'/'_tmlo' columns. Verified against openregister ebedbdd5a, that premise was wrong on both counts. OpenRegister already ships: SelectionList entities + RetentionService:: applyArchivalMetadata() + ArchiefactiedatumCalculator (retention resolution), DestructionService + DestructionList + check/execution jobs + a 'verklaring_van_vernietiging' certificate, LegalHoldService, MdtoXmlGenerator, SipPackageBuilder (zip/BagIt/METS/PREMIS), TransferListService, EdepotTransferService and Transport/OpenConnectorTransport. Five of nine requirements were therefore rebuilding upstream code. They now consume it: - REQ-RMA-003: RetentionRule schema deleted; Selectielijst 2020 ships as OR SelectionList seed objects; decidesk computes no disposition dates - REQ-RMA-004/005 merged: TransferPackage schema, package builder and ArchiveConnectorService deleted; transfer runs through OR's transfer list + SipPackageBuilder + OpenConnectorTransport - REQ-RMA-005 (destruction): decidesk DestructionList/DestructionService deleted; consumes OR's lists, approval routes and jobs - REQ-RMA-006 (verklaring): reduced to rendering OR's certificate via Docudesk - REQ-RMA-002 (MDTO): scoped to dossier level; OR's MdtoXmlGenerator serializes Also corrects two impossible field names: '_retention' is a transient, read-only TTL view from the x-openregister-archival log-rotation mechanism (ObjectEntity::$archivalRetention, not persisted) — the Archiefwet block is the persisted 'retention' field; '_tmlo' does not exist (it is 'tmlo'). The spec now states explicitly that x-openregister-archival is NOT the Archiefwet path. Kept as genuinely decidesk: dossier assembly (OR has no aggregate unit), compliance dashboard (OR's is spec-only), classification labels (realigned as a documented subset of OR's 8-level ordinal). Net: 4 schemas + 4 services + 7 endpoints -> 1 schema, 1 service, 2 endpoints. Tasks 9 -> 6. Upstream follow-up filed: ConductionNL/openregister#2021 (destruction execution fatals on an unknown named parameter).
…mgmt fix(openspec): records-management-archiving consumes OpenRegister's shipped records stack
7 Decision properties (sourceApp, subjectRegister, subjectSchema, subjectId,
subjectLabel, outcomeCallbackUrl, externalReference) used JSON-Schema union
type ["string","null"], which OpenRegister's schema validator rejects
('Invalid type … Must be one of: string, number, …'). The Decision schema
therefore FAILED every register (re)import — frozen in the DB at its
2026-06-26 state; fresh installs could not create it.
Converted to the OR-supported form already used by DecisionStage
(outcome/decidedAt/note): "type":"string","nullable":true. Verified live:
Decision no longer appears in Pass-1 import failures. decidesk-only issue
(0 union types in openregister/doriath/hrmq/portaliq/docudesk/opencatalogi).
…s, KPI Pilot of the toezeggingen-ingekomen-stukken change: register fragment (both schemas + canonical lifecycle/notification dialects + publication predicate + 7 seed objects), manifest.d fragment (4 pages + menu), and Dashboard KPI widget. Live-validated on 8080: both index pages render seed data, detail page renders, menu + KPI widget present. Known findings (for finish-work, Tasks 5-8 not yet implemented): - Detail relation refs stored as slugs/nil-UUID 404 on resolution (seed refs need resolved UUIDs or relation config adjustment). - Dashboard KPI count shows raw schema total (3), not the filtered overdue count (2) — the declarative stat-widget does not apply the @now relative token / multi-value lifecycle filter (design D6 open question, confirmed live). The D6 fallback must be implemented, not assumed.
…ypes fix(register): Decision schema union types → OR-supported nullable (Decision couldn't re-import)
…lti-value aggregation limitation Live network trace: the stat-widget count endpoint honors only scalar-equality filters. Bare-array lifecycle is ignored (raw count 3); the documented in operator returns 0. Root cause is OpenRegister's AggregationRunner filter→SQL path (under active change by a parallel session). Kept the correct-intent in-operator form (will read 2 once OR handles multi-value); note documents the limitation + interim options accurately (no false 'verified' claim).
Declarative core (register fragment + manifest.d pages + seed) for: constituency-consultation(48,2), termijnagenda(50,1), raadsinformatiebrieven(51,2), delegatie-mandaatregister(54,1), appointments-and-terms(61,4), interests-and-integrity(62,3). No base-manifest KPI (OR agg multi-value limitation, or#2027), no imperative Tasks 5-8. All fragments openspec-valid + manifest-valid. Conditional-required/ anyOf and per-body notification routing flagged in-file for save-time enforcement.
…chema inheritance
The Bevoegdheidstoedeling schema used allOf:[{anyOf:...},{anyOf:...}] for a
JSON-Schema at-least-one-of validation rule. OpenRegister interprets a schema's
allOf as PARENT-SCHEMA INHERITANCE (SchemaMapper::extractAllOfDelta →
loadSchema(parentRef)), so it passed the anyOf array to loadSchema(string|int)
→ TypeError. Because a TypeError is a \Error (not \Exception), it escaped the
importer's per-schema catch(\Exception) and ABORTED the whole register import
(fragments 48/50/51 landed; 54/61/62 never processed). Removed the composition;
the at-least-one-of rule is save-time enforcement (as the toezeggingen pilot
does). Import now succeeds; all 13 batch-1 schemas land.
…ype enum works-council-consultation(47,1), vragenuur-interpellatie(49,3), pc-cyclus(52,3), verordeningenregister(53,3), governing-documents-register(55,2 + Decision additive citesGoverningDocuments), advisory-opinion-workflow(60,2). All grep-verified zero allOf/anyOf/oneOf + zero union types. Base GovernanceBody.bodyType gains advisory-body/works-council/shared-body (used by advisory + works-council seeds).
OpenRegister's schema authorization block accepts ONLY action keys (create/read/update/delete). Regeling/RegelingVersie/GoverningDocument had a descriptive _note inside authorization → 'Invalid authorization action _note' → those 3 schemas skipped on import (siblings landed). Moved the rationale out; all 14 batch-2 schemas now import. (_note IS allowed in lifecycle/notifications blocks, just not in authorization.)
urgent-decision-procedure(46: Decision/Meeting/ProcessTemplate additive deltas), shared-governance-bodies(56: 3 new + Membership.namens delta), vve-alv-pack(57: 4), woo-diwoo-publication(58: 2), member-onboarding(59: 2), member-proxy-authorization(63: ProxyAuthorization + Vote/ProcessTemplate deltas), embargo-geheimhouding(65: 2). All grep-verified zero allOf/anyOf/oneOf, zero _note-in-authorization, zero union types; additive deltas are add-only + version- bumped. inspreekrecht-plenair deferred (depends on unlanded commissievergaderingen).
…alculations dialects These dialects appear in NO landed decidesk fragment and are the imperative- materialised behaviours the designs place OUTSIDE the declarative core. Removed from urgency-policy (Decision aggregations+calculations), shared-governance-bodies (3 relations blocks), embargo-geheimhouding (aggregations) to match the proven lifecycle+notifications+authorization+$ref pattern. (NOTE: the batch-3 import is separately blocked by an OpenRegister runtime breakage — SystemEntityObjectAdapter constructor — from a concurrent session; verified by the identical batch1+2 config also failing now though it imported cleanly earlier.)
…ekomen-stukken feat: apply declarative cores of 20 market-gap changes (register fragments + manifest pages + seed)
Automated PR to sync development changes to beta for beta release.
Merging this PR will trigger the beta release workflow.