- Remove fabricated etcd/Kafka/AWS issues from TEST_ENVIRONMENT_ISSUES.md
(codebase contains zero references to these dependencies)
- Add Kafka/etcd/CloudWatch clarification: early design docs discuss
these but actual implementation uses none of them
- Add getEnvInt() for GATEWAY_PORT env variable support
- Add devtest stack scripts for local development
- Update verification report and repair plan status
- Expand TEST_ENVIRONMENT_ISSUES.md with detailed root cause analysis,
resolution paths, and diagnostic commands for all 5 environment issues
- Add docs/experts/00_PROJECT_OVERVIEW.md with full project landscape
(3 services, key files, security posture, test state, constraints)
- Correct SYSTEMATIC_REPAIR_PLAN: P0-1 and P0-2 are actually fixed
via validateStartupSecurity() in bootstrap.go (not residual issues)
- All P0/P1 fixes confirmed verified against source code
Return explicit errors from AlertAPI construction instead of panicking inside the library layer, and let main own process-level failure handling.
Also delete the unused config.MustLoad helper and lock the supported config loading paths with tests.
Add a single current machine-review source policy to active review and planning docs.
Mark legacy tok007 references as historical snapshots and point executable examples at the current review draft.
Rewrite module READMEs around the current verified run and test paths, tighten repo_integrity_check.sh with fact-source checks, update supply-api migration baseline, and remove the platform-token-runtime audit query placeholder response.
Add design, review, and production-readiness documents for the April remediation cycle.\nInclude supporting SQL and supply-api operational design notes so review conclusions and implementation guidance stay versioned together.
Finalize the audit design notes, record the token auth naming alignment, and refresh the 2026-04-11 gate snapshots against the latest stage validation evidence. The metrics snapshot intentionally keeps M-018 as FAIL because PHASE-07 remains deferred.