chore: sync main — v1.14 milestone archive and CI fix

* docs: start v1.7 milestone + adoption guides + Lockspire recipe

* docs: mark v1.7 phase-60 ADOPT/INTG requirements complete

* docs: update STATE for v1.7 phase 60 doc slice

Made-with: Cursor

* docs: clarify v1.7 requirement coverage (AUD pending)

Made-with: Cursor

* docs(061): capture phase context

* docs(state): record phase 61 context session

* docs(state): fix session fields after phase 61 discuss

* docs(061): plan SEED-002 bounded batch (AUD-01)

Add RESEARCH.md, VALIDATION.md, and two executable plans: MFA
verify_backup failure Multi + tests (wave 1), inventory and C-1
matrix alignment (wave 2). Record planned phase in STATE.

Made-with: Cursor

* feat(061-01): co-fate verify_backup failure audit in Multi

Invalid backup codes now run Lockout.increment with mfa.verify.failure
(and optional mfa.lockout) inside the same Repo.transaction as verify/4
failures. Adds atomicity tests for audit emission and rollback.

Made-with: Cursor

* docs(061-02): AUD-04 inventory and C-1 for verify_backup failure

Add AUD-04-067, refresh AUD-04-026/027 as Multi+log_multi_safe, update
09-VERIFICATION counts and Phase 61 narrative for AUD-01 alignment.

Made-with: Cursor

* docs(061): phase verification, summaries, and tracking

Mark AUD-01 complete in REQUIREMENTS; fix STATE next-phase to 62 after
phase.complete; add 061-VERIFICATION (passed), code review, plan summaries,
ROADMAP ship date, and PROJECT.md v1.7 notes.

Made-with: Cursor

* docs(062): capture phase 62 C-1 narrative context

* docs(state): record phase 62 context session

* docs(062): phase 62 research, validation, and AUD-02 plan

* docs(062-01): refresh 09-03-SUMMARY for v1.7 C-1 narrative (AUD-02)

Made-with: Cursor

* docs(062-01): D-06 reconciliation — no 09-VERIFICATION.md changes

Made-with: Cursor

* docs(062-01): complete AUD-02 in REQUIREMENTS and add SUMMARY

Made-with: Cursor

* docs(062): code review gate — planning docs only

Made-with: Cursor

* docs(phase-062): complete phase — VERIFICATION, STATE, ROADMAP, PROJECT

Made-with: Cursor

* chore: archive v1.7 milestone files

Made-with: Cursor

* chore: remove REQUIREMENTS.md for v1.7 milestone

Made-with: Cursor

* docs: point AUD-02 link at archived v1.7 requirements

Made-with: Cursor

* docs: open v1.8 milestone — requirements, roadmap, adoption guides

* chore: archive v1.8 milestone

Made-with: Cursor

* docs: add North Star (milestones) for GSD scoping

Made-with: Cursor

* docs: start milestone v1.9 Audit atomicity (SEED-002)

* docs: define milestone v1.9 requirements

* docs: create milestone v1.9 roadmap (2 phases)

* docs(066): capture phase context

* docs(state): record phase 66 context session

* docs(066): research, validation, and executable plans for confirm_enrollment AUD-04-020..022

* feat(066-01): MFA enroll insert_failed uses Multi + log_multi_safe

AUD-04-021: follow-up Repo.transaction after enrollment Multi rolls back;
scope/opts mirror log_safe merge; telemetry on success and log_safe_error
shape on failure-audit errors. Postgrex insert failures on credential/backup
tables map to the same path without swallowing audit_events guard raises.

Made-with: Cursor

* test(066-01): cover insert_failed enroll audit atomicity

Adds backup_codes CHECK forcing insert_failed plus audit_events guard
proving failure-audit Multi rolls back without durable mfa.enroll.failure.

Made-with: Cursor

* docs(066-02): refresh AUD-04-020..022 in 44-AUD-04-INVENTORY

Phase 66 / AUD-09 closure note; mechanisms match confirm_enrollment/5.

Made-with: Cursor

* docs(066-02): update C-1 rows AUD-04-020..022 in 09-VERIFICATION

T1 for Multi-bound 020/021; T2 + EX-44-02 for invalid_code 022.

Made-with: Cursor

* docs(066): add plan execution summaries

Made-with: Cursor

* docs(planning): mark phase 66 / AUD-09 complete

Repair STATE after gsd-sdk phase.complete pointed at 999.1; sync ROADMAP
and REQUIREMENTS traceability for shipped AUD-09 batch.

Made-with: Cursor

* docs(067): capture phase context and discussion log

* docs(state): record phase 67 context session

* docs(067): research, validation strategy, and AUD-10 plan

* docs(067): clarify D-06 outcome acceptance in plan

Made-with: Cursor

* docs(phase-67): close AUD-10 and v1.9 C-1 planning

Refresh 09-03-SUMMARY for post-phase-66 MFA enrollment batch (AUD-04-020..022),
add D-06 reconciliation log and C-1 verification note, mark AUD-10 complete in
REQUIREMENTS, and update ROADMAP/STATE/PROJECT for shipped v1.9.

Made-with: Cursor

* chore: archive v1.9 milestone files

Add milestones/v1.9-{ROADMAP,REQUIREMENTS,MILESTONE-AUDIT}.md, collapse live
ROADMAP v1.9 section into shipped details, extend MILESTONES/PROJECT/STATE, and
append RETROSPECTIVE. REQUIREMENTS.md removal follows in a separate commit.

Made-with: Cursor

* chore: remove REQUIREMENTS.md for v1.9 milestone

Fresh requirements are created by /gsd-new-milestone; v1.9 copy lives in
.planning/milestones/v1.9-REQUIREMENTS.md.

Made-with: Cursor

* fix(planning): link 09-03-SUMMARY to archived v1.9 requirements

Live .planning/REQUIREMENTS.md was removed at v1.9 milestone close; keep the
AUD-10 pointer valid via milestones/v1.9-REQUIREMENTS.md.

Made-with: Cursor

* docs: start milestone v1.10 Adopter confidence (scope, state, research skip)

* docs: define milestone v1.10 requirements (ACF-01..06)

* docs: create milestone v1.10 roadmap (phases 68-70)

* docs(068): capture phase context after discuss-phase research

* docs(state): record phase 68 discuss session

* docs(068): research, validation strategy, and executable plans for deploy/mail confidence

* docs(068-01): production checklist and mail delivery hub in deployment

- Add Production checklist (read first) with triage and Phoenix/Plug/OWASP links
- Add Mail delivery inline vs Oban TL;DR with example host and install flags
- README: drop file: link to .planning for ExDoc warnings-as-errors

Made-with: Cursor

* docs(068-02): cross-link production checklist and install flags

- README Before production; intro guides link to deployment anchors
- Installation: mix sigra.install flag reference table
- MAINTAINING: Hex release scope vs adopter host validation

Made-with: Cursor

* docs(planning): complete phase 68 verification and repair STATE

- Add 068-VERIFICATION.md and 068-REVIEW.md; ROADMAP v1.10 progress note
- Fix STATE/PROJECT after erroneous gsd-sdk phase.complete (068 vs --phase)

Made-with: Cursor

* docs(069): capture phase context

* docs(state): record phase 69 context session

* docs(069): phase research, validation, patterns, and executable plan

* docs(planning): mark phase 69 planned

* docs(069-01): document --organizations in Sigra.Install @moduledoc

Made-with: Cursor

* docs(069-01): add canonical generator-options reference guide

Made-with: Cursor

* docs(069-01): add intermediate production path intro guide

Made-with: Cursor

* docs(069-01): register new guides in ExDoc extras and Reference group

Made-with: Cursor

* docs(069-01): bridge installation guide to generator-options matrix

Made-with: Cursor

* docs(069-01): extend first-hour reading map and post-checklist handoff

Made-with: Cursor

* docs(069-01): link What's next to generator options and intermediate path

Made-with: Cursor

* docs(phase-069): complete 069-01 verification, review, and planning state

Made-with: Cursor

* docs(070): capture phase context

* docs(state): record phase 70 context session

* docs(070): research, validation, and executable plans for ACF-05/06

* docs(070): align VALIDATION map command with plan 01

* docs(070-01): add v1.10 upgrade guide and ExDoc wiring

ACF-05: new upgrading-to-v1.10 stub (v1.9 milestone pointer, checklist,
see-also v1.8/v1.7); register extra after upgrading-to-v1.8; ExDoc
skip_undefined_reference_warnings_on for relative .planning links.

Made-with: Cursor

* docs(070-02): ACF-06 deferral links in REQUIREMENTS and PROJECT

Inline ADR 001 and SEED-002 links in Out of scope table; Current
Milestone target links ADR path; mark ACF-05/06 validated in
REQUIREMENTS checklist and traceability; add verification + review.

Made-with: Cursor

* docs(phase-070): complete milestone tracking after phase 70

Update ROADMAP v1.10 progress, PROJECT current state/footer, STATE
position (next 999.1), and VERIFICATION note on mix test scope.

Made-with: Cursor

* chore: archive v1.10 milestone

Archive roadmap, requirements, and milestone audit; collapse ROADMAP v1.10
into shipped details; evolve PROJECT/STATE/MILESTONES/RETROSPECTIVE; remove
live REQUIREMENTS.md for the next /gsd-new-milestone cycle.

Made-with: Cursor

* docs: ship v1.11 adoption stabilization (STAB-01..04)

Add triage log, maintainer milestone pause guidance, upgrading-to-v1.11
with ExDoc wiring, intro cross-links, and archived planning artifacts.
CHANGELOG Unreleased notes; MILESTONES + PROJECT/ROADMAP/STATE updated.

Made-with: Cursor

* docs: start milestone v1.12 (trust, evidence, adoption polish)

* docs: define v1.12 requirements and roadmap (3 phases)

* docs: clarify STATE after milestone open (phases.restore)

* docs(073): capture phase context

* docs(state): record phase 73 context session

* docs(073): add research, validation, patterns, and executable plans for AUD-11

Made-with: Cursor

* docs(73-01): reconcile C-1 AUD-04-023..034 with MFA Multi audit truth

Made-with: Cursor

* docs(73-01): refresh AUD-04 inventory 023-032 and grep log for MFA Multi truth

Made-with: Cursor

* test(73-02): CHECK fault-injection for MFA verify and regenerate Multi paths

Made-with: Cursor

* docs(73): add plan summaries for bounded audit atomicity batch

Made-with: Cursor

* docs(73): code review and phase verification

Made-with: Cursor

* docs(planning): fix STATE after phase 73; mark 73 complete on ROADMAP

Made-with: Cursor

* docs(74): capture phase context

* docs(state): record phase 74 context session

* docs(state): restore progress metrics after record-session

* docs(phase-74): add research, validation strategy, and executable plans

* docs(state): mark phase 74 planned

* docs(74-01): refresh 09-03 document status and planning trace for v1.12

Made-with: Cursor

* docs(74-01): add Phase 73 AUD-11 paragraph to 09-03 recent batches

Made-with: Cursor

* docs(74-01): plan 01 summary

* docs(74-02): add v1.12 SEED outcome index (UAT-01)

Made-with: Cursor

* docs(74-02): add v1.12 launch evidence attestation hub (UAT-02)

Made-with: Cursor

* docs(74-02): plan 02 summary and verification

* docs(phase-74): mark phase complete; advance STATE to phase 75

* docs(75): capture phase context

* docs(state): record phase 75 context session

* docs(75): research, validation strategy, and executable plans

* docs(75): simplify CHANGELOG bullet link markup in plan 02

* docs(75): record planned phase in STATE

* docs(75): clarify post-phase timing for verification script

* docs(75-01): add upgrading-to-v1.12.md (TRN-01 task 1)

Made-with: Cursor

* docs(75-01): register v1.12 ExDoc extra; blob URL for v1.12 evidence in uat-ci-coverage (TRN-01 task 2)

ExDoc --warnings-as-errors failed on ../.planning/v1.12-UAT-EVIDENCE.md from
docs/uat-ci-coverage.md; use GitHub blob link so HTML build stays clean.

Made-with: Cursor

* docs(75-01): add plan summary (TRN-01)

Made-with: Cursor

* docs(75-02): link v1.12 upgrade from getting-started Faster path (TRN-02 task 1)

Made-with: Cursor

* docs(75-02): add v1.12 trust bundle maintainer block (TRN-02 task 2)

Made-with: Cursor

* docs(75-02): add Unreleased v1.12 trust-bundle bullet (TRN-02 task 3)

Made-with: Cursor

* docs(75-02): add plan summary (TRN-02)

Made-with: Cursor

* docs(75-03): append v1.12 reconciliation to v1.11 triage (TRN-03 task 1)

Made-with: Cursor

* docs(75-03): add phase 75 verification with triage echo (TRN-03 task 2)

Made-with: Cursor

* docs(75-03): add plan summary (TRN-03)

Made-with: Cursor

* docs(phase-75): complete phase — ROADMAP/STATE/PROJECT, verification passed, review clean

Repair STATE/ROADMAP after gsd-sdk CLI positional quirks; mark v1.12 milestone
shipped; set focus to backlog phase 999.1.

Made-with: Cursor

* docs(999.1): tombstone context, discussion log, validation cross-link

* docs(state): align post-v1.12 idle; planning precedence in PROJECT

* docs(state): record 999.1 context session

* docs(state): restore v1.12 front matter after record-session

* fix(ci): retry mix deps.get in install-smoke for heroicons git flakiness

Install smoke failed on main when GitHub returned HTTP 500 during the
shallow git fetch for tailwindlabs/heroicons (phx.new default dep).
Bounded retries absorb transient network/5xx without weakening gates.

Ref: scripts/ci/lib/mix-deps-get-retry.sh (MIX_DEPS_GET_RETRIES optional).
Made-with: Cursor

* chore: archive v1.12 milestone

Archive ROADMAP slice and requirements to .planning/milestones/;
collapse live ROADMAP Phases table into details; remove live
REQUIREMENTS.md for next /gsd-new-milestone; update PROJECT, STATE,
MILESTONES, RETROSPECTIVE; fix 09-03-SUMMARY link to archived reqs.

Made-with: Cursor

* docs: v1.13 cadence lock-in (Phase 76, CAD-01..03)

* docs: record v1.13 planning tranche in MILESTONES

* docs: complete-milestone v1.13 — archive requirements and roadmap

* feat(audit): transactional Multi audit for MFA ad-hoc helpers (AUD-13)

* docs: v1.14 milestone + C-1 alignment for MFA ad-hoc audit (AUD-13-04)

* chore: archive v1.14 milestone planning

Add milestones/v1.14-ROADMAP.md and v1.14-REQUIREMENTS.md, collapse live
ROADMAP v1.14 details, add 77-01-SUMMARY, and update PROJECT/MILESTONES/
STATE/RETROSPECTIVE for post-close posture.

Made-with: Cursor

* chore: remove REQUIREMENTS.md after v1.14 milestone

Live requirements live in milestones/v1.14-REQUIREMENTS.md; recreate via
/gsd-new-milestone for v1.15+.

Made-with: Cursor

* chore: fix STATE.md live requirements pointer after v1.14 close

Made-with: Cursor

* fix(mfa): rescue constraint errors in commit_ad_hoc_mfa_audit/5

Ecto.Multi insert can raise Ecto.ConstraintError when the audit row hits a
DB CHECK without a changeset constraint definition. Match log_safe-class
behavior: emit [:sigra, :audit, :log_safe_error] and return :ok.

Made-with: Cursor

Author: szTheory

.planning/MILESTONES.md

@@ -258,3 +258,234 @@
 - [v1.6 Milestone Audit](milestones/v1.6-MILESTONE-AUDIT.md)
 
 ---
+
+## v1.7 Adoption readiness & audit durability (Shipped: 2026-04-23)
+
+**Scope:** 3 phases (**60–62**), **3** plans with on-disk **`*-SUMMARY.md`** under **061** / **062**; **Phase 60** satisfied via shipped guides + recipe without a discrete **`060-*`** phase directory (see [`milestones/v1.7-MILESTONE-AUDIT.md`](milestones/v1.7-MILESTONE-AUDIT.md)).
+
+**What shipped:** **ADOPT-01..03** + **INTG-01** — `guides/introduction/first-hour.md`, `upgrading-to-v1.7.md`, `troubleshooting-install.md`, and `guides/recipes/companion-oauth-provider.md` wired for ExDoc with explicit non-coupling to a companion authorization server. **AUD-01** — `verify_backup/4` wrong-code path now runs in **`Ecto.Multi`** with co-fated audit rows; **`mfa_audit_atomicity_test.exs`**; **AUD-04-067** + C-1 matrix / inventory updates (**061**). **AUD-02** — **`09-03-SUMMARY.md`** carries v1.7 document status + Phase **61** bounded-batch narrative; **D-06** required no **`09-VERIFICATION.md`** edit (**062**).
+
+### Key accomplishments
+
+1. **Adoption path clarity (Phase 60)** — First-hour, upgrade, troubleshooting, and companion recipe docs land without folding IdP scope into Sigra core.
+2. **AUD-01 bounded SEED-002 batch (Phase 61)** — Invalid backup verification matches atomic audit semantics with merge-gated regression tests.
+3. **AUD-02 C-1 honesty (Phase 62)** — Phase 9 executive summary reflects post-batch truth; requirements closed traceably.
+
+### Stats
+
+- **Requirements:** 6/6 Complete in archived [`milestones/v1.7-REQUIREMENTS.md`](milestones/v1.7-REQUIREMENTS.md).
+- **Milestone audit:** **passed** ([`milestones/v1.7-MILESTONE-AUDIT.md`](milestones/v1.7-MILESTONE-AUDIT.md)).
+- **Pre-close `audit-open`:** all artifact types clear (2026-04-23).
+- **Git (since `v1.6`):** ~32 commits; **47** files touched (**1986** insertions / **82** deletions in `git diff --stat v1.6..HEAD` summary).
+- **Timeline:** 2026-04-23 (single-day execution on disk for **61–62**; Phase **60** docs pre-existed the formal milestone window).
+
+### Tech debt carried forward
+
+- **`gsd-sdk query milestone.complete`** returned `version required for phases archive`; archival followed the same manual path as **v1.3**–**v1.6**.
+- **SEED-002** remainder — further `log_safe/3` → **`Ecto.Multi`** batches remain backlog-triggered.
+- **Optional:** add a retro **`060-*`** phase pack if stricter per-phase disk history is desired.
+
+**Archive:**
+
+- [v1.7 Roadmap](milestones/v1.7-ROADMAP.md)
+- [v1.7 Requirements](milestones/v1.7-REQUIREMENTS.md)
+- [v1.7 Milestone Audit](milestones/v1.7-MILESTONE-AUDIT.md)
+
+---
+
+## v1.8 Adopter polish (diminishing returns) (Shipped: 2026-04-23)
+
+**Scope:** 3 phases (**63–65**), **0** on-disk plan packs — all scope satisfied via **shipped guides** + **`mix.exs`** ExDoc wiring (no discrete `.planning/phases/063-*` … `065-*` directories; see archived traceability).
+
+**What shipped:** **ADOPT-04** — **`guides/introduction/upgrading-to-v1.8.md`** plus honest **planning v1.8** vs **Hex SemVer** framing and pointers back to **`upgrading-to-v1.7.md`**. **ADOPT-05** — cross-links among **`getting-started.md`**, **`first-hour.md`**, **`troubleshooting-install.md`**, **`CHANGELOG.md`**, and both upgrade guides. **INTG-02** — **`companion-oauth-provider.md`** prerequisite callout, explicit **B2C-only / no third-party API clients** anti-pattern line, and **See also** link to **`upgrading-to-v1.8.html`**.
+
+### Key accomplishments
+
+1. **Phase 63 — v1.8 upgrade spine** — Single maintainer-facing upgrade page ordered after **v1.7** in ExDoc extras.
+2. **Phase 64 — navigation mesh** — First-week readers can traverse install → walkthrough → troubleshooting → upgrades without dead ends.
+3. **Phase 65 — companion recipe honesty** — Prerequisites and non-goals are explicit before hosts wire **AccountResolver**.
+
+### Stats
+
+- **Requirements:** 3/3 Complete in archived [`milestones/v1.8-REQUIREMENTS.md`](milestones/v1.8-REQUIREMENTS.md).
+- **Milestone audit:** none filed for v1.8; closure used requirements traceability + shipped docs (same posture as **v1.5**).
+- **Pre-close `audit-open`:** all artifact types clear (2026-04-23).
+- **Git (since `v1.7`):** ~1 commit on the measured range; **12** files touched (**147** insertions / **30** deletions in `git diff --stat v1.7..HEAD` summary).
+- **Timeline:** 2026-04-23 (same-day doc closure on disk).
+
+### Tech debt carried forward
+
+- **`gsd-sdk query milestone.complete`** returned `version required for phases archive`; archival followed the same manual path as **v1.3**–**v1.7**.
+- **No `063-*` / `064-*` / `065-*` phase directories** — optional retro packs if stricter per-phase execution history is desired.
+
+**Archive:**
+
+- [v1.8 Roadmap](milestones/v1.8-ROADMAP.md)
+- [v1.8 Requirements](milestones/v1.8-REQUIREMENTS.md)
+
+---
+
+## v1.9 Audit atomicity (bounded SEED-002) (Shipped: 2026-04-23)
+
+**Scope:** 2 phases (**66–67**), **3** on-disk plans (**066-01**, **066-02**, **067-01**) under **`.planning/phases/066-*`** / **`067-*`**.
+
+**What shipped:** **AUD-09** — **`Sigra.MFA.confirm_enrollment/5`** **AUD-04-020..021** batch on **`Ecto.Multi`** + **`Sigra.Audit.log_multi_safe/3`** with **`mfa_audit_atomicity_test.exs`** merge-gated coverage. **AUD-10** — **`09-03-SUMMARY.md`** carries post–phase-**66** bounded-batch narrative; **D-06** reconciliation for **AUD-04-020..022** vs **44** inventory with explicit **no `09-VERIFICATION.md` edit** attestation.
+
+### Key accomplishments
+
+1. **Phase 66 — bounded SEED-002 batch** — Enrollment **`insert_failed`** audit path co-fated with business writes; Postgrex-aware failure handling; audit atomicity tests.
+2. **Phase 67 — C-1 planning closure** — Phase **9** executive summary aligned to post-batch truth without unnecessary verification churn.
+
+### Stats
+
+- **Requirements:** 2/2 Complete in archived [`milestones/v1.9-REQUIREMENTS.md`](milestones/v1.9-REQUIREMENTS.md).
+- **Milestone audit:** **passed** ([`milestones/v1.9-MILESTONE-AUDIT.md`](milestones/v1.9-MILESTONE-AUDIT.md)).
+- **Pre-close `audit-open`:** all artifact types clear (2026-04-23).
+- **Git (since `v1.8`):** ~18 commits; **27** files touched (**1616** insertions / **53** deletions in `git diff --stat v1.8..HEAD` summary).
+- **Timeline:** 2026-04-23 (same-day execution on disk for **66–67**).
+
+### Tech debt carried forward
+
+- **`gsd-sdk query milestone.complete`** returned `version required for phases archive`; archival followed the same manual path as **v1.3**–**v1.8**.
+- **SEED-002** remainder — further **`log_safe/3` → `Ecto.Multi`** batches remain backlog-triggered (see **`.planning/seeds/SEED-002-phase-9-log-safe-atomicity-followup.md`**).
+
+**Archive:**
+
+- [v1.9 Roadmap](milestones/v1.9-ROADMAP.md)
+- [v1.9 Requirements](milestones/v1.9-REQUIREMENTS.md)
+- [v1.9 Milestone Audit](milestones/v1.9-MILESTONE-AUDIT.md)
+
+---
+
+## v1.10 Adopter confidence for solo production (Shipped: 2026-04-23)
+
+**Scope:** 3 phases (**68–70**), **5** on-disk plans (**068-01**, **068-02**, **069-01**, **070-01**, **070-02**) under **`.planning/phases/068-*`**, **`069-*`**, **`070-*`**.
+
+**What shipped:** **ACF-01** / **ACF-04** — production HTTPS / proxy / session checklist hub plus **Oban vs inline** mail TL;DR in **`guides/recipes/deployment.md`** with intro + maintainer cross-links and install flag anchors. **ACF-02** / **ACF-03** — **`guides/introduction/intermediate-production-path.md`** and **`guides/reference/generator-options.md`** with ExDoc **Reference** group wiring. **ACF-05** / **ACF-06** — **`guides/introduction/upgrading-to-v1.10.md`** plus explicit **ADR 001** / **SEED-002** deferrals in planning surfaces.
+
+### Key accomplishments
+
+1. **Phase 68 — deploy + mail confidence** — Single deployment recipe hub for session + mail semantics hosts hit in production.
+2. **Phase 69 — intermediate path + optional features** — One dogfood narrative and one canonical generator flag index linked from first-week intro docs.
+3. **Phase 70 — upgrade stub + non-goals** — Planning **v1.10** vs Hex framing without pretending Lockspire or full **SEED-002** shipped.
+
+### Stats
+
+- **Requirements:** 6/6 **Validated** in archived [`milestones/v1.10-REQUIREMENTS.md`](milestones/v1.10-REQUIREMENTS.md) (live traceability for **ACF-01** / **ACF-04** reconciled at close to match **`068-VERIFICATION.md` passed**).
+- **Milestone audit:** **passed** ([`milestones/v1.10-MILESTONE-AUDIT.md`](milestones/v1.10-MILESTONE-AUDIT.md)).
+- **Pre-close `audit-open`:** all artifact types clear (2026-04-23).
+- **Git (since `v1.9`):** ~28 commits; **47** files touched (**2424** insertions / **35** deletions in `git diff --stat v1.9..HEAD` summary).
+- **Timeline:** 2026-04-23 (same-day execution on disk for **68–70**).
+
+### Tech debt carried forward
+
+- **`gsd-sdk query milestone.complete`** not used; archival followed the same manual path as **v1.3**–**v1.9**.
+- **SEED-002** remainder — further **`log_safe/3` → `Ecto.Multi`** batches remain backlog-triggered (see **`.planning/seeds/SEED-002-phase-9-log-safe-atomicity-followup.md`**).
+
+**Archive:**
+
+- [v1.10 Roadmap](milestones/v1.10-ROADMAP.md)
+- [v1.10 Requirements](milestones/v1.10-REQUIREMENTS.md)
+- [v1.10 Milestone Audit](milestones/v1.10-MILESTONE-AUDIT.md)
+
+---
+
+## v1.11 Adoption stabilization (Shipped: 2026-04-23)
+
+**Scope:** 2 phases (**71–72**), docs + planning only (no discrete **`071-*`** / **`072-*`** phase directories).
+
+**What shipped:** **STAB-01** — **`.planning/v1.11-TRIAGE.md`** adoption triage log. **STAB-03** — **`MAINTAINING.md`** *Milestone cadence and pause* (Hex-only vs `/gsd-new-milestone`). **STAB-02** — **`guides/introduction/upgrading-to-v1.11.md`** + **`mix.exs`** ExDoc extras. **STAB-04** — **getting-started** + **upgrading-to-v1.10** cross-links.
+
+### Stats
+
+- **Requirements:** 4/4 **Validated** in archived [`milestones/v1.11-REQUIREMENTS.md`](milestones/v1.11-REQUIREMENTS.md).
+- **Timeline:** 2026-04-23.
+
+### Tech debt carried forward
+
+- **SEED-002** / **SEED-001** / **Lockspire** — unchanged deferral posture (**ADR 001**, seed triggers).
+
+**Archive:**
+
+- [v1.11 Roadmap](milestones/v1.11-ROADMAP.md)
+- [v1.11 Requirements](milestones/v1.11-REQUIREMENTS.md)
+
+---
+
+## v1.12 Trust, evidence, and adoption polish (Shipped: 2026-04-24)
+
+**Scope:** 3 phases (**73–75**), **7** on-disk plans across **`.planning/phases/73-*`**, **`74-*`**, **`75-*`**.
+
+**What shipped:** **AUD-11** — bounded **`lib/sigra/mfa.ex`** **`Multi`** + **`log_multi_safe`** with expanded **`mfa_audit_atomicity_test.exs`**. **AUD-12** / **UAT-01** / **UAT-02** — **`09-03-SUMMARY.md`**, **`.planning/v1.12-UAT-EVIDENCE.md`**, **`docs/uat-ci-coverage.md`** § v1.12 launch evidence. **TRN-01**..**TRN-03** — **`upgrading-to-v1.12.md`**, ExDoc extras, getting-started / **MAINTAINING** / **CHANGELOG** trust-bundle surfacing, **`v1.11-TRIAGE.md`** reconciliation + **`75-VERIFICATION.md`**.
+
+### Key accomplishments
+
+1. **Phase 73 — audit atomicity** — One more **C-1** hybrid site closed with merge-gated audit tests.
+2. **Phase 74 — evidence legibility** — Single index for eight **SEED-001** rows + honest machine vs human boundaries.
+3. **Phase 75 — adoption continuity** — Upgrade stub + maintainer-visible trust bundle + triage-driven doc truth.
+
+### Stats
+
+- **Requirements:** 7/7 **Validated** in archived [`milestones/v1.12-REQUIREMENTS.md`](milestones/v1.12-REQUIREMENTS.md).
+- **Milestone audit:** not filed (optional).
+- **Pre-close `audit-open`:** all artifact types clear (2026-04-24).
+- **`gsd-sdk query milestone.complete`:** failed (`version required for phases archive`); archival manual (same pattern as **v1.10**–**v1.11**).
+- **Git (since `v1.10` tag):** ~49 commits; **59** files (**3601** insertions / **111** deletions in `git diff --shortstat v1.10..HEAD` summary) — spans **v1.11** + **v1.12** tranches.
+
+### Tech debt carried forward
+
+- **SEED-002** remainder — further **`log_safe/3` → `Ecto.Multi`** batches remain backlog-triggered (see **`.planning/seeds/SEED-002-phase-9-log-safe-atomicity-followup.md`**).
+
+**Archive:**
+
+- [v1.12 Roadmap](milestones/v1.12-ROADMAP.md)
+- [v1.12 Requirements](milestones/v1.12-REQUIREMENTS.md)
+
+---
+
+## v1.13 Post–v1.12 operational cadence (Shipped: 2026-04-24)
+
+**Scope:** 1 phase (**76**), planning artifacts only (no library code tranche).
+
+**What shipped:** **CAD-01**..**CAD-03** — **`.planning/PROJECT.md`**, **`.planning/STATE.md`**, **`.planning/ROADMAP.md`**, live **`.planning/REQUIREMENTS.md`** (now archived), and **`.planning/phases/76-post-v1-12-cadence-lock-in/*`** record the **default Hex patch cadence** and **trust-signal event** lanes for resuming full **`/gsd-new-milestone`** (**SEED-001**, **SEED-002**, adoption gap, **ADR 001**), per post–v1.12 production-confidence prioritization.
+
+### Stats
+
+- **Requirements:** 3/3 **Validated** in archived [`milestones/v1.13-REQUIREMENTS.md`](milestones/v1.13-REQUIREMENTS.md).
+- **Timeline:** single session **2026-04-24**; **`/gsd-complete-milestone`** same day — live **`REQUIREMENTS.md`** removed.
+
+### Tech debt carried forward
+
+- Unchanged — **SEED-002** / **SEED-001** / **ADR 001** deferral posture (see **`MAINTAINING.md`** *Resume `/gsd-new-milestone`*).
+
+**Archive:**
+
+- [v1.13 Roadmap](milestones/v1.13-ROADMAP.md)
+- [v1.13 Requirements](milestones/v1.13-REQUIREMENTS.md)
+
+---
+
+## v1.14 Bounded audit trust closure (Shipped: 2026-04-24)
+
+**Scope:** 1 phase (**77**), library + tests + planning truth (**AUD-13**..**AUD-13-04**).
+
+**What shipped:** **`Sigra.MFA.audit_backup_codes_regenerate/3`** and **`Sigra.MFA.audit_trust_browser/2`** now use **`commit_ad_hoc_mfa_audit/5`** — **`Repo.transaction/1`** on **`Ecto.Multi`** + **`Sigra.Audit.log_multi_safe/3`** when `:audit_schema` is set — closing **AUD-04-033** / **AUD-04-034** from **T2** **`log_safe`** to **T1** in **`09-VERIFICATION.md`**. **`test/sigra/mfa_audit_atomicity_test.exs`** gains success, no-op, and CHECK-guard cases. **`09-03-SUMMARY.md`**, **`44-AUD-04-INVENTORY.md`** (grep + table + **EX-44-03**/**04** appendix), and **`CHANGELOG` [Unreleased]** updated. **`regenerate_backup_codes/4`** remains the authoritative backup-code rotation audit path.
+
+### Stats
+
+- **Requirements:** 4/4 **Validated** in archived [`milestones/v1.14-REQUIREMENTS.md`](milestones/v1.14-REQUIREMENTS.md).
+- **Timeline:** **2026-04-24**; **`/gsd-complete-milestone`** same day — live **`REQUIREMENTS.md`** removed.
+- **Milestone audit:** not filed (optional); pre-close **`audit-open`**: all artifact types clear (2026-04-24).
+- **`gsd-sdk query milestone.complete`:** failed (`version required for phases archive`); archival manual (same pattern as **v1.12**–**v1.13**).
+
+### Tech debt carried forward
+
+- **SEED-002** — **Account** / **API token** / OAuth rows in **`44-AUD-04-INVENTORY.md`** and phase **45** inventory remain backlog-triggered.
+- **AUD-04-022** — **`log_safe`** invalid enrollment code path unchanged (**EX-44-02**).
+
+**Archive:**
+
+- [v1.14 Roadmap](milestones/v1.14-ROADMAP.md)
+- [v1.14 Requirements](milestones/v1.14-REQUIREMENTS.md)
+
+---