You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Use the protected release gate and short-lived deployment identity to prove the #118 profile-recovery backend in isolated staging, then deploy the exact compatible backend to the approved target Firebase project before publishing the website.
This is the actual release/evidence ticket. #135 is closed and the #118 source is merged. It is not ready to claim until #113 and #133 close and a protected Netlify production-release child under WEB-001 closes.
Officer impact: The reported profile permission failure is repaired without an officer editing a member record, deleting an account, or granting a role.
Officer documentation: Verify/update docs/officers/EVENTS_SHOP_MEMBERS.md, docs/officers/EMERGENCY_AND_RECOVERY.md, docs/officers/PUBLISH_AND_CHECK.md, docs/officers/SYSTEM_MAPS.md, OPERATIONS_RUNBOOK.md, and the private continuity record.
Deployment evidence: None at creation. Closure requires separate exact evidence for staging, target Rules, each target Function, website publication, runmprc.com, App Check policy, rollback, and synthetic live behavior.
WEB-001 protected-release child: exact-commit Netlify production publication, deployed-commit proof, and rollback without reintroducing the Pages CNAME conflict.
Do not use a broad all-Functions deployment. This release is limited to the exact #100 Rules plus createMemberOnSignUp and ensureMemberProfile, followed by the dependent website. Other Functions remain outside this ticket.
Required release sequence
Record the exact approved source commit and required green checks.
Confirm the staging project contains no real member/customer data and all provider calls are isolated.
missing/invalid App Check is rejected when enforcement is enabled, or the open enforcement gate is recorded when disabled;
name/phone edits succeed only for the caller and all protected-field/cross-user writes fail.
Record and rehearse the last-compatible Rules/Functions/website rollback or reviewed safe roll-forward in staging.
Obtain the named production approval through the protected environment.
Deploy and verify the same exact Rules plus both revised Functions in the approved target Firebase project.
If any target backend surface is skipped, partial, mismatched, or unverified, stop. Restore the reviewed backend set or safely roll forward. Do not publish the website.
Publish the dependent website only after exact target-backend proof.
Verify the exact website revision on the configured hosts and runmprc.com.
Run only the approved synthetic live smoke. Never inspect or modify a real member profile.
Acceptance criteria
Exact commit, CI checks, two reviews, and protected approver are recorded.
Staging uses made-up data and isolated provider/network paths.
Stop if any dependency is open, target project/approver is uncertain, provider isolation is unproven, the deployment would include all Functions, the backend is partial, or a test needs real member data. Do not repair production data through Firebase Console.
Claim protocol
Creation is not a claim. After every dependency is closed, assign one release agent and post CLAIMED by <canonical agent> at <UTC>; exact commit <sha> before any staging action. Provider-console and production approval remain human-owner actions. Keep all sensitive evidence in the approved private continuity record.
Outcome
Use the protected release gate and short-lived deployment identity to prove the #118 profile-recovery backend in isolated staging, then deploy the exact compatible backend to the approved target Firebase project before publishing the website.
This is the actual release/evidence ticket. #135 is closed and the #118 source is merged. It is not ready to claim until #113 and #133 close and a protected Netlify production-release child under WEB-001 closes.
Officer impact: The reported profile permission failure is repaired without an officer editing a member record, deleting an account, or granting a role.
Officer documentation: Verify/update
docs/officers/EVENTS_SHOP_MEMBERS.md,docs/officers/EMERGENCY_AND_RECOVERY.md,docs/officers/PUBLISH_AND_CHECK.md,docs/officers/SYSTEM_MAPS.md,OPERATIONS_RUNBOOK.md, and the private continuity record.Deployment evidence: None at creation. Closure requires separate exact evidence for staging, target Rules, each target Function, website publication,
runmprc.com, App Check policy, rollback, and synthetic live behavior.Dependencies
13ccc1b67dd57f69091e808b12e1287a1bc05b2f: exact create-once trigger/callable and fail-closed website source.9eafab1217aff7058c42240aaba72d7b93f8ed24.Do not use a broad all-Functions deployment. This release is limited to the exact #100 Rules plus
createMemberOnSignUpandensureMemberProfile, followed by the dependent website. Other Functions remain outside this ticket.Required release sequence
runmprc.com.Acceptance criteria
runmprc.comis checked without using a real member.Stop conditions
Stop if any dependency is open, target project/approver is uncertain, provider isolation is unproven, the deployment would include all Functions, the backend is partial, or a test needs real member data. Do not repair production data through Firebase Console.
Claim protocol
Creation is not a claim. After every dependency is closed, assign one release agent and post
CLAIMED by <canonical agent> at <UTC>; exact commit <sha>before any staging action. Provider-console and production approval remain human-owner actions. Keep all sensitive evidence in the approved private continuity record.