[
  {
    "id": "hub-platform-master",
    "title": "[Roadmap] Platform north star & change log (living doc)",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:docs", "area:platform-docs", "priority:P2"],
    "body": "## Summary\nKeep [`docs/PLATFORM-MASTER.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/PLATFORM-MASTER.md) aligned with reality: 40M users / 600k FMC920-class devices, principles, append-only log.\n\n## Acceptance\n- [ ] Quarterly review with engineering + ops\n- [ ] Log entries for each architecture/security/capacity change\n\n## Links\n- [`docs/platform/README.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/README.md)\n"
  },
  {
    "id": "mvp-phase1-dod",
    "title": "[Roadmap] Close Fase 1 MVP gaps vs `phase-1-mvp.md`",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:docs", "area:platform-docs", "priority:P2"],
    "body": "## Summary\nValidate production/staging against [`docs/platform/phase-1-mvp.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/phase-1-mvp.md): ingest, ACK, Postgres persistence, baseline UI, monitoring.\n\n## Acceptance\n- [ ] Checklist section DoD reviewed\n- [ ] Gaps filed as separate issues\n\n## Links\n- [`docs/telematics/README.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/telematics/README.md)\n"
  },
  {
    "id": "staging-env",
    "title": "[Roadmap] Dedicated staging stack (compose + secrets pattern)",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:deploy", "priority:P1"],
    "body": "## Summary\nSeparate staging from production: own `.env` / secrets, DNS, optional smaller resources. Matches starter issue theme *staging*.\n\n## Acceptance\n- [ ] `docker-compose` + deploy docs for staging path\n- [ ] Smoke checklist before promoting to prod\n\n## Links\n- [`deploy/env.production.template`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/deploy/env.production.template)\n- [`docs/github/SETUP.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/github/SETUP.md)\n"
  },
  {
    "id": "branch-protection",
    "title": "[Roadmap] Enforce branch protection on `main` + required checks",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:docs", "area:deploy", "priority:P1"],
    "body": "## Summary\nProtect `main`: required PR, required status checks (CI, docs CI, dependency review), no force-push. Enables safe Dependabot auto-merge.\n\n## Acceptance\n- [ ] Rule active in GitHub Settings → Branches\n- [ ] Allow auto-merge enabled (repo Settings → General)\n\n## Links\n- [`docs/github/SETUP.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/github/SETUP.md)\n"
  },
  {
    "id": "auth-keycloak-path",
    "title": "[Roadmap] Keycloak / OIDC hardening & migration from session-only",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:deploy", "priority:P2"],
    "body": "## Summary\nPhase 2 already supports `KEYCLOAK_ISSUER` + Bearer JWT when user exists in Postgres. Plan: realm automation, MFA policy, migration runbook from bootstrap/session-heavy ops.\n\n## Acceptance\n- [ ] ADR update for chosen IdP rollout\n- [ ] Staging realm + test users\n\n## Links\n- [`docs/platform/phase-2-v1.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/phase-2-v1.md)\n- [`docs/platform/identity-and-network-boundary.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/identity-and-network-boundary.md)\n"
  },
  {
    "id": "telematics-horizontal-scale",
    "title": "[Roadmap] Telematics gateway horizontal scale + sticky TCP",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:telematics", "priority:P1"],
    "body": "## Summary\nDesign + validate path to many gateway replicas behind L4 LB with IMEI/session stickiness. Align with 600k device goal in PLATFORM-MASTER.\n\n## Acceptance\n- [ ] ADR or scaling doc update with failure modes\n- [ ] Load test outline in [`docs/platform/load-test-plan.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/load-test-plan.md)\n\n## Links\n- [`docs/telematics/scaling.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/telematics/scaling.md)\n- [`services/telematics-gateway/`](https://github.com/Jjustmee23/omnihub-schoolV2/tree/main/services/telematics-gateway)\n"
  },
  {
    "id": "kafka-ops",
    "title": "[Roadmap] Kafka retention, lag alerts, and topic governance",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:telematics", "priority:P2"],
    "body": "## Summary\nOperational defaults for `telematics.avl` (and future topics): retention, compaction policy, consumer lag alerting, replay playbook.\n\n## Acceptance\n- [ ] Runbook in `docs/` linked from telematics README\n- [ ] Staging soak 24h without unbounded disk growth\n\n## Links\n- [`docs/platform/adr/0004-data-plane-and-event-backbone.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/adr/0004-data-plane-and-event-backbone.md)\n"
  },
  {
    "id": "clickhouse-ops",
    "title": "[Roadmap] ClickHouse production sizing — TTL, partitions, backups",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:telematics", "priority:P1"],
    "body": "## Summary\n`device_positions_ch` growth: TTL/partition strategy, backup/restore, query SLOs for `/positions/history`.\n\n## Acceptance\n- [ ] Capacity line items in [`docs/platform/capacity-baseline.csv`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/capacity-baseline.csv)\n- [ ] DR note in [`docs/platform/backup-dr-policy-template.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/backup-dr-policy-template.md)\n\n## Links\n- [`docs/platform/data-plane.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/data-plane.md)\n"
  },
  {
    "id": "load-test-execution",
    "title": "[Roadmap] Execute load/soak tests per `load-test-plan.md`",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:deploy", "priority:P2"],
    "body": "## Summary\nRun scripted load against API + gateway; record RPS, p95 latency, DB CPU, Kafka lag, CH insert rate.\n\n## Acceptance\n- [ ] Results appended to plan doc or ADR\n- [ ] Regressions filed as bugs\n\n## Links\n- [`docs/platform/load-test-plan.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/load-test-plan.md)\n"
  },
  {
    "id": "capacity-baseline-fill",
    "title": "[Roadmap] Fill `capacity-baseline.csv` + review cadence",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:docs", "area:platform-docs", "priority:P2"],
    "body": "## Summary\nReplace TBD placeholders with measured or estimated values for accounts, sessions, HTTP RPS, tracker TCP, messages/sec.\n\n## Acceptance\n- [ ] All rows have owner + date\n- [ ] Review quarterly\n\n## Links\n- [`docs/platform/capacity-baseline.csv`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/capacity-baseline.csv)\n"
  },
  {
    "id": "e2e-ci",
    "title": "[Roadmap] E2E smoke tests in CI (login + critical API paths)",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:frontend", "priority:P2"],
    "body": "## Summary\nMinimal Playwright/Cypress (or API-only) smoke: health, auth bootstrap path, one fleet read. Runs in GitHub Actions against compose stack or mocked services.\n\n## Acceptance\n- [ ] Workflow green on PR\n- [ ] Documented in CONTRIBUTING or SETUP\n\n## Links\n- [`.github/workflows/deploy.yml`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/.github/workflows/deploy.yml)\n"
  },
  {
    "id": "api-security-audit",
    "title": "[Roadmap] API security pass — rate limits, authz matrix, bulk endpoints",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:deploy", "priority:P1"],
    "body": "## Summary\nReview `server.ts` routes: role checks on fleet/trip/support, `fleetBulkLimiter`, JSON body limits, session/JWT edge cases.\n\n## Acceptance\n- [ ] Threat model note in `docs/platform` or SECURITY follow-up\n- [ ] No unauthenticated sensitive reads\n\n## Links\n- [`server.ts`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/server.ts)\n- [`SECURITY.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/SECURITY.md)\n"
  },
  {
    "id": "gov-audit-export",
    "title": "[Roadmap] Government audit trail — exportable activity log",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:frontend", "priority:P2"],
    "body": "## Summary\n`overheid` role: immutable audit of sensitive actions (user/device/trip changes), CSV/JSON export, retention policy.\n\n## Acceptance\n- [ ] Schema + API + UI slice\n- [ ] Privacy review for school data\n\n## Links\n- [`README.md` roles](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/README.md)\n"
  },
  {
    "id": "backup-dr-drill",
    "title": "[Roadmap] Quarterly Postgres backup restore drill",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:docs", "area:deploy", "priority:P2"],
    "body": "## Summary\nProve RTO/RPO from [`docs/platform/backup-restore.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/backup-restore.md) and [`backup-dr-policy-template.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/backup-dr-policy-template.md).\n\n## Acceptance\n- [ ] Drill report stored (date, duration, issues)\n\n## Links\n- [`scripts/pg-backup.ps1`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/scripts/pg-backup.ps1)\n"
  },
  {
    "id": "k8s-pilot",
    "title": "[Roadmap] Kubernetes pilot — namespaces + workload split",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:docs", "area:deploy", "priority:P2"],
    "body": "## Summary\nFollow [`docs/platform/deployment-kubernetes.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/deployment-kubernetes.md): dev/stage/prod namespaces, secrets, ingress/TCP services for gateway.\n\n## Acceptance\n- [ ] Non-prod cluster runs minimal stack\n- [ ] ADR if production path chosen\n\n## Links\n- [`docs/platform/examples/nginx-lb-example.conf`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/examples/nginx-lb-example.conf)\n"
  },
  {
    "id": "iraq-apn-ops",
    "title": "[Roadmap] Iraq private APN / operator checklist — operational sign-off",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:docs", "area:platform-docs", "priority:P2"],
    "body": "## Summary\nExecute checklist in [`docs/platform/iraq-apn-operator-requirements.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/iraq-apn-operator-requirements.md) with field + operator stakeholders.\n\n## Acceptance\n- [ ] Documented exceptions and DNS/TLS plan\n\n## Links\n- [`README.md` Teltonika / Iraq](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/README.md)\n"
  },
  {
    "id": "opensearch-eval",
    "title": "[Roadmap] Evaluate OpenSearch for fleet search / analytics (data-plane)",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:telematics", "priority:P2"],
    "body": "## Summary\n[`docs/platform/data-plane.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/data-plane.md) mentions OpenSearch. Decide: adopt vs defer; ingestion path from Kafka vs API.\n\n## Acceptance\n- [ ] ADR with cost/ops trade-off\n\n## Links\n- [`docs/platform/adr/0004-data-plane-and-event-backbone.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/adr/0004-data-plane-and-event-backbone.md)\n"
  },
  {
    "id": "i18n-audit",
    "title": "[Roadmap] i18n completeness — en / ar-IQ / ckb for all visible UI",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:i18n", "priority:P2"],
    "body": "## Summary\nAudit React routes for missing keys; RTL verification for `ar-IQ` and `ckb`.\n\n## Acceptance\n- [ ] Checklist per major view (map, fleet, trips, schools, setup)\n\n## Links\n- [`src/locales/`](https://github.com/Jjustmee23/omnihub-schoolV2/tree/main/src/locales)\n"
  },
  {
    "id": "mobile-ux-parity",
    "title": "[Roadmap] Mobile UX parity — driver + government dashboards",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:frontend", "priority:P2"],
    "body": "## Summary\nResponsive patterns; touch targets; offline-tolerant read paths where feasible.\n\n## Acceptance\n- [ ] Test matrix for common phones + RTL\n\n## Links\n- [`src/App.tsx`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/src/App.tsx)\n"
  },
  {
    "id": "observability-dashboards",
    "title": "[Roadmap] Grafana dashboards — app `/metrics` + gateway `METRICS_PORT`",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:deploy", "priority:P2"],
    "body": "## Summary\nCompose or k8s sidecar: scrape Prometheus metrics from Node app and telematics-gateway; dashboards for RPS, errors, TCP sessions, Kafka lag.\n\n## Acceptance\n- [ ] Dashboard JSON in repo or linked doc\n\n## Links\n- [`README.md` health/metrics](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/README.md)\n"
  },
  {
    "id": "structured-logging",
    "title": "[Roadmap] Structured logging + request correlation IDs",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:deploy", "priority:P2"],
    "body": "## Summary\nJSON logs from Express + gateway + worker; propagate `X-Request-Id` / trace id through API → DB → Kafka consumers.\n\n## Acceptance\n- [ ] Doc for operators (log query examples)\n\n## Links\n- [`server.ts`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/server.ts)\n"
  },
  {
    "id": "secrets-rotation",
    "title": "[Roadmap] Secrets rotation runbook (session, DB, SMTP, SSH deploy)",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:docs", "area:deploy", "priority:P2"],
    "body": "## Summary\nDocument rotation for `SESSION_SECRET`, Postgres, GitHub Actions secrets, server `.env` patching via `patch-env-github-secrets.sh`.\n\n## Acceptance\n- [ ] Runbook + calendar reminder\n\n## Links\n- [`.github/DEPLOY-SECRETS.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/.github/DEPLOY-SECRETS.md)\n"
  },
  {
    "id": "multi-region-adr",
    "title": "[Roadmap] Multi-region readiness — data residency ADR",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:docs", "area:platform-docs", "priority:P2"],
    "body": "## Summary\nWhen moving beyond single region: Postgres/CH/Kafka placement, legal, latency. Align with PLATFORM-MASTER §7 multi-server note.\n\n## Acceptance\n- [ ] ADR draft + link from PLATFORM-MASTER\n\n## Links\n- [`docs/PLATFORM-MASTER.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/PLATFORM-MASTER.md)\n"
  },
  {
    "id": "student-retention",
    "title": "[Roadmap] Student PII retention & deletion policy (UI + API)",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:frontend", "priority:P2"],
    "body": "## Summary\nConfigurable retention, export, delete/anonymize flows for GDPR-style requirements.\n\n## Acceptance\n- [ ] Policy doc + implementation tickets split by entity\n\n## Links\n- [`/api/students` routes](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/server.ts)\n"
  },
  {
    "id": "fleet-analytics",
    "title": "[Roadmap] Fleet analytics beyond position history API",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:telematics", "priority:P2"],
    "body": "## Summary\nReports: utilization, route adherence, idle time, fuel (if device fields exist). May leverage ClickHouse aggregates.\n\n## Acceptance\n- [ ] MVP report list agreed with government users\n\n## Links\n- [`GET /api/fleet/devices/:imei/positions/history`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/server.ts)\n"
  },
  {
    "id": "protocol-expansion",
    "title": "[Roadmap] Additional device protocols / codecs (beyond Codec 8)",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:telematics", "priority:P2"],
    "body": "## Summary\nEvaluate second manufacturer or Codec 8 Extended needs; impact on gateway parser matrix and tests.\n\n## Acceptance\n- [ ] ADR per protocol family\n\n## Links\n- [`docs/telematics/README.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/telematics/README.md)\n"
  },
  {
    "id": "telemetry-worker-ha",
    "title": "[Roadmap] Telemetry worker scaling + consumer group ops",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:telematics", "priority:P2"],
    "body": "## Summary\nMultiple worker replicas, partition assignment, idempotency, DLQ/replay for poison messages.\n\n## Acceptance\n- [ ] Runbook for lag spike + replay\n\n## Links\n- [`services/telemetry-worker/`](https://github.com/Jjustmee23/omnihub-schoolV2/tree/main/services/telemetry-worker)\n"
  },
  {
    "id": "socket-io-scale",
    "title": "[Roadmap] Socket.io / realtime scale-out (Redis adapter path)",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:frontend", "priority:P2"],
    "body": "## Summary\nWhen multiple app instances: sticky sessions or Redis adapter for Socket.io; validate with load test.\n\n## Acceptance\n- [ ] Doc + optional compose profile\n\n## Links\n- [`src/socket.ts`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/src/socket.ts)\n"
  },
  {
    "id": "docusaurus-coverage",
    "title": "[Roadmap] Docusaurus — cover all public operator/developer topics",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:docs", "area:documentation", "priority:P2"],
    "body": "## Summary\nEnsure `documentation/` sidebars include runbooks, telematics, deploy, GitHub setup; no secrets in content.\n\n## Acceptance\n- [ ] `npm run docs:ci` passes; nav reviewed\n\n## Links\n- [`documentation/sidebars.ts`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/documentation/sidebars.ts)\n"
  },
  {
    "id": "project-board-automation",
    "title": "[Roadmap] GitHub Project fields + workflows (Backlog → Done)",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:docs", "area:platform-docs", "priority:P2"],
    "body": "## Summary\nEnsure built-in Project workflows: issue closed → Done; optional new issues → board.\n\n## Acceptance\n- [ ] Columns: Backlog, Ready, In progress, In review, Done\n\n## Links\n- [`docs/github/SETUP.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/github/SETUP.md)\n"
  },
  {
    "id": "support-api-productize",
    "title": "[Roadmap] Productize `GET /api/support/devices/:imei` (overheid diagnostics)",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:telematics", "priority:P2"],
    "body": "## Summary\nExpose richer timeline in UI: raw ingest counts, Redis last payload, online transitions. Align with ops runbooks.\n\n## Acceptance\n- [ ] UI panel + permission audit\n\n## Links\n- [`docs/platform/phase-2-v1.md`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/docs/platform/phase-2-v1.md)\n"
  },
  {
    "id": "trip-reliability",
    "title": "[Roadmap] Trip / driver flows — reliability & edge cases",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:frontend", "priority:P2"],
    "body": "## Summary\nHarden `/api/trip/*` and sick-student flows: concurrency, retries, visible errors (i18n).\n\n## Acceptance\n- [ ] Test cases documented\n\n## Links\n- Trip routes in [`server.ts`](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/server.ts)\n"
  },
  {
    "id": "schools-governance",
    "title": "[Roadmap] Schools CRUD + government oversight UX completion",
    "labels": ["roadmap", "omnitrack-roadmap-batch", "type:feature", "area:frontend", "priority:P2"],
    "body": "## Summary\n`GET/POST /api/schools` exists — complete UI flows: edit, archive, audit, bulk where needed.\n\n## Acceptance\n- [ ] Role matrix documented\n\n## Links\n- [`server.ts` schools routes](https://github.com/Jjustmee23/omnihub-schoolV2/blob/main/server.ts)\n"
  }
]