Operator-authorized splits
These are intentionally in-repo until you authorize a separate GitHub repo and (where applicable) PyPI / GitHub-Pages publishing. Each covered in detail in its own runbook.| Item | Where it lives now | What’s needed |
|---|---|---|
kaireon-py PyPI package | platform/integrations/python/ | New repo kaireonai/kaireon-py + PyPI publish (integrations/python) |
decisioning-bench open benchmark | tools/qa/decisioning-bench/ | New repo kaireonai/decisioning-bench + GitHub Pages leaderboard (decisioning-bench) |
Production wires that need ops-side rollout
Code-complete; the deployment side (env vars, dep installs, broker provisioning) needs operator action.| Item | Status | What’s needed |
|---|---|---|
| Real cosign signing on provenance bundle | Deterministic placeholder shipped (W10.1) | Set the COSIGN_KEY env var in deployment and switch the bundle signer over to a real cosign call (decision-provenance) |
| onnxruntime-node installation | Optional dep loaded via createRequire (W9.2) | npm install onnxruntime-node@^1.20 in platform image (onnx-byo) |
| Streaming consumer tier | FLOW_STREAMING_ENABLED gate exists | Provision Kafka/Kinesis/Pulsar broker; flip flag |
| Cron-tier rollout via Helm | Template shipped (W8.2) | helm upgrade with cron tier enabled; verify CRON_SECRET (cron-tier) |
| Outbox publisher pod rollout | Deployment template shipped (W8.3) | helm upgrade; watch outbox-publisher aggregate logs (outbox-publisher) |
Code-side roadmap
Called out as “honest limit / KNOWN GAP / roadmap” in code comments and runbooks. None block production rollout; all are next-iteration enhancements gated on real tenant demand or a downstream feature.| Item | Surface | Why deferred |
|---|---|---|
Stuck processing row reaper | lib/outbox-processor.ts | Pre-existing pre-W8.3 gap; surfaces only on pod kill between publish + status update |
| Multi-input ONNX models | lib/scoring/onnx-runner.ts | Most NBA models fit V1 single-input/single-output; transformers + GPU defer to demand |
| ONNX out-of-band blob store | lib/scoring/onnx-runner.ts + models/import route | 100 MB cap on JSON column; deferred until a customer needs >100 MB |
Auto-binning into gbm_trainer.py | lib/ml/preprocessing.ts | TS-side bridge ships V1; Python port doubles maintenance for marginal gain |
LIME / counterfactual auto-run from /fairness/evaluate | app/api/v1/fairness/evaluate/route.ts | Direct-call only; route doesn’t have a real scorer |
| Multi-stage four-eyes workflow | lib/governance/four-eyes-gate.ts | Realtime path doesn’t run recordDecision state machine; needs approvalRequestStages table |
Offline-bandit apply-mode + multi-turn negotiation | lib/negotiation/{apply-mode, multi-turn}.ts | Both at 0 imports; intentionally deferred per audit until eval-harness clearance |
| Lagrangian cross-offer constraints | lib/ranking/apply-lagrangian.ts | V1 only models per-offer constraints; cross-offer needs Offer-schema changes |
| Bandit arm-index from realtime recommend | lib/ranking/apply-online-tuning.ts + recommend/route.ts | Realtime recommend doesn’t sample arms yet |
| Slack/Discord webhook for nightly negotiation eval | .github/workflows/nightly-eval.yml | Failure surfaces only as GitHub Actions email today |
| Sentry/errorId pattern in outbox publisher | Outbox publisher worker | getLogger().error shipped V1; logError migration tracked across the repo |
kaireon_outbox_pending_count Prometheus gauge | lib/outbox-processor.ts | Recommended Prometheus alert references a metric that doesn’t exist yet |
Branch protection on main requiring audit-scaffold-coverage | GitHub repo settings | Operator action via GitHub UI |
Honest composite at W10 close
| Dimension | Grade |
|---|---|
| Decisioning (next-best-action core) | 9/10 |
| Case management / BPM | 2/10 (intentionally out of scope) |
| Explanations | 9/10 |
| Ranking | 8/10 |
| Governance | 8/10 |
| Decision simulator | 9/10 |
| Qualification | 8/10 |
| Negotiation | 7/10 |
| Provenance | 9/10 |
| Open bench | 7/10 |
Why these residuals exist (honest answer)
For operator-authorized items: we deliberately do not create new GitHub repos, modify production secrets, or flip production flags from inside an automated coding session. The repository’sCLAUDE.md
authorizes file edits + scripts + package installs but not
GitHub-org-level actions or AWS-side changes.
For code-side roadmap items: each was called out inline in the
corresponding source file AND in this runbook as a “honest limit /
KNOWN GAP / roadmap” note. They are not blockers for V1 production
rollout; they are next-iteration enhancements gated on tenant demand
or a downstream feature landing first.
For deferred negotiation scaffolds: per the W7 audit, these need a
real-data eval harness clearance + regulator review before promotion
can be responsible. The W7.2 nightly eval harness now generates that
signal — promotion is an operator call once it stabilizes.