Skip to content

docs: update ROADMAP with enterprise adoption milestones (June 2026) #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
shenxianpeng merged 1 commit into from
May 30, 2026
Merged

docs: update ROADMAP with enterprise adoption milestones (June 2026) #5

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 37 additions & 10 deletions ROADMAP.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ This document outlines the planned evolution of Open Delivery Spec. Priorities s

---

## Current Status (May 2026)
## Current Status (June 2026)

> **Strategy**: Narrow focus on ODS L1 + AI Disclosure as the primary adoption path. Modules 04-09 are direction-setting experiments. The wedge is: make AI-generated PRs easier to review, not to prove a full governance framework.

Expand All @@ -30,37 +30,63 @@ This document outlines the planned evolution of Open Delivery Spec. Priorities s
| 08 — Rollback Plan | 🧪 Experimental | ⬜ validate schema only |
| 09 — Production Evidence | 🧪 Experimental | ⬜ validate schema only |

### Enterprise Policy & Compliance Tooling

These capabilities are now production-ready and run through the CLI and GitHub Action:

| Capability | Status |
|--------|--------|
| `.ods.yaml` enterprise policy with profiles (`oss` / `enterprise` / `regulated`) | ✅ Production |
| HTML/JSON/SVG/Markdown compliance report with scores and fix suggestions | ✅ Production |
| PR bot comment with copy-paste fix templates on failure | ✅ Production |
| AI review record generation (L1/L2/L3) with reviewer attestation | ✅ Production |
| `ods review validate` against AI Change Review schema | ✅ Production |

---

## Milestones

### M1 — First Trusted Checkpoint (Q3 2026)
### M1 — First Trusted Checkpoint

**Goal:** Prove the loop works end-to-end for the simplest modules.
**Status: Complete (May 2026)**

- [x] CLI: `ods validate branch|commit|pr` passes against real projects
- [x] GitHub Action runs reliably with Go-based CLI (validate-action@v1 published)
- [x] End-to-end example with workflow files (see `examples/end-to-end/`)
- [x] `.ods/` artifact directory convention documented

### M2 — AI-Native Tooling (Q4 2026)
### M2 — AI-Native Tooling

**Goal:** Build the CLI tools for AI review and CI failure analysis. Keep modules experimental pending adoption signal.
**Status: Complete (May 2026)**

- [x] CLI: `ods ci parse` with hallucination detection
- [x] CLI: `ods review generate` producing L1/L2/L3 records
- [x] JSON Schemas for modules 04-09 published
- [x] Enterprise policy system: `.ods.yaml` with profiles, severity maps, configurable rules
- [x] Compliance report: `ods report` outputting HTML, JSON, SVG badge, Markdown with fix suggestions
- [x] PR bot comments with copy-paste fix templates on validation failure
- [ ] Adoption signal: 2+ teams using ODS L1 with positive feedback

### M3 — L1 Stable + Early Evidence (Q1 2027)
### M3 — Enterprise Adoption Surface (Q3 2026)

**Goal:** Promote ODS L1 to Stable. Begin evidence module maturation based on real-world feedback.
**Goal:** Reduce friction for enterprise teams adopting ODS. Make the onboarding experience self-service.

- [ ] `ods init` command: one-command scaffolding of `.github/pull_request_template.md`, `.github/workflows/ods.yml`, `.ods.yaml`
- [ ] Adoption mode in policy: `mode: observe | warn | enforce` for progressive roll-out
- [ ] Multi-platform CI examples: GitLab CI, Bitbucket Pipelines, Jenkins (copy-paste templates)
- [ ] Agent instructions: `AGENTS.md` / `.claude.md` / Copilot instructions for ODS-compliant branch, commit, and PR creation
- [ ] Modules 01-03 promoted to Stable (1.0.0)

### M4 — Supply Chain & Compliance Bridge (Q3–Q4 2026)

**Goal:** Position ODS as the delivery-governance layer that complements SLSA and maps to AI regulations.

- [ ] SLSA evidence bridge: JSON mapping from ODS PR evidence → SLSA provenance link and guidance doc
- [ ] Control mapping doc: ODS fields → NIST AI RMF / EU AI Act / internal audit controls (traceability, human oversight, AI disclosure)
- [ ] At least one evidence module (04-06) promoted to Candidate based on adopter needs
- [ ] Multi-platform CI examples (GitLab CI, Bitbucket Pipelines)
- [ ] `ods-ai-review.json` artifact with AI tool, AI scope, human reviewer, review checklist, risk level

### M4Governance Model (Q2 2027)
### M5Community & Governance (Q4 2026)

**Goal:** Formal governance and community adoption.

Expand All @@ -73,8 +99,9 @@ This document outlines the planned evolution of Open Delivery Spec. Priorities s
## Non-Goals (for now)

- A hosted dashboard / SaaS offering — focus is on the spec + CLI + CI integration
- Deep integrations with every CI platform — start with GitHub Actions, expand later
- Deep integrations with every CI platform — start with GitHub Actions, expand with copy-paste examples
- Runtime monitoring / observability standards — out of scope; ODS covers pre-deployment and deployment artifacts
- Replacing SLSA — ODS complements SLSA (delivery governance layer before build provenance layer)

## How to Influence

Expand Down
Loading