docs: create roadmap (18 phases)

This commit is contained in:
salvacybersec
2026-04-04 19:12:41 +03:00
parent 6803863833
commit ee92aad4cf
4 changed files with 531 additions and 18 deletions

65
.planning/STATE.md Normal file
View File

@@ -0,0 +1,65 @@
# Project State
## Project Reference
See: .planning/PROJECT.md (updated 2026-04-04)
**Core value:** Detect leaked LLM API keys across more providers and more internet sources than any other tool, with active verification to confirm keys are real and alive.
**Current focus:** Phase 1 — Foundation
## Current Position
Phase: 1 of 18 (Foundation)
Plan: 0 of ? in current phase
Status: Ready to plan
Last activity: 2026-04-04 — Roadmap created, 18 phases defined covering 146 v1 requirements
Progress: [░░░░░░░░░░░░░░░░░░░░] 0%
## Performance Metrics
**Velocity:**
- Total plans completed: 0
- Average duration: —
- Total execution time: 0 hours
**By Phase:**
| Phase | Plans | Total | Avg/Plan |
|-------|-------|-------|----------|
| - | - | - | - |
**Recent Trend:**
- Last 5 plans: —
- Trend: —
*Updated after each plan completion*
## Accumulated Context
### Decisions
Decisions are logged in PROJECT.md Key Decisions table.
Recent decisions affecting current work:
- Roadmap: CGO_ENABLED=0 throughout — modernc.org/sqlite over mattn/go-sqlite3 (see PROJECT.md)
- Roadmap: Per-source rate limiter architecture (Phase 9) must precede all OSINT source modules (Phases 10-16)
- Roadmap: AES-256 encryption added in Phase 1, not post-hoc — avoids migration complexity
- Roadmap: Verification (Phase 5) requires consent prompt + LEGAL.md — not optional polish
### Pending Todos
None yet.
### Blockers/Concerns
- Phase 1: Argon2 vs PBKDF2 for database encryption key derivation — needs decision before Storage Layer implementation
- Phase 1: Aho-Corasick library choice (cloudflare/ahocorasick vs bobrik/ahocorasick) — verify which TruffleHog uses
- Phase 2+: Provider YAML patterns for 108 providers — lesser-known providers need targeted research (Chinese LLMs, niche APIs)
- Phase 11: Google Custom Search API quota (100 queries/day free tier) vs direct scraping ToS trade-off — product decision needed
## Session Continuity
Last session: 2026-04-04
Stopped at: Roadmap written to .planning/ROADMAP.md; ready to begin Phase 1 planning
Resume file: None