Verified now
Workspace auth, moderation controls, and audited ops state are implemented.
Security
Claims stay scoped to what is implemented today.
We separate shipped controls, in-progress hardening, and planned work so security copy does not outrun the actual system.
In progress
Broader production hardening, CSP tightening, and product-specific security controls continue through the roadmap.
Public rule
If a control is not implemented and reviewable, it stays out of the claim layer.
Shared authentication foundation
Cockpit auth, workspace membership checks, and protected operational flows are already wired.
Evidence: Supabase-backed auth context and checked ops session endpoints are live in this repo.
Moderated public proof
Testimonials shown publicly can be submitted, reviewed, approved, and removed through moderation routes.
Evidence: Review submit, public review feed, and moderation endpoints now persist to audited Supabase tables.
Durable maintenance state
Maintenance mode and review state no longer rely on temporary KV-or-memory fallbacks in production.
Evidence: Operational state is written to dedicated Supabase tables with audit history.
Offline support
SnapSolve does not currently ship an intentional offline product experience on the public site.
Evidence: The previous half-configured service worker has been removed until a real offline contract exists.