{"pr_number": 0, "merge_sha": "97939efe1f5eaac53c0a1473d88d91783a9e01fb", "merge_timestamp": "2026-05-07T22:22:29-05:00", "change_type": "data_update", "domain": "compliance", "scope_summary": "Archive compliance CSVs 04182026–05062026; retain compliance_05072026.csv + compliance_05072026_r2.csv per CSV management policy (max 2 active versions).", "rows_affected": 897, "module_id": null, "tool_id": null, "record_ids": [], "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "local commit", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "f898cd76b344f2e7bc4f9a58a05f1899de110934", "merge_timestamp": "2026-05-07T22:21:55-05:00", "change_type": "feature", "domain": "compliance", "scope_summary": "Plans 09-12: trust path xwalk sourcing fix (library items as traversal sources), timeline_anchor rationale type added, 22 xwalk edges loaded. GeoFilter/SectorFilter wired into LibraryView + ComplianceView ForYouSection. normalize-vocab-tags CI script produces ISO 3166 + NAICS _r2 CSVs. 37 data integrity + unit tests added.", "rows_affected": null, "module_id": null, "tool_id": null, "record_ids": ["xw-001", "xw-002", "xw-003", "xw-004", "xw-005", "xw-006", "xw-007", "xw-008", "xw-009", "xw-010", "xw-011", "xw-012", "xw-013", "xw-014", "xw-015", "xw-016", "xw-017", "xw-018", "xw-019", "xw-020", "xw-021", "xw-022"], "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "local commit", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "33cb51808f7abc3f1e19c259085e0fdc283dcdb5", "merge_timestamp": "2026-05-07T20:41:12-05:00", "change_type": "feature", "domain": "compliance", "scope_summary": "Plan 08: IR 8477 trust path filtering wired into compliance For You tab. traverseXwalkPaths engine, useApplicabilityWithPaths hook, TrustPathPopover component. Derived tier renders after advisory with confidence-propagated results and Why shown popover.", "rows_affected": null, "module_id": null, "tool_id": null, "record_ids": [], "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "local commit", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "f9b18886daf70593d41a276eb68ba93d39151bc6", "merge_timestamp": "2026-05-07T20:24:30-05:00", "change_type": "data_update", "domain": "library", "scope_summary": "Plans 03-06: concept_xwalks_05072026.csv (22 edges, IR 8477 relationships), pqc-vocab-overlay.json (NAICS + ISO 3166 vocab), CBOM schema, confidence scale (high=85/medium=60/low=30), validator checks for provenance and schema compliance.", "rows_affected": 22, "module_id": null, "tool_id": null, "record_ids": ["NIST CSWP 39", "FIPS 203", "FIPS 204", "FIPS 205", "NSA CNSA 2.0", "AU-ASD-ISM-Crypto-2024", "UK NCSC PQC Guidance", "CA-TBS-SPIN-PQC-2025"], "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "local commit", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": 5, "sample_size": 22}
{"pr_number": 0, "merge_sha": "0b3db31e23b4266c660243d57f6583500b9fec1d", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "feature", "domain": "module", "scope_summary": "Plans 01+02: module and workshop tool version gates with semver badges. ReviewedBadge, ConfidenceIndicator, ContentUpdatesFeed components. Learn module content version tracking wired into useModuleStore.", "rows_affected": null, "module_id": null, "tool_id": null, "record_ids": ["PT-001", "PT-002", "PT-003", "PT-004", "PT-005", "PT-006", "PT-007", "PT-008", "PT-009", "PT-SSH-PQC", "PT-010", "PT-011", "PT-012", "PT-013", "PT-014", "PT-015", "PT-016", "PT-017", "PT-025", "PT-026", "PT-027", "PT-018", "PT-019", "PT-020", "PT-021", "PT-022", "PT-023", "PT-024", "PT-028", "crypto-agility"], "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "local commit", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "af8f1c192aee19b93abe82dac587b396c3d16630", "merge_timestamp": "2026-05-07T19:36:03-05:00", "change_type": "feature", "domain": "algorithms", "scope_summary": "Plan 00 Foundation: revision log schema (revisions.jsonl), CODEOWNERS, PROV-DM provenance model. confidenceScale.ts (CONFIDENCE_SCALE high/medium/low). CI append-revision workflow stub. Baseline for Trust Engine Plans 01-12.", "rows_affected": null, "module_id": null, "tool_id": null, "record_ids": [], "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "local commit", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — ai-security-pqc v1.0.0", "rows_affected": null, "module_id": "ai-security-pqc", "tool_id": null, "record_ids": ["ai-security-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — api-security-jwt v1.0.0", "rows_affected": null, "module_id": "api-security-jwt", "tool_id": null, "record_ids": ["api-security-jwt"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — aerospace-pqc v1.0.0", "rows_affected": null, "module_id": "aerospace-pqc", "tool_id": null, "record_ids": ["aerospace-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — arch-quantum-impact v1.0.0", "rows_affected": null, "module_id": "arch-quantum-impact", "tool_id": null, "record_ids": ["arch-quantum-impact"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — automotive-pqc v1.0.0", "rows_affected": null, "module_id": "automotive-pqc", "tool_id": null, "record_ids": ["automotive-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — code-signing v1.0.0", "rows_affected": null, "module_id": "code-signing", "tool_id": null, "record_ids": ["code-signing"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — compliance-strategy v1.0.0", "rows_affected": null, "module_id": "compliance-strategy", "tool_id": null, "record_ids": ["compliance-strategy"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-04-12T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — confidential-computing v1.0.0", "rows_affected": null, "module_id": "confidential-computing", "tool_id": null, "record_ids": ["confidential-computing"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — crypto-agility v1.0.0", "rows_affected": null, "module_id": "crypto-agility", "tool_id": null, "record_ids": ["crypto-agility"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — crypto-dev-apis v1.0.0", "rows_affected": null, "module_id": "crypto-dev-apis", "tool_id": null, "record_ids": ["crypto-dev-apis"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-04-22T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — crypto-mgmt-modernization v1.1.0", "rows_affected": null, "module_id": "crypto-mgmt-modernization", "tool_id": null, "record_ids": ["crypto-mgmt-modernization"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — data-asset-sensitivity v1.0.0", "rows_affected": null, "module_id": "data-asset-sensitivity", "tool_id": null, "record_ids": ["data-asset-sensitivity"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — database-encryption-pqc v1.0.0", "rows_affected": null, "module_id": "database-encryption-pqc", "tool_id": null, "record_ids": ["database-encryption-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — dev-quantum-impact v1.0.0", "rows_affected": null, "module_id": "dev-quantum-impact", "tool_id": null, "record_ids": ["dev-quantum-impact"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — digital-assets v1.0.0", "rows_affected": null, "module_id": "digital-assets", "tool_id": null, "record_ids": ["digital-assets"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-04-12T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — digital-id v1.1.0", "rows_affected": null, "module_id": "digital-id", "tool_id": null, "record_ids": ["digital-id"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — emv-payment-pqc v1.0.0", "rows_affected": null, "module_id": "emv-payment-pqc", "tool_id": null, "record_ids": ["emv-payment-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — email-signing v1.0.0", "rows_affected": null, "module_id": "email-signing", "tool_id": null, "record_ids": ["email-signing"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — energy-utilities-pqc v1.0.0", "rows_affected": null, "module_id": "energy-utilities-pqc", "tool_id": null, "record_ids": ["energy-utilities-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — entropy-randomness v1.0.0", "rows_affected": null, "module_id": "entropy-randomness", "tool_id": null, "record_ids": ["entropy-randomness"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — exec-quantum-impact v1.0.0", "rows_affected": null, "module_id": "exec-quantum-impact", "tool_id": null, "record_ids": ["exec-quantum-impact"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — 5g-security v1.0.0", "rows_affected": null, "module_id": "5g-security", "tool_id": null, "record_ids": ["5g-security"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — healthcare-pqc v1.0.0", "rows_affected": null, "module_id": "healthcare-pqc", "tool_id": null, "record_ids": ["healthcare-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — hsm-pqc v1.0.0", "rows_affected": null, "module_id": "hsm-pqc", "tool_id": null, "record_ids": ["hsm-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — hybrid-crypto v1.0.0", "rows_affected": null, "module_id": "hybrid-crypto", "tool_id": null, "record_ids": ["hybrid-crypto"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — iam-pqc v1.0.0", "rows_affected": null, "module_id": "iam-pqc", "tool_id": null, "record_ids": ["iam-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — iot-ot-pqc v1.0.0", "rows_affected": null, "module_id": "iot-ot-pqc", "tool_id": null, "record_ids": ["iot-ot-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — k-e-mvs-d-s-a v1.0.0", "rows_affected": null, "module_id": "k-e-mvs-d-s-a", "tool_id": null, "record_ids": ["k-e-mvs-d-s-a"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — kms-pqc v1.0.0", "rows_affected": null, "module_id": "kms-pqc", "tool_id": null, "record_ids": ["kms-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — legacy-app-p-q-c v1.0.0", "rows_affected": null, "module_id": "legacy-app-p-q-c", "tool_id": null, "record_ids": ["legacy-app-p-q-c"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — macsec-p-q-c v1.0.0", "rows_affected": null, "module_id": "macsec-p-q-c", "tool_id": null, "record_ids": ["macsec-p-q-c"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — merkle-tree-certs v1.0.0", "rows_affected": null, "module_id": "merkle-tree-certs", "tool_id": null, "record_ids": ["merkle-tree-certs"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-04-12T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — migration-program v1.1.0", "rows_affected": null, "module_id": "migration-program", "tool_id": null, "record_ids": ["migration-program"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — pqc-101 v1.0.0", "rows_affected": null, "module_id": "pqc-101", "tool_id": null, "record_ids": ["pqc-101"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — network-security-pqc v1.0.0", "rows_affected": null, "module_id": "network-security-pqc", "tool_id": null, "record_ids": ["network-security-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — os-pqc v1.0.0", "rows_affected": null, "module_id": "os-pqc", "tool_id": null, "record_ids": ["os-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — ops-quantum-impact v1.0.0", "rows_affected": null, "module_id": "ops-quantum-impact", "tool_id": null, "record_ids": ["ops-quantum-impact"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-04-12T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — pki-workshop v1.1.0", "rows_affected": null, "module_id": "pki-workshop", "tool_id": null, "record_ids": ["pki-workshop"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — pqc-business-case v1.0.0", "rows_affected": null, "module_id": "pqc-business-case", "tool_id": null, "record_ids": ["pqc-business-case"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — pqc-governance v1.0.0", "rows_affected": null, "module_id": "pqc-governance", "tool_id": null, "record_ids": ["pqc-governance"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — pqc-risk-management v1.0.0", "rows_affected": null, "module_id": "pqc-risk-management", "tool_id": null, "record_ids": ["pqc-risk-management"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — p-q-c-testing-validation v1.0.0", "rows_affected": null, "module_id": "p-q-c-testing-validation", "tool_id": null, "record_ids": ["p-q-c-testing-validation"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — platform-eng-pqc v1.0.0", "rows_affected": null, "module_id": "platform-eng-pqc", "tool_id": null, "record_ids": ["platform-eng-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — qkd v1.0.0", "rows_affected": null, "module_id": "qkd", "tool_id": null, "record_ids": ["qkd"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — quantum-threats v1.0.0", "rows_affected": null, "module_id": "quantum-threats", "tool_id": null, "record_ids": ["quantum-threats"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — research-quantum-impact v1.0.0", "rows_affected": null, "module_id": "research-quantum-impact", "tool_id": null, "record_ids": ["research-quantum-impact"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-04-07T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — slh-dsa v1.0.0", "rows_affected": null, "module_id": "slh-dsa", "tool_id": null, "record_ids": ["slh-dsa"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — secrets-management-pqc v1.0.0", "rows_affected": null, "module_id": "secrets-management-pqc", "tool_id": null, "record_ids": ["secrets-management-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — secure-boot-pqc v1.0.0", "rows_affected": null, "module_id": "secure-boot-pqc", "tool_id": null, "record_ids": ["secure-boot-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — standards-bodies v1.0.0", "rows_affected": null, "module_id": "standards-bodies", "tool_id": null, "record_ids": ["standards-bodies"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — stateful-signatures v1.0.0", "rows_affected": null, "module_id": "stateful-signatures", "tool_id": null, "record_ids": ["stateful-signatures"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — tls-basics v1.0.0", "rows_affected": null, "module_id": "tls-basics", "tool_id": null, "record_ids": ["tls-basics"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — vpn-ssh-pqc v1.0.0", "rows_affected": null, "module_id": "vpn-ssh-pqc", "tool_id": null, "record_ids": ["vpn-ssh-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — vendor-risk v1.0.0", "rows_affected": null, "module_id": "vendor-risk", "tool_id": null, "record_ids": ["vendor-risk"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-03-28T00:00:00-05:00", "change_type": "content:review", "domain": "module", "scope_summary": "Baseline review — web-gateway-pqc v1.0.0", "rows_affected": null, "module_id": "web-gateway-pqc", "tool_id": null, "record_ids": ["web-gateway-pqc"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "content review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-001 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-001", "record_ids": ["PT-001"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-002 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-002", "record_ids": ["PT-002"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-003 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-003", "record_ids": ["PT-003"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-004 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-004", "record_ids": ["PT-004"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-005 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-005", "record_ids": ["PT-005"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-006 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-006", "record_ids": ["PT-006"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-007 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-007", "record_ids": ["PT-007"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-008 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-008", "record_ids": ["PT-008"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-009 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-009", "record_ids": ["PT-009"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-SSH-PQC v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-SSH-PQC", "record_ids": ["PT-SSH-PQC"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-010 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-010", "record_ids": ["PT-010"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-011 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-011", "record_ids": ["PT-011"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-012 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-012", "record_ids": ["PT-012"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-013 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-013", "record_ids": ["PT-013"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-014 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-014", "record_ids": ["PT-014"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-015 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-015", "record_ids": ["PT-015"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-016 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-016", "record_ids": ["PT-016"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-017 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-017", "record_ids": ["PT-017"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-025 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-025", "record_ids": ["PT-025"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-026 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-026", "record_ids": ["PT-026"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-027 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-027", "record_ids": ["PT-027"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-018 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-018", "record_ids": ["PT-018"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-019 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-019", "record_ids": ["PT-019"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-020 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-020", "record_ids": ["PT-020"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-021 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-021", "record_ids": ["PT-021"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-022 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-022", "record_ids": ["PT-022"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-023 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-023", "record_ids": ["PT-023"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-024 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-024", "record_ids": ["PT-024"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "baseline", "merge_timestamp": "2026-05-07T20:00:32-05:00", "change_type": "tool:registry", "domain": "tool", "scope_summary": "Baseline review — PT-028 v1.0.0", "rows_affected": null, "module_id": null, "tool_id": "PT-028", "record_ids": ["PT-028"], "field_changes": null, "reviewer_id": "ericamador", "reviewer_display": "eramusa", "approval_method": "offline", "approved_via": "registry review", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number":0,"merge_sha":"1752b485b919b4468d85ca53a3b5a2b05680ed72","merge_timestamp":"2026-05-10T06:30:08-05:00","change_type":"plan-progress","domain":"data","scope_summary":"Data Self-Containment plan (DS01-DS22) execution complete. Phase 1 (foundations: schema/loader/validators), Phase 2 (writer patches: 8 scripts), Phase 3 tooling (backfill+merge+orphan-check), Phase 3 execution (DS14 backfill 6 families, DS22 library 80 records re-enriched, DS15 MD merge, DS21 corpus regen + sign with kid 11b723084d047b4c), Phase 4 partial (DS16 archive cleanup: 21 CSVs + 51 MDs archived; DS17 staged). Validators: CM-SC 638\u2192232 (-64%), CM-SC-MD 632\u219254 (-91%), CM-STATUS PASS 9 families, CM-ORPHAN 5/323=1.5%. Trust path complete for restored records via regenerated rag-corpus.json (10704 chunks). 21 of 22 DS-tasks done + 1 n/a (DS11).","rows_affected":318,"module_id":null,"tool_id":null,"record_ids":[],"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"offline","approved_via":"local commit batch (DS-series)","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.404Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: faa-ac-119-1-ansp (gap=GAP-AERO-FAA-DO326A)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["faa-ac-119-1-ansp"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-AERO-FAA-DO326A.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-AERO-FAA-DO326A.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.408Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: etsi-tr-103949-qsc-migration (gap=GAP-AUTO-ETSI-ITS)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["etsi-tr-103949-qsc-migration"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-AUTO-ETSI-ITS.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-AUTO-ETSI-ITS.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.410Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: eur-lex-42021x0387-pqc (gap=GAP-AUTO-UNECE-R155)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["eur-lex-42021x0387-pqc"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-AUTO-UNECE-R155.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-AUTO-UNECE-R155.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.413Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: common-criteria-v3.1r5-part1 (gap=GAP-CCRA-PORTAL)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["common-criteria-v3.1r5-part1"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-CCRA-PORTAL.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-CCRA-PORTAL.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.415Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: cisa-pqc-initiative (gap=GAP-CISA-PQC)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["cisa-pqc-initiative"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-CISA-PQC.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-CISA-PQC.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.417Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: oscca-cryptographic-regulations-cn (gap=GAP-CN-OSCCA)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["oscca-cryptographic-regulations-cn"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-CN-OSCCA.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-CN-OSCCA.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.419Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: bsi-cc-certification (gap=GAP-DE-BSI-CC)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["bsi-cc-certification"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-DE-BSI-CC.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-DE-BSI-CC.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.421Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: etsi-ts-104-015-qsc-hybrid-key-exchange (gap=GAP-ETSI-104015)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["etsi-ts-104-015-qsc-hybrid-key-exchange"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-ETSI-104015.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-ETSI-104015.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.423Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: eu-2022-2554-cyber-resilience-act (gap=GAP-EU-DORA)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["eu-2022-2554-cyber-resilience-act"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-EU-DORA.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-EU-DORA.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.425Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: eu-cyber-resilience-act-2022 (gap=GAP-EU-NIS2)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["eu-cyber-resilience-act-2022"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-EU-NIS2.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-EU-NIS2.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.427Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: fca-operational-resilience-uk (gap=GAP-FCA-CYBER)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["fca-operational-resilience-uk"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-FCA-CYBER.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-FCA-CYBER.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.429Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: cert-in-directions-70b-2022 (gap=GAP-IND-CERTIN)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["cert-in-directions-70b-2022"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-IND-CERTIN.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-IND-CERTIN.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.431Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: jisec-japan-it-security-evaluation (gap=GAP-JP-JISEC)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["jisec-japan-it-security-evaluation"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-JP-JISEC.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-JP-JISEC.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.433Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: mas-technology-risk-management-guidelines (gap=GAP-MAS-TRM)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["mas-technology-risk-management-guidelines"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-MAS-TRM.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-MAS-TRM.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.434Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: occ-bulletin-2024-23-pqc (gap=GAP-OCC-2024)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["occ-bulletin-2024-23-pqc"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-OCC-2024.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-OCC-2024.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.436Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: rbi-cyber-security-framework-2016 (gap=GAP-RBI-CYBER)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["rbi-cyber-security-framework-2016"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-RBI-CYBER.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-RBI-CYBER.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.438Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: cyber-resilience-act-2024-2847 (gap=GAP-RETAIL-EU-CRA)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["cyber-resilience-act-2024-2847"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-RETAIL-EU-CRA.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-RETAIL-EU-CRA.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.440Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: nca-sa-404-error (gap=GAP-SA-NCA-ECC)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["nca-sa-404-error"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-SA-NCA-ECC.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-SA-NCA-ECC.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.442Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: fda-pqc-compliance-framework (gap=GAP-US-FDA-CYBER)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["fda-pqc-compliance-framework"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-US-FDA-CYBER.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-US-FDA-CYBER.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.444Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: nerc-cip-005-7 (gap=GAP-US-NERC-CIP)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["nerc-cip-005-7"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-US-NERC-CIP.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-US-NERC-CIP.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T01:06:22.446Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: popia-south-africa (gap=GAP-ZA-SABS)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["popia-south-africa"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/GAP-ZA-SABS.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/GAP-ZA-SABS.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T03:14:06.410Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: gsma-pq-01-pqc-impact-assessment (gap=gsma-pq-01)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["gsma-pq-01-pqc-impact-assessment"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/gsma-pq-01.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/gsma-pq-01.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T03:14:06.413Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: gsma-pq-02-quantum-risk-management (gap=gsma-pq-02)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["gsma-pq-02-quantum-risk-management"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/gsma-pq-02.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/gsma-pq-02.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T03:14:06.416Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: gsma-pq-03-pqc-guidelines (gap=gsma-pq-03)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["gsma-pq-03-pqc-guidelines"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/gsma-pq-03.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/gsma-pq-03.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T03:14:06.418Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: 3gpp-rel-19-pqc-compliance (gap=3gpp-rel19-pqc-study)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["3gpp-rel-19-pqc-compliance"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/3gpp-rel19-pqc-study.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/3gpp-rel19-pqc-study.json"}
{"pr_number":0,"merge_sha":"compliance-gap-fill","merge_timestamp":"2026-05-19T03:14:06.420Z","change_type":"compliance-gap-filled","domain":"data","scope_summary":"Compliance gap filled: 3gpp-rel20-pqc-study (gap=3gpp-rel20-pqc)","rows_affected":1,"module_id":null,"tool_id":null,"record_ids":["3gpp-rel20-pqc-study"],"field_changes":null,"reviewer_id":"ericamador","reviewer_display":"eramusa","approval_method":"ml-dsa-65-attestation","approved_via":"evidence: reports/compliance-evidence/3gpp-rel20-pqc.json","proxy_github_handle":null,"authored_by_llm":true,"confidence_delta":null,"sample_size":null,"attestation_kid":"11b723084d047b4c","evidence_file":"reports/compliance-evidence/3gpp-rel20-pqc.json"}
{"pr_number": 0, "merge_sha": "algorithms-status-enum-remediation-07082026", "merge_timestamp": "2026-07-09T03:54:32.000Z", "change_type": "data_update", "domain": "algorithms", "scope_summary": "algorithms.md remediation: promoted pqc_complete_algorithm_reference_07062026.csv -> _07082026.csv (old archived). Corrected MAYO-1/2/3/5 from stale NIST Additional-Signatures Round-1 parameter sizes to the current Round-2 sizes (NIST CSRC mayo-spec-round2-web.pdf Table 2.1); filled previously-empty public-key/ciphertext sizes for the three hybrid-TLS groups (X25519MLKEM768, SecP256r1MLKEM768, SecP384r1MLKEM1024) derived from ML-KEM/ECDH component sizes per draft-ietf-tls-ecdhe-mlkem wire format. SP 800-230 citation for the SLH-DSA '-24' parameter sets was checked against csrc.nist.gov and confirmed already correct (no CSV change). Also corrected the CNSA 2.0 milestone timeline in cnsa20.ts (2027/2035 self-contradiction) to match NSA's published support-and-prefer / exclusive-use dates per category (2025/2026/2027 support-and-prefer; 2030/2033 exclusive).", "rows_affected": 7, "module_id": null, "tool_id": null, "record_ids": ["MAYO-1", "MAYO-2", "MAYO-3", "MAYO-5", "X25519MLKEM768", "SecP256r1MLKEM768", "SecP384r1MLKEM1024"], "field_changes": [{"record_id": "MAYO-1", "field": "public_key_bytes", "before": "1168.0", "after": "1420.0"}, {"record_id": "MAYO-1", "field": "signature_ciphertext_bytes", "before": "321.0", "after": "454.0"}, {"record_id": "MAYO-2", "field": "public_key_bytes", "before": "5488.0", "after": "4912.0"}, {"record_id": "MAYO-2", "field": "signature_ciphertext_bytes", "before": "180.0", "after": "186.0"}, {"record_id": "MAYO-3", "field": "public_key_bytes", "before": "2656.0", "after": "2986.0"}, {"record_id": "MAYO-3", "field": "signature_ciphertext_bytes", "before": "577.0", "after": "681.0"}, {"record_id": "MAYO-5", "field": "public_key_bytes", "before": "5488.0", "after": "5554.0"}, {"record_id": "MAYO-5", "field": "signature_ciphertext_bytes", "before": "838.0", "after": "964.0"}, {"record_id": "X25519MLKEM768", "field": "public_key_bytes", "before": null, "after": "1216.0"}, {"record_id": "X25519MLKEM768", "field": "signature_ciphertext_bytes", "before": null, "after": "1120.0"}, {"record_id": "SecP256r1MLKEM768", "field": "public_key_bytes", "before": null, "after": "1249.0"}, {"record_id": "SecP256r1MLKEM768", "field": "signature_ciphertext_bytes", "before": null, "after": "1153.0"}, {"record_id": "SecP384r1MLKEM1024", "field": "public_key_bytes", "before": null, "after": "1665.0"}, {"record_id": "SecP384r1MLKEM1024", "field": "signature_ciphertext_bytes", "before": null, "after": "1665.0"}], "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven remediation (pqctoday-hub-remediation-plans-07082026/algorithms.md item 5); sources cited in PR description", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": 7}
{"pr_number": 406, "merge_sha": "ab08fc88f5014edddcd07c64665f30248df07611", "merge_timestamp": "2026-07-07T23:51:15-05:00", "change_type": "data_update", "domain": "migrate", "scope_summary": "revisions.md backfill (WS-C): PR #406 \"Migrate data accuracy: close proof gaps, fix mistagged vendors, restore integrity gate\" promoted 5 CSV snapshots that had shipped without a revisions entry. Computed diff vs. each dataset's prior surviving snapshot: vendors_05092026.csv->07072026.csv (126 new vendors, 290 rows updated, mostly trusted_source_id backfill); migrate_vendor_roadmap_05072026.csv->07072026.csv (69 new vendor roadmap rows, 50 updated, new status/deprecated_at/deprecated_reason columns added for deprecation tracking); migrate_cpe_xref_05102026.csv->07072026.csv and migrate_purl_xref (same range): 25 dangling rows removed from each (national-guidance documents like ANSSI/BSI/ETSI/GSMA PQC guidance that were never real catalog products, per the PR's own description), plus product_id backfilled across 724 purl_xref rows; pqc_product_catalog_06022026.csv->07072026.csv (90 new products, the same 25 non-product rows removed, 759 rows re-verified/corrected -- proof-gate remediation, 6 skip-list rechecks, 14 rows backfilled with downloaded proof). Also mirrors the PR's vendor_id mis-tagging fixes (ibm-hyper-protect-crypto, evertrust-stream, mtg-ag-clm, utimaco-utrust-hsm) and a false PQC claim revert (futurex-vectera-plus).", "rows_affected": 1409, "module_id": null, "tool_id": null, "record_ids": ["VND-357", "VND-358", "VND-056", "VND-225", "ibm-hyper-protect-crypto", "evertrust-stream", "mtg-ag-clm", "utimaco-utrust-hsm", "futurex-vectera-plus", "Sophos XGS", "SonicWall NSa / TZ (SonicOS)", "ForgeRock Access Management (AM)", "ANSSI PQC Migration Guidance", "BSI PQC Recommendations"], "field_changes": null, "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven backfill (pqctoday-hub-remediation-plans-07082026/revisions.md item 2, WS-C); source PR #406 already human-merged (eramusa) 2026-07-07", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 321, "merge_sha": "c3735501fdd8b704d07b596cb0a7b660ddaa8a5e", "merge_timestamp": "2026-06-08T20:35:29-04:00", "change_type": "data_update", "domain": "migrate", "scope_summary": "revisions.md backfill (WS-C): PR #321 \"repair 60 broken CC cert bindings + resync 19 stale PQC labels\" (full history: 60 Common Criteria rows repointed off stale scraper cert-id slugs, 91 certification_level values and 19 pqc_algorithms mislabels resynced from the bound certificate across the 0602->0608 CSV history; xref unresolved count 60/1187 -> 0/1187). This entry's own computed diff covers the final registered hop, migrate_certification_xref_06062026.csv -> 06082026.csv: 13 rows changed (certification_level FIPS 140-3 L3 -> L1 corrections, pqc_algorithms resync e.g. Cohesity DataCloud 'No PQC Mechanisms Detected' -> 'HSS, LMS').", "rows_affected": 13, "module_id": null, "tool_id": null, "record_ids": ["Cohesity DataCloud", "Fortinet FortiGate (FortiOS)", "Fortinet FortiManager", "Fortinet FortiWeb", "I4P Trident HSM"], "field_changes": [{"record_id": "Cohesity DataCloud", "field": "pqc_algorithms", "before": "No PQC Mechanisms Detected", "after": "HSS, LMS"}, {"record_id": "Fortinet FortiGate (FortiOS)", "field": "certification_level", "before": "FIPS 140-3 L2", "after": "FIPS 140-2 L2"}], "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven backfill (pqctoday-hub-remediation-plans-07082026/revisions.md item 2, WS-C); source PR #321 already human-merged (eramusa) 2026-06-08", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 299, "merge_sha": "820b0c3da092f9bc1356b2082f39722948ce2656", "merge_timestamp": "2026-06-05T18:33:47-04:00", "change_type": "data_update", "domain": "migrate", "scope_summary": "revisions.md backfill (WS-C): PR #299 (3.18.0 release) included a routine migrate_saas_xref_05012026.csv -> 06042026.csv data refresh alongside its main playground/matrix work. 9 rows re-verified (last_verified_date bumped 2026-05-01 -> 2026-06-04); no content changes.", "rows_affected": 9, "module_id": null, "tool_id": null, "record_ids": ["AWS Certificate Manager", "AnyDesk Remote Desktop", "BeyondTrust Pathfinder Platform", "CyberZero Quantanaut", "Descope Customer & Agentic Identity Platform"], "field_changes": null, "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven backfill (pqctoday-hub-remediation-plans-07082026/revisions.md item 2, WS-C); source PR #299 already human-merged (eramusa) 2026-06-05", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "9cb28390b9d8f9a3e03cce8cca90dc8e88b6cda4", "merge_timestamp": "2026-07-02T06:40:17-05:00", "change_type": "data_update", "domain": "compliance", "scope_summary": "revisions.md backfill (WS-C): compliance_05192026.csv -> 06262026_r2.csv (commit 9cb28390, \"fix(accuracy): remediate confirmed factual inaccuracies across hub\") shipped without a revisions entry. 154 of 154 framework rows touched: 98 with substantive corrections (website_url_quality re-verification, GDPR website URL fix, and the NIST row's own notes text corrected -- \"FN-DSA (FIPS 206) published March 2025\" was factually wrong and now reads \"FN-DSA (FIPS 206) is not yet published as of 2026 (Falcon selected; draft pending)\", matching NIST CSRC's own FIPS 206 status as an in-development/draft standard); 56 rows received only a CSWP.39 taxonomy-tag backfill with no other content change.", "rows_affected": 154, "module_id": null, "tool_id": null, "record_ids": ["NIST", "GDPR", "DORA", "SOC-2", "IEC-62443", "TISAX"], "field_changes": [{"record_id": "NIST", "field": "notes", "before": "NIST's PQC Standardization Project (launched 2016) selected ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205) as the first post-quantum standards, published August 2024. FN-DSA (FIPS 206) published March 2025. NIST IR 8547 defines the transition timeline: deprecate 112-bit classical asymmetric by 2030, disallow by 2035. NIST also runs CMVP (module validation) and CAVP (algorithm validation) programs that enforce these standards globally.", "after": "NIST's PQC Standardization Project (launched 2016) selected ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205) as the first post-quantum standards, published August 2024. FN-DSA (FIPS 206) is not yet published as of 2026 (Falcon selected; draft pending). NIST IR 8547 defines the transition timeline: deprecate 112-bit classical asymmetric by 2030, disallow by 2035. NIST also runs CMVP (module validation) and CAVP (algorithm validation) programs that enforce these standards globally."}], "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven backfill (pqctoday-hub-remediation-plans-07082026/revisions.md item 2, WS-C); source commit already human-merged (eramusa) 2026-07-02; FIPS 206 status re-verified against csrc.nist.gov 2026-07-08", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 408, "merge_sha": "e4dce549947b175bf9f4bfe79041901c2d6d999b", "merge_timestamp": "2026-07-08T21:12:11-05:00", "change_type": "data_update", "domain": "library", "scope_summary": "revisions.md backfill (WS-C): PR #408 \"Patents refresh, CycloneDX Crypto Registry + SBOM modules, algorithms FIPS-default fix\" promoted library_07082026.csv. No prior library-domain entry exists after the 2026-05-07 concept_xwalks entry, and the earliest library CSV snapshot still present in the repo is library_06022026_r1.csv (older snapshots were archived out over time), so this backfill spans that full surviving range. 44 new references added (incl. KpqC-Competition-Results, Korea's national PQC standard selection); 312 existing references received substantive updates (title/date/status refreshes -- e.g. NIST-FIPS140-3-IG-PQC's title and last_update_date corrected to the actual 2026-04-09 IG revision); the remaining 537 rows show only the newly-added superseded_by column defaulting to empty (schema change, not content correction).", "rows_affected": 356, "module_id": null, "tool_id": null, "record_ids": ["KpqC-Competition-Results", "NIST-FIPS140-3-IG-PQC", "3GPP-PQC-Study-2025"], "field_changes": [{"record_id": "NIST-FIPS140-3-IG-PQC", "field": "document_title", "before": "FIPS 140-3 Implementation Guidance for Post-Quantum Cryptography", "after": "Implementation Guidance for FIPS 140-3 and the Cryptographic Module Validation Program"}, {"record_id": "NIST-FIPS140-3-IG-PQC", "field": "last_update_date", "before": "2025-09-02", "after": "2026-04-09"}], "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven backfill (pqctoday-hub-remediation-plans-07082026/revisions.md item 2, WS-C); source PR #408 already human-merged (eramusa) 2026-07-08", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 408, "merge_sha": "e4dce549947b175bf9f4bfe79041901c2d6d999b", "merge_timestamp": "2026-07-08T21:12:11-05:00", "change_type": "data_update", "domain": "data", "scope_summary": "revisions.md backfill (WS-C): PR #408 also promoted patents_07072026.csv. No patents snapshot has ever been logged to this feed; the earliest surviving snapshot is patents_05062026.csv, so this backfill spans that full range. 773 new patents added; 250 existing patent rows received substantive enrichment (previously-empty analysis fields -- one_sentence_summary, primary_inventive_claim, crypto_agility_mode, quantum_relevance, standards_referenced, pqc_migration_score/reason -- backfilled); the remaining 654 rows only gained the newly-added filing_date column (schema change, not content correction).", "rows_affected": 1023, "module_id": null, "tool_id": null, "record_ids": ["20260121841", "20260121827"], "field_changes": null, "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven backfill (pqctoday-hub-remediation-plans-07082026/revisions.md item 2, WS-C); source PR #408 already human-merged (eramusa) 2026-07-08", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 324, "merge_sha": "3bd5892270c350c9e55776327d41398e897202ec", "merge_timestamp": "2026-06-09T00:00:06-04:00", "change_type": "manual_data_correction", "domain": "algorithms", "scope_summary": "revisions.md backfill (WS-C item 4): the historical BIKE-1/3/5 status mislabel, cited as already-fixed in both algorithms.md's and threats.md's 07-08 audits, was never itself logged. PR #324 \"correct stale count, status labels & remove duplicate algorithm rows\" relabeled BIKE-1/3/5 from the stale 'NIST PQC Round 4 (Alternate)' to 'NIST PQC Round 4 (concluded 2025; not selected)' -- BIKE lost to HQC's selection in March 2025 and was never actually promoted to Round 4. Same PR also fixed FrodoKEM-640/976/1344 (mislabeled Round 4 Alternate; actually a Round 3 alternate, never advanced) and removed 4 duplicate bare rows (HQC, Classic-McEliece, LMS, XMSS) that duplicated their parameterized siblings. Backfilled here even though it predates the general 2026-05-19 cutoff because the diff was trivially available from the commit's own message.", "rows_affected": 6, "module_id": null, "tool_id": null, "record_ids": ["BIKE-1", "BIKE-3", "BIKE-5", "FrodoKEM-640", "FrodoKEM-976", "FrodoKEM-1344"], "field_changes": [{"record_id": "BIKE-1", "field": "status", "before": "NIST PQC Round 4 (Alternate)", "after": "NIST PQC Round 4 (concluded 2025; not selected)"}, {"record_id": "FrodoKEM-640", "field": "status", "before": "NIST PQC Round 4 (Alternate)", "after": "NIST Round 3 alternate (not advanced); BSI/ANSSI & ISO 18033-2 recommended"}], "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven backfill (pqctoday-hub-remediation-plans-07082026/revisions.md item 4, WS-C); source PR #324 already human-merged (eramusa) 2026-06-09", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "3ed654c304d79d6bd1e703949434042b40eaebb3", "merge_timestamp": "2026-07-09T02:25:15-05:00", "change_type": "data_update", "domain": "migrate", "scope_summary": "migrate.md remediation item 7: normalized 4 rows with lowercase verification_status=\"verified\" to \"Verified\" in pqc_product_catalog (07072026 -> 07082026); cosmetic only, deriveVerificationStatus() already re-derived these correctly at load time regardless.", "rows_affected": 4, "module_id": null, "tool_id": null, "record_ids": ["python-cryptography", "microsoft-365", "python-ssl-module", "prometheus"], "field_changes": [{"record_id": "python-cryptography", "field": "verification_status", "before": "verified", "after": "Verified"}, {"record_id": "microsoft-365", "field": "verification_status", "before": "verified", "after": "Verified"}, {"record_id": "python-ssl-module", "field": "verification_status", "before": "verified", "after": "Verified"}, {"record_id": "prometheus", "field": "verification_status", "before": "verified", "after": "Verified"}], "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven (pqctoday-hub-remediation-plans-07082026/migrate.md item 7, WS-C); local commit 3ed654c3 on fix/wave1-migrate-0708, not yet merged", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "8dfc2ca59400d63bb7dcbba492fa4758cc837b5c", "merge_timestamp": "2026-07-09T07:28:31-05:00", "change_type": "data_update", "domain": "timeline", "scope_summary": "timeline.md remediation item 1 (mandate-label completion sweep): timeline_06262026_r4.csv -> timeline_07082026.csv (old file archived, not deleted); timelineFacts.generated.ts regenerated in the same commit. Labeled the US Digital-Signature Migration Deadline (2031) row HARD to match the already-HARD 2030 Key-Establishment row -- both derive from EO 14412, verified against whitehouse.gov (both dates use binding \"shall\" language). Audited and labeled the remaining 27 of 37 Deadline-category rows plus 5 CNSA 2.0 Migration-category lanes (signing/web-cloud/networking/OS/PKI) against each row's own primary source (NSA CNSA 2.0 advisory, EO 14412, EO 14306, Canada ITSM.40.001, EU Commission Recommendation C(2024) 5871, BSI TR-02102, MAS Circular MAS/TCRS/2024/01, ASD Guidelines for Cryptography, India DST Quantum-Safe Ecosystem report, and others -- see commit 8dfc2ca5 message and session record for the full per-row source list). Raised Canada's confidence_score 60->75 (label was already HARD but under-evidenced; ITSM.40.001 has a real enforcement mechanism -- mandatory PQC procurement clauses on GC contracts after April 2026 -- so the label stands, just better-sourced now). Introduced a DRAFT mandate_type value for genuinely unresolved sourcing rather than guessing HARD or SOFT: the two US \"112-bit Security\" rows (source is NIST IR 8547, still an Initial Public Draft per csrc.nist.gov as of verification) and two Hong Kong HKMA rows (source is a strategy/\"blueprint\" press release, not a confirmed formal supervisory circular). Left the Microsoft \"Full PQC Transition\" row unlabeled (NONE) -- a vendor's own roadmap commitment is not a government mandate/guidance in the sense this field measures. Also fixed a pre-existing bug this sweep exposed: GanttDetailPopover.tsx only showed the mandate badge for Deadline-phase rows, so the new CNSA-lane labels (Migration category) would never have displayed -- now any row with an event-level label shows its badge, regardless of phase.", "rows_affected": 32, "module_id": null, "tool_id": null, "record_ids": ["US-EO14412-signature-2031", "Canada-ITSM40001", "CNSA2.0-signing-lane", "CNSA2.0-networking-lane", "CNSA2.0-os-lane", "CNSA2.0-webcloud-lane", "CNSA2.0-pki-lane"], "field_changes": [{"record_id": "United States / Digital-Signature Migration Deadline (EO June 22 2026)", "field": "mandate_type", "before": "", "after": "HARD"}, {"record_id": "Canada / High Priority Systems Complete", "field": "confidence_score", "before": "60", "after": "75"}, {"record_id": "United States / 112-bit Security Deprecated", "field": "mandate_type", "before": "", "after": "DRAFT"}], "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven (pqctoday-hub-remediation-plans-07082026/timeline.md item 1, WS-C); local commit 8dfc2ca5 on wave2-timeline-0708, not yet merged; EO 14412 dates independently re-verified against whitehouse.gov presidential-actions page 2026-07-09; NIST IR 8547 draft status independently re-verified against csrc.nist.gov/pubs/ir/8547/ipd 2026-07-09; CNSA 2.0 staged schedule cross-checked against two independent secondary sources (entrust.com transition-timetable summary, postquantum.com CNSA 2.0 guide) consistent with the already-verified src/components/Algorithms/cnsa20.ts CNSA20_TIMELINE", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "8a2d2d5a3309f39e4f1206f7f090cce127eab917", "merge_timestamp": "2026-07-09T11:52:59.000Z", "change_type": "data_update", "domain": "compliance", "scope_summary": "compliance.md remediation item 1: added the EO 14412 (\"Securing the Nation Against Advanced Cryptographic Attacks\") landscape row -- the operative US PQC executive order previously existed only in the timeline CSV, not the compliance framework list. HARD mandate (requires_pqc=yes); key-establishment migration deadline Dec 31 2030 (FIPS 203/ML-KEM), digital-signature migration deadline Dec 31 2031 (FIPS 204/ML-DSA); excludes National Security Systems (remain under CNSA 2.0/NSA). Source verified independently against whitehouse.gov and the Federal Register (doc 2026-12909, Vol. 91 No. 121 pp. 38483-38486) before writing, per the timeline audit's discipline of not guessing the EO number. Snapshot compliance_06262026_r2.csv (archived) -> compliance_07092026.csv. Same commit also rewrote complianceCuriousPrefaces.ts (DORA/CNSA-2/ANSSI/BSI/ENISA prefaces walked back to match their CSV rows' actual claims), removed the dead PERSONA_COMPLIANCE_TABS 6-tab config, fixed Records-tab staleness/Refresh honesty, collapsed the first-visit banner stack for returning visitors, added FIPS-row deep links into Records, and removed the low-signal confidenceScore badge from the landscape/popover views -- none of those are CSV changes so are not itemized as separate rows here.", "rows_affected": 1, "module_id": null, "tool_id": null, "record_ids": ["EO-14412"], "field_changes": null, "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven (pqctoday-hub-remediation-plans-07082026/compliance.md item 1, WS-C); local commits 2b35d23d/8a2d2d5a on wave2-compliance-0708, not yet merged", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "044d60de2cf94ff9be911abb5f578a11a6601ed2", "merge_timestamp": "2026-07-09T07:11:35-05:00", "change_type": "manual_data_correction", "domain": "data", "scope_summary": "patents.md item 5: patents_07072026.csv -> patents_07082026.csv. Corrected 13 rows (plan's audit estimated 6; the wired 07072026 snapshot actually had 13) where nist_round_status mapped a McEliece-family algorithm (\"McEliece\" or \"Classic McEliece\") to status \"classical\" -- Classic McEliece is a NIST Round 4 candidate (not selected; HQC was chosen in March 2025 per NISTIR 8545) and remains BSI-recommended for long-term confidentiality; it is not a classical/pre-quantum scheme. Corrected to round4_candidate, matching the status already used on 16 other Classic McEliece entries in the same CSV. Unrelated array entries (Niederreiter, RSA, ECC) in the same rows were left untouched -- still genuinely classical. patents_06092026_r2.csv (superseded diff baseline) archived in the same change.", "rows_affected": 13, "module_id": null, "tool_id": null, "record_ids": ["12445418", "20250293864", "20250047465", "12052350", "11757630", "20230224285", "20230071333", "20230014894", "20220345300", "20220224532", "20220069987", "20200322146", "20200153611"], "field_changes": [{"record_id": "20250293864", "field": "nist_round_status", "before": "[{\"algorithm\": \"McEliece\", \"status\": \"classical\"}]", "after": "[{\"algorithm\": \"McEliece\", \"status\": \"round4_candidate\"}]"}, {"record_id": "20200153611", "field": "nist_round_status", "before": "[{\"algorithm\": \"Classic McEliece\", \"status\": \"classical\"}]", "after": "[{\"algorithm\": \"Classic McEliece\", \"status\": \"round4_candidate\"}]"}], "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven (pqctoday-hub-remediation-plans-07082026/patents.md item 5, WS-C); McEliece Round 4 / BSI status re-verified against csrc.nist.gov (NISTIR 8545, HQC selection announcement) and bsi.bund.de 2026-07-09; local commit on wave2-patents-0708, not yet merged", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "9d672ca249bfc2452489e4e49eed420ee5d54267", "merge_timestamp": "2026-07-09T06:46:55-05:00", "change_type": "data_update", "domain": "leaders", "scope_summary": "leaders.md remediation (wave2): refreshed leaders CSV (leaders_06242026_r3 -> leaders_07092026). Spot-checked 10 curated profiles against current public sources; fixed 1 confirmed error (Vadim Lyubashevsky Country United States -> Switzerland; he is based at IBM Research Europe, Zurich) and 1 stale title (Jaime Gomez Garcia -> Global Head of Quantum Threat Program). Added verified_date column (141 existing + 10 fresh 2026-07-09 re-checks), now surfaced in the UI. Backfilled peer_reviewed/vetting_body for the 196 rows linked via keyResourceRefs by joining against library_07082026.csv: 107 blank rows backfilled, 51 rows correctly a stale \"no\" (artifact of a 2026-05-06 column rename, not a real assessment) corrected to the linked library reference's actual value, 14 rows with disagreeing linked refs set to \"partial\". Added 2 new sourced entries (Matthew Green, Skeptic/Critic; Lori Beer, Industry Adopter) to categories the audit flagged as near-empty (item 5, stretch). Also: tiered the 124 auto-imported stub rows from the 208 curated rows via a new sourceKind field (code change, not a data correction, but the classification is CSV-content-derived) and fixed the executive persona sort-override bug in LeadersGrid.tsx.", "rows_affected": 344, "module_id": null, "tool_id": null, "record_ids": ["Vadim Lyubashevsky", "Jaime Gomez Garcia", "Matthew Green", "Lori Beer"], "field_changes": [{"record_id": "Dr. Vadim Lyubashevsky", "field": "Country", "before": "United States", "after": "Switzerland"}, {"record_id": "Jaime Gomez Garcia", "field": "Role", "before": "Head of Quantum Technologies", "after": "Global Head of Quantum Threat Program"}], "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven (pqctoday-hub-remediation-plans-07082026/leaders.md items 1-5, WS-C); local commit 9d672ca2 on wave2-leaders-0708, not yet merged", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": 10}
{"pr_number": 0, "merge_sha": "4d350c9a5d75345622c8e9c5dac0ea9db4c55344", "merge_timestamp": "2026-07-09T07:35:26-05:00", "change_type": "data_update", "domain": "data", "scope_summary": "learn.md remediation item 1+2 (WS-C): shipped pqcquiz_07082026.csv (archives pqcquiz_06242026.csv), adding 96 new quiz questions across 7 new QuizCategory values (sbom, cbom, crypto-registry, verification-closure, pqc-grc, skills-team-structure, soc-implementation-pqc) so four previously-untestable supply-chain/governance modules and three newly-routed orphan modules are covered by at least one persona checkpoint's quiz categories. Every question is traceable to a sentence in the corresponding module's content.ts/rag-summary.md -- no invented facts. Also retired the redundant pqc-team module (same 1-FTE-per-500-instances staffing heuristic as the fuller skills-team-structure, which absorbs its role in the executive path) -- not a CSV change, noted here for completeness.", "rows_affected": 96, "module_id": null, "tool_id": null, "record_ids": ["sbom", "cbom", "crypto-registry", "verification-closure", "pqc-grc", "skills-team-structure", "soc-implementation-pqc"], "field_changes": null, "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven (pqctoday-hub-remediation-plans-07082026/learn.md items 1+2, WS-C); local commit 4d350c9a on wave2-learn-0708, not yet merged", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "db9d8b2e56bc9ab8be366d34015a83456c33acbd", "merge_timestamp": "2026-07-09T09:15:00-05:00", "change_type": "data_update", "domain": "library", "scope_summary": "library.md remediation (fix/hub-remediation-wave2-0708, wave2-library-0708, local commit db9d8b2e, not yet merged): library_07082026.csv -> library_07092026.csv. 156 rows substantively changed, 42 additionally gained the new purpose column (27 purpose-only). Backfilled 29 thin/title-echo or empty short_description rows by promoting real content from the library-doc-enrichments corpus (no fresh enrichment runs needed given 98.4% coverage). Proof-gate sweep on the 10 active rows with a recorded failed download check: 8 re-verified live and recovered (incl. correcting ETSI TS 103 744 -- v1.3.1 does not exist, real latest is v1.2.1 March 2025), 2 deprecated (thequantumfinanceboardroom.com confirmed NXDOMAIN). url_needs_review backlog cut from 100 to 8 active rows via direct re-fetch (90 recovered, 2 more deprecated for fabricated ETSI document numbers -- TS 103 774, GR QSC 020 -- that do not exist in ETSI's catalog); the remaining 8 are left as needs-review (verified as an environment-level bot block, not confirmed dead). Fixed the Falcon-Spec-v12 FIPS 206 cross-reference (no longer claims FIPS 206 is published; still IPD/draft per csrc.nist.gov). Also corrected IETF RFC 9701's document_title (was mislabeled with an unrelated draft's title; real title per rfc-editor.org is \"JSON Web Token (JWT) Response for OAuth Token Introspection\"), exposed as a live contradiction once its description was backfilled against the real document. Normalized 21 rows off a stray 0.9/0.95 confidence-score scale onto the 0-100 scale used elsewhere; surfaced confidence score in the detail drawer. Added a dedicated purpose CSV column (resolvePurpose()) overriding the manual_category keyword heuristic for 42 manually-reviewed rows.", "rows_affected": 183, "module_id": null, "tool_id": null, "record_ids": ["IETF RFC 9701", "Falcon-Spec-v12", "ETSI TS 103 744 v1.3.1", "ETSI TS 103 774", "ETSI GR QSC 020", "QuantumFinanceBoardroom-Ganguly-PQC-Ch24-2026", "QFB-Portrait-Quantum-Technologies-Finance-2026"], "field_changes": [{"record_id": "IETF RFC 9701", "field": "document_title", "before": "SD-JWT for Verifiable Credentials", "after": "JSON Web Token (JWT) Response for OAuth Token Introspection"}, {"record_id": "Falcon-Spec-v12", "field": "short_description", "before": null, "after": "now describes FIPS 206 as \"forthcoming ... still in draft; not yet published\" instead of claiming it is already standardized"}, {"record_id": "ETSI TS 103 744 v1.3.1", "field": "download_url", "before": "https://www.etsi.org/deliver/etsi_ts/103700_103799/103744/01.03.01_60/ts_103744v010301p.pdf", "after": "https://www.etsi.org/deliver/etsi_ts/103700_103799/103744/01.02.01_60/ts_103744v010201p.pdf"}, {"record_id": "ETSI TS 103 774", "field": "status", "before": "active", "after": "deprecated"}, {"record_id": "ETSI GR QSC 020", "field": "status", "before": "active", "after": "deprecated"}, {"record_id": "QuantumFinanceBoardroom-Ganguly-PQC-Ch24-2026", "field": "status", "before": "active", "after": "deprecated"}, {"record_id": "QFB-Portrait-Quantum-Technologies-Finance-2026", "field": "status", "before": "active", "after": "deprecated"}], "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, plan-driven remediation (pqctoday-hub-remediation-plans-07082026/library.md, all items P1-P3); facts re-verified against rfc-editor.org, csrc.nist.gov, etsi.org, and live HTTP checks on 2026-07-09; local commit db9d8b2e on fix/hub-remediation-wave2-0708 (branch wave2-library-0708), not yet merged/pushed", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "4c7525b4cefed76060431cbd716c57f55aba1287", "merge_timestamp": "2026-07-10T10:18:16-05:00", "change_type": "data_update", "domain": "library", "scope_summary": "library.md follow-up: library_07092026.csv -> library_07102026.csv. Added PKCS11-V32-OS-OASIS for the PKCS#11 v3.2 OASIS Standard finalized 2026-06-03, and deprecated the prior PKCS11-V32-OASIS row (Committee Specification Draft 01 / CS01) with superseded_by=PKCS11-V32-OS-OASIS so it surfaces as a previous revision in the Library detail drawer rather than being deleted (matches the existing PKCS11-V31-OASIS -> PKCS11-V3-OASIS supersession pattern). Verified via the OS spec's own Appendix C Revision History (pkcs11-spec-v3.2-os.pdf pp.473-475) and matching table-of-contents pagination against the CSD01 PDF that no technical content changed after Working Draft 13 (16 Apr 2025) -- CSD01/CS01/OS are content-identical, only the approval-stage label and status/date fields changed. Proof file public/library/PKCS11-V32-OS-OASIS.html downloaded live from docs.oasis-open.org before marking the row active (gitignored, local-only per existing convention).", "rows_affected": 2, "module_id": null, "tool_id": null, "record_ids": ["PKCS11-V32-OS-OASIS", "PKCS11-V32-OASIS"], "field_changes": [{"record_id": "PKCS11-V32-OASIS", "field": "status", "before": "active", "after": "deprecated"}, {"record_id": "PKCS11-V32-OASIS", "field": "superseded_by", "before": null, "after": "PKCS11-V32-OS-OASIS"}], "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "automated, user-directed (\"add the final release to our library \u2014 older release should show as previous revision\"); PKCS#11 v3.2 OS status re-verified against docs.oasis-open.org 2026-07-10; local commits 4c7525b4/7c400a1c on test/all-changes-0710, not yet merged/pushed", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
{"pr_number": 0, "merge_sha": "b2c9b943", "merge_timestamp": "2026-07-10T08:45:00-05:00", "change_type": "data_update", "domain": "data", "scope_summary": "Data-pipelines remediation (executed on fix/data-pipelines-remediation-0709, not yet merged/pushed): quality pass across timeline, algorithms, library, threats, compliance, and migrate catalog data. Timeline: filled missing source evidence, corrected non-canonical values, refreshed enrichment on 15 rows. Algorithms: corrected 4 protocol citation errors and an inaccurate FIPS 206 status claim. Library: recovered 18 missing or broken source documents, including 2 corrected ETSI document version numbers; repointed 21 internal cross-references. Threats: corrected a wrong RFC citation and replaced one row's evidence file with real content. Compliance: fixed a fine-lookup key mismatch affecting an executive KPI, corrected PQC-coverage on 4 certification records against their published NIST security policies, and populated product links on 1,040 certification cross-reference rows. Migrate catalog: deprecated 3 duplicate product entries, corrected an inaccurate PQC-support claim, fixed a status label that displayed non-PQC products as fully verified, and remapped 64 rows to the current category taxonomy. Also: quiz category list, leader resource links (33 rows), and concept cross-references cleaned up; source snapshots archived to the standard 2-version limit. Every correction was checked against the original publisher (standards bodies, vendor docs, or government sources) before being applied.", "rows_affected": null, "module_id": null, "tool_id": null, "record_ids": null, "field_changes": null, "reviewer_id": "claude-agent", "reviewer_display": "claude-agent (automated remediation)", "approval_method": "offline", "approved_via": "user-approved data-pipelines remediation plan, executed 2026-07-09/10; local commits on fix/data-pipelines-remediation-0709, not yet merged/pushed", "proxy_github_handle": null, "authored_by_llm": true, "confidence_delta": null, "sample_size": null}
