Task Breakdown: Data Management
Feature ID: data-management
Status: Done (Retrospective)
Last updated: 2026-05-01
Phase 1 — Export
- T1. Per-work aggregator service.
- T2. Secret redactor based on plugin JSON schemas.
- T3.
POST /api/account/exportcontroller.
Phase 2 — Import preview
- T4. Envelope validator + version check.
- T5. Masked-secret detector.
- T6. Missing-plugin detector.
- T7. Slug conflict detector.
- T8.
POST /api/account/import/previewcontroller.
Phase 3 — Import apply
- T9. Per-work transactional applier.
- T10.
MASKED:skipper with per-plugin warning. - T11. Three conflict strategies (skip / overwrite / rename).
- T12. Data repo writer (clone, write, commit, push).
Phase 4 — GitHub Sync
- T13. Sync configuration store.
- T14. Push: structured file writer with
path.basenameguard. - T15. Pull: structured file reader, payload reconstruction.
- T16. Pull-secrets ignored unconditionally.
- T17. Apply-pull reusing the import flow.
Phase 5 — Web
- T18. Settings → Data UI with three panels.
- T19. Drag-and-drop import upload.
- T20. Conflict-resolution UI.
- T21. Toast notifications + warning display.
Phase 6 — Tests
- T22. Redactor edge cases (short values, non-string, nested).
- T23. Masked detection across all settings shapes.
- T24. Path-traversal attempts on push and pull.
- T25. End-to-end roundtrip (export → import) preserves data.
Phase 7 — Docs
- T26. User-facing doc
docs/features/data-management.md. - T27. Retrospective spec/plan/tasks.
Definition of Done
- All tasks shipped, tests pass, secret hygiene verified, docs present.