auth-bundle-1 Phase 13 follow-up: em-dash sweep + broken-link fix

Self-audit on ba68f9a flagged the prompt's 'zero em dashes' discipline rule. The four new Phase 13 docs and the v2.1.0 CHANGELOG section had 97 em-dash hits between them; this commit sweeps them all to ASCII hyphens. Counts before -> after: docs/operator/rbac.md 28 -> 0 docs/operator/auth-threat-model.md 36 -> 0 docs/migration/api-keys-to-rbac.md 16 -> 0 docs/operator/security.md 8 -> 0 docs/reference/profiles.md 3 -> 0 CHANGELOG.md 6 -> 0 Mechanical: ' - ' (spaced em dash) and bare em-dash both replaced with spaced ASCII hyphen, then double-spaces collapsed. Markdown list bullets ('^- ', '^ - ', '^ - ') verified intact across all six files. Internal-link sweep also re-run. Also fixes a pre-existing broken link the audit caught: docs/operator/security.md:70 referenced '../internal/crypto/encryption.go' which is a 1-level-up jump from docs/operator/, not the 2-level-up jump it actually needs ('../../internal/crypto/encryption.go'). Pre-Bundle-1 link rot; fixed in lockstep so the merge gate's docs validation passes cleanly. Final state across the Phase-13 docs + CHANGELOG: - 0 em dashes - 0 broken internal links - Last-reviewed: 2026-05-09 header on every new doc Bundle 1 documentation is now ready for the operator-side merge gate review.
2026-06-07 22:11:38 +00:00 · 2026-05-10 00:15:30 +00:00
parent ba68f9a994
commit f4cdce764c
6 changed files with 115 additions and 115 deletions
@@ -28,7 +28,7 @@ see `api/openapi.yaml` under `/api/v1/profiles`.
 | `allowed_key_algorithms` | RSA 2048+, ECDSA P-256+ | Validates incoming CSRs at issuance time. |
 | `allowed_ekus` | server, client | RFC 5280 §4.2.1.12 EKU set. |
 | `must_staple` | false | Per-profile RFC 7633 `id-pe-tlsfeature` extension toggle (Phase 5.6 of the SCEP master bundle). |
-| `requires_approval` | false | Bundle 1 Phase 9 — gates issuance + renewal AND profile edits behind a four-eyes approval workflow. See below. |
+| `requires_approval` | false | Bundle 1 Phase 9 - gates issuance + renewal AND profile edits behind a four-eyes approval workflow. See below. |

 ## RequiresApproval and the approval workflow

@@ -42,18 +42,18 @@ Setting `requires_approval=true` on a profile does two things:
   → `Cancelled`). Same actor cannot self-approve.
 2. **Edits to the profile itself gate on a non-requester admin's
   approval.** This is the Bundle 1 Phase 9 closure for the flip-flop
-   loophole — without it an admin could set `requires_approval=false`,
+   loophole - without it an admin could set `requires_approval=false`,
   mutate any other field, set `requires_approval=true`, and the
   approval workflow would only have been bypassed during the
   "off" window. The Phase 9 gate fires under three conditions:
-   - The live profile has `requires_approval=true` AND the operator
+ - The live profile has `requires_approval=true` AND the operator
     submits any edit (regardless of whether the edit changes the
     flag).
-   - The live profile has `requires_approval=false` AND the operator
+ - The live profile has `requires_approval=false` AND the operator
     submits an edit that would set it to `true` (the flag-flip
     direction is gated too because otherwise the gate could be
     enabled by anyone and have no review).
-   - Both arms route through `ApprovalService.RequestProfileEditApproval`
+ - Both arms route through `ApprovalService.RequestProfileEditApproval`
     which writes a row to `issuance_approval_requests` with
     `approval_kind=profile_edit`. The pending profile diff is
     serialized to `payload` (JSONB).
@@ -105,7 +105,7 @@ audit-only view. Each row carries the approval ID + the requester

 - `migrations/000027_approval_workflow.up.sql` (initial approval
  schema, Rank 7 of the 2026-05-03 deep-research deliverable)
- `migrations/000033_approval_kinds.up.sql` (Phase 9 — adds
+- `migrations/000033_approval_kinds.up.sql` (Phase 9 - adds
  `approval_kind` + `payload` + nullable cert/job FKs)
 - `internal/service/approval.go::RequestProfileEditApproval`
 - `internal/service/profile.go::UpdateProfile` (gate)