Skip to content

docs: replace ROADMAP with capability-focused public version#12

Merged
keirsalterego merged 1 commit into
mainfrom
docs/capability-roadmap
May 23, 2026
Merged

docs: replace ROADMAP with capability-focused public version#12
keirsalterego merged 1 commit into
mainfrom
docs/capability-roadmap

Conversation

@keirsalterego

@keirsalterego keirsalterego commented May 23, 2026

Copy link
Copy Markdown
Contributor

Summary

Replaces the previous ROADMAP (ARR targets, pilot counts, MSP revenue %) with a capability-focused version suitable for OSS docs.

The GTM-laden previous content moved to vyrox-design-partners/docs/gtm/INTERNAL_ROADMAP_WITH_TARGETS.md in vyrox-design-partners#9.

New ROADMAP sections

  • Recently shipped — the sixteen blockers from the May 2026 audits (P0 + P0.5), each described as a public contract change with file paths the reader can verify
  • In flight — items touching a public contract (Postgres migration, streaming /audit/export, secret encryption at rest, concurrent triage, retry runner)
  • Planned, not started — programmatic API, customer-side audit verifier binary, EU data region, generic-vendor schema split, public OpenAPI, web operator interface trigger
  • Adapter coverage — shipped vendors plus on-demand future adapters
  • Compliance — honest current state (SOC 2 Type I in flight; bug bounty not active during alpha)
  • Versioning and release cadence — semver intent across the public repos
  • Intentionally not on the roadmap — SIEM, human SOC, web dashboard during alpha, free public ingestion endpoint

Why

ARR numbers and customer counts in a public roadmap are competitive disclosure and create false urgency for evaluators. The new shape gives an OSS contributor exactly what they need: what is committed, what is in flight, what is intentionally out.

Depends on / merges after

#8. Cross-refs to other docs resolve once the foundation and specialty PRs (#9, #10, #11) land.

Test plan

  • No ARR numbers, no pilot counts, no SLA percentages
  • Every "recently shipped" item maps to a real fix in vyrox/CLAUDE.md or vyrox-proxy source
  • Every "in flight" item is a real branch or todo entry

Copilot AI review requested due to automatic review settings May 23, 2026 17:41
Copilot AI reviewed May 23, 2026

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

keirsalterego added a commit that referenced this pull request May 23, 2026
@keirsalterego
docs(foundation): restore ROADMAP.md and fix duplicate README heading
4c56e1b 
Two fixups on top of the foundation rewrite.

ROADMAP.md restoration. The foundation PR was deleting ROADMAP.md
because the rewrite moved to its own PR. That deletion conflicts
with the rewrite branch (docs/capability-roadmap, PR #12). The
cleaner shape is for the foundation PR to leave ROADMAP.md alone
and let the capability-roadmap PR own both the delete and the
create. This restores the file to the origin/main version.

README.md heading dedupe. The branch's earlier auto-merge against
main left two top-level headings (the old "# Your AI Security
Copilot" plus the new "# Vyrox Security") and dropped the
project tagline blockquote. This collapses to a single H1 and
puts the tagline back.
@keirsalterego
docs: replace ROADMAP with capability-focused public version
23dddf2 
The previous ROADMAP carried ARR targets, pilot counts, quarterly
revenue numbers, and an MSP channel percentage. That material moved
to vyrox-design-partners/docs/gtm/INTERNAL_ROADMAP_WITH_TARGETS.md
in PR #9 of that repo. This commit lands its replacement.

The new ROADMAP is organised by capability, not by quarter or by
revenue tier. Sections:

- Recently shipped: the sixteen blockers from the May 2026 audits
  (eight P0 + eight P0.5), each described as a public contract
  change with the file paths a reader can verify.
- In flight: items that touch a public contract, with the actual
  bottleneck called out (Postgres before tenant 25, retry runner
  not yet wired into worker entrypoint, etc).
- Planned, not started: public OpenAPI spec, customer-side audit
  verifier binary, EU data region, web operator interface trigger
  conditions.
- Adapter coverage: shipped vendors plus on-demand future adapters.
- Compliance and certification: where we are honest about what is
  in flight versus planned versus not started.
- Versioning and release cadence: semver intent for the public repos.
- "Intentionally not on the roadmap": SIEM, managed human SOC,
  web dashboard during alpha, free public ingestion endpoint.

Cross-refs to ARCHITECTURE.md, API_REFERENCE.md, AUDIT_CHAIN.md,
ADAPTERS.md, SECURITY.md resolve after the foundation and specialty
PRs (#8, #9, #10, #11) land.
@keirsalterego keirsalterego force-pushed the docs/capability-roadmap branch from 6afb8f7 to 23dddf2 Compare May 23, 2026 18:08
@keirsalterego keirsalterego merged commit e96f81e into main May 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@keirsalterego