# Roadmap — Current State

**Generated:** May 14, 2026 — end of Day 11 (auth Session 1 complete + InstaBuild bug sweep)
**Refresh cadence:** Every 2-3 sessions, or after any milestone ship
**Companion docs:**
- `THREAT-WATCH.md` — biggest risks to Jan 1, 2027 BT retirement target
- `AUTH-PROGRESS.md` — auth workstream session-by-session log + variance tracking
- `AUTH-STRATEGY-DRAFT.md` — locked v5 design auth is being built against
- `WORK-LIST.md` — design topics not yet scheduled
- `SETTLEMENT-WORKFLOW-DESIGN-BRIEF.md` — design brief for the settlement closure workflow
- `bdna_po_progress_chart.md` — PO/Pricing track session-by-session log

---

## Where I am right now

**Polarity flip is COMPLETE.** All six steps shipped, all sub-steps verified.
Both apps operate entirely on Wave 4 type tables. Legacy `mh_content` option
storage retired. No fallback path remains. 12-day workstream officially closed
May 14, 2026.

April 30 pre-Wave4 backups (15 keys) retained as deep safety net for 30-60 days.

**Auth foundation — Session 1 COMPLETE (May 14 morning) + Session 2 PARTIAL (May 14 evening, ~75%).**

Session 1 (4-6 hour scope): 5 new tables, 6 personnel records, 20 BDNA pages auth-gated, hybrid chip placement, pending-status rejection validated. Trade-side May 12 infrastructure preserved.

Session 2 (3.5 hours, ~75% of scope): New `personnel.html` page with list view, filtering, search, sortable columns, detail drawer for editing, Activate/Deactivate/Reactivate workflows, audit log writes per-field-change. 3 new RLS policies (1 SELECT, 1 UPDATE, 1 INSERT) with SECURITY DEFINER helper function. Index.html patched with conditional Personnel nav link. **Deferred to Session 2.5:** invite modal, email sending, wiring `const CURRENT_USER` in bidding/proforma.

**Auth status: ~AHEAD of pace.** Estimate revised from 14-22 sessions down to 9-17 due to (a) prior infrastructure discoveries — May 12 trade tables already executed + Sage prep tables already built, and (b) Session 1 absorbing Sessions 1+2+partial 3 scope, plus Session 2 delivering most of personnel admin in 3.5 hours. Auth completion target: early-to-mid June 2026 (was mid-June to early-July). See `AUTH-PROGRESS.md` for honest threats to this lead.

**InstaBuild bug sweep — 4 code bugs found + fixed (May 14 afternoon)** after Hilary's spec 183 testing:
1. Polarity-flip-orphaned admin saves — InstaBuild admin was writing to dead path. Fixed via ownership separation (BDNA owns identity/pricing, InstaBuild owns buyer UX, with direct PATCH to Wave 4).
2. Missing autosave on attribute clicks — `selAttrInput` / `clearAttrInput` missing `triggerAutoSave()`.
3. Empty attrInputs on config load — `loadConfig` was hardcoded to reset selAttrInputs to `{}` instead of reading from saved config.
4. Jump-to-missing-attribute regression — restored lost `collapsedCats.delete()` logic.
Pattern: bugs 1, 2, 4 all traced (directly or indirectly) to polarity flip refactors. Big architectural moves leave trails of small breakages.

**Next workstream priorities** (in order):
1. **Auth Session 2** — Personnel admin UI in BDNA (invite users via invitation_permissions, activate pending users, deactivate). 5 pending users are ready-made test cases for activation flow.
2. **Auth Session 3** — Wire role checks into BDNA pages, plus connect hardcoded `const CURRENT_USER` in bidding.html / proforma.html to `window.currentUser.personnel.name`.
3. **Sage Intacct prep** — discovered most prerequisite tables already exist (cost_codes, plan_activities, purchase_orders, schedule_*). Real work is data-loading and integration design, not table creation.

**Honest BT retirement timing:** Jan 1, 2027 is technically possible but tight.
Mid-2027 is the safer planning target. Strategy C (phased 2026+2027 cutover)
is now the leaning recommendation. Decision still parked formally, but reality
strongly suggests C. Today's auth progress + Sage prep discovery marginally
improve Jan 1 confidence but don't change the recommendation.

---

## Workstream inventory (complete, May 15)

State buckets: SOLID / MOSTLY THERE / IN PROGRESS / EARLY / NOT STARTED

### App workstreams

| Workstream | State | BT-cutover-blocking? | Notes |
|---|---|---|---|
| **Polarity Flip** | Step 6 left | No (architectural) | Cleanup tomorrow |
| **Pipeline** (land mgmt) | Production, basic | Yes | Cash outlay tracking + scraping = post-cutover |
| **InstaBuild** (sales-rep-facing) | Production, functional | Yes | Needs DocuSign + change orders + Tier 2 auth + bolt-ons |
| **BuilderDNA** | Multiple surfaces, see below | Yes | Multiple gaps |
| **YingstPartners** (trade portal) | IN PROGRESS | Yes | Replacing TradeTopia (BT's portal); 4 sub-streams |
| **HomeVoice** | SOLID (both sides) | No | Net-new vs BT (Avid replacement + Super QC) |
| **MyYingstBuild** | EARLY (framework only) | Partial | Only warranty submission required for cutover |
| **CMRS** | Built; needs auto-feeds | Yes | Cross-cutting historical reporting |
| **Starts Schedule** (Pipeline) | Built (current view); 16-week view in Excel | Partial | Basics required, 16-week view post-cutover |

### BDNA surfaces detail

| Surface | State | Critical for cutover? |
|---|---|---|
| Options catalog | SOLID | Yes — finished today |
| Plans library + takeoffs | SOLID | Yes — data entry pending (team task) |
| Communities + lots | MOSTLY THERE | Yes |
| Plan ↔ community offered-at | MOSTLY THERE | Yes |
| Trade Partners | MOSTLY THERE (~80%) | Yes |
| Contracts (TK + UM) | MOSTLY THERE | Yes |
| Saved configs / specs | MOSTLY THERE | Yes — lifecycle edge cases need design |
| Lot scheduling | IN PROGRESS+ | Yes — Gantt overhaul needed |
| PO Creation | IN PROGRESS | Yes — trade wiring + VPOs |
| Pricing | IN PROGRESS | Yes — design + build |
| Variance | IN PROGRESS/EARLY | Yes — partially blocked by takeoff data |
| Dashboard refresh | Small (~1 day) | Yes |
| **Draws** | **NOT STARTED** | Yes — OYL + revolver, Sage-dependent |
| **Change orders (BDNA-side)** | **NOT STARTED** | Yes |
| **Warranty admin** | **NOT STARTED** | Yes — part of warranty cross-app workflow |
| **Warranty reporting** | **NOT STARTED** | Yes — same as above |
| **Reporting (~40 reports)** | **NOT STARTED** | Mix — 8-12 critical for cutover |
| **Audit trail** | **NOT STARTED** | No — auth-blocked, useful post-cutover |
| **Daily Drivers / role dashboards** | **NOT STARTED** | No — generic home pages OK at cutover |
| **Sage Intacct connector** | **NOT STARTED** | Yes — ONE-WAY cutover risk |
| **Auth (Supabase Auth)** | **NOT STARTED** | Yes — locked in as path |

### Cross-app workstreams (not single-app)

| Workstream | Apps involved | State |
|---|---|---|
| **Warranty workflow** (end-to-end) | MYB + BDNA + YingstPartners + Reporting | Cross-app, NOT STARTED |
| **CMRS auto-feed** | InstaBuild + BDNA → CMRS | NOT STARTED (manual today) |
| **Buyer Tier 2 auth** (magic-link identity) | InstaBuild + MYB + HomeVoice | NOT STARTED |
| **Trade portal admin desktop version** | YingstPartners | NOT STARTED (mobile is in progress) |

### Architectural decisions made tonight

1. **Auth: Supabase Auth** locked in as the path. Tier 1 (real auth — personnel + trades, possibly same instance with different role hierarchies) + Tier 2 (buyer magic-link identity) using Supabase's built-in capabilities. ~14-22 sessions total estimated. Decision rationale: out of Alex's wheelhouse, Supabase already in stack, RLS gives database-level security, vendor handles the hard security parts. Not commercially significant to be a "Sage Marketplace Partner" unless Yingst plans to sell BDNA externally.

2. **Sage Intacct cutover is a ONE-WAY switch**. Cannot dual-feed (BT + BDNA pushing same data types creates duplicates in Intacct). Means BT cannot retire on Sage feeding until BDNA is FULLY ready to take over. The Sage consultant (3rd party hired during original BT/Sage integration) is the right safety net — loop them in EARLY in the build, not at cutover. They know historical mapping, sandbox env, debugging gotchas.

3. **Settlement workflow lives in InstaBuild, not BDNA** — buyer-facing surface. BDNA owns internal financial side (margin calc, draw triggers).

4. **Schedule data goes to CMRS, not InstaBuild.** Draw report is the better buyer-visible milestone than calendar dates.

5. **MYB scope for cutover is just warranty submission.** Other features (selections gallery, build progress, document repo, etc.) are nice-to-have post-cutover.

### Cross-cutting design decisions still pending

- **Spec lifecycle edge cases:** sold spec → cancel (keep changes or revert?); presell → cancel → convert to spec.
- **Show super trade ratings to trades** in YingstPartners? (Policy call, not technical.)
- **Sage Marketplace Partner registration** (parked: not commercially needed unless selling BDNA externally).
- **Cutover strategy A/B/C** (parked May 6, still parked; tonight's data strongly suggests C).

---

## Estimated session counts for BT-cutover-critical work

Honest swing, with calibration warnings. Claude has been wrong on estimates today
(weeks quoted for polarity flip, days actual). These numbers could be off in either
direction.

| Workstream chunk | Estimated sessions |
|---|---|
| BDNA in-progress finishing (Pricing, Lot scheduling, PO Creation, Variance, Saved configs edge cases, Dashboard) | 12-18 |
| BDNA NOT-STARTED critical (Draws, Change Orders, Warranty Admin/Reporting, basic Reporting) | 25-35 |
| YingstPartners completion (mobile + admin + warranty + TradeTopia parity audit) | 15-20 |
| InstaBuild gaps (DocuSign, change orders, Tier 2 auth wiring, contract bolt-ons) | 8-12 |
| MYB warranty submission | 3-5 |
| CMRS auto-feed wiring (IB + BDNA → CMRS) | 3-5 |
| Auth foundation (Supabase Auth setup, RLS policies, wire 3 apps, roles, audit log) | 14-22 |
| Sage Intacct integration (master data + 5 transaction types) | 10-15 |
| Integration surprise buffer (today: 8 bugs in 7 hours; repeats per integration milestone) | 8-15 |
| **TOTAL cutover-critical** | **98-147 sessions** |

At one session per work day with periodic bigger days: **5-7 months of focused work**.

**Calibration warnings:**
- Polarity flip was estimated weeks, took days → I may be overestimating build
- Today's session surfaced 8 bugs in 7 hours → I may be underestimating discovery
- Two errors compounding could swing the total ±40%

**Honest timing read:**
- Best case (gen-2 advantage dominates): cutover late 2026
- Realistic (integration surprises factored): cutover Q1-Q2 2027
- Worst case (everything goes sideways): cutover mid-late 2027

**Strategy implication:** Jan 1 2027 is possible but tight with no buffer. Mid-2027 is the safer planning target. Strategy C (phased 2026+2027, BT off mid-2027) is leaning correct.

---

## Active tracks (May 16+)

### ✅ Track A — Polarity Flip (COMPLETE May 16)

| Item | Status |
|---|---|
| Steps 1-4 | ✅ Shipped (Day 8) |
| Step 5 Phase 1 — BDNA reads from Wave 4 | ✅ Live (May 15) |
| Step 5 Phase 2 — InstaBuild reads from Wave 4 | ✅ Live (May 15) |
| STEP-5-P4 — BDNA writes flow to Wave 4 | ✅ Live (May 15) |
| Overnight soak | ✅ Clean (May 15-16) |
| Step 6 — Retire `mh_po_<plan>` keys | ✅ Done (May 16) |
| April 30 pre-Wave4 backups retained | ✅ Keep 30-60 days as deep safety net |

### 🔴 Track AUTH — Foundation for everything user-facing

| Item | Status |
|---|---|
| Decision: Supabase Auth | ✅ Locked in (May 15) |
| Tier 1 setup (personnel + trades, roles, RLS) | ⏳ Highest-priority next workstream |
| Tier 2 setup (buyer magic-link) | ⏳ After Tier 1 |
| Wire BDNA / YingstPartners / InstaBuild to require login | ⏳ |
| Audit log table + wiring | ⏳ |
| Permissions UI for role assignment | ⏳ |

Estimated: 14-22 sessions total.

### 🔴 Track SAGE — One-way cutover risk

| Item | Status |
|---|---|
| Y.0.a — cost codes table + admin CRUD | ⏳ |
| Y.0.b — activities table + admin CRUD | ⏳ |
| Y.0.c — activities ↔ lot tasks design | ⏳ Design call |
| Y.1 — POs to Sage | ⏳ Build + sandbox |
| Y.2 — Draws to Sage | ⏳ Depends on Draws workstream |
| Y.3 — Settlements + change orders + VPOs | ⏳ |
| Sage consultant looped in EARLY (not at cutover) | ⏳ Strategic step |

Estimated: 10-15 sessions.

### 🟡 Track BDNA — finishing in-progress + starting NOT-STARTED

See BDNA surfaces table above. ~37-53 sessions across all surfaces.

### 🟡 Track INTEGRATIONS — the hard 20%

Cross-app workflows (warranty end-to-end, CMRS auto-feed, change orders that span 3 apps).
Each integration: 1-3 sessions planned + 0.5-2 sessions surfacing bugs.
~10-25 sessions of integration work across the cutover plan.

### 🟢 Track PIPELINE Phase 2 — net-new value over BT

- Cash outlay tracking
- Lot purchase cash forecasting
- (Public data scraping is post-cutover)

Not blocking BT cutover but high business value. ~5-8 sessions.

### 🟢 Track POLISH/PERFORMANCE — open-ended

- Storage architecture refactor (state blob exceeds quota)
- Structural/gallery split (Wave 4 load performance)
- BDNA dashboard refresh (small, ~1 day)
- General polish

Not blocking BT cutover. Ongoing as bandwidth allows.

### 🟢 Track POST-CUTOVER — deferred but valuable

- MYB non-warranty features (selections gallery, build progress, photos, document repo, payment status, messaging)
- Reporting (the other ~30 of 40)
- Daily Drivers / role dashboards
- 3D rendering (Adobe AI integration)
- Pipeline data scraping
- Trade portal "show super ratings to trades" (after policy decision)

---

## Recent ships

| Date | Track | What |
|---|---|---|
| May 8 | Polarity flip | Steps 1-4 complete (option identity, retail price, dual-write disabled) |
| May 12 | InstaBuild bugs | Bug 1 (completedCats persistence) + Bug 2 (lot lock at spec_released) + Westover cancellation recovery |
| May 13 | InstaBuild bugs | Self-heal lifecycle.status drift + customer-data preservation on cancel |
| May 14 (morning) | Polarity flip | Step 5 Phase 1 code deployed + 4 plans seeded |
| May 14 (evening) | InstaBuild perf | Load fix deployed: backup filter, parallelization, deferred CDN, measurement |
| May 14 (late) | InstaBuild bugs | completedCats autosave gap closed |
| May 15 (morning) | Polarity flip | Remaining 12 plans seeded (all 16 done) |
| May 15 (midday) | Polarity flip | BDNA Phase 1 + InstaBuild Phase 2 cutovers both default-on |
| May 15 (afternoon) | Polarity flip | Parallel pagination optimization |
| May 15 (late) | Polarity flip | **STEP-5-P4: BDNA write path landed.** 8 bugs discovered + fixed. Verified end-to-end with TEST.WAVE4.003 + 890.GRINDER.PUMP edit |
| May 15 (close) | **Roadmap reconcile** | **Complete inventory of 9 workstreams + BDNA surfaces. Auth/Sage locked as top 2 threats. THREAT-WATCH.md created.** |

---

## Next session priorities

**Today (May 16) — Auth workstream begins:**

1. ✅ Polarity flip Step 6 — COMPLETE
2. ✅ Test data cleanup — COMPLETE
3. **Block 1:** Walk Auth Strategy Doc v4, close 5 open items
4. **Block 2:** Supabase Auth configuration (config + email provider + tables)
5. **Block 3:** Personnel table + first BDNA login screen

**End-of-day target:** Alex can log into BDNA with a real account.

---

## Business timeline pressure

| Pressure | Window | Impact |
|---|---|---|
| Sage Intacct integration ready | ~6 months (Nov 2026 target) | Y workstream must land by then or BT cutover slips |
| 3-5 sales reps onboarded | ~12 months | Auth Tier 1 must support multi-user. Already planned for. |
| 50 communities at scale | 2-3 years | Scaling conversation outputs become real requirements |
| BuildTopia retirement | Original target Jan 1, 2027 | Realistic target now mid-2027 |

---

## Apps at a glance

| App | URL | State |
|---|---|---|
| InstaBuild | instabuild.it.com | Production. Polarity flip Phase 2 live. Sales-rep-facing today. |
| BuilderDNA | builderdna.online | Production. Polarity flip Phase 1 + write path live. Multiple surfaces in progress. |
| Pipeline | instapipeline.it.com | Production. Land management. Working sync with InstaBuild. |
| YingstPartners | yingstpartners.com | Framework + in progress. Will replace TradeTopia. |
| HomeVoice | (internal URL) | Live, just starting to use. Solid. |
| MyYingstBuild | (not registered) | Framework only. Warranty submission is critical path. |
| CMRS | (in Pipeline) | Built. Needs auto-feeds from IB + BDNA. |

---

## How to use this doc

- **Start of session:** Read "Where I am" + the relevant active track section. 60 seconds.
- **Mid-session:** Don't update. Capture deltas at end-of-session.
- **End-of-session:** Jot a line in the changelog. Full refresh every 2-3 sessions.
- **Don't trust this doc past:** ~3 sessions from "Generated" date. Refresh.
- **THREAT-WATCH.md is the companion** for tracking biggest risks across sessions.

---

## Changelog

| Date | Note |
|---|---|
| 2026-05-14 | Initial draft. End-of-Day-11 state. |
| 2026-05-14 | Updated for long roadmap reconcile (50-65 sessions / 8 workstreams). |
| 2026-05-14 (eve) | Load fix shipped. Tomorrow planned: finish seeding + Phase 2. |
| 2026-05-15 (eve) | **Polarity flip operationally complete on both sides.** 8+ bugs fixed. STEP-5-P4 landed write path. Step 6 scheduled tomorrow. |
| 2026-05-15 (late) | **Roadmap reconcile session.** Discovered 6+ workstreams missing or mischaracterized. Complete inventory captured. Sage one-way cutover risk identified as #1 threat. Auth locked in via Supabase Auth. Estimated 98-147 sessions cutover-critical work remaining (~5-7 months). Mid-2027 cutover now the realistic planning target. |
| 2026-05-14 (date corrected) | **Polarity flip COMPLETE.** Step 6 executed in 3 phases. Prior transcripts dated as May 15-16 were Claude calibration errors — actual close was May 14. |
| 2026-05-14 (full day) | **Auth Session 1 COMPLETE + InstaBuild bug sweep.** Polarity flip + auth foundation + 4 InstaBuild fixes all on same day. Auth estimate revised down to 9-17 sessions (from 14-22). 4 code bugs found in InstaBuild after Hilary's spec 183 testing — 3 traced (directly or indirectly) to polarity flip refactors. End of Day 11 state captured in this doc refresh. |
| 2026-05-14 (evening) | **Auth Session 2 PARTIAL (~75%).** Personnel admin UI shipped: list view, detail drawer, edit, activate/deactivate/reactivate, audit log. Invite flow + email sending deferred to Session 2.5. 3 schema-assumption misses (regions.code, audit_log.actor_user_id, audit_log_action_type_check) — calibration lesson filed: always verify columns AND constraints before writing SQL. First RLS recursion incident — lesson filed: always use SECURITY DEFINER for self-referencing policies. |