Draft
Roadmap
Surety ships in seven phases. Each phase has explicit outcomes and an exit decision. We label every feature with maturity in-product (Enforced, Advisory, Experimental, Stub) so the roadmap is what the product actually does, not what we hope it does.
Phase 0 — Strategy and Trust (weeks 0–4)
- Brand and positioning locked
- Repo builds from fresh clone
- Initial Evidence Pack v0 spec
- 60-second product demo
Phase 1 — Evidence and Runtime Core (months 1–3)
- Evidence Pack v0 generated for every run
- Docker default execution
- SQLite ledger with chain hashes
- Real scanner gates (Semgrep, Gitleaks, OSV, CycloneDX)
- Hard path enforcement
Phase 2 — Surety Pass for GitHub (months 3–5)
- GitHub App installation
- PR evidence comment
- Check Run with shadow / advisory / required
- Agent provenance model
- Initial outcome attribution
Phase 3 — Governed PR Runner (months 5–8)
- Issue / spec → task pack → sandboxed agent → draft PR
- Approval workflow with segregation of duties
- Signed waivers with expiry
- Risk-tiered blocking gates
- Executor telemetry
Phase 4 — Structured Delivery Engine (months 8–12)
- Greenfield lifecycle templates
- Brownfield inventory and impact analysis
- Long-running job orchestration
- Checkpoint and resume
Phase 5 — Production Feedback Loop (months 9–15)
- CI / deploy / SLO / incident ingestion
- Outcome attribution at scale
- Remediation task generation
- Executor scorecards
- Cost and reliability optimization
Phase 6 — Enterprise Self-Hosted (months 12–18)
- Postgres backend
- Object storage with WORM retention
- OIDC / SAML / SCIM / RBAC
- Secret manager adapters
- Kubernetes deployment
- Signed audit export