File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -35,6 +35,7 @@ Reviewing the project quickly? Start with [`docs/reviewer-path.md`](./docs/revie
3535
3636For a shorter external review entry point focused on uncertainty handling, read
3737[ How LogLens Treats Parser Uncertainty as Evidence] ( ./docs/case-study-parser-uncertainty-as-evidence.md ) .
38+ Near-term review boundaries are tracked in the [ roadmap] ( ./ROADMAP.md ) .
3839
3940## Why This Project Exists
4041
@@ -289,5 +290,8 @@ Tue 2026-03-10 08:31:18 UTC example-host sshd[2245]: Connection closed by authen
289290
290291## Future Roadmap
291292
292- - Additional auth patterns and PAM coverage
293- - Larger sanitized test corpus
293+ - Keep parser uncertainty visible through deterministic warning buckets.
294+ - Add additional auth patterns only with a sanitized sample input, expected
295+ event or warning output, and focused tests.
296+ - Expand the sanitized corpus only when it answers a distinct parser coverage
297+ question.
Original file line number Diff line number Diff line change 1+ # Roadmap
2+
3+ LogLens is in a narrow reviewer-stable phase. The near-term focus is to
4+ stabilize parser evidence, tests, documentation boundaries, and release
5+ artifacts rather than expand the project surface.
6+
7+ ## External Review Surface
8+
9+ Open review issues should stay concrete enough to reproduce from checked-in
10+ fixtures. A good issue names the exact sample input, the expected event or
11+ warning output, and the acceptance criteria for a bounded change or review.
12+
13+ The current public review entry is intentionally small: trace one
14+ ` pam_unix_session_closed ` line through parser-coverage telemetry and confirm
15+ that unsupported auth evidence remains visible without becoming detector
16+ evidence.
17+
18+ ## Parked Directions
19+
20+ - Add parser coverage only when a sanitized fixture line and deterministic
21+ expected event or warning bucket are known up front.
22+ - Keep clean-clone reproduction feedback tied to exact failing commands or
23+ documentation mismatches.
24+ - Grow the noisy auth corpus only when a proposed batch answers a new parser
25+ uncertainty question not already covered by ` assets/mixed_auth_corpus.log ` .
26+ - Keep additional PAM or SSH variants scoped to defensive Linux authentication
27+ evidence; no live logs, real identifiers, credentials, or platform-coverage
28+ claims.
You can’t perform that action at this time.
0 commit comments