{
  "id": "multi_project_isolation",
  "label": "Multi-Project Isolation Canonical",
  "phase": "phase-08",
  "category": "security_governance",
  "status": "ACTIVE_DH_MIRROR",
  "purpose": "Define how DEVON-DEV separates projects so workspace, memory, policies, logs, sandbox, production, permissions, secrets, evidence, artifacts and audit records cannot bleed between unrelated YEFF operations.",
  "function": "Prevent cross-project contamination by requiring every action, memory record, file path, secret, policy, environment, evidence item, artifact, log stream, ledger entry and approval to carry a project boundary before it can be read, written, executed or promoted.",
  "isolation_contract": {
    "requires_project_id": true,
    "requires_workspace_scope": true,
    "requires_memory_scope": true,
    "requires_policy_scope": true,
    "requires_log_scope": true,
    "requires_sandbox_scope": true,
    "requires_production_scope": true,
    "requires_permission_scope": true,
    "requires_secret_scope": true,
    "requires_evidence_scope": true,
    "requires_artifact_scope": true,
    "requires_audit_scope": true,
    "blocks_cross_project_memory_read": true,
    "blocks_cross_project_secret_access": true,
    "blocks_cross_project_policy_reuse": true,
    "blocks_cross_project_log_visibility": true,
    "blocks_cross_project_workspace_write": true,
    "blocks_cross_project_production_targeting": true,
    "requires_explicit_cross_project_authorization": true,
    "requires_cross_project_audit_record": true,
    "decision_authority": "NONE_FSM_DECIDES"
  },
  "protected_boundaries": [
    "workspace",
    "memory",
    "policies",
    "logs",
    "sandbox",
    "production",
    "permissions",
    "secrets",
    "evidence",
    "artifacts",
    "backups",
    "audit_trail",
    "runtime_state",
    "external_source_context"
  ],
  "technology_requirements": [
    {
      "technology": "Project Scope Registry",
      "required_for": "Register project_id, workspace roots, sandbox target, production target, policy set, memory namespace, evidence namespace, artifact namespace and audit namespace for each YEFF project.",
      "required_by_phase": "phase-08",
      "required_by_category": "multi_project_isolation",
      "required_by_buckets": [
        "Prerequisites",
        "Installation",
        "Configuration",
        "Validation",
        "Observable Evidence",
        "Failure Modes & Recovery",
        "Completion & Promotion"
      ],
      "expected_version": "MISSING until project_id schema and scoped registry exist",
      "validation_command": "MISSING until project lookup can prove project_id, workspace_scope, memory_scope, policy_scope, environment_scope, evidence_scope and audit_scope",
      "evidence_path": "/home/yeff/public_html/devon/canon/execution/state/dh_sources/multi_project_isolation_canonical.json",
      "status_source": "Documentation Hub + future Project Scope Registry + Environment Registry + Audit Trail Store",
      "blocking_if_missing": true,
      "failure_impact": "Without Project Scope Registry, DEVON-DEV cannot prove which project owns a workspace, memory record, policy, environment, log, secret, evidence item or artifact."
    },
    {
      "technology": "Project Memory Partition",
      "required_for": "Keep operational memory, retrieval context, error patterns, recovery patterns, project facts and learning signals separated by project_id.",
      "required_by_phase": "phase-08",
      "required_by_category": "multi_project_isolation",
      "required_by_buckets": [
        "Configuration",
        "Validation",
        "Observable Evidence",
        "Failure Modes & Recovery",
        "Completion & Promotion"
      ],
      "expected_version": "MISSING until memory namespaces and project-bound retrieval filters exist",
      "validation_command": "MISSING until memory read/write can prove project_id, namespace, query boundary, denied cross-project read and audit record",
      "evidence_path": "/home/yeff/public_html/devon/canon/execution/state/dh_sources/multi_project_isolation_canonical.json",
      "status_source": "Documentation Hub + future Memory Service + Memory Isolation + Evidence Store",
      "blocking_if_missing": true,
      "failure_impact": "Without Project Memory Partition, a fix, policy, secret hint or operational fact from one project can contaminate another project context."
    },
    {
      "technology": "Cross-Project Access Gate",
      "required_for": "Block or explicitly authorize any request that tries to read, write, compare, migrate or reuse material across project boundaries.",
      "required_by_phase": "phase-08",
      "required_by_category": "multi_project_isolation",
      "required_by_buckets": [
        "Installation",
        "Configuration",
        "Validation",
        "Observable Evidence",
        "Failure Modes & Recovery",
        "Completion & Promotion"
      ],
      "expected_version": "MISSING until cross-project gate rules and approval handoff exist",
      "validation_command": "MISSING until cross-project access check can prove source_project_id, target_project_id, requested_resource, allow/deny result, approval requirement and audit_record_id",
      "evidence_path": "/home/yeff/public_html/devon/canon/execution/state/dh_sources/multi_project_isolation_canonical.json",
      "status_source": "Documentation Hub + future RBAC Service + FSM Decision Core + Audit Trail Store",
      "blocking_if_missing": true,
      "failure_impact": "Without Cross-Project Access Gate, DEVON-DEV can accidentally use another project's memory, file, credential, policy, evidence or production target as if it were local context."
    },
    {
      "technology": "Project-Scoped Logging",
      "required_for": "Ensure execution logs, ledger events, audit records, incidents and panel views are filtered by project boundary before display or reuse.",
      "required_by_phase": "phase-08",
      "required_by_category": "multi_project_isolation",
      "required_by_buckets": [
        "Configuration",
        "Validation",
        "Observable Evidence",
        "Failure Modes & Recovery"
      ],
      "expected_version": "MISSING until log and ledger schemas carry project_id and panel filters enforce it",
      "validation_command": "MISSING until log query can prove project_id filter, denied cross-project visibility, ledger link and audit link",
      "evidence_path": "/home/yeff/public_html/devon/canon/execution/state/dh_sources/multi_project_isolation_canonical.json",
      "status_source": "Documentation Hub + future Execution Logs + Execution Ledger Store + Audit Trail Store",
      "blocking_if_missing": true,
      "failure_impact": "Without Project-Scoped Logging, operators can see or reuse logs from unrelated projects and leak operational details across client or product boundaries."
    },
    {
      "technology": "Workspace Boundary Validator",
      "required_for": "Validate that filesystem, shell, build, backup, deploy and rollback operations touch only the workspace roots assigned to the active project.",
      "required_by_phase": "phase-08",
      "required_by_category": "multi_project_isolation",
      "required_by_buckets": [
        "Configuration",
        "Validation",
        "Observable Evidence",
        "Failure Modes & Recovery",
        "Completion & Promotion"
      ],
      "expected_version": "MISSING until workspace path resolution includes project_id and allowed root checks",
      "validation_command": "MISSING until workspace validation can prove active_project_id, resolved_path, allowed_root, denied_cross_project_path and ledger_event_id",
      "evidence_path": "/home/yeff/public_html/devon/canon/execution/state/dh_sources/multi_project_isolation_canonical.json",
      "status_source": "Documentation Hub + future Server Workspace Registry + devon-server-ops + Execution Ledger Store",
      "blocking_if_missing": true,
      "failure_impact": "Without Workspace Boundary Validator, a correct command can still patch, delete, back up or deploy the wrong project's files."
    }
  ],
  "depends_on": [
    "sec",
    "rbac_permissions",
    "secrets_management",
    "memory_isolation",
    "data_governance",
    "environment_registry",
    "server_workspace_manager",
    "volume_persistence_governance",
    "execution_ledger",
    "execution_logs",
    "audit_trail",
    "evidence_store",
    "artifact_registry",
    "fsm_absolute_decision",
    "decision_rule_registry",
    "architecture_source_registry"
  ],
  "used_by": [
    "data_governance",
    "compliance_legal_guardrails",
    "host_security",
    "app_security",
    "runtime_security",
    "security_monitoring",
    "memory_arch",
    "memory_lifecycle",
    "knowledge_ingestion",
    "external_knowledge_access",
    "filesystem_operations",
    "shell_execution",
    "production_deployment_gate",
    "backup_rollback",
    "future_execution_monitoring_panel"
  ]
}
