Governance Operations
Local validation, access audit, architecture gates, retention, stress tooling, and deploy hygiene
Local Toolchain
Use the repo wrapper for Salesforce CLI commands so the pinned Node version is used:
npm run sf -- org list --json
npm run sf -- project deploy start --target-org vesperRun the local doctor before release validation:
npm run doctor:localGovernance Gates
Run the fast governance gate for normal metadata work:
npm run verify:governanceRun the full gate before broader releases:
npm run verify:governance:fullThe full gate covers permission coverage, role policy, mutation audit, error sanitization, dashboards, LWC coverage, payment guardrails, and retirement audit.
Retention
Retention work must be allowlisted. Safe candidates include operational logs, runtime request history, sync history past retention windows, snapshots, stale duplicate snapshots, and sandbox/test records. Do not include payments, invoices, credit memos, journal entries, processor events, inventory transactions, cost layers, sales-order audit, tracking evidence, or PO receipt history without a separate approval.
Stress Tooling
Use the repo-local headless stress operator:
npm run stress:preflight -- --target-org vesper
npm run stress:generate -- --target-org vesper --scenario threepl-api
npm run stress:cleanup -- --target-org vesper --manifest <manifest-path>The manifest is the rollback contract. Cleanup should remove only records created by that run.
Deployment Hygiene
Schedulable/runtime Apex can be blocked by active jobs. If a deployment requires aborting schedules, restore and verify the jobs afterward. Do not leave 3PL or payment runtime schedules degraded after a deploy.
Last updated on