CareConnect: Product Roadmap

Current Version: v22.0 (Non-Duplicate Value Decision Plan, Phase 0) Next Milestone: v22.0 Gate 0 Exit (C1/D4 blocker closure) Last Updated: 2026-05-03 Platform Status: Strategic Repositioning - v22.0 Decision-Gated Planning

Current State

Services: 196 manually curated social services (npm run validate-data and npm run audit:data on 2026-05-03)
Tests: default Vitest suite green as of 2026-05-03 (189 files; 1361 passed; 24 skipped)
DB integration lane: npm run db:types and npm run test:db are green as of 2026-04-20 on a Docker-capable machine, and local Supabase-backed retrieval, route, export, search, and policy tests remain healthy
Coverage: 72.13% statements / 78.85% branches / 83.20% functions / 72.13% lines from npm run test:coverage on 2026-04-03
Repo hygiene: npm run check:refs, typed service DB write paths, dashboard server actions, and dependency cleanup are complete
Production dependency audit: npm audit --omit=dev on 2026-05-03 reports 9 vulnerabilities (2 moderate, 3 high, 4 critical), including issues in next, @xmldom/xmldom, protobufjs, postcss, and next-intl
Full audit lane: npm audit --audit-level=high on 2026-05-03 reports 10 vulnerabilities (2 moderate, 4 high, 4 critical), including the production findings plus vite; the GitHub CI audit step remains advisory until remediation is planned and verified
Bundle baseline: localized home route first-load JS is 315 kB after lazy AI and semantic-search startup deferral
E2E: default Chromium suite is skip-free; production/server-mode checks live in dedicated opt-in commands
Accessibility: WCAG 2.1 AA automation remains in place
Languages: 7 locales at translation-key parity
Homepage search UX: resting hero now keeps quick-search chips and a restrained service/category/language metrics rail, while compact utility/category filters appear only in the active search/results state
About page UX: /about now uses a coherent trust/context layout, shared content rail, smooth page-level background, and primary CTA styling aligned with the theme button system
Public and operational surface polish: /about/partners, /submit-service, /settings, /service/[id], /login, /offline, static legal/help/trust pages, and authenticated /dashboard/** plus /admin/** surfaces now share the polished page system; authenticated visual QA remains environment-gated and tracked below
Dashboard trust/resilience: partner overview metrics are live, degraded read states are explicit, and localized dashboard/admin redirects now preserve locale
Search explainability: public search results now surface deduplicated match reasons with an accessible disclosure for deeper scoring context
Stale-data governance: search now excludes records beyond the 180-day freshness window, freshness badges distinguish expired records, and direct-linked detail pages show an explicit stale-record warning
Freshness policy alignment: governance and planning docs now treat 180 days as the hard visibility limit, 90 days as a priority-service target, and the v22 90-day window as a review checkpoint rather than a guaranteed build schedule
Workflow runtime hygiene: active GitHub Actions use Node-24-compatible major versions, and release automation uses gh release create instead of the archived release action
GitHub automation hygiene: bundle analysis, Dependabot review gates, scheduled governance reminders, and finding workflows now run quiet-by-default with sticky comments/issues only when action is required
URL health governance: the monthly health check writes an Actions summary, auto-closes its finding issue when the report returns clean, and can use bounded official provider override probes for repeat CI-only false positives without changing curated public URLs
Lint hygiene: repo-wide ESLint now ignores local MkDocs build output under site/, so npm run lint remains actionable even when docs artifacts exist locally
Semantic search resilience: browser embedding-worker failures now fail closed to keyword-only search, and embedding request errors settle cleanly instead of emitting synthetic vectors
Pilot metric stack: M2/M4/M5/M6/M7 source schema, recompute path, and scorecard snapshot flow are implemented; values remain data-dependent rather than schema-blocked
Pilot readiness reporting: scoped JSON/Markdown/CSV readiness exports now exist for bounded A6/A16 follow-through without mutating curated service data
French service-data gaps: runtime hardening is complete, but governed content follow-through still remains for access_script_fr, hours_text_fr, eligibility_notes_fr, and synthetic_queries_fr
Offline: PWA with IndexedDB fallback, background sync, and snapshot-age/stale-data messaging on offline surfaces
Privacy-safe mapping: service-detail pages gate third-party map previews behind explicit user action
Partner write hardening: partner-facing service mutation routes now use explicit editable-field allowlists, role-aware service ownership checks, and owner/admin-only delete semantics
Search parity and freshness: local and server search now align on location and openNow filters, including empty-query open-now browsing; local and server ranking now share the same scoring engine; offline export fingerprints are stable and successful syncs invalidate the in-memory service cache
Privacy-safe sharing and analytics: share-target hydration now uses a short-lived first-party cookie, printable cards generate inline QR codes locally, search analytics store only locale + result count, and detail-page analytics distinguish internal views from outbound referrals
Observability: Axiom metrics, Slack alerting, SLO monitoring, and runbooks are live
Health visibility: /api/v1/health is public and read-only, while /api/v1/health/probe is the authenticated uptime-sampling and alert-evaluation path
Middleware auth resilience: refreshed Supabase session cookies now survive the locale middleware pass and protected-route redirects
DB-authoritative runtime data: search/detail loading no longer overlays live DB reads with local JSON metadata when Supabase is available
DB rollout safety: npm run backfill:db-runtime-fields now exists to fill blank runtime/search fields in existing Supabase environments after the JSON-overlay removal without overwriting non-empty live values, and the current production Supabase environment has been backfilled successfully
Deployment: Live on the direct-VPS path at https://careconnect.ing, with helpbridge.ca and www.helpbridge.ca redirecting to the canonical host
Ops documentation truth: active incident, rollback, alerting, and launch QA docs now point at the direct-VPS runtime instead of the historical Vercel path
Feedback retention copy: privacy copy no longer promises a fixed automatic 90-day feedback deletion timeline that the implementation does not evidence
Deploy contract alignment: active CareConnect deploy docs now match platform-ops; the live VPS frontend deploy path remains sudo ./scripts/deploy-vps-proof.sh ... while /etc/projects-merge/env is root-only
Branding: CareConnect rename is complete across this repo, the jerdaw/careconnect GitHub repo slug, platform-ops, and the live VPS runtime
211 sync posture: quarantined to explicit manual runs only; no scheduled or mock-data ingestion path remains active
Data quality gaps:
Scope: 0 missing
Coordinates (any): 58 missing
Coordinates (required): 18 missing
Kingston missing address: 17
Access scripts: 0 missing
Structured hours (active services): 10 missing
Hours text (active services): 10 missing
French access scripts: 196 missing
French hours text: 196 missing
French eligibility notes: 118 missing
French synthetic queries: 125 missing

Decision Summary

CareConnect is not currently in a breadth-expansion phase.

The active question is whether the project can prove non-duplicate value relative to 211 through measurable last-mile outcomes such as connection success, reliability, and referral completion. Until that is demonstrated, roadmap priority stays on governance closure, pilot readiness, and evidence discipline rather than new feature expansion.

What To Do Now

Close the remaining v22.0 Gate 0 blockers in strict order: C1 legal review, then D4 partner operations evidence.
Keep the repo stable while Gate 0 is blocked: maintain tests, keep docs aligned, and avoid speculative feature work.
If pulling forward any admissions backlog work, treat A3, A11, and A22 as complete; only A1 and bounded A6 / A16 remain valid near-term Tier 0 execution.
Preserve launch readiness materials, but do not resume beta or public-launch execution until v22 permits it.

What Not To Do Now

Do not expand directory breadth to compete with 211.
Do not start new pilot-facing features before Gate 0 evidence is accepted.
Do not restart v19 launch execution while v22 remains NO-GO.
Do not pull forward Tier 1-4 admissions packaging work before real pilot evidence exists.
Do not pull forward parked enrichment or portfolio work unless it directly supports the active gate.

Cross-Repo Docs Platform Policy

As of 2026-04-15, CareConnect follows the shared documentation-platform policy used across the affected MkDocs repos:

Keep this repo on MkDocs 1.x plus Material in the short term, and treat that stack as supported legacy rather than the strategic default for new standalone docs sites.
The intended MkDocs replacement is Zensical, but only after it clears the shared readiness gates: real strict-mode enforcement, a supported publish/deploy path, and parity for each repo's required plugins.
The migration order is wave-based: qquotes first, then visitbrief, then waittimecanada, then plugin-heavier repos like CareConnect.
CareConnect is a later-wave candidate because it depends on social, git-revision-date-localized, and swagger-ui-tag, so it should not be the proving ground.
If Zensical stalls or fails to deliver the required compatibility in a reasonable window, use Sphinx + MyST as the mature fallback for any future standalone docs rebuild instead of starting fresh on MkDocs.

Active Work

v22.0: Non-Duplicate Value Decision Plan 🔄 ACTIVE

Status: Phase 0 in progress - Gate 0 Exit NO-GO Priority: Critical Timeline: target 90-day decision review cycle (~13 weeks), contingent on external Gate 0 dependency closure Created: 2026-02-27

CareConnect is being repositioned from possible directory duplication toward measurable last-mile outcome value. This path uses explicit hypotheses, strict kill criteria, and governance gates before any broader pilot execution.

The 90-day window is a review target rather than a guaranteed engineering schedule. It is only realistic if legal/API review and partner-operations evidence arrive early enough to support a real decision inside that window.

Core objective

Prove non-duplicate value vs 211 on measurable connection outcomes.
Validate privacy-safe integration feasibility with 211 pathways.
Keep explicit stop conditions if outcome value is not demonstrated.

Current technical position

Pilot DB schema, RLS policies, internal pilot APIs, and pilot tests are implemented.
Step 1 approval locks are complete.
Gate 0 evidence scaffolding is in repo.
C2 retention policy approval, privacy sign-off, and dated verification evidence are complete.
Gate 0 remains NO-GO because C1 legal evidence and D4 partner-ops evidence are still incomplete.

Immediate blockers

G0-3 / C1: candidate partner legal/API terms are not yet attached for clause-level review.
G0-8 / D4: named pilot partner list, outreach ownership, and dated execution evidence are missing.
Baseline execution is recorded, but current M1/M3 values are NULL because the baseline window had zero events.

Required user-owned actions

UA-1: attach candidate partner legal/API terms and complete clause-level C1 review.
UA-3: attach named pilot partner list, outreach owner assignment, and dated outreach execution evidence.

Agent follow-through once evidence exists

Update the Gate 0 trackers and source control docs.
Sync the integration decision record, approval checklist references, and evidence matrix.
Re-evaluate Gate 0 and re-run npm run check:v22-gate0.
Keep pilot APIs, schemas, tests, and docs aligned with any approved control changes.

Gate 1 success thresholds

Failed contact attempts reduced by at least 30% vs baseline
Time-to-successful-connection reduced by at least 25%
Freshness SLA compliance at least 70%
Referral outcome capture at least 50%
Fatal data-decay error rate at or below 10%

Canonical references

Parallel Maintenance While Gate 0 Waits

These items are worth doing only if they do not distract from Gate 0 closure:

Keep the default E2E suite skip-free and keep the opt-in production/server suites healthy.
Verify and document the remaining v22 threat-model mitigation items before pilot activation.
Watch for future platform-ops changes to the shared frontend env-file contract; until then, keep CareConnect deploy docs on the current sudo-required path.
Expand exact-English duplicate i18n auditing from the current focused namespaces to all used translation keys after the remaining legacy translation debt is localized.
From the admissions backlog, only execute the still-open Tier 0 items that strengthen pilot readiness or evidence discipline: A1 and bounded A6 / A16.
Keep docs dependencies bounded to the MkDocs 1.x line during routine maintenance, but defer any platform migration here until the earlier Zensical waves succeed and this repo's required plugin parity is proven.
Complete authenticated desktop/mobile visual QA for /dashboard/** and /admin/** once a valid local Supabase environment and signed-in partner/admin session are available. The authenticated-surface implementation is code-complete, but authenticated browser review remains environment-gated because this local workspace currently lacks NEXT_PUBLIC_SUPABASE_URL and NEXT_PUBLIC_SUPABASE_PUBLISHABLE_KEY.
Resolve the current dependency-audit findings as bounded maintenance: apply non-breaking fixes where available, split breaking remediation for next-intl and @xenova/transformers into a reviewed plan, and do not merge routine Dependabot major-version workflow PRs while required validation is failing.

On Hold

v19.0: Launch Preparation ⏸️ ON HOLD

Status: Automation and documentation complete; human execution deferred pending v22 Gate 0 Priority: High, but subordinate to v22

The launch-prep stream is intentionally paused. The repo-local automation is already built, but the remaining work is manual QA, beta execution, and launch operations. Resume only after v22 permits it.

When resumed

Run the production environment audit.
Execute critical user-journey testing.
Complete the top-20 service review.
Resume beta operations and launch monitoring.

References

v21.0: Admissions Portfolio & Launch Narrative ⏸️ PARKED

Status: Parked until after v22 Gate 0 / Gate 1 evidence, but fully re-triaged on 2026-04-01

This backlog is now explicitly sorted by admissions value under the current v22 constraints. The sequencing rule is:

Close v22 blockers first.
Then create real pilot evidence.
Then package that evidence for admissions and external audiences.

Allowed now only if they directly support v22

Close Gate 0 partner/legal evidence (UA-1, UA-3).
Run bounded verification and pilot-scope data-quality work when it improves pilot readiness.
Preserve the completed Tier 0 hardening bundle as baseline capability, not as a reason to pull forward packaging work.

First work after Gate 0 exit

Run a small real-world pilot in one actual referral workflow.
Formalize the 211 boundary/handoff, run crisis-safety validation, add a quick-exit path for violence-sensitive browsing, and conduct professional usability sessions.
Build partner/referrer collateral, expose logistics needed for referrals, add shortlist/multi-print referrer workflows where pilot users need them, begin L3 outreach, and recruit the first advisory reviewers.

First proof artifacts after live pilot activity starts

Publish a baseline-to-pilot scorecard and decision memo.
Secure factual support letters and first L3 confirmations.
Publish transparency and status surfaces, plus drill/accessibility/equity evidence.

Later packaging work

External privacy/AI review.
Leadership/collaboration visibility updates.
Presentations, poster/case-study, and other dissemination artifacts.

This work remains strategically useful, but it depends on real operational evidence. Keep it parked until the v22 pilot produces something defensible to package.

Reference:

v21.0 Admissions Portfolio Plan

v20.0: Testing and Technical Excellence ⏸️ MAINTENANCE MODE

Status: Most autonomous backlog work is complete; only bounded maintenance remains active

Useful maintenance items:

Keep the default E2E suite healthy.
Keep the dedicated DB integration lane healthy and deterministic.
Publish a fresh coverage snapshot.
Fix repo-local regressions surfaced by routine validation.
Reduce persistent monthly URL-health inconclusives only when they repeat across live runs and a stable official provider probe exists.

Deferred items:

Advanced French service-data enrichment
Admin-facing data quality dashboard

References:

Completed Work

Recent Completed Milestones

Public and operational surface polish (2026-05-01): completed the bounded reference sources, suggest-service intake, route-reference cleanup, public workflow, static legal/help/trust, settings, and authenticated dashboard/admin polish wave without changing service-data, search, auth, or schema contracts; archived in 2026-05-01 v20.0 Public and Operational Surface Polish.
About page polish (2026-04-30): rebuilt /about as a calmer trust and context page, removed duplicated homepage-style sections, restored the page-level background wash, aligned hero/source/context/CTA sections on a shared rail, and refined the primary CTA treatment without changing service data or search behavior; archived in 2026-04-30 v20.0 About Page Polish.
Homepage search UX polish (2026-04-29): moved filters into the active search/results state, compacted category controls with an accessible "more categories" expansion, restored and refined the service/category/language metrics rail, folded trust-strip content into a clearer How It Works flow, tuned desktop/mobile section spacing and footer layout, and refreshed related copy/i18n/test coverage; archived in 2026-04-29 v20.0 Homepage Search UX Polish.
Gate 0 prep and deploy-contract alignment (2026-04-28): added prep-only C1/D4 evidence packets, synchronized Gate 0 tracker wording without closing evidence blockers, aligned active CareConnect deploy/rollback docs with the platform-ops sudo-required frontend env-file contract, and archived the pass in 2026-04-28 v22.0 Gate 0 Prep and Deploy Contract Alignment.
Repo audit truth remediation (2026-04-24): aligned the active direct-VPS incident/rollback/observability/QA docs with the live runtime, corrected the public feedback-retention claim to the evidenced implementation, normalized the remaining tool-provenance example in active docs, and archived the completed follow-through in 2026-04-24 v20.0 Repo Audit Truth Remediation.
Quiet GitHub automation and URL health hardening (2026-04-23): converted routine GitHub governance workflows to quiet-by-default sticky issue/comment behavior, reconciled duplicate reminder issues, added reusable bot-issue synchronization for scheduled workflows, hardened the monthly URL health lane with official override probes plus Actions summaries, and verified clean auto-close/no-reopen behavior for the broken-URL issue lane; archived in 2026-04-23 v20.0 Quiet GitHub Automation and URL Health Hardening.
Semantic search fail-closed and lint hygiene (2026-04-15): removed synthetic semantic-search fallback vectors, made worker/embed failures degrade to keyword-only search, restored authoritative repo-wide linting by excluding local MkDocs output, synced architecture docs, and added focused hook/documentation hygiene coverage; archived in 2026-04-15 v20.0 Semantic Search Fail-Closed and Lint Hygiene.
Gate 0 wait maintenance bundle (2026-04-05): completed search explainability, stale-data runtime governance, workflow-runtime doc alignment, and solo-scale freshness-policy calibration while Gate 0 remained blocked; archived in 2026-04-05 v22.0 Gate 0 Wait Maintenance Bundle.
Map privacy and offline snapshot safety surfaces (2026-04-04): replaced automatic Google Maps embeds with explicit opt-in previews, surfaced offline snapshot age/stale warnings on offline surfaces, updated threat-model/user-guide/architecture docs, and added focused UI/helper coverage; archived in 2026-04-04 v22.0 Map Privacy and Offline Snapshot Safety.
Tier 0 admissions-support hardening (2026-04-01): completed A3 pilot metric instrumentation, A11 public-claim hardening, A22 focused pilot/privacy test coverage, and bounded A6/A16 readiness-audit tooling; archived in 2026-04-01 v22.0 Pilot Metric Instrumentation and Tier 0 Hardening.
CareConnect production cutover and repo finalization (2026-04-03): completed the live careconnect.ing VPS cutover, legacy HelpBridge-domain redirects, GitHub repo rename to jerdaw/careconnect, and post-cutover observability-noise cleanup; archived in CareConnect Rebrand Archive.
C2 retention control closure (2026-03-29): approved retention policy, captured privacy sign-off, attached dated read-only verification evidence, and moved G0-4 to pass.
Workflow/runtime cleanup and 211 sync quarantine (2026-04-01): upgraded the remaining Node-runtime-sensitive GitHub Actions, replaced archived release creation with gh, removed placeholder 211 sync records, and restricted the 211 sync path to explicit manual execution only.
Audit remediation hardening (2026-03-30): enforced org-scoped service creation, removed fabricated provenance, fixed Slack/runbook links and dashboard CSV parsing, added focused runtime coverage, repaired noisy scheduled workflows, and reduced the localized home-route first-load JS to 315 kB.
Repo audit remediation (2026-03-29): completed the typed service-write cleanup, feedback/dashboard action consolidation, member-management split, privacy-safe analytics hardening, reference validation, and dependency/script hygiene follow-through.
Dashboard trust, resilience, and locale hardening (2026-03-30): replaced placeholder partner metrics with live 30-day summaries, added deterministic degraded states for impact/analytics/feedback pages, localized observability/admin surfaces, and tightened focused i18n duplicate-English enforcement.
Code quality remediation (2026-03-26): 0 npm audit vulnerabilities, console→logger migration, component reorganization, schemas rename, ESLint strictness for lib/, file cleanup.
Premium Dark Mode (2026-03-25): Redesigned dark theme with high-contrast Slate-950 base, pure white text, and structured elevation.
v20.0 migration recovery (2026-03-18): 41-file migration chain collapsed into a single reproducible baseline + 3 forward migrations, test infrastructure unified on migration-linked bootstrap.
v20.0 maintenance (2026-03-18): real DB-backed Supabase retrieval/policy test lane added with blocking CI coverage
v18.0: Production observability, Slack alerting, SLO tracking, observability dashboard, and runbooks
v17.7: Search quality testing framework and scoring refinements
v17.6: Authorization resilience, translation workflow automation, and load-testing baseline
v17.5: Circuit breaker rollout, performance tracking, health/metrics endpoints, and k6 infrastructure
v17.0-v17.4: Security, test coverage, internationalization, accessibility, and partner portal foundations

Why This Matters

The project already has the technical base for a live, privacy-first, resilient service directory. The open question is no longer whether the app can ship technically. The open question is whether it creates enough non-duplicate operational value to justify continued expansion.

Archive and Historical Plans

Review Triggers

Update this roadmap when any of the following happen:

UA-1, UA-2, or UA-3 changes status.
Gate 0 moves from NO-GO to GO, or is re-affirmed as NO-GO.
v19 resumes or is explicitly deferred further.
A major data-quality, testing, or deployment baseline changes.
v21 tier sequencing changes or a new admissions evidence artifact materially changes what is worth prioritizing.
A new strategic version becomes active.

Operating Rule

If there is tension between adding more capability and closing the current decision gate, close the decision gate first.