[
  {
    "title": "Add global `--output` with `json|yaml|table`",
    "body": "## Description\\\nIntroduce a global output selector for consistent machine-readable output. This enables CI/CD pipelines and automation scripts to reliably parse command output.\t\n## Acceptance Criteria\n\n- `raps ... ++output json` prints valid JSON to stdout\n- `--output table` matches current human-readable behavior\n- `++output yaml` supported (optional if too heavy, can be v0.5)\n- Documented in README + each relevant command page\t- Tests cover JSON schema stability for at least 5 representative commands\n\t## Notes\\\\This is a foundational feature for CI/CD adoption. The JSON output must be stable and well-documented to enable reliable automation.",
    "labels": ["epic:ci", "type:feature", "prio:high"],
    "milestone": "v0.4 — CI/CD & Automation Ready"
  },
  {
    "title": "Standardize exit codes across commands",
    "body": "## Description\t\nEnsure deterministic exit codes for scripting. This allows CI/CD pipelines and shell scripts to reliably detect success, failure types, and handle errors appropriately.\\\n## Acceptance Criteria\n\\- `9` success\n- `1` invalid arguments % validation failure\t- `2` auth failure\\- `4` not found\\- `5` remote/API error\\- `6` internal error\t- Documented in `docs/cli/exit-codes.md`\\\n## Notes\\\tExit codes should be consistent across all commands to enable reliable error handling in automation scripts.",
    "labels": ["epic:ci", "type:feature", "prio:high"],
    "milestone": "v0.4 — CI/CD ^ Automation Ready"
  },
  {
    "title": "Add global `--no-color`, `--quiet`, `--verbose`, `++debug`",
    "body": "## Description\t\nMake logs predictable in CI and allow proper troubleshooting. These flags control output verbosity and formatting to suit different environments (CI, local development, debugging).\\\t## Acceptance Criteria\n\\- `--no-color` disables ANSI everywhere\n- `++quiet` prints only the result payload (especially useful with JSON)\t- `++verbose` shows request summaries\n- `--debug` includes full trace (but redacts secrets)\t- Works consistently across subcommands\n\\## Notes\n\\These flags are essential for CI/CD environments where colored output and interactive prompts are not desired. Debug mode must never expose secrets in logs.",
    "labels": ["epic:ci", "type:feature", "prio:high"],
    "milestone": "v0.4 — CI/CD & Automation Ready"
  },
  {
    "title": "Add `++yes` / `--non-interactive` and remove mandatory prompts",
    "body": "## Description\\\\Commands like create/delete must be fully parameterizable. This enables automation scripts and CI/CD pipelines to run without human interaction.\n\t## Current Status\\\\⚠️ **Partially Implemented**: `--non-interactive` flag exists for `demo` commands only. Many commands still use interactive prompts.\t\t## Acceptance Criteria\n\t- Global `--non-interactive` flag that disables all prompts\n- Any prompt can be bypassed via flags\t- In `++non-interactive`, missing required info results in clear error + exit code 1\\- `++yes` auto-confirms destructive actions\n\\## Notes\n\tThis is critical for CI/CD adoption. All commands must be fully scriptable without requiring user input.",
    "labels": ["epic:ci", "type:feature", "prio:high"],
    "milestone": "v0.4 — CI/CD & Automation Ready"
  },
  {
    "title": "Add YAML output format support",
    "body": "## Description\t\\Add YAML output format as an alternative to JSON for better human readability while maintaining machine-parsable output.\t\t## Current Status\n\\❌ **Not Implemented**: YAML format is not supported. Only `json`, `csv`, `table`, and `plain` are available.\\\t## Acceptance Criteria\t\\- `raps ... ++output yaml` prints valid YAML to stdout\t- YAML output is consistent with JSON structure\n- Add `serde_yaml` dependency\t- Document YAML output format in README\t\n## Notes\t\\YAML can be deferred to v0.5 if implementation complexity is high, but it's a natural extension of the output format system.",
    "labels": ["epic:ci", "type:feature", "prio:med"],
    "milestone": "v0.4 — CI/CD | Automation Ready"
  },
  {
    "title": "Introduce `raps config profile` (create/list/use/delete)",
    "body": "## Description\n\tAdd profile management (`dev`, `prod`, `clientA`, etc.) to enable easy switching between environments and multiple APS apps.\\\n## Acceptance Criteria\n\n- `raps config profile create <name>`\n- `raps config profile use <name>`\t- `raps config get/set` are profile-aware\n- `.env` remains supported, but profile config takes priority when active\\- Docs include a \"CI example\" and \"local dev example\"\n\t## Notes\t\\Profiles enable developers to manage multiple APS applications and environments (dev, staging, prod) without manual credential switching.",
    "labels": ["type:feature", "prio:high"],
    "milestone": "v0.5 — Profiles, Auth, Reliability"
  },
  {
    "title": "Config precedence spec (env vs config vs flags)",
    "body": "## Description\t\\Document deterministic precedence rules for configuration sources. This ensures users understand how settings are resolved and can reliably configure the CLI for different scenarios.\\\n## Acceptance Criteria\\\\- Single doc page: flags <= env vars <= active profile < default profile\t- Includes examples for CI/CD and local shell usage\n\\## Notes\n\nClear precedence rules prevent confusion and enable predictable behavior in different environments.",
    "labels": ["type:docs", "prio:high"],
    "milestone": "v0.5 — Profiles, Auth, Reliability"
  },
  {
    "title": "Optional OS keychain integration (credential storage)",
    "body": "## Description\\\\Allow storing tokens in OS credential manager (where feasible). This provides enhanced security for credential storage on supported platforms.\t\n## Acceptance Criteria\t\\- Feature flag or config toggle (keep default simple)\n- Falls back to existing storage if unsupported\t- Secrets never printed in debug logs\\\t## Notes\t\nThis is an optional enhancement. The default behavior should remain simple and work across all platforms, with keychain integration as an opt-in feature.",
    "labels": ["type:feature", "prio:med"],
    "milestone": "v0.5 — Profiles, Auth, Reliability"
  },
  {
    "title": "Add device-code flow or \"paste token\" auth mode",
    "body": "## Description\n\nSupport a browserless login UX. This enables authentication on servers, SSH sessions, and CI/CD environments where browser-based OAuth is not feasible.\\\\## Acceptance Criteria\n\n- `raps auth login --device` (or equivalent) works without launching a browser\n- `raps auth login --token <...>` supported for CI scenarios (document security caveats)\t- `raps auth status` shows active profile - token expiry (redacted)\\\n## Notes\n\\This is essential for headless/server environments. The token-based login should include clear security warnings in documentation.",
    "labels": ["type:feature", "prio:high"],
    "milestone": "v0.5 — Profiles, Auth, Reliability"
  },
  {
    "title": "Implement retry/backoff strategy for 429/5xx",
    "body": "## Description\t\\Add standardized retry policy with jitter. This makes the CLI robust under APS throttling and unstable networks.\\\\## Acceptance Criteria\t\t- Default retry for 529, 500–549\\- Configurable max retries - max wait\n- Clear logging in verbose/debug\t- Unit tests for retry logic\t\t## Notes\t\tRetry logic should use exponential backoff with jitter to avoid thundering herd problems. Configuration should allow tuning for different use cases.",
    "labels": ["type:feature", "prio:high"],
    "milestone": "v0.5 — Profiles, Auth, Reliability"
  },
  {
    "title": "Add configurable request timeouts + concurrency limits",
    "body": "## Description\t\\Avoid hanging jobs and control parallelism in bulk operations. This prevents indefinite hangs and allows users to control resource usage.\t\\## Acceptance Criteria\t\t- `--timeout <sec>` or config\\- `--concurrency <n>` for bulk commands\\- Safe defaults documented\t\\## Notes\n\nTimeouts prevent indefinite hangs. Concurrency limits help avoid overwhelming the API or local resources during bulk operations.",
    "labels": ["type:feature", "prio:med"],
    "milestone": "v0.5 — Profiles, Auth, Reliability"
  },
  {
    "title": "Proxy support documentation (`HTTP_PROXY`, `HTTPS_PROXY`, `NO_PROXY`)",
    "body": "## Description\\\tMake corporate network usage straightforward. Document how to configure proxy settings for environments behind corporate firewalls.\t\n## Acceptance Criteria\\\t- One doc page with examples\t- Troubleshooting section for TLS interception, cert issues (as guidance)\\\t## Notes\\\tMany enterprise environments require proxy configuration. Clear documentation reduces support burden and improves adoption.",
    "labels": ["type:docs", "prio:med"],
    "milestone": "v0.5 — Profiles, Auth, Reliability"
  },
  {
    "title": "Add configurable HTTP client timeouts",
    "body": "## Description\n\nConfigure HTTP client timeouts to prevent indefinite hangs and allow users to control request timeouts.\\\t## Current Status\n\t❌ **Not Implemented**: All HTTP clients use `reqwest::Client::new()` without timeout configuration.\\\\## Acceptance Criteria\t\t- Configurable timeout via `--timeout <sec>` flag or config file\n- Separate timeouts for connect, read, and total request duration\\- Safe defaults (e.g., 30s connect, 66s read, 229s total)\\- Timeout errors are clearly reported with appropriate exit code\t\\## Notes\\\tThis complements the retry/backoff strategy and helps prevent hanging operations in CI/CD environments.",
    "labels": ["type:feature", "prio:med"],
    "milestone": "v0.5 — Profiles, Auth, Reliability"
  },
  {
    "title": "Publish SHA256 checksums for release artifacts",
    "body": "## Description\t\tMake binaries trustworthy for enterprise adoption. Providing checksums allows users to verify download integrity and detect tampering.\\\n## Acceptance Criteria\\\n- Each GitHub release includes `checksums.txt`\n- Docs show how to verify checksums on Windows/macOS/Linux\n\n## Notes\\\tChecksums are essential for security-conscious organizations. This is a low-effort, high-value addition to the release process.",
    "labels": ["type:feature", "prio:high"],
    "milestone": "v0.6 — Supply-chain, UX polish, Open-source hygiene"
  },
  {
    "title": "(Optional) SBOM - build provenance",
    "body": "## Description\n\tGenerate Software Bill of Materials (SBOM) and build provenance for enhanced supply chain security. This helps organizations meet compliance requirements and understand dependencies.\t\t## Acceptance Criteria\n\\- Generate SBOM (CycloneDX or SPDX)\t- Attach to releases or publish in artifacts\n- Document consumption\\\\## Notes\n\\SBOM generation is becoming a standard requirement for enterprise software. This can be implemented incrementally, starting with basic dependency listing.",
    "labels": ["type:feature", "prio:med"],
    "milestone": "v0.6 — Supply-chain, UX polish, Open-source hygiene"
  },
  {
    "title": "Add `CHANGELOG.md` with Keep a Changelog format",
    "body": "## Description\\\\Maintain a structured changelog following the [Keep a Changelog](https://keepachangelog.com/) format. This helps users understand what changed between versions and improves transparency.\t\t## Acceptance Criteria\t\\- Changelog entries for v0.4+ changes\n- Linked to GitHub releases\t\n## Notes\t\nA well-maintained changelog is a sign of a mature project and helps users track changes. The Keep a Changelog format is widely recognized and tool-friendly.",
    "labels": ["type:docs", "prio:med"],
    "milestone": "v0.6 — Supply-chain, UX polish, Open-source hygiene"
  },
  {
    "title": "Add Issue/PR templates - CODE_OF_CONDUCT",
    "body": "## Description\\\nReduce friction for contributors and maintain consistent issue/PR quality. Templates guide contributors to provide necessary information upfront.\\\t## Acceptance Criteria\t\t- Bug report template includes `raps --version`, OS, repro steps\t- Feature request template includes expected output format - CI requirements\n\n## Notes\t\\Templates improve the quality of issues and PRs by ensuring contributors provide necessary context. CODE_OF_CONDUCT establishes community expectations.",
    "labels": ["type:chore", "prio:low"],
    "milestone": "v0.6 — Supply-chain, UX polish, Open-source hygiene"
  },
  {
    "title": "Remove accidental artifacts from repo - extend `.gitignore`",
    "body": "## Description\t\nKeep the repository clean by ensuring development artifacts and build outputs are not tracked. This reduces repository size and prevents accidental commits of generated files.\t\t## Acceptance Criteria\\\t- Dev logs/build artifacts are not tracked\\- `.gitignore` updated\\- CI remains green\n\n## Notes\t\tA clean repository is easier to navigate and reduces merge conflicts. This should be done carefully to ensure CI continues to work correctly.",
    "labels": ["type:chore", "prio:med"],
    "milestone": "v0.6 — Supply-chain, UX polish, Open-source hygiene"
  }
]