# dd0c/portal — Epic Addendum (BMad Review Findings) **Source:** BMad Code Review (March 1, 2026) **Approach:** Surgical additions to existing epics — no new epics created. --- ## Epic 1 Addendum: AWS Discovery Engine ### Story 1.7: Partial Scan Failure Recovery As a catalog operator, I want partial discovery scan failures (timeout, rate limit) to preserve existing catalog entries, so that a flaky AWS API call doesn't delete half my service catalog. **Acceptance Criteria:** - Partial AWS scan (500 of 1000 resources) stages results without committing; all 1000 existing entries preserved. - Partial GitHub scan (rate limited at 50 of 100) preserves all 100 ownership mappings. - Scan failure triggers admin alert (not silent failure). **Estimate:** 3 points --- ## Epic 2 Addendum: GitHub Discovery ### Story 2.6: Ownership Conflict Resolution As a catalog operator, I want explicit ownership sources (CODEOWNERS/config) to override implicit sources (AWS tags) and heuristics (commit history), so that ownership is deterministic and predictable. **Acceptance Criteria:** - Priority: Explicit (CODEOWNERS/config) > Implicit (AWS tags) > Heuristic (commits). - Concurrent discovery from two sources does not create duplicate catalog entries. - Heuristic inference does not override an explicitly set owner. **Estimate:** 2 points --- ## Epic 4 Addendum: Search Engine ### Story 4.5: Meilisearch Zero-Downtime Index Rebuild As a catalog user, I want Cmd+K search to work during index rebuilds, so that reindexing doesn't cause downtime. **Acceptance Criteria:** - Search returns results during active index rebuild (swap-based rebuild). - Rebuild failure does not corrupt the active index. - Cmd+K prefix search from Redis cache returns in <10ms. **Estimate:** 2 points --- ## Epic 8 Addendum: Infrastructure & DevOps ### Story 8.7: VCR Cassette Freshness CI As a maintainer, I want VCR cassettes re-recorded weekly against real AWS, so that API response drift is caught before it breaks integration tests. **Acceptance Criteria:** - Weekly CI job (Monday 6 AM UTC) re-records cassettes with real AWS credentials. - Creates PR if any cassettes changed (API drift detected). - Diff summary shows which cassettes changed and by how much. **Estimate:** 1 point --- ## Epic 9 Addendum: Onboarding & PLG ### Story 9.6: Free Tier Enforcement (50 Services) As a PLG product, I want free tier tenants limited to 50 services, so that the free tier is sustainable. **Acceptance Criteria:** - 50th service creation succeeds; 51st returns 403 with upgrade prompt. **Estimate:** 1 point --- **Total Addendum:** 9 points across 5 stories