@@ -180,6 +180,30 @@ PAYMENTS SP04 adds the self-serve onboarding flow: |
| 180 | 180 | tells the owner that activation waits for webhook processing; cancel |
| 181 | 181 | keeps the organization on Free and offers a retry path. |
| 182 | 182 | |
| 183 | +PAYMENTS SP05 adds the local entitlement boundary. Product code must ask |
| 184 | +`internal/entitlements` for feature decisions instead of inspecting |
| 185 | +`orgs.plan` directly. The package derives access from |
| 186 | +`org_billing_states`, understands billing-good-standing states, and |
| 187 | +returns upgrade metadata for user-facing handlers. |
| 188 | + |
| 189 | +PAYMENTS SP06 wires the first Team gates: |
| 190 | + |
| 191 | +- Secret teams require Team to create. Existing secret teams remain |
| 192 | + visible to authorized viewers after downgrade; owners can remove |
| 193 | + members and repository grants, but adding members or granting more |
| 194 | + repository access is blocked until Team billing is active again. |
| 195 | +- Required reviewers and advanced status-check branch protection are |
| 196 | + Team-only for private organization repositories. Public organization |
| 197 | + repositories keep those safety controls available on Free. |
| 198 | +- Downgraded private organization repositories may delete protection |
| 199 | + rules or submit a rule update that clears the gated review/check |
| 200 | + settings. |
| 201 | +- Org-level Actions secrets and variables require Team for create or |
| 202 | + update in both HTML settings and REST API routes. Delete stays |
| 203 | + available so owners can clean up gated configuration after downgrade. |
| 204 | +- Org-level Actions secrets and variables API routes require |
| 205 | + organization owner or site-admin access before entitlement checks. |
| 206 | + |
| 183 | 207 | ## Entitlement architecture |
| 184 | 208 | |
| 185 | 209 | Paid feature checks must live behind a central entitlement package, not |
@@ -242,10 +266,6 @@ organization upgrades again. |
| 242 | 266 | - Whether Free should limit private org collaborators before usage |
| 243 | 267 | metering exists, or whether the first paid gates are advanced controls |
| 244 | 268 | only. |
| 245 | | -- Whether required reviewers are gated only for private org repos. The |
| 246 | | - current lean is private-org-only. |
| 247 | | -- Whether org-level Actions secrets and variables should be Team-only |
| 248 | | - even for public repositories. The current lean is yes for org scope. |
| 249 | 269 | - Exact Free and Team quota numbers for Actions and storage. These must |
| 250 | 270 | come from real host-cost estimates before SP08. |
| 251 | 271 | |