# Thai2Viet Production Readiness Report

Generated: 2026-05-28T01:55:00.944Z
Mode: quick

Overall readiness: 93%

## Web Core (100%)
- OK: Astro build output exists - dist/index.html
- OK: Localized legal pages built - privacy/terms/account deletion
- OK: Runtime client error logger installed - production error telemetry
- OK: No static mojibake test exists - UTF-8 guard

## API And Security (100%)
- OK: Route policy registry exists - API access map
- OK: Admin APIs are policy guarded - route policy test
- OK: Account deletion request API exists - store compliance
- OK: Email verification and password reset APIs exist - paid launch auth baseline
- OK: Admin TOTP gate exists - enable with ADMIN_TOTP_REQUIRED
- OK: Account recovery UI exists - public form can use recovery APIs
- OK: Secret scanner script exists - npm run secret:check
- OK: Pre-production local gate exists - checks local work before external accounts
- OK: Local release gate exists - one-command local release check
- OK: Restore drill evidence template exists - clean-DB drill record helper
- OK: Email provider adapter exists - credential-gated queued email sender
- OK: Payment webhook review mode exists - manual review before auto-approval

## Mobile App (100%)
- OK: Capacitor config exists - app shell
- OK: Android project exists - Google Play path
- OK: Admin hidden in app context - learner app only
- OK: Manual QR payments blocked in app context - store policy
- OK: Store billing readiness API exists - IAP gate

## Store And Legal (100%)
- OK: Privacy policy page exists - all locales
- OK: Terms page exists - all locales
- OK: Account deletion form exists - in-product deletion request
- OK: Audit legal pack exists - downloadable evidence
- OK: Store checklist exists - release evidence
- OK: Audit index exists - machine-readable evidence map
- OK: Pre-production local evidence exists - local no-external-account gate
- OK: Public readiness report exists - latest generated readiness evidence

## Release Environment (43%)
- OK: Production env template exists - .env.production.example
- BLOCKED: PUBLIC_API_BASE_URL - Required before store release
- BLOCKED: JAVA_HOME - Required before store release
- BLOCKED: Java command available - Install JDK 17+ and ensure java is available in PATH
- BLOCKED: Android keystore configured - Required before Play upload
- OK: APPLE_APP_STORE_ISSUER_ID - Optional for local checks
- OK: GOOGLE_PLAY_PACKAGE_NAME - Optional for local checks

## Current Blockers
- Release Environment: PUBLIC_API_BASE_URL (Required before store release)
- Release Environment: JAVA_HOME (Required before store release)
- Release Environment: Java command available (Install JDK 17+ and ensure java is available in PATH)
- Release Environment: Android keystore configured (Required before Play upload)

## Recommended Next Steps
- Configure production HTTPS API and set PUBLIC_API_BASE_URL before building store binaries.
- Set EMAIL_PROVIDER=resend and RESEND_API_KEY, or keep noop until another provider is chosen.
- Set ADMIN_TOTP_REQUIRED=true and ADMIN_TOTP_SECRET after enrolling the owner authenticator app.
- Install JDK 17+, set JAVA_HOME, and create android/keystore.properties for Google Play upload.
- Enable real Apple/Google receipt validation before paid app subscriptions are made available.
- Run npm run prod:readiness:verify before every release candidate.
- Run npm run release:local before release candidate handoff on the local Windows workspace.
- Run npm run preprod:local:write after local-only release hardening changes.