Launch readiness checklist
The code-level product is gated in production. Full launch readiness still requires owner-supplied proof inputs for provider health, paid purchase history, Stripe dashboard branding, and Supabase Auth settings.
The canonical command is BASE_URL=https://airinetwork.com npm run launch:gate. A launch-ready run should report 0 failed, 0 blockers. Missing owner proof inputs must remain blockers.
Download the PDF proof packet · Download the Markdown checklist · View structured launch status JSON · View launch status badge SVG
Code-level proofs already covered
- Stripe Checkout Session permission: Stack Audit checkout creates a context-preserving stripe.com Checkout Session.
- Durable rate limiting: production declares REDIS_URL and public API route limits are covered by the KV-capable rateLimitKV invariant.
- Code-level product suites: subscription capture, inbound capture, report deliverables, PDF visual snapshots, pricing surfaces, analytics, rate limits, and security hardening are covered by automated launch suites.
Kit and Resend provider health
Proof: The production machine-health probe must accept the production machine secret and verify Kit + Resend health.
- Set LAUNCH_MACHINE_SECRET to the production MACHINE_SECRET.
- Run the full launch gate against https://airinetwork.com.
- Confirm Resend airinetwork.com domain health and Kit form/tag/sequence health pass.
Gate input: LAUNCH_MACHINE_SECRET=<prod-machine-secret> npm run launch:gate
Paid purchase history smoke
Proof: A real paid or recovered order must produce a PDF and attach to the signed-in user's My Reports history.
- Buy or recover a Stack Audit purchase using the production flow.
- Record PURCHASE_TOKEN and ORDER_ID for automated proof, or set PAID_PURCHASE_SMOKE=passed after manual proof.
- Run BASE_URL=https://airinetwork.com PURCHASE_TOKEN=<token> ORDER_ID=<order-id> npm run launch:purchase-proof for the fast PDF proof.
- Sign in, save the recovered purchase to My Reports, download Original PDF, and regenerate Latest PDF.
- Confirm the report remains available after refreshing and signing back in.
Gate input: PURCHASE_TOKEN=<token> ORDER_ID=<order-id> npm run launch:gate
Stripe dashboard descriptor and receipt proof
Proof: Stripe dashboard settings must be manually confirmed because descriptor/product/receipt branding live outside git.
- Confirm statement descriptor is AIRIN.
- Confirm product names, receipt branding, support email, and checkout success URLs match AIRIN launch copy.
- Set STRIPE_DASHBOARD_SMOKE=passed only after confirmation.
Gate input: STRIPE_DASHBOARD_SMOKE=passed npm run launch:gate
Supabase Auth dashboard proof
Proof: Supabase Auth settings must be manually confirmed because Site URL, OAuth redirects, and email templates live outside git.
- Confirm Site URL, Google OAuth redirect, magic-link redirect/templates, and auth sender/domain.
- Verify the deployed auth flow after any dashboard change.
- Set SUPABASE_AUTH_DASHBOARD_SMOKE=passed only after confirmation.
Gate input: SUPABASE_AUTH_DASHBOARD_SMOKE=passed npm run launch:gate
Owner proof preflight
npm run launch:proof-inputs
Full launch-ready gate
BASE_URL=https://airinetwork.com \ LAUNCH_MACHINE_SECRET=<prod-machine-secret> \ PURCHASE_TOKEN=<real-recovery-token> \ ORDER_ID=<real-order-id> \ STRIPE_DASHBOARD_SMOKE=passed \ SUPABASE_AUTH_DASHBOARD_SMOKE=passed \ npm run launch:gate
The gate intentionally treats the missing paid purchase proof as a blocker rather than a failure. That keeps product regressions separate from the final live-commerce smoke.
Generated from live pipeline data. Informational only, not legal advice.
AIRIN Brief
Built for compliance officers, legal counsel, and SaaS founders. Subscribe to the email digest — one short brief when a tracked vendor materially changes its terms, training policy, or risk rating. Prefer in-app? Watch platforms in your alerts inbox instead.
