# S05: End-to-end trust and workflow polish

**Goal:** Prove the full daily-use loop as one trustworthy workflow by tightening shared next-action/readiness signals, then validating overview → workspace → package → Gmail continuity → follow-up behavior without weakening the manual-send boundary.
**Demo:** Starting from the table, dashboard, or reminders, the user can open the same job workspace, see trustworthy action/readiness cues, reuse saved package state, refresh linked Gmail correspondence on that job, generate a grounded follow-up draft, and confirm that no recruiter email is sent unless the user explicitly chooses the send/log action.

S05 does not newly own an active requirement, but it is the milestone slice that must **support and re-prove active requirements R008 and R010 together**. R008 matters because `POST /api/jobapplications/{id}/send-followup` is a real outbound boundary and the final loop must keep that action explicitly manual. R010 matters because the remaining milestone risk is heuristic drift: table, dashboard, reminders, workspace readiness, Gmail continuity, and follow-up drafting can each work alone while still feeling like separate systems.

The work is grouped into two tasks because the slice has two different risks. First, the workflow needs one shared trust/action model so the overview surfaces stop guessing from free-form `followUpReason` text or raw `notes` presence. Second, the milestone still needs one integrated proof path that exercises the real loop end to end and only polishes the UI where that proof exposes ambiguity. Doing contract/polish first and integrated proof second keeps the task count small while making sure every task delivers user-visible progress.

## Must-Haves

- Table, dashboard, reminders, and workspace readiness use a shared workflow trust model instead of drifting string/notes heuristics.
- The job workspace clearly preserves the saved-package → Gmail-correspondence → follow-up-draft chain for one job.
- Final proof exercises the full loop without auto-sending email or inventing a second workflow.

## Proof Level

- This slice proves: final-assembly
- Real runtime required: yes
- Human/UAT required: yes

## Verification

- `dotnet test JobTrackerApi.Tests/JobTrackerApi.Tests.csproj --filter JobApplicationsWorkflowSignalsTests`
- `CI=true npm --prefix job-tracker-ui test -- --watch=false --runTestsByPath src/workflow-trust-signals.test.tsx`
- `CI=true npm --prefix job-tracker-ui test -- --watch=false --runTestsByPath src/end-to-end-trust-loop.test.tsx`
- `CI=true npm --prefix job-tracker-ui test -- --watch=false --runTestsByPath src/correspondence-gmail-import.test.tsx src/job-details-generated-drafts.test.tsx src/job-details-followup-drafts.test.tsx src/daily-control-loop.test.tsx`
- `CI=true npm --prefix job-tracker-ui run build`
- Browser UAT: from `/jobs`, `/dashboard`, and `/reminders`, open the same job workspace, confirm saved package material is reused in follow-up drafting, confirm linked-thread refresh shows new correspondence without thread re-import, and stop before `send-followup` unless the environment is configured to a safe sink/stub.
- Failure-path check: the integrated UI regression must prove that follow-up drafting remains available without triggering `/jobapplications/{id}/send-followup`, and the focused workflow-signal tests must fail if overview surfaces drift from the shared routing/readiness contract.

## Observability / Diagnostics

- Runtime signals: explicit workflow trust/action fields for overview surfaces, workspace readiness state, linked-thread refresh status, and follow-up grounding/manual-send affordances.
- Inspection surfaces: `GET /api/jobapplications/reminders`, `GET /api/jobapplications/{id}/readiness`, `GET /api/jobapplications/{id}/followup-draft`, `GET /api/correspondence/{jobId}`, `job-tracker-ui/src/jobWorkflowSignals.ts`, and the focused/integrated UI tests.
- Failure visibility: broken action routing, stale package-readiness inference, missing Gmail continuity state, or accidental send coupling should surface as failing targeted tests and as incorrect workspace state during browser UAT.
- Redaction constraints: do not add logs that expose private correspondence bodies, recruiter email contents, or secret Gmail/auth configuration.

## Integration Closure

- Upstream surfaces consumed: `JobTrackerApi/Controllers/JobApplicationsController.cs`, `JobTrackerApi/Controllers/GmailController.cs`, `job-tracker-ui/src/components/JobTable.tsx`, `job-tracker-ui/src/components/DashboardView.tsx`, `job-tracker-ui/src/components/RemindersView.tsx`, `job-tracker-ui/src/components/JobDetailsDialog.tsx`, `job-tracker-ui/src/components/Correspondence.tsx`, and the existing focused tests from S01-S04.
- New wiring introduced in this slice: one shared workflow-signal contract/helper for overview routing and readiness, plus one integrated trust-loop regression that composes package persistence, Gmail continuity, and grounded follow-up drafting in the same workspace path.
- What remains before the milestone is truly usable end-to-end: nothing beyond running the final live-safe browser/UAT loop against real configured services.

## Tasks

- [x] **T01: Centralize workflow trust signals across overview and readiness surfaces** `est:5h`
  - Why: S05 cannot prove coherence while table, dashboard, reminders, and readiness still infer next actions from separate brittle rules.
  - Files: `JobTrackerApi/Controllers/JobApplicationsController.cs`, `JobTrackerApi.Tests/JobApplicationsWorkflowSignalsTests.cs`, `job-tracker-ui/src/types.ts`, `job-tracker-ui/src/jobWorkflowSignals.ts`, `job-tracker-ui/src/components/JobTable.tsx`, `job-tracker-ui/src/components/DashboardView.tsx`, `job-tracker-ui/src/components/RemindersView.tsx`, `job-tracker-ui/src/workflow-trust-signals.test.tsx`
  - Do: add explicit workflow trust/action fields or normalized routing metadata at the controller/DTO layer, introduce a shared UI helper that consumes those fields instead of parsing free-form strings or raw `notes`, and update table/dashboard/reminders to route from the same source of truth without breaking the existing shared `/jobs?open=...&tab=...` workspace entry pattern.
  - Verify: `dotnet test JobTrackerApi.Tests/JobTrackerApi.Tests.csproj --filter JobApplicationsWorkflowSignalsTests` and `CI=true npm --prefix job-tracker-ui test -- --watch=false --runTestsByPath src/workflow-trust-signals.test.tsx`
  - Done when: the overview surfaces and readiness logic describe the same next action for the same job without depending on ad-hoc string matching or treating all `notes` content as generic package readiness.
- [ ] **T02: Add integrated trust-loop proof and workspace polish** `est:5h`
  - Why: the milestone still needs one trustworthy proof path that composes the existing package, Gmail, and follow-up slices and exposes any remaining trust gaps in the real workspace.
  - Files: `job-tracker-ui/src/components/JobDetailsDialog.tsx`, `job-tracker-ui/src/components/Correspondence.tsx`, `job-tracker-ui/src/end-to-end-trust-loop.test.tsx`, `job-tracker-ui/src/daily-control-loop.test.tsx`, `.gsd/milestones/M001/slices/S05/S05-UAT.md`
  - Do: add a focused integrated UI regression that starts from an overview entry surface and walks through saved package reuse, linked-thread continuity, and grounded follow-up drafting; patch only the workspace/continuity UI needed to make that path trustworthy and explicit; and capture a live-safe UAT script that preserves the manual-send boundary.
  - Verify: `CI=true npm --prefix job-tracker-ui test -- --watch=false --runTestsByPath src/end-to-end-trust-loop.test.tsx`, `CI=true npm --prefix job-tracker-ui test -- --watch=false --runTestsByPath src/correspondence-gmail-import.test.tsx src/job-details-generated-drafts.test.tsx src/job-details-followup-drafts.test.tsx src/daily-control-loop.test.tsx`, and `CI=true npm --prefix job-tracker-ui run build`
  - Done when: one integrated regression proves the end-to-end trust loop, focused regressions still pass, and the live-UAT instructions let a human verify real services without accidentally sending recruiter email.

## Files Likely Touched

- `JobTrackerApi/Controllers/JobApplicationsController.cs`
- `JobTrackerApi.Tests/JobApplicationsWorkflowSignalsTests.cs`
- `job-tracker-ui/src/types.ts`
- `job-tracker-ui/src/jobWorkflowSignals.ts`
- `job-tracker-ui/src/components/JobTable.tsx`
- `job-tracker-ui/src/components/DashboardView.tsx`
- `job-tracker-ui/src/components/RemindersView.tsx`
- `job-tracker-ui/src/components/JobDetailsDialog.tsx`
- `job-tracker-ui/src/components/Correspondence.tsx`
- `job-tracker-ui/src/workflow-trust-signals.test.tsx`
- `job-tracker-ui/src/end-to-end-trust-loop.test.tsx`
- `.gsd/milestones/M001/slices/S05/S05-UAT.md`