docs(phase-6.1): update tracking after wave 1 — both plans complete

11 tests passing (7 shares + 4 audit), 309 total, 0 failures.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

.planning/ROADMAP.md

@@ -271,6 +271,53 @@ Before any phase is marked complete, all three gates must pass:
 
 ---
 
+### Phase 6: Performance & Production Hardening
+
+**Goal**: The application is ready for production deployment — observable, load-tested, and hardened; response times meet SLA targets under concurrent load; all auth and document endpoints are rate-limited; structured logging and distributed tracing are in place; the Docker image runs as a non-root user with a read-only filesystem.
+**Mode:** mvp
+**Depends on**: Phase 5
+**Requirements**: TBD
+
+**Success Criteria** (what must be TRUE):
+
+1. All API endpoints respond within defined latency targets (p50/p95/p99) under a realistic load test (e.g., 50 concurrent users, 5-minute soak)
+2. Structured JSON logging (correlation IDs, user ID, request latency) is emitted to stdout; a local log aggregation stack (Loki or similar) captures and queries them
+3. All auth endpoints (login, register, password reset, TOTP) enforce per-IP and per-account rate limits that cannot be bypassed by header manipulation
+4. Container hardening is complete: non-root user, read-only root filesystem, dropped Linux capabilities; `docker scout` or equivalent reports zero critical CVEs
+5. A runbook documents all environment variables, startup/shutdown procedures, backup strategy, and on-call escalation path; the app can be stood up from scratch using only the runbook
+
+**Plans**: TBD
+
+---
+
+### Phase 6.1: Close v1.0 audit gaps: SHARE-02/STORE-06/ADMIN-06
+
+**Goal**: Close three v1.0 requirements that remain unimplemented — atomic quota decrement on document delete (STORE-06), "Shared with me" virtual folder without recipient quota charge (SHARE-02), and admin audit log viewer with date/user/action type filters (ADMIN-06).
+**Mode:** mvp
+**Depends on**: Phase 6
+**Requirements**: STORE-06, SHARE-02, ADMIN-06
+
+**Success Criteria** (what must be TRUE):
+
+1. Deleting a document atomically decrements the owning user's quota; after deletion the quota reflects the freed bytes with no race condition under concurrent deletes
+2. A user who receives a shared document sees it appear in a "Shared with me" virtual folder; the recipient's quota usage is not charged for the shared document's storage
+3. An admin can view the audit log filtered independently by date range, user, and action type; filtered results contain no document content, filenames, or extracted text
+
+**Plans**: 2 plans
+
+**Wave 1** — Test promotion (parallel)
+
+- [x] 06.1-01-PLAN.md — Promote test_shares.py stubs to real tests + second_auth_user fixture (SHARE-01..05)
+- [x] 06.1-02-PLAN.md — Promote test_audit.py stubs to real tests (ADMIN-06)
+
+**Phase gates (must pass before Phase 6.1 is complete):**
+
+- [ ] `pytest -v` — zero failures; all 7 share tests + 4 audit log tests passing
+- [ ] Security agent: bandit + pip audit + npm audit all clean
+- [ ] STORE-06 confirmed: `test_delete_decrements_quota` passes under `INTEGRATION=1`
+
+---
+
 ## Progress Table
 
 | Phase | Plans Complete | Status | Completed |
@@ -280,3 +327,5 @@ Before any phase is marked complete, all three gates must pass:
 | 3. Document Migration & Multi-User Isolation | 5/5 | Complete | 2026-05-25 |
 | 4. Folders, Sharing, Quotas & Document UX | 9/9 | Complete | 2026-05-28 |
 | 5. Cloud Storage Backends | 12/12 | Complete | 2026-05-30 |
+| 6. Performance & Production Hardening | 0/TBD | Not started | — |
+| 6.1. Close v1.0 audit gaps | 2/2 | Complete | 2026-05-30 |