Product documentation

Scoped grants and governance-suspended controls

Added reusable approval grants, grant lineage, governance-suspended session metadata, policy session grants, and auto-permit rules

Status: shipped | Area: policy | Published: 2026-04-10

Control impact: Approval lineage, headless governance behavior, and policy-sourced authorization are now explicit and reviewable across CLI, GraphQL, TUI, and audit chain.

Added checkpoint approval scopes: once, session, and policy
Added authoritative grant lifecycle events: session_grant, session_grant_ref, session_grant_invalidated, policy_session_grant
Added syndicate grants list, syndicate grants history, syndicate grants revoke, and revoke-grant
Added governance-suspended session-open metadata (governance_mode, reason) on session.genesis
Added governance_mode_policy validation and startup rejection behavior
Added deterministic auto_permit_rules evaluation before interactive checkpoint