/claim #11

Follow-up pushed to strengthen the 2FA and anonymous-mode safeguards from issue #11:

• added an identity security review for privileged project roles without MFA
• flags anonymous users with write-capable project membership
• reports clean/risky identity governance state in the dashboard, demo output, README, tests, and requirement map

Verification after the update:

• cd workspace-access-ledger && npm run check
• cd workspace-access-ledger && npm test
• cd workspace-access-ledger && npm run demo
• git diff --check

Follow-up pushed in aebdde6 to make the project-management lifecycle requirement more explicit.

What changed:

• Added buildProjectLifecycleReport() for project component completeness, lifecycle state, archive approval, archived date, retention date, invitation expiry review, and lifecycle hash.
• Extended the fixture with manuscript/code/dataset/discussion/citation/funding/institution metadata, an archived project, archive approval audit evidence, and active/expired invitations.
• Dashboard output now includes lifecycle status alongside identity security and access decisions.
• Updated tests, CLI demo, README, and the issue User & Project Management #11 requirement map.

Verification rerun:

• npm run check
• npm test
• npm run demo
• git diff --check

Added a short demo video artifact for Algora/reviewer convenience:

• Demo video: https://raw.githubusercontent.com/kkudumu/SCIBASE.AI/kkudumu/workspace-access-ledger-11/workspace-access-ledger/docs/demo.mp4
• Existing GIF remains at workspace-access-ledger/docs/demo.gif
• CLI demo remains npm run demo

This is the same deterministic demo flow already covered by the local tests and README, now available as an MP4 video artifact.

Updated the existing demo video with narrated voiceover explaining every major change in this PR: identity roles, project membership, invitations, privileged-access review, anonymous write-access warnings, lifecycle governance, archive approval, retention dates, and lifecycle hashes. The PR's existing demo-video link now points to the narrated MP4.

Follow-up pushed in e5e0937 to make invitation acceptance/onboarding explicit for issue #11.\n\nWhat changed:\n- Added buildCollaboratorOnboardingPlan() for required identity providers, MFA gates, invite-acceptance route contracts, blocker reasons, and expected audit events before an invited collaborator can join a project.\n- Extended the sample project with ORCID/MFA requirements.\n- Dashboard/demo output now reports onboarding ready/blocked counts and per-invitation blockers.\n- Refreshed the narrated demo MP4 so the existing demo link explains the onboarding change too.\n\nVerification rerun:\n- npm run check\n- npm test\n- npm run demo\n- git diff --check