Product Overview
4SDL (4-element Software Development Lifecycle) is a platform for managing AI-assisted software development with 8 mandatory human gates. The platform enables teams to use Claude Code as their primary implementation engine (~80% of work) while humans focus on review, approval, and strategic decisions (~20%).
The platform follows the Ideate, Design, Build, Approve workflow and enforces a structured pipeline from requirements through production deployment.
Applications
| App | Purpose | Status |
|---|---|---|
| 4sdl-admin | Admin UI for platform operators — cross-customer metrics, gate review queues, platform health | In Development |
| 4sdl-customer-ui | Customer UI for development teams — projects, stories, gates, branches, knowledge base | In Development |
| 4sdl-ideation | Early-stage product exploration and idea capture | Planned |
Future: These will be split into multiple GitHub repositories as the platform matures.
8 Mandatory Human Gates
| # | Gate | Owner |
|---|---|---|
| 1 | Spec Review | Product Owner |
| 2 | Plan Approval | Engineering Lead + Architect |
| 3 | Security Review | Security Engineer |
| 4 | PR Code Review | Engineering Lead + Developer |
| 5 | Stage Approval | Engineering Lead + QA |
| 6 | Production Gate | Engineering Lead + Product Owner |
| 7 | Roadmap Update | Product Owner |
| 8 | Feature Flag Promotion | Engineering Lead + Product Owner |
No gate may be skipped. Claude assists at each stage but cannot approve its own output.
Tech Stack
Frontend
- Vite + React + TypeScript
- shadcn/ui + Tailwind CSS
- React Router, Remix Icons
- Biome (lint/format), Vitest, Playwright
- Zod schema validation
Backend
- AWS Lambda (Node.js LTS / TypeScript)
- API Gateway (REST)
- oRPC type-safe contracts
- Kysely SQL query builder
Auth
- better-auth + DynamoDB adapter
- Email OTP, Magic Link, Google OAuth
- httpOnly cookies, server-side sessions
- AWS SES for auth emails
Data
- DynamoDB: sessions, config, flags, audit
- Aurora PostgreSQL: relational, reporting
- pgvector for semantic search
Infrastructure
- Pulumi IaC (TypeScript)
- GitHub Actions CI/CD
- AWS private VPC
- CloudWatch Logs (30-day retention)
Source of Truth Tiers
| Tier | Source | Maintainer |
|---|---|---|
| 1 — External | Cont3xt.dev knowledge base | Humans |
| 2 — Planning | docs/requirements/, CLAUDE.md, .claude/rules/ | Human-reviewed |
| 3 — Generated | Buildspecs, architecture docs, context files | Skills (never manually edit) |
Environment Promotion Flow
feature branch → test (unit + integration) → PR to main (human review) → stage (full tests + smoke) → prod (gate approval)
Key Differentiators
- AI-native SDLC — Claude Code generates ~80% of implementation
- Mandatory human gates — No AI output ships without human review
- Multi-agent architecture — 28+ specialized agents collaborate on specs, code, and reviews
- Contract-first development — oRPC/Zod contracts enable parallel frontend/backend work
- Knowledge store integration — Cont3xt.dev provides cross-project organizational memory