@adammcarter/use-cases 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.agents/skills/migration/SKILL.md +85 -0
- package/.agents/skills/showcase/SKILL.md +60 -0
- package/.agents/skills/use-cases/SKILL.md +161 -0
- package/.agents/skills/walkthrough/SKILL.md +48 -0
- package/.claude-plugin/plugin.json +14 -0
- package/.codex-plugin/plugin.json +33 -0
- package/.mcp.json +8 -0
- package/.opencode/plugin/use-cases.js +32 -0
- package/CHANGELOG.md +125 -0
- package/LICENSE +21 -0
- package/README.md +112 -0
- package/bootstrap/use-cases.md +60 -0
- package/docs/README.md +51 -0
- package/docs/acceptance.md +16 -0
- package/docs/activation.md +89 -0
- package/docs/adr/0001-p0-bootstrap-decisions.md +107 -0
- package/docs/adr/0002-p1-schema-contracts.md +136 -0
- package/docs/adr/0003-p2-use-case-matrix-contracts.md +67 -0
- package/docs/adr/0004-p3-evidence-ledger-contracts.md +85 -0
- package/docs/adr/0005-p4-cli-contract.md +70 -0
- package/docs/adr/0006-trusted-user-approval-path.md +125 -0
- package/docs/cli.md +108 -0
- package/docs/data-model.md +56 -0
- package/docs/getting-started.md +296 -0
- package/docs/hosts.md +30 -0
- package/docs/markers-adoption.md +100 -0
- package/docs/mcp.md +114 -0
- package/docs/migration.md +90 -0
- package/docs/reference/error-codes.md +123 -0
- package/docs/reference/stability.md +123 -0
- package/docs/release.md +26 -0
- package/docs/security/ci-hardening.md +144 -0
- package/docs/security/key-management.md +158 -0
- package/docs/security.md +66 -0
- package/docs/showcase.md +39 -0
- package/docs/tutorials/python-pytest.md +188 -0
- package/examples/basic-product/demo-capsules/product-search.yml +23 -0
- package/examples/basic-product/evidence/by-id/ev/evidence-basic-search.jsonl +1 -0
- package/examples/basic-product/showcase-runs/run.basic.product.search/events.jsonl +4 -0
- package/examples/basic-product/use-cases/product.yml +85 -0
- package/examples/basic-product/use-cases.yml +9 -0
- package/examples/damaged-product/evidence/broken.jsonl +1 -0
- package/examples/damaged-product/use-cases/duplicate-a.yml +28 -0
- package/examples/damaged-product/use-cases/duplicate-b.yml +28 -0
- package/examples/damaged-product/use-cases/malformed.yml +14 -0
- package/examples/damaged-product/use-cases/valid-sibling.yml +28 -0
- package/examples/damaged-product/use-cases.yml +9 -0
- package/examples/host-projections/use-cases.yml +9 -0
- package/examples/python-pytest/README.md +39 -0
- package/examples/python-pytest/pytest.ini +8 -0
- package/examples/python-pytest/src/coupon.py +32 -0
- package/examples/python-pytest/tests/use_cases/example.checkout.apply_coupon_test.py +31 -0
- package/examples/python-pytest/use-cases/checkout.yml +47 -0
- package/examples/python-pytest/use-cases.yml +19 -0
- package/hooks/hooks-codex.json +16 -0
- package/hooks/hooks.json +16 -0
- package/hooks/session-start +42 -0
- package/hosts/claude.yml +29 -0
- package/hosts/codex.yml +29 -0
- package/hosts/copilot.yml +29 -0
- package/hosts/opencode.yml +29 -0
- package/package.json +81 -0
- package/packages/cli/README.md +37 -0
- package/packages/cli/dist/args/parse.d.ts +6 -0
- package/packages/cli/dist/args/parse.d.ts.map +1 -0
- package/packages/cli/dist/args/parse.js +55 -0
- package/packages/cli/dist/args/parse.js.map +1 -0
- package/packages/cli/dist/args/validate.d.ts +3 -0
- package/packages/cli/dist/args/validate.d.ts.map +1 -0
- package/packages/cli/dist/args/validate.js +80 -0
- package/packages/cli/dist/args/validate.js.map +1 -0
- package/packages/cli/dist/builtins.d.ts +2 -0
- package/packages/cli/dist/builtins.d.ts.map +1 -0
- package/packages/cli/dist/builtins.js +235 -0
- package/packages/cli/dist/builtins.js.map +1 -0
- package/packages/cli/dist/command/dispatch.d.ts +4 -0
- package/packages/cli/dist/command/dispatch.d.ts.map +1 -0
- package/packages/cli/dist/command/dispatch.js +45 -0
- package/packages/cli/dist/command/dispatch.js.map +1 -0
- package/packages/cli/dist/command/help-catalog.d.ts +13 -0
- package/packages/cli/dist/command/help-catalog.d.ts.map +1 -0
- package/packages/cli/dist/command/help-catalog.js +42 -0
- package/packages/cli/dist/command/help-catalog.js.map +1 -0
- package/packages/cli/dist/command/registry.d.ts +3 -0
- package/packages/cli/dist/command/registry.d.ts.map +1 -0
- package/packages/cli/dist/command/registry.js +33 -0
- package/packages/cli/dist/command/registry.js.map +1 -0
- package/packages/cli/dist/command/types.d.ts +32 -0
- package/packages/cli/dist/command/types.d.ts.map +1 -0
- package/packages/cli/dist/command/types.js +6 -0
- package/packages/cli/dist/command/types.js.map +1 -0
- package/packages/cli/dist/commands/capsule.d.ts +7 -0
- package/packages/cli/dist/commands/capsule.d.ts.map +1 -0
- package/packages/cli/dist/commands/capsule.js +178 -0
- package/packages/cli/dist/commands/capsule.js.map +1 -0
- package/packages/cli/dist/commands/common.d.ts +7 -0
- package/packages/cli/dist/commands/common.d.ts.map +1 -0
- package/packages/cli/dist/commands/common.js +32 -0
- package/packages/cli/dist/commands/common.js.map +1 -0
- package/packages/cli/dist/commands/doctor.d.ts +6 -0
- package/packages/cli/dist/commands/doctor.d.ts.map +1 -0
- package/packages/cli/dist/commands/doctor.js +133 -0
- package/packages/cli/dist/commands/doctor.js.map +1 -0
- package/packages/cli/dist/commands/evidence.d.ts +6 -0
- package/packages/cli/dist/commands/evidence.d.ts.map +1 -0
- package/packages/cli/dist/commands/evidence.js +191 -0
- package/packages/cli/dist/commands/evidence.js.map +1 -0
- package/packages/cli/dist/commands/host.d.ts +6 -0
- package/packages/cli/dist/commands/host.d.ts.map +1 -0
- package/packages/cli/dist/commands/host.js +180 -0
- package/packages/cli/dist/commands/host.js.map +1 -0
- package/packages/cli/dist/commands/keygen.d.ts +4 -0
- package/packages/cli/dist/commands/keygen.d.ts.map +1 -0
- package/packages/cli/dist/commands/keygen.js +132 -0
- package/packages/cli/dist/commands/keygen.js.map +1 -0
- package/packages/cli/dist/commands/markers.d.ts +8 -0
- package/packages/cli/dist/commands/markers.d.ts.map +1 -0
- package/packages/cli/dist/commands/markers.js +455 -0
- package/packages/cli/dist/commands/markers.js.map +1 -0
- package/packages/cli/dist/commands/matrix.d.ts +8 -0
- package/packages/cli/dist/commands/matrix.d.ts.map +1 -0
- package/packages/cli/dist/commands/matrix.js +237 -0
- package/packages/cli/dist/commands/matrix.js.map +1 -0
- package/packages/cli/dist/commands/migrate.d.ts +4 -0
- package/packages/cli/dist/commands/migrate.d.ts.map +1 -0
- package/packages/cli/dist/commands/migrate.js +82 -0
- package/packages/cli/dist/commands/migrate.js.map +1 -0
- package/packages/cli/dist/commands/plan.d.ts +6 -0
- package/packages/cli/dist/commands/plan.d.ts.map +1 -0
- package/packages/cli/dist/commands/plan.js +129 -0
- package/packages/cli/dist/commands/plan.js.map +1 -0
- package/packages/cli/dist/commands/recover.d.ts +4 -0
- package/packages/cli/dist/commands/recover.d.ts.map +1 -0
- package/packages/cli/dist/commands/recover.js +352 -0
- package/packages/cli/dist/commands/recover.js.map +1 -0
- package/packages/cli/dist/commands/schema.d.ts +5 -0
- package/packages/cli/dist/commands/schema.d.ts.map +1 -0
- package/packages/cli/dist/commands/schema.js +51 -0
- package/packages/cli/dist/commands/schema.js.map +1 -0
- package/packages/cli/dist/commands/showcase.d.ts +14 -0
- package/packages/cli/dist/commands/showcase.d.ts.map +1 -0
- package/packages/cli/dist/commands/showcase.js +638 -0
- package/packages/cli/dist/commands/showcase.js.map +1 -0
- package/packages/cli/dist/commands/workflow.d.ts +5 -0
- package/packages/cli/dist/commands/workflow.d.ts.map +1 -0
- package/packages/cli/dist/commands/workflow.js +107 -0
- package/packages/cli/dist/commands/workflow.js.map +1 -0
- package/packages/cli/dist/coreLoader.d.ts +6 -0
- package/packages/cli/dist/coreLoader.d.ts.map +1 -0
- package/packages/cli/dist/coreLoader.js +34 -0
- package/packages/cli/dist/coreLoader.js.map +1 -0
- package/packages/cli/dist/index.d.ts +5 -0
- package/packages/cli/dist/index.d.ts.map +1 -0
- package/packages/cli/dist/index.js +83 -0
- package/packages/cli/dist/index.js.map +1 -0
- package/packages/cli/dist/render.d.ts +2 -0
- package/packages/cli/dist/render.d.ts.map +1 -0
- package/packages/cli/dist/render.js +88 -0
- package/packages/cli/dist/render.js.map +1 -0
- package/packages/cli/dist/runtime.d.ts +25 -0
- package/packages/cli/dist/runtime.d.ts.map +1 -0
- package/packages/cli/dist/runtime.js +89 -0
- package/packages/cli/dist/runtime.js.map +1 -0
- package/packages/cli/package.json +38 -0
- package/packages/core/README.md +37 -0
- package/packages/core/dist/capsules/index.d.ts +4 -0
- package/packages/core/dist/capsules/index.d.ts.map +1 -0
- package/packages/core/dist/capsules/index.js +4 -0
- package/packages/core/dist/capsules/index.js.map +1 -0
- package/packages/core/dist/capsules/loadCapsule.d.ts +11 -0
- package/packages/core/dist/capsules/loadCapsule.d.ts.map +1 -0
- package/packages/core/dist/capsules/loadCapsule.js +167 -0
- package/packages/core/dist/capsules/loadCapsule.js.map +1 -0
- package/packages/core/dist/capsules/runCapsule.d.ts +3 -0
- package/packages/core/dist/capsules/runCapsule.d.ts.map +1 -0
- package/packages/core/dist/capsules/runCapsule.js +333 -0
- package/packages/core/dist/capsules/runCapsule.js.map +1 -0
- package/packages/core/dist/capsules/types.d.ts +106 -0
- package/packages/core/dist/capsules/types.d.ts.map +1 -0
- package/packages/core/dist/capsules/types.js +2 -0
- package/packages/core/dist/capsules/types.js.map +1 -0
- package/packages/core/dist/durableWrite.d.ts +2 -0
- package/packages/core/dist/durableWrite.d.ts.map +1 -0
- package/packages/core/dist/durableWrite.js +34 -0
- package/packages/core/dist/durableWrite.js.map +1 -0
- package/packages/core/dist/errors/registry.d.ts +122 -0
- package/packages/core/dist/errors/registry.d.ts.map +1 -0
- package/packages/core/dist/errors/registry.js +206 -0
- package/packages/core/dist/errors/registry.js.map +1 -0
- package/packages/core/dist/errors/render.d.ts +3 -0
- package/packages/core/dist/errors/render.d.ts.map +1 -0
- package/packages/core/dist/errors/render.js +64 -0
- package/packages/core/dist/errors/render.js.map +1 -0
- package/packages/core/dist/errors.d.ts +5 -0
- package/packages/core/dist/errors.d.ts.map +1 -0
- package/packages/core/dist/errors.js +9 -0
- package/packages/core/dist/errors.js.map +1 -0
- package/packages/core/dist/evidence/appendEvidenceEvent.d.ts +27 -0
- package/packages/core/dist/evidence/appendEvidenceEvent.d.ts.map +1 -0
- package/packages/core/dist/evidence/appendEvidenceEvent.js +218 -0
- package/packages/core/dist/evidence/appendEvidenceEvent.js.map +1 -0
- package/packages/core/dist/evidence/assurance.d.ts +18 -0
- package/packages/core/dist/evidence/assurance.d.ts.map +1 -0
- package/packages/core/dist/evidence/assurance.js +38 -0
- package/packages/core/dist/evidence/assurance.js.map +1 -0
- package/packages/core/dist/evidence/index.d.ts +8 -0
- package/packages/core/dist/evidence/index.d.ts.map +1 -0
- package/packages/core/dist/evidence/index.js +8 -0
- package/packages/core/dist/evidence/index.js.map +1 -0
- package/packages/core/dist/evidence/jsonlLedger.d.ts +13 -0
- package/packages/core/dist/evidence/jsonlLedger.d.ts.map +1 -0
- package/packages/core/dist/evidence/jsonlLedger.js +171 -0
- package/packages/core/dist/evidence/jsonlLedger.js.map +1 -0
- package/packages/core/dist/evidence/linkEvidence.d.ts +4 -0
- package/packages/core/dist/evidence/linkEvidence.d.ts.map +1 -0
- package/packages/core/dist/evidence/linkEvidence.js +53 -0
- package/packages/core/dist/evidence/linkEvidence.js.map +1 -0
- package/packages/core/dist/evidence/replayEvidence.d.ts +6 -0
- package/packages/core/dist/evidence/replayEvidence.d.ts.map +1 -0
- package/packages/core/dist/evidence/replayEvidence.js +216 -0
- package/packages/core/dist/evidence/replayEvidence.js.map +1 -0
- package/packages/core/dist/evidence/results.d.ts +4 -0
- package/packages/core/dist/evidence/results.d.ts.map +1 -0
- package/packages/core/dist/evidence/results.js +32 -0
- package/packages/core/dist/evidence/results.js.map +1 -0
- package/packages/core/dist/evidence/types.d.ts +149 -0
- package/packages/core/dist/evidence/types.d.ts.map +1 -0
- package/packages/core/dist/evidence/types.js +2 -0
- package/packages/core/dist/evidence/types.js.map +1 -0
- package/packages/core/dist/host-profiles/claude.yml +29 -0
- package/packages/core/dist/host-profiles/codex.yml +29 -0
- package/packages/core/dist/host-profiles/copilot.yml +29 -0
- package/packages/core/dist/host-profiles/opencode.yml +29 -0
- package/packages/core/dist/hosts/conformanceStatus.d.ts +16 -0
- package/packages/core/dist/hosts/conformanceStatus.d.ts.map +1 -0
- package/packages/core/dist/hosts/conformanceStatus.js +160 -0
- package/packages/core/dist/hosts/conformanceStatus.js.map +1 -0
- package/packages/core/dist/hosts/index.d.ts +5 -0
- package/packages/core/dist/hosts/index.d.ts.map +1 -0
- package/packages/core/dist/hosts/index.js +5 -0
- package/packages/core/dist/hosts/index.js.map +1 -0
- package/packages/core/dist/hosts/loadHostProfile.d.ts +6 -0
- package/packages/core/dist/hosts/loadHostProfile.d.ts.map +1 -0
- package/packages/core/dist/hosts/loadHostProfile.js +41 -0
- package/packages/core/dist/hosts/loadHostProfile.js.map +1 -0
- package/packages/core/dist/hosts/projectHostFiles.d.ts +16 -0
- package/packages/core/dist/hosts/projectHostFiles.d.ts.map +1 -0
- package/packages/core/dist/hosts/projectHostFiles.js +272 -0
- package/packages/core/dist/hosts/projectHostFiles.js.map +1 -0
- package/packages/core/dist/hosts/types.d.ts +122 -0
- package/packages/core/dist/hosts/types.d.ts.map +1 -0
- package/packages/core/dist/hosts/types.js +2 -0
- package/packages/core/dist/hosts/types.js.map +1 -0
- package/packages/core/dist/index.d.ts +26 -0
- package/packages/core/dist/index.d.ts.map +1 -0
- package/packages/core/dist/index.js +31 -0
- package/packages/core/dist/index.js.map +1 -0
- package/packages/core/dist/init/index.d.ts +2 -0
- package/packages/core/dist/init/index.d.ts.map +1 -0
- package/packages/core/dist/init/index.js +3 -0
- package/packages/core/dist/init/index.js.map +1 -0
- package/packages/core/dist/init/scaffold.d.ts +28 -0
- package/packages/core/dist/init/scaffold.d.ts.map +1 -0
- package/packages/core/dist/init/scaffold.js +293 -0
- package/packages/core/dist/init/scaffold.js.map +1 -0
- package/packages/core/dist/markers/appendOnly.d.ts +23 -0
- package/packages/core/dist/markers/appendOnly.d.ts.map +1 -0
- package/packages/core/dist/markers/appendOnly.js +75 -0
- package/packages/core/dist/markers/appendOnly.js.map +1 -0
- package/packages/core/dist/markers/bindingSetHash.d.ts +28 -0
- package/packages/core/dist/markers/bindingSetHash.d.ts.map +1 -0
- package/packages/core/dist/markers/bindingSetHash.js +33 -0
- package/packages/core/dist/markers/bindingSetHash.js.map +1 -0
- package/packages/core/dist/markers/canonicalJson.d.ts +4 -0
- package/packages/core/dist/markers/canonicalJson.d.ts.map +1 -0
- package/packages/core/dist/markers/canonicalJson.js +51 -0
- package/packages/core/dist/markers/canonicalJson.js.map +1 -0
- package/packages/core/dist/markers/ciAuthority.d.ts +17 -0
- package/packages/core/dist/markers/ciAuthority.d.ts.map +1 -0
- package/packages/core/dist/markers/ciAuthority.js +131 -0
- package/packages/core/dist/markers/ciAuthority.js.map +1 -0
- package/packages/core/dist/markers/cli/bind.d.ts +48 -0
- package/packages/core/dist/markers/cli/bind.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/bind.js +198 -0
- package/packages/core/dist/markers/cli/bind.js.map +1 -0
- package/packages/core/dist/markers/cli/index.d.ts +9 -0
- package/packages/core/dist/markers/cli/index.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/index.js +15 -0
- package/packages/core/dist/markers/cli/index.js.map +1 -0
- package/packages/core/dist/markers/cli/io.d.ts +18 -0
- package/packages/core/dist/markers/cli/io.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/io.js +62 -0
- package/packages/core/dist/markers/cli/io.js.map +1 -0
- package/packages/core/dist/markers/cli/precommit.d.ts +32 -0
- package/packages/core/dist/markers/cli/precommit.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/precommit.js +174 -0
- package/packages/core/dist/markers/cli/precommit.js.map +1 -0
- package/packages/core/dist/markers/cli/prove.d.ts +69 -0
- package/packages/core/dist/markers/cli/prove.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/prove.js +381 -0
- package/packages/core/dist/markers/cli/prove.js.map +1 -0
- package/packages/core/dist/markers/cli/scan.d.ts +63 -0
- package/packages/core/dist/markers/cli/scan.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/scan.js +233 -0
- package/packages/core/dist/markers/cli/scan.js.map +1 -0
- package/packages/core/dist/markers/cli/shared.d.ts +25 -0
- package/packages/core/dist/markers/cli/shared.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/shared.js +123 -0
- package/packages/core/dist/markers/cli/shared.js.map +1 -0
- package/packages/core/dist/markers/cli/validateLedger.d.ts +38 -0
- package/packages/core/dist/markers/cli/validateLedger.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/validateLedger.js +81 -0
- package/packages/core/dist/markers/cli/validateLedger.js.map +1 -0
- package/packages/core/dist/markers/cli/verify.d.ts +65 -0
- package/packages/core/dist/markers/cli/verify.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/verify.js +245 -0
- package/packages/core/dist/markers/cli/verify.js.map +1 -0
- package/packages/core/dist/markers/commentPrefix.d.ts +7 -0
- package/packages/core/dist/markers/commentPrefix.d.ts.map +1 -0
- package/packages/core/dist/markers/commentPrefix.js +79 -0
- package/packages/core/dist/markers/commentPrefix.js.map +1 -0
- package/packages/core/dist/markers/constants.d.ts +10 -0
- package/packages/core/dist/markers/constants.d.ts.map +1 -0
- package/packages/core/dist/markers/constants.js +13 -0
- package/packages/core/dist/markers/constants.js.map +1 -0
- package/packages/core/dist/markers/evidenceLedger.d.ts +150 -0
- package/packages/core/dist/markers/evidenceLedger.d.ts.map +1 -0
- package/packages/core/dist/markers/evidenceLedger.js +391 -0
- package/packages/core/dist/markers/evidenceLedger.js.map +1 -0
- package/packages/core/dist/markers/freshness.d.ts +125 -0
- package/packages/core/dist/markers/freshness.d.ts.map +1 -0
- package/packages/core/dist/markers/freshness.js +605 -0
- package/packages/core/dist/markers/freshness.js.map +1 -0
- package/packages/core/dist/markers/index.d.ts +26 -0
- package/packages/core/dist/markers/index.d.ts.map +1 -0
- package/packages/core/dist/markers/index.js +38 -0
- package/packages/core/dist/markers/index.js.map +1 -0
- package/packages/core/dist/markers/keygen.d.ts +6 -0
- package/packages/core/dist/markers/keygen.d.ts.map +1 -0
- package/packages/core/dist/markers/keygen.js +18 -0
- package/packages/core/dist/markers/keygen.js.map +1 -0
- package/packages/core/dist/markers/keyring.d.ts +23 -0
- package/packages/core/dist/markers/keyring.d.ts.map +1 -0
- package/packages/core/dist/markers/keyring.js +93 -0
- package/packages/core/dist/markers/keyring.js.map +1 -0
- package/packages/core/dist/markers/markerLine.d.ts +35 -0
- package/packages/core/dist/markers/markerLine.d.ts.map +1 -0
- package/packages/core/dist/markers/markerLine.js +125 -0
- package/packages/core/dist/markers/markerLine.js.map +1 -0
- package/packages/core/dist/markers/physicalLines.d.ts +10 -0
- package/packages/core/dist/markers/physicalLines.d.ts.map +1 -0
- package/packages/core/dist/markers/physicalLines.js +48 -0
- package/packages/core/dist/markers/physicalLines.js.map +1 -0
- package/packages/core/dist/markers/policyHash.d.ts +4 -0
- package/packages/core/dist/markers/policyHash.d.ts.map +1 -0
- package/packages/core/dist/markers/policyHash.js +14 -0
- package/packages/core/dist/markers/policyHash.js.map +1 -0
- package/packages/core/dist/markers/proofSignature.d.ts +29 -0
- package/packages/core/dist/markers/proofSignature.d.ts.map +1 -0
- package/packages/core/dist/markers/proofSignature.js +106 -0
- package/packages/core/dist/markers/proofSignature.js.map +1 -0
- package/packages/core/dist/markers/reconcile.d.ts +26 -0
- package/packages/core/dist/markers/reconcile.d.ts.map +1 -0
- package/packages/core/dist/markers/reconcile.js +52 -0
- package/packages/core/dist/markers/reconcile.js.map +1 -0
- package/packages/core/dist/markers/registry.d.ts +53 -0
- package/packages/core/dist/markers/registry.d.ts.map +1 -0
- package/packages/core/dist/markers/registry.js +161 -0
- package/packages/core/dist/markers/registry.js.map +1 -0
- package/packages/core/dist/markers/rowHash.d.ts +2 -0
- package/packages/core/dist/markers/rowHash.d.ts.map +1 -0
- package/packages/core/dist/markers/rowHash.js +10 -0
- package/packages/core/dist/markers/rowHash.js.map +1 -0
- package/packages/core/dist/markers/scanner.d.ts +67 -0
- package/packages/core/dist/markers/scanner.d.ts.map +1 -0
- package/packages/core/dist/markers/scanner.js +292 -0
- package/packages/core/dist/markers/scanner.js.map +1 -0
- package/packages/core/dist/markers/schemas/binding-registry-event.schema.json +41 -0
- package/packages/core/dist/markers/schemas/freshness-status.schema.json +134 -0
- package/packages/core/dist/markers/schemas/proof-event.schema.json +170 -0
- package/packages/core/dist/markers/spanCanon.d.ts +4 -0
- package/packages/core/dist/markers/spanCanon.d.ts.map +1 -0
- package/packages/core/dist/markers/spanCanon.js +42 -0
- package/packages/core/dist/markers/spanCanon.js.map +1 -0
- package/packages/core/dist/markers/swiftFuncRecognizer.d.ts +36 -0
- package/packages/core/dist/markers/swiftFuncRecognizer.d.ts.map +1 -0
- package/packages/core/dist/markers/swiftFuncRecognizer.js +638 -0
- package/packages/core/dist/markers/swiftFuncRecognizer.js.map +1 -0
- package/packages/core/dist/markers/validators.d.ts +13 -0
- package/packages/core/dist/markers/validators.d.ts.map +1 -0
- package/packages/core/dist/markers/validators.js +64 -0
- package/packages/core/dist/markers/validators.js.map +1 -0
- package/packages/core/dist/markers/verificationContextHash.d.ts +23 -0
- package/packages/core/dist/markers/verificationContextHash.d.ts.map +1 -0
- package/packages/core/dist/markers/verificationContextHash.js +96 -0
- package/packages/core/dist/markers/verificationContextHash.js.map +1 -0
- package/packages/core/dist/markers/verifierPresets.d.ts +18 -0
- package/packages/core/dist/markers/verifierPresets.d.ts.map +1 -0
- package/packages/core/dist/markers/verifierPresets.js +71 -0
- package/packages/core/dist/markers/verifierPresets.js.map +1 -0
- package/packages/core/dist/markers/verifierResolver.d.ts +27 -0
- package/packages/core/dist/markers/verifierResolver.d.ts.map +1 -0
- package/packages/core/dist/markers/verifierResolver.js +151 -0
- package/packages/core/dist/markers/verifierResolver.js.map +1 -0
- package/packages/core/dist/migration/index.d.ts +2 -0
- package/packages/core/dist/migration/index.d.ts.map +1 -0
- package/packages/core/dist/migration/index.js +2 -0
- package/packages/core/dist/migration/index.js.map +1 -0
- package/packages/core/dist/migration/testMatrix.d.ts +42 -0
- package/packages/core/dist/migration/testMatrix.d.ts.map +1 -0
- package/packages/core/dist/migration/testMatrix.js +351 -0
- package/packages/core/dist/migration/testMatrix.js.map +1 -0
- package/packages/core/dist/package/index.d.ts +2 -0
- package/packages/core/dist/package/index.d.ts.map +1 -0
- package/packages/core/dist/package/index.js +2 -0
- package/packages/core/dist/package/index.js.map +1 -0
- package/packages/core/dist/package/inspectPackage.d.ts +67 -0
- package/packages/core/dist/package/inspectPackage.d.ts.map +1 -0
- package/packages/core/dist/package/inspectPackage.js +371 -0
- package/packages/core/dist/package/inspectPackage.js.map +1 -0
- package/packages/core/dist/presentation/candidates.d.ts +13 -0
- package/packages/core/dist/presentation/candidates.d.ts.map +1 -0
- package/packages/core/dist/presentation/candidates.js +86 -0
- package/packages/core/dist/presentation/candidates.js.map +1 -0
- package/packages/core/dist/presentation/index.d.ts +8 -0
- package/packages/core/dist/presentation/index.d.ts.map +1 -0
- package/packages/core/dist/presentation/index.js +8 -0
- package/packages/core/dist/presentation/index.js.map +1 -0
- package/packages/core/dist/presentation/items.d.ts +18 -0
- package/packages/core/dist/presentation/items.d.ts.map +1 -0
- package/packages/core/dist/presentation/items.js +228 -0
- package/packages/core/dist/presentation/items.js.map +1 -0
- package/packages/core/dist/presentation/ordering.d.ts +8 -0
- package/packages/core/dist/presentation/ordering.d.ts.map +1 -0
- package/packages/core/dist/presentation/ordering.js +31 -0
- package/packages/core/dist/presentation/ordering.js.map +1 -0
- package/packages/core/dist/presentation/planHelpers.d.ts +26 -0
- package/packages/core/dist/presentation/planHelpers.d.ts.map +1 -0
- package/packages/core/dist/presentation/planHelpers.js +62 -0
- package/packages/core/dist/presentation/planHelpers.js.map +1 -0
- package/packages/core/dist/presentation/presentationFormat.d.ts +39 -0
- package/packages/core/dist/presentation/presentationFormat.d.ts.map +1 -0
- package/packages/core/dist/presentation/presentationFormat.js +58 -0
- package/packages/core/dist/presentation/presentationFormat.js.map +1 -0
- package/packages/core/dist/presentation/renderCard.d.ts +37 -0
- package/packages/core/dist/presentation/renderCard.d.ts.map +1 -0
- package/packages/core/dist/presentation/renderCard.js +129 -0
- package/packages/core/dist/presentation/renderCard.js.map +1 -0
- package/packages/core/dist/presentation/scoring.d.ts +10 -0
- package/packages/core/dist/presentation/scoring.d.ts.map +1 -0
- package/packages/core/dist/presentation/scoring.js +82 -0
- package/packages/core/dist/presentation/scoring.js.map +1 -0
- package/packages/core/dist/presentation/selectPlan.d.ts +4 -0
- package/packages/core/dist/presentation/selectPlan.d.ts.map +1 -0
- package/packages/core/dist/presentation/selectPlan.js +122 -0
- package/packages/core/dist/presentation/selectPlan.js.map +1 -0
- package/packages/core/dist/presentation/selectShowcasePlan.d.ts +3 -0
- package/packages/core/dist/presentation/selectShowcasePlan.d.ts.map +1 -0
- package/packages/core/dist/presentation/selectShowcasePlan.js +6 -0
- package/packages/core/dist/presentation/selectShowcasePlan.js.map +1 -0
- package/packages/core/dist/presentation/selectWalkthroughPlan.d.ts +3 -0
- package/packages/core/dist/presentation/selectWalkthroughPlan.d.ts.map +1 -0
- package/packages/core/dist/presentation/selectWalkthroughPlan.js +6 -0
- package/packages/core/dist/presentation/selectWalkthroughPlan.js.map +1 -0
- package/packages/core/dist/presentation/selection.d.ts +7 -0
- package/packages/core/dist/presentation/selection.d.ts.map +1 -0
- package/packages/core/dist/presentation/selection.js +20 -0
- package/packages/core/dist/presentation/selection.js.map +1 -0
- package/packages/core/dist/presentation/snapshot.d.ts +12 -0
- package/packages/core/dist/presentation/snapshot.d.ts.map +1 -0
- package/packages/core/dist/presentation/snapshot.js +53 -0
- package/packages/core/dist/presentation/snapshot.js.map +1 -0
- package/packages/core/dist/presentation/types.d.ts +172 -0
- package/packages/core/dist/presentation/types.d.ts.map +1 -0
- package/packages/core/dist/presentation/types.js +2 -0
- package/packages/core/dist/presentation/types.js.map +1 -0
- package/packages/core/dist/redact.d.ts +11 -0
- package/packages/core/dist/redact.d.ts.map +1 -0
- package/packages/core/dist/redact.js +17 -0
- package/packages/core/dist/redact.js.map +1 -0
- package/packages/core/dist/roots.d.ts +81 -0
- package/packages/core/dist/roots.d.ts.map +1 -0
- package/packages/core/dist/roots.js +220 -0
- package/packages/core/dist/roots.js.map +1 -0
- package/packages/core/dist/schema/cliResult.d.ts +34 -0
- package/packages/core/dist/schema/cliResult.d.ts.map +1 -0
- package/packages/core/dist/schema/cliResult.js +35 -0
- package/packages/core/dist/schema/cliResult.js.map +1 -0
- package/packages/core/dist/schema/diagnostic.d.ts +26 -0
- package/packages/core/dist/schema/diagnostic.d.ts.map +1 -0
- package/packages/core/dist/schema/diagnostic.js +28 -0
- package/packages/core/dist/schema/diagnostic.js.map +1 -0
- package/packages/core/dist/schema/index.d.ts +8 -0
- package/packages/core/dist/schema/index.d.ts.map +1 -0
- package/packages/core/dist/schema/index.js +9 -0
- package/packages/core/dist/schema/index.js.map +1 -0
- package/packages/core/dist/schema/registry.d.ts +15 -0
- package/packages/core/dist/schema/registry.d.ts.map +1 -0
- package/packages/core/dist/schema/registry.js +206 -0
- package/packages/core/dist/schema/registry.js.map +1 -0
- package/packages/core/dist/schema/syntheticContracts.d.ts +3 -0
- package/packages/core/dist/schema/syntheticContracts.d.ts.map +1 -0
- package/packages/core/dist/schema/syntheticContracts.js +342 -0
- package/packages/core/dist/schema/syntheticContracts.js.map +1 -0
- package/packages/core/dist/schema/validate.d.ts +21 -0
- package/packages/core/dist/schema/validate.d.ts.map +1 -0
- package/packages/core/dist/schema/validate.js +210 -0
- package/packages/core/dist/schema/validate.js.map +1 -0
- package/packages/core/dist/schemas/v1/authority.schema.json +70 -0
- package/packages/core/dist/schemas/v1/cli-result.schema.json +30 -0
- package/packages/core/dist/schemas/v1/common.schema.json +274 -0
- package/packages/core/dist/schemas/v1/demo-capsule.schema.json +78 -0
- package/packages/core/dist/schemas/v1/evidence-append-result.schema.json +14 -0
- package/packages/core/dist/schemas/v1/evidence-event.schema.json +181 -0
- package/packages/core/dist/schemas/v1/evidence-status-result.schema.json +68 -0
- package/packages/core/dist/schemas/v1/host-profile.schema.json +94 -0
- package/packages/core/dist/schemas/v1/host-status-result.schema.json +49 -0
- package/packages/core/dist/schemas/v1/keyring.schema.json +77 -0
- package/packages/core/dist/schemas/v1/ledger.schema.json +99 -0
- package/packages/core/dist/schemas/v1/marker.schema.json +84 -0
- package/packages/core/dist/schemas/v1/matrix-list-result.schema.json +67 -0
- package/packages/core/dist/schemas/v1/matrix-mutation-result.schema.json +49 -0
- package/packages/core/dist/schemas/v1/matrix-validation-result.schema.json +77 -0
- package/packages/core/dist/schemas/v1/mcp-tool-results.schema.json +34 -0
- package/packages/core/dist/schemas/v1/migration-test-matrix-result.schema.json +76 -0
- package/packages/core/dist/schemas/v1/presentation-plan-result.schema.json +62 -0
- package/packages/core/dist/schemas/v1/presentation-plan.schema.json +259 -0
- package/packages/core/dist/schemas/v1/release-gate-result.schema.json +136 -0
- package/packages/core/dist/schemas/v1/showcase-approval-result.schema.json +5 -0
- package/packages/core/dist/schemas/v1/showcase-event-append-result.schema.json +17 -0
- package/packages/core/dist/schemas/v1/showcase-event.schema.json +235 -0
- package/packages/core/dist/schemas/v1/showcase-finish-result.schema.json +5 -0
- package/packages/core/dist/schemas/v1/showcase-run-status-result.schema.json +70 -0
- package/packages/core/dist/schemas/v1/showcase-start-result.schema.json +5 -0
- package/packages/core/dist/schemas/v1/use-case-file.schema.json +178 -0
- package/packages/core/dist/schemas/v1/workflow-mode.schema.json +16 -0
- package/packages/core/dist/schemas/v1/workspace-config.schema.json +58 -0
- package/packages/core/dist/showcase/appendShowcaseEvent.d.ts +116 -0
- package/packages/core/dist/showcase/appendShowcaseEvent.d.ts.map +1 -0
- package/packages/core/dist/showcase/appendShowcaseEvent.js +353 -0
- package/packages/core/dist/showcase/appendShowcaseEvent.js.map +1 -0
- package/packages/core/dist/showcase/approval.d.ts +2 -0
- package/packages/core/dist/showcase/approval.d.ts.map +1 -0
- package/packages/core/dist/showcase/approval.js +2 -0
- package/packages/core/dist/showcase/approval.js.map +1 -0
- package/packages/core/dist/showcase/approvalAuthority.d.ts +19 -0
- package/packages/core/dist/showcase/approvalAuthority.d.ts.map +1 -0
- package/packages/core/dist/showcase/approvalAuthority.js +46 -0
- package/packages/core/dist/showcase/approvalAuthority.js.map +1 -0
- package/packages/core/dist/showcase/index.d.ts +11 -0
- package/packages/core/dist/showcase/index.d.ts.map +1 -0
- package/packages/core/dist/showcase/index.js +11 -0
- package/packages/core/dist/showcase/index.js.map +1 -0
- package/packages/core/dist/showcase/jsonlLedger.d.ts +11 -0
- package/packages/core/dist/showcase/jsonlLedger.d.ts.map +1 -0
- package/packages/core/dist/showcase/jsonlLedger.js +50 -0
- package/packages/core/dist/showcase/jsonlLedger.js.map +1 -0
- package/packages/core/dist/showcase/planBinding.d.ts +5 -0
- package/packages/core/dist/showcase/planBinding.d.ts.map +1 -0
- package/packages/core/dist/showcase/planBinding.js +33 -0
- package/packages/core/dist/showcase/planBinding.js.map +1 -0
- package/packages/core/dist/showcase/replayRun.d.ts +5 -0
- package/packages/core/dist/showcase/replayRun.d.ts.map +1 -0
- package/packages/core/dist/showcase/replayRun.js +199 -0
- package/packages/core/dist/showcase/replayRun.js.map +1 -0
- package/packages/core/dist/showcase/results.d.ts +3 -0
- package/packages/core/dist/showcase/results.d.ts.map +1 -0
- package/packages/core/dist/showcase/results.js +4 -0
- package/packages/core/dist/showcase/results.js.map +1 -0
- package/packages/core/dist/showcase/revisionEpochs.d.ts +2 -0
- package/packages/core/dist/showcase/revisionEpochs.d.ts.map +1 -0
- package/packages/core/dist/showcase/revisionEpochs.js +2 -0
- package/packages/core/dist/showcase/revisionEpochs.js.map +1 -0
- package/packages/core/dist/showcase/startRun.d.ts +2 -0
- package/packages/core/dist/showcase/startRun.d.ts.map +1 -0
- package/packages/core/dist/showcase/startRun.js +2 -0
- package/packages/core/dist/showcase/startRun.js.map +1 -0
- package/packages/core/dist/showcase/types.d.ts +66 -0
- package/packages/core/dist/showcase/types.d.ts.map +1 -0
- package/packages/core/dist/showcase/types.js +2 -0
- package/packages/core/dist/showcase/types.js.map +1 -0
- package/packages/core/dist/skills/canonicalSkills.d.ts +3 -0
- package/packages/core/dist/skills/canonicalSkills.d.ts.map +1 -0
- package/packages/core/dist/skills/canonicalSkills.js +7 -0
- package/packages/core/dist/skills/canonicalSkills.js.map +1 -0
- package/packages/core/dist/skills/index.d.ts +4 -0
- package/packages/core/dist/skills/index.d.ts.map +1 -0
- package/packages/core/dist/skills/index.js +4 -0
- package/packages/core/dist/skills/index.js.map +1 -0
- package/packages/core/dist/skills/types.d.ts +26 -0
- package/packages/core/dist/skills/types.d.ts.map +1 -0
- package/packages/core/dist/skills/types.js +2 -0
- package/packages/core/dist/skills/types.js.map +1 -0
- package/packages/core/dist/skills/validateSkillAssets.d.ts +6 -0
- package/packages/core/dist/skills/validateSkillAssets.d.ts.map +1 -0
- package/packages/core/dist/skills/validateSkillAssets.js +218 -0
- package/packages/core/dist/skills/validateSkillAssets.js.map +1 -0
- package/packages/core/dist/useCases/integrity.d.ts +11 -0
- package/packages/core/dist/useCases/integrity.d.ts.map +1 -0
- package/packages/core/dist/useCases/integrity.js +178 -0
- package/packages/core/dist/useCases/integrity.js.map +1 -0
- package/packages/core/dist/useCases/loadUseCaseMatrix.d.ts +7 -0
- package/packages/core/dist/useCases/loadUseCaseMatrix.d.ts.map +1 -0
- package/packages/core/dist/useCases/loadUseCaseMatrix.js +74 -0
- package/packages/core/dist/useCases/loadUseCaseMatrix.js.map +1 -0
- package/packages/core/dist/useCases/mutateUseCaseMatrix.d.ts +25 -0
- package/packages/core/dist/useCases/mutateUseCaseMatrix.d.ts.map +1 -0
- package/packages/core/dist/useCases/mutateUseCaseMatrix.js +198 -0
- package/packages/core/dist/useCases/mutateUseCaseMatrix.js.map +1 -0
- package/packages/core/dist/useCases/query.d.ts +12 -0
- package/packages/core/dist/useCases/query.d.ts.map +1 -0
- package/packages/core/dist/useCases/query.js +47 -0
- package/packages/core/dist/useCases/query.js.map +1 -0
- package/packages/core/dist/useCases/types.d.ts +149 -0
- package/packages/core/dist/useCases/types.d.ts.map +1 -0
- package/packages/core/dist/useCases/types.js +2 -0
- package/packages/core/dist/useCases/types.js.map +1 -0
- package/packages/core/dist/useCases/validateUseCaseFile.d.ts +9 -0
- package/packages/core/dist/useCases/validateUseCaseFile.d.ts.map +1 -0
- package/packages/core/dist/useCases/validateUseCaseFile.js +107 -0
- package/packages/core/dist/useCases/validateUseCaseFile.js.map +1 -0
- package/packages/core/dist/version.d.ts +9 -0
- package/packages/core/dist/version.d.ts.map +1 -0
- package/packages/core/dist/version.js +17 -0
- package/packages/core/dist/version.js.map +1 -0
- package/packages/core/package.json +39 -0
- package/packages/mcp/README.md +48 -0
- package/packages/mcp/dist/index.d.ts +20 -0
- package/packages/mcp/dist/index.d.ts.map +1 -0
- package/packages/mcp/dist/index.js +180 -0
- package/packages/mcp/dist/index.js.map +1 -0
- package/packages/mcp/dist/prompts.d.ts +32 -0
- package/packages/mcp/dist/prompts.d.ts.map +1 -0
- package/packages/mcp/dist/prompts.js +199 -0
- package/packages/mcp/dist/prompts.js.map +1 -0
- package/packages/mcp/dist/resources.d.ts +22 -0
- package/packages/mcp/dist/resources.d.ts.map +1 -0
- package/packages/mcp/dist/resources.js +342 -0
- package/packages/mcp/dist/resources.js.map +1 -0
- package/packages/mcp/dist/toolHandlers.d.ts +28 -0
- package/packages/mcp/dist/toolHandlers.d.ts.map +1 -0
- package/packages/mcp/dist/toolHandlers.js +592 -0
- package/packages/mcp/dist/toolHandlers.js.map +1 -0
- package/packages/mcp/dist/toolSchemas.d.ts +23 -0
- package/packages/mcp/dist/toolSchemas.d.ts.map +1 -0
- package/packages/mcp/dist/toolSchemas.js +223 -0
- package/packages/mcp/dist/toolSchemas.js.map +1 -0
- package/packages/mcp/dist/tools.d.ts +22 -0
- package/packages/mcp/dist/tools.d.ts.map +1 -0
- package/packages/mcp/dist/tools.js +65 -0
- package/packages/mcp/dist/tools.js.map +1 -0
- package/packages/mcp/package.json +38 -0
- package/plugin.json +6 -0
- package/schemas/v1/authority.schema.json +70 -0
- package/schemas/v1/cli-result.schema.json +30 -0
- package/schemas/v1/common.schema.json +274 -0
- package/schemas/v1/demo-capsule.schema.json +78 -0
- package/schemas/v1/evidence-append-result.schema.json +14 -0
- package/schemas/v1/evidence-event.schema.json +181 -0
- package/schemas/v1/evidence-status-result.schema.json +68 -0
- package/schemas/v1/host-profile.schema.json +94 -0
- package/schemas/v1/host-status-result.schema.json +49 -0
- package/schemas/v1/keyring.schema.json +77 -0
- package/schemas/v1/ledger.schema.json +99 -0
- package/schemas/v1/marker.schema.json +84 -0
- package/schemas/v1/matrix-list-result.schema.json +67 -0
- package/schemas/v1/matrix-mutation-result.schema.json +49 -0
- package/schemas/v1/matrix-validation-result.schema.json +77 -0
- package/schemas/v1/mcp-tool-results.schema.json +34 -0
- package/schemas/v1/migration-test-matrix-result.schema.json +76 -0
- package/schemas/v1/presentation-plan-result.schema.json +62 -0
- package/schemas/v1/presentation-plan.schema.json +259 -0
- package/schemas/v1/release-gate-result.schema.json +136 -0
- package/schemas/v1/showcase-approval-result.schema.json +5 -0
- package/schemas/v1/showcase-event-append-result.schema.json +17 -0
- package/schemas/v1/showcase-event.schema.json +235 -0
- package/schemas/v1/showcase-finish-result.schema.json +5 -0
- package/schemas/v1/showcase-run-status-result.schema.json +70 -0
- package/schemas/v1/showcase-start-result.schema.json +5 -0
- package/schemas/v1/use-case-file.schema.json +178 -0
- package/schemas/v1/workflow-mode.schema.json +16 -0
- package/schemas/v1/workspace-config.schema.json +58 -0
- package/use-cases/capsule/demos.yml +212 -0
- package/use-cases/capsule/runner.yml +49 -0
- package/use-cases/diagnostics/contracts.yml +239 -0
- package/use-cases/evidence/core.yml +32 -0
- package/use-cases/evidence/ledger.yml +330 -0
- package/use-cases/hosts/profiles.yml +365 -0
- package/use-cases/hosts/projections.yml +96 -0
- package/use-cases/lifecycle/loop.yml +229 -0
- package/use-cases/matrix/core.yml +92 -0
- package/use-cases/matrix/product.yml +289 -0
- package/use-cases/mcp/surface.yml +257 -0
- package/use-cases/mcp/wrapper.yml +100 -0
- package/use-cases/migration/importer.yml +171 -0
- package/use-cases/migration/test-matrix.yml +32 -0
- package/use-cases/planning/cards.yml +215 -0
- package/use-cases/release/package.yml +80 -0
- package/use-cases/release/proof.yml +180 -0
- package/use-cases/roadmap/deferred.yml +184 -0
- package/use-cases/showcase/flow.yml +269 -0
- package/use-cases/showcase/live.yml +44 -0
- package/use-cases/skills/assets.yml +92 -0
- package/use-cases.yml +9 -0
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
# ADR 0004: P3 Evidence Ledger Contracts
|
|
2
|
+
|
|
3
|
+
## Status
|
|
4
|
+
|
|
5
|
+
Accepted.
|
|
6
|
+
|
|
7
|
+
## Context
|
|
8
|
+
|
|
9
|
+
P3 records observed proof as append-only JSONL and derives current evidence
|
|
10
|
+
state mechanically. Evidence must not become approval, verification-policy
|
|
11
|
+
satisfaction, or final sign-off.
|
|
12
|
+
|
|
13
|
+
An external reasoning model reviewed P3 before implementation and identified fail-open risks in loose
|
|
14
|
+
replay ordering, damaged-line handling, and idempotency scope.
|
|
15
|
+
|
|
16
|
+
## Decision
|
|
17
|
+
|
|
18
|
+
Evidence replay uses aggregate `sequence` as the sole order authority.
|
|
19
|
+
`recorded_at` is audit/display metadata, and `event_id` is identity only. A
|
|
20
|
+
duplicate or missing aggregate sequence invalidates that aggregate.
|
|
21
|
+
|
|
22
|
+
Replay continues after damaged ledger input to recover inspectable state, but
|
|
23
|
+
damage is not hidden:
|
|
24
|
+
|
|
25
|
+
```text
|
|
26
|
+
torn final line
|
|
27
|
+
excluded from replay
|
|
28
|
+
complete=false
|
|
29
|
+
|
|
30
|
+
unparseable complete line
|
|
31
|
+
unknown_scope_damage=true
|
|
32
|
+
complete=false
|
|
33
|
+
|
|
34
|
+
invalid aggregate history
|
|
35
|
+
affected aggregate status=invalid
|
|
36
|
+
complete=false
|
|
37
|
+
```
|
|
38
|
+
|
|
39
|
+
Normal append operations use a data-root-wide evidence append lock:
|
|
40
|
+
|
|
41
|
+
```text
|
|
42
|
+
evidence/.locks/append.lock
|
|
43
|
+
```
|
|
44
|
+
|
|
45
|
+
That lock covers replay, idempotency lookup, event generation, sequence
|
|
46
|
+
allocation, append, file fsync, and result construction. P3 reports the actual
|
|
47
|
+
durability class it achieved.
|
|
48
|
+
|
|
49
|
+
Idempotency scope is:
|
|
50
|
+
|
|
51
|
+
```text
|
|
52
|
+
data_root + operation intent + idempotency_key
|
|
53
|
+
```
|
|
54
|
+
|
|
55
|
+
The persisted `intent_digest` excludes generated fields such as `event_id`,
|
|
56
|
+
`sequence`, `recorded_at`, aggregate ID, and storage path. A retry with the same
|
|
57
|
+
key and same digest returns the original event and appends nothing. A retry with
|
|
58
|
+
the same key and a different digest fails closed.
|
|
59
|
+
|
|
60
|
+
Evidence targets stable use-case IDs and captures the P2 semantic hash at the
|
|
61
|
+
time of evidence recording. Matrix linkage is a separate operation from replay:
|
|
62
|
+
|
|
63
|
+
```text
|
|
64
|
+
replay evidence
|
|
65
|
+
independent of current YAML/files
|
|
66
|
+
|
|
67
|
+
link evidence to matrix
|
|
68
|
+
resolves IDs/scenarios through P2
|
|
69
|
+
compares semantic hash freshness input
|
|
70
|
+
```
|
|
71
|
+
|
|
72
|
+
Assurance is represented as deterministic facets and a convenience class. P3
|
|
73
|
+
does not emit approval, user sign-off, verification-satisfied, final-pass, or
|
|
74
|
+
policy-satisfied state.
|
|
75
|
+
|
|
76
|
+
## Consequences
|
|
77
|
+
|
|
78
|
+
P4 can wrap evidence append/status as stable CLI JSON without inventing replay
|
|
79
|
+
semantics.
|
|
80
|
+
|
|
81
|
+
P9 can expose MCP tools safely because evidence recording cannot impersonate
|
|
82
|
+
user approval.
|
|
83
|
+
|
|
84
|
+
Later showcase and verification layers can combine P2 intended behavior and P3
|
|
85
|
+
evidence history without changing the append-only ledger contract.
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
# ADR 0005: P4 CLI Contract Semantics
|
|
2
|
+
|
|
3
|
+
## Status
|
|
4
|
+
|
|
5
|
+
Accepted.
|
|
6
|
+
|
|
7
|
+
## Context
|
|
8
|
+
|
|
9
|
+
P4 makes the CLI the normative public contract that later MCP tools will reuse.
|
|
10
|
+
P2 and P3 already expose schema-backed JSON envelopes, so P4 must refine the
|
|
11
|
+
existing contract without introducing a second envelope shape.
|
|
12
|
+
|
|
13
|
+
An external reasoning model reviewed P4 before implementation and found that the plan conflated
|
|
14
|
+
command execution success, domain validity, input completeness, and process
|
|
15
|
+
exit status.
|
|
16
|
+
|
|
17
|
+
## Decision
|
|
18
|
+
|
|
19
|
+
The v1 JSON envelope remains:
|
|
20
|
+
|
|
21
|
+
```text
|
|
22
|
+
schema_version
|
|
23
|
+
protocol_version
|
|
24
|
+
command
|
|
25
|
+
ok
|
|
26
|
+
complete
|
|
27
|
+
data
|
|
28
|
+
diagnostics
|
|
29
|
+
context
|
|
30
|
+
```
|
|
31
|
+
|
|
32
|
+
Meanings are separate:
|
|
33
|
+
|
|
34
|
+
```text
|
|
35
|
+
ok
|
|
36
|
+
the requested command contract executed successfully
|
|
37
|
+
|
|
38
|
+
complete
|
|
39
|
+
every relevant input was safely considered
|
|
40
|
+
|
|
41
|
+
data.*
|
|
42
|
+
command-specific domain result
|
|
43
|
+
|
|
44
|
+
exit status
|
|
45
|
+
shell-level classification
|
|
46
|
+
```
|
|
47
|
+
|
|
48
|
+
For example, `matrix validate` on damaged input exits `1`, keeps `ok:true`,
|
|
49
|
+
sets `complete:false`, and returns `data.valid:false`.
|
|
50
|
+
|
|
51
|
+
Strict mode is an integrity policy. It does not change parsing, diagnostics, or
|
|
52
|
+
domain state; it only changes whether incomplete state is accepted for the
|
|
53
|
+
requested operation.
|
|
54
|
+
|
|
55
|
+
Workflow mode is advisory configuration, not evidence history. `workflow
|
|
56
|
+
set-mode` updates the owning workspace config atomically and persists canonical
|
|
57
|
+
P1 enum values. It cannot relax schema validation, path policy, evidence
|
|
58
|
+
integrity, strictness, or approval requirements.
|
|
59
|
+
|
|
60
|
+
P4 also adds read-only `doctor roots`, composed `matrix status`, and evidence
|
|
61
|
+
voiding. Evidence void appends a terminal event and leaves prior JSONL bytes
|
|
62
|
+
unchanged.
|
|
63
|
+
|
|
64
|
+
## Consequences
|
|
65
|
+
|
|
66
|
+
P9 can map MCP calls onto the same CLI/application semantics without treating
|
|
67
|
+
negative domain results as transport failures.
|
|
68
|
+
|
|
69
|
+
Future presentation and showcase layers can rely on workflow mode as guidance
|
|
70
|
+
only, not as a hidden enforcement switch.
|
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
# ADR 0006 — Trusted user-approval path (showcase sign-off)
|
|
2
|
+
|
|
3
|
+
Status: proposed (roadmap row `roadmap.deferred.trusted_host_confirmation_path`).
|
|
4
|
+
|
|
5
|
+
## Context
|
|
6
|
+
|
|
7
|
+
A showcase run can require user approval (`approval_policy.mode: predefined`,
|
|
8
|
+
`approver_type: user`). The trust thesis is: an autonomous agent may **perform
|
|
9
|
+
and record** work but must **not be able to mint a human's sign-off**.
|
|
10
|
+
|
|
11
|
+
Today the negative half holds and the positive half is missing:
|
|
12
|
+
|
|
13
|
+
- `appendShowcaseApproval` accepts an approval only from a **trusted authority**
|
|
14
|
+
(`trusted_interactive_cli` with `stdinIsTty && confirmed`, or
|
|
15
|
+
`trusted_host_token` with `verified`); anything else is `untrusted_automation`
|
|
16
|
+
and is rejected with `showcase.trusted_user_confirmation_required`.
|
|
17
|
+
- But the **CLI `showcase approve` hard-codes `authority: untrusted_automation`**.
|
|
18
|
+
There is no code path that ever produces a trusted authority. So a real human
|
|
19
|
+
cannot grant sign-off either — user-required runs sit at `approval_state:
|
|
20
|
+
pending` forever.
|
|
21
|
+
|
|
22
|
+
This ADR records the design for the path that lets a real human approve while an
|
|
23
|
+
agent cannot — without weakening the guarantee.
|
|
24
|
+
|
|
25
|
+
## Decision
|
|
26
|
+
|
|
27
|
+
Approval trust comes from a **non-forgeable signed token**, not from "a process
|
|
28
|
+
saw a `y` on a TTY". The boundary is: a trusted issuer **outside the agent's
|
|
29
|
+
controllable I/O** signs an approval statement **bound to the exact run**
|
|
30
|
+
(run id, ledger head, evidence digest, git commit, CI-freshness digest, a
|
|
31
|
+
short-lived single-use nonce). The plugin **verifies** the signature against a
|
|
32
|
+
protected keyring (the same model already used for CI freshness proof).
|
|
33
|
+
|
|
34
|
+
### Why not TTY confirmation
|
|
35
|
+
|
|
36
|
+
A modern coding agent already drives interactive terminals — it can allocate a
|
|
37
|
+
pseudo-TTY, read the prompt, and type the answer. A randomized challenge phrase
|
|
38
|
+
only converts *blind* automation into *interactive* automation, which agents
|
|
39
|
+
already are. TTY confirmation is therefore a **speed bump, not a trust root**: it
|
|
40
|
+
defends against pipes / `yes` / CI / blind scripts, never against an agent that
|
|
41
|
+
controls the terminal.
|
|
42
|
+
|
|
43
|
+
### Invariant (load-bearing)
|
|
44
|
+
|
|
45
|
+
The verifier **computes** trust; it must **never** accept a caller-supplied
|
|
46
|
+
`verified`/`confirmed` boolean. The current `TrustedApprovalAuthority` type
|
|
47
|
+
(`{ kind: "trusted_host_token"; token; verified: boolean }`) is a footgun — the
|
|
48
|
+
boolean is asserted by the caller. The future implementation MUST replace it with
|
|
49
|
+
a caller input that carries only the token, and a verifier that derives
|
|
50
|
+
`verified` from a signature check. (No code path constructs a trusted token
|
|
51
|
+
today, so this is latent, not yet exploitable — but it must not ship wired.)
|
|
52
|
+
|
|
53
|
+
### Assurance levels, not a boolean
|
|
54
|
+
|
|
55
|
+
Replace `trusted iff stdinIsTty && confirmed` with explicit tiers, and let
|
|
56
|
+
`approval_policy` choose the floor:
|
|
57
|
+
|
|
58
|
+
| Authority input | Assurance | trustedForHumanSignoff |
|
|
59
|
+
|---|---|---|
|
|
60
|
+
| `untrusted_automation` | none | false |
|
|
61
|
+
| `interactive_cli_challenge` (hardened TTY) | `same_channel_operator_confirmation` (agent-spoofable) | **false** |
|
|
62
|
+
| `host_signed_approval_token` (verified) | `trusted_host_user_presence` | true |
|
|
63
|
+
| `webauthn_approval_assertion` (UP/UV) | `hardware_user_presence_or_verification` | true |
|
|
64
|
+
|
|
65
|
+
`trusted_interactive_cli` is **relabelled** to make its spoofability explicit; it
|
|
66
|
+
is excluded from any policy that requires non-spoofable human sign-off.
|
|
67
|
+
|
|
68
|
+
### Flow
|
|
69
|
+
|
|
70
|
+
```
|
|
71
|
+
agent / CLI / MCP may REQUEST approval
|
|
72
|
+
-> ApprovalRequested { run_id, showcase_id, ledger_head_hash, evidence_digest,
|
|
73
|
+
git_commit, ci_freshness_digest, nonce, exp }
|
|
74
|
+
-> trusted issuer confirms with a real human OUTSIDE agent control
|
|
75
|
+
(host dialog / OS auth / WebAuthn / out-of-band page)
|
|
76
|
+
-> issuer signs an approval token bound to that exact request
|
|
77
|
+
-> plugin verifies signature against the protected keyring + checks
|
|
78
|
+
audience, run binding, nonce/jti single-use, expiry, policy floor
|
|
79
|
+
-> append ApprovalGranted
|
|
80
|
+
```
|
|
81
|
+
|
|
82
|
+
### MCP
|
|
83
|
+
|
|
84
|
+
MCP **elicitation** is the UX transport, not the proof. A raw `accept` from an
|
|
85
|
+
MCP client is protocol data, not a human signature. Elicitation (form mode, or
|
|
86
|
+
URL mode for out-of-band) requests the approval and shows context; the proof is
|
|
87
|
+
the resulting signed token the plugin verifies.
|
|
88
|
+
|
|
89
|
+
## Ranked build plan
|
|
90
|
+
|
|
91
|
+
1. `ApprovalRequested` object (nonce + run/evidence/ledger digest binding) and a
|
|
92
|
+
**signed approval-token verifier** (reuse the existing keyring/Ed25519 infra).
|
|
93
|
+
2. A **local approval broker / host token issuer** — signing key outside the
|
|
94
|
+
workspace (OS keychain / hardware-backed), native dialog or browser page,
|
|
95
|
+
optional WebAuthn.
|
|
96
|
+
3. **MCP elicitation** integration that hands off to the issuer.
|
|
97
|
+
4. **Hardened TTY** (`/dev/tty`, both ends ttys, randomized single-use challenge,
|
|
98
|
+
nonce-bound) as a clearly-labelled **weak** fallback, excluded from
|
|
99
|
+
non-spoofable-required policies.
|
|
100
|
+
|
|
101
|
+
Defer: WebAuthn-only mode, separate-device approval, org key policy + revocation,
|
|
102
|
+
approval transparency log, multi-approver quorum.
|
|
103
|
+
|
|
104
|
+
## Threat boundary
|
|
105
|
+
|
|
106
|
+
| Boundary | Agent can spoof? |
|
|
107
|
+
|---|---|
|
|
108
|
+
| CLI flag / stdin / `/dev/tty` prompt / TTY challenge | yes (agent drives the terminal) |
|
|
109
|
+
| MCP raw `accept` | depends on client; not proof alone |
|
|
110
|
+
| Host-signed token (protected key) | no, unless host/key compromised |
|
|
111
|
+
| WebAuthn / OS biometric assertion | much harder |
|
|
112
|
+
| Separate-device approval | hardest locally |
|
|
113
|
+
|
|
114
|
+
## Product language
|
|
115
|
+
|
|
116
|
+
> "An agent can REQUEST approval but cannot MINT it. Trusted approvals require a
|
|
117
|
+
> signed confirmation from a configured approval issuer."
|
|
118
|
+
|
|
119
|
+
Never claim "a terminal prompt proves a human approved."
|
|
120
|
+
|
|
121
|
+
## Provenance
|
|
122
|
+
|
|
123
|
+
Design reviewed with an external reasoning model. This ADR is
|
|
124
|
+
the spec for `roadmap.deferred.trusted_host_confirmation_path`; the row stays
|
|
125
|
+
`lifecycle: planned` until the verifier + an issuer ship.
|
package/docs/cli.md
ADDED
|
@@ -0,0 +1,108 @@
|
|
|
1
|
+
# CLI Reference
|
|
2
|
+
|
|
3
|
+
All commands use JSON envelopes with `schema_version`, `protocol_version`,
|
|
4
|
+
`command`, `ok`, `complete`, `data`, `diagnostics`, and `context`.
|
|
5
|
+
|
|
6
|
+
## Onboarding
|
|
7
|
+
|
|
8
|
+
- `uc init [--repo <dir>] [--template generic|js-vitest|python-pytest|go-test] [--component <id>] [--force] [--json]`:
|
|
9
|
+
scaffold a minimal working workspace — a `use-cases.yml` (with a
|
|
10
|
+
`verifiers.default` matching the template) and a `use-cases/example.yml` whose
|
|
11
|
+
one row already validates. The scaffolded workspace passes `matrix validate`
|
|
12
|
+
immediately. `init` never generates or writes a private key and never creates
|
|
13
|
+
the GitHub workflow; it prints the next steps (key setup, CI workflow) instead.
|
|
14
|
+
It refuses to overwrite an existing `use-cases.yml` unless `--force`
|
|
15
|
+
is given. Omit `--json` for a human-readable summary.
|
|
16
|
+
|
|
17
|
+
## Matrix
|
|
18
|
+
|
|
19
|
+
- `matrix validate --repo <path> --json`: load all sharded YAML use cases and
|
|
20
|
+
report structural integrity.
|
|
21
|
+
- `matrix list --repo <path> --json`: list addressable use cases. Filters:
|
|
22
|
+
`--value`, `--journey-role`, `--lifecycle`, `--host`, `--tag`,
|
|
23
|
+
`--changed-path`.
|
|
24
|
+
- `matrix status --repo <path> --json`: combine matrix integrity and evidence
|
|
25
|
+
replay status.
|
|
26
|
+
- `matrix upsert --repo <path> --file <path> (--use-case-json <json> | --use-case-file <path>) --json`:
|
|
27
|
+
add or update one use-case entry in an existing feature file. `--file` is the
|
|
28
|
+
destination feature YAML; supply the row payload either inline with
|
|
29
|
+
`--use-case-json '{...}'` or from a JSON file with `--use-case-file <path>`.
|
|
30
|
+
A row with `lifecycle: active` must include the conditionally-required fields
|
|
31
|
+
(`actor`, `intent`, `preconditions`, `trigger`, `scenarios`,
|
|
32
|
+
`observable_outcomes`, `host_applicability`, `verification_policy`,
|
|
33
|
+
`approval_policy`).
|
|
34
|
+
- `matrix remove --repo <path> --use-case <id> --reason <text> --json`:
|
|
35
|
+
mark a use case as `removed`. This is a lifecycle change, not physical
|
|
36
|
+
deletion.
|
|
37
|
+
|
|
38
|
+
## Evidence
|
|
39
|
+
|
|
40
|
+
- `evidence record --repo <path> --use-case <id> --kind <kind> --result <result> --json`
|
|
41
|
+
appends one evidence event.
|
|
42
|
+
- `evidence status --repo <path> --json` replays append-only JSONL history.
|
|
43
|
+
- `evidence void --repo <path> --evidence <id> --expected-head <event-id> --reason <text> --json`
|
|
44
|
+
records a correction event without deleting history.
|
|
45
|
+
|
|
46
|
+
## Markers & Trust
|
|
47
|
+
|
|
48
|
+
The trust flow ties a behaviour row to code and marks it `FRESH` only when trusted
|
|
49
|
+
CI has signed proof that the current code, binding, and verifier still match. The
|
|
50
|
+
signing key must be a PKCS8 ed25519 PEM — see
|
|
51
|
+
[key management](./security/key-management.md) for how to generate one.
|
|
52
|
+
|
|
53
|
+
- `uc bind --row <id> --file <path> --mode explicit --start-line <n> --end-line <n> [--repo <path>] [--json]`:
|
|
54
|
+
bind a row to a code span. `--mode explicit` inserts `//: @use-case: <id>` …
|
|
55
|
+
`//: @use-case: end <id>` markers around the span (the comment prefix is inferred
|
|
56
|
+
per file type). Use `--register-existing` to register a span whose markers are
|
|
57
|
+
already present in the file instead of inserting new ones. Note: inserting the
|
|
58
|
+
opening marker shifts the file's line numbers down by one, so a later `scan`
|
|
59
|
+
reports the span one line below the `--start-line`/`--end-line` you passed —
|
|
60
|
+
that is expected, not drift.
|
|
61
|
+
- `uc scan [--repo <path>] [--public-key <pem>] [--keyring <path>] [--json]`:
|
|
62
|
+
derive each row's freshness — `FRESH` / `SUSPECT` / `UNPROVEN` / `UNBOUND` /
|
|
63
|
+
`INVALID` — from the current code, the binding registry, and the proof ledger.
|
|
64
|
+
Without a trusted `--public-key` (or `--keyring`), signed proofs read `UNPROVEN`
|
|
65
|
+
(the tool never trusts a signature it cannot verify).
|
|
66
|
+
- `uc verify [--row <id> | --all] --out <path> [--repo <path>] [--json]`: run each
|
|
67
|
+
bound row's verifier command and write an **unsigned** verification-results
|
|
68
|
+
ledger (one JSONL record per row). This is the step that actually executes tests.
|
|
69
|
+
- `uc prove (--row <id> | --all) --verification-results <path> --trusted-ci --signing-key-env <ENV> [--key-id <id>] [--append] [--repo <path>] [--json]`:
|
|
70
|
+
mint **signed** ed25519 proof events from the `verify` results. Signing is
|
|
71
|
+
CI-only: the private key is read from the named environment variable and never
|
|
72
|
+
written to disk. A present-but-malformed key returns a `signing_key.invalid`
|
|
73
|
+
diagnostic rather than crashing.
|
|
74
|
+
- `uc validate-ledger [--repo <path>] [--json]`: check the append-only proof/
|
|
75
|
+
evidence ledger for integrity (hash-chain, ordering, signature shape).
|
|
76
|
+
|
|
77
|
+
## Planning And Showcases
|
|
78
|
+
|
|
79
|
+
- `plan showcase --repo <path> --json` selects high-value live-demo items.
|
|
80
|
+
- `plan walkthrough --repo <path> --json` selects broader review coverage.
|
|
81
|
+
- `plan cards --repo <path> --plan-file <path> --json` renders presentation cards
|
|
82
|
+
from a saved plan file.
|
|
83
|
+
- `capsule validate|list|plan --repo <path> --json` works with persisted demo
|
|
84
|
+
capsules.
|
|
85
|
+
- `capsule run --repo <path> --capsule <id> --json` performs a persisted demo
|
|
86
|
+
capsule as a live showcase run. Command steps stay pending unless
|
|
87
|
+
`--execute-commands` is passed and the capsule permits command execution.
|
|
88
|
+
- `showcase start|record-observation|record-verdict|decide|pause|resume|finish|approve|reject|correct`
|
|
89
|
+
records a mechanical showcase run ledger.
|
|
90
|
+
|
|
91
|
+
## Hosts And Doctors
|
|
92
|
+
|
|
93
|
+
- `host project --host <host> --repo <path> --dry-run|--write|--revert --json`
|
|
94
|
+
projects or removes thin activation stubs.
|
|
95
|
+
- `host doctor --host <host> --repo <path> --json` checks profile and projection
|
|
96
|
+
visibility.
|
|
97
|
+
- `host conformance --host <host> --repo <path> --json` checks one profile.
|
|
98
|
+
- `host conformance --all --repo <path> --json` checks Claude, Codex, Copilot,
|
|
99
|
+
and OpenCode.
|
|
100
|
+
- `doctor roots|skills|package --repo <path> --json` checks workspace roots,
|
|
101
|
+
canonical skills, and release packaging.
|
|
102
|
+
|
|
103
|
+
## Migration
|
|
104
|
+
|
|
105
|
+
- `migrate test-matrix --repo <path> --source TEST-MATRIX.md --dry-run --json`
|
|
106
|
+
previews draft use cases.
|
|
107
|
+
- `migrate test-matrix --repo <path> --source TEST-MATRIX.md --out use-cases/_migrated --write --json`
|
|
108
|
+
writes reviewed draft YAML. Old status and evidence stay review context only.
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
# Data Model
|
|
2
|
+
|
|
3
|
+
Project data lives under the configured `data_root`; installed plugin code is
|
|
4
|
+
read-only.
|
|
5
|
+
|
|
6
|
+
## Directory layout at a glance
|
|
7
|
+
|
|
8
|
+
Two pairs of similarly-named paths are deliberately distinct — the dot-prefixed
|
|
9
|
+
ones are tool-managed machine state (like `.git`), the others are yours:
|
|
10
|
+
|
|
11
|
+
| Path | Owner | Holds |
|
|
12
|
+
|---|---|---|
|
|
13
|
+
| `use-cases/` | you (authored) | the sharded use-case matrix YAML |
|
|
14
|
+
| `.use-cases/` | the tool (machine state) | the code-marker **binding registry** + **signed proof** ledger + the trusted public key |
|
|
15
|
+
| `evidence/` | the tool (append-only) | **use-case evidence** events (observations, results) keyed by id |
|
|
16
|
+
| `showcase-runs/` | the tool (append-only) | performed **showcase run** event ledgers |
|
|
17
|
+
|
|
18
|
+
Don't confuse `evidence/` with the proof ledger: `evidence/` holds **use-case
|
|
19
|
+
evidence** (observations attached to use cases), while `.use-cases/proofs.jsonl`
|
|
20
|
+
is the marker-freshness **proof** ledger (CI-signed). The names now make the
|
|
21
|
+
distinction plain — proofs vs evidence. Both are append-only and content-addressed.
|
|
22
|
+
|
|
23
|
+
## Use Cases
|
|
24
|
+
|
|
25
|
+
Use cases are sharded YAML files under `use-cases/`. Each file describes one
|
|
26
|
+
feature and one or more behavior rows. Active rows include actor, intent,
|
|
27
|
+
scenarios, observable outcomes, host applicability, verification policy, and
|
|
28
|
+
approval policy.
|
|
29
|
+
|
|
30
|
+
Damaged YAML does not bring the matrix down. Valid siblings stay addressable and
|
|
31
|
+
diagnostics explain damaged files, duplicate IDs, broken references, and unsafe
|
|
32
|
+
paths.
|
|
33
|
+
|
|
34
|
+
## Evidence
|
|
35
|
+
|
|
36
|
+
Evidence is append-only JSONL under `evidence/`. Corrections, voids,
|
|
37
|
+
invalidations, and supersessions are new events. Normal workflows do not rewrite
|
|
38
|
+
or delete old lines.
|
|
39
|
+
|
|
40
|
+
## Showcases
|
|
41
|
+
|
|
42
|
+
Showcase runs are append-only JSONL under `showcase-runs/<run-id>/events.jsonl`.
|
|
43
|
+
Prepared plans are not proof. A run becomes proof only after observations,
|
|
44
|
+
verdicts, finish events, and any required approval are recorded.
|
|
45
|
+
|
|
46
|
+
## Demo Capsules
|
|
47
|
+
|
|
48
|
+
Demo capsules are optional persisted scripts under `demo-capsules/`. Most runs
|
|
49
|
+
can stay ad hoc; persisted capsules are best for smoke demos and common golden
|
|
50
|
+
paths.
|
|
51
|
+
|
|
52
|
+
## Host Profiles
|
|
53
|
+
|
|
54
|
+
Host profiles under `hosts/` define expectations for Claude, Codex, Copilot,
|
|
55
|
+
and OpenCode. A profile is not support proof. Conformance and evidence state are
|
|
56
|
+
separate.
|