@deftai/directive-content 0.59.0 → 0.61.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.githooks/pre-commit +10 -128
- package/.githooks/pre-push +8 -108
- package/Taskfile.yml +48 -58
- package/UPGRADING.md +19 -3
- package/docs/assets/directive-lifecycle-diagram.png +0 -0
- package/docs/directive-lifecycle.md +73 -0
- package/docs/getting-started.md +5 -1
- package/package.json +3 -3
- package/packs/skills/skills-pack-0.1.json +1 -1
- package/packs/strategies/strategies-pack-0.1.json +19 -19
- package/scm/github.md +37 -6
- package/skills/deft-directive-setup/SKILL.md +24 -15
- package/strategies/speckit.md +14 -14
- package/strategies/v0-20-contract.md +12 -1
- package/tasks/change.yml +16 -31
- package/tasks/ci.yml +8 -0
- package/tasks/commit.yml +12 -19
- package/tasks/core.yml +10 -0
- package/tasks/engine.yml +42 -0
- package/tasks/framework.yml +3 -0
- package/tasks/install.yml +20 -19
- package/tasks/migrate.yml +26 -15
- package/tasks/project.yml +26 -0
- package/tasks/toolchain.yml +15 -5
- package/tasks/vbrief.yml +4 -3
- package/tasks/verify.yml +12 -14
- package/templates/agents-entry.md +1 -1
- package/scripts/_agents_md.py +0 -494
- package/scripts/_cache_fetch.py +0 -635
- package/scripts/_cache_quota.py +0 -529
- package/scripts/_cache_refresh.py +0 -163
- package/scripts/_cache_validate.py +0 -209
- package/scripts/_content_root.py +0 -42
- package/scripts/_doctor_state.py +0 -277
- package/scripts/_event_detect.py +0 -305
- package/scripts/_events.py +0 -514
- package/scripts/_lifecycle_hygiene.py +0 -568
- package/scripts/_pathspec.py +0 -91
- package/scripts/_policy_show_cli.py +0 -266
- package/scripts/_precutover.py +0 -92
- package/scripts/_project_context.py +0 -224
- package/scripts/_project_definition_io.py +0 -164
- package/scripts/_relocate_snapshot.py +0 -209
- package/scripts/_relocate_states.py +0 -343
- package/scripts/_resolve_preflight_path.py +0 -152
- package/scripts/_safe_subprocess.py +0 -167
- package/scripts/_session_start_hook.py +0 -205
- package/scripts/_sor_gate_diff.py +0 -365
- package/scripts/_stdio_utf8.py +0 -59
- package/scripts/_triage_bootstrap_gitignore.py +0 -904
- package/scripts/_triage_classify_cli.py +0 -122
- package/scripts/_triage_queue_cli.py +0 -625
- package/scripts/_triage_scope_cli.py +0 -343
- package/scripts/_triage_scope_drift_cli.py +0 -121
- package/scripts/_triage_scope_ignores.py +0 -286
- package/scripts/_triage_scope_milestone.py +0 -432
- package/scripts/_triage_scope_mutations.py +0 -337
- package/scripts/_triage_scope_renderers.py +0 -207
- package/scripts/_triage_smoketest_stages.py +0 -674
- package/scripts/_triage_subscribe_cli.py +0 -140
- package/scripts/_triage_welcome_cli.py +0 -421
- package/scripts/_vbrief_build.py +0 -239
- package/scripts/_vbrief_fidelity.py +0 -479
- package/scripts/_vbrief_legacy.py +0 -589
- package/scripts/_vbrief_reconciliation.py +0 -883
- package/scripts/_vbrief_routing.py +0 -277
- package/scripts/_vbrief_safety.py +0 -778
- package/scripts/_vbrief_sources.py +0 -312
- package/scripts/_vbrief_speckit.py +0 -262
- package/scripts/_vbrief_story_quality.py +0 -353
- package/scripts/_vbrief_validation.py +0 -299
- package/scripts/build_dist.py +0 -412
- package/scripts/cache.py +0 -1078
- package/scripts/cache_scanner.py +0 -745
- package/scripts/candidates_log.py +0 -432
- package/scripts/capacity_backfill.py +0 -680
- package/scripts/capacity_show.py +0 -653
- package/scripts/ci_local.py +0 -689
- package/scripts/code_structure_validate.py +0 -765
- package/scripts/codebase_default_extractor.py +0 -495
- package/scripts/codebase_map.py +0 -304
- package/scripts/codebase_map_fresh.py +0 -104
- package/scripts/codebase_projection_registry.py +0 -94
- package/scripts/codebase_provider.py +0 -582
- package/scripts/doctor.py +0 -2552
- package/scripts/framework_commands.py +0 -505
- package/scripts/gh_rest.py +0 -882
- package/scripts/github_auth_modes.py +0 -437
- package/scripts/github_body.py +0 -292
- package/scripts/ip_risk.py +0 -531
- package/scripts/issue_emit.py +0 -670
- package/scripts/issue_ingest.py +0 -1064
- package/scripts/migrate_preflight.py +0 -418
- package/scripts/migrate_vbrief.py +0 -2677
- package/scripts/monitor_pr.py +0 -401
- package/scripts/pack_migrate_lessons.py +0 -336
- package/scripts/pack_migrate_patterns.py +0 -254
- package/scripts/pack_migrate_rules.py +0 -350
- package/scripts/pack_migrate_skills.py +0 -423
- package/scripts/pack_migrate_strategies.py +0 -311
- package/scripts/pack_migrate_swarm_spec.py +0 -250
- package/scripts/pack_render.py +0 -434
- package/scripts/packs_slice.py +0 -712
- package/scripts/platform_capabilities.py +0 -336
- package/scripts/policy.py +0 -2826
- package/scripts/policy_set.py +0 -324
- package/scripts/pr_check_closing_keywords.py +0 -524
- package/scripts/pr_check_protected_issues.py +0 -267
- package/scripts/pr_merge_readiness.py +0 -1004
- package/scripts/pr_wait_mergeable.py +0 -669
- package/scripts/prd_render.py +0 -159
- package/scripts/preflight_architecture_sor.py +0 -974
- package/scripts/preflight_branch.py +0 -289
- package/scripts/preflight_cache.py +0 -974
- package/scripts/preflight_gh.py +0 -721
- package/scripts/preflight_implementation.py +0 -272
- package/scripts/preflight_story_start.py +0 -838
- package/scripts/preflight_wip_cap.py +0 -149
- package/scripts/probe_session.py +0 -545
- package/scripts/project_render.py +0 -293
- package/scripts/quarantine_ext.py +0 -237
- package/scripts/reconcile_issues.py +0 -1442
- package/scripts/refresh-path.ps1 +0 -107
- package/scripts/release.py +0 -2030
- package/scripts/release_e2e.py +0 -1011
- package/scripts/release_publish.py +0 -486
- package/scripts/release_rollback.py +0 -980
- package/scripts/relocate.py +0 -1034
- package/scripts/resolve_changelog_unreleased.py +0 -667
- package/scripts/resolve_version.py +0 -490
- package/scripts/resume_conditions.py +0 -706
- package/scripts/ritual_sentinel.py +0 -609
- package/scripts/roadmap_render.py +0 -635
- package/scripts/rule_ownership_lint.py +0 -325
- package/scripts/scm.py +0 -591
- package/scripts/scope_audit_log.py +0 -387
- package/scripts/scope_decompose.py +0 -654
- package/scripts/scope_demote.py +0 -509
- package/scripts/scope_lifecycle.py +0 -1126
- package/scripts/scope_undo.py +0 -772
- package/scripts/session_start.py +0 -406
- package/scripts/setup_ghx.py +0 -339
- package/scripts/setup_windows.ps1 +0 -220
- package/scripts/slice_audit.py +0 -585
- package/scripts/slice_record.py +0 -530
- package/scripts/slice_record_existing.py +0 -692
- package/scripts/slug_normalize.py +0 -178
- package/scripts/spec_render.py +0 -477
- package/scripts/spec_validate.py +0 -238
- package/scripts/subagent_monitor.py +0 -658
- package/scripts/swarm_complete_cohort.py +0 -644
- package/scripts/swarm_launch.py +0 -1206
- package/scripts/swarm_readiness.py +0 -554
- package/scripts/swarm_verify_review_clean.py +0 -438
- package/scripts/swarm_worktrees.py +0 -497
- package/scripts/toolchain-check.py +0 -52
- package/scripts/triage_actions.py +0 -871
- package/scripts/triage_bootstrap.py +0 -1153
- package/scripts/triage_bulk.py +0 -630
- package/scripts/triage_classify.py +0 -932
- package/scripts/triage_help.py +0 -1685
- package/scripts/triage_queue.py +0 -1944
- package/scripts/triage_reconcile.py +0 -581
- package/scripts/triage_refresh.py +0 -643
- package/scripts/triage_scope.py +0 -999
- package/scripts/triage_scope_drift.py +0 -575
- package/scripts/triage_smoketest.py +0 -396
- package/scripts/triage_subscribe.py +0 -399
- package/scripts/triage_summary.py +0 -1011
- package/scripts/triage_welcome.py +0 -1178
- package/scripts/ts_check_lane.py +0 -86
- package/scripts/validate-links.py +0 -64
- package/scripts/validate_strategy_output.py +0 -212
- package/scripts/vbrief_activate.py +0 -228
- package/scripts/vbrief_migrate_conformance.py +0 -368
- package/scripts/vbrief_reconcile_graph.py +0 -306
- package/scripts/vbrief_reconcile_labels.py +0 -460
- package/scripts/vbrief_reconcile_umbrellas.py +0 -741
- package/scripts/vbrief_validate.py +0 -1144
- package/scripts/verify-stubs.py +0 -61
- package/scripts/verify_capacity.py +0 -160
- package/scripts/verify_encoding.py +0 -699
- package/scripts/verify_hooks_installed.py +0 -206
- package/scripts/verify_investigation.py +0 -360
- package/scripts/verify_judgment_gates.py +0 -827
- package/scripts/verify_no_task_runtime.py +0 -171
- package/scripts/verify_scm_boundary.py +0 -509
- package/scripts/verify_session_ritual.py +0 -389
- package/scripts/verify_tools.py +0 -426
- package/scripts/verify_vbrief_conformance.py +0 -478
|
@@ -1,478 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env python3
|
|
2
|
-
"""verify_vbrief_conformance.py -- deterministic vBRIEF 0.6 conformance gate (#1620).
|
|
3
|
-
|
|
4
|
-
directive is the vBRIEF reference implementation, so its own corpus must stay
|
|
5
|
-
conformant to the standard it anchors: every key at document, plan, and item
|
|
6
|
-
level MUST be either (a) a known 0.6 spec-core field, (b) prefixed
|
|
7
|
-
``x-directive/`` (a directive extension), or (c) prefixed ``x-vbrief/`` (a
|
|
8
|
-
vBRIEF extension). A bare key outside those three classes masquerades as
|
|
9
|
-
candidate-core and is exactly what produced the statusreport #34 false-RED.
|
|
10
|
-
|
|
11
|
-
This gate fails ``task check`` + the pre-commit hook when any tracked
|
|
12
|
-
``vbrief/**/*.vbrief.json`` carries such a bare key. It mirrors the structure
|
|
13
|
-
and UX of ``scripts/verify_encoding.py`` (#798): three-state exit, ``--all`` /
|
|
14
|
-
``--staged`` modes, and an ``--allow-list <path>`` file-glob override.
|
|
15
|
-
|
|
16
|
-
Core key sets
|
|
17
|
-
-------------
|
|
18
|
-
Built from the canonical vBRIEF 0.6 spec (``deftai/vBRIEF``
|
|
19
|
-
``docs/vbrief-spec-0.6.md`` + ``libvbrief/models.py``) and the in-repo mirror
|
|
20
|
-
``vbrief/schemas/vbrief-core.schema.json``. ``metadata`` is an arbitrary bag
|
|
21
|
-
per 0.6 (Design Goal #5) so the gate does NOT descend into it; likewise it does
|
|
22
|
-
not descend into ``vBRIEFInfo`` or narrative bodies -- only structural keys at
|
|
23
|
-
the document, plan, and item levels are checked.
|
|
24
|
-
|
|
25
|
-
Temporary Category B allow-list
|
|
26
|
-
-------------------------------
|
|
27
|
-
``plan.policy`` and ``plan.completedNote`` are genuine directive extensions
|
|
28
|
-
that SHOULD live under ``x-directive/`` but cannot be moved until upstream
|
|
29
|
-
vBRIEF #12 ratifies the ``x-<consumer>/`` namespace with round-trip
|
|
30
|
-
preservation. They are carved out via :data:`ALLOW_LIST` (a KEY allow-set,
|
|
31
|
-
distinct from the ``--allow-list`` file-glob override) and tracked by the
|
|
32
|
-
Category B follow-up issue cited below.
|
|
33
|
-
|
|
34
|
-
Plan-level ``planRef`` is handled specially (value-aware, see
|
|
35
|
-
:func:`_plan_planref_finding`): a PATH-style value is the load-bearing D4
|
|
36
|
-
epic<->story child->parent linkage and is allowed as a TEMPORARY carve-out
|
|
37
|
-
(its references[]-reconciliation + D4 rework is deferred to the same Category B
|
|
38
|
-
follow-up); a ``#``-prefixed value is the misused issue-pointer pattern behind
|
|
39
|
-
the statusreport #34 false-RED and IS flagged.
|
|
40
|
-
|
|
41
|
-
Exit codes (three-state, mirrors ``scripts/verify_encoding.py``)
|
|
42
|
-
----------------------------------------------------------------
|
|
43
|
-
- ``0`` -- clean: no bare keys detected.
|
|
44
|
-
- ``1`` -- violations: prints per-hit ``path [level] key`` diagnostics.
|
|
45
|
-
- ``2`` -- config error: no ``vbrief/`` directory, ``--allow-list`` path
|
|
46
|
-
unreadable, ``--staged`` outside a git repo, or unrecognised CLI shape.
|
|
47
|
-
"""
|
|
48
|
-
|
|
49
|
-
from __future__ import annotations
|
|
50
|
-
|
|
51
|
-
import argparse
|
|
52
|
-
import fnmatch
|
|
53
|
-
import json
|
|
54
|
-
import sys
|
|
55
|
-
from collections.abc import Iterable
|
|
56
|
-
from pathlib import Path
|
|
57
|
-
|
|
58
|
-
# Route subprocess capture through the #1366 UTF-8-safe helper. The script
|
|
59
|
-
# lives in scripts/ alongside _safe_subprocess.py; add that dir to sys.path so
|
|
60
|
-
# the import resolves whether the module is run directly or loaded via
|
|
61
|
-
# importlib.spec_from_file_location in tests.
|
|
62
|
-
sys.path.insert(0, str(Path(__file__).resolve().parent))
|
|
63
|
-
from _safe_subprocess import run_text # noqa: E402
|
|
64
|
-
|
|
65
|
-
#: Document-level (root) spec-core keys.
|
|
66
|
-
DOC_CORE: frozenset[str] = frozenset({"vBRIEFInfo", "plan"})
|
|
67
|
-
|
|
68
|
-
#: Plan-level spec-core keys (0.6). ``policy`` is DELIBERATELY EXCLUDED -- it is
|
|
69
|
-
#: a Category B directive extension carved out via :data:`ALLOW_LIST` so the
|
|
70
|
-
#: future ``plan.policy`` -> ``x-directive/policy`` migration stays enforceable
|
|
71
|
-
#: once the allow-list is removed.
|
|
72
|
-
PLAN_CORE: frozenset[str] = frozenset(
|
|
73
|
-
{
|
|
74
|
-
"id",
|
|
75
|
-
"uid",
|
|
76
|
-
"title",
|
|
77
|
-
"status",
|
|
78
|
-
"items",
|
|
79
|
-
"narratives",
|
|
80
|
-
"architecture",
|
|
81
|
-
"edges",
|
|
82
|
-
"tags",
|
|
83
|
-
"metadata",
|
|
84
|
-
"created",
|
|
85
|
-
"updated",
|
|
86
|
-
"author",
|
|
87
|
-
"reviewers",
|
|
88
|
-
"uris",
|
|
89
|
-
"references",
|
|
90
|
-
"timezone",
|
|
91
|
-
"agent",
|
|
92
|
-
"lastModifiedBy",
|
|
93
|
-
"changeLog",
|
|
94
|
-
"sequence",
|
|
95
|
-
"fork",
|
|
96
|
-
}
|
|
97
|
-
)
|
|
98
|
-
|
|
99
|
-
#: Item-level (PlanItem) spec-core keys (0.6). ``planRef`` IS core here (it is a
|
|
100
|
-
#: legitimate item field for referencing plans); only the plan-LEVEL ``planRef``
|
|
101
|
-
#: misuse is non-conformant.
|
|
102
|
-
ITEM_CORE: frozenset[str] = frozenset(
|
|
103
|
-
{
|
|
104
|
-
"id",
|
|
105
|
-
"uid",
|
|
106
|
-
"title",
|
|
107
|
-
"status",
|
|
108
|
-
"narrative",
|
|
109
|
-
"subItems",
|
|
110
|
-
"planRef",
|
|
111
|
-
"tags",
|
|
112
|
-
"metadata",
|
|
113
|
-
"created",
|
|
114
|
-
"updated",
|
|
115
|
-
"completed",
|
|
116
|
-
"priority",
|
|
117
|
-
"dueDate",
|
|
118
|
-
"startDate",
|
|
119
|
-
"endDate",
|
|
120
|
-
"percentComplete",
|
|
121
|
-
"participants",
|
|
122
|
-
"location",
|
|
123
|
-
"uris",
|
|
124
|
-
"recurrence",
|
|
125
|
-
"reminders",
|
|
126
|
-
"classification",
|
|
127
|
-
"relatedComments",
|
|
128
|
-
"timezone",
|
|
129
|
-
"sequence",
|
|
130
|
-
"lastModifiedBy",
|
|
131
|
-
"lockedBy",
|
|
132
|
-
"items",
|
|
133
|
-
}
|
|
134
|
-
)
|
|
135
|
-
|
|
136
|
-
#: Accepted extension-namespace prefixes. A key carrying either prefix is
|
|
137
|
-
#: conformant at any level (it is an explicitly-namespaced extension, not a
|
|
138
|
-
#: bare candidate-core key).
|
|
139
|
-
EXTENSION_PREFIXES: tuple[str, ...] = ("x-directive/", "x-vbrief/")
|
|
140
|
-
|
|
141
|
-
#: TEMPORARY Category B carve-outs (KEY allow-set, ``"<level>.<key>"`` form).
|
|
142
|
-
#: These are genuine directive extensions awaiting the ``x-<consumer>/``
|
|
143
|
-
#: namespace ratified by upstream vBRIEF #12; the migration that moves them to
|
|
144
|
-
#: ``x-directive/*`` and REMOVES this allow-list is tracked by directive #1650
|
|
145
|
-
#: (Category B follow-up to #1620).
|
|
146
|
-
ALLOW_LIST: frozenset[str] = frozenset({"plan.policy", "plan.completedNote"})
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
class Finding:
|
|
150
|
-
"""One bare-key conformance violation record."""
|
|
151
|
-
|
|
152
|
-
__slots__ = ("path", "level", "key", "location")
|
|
153
|
-
|
|
154
|
-
def __init__(self, path: str, level: str, key: str, location: str) -> None:
|
|
155
|
-
self.path = path
|
|
156
|
-
self.level = level
|
|
157
|
-
self.key = key
|
|
158
|
-
self.location = location
|
|
159
|
-
|
|
160
|
-
def render(self) -> str:
|
|
161
|
-
return f" {self.path} [{self.level}] bare key {self.key!r} at {self.location}"
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
def _is_conformant(level: str, key: str, core: frozenset[str]) -> bool:
|
|
165
|
-
"""Return True when ``key`` is core, namespaced, or allow-listed at level."""
|
|
166
|
-
if key in core:
|
|
167
|
-
return True
|
|
168
|
-
if key.startswith(EXTENSION_PREFIXES):
|
|
169
|
-
return True
|
|
170
|
-
return f"{level}.{key}" in ALLOW_LIST
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
def _plan_planref_finding(rel_path: str, value: object) -> Finding | None:
|
|
174
|
-
"""Value-aware check for the plan-LEVEL ``planRef`` key.
|
|
175
|
-
|
|
176
|
-
Plan-level ``planRef`` is NOT 0.6 spec-core (``planRef`` is core only at the
|
|
177
|
-
item level). directive carries two distinct shapes here:
|
|
178
|
-
|
|
179
|
-
- A PATH-style value (``"completed/...vbrief.json"``) is the epic<->story
|
|
180
|
-
child->parent linkage that ``scripts/vbrief_validate.py`` D4 validates
|
|
181
|
-
bidirectionally. It is load-bearing and cannot move to ``references[]``
|
|
182
|
-
without reworking D4, so it is a TEMPORARY carve-out tracked by the
|
|
183
|
-
Category B follow-up (#1650) -- allowed (not flagged) here.
|
|
184
|
-
- A ``#``-prefixed value (``"#1348"`` issue ref, or a stale ``#slug``) is
|
|
185
|
-
the misused-as-issue-pointer pattern that produced the statusreport #34
|
|
186
|
-
false-RED. It is FLAGGED so ``scripts/vbrief_migrate_conformance.py``
|
|
187
|
-
(which routes it to ``references[]`` or deletes the junk) stays enforced.
|
|
188
|
-
"""
|
|
189
|
-
if isinstance(value, str) and value.strip().startswith("#"):
|
|
190
|
-
return Finding(
|
|
191
|
-
rel_path, "plan", "planRef", "plan (issue-style -- migrate to references[])"
|
|
192
|
-
)
|
|
193
|
-
return None
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
def _scan_item(rel_path: str, item: dict, location: str) -> list[Finding]:
|
|
197
|
-
"""Scan one PlanItem dict (and its nested items / subItems) for bare keys."""
|
|
198
|
-
findings: list[Finding] = []
|
|
199
|
-
for key in item:
|
|
200
|
-
if not _is_conformant("item", key, ITEM_CORE):
|
|
201
|
-
findings.append(Finding(rel_path, "item", key, location))
|
|
202
|
-
for nested_key in ("items", "subItems"):
|
|
203
|
-
nested = item.get(nested_key)
|
|
204
|
-
if isinstance(nested, list):
|
|
205
|
-
for index, child in enumerate(nested):
|
|
206
|
-
if isinstance(child, dict):
|
|
207
|
-
findings.extend(
|
|
208
|
-
_scan_item(
|
|
209
|
-
rel_path, child, f"{location}.{nested_key}[{index}]"
|
|
210
|
-
)
|
|
211
|
-
)
|
|
212
|
-
return findings
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
def scan_vbrief(rel_path: str, data: object) -> list[Finding]:
|
|
216
|
-
"""Scan a parsed vBRIEF document for bare keys at doc / plan / item level.
|
|
217
|
-
|
|
218
|
-
``metadata`` (arbitrary bag), ``vBRIEFInfo``, and narrative bodies are NOT
|
|
219
|
-
descended into -- only structural keys at the three checked levels.
|
|
220
|
-
"""
|
|
221
|
-
findings: list[Finding] = []
|
|
222
|
-
if not isinstance(data, dict):
|
|
223
|
-
return findings
|
|
224
|
-
|
|
225
|
-
for key in data:
|
|
226
|
-
if not _is_conformant("document", key, DOC_CORE):
|
|
227
|
-
findings.append(Finding(rel_path, "document", key, "<root>"))
|
|
228
|
-
|
|
229
|
-
plan = data.get("plan")
|
|
230
|
-
if not isinstance(plan, dict):
|
|
231
|
-
return findings
|
|
232
|
-
|
|
233
|
-
for key in plan:
|
|
234
|
-
if key == "planRef":
|
|
235
|
-
hit = _plan_planref_finding(rel_path, plan.get("planRef"))
|
|
236
|
-
if hit is not None:
|
|
237
|
-
findings.append(hit)
|
|
238
|
-
continue
|
|
239
|
-
if not _is_conformant("plan", key, PLAN_CORE):
|
|
240
|
-
findings.append(Finding(rel_path, "plan", key, "plan"))
|
|
241
|
-
|
|
242
|
-
items = plan.get("items")
|
|
243
|
-
if isinstance(items, list):
|
|
244
|
-
for index, item in enumerate(items):
|
|
245
|
-
if isinstance(item, dict):
|
|
246
|
-
findings.extend(
|
|
247
|
-
_scan_item(rel_path, item, f"plan.items[{index}]")
|
|
248
|
-
)
|
|
249
|
-
return findings
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
def _load_allow_list(path: Path | None) -> list[str]:
|
|
253
|
-
"""Read newline-separated file-glob patterns; ignore comments / blanks."""
|
|
254
|
-
if path is None:
|
|
255
|
-
return []
|
|
256
|
-
raw = path.read_text(encoding="utf-8", errors="replace")
|
|
257
|
-
out: list[str] = []
|
|
258
|
-
for line in raw.splitlines():
|
|
259
|
-
stripped = line.strip()
|
|
260
|
-
if not stripped or stripped.startswith("#"):
|
|
261
|
-
continue
|
|
262
|
-
out.append(stripped)
|
|
263
|
-
return out
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
def _is_allow_listed(rel_path: str, patterns: Iterable[str]) -> bool:
|
|
267
|
-
return any(fnmatch.fnmatchcase(rel_path, pat) for pat in patterns)
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
def _git_files(project_root: Path, *, staged: bool) -> list[str]:
|
|
271
|
-
"""Return tracked (or staged) POSIX-form rel paths via git."""
|
|
272
|
-
if staged:
|
|
273
|
-
cmd = ["git", "diff", "--cached", "--name-only", "--diff-filter=ACMR"]
|
|
274
|
-
else:
|
|
275
|
-
cmd = ["git", "ls-files"]
|
|
276
|
-
proc = run_text(cmd, cwd=str(project_root))
|
|
277
|
-
if proc.returncode != 0:
|
|
278
|
-
raise RuntimeError(
|
|
279
|
-
f"{' '.join(cmd)} failed (rc={proc.returncode}): {proc.stderr.strip()}"
|
|
280
|
-
)
|
|
281
|
-
return [line for line in proc.stdout.splitlines() if line.strip()]
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
def _is_vbrief_path(posix: str) -> bool:
|
|
285
|
-
"""Return True for the project's root ``vbrief/**/*.vbrief.json`` corpus.
|
|
286
|
-
|
|
287
|
-
Anchored at the project-root ``vbrief/`` directory (matching the scan scope
|
|
288
|
-
of ``scripts/vbrief_migrate_conformance.py``) so the gate and the migration
|
|
289
|
-
reason about exactly the same file set. This deliberately excludes
|
|
290
|
-
``.vbrief.json`` files nested under other directories -- most importantly
|
|
291
|
-
intentionally-stale migration fixtures under ``tests/fixtures/**`` -- which
|
|
292
|
-
are test artifacts, not the canonical corpus.
|
|
293
|
-
"""
|
|
294
|
-
return posix.startswith("vbrief/") and posix.endswith(".vbrief.json")
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
def evaluate(
|
|
298
|
-
project_root: Path,
|
|
299
|
-
*,
|
|
300
|
-
mode: str = "all",
|
|
301
|
-
allow_list_path: Path | None = None,
|
|
302
|
-
) -> tuple[int, list[Finding], str]:
|
|
303
|
-
"""Pure driver returning ``(exit_code, findings, human_message)``."""
|
|
304
|
-
if mode not in {"all", "staged"}:
|
|
305
|
-
return (
|
|
306
|
-
2,
|
|
307
|
-
[],
|
|
308
|
-
f"\u274c verify_vbrief_conformance: unrecognised mode {mode!r} "
|
|
309
|
-
"(expected 'all' or 'staged').",
|
|
310
|
-
)
|
|
311
|
-
|
|
312
|
-
if not (project_root / "vbrief").is_dir():
|
|
313
|
-
return (
|
|
314
|
-
2,
|
|
315
|
-
[],
|
|
316
|
-
(
|
|
317
|
-
"\u274c verify_vbrief_conformance: no vbrief/ directory under "
|
|
318
|
-
f"{project_root}.\n"
|
|
319
|
-
" Recovery: run from a project root that contains vbrief/."
|
|
320
|
-
),
|
|
321
|
-
)
|
|
322
|
-
|
|
323
|
-
try:
|
|
324
|
-
custom_globs = _load_allow_list(allow_list_path)
|
|
325
|
-
except FileNotFoundError as exc:
|
|
326
|
-
return (
|
|
327
|
-
2,
|
|
328
|
-
[],
|
|
329
|
-
(
|
|
330
|
-
f"\u274c verify_vbrief_conformance: --allow-list file not found: {exc}\n"
|
|
331
|
-
" Recovery: pass an existing path or omit the flag."
|
|
332
|
-
),
|
|
333
|
-
)
|
|
334
|
-
except OSError as exc:
|
|
335
|
-
return (
|
|
336
|
-
2,
|
|
337
|
-
[],
|
|
338
|
-
f"\u274c verify_vbrief_conformance: --allow-list unreadable: {exc}",
|
|
339
|
-
)
|
|
340
|
-
|
|
341
|
-
try:
|
|
342
|
-
rel_paths = _git_files(project_root, staged=(mode == "staged"))
|
|
343
|
-
except FileNotFoundError:
|
|
344
|
-
return (
|
|
345
|
-
2,
|
|
346
|
-
[],
|
|
347
|
-
"\u274c verify_vbrief_conformance: 'git' executable not found on PATH.",
|
|
348
|
-
)
|
|
349
|
-
except RuntimeError as exc:
|
|
350
|
-
return (
|
|
351
|
-
2,
|
|
352
|
-
[],
|
|
353
|
-
(
|
|
354
|
-
f"\u274c verify_vbrief_conformance: git failed -- {exc}\n"
|
|
355
|
-
" Recovery: ensure --project-root points at a git working tree."
|
|
356
|
-
),
|
|
357
|
-
)
|
|
358
|
-
|
|
359
|
-
candidates = [
|
|
360
|
-
posix
|
|
361
|
-
for posix in (p.replace("\\", "/") for p in rel_paths)
|
|
362
|
-
if _is_vbrief_path(posix) and not _is_allow_listed(posix, custom_globs)
|
|
363
|
-
]
|
|
364
|
-
|
|
365
|
-
findings: list[Finding] = []
|
|
366
|
-
for posix in candidates:
|
|
367
|
-
full = project_root / posix
|
|
368
|
-
try:
|
|
369
|
-
text = full.read_text(encoding="utf-8")
|
|
370
|
-
except OSError:
|
|
371
|
-
continue
|
|
372
|
-
try:
|
|
373
|
-
data = json.loads(text)
|
|
374
|
-
except json.JSONDecodeError:
|
|
375
|
-
# Malformed JSON is owned by vbrief:validate / verify:encoding; the
|
|
376
|
-
# conformance gate only reasons about parseable documents.
|
|
377
|
-
continue
|
|
378
|
-
findings.extend(scan_vbrief(posix, data))
|
|
379
|
-
|
|
380
|
-
if findings:
|
|
381
|
-
header = (
|
|
382
|
-
f"\u274c verify_vbrief_conformance: detected {len(findings)} bare "
|
|
383
|
-
f"key(s) across {len({f.path for f in findings})} file(s) (#1620).\n"
|
|
384
|
-
" Every vBRIEF key MUST be 0.6 spec-core, x-directive/-namespaced, "
|
|
385
|
-
"or x-vbrief/-namespaced -- never bare.\n"
|
|
386
|
-
" Fix: migrate misused/misspelled core fields to their core home "
|
|
387
|
-
"(see scripts/vbrief_migrate_conformance.py), or namespace a genuine\n"
|
|
388
|
-
" extension under x-directive/. Allow-list a documented file "
|
|
389
|
-
"exception via --allow-list <path> (newline-separated globs)."
|
|
390
|
-
)
|
|
391
|
-
body = "\n".join(f.render() for f in findings[:50])
|
|
392
|
-
if len(findings) > 50:
|
|
393
|
-
body += f"\n ... and {len(findings) - 50} more"
|
|
394
|
-
return 1, findings, f"{header}\n{body}"
|
|
395
|
-
|
|
396
|
-
msg = (
|
|
397
|
-
f"\u2713 verify_vbrief_conformance: {len(candidates)} vBRIEF file(s) "
|
|
398
|
-
"clean -- no bare keys (#1620)."
|
|
399
|
-
)
|
|
400
|
-
return 0, findings, msg
|
|
401
|
-
|
|
402
|
-
|
|
403
|
-
def _build_parser() -> argparse.ArgumentParser:
|
|
404
|
-
parser = argparse.ArgumentParser(
|
|
405
|
-
prog="verify_vbrief_conformance.py",
|
|
406
|
-
description=(
|
|
407
|
-
"Deterministic vBRIEF 0.6 conformance gate (#1620). Flags any key "
|
|
408
|
-
"at document/plan/item level that is not 0.6 spec-core, "
|
|
409
|
-
"x-directive/-namespaced, or x-vbrief/-namespaced."
|
|
410
|
-
),
|
|
411
|
-
)
|
|
412
|
-
mode = parser.add_mutually_exclusive_group()
|
|
413
|
-
mode.add_argument(
|
|
414
|
-
"--all",
|
|
415
|
-
dest="mode",
|
|
416
|
-
action="store_const",
|
|
417
|
-
const="all",
|
|
418
|
-
help="Scan all tracked files via 'git ls-files' (default).",
|
|
419
|
-
)
|
|
420
|
-
mode.add_argument(
|
|
421
|
-
"--staged",
|
|
422
|
-
dest="mode",
|
|
423
|
-
action="store_const",
|
|
424
|
-
const="staged",
|
|
425
|
-
help=(
|
|
426
|
-
"Scan only staged files via 'git diff --cached --name-only' "
|
|
427
|
-
"(used by .githooks/pre-commit)."
|
|
428
|
-
),
|
|
429
|
-
)
|
|
430
|
-
parser.set_defaults(mode="all")
|
|
431
|
-
parser.add_argument(
|
|
432
|
-
"--project-root",
|
|
433
|
-
default=".",
|
|
434
|
-
help="Project root path (default: current working directory).",
|
|
435
|
-
)
|
|
436
|
-
parser.add_argument(
|
|
437
|
-
"--allow-list",
|
|
438
|
-
default=None,
|
|
439
|
-
help=(
|
|
440
|
-
"Path to a file with newline-separated glob patterns of "
|
|
441
|
-
"documented file exceptions. Lines starting with # are comments."
|
|
442
|
-
),
|
|
443
|
-
)
|
|
444
|
-
parser.add_argument(
|
|
445
|
-
"--quiet",
|
|
446
|
-
action="store_true",
|
|
447
|
-
help="Suppress the OK message (errors still print).",
|
|
448
|
-
)
|
|
449
|
-
return parser
|
|
450
|
-
|
|
451
|
-
|
|
452
|
-
def main(argv: list[str] | None = None) -> int:
|
|
453
|
-
# Force UTF-8 stdout/stderr at hook-script entry (mirrors #814).
|
|
454
|
-
if hasattr(sys.stdout, "reconfigure"):
|
|
455
|
-
sys.stdout.reconfigure(encoding="utf-8", errors="replace")
|
|
456
|
-
if hasattr(sys.stderr, "reconfigure"):
|
|
457
|
-
sys.stderr.reconfigure(encoding="utf-8", errors="replace")
|
|
458
|
-
|
|
459
|
-
parser = _build_parser()
|
|
460
|
-
args = parser.parse_args(argv)
|
|
461
|
-
project_root = Path(args.project_root).resolve()
|
|
462
|
-
allow_list_path = Path(args.allow_list).resolve() if args.allow_list else None
|
|
463
|
-
|
|
464
|
-
code, _findings, msg = evaluate(
|
|
465
|
-
project_root,
|
|
466
|
-
mode=args.mode,
|
|
467
|
-
allow_list_path=allow_list_path,
|
|
468
|
-
)
|
|
469
|
-
if code == 0:
|
|
470
|
-
if not args.quiet:
|
|
471
|
-
print(msg)
|
|
472
|
-
else:
|
|
473
|
-
print(msg, file=sys.stderr)
|
|
474
|
-
return code
|
|
475
|
-
|
|
476
|
-
|
|
477
|
-
if __name__ == "__main__":
|
|
478
|
-
sys.exit(main())
|