@evolith/core-domain 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (500) hide show
  1. package/dist/domain/services/default-workflow-definition.js +1 -1
  2. package/dist/domain/services/default-workflow-definition.js.map +1 -1
  3. package/package.json +2 -1
  4. package/rulesets/README.es.md +170 -0
  5. package/rulesets/README.md +170 -0
  6. package/rulesets/acl/README.es.md +41 -0
  7. package/rulesets/acl/README.md +41 -0
  8. package/rulesets/acl/anti-corruption-layer.rules.es.json +99 -0
  9. package/rulesets/acl/anti-corruption-layer.rules.json +99 -0
  10. package/rulesets/adr/ADR_COVERAGE.es.md +133 -0
  11. package/rulesets/adr/ADR_COVERAGE.md +133 -0
  12. package/rulesets/adr/README.es.md +17 -0
  13. package/rulesets/adr/README.md +17 -0
  14. package/rulesets/adr/adr-0002-hexagonal-architecture.rules.json +103 -0
  15. package/rulesets/adr/adr-0005-cicd-quality-gates.rules.json +102 -0
  16. package/rulesets/adr/adr-0010-multi-tenancy.rules.json +129 -0
  17. package/rulesets/adr/adr-0018-testing-pyramid.rules.json +115 -0
  18. package/rulesets/adr/adr-0032-protocol-selection.rules.json +134 -0
  19. package/rulesets/adr/adr-0040-multi-runtime.rules.json +131 -0
  20. package/rulesets/adr/adr-0050-gitflow-branching.rules.json +176 -0
  21. package/rulesets/adr/generated/adr-0001-monorepo-orchestration-principle.rules.json +29 -0
  22. package/rulesets/adr/generated/adr-0006-microservices-transition-via-sidecar-pattern.rules.json +29 -0
  23. package/rulesets/adr/generated/adr-0009-strict-dependency-pinning-and-automated-vulnerability-manage.rules.json +29 -0
  24. package/rulesets/adr/generated/adr-0011-fault-tolerance-and-resiliency-patterns.rules.json +29 -0
  25. package/rulesets/adr/generated/adr-0013-cloud-infrastructure-topology-and-disaster-recovery-dr.rules.json +28 -0
  26. package/rulesets/adr/generated/adr-0014-multi-layer-distributed-caching-strategy.rules.json +29 -0
  27. package/rulesets/adr/generated/adr-0015-event-driven-architecture-eda-for-intra-domain-communication.rules.json +29 -0
  28. package/rulesets/adr/generated/adr-0016-immutable-business-audit-trail-and-change-tracking.rules.json +29 -0
  29. package/rulesets/adr/generated/adr-0017-feature-flagging-strategy-for-progressive-delivery.rules.json +28 -0
  30. package/rulesets/adr/generated/adr-0019-tactical-design-patterns-for-future-proofing.rules.json +29 -0
  31. package/rulesets/adr/generated/adr-0020-identity-provider-abstraction-strategy.rules.json +28 -0
  32. package/rulesets/adr/generated/adr-0024-centralized-configuration-feature-platform.rules.json +28 -0
  33. package/rulesets/adr/generated/adr-0025-feature-flag-provider-abstraction-strategy.rules.json +29 -0
  34. package/rulesets/adr/generated/adr-0028-self-hosted-open-source-hybrid-infrastructure.rules.json +29 -0
  35. package/rulesets/adr/generated/adr-0030-two-tier-distributed-gateway-model.rules.json +28 -0
  36. package/rulesets/adr/generated/adr-0031-schema-per-bounded-context-and-domain-event-catalog.rules.json +29 -0
  37. package/rulesets/adr/generated/adr-0033-transactional-outbox-pattern-for-async-messaging.rules.json +28 -0
  38. package/rulesets/adr/generated/adr-0034-cqrs-pattern-application-matrix.rules.json +29 -0
  39. package/rulesets/adr/generated/adr-0035-distributed-saga-pattern-implementation-strategy.rules.json +29 -0
  40. package/rulesets/adr/generated/adr-0036-message-bus-delivery-flow-control-strategy.rules.json +29 -0
  41. package/rulesets/adr/generated/adr-0037-enterprise-performance-concurrency-chaos-verification-strate.rules.json +28 -0
  42. package/rulesets/adr/generated/adr-0039-deployment-topology-abstraction-environment-switcher.rules.json +29 -0
  43. package/rulesets/adr/generated/adr-0041-dual-engine-policy-evaluation-native-opa.rules.json +28 -0
  44. package/rulesets/adr/generated/adr-0044-configurable-security-persistence-strategy-agnosticism-vs-na.rules.json +29 -0
  45. package/rulesets/adr/generated/adr-0045-microservice-extraction-readiness-criteria.rules.json +29 -0
  46. package/rulesets/adr/generated/adr-0046-unified-traceability-via-w3c-tracecontext.rules.json +29 -0
  47. package/rulesets/adr/generated/adr-0047-progressive-architecture-evolution-framework-modular-monolit.rules.json +29 -0
  48. package/rulesets/adr/generated/adr-0048-enterprise-taxonomy-standardization-and-reference-layout.rules.json +28 -0
  49. package/rulesets/adr/generated/adr-0049-naming-semantics-clean-code-policy-e2e-and-global.rules.json +29 -0
  50. package/rulesets/adr/generated/adr-0051-enterprise-database-engine-selection-strategy.rules.json +29 -0
  51. package/rulesets/adr/generated/adr-0052-unit-testing-isolation-strategy-mocks-vs-stubs.rules.json +29 -0
  52. package/rulesets/adr/generated/adr-0053-integration-and-e2e-testing-strategy.rules.json +29 -0
  53. package/rulesets/adr/generated/adr-0054-database-design-and-normalization-standards.rules.json +29 -0
  54. package/rulesets/adr/generated/adr-0055-microfrontends-architecture-strategy.rules.json +28 -0
  55. package/rulesets/adr/generated/adr-0056-enterprise-naming-design-conventions-multi-language-multi-pl.rules.json +29 -0
  56. package/rulesets/adr/generated/adr-0057-architecture-intelligence-catalog.rules.json +27 -0
  57. package/rulesets/adr/generated/adr-0058-ai-consumable-architecture-knowledge.rules.json +27 -0
  58. package/rulesets/adr/generated/adr-0067-modular-monolith-persistence-boundaries.rules.json +28 -0
  59. package/rulesets/adr/generated/adr-0068-documentation-release-gitflow.rules.json +29 -0
  60. package/rulesets/adr/generated/adr-0069-ai-agent-context-protocol-integration.rules.json +28 -0
  61. package/rulesets/adr/generated/adr-0070-lean-root-repository-taxonomy.rules.json +29 -0
  62. package/rulesets/adr/generated/adr-0071-domain-layer-base-class-and-inheritance-strategy.rules.json +29 -0
  63. package/rulesets/adr/generated/adr-0072-utc-date-storage-browser-timezone-detection-and-language-res.rules.json +29 -0
  64. package/rulesets/adr/generated/adr-0073-unified-cli-mcp-output-contract-and-gate-evidence-schema.rules.json +29 -0
  65. package/rulesets/adr/generated/adr-0074-evolith-core-api-native-exposure-layer.rules.json +29 -0
  66. package/rulesets/adr/generated/adr-0075-core-api-authentication-strategy.rules.json +28 -0
  67. package/rulesets/adr/generated/adr-0076-domain-oriented-microservice-architecture-doma.rules.json +28 -0
  68. package/rulesets/adr/generated/adr-0077-masstransit-v9-commercial-pivot-stay-on-v8-monitor-opentrans.rules.json +28 -0
  69. package/rulesets/adr/generated/adr-0078-domain-financial-separation-governance.rules.json +29 -0
  70. package/rulesets/adr/generated/adr-0079-multi-topology-reference-corpus-and-topology-manifest-contra.rules.json +29 -0
  71. package/rulesets/adr/generated/adr-0080-remote-repository-reference-contract.rules.json +29 -0
  72. package/rulesets/adr/generated/adr-0081-agentic-ai-sandbox-isolation-boundary.rules.json +29 -0
  73. package/rulesets/adr/generated/adr-0082-agentic-ai-prompt-context-and-tool-trust-boundary.rules.json +28 -0
  74. package/rulesets/adr/generated/adr-0083-agentic-ai-action-authorization-and-audit.rules.json +29 -0
  75. package/rulesets/adr/generated/adr-0084-data-mesh-and-data-as-a-product.rules.json +29 -0
  76. package/rulesets/adr/generated/adr-0085-agnostic-opa-wasm-distribution-architecture.rules.json +28 -0
  77. package/rulesets/adr/generated/adr-0086-agentic-ai-telemetry-cost-control-standard.rules.json +27 -0
  78. package/rulesets/adr/generated/adr-0087-attribute-based-access-control-abac-for-agentic-tool-executi.rules.json +29 -0
  79. package/rulesets/adr/generated/adr-0088-sovereign-identity-for-agentic-ai.rules.json +29 -0
  80. package/rulesets/adr/generated/adr-0089-event-driven-agentic-workflow-pattern.rules.json +28 -0
  81. package/rulesets/adr/generated/adr-0090-rag-knowledge-governance-standard.rules.json +29 -0
  82. package/rulesets/adr/generated/adr-0091-workload-identity-token-rotation-standard.rules.json +29 -0
  83. package/rulesets/adr/generated/adr-0092-agent-infinite-loop-prevention-and-circuit-breaker-rules.rules.json +29 -0
  84. package/rulesets/adr/generated/adr-0093-concurrency-control-and-resource-locking-standard-for-mcp-to.rules.json +29 -0
  85. package/rulesets/adr/generated/adr-0094-multi-agent-handoff-and-task-delegation-standards.rules.json +29 -0
  86. package/rulesets/adr/generated/adr-0095-serverless-architecture-governance.rules.json +29 -0
  87. package/rulesets/adr/generated/adr-0096-edge-computing-architecture-governance.rules.json +29 -0
  88. package/rulesets/adr/generated/adr-0097-knowledge-lifecycle-governance-standard.rules.json +29 -0
  89. package/rulesets/adr/generated/adr-0098-rest-uri-versioning-and-deprecation-policy.rules.json +29 -0
  90. package/rulesets/adr/generated/adr-0099-opa-bundle-distribution-via-s3-minio.rules.json +27 -0
  91. package/rulesets/adr/generated/adr-ai-augmented-0001-harness-engineering-for-ai-augmented-development.rules.json +29 -0
  92. package/rulesets/adr/generated/adr-ai-augmented-0002-mcp-integration-protocol-for-agent-tool-invocation.rules.json +29 -0
  93. package/rulesets/adr/generated/adr-ai-augmented-0003-model-selection-governance-for-ai-augmented-workflows.rules.json +29 -0
  94. package/rulesets/adr/generated/adr-ai-augmented-0004-agents-md-as-mandatory-repository-artifact.rules.json +29 -0
  95. package/rulesets/adr/generated/adr-ai-augmented-0005-human-in-the-loop-policy-for-autonomous-agent-operations.rules.json +29 -0
  96. package/rulesets/adr/generated/adr-android-0042-canonical-android-native-mobile-architecture.rules.json +29 -0
  97. package/rulesets/adr/generated/adr-dotnet-0041-canonical-net-c-backend-architecture.rules.json +29 -0
  98. package/rulesets/adr/generated/adr-dotnet-0060-net-multi-tenancy-dual-layer-strategy-ef-core-sql-server.rules.json +29 -0
  99. package/rulesets/adr/generated/adr-dotnet-0061-transactional-event-lifecycle-in-ef-core.rules.json +28 -0
  100. package/rulesets/adr/generated/adr-dotnet-0062-net-immutable-audit-trail-via-ddl-triggers-delta-capture.rules.json +29 -0
  101. package/rulesets/adr/generated/adr-dotnet-0063-b2b-request-idempotency-middleware-in-asp-net-core.rules.json +28 -0
  102. package/rulesets/adr/generated/adr-dotnet-0064-net-request-scope-observability-context-propagation.rules.json +29 -0
  103. package/rulesets/adr/generated/adr-dotnet-0065-net-pii-safe-structured-logging-pipeline-serilog.rules.json +29 -0
  104. package/rulesets/adr/generated/adr-dotnet-0066-net-lightweight-http-idempotency-via-imemorycache-idistribut.rules.json +28 -0
  105. package/rulesets/adr/generated/adr-dotnet-0069-net-grpc-service-setup-protobuf-contracts.rules.json +29 -0
  106. package/rulesets/adr/generated/adr-dotnet-0070-net-api-endpoint-strategy.rules.json +29 -0
  107. package/rulesets/adr/generated/adr-dotnet-0071-net-data-access-strategy-ef-core-as-default-orm-dapper-for-o.rules.json +27 -0
  108. package/rulesets/adr/generated/adr-dotnet-0072-net-aop-cross-cutting-concern-strategy-dispatchproxy-over-pi.rules.json +29 -0
  109. package/rulesets/adr/generated/adr-nodejs-0003-strict-typescript-standards.rules.json +29 -0
  110. package/rulesets/adr/generated/adr-nodejs-0004-frontend-offline-resilience.rules.json +28 -0
  111. package/rulesets/adr/generated/adr-nodejs-0007-observability-with-opentelemetry-loki-and-jaeger.rules.json +29 -0
  112. package/rulesets/adr/generated/adr-nodejs-0008-progressive-multi-module-evolution-with-api-gateway-and-bff-.rules.json +28 -0
  113. package/rulesets/adr/generated/adr-nodejs-0012-advanced-authorization-rbac-abac-strategy.rules.json +28 -0
  114. package/rulesets/adr/generated/adr-nodejs-0021-high-performance-authentication-graph-compilation.rules.json +28 -0
  115. package/rulesets/adr/generated/adr-nodejs-0022-contextual-authentication-and-pluggable-output-projections.rules.json +28 -0
  116. package/rulesets/adr/generated/adr-nodejs-0023-centralized-authorization-core-strategy.rules.json +28 -0
  117. package/rulesets/adr/generated/adr-nodejs-0026-adaptive-mfa-and-passwordless-platform.rules.json +28 -0
  118. package/rulesets/adr/generated/adr-nodejs-0027-dual-protocol-api-strategy-rest-grpc.rules.json +28 -0
  119. package/rulesets/adr/generated/adr-nodejs-0029-adoption-of-tactical-ddd-primitives-library.rules.json +29 -0
  120. package/rulesets/adr/generated/adr-nodejs-0038-enterprise-error-handling-result-pattern-strategy.rules.json +29 -0
  121. package/rulesets/adr/generated/adr-nodejs-0043-data-access-and-orm-strategy-for-node-js.rules.json +29 -0
  122. package/rulesets/adr/generated/adr-nodejs-0044-frontend-clean-architecture-layer-boundaries-react.rules.json +29 -0
  123. package/rulesets/adr/generated/adr-nodejs-0045-frontend-state-management-zustand-tanstack-query-dual-strate.rules.json +29 -0
  124. package/rulesets/adr/generated/adr-nodejs-0046-prohibition-of-raw-technical-identifiers-in-user-interfaces.rules.json +29 -0
  125. package/rulesets/adr/generated/adr-nodejs-0047-actionable-user-error-contract-and-correlated-diagnostics.rules.json +29 -0
  126. package/rulesets/adr/generated/adr-nodejs-0048-feature-flag-system-scope-and-structured-criteria-model.rules.json +29 -0
  127. package/rulesets/adr/generated/adr-nodejs-0074-monorepo-orchestration-with-nx.rules.json +29 -0
  128. package/rulesets/adr/generated/adr-nodejs-0075-application-gateway-bff-with-nestjs.rules.json +29 -0
  129. package/rulesets/architecture/README.es.md +21 -0
  130. package/rulesets/architecture/README.md +21 -0
  131. package/rulesets/architecture/opa/progressive-axis.rego +50 -0
  132. package/rulesets/cli/README.es.md +17 -0
  133. package/rulesets/cli/README.md +17 -0
  134. package/rulesets/cli/core-parity.rules.json +61 -0
  135. package/rulesets/cli/release-readiness.rules.json +77 -0
  136. package/rulesets/compliance-baseline/README.es.md +26 -0
  137. package/rulesets/compliance-baseline/README.md +26 -0
  138. package/rulesets/compliance-baseline/compliance-baseline.rules.json +81 -0
  139. package/rulesets/contracts/README.es.md +19 -0
  140. package/rulesets/contracts/README.md +19 -0
  141. package/rulesets/contracts/evolith-machine-contracts.json +29 -0
  142. package/rulesets/contracts/fixtures/gate-evidence.success.json +10 -0
  143. package/rulesets/contracts/fixtures/output-envelope.success.json +23 -0
  144. package/rulesets/cross-cutting/README.es.md +14 -0
  145. package/rulesets/cross-cutting/README.md +14 -0
  146. package/rulesets/cross-cutting/compliance-baseline.rules.json +81 -0
  147. package/rulesets/cross-cutting/definition-of-done.rules.json +135 -0
  148. package/rulesets/cross-cutting/engineering-manifesto.rules.json +145 -0
  149. package/rulesets/cross-cutting/repository-taxonomy.rules.json +172 -0
  150. package/rulesets/definition-of-done/README.es.md +26 -0
  151. package/rulesets/definition-of-done/README.md +26 -0
  152. package/rulesets/definition-of-done/definition-of-done.rules.json +135 -0
  153. package/rulesets/engineering-manifesto/README.es.md +26 -0
  154. package/rulesets/engineering-manifesto/README.md +26 -0
  155. package/rulesets/engineering-manifesto/engineering-manifesto.rules.json +145 -0
  156. package/rulesets/evidence/README.es.md +12 -0
  157. package/rulesets/evidence/README.md +12 -0
  158. package/rulesets/evidence/evidence-manifest.rules.json +48 -0
  159. package/rulesets/executive-scorecards/executive-scorecards.rules.es.json +213 -0
  160. package/rulesets/executive-scorecards/executive-scorecards.rules.json +213 -0
  161. package/rulesets/governance/README.es.md +13 -0
  162. package/rulesets/governance/README.md +13 -0
  163. package/rulesets/governance/abac-mcp-access.rules.es.json +41 -0
  164. package/rulesets/governance/abac-mcp-access.rules.json +41 -0
  165. package/rulesets/governance/executive-scorecards.rules.es.json +213 -0
  166. package/rulesets/governance/executive-scorecards.rules.json +213 -0
  167. package/rulesets/governance/inheritance.rules.json +115 -0
  168. package/rulesets/governance/knowledge-intake.rules.json +18 -0
  169. package/rulesets/governance/open-core-boundary.rules.es.json +148 -0
  170. package/rulesets/governance/open-core-boundary.rules.json +148 -0
  171. package/rulesets/governance/satellite-contracts.rules.json +183 -0
  172. package/rulesets/infrastructure/helm-enforcement.rules.json +21 -0
  173. package/rulesets/infrastructure/opa/helm-enforcement.rego +25 -0
  174. package/rulesets/infrastructure/opa/helm-enforcement.test.rego +31 -0
  175. package/rulesets/infrastructure/opa/opa-sidecar-bundle.rego +115 -0
  176. package/rulesets/infrastructure/opa/opa-sidecar-bundle.test.rego +66 -0
  177. package/rulesets/infrastructure/opa-sidecar-bundle.rules.json +18 -0
  178. package/rulesets/mcp/README.es.md +12 -0
  179. package/rulesets/mcp/README.md +12 -0
  180. package/rulesets/mcp/protocol-compliance.rules.json +57 -0
  181. package/rulesets/observability/README.es.md +12 -0
  182. package/rulesets/observability/README.md +12 -0
  183. package/rulesets/observability/telemetry-evidence.rules.json +48 -0
  184. package/rulesets/opa/README.es.md +22 -0
  185. package/rulesets/opa/README.md +22 -0
  186. package/rulesets/opa/abac-mcp-tool-access.rego +122 -0
  187. package/rulesets/opa/abac-mcp-tool-access.test.rego +33 -0
  188. package/rulesets/opa/anti-corruption-layer.rego +39 -0
  189. package/rulesets/opa/anti-corruption-layer.test.rego +118 -0
  190. package/rulesets/opa/ci-cd.rego +41 -0
  191. package/rulesets/opa/ci-cd.test.rego +23 -0
  192. package/rulesets/opa/cicd-quality-gates.rego +29 -0
  193. package/rulesets/opa/cicd-quality-gates.test.rego +54 -0
  194. package/rulesets/opa/cli-core-parity.rego +17 -0
  195. package/rulesets/opa/cli-core-parity.test.rego +39 -0
  196. package/rulesets/opa/cli-readiness.rego +32 -0
  197. package/rulesets/opa/cli-readiness.test.rego +23 -0
  198. package/rulesets/opa/cli-release-readiness.rego +21 -0
  199. package/rulesets/opa/cli-release-readiness.test.rego +46 -0
  200. package/rulesets/opa/compliance-baseline.rego +95 -0
  201. package/rulesets/opa/compliance-baseline.test.rego +89 -0
  202. package/rulesets/opa/dod.rego +42 -0
  203. package/rulesets/opa/dod.test.rego +250 -0
  204. package/rulesets/opa/engineering-manifesto.rego +78 -0
  205. package/rulesets/opa/engineering-manifesto.test.rego +133 -0
  206. package/rulesets/opa/evidence.rego +64 -0
  207. package/rulesets/opa/evidence.test.rego +23 -0
  208. package/rulesets/opa/executive-scorecards.rego +41 -0
  209. package/rulesets/opa/executive-scorecards.test.rego +60 -0
  210. package/rulesets/opa/gitflow-branching.rego +41 -0
  211. package/rulesets/opa/gitflow-branching.test.rego +60 -0
  212. package/rulesets/opa/governance.rego +39 -0
  213. package/rulesets/opa/governance.test.rego +23 -0
  214. package/rulesets/opa/hexagonal-architecture.rego +33 -0
  215. package/rulesets/opa/hexagonal-architecture.test.rego +57 -0
  216. package/rulesets/opa/infrastructure/helm-enforcement.rego +33 -0
  217. package/rulesets/opa/infrastructure/opa-sidecar-bundle.rego +42 -0
  218. package/rulesets/opa/knowledge-intake.rego +98 -0
  219. package/rulesets/opa/knowledge-intake.test.rego +50 -0
  220. package/rulesets/opa/main.rego +147 -0
  221. package/rulesets/opa/main_test.rego +149 -0
  222. package/rulesets/opa/mcp.rego +61 -0
  223. package/rulesets/opa/mcp.test.rego +27 -0
  224. package/rulesets/opa/multi-runtime.rego +33 -0
  225. package/rulesets/opa/multi-runtime.test.rego +53 -0
  226. package/rulesets/opa/multi-tenancy.rego +33 -0
  227. package/rulesets/opa/multi-tenancy.test.rego +53 -0
  228. package/rulesets/opa/open-core-boundary.rego +33 -0
  229. package/rulesets/opa/open-core-boundary.test.rego +60 -0
  230. package/rulesets/opa/protocol-selection.rego +29 -0
  231. package/rulesets/opa/protocol-selection.test.rego +46 -0
  232. package/rulesets/opa/rbac/gate-role-enforcement.rego +112 -0
  233. package/rulesets/opa/repository-taxonomy.rego +98 -0
  234. package/rulesets/opa/repository-taxonomy.test.rego +91 -0
  235. package/rulesets/opa/satellite-contracts.rego +42 -0
  236. package/rulesets/opa/satellite-contracts.test.rego +70 -0
  237. package/rulesets/opa/schemas/abac-mcp-tool-access.input.schema.json +21 -0
  238. package/rulesets/opa/schemas/anti-corruption-layer.input.schema.json +25 -0
  239. package/rulesets/opa/schemas/ci-cd.input.schema.json +27 -0
  240. package/rulesets/opa/schemas/cicd-quality-gates.input.schema.json +33 -0
  241. package/rulesets/opa/schemas/cli-core-parity.input.schema.json +30 -0
  242. package/rulesets/opa/schemas/cli-readiness.input.schema.json +28 -0
  243. package/rulesets/opa/schemas/cli-release-readiness.input.schema.json +26 -0
  244. package/rulesets/opa/schemas/compliance-baseline.input.schema.json +25 -0
  245. package/rulesets/opa/schemas/dod.input.schema.json +38 -0
  246. package/rulesets/opa/schemas/engineering-manifesto.input.schema.json +24 -0
  247. package/rulesets/opa/schemas/evidence.input.schema.json +35 -0
  248. package/rulesets/opa/schemas/executive-scorecards.input.schema.json +36 -0
  249. package/rulesets/opa/schemas/gitflow-branching.input.schema.json +36 -0
  250. package/rulesets/opa/schemas/governance.input.schema.json +19 -0
  251. package/rulesets/opa/schemas/hexagonal-architecture.input.schema.json +46 -0
  252. package/rulesets/opa/schemas/knowledge-intake.input.schema.json +57 -0
  253. package/rulesets/opa/schemas/mcp.input.schema.json +38 -0
  254. package/rulesets/opa/schemas/multi-runtime.input.schema.json +27 -0
  255. package/rulesets/opa/schemas/multi-tenancy.input.schema.json +27 -0
  256. package/rulesets/opa/schemas/open-core-boundary.input.schema.json +36 -0
  257. package/rulesets/opa/schemas/protocol-selection.input.schema.json +26 -0
  258. package/rulesets/opa/schemas/repository-taxonomy.input.schema.json +18 -0
  259. package/rulesets/opa/schemas/satellite-contracts.input.schema.json +38 -0
  260. package/rulesets/opa/schemas/taxonomy.input.schema.json +27 -0
  261. package/rulesets/opa/schemas/testing-pyramid.input.schema.json +42 -0
  262. package/rulesets/opa/schemas/version-pinning.input.schema.json +39 -0
  263. package/rulesets/opa/sdlc/coverage.rego +49 -0
  264. package/rulesets/opa/sdlc/coverage.test.rego +29 -0
  265. package/rulesets/opa/sdlc/pyramid-distribution.rego +31 -0
  266. package/rulesets/opa/sdlc/pyramid-distribution.test.rego +33 -0
  267. package/rulesets/opa/taxonomy.rego +51 -0
  268. package/rulesets/opa/taxonomy.test.rego +28 -0
  269. package/rulesets/opa/telemetry-evidence.rego +102 -0
  270. package/rulesets/opa/testing-pyramid.rego +49 -0
  271. package/rulesets/opa/testing-pyramid.test.rego +81 -0
  272. package/rulesets/opa/version-pinning.rego +99 -0
  273. package/rulesets/opa/version-pinning.test.rego +28 -0
  274. package/rulesets/phase-gates/README.es.md +28 -0
  275. package/rulesets/phase-gates/README.md +28 -0
  276. package/rulesets/phase-gates/phase-gates.rules.json +297 -0
  277. package/rulesets/quality-thresholds/README.es.md +28 -0
  278. package/rulesets/quality-thresholds/README.md +28 -0
  279. package/rulesets/quality-thresholds/quality-thresholds.rules.json +96 -0
  280. package/rulesets/repository-taxonomy/README.es.md +26 -0
  281. package/rulesets/repository-taxonomy/README.md +26 -0
  282. package/rulesets/repository-taxonomy/repository-taxonomy.rules.json +172 -0
  283. package/rulesets/satellite-contracts/README.es.md +27 -0
  284. package/rulesets/satellite-contracts/README.md +27 -0
  285. package/rulesets/satellite-contracts/satellite-contracts.rules.json +183 -0
  286. package/rulesets/schema/README.es.md +39 -0
  287. package/rulesets/schema/README.md +39 -0
  288. package/rulesets/schema/adr.schema.json +138 -0
  289. package/rulesets/schema/agile-backlog.schema.json +91 -0
  290. package/rulesets/schema/ballpark-estimation.schema.json +109 -0
  291. package/rulesets/schema/build-vs-compose.schema.json +98 -0
  292. package/rulesets/schema/cli-impact-analysis.schema.json +114 -0
  293. package/rulesets/schema/discovery-canvas.schema.json +92 -0
  294. package/rulesets/schema/evolith-user-story.schema.json +105 -0
  295. package/rulesets/schema/evolith-yaml.schema.json +191 -0
  296. package/rulesets/schema/functional-story.schema.json +111 -0
  297. package/rulesets/schema/gate-evidence.schema.json +85 -0
  298. package/rulesets/schema/integration-evidence.schema.json +47 -0
  299. package/rulesets/schema/knowledge-intake.schema.json +67 -0
  300. package/rulesets/schema/knowledge-projection.schema.json +24 -0
  301. package/rulesets/schema/maturity-evidence.schema.json +59 -0
  302. package/rulesets/schema/observability-validation.schema.json +85 -0
  303. package/rulesets/schema/on-call-handoff.schema.json +91 -0
  304. package/rulesets/schema/output-envelope.schema.json +102 -0
  305. package/rulesets/schema/prd.schema.json +117 -0
  306. package/rulesets/schema/release-notes.schema.json +138 -0
  307. package/rulesets/schema/rollback-rehearsal.schema.json +73 -0
  308. package/rulesets/schema/ruleset-sdlc.schema.json +59 -0
  309. package/rulesets/schema/ruleset-standard.schema.json +73 -0
  310. package/rulesets/schema/security-scan-report.schema.json +79 -0
  311. package/rulesets/schema/source-registry.schema.json +51 -0
  312. package/rulesets/schema/technical-feasibility.schema.json +66 -0
  313. package/rulesets/schema/technical-story.schema.json +112 -0
  314. package/rulesets/schema/test-summary-report.schema.json +158 -0
  315. package/rulesets/schema/topology-composition.schema.json +43 -0
  316. package/rulesets/schema/topology-manifest.schema.json +421 -0
  317. package/rulesets/sdlc/README.es.md +12 -0
  318. package/rulesets/sdlc/README.md +12 -0
  319. package/rulesets/sdlc/default-workflow.yaml +73 -0
  320. package/rulesets/sdlc/dependency-pinning.rules.json +183 -0
  321. package/rulesets/sdlc/phase-gates.rules.json +297 -0
  322. package/rulesets/sdlc/quality-thresholds.rules.json +96 -0
  323. package/rulesets/topologies/README.es.md +42 -0
  324. package/rulesets/topologies/README.md +42 -0
  325. package/rulesets/topologies/agentic-ai/README.es.md +142 -0
  326. package/rulesets/topologies/agentic-ai/README.md +142 -0
  327. package/rulesets/topologies/agentic-ai/adoption.es.md +37 -0
  328. package/rulesets/topologies/agentic-ai/adoption.md +37 -0
  329. package/rulesets/topologies/agentic-ai/agent.config.schema.json +100 -0
  330. package/rulesets/topologies/agentic-ai/agentic-ai.rego +46 -0
  331. package/rulesets/topologies/agentic-ai/agentic-ai.rules.json +109 -0
  332. package/rulesets/topologies/agentic-ai/agentic-ai.test.rego +68 -0
  333. package/rulesets/topologies/agentic-ai/agentic-ai.wasm +0 -0
  334. package/rulesets/topologies/agentic-ai/cli/cli-flows.es.md +35 -0
  335. package/rulesets/topologies/agentic-ai/cli/cli-flows.md +45 -0
  336. package/rulesets/topologies/agentic-ai/evidence.es.md +25 -0
  337. package/rulesets/topologies/agentic-ai/evidence.md +25 -0
  338. package/rulesets/topologies/agentic-ai/evolution.es.md +26 -0
  339. package/rulesets/topologies/agentic-ai/evolution.md +26 -0
  340. package/rulesets/topologies/agentic-ai/fixtures/invalid-agent.config.json +48 -0
  341. package/rulesets/topologies/agentic-ai/fixtures/valid-agent.config.json +48 -0
  342. package/rulesets/topologies/agentic-ai/maturity.es.md +33 -0
  343. package/rulesets/topologies/agentic-ai/maturity.md +33 -0
  344. package/rulesets/topologies/agentic-ai/mcp/mcp-manifest.json +100 -0
  345. package/rulesets/topologies/agentic-ai/openapi/openapi.yaml +187 -0
  346. package/rulesets/topologies/agentic-ai/operations.es.md +32 -0
  347. package/rulesets/topologies/agentic-ai/operations.md +32 -0
  348. package/rulesets/topologies/agentic-ai/parity-fixtures/compliant.json +18 -0
  349. package/rulesets/topologies/agentic-ai/parity-fixtures/violation.json +22 -0
  350. package/rulesets/topologies/agentic-ai/patterns.es.md +32 -0
  351. package/rulesets/topologies/agentic-ai/patterns.md +32 -0
  352. package/rulesets/topologies/agentic-ai/resilience.es.md +26 -0
  353. package/rulesets/topologies/agentic-ai/resilience.md +26 -0
  354. package/rulesets/topologies/agentic-ai/runbooks.es.md +48 -0
  355. package/rulesets/topologies/agentic-ai/runbooks.md +48 -0
  356. package/rulesets/topologies/agentic-ai/security.es.md +26 -0
  357. package/rulesets/topologies/agentic-ai/security.md +26 -0
  358. package/rulesets/topologies/agentic-ai/topology.manifest.json +127 -0
  359. package/rulesets/topologies/data-mesh/README.es.md +69 -0
  360. package/rulesets/topologies/data-mesh/README.md +69 -0
  361. package/rulesets/topologies/data-mesh/adoption.es.md +95 -0
  362. package/rulesets/topologies/data-mesh/adoption.md +95 -0
  363. package/rulesets/topologies/data-mesh/cli/cli-flows.es.md +41 -0
  364. package/rulesets/topologies/data-mesh/cli/cli-flows.md +53 -0
  365. package/rulesets/topologies/data-mesh/data-mesh.rego +11 -0
  366. package/rulesets/topologies/data-mesh/data-mesh.rules.json +100 -0
  367. package/rulesets/topologies/data-mesh/data-mesh.test.rego +107 -0
  368. package/rulesets/topologies/data-mesh/data-mesh.wasm +0 -0
  369. package/rulesets/topologies/data-mesh/evidence.es.md +111 -0
  370. package/rulesets/topologies/data-mesh/evidence.md +111 -0
  371. package/rulesets/topologies/data-mesh/evolution.es.md +67 -0
  372. package/rulesets/topologies/data-mesh/evolution.md +67 -0
  373. package/rulesets/topologies/data-mesh/fixtures/invalid.topology.config.json +12 -0
  374. package/rulesets/topologies/data-mesh/fixtures/valid.topology.config.json +12 -0
  375. package/rulesets/topologies/data-mesh/maturity.es.md +36 -0
  376. package/rulesets/topologies/data-mesh/maturity.md +36 -0
  377. package/rulesets/topologies/data-mesh/mcp/mcp-manifest.json +68 -0
  378. package/rulesets/topologies/data-mesh/openapi/openapi.yaml +186 -0
  379. package/rulesets/topologies/data-mesh/operations.es.md +63 -0
  380. package/rulesets/topologies/data-mesh/operations.md +63 -0
  381. package/rulesets/topologies/data-mesh/parity-fixtures/compliant.json +18 -0
  382. package/rulesets/topologies/data-mesh/parity-fixtures/violation.json +21 -0
  383. package/rulesets/topologies/data-mesh/patterns.es.md +67 -0
  384. package/rulesets/topologies/data-mesh/patterns.md +67 -0
  385. package/rulesets/topologies/data-mesh/resilience.es.md +64 -0
  386. package/rulesets/topologies/data-mesh/resilience.md +64 -0
  387. package/rulesets/topologies/data-mesh/runbooks.es.md +147 -0
  388. package/rulesets/topologies/data-mesh/runbooks.md +147 -0
  389. package/rulesets/topologies/data-mesh/security.es.md +66 -0
  390. package/rulesets/topologies/data-mesh/security.md +66 -0
  391. package/rulesets/topologies/data-mesh/topology.config.schema.json +30 -0
  392. package/rulesets/topologies/data-mesh/topology.manifest.json +107 -0
  393. package/rulesets/topologies/edge-computing/README.es.md +81 -0
  394. package/rulesets/topologies/edge-computing/README.md +81 -0
  395. package/rulesets/topologies/edge-computing/adoption.es.md +268 -0
  396. package/rulesets/topologies/edge-computing/adoption.md +268 -0
  397. package/rulesets/topologies/edge-computing/cli/cli-flows.es.md +41 -0
  398. package/rulesets/topologies/edge-computing/cli/cli-flows.md +53 -0
  399. package/rulesets/topologies/edge-computing/edge-computing.rego +41 -0
  400. package/rulesets/topologies/edge-computing/edge-computing.rules.json +50 -0
  401. package/rulesets/topologies/edge-computing/edge-computing.test.rego +33 -0
  402. package/rulesets/topologies/edge-computing/edge-computing.wasm +0 -0
  403. package/rulesets/topologies/edge-computing/evidence.es.md +263 -0
  404. package/rulesets/topologies/edge-computing/evidence.md +263 -0
  405. package/rulesets/topologies/edge-computing/evolution.es.md +257 -0
  406. package/rulesets/topologies/edge-computing/evolution.md +257 -0
  407. package/rulesets/topologies/edge-computing/fixtures/invalid.topology.config.json +6 -0
  408. package/rulesets/topologies/edge-computing/fixtures/valid.topology.config.json +6 -0
  409. package/rulesets/topologies/edge-computing/maturity.es.md +36 -0
  410. package/rulesets/topologies/edge-computing/maturity.md +36 -0
  411. package/rulesets/topologies/edge-computing/mcp/mcp-manifest.json +72 -0
  412. package/rulesets/topologies/edge-computing/openapi/openapi.yaml +187 -0
  413. package/rulesets/topologies/edge-computing/operations.es.md +148 -0
  414. package/rulesets/topologies/edge-computing/operations.md +148 -0
  415. package/rulesets/topologies/edge-computing/parity-fixtures/compliant.json +12 -0
  416. package/rulesets/topologies/edge-computing/parity-fixtures/violation.json +13 -0
  417. package/rulesets/topologies/edge-computing/patterns.es.md +291 -0
  418. package/rulesets/topologies/edge-computing/patterns.md +290 -0
  419. package/rulesets/topologies/edge-computing/resilience.es.md +232 -0
  420. package/rulesets/topologies/edge-computing/resilience.md +229 -0
  421. package/rulesets/topologies/edge-computing/runbooks.es.md +405 -0
  422. package/rulesets/topologies/edge-computing/runbooks.md +405 -0
  423. package/rulesets/topologies/edge-computing/security.es.md +218 -0
  424. package/rulesets/topologies/edge-computing/security.md +218 -0
  425. package/rulesets/topologies/edge-computing/topology.config.schema.json +13 -0
  426. package/rulesets/topologies/edge-computing/topology.manifest.json +113 -0
  427. package/rulesets/topologies/event-driven/README.es.md +71 -0
  428. package/rulesets/topologies/event-driven/README.md +71 -0
  429. package/rulesets/topologies/event-driven/adoption.es.md +67 -0
  430. package/rulesets/topologies/event-driven/adoption.md +67 -0
  431. package/rulesets/topologies/event-driven/cli/cli-flows.es.md +41 -0
  432. package/rulesets/topologies/event-driven/cli/cli-flows.md +53 -0
  433. package/rulesets/topologies/event-driven/event-driven.rego +11 -0
  434. package/rulesets/topologies/event-driven/event-driven.rules.json +100 -0
  435. package/rulesets/topologies/event-driven/event-driven.test.rego +107 -0
  436. package/rulesets/topologies/event-driven/event-driven.wasm +0 -0
  437. package/rulesets/topologies/event-driven/evidence.es.md +69 -0
  438. package/rulesets/topologies/event-driven/evidence.md +69 -0
  439. package/rulesets/topologies/event-driven/evolution.es.md +59 -0
  440. package/rulesets/topologies/event-driven/evolution.md +59 -0
  441. package/rulesets/topologies/event-driven/fixtures/invalid.topology.config.json +12 -0
  442. package/rulesets/topologies/event-driven/fixtures/valid.topology.config.json +12 -0
  443. package/rulesets/topologies/event-driven/maturity.es.md +36 -0
  444. package/rulesets/topologies/event-driven/maturity.md +36 -0
  445. package/rulesets/topologies/event-driven/mcp/mcp-manifest.json +68 -0
  446. package/rulesets/topologies/event-driven/openapi/openapi.yaml +186 -0
  447. package/rulesets/topologies/event-driven/operations.es.md +67 -0
  448. package/rulesets/topologies/event-driven/operations.md +67 -0
  449. package/rulesets/topologies/event-driven/parity-fixtures/compliant.json +18 -0
  450. package/rulesets/topologies/event-driven/parity-fixtures/violation.json +21 -0
  451. package/rulesets/topologies/event-driven/patterns.es.md +68 -0
  452. package/rulesets/topologies/event-driven/patterns.md +68 -0
  453. package/rulesets/topologies/event-driven/resilience.es.md +65 -0
  454. package/rulesets/topologies/event-driven/resilience.md +65 -0
  455. package/rulesets/topologies/event-driven/runbooks.es.md +79 -0
  456. package/rulesets/topologies/event-driven/runbooks.md +79 -0
  457. package/rulesets/topologies/event-driven/security.es.md +59 -0
  458. package/rulesets/topologies/event-driven/security.md +59 -0
  459. package/rulesets/topologies/event-driven/topology.config.schema.json +30 -0
  460. package/rulesets/topologies/event-driven/topology.manifest.json +109 -0
  461. package/rulesets/topologies/progressive-axis/distributed-modules/distributed-modules.rules.es.json +111 -0
  462. package/rulesets/topologies/progressive-axis/distributed-modules/distributed-modules.rules.json +111 -0
  463. package/rulesets/topologies/progressive-axis/microservices/microservices.rules.es.json +106 -0
  464. package/rulesets/topologies/progressive-axis/microservices/microservices.rules.json +106 -0
  465. package/rulesets/topologies/progressive-axis/modular-monolith/modular-monolith.rules.es.json +148 -0
  466. package/rulesets/topologies/progressive-axis/modular-monolith/modular-monolith.rules.json +148 -0
  467. package/rulesets/topologies/serverless/README.es.md +74 -0
  468. package/rulesets/topologies/serverless/README.md +74 -0
  469. package/rulesets/topologies/serverless/adoption.es.md +50 -0
  470. package/rulesets/topologies/serverless/adoption.md +50 -0
  471. package/rulesets/topologies/serverless/cli/cli-flows.es.md +41 -0
  472. package/rulesets/topologies/serverless/cli/cli-flows.md +53 -0
  473. package/rulesets/topologies/serverless/evidence.es.md +66 -0
  474. package/rulesets/topologies/serverless/evidence.md +66 -0
  475. package/rulesets/topologies/serverless/evolution.es.md +36 -0
  476. package/rulesets/topologies/serverless/evolution.md +36 -0
  477. package/rulesets/topologies/serverless/fixtures/invalid.topology.config.json +6 -0
  478. package/rulesets/topologies/serverless/fixtures/valid.topology.config.json +6 -0
  479. package/rulesets/topologies/serverless/maturity.es.md +36 -0
  480. package/rulesets/topologies/serverless/maturity.md +36 -0
  481. package/rulesets/topologies/serverless/mcp/mcp-manifest.json +72 -0
  482. package/rulesets/topologies/serverless/openapi/openapi.yaml +186 -0
  483. package/rulesets/topologies/serverless/operations.es.md +36 -0
  484. package/rulesets/topologies/serverless/operations.md +36 -0
  485. package/rulesets/topologies/serverless/parity-fixtures/compliant.json +13 -0
  486. package/rulesets/topologies/serverless/parity-fixtures/violation.json +15 -0
  487. package/rulesets/topologies/serverless/patterns.es.md +36 -0
  488. package/rulesets/topologies/serverless/patterns.md +36 -0
  489. package/rulesets/topologies/serverless/resilience.es.md +36 -0
  490. package/rulesets/topologies/serverless/resilience.md +36 -0
  491. package/rulesets/topologies/serverless/runbooks.es.md +68 -0
  492. package/rulesets/topologies/serverless/runbooks.md +68 -0
  493. package/rulesets/topologies/serverless/security.es.md +36 -0
  494. package/rulesets/topologies/serverless/security.md +36 -0
  495. package/rulesets/topologies/serverless/serverless.rego +32 -0
  496. package/rulesets/topologies/serverless/serverless.rules.json +33 -0
  497. package/rulesets/topologies/serverless/serverless.test.rego +28 -0
  498. package/rulesets/topologies/serverless/serverless.wasm +0 -0
  499. package/rulesets/topologies/serverless/topology.config.schema.json +28 -0
  500. package/rulesets/topologies/serverless/topology.manifest.json +114 -0
package/rulesets/acl/anti-corruption-layer.rules.json ADDED
@@ -0,0 +1,99 @@
1
+ {
2
+ "$schema": "../schema/ruleset-standard.schema.json",
3
+ "$id": "https://evolith.dev/rulesets/acl/anti-corruption-layer.rules.json",
4
+ "title": "Anti-Corruption Layer (ACL) Rules",
5
+ "description": "Rules governing integration with external systems (Jira, Trello, Linear, GitHub, Confluence). ACLs normalize and validate external data against Core artifacts, preventing external chaos from contaminating Evolith governance.",
6
+ "version": "1.0.0",
7
+ "effectiveDate": "2026-06-06",
8
+ "scope": "all",
9
+ "category": "anti-corruption",
10
+ "principles": [
11
+ {
12
+ "id": "ACL-01",
13
+ "principle": "Schema Validation Before Ingestion",
14
+ "statement": "All external data ingested into a satellite product MUST be validated against Evolith Core schemas before entering the governance model. Unvalidated data MUST be rejected.",
15
+ "rationale": "Without schema validation, external systems can introduce non-compliant entities that violate Core definitions. ACL acts as the gatekeeper.",
16
+ "severity": "MUST",
17
+ "validationQuery": "ACL implementation validates incoming payloads against Core JSON schemas (evolith-yaml.schema.json, artifact schemas). Invalid payloads return error and are logged.",
18
+ "blocking": true,
19
+ "references": [
20
+ "reference/governance/standards/vision/evolith-product-vision-master.md#32-anticorruption-layers-acls"
21
+ ]
22
+ },
23
+ {
24
+ "id": "ACL-02",
25
+ "principle": "Transformation Traceability",
26
+ "statement": "Every transformation applied to external data MUST preserve traceability to the original external source entity. Audit trail MUST be maintained.",
27
+ "rationale": "When data is normalized, the original source must remain traceable for debugging, compliance, and impact analysis. Transformations without traceability create invisible data mutations.",
28
+ "severity": "MUST",
29
+ "validationQuery": "ACL transformation logs record: externalSourceId, externalSystem, transformationType, transformedToEntityId, timestamp. Logs retained per data retention policy.",
30
+ "blocking": true,
31
+ "references": [
32
+ "reference/governance/standards/vision/evolith-product-vision-master.md#32-anticorruption-layers-acls"
33
+ ]
34
+ },
35
+ {
36
+ "id": "ACL-03",
37
+ "principle": "Reject Non-Compliant Data",
38
+ "statement": "Non-compliant data MUST be rejected, not normalized or silently adapted. ACL implementations MUST NOT perform silent data transformation to make external data fit Core schemas.",
39
+ "rationale": "Silent normalization hides governance gaps and creates technical debt. Rejection forces upstream systems to fix data quality at the source.",
40
+ "severity": "MUST",
41
+ "validationQuery": "ACL rejects non-compliant payloads with explicit error message identifying: field, expected format, actual value, external system origin. Rejection events are counted in governance metrics.",
42
+ "blocking": true,
43
+ "references": [
44
+ "reference/governance/standards/vision/evolith-product-vision-master.md#32-anticorruption-layers-acls"
45
+ ]
46
+ },
47
+ {
48
+ "id": "ACL-04",
49
+ "principle": "ACL Version Synchronization with Core",
50
+ "statement": "ACL implementations MUST be versioned alongside Evolith Core evolution. When Core schemas change, all ACL implementations MUST update before or at the same release.",
51
+ "rationale": "Version drift between ACL and Core creates incompatibility where external data appears valid but fails governance rules. ACL and Core must evolve in lock-step.",
52
+ "severity": "MUST",
53
+ "validationQuery": "ACL implementation declares coreCompatibilityVersion in its metadata. Validator checks ACL version is compatible with Core pinned version in evolith.yaml.",
54
+ "blocking": true,
55
+ "references": [
56
+ "reference/governance/standards/vision/evolith-product-vision-master.md#32-anticorruption-layers-acls"
57
+ ]
58
+ },
59
+ {
60
+ "id": "ACL-05",
61
+ "principle": "Explicit Contract Required",
62
+ "statement": "Integration with external systems MUST use explicit contracts (API specs, webhook payloads, export schemas) documented and reviewed against Core definitions before implementation.",
63
+ "rationale": "Ad-hoc integrations without contracts create implicit dependencies that break silently when external systems change.",
64
+ "severity": "SHOULD",
65
+ "validationQuery": "ACL integration documentation includes: externalSystem, contractVersion, mappedCoreEntities, transformationMatrix. Contract reviewed by Architecture Board if touching multiple bounded contexts.",
66
+ "blocking": false,
67
+ "references": [
68
+ "reference/governance/standards/vision/evolith-product-vision-master.md#32-anticorruption-layers-acls"
69
+ ]
70
+ },
71
+ {
72
+ "id": "ACL-06",
73
+ "principle": "Isolate External Dependencies",
74
+ "statement": "ACL implementations MUST be isolated from domain logic. ACL code lives in Infrastructure/Adapters layer, never in Domain entities or application services.",
75
+ "rationale": "Domain purity requires zero external system references. ACL is the translation layer that keeps the Domain clean.",
76
+ "severity": "MUST",
77
+ "validationQuery": "Code analysis shows no imports from Jira, Trello, Linear, or similar external SDKs in Domain layer. ACL implementations are in /adapters or /infrastructure folders only.",
78
+ "blocking": true,
79
+ "references": [
80
+ "rulesets/adr/adr-0002-hexagonal-architecture.rules.json",
81
+ "reference/architecture/adrs/core/0002-hexagonal-architecture.md"
82
+ ]
83
+ }
84
+ ],
85
+ "governance": {
86
+ "complianceVerification": "ACL rules verified by impact-analysis-synchronizer.mjs during pre-commit when ACL directory or external integration files change.",
87
+ "exceptionProcess": "Architecture Board exception required for any ACL that performs silent normalization (violates ACL-03). Exception documents business justification and data quality remediation plan.",
88
+ "metrics": [
89
+ "acl.rejected.count — rejected payload count per external system",
90
+ "acl.transformed.count — successful transformations per entity type",
91
+ "acl.version.drift — Core vs ACL version delta",
92
+ "acl.integration.count — number of active external integrations"
93
+ ]
94
+ },
95
+ "bilingual": {
96
+ "en": "Anti-Corruption Layer (ACL) Rules",
97
+ "es": "Reglas de Capa Anti-Corrupción (ACL)"
98
+ }
99
+ }
package/rulesets/adr/ADR_COVERAGE.es.md ADDED
@@ -0,0 +1,133 @@
1
+ # Cobertura ADR → Ruleset
2
+
3
+ Índice generado automáticamente que mapea cada ADR a su ruleset ejecutable o advisory. **No editar a mano** — regenerar con `node .harness/scripts/generate-adr-coverage.mjs`.
4
+
5
+ ## Totales
6
+
7
+ | | |
8
+ |---|---|
9
+ | ADRs totales | 115 |
10
+ | Artesanales (handcrafted) | 7 |
11
+ | Generados ejecutables (executable) | 79 |
12
+ | Generados advisory | 29 |
13
+ | Cobertura | **100.0%** |
14
+
15
+ **Enforcement**: `handcrafted` = ruleset artesanal; `executable` = reglas verificables por máquina (lint/CI/análisis estático); `advisory` = decisión de diseño, requiere atestación manual.
16
+
17
+ | ADR ID | Track | Título | Status | Enforcement | Ruleset |
18
+ |---|---|---|---|---|---|
19
+ | ADR-0001 | ai-augmented | Harness Engineering for AI-Augmented Development | Accepted | executable | `rulesets/adr/generated/adr-ai-augmented-0001-harness-engineering-for-ai-augmented-development.rules.json` |
20
+ | ADR-0002 | ai-augmented | MCP Integration Protocol for Agent Tool Invocation | Accepted | executable | `rulesets/adr/generated/adr-ai-augmented-0002-mcp-integration-protocol-for-agent-tool-invocation.rules.json` |
21
+ | ADR-0003 | ai-augmented | Model Selection Governance for AI-Augmented Workflows | Accepted | executable | `rulesets/adr/generated/adr-ai-augmented-0003-model-selection-governance-for-ai-augmented-workflows.rules.json` |
22
+ | ADR-0004 | ai-augmented | AGENTS.md as Mandatory Repository Artifact | Accepted | executable | `rulesets/adr/generated/adr-ai-augmented-0004-agents-md-as-mandatory-repository-artifact.rules.json` |
23
+ | ADR-0005 | ai-augmented | Human-in-the-Loop Policy for Autonomous Agent Operations | Accepted | executable | `rulesets/adr/generated/adr-ai-augmented-0005-human-in-the-loop-policy-for-autonomous-agent-operations.rules.json` |
24
+ | ADR-0042 | android | Canonical Android Native Mobile Architecture | Approved | executable | `rulesets/adr/generated/adr-android-0042-canonical-android-native-mobile-architecture.rules.json` |
25
+ | ADR-0001 | core | Monorepo Orchestration Principle | Approved | executable | `rulesets/adr/generated/adr-0001-monorepo-orchestration-principle.rules.json` |
26
+ | ADR-0005 | core | Automated SAST Quality Gates in CI/CD | Approved | handcrafted | `rulesets/adr/adr-0005-cicd-quality-gates.rules.json` |
27
+ | ADR-0006 | core | Microservices Transition via Sidecar Pattern | Approved - Backlog (Phase 3 Milestone) | executable | `rulesets/adr/generated/adr-0006-microservices-transition-via-sidecar-pattern.rules.json` |
28
+ | ADR-0009 | core | Strict Dependency Pinning and Automated Vulnerability Management | Approved | executable | `rulesets/adr/generated/adr-0009-strict-dependency-pinning-and-automated-vulnerability-manage.rules.json` |
29
+ | ADR-0010 | core | Multi-Tenancy Architecture Strategy for SaaS Evolution | Approved | handcrafted | `rulesets/adr/adr-0010-multi-tenancy.rules.json` |
30
+ | ADR-0011 | core | Fault Tolerance and Resiliency Patterns | Approved | executable | `rulesets/adr/generated/adr-0011-fault-tolerance-and-resiliency-patterns.rules.json` |
31
+ | ADR-0013 | core | Cloud Infrastructure Topology and Disaster Recovery (DR) | Approved | advisory | `rulesets/adr/generated/adr-0013-cloud-infrastructure-topology-and-disaster-recovery-dr.rules.json` |
32
+ | ADR-0014 | core | Multi-Layer Distributed Caching Strategy | Approved | executable | `rulesets/adr/generated/adr-0014-multi-layer-distributed-caching-strategy.rules.json` |
33
+ | ADR-0015 | core | Event-Driven Architecture (EDA) for Intra-Domain Communication | Approved | executable | `rulesets/adr/generated/adr-0015-event-driven-architecture-eda-for-intra-domain-communication.rules.json` |
34
+ | ADR-0016 | core | Immutable Business Audit Trail and Change Tracking | Approved | executable | `rulesets/adr/generated/adr-0016-immutable-business-audit-trail-and-change-tracking.rules.json` |
35
+ | ADR-0017 | core | Feature Flagging Strategy for Progressive Delivery | Approved | advisory | `rulesets/adr/generated/adr-0017-feature-flagging-strategy-for-progressive-delivery.rules.json` |
36
+ | ADR-0018 | core | Testing Pyramid and Automated Quality Gates | Approved | handcrafted | `rulesets/adr/adr-0018-testing-pyramid.rules.json` |
37
+ | ADR-0019 | core | Tactical Design Patterns for Future-Proofing | Approved | executable | `rulesets/adr/generated/adr-0019-tactical-design-patterns-for-future-proofing.rules.json` |
38
+ | ADR-0020 | core | Identity Provider Abstraction Strategy | Approved | advisory | `rulesets/adr/generated/adr-0020-identity-provider-abstraction-strategy.rules.json` |
39
+ | ADR-0024 | core | Centralized Configuration & Feature Platform | Approved | advisory | `rulesets/adr/generated/adr-0024-centralized-configuration-feature-platform.rules.json` |
40
+ | ADR-0025 | core | Feature Flag Provider Abstraction Strategy | Approved | executable | `rulesets/adr/generated/adr-0025-feature-flag-provider-abstraction-strategy.rules.json` |
41
+ | ADR-0028 | core | Self-Hosted, Open-Source Hybrid Infrastructure | Approved | executable | `rulesets/adr/generated/adr-0028-self-hosted-open-source-hybrid-infrastructure.rules.json` |
42
+ | ADR-0030 | core | Two-Tier Distributed Gateway Model | Approved | advisory | `rulesets/adr/generated/adr-0030-two-tier-distributed-gateway-model.rules.json` |
43
+ | ADR-0031 | core | Schema-per-Bounded-Context and Domain Event Catalog | Approved | executable | `rulesets/adr/generated/adr-0031-schema-per-bounded-context-and-domain-event-catalog.rules.json` |
44
+ | ADR-0032 | core | API Protocol Selection Matrix (REST vs gRPC vs GraphQL) | Approved | handcrafted | `rulesets/adr/adr-0032-protocol-selection.rules.json` |
45
+ | ADR-0033 | core | Transactional Outbox Pattern for Async Messaging | Proposed (Approved via Maturity Roadmap) | advisory | `rulesets/adr/generated/adr-0033-transactional-outbox-pattern-for-async-messaging.rules.json` |
46
+ | ADR-0034 | core | CQRS Pattern Application Matrix | Approved | executable | `rulesets/adr/generated/adr-0034-cqrs-pattern-application-matrix.rules.json` |
47
+ | ADR-0035 | core | Distributed Saga Pattern Implementation Strategy | Approved | executable | `rulesets/adr/generated/adr-0035-distributed-saga-pattern-implementation-strategy.rules.json` |
48
+ | ADR-0036 | core | Message Bus Delivery & Flow Control Strategy | Approved | executable | `rulesets/adr/generated/adr-0036-message-bus-delivery-flow-control-strategy.rules.json` |
49
+ | ADR-0037 | core | Enterprise Performance, Concurrency & Chaos Verification Strategy | Approved | advisory | `rulesets/adr/generated/adr-0037-enterprise-performance-concurrency-chaos-verification-strate.rules.json` |
50
+ | ADR-0039 | core | Deployment Topology Abstraction & Environment Switcher | Approved | executable | `rulesets/adr/generated/adr-0039-deployment-topology-abstraction-environment-switcher.rules.json` |
51
+ | ADR-0040 | core | Multi-Runtime Selection Matrix & Inter-Runtime Contracts | Approved | handcrafted | `rulesets/adr/adr-0040-multi-runtime.rules.json` |
52
+ | ADR-0041 | core | Dual-Engine Policy Evaluation (Native + OPA) | Accepted | executable | `rulesets/adr/generated/adr-0041-dual-engine-policy-evaluation-native-opa.rules.json` |
53
+ | ADR-0044 | core | Configurable Security Persistence Strategy (Agnosticism vs. Native RLS) | Proposed | executable | `rulesets/adr/generated/adr-0044-configurable-security-persistence-strategy-agnosticism-vs-na.rules.json` |
54
+ | ADR-0045 | core | Microservice Extraction Readiness Criteria | Approved | executable | `rulesets/adr/generated/adr-0045-microservice-extraction-readiness-criteria.rules.json` |
55
+ | ADR-0046 | core | Unified Traceability via W3C TraceContext | Approved | executable | `rulesets/adr/generated/adr-0046-unified-traceability-via-w3c-tracecontext.rules.json` |
56
+ | ADR-0047 | core | Progressive Architecture Evolution Framework: Modular Monolith → Microservices | Approved | executable | `rulesets/adr/generated/adr-0047-progressive-architecture-evolution-framework-modular-monolit.rules.json` |
57
+ | ADR-0048 | core | Enterprise Taxonomy Standardization and Reference Layout | Accepted | executable | `rulesets/adr/generated/adr-0048-enterprise-taxonomy-standardization-and-reference-layout.rules.json` |
58
+ | ADR-0049 | core | Naming Semantics & Clean Code Policy (E2E and Global) | Accepted | executable | `rulesets/adr/generated/adr-0049-naming-semantics-clean-code-policy-e2e-and-global.rules.json` |
59
+ | ADR-0050 | core | Gitflow Branching Strategy Standardization | Accepted | handcrafted | `rulesets/adr/adr-0050-gitflow-branching.rules.json` |
60
+ | ADR-0051 | core | Enterprise Database Engine Selection Strategy | Approved | executable | `rulesets/adr/generated/adr-0051-enterprise-database-engine-selection-strategy.rules.json` |
61
+ | ADR-0052 | core | Unit Testing Isolation Strategy (Mocks vs Stubs) | Approved | executable | `rulesets/adr/generated/adr-0052-unit-testing-isolation-strategy-mocks-vs-stubs.rules.json` |
62
+ | ADR-0053 | core | Integration and E2E Testing Strategy | Approved | executable | `rulesets/adr/generated/adr-0053-integration-and-e2e-testing-strategy.rules.json` |
63
+ | ADR-0054 | core | Database Design and Normalization Standards | Approved | executable | `rulesets/adr/generated/adr-0054-database-design-and-normalization-standards.rules.json` |
64
+ | ADR-0055 | core | Microfrontends Architecture Strategy | Proposed (Phase 3 Readiness) | executable | `rulesets/adr/generated/adr-0055-microfrontends-architecture-strategy.rules.json` |
65
+ | ADR-0056 | core | Enterprise Naming & Design Conventions - Multi-Language, Multi-Platform | Accepted — extends and expands the scope of ADR-0049 (Naming Semantics & Clean Code Policy) to all layers of the enterprise ecosystem (code, API, database, events, data warehouse, DDD tactical patterns). | executable | `rulesets/adr/generated/adr-0056-enterprise-naming-design-conventions-multi-language-multi-pl.rules.json` |
66
+ | ADR-0057 | core | Architecture Intelligence Catalog | Accepted | advisory | `rulesets/adr/generated/adr-0057-architecture-intelligence-catalog.rules.json` |
67
+ | ADR-0058 | core | AI-Consumable Architecture Knowledge | Accepted | advisory | `rulesets/adr/generated/adr-0058-ai-consumable-architecture-knowledge.rules.json` |
68
+ | ADR-0067 | core | Modular Monolith Persistence Boundaries | Accepted | executable | `rulesets/adr/generated/adr-0067-modular-monolith-persistence-boundaries.rules.json` |
69
+ | ADR-0068 | core | Documentation Release GitFlow | Proposed | executable | `rulesets/adr/generated/adr-0068-documentation-release-gitflow.rules.json` |
70
+ | ADR-0069 | core | AI Agent Context Protocol Integration | Approved | advisory | `rulesets/adr/generated/adr-0069-ai-agent-context-protocol-integration.rules.json` |
71
+ | ADR-0070 | core | Lean Root Repository Taxonomy | Accepted | executable | `rulesets/adr/generated/adr-0070-lean-root-repository-taxonomy.rules.json` |
72
+ | ADR-0071 | core | Domain Layer Base Class and Inheritance Strategy | Accepted | executable | `rulesets/adr/generated/adr-0071-domain-layer-base-class-and-inheritance-strategy.rules.json` |
73
+ | ADR-0072 | core | UTC Date Storage, Browser Timezone Detection, and Language Resolution | Accepted | executable | `rulesets/adr/generated/adr-0072-utc-date-storage-browser-timezone-detection-and-language-res.rules.json` |
74
+ | ADR-0073 | core | Unified CLI/MCP Output Contract and Gate Evidence Schema | Approved — Evolith Architecture Board, 2026-06-10. Closes GT-01. | executable | `rulesets/adr/generated/adr-0073-unified-cli-mcp-output-contract-and-gate-evidence-schema.rules.json` |
75
+ | ADR-0074 | core | Evolith Core API Native Exposure Layer | Approved — Evolith Architecture Board, 2026-06-13. | executable | `rulesets/adr/generated/adr-0074-evolith-core-api-native-exposure-layer.rules.json` |
76
+ | ADR-0075 | core | Core API Authentication Strategy | Superseded by ADR-0080 | advisory | `rulesets/adr/generated/adr-0075-core-api-authentication-strategy.rules.json` |
77
+ | ADR-0076 | core | Domain-Oriented Microservice Architecture (DOMA) | Approved — Evolith Architecture Board, 2026-06-14. | advisory | `rulesets/adr/generated/adr-0076-domain-oriented-microservice-architecture-doma.rules.json` |
78
+ | ADR-0077 | core | MassTransit v9 Commercial Pivot — Stay on v8, Monitor OpenTransit | Approved — Evolith Architecture Board, 2026-06-15. | advisory | `rulesets/adr/generated/adr-0077-masstransit-v9-commercial-pivot-stay-on-v8-monitor-opentrans.rules.json` |
79
+ | ADR-0078 | core | Domain Financial Separation Governance | Accepted | executable | `rulesets/adr/generated/adr-0078-domain-financial-separation-governance.rules.json` |
80
+ | ADR-0079 | core | Multi-Topology Reference Corpus and Topology Manifest Contract | Approved — Evolith Architecture Board, 2026-06-18. | executable | `rulesets/adr/generated/adr-0079-multi-topology-reference-corpus-and-topology-manifest-contra.rules.json` |
81
+ | ADR-0080 | core | Remote Repository Reference Contract | Approved — Evolith Architecture Board, 2026-06-19. | executable | `rulesets/adr/generated/adr-0080-remote-repository-reference-contract.rules.json` |
82
+ | ADR-0081 | core | Agentic AI Sandbox Isolation Boundary | Accepted | executable | `rulesets/adr/generated/adr-0081-agentic-ai-sandbox-isolation-boundary.rules.json` |
83
+ | ADR-0082 | core | Agentic AI Prompt, Context, and Tool Trust Boundary | Accepted | advisory | `rulesets/adr/generated/adr-0082-agentic-ai-prompt-context-and-tool-trust-boundary.rules.json` |
84
+ | ADR-0083 | core | Agentic AI Action Authorization and Audit | Accepted | executable | `rulesets/adr/generated/adr-0083-agentic-ai-action-authorization-and-audit.rules.json` |
85
+ | ADR-0084 | core | Data Mesh and Data as a Product | Accepted | executable | `rulesets/adr/generated/adr-0084-data-mesh-and-data-as-a-product.rules.json` |
86
+ | ADR-0085 | core | Agnostic OPA Wasm Distribution Architecture | Accepted | executable | `rulesets/adr/generated/adr-0085-agnostic-opa-wasm-distribution-architecture.rules.json` |
87
+ | ADR-0086 | core | Agentic AI Telemetry & Cost Control Standard | Accepted | advisory | `rulesets/adr/generated/adr-0086-agentic-ai-telemetry-cost-control-standard.rules.json` |
88
+ | ADR-0087 | core | Attribute-Based Access Control (ABAC) for Agentic Tool Execution | Accepted | executable | `rulesets/adr/generated/adr-0087-attribute-based-access-control-abac-for-agentic-tool-executi.rules.json` |
89
+ | ADR-0088 | core | Sovereign Identity for Agentic AI | Accepted | executable | `rulesets/adr/generated/adr-0088-sovereign-identity-for-agentic-ai.rules.json` |
90
+ | ADR-0089 | core | Event-Driven Agentic Workflow Pattern | Accepted | advisory | `rulesets/adr/generated/adr-0089-event-driven-agentic-workflow-pattern.rules.json` |
91
+ | ADR-0090 | core | RAG Knowledge Governance Standard | Accepted | executable | `rulesets/adr/generated/adr-0090-rag-knowledge-governance-standard.rules.json` |
92
+ | ADR-0091 | core | Workload Identity Token Rotation Standard | Accepted | executable | `rulesets/adr/generated/adr-0091-workload-identity-token-rotation-standard.rules.json` |
93
+ | ADR-0092 | core | Agent Infinite Loop Prevention and Circuit Breaker Rules | Accepted | executable | `rulesets/adr/generated/adr-0092-agent-infinite-loop-prevention-and-circuit-breaker-rules.rules.json` |
94
+ | ADR-0093 | core | Concurrency Control and Resource Locking Standard for MCP Tools | Accepted | executable | `rulesets/adr/generated/adr-0093-concurrency-control-and-resource-locking-standard-for-mcp-to.rules.json` |
95
+ | ADR-0094 | core | Multi-Agent Handoff and Task Delegation Standards | Accepted | executable | `rulesets/adr/generated/adr-0094-multi-agent-handoff-and-task-delegation-standards.rules.json` |
96
+ | ADR-0095 | core | Serverless Architecture Governance | Accepted | executable | `rulesets/adr/generated/adr-0095-serverless-architecture-governance.rules.json` |
97
+ | ADR-0096 | core | Edge Computing Architecture Governance | Accepted | executable | `rulesets/adr/generated/adr-0096-edge-computing-architecture-governance.rules.json` |
98
+ | ADR-0097 | core | Knowledge Lifecycle Governance Standard | Accepted | executable | `rulesets/adr/generated/adr-0097-knowledge-lifecycle-governance-standard.rules.json` |
99
+ | ADR-0098 | core | REST URI Versioning and Deprecation Policy | Accepted | executable | `rulesets/adr/generated/adr-0098-rest-uri-versioning-and-deprecation-policy.rules.json` |
100
+ | ADR-0099 | core | OPA Bundle Distribution via S3 (MinIO) | Superseded by ADR 0085 | advisory | `rulesets/adr/generated/adr-0099-opa-bundle-distribution-via-s3-minio.rules.json` |
101
+ | ADR-0041 | dotnet | Canonical .NET (C#) Backend Architecture | Approved | executable | `rulesets/adr/generated/adr-dotnet-0041-canonical-net-c-backend-architecture.rules.json` |
102
+ | ADR-0060 | dotnet | .NET Multi-Tenancy Dual-Layer Strategy (EF Core & SQL Server) | Proposed | executable | `rulesets/adr/generated/adr-dotnet-0060-net-multi-tenancy-dual-layer-strategy-ef-core-sql-server.rules.json` |
103
+ | ADR-0061 | dotnet | Transactional Event Lifecycle in EF Core | Proposed | advisory | `rulesets/adr/generated/adr-dotnet-0061-transactional-event-lifecycle-in-ef-core.rules.json` |
104
+ | ADR-0062 | dotnet | .NET Immutable Audit Trail via DDL Triggers & Delta Capture | Proposed | executable | `rulesets/adr/generated/adr-dotnet-0062-net-immutable-audit-trail-via-ddl-triggers-delta-capture.rules.json` |
105
+ | ADR-0063 | dotnet | B2B Request Idempotency Middleware in ASP.NET Core | Proposed | advisory | `rulesets/adr/generated/adr-dotnet-0063-b2b-request-idempotency-middleware-in-asp-net-core.rules.json` |
106
+ | ADR-0064 | dotnet | .NET Request-Scope Observability Context Propagation | Accepted | executable | `rulesets/adr/generated/adr-dotnet-0064-net-request-scope-observability-context-propagation.rules.json` |
107
+ | ADR-0065 | dotnet | .NET PII-Safe Structured Logging Pipeline (Serilog) | Accepted | executable | `rulesets/adr/generated/adr-dotnet-0065-net-pii-safe-structured-logging-pipeline-serilog.rules.json` |
108
+ | ADR-0066 | dotnet | .NET Lightweight HTTP Idempotency via IMemoryCache / IDistributedCache | Accepted | advisory | `rulesets/adr/generated/adr-dotnet-0066-net-lightweight-http-idempotency-via-imemorycache-idistribut.rules.json` |
109
+ | ADR-0069 | dotnet | .NET gRPC Service Setup & Protobuf Contracts | Proposed | executable | `rulesets/adr/generated/adr-dotnet-0069-net-grpc-service-setup-protobuf-contracts.rules.json` |
110
+ | ADR-0070 | dotnet | .NET API Endpoint Strategy | Proposed | executable | `rulesets/adr/generated/adr-dotnet-0070-net-api-endpoint-strategy.rules.json` |
111
+ | ADR-0071 | dotnet | .NET Data Access Strategy — EF Core as Default ORM, Dapper for Optimized Reads | \| Field \| Value \| | advisory | `rulesets/adr/generated/adr-dotnet-0071-net-data-access-strategy-ef-core-as-default-orm-dapper-for-o.rules.json` |
112
+ | ADR-0072 | dotnet | .NET AOP Cross-Cutting Concern Strategy — DispatchProxy over Pipeline Behaviors | Accepted | executable | `rulesets/adr/generated/adr-dotnet-0072-net-aop-cross-cutting-concern-strategy-dispatchproxy-over-pi.rules.json` |
113
+ | ADR-0002 | nodejs | Clean Hexagonal Architecture with NestJS | Approved | handcrafted | `rulesets/adr/adr-0002-hexagonal-architecture.rules.json` |
114
+ | ADR-0003 | nodejs | Strict TypeScript Standards | Approved | executable | `rulesets/adr/generated/adr-nodejs-0003-strict-typescript-standards.rules.json` |
115
+ | ADR-0004 | nodejs | Frontend Offline Resilience | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0004-frontend-offline-resilience.rules.json` |
116
+ | ADR-0007 | nodejs | Observability with OpenTelemetry, Loki, and Jaeger | Approved | executable | `rulesets/adr/generated/adr-nodejs-0007-observability-with-opentelemetry-loki-and-jaeger.rules.json` |
117
+ | ADR-0008 | nodejs | Progressive Multi-Module Evolution with API Gateway and BFF Patterns | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0008-progressive-multi-module-evolution-with-api-gateway-and-bff-.rules.json` |
118
+ | ADR-0012 | nodejs | Advanced Authorization (RBAC/ABAC) Strategy | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0012-advanced-authorization-rbac-abac-strategy.rules.json` |
119
+ | ADR-0021 | nodejs | High-Performance Authentication Graph Compilation | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0021-high-performance-authentication-graph-compilation.rules.json` |
120
+ | ADR-0022 | nodejs | Contextual Authentication and Pluggable Output Projections | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0022-contextual-authentication-and-pluggable-output-projections.rules.json` |
121
+ | ADR-0023 | nodejs | Centralized Authorization Core Strategy | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0023-centralized-authorization-core-strategy.rules.json` |
122
+ | ADR-0026 | nodejs | Adaptive MFA and Passwordless Platform | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0026-adaptive-mfa-and-passwordless-platform.rules.json` |
123
+ | ADR-0027 | nodejs | Dual-Protocol API Strategy (REST & gRPC) | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0027-dual-protocol-api-strategy-rest-grpc.rules.json` |
124
+ | ADR-0029 | nodejs | Adoption of Tactical DDD Primitives Library | Approved | executable | `rulesets/adr/generated/adr-nodejs-0029-adoption-of-tactical-ddd-primitives-library.rules.json` |
125
+ | ADR-0038 | nodejs | Enterprise Error Handling & Result Pattern Strategy | Approved | executable | `rulesets/adr/generated/adr-nodejs-0038-enterprise-error-handling-result-pattern-strategy.rules.json` |
126
+ | ADR-0043 | nodejs | Data Access and ORM Strategy for Node.js | Approved | executable | `rulesets/adr/generated/adr-nodejs-0043-data-access-and-orm-strategy-for-node-js.rules.json` |
127
+ | ADR-0044 | nodejs | Frontend Clean Architecture Layer Boundaries (React) | Accepted | executable | `rulesets/adr/generated/adr-nodejs-0044-frontend-clean-architecture-layer-boundaries-react.rules.json` |
128
+ | ADR-0045 | nodejs | Frontend State Management — Zustand + TanStack Query Dual Strategy | Accepted | executable | `rulesets/adr/generated/adr-nodejs-0045-frontend-state-management-zustand-tanstack-query-dual-strate.rules.json` |
129
+ | ADR-0046 | nodejs | Prohibition of Raw Technical Identifiers in User Interfaces | Accepted | executable | `rulesets/adr/generated/adr-nodejs-0046-prohibition-of-raw-technical-identifiers-in-user-interfaces.rules.json` |
130
+ | ADR-0047 | nodejs | Actionable User Error Contract and Correlated Diagnostics | Accepted | executable | `rulesets/adr/generated/adr-nodejs-0047-actionable-user-error-contract-and-correlated-diagnostics.rules.json` |
131
+ | ADR-0048 | nodejs | Feature Flag System Scope and Structured Criteria Model | Accepted | executable | `rulesets/adr/generated/adr-nodejs-0048-feature-flag-system-scope-and-structured-criteria-model.rules.json` |
132
+ | ADR-0074 | nodejs | Monorepo Orchestration with Nx | Approved | executable | `rulesets/adr/generated/adr-nodejs-0074-monorepo-orchestration-with-nx.rules.json` |
133
+ | ADR-0075 | nodejs | Application Gateway (BFF) with NestJS | Approved | executable | `rulesets/adr/generated/adr-nodejs-0075-application-gateway-bff-with-nestjs.rules.json` |
package/rulesets/adr/ADR_COVERAGE.md ADDED
@@ -0,0 +1,133 @@
1
+ # ADR → Ruleset Coverage
2
+
3
+ Auto-generated index mapping every ADR to its executable or advisory ruleset. **Do not edit by hand** — regenerate with `node .harness/scripts/generate-adr-coverage.mjs`.
4
+
5
+ ## Totals
6
+
7
+ | | |
8
+ |---|---|
9
+ | Total ADRs | 115 |
10
+ | Handcrafted | 7 |
11
+ | Generated executable | 79 |
12
+ | Generated advisory | 29 |
13
+ | Coverage | **100.0%** |
14
+
15
+ **Enforcement**: `handcrafted` = artisanal ruleset; `executable` = machine-verifiable rules (lint/CI/static analysis); `advisory` = design decision, manual attestation required.
16
+
17
+ | ADR ID | Track | Title | Status | Enforcement | Ruleset |
18
+ |---|---|---|---|---|---|
19
+ | ADR-0001 | ai-augmented | Harness Engineering for AI-Augmented Development | Accepted | executable | `rulesets/adr/generated/adr-ai-augmented-0001-harness-engineering-for-ai-augmented-development.rules.json` |
20
+ | ADR-0002 | ai-augmented | MCP Integration Protocol for Agent Tool Invocation | Accepted | executable | `rulesets/adr/generated/adr-ai-augmented-0002-mcp-integration-protocol-for-agent-tool-invocation.rules.json` |
21
+ | ADR-0003 | ai-augmented | Model Selection Governance for AI-Augmented Workflows | Accepted | executable | `rulesets/adr/generated/adr-ai-augmented-0003-model-selection-governance-for-ai-augmented-workflows.rules.json` |
22
+ | ADR-0004 | ai-augmented | AGENTS.md as Mandatory Repository Artifact | Accepted | executable | `rulesets/adr/generated/adr-ai-augmented-0004-agents-md-as-mandatory-repository-artifact.rules.json` |
23
+ | ADR-0005 | ai-augmented | Human-in-the-Loop Policy for Autonomous Agent Operations | Accepted | executable | `rulesets/adr/generated/adr-ai-augmented-0005-human-in-the-loop-policy-for-autonomous-agent-operations.rules.json` |
24
+ | ADR-0042 | android | Canonical Android Native Mobile Architecture | Approved | executable | `rulesets/adr/generated/adr-android-0042-canonical-android-native-mobile-architecture.rules.json` |
25
+ | ADR-0001 | core | Monorepo Orchestration Principle | Approved | executable | `rulesets/adr/generated/adr-0001-monorepo-orchestration-principle.rules.json` |
26
+ | ADR-0005 | core | Automated SAST Quality Gates in CI/CD | Approved | handcrafted | `rulesets/adr/adr-0005-cicd-quality-gates.rules.json` |
27
+ | ADR-0006 | core | Microservices Transition via Sidecar Pattern | Approved - Backlog (Phase 3 Milestone) | executable | `rulesets/adr/generated/adr-0006-microservices-transition-via-sidecar-pattern.rules.json` |
28
+ | ADR-0009 | core | Strict Dependency Pinning and Automated Vulnerability Management | Approved | executable | `rulesets/adr/generated/adr-0009-strict-dependency-pinning-and-automated-vulnerability-manage.rules.json` |
29
+ | ADR-0010 | core | Multi-Tenancy Architecture Strategy for SaaS Evolution | Approved | handcrafted | `rulesets/adr/adr-0010-multi-tenancy.rules.json` |
30
+ | ADR-0011 | core | Fault Tolerance and Resiliency Patterns | Approved | executable | `rulesets/adr/generated/adr-0011-fault-tolerance-and-resiliency-patterns.rules.json` |
31
+ | ADR-0013 | core | Cloud Infrastructure Topology and Disaster Recovery (DR) | Approved | advisory | `rulesets/adr/generated/adr-0013-cloud-infrastructure-topology-and-disaster-recovery-dr.rules.json` |
32
+ | ADR-0014 | core | Multi-Layer Distributed Caching Strategy | Approved | executable | `rulesets/adr/generated/adr-0014-multi-layer-distributed-caching-strategy.rules.json` |
33
+ | ADR-0015 | core | Event-Driven Architecture (EDA) for Intra-Domain Communication | Approved | executable | `rulesets/adr/generated/adr-0015-event-driven-architecture-eda-for-intra-domain-communication.rules.json` |
34
+ | ADR-0016 | core | Immutable Business Audit Trail and Change Tracking | Approved | executable | `rulesets/adr/generated/adr-0016-immutable-business-audit-trail-and-change-tracking.rules.json` |
35
+ | ADR-0017 | core | Feature Flagging Strategy for Progressive Delivery | Approved | advisory | `rulesets/adr/generated/adr-0017-feature-flagging-strategy-for-progressive-delivery.rules.json` |
36
+ | ADR-0018 | core | Testing Pyramid and Automated Quality Gates | Approved | handcrafted | `rulesets/adr/adr-0018-testing-pyramid.rules.json` |
37
+ | ADR-0019 | core | Tactical Design Patterns for Future-Proofing | Approved | executable | `rulesets/adr/generated/adr-0019-tactical-design-patterns-for-future-proofing.rules.json` |
38
+ | ADR-0020 | core | Identity Provider Abstraction Strategy | Approved | advisory | `rulesets/adr/generated/adr-0020-identity-provider-abstraction-strategy.rules.json` |
39
+ | ADR-0024 | core | Centralized Configuration & Feature Platform | Approved | advisory | `rulesets/adr/generated/adr-0024-centralized-configuration-feature-platform.rules.json` |
40
+ | ADR-0025 | core | Feature Flag Provider Abstraction Strategy | Approved | executable | `rulesets/adr/generated/adr-0025-feature-flag-provider-abstraction-strategy.rules.json` |
41
+ | ADR-0028 | core | Self-Hosted, Open-Source Hybrid Infrastructure | Approved | executable | `rulesets/adr/generated/adr-0028-self-hosted-open-source-hybrid-infrastructure.rules.json` |
42
+ | ADR-0030 | core | Two-Tier Distributed Gateway Model | Approved | advisory | `rulesets/adr/generated/adr-0030-two-tier-distributed-gateway-model.rules.json` |
43
+ | ADR-0031 | core | Schema-per-Bounded-Context and Domain Event Catalog | Approved | executable | `rulesets/adr/generated/adr-0031-schema-per-bounded-context-and-domain-event-catalog.rules.json` |
44
+ | ADR-0032 | core | API Protocol Selection Matrix (REST vs gRPC vs GraphQL) | Approved | handcrafted | `rulesets/adr/adr-0032-protocol-selection.rules.json` |
45
+ | ADR-0033 | core | Transactional Outbox Pattern for Async Messaging | Proposed (Approved via Maturity Roadmap) | advisory | `rulesets/adr/generated/adr-0033-transactional-outbox-pattern-for-async-messaging.rules.json` |
46
+ | ADR-0034 | core | CQRS Pattern Application Matrix | Approved | executable | `rulesets/adr/generated/adr-0034-cqrs-pattern-application-matrix.rules.json` |
47
+ | ADR-0035 | core | Distributed Saga Pattern Implementation Strategy | Approved | executable | `rulesets/adr/generated/adr-0035-distributed-saga-pattern-implementation-strategy.rules.json` |
48
+ | ADR-0036 | core | Message Bus Delivery & Flow Control Strategy | Approved | executable | `rulesets/adr/generated/adr-0036-message-bus-delivery-flow-control-strategy.rules.json` |
49
+ | ADR-0037 | core | Enterprise Performance, Concurrency & Chaos Verification Strategy | Approved | advisory | `rulesets/adr/generated/adr-0037-enterprise-performance-concurrency-chaos-verification-strate.rules.json` |
50
+ | ADR-0039 | core | Deployment Topology Abstraction & Environment Switcher | Approved | executable | `rulesets/adr/generated/adr-0039-deployment-topology-abstraction-environment-switcher.rules.json` |
51
+ | ADR-0040 | core | Multi-Runtime Selection Matrix & Inter-Runtime Contracts | Approved | handcrafted | `rulesets/adr/adr-0040-multi-runtime.rules.json` |
52
+ | ADR-0041 | core | Dual-Engine Policy Evaluation (Native + OPA) | Accepted | executable | `rulesets/adr/generated/adr-0041-dual-engine-policy-evaluation-native-opa.rules.json` |
53
+ | ADR-0044 | core | Configurable Security Persistence Strategy (Agnosticism vs. Native RLS) | Proposed | executable | `rulesets/adr/generated/adr-0044-configurable-security-persistence-strategy-agnosticism-vs-na.rules.json` |
54
+ | ADR-0045 | core | Microservice Extraction Readiness Criteria | Approved | executable | `rulesets/adr/generated/adr-0045-microservice-extraction-readiness-criteria.rules.json` |
55
+ | ADR-0046 | core | Unified Traceability via W3C TraceContext | Approved | executable | `rulesets/adr/generated/adr-0046-unified-traceability-via-w3c-tracecontext.rules.json` |
56
+ | ADR-0047 | core | Progressive Architecture Evolution Framework: Modular Monolith → Microservices | Approved | executable | `rulesets/adr/generated/adr-0047-progressive-architecture-evolution-framework-modular-monolit.rules.json` |
57
+ | ADR-0048 | core | Enterprise Taxonomy Standardization and Reference Layout | Accepted | executable | `rulesets/adr/generated/adr-0048-enterprise-taxonomy-standardization-and-reference-layout.rules.json` |
58
+ | ADR-0049 | core | Naming Semantics & Clean Code Policy (E2E and Global) | Accepted | executable | `rulesets/adr/generated/adr-0049-naming-semantics-clean-code-policy-e2e-and-global.rules.json` |
59
+ | ADR-0050 | core | Gitflow Branching Strategy Standardization | Accepted | handcrafted | `rulesets/adr/adr-0050-gitflow-branching.rules.json` |
60
+ | ADR-0051 | core | Enterprise Database Engine Selection Strategy | Approved | executable | `rulesets/adr/generated/adr-0051-enterprise-database-engine-selection-strategy.rules.json` |
61
+ | ADR-0052 | core | Unit Testing Isolation Strategy (Mocks vs Stubs) | Approved | executable | `rulesets/adr/generated/adr-0052-unit-testing-isolation-strategy-mocks-vs-stubs.rules.json` |
62
+ | ADR-0053 | core | Integration and E2E Testing Strategy | Approved | executable | `rulesets/adr/generated/adr-0053-integration-and-e2e-testing-strategy.rules.json` |
63
+ | ADR-0054 | core | Database Design and Normalization Standards | Approved | executable | `rulesets/adr/generated/adr-0054-database-design-and-normalization-standards.rules.json` |
64
+ | ADR-0055 | core | Microfrontends Architecture Strategy | Proposed (Phase 3 Readiness) | executable | `rulesets/adr/generated/adr-0055-microfrontends-architecture-strategy.rules.json` |
65
+ | ADR-0056 | core | Enterprise Naming & Design Conventions - Multi-Language, Multi-Platform | Accepted — extends and expands the scope of ADR-0049 (Naming Semantics & Clean Code Policy) to all layers of the enterprise ecosystem (code, API, database, events, data warehouse, DDD tactical patterns). | executable | `rulesets/adr/generated/adr-0056-enterprise-naming-design-conventions-multi-language-multi-pl.rules.json` |
66
+ | ADR-0057 | core | Architecture Intelligence Catalog | Accepted | advisory | `rulesets/adr/generated/adr-0057-architecture-intelligence-catalog.rules.json` |
67
+ | ADR-0058 | core | AI-Consumable Architecture Knowledge | Accepted | advisory | `rulesets/adr/generated/adr-0058-ai-consumable-architecture-knowledge.rules.json` |
68
+ | ADR-0067 | core | Modular Monolith Persistence Boundaries | Accepted | executable | `rulesets/adr/generated/adr-0067-modular-monolith-persistence-boundaries.rules.json` |
69
+ | ADR-0068 | core | Documentation Release GitFlow | Proposed | executable | `rulesets/adr/generated/adr-0068-documentation-release-gitflow.rules.json` |
70
+ | ADR-0069 | core | AI Agent Context Protocol Integration | Approved | advisory | `rulesets/adr/generated/adr-0069-ai-agent-context-protocol-integration.rules.json` |
71
+ | ADR-0070 | core | Lean Root Repository Taxonomy | Accepted | executable | `rulesets/adr/generated/adr-0070-lean-root-repository-taxonomy.rules.json` |
72
+ | ADR-0071 | core | Domain Layer Base Class and Inheritance Strategy | Accepted | executable | `rulesets/adr/generated/adr-0071-domain-layer-base-class-and-inheritance-strategy.rules.json` |
73
+ | ADR-0072 | core | UTC Date Storage, Browser Timezone Detection, and Language Resolution | Accepted | executable | `rulesets/adr/generated/adr-0072-utc-date-storage-browser-timezone-detection-and-language-res.rules.json` |
74
+ | ADR-0073 | core | Unified CLI/MCP Output Contract and Gate Evidence Schema | Approved — Evolith Architecture Board, 2026-06-10. Closes GT-01. | executable | `rulesets/adr/generated/adr-0073-unified-cli-mcp-output-contract-and-gate-evidence-schema.rules.json` |
75
+ | ADR-0074 | core | Evolith Core API Native Exposure Layer | Approved — Evolith Architecture Board, 2026-06-13. | executable | `rulesets/adr/generated/adr-0074-evolith-core-api-native-exposure-layer.rules.json` |
76
+ | ADR-0075 | core | Core API Authentication Strategy | Superseded by ADR-0080 | advisory | `rulesets/adr/generated/adr-0075-core-api-authentication-strategy.rules.json` |
77
+ | ADR-0076 | core | Domain-Oriented Microservice Architecture (DOMA) | Approved — Evolith Architecture Board, 2026-06-14. | advisory | `rulesets/adr/generated/adr-0076-domain-oriented-microservice-architecture-doma.rules.json` |
78
+ | ADR-0077 | core | MassTransit v9 Commercial Pivot — Stay on v8, Monitor OpenTransit | Approved — Evolith Architecture Board, 2026-06-15. | advisory | `rulesets/adr/generated/adr-0077-masstransit-v9-commercial-pivot-stay-on-v8-monitor-opentrans.rules.json` |
79
+ | ADR-0078 | core | Domain Financial Separation Governance | Accepted | executable | `rulesets/adr/generated/adr-0078-domain-financial-separation-governance.rules.json` |
80
+ | ADR-0079 | core | Multi-Topology Reference Corpus and Topology Manifest Contract | Approved — Evolith Architecture Board, 2026-06-18. | executable | `rulesets/adr/generated/adr-0079-multi-topology-reference-corpus-and-topology-manifest-contra.rules.json` |
81
+ | ADR-0080 | core | Remote Repository Reference Contract | Approved — Evolith Architecture Board, 2026-06-19. | executable | `rulesets/adr/generated/adr-0080-remote-repository-reference-contract.rules.json` |
82
+ | ADR-0081 | core | Agentic AI Sandbox Isolation Boundary | Accepted | executable | `rulesets/adr/generated/adr-0081-agentic-ai-sandbox-isolation-boundary.rules.json` |
83
+ | ADR-0082 | core | Agentic AI Prompt, Context, and Tool Trust Boundary | Accepted | advisory | `rulesets/adr/generated/adr-0082-agentic-ai-prompt-context-and-tool-trust-boundary.rules.json` |
84
+ | ADR-0083 | core | Agentic AI Action Authorization and Audit | Accepted | executable | `rulesets/adr/generated/adr-0083-agentic-ai-action-authorization-and-audit.rules.json` |
85
+ | ADR-0084 | core | Data Mesh and Data as a Product | Accepted | executable | `rulesets/adr/generated/adr-0084-data-mesh-and-data-as-a-product.rules.json` |
86
+ | ADR-0085 | core | Agnostic OPA Wasm Distribution Architecture | Accepted | executable | `rulesets/adr/generated/adr-0085-agnostic-opa-wasm-distribution-architecture.rules.json` |
87
+ | ADR-0086 | core | Agentic AI Telemetry & Cost Control Standard | Accepted | advisory | `rulesets/adr/generated/adr-0086-agentic-ai-telemetry-cost-control-standard.rules.json` |
88
+ | ADR-0087 | core | Attribute-Based Access Control (ABAC) for Agentic Tool Execution | Accepted | executable | `rulesets/adr/generated/adr-0087-attribute-based-access-control-abac-for-agentic-tool-executi.rules.json` |
89
+ | ADR-0088 | core | Sovereign Identity for Agentic AI | Accepted | executable | `rulesets/adr/generated/adr-0088-sovereign-identity-for-agentic-ai.rules.json` |
90
+ | ADR-0089 | core | Event-Driven Agentic Workflow Pattern | Accepted | advisory | `rulesets/adr/generated/adr-0089-event-driven-agentic-workflow-pattern.rules.json` |
91
+ | ADR-0090 | core | RAG Knowledge Governance Standard | Accepted | executable | `rulesets/adr/generated/adr-0090-rag-knowledge-governance-standard.rules.json` |
92
+ | ADR-0091 | core | Workload Identity Token Rotation Standard | Accepted | executable | `rulesets/adr/generated/adr-0091-workload-identity-token-rotation-standard.rules.json` |
93
+ | ADR-0092 | core | Agent Infinite Loop Prevention and Circuit Breaker Rules | Accepted | executable | `rulesets/adr/generated/adr-0092-agent-infinite-loop-prevention-and-circuit-breaker-rules.rules.json` |
94
+ | ADR-0093 | core | Concurrency Control and Resource Locking Standard for MCP Tools | Accepted | executable | `rulesets/adr/generated/adr-0093-concurrency-control-and-resource-locking-standard-for-mcp-to.rules.json` |
95
+ | ADR-0094 | core | Multi-Agent Handoff and Task Delegation Standards | Accepted | executable | `rulesets/adr/generated/adr-0094-multi-agent-handoff-and-task-delegation-standards.rules.json` |
96
+ | ADR-0095 | core | Serverless Architecture Governance | Accepted | executable | `rulesets/adr/generated/adr-0095-serverless-architecture-governance.rules.json` |
97
+ | ADR-0096 | core | Edge Computing Architecture Governance | Accepted | executable | `rulesets/adr/generated/adr-0096-edge-computing-architecture-governance.rules.json` |
98
+ | ADR-0097 | core | Knowledge Lifecycle Governance Standard | Accepted | executable | `rulesets/adr/generated/adr-0097-knowledge-lifecycle-governance-standard.rules.json` |
99
+ | ADR-0098 | core | REST URI Versioning and Deprecation Policy | Accepted | executable | `rulesets/adr/generated/adr-0098-rest-uri-versioning-and-deprecation-policy.rules.json` |
100
+ | ADR-0099 | core | OPA Bundle Distribution via S3 (MinIO) | Superseded by ADR 0085 | advisory | `rulesets/adr/generated/adr-0099-opa-bundle-distribution-via-s3-minio.rules.json` |
101
+ | ADR-0041 | dotnet | Canonical .NET (C#) Backend Architecture | Approved | executable | `rulesets/adr/generated/adr-dotnet-0041-canonical-net-c-backend-architecture.rules.json` |
102
+ | ADR-0060 | dotnet | .NET Multi-Tenancy Dual-Layer Strategy (EF Core & SQL Server) | Proposed | executable | `rulesets/adr/generated/adr-dotnet-0060-net-multi-tenancy-dual-layer-strategy-ef-core-sql-server.rules.json` |
103
+ | ADR-0061 | dotnet | Transactional Event Lifecycle in EF Core | Proposed | advisory | `rulesets/adr/generated/adr-dotnet-0061-transactional-event-lifecycle-in-ef-core.rules.json` |
104
+ | ADR-0062 | dotnet | .NET Immutable Audit Trail via DDL Triggers & Delta Capture | Proposed | executable | `rulesets/adr/generated/adr-dotnet-0062-net-immutable-audit-trail-via-ddl-triggers-delta-capture.rules.json` |
105
+ | ADR-0063 | dotnet | B2B Request Idempotency Middleware in ASP.NET Core | Proposed | advisory | `rulesets/adr/generated/adr-dotnet-0063-b2b-request-idempotency-middleware-in-asp-net-core.rules.json` |
106
+ | ADR-0064 | dotnet | .NET Request-Scope Observability Context Propagation | Accepted | executable | `rulesets/adr/generated/adr-dotnet-0064-net-request-scope-observability-context-propagation.rules.json` |
107
+ | ADR-0065 | dotnet | .NET PII-Safe Structured Logging Pipeline (Serilog) | Accepted | executable | `rulesets/adr/generated/adr-dotnet-0065-net-pii-safe-structured-logging-pipeline-serilog.rules.json` |
108
+ | ADR-0066 | dotnet | .NET Lightweight HTTP Idempotency via IMemoryCache / IDistributedCache | Accepted | advisory | `rulesets/adr/generated/adr-dotnet-0066-net-lightweight-http-idempotency-via-imemorycache-idistribut.rules.json` |
109
+ | ADR-0069 | dotnet | .NET gRPC Service Setup & Protobuf Contracts | Proposed | executable | `rulesets/adr/generated/adr-dotnet-0069-net-grpc-service-setup-protobuf-contracts.rules.json` |
110
+ | ADR-0070 | dotnet | .NET API Endpoint Strategy | Proposed | executable | `rulesets/adr/generated/adr-dotnet-0070-net-api-endpoint-strategy.rules.json` |
111
+ | ADR-0071 | dotnet | .NET Data Access Strategy — EF Core as Default ORM, Dapper for Optimized Reads | \| Field \| Value \| | advisory | `rulesets/adr/generated/adr-dotnet-0071-net-data-access-strategy-ef-core-as-default-orm-dapper-for-o.rules.json` |
112
+ | ADR-0072 | dotnet | .NET AOP Cross-Cutting Concern Strategy — DispatchProxy over Pipeline Behaviors | Accepted | executable | `rulesets/adr/generated/adr-dotnet-0072-net-aop-cross-cutting-concern-strategy-dispatchproxy-over-pi.rules.json` |
113
+ | ADR-0002 | nodejs | Clean Hexagonal Architecture with NestJS | Approved | handcrafted | `rulesets/adr/adr-0002-hexagonal-architecture.rules.json` |
114
+ | ADR-0003 | nodejs | Strict TypeScript Standards | Approved | executable | `rulesets/adr/generated/adr-nodejs-0003-strict-typescript-standards.rules.json` |
115
+ | ADR-0004 | nodejs | Frontend Offline Resilience | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0004-frontend-offline-resilience.rules.json` |
116
+ | ADR-0007 | nodejs | Observability with OpenTelemetry, Loki, and Jaeger | Approved | executable | `rulesets/adr/generated/adr-nodejs-0007-observability-with-opentelemetry-loki-and-jaeger.rules.json` |
117
+ | ADR-0008 | nodejs | Progressive Multi-Module Evolution with API Gateway and BFF Patterns | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0008-progressive-multi-module-evolution-with-api-gateway-and-bff-.rules.json` |
118
+ | ADR-0012 | nodejs | Advanced Authorization (RBAC/ABAC) Strategy | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0012-advanced-authorization-rbac-abac-strategy.rules.json` |
119
+ | ADR-0021 | nodejs | High-Performance Authentication Graph Compilation | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0021-high-performance-authentication-graph-compilation.rules.json` |
120
+ | ADR-0022 | nodejs | Contextual Authentication and Pluggable Output Projections | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0022-contextual-authentication-and-pluggable-output-projections.rules.json` |
121
+ | ADR-0023 | nodejs | Centralized Authorization Core Strategy | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0023-centralized-authorization-core-strategy.rules.json` |
122
+ | ADR-0026 | nodejs | Adaptive MFA and Passwordless Platform | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0026-adaptive-mfa-and-passwordless-platform.rules.json` |
123
+ | ADR-0027 | nodejs | Dual-Protocol API Strategy (REST & gRPC) | Approved | advisory | `rulesets/adr/generated/adr-nodejs-0027-dual-protocol-api-strategy-rest-grpc.rules.json` |
124
+ | ADR-0029 | nodejs | Adoption of Tactical DDD Primitives Library | Approved | executable | `rulesets/adr/generated/adr-nodejs-0029-adoption-of-tactical-ddd-primitives-library.rules.json` |
125
+ | ADR-0038 | nodejs | Enterprise Error Handling & Result Pattern Strategy | Approved | executable | `rulesets/adr/generated/adr-nodejs-0038-enterprise-error-handling-result-pattern-strategy.rules.json` |
126
+ | ADR-0043 | nodejs | Data Access and ORM Strategy for Node.js | Approved | executable | `rulesets/adr/generated/adr-nodejs-0043-data-access-and-orm-strategy-for-node-js.rules.json` |
127
+ | ADR-0044 | nodejs | Frontend Clean Architecture Layer Boundaries (React) | Accepted | executable | `rulesets/adr/generated/adr-nodejs-0044-frontend-clean-architecture-layer-boundaries-react.rules.json` |
128
+ | ADR-0045 | nodejs | Frontend State Management — Zustand + TanStack Query Dual Strategy | Accepted | executable | `rulesets/adr/generated/adr-nodejs-0045-frontend-state-management-zustand-tanstack-query-dual-strate.rules.json` |
129
+ | ADR-0046 | nodejs | Prohibition of Raw Technical Identifiers in User Interfaces | Accepted | executable | `rulesets/adr/generated/adr-nodejs-0046-prohibition-of-raw-technical-identifiers-in-user-interfaces.rules.json` |
130
+ | ADR-0047 | nodejs | Actionable User Error Contract and Correlated Diagnostics | Accepted | executable | `rulesets/adr/generated/adr-nodejs-0047-actionable-user-error-contract-and-correlated-diagnostics.rules.json` |
131
+ | ADR-0048 | nodejs | Feature Flag System Scope and Structured Criteria Model | Accepted | executable | `rulesets/adr/generated/adr-nodejs-0048-feature-flag-system-scope-and-structured-criteria-model.rules.json` |
132
+ | ADR-0074 | nodejs | Monorepo Orchestration with Nx | Approved | executable | `rulesets/adr/generated/adr-nodejs-0074-monorepo-orchestration-with-nx.rules.json` |
133
+ | ADR-0075 | nodejs | Application Gateway (BFF) with NestJS | Approved | executable | `rulesets/adr/generated/adr-nodejs-0075-application-gateway-bff-with-nestjs.rules.json` |
package/rulesets/adr/README.es.md ADDED
@@ -0,0 +1,17 @@
1
+ # Índice de Reglas Codificadas desde ADRs
2
+
3
+ Codificación machine-readable de ADRs críticos como reglas. Estas reglas se hacen cumplir automáticamente en los pipelines de CI/CD.
4
+
5
+ | ADR | Archivo de Reglas | Descripción |
6
+ |---|---|---|
7
+ | **ADR-0002** — Arquitectura Hexagonal | [adr-0002-hexagonal-architecture.rules.json](./adr-0002-hexagonal-architecture.rules.json) | Ports & Adapters, aislamiento de capas, AOP solo en adapters |
8
+ | **ADR-0005** — Quality Gates CI/CD | [adr-0005-cicd-quality-gates.rules.json](./adr-0005-cicd-quality-gates.rules.json) | CodeQL, escaneo de dependencias, detección de secretos, cumplimiento de SLA |
9
+ | **ADR-0018** — Pirámide de Testing | [adr-0018-testing-pyramid.rules.json](./adr-0018-testing-pyramid.rules.json) | Distribución 70/20/10, umbrales por capa, cobertura >= 80% |
10
+ | **ADR-0032** — Selección de Protocolos | [adr-0032-protocol-selection.rules.json](./adr-0032-protocol-selection.rules.json) | gRPC interno, REST externo, GraphQL en agregación BFF |
11
+ | **ADR-0040** — Multi-Runtime | [adr-0040-multi-runtime.rules.json](./adr-0040-multi-runtime.rules.json) | Runtime por perfil de carga, gRPC síncrono, RabbitMQ asíncrono |
12
+ | **ADR-0050** — GitFlow Branching | [adr-0050-gitflow-branching.rules.json](./adr-0050-gitflow-branching.rules.json) | Nombres de ramas, ramas protegidas, tags semver |
13
+ | **ADR-0010** — Multi-Tenancy | [adr-0010-multi-tenancy.rules.json](./adr-0010-multi-tenancy.rules.json) | Filtrado de doble capa, propagación de contexto de tenant (condicional) |
14
+
15
+ ---
16
+
17
+ Volver al [Rulesets Hub](../README.es.md)
package/rulesets/adr/README.md ADDED
@@ -0,0 +1,17 @@
1
+ # ADR-Encoded Rules Index
2
+
3
+ Machine-readable encoding of critical ADRs as rules. These rules are automatically enforced in CI/CD pipelines.
4
+
5
+ | ADR | Rule File | Description |
6
+ |---|---|---|
7
+ | **ADR-0002** — Hexagonal Architecture | [adr-0002-hexagonal-architecture.rules.json](./adr-0002-hexagonal-architecture.rules.json) | Ports & Adapters, layer isolation, AOP in adapters only |
8
+ | **ADR-0005** — CI/CD Quality Gates | [adr-0005-cicd-quality-gates.rules.json](./adr-0005-cicd-quality-gates.rules.json) | CodeQL, dependency scan, secret detection, SLA compliance |
9
+ | **ADR-0018** — Testing Pyramid | [adr-0018-testing-pyramid.rules.json](./adr-0018-testing-pyramid.rules.json) | 70/20/10 distribution, layer thresholds, coverage >= 80% |
10
+ | **ADR-0032** — Protocol Selection | [adr-0032-protocol-selection.rules.json](./adr-0032-protocol-selection.rules.json) | gRPC internal, REST external, GraphQL BFF aggregate |
11
+ | **ADR-0040** — Multi-Runtime | [adr-0040-multi-runtime.rules.json](./adr-0040-multi-runtime.rules.json) | Runtime by workload profile, gRPC sync, RabbitMQ async |
12
+ | **ADR-0050** — GitFlow Branching | [adr-0050-gitflow-branching.rules.json](./adr-0050-gitflow-branching.rules.json) | Branch naming, protected branches, semver tags |
13
+ | **ADR-0010** — Multi-Tenancy | [adr-0010-multi-tenancy.rules.json](./adr-0010-multi-tenancy.rules.json) | Dual-layer filtering, tenant context propagation (conditional) |
14
+
15
+ ---
16
+
17
+ Back to [Rulesets Hub](../README.md)
package/rulesets/adr/adr-0002-hexagonal-architecture.rules.json ADDED
@@ -0,0 +1,103 @@
1
+ {
2
+ "$schema": "../schema/ruleset-standard.schema.json",
3
+ "$id": "https://evolith.dev/rulesets/adr/adr-0002-hexagonal-architecture.rules.json",
4
+ "title": "ADR-0002 — Hexagonal Architecture (Ports & Adapters) Rules",
5
+ "description": "Machine-readable rules encoding ADR-0002 Clean Hexagonal Architecture. Mandatory structural pattern for all Evolith applications.",
6
+ "version": "1.0.0",
7
+ "adrId": "ADR-0002",
8
+ "adrTitle": "Clean Hexagonal Architecture with NestJS",
9
+ "status": "Approved",
10
+ "date": "2026-05-08",
11
+ "effectiveDate": "2026-05-08",
12
+ "rules": [
13
+ {
14
+ "id": "HXA-01",
15
+ "severity": "MUST",
16
+ "category": "layer-structure",
17
+ "title": "Core (Domain) has zero framework dependencies",
18
+ "description": "The Core/Domain layer MUST contain only pure TypeScript classes. Zero imports from NestJS, TypeORM, Express, or any external SDK. Contains entities, value objects, and port interfaces only.",
19
+ "rationale": "ADR-0002 §Decision: Core is pure TypeScript. Framework coupling prevents domain extraction and pure testing.",
20
+ "validationQuery": "Static analysis: Core layer files import no framework packages (nestjs, typeorm, express, mongoose).",
21
+ "blocking": true,
22
+ "layer": "Core"
23
+ },
24
+ {
25
+ "id": "HXA-02",
26
+ "severity": "MUST",
27
+ "category": "layer-structure",
28
+ "title": "Application layer imports Core only",
29
+ "description": "Application layer (Use Cases) may import Core classes and NestJS DI decorators only. No infrastructure imports (database adapters, external SDKs).",
30
+ "rationale": "ADR-0002 §Decision: Application orchestrates Core logic. Infrastructure belongs in adapters.",
31
+ "validationQuery": "Application layer files import only Core layer and @nestjs/common decorators.",
32
+ "blocking": true,
33
+ "layer": "Application"
34
+ },
35
+ {
36
+ "id": "HXA-03",
37
+ "severity": "MUST",
38
+ "category": "layer-structure",
39
+ "title": "Infrastructure (Adapters) implements Core ports",
40
+ "description": "Infrastructure layer contains concrete implementations of Core port interfaces (TypeOrmUserRepository, BcryptPasswordHasher). All framework and SDK imports live exclusively here.",
41
+ "rationale": "ADR-0002 §Decision: Infrastructure is the adapter layer. It implements the ports defined by Core.",
42
+ "validationQuery": "Infrastructure files implement interfaces defined in Core layer. No domain logic lives here.",
43
+ "blocking": true,
44
+ "layer": "Infrastructure"
45
+ },
46
+ {
47
+ "id": "HXA-04",
48
+ "severity": "MUST",
49
+ "category": "dependency-direction",
50
+ "title": "Dependency direction: Infrastructure → Application → Core",
51
+ "description": "Dependency direction is strictly enforced: Infrastructure depends on Application, Application depends on Core. Never the reverse.",
52
+ "rationale": "ADR-0002 §Decision: Dependency inversion is the core principle of hexagonal architecture.",
53
+ "validationQuery": "eslint-plugin-boundaries or equivalent static analysis enforces no backward imports.",
54
+ "blocking": true,
55
+ "layer": "All"
56
+ },
57
+ {
58
+ "id": "HXA-05",
59
+ "severity": "MUST NOT",
60
+ "category": "aop-isolation",
61
+ "title": "AOP concerns prohibited in Core/Application layers",
62
+ "description": "Cross-cutting concerns (Logging, Auditing, OTel, Caching, Transactions) MUST NOT hard-couple third-party decorators or SDKs inside Core or Application layers. Prohibited: @SentryCapture, @OpentelemetrySpan, @Cacheable on UseCase methods.",
63
+ "rationale": "ADR-0002 §4: AOP isolation rule. Framework decorators in domain pollute the domain with infrastructure concerns.",
64
+ "validationQuery": "Core/Application classes have no imports from Sentry, OpenTelemetry SDK, caching libraries, or transaction managers.",
65
+ "blocking": true,
66
+ "layer": "Core, Application"
67
+ },
68
+ {
69
+ "id": "HXA-06",
70
+ "severity": "MUST",
71
+ "category": "aop-isolation",
72
+ "title": "AOP implemented exclusively in Infrastructure layer",
73
+ "description": "Cross-cutting concerns MUST be encapsulated exclusively inside NestJS Interceptors, Middleware, or Decorator Wrappers residing in the Infrastructure/Adapter layer, wrapping pure UseCase execution from the outside.",
74
+ "rationale": "ADR-0002 §4: AOP in adapters preserves domain purity while enabling observability.",
75
+ "validationQuery": "AOP implementations (interceptors, middleware, decorators) exist only in Infrastructure layer.",
76
+ "blocking": false,
77
+ "layer": "Infrastructure"
78
+ },
79
+ {
80
+ "id": "HXA-07",
81
+ "severity": "MUST",
82
+ "category": "testing",
83
+ "title": "Core domain tests run without framework bootstrap",
84
+ "description": "Pure domain tests (entities, value objects, port interfaces) MUST run in milliseconds with no database or framework setup. Tests must not execute IO or container startups.",
85
+ "rationale": "ADR-0002 §Consequences: Pure domain tests are fast and framework-independent.",
86
+ "validationQuery": "Domain unit tests execute without TestBed or testcontainer initialization. Average execution time < 50ms per test file.",
87
+ "blocking": false,
88
+ "layer": "Core"
89
+ }
90
+ ],
91
+ "references": [
92
+ "reference/architecture/adrs/nodejs/0002-clean-architecture-nestjs.md",
93
+ "reference/architecture/adrs/nodejs/0003-strict-typescript-standards.md"
94
+ ],
95
+ "exitCriteria": {
96
+ "description": "All HXA rules are validated in CI via eslint-plugin-boundaries and import analysis.",
97
+ "validationTools": [
98
+ "eslint-plugin-boundaries",
99
+ "dependency-cruiser",
100
+ "custom AST rules"
101
+ ]
102
+ }
103
+ }