@evolith/core-domain 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (500) hide show
  1. package/dist/domain/services/default-workflow-definition.js +1 -1
  2. package/dist/domain/services/default-workflow-definition.js.map +1 -1
  3. package/package.json +2 -1
  4. package/rulesets/README.es.md +170 -0
  5. package/rulesets/README.md +170 -0
  6. package/rulesets/acl/README.es.md +41 -0
  7. package/rulesets/acl/README.md +41 -0
  8. package/rulesets/acl/anti-corruption-layer.rules.es.json +99 -0
  9. package/rulesets/acl/anti-corruption-layer.rules.json +99 -0
  10. package/rulesets/adr/ADR_COVERAGE.es.md +133 -0
  11. package/rulesets/adr/ADR_COVERAGE.md +133 -0
  12. package/rulesets/adr/README.es.md +17 -0
  13. package/rulesets/adr/README.md +17 -0
  14. package/rulesets/adr/adr-0002-hexagonal-architecture.rules.json +103 -0
  15. package/rulesets/adr/adr-0005-cicd-quality-gates.rules.json +102 -0
  16. package/rulesets/adr/adr-0010-multi-tenancy.rules.json +129 -0
  17. package/rulesets/adr/adr-0018-testing-pyramid.rules.json +115 -0
  18. package/rulesets/adr/adr-0032-protocol-selection.rules.json +134 -0
  19. package/rulesets/adr/adr-0040-multi-runtime.rules.json +131 -0
  20. package/rulesets/adr/adr-0050-gitflow-branching.rules.json +176 -0
  21. package/rulesets/adr/generated/adr-0001-monorepo-orchestration-principle.rules.json +29 -0
  22. package/rulesets/adr/generated/adr-0006-microservices-transition-via-sidecar-pattern.rules.json +29 -0
  23. package/rulesets/adr/generated/adr-0009-strict-dependency-pinning-and-automated-vulnerability-manage.rules.json +29 -0
  24. package/rulesets/adr/generated/adr-0011-fault-tolerance-and-resiliency-patterns.rules.json +29 -0
  25. package/rulesets/adr/generated/adr-0013-cloud-infrastructure-topology-and-disaster-recovery-dr.rules.json +28 -0
  26. package/rulesets/adr/generated/adr-0014-multi-layer-distributed-caching-strategy.rules.json +29 -0
  27. package/rulesets/adr/generated/adr-0015-event-driven-architecture-eda-for-intra-domain-communication.rules.json +29 -0
  28. package/rulesets/adr/generated/adr-0016-immutable-business-audit-trail-and-change-tracking.rules.json +29 -0
  29. package/rulesets/adr/generated/adr-0017-feature-flagging-strategy-for-progressive-delivery.rules.json +28 -0
  30. package/rulesets/adr/generated/adr-0019-tactical-design-patterns-for-future-proofing.rules.json +29 -0
  31. package/rulesets/adr/generated/adr-0020-identity-provider-abstraction-strategy.rules.json +28 -0
  32. package/rulesets/adr/generated/adr-0024-centralized-configuration-feature-platform.rules.json +28 -0
  33. package/rulesets/adr/generated/adr-0025-feature-flag-provider-abstraction-strategy.rules.json +29 -0
  34. package/rulesets/adr/generated/adr-0028-self-hosted-open-source-hybrid-infrastructure.rules.json +29 -0
  35. package/rulesets/adr/generated/adr-0030-two-tier-distributed-gateway-model.rules.json +28 -0
  36. package/rulesets/adr/generated/adr-0031-schema-per-bounded-context-and-domain-event-catalog.rules.json +29 -0
  37. package/rulesets/adr/generated/adr-0033-transactional-outbox-pattern-for-async-messaging.rules.json +28 -0
  38. package/rulesets/adr/generated/adr-0034-cqrs-pattern-application-matrix.rules.json +29 -0
  39. package/rulesets/adr/generated/adr-0035-distributed-saga-pattern-implementation-strategy.rules.json +29 -0
  40. package/rulesets/adr/generated/adr-0036-message-bus-delivery-flow-control-strategy.rules.json +29 -0
  41. package/rulesets/adr/generated/adr-0037-enterprise-performance-concurrency-chaos-verification-strate.rules.json +28 -0
  42. package/rulesets/adr/generated/adr-0039-deployment-topology-abstraction-environment-switcher.rules.json +29 -0
  43. package/rulesets/adr/generated/adr-0041-dual-engine-policy-evaluation-native-opa.rules.json +28 -0
  44. package/rulesets/adr/generated/adr-0044-configurable-security-persistence-strategy-agnosticism-vs-na.rules.json +29 -0
  45. package/rulesets/adr/generated/adr-0045-microservice-extraction-readiness-criteria.rules.json +29 -0
  46. package/rulesets/adr/generated/adr-0046-unified-traceability-via-w3c-tracecontext.rules.json +29 -0
  47. package/rulesets/adr/generated/adr-0047-progressive-architecture-evolution-framework-modular-monolit.rules.json +29 -0
  48. package/rulesets/adr/generated/adr-0048-enterprise-taxonomy-standardization-and-reference-layout.rules.json +28 -0
  49. package/rulesets/adr/generated/adr-0049-naming-semantics-clean-code-policy-e2e-and-global.rules.json +29 -0
  50. package/rulesets/adr/generated/adr-0051-enterprise-database-engine-selection-strategy.rules.json +29 -0
  51. package/rulesets/adr/generated/adr-0052-unit-testing-isolation-strategy-mocks-vs-stubs.rules.json +29 -0
  52. package/rulesets/adr/generated/adr-0053-integration-and-e2e-testing-strategy.rules.json +29 -0
  53. package/rulesets/adr/generated/adr-0054-database-design-and-normalization-standards.rules.json +29 -0
  54. package/rulesets/adr/generated/adr-0055-microfrontends-architecture-strategy.rules.json +28 -0
  55. package/rulesets/adr/generated/adr-0056-enterprise-naming-design-conventions-multi-language-multi-pl.rules.json +29 -0
  56. package/rulesets/adr/generated/adr-0057-architecture-intelligence-catalog.rules.json +27 -0
  57. package/rulesets/adr/generated/adr-0058-ai-consumable-architecture-knowledge.rules.json +27 -0
  58. package/rulesets/adr/generated/adr-0067-modular-monolith-persistence-boundaries.rules.json +28 -0
  59. package/rulesets/adr/generated/adr-0068-documentation-release-gitflow.rules.json +29 -0
  60. package/rulesets/adr/generated/adr-0069-ai-agent-context-protocol-integration.rules.json +28 -0
  61. package/rulesets/adr/generated/adr-0070-lean-root-repository-taxonomy.rules.json +29 -0
  62. package/rulesets/adr/generated/adr-0071-domain-layer-base-class-and-inheritance-strategy.rules.json +29 -0
  63. package/rulesets/adr/generated/adr-0072-utc-date-storage-browser-timezone-detection-and-language-res.rules.json +29 -0
  64. package/rulesets/adr/generated/adr-0073-unified-cli-mcp-output-contract-and-gate-evidence-schema.rules.json +29 -0
  65. package/rulesets/adr/generated/adr-0074-evolith-core-api-native-exposure-layer.rules.json +29 -0
  66. package/rulesets/adr/generated/adr-0075-core-api-authentication-strategy.rules.json +28 -0
  67. package/rulesets/adr/generated/adr-0076-domain-oriented-microservice-architecture-doma.rules.json +28 -0
  68. package/rulesets/adr/generated/adr-0077-masstransit-v9-commercial-pivot-stay-on-v8-monitor-opentrans.rules.json +28 -0
  69. package/rulesets/adr/generated/adr-0078-domain-financial-separation-governance.rules.json +29 -0
  70. package/rulesets/adr/generated/adr-0079-multi-topology-reference-corpus-and-topology-manifest-contra.rules.json +29 -0
  71. package/rulesets/adr/generated/adr-0080-remote-repository-reference-contract.rules.json +29 -0
  72. package/rulesets/adr/generated/adr-0081-agentic-ai-sandbox-isolation-boundary.rules.json +29 -0
  73. package/rulesets/adr/generated/adr-0082-agentic-ai-prompt-context-and-tool-trust-boundary.rules.json +28 -0
  74. package/rulesets/adr/generated/adr-0083-agentic-ai-action-authorization-and-audit.rules.json +29 -0
  75. package/rulesets/adr/generated/adr-0084-data-mesh-and-data-as-a-product.rules.json +29 -0
  76. package/rulesets/adr/generated/adr-0085-agnostic-opa-wasm-distribution-architecture.rules.json +28 -0
  77. package/rulesets/adr/generated/adr-0086-agentic-ai-telemetry-cost-control-standard.rules.json +27 -0
  78. package/rulesets/adr/generated/adr-0087-attribute-based-access-control-abac-for-agentic-tool-executi.rules.json +29 -0
  79. package/rulesets/adr/generated/adr-0088-sovereign-identity-for-agentic-ai.rules.json +29 -0
  80. package/rulesets/adr/generated/adr-0089-event-driven-agentic-workflow-pattern.rules.json +28 -0
  81. package/rulesets/adr/generated/adr-0090-rag-knowledge-governance-standard.rules.json +29 -0
  82. package/rulesets/adr/generated/adr-0091-workload-identity-token-rotation-standard.rules.json +29 -0
  83. package/rulesets/adr/generated/adr-0092-agent-infinite-loop-prevention-and-circuit-breaker-rules.rules.json +29 -0
  84. package/rulesets/adr/generated/adr-0093-concurrency-control-and-resource-locking-standard-for-mcp-to.rules.json +29 -0
  85. package/rulesets/adr/generated/adr-0094-multi-agent-handoff-and-task-delegation-standards.rules.json +29 -0
  86. package/rulesets/adr/generated/adr-0095-serverless-architecture-governance.rules.json +29 -0
  87. package/rulesets/adr/generated/adr-0096-edge-computing-architecture-governance.rules.json +29 -0
  88. package/rulesets/adr/generated/adr-0097-knowledge-lifecycle-governance-standard.rules.json +29 -0
  89. package/rulesets/adr/generated/adr-0098-rest-uri-versioning-and-deprecation-policy.rules.json +29 -0
  90. package/rulesets/adr/generated/adr-0099-opa-bundle-distribution-via-s3-minio.rules.json +27 -0
  91. package/rulesets/adr/generated/adr-ai-augmented-0001-harness-engineering-for-ai-augmented-development.rules.json +29 -0
  92. package/rulesets/adr/generated/adr-ai-augmented-0002-mcp-integration-protocol-for-agent-tool-invocation.rules.json +29 -0
  93. package/rulesets/adr/generated/adr-ai-augmented-0003-model-selection-governance-for-ai-augmented-workflows.rules.json +29 -0
  94. package/rulesets/adr/generated/adr-ai-augmented-0004-agents-md-as-mandatory-repository-artifact.rules.json +29 -0
  95. package/rulesets/adr/generated/adr-ai-augmented-0005-human-in-the-loop-policy-for-autonomous-agent-operations.rules.json +29 -0
  96. package/rulesets/adr/generated/adr-android-0042-canonical-android-native-mobile-architecture.rules.json +29 -0
  97. package/rulesets/adr/generated/adr-dotnet-0041-canonical-net-c-backend-architecture.rules.json +29 -0
  98. package/rulesets/adr/generated/adr-dotnet-0060-net-multi-tenancy-dual-layer-strategy-ef-core-sql-server.rules.json +29 -0
  99. package/rulesets/adr/generated/adr-dotnet-0061-transactional-event-lifecycle-in-ef-core.rules.json +28 -0
  100. package/rulesets/adr/generated/adr-dotnet-0062-net-immutable-audit-trail-via-ddl-triggers-delta-capture.rules.json +29 -0
  101. package/rulesets/adr/generated/adr-dotnet-0063-b2b-request-idempotency-middleware-in-asp-net-core.rules.json +28 -0
  102. package/rulesets/adr/generated/adr-dotnet-0064-net-request-scope-observability-context-propagation.rules.json +29 -0
  103. package/rulesets/adr/generated/adr-dotnet-0065-net-pii-safe-structured-logging-pipeline-serilog.rules.json +29 -0
  104. package/rulesets/adr/generated/adr-dotnet-0066-net-lightweight-http-idempotency-via-imemorycache-idistribut.rules.json +28 -0
  105. package/rulesets/adr/generated/adr-dotnet-0069-net-grpc-service-setup-protobuf-contracts.rules.json +29 -0
  106. package/rulesets/adr/generated/adr-dotnet-0070-net-api-endpoint-strategy.rules.json +29 -0
  107. package/rulesets/adr/generated/adr-dotnet-0071-net-data-access-strategy-ef-core-as-default-orm-dapper-for-o.rules.json +27 -0
  108. package/rulesets/adr/generated/adr-dotnet-0072-net-aop-cross-cutting-concern-strategy-dispatchproxy-over-pi.rules.json +29 -0
  109. package/rulesets/adr/generated/adr-nodejs-0003-strict-typescript-standards.rules.json +29 -0
  110. package/rulesets/adr/generated/adr-nodejs-0004-frontend-offline-resilience.rules.json +28 -0
  111. package/rulesets/adr/generated/adr-nodejs-0007-observability-with-opentelemetry-loki-and-jaeger.rules.json +29 -0
  112. package/rulesets/adr/generated/adr-nodejs-0008-progressive-multi-module-evolution-with-api-gateway-and-bff-.rules.json +28 -0
  113. package/rulesets/adr/generated/adr-nodejs-0012-advanced-authorization-rbac-abac-strategy.rules.json +28 -0
  114. package/rulesets/adr/generated/adr-nodejs-0021-high-performance-authentication-graph-compilation.rules.json +28 -0
  115. package/rulesets/adr/generated/adr-nodejs-0022-contextual-authentication-and-pluggable-output-projections.rules.json +28 -0
  116. package/rulesets/adr/generated/adr-nodejs-0023-centralized-authorization-core-strategy.rules.json +28 -0
  117. package/rulesets/adr/generated/adr-nodejs-0026-adaptive-mfa-and-passwordless-platform.rules.json +28 -0
  118. package/rulesets/adr/generated/adr-nodejs-0027-dual-protocol-api-strategy-rest-grpc.rules.json +28 -0
  119. package/rulesets/adr/generated/adr-nodejs-0029-adoption-of-tactical-ddd-primitives-library.rules.json +29 -0
  120. package/rulesets/adr/generated/adr-nodejs-0038-enterprise-error-handling-result-pattern-strategy.rules.json +29 -0
  121. package/rulesets/adr/generated/adr-nodejs-0043-data-access-and-orm-strategy-for-node-js.rules.json +29 -0
  122. package/rulesets/adr/generated/adr-nodejs-0044-frontend-clean-architecture-layer-boundaries-react.rules.json +29 -0
  123. package/rulesets/adr/generated/adr-nodejs-0045-frontend-state-management-zustand-tanstack-query-dual-strate.rules.json +29 -0
  124. package/rulesets/adr/generated/adr-nodejs-0046-prohibition-of-raw-technical-identifiers-in-user-interfaces.rules.json +29 -0
  125. package/rulesets/adr/generated/adr-nodejs-0047-actionable-user-error-contract-and-correlated-diagnostics.rules.json +29 -0
  126. package/rulesets/adr/generated/adr-nodejs-0048-feature-flag-system-scope-and-structured-criteria-model.rules.json +29 -0
  127. package/rulesets/adr/generated/adr-nodejs-0074-monorepo-orchestration-with-nx.rules.json +29 -0
  128. package/rulesets/adr/generated/adr-nodejs-0075-application-gateway-bff-with-nestjs.rules.json +29 -0
  129. package/rulesets/architecture/README.es.md +21 -0
  130. package/rulesets/architecture/README.md +21 -0
  131. package/rulesets/architecture/opa/progressive-axis.rego +50 -0
  132. package/rulesets/cli/README.es.md +17 -0
  133. package/rulesets/cli/README.md +17 -0
  134. package/rulesets/cli/core-parity.rules.json +61 -0
  135. package/rulesets/cli/release-readiness.rules.json +77 -0
  136. package/rulesets/compliance-baseline/README.es.md +26 -0
  137. package/rulesets/compliance-baseline/README.md +26 -0
  138. package/rulesets/compliance-baseline/compliance-baseline.rules.json +81 -0
  139. package/rulesets/contracts/README.es.md +19 -0
  140. package/rulesets/contracts/README.md +19 -0
  141. package/rulesets/contracts/evolith-machine-contracts.json +29 -0
  142. package/rulesets/contracts/fixtures/gate-evidence.success.json +10 -0
  143. package/rulesets/contracts/fixtures/output-envelope.success.json +23 -0
  144. package/rulesets/cross-cutting/README.es.md +14 -0
  145. package/rulesets/cross-cutting/README.md +14 -0
  146. package/rulesets/cross-cutting/compliance-baseline.rules.json +81 -0
  147. package/rulesets/cross-cutting/definition-of-done.rules.json +135 -0
  148. package/rulesets/cross-cutting/engineering-manifesto.rules.json +145 -0
  149. package/rulesets/cross-cutting/repository-taxonomy.rules.json +172 -0
  150. package/rulesets/definition-of-done/README.es.md +26 -0
  151. package/rulesets/definition-of-done/README.md +26 -0
  152. package/rulesets/definition-of-done/definition-of-done.rules.json +135 -0
  153. package/rulesets/engineering-manifesto/README.es.md +26 -0
  154. package/rulesets/engineering-manifesto/README.md +26 -0
  155. package/rulesets/engineering-manifesto/engineering-manifesto.rules.json +145 -0
  156. package/rulesets/evidence/README.es.md +12 -0
  157. package/rulesets/evidence/README.md +12 -0
  158. package/rulesets/evidence/evidence-manifest.rules.json +48 -0
  159. package/rulesets/executive-scorecards/executive-scorecards.rules.es.json +213 -0
  160. package/rulesets/executive-scorecards/executive-scorecards.rules.json +213 -0
  161. package/rulesets/governance/README.es.md +13 -0
  162. package/rulesets/governance/README.md +13 -0
  163. package/rulesets/governance/abac-mcp-access.rules.es.json +41 -0
  164. package/rulesets/governance/abac-mcp-access.rules.json +41 -0
  165. package/rulesets/governance/executive-scorecards.rules.es.json +213 -0
  166. package/rulesets/governance/executive-scorecards.rules.json +213 -0
  167. package/rulesets/governance/inheritance.rules.json +115 -0
  168. package/rulesets/governance/knowledge-intake.rules.json +18 -0
  169. package/rulesets/governance/open-core-boundary.rules.es.json +148 -0
  170. package/rulesets/governance/open-core-boundary.rules.json +148 -0
  171. package/rulesets/governance/satellite-contracts.rules.json +183 -0
  172. package/rulesets/infrastructure/helm-enforcement.rules.json +21 -0
  173. package/rulesets/infrastructure/opa/helm-enforcement.rego +25 -0
  174. package/rulesets/infrastructure/opa/helm-enforcement.test.rego +31 -0
  175. package/rulesets/infrastructure/opa/opa-sidecar-bundle.rego +115 -0
  176. package/rulesets/infrastructure/opa/opa-sidecar-bundle.test.rego +66 -0
  177. package/rulesets/infrastructure/opa-sidecar-bundle.rules.json +18 -0
  178. package/rulesets/mcp/README.es.md +12 -0
  179. package/rulesets/mcp/README.md +12 -0
  180. package/rulesets/mcp/protocol-compliance.rules.json +57 -0
  181. package/rulesets/observability/README.es.md +12 -0
  182. package/rulesets/observability/README.md +12 -0
  183. package/rulesets/observability/telemetry-evidence.rules.json +48 -0
  184. package/rulesets/opa/README.es.md +22 -0
  185. package/rulesets/opa/README.md +22 -0
  186. package/rulesets/opa/abac-mcp-tool-access.rego +122 -0
  187. package/rulesets/opa/abac-mcp-tool-access.test.rego +33 -0
  188. package/rulesets/opa/anti-corruption-layer.rego +39 -0
  189. package/rulesets/opa/anti-corruption-layer.test.rego +118 -0
  190. package/rulesets/opa/ci-cd.rego +41 -0
  191. package/rulesets/opa/ci-cd.test.rego +23 -0
  192. package/rulesets/opa/cicd-quality-gates.rego +29 -0
  193. package/rulesets/opa/cicd-quality-gates.test.rego +54 -0
  194. package/rulesets/opa/cli-core-parity.rego +17 -0
  195. package/rulesets/opa/cli-core-parity.test.rego +39 -0
  196. package/rulesets/opa/cli-readiness.rego +32 -0
  197. package/rulesets/opa/cli-readiness.test.rego +23 -0
  198. package/rulesets/opa/cli-release-readiness.rego +21 -0
  199. package/rulesets/opa/cli-release-readiness.test.rego +46 -0
  200. package/rulesets/opa/compliance-baseline.rego +95 -0
  201. package/rulesets/opa/compliance-baseline.test.rego +89 -0
  202. package/rulesets/opa/dod.rego +42 -0
  203. package/rulesets/opa/dod.test.rego +250 -0
  204. package/rulesets/opa/engineering-manifesto.rego +78 -0
  205. package/rulesets/opa/engineering-manifesto.test.rego +133 -0
  206. package/rulesets/opa/evidence.rego +64 -0
  207. package/rulesets/opa/evidence.test.rego +23 -0
  208. package/rulesets/opa/executive-scorecards.rego +41 -0
  209. package/rulesets/opa/executive-scorecards.test.rego +60 -0
  210. package/rulesets/opa/gitflow-branching.rego +41 -0
  211. package/rulesets/opa/gitflow-branching.test.rego +60 -0
  212. package/rulesets/opa/governance.rego +39 -0
  213. package/rulesets/opa/governance.test.rego +23 -0
  214. package/rulesets/opa/hexagonal-architecture.rego +33 -0
  215. package/rulesets/opa/hexagonal-architecture.test.rego +57 -0
  216. package/rulesets/opa/infrastructure/helm-enforcement.rego +33 -0
  217. package/rulesets/opa/infrastructure/opa-sidecar-bundle.rego +42 -0
  218. package/rulesets/opa/knowledge-intake.rego +98 -0
  219. package/rulesets/opa/knowledge-intake.test.rego +50 -0
  220. package/rulesets/opa/main.rego +147 -0
  221. package/rulesets/opa/main_test.rego +149 -0
  222. package/rulesets/opa/mcp.rego +61 -0
  223. package/rulesets/opa/mcp.test.rego +27 -0
  224. package/rulesets/opa/multi-runtime.rego +33 -0
  225. package/rulesets/opa/multi-runtime.test.rego +53 -0
  226. package/rulesets/opa/multi-tenancy.rego +33 -0
  227. package/rulesets/opa/multi-tenancy.test.rego +53 -0
  228. package/rulesets/opa/open-core-boundary.rego +33 -0
  229. package/rulesets/opa/open-core-boundary.test.rego +60 -0
  230. package/rulesets/opa/protocol-selection.rego +29 -0
  231. package/rulesets/opa/protocol-selection.test.rego +46 -0
  232. package/rulesets/opa/rbac/gate-role-enforcement.rego +112 -0
  233. package/rulesets/opa/repository-taxonomy.rego +98 -0
  234. package/rulesets/opa/repository-taxonomy.test.rego +91 -0
  235. package/rulesets/opa/satellite-contracts.rego +42 -0
  236. package/rulesets/opa/satellite-contracts.test.rego +70 -0
  237. package/rulesets/opa/schemas/abac-mcp-tool-access.input.schema.json +21 -0
  238. package/rulesets/opa/schemas/anti-corruption-layer.input.schema.json +25 -0
  239. package/rulesets/opa/schemas/ci-cd.input.schema.json +27 -0
  240. package/rulesets/opa/schemas/cicd-quality-gates.input.schema.json +33 -0
  241. package/rulesets/opa/schemas/cli-core-parity.input.schema.json +30 -0
  242. package/rulesets/opa/schemas/cli-readiness.input.schema.json +28 -0
  243. package/rulesets/opa/schemas/cli-release-readiness.input.schema.json +26 -0
  244. package/rulesets/opa/schemas/compliance-baseline.input.schema.json +25 -0
  245. package/rulesets/opa/schemas/dod.input.schema.json +38 -0
  246. package/rulesets/opa/schemas/engineering-manifesto.input.schema.json +24 -0
  247. package/rulesets/opa/schemas/evidence.input.schema.json +35 -0
  248. package/rulesets/opa/schemas/executive-scorecards.input.schema.json +36 -0
  249. package/rulesets/opa/schemas/gitflow-branching.input.schema.json +36 -0
  250. package/rulesets/opa/schemas/governance.input.schema.json +19 -0
  251. package/rulesets/opa/schemas/hexagonal-architecture.input.schema.json +46 -0
  252. package/rulesets/opa/schemas/knowledge-intake.input.schema.json +57 -0
  253. package/rulesets/opa/schemas/mcp.input.schema.json +38 -0
  254. package/rulesets/opa/schemas/multi-runtime.input.schema.json +27 -0
  255. package/rulesets/opa/schemas/multi-tenancy.input.schema.json +27 -0
  256. package/rulesets/opa/schemas/open-core-boundary.input.schema.json +36 -0
  257. package/rulesets/opa/schemas/protocol-selection.input.schema.json +26 -0
  258. package/rulesets/opa/schemas/repository-taxonomy.input.schema.json +18 -0
  259. package/rulesets/opa/schemas/satellite-contracts.input.schema.json +38 -0
  260. package/rulesets/opa/schemas/taxonomy.input.schema.json +27 -0
  261. package/rulesets/opa/schemas/testing-pyramid.input.schema.json +42 -0
  262. package/rulesets/opa/schemas/version-pinning.input.schema.json +39 -0
  263. package/rulesets/opa/sdlc/coverage.rego +49 -0
  264. package/rulesets/opa/sdlc/coverage.test.rego +29 -0
  265. package/rulesets/opa/sdlc/pyramid-distribution.rego +31 -0
  266. package/rulesets/opa/sdlc/pyramid-distribution.test.rego +33 -0
  267. package/rulesets/opa/taxonomy.rego +51 -0
  268. package/rulesets/opa/taxonomy.test.rego +28 -0
  269. package/rulesets/opa/telemetry-evidence.rego +102 -0
  270. package/rulesets/opa/testing-pyramid.rego +49 -0
  271. package/rulesets/opa/testing-pyramid.test.rego +81 -0
  272. package/rulesets/opa/version-pinning.rego +99 -0
  273. package/rulesets/opa/version-pinning.test.rego +28 -0
  274. package/rulesets/phase-gates/README.es.md +28 -0
  275. package/rulesets/phase-gates/README.md +28 -0
  276. package/rulesets/phase-gates/phase-gates.rules.json +297 -0
  277. package/rulesets/quality-thresholds/README.es.md +28 -0
  278. package/rulesets/quality-thresholds/README.md +28 -0
  279. package/rulesets/quality-thresholds/quality-thresholds.rules.json +96 -0
  280. package/rulesets/repository-taxonomy/README.es.md +26 -0
  281. package/rulesets/repository-taxonomy/README.md +26 -0
  282. package/rulesets/repository-taxonomy/repository-taxonomy.rules.json +172 -0
  283. package/rulesets/satellite-contracts/README.es.md +27 -0
  284. package/rulesets/satellite-contracts/README.md +27 -0
  285. package/rulesets/satellite-contracts/satellite-contracts.rules.json +183 -0
  286. package/rulesets/schema/README.es.md +39 -0
  287. package/rulesets/schema/README.md +39 -0
  288. package/rulesets/schema/adr.schema.json +138 -0
  289. package/rulesets/schema/agile-backlog.schema.json +91 -0
  290. package/rulesets/schema/ballpark-estimation.schema.json +109 -0
  291. package/rulesets/schema/build-vs-compose.schema.json +98 -0
  292. package/rulesets/schema/cli-impact-analysis.schema.json +114 -0
  293. package/rulesets/schema/discovery-canvas.schema.json +92 -0
  294. package/rulesets/schema/evolith-user-story.schema.json +105 -0
  295. package/rulesets/schema/evolith-yaml.schema.json +191 -0
  296. package/rulesets/schema/functional-story.schema.json +111 -0
  297. package/rulesets/schema/gate-evidence.schema.json +85 -0
  298. package/rulesets/schema/integration-evidence.schema.json +47 -0
  299. package/rulesets/schema/knowledge-intake.schema.json +67 -0
  300. package/rulesets/schema/knowledge-projection.schema.json +24 -0
  301. package/rulesets/schema/maturity-evidence.schema.json +59 -0
  302. package/rulesets/schema/observability-validation.schema.json +85 -0
  303. package/rulesets/schema/on-call-handoff.schema.json +91 -0
  304. package/rulesets/schema/output-envelope.schema.json +102 -0
  305. package/rulesets/schema/prd.schema.json +117 -0
  306. package/rulesets/schema/release-notes.schema.json +138 -0
  307. package/rulesets/schema/rollback-rehearsal.schema.json +73 -0
  308. package/rulesets/schema/ruleset-sdlc.schema.json +59 -0
  309. package/rulesets/schema/ruleset-standard.schema.json +73 -0
  310. package/rulesets/schema/security-scan-report.schema.json +79 -0
  311. package/rulesets/schema/source-registry.schema.json +51 -0
  312. package/rulesets/schema/technical-feasibility.schema.json +66 -0
  313. package/rulesets/schema/technical-story.schema.json +112 -0
  314. package/rulesets/schema/test-summary-report.schema.json +158 -0
  315. package/rulesets/schema/topology-composition.schema.json +43 -0
  316. package/rulesets/schema/topology-manifest.schema.json +421 -0
  317. package/rulesets/sdlc/README.es.md +12 -0
  318. package/rulesets/sdlc/README.md +12 -0
  319. package/rulesets/sdlc/default-workflow.yaml +73 -0
  320. package/rulesets/sdlc/dependency-pinning.rules.json +183 -0
  321. package/rulesets/sdlc/phase-gates.rules.json +297 -0
  322. package/rulesets/sdlc/quality-thresholds.rules.json +96 -0
  323. package/rulesets/topologies/README.es.md +42 -0
  324. package/rulesets/topologies/README.md +42 -0
  325. package/rulesets/topologies/agentic-ai/README.es.md +142 -0
  326. package/rulesets/topologies/agentic-ai/README.md +142 -0
  327. package/rulesets/topologies/agentic-ai/adoption.es.md +37 -0
  328. package/rulesets/topologies/agentic-ai/adoption.md +37 -0
  329. package/rulesets/topologies/agentic-ai/agent.config.schema.json +100 -0
  330. package/rulesets/topologies/agentic-ai/agentic-ai.rego +46 -0
  331. package/rulesets/topologies/agentic-ai/agentic-ai.rules.json +109 -0
  332. package/rulesets/topologies/agentic-ai/agentic-ai.test.rego +68 -0
  333. package/rulesets/topologies/agentic-ai/agentic-ai.wasm +0 -0
  334. package/rulesets/topologies/agentic-ai/cli/cli-flows.es.md +35 -0
  335. package/rulesets/topologies/agentic-ai/cli/cli-flows.md +45 -0
  336. package/rulesets/topologies/agentic-ai/evidence.es.md +25 -0
  337. package/rulesets/topologies/agentic-ai/evidence.md +25 -0
  338. package/rulesets/topologies/agentic-ai/evolution.es.md +26 -0
  339. package/rulesets/topologies/agentic-ai/evolution.md +26 -0
  340. package/rulesets/topologies/agentic-ai/fixtures/invalid-agent.config.json +48 -0
  341. package/rulesets/topologies/agentic-ai/fixtures/valid-agent.config.json +48 -0
  342. package/rulesets/topologies/agentic-ai/maturity.es.md +33 -0
  343. package/rulesets/topologies/agentic-ai/maturity.md +33 -0
  344. package/rulesets/topologies/agentic-ai/mcp/mcp-manifest.json +100 -0
  345. package/rulesets/topologies/agentic-ai/openapi/openapi.yaml +187 -0
  346. package/rulesets/topologies/agentic-ai/operations.es.md +32 -0
  347. package/rulesets/topologies/agentic-ai/operations.md +32 -0
  348. package/rulesets/topologies/agentic-ai/parity-fixtures/compliant.json +18 -0
  349. package/rulesets/topologies/agentic-ai/parity-fixtures/violation.json +22 -0
  350. package/rulesets/topologies/agentic-ai/patterns.es.md +32 -0
  351. package/rulesets/topologies/agentic-ai/patterns.md +32 -0
  352. package/rulesets/topologies/agentic-ai/resilience.es.md +26 -0
  353. package/rulesets/topologies/agentic-ai/resilience.md +26 -0
  354. package/rulesets/topologies/agentic-ai/runbooks.es.md +48 -0
  355. package/rulesets/topologies/agentic-ai/runbooks.md +48 -0
  356. package/rulesets/topologies/agentic-ai/security.es.md +26 -0
  357. package/rulesets/topologies/agentic-ai/security.md +26 -0
  358. package/rulesets/topologies/agentic-ai/topology.manifest.json +127 -0
  359. package/rulesets/topologies/data-mesh/README.es.md +69 -0
  360. package/rulesets/topologies/data-mesh/README.md +69 -0
  361. package/rulesets/topologies/data-mesh/adoption.es.md +95 -0
  362. package/rulesets/topologies/data-mesh/adoption.md +95 -0
  363. package/rulesets/topologies/data-mesh/cli/cli-flows.es.md +41 -0
  364. package/rulesets/topologies/data-mesh/cli/cli-flows.md +53 -0
  365. package/rulesets/topologies/data-mesh/data-mesh.rego +11 -0
  366. package/rulesets/topologies/data-mesh/data-mesh.rules.json +100 -0
  367. package/rulesets/topologies/data-mesh/data-mesh.test.rego +107 -0
  368. package/rulesets/topologies/data-mesh/data-mesh.wasm +0 -0
  369. package/rulesets/topologies/data-mesh/evidence.es.md +111 -0
  370. package/rulesets/topologies/data-mesh/evidence.md +111 -0
  371. package/rulesets/topologies/data-mesh/evolution.es.md +67 -0
  372. package/rulesets/topologies/data-mesh/evolution.md +67 -0
  373. package/rulesets/topologies/data-mesh/fixtures/invalid.topology.config.json +12 -0
  374. package/rulesets/topologies/data-mesh/fixtures/valid.topology.config.json +12 -0
  375. package/rulesets/topologies/data-mesh/maturity.es.md +36 -0
  376. package/rulesets/topologies/data-mesh/maturity.md +36 -0
  377. package/rulesets/topologies/data-mesh/mcp/mcp-manifest.json +68 -0
  378. package/rulesets/topologies/data-mesh/openapi/openapi.yaml +186 -0
  379. package/rulesets/topologies/data-mesh/operations.es.md +63 -0
  380. package/rulesets/topologies/data-mesh/operations.md +63 -0
  381. package/rulesets/topologies/data-mesh/parity-fixtures/compliant.json +18 -0
  382. package/rulesets/topologies/data-mesh/parity-fixtures/violation.json +21 -0
  383. package/rulesets/topologies/data-mesh/patterns.es.md +67 -0
  384. package/rulesets/topologies/data-mesh/patterns.md +67 -0
  385. package/rulesets/topologies/data-mesh/resilience.es.md +64 -0
  386. package/rulesets/topologies/data-mesh/resilience.md +64 -0
  387. package/rulesets/topologies/data-mesh/runbooks.es.md +147 -0
  388. package/rulesets/topologies/data-mesh/runbooks.md +147 -0
  389. package/rulesets/topologies/data-mesh/security.es.md +66 -0
  390. package/rulesets/topologies/data-mesh/security.md +66 -0
  391. package/rulesets/topologies/data-mesh/topology.config.schema.json +30 -0
  392. package/rulesets/topologies/data-mesh/topology.manifest.json +107 -0
  393. package/rulesets/topologies/edge-computing/README.es.md +81 -0
  394. package/rulesets/topologies/edge-computing/README.md +81 -0
  395. package/rulesets/topologies/edge-computing/adoption.es.md +268 -0
  396. package/rulesets/topologies/edge-computing/adoption.md +268 -0
  397. package/rulesets/topologies/edge-computing/cli/cli-flows.es.md +41 -0
  398. package/rulesets/topologies/edge-computing/cli/cli-flows.md +53 -0
  399. package/rulesets/topologies/edge-computing/edge-computing.rego +41 -0
  400. package/rulesets/topologies/edge-computing/edge-computing.rules.json +50 -0
  401. package/rulesets/topologies/edge-computing/edge-computing.test.rego +33 -0
  402. package/rulesets/topologies/edge-computing/edge-computing.wasm +0 -0
  403. package/rulesets/topologies/edge-computing/evidence.es.md +263 -0
  404. package/rulesets/topologies/edge-computing/evidence.md +263 -0
  405. package/rulesets/topologies/edge-computing/evolution.es.md +257 -0
  406. package/rulesets/topologies/edge-computing/evolution.md +257 -0
  407. package/rulesets/topologies/edge-computing/fixtures/invalid.topology.config.json +6 -0
  408. package/rulesets/topologies/edge-computing/fixtures/valid.topology.config.json +6 -0
  409. package/rulesets/topologies/edge-computing/maturity.es.md +36 -0
  410. package/rulesets/topologies/edge-computing/maturity.md +36 -0
  411. package/rulesets/topologies/edge-computing/mcp/mcp-manifest.json +72 -0
  412. package/rulesets/topologies/edge-computing/openapi/openapi.yaml +187 -0
  413. package/rulesets/topologies/edge-computing/operations.es.md +148 -0
  414. package/rulesets/topologies/edge-computing/operations.md +148 -0
  415. package/rulesets/topologies/edge-computing/parity-fixtures/compliant.json +12 -0
  416. package/rulesets/topologies/edge-computing/parity-fixtures/violation.json +13 -0
  417. package/rulesets/topologies/edge-computing/patterns.es.md +291 -0
  418. package/rulesets/topologies/edge-computing/patterns.md +290 -0
  419. package/rulesets/topologies/edge-computing/resilience.es.md +232 -0
  420. package/rulesets/topologies/edge-computing/resilience.md +229 -0
  421. package/rulesets/topologies/edge-computing/runbooks.es.md +405 -0
  422. package/rulesets/topologies/edge-computing/runbooks.md +405 -0
  423. package/rulesets/topologies/edge-computing/security.es.md +218 -0
  424. package/rulesets/topologies/edge-computing/security.md +218 -0
  425. package/rulesets/topologies/edge-computing/topology.config.schema.json +13 -0
  426. package/rulesets/topologies/edge-computing/topology.manifest.json +113 -0
  427. package/rulesets/topologies/event-driven/README.es.md +71 -0
  428. package/rulesets/topologies/event-driven/README.md +71 -0
  429. package/rulesets/topologies/event-driven/adoption.es.md +67 -0
  430. package/rulesets/topologies/event-driven/adoption.md +67 -0
  431. package/rulesets/topologies/event-driven/cli/cli-flows.es.md +41 -0
  432. package/rulesets/topologies/event-driven/cli/cli-flows.md +53 -0
  433. package/rulesets/topologies/event-driven/event-driven.rego +11 -0
  434. package/rulesets/topologies/event-driven/event-driven.rules.json +100 -0
  435. package/rulesets/topologies/event-driven/event-driven.test.rego +107 -0
  436. package/rulesets/topologies/event-driven/event-driven.wasm +0 -0
  437. package/rulesets/topologies/event-driven/evidence.es.md +69 -0
  438. package/rulesets/topologies/event-driven/evidence.md +69 -0
  439. package/rulesets/topologies/event-driven/evolution.es.md +59 -0
  440. package/rulesets/topologies/event-driven/evolution.md +59 -0
  441. package/rulesets/topologies/event-driven/fixtures/invalid.topology.config.json +12 -0
  442. package/rulesets/topologies/event-driven/fixtures/valid.topology.config.json +12 -0
  443. package/rulesets/topologies/event-driven/maturity.es.md +36 -0
  444. package/rulesets/topologies/event-driven/maturity.md +36 -0
  445. package/rulesets/topologies/event-driven/mcp/mcp-manifest.json +68 -0
  446. package/rulesets/topologies/event-driven/openapi/openapi.yaml +186 -0
  447. package/rulesets/topologies/event-driven/operations.es.md +67 -0
  448. package/rulesets/topologies/event-driven/operations.md +67 -0
  449. package/rulesets/topologies/event-driven/parity-fixtures/compliant.json +18 -0
  450. package/rulesets/topologies/event-driven/parity-fixtures/violation.json +21 -0
  451. package/rulesets/topologies/event-driven/patterns.es.md +68 -0
  452. package/rulesets/topologies/event-driven/patterns.md +68 -0
  453. package/rulesets/topologies/event-driven/resilience.es.md +65 -0
  454. package/rulesets/topologies/event-driven/resilience.md +65 -0
  455. package/rulesets/topologies/event-driven/runbooks.es.md +79 -0
  456. package/rulesets/topologies/event-driven/runbooks.md +79 -0
  457. package/rulesets/topologies/event-driven/security.es.md +59 -0
  458. package/rulesets/topologies/event-driven/security.md +59 -0
  459. package/rulesets/topologies/event-driven/topology.config.schema.json +30 -0
  460. package/rulesets/topologies/event-driven/topology.manifest.json +109 -0
  461. package/rulesets/topologies/progressive-axis/distributed-modules/distributed-modules.rules.es.json +111 -0
  462. package/rulesets/topologies/progressive-axis/distributed-modules/distributed-modules.rules.json +111 -0
  463. package/rulesets/topologies/progressive-axis/microservices/microservices.rules.es.json +106 -0
  464. package/rulesets/topologies/progressive-axis/microservices/microservices.rules.json +106 -0
  465. package/rulesets/topologies/progressive-axis/modular-monolith/modular-monolith.rules.es.json +148 -0
  466. package/rulesets/topologies/progressive-axis/modular-monolith/modular-monolith.rules.json +148 -0
  467. package/rulesets/topologies/serverless/README.es.md +74 -0
  468. package/rulesets/topologies/serverless/README.md +74 -0
  469. package/rulesets/topologies/serverless/adoption.es.md +50 -0
  470. package/rulesets/topologies/serverless/adoption.md +50 -0
  471. package/rulesets/topologies/serverless/cli/cli-flows.es.md +41 -0
  472. package/rulesets/topologies/serverless/cli/cli-flows.md +53 -0
  473. package/rulesets/topologies/serverless/evidence.es.md +66 -0
  474. package/rulesets/topologies/serverless/evidence.md +66 -0
  475. package/rulesets/topologies/serverless/evolution.es.md +36 -0
  476. package/rulesets/topologies/serverless/evolution.md +36 -0
  477. package/rulesets/topologies/serverless/fixtures/invalid.topology.config.json +6 -0
  478. package/rulesets/topologies/serverless/fixtures/valid.topology.config.json +6 -0
  479. package/rulesets/topologies/serverless/maturity.es.md +36 -0
  480. package/rulesets/topologies/serverless/maturity.md +36 -0
  481. package/rulesets/topologies/serverless/mcp/mcp-manifest.json +72 -0
  482. package/rulesets/topologies/serverless/openapi/openapi.yaml +186 -0
  483. package/rulesets/topologies/serverless/operations.es.md +36 -0
  484. package/rulesets/topologies/serverless/operations.md +36 -0
  485. package/rulesets/topologies/serverless/parity-fixtures/compliant.json +13 -0
  486. package/rulesets/topologies/serverless/parity-fixtures/violation.json +15 -0
  487. package/rulesets/topologies/serverless/patterns.es.md +36 -0
  488. package/rulesets/topologies/serverless/patterns.md +36 -0
  489. package/rulesets/topologies/serverless/resilience.es.md +36 -0
  490. package/rulesets/topologies/serverless/resilience.md +36 -0
  491. package/rulesets/topologies/serverless/runbooks.es.md +68 -0
  492. package/rulesets/topologies/serverless/runbooks.md +68 -0
  493. package/rulesets/topologies/serverless/security.es.md +36 -0
  494. package/rulesets/topologies/serverless/security.md +36 -0
  495. package/rulesets/topologies/serverless/serverless.rego +32 -0
  496. package/rulesets/topologies/serverless/serverless.rules.json +33 -0
  497. package/rulesets/topologies/serverless/serverless.test.rego +28 -0
  498. package/rulesets/topologies/serverless/serverless.wasm +0 -0
  499. package/rulesets/topologies/serverless/topology.config.schema.json +28 -0
  500. package/rulesets/topologies/serverless/topology.manifest.json +114 -0
package/rulesets/schema/ruleset-sdlc.schema.json ADDED
@@ -0,0 +1,59 @@
1
+ {
2
+ "$schema": "http://json-schema.org/draft-07/schema#",
3
+ "$id": "https://evolith.dev/rulesets/schema/ruleset-sdlc.schema.json",
4
+ "title": "SDLC Ruleset Schema",
5
+ "type": "object",
6
+ "required": ["$id", "gates"],
7
+ "properties": {
8
+ "$schema": { "type": "string" },
9
+ "$id": { "type": "string", "format": "uri" },
10
+ "title": { "type": "string" },
11
+ "description": { "type": "string" },
12
+ "version": { "type": "string" },
13
+ "effectiveDate": { "type": "string", "format": "date" },
14
+ "gates": {
15
+ "type": "array",
16
+ "items": {
17
+ "type": "object",
18
+ "required": ["phase", "name", "description", "mandatoryEvidence"],
19
+ "properties": {
20
+ "phase": { "type": "integer" },
21
+ "name": { "type": "string" },
22
+ "description": { "type": "string" },
23
+ "playbookRef": { "type": "string", "description": "Relative path to the operational playbook that procedurally implements this gate." },
24
+ "accountableRole": { "type": "string" },
25
+ "waiverAuthority": { "type": "string" },
26
+ "waiverRequiredFields": {
27
+ "type": "array",
28
+ "items": { "type": "string" }
29
+ },
30
+ "mandatoryEvidence": {
31
+ "type": "array",
32
+ "items": {
33
+ "type": "object",
34
+ "required": ["artifact", "validation"],
35
+ "properties": {
36
+ "artifact": { "type": "string" },
37
+ "schemaRef": { "type": "string" },
38
+ "templateRef": { "type": "string", "description": "Relative path to the canonical Markdown template that authors must use for this artifact." },
39
+ "status": { "type": "string" },
40
+ "validation": { "type": "string" }
41
+ }
42
+ }
43
+ },
44
+ "blockingCriteria": {
45
+ "type": "array",
46
+ "items": {
47
+ "type": "object",
48
+ "required": ["criterion", "action"],
49
+ "properties": {
50
+ "criterion": { "type": "string" },
51
+ "action": { "type": "string" }
52
+ }
53
+ }
54
+ }
55
+ }
56
+ }
57
+ }
58
+ }
59
+ }
package/rulesets/schema/ruleset-standard.schema.json ADDED
@@ -0,0 +1,73 @@
1
+ {
2
+ "$schema": "http://json-schema.org/draft-07/schema#",
3
+ "$id": "https://evolith.dev/rulesets/schema/ruleset-standard.schema.json",
4
+ "title": "Standard Ruleset Schema",
5
+ "type": "object",
6
+ "properties": {
7
+ "$schema": { "type": "string" },
8
+ "$id": { "type": "string", "format": "uri" },
9
+ "title": { "type": "string" },
10
+ "description": { "type": "string" },
11
+ "version": { "type": "string" },
12
+ "effectiveDate": { "type": "string", "format": "date" },
13
+ "adrId": { "type": "string" },
14
+ "adrTitle": { "type": "string" },
15
+ "status": { "type": "string" },
16
+ "date": { "type": "string" },
17
+ "exitCriteria": {
18
+ "type": "object"
19
+ },
20
+ "references": {
21
+ "type": "array",
22
+ "items": { "type": "string" }
23
+ },
24
+ "rules": {
25
+ "type": "array",
26
+ "items": {
27
+ "$ref": "#/definitions/rule"
28
+ }
29
+ },
30
+ "principles": {
31
+ "type": "array",
32
+ "items": {
33
+ "$ref": "#/definitions/rule"
34
+ }
35
+ }
36
+ },
37
+ "anyOf": [
38
+ { "required": ["rules"] },
39
+ { "required": ["principles"] }
40
+ ],
41
+ "definitions": {
42
+ "rule": {
43
+ "type": "object",
44
+ "properties": {
45
+ "id": { "type": "string" },
46
+ "severity": { "type": "string" },
47
+ "category": { "type": "string" },
48
+ "title": { "type": "string" },
49
+ "principle": { "type": "string" },
50
+ "description": { "type": "string" },
51
+ "statement": { "type": "string" },
52
+ "rationale": { "type": "string" },
53
+ "validationQuery": { "type": "string" },
54
+ "blocking": { "type": "boolean" },
55
+ "enforcement": { "type": "string" },
56
+ "layer": { "type": "string" },
57
+ "examples": {
58
+ "type": "array",
59
+ "items": { "type": "string" }
60
+ },
61
+ "structure": {
62
+ "type": "array",
63
+ "items": { "type": "string" }
64
+ }
65
+ },
66
+ "anyOf": [
67
+ { "required": ["id", "title", "description"] },
68
+ { "required": ["id", "principle", "statement"] },
69
+ { "required": ["title", "description"] }
70
+ ]
71
+ }
72
+ }
73
+ }
package/rulesets/schema/security-scan-report.schema.json ADDED
@@ -0,0 +1,79 @@
1
+ {
2
+ "$schema": "http://json-schema.org/draft-07/schema#",
3
+ "$id": "https://evolith.dev/schema/security-scan-report.schema.json",
4
+ "title": "Security Scan Report",
5
+ "description": "JSON Schema for the Security Scan Report artifact required by the RC Stamped gate (Phase 4). Aggregates SAST, DAST, SCA, and dependency-vulnerability findings against the production CVE policy.",
6
+ "type": "object",
7
+ "required": ["releaseCandidate", "scannedAt", "findings", "policy", "result"],
8
+ "additionalProperties": false,
9
+ "properties": {
10
+ "releaseCandidate": { "type": "string" },
11
+ "scannedAt": { "type": "string", "format": "date-time" },
12
+ "scanners": {
13
+ "type": "array",
14
+ "items": {
15
+ "type": "object",
16
+ "required": ["name", "type"],
17
+ "additionalProperties": false,
18
+ "properties": {
19
+ "name": { "type": "string" },
20
+ "type": { "type": "string", "enum": ["SAST", "DAST", "SCA", "Secrets", "Container", "IaC"] },
21
+ "version": { "type": "string" }
22
+ }
23
+ }
24
+ },
25
+ "findings": {
26
+ "type": "object",
27
+ "required": ["critical", "high", "medium", "low"],
28
+ "additionalProperties": false,
29
+ "properties": {
30
+ "critical": { "type": "integer", "minimum": 0 },
31
+ "high": { "type": "integer", "minimum": 0 },
32
+ "medium": { "type": "integer", "minimum": 0 },
33
+ "low": { "type": "integer", "minimum": 0 }
34
+ }
35
+ },
36
+ "openFindings": {
37
+ "type": "array",
38
+ "items": {
39
+ "type": "object",
40
+ "required": ["id", "severity", "component", "remediation"],
41
+ "additionalProperties": false,
42
+ "properties": {
43
+ "id": { "type": "string", "description": "CVE id, scanner finding id, or internal ticket id." },
44
+ "severity": { "type": "string", "enum": ["Critical", "High", "Medium", "Low"] },
45
+ "component": { "type": "string" },
46
+ "remediation": { "type": "string", "enum": ["Fix", "Mitigate", "Waiver"] },
47
+ "owner": { "type": "string" },
48
+ "dueDate": { "type": "string", "format": "date" }
49
+ }
50
+ }
51
+ },
52
+ "policy": {
53
+ "type": "object",
54
+ "required": ["maxCritical", "maxHigh"],
55
+ "additionalProperties": false,
56
+ "properties": {
57
+ "maxCritical": { "type": "integer", "minimum": 0 },
58
+ "maxHigh": { "type": "integer", "minimum": 0 },
59
+ "maxMedium": { "type": "integer", "minimum": 0 }
60
+ }
61
+ },
62
+ "result": { "type": "string", "enum": ["PASS", "FAIL", "WAIVED"] },
63
+ "waivers": {
64
+ "type": "array",
65
+ "items": {
66
+ "type": "object",
67
+ "required": ["findingId", "justification", "owner", "expirationDate", "approvalAuthority"],
68
+ "additionalProperties": false,
69
+ "properties": {
70
+ "findingId": { "type": "string" },
71
+ "justification": { "type": "string" },
72
+ "owner": { "type": "string" },
73
+ "expirationDate": { "type": "string", "format": "date" },
74
+ "approvalAuthority": { "type": "string", "description": "Architecture Board or Executive Risk Acceptance for High/Critical CVEs." }
75
+ }
76
+ }
77
+ }
78
+ }
79
+ }
package/rulesets/schema/source-registry.schema.json ADDED
@@ -0,0 +1,51 @@
1
+ {
2
+ "$schema": "http://json-schema.org/draft-07/schema#",
3
+ "$id": "https://evolith.dev/schema/source-registry.schema.json",
4
+ "title": "External Knowledge Source Registry Entry",
5
+ "description": "Versioned SRC-* registry schema recording external source metadata and KI-* linkage.",
6
+ "type": "object",
7
+ "required": [
8
+ "source_registry_id",
9
+ "source_license",
10
+ "edition_or_url",
11
+ "retention_mode",
12
+ "content_fingerprint",
13
+ "review_cadence",
14
+ "ki_links"
15
+ ],
16
+ "properties": {
17
+ "source_registry_id": {
18
+ "type": "string",
19
+ "pattern": "^SRC-[A-Z0-9-]+$"
20
+ },
21
+ "source_license": {
22
+ "type": "string",
23
+ "minLength": 1
24
+ },
25
+ "edition_or_url": {
26
+ "type": "string",
27
+ "minLength": 1
28
+ },
29
+ "retention_mode": {
30
+ "enum": ["citation", "full-reference", "permanent"]
31
+ },
32
+ "content_fingerprint": {
33
+ "type": "string",
34
+ "minLength": 1
35
+ },
36
+ "review_cadence": {
37
+ "type": "string",
38
+ "pattern": "^[0-9]+-(months|years|weeks)$"
39
+ },
40
+ "ki_links": {
41
+ "type": "array",
42
+ "minItems": 1,
43
+ "items": {
44
+ "type": "string",
45
+ "pattern": "^KI-[A-Z0-9-]+$"
46
+ },
47
+ "uniqueItems": true
48
+ }
49
+ },
50
+ "additionalProperties": false
51
+ }
package/rulesets/schema/technical-feasibility.schema.json ADDED
@@ -0,0 +1,66 @@
1
+ {
2
+ "$schema": "http://json-schema.org/draft-07/schema#",
3
+ "$id": "https://evolith.dev/schema/technical-feasibility.schema.json",
4
+ "title": "Technical Feasibility",
5
+ "description": "JSON Schema for validating Evolith Technical Feasibility and NFR artifacts. Phase 1 required artifact for technical and architectural alignment.",
6
+ "type": "object",
7
+ "required": ["initiativeId", "technicalSummary", "qualityAttributes", "technicalConstraints"],
8
+ "additionalProperties": false,
9
+ "properties": {
10
+ "initiativeId": {
11
+ "type": "string",
12
+ "description": "Reference to the originating Discovery Canvas ID."
13
+ },
14
+ "technicalSummary": {
15
+ "type": "string",
16
+ "minLength": 50,
17
+ "description": "Brief technical description of the implementation case based on Discovery Canvas."
18
+ },
19
+ "qualityAttributes": {
20
+ "type": "object",
21
+ "required": ["latencyMs", "concurrencyRequestsSec", "availabilitySla"],
22
+ "additionalProperties": false,
23
+ "properties": {
24
+ "latencyMs": {
25
+ "type": "integer",
26
+ "minimum": 0,
27
+ "description": "Target latency in milliseconds (e.g. at p95)."
28
+ },
29
+ "concurrencyRequestsSec": {
30
+ "type": "integer",
31
+ "minimum": 0,
32
+ "description": "Estimated target concurrency in requests per second."
33
+ },
34
+ "availabilitySla": {
35
+ "type": "string",
36
+ "description": "Target availability SLA percentage (e.g., 99.9%)."
37
+ },
38
+ "securityCompliance": {
39
+ "type": "string",
40
+ "description": "Security protocols and compliance constraints."
41
+ }
42
+ }
43
+ },
44
+ "technicalConstraints": {
45
+ "type": "array",
46
+ "items": {
47
+ "type": "string"
48
+ },
49
+ "minItems": 1,
50
+ "description": "Platform, stack, or cloud constraints."
51
+ },
52
+ "approvalStatus": {
53
+ "type": "string",
54
+ "enum": ["Draft", "Under Review", "Approved", "Rejected"],
55
+ "default": "Draft"
56
+ },
57
+ "approver": {
58
+ "type": "string",
59
+ "description": "Name of the approving architect."
60
+ },
61
+ "approvalDate": {
62
+ "type": "string",
63
+ "format": "date"
64
+ }
65
+ }
66
+ }
package/rulesets/schema/technical-story.schema.json ADDED
@@ -0,0 +1,112 @@
1
+ {
2
+ "$schema": "http://json-schema.org/draft-07/schema#",
3
+ "$id": "https://evolith.dev/schema/technical-story.schema.json",
4
+ "title": "Technical Story",
5
+ "description": "JSON Schema for validating Evolith Technical Story artifacts. Engineering implementation work items traceable to Functional Stories.",
6
+ "type": "object",
7
+ "required": ["id", "title", "status", "functionalStoryId", "implementation", "testing", "definitionOfDone"],
8
+ "additionalProperties": false,
9
+ "properties": {
10
+ "id": {
11
+ "type": "string",
12
+ "pattern": "^TS-\\d{3}$",
13
+ "description": "Technical Story ID following pattern TS-XXX."
14
+ },
15
+ "title": {
16
+ "type": "string",
17
+ "minLength": 10,
18
+ "description": "Technical story title in engineering language."
19
+ },
20
+ "status": {
21
+ "type": "string",
22
+ "enum": ["Draft", "Ready", "In Progress", "Done", "Blocked"],
23
+ "default": "Draft"
24
+ },
25
+ "functionalStoryId": {
26
+ "type": "string",
27
+ "pattern": "^FS-\\d{3}$",
28
+ "description": "Parent Functional Story ID this Technical Story implements."
29
+ },
30
+ "type": {
31
+ "type": "string",
32
+ "enum": ["Backend", "Frontend", "Infrastructure", "Security", "Migration"],
33
+ "description": "Engineering domain classification."
34
+ },
35
+ "boundedContext": {
36
+ "type": "string",
37
+ "description": "Bounded context for this implementation."
38
+ },
39
+ "implementation": {
40
+ "type": "object",
41
+ "required": ["approach", "filesAffected", "dependencies"],
42
+ "additionalProperties": false,
43
+ "properties": {
44
+ "approach": { "type": "string" },
45
+ "filesAffected": {
46
+ "type": "array",
47
+ "items": { "type": "string" },
48
+ "description": "List of files to be created or modified."
49
+ },
50
+ "dependencies": {
51
+ "type": "array",
52
+ "items": { "type": "string" },
53
+ "description": "External packages, services, or ADRs this story depends on."
54
+ }
55
+ }
56
+ },
57
+ "testing": {
58
+ "type": "object",
59
+ "required": ["unit", "integration", "e2e"],
60
+ "additionalProperties": false,
61
+ "properties": {
62
+ "unit": {
63
+ "type": "object",
64
+ "additionalProperties": false,
65
+ "properties": {
66
+ "coverageTarget": { "type": "number", "minimum": 0, "maximum": 100 },
67
+ "testCases": { "type": "array", "items": { "type": "string" } }
68
+ }
69
+ },
70
+ "integration": {
71
+ "type": "object",
72
+ "additionalProperties": false,
73
+ "properties": {
74
+ "approach": { "type": "string" },
75
+ "testCases": { "type": "array", "items": { "type": "string" } }
76
+ }
77
+ },
78
+ "e2e": {
79
+ "type": "object",
80
+ "additionalProperties": false,
81
+ "properties": {
82
+ "scenarios": { "type": "array", "items": { "type": "string" } }
83
+ }
84
+ }
85
+ }
86
+ },
87
+ "definitionOfDone": {
88
+ "type": "array",
89
+ "items": { "type": "string" },
90
+ "minItems": 1,
91
+ "description": "Checklist of items that must be completed before this story is Done."
92
+ },
93
+ "relatedADRs": {
94
+ "type": "array",
95
+ "items": { "type": "string" },
96
+ "description": "ADRs that constrain or enable this implementation."
97
+ },
98
+ "observabilityRequirements": {
99
+ "type": "array",
100
+ "items": {
101
+ "type": "object",
102
+ "additionalProperties": false,
103
+ "properties": {
104
+ "type": { "type": "string", "enum": ["Metric", "Log", "Trace"] },
105
+ "name": { "type": "string" },
106
+ "dashboard": { "type": "string" }
107
+ }
108
+ },
109
+ "description": "OTel metrics, logs, or traces required for this story's production path."
110
+ }
111
+ }
112
+ }
package/rulesets/schema/test-summary-report.schema.json ADDED
@@ -0,0 +1,158 @@
1
+ {
2
+ "$schema": "http://json-schema.org/draft-07/schema#",
3
+ "$id": "https://evolith.dev/schema/test-summary-report.schema.json",
4
+ "title": "Test Summary Report",
5
+ "description": "JSON Schema for validating Evolith Test Summary Report artifacts. Required for RC Stamped gate (Phase 4).",
6
+ "type": "object",
7
+ "required": ["releaseCandidate", "date", "qualityGates", "testPyramid", "securityScan", "storyValidation"],
8
+ "additionalProperties": false,
9
+ "properties": {
10
+ "releaseCandidate": {
11
+ "type": "string",
12
+ "pattern": "^RC-\\d+\\.\\d+\\.\\d+$",
13
+ "description": "Release Candidate identifier following pattern RC-X.Y.Z."
14
+ },
15
+ "date": {
16
+ "type": "string",
17
+ "format": "date",
18
+ "description": "Date when test summary was generated."
19
+ },
20
+ "qualityGates": {
21
+ "type": "object",
22
+ "required": ["coverage", "complexity", "cves", "techDebt"],
23
+ "additionalProperties": false,
24
+ "properties": {
25
+ "coverage": {
26
+ "type": "object",
27
+ "additionalProperties": false,
28
+ "properties": {
29
+ "value": { "type": "number", "minimum": 0, "maximum": 100 },
30
+ "threshold": { "type": "number" },
31
+ "passed": { "type": "boolean" }
32
+ }
33
+ },
34
+ "complexity": {
35
+ "type": "object",
36
+ "additionalProperties": false,
37
+ "properties": {
38
+ "maxCyclomatic": { "type": "number" },
39
+ "threshold": { "type": "number" },
40
+ "passed": { "type": "boolean" }
41
+ }
42
+ },
43
+ "cves": {
44
+ "type": "object",
45
+ "additionalProperties": false,
46
+ "properties": {
47
+ "critical": { "type": "integer", "minimum": 0 },
48
+ "high": { "type": "integer", "minimum": 0 },
49
+ "medium": { "type": "integer" },
50
+ "passed": { "type": "boolean" }
51
+ }
52
+ },
53
+ "techDebt": {
54
+ "type": "object",
55
+ "additionalProperties": false,
56
+ "properties": {
57
+ "ratio": { "type": "number" },
58
+ "threshold": { "type": "number" },
59
+ "passed": { "type": "boolean" }
60
+ }
61
+ }
62
+ }
63
+ },
64
+ "testPyramid": {
65
+ "type": "object",
66
+ "required": ["unit", "integration", "e2e", "total"],
67
+ "additionalProperties": false,
68
+ "properties": {
69
+ "unit": {
70
+ "type": "object",
71
+ "additionalProperties": false,
72
+ "properties": {
73
+ "count": { "type": "integer" },
74
+ "percentage": { "type": "number" },
75
+ "target": { "type": "number" }
76
+ }
77
+ },
78
+ "integration": {
79
+ "type": "object",
80
+ "additionalProperties": false,
81
+ "properties": {
82
+ "count": { "type": "integer" },
83
+ "percentage": { "type": "number" },
84
+ "target": { "type": "number" }
85
+ }
86
+ },
87
+ "e2e": {
88
+ "type": "object",
89
+ "additionalProperties": false,
90
+ "properties": {
91
+ "count": { "type": "integer" },
92
+ "percentage": { "type": "number" },
93
+ "target": { "type": "number" }
94
+ }
95
+ },
96
+ "total": {
97
+ "type": "integer",
98
+ "description": "Total test count across all layers."
99
+ },
100
+ "passed": {
101
+ "type": "boolean",
102
+ "description": "Whether pyramid distribution matches target within tolerance."
103
+ }
104
+ }
105
+ },
106
+ "securityScan": {
107
+ "type": "object",
108
+ "required": ["tool", "criticalFindings", "highFindings", "passed"],
109
+ "additionalProperties": false,
110
+ "properties": {
111
+ "tool": { "type": "string" },
112
+ "criticalFindings": { "type": "integer" },
113
+ "highFindings": { "type": "integer" },
114
+ "mediumFindings": { "type": "integer" },
115
+ "passed": { "type": "boolean" }
116
+ }
117
+ },
118
+ "storyValidation": {
119
+ "type": "array",
120
+ "items": {
121
+ "type": "object",
122
+ "required": ["storyId", "criteria", "result"],
123
+ "additionalProperties": false,
124
+ "properties": {
125
+ "storyId": { "type": "string" },
126
+ "criteria": { "type": "string" },
127
+ "result": { "type": "string", "enum": ["Passed", "Failed", "Waived"] }
128
+ }
129
+ },
130
+ "description": "Acceptance criteria validation per Functional Story."
131
+ },
132
+ "waivers": {
133
+ "type": "array",
134
+ "items": {
135
+ "type": "object",
136
+ "required": ["criterion", "justification", "owner", "expirationDate"],
137
+ "additionalProperties": false,
138
+ "properties": {
139
+ "criterion": { "type": "string" },
140
+ "justification": { "type": "string" },
141
+ "owner": { "type": "string" },
142
+ "expirationDate": { "type": "string", "format": "date" }
143
+ }
144
+ },
145
+ "description": "Explicit waivers for failed gates. Must include justification and expiration."
146
+ },
147
+ "signOff": {
148
+ "type": "object",
149
+ "required": ["qaLead", "techLead", "date"],
150
+ "additionalProperties": false,
151
+ "properties": {
152
+ "qaLead": { "type": "string" },
153
+ "techLead": { "type": "string" },
154
+ "date": { "type": "string", "format": "date" }
155
+ }
156
+ }
157
+ }
158
+ }
package/rulesets/schema/topology-composition.schema.json ADDED
@@ -0,0 +1,43 @@
1
+ {
2
+ "$schema": "http://json-schema.org/draft-07/schema#",
3
+ "$id": "https://evolith.dev/schema/topology-composition.schema.json",
4
+ "title": "Topology Composition",
5
+ "description": "JSON Schema for an Evolith cross-topology composition manifest. A composition declares two or more canonical topologies whose manifests explicitly allow the combination via spec.compatibility.composableWith. See topology-dimensions.md §3.",
6
+ "type": "object",
7
+ "required": ["name", "topologies"],
8
+ "additionalProperties": false,
9
+ "properties": {
10
+ "$schema": { "type": "string" },
11
+ "name": { "type": "string" },
12
+ "description": { "type": "string" },
13
+ "topologies": {
14
+ "type": "array",
15
+ "minItems": 2,
16
+ "items": {
17
+ "type": "object",
18
+ "required": ["profile", "config"],
19
+ "additionalProperties": false,
20
+ "properties": {
21
+ "profile": {
22
+ "type": "string",
23
+ "enum": [
24
+ "modular-monolith",
25
+ "distributed-modules",
26
+ "microservices",
27
+ "serverless",
28
+ "edge-computing",
29
+ "event-driven",
30
+ "data-mesh",
31
+ "agentic-ai"
32
+ ],
33
+ "description": "Canonical topology archetype."
34
+ },
35
+ "config": {
36
+ "type": "string",
37
+ "description": "Relative path to the per-topology configuration fixture validated against the topology's configurationContract."
38
+ }
39
+ }
40
+ }
41
+ }
42
+ }
43
+ }