@evolith/core-domain 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (500) hide show
  1. package/dist/domain/services/default-workflow-definition.js +1 -1
  2. package/dist/domain/services/default-workflow-definition.js.map +1 -1
  3. package/package.json +2 -1
  4. package/rulesets/README.es.md +170 -0
  5. package/rulesets/README.md +170 -0
  6. package/rulesets/acl/README.es.md +41 -0
  7. package/rulesets/acl/README.md +41 -0
  8. package/rulesets/acl/anti-corruption-layer.rules.es.json +99 -0
  9. package/rulesets/acl/anti-corruption-layer.rules.json +99 -0
  10. package/rulesets/adr/ADR_COVERAGE.es.md +133 -0
  11. package/rulesets/adr/ADR_COVERAGE.md +133 -0
  12. package/rulesets/adr/README.es.md +17 -0
  13. package/rulesets/adr/README.md +17 -0
  14. package/rulesets/adr/adr-0002-hexagonal-architecture.rules.json +103 -0
  15. package/rulesets/adr/adr-0005-cicd-quality-gates.rules.json +102 -0
  16. package/rulesets/adr/adr-0010-multi-tenancy.rules.json +129 -0
  17. package/rulesets/adr/adr-0018-testing-pyramid.rules.json +115 -0
  18. package/rulesets/adr/adr-0032-protocol-selection.rules.json +134 -0
  19. package/rulesets/adr/adr-0040-multi-runtime.rules.json +131 -0
  20. package/rulesets/adr/adr-0050-gitflow-branching.rules.json +176 -0
  21. package/rulesets/adr/generated/adr-0001-monorepo-orchestration-principle.rules.json +29 -0
  22. package/rulesets/adr/generated/adr-0006-microservices-transition-via-sidecar-pattern.rules.json +29 -0
  23. package/rulesets/adr/generated/adr-0009-strict-dependency-pinning-and-automated-vulnerability-manage.rules.json +29 -0
  24. package/rulesets/adr/generated/adr-0011-fault-tolerance-and-resiliency-patterns.rules.json +29 -0
  25. package/rulesets/adr/generated/adr-0013-cloud-infrastructure-topology-and-disaster-recovery-dr.rules.json +28 -0
  26. package/rulesets/adr/generated/adr-0014-multi-layer-distributed-caching-strategy.rules.json +29 -0
  27. package/rulesets/adr/generated/adr-0015-event-driven-architecture-eda-for-intra-domain-communication.rules.json +29 -0
  28. package/rulesets/adr/generated/adr-0016-immutable-business-audit-trail-and-change-tracking.rules.json +29 -0
  29. package/rulesets/adr/generated/adr-0017-feature-flagging-strategy-for-progressive-delivery.rules.json +28 -0
  30. package/rulesets/adr/generated/adr-0019-tactical-design-patterns-for-future-proofing.rules.json +29 -0
  31. package/rulesets/adr/generated/adr-0020-identity-provider-abstraction-strategy.rules.json +28 -0
  32. package/rulesets/adr/generated/adr-0024-centralized-configuration-feature-platform.rules.json +28 -0
  33. package/rulesets/adr/generated/adr-0025-feature-flag-provider-abstraction-strategy.rules.json +29 -0
  34. package/rulesets/adr/generated/adr-0028-self-hosted-open-source-hybrid-infrastructure.rules.json +29 -0
  35. package/rulesets/adr/generated/adr-0030-two-tier-distributed-gateway-model.rules.json +28 -0
  36. package/rulesets/adr/generated/adr-0031-schema-per-bounded-context-and-domain-event-catalog.rules.json +29 -0
  37. package/rulesets/adr/generated/adr-0033-transactional-outbox-pattern-for-async-messaging.rules.json +28 -0
  38. package/rulesets/adr/generated/adr-0034-cqrs-pattern-application-matrix.rules.json +29 -0
  39. package/rulesets/adr/generated/adr-0035-distributed-saga-pattern-implementation-strategy.rules.json +29 -0
  40. package/rulesets/adr/generated/adr-0036-message-bus-delivery-flow-control-strategy.rules.json +29 -0
  41. package/rulesets/adr/generated/adr-0037-enterprise-performance-concurrency-chaos-verification-strate.rules.json +28 -0
  42. package/rulesets/adr/generated/adr-0039-deployment-topology-abstraction-environment-switcher.rules.json +29 -0
  43. package/rulesets/adr/generated/adr-0041-dual-engine-policy-evaluation-native-opa.rules.json +28 -0
  44. package/rulesets/adr/generated/adr-0044-configurable-security-persistence-strategy-agnosticism-vs-na.rules.json +29 -0
  45. package/rulesets/adr/generated/adr-0045-microservice-extraction-readiness-criteria.rules.json +29 -0
  46. package/rulesets/adr/generated/adr-0046-unified-traceability-via-w3c-tracecontext.rules.json +29 -0
  47. package/rulesets/adr/generated/adr-0047-progressive-architecture-evolution-framework-modular-monolit.rules.json +29 -0
  48. package/rulesets/adr/generated/adr-0048-enterprise-taxonomy-standardization-and-reference-layout.rules.json +28 -0
  49. package/rulesets/adr/generated/adr-0049-naming-semantics-clean-code-policy-e2e-and-global.rules.json +29 -0
  50. package/rulesets/adr/generated/adr-0051-enterprise-database-engine-selection-strategy.rules.json +29 -0
  51. package/rulesets/adr/generated/adr-0052-unit-testing-isolation-strategy-mocks-vs-stubs.rules.json +29 -0
  52. package/rulesets/adr/generated/adr-0053-integration-and-e2e-testing-strategy.rules.json +29 -0
  53. package/rulesets/adr/generated/adr-0054-database-design-and-normalization-standards.rules.json +29 -0
  54. package/rulesets/adr/generated/adr-0055-microfrontends-architecture-strategy.rules.json +28 -0
  55. package/rulesets/adr/generated/adr-0056-enterprise-naming-design-conventions-multi-language-multi-pl.rules.json +29 -0
  56. package/rulesets/adr/generated/adr-0057-architecture-intelligence-catalog.rules.json +27 -0
  57. package/rulesets/adr/generated/adr-0058-ai-consumable-architecture-knowledge.rules.json +27 -0
  58. package/rulesets/adr/generated/adr-0067-modular-monolith-persistence-boundaries.rules.json +28 -0
  59. package/rulesets/adr/generated/adr-0068-documentation-release-gitflow.rules.json +29 -0
  60. package/rulesets/adr/generated/adr-0069-ai-agent-context-protocol-integration.rules.json +28 -0
  61. package/rulesets/adr/generated/adr-0070-lean-root-repository-taxonomy.rules.json +29 -0
  62. package/rulesets/adr/generated/adr-0071-domain-layer-base-class-and-inheritance-strategy.rules.json +29 -0
  63. package/rulesets/adr/generated/adr-0072-utc-date-storage-browser-timezone-detection-and-language-res.rules.json +29 -0
  64. package/rulesets/adr/generated/adr-0073-unified-cli-mcp-output-contract-and-gate-evidence-schema.rules.json +29 -0
  65. package/rulesets/adr/generated/adr-0074-evolith-core-api-native-exposure-layer.rules.json +29 -0
  66. package/rulesets/adr/generated/adr-0075-core-api-authentication-strategy.rules.json +28 -0
  67. package/rulesets/adr/generated/adr-0076-domain-oriented-microservice-architecture-doma.rules.json +28 -0
  68. package/rulesets/adr/generated/adr-0077-masstransit-v9-commercial-pivot-stay-on-v8-monitor-opentrans.rules.json +28 -0
  69. package/rulesets/adr/generated/adr-0078-domain-financial-separation-governance.rules.json +29 -0
  70. package/rulesets/adr/generated/adr-0079-multi-topology-reference-corpus-and-topology-manifest-contra.rules.json +29 -0
  71. package/rulesets/adr/generated/adr-0080-remote-repository-reference-contract.rules.json +29 -0
  72. package/rulesets/adr/generated/adr-0081-agentic-ai-sandbox-isolation-boundary.rules.json +29 -0
  73. package/rulesets/adr/generated/adr-0082-agentic-ai-prompt-context-and-tool-trust-boundary.rules.json +28 -0
  74. package/rulesets/adr/generated/adr-0083-agentic-ai-action-authorization-and-audit.rules.json +29 -0
  75. package/rulesets/adr/generated/adr-0084-data-mesh-and-data-as-a-product.rules.json +29 -0
  76. package/rulesets/adr/generated/adr-0085-agnostic-opa-wasm-distribution-architecture.rules.json +28 -0
  77. package/rulesets/adr/generated/adr-0086-agentic-ai-telemetry-cost-control-standard.rules.json +27 -0
  78. package/rulesets/adr/generated/adr-0087-attribute-based-access-control-abac-for-agentic-tool-executi.rules.json +29 -0
  79. package/rulesets/adr/generated/adr-0088-sovereign-identity-for-agentic-ai.rules.json +29 -0
  80. package/rulesets/adr/generated/adr-0089-event-driven-agentic-workflow-pattern.rules.json +28 -0
  81. package/rulesets/adr/generated/adr-0090-rag-knowledge-governance-standard.rules.json +29 -0
  82. package/rulesets/adr/generated/adr-0091-workload-identity-token-rotation-standard.rules.json +29 -0
  83. package/rulesets/adr/generated/adr-0092-agent-infinite-loop-prevention-and-circuit-breaker-rules.rules.json +29 -0
  84. package/rulesets/adr/generated/adr-0093-concurrency-control-and-resource-locking-standard-for-mcp-to.rules.json +29 -0
  85. package/rulesets/adr/generated/adr-0094-multi-agent-handoff-and-task-delegation-standards.rules.json +29 -0
  86. package/rulesets/adr/generated/adr-0095-serverless-architecture-governance.rules.json +29 -0
  87. package/rulesets/adr/generated/adr-0096-edge-computing-architecture-governance.rules.json +29 -0
  88. package/rulesets/adr/generated/adr-0097-knowledge-lifecycle-governance-standard.rules.json +29 -0
  89. package/rulesets/adr/generated/adr-0098-rest-uri-versioning-and-deprecation-policy.rules.json +29 -0
  90. package/rulesets/adr/generated/adr-0099-opa-bundle-distribution-via-s3-minio.rules.json +27 -0
  91. package/rulesets/adr/generated/adr-ai-augmented-0001-harness-engineering-for-ai-augmented-development.rules.json +29 -0
  92. package/rulesets/adr/generated/adr-ai-augmented-0002-mcp-integration-protocol-for-agent-tool-invocation.rules.json +29 -0
  93. package/rulesets/adr/generated/adr-ai-augmented-0003-model-selection-governance-for-ai-augmented-workflows.rules.json +29 -0
  94. package/rulesets/adr/generated/adr-ai-augmented-0004-agents-md-as-mandatory-repository-artifact.rules.json +29 -0
  95. package/rulesets/adr/generated/adr-ai-augmented-0005-human-in-the-loop-policy-for-autonomous-agent-operations.rules.json +29 -0
  96. package/rulesets/adr/generated/adr-android-0042-canonical-android-native-mobile-architecture.rules.json +29 -0
  97. package/rulesets/adr/generated/adr-dotnet-0041-canonical-net-c-backend-architecture.rules.json +29 -0
  98. package/rulesets/adr/generated/adr-dotnet-0060-net-multi-tenancy-dual-layer-strategy-ef-core-sql-server.rules.json +29 -0
  99. package/rulesets/adr/generated/adr-dotnet-0061-transactional-event-lifecycle-in-ef-core.rules.json +28 -0
  100. package/rulesets/adr/generated/adr-dotnet-0062-net-immutable-audit-trail-via-ddl-triggers-delta-capture.rules.json +29 -0
  101. package/rulesets/adr/generated/adr-dotnet-0063-b2b-request-idempotency-middleware-in-asp-net-core.rules.json +28 -0
  102. package/rulesets/adr/generated/adr-dotnet-0064-net-request-scope-observability-context-propagation.rules.json +29 -0
  103. package/rulesets/adr/generated/adr-dotnet-0065-net-pii-safe-structured-logging-pipeline-serilog.rules.json +29 -0
  104. package/rulesets/adr/generated/adr-dotnet-0066-net-lightweight-http-idempotency-via-imemorycache-idistribut.rules.json +28 -0
  105. package/rulesets/adr/generated/adr-dotnet-0069-net-grpc-service-setup-protobuf-contracts.rules.json +29 -0
  106. package/rulesets/adr/generated/adr-dotnet-0070-net-api-endpoint-strategy.rules.json +29 -0
  107. package/rulesets/adr/generated/adr-dotnet-0071-net-data-access-strategy-ef-core-as-default-orm-dapper-for-o.rules.json +27 -0
  108. package/rulesets/adr/generated/adr-dotnet-0072-net-aop-cross-cutting-concern-strategy-dispatchproxy-over-pi.rules.json +29 -0
  109. package/rulesets/adr/generated/adr-nodejs-0003-strict-typescript-standards.rules.json +29 -0
  110. package/rulesets/adr/generated/adr-nodejs-0004-frontend-offline-resilience.rules.json +28 -0
  111. package/rulesets/adr/generated/adr-nodejs-0007-observability-with-opentelemetry-loki-and-jaeger.rules.json +29 -0
  112. package/rulesets/adr/generated/adr-nodejs-0008-progressive-multi-module-evolution-with-api-gateway-and-bff-.rules.json +28 -0
  113. package/rulesets/adr/generated/adr-nodejs-0012-advanced-authorization-rbac-abac-strategy.rules.json +28 -0
  114. package/rulesets/adr/generated/adr-nodejs-0021-high-performance-authentication-graph-compilation.rules.json +28 -0
  115. package/rulesets/adr/generated/adr-nodejs-0022-contextual-authentication-and-pluggable-output-projections.rules.json +28 -0
  116. package/rulesets/adr/generated/adr-nodejs-0023-centralized-authorization-core-strategy.rules.json +28 -0
  117. package/rulesets/adr/generated/adr-nodejs-0026-adaptive-mfa-and-passwordless-platform.rules.json +28 -0
  118. package/rulesets/adr/generated/adr-nodejs-0027-dual-protocol-api-strategy-rest-grpc.rules.json +28 -0
  119. package/rulesets/adr/generated/adr-nodejs-0029-adoption-of-tactical-ddd-primitives-library.rules.json +29 -0
  120. package/rulesets/adr/generated/adr-nodejs-0038-enterprise-error-handling-result-pattern-strategy.rules.json +29 -0
  121. package/rulesets/adr/generated/adr-nodejs-0043-data-access-and-orm-strategy-for-node-js.rules.json +29 -0
  122. package/rulesets/adr/generated/adr-nodejs-0044-frontend-clean-architecture-layer-boundaries-react.rules.json +29 -0
  123. package/rulesets/adr/generated/adr-nodejs-0045-frontend-state-management-zustand-tanstack-query-dual-strate.rules.json +29 -0
  124. package/rulesets/adr/generated/adr-nodejs-0046-prohibition-of-raw-technical-identifiers-in-user-interfaces.rules.json +29 -0
  125. package/rulesets/adr/generated/adr-nodejs-0047-actionable-user-error-contract-and-correlated-diagnostics.rules.json +29 -0
  126. package/rulesets/adr/generated/adr-nodejs-0048-feature-flag-system-scope-and-structured-criteria-model.rules.json +29 -0
  127. package/rulesets/adr/generated/adr-nodejs-0074-monorepo-orchestration-with-nx.rules.json +29 -0
  128. package/rulesets/adr/generated/adr-nodejs-0075-application-gateway-bff-with-nestjs.rules.json +29 -0
  129. package/rulesets/architecture/README.es.md +21 -0
  130. package/rulesets/architecture/README.md +21 -0
  131. package/rulesets/architecture/opa/progressive-axis.rego +50 -0
  132. package/rulesets/cli/README.es.md +17 -0
  133. package/rulesets/cli/README.md +17 -0
  134. package/rulesets/cli/core-parity.rules.json +61 -0
  135. package/rulesets/cli/release-readiness.rules.json +77 -0
  136. package/rulesets/compliance-baseline/README.es.md +26 -0
  137. package/rulesets/compliance-baseline/README.md +26 -0
  138. package/rulesets/compliance-baseline/compliance-baseline.rules.json +81 -0
  139. package/rulesets/contracts/README.es.md +19 -0
  140. package/rulesets/contracts/README.md +19 -0
  141. package/rulesets/contracts/evolith-machine-contracts.json +29 -0
  142. package/rulesets/contracts/fixtures/gate-evidence.success.json +10 -0
  143. package/rulesets/contracts/fixtures/output-envelope.success.json +23 -0
  144. package/rulesets/cross-cutting/README.es.md +14 -0
  145. package/rulesets/cross-cutting/README.md +14 -0
  146. package/rulesets/cross-cutting/compliance-baseline.rules.json +81 -0
  147. package/rulesets/cross-cutting/definition-of-done.rules.json +135 -0
  148. package/rulesets/cross-cutting/engineering-manifesto.rules.json +145 -0
  149. package/rulesets/cross-cutting/repository-taxonomy.rules.json +172 -0
  150. package/rulesets/definition-of-done/README.es.md +26 -0
  151. package/rulesets/definition-of-done/README.md +26 -0
  152. package/rulesets/definition-of-done/definition-of-done.rules.json +135 -0
  153. package/rulesets/engineering-manifesto/README.es.md +26 -0
  154. package/rulesets/engineering-manifesto/README.md +26 -0
  155. package/rulesets/engineering-manifesto/engineering-manifesto.rules.json +145 -0
  156. package/rulesets/evidence/README.es.md +12 -0
  157. package/rulesets/evidence/README.md +12 -0
  158. package/rulesets/evidence/evidence-manifest.rules.json +48 -0
  159. package/rulesets/executive-scorecards/executive-scorecards.rules.es.json +213 -0
  160. package/rulesets/executive-scorecards/executive-scorecards.rules.json +213 -0
  161. package/rulesets/governance/README.es.md +13 -0
  162. package/rulesets/governance/README.md +13 -0
  163. package/rulesets/governance/abac-mcp-access.rules.es.json +41 -0
  164. package/rulesets/governance/abac-mcp-access.rules.json +41 -0
  165. package/rulesets/governance/executive-scorecards.rules.es.json +213 -0
  166. package/rulesets/governance/executive-scorecards.rules.json +213 -0
  167. package/rulesets/governance/inheritance.rules.json +115 -0
  168. package/rulesets/governance/knowledge-intake.rules.json +18 -0
  169. package/rulesets/governance/open-core-boundary.rules.es.json +148 -0
  170. package/rulesets/governance/open-core-boundary.rules.json +148 -0
  171. package/rulesets/governance/satellite-contracts.rules.json +183 -0
  172. package/rulesets/infrastructure/helm-enforcement.rules.json +21 -0
  173. package/rulesets/infrastructure/opa/helm-enforcement.rego +25 -0
  174. package/rulesets/infrastructure/opa/helm-enforcement.test.rego +31 -0
  175. package/rulesets/infrastructure/opa/opa-sidecar-bundle.rego +115 -0
  176. package/rulesets/infrastructure/opa/opa-sidecar-bundle.test.rego +66 -0
  177. package/rulesets/infrastructure/opa-sidecar-bundle.rules.json +18 -0
  178. package/rulesets/mcp/README.es.md +12 -0
  179. package/rulesets/mcp/README.md +12 -0
  180. package/rulesets/mcp/protocol-compliance.rules.json +57 -0
  181. package/rulesets/observability/README.es.md +12 -0
  182. package/rulesets/observability/README.md +12 -0
  183. package/rulesets/observability/telemetry-evidence.rules.json +48 -0
  184. package/rulesets/opa/README.es.md +22 -0
  185. package/rulesets/opa/README.md +22 -0
  186. package/rulesets/opa/abac-mcp-tool-access.rego +122 -0
  187. package/rulesets/opa/abac-mcp-tool-access.test.rego +33 -0
  188. package/rulesets/opa/anti-corruption-layer.rego +39 -0
  189. package/rulesets/opa/anti-corruption-layer.test.rego +118 -0
  190. package/rulesets/opa/ci-cd.rego +41 -0
  191. package/rulesets/opa/ci-cd.test.rego +23 -0
  192. package/rulesets/opa/cicd-quality-gates.rego +29 -0
  193. package/rulesets/opa/cicd-quality-gates.test.rego +54 -0
  194. package/rulesets/opa/cli-core-parity.rego +17 -0
  195. package/rulesets/opa/cli-core-parity.test.rego +39 -0
  196. package/rulesets/opa/cli-readiness.rego +32 -0
  197. package/rulesets/opa/cli-readiness.test.rego +23 -0
  198. package/rulesets/opa/cli-release-readiness.rego +21 -0
  199. package/rulesets/opa/cli-release-readiness.test.rego +46 -0
  200. package/rulesets/opa/compliance-baseline.rego +95 -0
  201. package/rulesets/opa/compliance-baseline.test.rego +89 -0
  202. package/rulesets/opa/dod.rego +42 -0
  203. package/rulesets/opa/dod.test.rego +250 -0
  204. package/rulesets/opa/engineering-manifesto.rego +78 -0
  205. package/rulesets/opa/engineering-manifesto.test.rego +133 -0
  206. package/rulesets/opa/evidence.rego +64 -0
  207. package/rulesets/opa/evidence.test.rego +23 -0
  208. package/rulesets/opa/executive-scorecards.rego +41 -0
  209. package/rulesets/opa/executive-scorecards.test.rego +60 -0
  210. package/rulesets/opa/gitflow-branching.rego +41 -0
  211. package/rulesets/opa/gitflow-branching.test.rego +60 -0
  212. package/rulesets/opa/governance.rego +39 -0
  213. package/rulesets/opa/governance.test.rego +23 -0
  214. package/rulesets/opa/hexagonal-architecture.rego +33 -0
  215. package/rulesets/opa/hexagonal-architecture.test.rego +57 -0
  216. package/rulesets/opa/infrastructure/helm-enforcement.rego +33 -0
  217. package/rulesets/opa/infrastructure/opa-sidecar-bundle.rego +42 -0
  218. package/rulesets/opa/knowledge-intake.rego +98 -0
  219. package/rulesets/opa/knowledge-intake.test.rego +50 -0
  220. package/rulesets/opa/main.rego +147 -0
  221. package/rulesets/opa/main_test.rego +149 -0
  222. package/rulesets/opa/mcp.rego +61 -0
  223. package/rulesets/opa/mcp.test.rego +27 -0
  224. package/rulesets/opa/multi-runtime.rego +33 -0
  225. package/rulesets/opa/multi-runtime.test.rego +53 -0
  226. package/rulesets/opa/multi-tenancy.rego +33 -0
  227. package/rulesets/opa/multi-tenancy.test.rego +53 -0
  228. package/rulesets/opa/open-core-boundary.rego +33 -0
  229. package/rulesets/opa/open-core-boundary.test.rego +60 -0
  230. package/rulesets/opa/protocol-selection.rego +29 -0
  231. package/rulesets/opa/protocol-selection.test.rego +46 -0
  232. package/rulesets/opa/rbac/gate-role-enforcement.rego +112 -0
  233. package/rulesets/opa/repository-taxonomy.rego +98 -0
  234. package/rulesets/opa/repository-taxonomy.test.rego +91 -0
  235. package/rulesets/opa/satellite-contracts.rego +42 -0
  236. package/rulesets/opa/satellite-contracts.test.rego +70 -0
  237. package/rulesets/opa/schemas/abac-mcp-tool-access.input.schema.json +21 -0
  238. package/rulesets/opa/schemas/anti-corruption-layer.input.schema.json +25 -0
  239. package/rulesets/opa/schemas/ci-cd.input.schema.json +27 -0
  240. package/rulesets/opa/schemas/cicd-quality-gates.input.schema.json +33 -0
  241. package/rulesets/opa/schemas/cli-core-parity.input.schema.json +30 -0
  242. package/rulesets/opa/schemas/cli-readiness.input.schema.json +28 -0
  243. package/rulesets/opa/schemas/cli-release-readiness.input.schema.json +26 -0
  244. package/rulesets/opa/schemas/compliance-baseline.input.schema.json +25 -0
  245. package/rulesets/opa/schemas/dod.input.schema.json +38 -0
  246. package/rulesets/opa/schemas/engineering-manifesto.input.schema.json +24 -0
  247. package/rulesets/opa/schemas/evidence.input.schema.json +35 -0
  248. package/rulesets/opa/schemas/executive-scorecards.input.schema.json +36 -0
  249. package/rulesets/opa/schemas/gitflow-branching.input.schema.json +36 -0
  250. package/rulesets/opa/schemas/governance.input.schema.json +19 -0
  251. package/rulesets/opa/schemas/hexagonal-architecture.input.schema.json +46 -0
  252. package/rulesets/opa/schemas/knowledge-intake.input.schema.json +57 -0
  253. package/rulesets/opa/schemas/mcp.input.schema.json +38 -0
  254. package/rulesets/opa/schemas/multi-runtime.input.schema.json +27 -0
  255. package/rulesets/opa/schemas/multi-tenancy.input.schema.json +27 -0
  256. package/rulesets/opa/schemas/open-core-boundary.input.schema.json +36 -0
  257. package/rulesets/opa/schemas/protocol-selection.input.schema.json +26 -0
  258. package/rulesets/opa/schemas/repository-taxonomy.input.schema.json +18 -0
  259. package/rulesets/opa/schemas/satellite-contracts.input.schema.json +38 -0
  260. package/rulesets/opa/schemas/taxonomy.input.schema.json +27 -0
  261. package/rulesets/opa/schemas/testing-pyramid.input.schema.json +42 -0
  262. package/rulesets/opa/schemas/version-pinning.input.schema.json +39 -0
  263. package/rulesets/opa/sdlc/coverage.rego +49 -0
  264. package/rulesets/opa/sdlc/coverage.test.rego +29 -0
  265. package/rulesets/opa/sdlc/pyramid-distribution.rego +31 -0
  266. package/rulesets/opa/sdlc/pyramid-distribution.test.rego +33 -0
  267. package/rulesets/opa/taxonomy.rego +51 -0
  268. package/rulesets/opa/taxonomy.test.rego +28 -0
  269. package/rulesets/opa/telemetry-evidence.rego +102 -0
  270. package/rulesets/opa/testing-pyramid.rego +49 -0
  271. package/rulesets/opa/testing-pyramid.test.rego +81 -0
  272. package/rulesets/opa/version-pinning.rego +99 -0
  273. package/rulesets/opa/version-pinning.test.rego +28 -0
  274. package/rulesets/phase-gates/README.es.md +28 -0
  275. package/rulesets/phase-gates/README.md +28 -0
  276. package/rulesets/phase-gates/phase-gates.rules.json +297 -0
  277. package/rulesets/quality-thresholds/README.es.md +28 -0
  278. package/rulesets/quality-thresholds/README.md +28 -0
  279. package/rulesets/quality-thresholds/quality-thresholds.rules.json +96 -0
  280. package/rulesets/repository-taxonomy/README.es.md +26 -0
  281. package/rulesets/repository-taxonomy/README.md +26 -0
  282. package/rulesets/repository-taxonomy/repository-taxonomy.rules.json +172 -0
  283. package/rulesets/satellite-contracts/README.es.md +27 -0
  284. package/rulesets/satellite-contracts/README.md +27 -0
  285. package/rulesets/satellite-contracts/satellite-contracts.rules.json +183 -0
  286. package/rulesets/schema/README.es.md +39 -0
  287. package/rulesets/schema/README.md +39 -0
  288. package/rulesets/schema/adr.schema.json +138 -0
  289. package/rulesets/schema/agile-backlog.schema.json +91 -0
  290. package/rulesets/schema/ballpark-estimation.schema.json +109 -0
  291. package/rulesets/schema/build-vs-compose.schema.json +98 -0
  292. package/rulesets/schema/cli-impact-analysis.schema.json +114 -0
  293. package/rulesets/schema/discovery-canvas.schema.json +92 -0
  294. package/rulesets/schema/evolith-user-story.schema.json +105 -0
  295. package/rulesets/schema/evolith-yaml.schema.json +191 -0
  296. package/rulesets/schema/functional-story.schema.json +111 -0
  297. package/rulesets/schema/gate-evidence.schema.json +85 -0
  298. package/rulesets/schema/integration-evidence.schema.json +47 -0
  299. package/rulesets/schema/knowledge-intake.schema.json +67 -0
  300. package/rulesets/schema/knowledge-projection.schema.json +24 -0
  301. package/rulesets/schema/maturity-evidence.schema.json +59 -0
  302. package/rulesets/schema/observability-validation.schema.json +85 -0
  303. package/rulesets/schema/on-call-handoff.schema.json +91 -0
  304. package/rulesets/schema/output-envelope.schema.json +102 -0
  305. package/rulesets/schema/prd.schema.json +117 -0
  306. package/rulesets/schema/release-notes.schema.json +138 -0
  307. package/rulesets/schema/rollback-rehearsal.schema.json +73 -0
  308. package/rulesets/schema/ruleset-sdlc.schema.json +59 -0
  309. package/rulesets/schema/ruleset-standard.schema.json +73 -0
  310. package/rulesets/schema/security-scan-report.schema.json +79 -0
  311. package/rulesets/schema/source-registry.schema.json +51 -0
  312. package/rulesets/schema/technical-feasibility.schema.json +66 -0
  313. package/rulesets/schema/technical-story.schema.json +112 -0
  314. package/rulesets/schema/test-summary-report.schema.json +158 -0
  315. package/rulesets/schema/topology-composition.schema.json +43 -0
  316. package/rulesets/schema/topology-manifest.schema.json +421 -0
  317. package/rulesets/sdlc/README.es.md +12 -0
  318. package/rulesets/sdlc/README.md +12 -0
  319. package/rulesets/sdlc/default-workflow.yaml +73 -0
  320. package/rulesets/sdlc/dependency-pinning.rules.json +183 -0
  321. package/rulesets/sdlc/phase-gates.rules.json +297 -0
  322. package/rulesets/sdlc/quality-thresholds.rules.json +96 -0
  323. package/rulesets/topologies/README.es.md +42 -0
  324. package/rulesets/topologies/README.md +42 -0
  325. package/rulesets/topologies/agentic-ai/README.es.md +142 -0
  326. package/rulesets/topologies/agentic-ai/README.md +142 -0
  327. package/rulesets/topologies/agentic-ai/adoption.es.md +37 -0
  328. package/rulesets/topologies/agentic-ai/adoption.md +37 -0
  329. package/rulesets/topologies/agentic-ai/agent.config.schema.json +100 -0
  330. package/rulesets/topologies/agentic-ai/agentic-ai.rego +46 -0
  331. package/rulesets/topologies/agentic-ai/agentic-ai.rules.json +109 -0
  332. package/rulesets/topologies/agentic-ai/agentic-ai.test.rego +68 -0
  333. package/rulesets/topologies/agentic-ai/agentic-ai.wasm +0 -0
  334. package/rulesets/topologies/agentic-ai/cli/cli-flows.es.md +35 -0
  335. package/rulesets/topologies/agentic-ai/cli/cli-flows.md +45 -0
  336. package/rulesets/topologies/agentic-ai/evidence.es.md +25 -0
  337. package/rulesets/topologies/agentic-ai/evidence.md +25 -0
  338. package/rulesets/topologies/agentic-ai/evolution.es.md +26 -0
  339. package/rulesets/topologies/agentic-ai/evolution.md +26 -0
  340. package/rulesets/topologies/agentic-ai/fixtures/invalid-agent.config.json +48 -0
  341. package/rulesets/topologies/agentic-ai/fixtures/valid-agent.config.json +48 -0
  342. package/rulesets/topologies/agentic-ai/maturity.es.md +33 -0
  343. package/rulesets/topologies/agentic-ai/maturity.md +33 -0
  344. package/rulesets/topologies/agentic-ai/mcp/mcp-manifest.json +100 -0
  345. package/rulesets/topologies/agentic-ai/openapi/openapi.yaml +187 -0
  346. package/rulesets/topologies/agentic-ai/operations.es.md +32 -0
  347. package/rulesets/topologies/agentic-ai/operations.md +32 -0
  348. package/rulesets/topologies/agentic-ai/parity-fixtures/compliant.json +18 -0
  349. package/rulesets/topologies/agentic-ai/parity-fixtures/violation.json +22 -0
  350. package/rulesets/topologies/agentic-ai/patterns.es.md +32 -0
  351. package/rulesets/topologies/agentic-ai/patterns.md +32 -0
  352. package/rulesets/topologies/agentic-ai/resilience.es.md +26 -0
  353. package/rulesets/topologies/agentic-ai/resilience.md +26 -0
  354. package/rulesets/topologies/agentic-ai/runbooks.es.md +48 -0
  355. package/rulesets/topologies/agentic-ai/runbooks.md +48 -0
  356. package/rulesets/topologies/agentic-ai/security.es.md +26 -0
  357. package/rulesets/topologies/agentic-ai/security.md +26 -0
  358. package/rulesets/topologies/agentic-ai/topology.manifest.json +127 -0
  359. package/rulesets/topologies/data-mesh/README.es.md +69 -0
  360. package/rulesets/topologies/data-mesh/README.md +69 -0
  361. package/rulesets/topologies/data-mesh/adoption.es.md +95 -0
  362. package/rulesets/topologies/data-mesh/adoption.md +95 -0
  363. package/rulesets/topologies/data-mesh/cli/cli-flows.es.md +41 -0
  364. package/rulesets/topologies/data-mesh/cli/cli-flows.md +53 -0
  365. package/rulesets/topologies/data-mesh/data-mesh.rego +11 -0
  366. package/rulesets/topologies/data-mesh/data-mesh.rules.json +100 -0
  367. package/rulesets/topologies/data-mesh/data-mesh.test.rego +107 -0
  368. package/rulesets/topologies/data-mesh/data-mesh.wasm +0 -0
  369. package/rulesets/topologies/data-mesh/evidence.es.md +111 -0
  370. package/rulesets/topologies/data-mesh/evidence.md +111 -0
  371. package/rulesets/topologies/data-mesh/evolution.es.md +67 -0
  372. package/rulesets/topologies/data-mesh/evolution.md +67 -0
  373. package/rulesets/topologies/data-mesh/fixtures/invalid.topology.config.json +12 -0
  374. package/rulesets/topologies/data-mesh/fixtures/valid.topology.config.json +12 -0
  375. package/rulesets/topologies/data-mesh/maturity.es.md +36 -0
  376. package/rulesets/topologies/data-mesh/maturity.md +36 -0
  377. package/rulesets/topologies/data-mesh/mcp/mcp-manifest.json +68 -0
  378. package/rulesets/topologies/data-mesh/openapi/openapi.yaml +186 -0
  379. package/rulesets/topologies/data-mesh/operations.es.md +63 -0
  380. package/rulesets/topologies/data-mesh/operations.md +63 -0
  381. package/rulesets/topologies/data-mesh/parity-fixtures/compliant.json +18 -0
  382. package/rulesets/topologies/data-mesh/parity-fixtures/violation.json +21 -0
  383. package/rulesets/topologies/data-mesh/patterns.es.md +67 -0
  384. package/rulesets/topologies/data-mesh/patterns.md +67 -0
  385. package/rulesets/topologies/data-mesh/resilience.es.md +64 -0
  386. package/rulesets/topologies/data-mesh/resilience.md +64 -0
  387. package/rulesets/topologies/data-mesh/runbooks.es.md +147 -0
  388. package/rulesets/topologies/data-mesh/runbooks.md +147 -0
  389. package/rulesets/topologies/data-mesh/security.es.md +66 -0
  390. package/rulesets/topologies/data-mesh/security.md +66 -0
  391. package/rulesets/topologies/data-mesh/topology.config.schema.json +30 -0
  392. package/rulesets/topologies/data-mesh/topology.manifest.json +107 -0
  393. package/rulesets/topologies/edge-computing/README.es.md +81 -0
  394. package/rulesets/topologies/edge-computing/README.md +81 -0
  395. package/rulesets/topologies/edge-computing/adoption.es.md +268 -0
  396. package/rulesets/topologies/edge-computing/adoption.md +268 -0
  397. package/rulesets/topologies/edge-computing/cli/cli-flows.es.md +41 -0
  398. package/rulesets/topologies/edge-computing/cli/cli-flows.md +53 -0
  399. package/rulesets/topologies/edge-computing/edge-computing.rego +41 -0
  400. package/rulesets/topologies/edge-computing/edge-computing.rules.json +50 -0
  401. package/rulesets/topologies/edge-computing/edge-computing.test.rego +33 -0
  402. package/rulesets/topologies/edge-computing/edge-computing.wasm +0 -0
  403. package/rulesets/topologies/edge-computing/evidence.es.md +263 -0
  404. package/rulesets/topologies/edge-computing/evidence.md +263 -0
  405. package/rulesets/topologies/edge-computing/evolution.es.md +257 -0
  406. package/rulesets/topologies/edge-computing/evolution.md +257 -0
  407. package/rulesets/topologies/edge-computing/fixtures/invalid.topology.config.json +6 -0
  408. package/rulesets/topologies/edge-computing/fixtures/valid.topology.config.json +6 -0
  409. package/rulesets/topologies/edge-computing/maturity.es.md +36 -0
  410. package/rulesets/topologies/edge-computing/maturity.md +36 -0
  411. package/rulesets/topologies/edge-computing/mcp/mcp-manifest.json +72 -0
  412. package/rulesets/topologies/edge-computing/openapi/openapi.yaml +187 -0
  413. package/rulesets/topologies/edge-computing/operations.es.md +148 -0
  414. package/rulesets/topologies/edge-computing/operations.md +148 -0
  415. package/rulesets/topologies/edge-computing/parity-fixtures/compliant.json +12 -0
  416. package/rulesets/topologies/edge-computing/parity-fixtures/violation.json +13 -0
  417. package/rulesets/topologies/edge-computing/patterns.es.md +291 -0
  418. package/rulesets/topologies/edge-computing/patterns.md +290 -0
  419. package/rulesets/topologies/edge-computing/resilience.es.md +232 -0
  420. package/rulesets/topologies/edge-computing/resilience.md +229 -0
  421. package/rulesets/topologies/edge-computing/runbooks.es.md +405 -0
  422. package/rulesets/topologies/edge-computing/runbooks.md +405 -0
  423. package/rulesets/topologies/edge-computing/security.es.md +218 -0
  424. package/rulesets/topologies/edge-computing/security.md +218 -0
  425. package/rulesets/topologies/edge-computing/topology.config.schema.json +13 -0
  426. package/rulesets/topologies/edge-computing/topology.manifest.json +113 -0
  427. package/rulesets/topologies/event-driven/README.es.md +71 -0
  428. package/rulesets/topologies/event-driven/README.md +71 -0
  429. package/rulesets/topologies/event-driven/adoption.es.md +67 -0
  430. package/rulesets/topologies/event-driven/adoption.md +67 -0
  431. package/rulesets/topologies/event-driven/cli/cli-flows.es.md +41 -0
  432. package/rulesets/topologies/event-driven/cli/cli-flows.md +53 -0
  433. package/rulesets/topologies/event-driven/event-driven.rego +11 -0
  434. package/rulesets/topologies/event-driven/event-driven.rules.json +100 -0
  435. package/rulesets/topologies/event-driven/event-driven.test.rego +107 -0
  436. package/rulesets/topologies/event-driven/event-driven.wasm +0 -0
  437. package/rulesets/topologies/event-driven/evidence.es.md +69 -0
  438. package/rulesets/topologies/event-driven/evidence.md +69 -0
  439. package/rulesets/topologies/event-driven/evolution.es.md +59 -0
  440. package/rulesets/topologies/event-driven/evolution.md +59 -0
  441. package/rulesets/topologies/event-driven/fixtures/invalid.topology.config.json +12 -0
  442. package/rulesets/topologies/event-driven/fixtures/valid.topology.config.json +12 -0
  443. package/rulesets/topologies/event-driven/maturity.es.md +36 -0
  444. package/rulesets/topologies/event-driven/maturity.md +36 -0
  445. package/rulesets/topologies/event-driven/mcp/mcp-manifest.json +68 -0
  446. package/rulesets/topologies/event-driven/openapi/openapi.yaml +186 -0
  447. package/rulesets/topologies/event-driven/operations.es.md +67 -0
  448. package/rulesets/topologies/event-driven/operations.md +67 -0
  449. package/rulesets/topologies/event-driven/parity-fixtures/compliant.json +18 -0
  450. package/rulesets/topologies/event-driven/parity-fixtures/violation.json +21 -0
  451. package/rulesets/topologies/event-driven/patterns.es.md +68 -0
  452. package/rulesets/topologies/event-driven/patterns.md +68 -0
  453. package/rulesets/topologies/event-driven/resilience.es.md +65 -0
  454. package/rulesets/topologies/event-driven/resilience.md +65 -0
  455. package/rulesets/topologies/event-driven/runbooks.es.md +79 -0
  456. package/rulesets/topologies/event-driven/runbooks.md +79 -0
  457. package/rulesets/topologies/event-driven/security.es.md +59 -0
  458. package/rulesets/topologies/event-driven/security.md +59 -0
  459. package/rulesets/topologies/event-driven/topology.config.schema.json +30 -0
  460. package/rulesets/topologies/event-driven/topology.manifest.json +109 -0
  461. package/rulesets/topologies/progressive-axis/distributed-modules/distributed-modules.rules.es.json +111 -0
  462. package/rulesets/topologies/progressive-axis/distributed-modules/distributed-modules.rules.json +111 -0
  463. package/rulesets/topologies/progressive-axis/microservices/microservices.rules.es.json +106 -0
  464. package/rulesets/topologies/progressive-axis/microservices/microservices.rules.json +106 -0
  465. package/rulesets/topologies/progressive-axis/modular-monolith/modular-monolith.rules.es.json +148 -0
  466. package/rulesets/topologies/progressive-axis/modular-monolith/modular-monolith.rules.json +148 -0
  467. package/rulesets/topologies/serverless/README.es.md +74 -0
  468. package/rulesets/topologies/serverless/README.md +74 -0
  469. package/rulesets/topologies/serverless/adoption.es.md +50 -0
  470. package/rulesets/topologies/serverless/adoption.md +50 -0
  471. package/rulesets/topologies/serverless/cli/cli-flows.es.md +41 -0
  472. package/rulesets/topologies/serverless/cli/cli-flows.md +53 -0
  473. package/rulesets/topologies/serverless/evidence.es.md +66 -0
  474. package/rulesets/topologies/serverless/evidence.md +66 -0
  475. package/rulesets/topologies/serverless/evolution.es.md +36 -0
  476. package/rulesets/topologies/serverless/evolution.md +36 -0
  477. package/rulesets/topologies/serverless/fixtures/invalid.topology.config.json +6 -0
  478. package/rulesets/topologies/serverless/fixtures/valid.topology.config.json +6 -0
  479. package/rulesets/topologies/serverless/maturity.es.md +36 -0
  480. package/rulesets/topologies/serverless/maturity.md +36 -0
  481. package/rulesets/topologies/serverless/mcp/mcp-manifest.json +72 -0
  482. package/rulesets/topologies/serverless/openapi/openapi.yaml +186 -0
  483. package/rulesets/topologies/serverless/operations.es.md +36 -0
  484. package/rulesets/topologies/serverless/operations.md +36 -0
  485. package/rulesets/topologies/serverless/parity-fixtures/compliant.json +13 -0
  486. package/rulesets/topologies/serverless/parity-fixtures/violation.json +15 -0
  487. package/rulesets/topologies/serverless/patterns.es.md +36 -0
  488. package/rulesets/topologies/serverless/patterns.md +36 -0
  489. package/rulesets/topologies/serverless/resilience.es.md +36 -0
  490. package/rulesets/topologies/serverless/resilience.md +36 -0
  491. package/rulesets/topologies/serverless/runbooks.es.md +68 -0
  492. package/rulesets/topologies/serverless/runbooks.md +68 -0
  493. package/rulesets/topologies/serverless/security.es.md +36 -0
  494. package/rulesets/topologies/serverless/security.md +36 -0
  495. package/rulesets/topologies/serverless/serverless.rego +32 -0
  496. package/rulesets/topologies/serverless/serverless.rules.json +33 -0
  497. package/rulesets/topologies/serverless/serverless.test.rego +28 -0
  498. package/rulesets/topologies/serverless/serverless.wasm +0 -0
  499. package/rulesets/topologies/serverless/topology.config.schema.json +28 -0
  500. package/rulesets/topologies/serverless/topology.manifest.json +114 -0
package/rulesets/topologies/event-driven/cli/cli-flows.md ADDED
@@ -0,0 +1,53 @@
1
+ # Event-Driven — CLI Flows
2
+
3
+ > **Bilingual Navigation:** [Versión en Español](./cli-flows.es.md)
4
+
5
+ **Validators declarados:** `validate-architecture`, `validate-topology`
6
+
7
+ The following CLI commands are available for the Event-Driven topology.
8
+
9
+ ## Validate
10
+
11
+ ```bash
12
+ evolith validate --topology event-driven
13
+ evolith validate --topology event-driven --arch-level F2
14
+ evolith validate --topology event-driven --format json
15
+ ```
16
+
17
+ Validates an Event-Driven configuration against the topology's native rules (`event-driven.rules.json`) and OPA Rego policies (`event-driven.rego`), checking message ordering, idempotency, eventual consistency, and event channel governance.
18
+
19
+ ## Inspect
20
+
21
+ ```bash
22
+ evolith topology inspect event-driven
23
+ evolith topology inspect event-driven --include-channels
24
+ ```
25
+
26
+ Returns the parsed Event-Driven topology manifest, event channel and subscription metadata, and corpus artifact references.
27
+
28
+ ## Drift
29
+
30
+ ```bash
31
+ evolith drift detect --topology event-driven
32
+ evolith drift detect --topology event-driven --format json
33
+ ```
34
+
35
+ Detects configuration drift between the Event-Driven topology's declared ruleset and the current workspace state.
36
+
37
+ ## Scaffold
38
+
39
+ ```bash
40
+ evolith architecture scaffold --topology event-driven
41
+ evolith architecture scaffold --topology event-driven --dry-run
42
+ ```
43
+
44
+ Scaffolds an Event-Driven topology workspace with the canonical corpus structure, manifest, config schema, and OPA policies.
45
+
46
+ ## Gate Evaluation
47
+
48
+ ```bash
49
+ evolith gate evaluate --topology event-driven
50
+ evolith gate evaluate --topology event-driven --phase F1
51
+ ```
52
+
53
+ Evaluates Event-Driven phase gates, validating message contract conformance and channel ownership.
package/rulesets/topologies/event-driven/event-driven.rego ADDED
@@ -0,0 +1,11 @@
1
+ package evolith.topologies.eventdriven
2
+
3
+ violations[{"id":"ED-R01","blocking":true,"message":"event-driven.config.json must declare strictAsyncApi=true (ED-R01)."}] { not input.satellite.eventDriven.hasStrictAsyncApi }
4
+ violations[{"id":"ED-R02","blocking":true,"message":"event-driven.config.json must declare transactionalOutbox=true (ED-R02)."}] { not input.satellite.eventDriven.hasOutbox }
5
+ violations[{"id":"ED-R03","blocking":true,"message":"event-driven.config.json must declare deadLetterQueue=true (ED-R03)."}] { not input.satellite.eventDriven.hasDlq }
6
+ violations[{"id":"ED-R04","blocking":true,"message":"event-driven.config.json must declare hasOrderingGuarantee=true (ED-R04)."}] { not input.satellite.eventDriven.hasOrderingGuarantee }
7
+ violations[{"id":"ED-R05","blocking":true,"message":"All event consumers must implement idempotency; event-driven.config.json must declare hasIdempotencyKey=true (ED-R05)."}] { not input.satellite.eventDriven.hasIdempotencyKey }
8
+ violations[{"id":"ED-R06","blocking":true,"message":"Event schemas must evolve in a backward-compatible manner; event-driven.config.json must declare hasBackwardCompatibleSchema=true (ED-R06)."}] { not input.satellite.eventDriven.hasBackwardCompatibleSchema }
9
+ violations[{"id":"ED-R07","blocking":false,"message":"event-driven.config.json must declare hasRetentionPolicy=true with an explicit retention window per topic (ED-R07)."}] { not input.satellite.eventDriven.hasRetentionPolicy }
10
+ violations[{"id":"ED-R08","blocking":false,"message":"All published events must carry CorrelationId and TraceId headers; event-driven.config.json must declare hasEventCorrelation=true (ED-R08)."}] { not input.satellite.eventDriven.hasEventCorrelation }
11
+ violations[{"id":"ED-R09","blocking":false,"message":"All consumers should register a named consumer group; event-driven.config.json should declare hasConsumerGroupRegistry=true (ED-R09)."}] { not input.satellite.eventDriven.hasConsumerGroupRegistry }
package/rulesets/topologies/event-driven/event-driven.rules.json ADDED
@@ -0,0 +1,100 @@
1
+ {
2
+ "$schema": "../../../../../rulesets/schema/ruleset-standard.schema.json",
3
+ "$id": "https://evolith.dev/rulesets/topologies/event-driven.rules.json",
4
+ "title": "Event-Driven Topology Rules",
5
+ "description": "Architectural rules for the event-driven integration topology.",
6
+ "version": "1.1.0",
7
+ "effectiveDate": "2026-06-22",
8
+ "rules": [
9
+ {
10
+ "id": "ED-R01",
11
+ "severity": "MUST",
12
+ "category": "event-driven-config",
13
+ "title": "Strict AsyncAPI Contract",
14
+ "description": "An Event-Driven satellite MUST provide event-driven.config.json and declare strictAsyncApi=true.",
15
+ "rationale": "AsyncAPI contracts provide machine-readable event schemas that enable consumer code generation, documentation, and contract testing. Without this declaration, event shape regressions go undetected across producer/consumer boundaries.",
16
+ "validationQuery": "Verify event-driven.config.json exists and strictAsyncApi is set to true. No event publication allowed without a registered AsyncAPI document.",
17
+ "blocking": true
18
+ },
19
+ {
20
+ "id": "ED-R02",
21
+ "severity": "MUST",
22
+ "category": "event-driven-outbox",
23
+ "title": "Transactional Outbox",
24
+ "description": "event-driven.config.json MUST declare transactionalOutbox=true.",
25
+ "rationale": "Direct broker publication inside a database transaction risks dual-write failures where the DB commits but the message is lost. The Transactional Outbox pattern guarantees at-least-once delivery by staging messages in the same transaction as domain writes.",
26
+ "validationQuery": "Verify event-driven.config.json declares transactionalOutbox=true. Confirm outbox relay job or CDC mechanism is present in the infrastructure layer.",
27
+ "blocking": true
28
+ },
29
+ {
30
+ "id": "ED-R03",
31
+ "severity": "MUST",
32
+ "category": "event-driven-dlq",
33
+ "title": "Dead Letter Queue",
34
+ "description": "event-driven.config.json MUST declare deadLetterQueue=true.",
35
+ "rationale": "Without a DLQ, poison messages cause unbounded consumer retry loops that starve healthy message processing and degrade system availability. A DLQ enables forensic analysis of failed deliveries and controlled replay.",
36
+ "validationQuery": "Verify event-driven.config.json declares deadLetterQueue=true. Confirm DLQ topic or queue exists in broker configuration and consumer error handler routes to it.",
37
+ "blocking": true
38
+ },
39
+ {
40
+ "id": "ED-R04",
41
+ "severity": "MUST",
42
+ "category": "event-ordering",
43
+ "title": "Event Ordering Guarantee",
44
+ "description": "An Event-Driven satellite MUST declare its ordering guarantee (e.g., partition-key ordering or total ordering) in event-driven.config.json via hasOrderingGuarantee=true.",
45
+ "rationale": "Undeclared ordering assumptions lead to race conditions in downstream consumers that process state transitions out of sequence. Explicit ordering guarantees force architectural decisions (e.g., partition-key selection) to be made deliberately rather than discovered in production.",
46
+ "validationQuery": "Verify event-driven.config.json declares hasOrderingGuarantee=true and that a partitioning strategy (e.g., aggregateId as partition key) is documented in the event schema.",
47
+ "blocking": true
48
+ },
49
+ {
50
+ "id": "ED-R05",
51
+ "severity": "MUST",
52
+ "category": "idempotency",
53
+ "title": "Idempotent Consumer Contract",
54
+ "description": "All event consumers MUST implement idempotency using a deduplicated message key (hasIdempotencyKey=true in event-driven.config.json).",
55
+ "rationale": "At-least-once delivery guarantees (required by ED-R02) mean duplicate messages are possible. Without idempotent consumers, duplicate processing causes data corruption, double billing, or ghost records. Idempotency keys (e.g., eventId) enable safe re-delivery.",
56
+ "validationQuery": "Verify event-driven.config.json declares hasIdempotencyKey=true. AST scan consumer handlers for idempotency guard using a deduplication store (Redis, DB unique key, etc.).",
57
+ "blocking": true
58
+ },
59
+ {
60
+ "id": "ED-R06",
61
+ "severity": "MUST",
62
+ "category": "schema-evolution",
63
+ "title": "Backward-Compatible Schema Evolution",
64
+ "description": "All event schemas MUST be evolved in a backward-compatible manner (hasBackwardCompatibleSchema=true). Breaking changes require a new event type version.",
65
+ "rationale": "Consumers evolve independently of producers. A breaking schema change — removing a field, changing a type — silently breaks consumers that cannot be updated in lockstep. Backward compatibility (Avro/JSONSchema additionalProperties, optional fields) allows independent rollout.",
66
+ "validationQuery": "Verify event-driven.config.json declares hasBackwardCompatibleSchema=true. Validate that event schema changes pass backward-compatibility checks in CI (e.g., Confluent Schema Registry compatibility check or JSON Schema diff tool).",
67
+ "blocking": true
68
+ },
69
+ {
70
+ "id": "ED-R07",
71
+ "severity": "MUST",
72
+ "category": "retention",
73
+ "title": "Retention Policy Declaration",
74
+ "description": "event-driven.config.json MUST declare hasRetentionPolicy=true with an explicit retention window per topic.",
75
+ "rationale": "Unmanaged event retention leads to unbounded storage growth. Explicit retention windows enable capacity planning, regulatory compliance (GDPR deletion within SLA), and replay boundary definition for event sourcing scenarios.",
76
+ "validationQuery": "Verify event-driven.config.json declares hasRetentionPolicy=true. Confirm each topic has an explicit retention duration documented in broker configuration or Infrastructure-as-Code.",
77
+ "blocking": false
78
+ },
79
+ {
80
+ "id": "ED-R08",
81
+ "severity": "MUST",
82
+ "category": "observability",
83
+ "title": "Event Observability (Correlation and Trace Propagation)",
84
+ "description": "All published events MUST carry a CorrelationId and TraceId header (hasEventCorrelation=true), propagated from the originating HTTP/CLI/MCP request context.",
85
+ "rationale": "Without trace propagation, distributed event flows are invisible in observability tooling. Engineers cannot reconstruct the causal chain from an HTTP request through async processing to its eventual side effects, making incident response and latency debugging extremely difficult.",
86
+ "validationQuery": "Verify event-driven.config.json declares hasEventCorrelation=true. AST scan event publisher adapters for CorrelationId and TraceId header injection. Verify consumer handlers extract and re-propagate trace context.",
87
+ "blocking": false
88
+ },
89
+ {
90
+ "id": "ED-R09",
91
+ "severity": "SHOULD",
92
+ "category": "consumer-groups",
93
+ "title": "Explicit Consumer Group Registration",
94
+ "description": "All event consumers SHOULD register in a named consumer group declared in event-driven.config.json (hasConsumerGroupRegistry=true) to enable per-consumer offset tracking and independent replay.",
95
+ "rationale": "Anonymous consumer groups prevent selective replay, blue/green consumer deployments, and lag monitoring per service. Explicit registration enables fine-grained operational control over consumer progress and rollback scenarios.",
96
+ "validationQuery": "Verify event-driven.config.json declares hasConsumerGroupRegistry=true. Confirm all consumer instances are configured with an explicit, deterministic consumer group name (not auto-generated).",
97
+ "blocking": false
98
+ }
99
+ ]
100
+ }
package/rulesets/topologies/event-driven/event-driven.test.rego ADDED
@@ -0,0 +1,107 @@
1
+ package evolith.topologies.eventdriven_test
2
+
3
+ import data.evolith.topologies.eventdriven
4
+
5
+ # --- Baseline rules (ED-R01–R03) ---
6
+
7
+ test_compliant_event_driven_has_no_violations {
8
+ violations := eventdriven.violations with input as {"satellite": {"eventDriven": {
9
+ "hasStrictAsyncApi": true, "hasOutbox": true, "hasDlq": true,
10
+ "hasOrderingGuarantee": true, "hasIdempotencyKey": true,
11
+ "hasBackwardCompatibleSchema": true, "hasRetentionPolicy": true,
12
+ "hasEventCorrelation": true, "hasConsumerGroupRegistry": true
13
+ }}}
14
+ count(violations) == 0
15
+ }
16
+
17
+ test_missing_asyncapi_is_rejected {
18
+ violations := eventdriven.violations with input as {"satellite": {"eventDriven": {
19
+ "hasStrictAsyncApi": false, "hasOutbox": true, "hasDlq": true,
20
+ "hasOrderingGuarantee": true, "hasIdempotencyKey": true,
21
+ "hasBackwardCompatibleSchema": true, "hasRetentionPolicy": true,
22
+ "hasEventCorrelation": true, "hasConsumerGroupRegistry": true
23
+ }}}
24
+ violations[_].id == "ED-R01"
25
+ }
26
+
27
+ test_missing_outbox_is_rejected {
28
+ violations := eventdriven.violations with input as {"satellite": {"eventDriven": {
29
+ "hasStrictAsyncApi": true, "hasOutbox": false, "hasDlq": true,
30
+ "hasOrderingGuarantee": true, "hasIdempotencyKey": true,
31
+ "hasBackwardCompatibleSchema": true, "hasRetentionPolicy": true,
32
+ "hasEventCorrelation": true, "hasConsumerGroupRegistry": true
33
+ }}}
34
+ violations[_].id == "ED-R02"
35
+ }
36
+
37
+ test_missing_dlq_is_rejected {
38
+ violations := eventdriven.violations with input as {"satellite": {"eventDriven": {
39
+ "hasStrictAsyncApi": true, "hasOutbox": true, "hasDlq": false,
40
+ "hasOrderingGuarantee": true, "hasIdempotencyKey": true,
41
+ "hasBackwardCompatibleSchema": true, "hasRetentionPolicy": true,
42
+ "hasEventCorrelation": true, "hasConsumerGroupRegistry": true
43
+ }}}
44
+ violations[_].id == "ED-R03"
45
+ }
46
+
47
+ # --- New rules (ED-R04–R09) ---
48
+
49
+ test_missing_ordering_guarantee_is_rejected {
50
+ violations := eventdriven.violations with input as {"satellite": {"eventDriven": {
51
+ "hasStrictAsyncApi": true, "hasOutbox": true, "hasDlq": true,
52
+ "hasOrderingGuarantee": false, "hasIdempotencyKey": true,
53
+ "hasBackwardCompatibleSchema": true, "hasRetentionPolicy": true,
54
+ "hasEventCorrelation": true, "hasConsumerGroupRegistry": true
55
+ }}}
56
+ violations[_].id == "ED-R04"
57
+ }
58
+
59
+ test_missing_idempotency_key_is_rejected {
60
+ violations := eventdriven.violations with input as {"satellite": {"eventDriven": {
61
+ "hasStrictAsyncApi": true, "hasOutbox": true, "hasDlq": true,
62
+ "hasOrderingGuarantee": true, "hasIdempotencyKey": false,
63
+ "hasBackwardCompatibleSchema": true, "hasRetentionPolicy": true,
64
+ "hasEventCorrelation": true, "hasConsumerGroupRegistry": true
65
+ }}}
66
+ violations[_].id == "ED-R05"
67
+ }
68
+
69
+ test_missing_backward_compatible_schema_is_rejected {
70
+ violations := eventdriven.violations with input as {"satellite": {"eventDriven": {
71
+ "hasStrictAsyncApi": true, "hasOutbox": true, "hasDlq": true,
72
+ "hasOrderingGuarantee": true, "hasIdempotencyKey": true,
73
+ "hasBackwardCompatibleSchema": false, "hasRetentionPolicy": true,
74
+ "hasEventCorrelation": true, "hasConsumerGroupRegistry": true
75
+ }}}
76
+ violations[_].id == "ED-R06"
77
+ }
78
+
79
+ test_missing_retention_policy_is_flagged {
80
+ violations := eventdriven.violations with input as {"satellite": {"eventDriven": {
81
+ "hasStrictAsyncApi": true, "hasOutbox": true, "hasDlq": true,
82
+ "hasOrderingGuarantee": true, "hasIdempotencyKey": true,
83
+ "hasBackwardCompatibleSchema": true, "hasRetentionPolicy": false,
84
+ "hasEventCorrelation": true, "hasConsumerGroupRegistry": true
85
+ }}}
86
+ violations[_].id == "ED-R07"
87
+ }
88
+
89
+ test_missing_event_correlation_is_flagged {
90
+ violations := eventdriven.violations with input as {"satellite": {"eventDriven": {
91
+ "hasStrictAsyncApi": true, "hasOutbox": true, "hasDlq": true,
92
+ "hasOrderingGuarantee": true, "hasIdempotencyKey": true,
93
+ "hasBackwardCompatibleSchema": true, "hasRetentionPolicy": true,
94
+ "hasEventCorrelation": false, "hasConsumerGroupRegistry": true
95
+ }}}
96
+ violations[_].id == "ED-R08"
97
+ }
98
+
99
+ test_missing_consumer_group_registry_is_flagged {
100
+ violations := eventdriven.violations with input as {"satellite": {"eventDriven": {
101
+ "hasStrictAsyncApi": true, "hasOutbox": true, "hasDlq": true,
102
+ "hasOrderingGuarantee": true, "hasIdempotencyKey": true,
103
+ "hasBackwardCompatibleSchema": true, "hasRetentionPolicy": true,
104
+ "hasEventCorrelation": true, "hasConsumerGroupRegistry": false
105
+ }}}
106
+ violations[_].id == "ED-R09"
107
+ }
package/rulesets/topologies/event-driven/evidence.es.md ADDED
@@ -0,0 +1,69 @@
1
+ # Guía de Evidencia Orientada a Eventos
2
+
3
+ > **Navegación Bilingüe:** [English](./evidence.md) | [Español](./evidence.es.md)
4
+
5
+ **Propietario:** Junta de Arquitectura
6
+ **Topología:** Orientada a Eventos
7
+
8
+ ## Propósito
9
+
10
+ Definir comandos de validación, métricas y verificaciones de cumplimiento para evidenciar la salud de arquitecturas orientadas a eventos: throughput, retraso de consumidores, latencia de procesamiento, profundidad de DLQ y cumplimiento de contratos.
11
+
12
+ ## Comandos de Validación
13
+
14
+ | Verificación | Comando |
15
+ |---|---|
16
+ | Salud del broker | `kafka-broker-api-versions.sh --bootstrap-server <host>:9092` |
17
+ | Estado del grupo de consumidores | `kafka-consumer-groups.sh --bootstrap-server <host>:9092 --group <group> --describe` |
18
+ | Listado de temas | `kafka-topics.sh --bootstrap-server <host>:9092 --list` |
19
+ | Verificación de registro de esquemas | `curl -s <schema-registry>/subjects` |
20
+ | Profundidad de DLQ | Consultar conteo de mensajes del tema DLQ vía API de métricas del broker |
21
+
22
+ ## Throughput de Eventos — ED-R08
23
+
24
+ - Medir mensajes producidos y consumidos por segundo por tema.
25
+ - Mantener throughput sostenido dentro del 70% de la capacidad pico del broker.
26
+ - Alertar en caídas de throughput que excedan el 20% del promedio móvil de 7 días.
27
+
28
+ ## Retraso de Consumidores — ED-R08
29
+
30
+ - Reportar retraso actual por grupo de consumidores por partición.
31
+ - Agregar retraso entre particiones para evaluación de salud a nivel de grupo.
32
+ - Rastrear tendencia del retraso: estable, creciente o decreciente en ventanas de 24 horas.
33
+
34
+ ## Latencia de Procesamiento — ED-R08
35
+
36
+ - Medir latencia de extremo a extremo: marca de tiempo de producción del evento a marca de tiempo de consumo del evento.
37
+ - Mantener latencia P99 bajo 5 segundos para rutas en tiempo real; bajo 60 segundos para rutas por lotes.
38
+ - Alertar en picos de latencia que excedan 3x la línea base.
39
+
40
+ ## Profundidad de DLQ — ED-R03
41
+
42
+ - Monitorear conteo de mensajes DLQ por tema por grupo de consumidores.
43
+ - Alertar cuando la profundidad de DLQ exceda 100 mensajes o crezca >10% por hora.
44
+ - Reportar antigüedad de DLQ: marca de tiempo del mensaje más antiguo por tema DLQ.
45
+
46
+ ## Cumplimiento de Contratos — ED-R01, ED-R06
47
+
48
+ - Validar esquemas de productores contra la especificación AsyncAPI registrada.
49
+ - Ejecutar verificaciones de compatibilidad de esquemas: `kafka-schema-registry.sh check-compatibility`.
50
+ - Reportar deriva de esquemas: eventos publicados con esquemas no registrados o deprecados.
51
+
52
+ ## Aplicabilidad Componible
53
+
54
+ | Componible | Orientación |
55
+ |---|---|
56
+ | Monolito Modular | Métricas recolectadas a nivel de proceso; validación ligera. |
57
+ | Módulos Distribuidos | Agregación de métricas entre módulos; paneles centralizados. |
58
+ | Microservicios | Métricas por servicio con plataforma de observabilidad centralizada. |
59
+ | Serverless | Métricas nativas del proveedor; exportar a monitoreo centralizado. |
60
+ | Computación Edge | Recolección local de métricas con carga periódica a la nube. |
61
+
62
+ ## Referencias ADR
63
+
64
+ - **ADR-0015**: Estándares de monitoreo de throughput y retraso de eventos.
65
+ - **ADR-0079**: Requisitos de recolección de evidencia de observabilidad.
66
+
67
+ ---
68
+
69
+ [Volver al Perfil Orientado a Eventos](./README.es.md)
package/rulesets/topologies/event-driven/evidence.md ADDED
@@ -0,0 +1,69 @@
1
+ # Event-Driven — Evidence Guide
2
+
3
+ > **Bilingual Navigation:** [English](./evidence.md) | [Español](./evidence.es.md)
4
+
5
+ **Owner:** Architecture Board
6
+ **Topology:** Event-Driven
7
+
8
+ ## Purpose
9
+
10
+ Define validation commands, metrics, and compliance checks for evidencing event-driven architecture health: throughput, consumer lag, processing latency, DLQ depth, and contract compliance.
11
+
12
+ ## Validation Commands
13
+
14
+ | Check | Command |
15
+ |---|---|
16
+ | Broker health | `kafka-broker-api-versions.sh --bootstrap-server <host>:9092` |
17
+ | Consumer group status | `kafka-consumer-groups.sh --bootstrap-server <host>:9092 --group <group> --describe` |
18
+ | Topic listing | `kafka-topics.sh --bootstrap-server <host>:9092 --list` |
19
+ | Schema registry check | `curl -s <schema-registry>/subjects` |
20
+ | DLQ depth | Query DLQ topic message count via broker metrics API |
21
+
22
+ ## Event Throughput — ED-R08
23
+
24
+ - Measure messages produced and consumed per second per topic.
25
+ - Target sustained throughput within 70% of broker peak capacity.
26
+ - Alert on throughput drops exceeding 20% from the 7-day rolling average.
27
+
28
+ ## Consumer Lag — ED-R08
29
+
30
+ - Report current lag per consumer group per partition.
31
+ - Aggregate lag across partitions for group-level health assessment.
32
+ - Track lag trend: stable, growing, or shrinking over 24-hour windows.
33
+
34
+ ## Processing Latency — ED-R08
35
+
36
+ - Measure end-to-end latency: event produced timestamp to event consumed timestamp.
37
+ - Target P99 latency under 5 seconds for real-time paths; under 60 seconds for batch paths.
38
+ - Alert on latency spikes exceeding 3x the baseline.
39
+
40
+ ## DLQ Depth — ED-R03
41
+
42
+ - Monitor DLQ message count per topic per consumer group.
43
+ - Alert when DLQ depth exceeds 100 messages or grows by >10% per hour.
44
+ - Report DLQ age: oldest message timestamp per DLQ topic.
45
+
46
+ ## Contract Compliance — ED-R01, ED-R06
47
+
48
+ - Validate producer schemas against the registered AsyncAPI specification.
49
+ - Run schema compatibility checks: `kafka-schema-registry.sh check-compatibility`.
50
+ - Report schema drift: events published with unregistered or deprecated schemas.
51
+
52
+ ## Composable Applicability
53
+
54
+ | Composable | Guidance |
55
+ |---|---|
56
+ | Modular Monolith | Metrics collected at process level; lightweight validation. |
57
+ | Distributed Modules | Cross-module metric aggregation; centralized dashboards. |
58
+ | Microservices | Per-service metrics with centralized observability platform. |
59
+ | Serverless | Provider-native metrics; export to centralized monitoring. |
60
+ | Edge Computing | Local metric collection with periodic cloud upload. |
61
+
62
+ ## ADR References
63
+
64
+ - **ADR-0015**: Event throughput and lag monitoring standards.
65
+ - **ADR-0079**: Observability evidence collection requirements.
66
+
67
+ ---
68
+
69
+ [Back to Event-Driven Profile](./README.md)
package/rulesets/topologies/event-driven/evolution.es.md ADDED
@@ -0,0 +1,59 @@
1
+ # Guía de Evolución Orientada a Eventos
2
+
3
+ > **Navegación Bilingüe:** [English](./evolution.md) | [Español](./evolution.es.md)
4
+
5
+ **Propietario:** Junta de Arquitectura
6
+ **Topología:** Orientada a Eventos
7
+
8
+ ## Propósito
9
+
10
+ Guiar la evolución de sistemas orientados a eventos: migración de patrones síncronos a asincrónicos, evolución de esquemas, estrategias de versionado y gobernanza del catálogo de eventos.
11
+
12
+ ## Migración de Síncrono a Asincrónico
13
+
14
+ - Identificar cadenas de llamadas síncronas que bloquean en dependencias externas; candidatas para extracción de eventos.
15
+ - Comenzar con rutas no críticas (notificaciones, analíticas) antes de migrar flujos transaccionales.
16
+ - Ejecutar rutas síncronas y asincrónicas en paralelo durante la migración; deprecar la síncrona después de validación.
17
+
18
+ ## Evolución de Esquemas — ED-R06
19
+
20
+ - Preferir cambios aditivos: agregar campos opcionales con valores predeterminados sobre eliminar o renombrar campos.
21
+ - Mantener compatibilidad hacia atrás por al menos 2 ciclos de lanzamiento mayores.
22
+ - Usar modos de compatibilidad del registro de esquemas: BACKWARD (consumidores toleran nuevos campos), FORWARD (productores toleran consumidores antiguos), FULL (ambos).
23
+
24
+ ## Estrategia de Versionado
25
+
26
+ - Incrustar versión en el sobre del evento: `event-version: "1.2.0"`.
27
+ - Usar versionado semántico para cambios de esquema: mayor (ruptura), menor (aditivo), parche (correcciones).
28
+ - Mantener una tabla de mapeo de versiones para rutas de migración entre versiones mayores.
29
+
30
+ ## Gobernanza del Catálogo de Eventos — ED-R07
31
+
32
+ - Registrar cada tipo de evento en un catálogo centralizado con metadatos de propiedad, dominio y retención.
33
+ - Requerir entrada en el catálogo antes de publicar un nuevo tipo de evento en cualquier entorno.
34
+ - Revisar el catálogo trimestralmente; archivar eventos no utilizados después de confirmación de partes interesadas.
35
+
36
+ ## Proceso de Depreciación
37
+
38
+ - Marcar eventos deprecados con `deprecated: true` en el catálogo y registro de esquemas.
39
+ - Mantener eventos deprecados por un mínimo de 6 meses o 2 ciclos de lanzamiento, lo que sea mayor.
40
+ - Monitorear uso de eventos deprecados por consumidores; notificar a equipos propietarios cuando los consumidores permanezcan.
41
+
42
+ ## Aplicabilidad Componible
43
+
44
+ | Componible | Orientación |
45
+ |---|---|
46
+ | Monolito Modular | Evolución de esquemas dentro del módulo; catálogo es intra-proceso. |
47
+ | Módulos Distribuidos | Coordinación de esquemas entre módulos; catálogo compartido requerido. |
48
+ | Microservicios | Catálogo de eventos por dominio; registro de esquemas como infraestructura compartida. |
49
+ | Serverless | Registro de esquemas gestionado; versionado enforced por la plataforma. |
50
+ | Computación Edge | Caché local de esquemas con sincronización periódica desde catálogo central. |
51
+
52
+ ## Referencias ADR
53
+
54
+ - **ADR-0015**: Política de evolución de esquemas y versionado.
55
+ - **ADR-0079**: Gobernanza del catálogo de eventos y gestión del ciclo de vida.
56
+
57
+ ---
58
+
59
+ [Volver al Perfil Orientado a Eventos](./README.es.md)
package/rulesets/topologies/event-driven/evolution.md ADDED
@@ -0,0 +1,59 @@
1
+ # Event-Driven — Evolution Guide
2
+
3
+ > **Bilingual Navigation:** [English](./evolution.md) | [Español](./evolution.es.md)
4
+
5
+ **Owner:** Architecture Board
6
+ **Topology:** Event-Driven
7
+
8
+ ## Purpose
9
+
10
+ Guide the evolution of event-driven systems: migrating from synchronous to asynchronous patterns, schema evolution, versioning strategies, and event catalog governance.
11
+
12
+ ## Sync-to-Async Migration
13
+
14
+ - Identify synchronous call chains that block on external dependencies; candidates for event extraction.
15
+ - Start with non-critical paths (notifications, analytics) before migrating transactional flows.
16
+ - Run synchronous and asynchronous paths in parallel during migration; deprecate sync after validation.
17
+
18
+ ## Schema Evolution — ED-R06
19
+
20
+ - Prefer additive changes: add optional fields with defaults over removing or renaming fields.
21
+ - Maintain backward compatibility for at least 2 major release cycles.
22
+ - Use schema registry compatibility modes: BACKWARD (consumers tolerate new fields), FORWARD (producers tolerate old consumers), FULL (both).
23
+
24
+ ## Versioning Strategy
25
+
26
+ - Embed version in the event envelope: `event-version: "1.2.0"`.
27
+ - Use semantic versioning for schema changes: major (breaking), minor (additive), patch (fixes).
28
+ - Maintain a version mapping table for migration paths between major versions.
29
+
30
+ ## Event Catalog Governance — ED-R07
31
+
32
+ - Register every event type in a centralized catalog with ownership, domain, and retention metadata.
33
+ - Require catalog entry before publishing a new event type to any environment.
34
+ - Review catalog quarterly; archive unused events after stakeholder confirmation.
35
+
36
+ ## Deprecation Process
37
+
38
+ - Mark deprecated events with `deprecated: true` in the catalog and schema registry.
39
+ - Maintain deprecated events for a minimum of 6 months or 2 release cycles, whichever is longer.
40
+ - Monitor consumer usage of deprecated events; notify owning teams when consumers remain.
41
+
42
+ ## Composable Applicability
43
+
44
+ | Composable | Guidance |
45
+ |---|---|
46
+ | Modular Monolith | Schema evolution within module; catalog is intra-process. |
47
+ | Distributed Modules | Cross-module schema coordination; shared catalog required. |
48
+ | Microservices | Per-domain event catalog; schema registry as shared infrastructure. |
49
+ | Serverless | Managed schema registry; versioning enforced by platform. |
50
+ | Edge Computing | Local schema cache with periodic sync from central catalog. |
51
+
52
+ ## ADR References
53
+
54
+ - **ADR-0015**: Schema evolution and versioning policy.
55
+ - **ADR-0079**: Event catalog governance and lifecycle management.
56
+
57
+ ---
58
+
59
+ [Back to Event-Driven Profile](./README.md)
package/rulesets/topologies/event-driven/fixtures/invalid.topology.config.json ADDED
@@ -0,0 +1,12 @@
1
+ {
2
+ "topology": "event-driven",
3
+ "strictAsyncApi": false,
4
+ "transactionalOutbox": false,
5
+ "deadLetterQueue": false,
6
+ "hasOrderingGuarantee": false,
7
+ "hasIdempotencyKey": false,
8
+ "hasBackwardCompatibleSchema": false,
9
+ "hasRetentionPolicy": false,
10
+ "hasEventCorrelation": false,
11
+ "hasConsumerGroupRegistry": false
12
+ }
package/rulesets/topologies/event-driven/fixtures/valid.topology.config.json ADDED
@@ -0,0 +1,12 @@
1
+ {
2
+ "topology": "event-driven",
3
+ "strictAsyncApi": true,
4
+ "transactionalOutbox": true,
5
+ "deadLetterQueue": true,
6
+ "hasOrderingGuarantee": true,
7
+ "hasIdempotencyKey": true,
8
+ "hasBackwardCompatibleSchema": true,
9
+ "hasRetentionPolicy": true,
10
+ "hasEventCorrelation": true,
11
+ "hasConsumerGroupRegistry": true
12
+ }
package/rulesets/topologies/event-driven/maturity.es.md ADDED
@@ -0,0 +1,36 @@
1
+ # Guia de Adopcion, Operacion y Evolucion Event-Driven
2
+
3
+ > **Navegacion Bilingue:** [English Version](./maturity.md)
4
+
5
+ ## Adoption
6
+
7
+ Adopte esta topologia cuando bounded contexts, modulos o servicios deban coordinar sin acoplamiento sincrono fuerte. Comience con contratos de eventos explicitos, publicacion confiable mediante Transactional Outbox y diseno de consumidores idempotentes.
8
+
9
+ ## Operations
10
+
11
+ Opere uno o mas brokers de mensajes o buses de eventos. Monitoree la correlacion de flujo de eventos, lag de consumidores, profundidad de dead-letter queue y evidencia de replay como parte de la validacion normal de arquitectura.
12
+
13
+ ## Security
14
+
15
+ Autorice la produccion y consumo de eventos en las fronteras del broker y la aplicacion. Nunca incruste datos sensibles en payloads de eventos; use identificadores de referencia y un plano de datos seguro para la recuperacion de payloads.
16
+
17
+ ## Resilience
18
+
19
+ Disene consumidores para reintentos idempotentes, escalamiento a dead-letter para eventos no procesables y tolerancia a evolucion de schema. Prefiera redistribucion gestionada por broker sobre bucles de reintento a nivel de aplicacion.
20
+
21
+ ## Patterns and Anti-Patterns
22
+
23
+ Use contratos AsyncAPI explicitos, Transactional Outbox para publicacion confiable, Dead Letter Queues para manejo de mensajes fallidos y versionado de eventos con compatibilidad hacia atras. No comparta internos de dominio a traves de eventos, use eventos para orquestacion de workflows ni asuma entrega en orden sin secuenciacion explicita.
24
+
25
+ ## Evolution
26
+
27
+ Migre a integracion event-driven solo cuando la coordinacion asincrona este justificada por requisitos de workflow de negocio. Preserve contratos de eventos y registros de schema para que la migracion de consumidores siga siendo deliberada.
28
+
29
+ ## Validation Checklist
30
+
31
+ - Valide la configuracion de topologia con `topology.config.schema.json` y ambos fixtures.
32
+ - Ejecute la evaluacion Native y OPA mediante el plano de control compartido.
33
+ - Confirme ADRs aprobados, guia bilingue y pruebas positivas y negativas reproducibles.
34
+
35
+ ---
36
+ [Volver al Perfil Event-Driven](./README.es.md)
package/rulesets/topologies/event-driven/maturity.md ADDED
@@ -0,0 +1,36 @@
1
+ # Event-Driven Adoption, Operations, and Evolution Guide
2
+
3
+ > **Bilingual Navigation:** [Version en Espanol](./maturity.es.md)
4
+
5
+ ## Adoption
6
+
7
+ Adopt this topology when bounded contexts, modules, or services must coordinate without tight synchronous coupling. Start with explicit event contracts, reliable publication via Transactional Outbox, and idempotent consumer design.
8
+
9
+ ## Operations
10
+
11
+ Operate one or more message brokers or event buses. Monitor event flow correlation, consumer lag, dead-letter queue depth, and replay evidence as part of normal architecture validation.
12
+
13
+ ## Security
14
+
15
+ Authorize event production and consumption at the broker and application boundaries. Never embed sensitive data in event payloads; use reference identifiers and a secure data plane for payload retrieval.
16
+
17
+ ## Resilience
18
+
19
+ Design consumers for idempotent retry, dead-letter escalation for unprocessable events, and schema evolution tolerance. Prefer broker-managed redelivery over application-level retry loops.
20
+
21
+ ## Patterns and Anti-Patterns
22
+
23
+ Use explicit AsyncAPI contracts, Transactional Outbox for reliable publication, Dead Letter Queues for failed message handling, and event versioning with backward compatibility. Do not share domain internals through events, use events for workflow orchestration, or assume in-order delivery without explicit sequencing.
24
+
25
+ ## Evolution
26
+
27
+ Move to event-driven integration only when asynchronous coordination is justified by business workflow requirements. Preserve event contracts and schema registries so that consumer migration remains deliberate.
28
+
29
+ ## Validation Checklist
30
+
31
+ - Validate the topology configuration against `topology.config.schema.json` and both fixtures.
32
+ - Run Native and OPA policy evaluation through the shared control plane.
33
+ - Confirm approved ADRs, bilingual guidance, and reproducible positive and negative tests.
34
+
35
+ ---
36
+ [Back to Event-Driven Profile](./README.md)