@evolith/core-domain 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (502) hide show
  1. package/README.md +102 -0
  2. package/dist/domain/services/default-workflow-definition.js +4 -1
  3. package/dist/domain/services/default-workflow-definition.js.map +1 -1
  4. package/dist/gates/decision/gate-decision.js.map +1 -1
  5. package/package.json +1 -2
  6. package/rulesets/README.es.md +0 -170
  7. package/rulesets/README.md +0 -170
  8. package/rulesets/acl/README.es.md +0 -41
  9. package/rulesets/acl/README.md +0 -41
  10. package/rulesets/acl/anti-corruption-layer.rules.es.json +0 -99
  11. package/rulesets/acl/anti-corruption-layer.rules.json +0 -99
  12. package/rulesets/adr/ADR_COVERAGE.es.md +0 -133
  13. package/rulesets/adr/ADR_COVERAGE.md +0 -133
  14. package/rulesets/adr/README.es.md +0 -17
  15. package/rulesets/adr/README.md +0 -17
  16. package/rulesets/adr/adr-0002-hexagonal-architecture.rules.json +0 -103
  17. package/rulesets/adr/adr-0005-cicd-quality-gates.rules.json +0 -102
  18. package/rulesets/adr/adr-0010-multi-tenancy.rules.json +0 -129
  19. package/rulesets/adr/adr-0018-testing-pyramid.rules.json +0 -115
  20. package/rulesets/adr/adr-0032-protocol-selection.rules.json +0 -134
  21. package/rulesets/adr/adr-0040-multi-runtime.rules.json +0 -131
  22. package/rulesets/adr/adr-0050-gitflow-branching.rules.json +0 -176
  23. package/rulesets/adr/generated/adr-0001-monorepo-orchestration-principle.rules.json +0 -29
  24. package/rulesets/adr/generated/adr-0006-microservices-transition-via-sidecar-pattern.rules.json +0 -29
  25. package/rulesets/adr/generated/adr-0009-strict-dependency-pinning-and-automated-vulnerability-manage.rules.json +0 -29
  26. package/rulesets/adr/generated/adr-0011-fault-tolerance-and-resiliency-patterns.rules.json +0 -29
  27. package/rulesets/adr/generated/adr-0013-cloud-infrastructure-topology-and-disaster-recovery-dr.rules.json +0 -28
  28. package/rulesets/adr/generated/adr-0014-multi-layer-distributed-caching-strategy.rules.json +0 -29
  29. package/rulesets/adr/generated/adr-0015-event-driven-architecture-eda-for-intra-domain-communication.rules.json +0 -29
  30. package/rulesets/adr/generated/adr-0016-immutable-business-audit-trail-and-change-tracking.rules.json +0 -29
  31. package/rulesets/adr/generated/adr-0017-feature-flagging-strategy-for-progressive-delivery.rules.json +0 -28
  32. package/rulesets/adr/generated/adr-0019-tactical-design-patterns-for-future-proofing.rules.json +0 -29
  33. package/rulesets/adr/generated/adr-0020-identity-provider-abstraction-strategy.rules.json +0 -28
  34. package/rulesets/adr/generated/adr-0024-centralized-configuration-feature-platform.rules.json +0 -28
  35. package/rulesets/adr/generated/adr-0025-feature-flag-provider-abstraction-strategy.rules.json +0 -29
  36. package/rulesets/adr/generated/adr-0028-self-hosted-open-source-hybrid-infrastructure.rules.json +0 -29
  37. package/rulesets/adr/generated/adr-0030-two-tier-distributed-gateway-model.rules.json +0 -28
  38. package/rulesets/adr/generated/adr-0031-schema-per-bounded-context-and-domain-event-catalog.rules.json +0 -29
  39. package/rulesets/adr/generated/adr-0033-transactional-outbox-pattern-for-async-messaging.rules.json +0 -28
  40. package/rulesets/adr/generated/adr-0034-cqrs-pattern-application-matrix.rules.json +0 -29
  41. package/rulesets/adr/generated/adr-0035-distributed-saga-pattern-implementation-strategy.rules.json +0 -29
  42. package/rulesets/adr/generated/adr-0036-message-bus-delivery-flow-control-strategy.rules.json +0 -29
  43. package/rulesets/adr/generated/adr-0037-enterprise-performance-concurrency-chaos-verification-strate.rules.json +0 -28
  44. package/rulesets/adr/generated/adr-0039-deployment-topology-abstraction-environment-switcher.rules.json +0 -29
  45. package/rulesets/adr/generated/adr-0041-dual-engine-policy-evaluation-native-opa.rules.json +0 -28
  46. package/rulesets/adr/generated/adr-0044-configurable-security-persistence-strategy-agnosticism-vs-na.rules.json +0 -29
  47. package/rulesets/adr/generated/adr-0045-microservice-extraction-readiness-criteria.rules.json +0 -29
  48. package/rulesets/adr/generated/adr-0046-unified-traceability-via-w3c-tracecontext.rules.json +0 -29
  49. package/rulesets/adr/generated/adr-0047-progressive-architecture-evolution-framework-modular-monolit.rules.json +0 -29
  50. package/rulesets/adr/generated/adr-0048-enterprise-taxonomy-standardization-and-reference-layout.rules.json +0 -28
  51. package/rulesets/adr/generated/adr-0049-naming-semantics-clean-code-policy-e2e-and-global.rules.json +0 -29
  52. package/rulesets/adr/generated/adr-0051-enterprise-database-engine-selection-strategy.rules.json +0 -29
  53. package/rulesets/adr/generated/adr-0052-unit-testing-isolation-strategy-mocks-vs-stubs.rules.json +0 -29
  54. package/rulesets/adr/generated/adr-0053-integration-and-e2e-testing-strategy.rules.json +0 -29
  55. package/rulesets/adr/generated/adr-0054-database-design-and-normalization-standards.rules.json +0 -29
  56. package/rulesets/adr/generated/adr-0055-microfrontends-architecture-strategy.rules.json +0 -28
  57. package/rulesets/adr/generated/adr-0056-enterprise-naming-design-conventions-multi-language-multi-pl.rules.json +0 -29
  58. package/rulesets/adr/generated/adr-0057-architecture-intelligence-catalog.rules.json +0 -27
  59. package/rulesets/adr/generated/adr-0058-ai-consumable-architecture-knowledge.rules.json +0 -27
  60. package/rulesets/adr/generated/adr-0067-modular-monolith-persistence-boundaries.rules.json +0 -28
  61. package/rulesets/adr/generated/adr-0068-documentation-release-gitflow.rules.json +0 -29
  62. package/rulesets/adr/generated/adr-0069-ai-agent-context-protocol-integration.rules.json +0 -28
  63. package/rulesets/adr/generated/adr-0070-lean-root-repository-taxonomy.rules.json +0 -29
  64. package/rulesets/adr/generated/adr-0071-domain-layer-base-class-and-inheritance-strategy.rules.json +0 -29
  65. package/rulesets/adr/generated/adr-0072-utc-date-storage-browser-timezone-detection-and-language-res.rules.json +0 -29
  66. package/rulesets/adr/generated/adr-0073-unified-cli-mcp-output-contract-and-gate-evidence-schema.rules.json +0 -29
  67. package/rulesets/adr/generated/adr-0074-evolith-core-api-native-exposure-layer.rules.json +0 -29
  68. package/rulesets/adr/generated/adr-0075-core-api-authentication-strategy.rules.json +0 -28
  69. package/rulesets/adr/generated/adr-0076-domain-oriented-microservice-architecture-doma.rules.json +0 -28
  70. package/rulesets/adr/generated/adr-0077-masstransit-v9-commercial-pivot-stay-on-v8-monitor-opentrans.rules.json +0 -28
  71. package/rulesets/adr/generated/adr-0078-domain-financial-separation-governance.rules.json +0 -29
  72. package/rulesets/adr/generated/adr-0079-multi-topology-reference-corpus-and-topology-manifest-contra.rules.json +0 -29
  73. package/rulesets/adr/generated/adr-0080-remote-repository-reference-contract.rules.json +0 -29
  74. package/rulesets/adr/generated/adr-0081-agentic-ai-sandbox-isolation-boundary.rules.json +0 -29
  75. package/rulesets/adr/generated/adr-0082-agentic-ai-prompt-context-and-tool-trust-boundary.rules.json +0 -28
  76. package/rulesets/adr/generated/adr-0083-agentic-ai-action-authorization-and-audit.rules.json +0 -29
  77. package/rulesets/adr/generated/adr-0084-data-mesh-and-data-as-a-product.rules.json +0 -29
  78. package/rulesets/adr/generated/adr-0085-agnostic-opa-wasm-distribution-architecture.rules.json +0 -28
  79. package/rulesets/adr/generated/adr-0086-agentic-ai-telemetry-cost-control-standard.rules.json +0 -27
  80. package/rulesets/adr/generated/adr-0087-attribute-based-access-control-abac-for-agentic-tool-executi.rules.json +0 -29
  81. package/rulesets/adr/generated/adr-0088-sovereign-identity-for-agentic-ai.rules.json +0 -29
  82. package/rulesets/adr/generated/adr-0089-event-driven-agentic-workflow-pattern.rules.json +0 -28
  83. package/rulesets/adr/generated/adr-0090-rag-knowledge-governance-standard.rules.json +0 -29
  84. package/rulesets/adr/generated/adr-0091-workload-identity-token-rotation-standard.rules.json +0 -29
  85. package/rulesets/adr/generated/adr-0092-agent-infinite-loop-prevention-and-circuit-breaker-rules.rules.json +0 -29
  86. package/rulesets/adr/generated/adr-0093-concurrency-control-and-resource-locking-standard-for-mcp-to.rules.json +0 -29
  87. package/rulesets/adr/generated/adr-0094-multi-agent-handoff-and-task-delegation-standards.rules.json +0 -29
  88. package/rulesets/adr/generated/adr-0095-serverless-architecture-governance.rules.json +0 -29
  89. package/rulesets/adr/generated/adr-0096-edge-computing-architecture-governance.rules.json +0 -29
  90. package/rulesets/adr/generated/adr-0097-knowledge-lifecycle-governance-standard.rules.json +0 -29
  91. package/rulesets/adr/generated/adr-0098-rest-uri-versioning-and-deprecation-policy.rules.json +0 -29
  92. package/rulesets/adr/generated/adr-0099-opa-bundle-distribution-via-s3-minio.rules.json +0 -27
  93. package/rulesets/adr/generated/adr-ai-augmented-0001-harness-engineering-for-ai-augmented-development.rules.json +0 -29
  94. package/rulesets/adr/generated/adr-ai-augmented-0002-mcp-integration-protocol-for-agent-tool-invocation.rules.json +0 -29
  95. package/rulesets/adr/generated/adr-ai-augmented-0003-model-selection-governance-for-ai-augmented-workflows.rules.json +0 -29
  96. package/rulesets/adr/generated/adr-ai-augmented-0004-agents-md-as-mandatory-repository-artifact.rules.json +0 -29
  97. package/rulesets/adr/generated/adr-ai-augmented-0005-human-in-the-loop-policy-for-autonomous-agent-operations.rules.json +0 -29
  98. package/rulesets/adr/generated/adr-android-0042-canonical-android-native-mobile-architecture.rules.json +0 -29
  99. package/rulesets/adr/generated/adr-dotnet-0041-canonical-net-c-backend-architecture.rules.json +0 -29
  100. package/rulesets/adr/generated/adr-dotnet-0060-net-multi-tenancy-dual-layer-strategy-ef-core-sql-server.rules.json +0 -29
  101. package/rulesets/adr/generated/adr-dotnet-0061-transactional-event-lifecycle-in-ef-core.rules.json +0 -28
  102. package/rulesets/adr/generated/adr-dotnet-0062-net-immutable-audit-trail-via-ddl-triggers-delta-capture.rules.json +0 -29
  103. package/rulesets/adr/generated/adr-dotnet-0063-b2b-request-idempotency-middleware-in-asp-net-core.rules.json +0 -28
  104. package/rulesets/adr/generated/adr-dotnet-0064-net-request-scope-observability-context-propagation.rules.json +0 -29
  105. package/rulesets/adr/generated/adr-dotnet-0065-net-pii-safe-structured-logging-pipeline-serilog.rules.json +0 -29
  106. package/rulesets/adr/generated/adr-dotnet-0066-net-lightweight-http-idempotency-via-imemorycache-idistribut.rules.json +0 -28
  107. package/rulesets/adr/generated/adr-dotnet-0069-net-grpc-service-setup-protobuf-contracts.rules.json +0 -29
  108. package/rulesets/adr/generated/adr-dotnet-0070-net-api-endpoint-strategy.rules.json +0 -29
  109. package/rulesets/adr/generated/adr-dotnet-0071-net-data-access-strategy-ef-core-as-default-orm-dapper-for-o.rules.json +0 -27
  110. package/rulesets/adr/generated/adr-dotnet-0072-net-aop-cross-cutting-concern-strategy-dispatchproxy-over-pi.rules.json +0 -29
  111. package/rulesets/adr/generated/adr-nodejs-0003-strict-typescript-standards.rules.json +0 -29
  112. package/rulesets/adr/generated/adr-nodejs-0004-frontend-offline-resilience.rules.json +0 -28
  113. package/rulesets/adr/generated/adr-nodejs-0007-observability-with-opentelemetry-loki-and-jaeger.rules.json +0 -29
  114. package/rulesets/adr/generated/adr-nodejs-0008-progressive-multi-module-evolution-with-api-gateway-and-bff-.rules.json +0 -28
  115. package/rulesets/adr/generated/adr-nodejs-0012-advanced-authorization-rbac-abac-strategy.rules.json +0 -28
  116. package/rulesets/adr/generated/adr-nodejs-0021-high-performance-authentication-graph-compilation.rules.json +0 -28
  117. package/rulesets/adr/generated/adr-nodejs-0022-contextual-authentication-and-pluggable-output-projections.rules.json +0 -28
  118. package/rulesets/adr/generated/adr-nodejs-0023-centralized-authorization-core-strategy.rules.json +0 -28
  119. package/rulesets/adr/generated/adr-nodejs-0026-adaptive-mfa-and-passwordless-platform.rules.json +0 -28
  120. package/rulesets/adr/generated/adr-nodejs-0027-dual-protocol-api-strategy-rest-grpc.rules.json +0 -28
  121. package/rulesets/adr/generated/adr-nodejs-0029-adoption-of-tactical-ddd-primitives-library.rules.json +0 -29
  122. package/rulesets/adr/generated/adr-nodejs-0038-enterprise-error-handling-result-pattern-strategy.rules.json +0 -29
  123. package/rulesets/adr/generated/adr-nodejs-0043-data-access-and-orm-strategy-for-node-js.rules.json +0 -29
  124. package/rulesets/adr/generated/adr-nodejs-0044-frontend-clean-architecture-layer-boundaries-react.rules.json +0 -29
  125. package/rulesets/adr/generated/adr-nodejs-0045-frontend-state-management-zustand-tanstack-query-dual-strate.rules.json +0 -29
  126. package/rulesets/adr/generated/adr-nodejs-0046-prohibition-of-raw-technical-identifiers-in-user-interfaces.rules.json +0 -29
  127. package/rulesets/adr/generated/adr-nodejs-0047-actionable-user-error-contract-and-correlated-diagnostics.rules.json +0 -29
  128. package/rulesets/adr/generated/adr-nodejs-0048-feature-flag-system-scope-and-structured-criteria-model.rules.json +0 -29
  129. package/rulesets/adr/generated/adr-nodejs-0074-monorepo-orchestration-with-nx.rules.json +0 -29
  130. package/rulesets/adr/generated/adr-nodejs-0075-application-gateway-bff-with-nestjs.rules.json +0 -29
  131. package/rulesets/architecture/README.es.md +0 -21
  132. package/rulesets/architecture/README.md +0 -21
  133. package/rulesets/architecture/opa/progressive-axis.rego +0 -50
  134. package/rulesets/cli/README.es.md +0 -17
  135. package/rulesets/cli/README.md +0 -17
  136. package/rulesets/cli/core-parity.rules.json +0 -61
  137. package/rulesets/cli/release-readiness.rules.json +0 -77
  138. package/rulesets/compliance-baseline/README.es.md +0 -26
  139. package/rulesets/compliance-baseline/README.md +0 -26
  140. package/rulesets/compliance-baseline/compliance-baseline.rules.json +0 -81
  141. package/rulesets/contracts/README.es.md +0 -19
  142. package/rulesets/contracts/README.md +0 -19
  143. package/rulesets/contracts/evolith-machine-contracts.json +0 -29
  144. package/rulesets/contracts/fixtures/gate-evidence.success.json +0 -10
  145. package/rulesets/contracts/fixtures/output-envelope.success.json +0 -23
  146. package/rulesets/cross-cutting/README.es.md +0 -14
  147. package/rulesets/cross-cutting/README.md +0 -14
  148. package/rulesets/cross-cutting/compliance-baseline.rules.json +0 -81
  149. package/rulesets/cross-cutting/definition-of-done.rules.json +0 -135
  150. package/rulesets/cross-cutting/engineering-manifesto.rules.json +0 -145
  151. package/rulesets/cross-cutting/repository-taxonomy.rules.json +0 -172
  152. package/rulesets/definition-of-done/README.es.md +0 -26
  153. package/rulesets/definition-of-done/README.md +0 -26
  154. package/rulesets/definition-of-done/definition-of-done.rules.json +0 -135
  155. package/rulesets/engineering-manifesto/README.es.md +0 -26
  156. package/rulesets/engineering-manifesto/README.md +0 -26
  157. package/rulesets/engineering-manifesto/engineering-manifesto.rules.json +0 -145
  158. package/rulesets/evidence/README.es.md +0 -12
  159. package/rulesets/evidence/README.md +0 -12
  160. package/rulesets/evidence/evidence-manifest.rules.json +0 -48
  161. package/rulesets/executive-scorecards/executive-scorecards.rules.es.json +0 -213
  162. package/rulesets/executive-scorecards/executive-scorecards.rules.json +0 -213
  163. package/rulesets/governance/README.es.md +0 -13
  164. package/rulesets/governance/README.md +0 -13
  165. package/rulesets/governance/abac-mcp-access.rules.es.json +0 -41
  166. package/rulesets/governance/abac-mcp-access.rules.json +0 -41
  167. package/rulesets/governance/executive-scorecards.rules.es.json +0 -213
  168. package/rulesets/governance/executive-scorecards.rules.json +0 -213
  169. package/rulesets/governance/inheritance.rules.json +0 -115
  170. package/rulesets/governance/knowledge-intake.rules.json +0 -18
  171. package/rulesets/governance/open-core-boundary.rules.es.json +0 -148
  172. package/rulesets/governance/open-core-boundary.rules.json +0 -148
  173. package/rulesets/governance/satellite-contracts.rules.json +0 -183
  174. package/rulesets/infrastructure/helm-enforcement.rules.json +0 -21
  175. package/rulesets/infrastructure/opa/helm-enforcement.rego +0 -25
  176. package/rulesets/infrastructure/opa/helm-enforcement.test.rego +0 -31
  177. package/rulesets/infrastructure/opa/opa-sidecar-bundle.rego +0 -115
  178. package/rulesets/infrastructure/opa/opa-sidecar-bundle.test.rego +0 -66
  179. package/rulesets/infrastructure/opa-sidecar-bundle.rules.json +0 -18
  180. package/rulesets/mcp/README.es.md +0 -12
  181. package/rulesets/mcp/README.md +0 -12
  182. package/rulesets/mcp/protocol-compliance.rules.json +0 -57
  183. package/rulesets/observability/README.es.md +0 -12
  184. package/rulesets/observability/README.md +0 -12
  185. package/rulesets/observability/telemetry-evidence.rules.json +0 -48
  186. package/rulesets/opa/README.es.md +0 -22
  187. package/rulesets/opa/README.md +0 -22
  188. package/rulesets/opa/abac-mcp-tool-access.rego +0 -122
  189. package/rulesets/opa/abac-mcp-tool-access.test.rego +0 -33
  190. package/rulesets/opa/anti-corruption-layer.rego +0 -39
  191. package/rulesets/opa/anti-corruption-layer.test.rego +0 -118
  192. package/rulesets/opa/ci-cd.rego +0 -41
  193. package/rulesets/opa/ci-cd.test.rego +0 -23
  194. package/rulesets/opa/cicd-quality-gates.rego +0 -29
  195. package/rulesets/opa/cicd-quality-gates.test.rego +0 -54
  196. package/rulesets/opa/cli-core-parity.rego +0 -17
  197. package/rulesets/opa/cli-core-parity.test.rego +0 -39
  198. package/rulesets/opa/cli-readiness.rego +0 -32
  199. package/rulesets/opa/cli-readiness.test.rego +0 -23
  200. package/rulesets/opa/cli-release-readiness.rego +0 -21
  201. package/rulesets/opa/cli-release-readiness.test.rego +0 -46
  202. package/rulesets/opa/compliance-baseline.rego +0 -95
  203. package/rulesets/opa/compliance-baseline.test.rego +0 -89
  204. package/rulesets/opa/dod.rego +0 -42
  205. package/rulesets/opa/dod.test.rego +0 -250
  206. package/rulesets/opa/engineering-manifesto.rego +0 -78
  207. package/rulesets/opa/engineering-manifesto.test.rego +0 -133
  208. package/rulesets/opa/evidence.rego +0 -64
  209. package/rulesets/opa/evidence.test.rego +0 -23
  210. package/rulesets/opa/executive-scorecards.rego +0 -41
  211. package/rulesets/opa/executive-scorecards.test.rego +0 -60
  212. package/rulesets/opa/gitflow-branching.rego +0 -41
  213. package/rulesets/opa/gitflow-branching.test.rego +0 -60
  214. package/rulesets/opa/governance.rego +0 -39
  215. package/rulesets/opa/governance.test.rego +0 -23
  216. package/rulesets/opa/hexagonal-architecture.rego +0 -33
  217. package/rulesets/opa/hexagonal-architecture.test.rego +0 -57
  218. package/rulesets/opa/infrastructure/helm-enforcement.rego +0 -33
  219. package/rulesets/opa/infrastructure/opa-sidecar-bundle.rego +0 -42
  220. package/rulesets/opa/knowledge-intake.rego +0 -98
  221. package/rulesets/opa/knowledge-intake.test.rego +0 -50
  222. package/rulesets/opa/main.rego +0 -147
  223. package/rulesets/opa/main_test.rego +0 -149
  224. package/rulesets/opa/mcp.rego +0 -61
  225. package/rulesets/opa/mcp.test.rego +0 -27
  226. package/rulesets/opa/multi-runtime.rego +0 -33
  227. package/rulesets/opa/multi-runtime.test.rego +0 -53
  228. package/rulesets/opa/multi-tenancy.rego +0 -33
  229. package/rulesets/opa/multi-tenancy.test.rego +0 -53
  230. package/rulesets/opa/open-core-boundary.rego +0 -33
  231. package/rulesets/opa/open-core-boundary.test.rego +0 -60
  232. package/rulesets/opa/protocol-selection.rego +0 -29
  233. package/rulesets/opa/protocol-selection.test.rego +0 -46
  234. package/rulesets/opa/rbac/gate-role-enforcement.rego +0 -112
  235. package/rulesets/opa/repository-taxonomy.rego +0 -98
  236. package/rulesets/opa/repository-taxonomy.test.rego +0 -91
  237. package/rulesets/opa/satellite-contracts.rego +0 -42
  238. package/rulesets/opa/satellite-contracts.test.rego +0 -70
  239. package/rulesets/opa/schemas/abac-mcp-tool-access.input.schema.json +0 -21
  240. package/rulesets/opa/schemas/anti-corruption-layer.input.schema.json +0 -25
  241. package/rulesets/opa/schemas/ci-cd.input.schema.json +0 -27
  242. package/rulesets/opa/schemas/cicd-quality-gates.input.schema.json +0 -33
  243. package/rulesets/opa/schemas/cli-core-parity.input.schema.json +0 -30
  244. package/rulesets/opa/schemas/cli-readiness.input.schema.json +0 -28
  245. package/rulesets/opa/schemas/cli-release-readiness.input.schema.json +0 -26
  246. package/rulesets/opa/schemas/compliance-baseline.input.schema.json +0 -25
  247. package/rulesets/opa/schemas/dod.input.schema.json +0 -38
  248. package/rulesets/opa/schemas/engineering-manifesto.input.schema.json +0 -24
  249. package/rulesets/opa/schemas/evidence.input.schema.json +0 -35
  250. package/rulesets/opa/schemas/executive-scorecards.input.schema.json +0 -36
  251. package/rulesets/opa/schemas/gitflow-branching.input.schema.json +0 -36
  252. package/rulesets/opa/schemas/governance.input.schema.json +0 -19
  253. package/rulesets/opa/schemas/hexagonal-architecture.input.schema.json +0 -46
  254. package/rulesets/opa/schemas/knowledge-intake.input.schema.json +0 -57
  255. package/rulesets/opa/schemas/mcp.input.schema.json +0 -38
  256. package/rulesets/opa/schemas/multi-runtime.input.schema.json +0 -27
  257. package/rulesets/opa/schemas/multi-tenancy.input.schema.json +0 -27
  258. package/rulesets/opa/schemas/open-core-boundary.input.schema.json +0 -36
  259. package/rulesets/opa/schemas/protocol-selection.input.schema.json +0 -26
  260. package/rulesets/opa/schemas/repository-taxonomy.input.schema.json +0 -18
  261. package/rulesets/opa/schemas/satellite-contracts.input.schema.json +0 -38
  262. package/rulesets/opa/schemas/taxonomy.input.schema.json +0 -27
  263. package/rulesets/opa/schemas/testing-pyramid.input.schema.json +0 -42
  264. package/rulesets/opa/schemas/version-pinning.input.schema.json +0 -39
  265. package/rulesets/opa/sdlc/coverage.rego +0 -49
  266. package/rulesets/opa/sdlc/coverage.test.rego +0 -29
  267. package/rulesets/opa/sdlc/pyramid-distribution.rego +0 -31
  268. package/rulesets/opa/sdlc/pyramid-distribution.test.rego +0 -33
  269. package/rulesets/opa/taxonomy.rego +0 -51
  270. package/rulesets/opa/taxonomy.test.rego +0 -28
  271. package/rulesets/opa/telemetry-evidence.rego +0 -102
  272. package/rulesets/opa/testing-pyramid.rego +0 -49
  273. package/rulesets/opa/testing-pyramid.test.rego +0 -81
  274. package/rulesets/opa/version-pinning.rego +0 -99
  275. package/rulesets/opa/version-pinning.test.rego +0 -28
  276. package/rulesets/phase-gates/README.es.md +0 -28
  277. package/rulesets/phase-gates/README.md +0 -28
  278. package/rulesets/phase-gates/phase-gates.rules.json +0 -297
  279. package/rulesets/quality-thresholds/README.es.md +0 -28
  280. package/rulesets/quality-thresholds/README.md +0 -28
  281. package/rulesets/quality-thresholds/quality-thresholds.rules.json +0 -96
  282. package/rulesets/repository-taxonomy/README.es.md +0 -26
  283. package/rulesets/repository-taxonomy/README.md +0 -26
  284. package/rulesets/repository-taxonomy/repository-taxonomy.rules.json +0 -172
  285. package/rulesets/satellite-contracts/README.es.md +0 -27
  286. package/rulesets/satellite-contracts/README.md +0 -27
  287. package/rulesets/satellite-contracts/satellite-contracts.rules.json +0 -183
  288. package/rulesets/schema/README.es.md +0 -39
  289. package/rulesets/schema/README.md +0 -39
  290. package/rulesets/schema/adr.schema.json +0 -138
  291. package/rulesets/schema/agile-backlog.schema.json +0 -91
  292. package/rulesets/schema/ballpark-estimation.schema.json +0 -109
  293. package/rulesets/schema/build-vs-compose.schema.json +0 -98
  294. package/rulesets/schema/cli-impact-analysis.schema.json +0 -114
  295. package/rulesets/schema/discovery-canvas.schema.json +0 -92
  296. package/rulesets/schema/evolith-user-story.schema.json +0 -105
  297. package/rulesets/schema/evolith-yaml.schema.json +0 -191
  298. package/rulesets/schema/functional-story.schema.json +0 -111
  299. package/rulesets/schema/gate-evidence.schema.json +0 -85
  300. package/rulesets/schema/integration-evidence.schema.json +0 -47
  301. package/rulesets/schema/knowledge-intake.schema.json +0 -67
  302. package/rulesets/schema/knowledge-projection.schema.json +0 -24
  303. package/rulesets/schema/maturity-evidence.schema.json +0 -59
  304. package/rulesets/schema/observability-validation.schema.json +0 -85
  305. package/rulesets/schema/on-call-handoff.schema.json +0 -91
  306. package/rulesets/schema/output-envelope.schema.json +0 -102
  307. package/rulesets/schema/prd.schema.json +0 -117
  308. package/rulesets/schema/release-notes.schema.json +0 -138
  309. package/rulesets/schema/rollback-rehearsal.schema.json +0 -73
  310. package/rulesets/schema/ruleset-sdlc.schema.json +0 -59
  311. package/rulesets/schema/ruleset-standard.schema.json +0 -73
  312. package/rulesets/schema/security-scan-report.schema.json +0 -79
  313. package/rulesets/schema/source-registry.schema.json +0 -51
  314. package/rulesets/schema/technical-feasibility.schema.json +0 -66
  315. package/rulesets/schema/technical-story.schema.json +0 -112
  316. package/rulesets/schema/test-summary-report.schema.json +0 -158
  317. package/rulesets/schema/topology-composition.schema.json +0 -43
  318. package/rulesets/schema/topology-manifest.schema.json +0 -421
  319. package/rulesets/sdlc/README.es.md +0 -12
  320. package/rulesets/sdlc/README.md +0 -12
  321. package/rulesets/sdlc/default-workflow.yaml +0 -73
  322. package/rulesets/sdlc/dependency-pinning.rules.json +0 -183
  323. package/rulesets/sdlc/phase-gates.rules.json +0 -297
  324. package/rulesets/sdlc/quality-thresholds.rules.json +0 -96
  325. package/rulesets/topologies/README.es.md +0 -42
  326. package/rulesets/topologies/README.md +0 -42
  327. package/rulesets/topologies/agentic-ai/README.es.md +0 -142
  328. package/rulesets/topologies/agentic-ai/README.md +0 -142
  329. package/rulesets/topologies/agentic-ai/adoption.es.md +0 -37
  330. package/rulesets/topologies/agentic-ai/adoption.md +0 -37
  331. package/rulesets/topologies/agentic-ai/agent.config.schema.json +0 -100
  332. package/rulesets/topologies/agentic-ai/agentic-ai.rego +0 -46
  333. package/rulesets/topologies/agentic-ai/agentic-ai.rules.json +0 -109
  334. package/rulesets/topologies/agentic-ai/agentic-ai.test.rego +0 -68
  335. package/rulesets/topologies/agentic-ai/agentic-ai.wasm +0 -0
  336. package/rulesets/topologies/agentic-ai/cli/cli-flows.es.md +0 -35
  337. package/rulesets/topologies/agentic-ai/cli/cli-flows.md +0 -45
  338. package/rulesets/topologies/agentic-ai/evidence.es.md +0 -25
  339. package/rulesets/topologies/agentic-ai/evidence.md +0 -25
  340. package/rulesets/topologies/agentic-ai/evolution.es.md +0 -26
  341. package/rulesets/topologies/agentic-ai/evolution.md +0 -26
  342. package/rulesets/topologies/agentic-ai/fixtures/invalid-agent.config.json +0 -48
  343. package/rulesets/topologies/agentic-ai/fixtures/valid-agent.config.json +0 -48
  344. package/rulesets/topologies/agentic-ai/maturity.es.md +0 -33
  345. package/rulesets/topologies/agentic-ai/maturity.md +0 -33
  346. package/rulesets/topologies/agentic-ai/mcp/mcp-manifest.json +0 -100
  347. package/rulesets/topologies/agentic-ai/openapi/openapi.yaml +0 -187
  348. package/rulesets/topologies/agentic-ai/operations.es.md +0 -32
  349. package/rulesets/topologies/agentic-ai/operations.md +0 -32
  350. package/rulesets/topologies/agentic-ai/parity-fixtures/compliant.json +0 -18
  351. package/rulesets/topologies/agentic-ai/parity-fixtures/violation.json +0 -22
  352. package/rulesets/topologies/agentic-ai/patterns.es.md +0 -32
  353. package/rulesets/topologies/agentic-ai/patterns.md +0 -32
  354. package/rulesets/topologies/agentic-ai/resilience.es.md +0 -26
  355. package/rulesets/topologies/agentic-ai/resilience.md +0 -26
  356. package/rulesets/topologies/agentic-ai/runbooks.es.md +0 -48
  357. package/rulesets/topologies/agentic-ai/runbooks.md +0 -48
  358. package/rulesets/topologies/agentic-ai/security.es.md +0 -26
  359. package/rulesets/topologies/agentic-ai/security.md +0 -26
  360. package/rulesets/topologies/agentic-ai/topology.manifest.json +0 -127
  361. package/rulesets/topologies/data-mesh/README.es.md +0 -69
  362. package/rulesets/topologies/data-mesh/README.md +0 -69
  363. package/rulesets/topologies/data-mesh/adoption.es.md +0 -95
  364. package/rulesets/topologies/data-mesh/adoption.md +0 -95
  365. package/rulesets/topologies/data-mesh/cli/cli-flows.es.md +0 -41
  366. package/rulesets/topologies/data-mesh/cli/cli-flows.md +0 -53
  367. package/rulesets/topologies/data-mesh/data-mesh.rego +0 -11
  368. package/rulesets/topologies/data-mesh/data-mesh.rules.json +0 -100
  369. package/rulesets/topologies/data-mesh/data-mesh.test.rego +0 -107
  370. package/rulesets/topologies/data-mesh/data-mesh.wasm +0 -0
  371. package/rulesets/topologies/data-mesh/evidence.es.md +0 -111
  372. package/rulesets/topologies/data-mesh/evidence.md +0 -111
  373. package/rulesets/topologies/data-mesh/evolution.es.md +0 -67
  374. package/rulesets/topologies/data-mesh/evolution.md +0 -67
  375. package/rulesets/topologies/data-mesh/fixtures/invalid.topology.config.json +0 -12
  376. package/rulesets/topologies/data-mesh/fixtures/valid.topology.config.json +0 -12
  377. package/rulesets/topologies/data-mesh/maturity.es.md +0 -36
  378. package/rulesets/topologies/data-mesh/maturity.md +0 -36
  379. package/rulesets/topologies/data-mesh/mcp/mcp-manifest.json +0 -68
  380. package/rulesets/topologies/data-mesh/openapi/openapi.yaml +0 -186
  381. package/rulesets/topologies/data-mesh/operations.es.md +0 -63
  382. package/rulesets/topologies/data-mesh/operations.md +0 -63
  383. package/rulesets/topologies/data-mesh/parity-fixtures/compliant.json +0 -18
  384. package/rulesets/topologies/data-mesh/parity-fixtures/violation.json +0 -21
  385. package/rulesets/topologies/data-mesh/patterns.es.md +0 -67
  386. package/rulesets/topologies/data-mesh/patterns.md +0 -67
  387. package/rulesets/topologies/data-mesh/resilience.es.md +0 -64
  388. package/rulesets/topologies/data-mesh/resilience.md +0 -64
  389. package/rulesets/topologies/data-mesh/runbooks.es.md +0 -147
  390. package/rulesets/topologies/data-mesh/runbooks.md +0 -147
  391. package/rulesets/topologies/data-mesh/security.es.md +0 -66
  392. package/rulesets/topologies/data-mesh/security.md +0 -66
  393. package/rulesets/topologies/data-mesh/topology.config.schema.json +0 -30
  394. package/rulesets/topologies/data-mesh/topology.manifest.json +0 -107
  395. package/rulesets/topologies/edge-computing/README.es.md +0 -81
  396. package/rulesets/topologies/edge-computing/README.md +0 -81
  397. package/rulesets/topologies/edge-computing/adoption.es.md +0 -268
  398. package/rulesets/topologies/edge-computing/adoption.md +0 -268
  399. package/rulesets/topologies/edge-computing/cli/cli-flows.es.md +0 -41
  400. package/rulesets/topologies/edge-computing/cli/cli-flows.md +0 -53
  401. package/rulesets/topologies/edge-computing/edge-computing.rego +0 -41
  402. package/rulesets/topologies/edge-computing/edge-computing.rules.json +0 -50
  403. package/rulesets/topologies/edge-computing/edge-computing.test.rego +0 -33
  404. package/rulesets/topologies/edge-computing/edge-computing.wasm +0 -0
  405. package/rulesets/topologies/edge-computing/evidence.es.md +0 -263
  406. package/rulesets/topologies/edge-computing/evidence.md +0 -263
  407. package/rulesets/topologies/edge-computing/evolution.es.md +0 -257
  408. package/rulesets/topologies/edge-computing/evolution.md +0 -257
  409. package/rulesets/topologies/edge-computing/fixtures/invalid.topology.config.json +0 -6
  410. package/rulesets/topologies/edge-computing/fixtures/valid.topology.config.json +0 -6
  411. package/rulesets/topologies/edge-computing/maturity.es.md +0 -36
  412. package/rulesets/topologies/edge-computing/maturity.md +0 -36
  413. package/rulesets/topologies/edge-computing/mcp/mcp-manifest.json +0 -72
  414. package/rulesets/topologies/edge-computing/openapi/openapi.yaml +0 -187
  415. package/rulesets/topologies/edge-computing/operations.es.md +0 -148
  416. package/rulesets/topologies/edge-computing/operations.md +0 -148
  417. package/rulesets/topologies/edge-computing/parity-fixtures/compliant.json +0 -12
  418. package/rulesets/topologies/edge-computing/parity-fixtures/violation.json +0 -13
  419. package/rulesets/topologies/edge-computing/patterns.es.md +0 -291
  420. package/rulesets/topologies/edge-computing/patterns.md +0 -290
  421. package/rulesets/topologies/edge-computing/resilience.es.md +0 -232
  422. package/rulesets/topologies/edge-computing/resilience.md +0 -229
  423. package/rulesets/topologies/edge-computing/runbooks.es.md +0 -405
  424. package/rulesets/topologies/edge-computing/runbooks.md +0 -405
  425. package/rulesets/topologies/edge-computing/security.es.md +0 -218
  426. package/rulesets/topologies/edge-computing/security.md +0 -218
  427. package/rulesets/topologies/edge-computing/topology.config.schema.json +0 -13
  428. package/rulesets/topologies/edge-computing/topology.manifest.json +0 -113
  429. package/rulesets/topologies/event-driven/README.es.md +0 -71
  430. package/rulesets/topologies/event-driven/README.md +0 -71
  431. package/rulesets/topologies/event-driven/adoption.es.md +0 -67
  432. package/rulesets/topologies/event-driven/adoption.md +0 -67
  433. package/rulesets/topologies/event-driven/cli/cli-flows.es.md +0 -41
  434. package/rulesets/topologies/event-driven/cli/cli-flows.md +0 -53
  435. package/rulesets/topologies/event-driven/event-driven.rego +0 -11
  436. package/rulesets/topologies/event-driven/event-driven.rules.json +0 -100
  437. package/rulesets/topologies/event-driven/event-driven.test.rego +0 -107
  438. package/rulesets/topologies/event-driven/event-driven.wasm +0 -0
  439. package/rulesets/topologies/event-driven/evidence.es.md +0 -69
  440. package/rulesets/topologies/event-driven/evidence.md +0 -69
  441. package/rulesets/topologies/event-driven/evolution.es.md +0 -59
  442. package/rulesets/topologies/event-driven/evolution.md +0 -59
  443. package/rulesets/topologies/event-driven/fixtures/invalid.topology.config.json +0 -12
  444. package/rulesets/topologies/event-driven/fixtures/valid.topology.config.json +0 -12
  445. package/rulesets/topologies/event-driven/maturity.es.md +0 -36
  446. package/rulesets/topologies/event-driven/maturity.md +0 -36
  447. package/rulesets/topologies/event-driven/mcp/mcp-manifest.json +0 -68
  448. package/rulesets/topologies/event-driven/openapi/openapi.yaml +0 -186
  449. package/rulesets/topologies/event-driven/operations.es.md +0 -67
  450. package/rulesets/topologies/event-driven/operations.md +0 -67
  451. package/rulesets/topologies/event-driven/parity-fixtures/compliant.json +0 -18
  452. package/rulesets/topologies/event-driven/parity-fixtures/violation.json +0 -21
  453. package/rulesets/topologies/event-driven/patterns.es.md +0 -68
  454. package/rulesets/topologies/event-driven/patterns.md +0 -68
  455. package/rulesets/topologies/event-driven/resilience.es.md +0 -65
  456. package/rulesets/topologies/event-driven/resilience.md +0 -65
  457. package/rulesets/topologies/event-driven/runbooks.es.md +0 -79
  458. package/rulesets/topologies/event-driven/runbooks.md +0 -79
  459. package/rulesets/topologies/event-driven/security.es.md +0 -59
  460. package/rulesets/topologies/event-driven/security.md +0 -59
  461. package/rulesets/topologies/event-driven/topology.config.schema.json +0 -30
  462. package/rulesets/topologies/event-driven/topology.manifest.json +0 -109
  463. package/rulesets/topologies/progressive-axis/distributed-modules/distributed-modules.rules.es.json +0 -111
  464. package/rulesets/topologies/progressive-axis/distributed-modules/distributed-modules.rules.json +0 -111
  465. package/rulesets/topologies/progressive-axis/microservices/microservices.rules.es.json +0 -106
  466. package/rulesets/topologies/progressive-axis/microservices/microservices.rules.json +0 -106
  467. package/rulesets/topologies/progressive-axis/modular-monolith/modular-monolith.rules.es.json +0 -148
  468. package/rulesets/topologies/progressive-axis/modular-monolith/modular-monolith.rules.json +0 -148
  469. package/rulesets/topologies/serverless/README.es.md +0 -74
  470. package/rulesets/topologies/serverless/README.md +0 -74
  471. package/rulesets/topologies/serverless/adoption.es.md +0 -50
  472. package/rulesets/topologies/serverless/adoption.md +0 -50
  473. package/rulesets/topologies/serverless/cli/cli-flows.es.md +0 -41
  474. package/rulesets/topologies/serverless/cli/cli-flows.md +0 -53
  475. package/rulesets/topologies/serverless/evidence.es.md +0 -66
  476. package/rulesets/topologies/serverless/evidence.md +0 -66
  477. package/rulesets/topologies/serverless/evolution.es.md +0 -36
  478. package/rulesets/topologies/serverless/evolution.md +0 -36
  479. package/rulesets/topologies/serverless/fixtures/invalid.topology.config.json +0 -6
  480. package/rulesets/topologies/serverless/fixtures/valid.topology.config.json +0 -6
  481. package/rulesets/topologies/serverless/maturity.es.md +0 -36
  482. package/rulesets/topologies/serverless/maturity.md +0 -36
  483. package/rulesets/topologies/serverless/mcp/mcp-manifest.json +0 -72
  484. package/rulesets/topologies/serverless/openapi/openapi.yaml +0 -186
  485. package/rulesets/topologies/serverless/operations.es.md +0 -36
  486. package/rulesets/topologies/serverless/operations.md +0 -36
  487. package/rulesets/topologies/serverless/parity-fixtures/compliant.json +0 -13
  488. package/rulesets/topologies/serverless/parity-fixtures/violation.json +0 -15
  489. package/rulesets/topologies/serverless/patterns.es.md +0 -36
  490. package/rulesets/topologies/serverless/patterns.md +0 -36
  491. package/rulesets/topologies/serverless/resilience.es.md +0 -36
  492. package/rulesets/topologies/serverless/resilience.md +0 -36
  493. package/rulesets/topologies/serverless/runbooks.es.md +0 -68
  494. package/rulesets/topologies/serverless/runbooks.md +0 -68
  495. package/rulesets/topologies/serverless/security.es.md +0 -36
  496. package/rulesets/topologies/serverless/security.md +0 -36
  497. package/rulesets/topologies/serverless/serverless.rego +0 -32
  498. package/rulesets/topologies/serverless/serverless.rules.json +0 -33
  499. package/rulesets/topologies/serverless/serverless.test.rego +0 -28
  500. package/rulesets/topologies/serverless/serverless.wasm +0 -0
  501. package/rulesets/topologies/serverless/topology.config.schema.json +0 -28
  502. package/rulesets/topologies/serverless/topology.manifest.json +0 -114
package/rulesets/governance/satellite-contracts.rules.json DELETED
@@ -1,183 +0,0 @@
1
- {
2
- "$schema": "../schema/ruleset-standard.schema.json",
3
- "$id": "https://evolith.dev/rulesets/governance/satellite-contracts.rules.json",
4
- "title": "Satellite Contract Rules",
5
- "description": "Rules defining the required and optional structure of satellite evolith.yaml files. These contracts enable the federated governance model.",
6
- "version": "1.0.0",
7
- "effectiveDate": "2026-01-01",
8
- "contractFields": {
9
- "required": [
10
- {
11
- "field": "apiVersion",
12
- "path": "$.apiVersion",
13
- "type": "string",
14
- "constraint": "Must be 'evolith.dev/v1'",
15
- "rationale": "API version enables future governance format evolution without breaking existing satellites."
16
- },
17
- {
18
- "field": "kind",
19
- "path": "$.kind",
20
- "type": "string",
21
- "constraint": "Must be 'Satellite'",
22
- "rationale": "Kind distinguishes Evolith resources (Satellite, Policy, Standard) in the same repository."
23
- },
24
- {
25
- "field": "metadata.name",
26
- "path": "$.metadata.name",
27
- "type": "string",
28
- "constraint": "kebab-case, lowercase, alphanumeric + hyphens only",
29
- "rationale": "Name is the satellite's identity in governance tooling and Architecture Board communications."
30
- },
31
- {
32
- "field": "metadata.phase",
33
- "path": "$.metadata.phase",
34
- "type": "string",
35
- "constraint": "Must be F1, F2, or F3",
36
- "rationale": "Phase determines which architecture rules apply. F1 is mandatory starting point unless exception approved."
37
- },
38
- {
39
- "field": "metadata.architectureVersion",
40
- "path": "$.metadata.architectureVersion",
41
- "type": "string",
42
- "constraint": "semver format",
43
- "rationale": "Tracks architectural evolution of the satellite independently of product version."
44
- },
45
- {
46
- "field": "spec.coreRef.version",
47
- "path": "$.spec.coreRef.version",
48
- "type": "string",
49
- "constraint": "semver format, must reference existing Evolith Core version",
50
- "rationale": "Core version pin ensures reproducible governance validation."
51
- },
52
- {
53
- "field": "spec.coreRef.rulesetVersion",
54
- "path": "$.spec.coreRef.rulesetVersion",
55
- "type": "string",
56
- "constraint": "semver format",
57
- "rationale": "Ruleset version allows Core to publish rule updates without bumping full Core version."
58
- },
59
- {
60
- "field": "spec.runtime.language",
61
- "path": "$.spec.runtime.language",
62
- "type": "string",
63
- "constraint": "Must be one of: TypeScript, CSharp, Kotlin, Go, Python",
64
- "rationale": "Runtime language determines which runtime-specific ADRs and patterns apply."
65
- },
66
- {
67
- "field": "spec.runtime.framework",
68
- "path": "$.spec.runtime.framework",
69
- "type": "string",
70
- "rationale": "Framework identifies the specific framework (NestJS, ASP.NET Core, Spring Boot) for pattern enforcement."
71
- },
72
- {
73
- "field": "spec.sdlc.currentPhase",
74
- "path": "$.spec.sdlc.currentPhase",
75
- "type": "integer",
76
- "constraint": "Must be 1, 2, 3, 4, or 5",
77
- "rationale": "SDLC phase determines which gate rules and artifact requirements apply."
78
- }
79
- ],
80
- "optional": [
81
- {
82
- "field": "spec.coreRef.inheritancePath",
83
- "path": "$.spec.coreRef.inheritancePath",
84
- "type": "array",
85
- "description": "Chain of inheritance if satellite extends another satellite",
86
- "default": "[]"
87
- },
88
- {
89
- "field": "spec.runtime.runtimeVersion",
90
- "path": "$.spec.runtime.runtimeVersion",
91
- "type": "string",
92
- "description": "Runtime version (e.g., Node 20, .NET 8)"
93
- },
94
- {
95
- "field": "spec.sdlc.gates",
96
- "path": "$.spec.sdlc.gates",
97
- "type": "object",
98
- "description": "Gate completion dates for traceability"
99
- },
100
- {
101
- "field": "spec.boundedContexts",
102
- "path": "$.spec.boundedContexts",
103
- "type": "array",
104
- "description": "List of bounded contexts in this satellite"
105
- },
106
- {
107
- "field": "spec.compliance.adrRegistry",
108
- "path": "$.spec.compliance.adrRegistry",
109
- "type": "array",
110
- "description": "Local ADRs maintained by this satellite"
111
- },
112
- {
113
- "field": "spec.compliance.coverageTarget",
114
- "path": "$.spec.compliance.coverageTarget",
115
- "type": "number",
116
- "description": "Coverage target (minimum 80)"
117
- },
118
- {
119
- "field": "spec.compliance.qualityWaivers",
120
- "path": "$.spec.compliance.qualityWaivers",
121
- "type": "array",
122
- "description": "Active quality waivers with expiration dates"
123
- }
124
- ]
125
- },
126
- "rules": [
127
- {
128
- "id": "SVC-01",
129
- "title": "Satellite must have exactly one evolith.yaml in repository root",
130
- "enforcement": "CLI validates single evolith.yaml at repo root. Nested evolith.yaml files are prohibited.",
131
- "description": "CLI validates single evolith.yaml at repo root. Nested evolith.yaml files are prohibited."
132
- },
133
- {
134
- "id": "SVC-02",
135
- "title": "Satellite name must be unique across all Evolith satellites",
136
- "enforcement": "CLI checks against Evolith satellite registry before allowing first push.",
137
- "description": "CLI checks against Evolith satellite registry before allowing first push."
138
- },
139
- {
140
- "id": "SVC-03",
141
- "title": "F1 phase satellites must reference core/ADR-0047 in spec.compliance.adrRegistry",
142
- "enforcement": "Satellites in F1 phase must include core/ADR-0047 confirming modular monolith starting point.",
143
- "description": "Satellites in F1 phase must include core/ADR-0047 confirming modular monolith starting point."
144
- },
145
- {
146
- "id": "SVC-04",
147
- "title": "Satellites in F2 or F3 must have extraction readiness score documented",
148
- "enforcement": "Satellites with phase F2 or F3 must have core/ADR-0045 assessment with score >= 70% (F2) or >= 80% (F3).",
149
- "description": "Satellites with phase F2 or F3 must have core/ADR-0045 assessment with score >= 70% (F2) or >= 80% (F3)."
150
- },
151
- {
152
- "id": "SVC-05",
153
- "title": "Core version referenced must exist in Evolith Core registry",
154
- "enforcement": "CLI validates coreRef.version against Evolith Core releases. Unknown versions trigger error.",
155
- "description": "CLI validates coreRef.version against Evolith Core releases. Unknown versions trigger error."
156
- }
157
- ],
158
- "migrationRules": [
159
- {
160
- "id": "MIG-01",
161
- "title": "Satellite can upgrade governance version via CLI upgrade command",
162
- "command": "evolith upgrade --target-version <version>",
163
- "description": "CLI automates version update, rule diff review, and CI validation"
164
- },
165
- {
166
- "id": "MIG-02",
167
- "title": "Phase transition (F1 → F2 → F3) requires Architecture Board approval artifact",
168
- "description": "Phase transition is not automated. Board must review and explicitly approve before satellite updates metadata.phase"
169
- },
170
- {
171
- "id": "MIG-03",
172
- "title": "Satellite archival: satellite marks itself as Deprecated in evolith.yaml",
173
- "description": "Deprecated satellites are retained for audit but no longer receive Core rule updates"
174
- }
175
- ],
176
- "reference": {
177
- "evolithYamlSchema": "../schema/evolith-yaml.schema.json",
178
- "inheritanceRules": "./inheritance.rules.json",
179
- "f1Rules": "../../reference/architecture/topologies/progressive-axis/modular-monolith/modular-monolith.rules.json",
180
- "f2Rules": "../../reference/architecture/topologies/progressive-axis/distributed-modules/distributed-modules.rules.json",
181
- "f3Rules": "../../reference/architecture/topologies/progressive-axis/microservices/microservices.rules.json"
182
- }
183
- }
package/rulesets/infrastructure/helm-enforcement.rules.json DELETED
@@ -1,21 +0,0 @@
1
- {
2
- "$schema": "../../schema/rule-definition.schema.json",
3
- "id": "INFRA-001",
4
- "category": "infrastructure",
5
- "name": "Helm Charts Over Raw Manifests Enforcement",
6
- "description": "Ensures that Kubernetes configurations use Helm charts (Chart.yaml) rather than raw standalone YAML manifests.",
7
- "severity": "error",
8
- "rationale": "Helm provides versioning, templating, and rollback capabilities which are required by ADR-0076 and the authoritative tech stack. Raw manifests lead to drift and duplication.",
9
- "validation": {
10
- "type": "file_pattern_ban",
11
- "target": [
12
- "reference/infrastructure/kubernetes/**/*.yaml"
13
- ],
14
- "exclude": [
15
- "reference/infrastructure/kubernetes/**/Chart.yaml",
16
- "reference/infrastructure/kubernetes/**/values.yaml"
17
- ],
18
- "message": "Raw Kubernetes YAML manifests are prohibited. Wrap your deployments in a Helm Chart.",
19
- "opa_equivalent": "infrastructure/opa/helm-enforcement.rego"
20
- }
21
- }
package/rulesets/infrastructure/opa/helm-enforcement.rego DELETED
@@ -1,25 +0,0 @@
1
- package evolith.infrastructure
2
-
3
- import future.keywords.contains
4
- import future.keywords.if
5
- import future.keywords.in
6
-
7
- # Default deny
8
- default allow := false
9
-
10
- # OPA rule to reject raw Kubernetes manifests that aren't part of a Helm chart.
11
- # In a real setup, input would be the file paths or Kubernetes objects.
12
- deny contains msg if {
13
- some path in input.files
14
- endswith(path, ".yaml")
15
- contains(path, "reference/infrastructure/kubernetes/")
16
- not endswith(path, "Chart.yaml")
17
- not endswith(path, "values.yaml")
18
- not contains(path, "templates/")
19
-
20
- msg := sprintf("File %s is a raw Kubernetes manifest. Helm charts must be used (Chart.yaml and templates/).", [path])
21
- }
22
-
23
- allow if {
24
- count(deny) == 0
25
- }
package/rulesets/infrastructure/opa/helm-enforcement.test.rego DELETED
@@ -1,31 +0,0 @@
1
- package evolith.infrastructure_test
2
-
3
- import data.evolith.infrastructure
4
-
5
- test_valid_helm_chart_is_allowed {
6
- infrastructure.allow with input as {"files": ["Chart.yaml", "values.yaml", "templates/deployment.yaml"]}
7
- }
8
-
9
- test_empty_file_list_is_allowed {
10
- infrastructure.allow with input as {"files": []}
11
- }
12
-
13
- test_raw_k8s_manifest_is_denied {
14
- count(infrastructure.deny) > 0 with input as {"files": ["reference/infrastructure/kubernetes/deploy.yaml"]}
15
- }
16
-
17
- test_file_in_templates_is_allowed {
18
- infrastructure.allow with input as {"files": ["templates/service.yaml"]}
19
- }
20
-
21
- test_chart_yaml_is_allowed {
22
- infrastructure.allow with input as {"files": ["Chart.yaml"]}
23
- }
24
-
25
- test_values_yaml_is_allowed {
26
- infrastructure.allow with input as {"files": ["values.yaml"]}
27
- }
28
-
29
- test_non_k8s_yaml_is_allowed {
30
- infrastructure.allow with input as {"files": ["README.yaml"]}
31
- }
package/rulesets/infrastructure/opa/opa-sidecar-bundle.rego DELETED
@@ -1,115 +0,0 @@
1
- package evolith.infrastructure.opa_sidecar_bundle
2
-
3
- import future.keywords.contains
4
- import future.keywords.if
5
- import future.keywords.in
6
-
7
- default allow := false
8
-
9
- valid_algorithms := {"RS256", "ES256", "HS256"}
10
-
11
- deny contains msg if {
12
- some chart in input.charts
13
- not startswith(chart.bundle.url, "https://")
14
- msg := sprintf("%s OPA bundle endpoint must use https://", [chart.name])
15
- }
16
-
17
- deny contains msg if {
18
- some chart in input.charts
19
- chart.bundle.resource == ""
20
- msg := sprintf("%s OPA bundle resource must be explicit", [chart.name])
21
- }
22
-
23
- deny contains msg if {
24
- some chart in input.charts
25
- not regex.match("^sha256:[a-f0-9]{64}$", chart.bundle.expectedSha256)
26
- msg := sprintf("%s OPA bundle expectedSha256 must be a sha256:<64 hex> digest", [chart.name])
27
- }
28
-
29
- deny contains msg if {
30
- some chart in input.charts
31
- chart.bundle.credentials.existingSecretName == ""
32
- msg := sprintf("%s OPA bundle credentials must come from a Kubernetes secret", [chart.name])
33
- }
34
-
35
- deny contains msg if {
36
- some chart in input.charts
37
- chart.bundle.credentials.regionKey == ""
38
- msg := sprintf("%s OPA bundle credentials must include AWS_REGION for S3 signing", [chart.name])
39
- }
40
-
41
- deny contains msg if {
42
- some chart in input.charts
43
- not chart.bundle.signing.enabled
44
- msg := sprintf("%s OPA bundle signature verification must be enabled", [chart.name])
45
- }
46
-
47
- deny contains msg if {
48
- some chart in input.charts
49
- chart.bundle.signing.existingSecretName == ""
50
- msg := sprintf("%s OPA bundle signing public key must come from a Kubernetes secret", [chart.name])
51
- }
52
-
53
- deny contains msg if {
54
- some chart in input.charts
55
- not chart.bundle.signing.algorithm in valid_algorithms
56
- msg := sprintf("%s OPA bundle signing algorithm is unsupported", [chart.name])
57
- }
58
-
59
- deny contains msg if {
60
- some chart in input.charts
61
- chart.bundle.signing.keyId == ""
62
- msg := sprintf("%s OPA bundle signing keyId must be explicit", [chart.name])
63
- }
64
-
65
- deny contains msg if {
66
- some chart in input.charts
67
- not chart.bundle.readinessFailClosed
68
- msg := sprintf("%s OPA sidecar readiness must fail closed on bundle activation", [chart.name])
69
- }
70
-
71
- deny contains msg if {
72
- some chart in input.charts
73
- not chart.rendered.hasConfigFileArg
74
- msg := sprintf("%s OPA sidecar must load config.yaml through --config-file", [chart.name])
75
- }
76
-
77
- deny contains msg if {
78
- some chart in input.charts
79
- not chart.rendered.hasSigningKeyFileArg
80
- msg := sprintf("%s OPA sidecar must load the signing public key with --set-file", [chart.name])
81
- }
82
-
83
- deny contains msg if {
84
- some chart in input.charts
85
- not chart.rendered.hasCredentialsEnv
86
- msg := sprintf("%s OPA sidecar must expose S3 credentials from secret-backed environment variables", [chart.name])
87
- }
88
-
89
- deny contains msg if {
90
- some chart in input.charts
91
- not chart.rendered.hasDigestEnv
92
- msg := sprintf("%s OPA sidecar must expose the expected bundle digest", [chart.name])
93
- }
94
-
95
- deny contains msg if {
96
- some chart in input.charts
97
- not chart.rendered.hasFailClosedReadiness
98
- msg := sprintf("%s OPA sidecar must render /health?bundles readiness", [chart.name])
99
- }
100
-
101
- deny contains msg if {
102
- some chart in input.charts
103
- not chart.rendered.config.credentialsFromEnvironment
104
- msg := sprintf("%s OPA config must enable s3_signing.environment_credentials", [chart.name])
105
- }
106
-
107
- deny contains msg if {
108
- some chart in input.charts
109
- chart.rendered.config.signingKeyId != chart.bundle.signing.keyId
110
- msg := sprintf("%s OPA config signing keyid must match values", [chart.name])
111
- }
112
-
113
- allow if {
114
- count(deny) == 0
115
- }
package/rulesets/infrastructure/opa/opa-sidecar-bundle.test.rego DELETED
@@ -1,66 +0,0 @@
1
- package evolith.infrastructure.opa_sidecar_bundle
2
-
3
- import future.keywords.if
4
- import future.keywords.in
5
-
6
- valid_chart := {
7
- "name": "evolith-bff",
8
- "bundle": {
9
- "url": "https://ums-minio.ums-system.svc.cluster.local:9000",
10
- "resource": "opa-bundles/bundle.tar.gz",
11
- "expectedSha256": "sha256:7bffa731a4b3dfde851d0a2ee50a5bd654f8e2413ec4bb7f668a39550f9d42f7",
12
- "credentials": {
13
- "existingSecretName": "opa-bundle-credentials",
14
- "regionKey": "AWS_REGION",
15
- },
16
- "signing": {
17
- "enabled": true,
18
- "existingSecretName": "opa-bundle-signing-key",
19
- "keyId": "evolith-opa-bundle-rs256",
20
- "algorithm": "RS256",
21
- },
22
- "readinessFailClosed": true,
23
- },
24
- "rendered": {
25
- "hasConfigFileArg": true,
26
- "hasSigningKeyFileArg": true,
27
- "hasCredentialsEnv": true,
28
- "hasDigestEnv": true,
29
- "hasFailClosedReadiness": true,
30
- "config": {
31
- "credentialsFromEnvironment": true,
32
- "signingKeyId": "evolith-opa-bundle-rs256",
33
- },
34
- },
35
- }
36
-
37
- test_valid_chart_allows if {
38
- allow with input as {"charts": [valid_chart]}
39
- }
40
-
41
- test_http_endpoint_denied if {
42
- invalid := object.union_n([
43
- valid_chart,
44
- {"bundle": object.union(valid_chart.bundle, {"url": "http://ums-minio:9000"})},
45
- ])
46
- some msg in deny with input as {"charts": [invalid]}
47
- contains(msg, "https://")
48
- }
49
-
50
- test_unsigned_bundle_denied if {
51
- invalid := object.union_n([
52
- valid_chart,
53
- {"bundle": object.union(valid_chart.bundle, {"signing": object.union(valid_chart.bundle.signing, {"enabled": false})})},
54
- ])
55
- some msg in deny with input as {"charts": [invalid]}
56
- contains(msg, "signature verification")
57
- }
58
-
59
- test_missing_readiness_denied if {
60
- invalid := object.union_n([
61
- valid_chart,
62
- {"rendered": object.union(valid_chart.rendered, {"hasFailClosedReadiness": false})},
63
- ])
64
- some msg in deny with input as {"charts": [invalid]}
65
- contains(msg, "/health?bundles")
66
- }
package/rulesets/infrastructure/opa-sidecar-bundle.rules.json DELETED
@@ -1,18 +0,0 @@
1
- {
2
- "$schema": "../schema/rule-definition.schema.json",
3
- "id": "INFRA-OPA-001",
4
- "category": "infrastructure",
5
- "name": "OPA Sidecar Bundle Integrity",
6
- "description": "Ensures Helm-based OPA sidecars fetch bundles from authenticated TLS endpoints, verify signed bundles, pin the expected bundle digest, and fail closed until bundle activation succeeds.",
7
- "severity": "error",
8
- "rationale": "OPA sidecars enforce executable governance at runtime. Unsigned or unauthenticated bundle distribution allows policy tampering and makes Native/OPA parity meaningful only in repository tests, not in deployed services.",
9
- "validation": {
10
- "type": "helm_opa_bundle_integrity",
11
- "target": [
12
- "reference/infrastructure/helm/evolith-bff",
13
- "reference/infrastructure/helm/evolith-mcp"
14
- ],
15
- "message": "OPA sidecar bundles must use HTTPS, Kubernetes secret-backed credentials, signed bundle verification, expected SHA-256 digest metadata, and fail-closed readiness.",
16
- "opa_equivalent": "infrastructure/opa/opa-sidecar-bundle.rego"
17
- }
18
- }
package/rulesets/mcp/README.es.md DELETED
@@ -1,12 +0,0 @@
1
- # Rulesets MCP
2
-
3
- > **Navegación bilingüe:** [English version](./README.md)
4
-
5
- Reglas para exposición del protocolo MCP de Evolith, comportamiento de transporte y contexto de gobernanza consumible por IA.
6
-
7
- ## Rulesets
8
-
9
- | Ruleset | Propósito |
10
- |---|---|
11
- | [Cumplimiento del Protocolo MCP](./protocol-compliance.rules.json) | Define el comportamiento mínimo del protocolo para los transportes MCP soportados. |
12
-
package/rulesets/mcp/README.md DELETED
@@ -1,12 +0,0 @@
1
- # MCP Rulesets
2
-
3
- > **Bilingual navigation:** [Versión en Español](./README.es.md)
4
-
5
- Rules for Evolith MCP protocol exposure, transport behavior, and AI-consumable governance context.
6
-
7
- ## Rulesets
8
-
9
- | Ruleset | Purpose |
10
- |---|---|
11
- | [MCP Protocol Compliance](./protocol-compliance.rules.json) | Defines minimum protocol behavior for supported MCP transports. |
12
-
package/rulesets/mcp/protocol-compliance.rules.json DELETED
@@ -1,57 +0,0 @@
1
- {
2
- "$schema": "../schema/ruleset-standard.schema.json",
3
- "$id": "https://evolith.dev/rulesets/mcp/protocol-compliance.rules.json",
4
- "title": "MCP Protocol Compliance Rules",
5
- "description": "Minimum behavior required for Evolith MCP server transports and handlers.",
6
- "version": "1.0.0",
7
- "effectiveDate": "2026-06-08",
8
- "scope": "core-cli",
9
- "category": "mcp",
10
- "rules": [
11
- {
12
- "id": "MCP-01",
13
- "severity": "MUST",
14
- "category": "protocol",
15
- "title": "Initialize Request Must Return Capabilities",
16
- "description": "The MCP server MUST respond to initialize with protocolVersion, capabilities, and serverInfo.",
17
- "validationQuery": "Send JSON-RPC initialize request and validate response shape.",
18
- "blocking": true
19
- },
20
- {
21
- "id": "MCP-02",
22
- "severity": "MUST",
23
- "category": "tools",
24
- "title": "Tools List Must Be Complete and Stable",
25
- "description": "tools/list MUST expose every supported tool with name, description, and inputSchema.",
26
- "validationQuery": "Call tools/list and validate each tool descriptor.",
27
- "blocking": true
28
- },
29
- {
30
- "id": "MCP-03",
31
- "severity": "MUST",
32
- "category": "resources",
33
- "title": "Resources Must Preserve Core Traceability",
34
- "description": "resources/read responses MUST identify the Core artifact or ruleset source behind the returned context.",
35
- "validationQuery": "Read representative resources and verify source traceability metadata or content path.",
36
- "blocking": true
37
- },
38
- {
39
- "id": "MCP-04",
40
- "severity": "MUST",
41
- "category": "security",
42
- "title": "HTTP Transport Requires Explicit Authentication Mode",
43
- "description": "When HTTP transport is enabled outside local development, an API key or equivalent authentication mode MUST be configured.",
44
- "validationQuery": "Inspect MCP transport config for apiKey or local-only mode.",
45
- "blocking": true
46
- },
47
- {
48
- "id": "MCP-05",
49
- "severity": "SHOULD",
50
- "category": "observability",
51
- "title": "MCP Calls Should Emit Metrics",
52
- "description": "Tool calls SHOULD record latency, success, failure, and error class metrics.",
53
- "validationQuery": "Call a tool and inspect MCP metrics output.",
54
- "blocking": false
55
- }
56
- ]
57
- }
package/rulesets/observability/README.es.md DELETED
@@ -1,12 +0,0 @@
1
- # Rulesets de Observabilidad
2
-
3
- > **Navegación bilingüe:** [English version](./README.md)
4
-
5
- Reglas para evidencia de telemetría requerida por gates Evolith y preparación operativa.
6
-
7
- ## Rulesets
8
-
9
- | Ruleset | Propósito |
10
- |---|---|
11
- | [Evidencia de Telemetría](./telemetry-evidence.rules.json) | Define evidencia mínima de trazas, logs, métricas y dashboards para rutas productivas. |
12
-
package/rulesets/observability/README.md DELETED
@@ -1,12 +0,0 @@
1
- # Observability Rulesets
2
-
3
- > **Bilingual navigation:** [Versión en Español](./README.es.md)
4
-
5
- Rules for telemetry evidence required by Evolith phase gates and operational readiness.
6
-
7
- ## Rulesets
8
-
9
- | Ruleset | Purpose |
10
- |---|---|
11
- | [Telemetry Evidence](./telemetry-evidence.rules.json) | Defines minimum trace, log, metric, and dashboard evidence for production paths. |
12
-
package/rulesets/observability/telemetry-evidence.rules.json DELETED
@@ -1,48 +0,0 @@
1
- {
2
- "$schema": "../schema/ruleset-standard.schema.json",
3
- "$id": "https://evolith.dev/rulesets/observability/telemetry-evidence.rules.json",
4
- "title": "Telemetry Evidence Rules",
5
- "description": "Minimum observability evidence for phase gates and production readiness.",
6
- "version": "1.0.0",
7
- "effectiveDate": "2026-06-08",
8
- "scope": "satellite",
9
- "category": "observability",
10
- "rules": [
11
- {
12
- "id": "OBS-EVD-01",
13
- "severity": "MUST",
14
- "category": "tracing",
15
- "title": "Production Paths Emit Trace Context",
16
- "description": "Production request paths MUST emit TraceId, SpanId, and CorrelationId or runtime-equivalent trace context.",
17
- "validationQuery": "Inspect OTel traces for representative production paths.",
18
- "blocking": true
19
- },
20
- {
21
- "id": "OBS-EVD-02",
22
- "severity": "MUST",
23
- "category": "logging",
24
- "title": "Structured Logs Carry Request Context",
25
- "description": "Structured logs MUST include request correlation fields and avoid raw PII.",
26
- "validationQuery": "Sample production logs and verify correlation fields plus PII-safe logging policy.",
27
- "blocking": true
28
- },
29
- {
30
- "id": "OBS-EVD-03",
31
- "severity": "MUST",
32
- "category": "metrics",
33
- "title": "Service Health Metrics Are Reported",
34
- "description": "Production services MUST report error rate, latency percentile, throughput, and availability metrics.",
35
- "validationQuery": "Inspect metrics backend or dashboard export for required service health metrics.",
36
- "blocking": true
37
- },
38
- {
39
- "id": "OBS-EVD-04",
40
- "severity": "SHOULD",
41
- "category": "dashboards",
42
- "title": "Gate Evidence References Dashboard",
43
- "description": "Phase 5 evidence SHOULD reference the dashboard or query used to verify nominal monitoring.",
44
- "validationQuery": "Verify release notes or evidence manifest includes dashboardRef.",
45
- "blocking": false
46
- }
47
- ]
48
- }
package/rulesets/opa/README.es.md DELETED
@@ -1,22 +0,0 @@
1
- # Políticas OPA y Schemas de Entrada
2
-
3
- Esta carpeta contiene las políticas principales de Open Policy Agent (OPA) `.rego` utilizadas para la validación de arquitectura y gobernanza en la plataforma Evolith.
4
-
5
- Cada política OPA define un contrato formal para su entrada, respaldado por un JSON Schema versionado.
6
-
7
- ## Políticas y Schemas OPA
8
-
9
- | Archivo de Política | Archivo de Prueba | JSON Schema de Entrada | Descripción |
10
- |---|---|---|---|
11
- | [governance.rego](./governance.rego) | [governance.test.rego](./governance.test.rego) | [governance.input.schema.json](./schemas/governance.input.schema.json) | Verifica los límites de herencia de satélites y decisiones obligatorias. |
12
- | [mcp.rego](./mcp.rego) | [mcp.test.rego](./mcp.test.rego) | [mcp.input.schema.json](./schemas/mcp.input.schema.json) | Verifica el cumplimiento del protocolo MCP y la evidencia de pruebas de humo. |
13
- | [version-pinning.rego](./version-pinning.rego) | [version-pinning.test.rego](./version-pinning.test.rego) | [version-pinning.input.schema.json](./schemas/version-pinning.input.schema.json) | Aplica reglas estrictas de fijación (pinning) de dependencias de paquetes. |
14
- | [cli-readiness.rego](./cli-readiness.rego) | [cli-readiness.test.rego](./cli-readiness.test.rego) | [cli-readiness.input.schema.json](./schemas/cli-readiness.input.schema.json) | Valida la compilación, documentación y preparación del archivo lock del Smart CLI. |
15
- | [knowledge-intake.rego](./knowledge-intake.rego) | [knowledge-intake.test.rego](./knowledge-intake.test.rego) | [knowledge-intake.input.schema.json](./schemas/knowledge-intake.input.schema.json) | Gobierna el ciclo de vida de ingesta, estado de revisión y emparejamiento topológico de conocimiento externo. |
16
- | [taxonomy.rego](./taxonomy.rego) | [taxonomy.test.rego](./taxonomy.test.rego) | [taxonomy.input.schema.json](./schemas/taxonomy.input.schema.json) | Valida la taxonomía de directorios del repositorio, nombres de archivos ADR y pares bilingües. |
17
- | [ci-cd.rego](./ci-cd.rego) | [ci-cd.test.rego](./ci-cd.test.rego) | [ci-cd.input.schema.json](./schemas/ci-cd.input.schema.json) | Asegura que el escaneo de dependencias, scripts de flujo de trabajo y actualizaciones de dependencias estén presentes. |
18
- | [evidence.rego](./evidence.rego) | [evidence.test.rego](./evidence.test.rego) | [evidence.input.schema.json](./schemas/evidence.input.schema.json) | Valida el esquema, periodos de retención y propiedad de los artefactos de evidencia de gates. |
19
- | [abac-mcp-tool-access.rego](./abac-mcp-tool-access.rego) | [abac-mcp-tool-access.test.rego](./abac-mcp-tool-access.test.rego) | [abac-mcp-tool-access.input.schema.json](./schemas/abac-mcp-tool-access.input.schema.json) | Restringe la ejecución de herramientas del Model Context Protocol (MCP) por rol, acción y entorno. |
20
-
21
- ---
22
- [Volver al Centro de Rulesets](../README.es.md)