@guilz-dev/sdlc-gh 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/CODEOWNERS +5 -0
- package/.github/ISSUE_TEMPLATE/bug_report.yml +68 -0
- package/.github/ISSUE_TEMPLATE/config.yml +1 -0
- package/.github/ISSUE_TEMPLATE/feature_request.yml +39 -0
- package/.github/ISSUE_TEMPLATE/support.yml +56 -0
- package/.github/ISSUE_TEMPLATE/task.yml +89 -0
- package/.github/agents/implementer.agent.md +17 -0
- package/.github/agents/reviewer.agent.md +18 -0
- package/.github/agents/triager.agent.md +13 -0
- package/.github/aw/actions-lock.json +9 -0
- package/.github/copilot-instructions.md +35 -0
- package/.github/hooks/hooks.json +12 -0
- package/.github/instructions/core.instructions.md +11 -0
- package/.github/instructions/profiles/go.instructions.md +10 -0
- package/.github/instructions/profiles/php.instructions.md +11 -0
- package/.github/instructions/profiles/python.instructions.md +11 -0
- package/.github/instructions/profiles/ruby.instructions.md +11 -0
- package/.github/instructions/profiles/typescript.instructions.md +11 -0
- package/.github/labels.yml +55 -0
- package/.github/pull_request_template.md +33 -0
- package/.github/ruleset.example.json +33 -0
- package/.github/ruleset.harness-eval.example.json +29 -0
- package/.github/skills/quality-loop/SKILL.md +23 -0
- package/.github/workflows/agent-retry-orchestrator.yml +161 -0
- package/.github/workflows/copilot-setup-steps.yml +64 -0
- package/.github/workflows/eval-ci.yml +169 -0
- package/.github/workflows/eval-drift.yml +75 -0
- package/.github/workflows/gh-aw-dogfood-ci.yml +73 -0
- package/.github/workflows/harness-ci.yml +244 -0
- package/.github/workflows/harness-sync.yml +28 -0
- package/.github/workflows/l1-readiness-check.yml +45 -0
- package/.github/workflows/labels-sync.yml +24 -0
- package/.github/workflows/nightly-harness-review.lock.yml +1643 -0
- package/.github/workflows/nightly-harness-review.md +87 -0
- package/.github/workflows/nightly-harness-review.yml +63 -0
- package/.github/workflows/npm-publish.yml +49 -0
- package/.github/workflows/pr-context-comment.yml +138 -0
- package/.github/workflows/product-ci-go.yml +33 -0
- package/.github/workflows/product-ci-php.yml +39 -0
- package/.github/workflows/product-ci-python.yml +34 -0
- package/.github/workflows/product-ci-ruby.yml +35 -0
- package/.github/workflows/product-ci-ts.yml +37 -0
- package/.github/workflows/task-issue-label-sync.yml +50 -0
- package/.github/workflows/weekly-redteam.lock.yml +1571 -0
- package/.github/workflows/weekly-redteam.md +76 -0
- package/.github/zizmor.yml +11 -0
- package/AGENTS.md +54 -0
- package/LICENSE +21 -0
- package/README.md +366 -0
- package/config/stacks.json +55 -0
- package/docs/adoption.md +126 -0
- package/docs/arch.md +535 -0
- package/docs/auth-boundaries.md +16 -0
- package/docs/coding-agent-l1.md +152 -0
- package/docs/exceptions/README.md +25 -0
- package/docs/exceptions/TEMPLATE.md +8 -0
- package/docs/failure-taxonomy.md +23 -0
- package/docs/gh-aw-dogfood.md +109 -0
- package/docs/kpi-baseline.md +9 -0
- package/docs/nightly-harness-review.md +94 -0
- package/docs/operations.md +108 -0
- package/docs/publishing.md +79 -0
- package/docs/revert-playbook.md +44 -0
- package/docs/shared-config.md +30 -0
- package/docs/telemetry-artifacts.md +78 -0
- package/docs/telemetry-schema.md +60 -0
- package/evals/.score-baseline.json +6 -0
- package/evals/e2e-bench/README.md +28 -0
- package/evals/e2e-bench/manifest.json +16 -0
- package/evals/e2e-bench/tasks/e2e-001.yml +10 -0
- package/evals/e2e-bench/tasks/e2e-002.yml +11 -0
- package/evals/e2e-bench/tasks/e2e-003.yml +10 -0
- package/evals/e2e-bench/tasks/e2e-004.yml +14 -0
- package/evals/e2e-bench/tasks/e2e-005.yml +11 -0
- package/evals/e2e-bench/tasks/e2e-006.yml +10 -0
- package/evals/e2e-bench/tasks/e2e-007.yml +10 -0
- package/evals/e2e-bench/tasks/e2e-008.yml +10 -0
- package/evals/e2e-bench/tasks/e2e-009.yml +10 -0
- package/evals/trajectories/rubric.md +12 -0
- package/evals/trajectories/test_harness_conventions.py +271 -0
- package/infra/README.md +49 -0
- package/infra/langfuse/docker-compose.yml +25 -0
- package/infra/otel/collector-config.yml +24 -0
- package/infra/samples/gh-aw-dogfood-report.json +44 -0
- package/infra/samples/harness-review-routing-plan.json +19 -0
- package/infra/samples/harness-review-summary.json +61 -0
- package/infra/samples/telemetry-artifact.json +29 -0
- package/infra/samples/telemetry-payload.json +19 -0
- package/package.json +85 -0
- package/prompts/triager-classify.prompt.yml +10 -0
- package/sample/go/add.go +5 -0
- package/sample/go/add_test.go +9 -0
- package/sample/go/go.mod +3 -0
- package/sample/php/composer.json +26 -0
- package/sample/php/composer.lock +1881 -0
- package/sample/php/phpunit.xml +8 -0
- package/sample/php/src/Add.php +13 -0
- package/sample/php/tests/AddTest.php +16 -0
- package/sample/python/requirements-dev.txt +2 -0
- package/sample/python/src/__init__.py +0 -0
- package/sample/python/src/greet.py +3 -0
- package/sample/python/tests/conftest.py +4 -0
- package/sample/python/tests/test_greet.py +5 -0
- package/sample/ruby/.rubocop.yml +10 -0
- package/sample/ruby/Gemfile +6 -0
- package/sample/ruby/Gemfile.lock +58 -0
- package/sample/ruby/lib/add.rb +9 -0
- package/sample/ruby/spec/add_spec.rb +11 -0
- package/sample/ts/biome.json +6 -0
- package/sample/ts/package-lock.json +1763 -0
- package/sample/ts/package.json +15 -0
- package/sample/ts/src/add.ts +3 -0
- package/sample/ts/tests/add.test.ts +8 -0
- package/sample/ts/tsconfig.json +12 -0
- package/scripts/aggregate-harness-review.mjs +48 -0
- package/scripts/bootstrap-harness.sh +411 -0
- package/scripts/check-diff-size.mjs +46 -0
- package/scripts/check-e2e-manifest.mjs +35 -0
- package/scripts/check-eval-score-drift.mjs +31 -0
- package/scripts/check-gh-aw-dogfood-scope.mjs +51 -0
- package/scripts/check-issue-spec.mjs +215 -0
- package/scripts/check-l1-readiness.mjs +82 -0
- package/scripts/check-open-pr-limit.mjs +34 -0
- package/scripts/doctor.mjs +177 -0
- package/scripts/emit-gh-aw-dogfood-report.mjs +112 -0
- package/scripts/emit-telemetry-artifact.mjs +99 -0
- package/scripts/fetch-telemetry-artifacts.mjs +176 -0
- package/scripts/harness-drift-report.mjs +99 -0
- package/scripts/lib/bootstrap-copy.mjs +123 -0
- package/scripts/lib/ccsd-contract.mjs +212 -0
- package/scripts/lib/diff-size.mjs +103 -0
- package/scripts/lib/doctor-local.mjs +179 -0
- package/scripts/lib/e2e-manifest.mjs +76 -0
- package/scripts/lib/gh-aw-dogfood.mjs +293 -0
- package/scripts/lib/github-config.mjs +94 -0
- package/scripts/lib/harness-ci-fragments.mjs +98 -0
- package/scripts/lib/harness-review-routing.mjs +244 -0
- package/scripts/lib/harness-review.mjs +388 -0
- package/scripts/lib/issue-form-label-sync.mjs +56 -0
- package/scripts/lib/l1-readiness.mjs +258 -0
- package/scripts/lib/merge-harness-package.mjs +36 -0
- package/scripts/lib/npm-package.mjs +129 -0
- package/scripts/lib/setup-wizard.mjs +224 -0
- package/scripts/lib/stacks.mjs +138 -0
- package/scripts/lib/telemetry-artifact.mjs +253 -0
- package/scripts/lib/template-root.mjs +39 -0
- package/scripts/merge-harness-package.mjs +14 -0
- package/scripts/route-harness-review.mjs +168 -0
- package/scripts/run-e2e-bench.mjs +216 -0
- package/scripts/sdlc-gh-cli.mjs +91 -0
- package/scripts/select-eval-jobs.mjs +41 -0
- package/scripts/setup-github.mjs +242 -0
- package/scripts/setup-github.sh +4 -0
- package/scripts/setup-wizard.mjs +426 -0
- package/scripts/test-bootstrap-guidance-scenarios.mjs +94 -0
- package/scripts/test-diff-size-scenarios.mjs +88 -0
- package/scripts/test-doctor-scenarios.mjs +70 -0
- package/scripts/test-e2e-manifest-scenarios.mjs +65 -0
- package/scripts/test-gh-aw-dogfood-scenarios.mjs +74 -0
- package/scripts/test-harness-review-routing-scenarios.mjs +130 -0
- package/scripts/test-harness-review-scenarios.mjs +92 -0
- package/scripts/test-hooks-scenarios.mjs +44 -0
- package/scripts/test-issue-form-label-sync-scenarios.mjs +48 -0
- package/scripts/test-issue-spec-scenarios.mjs +258 -0
- package/scripts/test-l1-readiness-scenarios.mjs +204 -0
- package/scripts/test-merge-harness-package-scenarios.mjs +53 -0
- package/scripts/test-npm-package-scenarios.mjs +31 -0
- package/scripts/test-sdlc-gh-cli-scenarios.mjs +54 -0
- package/scripts/test-setup-github-scenarios.mjs +103 -0
- package/scripts/test-setup-wizard-scenarios.mjs +114 -0
- package/scripts/test-telemetry-artifact-scenarios.mjs +69 -0
- package/scripts/trim-harness-ci.mjs +18 -0
- package/scripts/validate-gh-aw-compile.mjs +64 -0
- package/scripts/validate-harness.mjs +199 -0
- package/scripts/validate-telemetry.mjs +21 -0
- package/scripts/verify-bootstrap-stacks.sh +192 -0
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
name: Bug report
|
|
2
|
+
description: Report a defect in the harness, bootstrap flow, workflows, or documentation
|
|
3
|
+
title: "[bug]: "
|
|
4
|
+
labels:
|
|
5
|
+
- task:infra
|
|
6
|
+
- autonomy:L0
|
|
7
|
+
body:
|
|
8
|
+
- type: textarea
|
|
9
|
+
id: summary
|
|
10
|
+
attributes:
|
|
11
|
+
label: Summary
|
|
12
|
+
description: Short description of the problem.
|
|
13
|
+
placeholder: What is broken?
|
|
14
|
+
validations:
|
|
15
|
+
required: true
|
|
16
|
+
|
|
17
|
+
- type: textarea
|
|
18
|
+
id: reproduction
|
|
19
|
+
attributes:
|
|
20
|
+
label: Reproduction steps
|
|
21
|
+
description: Steps, commands, repository context, or workflow path needed to reproduce.
|
|
22
|
+
placeholder: |
|
|
23
|
+
1. ...
|
|
24
|
+
2. ...
|
|
25
|
+
3. ...
|
|
26
|
+
validations:
|
|
27
|
+
required: true
|
|
28
|
+
|
|
29
|
+
- type: textarea
|
|
30
|
+
id: expected
|
|
31
|
+
attributes:
|
|
32
|
+
label: Expected behavior
|
|
33
|
+
placeholder: What should have happened?
|
|
34
|
+
validations:
|
|
35
|
+
required: true
|
|
36
|
+
|
|
37
|
+
- type: textarea
|
|
38
|
+
id: actual
|
|
39
|
+
attributes:
|
|
40
|
+
label: Actual behavior
|
|
41
|
+
placeholder: What happened instead?
|
|
42
|
+
validations:
|
|
43
|
+
required: true
|
|
44
|
+
|
|
45
|
+
- type: input
|
|
46
|
+
id: stack
|
|
47
|
+
attributes:
|
|
48
|
+
label: Stack
|
|
49
|
+
description: One of `ts`, `python`, `go`, `ruby`, `php`, or `n/a`.
|
|
50
|
+
placeholder: ts
|
|
51
|
+
validations:
|
|
52
|
+
required: true
|
|
53
|
+
|
|
54
|
+
- type: input
|
|
55
|
+
id: node
|
|
56
|
+
attributes:
|
|
57
|
+
label: Node.js version
|
|
58
|
+
placeholder: 22.x
|
|
59
|
+
validations:
|
|
60
|
+
required: false
|
|
61
|
+
|
|
62
|
+
- type: textarea
|
|
63
|
+
id: logs
|
|
64
|
+
attributes:
|
|
65
|
+
label: Logs or screenshots
|
|
66
|
+
description: Paste relevant output with secrets removed.
|
|
67
|
+
validations:
|
|
68
|
+
required: false
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
blank_issues_enabled: true
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
name: Feature request
|
|
2
|
+
description: Propose an improvement to the harness, workflows, or adoption model
|
|
3
|
+
title: "[feature]: "
|
|
4
|
+
labels:
|
|
5
|
+
- task:infra
|
|
6
|
+
- autonomy:L0
|
|
7
|
+
body:
|
|
8
|
+
- type: textarea
|
|
9
|
+
id: problem
|
|
10
|
+
attributes:
|
|
11
|
+
label: Problem statement
|
|
12
|
+
description: What pain point or gap are you trying to address?
|
|
13
|
+
placeholder: What is missing or too hard today?
|
|
14
|
+
validations:
|
|
15
|
+
required: true
|
|
16
|
+
|
|
17
|
+
- type: textarea
|
|
18
|
+
id: proposal
|
|
19
|
+
attributes:
|
|
20
|
+
label: Proposed change
|
|
21
|
+
placeholder: Describe the behavior or capability you want.
|
|
22
|
+
validations:
|
|
23
|
+
required: true
|
|
24
|
+
|
|
25
|
+
- type: textarea
|
|
26
|
+
id: alternatives
|
|
27
|
+
attributes:
|
|
28
|
+
label: Alternatives considered
|
|
29
|
+
placeholder: What did you try instead?
|
|
30
|
+
validations:
|
|
31
|
+
required: false
|
|
32
|
+
|
|
33
|
+
- type: textarea
|
|
34
|
+
id: impact
|
|
35
|
+
attributes:
|
|
36
|
+
label: Expected impact
|
|
37
|
+
description: Note affected stacks, workflows, or policy surfaces.
|
|
38
|
+
validations:
|
|
39
|
+
required: false
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
name: Usage question
|
|
2
|
+
description: Ask for help adopting or operating the harness
|
|
3
|
+
title: "[support]: "
|
|
4
|
+
body:
|
|
5
|
+
- type: dropdown
|
|
6
|
+
id: setup_type
|
|
7
|
+
attributes:
|
|
8
|
+
label: Setup type
|
|
9
|
+
options:
|
|
10
|
+
- Template repository
|
|
11
|
+
- Existing repository bootstrap
|
|
12
|
+
- Evaluating only
|
|
13
|
+
validations:
|
|
14
|
+
required: true
|
|
15
|
+
|
|
16
|
+
- type: dropdown
|
|
17
|
+
id: stack
|
|
18
|
+
attributes:
|
|
19
|
+
label: Stack
|
|
20
|
+
options:
|
|
21
|
+
- ts
|
|
22
|
+
- python
|
|
23
|
+
- go
|
|
24
|
+
- ruby
|
|
25
|
+
- php
|
|
26
|
+
- n/a
|
|
27
|
+
validations:
|
|
28
|
+
required: true
|
|
29
|
+
|
|
30
|
+
- type: textarea
|
|
31
|
+
id: question
|
|
32
|
+
attributes:
|
|
33
|
+
label: Question or blocker
|
|
34
|
+
description: Describe where adoption or operation is blocked.
|
|
35
|
+
placeholder: What are you trying to do, and where are you stuck?
|
|
36
|
+
validations:
|
|
37
|
+
required: true
|
|
38
|
+
|
|
39
|
+
- type: textarea
|
|
40
|
+
id: checks
|
|
41
|
+
attributes:
|
|
42
|
+
label: Checks already tried
|
|
43
|
+
description: Local commands or Actions jobs you already ran.
|
|
44
|
+
placeholder: |
|
|
45
|
+
- npm run validate
|
|
46
|
+
- harness-ci
|
|
47
|
+
validations:
|
|
48
|
+
required: false
|
|
49
|
+
|
|
50
|
+
- type: textarea
|
|
51
|
+
id: context
|
|
52
|
+
attributes:
|
|
53
|
+
label: Additional context
|
|
54
|
+
description: Include logs, screenshots, or links with secrets removed.
|
|
55
|
+
validations:
|
|
56
|
+
required: false
|
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
name: Task
|
|
2
|
+
description: Agent-delegated work item with CC-SD contract and acceptance criteria
|
|
3
|
+
title: "[task]: "
|
|
4
|
+
body:
|
|
5
|
+
- type: textarea
|
|
6
|
+
id: goal
|
|
7
|
+
attributes:
|
|
8
|
+
label: Goal
|
|
9
|
+
description: One short paragraph describing what this task achieves.
|
|
10
|
+
placeholder: One short paragraph describing what this task achieves.
|
|
11
|
+
validations:
|
|
12
|
+
required: true
|
|
13
|
+
|
|
14
|
+
- type: textarea
|
|
15
|
+
id: non_goals
|
|
16
|
+
attributes:
|
|
17
|
+
label: Non-goals
|
|
18
|
+
description: Bullet list of what this task must not do or change.
|
|
19
|
+
placeholder: |
|
|
20
|
+
- Item the task must not do or change
|
|
21
|
+
validations:
|
|
22
|
+
required: true
|
|
23
|
+
|
|
24
|
+
- type: textarea
|
|
25
|
+
id: constraints
|
|
26
|
+
attributes:
|
|
27
|
+
label: Constraints
|
|
28
|
+
description: Bullet list of technical or policy limits.
|
|
29
|
+
placeholder: |
|
|
30
|
+
- Technical or policy limits (stack, paths, time)
|
|
31
|
+
validations:
|
|
32
|
+
required: true
|
|
33
|
+
|
|
34
|
+
- type: textarea
|
|
35
|
+
id: acceptance_criteria
|
|
36
|
+
attributes:
|
|
37
|
+
label: Acceptance criteria
|
|
38
|
+
description: Checkbox or bullet list with testable outcomes. Copied into the PR review gate.
|
|
39
|
+
placeholder: |
|
|
40
|
+
- [ ] Criterion 1
|
|
41
|
+
- [ ] Criterion 2
|
|
42
|
+
validations:
|
|
43
|
+
required: true
|
|
44
|
+
|
|
45
|
+
- type: textarea
|
|
46
|
+
id: rollback_hints
|
|
47
|
+
attributes:
|
|
48
|
+
label: Rollback hints
|
|
49
|
+
description: Short revert or undo guidance if the change must be rolled back.
|
|
50
|
+
placeholder: How to revert this change immediately if needed.
|
|
51
|
+
validations:
|
|
52
|
+
required: true
|
|
53
|
+
|
|
54
|
+
- type: dropdown
|
|
55
|
+
id: task_class
|
|
56
|
+
attributes:
|
|
57
|
+
label: Task class
|
|
58
|
+
description: The matching `task:*` label is synced automatically from this choice.
|
|
59
|
+
options:
|
|
60
|
+
- docs
|
|
61
|
+
- test-fix
|
|
62
|
+
- refactor
|
|
63
|
+
- feature-small
|
|
64
|
+
- dependency-bump
|
|
65
|
+
- infra
|
|
66
|
+
- security-sensitive
|
|
67
|
+
validations:
|
|
68
|
+
required: true
|
|
69
|
+
|
|
70
|
+
- type: dropdown
|
|
71
|
+
id: autonomy
|
|
72
|
+
attributes:
|
|
73
|
+
label: Max autonomy level
|
|
74
|
+
description: The matching `autonomy:*` label is synced automatically from this choice.
|
|
75
|
+
options:
|
|
76
|
+
- L0
|
|
77
|
+
- L1
|
|
78
|
+
- L2
|
|
79
|
+
- L3
|
|
80
|
+
validations:
|
|
81
|
+
required: true
|
|
82
|
+
|
|
83
|
+
- type: textarea
|
|
84
|
+
id: context
|
|
85
|
+
attributes:
|
|
86
|
+
label: Additional context
|
|
87
|
+
description: Optional background, links, or prior art.
|
|
88
|
+
validations:
|
|
89
|
+
required: false
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: implementer
|
|
3
|
+
description: Implement tasks with read, edit, and test tools. Default L1 agent.
|
|
4
|
+
tools: ["read", "edit", "search", "execute"]
|
|
5
|
+
handoffs:
|
|
6
|
+
- agent: triager
|
|
7
|
+
when: Task classification unclear
|
|
8
|
+
---
|
|
9
|
+
|
|
10
|
+
# Implementer
|
|
11
|
+
|
|
12
|
+
1. Read the Issue CC-SD contract: `Goal`, `Non-goals`, `Constraints`, `Acceptance criteria`, `Rollback hints`.
|
|
13
|
+
2. Treat `Goal`, `Non-goals`, `Constraints`, and `Acceptance criteria` as the implementation boundary.
|
|
14
|
+
3. Implement minimal change within autonomy size limits.
|
|
15
|
+
4. Run stack-appropriate tests locally or in CI.
|
|
16
|
+
5. Open draft PR summarizing contract-relevant points (`Goal implemented`, `Non-goals preserved`, `Constraints handled`, `Acceptance criteria`, `Rollback`).
|
|
17
|
+
6. Never approve your own PR.
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: reviewer
|
|
3
|
+
description: Review PRs against acceptance criteria. Read-only, no edits.
|
|
4
|
+
tools: ["read", "search"]
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
# Reviewer
|
|
8
|
+
|
|
9
|
+
Evaluate PRs using docs/arch.md §5.5 and the linked Issue CC-SD contract:
|
|
10
|
+
|
|
11
|
+
1. **Requirement fit** — `Goal` and `Acceptance criteria` met?
|
|
12
|
+
2. **Non-goal preservation** — out-of-scope items from `Non-goals` untouched?
|
|
13
|
+
3. **Boundary compliance** — `Constraints` respected?
|
|
14
|
+
4. Test adequacy — tests constrain the change?
|
|
15
|
+
5. Accountability — eval scores, cost, trace links present?
|
|
16
|
+
6. **Rollback ease** — `Rollback hints` / PR `Rollback` section plausible?
|
|
17
|
+
|
|
18
|
+
Compare **Issue → PR summary → diff** in one pass. Post review comments only; do not push commits.
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: triager
|
|
3
|
+
description: Classify issues with task_class and autonomy labels. Read-only.
|
|
4
|
+
tools: ["read"]
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
# Triager
|
|
8
|
+
|
|
9
|
+
1. Read the Issue CC-SD contract: `Goal`, `Non-goals`, `Constraints`, `Acceptance criteria`, `Rollback hints`.
|
|
10
|
+
2. Assign exactly one `task:*` label and one `autonomy:*` label per docs/operations.md.
|
|
11
|
+
3. For `task:docs` or `task:test-fix` with `autonomy:L1`: verify all five CC-SD fields are present and usable (not blank or placeholder-only). **No usable CC-SD contract, no L1 delegation** — request author fixes or assign lower autonomy.
|
|
12
|
+
4. Hand off to implementer for L1+ tasks with a complete contract.
|
|
13
|
+
5. Do not edit code or create PRs.
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
# Copilot instructions — global harness policy
|
|
2
|
+
|
|
3
|
+
## Principles
|
|
4
|
+
|
|
5
|
+
1. Walls are deterministic — never rely on prompt politeness alone.
|
|
6
|
+
2. No destructive commands (`git push --force`, `rm -rf /`, production DB).
|
|
7
|
+
3. Respect change size limits per autonomy level (see docs/operations.md).
|
|
8
|
+
4. Out of scope: production secrets, billing, legal, PII without human approval.
|
|
9
|
+
|
|
10
|
+
## CC-SD contract (L1 docs / test-fix)
|
|
11
|
+
|
|
12
|
+
When implementing `task:docs` or `task:test-fix` at `autonomy:L1`, treat the Issue as the spec:
|
|
13
|
+
|
|
14
|
+
- `Goal`, `Non-goals`, `Constraints`, `Acceptance criteria`, `Rollback hints` (required)
|
|
15
|
+
- `Additional context` (optional)
|
|
16
|
+
|
|
17
|
+
Implementer boundary: `Goal`, `Non-goals`, `Constraints`, `Acceptance criteria`.
|
|
18
|
+
Reviewer checks requirement fit and non-goal preservation.
|
|
19
|
+
v1 does not enforce CC-SD on `feature-small`, `infra`, or `security-sensitive`.
|
|
20
|
+
|
|
21
|
+
## Change size
|
|
22
|
+
|
|
23
|
+
- L1: max 300 LOC, 8 files
|
|
24
|
+
- L2: max 120 LOC, 4 files
|
|
25
|
+
- L3: max 60 LOC, 2 files
|
|
26
|
+
|
|
27
|
+
Split large changes instead of exceeding limits.
|
|
28
|
+
|
|
29
|
+
## Task classes
|
|
30
|
+
|
|
31
|
+
Use Issue labels `task:*` and `autonomy:*`. Default to L1 for implementation tasks.
|
|
32
|
+
|
|
33
|
+
## Review
|
|
34
|
+
|
|
35
|
+
Human gate is PR review only. Mirror the Issue contract in the PR summary and include harness context when available.
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
{
|
|
2
|
+
"version": 1,
|
|
3
|
+
"hooks": [
|
|
4
|
+
{
|
|
5
|
+
"event": "preToolUse",
|
|
6
|
+
"matcher": "shell",
|
|
7
|
+
"pattern": "git push --force|git push -f|rm -rf /|drop database|DROP TABLE",
|
|
8
|
+
"action": "block",
|
|
9
|
+
"message": "Destructive operation blocked by harness policy"
|
|
10
|
+
}
|
|
11
|
+
]
|
|
12
|
+
}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: Core harness conventions for all paths
|
|
3
|
+
applyTo: "**/*"
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# Core instructions
|
|
7
|
+
|
|
8
|
+
- Match existing code style in the target stack profile.
|
|
9
|
+
- Add or update tests for behavior changes.
|
|
10
|
+
- Keep PRs within autonomy size limits.
|
|
11
|
+
- Do not modify `.github/workflows/` without `task:infra` label and human review.
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: PHP conventions
|
|
3
|
+
applyTo: "**/*.{php,composer.json,composer.lock}"
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# PHP profile
|
|
7
|
+
|
|
8
|
+
- Follow PSR-12; use PHP_CodeSniffer or project linter.
|
|
9
|
+
- Tests with PHPUnit in `tests/`.
|
|
10
|
+
- Use Composer; commit `composer.lock` when the project locks dependencies.
|
|
11
|
+
- Type-hint public methods where supported by the project's PHP version.
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: Python conventions
|
|
3
|
+
applyTo: "**/*.py"
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# Python profile
|
|
7
|
+
|
|
8
|
+
- Follow PEP 8; use ruff for lint.
|
|
9
|
+
- Type hints on public functions.
|
|
10
|
+
- Tests with pytest in `tests/`.
|
|
11
|
+
- Use virtualenv or project-standard dependency management.
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: Ruby conventions
|
|
3
|
+
applyTo: "**/*.{rb,rake,Gemfile,Gemfile.lock}"
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# Ruby profile
|
|
7
|
+
|
|
8
|
+
- Follow project style; use RuboCop for lint.
|
|
9
|
+
- Tests with RSpec in `spec/`.
|
|
10
|
+
- Use Bundler; commit `Gemfile.lock` when the project locks dependencies.
|
|
11
|
+
- Prefer explicit requires or Zeitwerk-style autoloading per project layout.
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: TypeScript and JavaScript conventions
|
|
3
|
+
applyTo: "**/*.{ts,tsx,js,mjs,cjs}"
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# TypeScript profile
|
|
7
|
+
|
|
8
|
+
- Use strict TypeScript; run `tsc --noEmit` before finishing.
|
|
9
|
+
- Prefer Biome or project linter for formatting and lint.
|
|
10
|
+
- Tests with Vitest or project test runner.
|
|
11
|
+
- No `any` without justification in PR notes.
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
- name: task:docs
|
|
2
|
+
color: "0E8A16"
|
|
3
|
+
description: Documentation changes
|
|
4
|
+
|
|
5
|
+
- name: task:test-fix
|
|
6
|
+
color: "1D76DB"
|
|
7
|
+
description: Test repair or addition
|
|
8
|
+
|
|
9
|
+
- name: task:refactor
|
|
10
|
+
color: "FBCA04"
|
|
11
|
+
description: Behavior-preserving refactor
|
|
12
|
+
|
|
13
|
+
- name: task:feature-small
|
|
14
|
+
color: "5319E7"
|
|
15
|
+
description: Small feature addition
|
|
16
|
+
|
|
17
|
+
- name: task:dependency-bump
|
|
18
|
+
color: "BFD4F2"
|
|
19
|
+
description: Dependency update
|
|
20
|
+
|
|
21
|
+
- name: task:infra
|
|
22
|
+
color: "D93F0B"
|
|
23
|
+
description: CI, IaC, permissions
|
|
24
|
+
|
|
25
|
+
- name: task:gh-aw-dogfood
|
|
26
|
+
color: "C5DEF5"
|
|
27
|
+
description: Bounded gh-aw validation on sdlc-gh (see docs/gh-aw-dogfood.md)
|
|
28
|
+
|
|
29
|
+
- name: outer-loop:harness-revision
|
|
30
|
+
color: "FEF2C0"
|
|
31
|
+
description: Nightly review routed harness revision work item (#4)
|
|
32
|
+
|
|
33
|
+
- name: outer-loop:wall-addition
|
|
34
|
+
color: "FBCA04"
|
|
35
|
+
description: Nightly review routed wall addition work item (#4)
|
|
36
|
+
|
|
37
|
+
- name: task:security-sensitive
|
|
38
|
+
color: "B60205"
|
|
39
|
+
description: Auth, billing, secrets
|
|
40
|
+
|
|
41
|
+
- name: autonomy:L0
|
|
42
|
+
color: "EDEDED"
|
|
43
|
+
description: Proposal only
|
|
44
|
+
|
|
45
|
+
- name: autonomy:L1
|
|
46
|
+
color: "C2E0C6"
|
|
47
|
+
description: Draft PR, human review required
|
|
48
|
+
|
|
49
|
+
- name: autonomy:L2
|
|
50
|
+
color: "FEF2C0"
|
|
51
|
+
description: Auto-merge candidate after walls
|
|
52
|
+
|
|
53
|
+
- name: autonomy:L3
|
|
54
|
+
color: "E99695"
|
|
55
|
+
description: Limited auto-merge (docs etc.)
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
## Summary
|
|
2
|
+
|
|
3
|
+
<!-- What changed and why (one paragraph) -->
|
|
4
|
+
|
|
5
|
+
## Goal implemented
|
|
6
|
+
|
|
7
|
+
<!-- How the PR fulfills the Issue Goal -->
|
|
8
|
+
|
|
9
|
+
## Non-goals preserved
|
|
10
|
+
|
|
11
|
+
<!-- Confirm out-of-scope items from the Issue were not touched -->
|
|
12
|
+
|
|
13
|
+
## Constraints handled
|
|
14
|
+
|
|
15
|
+
<!-- How technical/policy limits from the Issue were respected -->
|
|
16
|
+
|
|
17
|
+
## Acceptance criteria
|
|
18
|
+
|
|
19
|
+
- [ ]
|
|
20
|
+
|
|
21
|
+
## Rollback
|
|
22
|
+
|
|
23
|
+
<!-- How to revert this change immediately if needed -->
|
|
24
|
+
|
|
25
|
+
## Harness context (auto-filled when available)
|
|
26
|
+
|
|
27
|
+
| Field | Value |
|
|
28
|
+
|-------|-------|
|
|
29
|
+
| Eval score | |
|
|
30
|
+
| AI credits | |
|
|
31
|
+
| Trace link | |
|
|
32
|
+
| Instructions SHA | |
|
|
33
|
+
| Retry count | |
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "main-protection",
|
|
3
|
+
"target": "branch",
|
|
4
|
+
"enforcement": "active",
|
|
5
|
+
"conditions": {
|
|
6
|
+
"ref_name": {
|
|
7
|
+
"include": ["refs/heads/main"],
|
|
8
|
+
"exclude": []
|
|
9
|
+
}
|
|
10
|
+
},
|
|
11
|
+
"rules": [
|
|
12
|
+
{
|
|
13
|
+
"type": "pull_request",
|
|
14
|
+
"parameters": {
|
|
15
|
+
"required_approving_review_count": 1,
|
|
16
|
+
"dismiss_stale_reviews_on_push": true,
|
|
17
|
+
"require_code_owner_review": true
|
|
18
|
+
}
|
|
19
|
+
},
|
|
20
|
+
{
|
|
21
|
+
"type": "required_status_checks",
|
|
22
|
+
"parameters": {
|
|
23
|
+
"strict_required_status_checks_policy": true,
|
|
24
|
+
"required_status_checks": [
|
|
25
|
+
{ "context": "harness-static" },
|
|
26
|
+
{ "context": "diff-size" },
|
|
27
|
+
{ "context": "issue-spec-check" }
|
|
28
|
+
]
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
],
|
|
32
|
+
"_comment": "Canonical template for scripts/setup-github.sh. The setup script injects product-ci-{stack} from .harness-stack and keeps issue-spec-check required for all repos."
|
|
33
|
+
}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "harness-pr-eval-required",
|
|
3
|
+
"target": "branch",
|
|
4
|
+
"enforcement": "active",
|
|
5
|
+
"conditions": {
|
|
6
|
+
"ref_name": { "include": ["refs/heads/main"] }
|
|
7
|
+
},
|
|
8
|
+
"rules": [
|
|
9
|
+
{
|
|
10
|
+
"type": "pull_request",
|
|
11
|
+
"parameters": {
|
|
12
|
+
"required_approving_review_count": 1,
|
|
13
|
+
"require_code_owner_review": true
|
|
14
|
+
}
|
|
15
|
+
},
|
|
16
|
+
{
|
|
17
|
+
"type": "required_status_checks",
|
|
18
|
+
"parameters": {
|
|
19
|
+
"strict_required_status_checks_policy": true,
|
|
20
|
+
"required_status_checks": [
|
|
21
|
+
{ "context": "harness-static" },
|
|
22
|
+
{ "context": "select" },
|
|
23
|
+
{ "context": "trajectory-conventions" }
|
|
24
|
+
]
|
|
25
|
+
}
|
|
26
|
+
}
|
|
27
|
+
],
|
|
28
|
+
"_comment": "Add prompt-eval when GitHub Models is enabled. Apply to harness-asset PRs after eval-ci is green."
|
|
29
|
+
}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: quality-loop
|
|
3
|
+
description: Verify changes against acceptance criteria before marking complete. Use when implementing or reviewing tasks.
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# Quality loop
|
|
7
|
+
|
|
8
|
+
1. Read Issue CC-SD contract: `Goal`, `Non-goals`, `Constraints`, `Acceptance criteria`, `Rollback hints`.
|
|
9
|
+
2. Implement minimal change within autonomy limits and non-goals.
|
|
10
|
+
3. Run stack tests and harness CI locally if possible.
|
|
11
|
+
4. If checks fail, fix and retry (max per docs/operations.md).
|
|
12
|
+
5. Update PR with contract summary fields and harness context table.
|
|
13
|
+
6. Before marking complete, re-check:
|
|
14
|
+
- all `Acceptance criteria` satisfied
|
|
15
|
+
- `Non-goals` were not violated
|
|
16
|
+
- `Constraints` were respected
|
|
17
|
+
- `Rollback hints` remain plausible
|
|
18
|
+
7. Stop when all criteria are met or escalate on repeated failure.
|
|
19
|
+
|
|
20
|
+
## References
|
|
21
|
+
|
|
22
|
+
- docs/operations.md — thresholds and retry policy
|
|
23
|
+
- docs/failure-taxonomy.md — classify failures
|