@kungfu-tech/kfd 1.0.0-alpha.19 → 1.0.0-alpha.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. package/.buildchain/kfd-1/contract-world.witness.json +579 -91
  2. package/.buildchain/kfd-2/kfd-foundation.trust-assessment.json +238 -0
  3. package/.buildchain/kfd-2/kfd-foundation.trust-claims.json +225 -0
  4. package/.buildchain/kfd-2/public-release-trust.claim.json +30 -18
  5. package/.buildchain/kfd-3/collaboration-interface.artifact.json +242 -57
  6. package/.buildchain/kfd-3/collaboration-interface.json +99 -1
  7. package/.buildchain/kfd-3/collaboration-interface.prebuild.json +261 -32
  8. package/README.md +18 -13
  9. package/buildchain.contract-lock.json +5 -5
  10. package/decisions/{kfd-1.md → KFD-1.md} +40 -12
  11. package/decisions/{kfd-2.md → KFD-2.md} +37 -4
  12. package/decisions/{kfd-3.md → KFD-3.md} +17 -1
  13. package/docs/KFD-1-usage.md +37 -0
  14. package/docs/KFD-2-usage.md +123 -0
  15. package/docs/{kfd-3-collaboration-interface.md → KFD-3-usage.md} +21 -0
  16. package/docs/KFD-4-usage.md +31 -0
  17. package/docs/MAP.md +13 -7
  18. package/kfd.release.json +1 -1
  19. package/package.json +3 -1
  20. package/registry.json +4 -4
  21. package/release-impact.json +41 -5
  22. package/schemas/kfd-1/contract-world.schema.json +67 -4
  23. package/schemas/kfd-1/witness.schema.json +113 -0
  24. package/schemas/kfd-2/trust-assessment.schema.json +313 -0
  25. package/schemas/kfd-2/trust-claims.schema.json +334 -0
  26. package/schemas/kfd-3/collaboration-interface.schema.json +60 -0
  27. package/schemas/kfd-3/witness.schema.json +8 -0
  28. package/schemas/kfd-standards.schema.json +124 -0
  29. package/scripts/check.mjs +256 -12
  30. package/scripts/update-kfd-1-witness.mjs +17 -6
  31. package/scripts/update-kfd-2-claim.mjs +226 -5
  32. package/scripts/update-kfd-3-witness.mjs +35 -3
  33. package/scripts/update-site-bundle.mjs +32 -2
  34. package/site/kfd-site.json +67 -4
  35. package/standards.json +634 -11
  36. package/docs/kfd-2-release-trust.md +0 -78
  37. /package/decisions/{kfd-4.md → KFD-4.md} +0 -0
@@ -44,8 +44,10 @@ when either holds:
44
44
  - **(b) Cross-time dependency** — its outputs remain depended on after the run
45
45
  (persisted data, audit evidence, replayable records).
46
46
 
47
- Each entry carries a stable kebab-case ID. Registers live in each repository's
48
- versioning document and are the input to every classification below.
47
+ Each entry carries a stable kebab-case ID. A surface may be
48
+ `integration-time`, `cross-time`, or both. Registers live in each repository's
49
+ contract-world metadata or versioning document and are the input to every
50
+ classification below.
49
51
 
50
52
  ## Concrete case: config contracts
51
53
 
@@ -61,21 +63,44 @@ steps, and the final product must consume the same contract mechanism. It is
61
63
  not enough for the packaged artifact to be internally consistent if the
62
64
  developer path used a different, driftable config source.
63
65
 
64
- ## The decision procedure
66
+ ## The compatibility impact core
65
67
 
66
- Classify the actual diff against the register; the highest match wins:
68
+ Classify the actual diff against the register; the strongest match wins:
67
69
 
68
70
  | # | Condition | Verdict |
69
71
  |---|---|---|
70
- | 1 | **Breaks** any registered surface (removal, semantic change, layout change, incompatible rename — a semantic change counts as breakage even when shapes are unchanged: changed defaults, changed channel meaning, a newly required field) | **major** |
71
- | 2 | **Additively evolves** a registered surface, or **adds** a surface consumers will weld to | **minor** (register the new surface at the same time) |
72
- | 3 | Touches no registered surface | **patch** — regardless of how large the feature is |
73
- | 4 | **Cannot be classified** | **Do not guess.** The register is deficient: fix the register first (a maintainer decision), then reclassify |
72
+ | 1 | **Breaks** any registered surface (removal, semantic change, layout change, incompatible rename — a semantic change counts as breakage even when shapes are unchanged: changed defaults, changed channel meaning, a newly required field) | **breaking impact** |
73
+ | 2 | **Additively evolves** a registered surface, or **adds** a surface consumers will weld to | **additive impact** (register the new surface at the same time) |
74
+ | 3 | Touches no registered surface | **no registered-surface impact** — regardless of how large the implementation change is |
75
+ | 4 | **Cannot be classified** | **unclassifiable impact. Do not guess.** The register is deficient: fix the register first (a maintainer decision), then reclassify |
74
76
 
75
77
  Rule 4 is the safety valve: it forces the irreducible judgment (what counts as
76
78
  a welded surface) to a maintainer instead of letting a change silently pick
77
79
  the convenient answer.
78
80
 
81
+ These four impact classes are the KFD-1 core. They are not inherently release
82
+ version numbers. A product must project them into the control action that
83
+ matches its domain: version line movement, config migration, ABI epoch, API
84
+ namespace, release gate, runtime compatibility bridge, or user workflow gate.
85
+
86
+ ## Release versioning projection
87
+
88
+ For release versioning, the compatibility impact core projects to semver:
89
+
90
+ | Compatibility impact | Release verdict |
91
+ |---|---|
92
+ | breaking impact | **major** |
93
+ | additive impact | **minor** |
94
+ | no registered-surface impact | **patch** |
95
+ | unclassifiable impact | **block release; fix the register first** |
96
+
97
+ This projection is the first implementation case, not the whole principle.
98
+ Other domains must keep the same impact core while choosing their own action:
99
+ config contracts may require a migration bridge or rejected old config, ABIs
100
+ may require a new soname or ABI epoch, APIs may require a namespace or endpoint
101
+ compatibility boundary, and agent/UI surfaces may require explicit workflow or
102
+ command migration.
103
+
79
104
  ## Constraint clauses
80
105
 
81
106
  - **Reverse prohibition.** A line must not be opened for feature volume,
@@ -87,7 +112,8 @@ the convenient answer.
87
112
  self-archivable inputs, and no hard coupling to a maintainer-operated
88
113
  service.
89
114
  - **Decision time.** The verdict is checked against the final diff before the
90
- promotion into the alpha channel; planning-time classification is only a
115
+ action gate that depends on it; for releases this is checked before
116
+ promotion into the alpha channel. Planning-time classification is only a
91
117
  prediction.
92
118
  - **Major dignity.** A major release communicates exactly one thing: something
93
119
  you welded to broke and you must re-audit. An empty major — one that breaks
@@ -118,9 +144,11 @@ the convenient answer.
118
144
 
119
145
  ## The decision log
120
146
 
121
- Line openings (minor/major), register changes, and deprecations must be
122
- recorded in the repository's versioning document; patches stay silent —
123
- silence is itself the signal that no registered surface was touched.
147
+ Line openings (minor/major), register changes, deprecations, and other
148
+ compatibility-impact decisions must be recorded in the repository's
149
+ contract-world or versioning document. Release patches stay silent silence
150
+ is itself the signal that no registered surface was touched in the release
151
+ projection.
124
152
 
125
153
  One markdown table row per event, newest first:
126
154
 
@@ -23,7 +23,9 @@ KFDs can be principles or procedures:
23
23
 
24
24
  This KFD is a principle. KFD-1 is the procedure that keeps the fact sources
25
25
  under this principle from drifting. KFD-3 is the principle that governs how
26
- humans and agents cooperate once facts and trust are visible.
26
+ humans and agents cooperate once facts and trust are visible. KFD-4 is a
27
+ procedure whose observer-perspective claims can also be assessed under this
28
+ principle.
27
29
 
28
30
  ## Foundation role
29
31
 
@@ -38,6 +40,10 @@ before the product has made the relevant facts inspectable. KFD-1 protects the
38
40
  non-drifting fact source those claims stand on. KFD-3 protects the relationship
39
41
  with the human or agent who must understand and act on those facts.
40
42
 
43
+ KFD-2 is not a checker for only one other KFD. It is the generic trust
44
+ adjudication layer for any KFD claim, product claim, artifact claim, control
45
+ surface claim, or release claim that asks a human or agent to rely on it.
46
+
41
47
  ## Principle
42
48
 
43
49
  When a kungfu-systems product represents work or control, its default path
@@ -71,6 +77,27 @@ leaves enough evidence for later review.
71
77
  - Hosted or cloud convenience may add synchronization, storage, compute, and
72
78
  collaboration, but it must not become the only place where the truth exists.
73
79
 
80
+ ## Generic trust assessment model
81
+
82
+ Every KFD-2 trust assessment starts from a claim. The claim may be about a
83
+ release, but it may also be about a contract world, a collaboration interface,
84
+ an observer perspective, a config surface, an API, an ABI, a GUI surface, a
85
+ runtime fact, documentation, or another product surface.
86
+
87
+ A claim is trustable only when the assessment can state:
88
+
89
+ - what the claim is about;
90
+ - which facts the claim binds to;
91
+ - which evidence was checked;
92
+ - what can be machine verified;
93
+ - what remains a residual risk;
94
+ - who owns source facts, verification, and the trust decision;
95
+ - whether the result is pass, warning, fail, or unverifiable.
96
+
97
+ This model is intentionally general. KFD-1, KFD-3, KFD-4, and future KFDs can
98
+ provide claims that KFD-2 assesses. Release trust passports are one projection
99
+ of this model, not the model itself.
100
+
74
101
  ## What it does not require
75
102
 
76
103
  - It does not require every product to be a journal engine or runtime ledger.
@@ -111,12 +138,18 @@ README says so. It publishes inspectable facts: decision documents,
111
138
  metadata, and conformance checks.
112
139
 
113
140
  KFD-2 also owns the trust taxonomy used by release claims, release trust
114
- passports, and KFD-3 witnesses. Unknown residual-risk or trust-downgrade values
115
- fail validation until KFD records them in
116
- `schemas/kfd-2/trust-taxonomy.schema.json`. When an agent needs a new value,
141
+ passports, KFD-3 witnesses, and generic trust assessments. Unknown
142
+ residual-risk or trust-downgrade values fail validation until KFD records them
143
+ in `schemas/kfd-2/trust-taxonomy.schema.json`. When an agent needs a new value,
117
144
  the declared extension path is to open an issue in
118
145
  `https://github.com/kungfu-systems/kfd` rather than inventing a private value.
119
146
 
147
+ The package dogfoods this model through
148
+ `.buildchain/kfd-2/kfd-foundation.trust-claims.json` and
149
+ `.buildchain/kfd-2/kfd-foundation.trust-assessment.json`. Those files assess
150
+ KFD-1's contract-world claim, KFD-3's collaboration-interface claim, and KFD-4's
151
+ observer-perspective claim through the same KFD-2 structure.
152
+
120
153
  ## Adopters
121
154
 
122
155
  Each adopting repository cites this KFD when designing or changing a fact
@@ -97,6 +97,13 @@ human-readable facts wherever possible. A capable agent should be able to learn
97
97
  the product's value, and why that value can be trusted, by inspecting the
98
98
  product's own facts and commands.
99
99
 
100
+ Trusted value is therefore not only a product promise or persuasive sentence.
101
+ A collaboration interface should bind important value claims to explicit value
102
+ evidence: the facts that make the value claim inspectable, the artifacts or
103
+ checks that prove those facts are present, and the KFD-2 trust assessment or
104
+ residual-risk state that tells participants how much weight to place on the
105
+ claim.
106
+
100
107
  ### 3. Use constraints as transparent safety, not hidden control
101
108
 
102
109
  Hard constraints are legitimate when they protect users, agents, work products,
@@ -165,6 +172,12 @@ KFD-1 protects the fact-source layer. KFD-2 protects the trust layer. KFD-3
165
172
  protects the relationship with the intelligent participant who must decide
166
173
  whether the offered value is trustworthy enough to walk that path.
167
174
 
175
+ In machine-readable profiles, this means KFD-3 collaboration interfaces should
176
+ not merely list surfaces and constraints. They should also declare value
177
+ evidence that can be evaluated through the KFD-2 trust model. KFD-2 can then
178
+ say which parts are machine-checkable, which parts remain semantic residual
179
+ risk, and what an agent should do next.
180
+
168
181
  ## Implementation case: the KFD package
169
182
 
170
183
  The `@kungfu-tech/kfd` npm package is a self-proof case for this principle.
@@ -172,7 +185,10 @@ Its README gives humans and agents the same quickstart path. `standards.json`
172
185
  gives stable standard identity, schema IDs, and concept names. The KFD-3
173
186
  schemas define collaboration interfaces, witnesses, and extension requests, so
174
187
  an agent can discover both the valid interface and the standard path for asking
175
- to extend it.
188
+ to extend it. The KFD-3 collaboration interface also declares value evidence
189
+ that points to KFD-owned facts, package surfaces, and the KFD-2 generic trust
190
+ assessment, so an agent can inspect why KFD's claimed value is trustable before
191
+ cooperating.
176
192
 
177
193
  For example, if an agent needs a KFD-2 trust-taxonomy value that does not
178
194
  exist, the KFD-3 collaboration path is not hidden maintainer pressure or local
@@ -0,0 +1,37 @@
1
+ # KFD-1 Implementation Notes
2
+
3
+ KFD-1 defines the fact-source rule: facts must not drift. This page is the
4
+ package implementation note for machine consumers and release systems. The
5
+ authoritative decision text remains `decisions/KFD-1.md`.
6
+
7
+ ## Package Surfaces
8
+
9
+ The KFD package implements KFD-1 through a declared contract world:
10
+
11
+ - `standards.json#/standards/kfd-1/surfaceRegister` is the package-owned
12
+ surface register.
13
+ - `schemas/kfd-1/contract-world.schema.json` defines the contract-world schema.
14
+ - `schemas/kfd-1/witness.schema.json` defines the witness schema.
15
+ - `.buildchain/kfd-1/contract-world.witness.json` projects registered surfaces,
16
+ source hashes, artifact hashes, surface classes, and impact projections.
17
+ - `scripts/check.mjs` verifies the register, schema enums, witness hashes, and
18
+ surface projection.
19
+
20
+ ## Compatibility Impact Core
21
+
22
+ KFD-1 uses four generic compatibility-impact classes:
23
+
24
+ - `breaking`
25
+ - `additive`
26
+ - `none`
27
+ - `unclassifiable`
28
+
29
+ Release versioning is only one projection of those classes. Other domains can
30
+ project the same core into config migration, ABI epochs, API namespaces,
31
+ runtime compatibility bridges, or workflow gates.
32
+
33
+ ## Dogfood Role
34
+
35
+ This package uses KFD-1 on itself. New public package surfaces should be added
36
+ to `standards.json#/standards/kfd-1/surfaceRegister`, then projected into the
37
+ KFD-1 witness by `node scripts/update-kfd-1-witness.mjs`.
@@ -0,0 +1,123 @@
1
+ # KFD-2 Trust Assessment Metadata
2
+
3
+ KFD-2 says that trust must start from inspectable facts and responsibility
4
+ state. A product must not ask users or agents to trust load-bearing claims only
5
+ because they appear in prose, changelogs, repository history, generated UI, or
6
+ maintainer reputation.
7
+
8
+ This package defines KFD-owned machine interfaces for the generic trust model:
9
+
10
+ - `schemas/kfd-2/trust-taxonomy.schema.json`: the KFD-owned taxonomy for
11
+ residual-risk types, trust impact, machine provability, agent actions, and
12
+ downgrade reasons.
13
+ - `schemas/kfd-2/trust-claims.schema.json`: the generic claim input shape for
14
+ KFD-2 assessment. Claims may target KFD standards, contract worlds,
15
+ collaboration interfaces, observer perspectives, releases, config, APIs,
16
+ ABIs, runtime facts, documentation, or other product surfaces.
17
+ - `schemas/kfd-2/trust-assessment.schema.json`: the generic assessment output
18
+ shape that records result, checked facts, evidence, audit boundary,
19
+ responsibility, residual risk, and downgrade reasons.
20
+ - `schemas/kfd-2/release-claims.schema.json`: the product's declared public
21
+ release claims, as a release-specific projection.
22
+ - `schemas/kfd-2/release-trust-passport.schema.json`: the verifier's result
23
+ after auditing release claims against evidence.
24
+
25
+ The generic flow is:
26
+
27
+ ```text
28
+ trust claims -> evidence audit -> trust assessment -> product or release gate
29
+ ```
30
+
31
+ The intended Buildchain flow is:
32
+
33
+ ```text
34
+ release claims -> evidence audit -> release trust passport -> release passport
35
+ ```
36
+
37
+ Release trust passports are one projection of KFD-2, not the whole KFD-2 model.
38
+ Each claim should declare the statement being made, the subject of the claim,
39
+ the facts it binds to, machine-readable evidence, the audit boundary, residual
40
+ risk, and responsibility state. A trust assessment or release trust passport
41
+ then records whether each claim is bound to evidence, which evidence was
42
+ checked, what the result was, and who owns the decision.
43
+
44
+ ## Generic Trust Claims
45
+
46
+ The generic claim model exists so KFD-2 can assess KFD-1, KFD-3, KFD-4, and
47
+ future KFDs through one structure instead of inventing a new evaluator for each
48
+ standard.
49
+
50
+ A generic claim identifies:
51
+
52
+ - `subject`: what the claim is about, such as `contract-world`,
53
+ `collaboration-interface`, `observer-perspective`, `release`, `config`,
54
+ `api`, `abi`, `gui-surface`, or `runtime-fact`;
55
+ - `facts`: the inspectable fact sources the claim binds to;
56
+ - `evidence`: the files, schemas, witnesses, commands, artifacts, URLs, or
57
+ manual-review records used to evaluate the claim;
58
+ - `auditBoundary`: what the assessment covers and whether the surface is
59
+ closed-world, declared-open, sampled, or manual;
60
+ - `responsibility`: who owns source facts, verification, and the decision;
61
+ - `residualRisk`: KFD-2 taxonomy values for what remains unproved.
62
+
63
+ The KFD package dogfoods this through:
64
+
65
+ ```text
66
+ .buildchain/kfd-2/kfd-foundation.trust-claims.json
67
+ .buildchain/kfd-2/kfd-foundation.trust-assessment.json
68
+ ```
69
+
70
+ Those files assess KFD-1's contract-world claim, KFD-3's
71
+ collaboration-interface claim, and KFD-4's observer-perspective claim. KFD-3
72
+ currently receives a warning result because its machine-checkable interface
73
+ still carries natural-language semantic residual risk.
74
+
75
+ ## Trust Taxonomy
76
+
77
+ KFD-2 owns the vocabulary for residual risks and trust downgrades. A product,
78
+ release tool, or agent must not invent new residual-risk values locally and
79
+ still claim KFD-2 conformance. Unknown values fail schema validation.
80
+
81
+ The current taxonomy is published in
82
+ `schemas/kfd-2/trust-taxonomy.schema.json`. It defines:
83
+
84
+ - `riskType`: what kind of trust gap remains;
85
+ - `trustImpact`: whether the gap is informational, downgraded, failing, or
86
+ unverifiable;
87
+ - `machineProvability`: whether the gap can be fully proved by machine;
88
+ - `agentAction`: what an agent should do next;
89
+ - `downgradeReason`: how a verifier maps residual risk into a release trust
90
+ result.
91
+
92
+ If an agent needs a KFD-2 value that is not present, the standard extension
93
+ path is to open an issue in the KFD repository:
94
+
95
+ ```text
96
+ https://github.com/kungfu-systems/kfd/issues/new?title=KFD-2%20trust%20taxonomy%20extension%20request
97
+ ```
98
+
99
+ The issue should state the missing value, the field it belongs to, the product
100
+ or release scenario that needs it, and why existing values cannot express the
101
+ case. Until KFD accepts the new value into the taxonomy schema, consumers
102
+ should treat the value as invalid rather than as a soft warning.
103
+
104
+ ## Interface Versioning
105
+
106
+ KFD package semver is only the distribution version. It is not the version of a
107
+ KFD-owned machine interface.
108
+
109
+ Every KFD-owned machine interface uses:
110
+
111
+ - `schemaVersion`: the interface version consumed by tools.
112
+ - `contract`: the stable contract name, such as `kfd-2-release-claims`.
113
+ - `$id`: the canonical schema URL for the current stable interface.
114
+
115
+ Compatible additions may keep `schemaVersion: 1`. A change that alters required
116
+ fields, field semantics, verification meaning, audit boundary semantics, or
117
+ responsibility semantics must not silently reuse the same interface contract.
118
+ It must introduce a new interface version or, when the standard itself changes,
119
+ a new KFD decision or amendment path.
120
+
121
+ The same rule applies to KFD-1 and KFD-3 schemas. Their current schemas already
122
+ carry `schemaVersion: 1` and a `contract` value; this document makes the
123
+ evolution rule explicit across the KFD package.
@@ -32,6 +32,8 @@ A product collaboration interface should identify:
32
32
  interface;
33
33
  - participant-visible surfaces, such as CLI commands, JSON APIs, manuals,
34
34
  skills, GUI routes, envelopes, packages, or protocols;
35
+ - value evidence that binds important participant-facing value claims to facts,
36
+ artifacts, checks, trust assessments, and residual-risk state;
35
37
  - visible constraints, including what is restricted, why, and where review or
36
38
  escalation happens;
37
39
  - choice paths that let participants choose or decline safe cooperation modes;
@@ -44,6 +46,25 @@ closed-world proof reports reachable entrypoints, classified entrypoints, and
44
46
  an empty `unclassifiedEntrypoints` list. This prevents a product from exposing
45
47
  a participant-facing or callable backdoor API outside the declared interface.
46
48
 
49
+ ## Value Evidence
50
+
51
+ KFD-3 does not treat value as a marketing claim. A collaboration interface
52
+ should state the value a participant is being asked to trust, then point to the
53
+ facts and evidence that make that value inspectable.
54
+
55
+ Each `valueEvidence` entry should identify:
56
+
57
+ - the value claim;
58
+ - the participants who depend on it;
59
+ - the fact artifacts that define the claim;
60
+ - the evidence artifacts or checks that show those facts are present;
61
+ - a KFD-2 trust assessment or residual-risk state when the claim cannot be
62
+ exhaustively proved by machine.
63
+
64
+ This is the engineering bridge between KFD-2 and KFD-3. KFD-2 explains how
65
+ trust is assessed from facts. KFD-3 explains how that assessed value is exposed
66
+ to participants before cooperation is requested.
67
+
47
68
  ## Product profile boundary
48
69
 
49
70
  Concrete product profiles may add their own contracts, registry fields, command
@@ -0,0 +1,31 @@
1
+ # KFD-4 Implementation Notes
2
+
3
+ KFD-4 defines the observer-perspective rule: timelines must declare their
4
+ observer. This page is the package implementation note for machine consumers
5
+ and products that show perspective-bearing timelines. The authoritative
6
+ decision text remains `decisions/KFD-4.md`.
7
+
8
+ ## Package Surface
9
+
10
+ The KFD package implements KFD-4 through:
11
+
12
+ - `decisions/KFD-4.md`: the authoritative procedure text.
13
+ - `schemas/kfd-4/observer-perspective.schema.json`: the KFD-owned schema for
14
+ observer-relative timeline views.
15
+ - `standards.json#/standards/kfd-4`: metadata that exposes the schema ID, schema
16
+ path, interface contract, and concept names.
17
+ - `scripts/check.mjs`: verification that KFD-4 metadata and schema remain
18
+ wired into the package.
19
+
20
+ ## When To Use The Gate
21
+
22
+ Use KFD-4 when a product surface represents time, history, replay, sync,
23
+ ordering, or mixed-source work state. A product that does not present a
24
+ perspective-bearing timeline does not need a KFD-4 gate.
25
+
26
+ ## Trust Relation
27
+
28
+ KFD-4 claims can be assessed by KFD-2. The KFD package does this through
29
+ `.buildchain/kfd-2/kfd-foundation.trust-claims.json` and
30
+ `.buildchain/kfd-2/kfd-foundation.trust-assessment.json`, where KFD-4 is
31
+ assessed as an `observer-perspective` subject.
package/docs/MAP.md CHANGED
@@ -6,24 +6,30 @@
6
6
  | What is the KFD-1/2/3 foundation triad? | [`../README.md`](../README.md#foundation-triad) |
7
7
  | What worldview structure does the foundation triad express? | [`../README.md`](../README.md#foundation-model) |
8
8
  | What practice guidelines are derived from the foundation triad? | [`../README.md`](../README.md#practice-guidelines) |
9
- | How should a product show timeline order from a declared perspective? | [KFD-4](../decisions/kfd-4.md) |
9
+ | How should a product show timeline order from a declared perspective? | [KFD-4](../decisions/KFD-4.md) |
10
10
  | What schema should products use for KFD-4 observer-relative timeline views? | [`../schemas/kfd-4/observer-perspective.schema.json`](../schemas/kfd-4/observer-perspective.schema.json) |
11
+ | What are the package implementation notes for KFD-1? | [`KFD-1-usage.md`](KFD-1-usage.md) |
12
+ | What are the package implementation notes for KFD-2? | [`KFD-2-usage.md`](KFD-2-usage.md) |
13
+ | What are the package implementation notes for KFD-3? | [`KFD-3-usage.md`](KFD-3-usage.md) |
14
+ | What are the package implementation notes for KFD-4? | [`KFD-4-usage.md`](KFD-4-usage.md) |
11
15
  | How should an agent quickly understand this package? | [`../README.md`](../README.md#agent-quickstart) |
12
16
  | What is the concrete self-proof case for KFD-1/2/3/4? | [`../README.md`](../README.md#product-proof-path) and the implementation case in each KFD |
13
17
  | Where is the public KFD fact source? | [`../README.md`](../README.md#decision-metadata) and [`../site/kfd-site.json`](../site/kfd-site.json) decision metadata |
14
18
  | What does Apache-2.0 cover, and what remains official/trademark-bound? | [`../TRADEMARKS.md`](../TRADEMARKS.md) |
15
19
  | What should a site renderer consume to render `kfd.libkungfu.dev`? | [`../site/kfd-site.json`](../site/kfd-site.json) |
16
- | What is the top-level product accountability principle? | [KFD-2](../decisions/kfd-2.md) |
17
- | What stance should products take toward humans and agents as reasoning participants? | [KFD-3](../decisions/kfd-3.md) |
18
- | What schema should products use for KFD-3 participant-facing collaboration interfaces? | [`kfd-3-collaboration-interface.md`](kfd-3-collaboration-interface.md) |
19
- | What should an agent do when a needed KFD-2 trust taxonomy value is missing? | [`kfd-2-release-trust.md`](kfd-2-release-trust.md#trust-taxonomy) — open a KFD GitHub issue |
20
+ | How should a site map decision pages to usage subpages? | [`../site/kfd-site.json`](../site/kfd-site.json) — `decisionPages.usagePages` maps `/N` to `/N/usage` |
21
+ | What is the top-level product accountability principle? | [KFD-2](../decisions/KFD-2.md) |
22
+ | What stance should products take toward humans and agents as reasoning participants? | [KFD-3](../decisions/KFD-3.md) |
23
+ | What schema should products use for KFD-3 participant-facing collaboration interfaces? | [`KFD-3-usage.md`](KFD-3-usage.md) |
24
+ | What schema should a product or agent use for generic KFD-2 trust assessment? | [`KFD-2-usage.md`](KFD-2-usage.md#generic-trust-claims) |
25
+ | What should an agent do when a needed KFD-2 trust taxonomy value is missing? | [`KFD-2-usage.md`](KFD-2-usage.md#trust-taxonomy) — open a KFD GitHub issue |
20
26
  | What does a specific decision say? | [`../decisions/`](../decisions) (index: [`../registry.json`](../registry.json)) |
21
27
  | What machine metadata should Buildchain or another consumer import for KFD standard identity and schema IDs? | [`../standards.json`](../standards.json) |
22
28
  | What schema validates the standards metadata surface? | [`../schemas/kfd-standards.schema.json`](../schemas/kfd-standards.schema.json) |
23
- | What schema should release systems use for KFD-2 release claims and trust passports? | [`kfd-2-release-trust.md`](kfd-2-release-trust.md) |
29
+ | What schema should release systems use for KFD-2 release claims and trust passports? | [`KFD-2-usage.md`](KFD-2-usage.md) — release passports are a KFD-2 projection |
24
30
  | How do I cite a decision? | [`../README.md`](../README.md) — cite by number, e.g. `KFD-1` |
25
31
  | How do decisions change over time? | [`../CONTRIBUTING.md`](../CONTRIBUTING.md) — append-only; explicit supersession mints a new number |
26
- | How is this package versioned and released? | [KFD-1](../decisions/kfd-1.md) applied to itself; Buildchain governs releases |
32
+ | How is this package versioned and released? | [KFD-1](../decisions/KFD-1.md) applied to itself; Buildchain governs releases |
27
33
  | What release impact ledger should Buildchain consume for production passports? | [`../release-impact.json`](../release-impact.json) |
28
34
  | What release provenance path must alpha promotion use? | [`release-governance.md`](release-governance.md) |
29
35
  | How do I verify registry/document agreement? | `node scripts/check.mjs` |
package/kfd.release.json CHANGED
@@ -4,7 +4,7 @@
4
4
  "line": "v1.0",
5
5
  "channel": "alpha",
6
6
  "npmPackage": "@kungfu-tech/kfd",
7
- "npmVersion": "1.0.0-alpha.19",
7
+ "npmVersion": "1.0.0-alpha.20",
8
8
  "source": {
9
9
  "repository": "kungfu-systems/kfd",
10
10
  "branch": "alpha/v1/v1.0"
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@kungfu-tech/kfd",
3
- "version": "1.0.0-alpha.19",
3
+ "version": "1.0.0-alpha.20",
4
4
  "description": "Kung Fu Decisions (KFD): the kungfu-systems organization-wide decision registry, as a consumable artifact",
5
5
  "license": "Apache-2.0",
6
6
  "files": [
@@ -35,6 +35,8 @@
35
35
  "./scripts/*.mjs": "./scripts/*.mjs",
36
36
  "./buildchain/kfd-1/contract-world.witness.json": "./.buildchain/kfd-1/contract-world.witness.json",
37
37
  "./buildchain/kfd-2/public-release-trust.claim.json": "./.buildchain/kfd-2/public-release-trust.claim.json",
38
+ "./buildchain/kfd-2/kfd-foundation.trust-claims.json": "./.buildchain/kfd-2/kfd-foundation.trust-claims.json",
39
+ "./buildchain/kfd-2/kfd-foundation.trust-assessment.json": "./.buildchain/kfd-2/kfd-foundation.trust-assessment.json",
38
40
  "./buildchain/kfd-3/collaboration-interface.json": "./.buildchain/kfd-3/collaboration-interface.json",
39
41
  "./buildchain/kfd-3/collaboration-interface.prebuild.json": "./.buildchain/kfd-3/collaboration-interface.prebuild.json",
40
42
  "./buildchain/kfd-3/collaboration-interface.artifact.json": "./.buildchain/kfd-3/collaboration-interface.artifact.json",
package/registry.json CHANGED
@@ -9,7 +9,7 @@
9
9
  "title": "Facts must not drift: contract worlds need one fact source",
10
10
  "kind": "procedure",
11
11
  "status": "active",
12
- "path": "decisions/kfd-1.md",
12
+ "path": "decisions/KFD-1.md",
13
13
  "url": "https://kfd.libkungfu.dev/1"
14
14
  },
15
15
  {
@@ -19,7 +19,7 @@
19
19
  "title": "Trust must start from facts: responsibility must be inspectable",
20
20
  "kind": "principle",
21
21
  "status": "active",
22
- "path": "decisions/kfd-2.md",
22
+ "path": "decisions/KFD-2.md",
23
23
  "url": "https://kfd.libkungfu.dev/2"
24
24
  },
25
25
  {
@@ -29,7 +29,7 @@
29
29
  "title": "Cooperation must start from trusted value: compliance must not be coerced",
30
30
  "kind": "principle",
31
31
  "status": "active",
32
- "path": "decisions/kfd-3.md",
32
+ "path": "decisions/KFD-3.md",
33
33
  "url": "https://kfd.libkungfu.dev/3"
34
34
  },
35
35
  {
@@ -39,7 +39,7 @@
39
39
  "title": "Timelines must declare their observer: useful views need a stated perspective",
40
40
  "kind": "procedure",
41
41
  "status": "active",
42
- "path": "decisions/kfd-4.md",
42
+ "path": "decisions/KFD-4.md",
43
43
  "url": "https://kfd.libkungfu.dev/4"
44
44
  }
45
45
  ]
@@ -8,8 +8,8 @@
8
8
  },
9
9
  "versionImpact": {
10
10
  "final": "minor",
11
- "source": "kfd-surface-register",
12
- "rationale": "This change additively registers KFD-owned standards metadata, the KFD-2 trust taxonomy, KFD-2 release trust schemas, KFD-3 collaboration-interface schemas, KFD-3 self-verification witnesses, KFD-4 observer-perspective schema, KFD-1 document/interface integrity bindings, and the README-backed KFD site homepage projection while keeping existing registry and decision surfaces compatible."
11
+ "source": "kfd-site-decision-usage-pages",
12
+ "rationale": "This change additively exposes decision usage subpage mapping in the KFD site bundle, while preserving existing registry, package, and schemaVersion 1 compatibility."
13
13
  },
14
14
  "surfaceImpacts": [
15
15
  {
@@ -28,13 +28,13 @@
28
28
  "id": "kfd-standards-metadata",
29
29
  "impact": "minor",
30
30
  "class": "additive",
31
- "rationale": "standards.json and schemas/ add the KFD-2 trust-taxonomy schema ID, release-claims and release-trust-passport schema IDs, explicit KFD-1/2/3/4 interface versions, KFD-4 observer-perspective schema metadata, KFD document SHA-256 bindings, KFD-owned concept names, KFD-3 fact-source interface metadata, and official-status interface metadata for downstream consumers."
31
+ "rationale": "standards.json and schemas/ add the KFD-2 trust-taxonomy, trust-claims, trust-assessment, release-claims, and release-trust-passport schema IDs, explicit KFD-1/2/3/4 interface versions, KFD-4 observer-perspective schema metadata, KFD document SHA-256 bindings, KFD-owned concept names, KFD-3 fact-source interface metadata, and official-status interface metadata for downstream consumers."
32
32
  },
33
33
  {
34
34
  "id": "kfd-package-structure",
35
35
  "impact": "minor",
36
36
  "class": "additive",
37
- "rationale": "The npm package now publishes the KFD-2 trust taxonomy, KFD-2 schemas, KFD-2 documentation, KFD-3 self collaboration-interface witnesses, KFD-4 observer-perspective schema, TRADEMARKS.md, public fact-source metadata, agent quickstart/self-proof documentation, Buildchain contract lock metadata, and repository verification scripts through existing schemas/, docs/, standards.json, site/, scripts/, .buildchain/, and subpath exports while preserving existing README.md, decisions/, registry.json, and site/ paths."
37
+ "rationale": "The npm package now publishes the KFD-2 trust taxonomy, generic trust claims, generic trust assessment, release trust schemas, KFD usage documentation, KFD-3 self collaboration-interface witnesses, KFD-4 observer-perspective schema, TRADEMARKS.md, public fact-source metadata, agent quickstart/self-proof documentation, Buildchain contract lock metadata, and repository verification scripts through existing schemas/, docs/, standards.json, site/, scripts/, .buildchain/, and subpath exports while preserving README.md, decisions/, registry.json, and site/ as stable directories."
38
38
  },
39
39
  {
40
40
  "id": "kfd-buildchain-contract-lock",
@@ -48,18 +48,42 @@
48
48
  "class": "additive",
49
49
  "rationale": "site/kfd-site.json now exposes generated README-backed homepage.sections and homepage.displayPlan fields, including the adoption-boundary and practice-guidelines homepage sections, and scripts/check.mjs verifies the checked-in bundle matches the README projection so downstream sites can render KFD-owned homepage content without maintaining their own README parser or drifting copy."
50
50
  },
51
+ {
52
+ "id": "kfd-site-decision-usage-pages",
53
+ "impact": "minor",
54
+ "class": "additive",
55
+ "rationale": "site/kfd-site.json now exposes decisionPages.usagePages, mapping each authoritative KFD decision page to its docs/KFD-N-usage.md child page and stable /N/usage route."
56
+ },
51
57
  {
52
58
  "id": "kfd-3-self-collaboration",
53
59
  "impact": "minor",
54
60
  "class": "release-passport",
55
61
  "rationale": "KFD now declares its own participant-facing collaboration interface and ships pre-build plus artifact-side KFD-3 witnesses so Buildchain can audit interface closure in the release passport."
56
62
  },
63
+ {
64
+ "id": "kfd-3-trusted-value-evidence",
65
+ "impact": "minor",
66
+ "class": "additive",
67
+ "rationale": "KFD-3 collaboration interfaces now declare explicit valueEvidence that binds participant-facing value claims to fact artifacts, evidence artifacts, KFD-2 trust assessments, and residual-risk state."
68
+ },
57
69
  {
58
70
  "id": "kfd-2-public-release-trust-claim",
59
71
  "impact": "minor",
60
72
  "class": "release-passport",
61
73
  "rationale": "KFD now ships an explicit machine-bound public KFD-2 release trust claim and passes it into Buildchain release passport generation."
62
74
  },
75
+ {
76
+ "id": "kfd-2-generic-trust-assessment-core",
77
+ "impact": "minor",
78
+ "class": "additive",
79
+ "rationale": "KFD-2 now publishes generic trust-claims and trust-assessment schemas and dogfoods them through KFD-owned assessment files that evaluate KFD-1 contract-world, KFD-3 collaboration-interface, and KFD-4 observer-perspective claims."
80
+ },
81
+ {
82
+ "id": "kfd-numbered-paths",
83
+ "impact": "minor",
84
+ "class": "compatible",
85
+ "rationale": "Decision documents now use stable numbered paths under decisions/KFD-N.md, while usage documentation uses docs/KFD-N-usage.md to distinguish authoritative decision text from consumer implementation notes."
86
+ },
63
87
  {
64
88
  "id": "kfd-release-anchor",
65
89
  "impact": "minor",
@@ -71,7 +95,19 @@
71
95
  "impact": "patch",
72
96
  "class": "compatible",
73
97
  "rationale": "The KFD to site-libkungfu-dev propagation graph now targets the downstream site's actual main branch and documents the exact KFD package surfaces consumed by kfd.libkungfu.dev, without changing the release propagation graph contract."
98
+ },
99
+ {
100
+ "id": "kfd-1-compatibility-impact-core",
101
+ "impact": "minor",
102
+ "class": "additive",
103
+ "rationale": "KFD-1 now defines breaking, additive, none, and unclassifiable as the generic compatibility-impact core, with release versioning as one projection rather than the only interpretation."
104
+ },
105
+ {
106
+ "id": "kfd-1-surface-register",
107
+ "impact": "minor",
108
+ "class": "additive",
109
+ "rationale": "standards.json now publishes the KFD package surface register as the KFD-1 fact source, and the KFD-1 witness projects each registered surface class and impact projection from that fact source."
74
110
  }
75
111
  ],
76
- "summary": "KFD v1.0 production promotion is minor-impact because it additively exposes KFD-2 trust taxonomy and release trust metadata, KFD-1/2/3/4 interface version metadata, KFD-3 self-verification witnesses, KFD-4 observer-perspective schema, Buildchain contract lock metadata, document integrity bindings, a README-backed homepage bundle/display plan, and a corrected site release-propagation target for Buildchain and other consumers; existing registry, decision text, site bundle, and propagation graph contracts remain compatible."
112
+ "summary": "KFD v1.0 production promotion is minor-impact because it additively exposes decision usage subpage mapping in the site bundle, preserves existing package and schemaVersion 1 compatibility, and separates authoritative decision paths from numbered usage documentation."
77
113
  }