npm - @nimiplatform/nimi-coding - Versions diffs - 0.1.0 → 0.2.1 - Mend

@nimiplatform/nimi-coding 0.1.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (126) hide show

package/CHANGELOG.md +19 -0
package/CODE_OF_CONDUCT.md +28 -0
package/CONTRIBUTING.md +45 -0
package/README.md +371 -344
package/README.zh-CN.md +307 -0
package/SECURITY.md +26 -0
package/adapters/oh-my-codex/README.md +8 -9
package/cli/commands/audit-sweep.mjs +10 -10
package/cli/commands/classify-spec-tree.mjs +5 -0
package/cli/commands/closeout.mjs +3 -0
package/cli/commands/generate-spec-derived-docs.mjs +20 -0
package/cli/commands/generate-spec-migration-plan.mjs +30 -0
package/cli/commands/start.mjs +5 -1
package/cli/commands/surface-validator-command.mjs +49 -0
package/cli/commands/sweep-design.mjs +295 -0
package/cli/commands/sweep.mjs +22 -0
package/cli/commands/sync.mjs +132 -0
package/cli/commands/topic-formatters.mjs +8 -8
package/cli/commands/validate-ai-governance.mjs +167 -46
package/cli/commands/validate-domain-admission.mjs +5 -0
package/cli/commands/validate-guidance-bodies.mjs +5 -0
package/cli/commands/validate-placement.mjs +5 -0
package/cli/commands/validate-projection-edges.mjs +5 -0
package/cli/commands/validate-spec-audit.mjs +5 -1
package/cli/commands/validate-table-family.mjs +5 -0
package/cli/commands/validate-tracked-output-admission.mjs +5 -0
package/cli/constants.mjs +5 -49
package/cli/help.mjs +33 -11
package/cli/index.mjs +20 -2
package/cli/lib/audit-sweep-runtime/admissions.mjs +38 -29
package/cli/lib/audit-sweep-runtime/audit-validity.mjs +8 -0
package/cli/lib/audit-sweep-runtime/chunks.mjs +11 -11
package/cli/lib/audit-sweep-runtime/closeout.mjs +8 -8
package/cli/lib/audit-sweep-runtime/codex-auditor-evidence.mjs +3 -3
package/cli/lib/audit-sweep-runtime/codex-auditor.mjs +10 -10
package/cli/lib/audit-sweep-runtime/common.mjs +7 -7
package/cli/lib/audit-sweep-runtime/format.mjs +3 -3
package/cli/lib/audit-sweep-runtime/ingest.mjs +8 -8
package/cli/lib/audit-sweep-runtime/inventory-spec-chunks.mjs +24 -27
package/cli/lib/audit-sweep-runtime/inventory.mjs +58 -18
package/cli/lib/audit-sweep-runtime/ledger.mjs +1 -1
package/cli/lib/audit-sweep-runtime/p0p1-profile.mjs +2 -2
package/cli/lib/audit-sweep-runtime/remediation.mjs +6 -6
package/cli/lib/audit-sweep-runtime/rerun.mjs +6 -6
package/cli/lib/audit-sweep-runtime/status.mjs +1 -1
package/cli/lib/audit-sweep-runtime/validators.mjs +2 -2
package/cli/lib/authority-convergence.mjs +397 -2
package/cli/lib/blueprint-audit.mjs +5 -5
package/cli/lib/closeout.mjs +126 -3
package/cli/lib/contracts.mjs +21 -17
package/cli/lib/handoff.mjs +29 -11
package/cli/lib/high-risk-admission.mjs +60 -11
package/cli/lib/high-risk-decision.mjs +31 -2
package/cli/lib/high-risk-ingest.mjs +5 -1
package/cli/lib/high-risk-review.mjs +5 -1
package/cli/lib/internal/contracts-parse.mjs +195 -24
package/cli/lib/internal/contracts-validators.mjs +3 -2
package/cli/lib/internal/doctor-bootstrap-surface.mjs +82 -35
package/cli/lib/internal/doctor-delegated-surface.mjs +1 -1
package/cli/lib/internal/doctor-finalize.mjs +12 -8
package/cli/lib/internal/doctor-inspectors.mjs +34 -1
package/cli/lib/internal/governance/ai/ai-context-budget-core.mjs +74 -12
package/cli/lib/internal/governance/ai/ai-structure-budget-core.mjs +24 -6
package/cli/lib/internal/governance/ai/check-agents-freshness.mjs +18 -23
package/cli/lib/internal/surface-taxonomy-validators.mjs +931 -0
package/cli/lib/internal/validators-spec.mjs +229 -20
package/cli/lib/sweep-design-runtime/common.mjs +246 -0
package/cli/lib/sweep-design-runtime/engine.mjs +733 -0
package/cli/lib/sweep-design-runtime/fix-topic.mjs +414 -0
package/cli/lib/sweep-design-runtime/lifecycle.mjs +54 -0
package/cli/lib/sweep-design-runtime/results.mjs +324 -0
package/cli/lib/sweep-design.mjs +8 -0
package/cli/lib/sync.mjs +143 -0
package/cli/lib/topic-artifacts.mjs +186 -0
package/cli/lib/topic-authority-coverage.mjs +73 -0
package/cli/lib/topic-closeout.mjs +560 -0
package/cli/lib/topic-common.mjs +404 -0
package/cli/lib/topic-decisions.mjs +332 -0
package/cli/lib/topic-draft-packets.mjs +126 -7
package/cli/lib/topic-execution.mjs +515 -0
package/cli/lib/topic-goal.mjs +112 -33
package/cli/lib/topic-ledger.mjs +281 -0
package/cli/lib/topic-lifecycle-artifacts.mjs +173 -0
package/cli/lib/topic-root-validation.mjs +288 -0
package/cli/lib/topic-runner-commands.mjs +174 -0
package/cli/lib/topic-runner-deferral.mjs +532 -0
package/cli/lib/topic-runner-stale-gates.mjs +114 -0
package/cli/lib/topic-runner-validation.mjs +138 -0
package/cli/lib/topic-runner.mjs +109 -154
package/cli/lib/topic-scaffold.mjs +252 -0
package/cli/lib/topic-waves.mjs +403 -0
package/cli/lib/topic.mjs +81 -93
package/cli/lib/value-helpers.mjs +6 -1
package/cli/seeds/bootstrap.mjs +96 -20
package/cli/seeds/seed-policy.yaml +67 -0
package/config/bootstrap.yaml +1 -1
package/config/skill-manifest.yaml +4 -2
package/config/spec-generation-inputs.yaml +41 -19
package/contracts/audit-remediation-map.schema.yaml +1 -0
package/contracts/audit-sweep-result.yaml +4 -0
package/contracts/domain-admission.schema.yaml +56 -0
package/contracts/migration-inventory.schema.yaml +80 -0
package/contracts/negative-fixtures.yaml +91 -0
package/contracts/placement-contract.schema.yaml +163 -0
package/contracts/projection-edge.schema.yaml +130 -0
package/contracts/shared-enums.yaml +68 -0
package/contracts/spec-generation-audit.schema.yaml +19 -4
package/contracts/spec-generation-inputs.schema.yaml +130 -29
package/contracts/spec-reconstruction-result.yaml +9 -5
package/contracts/surface-taxonomy.schema.yaml +201 -0
package/contracts/sweep-design-result.yaml +349 -0
package/contracts/table-family.schema.yaml +121 -0
package/contracts/topic-goal.schema.yaml +10 -1
package/contracts/tracked-output-admission.schema.yaml +70 -0
package/contracts/workflow-consumer.schema.yaml +112 -0
package/methodology/audit-sweep-p0p1-recall.yaml +1 -1
package/methodology/spec-reconstruction.yaml +53 -30
package/package.json +19 -4
package/spec/_meta/command-gating-matrix.yaml +33 -0
package/spec/_meta/generate-drift-migration-checklist.yaml +44 -62
package/spec/_meta/governance-routing-cutover-checklist.yaml +3 -3
package/spec/_meta/phase2-impacted-surface-matrix.yaml +14 -14
package/spec/_meta/spec-authority-cutover-readiness.yaml +3 -5
package/spec/_meta/spec-tree-model.yaml +104 -36
package/spec/bootstrap-state.yaml +36 -36
package/spec/product-scope.yaml +13 -10

package/contracts/sweep-design-result.yaml ADDED Viewed

@@ -0,0 +1,349 @@
+version: 2
+result_contract:
+  id: sweep_design_result
+  status: active_contract
+  canonical_entrypoint: "nimicoding sweep design"
+  owner: nimicoding/sweep-design
+artifact_root: ".nimi/local/sweep-design/<run-id>/"
+source_inputs:
+  - ".nimi/local/audit/evidence/<sweep-id>/findings.yaml"
+source_findings_policy: read_only_never_update_from_sweep_design
+source_input_policy:
+  - source_audit_findings_are_read_only
+  - source_findings_sha256_must_be_recorded_at_intake
+  - design_state_is_written_only_to_sweep_design_derived_artifacts
+canonical_runtime_phases:
+  - intake
+  - packet-build
+  - packet-build-batch
+  - auditor-prompt
+  - result-ingest
+  - ledger-validate
+  - finalize
+  - wave-plan
+retired_runtime_phases:
+  - confirm
+  - cluster
+  - fork-review
+  - plan
+  - preflight
+  - synthesize
+  - decide
+  - extra-audit
+artifact_kinds:
+  - name: inventory
+    kind: sweep-design-inventory
+    required_fields:
+      - run_id
+      - source_audit_sweep_id
+      - source_findings_ref
+      - source_findings_sha256
+      - source_findings_mutation_policy
+      - findings
+  - name: design_auditor_packet
+    kind: sweep-design-design-auditor-packet
+    required_fields:
+      - run_id
+      - packet_id
+      - source_audit_sweep_id
+      - included_finding_ids
+      - source_finding_refs
+      - related_finding_refs
+      - related_code_refs
+      - authority_refs
+      - prior_design_state_refs
+      - prior_design_state_marker
+      - revision_ledger_refs
+      - current_cluster_refs
+      - current_wave_refs
+      - explicit_questions
+      - expected_result_shape_ref
+      - evidence_gap_policy
+      - stop_conditions
+  - name: design_auditor_result
+    kind: sweep-design-design-auditor-result
+    required_fields:
+      - run_id
+      - packet_id
+      - result_id
+      - auditor
+      - auditor_family
+      - auditor_mode
+      - auditor_result_origin
+      - methodology_ref
+      - packet_ref
+      - session_ref
+      - transcript_ref
+      - llm_session_ref
+      - llm_transcript_ref
+      - llm_prompt_ref
+      - result_schema_version
+      - provenance
+      - evidence_read
+      - finding_outcomes
+      - cluster_changes
+      - wave_changes
+      - revision_entries
+      - human_decision_requests
+      - extra_audit_requests
+      - validation_recommendations
+      - closeout_recommendations
+      - rejection_status
+  - name: revision_ledger
+    kind: sweep-design-revision-ledger
+    required_fields:
+      - run_id
+      - ledger_id
+      - append_only
+      - entries
+      - ledger_snapshot_hash
+      - entries_root_hash
+      - previous_ledger_snapshot_hash
+  - name: revision_entry
+    kind: sweep-design-revision-entry
+    required_fields:
+      - revision_entry_id
+      - entry_index
+      - revision_type
+      - created_at
+      - previous_entry_hash
+      - entry_hash
+      - previous_artifact_refs
+      - replacement_artifact_refs
+      - affected_finding_ids
+      - affected_cluster_ids
+      - affected_wave_ids
+      - reason_code
+      - evidence_refs
+      - auditor_provenance
+      - human_gate_status
+      - projection_refs_changed
+  - name: decision_queue
+    kind: sweep-design-decision-queue
+  - name: auditor_prompt
+    kind: sweep-design-auditor-prompt
+    required_fields:
+      - run_id
+      - packet_id
+      - packet_ref
+      - expected_result_shape_ref
+      - required_result_origin
+      - synthetic_result_policy
+      - required_llm_provenance_fields
+      - task
+  - name: batch_manifest
+    kind: sweep-design-batch-manifest
+    required_fields:
+      - run_id
+      - manifest_id
+      - source_inventory_ref
+      - source_findings_ref
+      - source_findings_sha256
+      - batch_size
+      - packet_count
+      - packets
+      - generated_artifact_policy
+  - name: final_state_report
+    kind: sweep-design-final-state-report
+  - name: wave_plan
+    kind: sweep-design-wave-plan
+prior_design_state_marker_enum:
+  - empty
+  - present
+  - partial
+  - superseded_by_later_audit
+  - evidence_gap
+auditor_family_enum:
+  - anthropic_claude
+  - openai_gpt
+  - openai_codex
+  - google_gemini
+  - xai_grok
+  - meta_llama
+  - mistral
+  - other
+auditor_mode_enum:
+  - focused
+  - all
+  - degraded
+auditor_result_origin_enum:
+  - llm_session
+  - external_llm_session
+  - synthetic_trial
+llm_closeout_policy:
+  closeout_eligible_origins:
+    - llm_session
+    - external_llm_session
+  synthetic_trial_policy: allowed_only_with_explicit_flag_for_load_tests
+  synthetic_trial_must_not_satisfy_true_llm_closeout: true
+  llm_origins_require_fields:
+    - llm_session_ref
+    - llm_transcript_ref
+    - llm_prompt_ref
+revision_type_enum:
+  - finding_state_revision
+  - duplicate_judgement
+  - superseded_judgement
+  - cluster_create
+  - cluster_merge
+  - cluster_split
+  - cluster_retire
+  - cluster_reopen
+  - finding_move
+  - wave_create
+  - wave_merge
+  - wave_split
+  - wave_retract
+  - wave_demote
+  - wave_block
+  - wave_implementation_ready
+  - wave_dependency_rewrite
+  - wave_validation_or_closeout_strengthening
+  - decision_packet_create
+  - extra_audit_request_create
+  - extra_audit_request_close
+  - human_decision_request_create
+  - human_decision_request_resolve
+  - final_state_projection_update
+  - user_decision_queue_rewrite
+finding_lifecycle_states:
+  - raw
+  - confirmed
+  - needs_design
+  - duplicate
+  - superseded
+  - false_positive
+  - needs_more_audit
+  - needs_user_decision
+  - needs_authority_alignment
+  - ready_for_implementation_wave
+  - blocked
+transient_states:
+  - raw
+  - confirmed
+  - needs_design
+final_outcome_states:
+  - duplicate
+  - superseded
+  - false_positive
+  - needs_more_audit
+  - needs_user_decision
+  - needs_authority_alignment
+  - ready_for_implementation_wave
+  - blocked
+packet_input_floor:
+  source_finding_refs_min: 1
+  related_code_refs_min_unless:
+    authority_only_packet: 1
+  authority_refs_min_when:
+    authority_bearing_finding: 1
+  related_finding_refs_min_when_available: 3
+  prior_design_state_marker_required: true
+  prior_design_state_refs_empty_allowed_only_when_marker_empty: true
+  evidence_gap_result_required_when_any_material_input_missing: true
+required_final_outcome_provenance:
+  applies_to:
+    - ready_for_implementation_wave
+    - needs_user_decision
+    - needs_more_audit
+    - needs_authority_alignment
+    - blocked
+    - duplicate
+    - superseded
+    - false_positive
+  required_refs:
+    - design_auditor_packet_ref
+    - design_auditor_result_ref
+    - revision_ledger_entry_refs
+    - related_finding_ids_considered
+    - code_refs_considered
+    - authority_refs_considered
+  terminal_extra_requirements:
+    duplicate:
+      - canonical_finding_or_cluster_ref
+    superseded:
+      - superseding_finding_or_cluster_ref
+    false_positive:
+      - human_gate_ref
+  non_terminal_extra_requirements:
+    ready_for_implementation_wave:
+      - wave_id_ref
+      - preflight_ref
+      - validation_command_refs
+      - closeout_criteria_ref
+    needs_user_decision:
+      - decision_queue_item_ref
+      - decision_packet_ref
+      - recommended_decision
+      - queue_status
+      - blocked_downstream_wave_refs
+    needs_more_audit:
+      - extra_audit_request_ref
+    needs_authority_alignment:
+      - authority_convergence_ref
+    blocked:
+      - blocking_cause_refs
+  decision_outcome_policy:
+    accepted_or_closed_needs_user_decision_requires_human_gate_decision_ref: true
+required_wave_fields:
+  - wave_id
+  - scope
+  - owner_domain
+  - authority_owner
+  - dependencies
+  - preflight_ref
+  - non_goals
+  - validation_commands
+  - negative_checks
+  - drift_resistance_checks
+  - closeout_criteria
+  - source_design_packet_refs
+  - design_auditor_result_refs
+  - revision_ledger_entry_refs
+  - blocked_gate_refs
+  - merged_cluster_ids
+  - merged_root_cause_keys
+conditional_wave_fields:
+  consolidation_rationale_required_when: included_findings_or_clusters_count > 1
+  isolation_justification_required_when: included_findings_or_clusters_count == 1
+  not_applicable_value_allowed: "n/a"
+wave_authority_coverage:
+  authority_owner_must_cover_source_authority_refs: true
+  source_authority_ref_sources:
+    - authority_owner
+    - authority_refs
+    - authority_refs_considered
+    - path_like_merged_root_cause_keys
+  generated_fix_topic_packets_must_copy_union_to:
+    - authority_owner
+    - canonical_seams
+semantic_constraints:
+  - llm_auditor_judgement_is_required_for_material_findings
+  - deterministic_grouping_must_not_be_final_judgement
+  - projection_write_requires_same_ingest_revision_entry
+  - revision_ledger_is_append_only_and_hash_chained
+  - every_final_outcome_requires_packet_result_and_ledger_provenance
+  - raw_confirmed_and_needs_design_are_transient_only
+  - implementation_ready_wave_requires_non_empty_validation_commands
+  - source_findings_mutation_is_forbidden
+forbidden_contract_shortcuts:
+  - mechanical_classifier_as_final_judgement
+  - projection_write_without_revision_entry
+  - final_outcome_without_llm_packet_result_refs
+  - implementation_ready_wave_with_empty_validation_commands
+  - one_finding_per_wave_default_without_isolation_justification
+  - source_findings_mutation

package/contracts/table-family.schema.yaml ADDED Viewed

@@ -0,0 +1,121 @@
+version: 1
+contract:
+  id: nimicoding.table-family.v1
+  owner: nimi-coding
+  purpose: Require every kernel table to declare an allowed semantic family.
+required_top_level_fields:
+  - version
+  - table_family_enum
+  - table_family_required_fields
+  - forbidden_fields_by_authority_class
+  - semantic_constraints
+shared_enum_ref: shared-enums.yaml
+table_family_required_fields:
+  - table_family
+  - owner
+  - authority_class
+  - row_schema
+  - allowed_references
+  - forbidden_fields
+table_family_enum:
+  - closed_enum
+  - state_machine
+  - protocol_surface
+  - owner_matrix
+  - product_catalog
+  - gate_registry
+  - support_registry
+authority_class_enum:
+  - product_authority_table
+  - support_registry
+table_families:
+  - table_family: closed_enum
+    authority_class: product_authority_table
+    required_fields: [table_family, owner, enum_id, values]
+    allowed_fields: [description, authority_refs, value, label, semantics]
+    forbidden_fields: [done, covered, coverage_status, audit_date, evidence_report, current, proposed, backlog_status, migration_status, mapping_status, run_id, ledger_ref]
+  - table_family: state_machine
+    authority_class: product_authority_table
+    required_fields: [table_family, owner, machine_id, states, transitions]
+    allowed_fields: [description, authority_refs, state, transition, from, to, guard]
+    forbidden_fields: [done, covered, coverage_status, audit_date, evidence_report, current, proposed, backlog_status, migration_status, mapping_status, run_id, ledger_ref]
+  - table_family: protocol_surface
+    authority_class: product_authority_table
+    required_fields: [table_family, owner, protocol_id, surfaces]
+    allowed_fields: [description, authority_refs, event, rpc, field, reason_code]
+    forbidden_fields: [done, covered, coverage_status, audit_date, evidence_report, current, proposed, backlog_status, migration_status, mapping_status, run_id, ledger_ref]
+  - table_family: owner_matrix
+    authority_class: product_authority_table
+    required_fields: [table_family, owner, matrix_id, rows]
+    allowed_fields: [description, authority_refs, owner, responsibility, boundary]
+    forbidden_fields: [done, covered, coverage_status, audit_date, evidence_report, current, proposed, backlog_status, migration_status, mapping_status, run_id, ledger_ref]
+  - table_family: product_catalog
+    authority_class: product_authority_table
+    required_fields: [table_family, owner, catalog_id, entries]
+    allowed_fields: [description, authority_refs, id, name, semantics, owner]
+    forbidden_fields: [done, covered, coverage_status, audit_date, evidence_report, current, proposed, backlog_status, migration_status, mapping_status, run_id, ledger_ref]
+  - table_family: gate_registry
+    authority_class: product_authority_table
+    required_fields: [table_family, owner, registry_id, schema_version, registry_version, profile_id, tiers, targets, reason_codes, gates]
+    allowed_fields: [description, authority_refs, id, command, tier, target, prerequisite, evidence, blocker_semantics]
+    forbidden_fields: [done, covered, coverage_status, audit_date, evidence_report, current, proposed, backlog_status, migration_status, mapping_status, run_id, ledger_ref]
+  - table_family: support_registry
+    authority_class: support_registry
+    required_fields: [table_family, registry_id, owner, schema_ref, allowed_fields, forbidden_state_fields, entries]
+    allowed_fields: [authority_refs, command_refs, evidence_class, validation_scope, registry_owner]
+    forbidden_fields: [done, covered, coverage_status, audit_date, evidence_report, current, proposed, backlog_status, migration_status, mapping_status, run_id, ledger_ref]
+support_registry_shape:
+  required_fields:
+    - table_family
+    - registry_id
+    - owner
+    - schema_ref
+    - allowed_fields
+    - forbidden_state_fields
+  forbidden_state_fields:
+    - done
+    - covered
+    - coverage_status
+    - audit_date
+    - evidence_report
+    - current
+    - proposed
+    - backlog_status
+    - migration_status
+    - mapping_status
+    - run_id
+    - ledger_ref
+forbidden_fields_by_authority_class:
+  product_authority_table:
+    - done
+    - covered
+    - coverage_status
+    - audit_date
+    - evidence_report
+    - current
+    - proposed
+    - backlog_status
+    - migration_status
+    - mapping_status
+    - run_id
+    - ledger_ref
+  support_registry:
+    - done
+    - covered
+    - coverage_status
+    - audit_date
+    - evidence_report
+    - current
+    - proposed
+    - backlog_status
+    - migration_status
+    - mapping_status
+    - run_id
+    - ledger_ref
+semantic_constraints:
+  - kernel_tables_path_is_not_authority_without_table_family
+  - support_registry_may_register_evidence_commands_but_not_current_coverage
+  - lifecycle_state_and_audit_coverage_must_move_local
+  - unknown_table_family_fails_closed
+  - product_authority_table_rows_must_define_stable_product_facts
+  - release_gate_registry_must_use_gate_registry_family_not_closed_enum

package/contracts/topic-goal.schema.yaml CHANGED Viewed

@@ -1,6 +1,6 @@
 id: nimicoding.topic-goal.v1
 kind: topic-goal-readiness-result
-canonical_owner: nimi-coding/contracts/topic-goal.schema.yaml
+canonical_owner: .nimi/contracts/topic-goal.schema.yaml
 host_projection_ref: .nimi/contracts/topic-goal.schema.yaml
 projection_rule: host projection must be byte-aligned with this package contract
 output_contract:
@@ -13,6 +13,7 @@ output_contract:
     - profile
     - selected_next_target
     - selected_wave_id
+    - execution_start_wave_id
     - topic_state_hash
     - readiness
     - goal_command
@@ -22,6 +23,7 @@ output_contract:
     - refusal_reasons
   nullable:
     - selected_wave_id
+    - execution_start_wave_id
     - goal_command
 readiness_check_shape:
   required:
@@ -76,3 +78,10 @@ rules:
   - goal_command must be null whenever ok=false
   - topic-goal output is a projection and must not mutate topic state
   - host projection drift is a readiness refusal when the host projection exists
+  - topic goal is the bridge from accepted topic design into Codex /goal execution ownership
+  - topic goal targets topic completion, not selected-wave completion
+  - selected_wave_id and execution_start_wave_id are execution cursors only
+  - ordinary wave admission, preflight, implementation, validation, result recording, and closeout transitions are non-final
+  - /goal may complete only after all waves are terminal and topic true-close/closeout evidence is recorded
+  - preflight_admitted is an execution-stage wave state for topic goal because wave preflight is part of execution, not a separate human design phase
+  - candidate and preflight_draft wave states may be deterministic topic-runner cursors when selected_next_target is empty and dependencies are terminal

package/contracts/tracked-output-admission.schema.yaml ADDED Viewed

@@ -0,0 +1,70 @@
+version: 1
+contract:
+  id: nimicoding.tracked-output-admission.v1
+  owner: nimi-coding
+  purpose: Define the only allowed path for tracked non-product artifacts.
+required_top_level_fields:
+  - version
+  - admissions
+  - allowed_roots
+  - privacy_posture_enum
+  - semantic_constraints
+admission_required_fields:
+  - artifact_class
+  - root
+  - owner
+  - schema_ref
+  - privacy_posture
+  - retention
+  - regeneration_or_review_command
+  - drift_check_command
+  - forbidden_fields
+  - max_size_policy
+  - non_parallel_truth_basis
+shared_enum_ref: shared-enums.yaml
+artifact_class_enum:
+  - derived_manifest
+  - derived_summary
+  - state_manifest
+  - audit_index
+  - audit_summary
+  - roadmap_index
+  - roadmap_summary
+admissions: []
+allowed_roots:
+  - .nimi/derived/**
+  - .nimi/state/**
+  - .nimi/audit/**
+  - .nimi/roadmap/**
+privacy_posture_enum:
+  - non_private
+  - redacted
+retention_enum:
+  - compact_manifest
+  - compact_summary
+  - compact_index
+max_size_policy_required_fields:
+  - max_files
+  - max_bytes_per_file
+  - max_rows_per_file
+non_parallel_truth_basis_enum:
+  - indexes_authority_refs_without_rule_body
+  - summarizes_redacted_evidence_without_raw_payload
+  - records_regeneration_metadata_without_generated_body
+  - records_product_facing_roadmap_without_implementation_authority
+forbidden_fields:
+  - raw_audit_transcript
+  - private_prompt
+  - private_finding_detail
+  - product_rule_body
+  - package_methodology_body
+  - current_run_ledger
+  - raw_evidence_payload
+  - personal_or_secret_data
+semantic_constraints:
+  - tracked_non_product_roots_are_disabled_without_admission
+  - empty_admissions_means_all_tracked_non_product_roots_fail_closed
+  - admission_must_prove_artifact_is_compact_non_private_and_non_parallel_truth
+  - audit_raw_materials_are_never_tracked_by_this_contract
+  - generated_views_must_be_reproducible_if_tracked
+  - roadmap_records_must_not_authorize_implementation

package/contracts/workflow-consumer.schema.yaml ADDED Viewed

@@ -0,0 +1,112 @@
+version: 1
+contract:
+  id: nimicoding.workflow-consumer.v1
+  owner: nimi-coding
+  purpose: Require workflow tools to consume surface classes natively.
+required_top_level_fields:
+  - version
+  - workflow_consumers
+  - semantic_constraints
+workflow_consumer_required_fields:
+  - workflow_id
+  - package_entrypoint
+  - required_inputs
+  - required_surface_classes
+  - forbidden_surface_classes
+  - forbidden_authority_input_classes
+  - required_gates
+  - output_class
+  - fail_closed_cases
+workflow_consumers:
+  - workflow_id: topic_runner
+    package_entrypoint: nimicoding topic-runner
+    required_inputs:
+      - placement_report
+      - selected_wave
+      - packet_ref
+      - topic_lifecycle_state
+    required_surface_classes:
+      - product_authority
+      - methodology_authority
+      - host_projection_anchor
+    forbidden_surface_classes:
+      - unclassified
+      - derived_view
+      - audit_evidence_state
+    forbidden_authority_input_classes:
+      - lifecycle_progress_state
+    required_gates:
+      - block_unclassified_authority_changes
+      - block_forbidden_root_class_combinations
+      - require_human_confirmation_for_product_semantic_fork
+    output_class: lifecycle_progress_state
+    fail_closed_cases:
+      - placement_report_missing
+      - authority_update_without_post_update_review
+  - workflow_id: audit_sweep
+    package_entrypoint: nimicoding sweep audit
+    required_inputs:
+      - authority_inventory
+      - evidence_inventory
+    required_surface_classes:
+      - product_authority
+      - product_authority_table
+      - product_admission_registry
+      - support_registry
+    forbidden_surface_classes:
+      - derived_view
+      - lifecycle_progress_state
+    forbidden_authority_input_classes: []
+    required_gates:
+      - authority_and_evidence_coverage_separated
+      - raw_outputs_local_only
+    output_class: audit_evidence_state
+    fail_closed_cases:
+      - audit_summary_promoted_to_product_truth
+  - workflow_id: spec_generation
+    package_entrypoint: nimicoding generate-spec-derived-docs
+    required_inputs:
+      - class_filtered_generation_inputs
+      - placement_report
+    required_surface_classes:
+      - product_authority
+      - product_authority_table
+      - product_admission_registry
+      - thin_guidance
+      - methodology_authority
+      - host_projection_anchor
+    forbidden_surface_classes:
+      - audit_evidence_state
+      - lifecycle_progress_state
+      - spec_generation_state
+      - derived_view
+    forbidden_authority_input_classes: []
+    required_gates:
+      - validate_placement_before_render
+      - reject_blanket_docs_roots
+      - generation_audit_local_state
+    output_class: derived_view
+    fail_closed_cases:
+      - generated_view_used_as_authority
+  - workflow_id: closeout
+    package_entrypoint: nimicoding topic closeout
+    required_inputs:
+      - placement_report
+      - validation_report
+      - result_ref
+    required_surface_classes:
+      - lifecycle_progress_state
+    forbidden_surface_classes:
+      - unclassified
+    forbidden_authority_input_classes: []
+    required_gates:
+      - placement_report_pass_required
+      - no_unresolved_block_disposition
+    output_class: lifecycle_progress_state
+    fail_closed_cases:
+      - closeout_claims_drift_resistance_with_placement_violations
+semantic_constraints:
+  - workflow_must_not_infer_authority_from_path_shape_only
+  - workflow_outputs_must_have_declared_surface_class
+  - workflow_must_fail_closed_when_placement_report_is_missing
+  - workflow_must_not_promote_audit_or_lifecycle_state_to_product_authority

package/methodology/audit-sweep-p0p1-recall.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 version: 1
 methodology:
   id: audit_sweep_p0p1_recall
-  owner: nimi-coding/audit-sweep
+  owner: nimicoding/audit-sweep
   purpose: Increase critical/high finding recall without turning every sweep into
     an unbounded full audit.
   activation_criteria: