@nimiplatform/nimi-coding 0.2.0 → 0.2.1

package/CHANGELOG.md

@@ -0,0 +1,19 @@
+# Changelog
+
+All notable changes to `@nimiplatform/nimi-coding` are tracked here.
+
+This project follows semantic versioning for published npm releases.
+
+## 0.2.1
+
+- Added the `gate_registry` table family for product-owned release gate
+  registries that are not closed enums or generic product catalogs.
+
+## 0.2.0
+
+- Split Nimi Coding into a standalone public package.
+- Published the `nimicoding` CLI boundary for bootstrap, validation, handoff,
+  local closeout, topic lifecycle, sweep audit, sweep design, and high-risk
+  execution gates.
+- Kept runtime execution, scheduling, notifications, provider invocation, and
+  self-hosted methodology execution outside the package boundary.

package/CODE_OF_CONDUCT.md

@@ -0,0 +1,28 @@
+# Code Of Conduct
+
+Nimi Coding follows the Nimi project expectation for direct, respectful, and
+technical collaboration.
+
+## Expected Behavior
+
+- Keep discussion focused on the work and its user impact.
+- Challenge technical claims with evidence and concrete alternatives.
+- Assume maintainers and contributors are trying to preserve project quality.
+- Respect scope boundaries, especially around security reports and private
+  vulnerability handling.
+
+## Unacceptable Behavior
+
+- Harassment, threats, or personal attacks.
+- Publishing private security details outside the coordinated disclosure path.
+- Repeatedly derailing issues or pull requests away from the stated technical
+  topic.
+- Spam, impersonation, or knowingly misleading claims about project authority.
+
+## Enforcement
+
+Maintainers may edit, hide, or remove comments; close issues; block users; or
+restrict participation when behavior makes collaboration unsafe or unproductive.
+
+Report conduct concerns privately through `security@nimi.ai` if they involve
+security-sensitive material. Otherwise, use the repository maintainer channels.

package/CONTRIBUTING.md

@@ -0,0 +1,45 @@
+# Contributing
+
+Thanks for taking the time to improve Nimi Coding.
+
+## Project Boundary
+
+This repository is the standalone `@nimiplatform/nimi-coding` package. Package
+source lives directly under `config/**`, `contracts/**`, `methodology/**`, and
+`spec/**`. Adopted projects receive `.nimi/**` projections at bootstrap time.
+
+Do not add provider execution, scheduler ownership, notification backends,
+packet-bound runtime orchestration, or self-hosted methodology execution unless
+the active package contract explicitly admits that redesign.
+
+## Development Setup
+
+```bash
+pnpm install
+pnpm test
+pnpm check:pack
+```
+
+Use `pnpm check:ci` before larger pull requests. It runs tests, npm pack
+dry-run, and CLI smoke checks.
+
+## Pull Request Expectations
+
+- Keep changes scoped to one problem.
+- Read existing files before editing.
+- Prefer editing existing source over replacing whole files.
+- Add or update focused tests for behavior changes.
+- Update README or contract docs when user-visible behavior changes.
+- Do not commit local `.nimi/local/**`, `.nimi/cache/**`, `.nimi/topics/**`, or
+  other generated operational artifacts.
+
+## Commit Sign-Off
+
+This project accepts signed-off commits:
+
+```bash
+git commit -s
+```
+
+The sign-off certifies that you have the right to submit the contribution under
+the project's license.

package/README.md

@@ -1,347 +1,375 @@
 # @nimiplatform/nimi-coding
 
-`@nimiplatform/nimi-coding` is the standalone host-agnostic boundary package
-for the Nimi Coding methodology.
-
-The product goal is to let arbitrary projects install a reusable AI coding
-governance toolkit, bootstrap a project-local `.nimi/**` layer, and then use
-AI-native authority, packet, and acceptance discipline for high-risk work.
-
-## Primary Path
-
-The primary `nimicoding` path is for an ordinary project with mixed inputs:
-
-1. gather code/docs/structure/human notes
-2. hand off `spec_reconstruction` to an external host
-3. generate a canonical tree under `/.nimi/spec/**`
-4. run `validate-spec-tree`
-5. run `validate-spec-audit`
-6. close out reconstruction
-7. hand off `doc_spec_audit` and close it out locally
-
-`blueprint-audit` and benchmark parity remain available, but they are
-support-only package fixtures. They do not define default reconstruction
-completion for a host project.
-
-In a host project, `/.nimi/spec/**` becomes product authority only after that
-project admits or reconstructs it. `nimicoding` provides the CLI, injected
-`.nimi/{config,contracts,methodology}/**` contracts, and validators; it does
-not make a host read package source paths directly.
-
-## Current Status
-
-This repository is boundary-complete for its intended standalone scope.
-
-Its completed standalone scope is:
-
-- package identity
-- repository foundation
-- initial AI-native methodology seed
-- package-owned support profile source for future governance slices
-- machine-readable reconstruction, doc-spec-audit, and high-risk execution result contracts
-- package-owned canonical high-risk admission schema contract
-- seed-only high-risk execution schemas for packet, orchestration-state, prompt, worker-output, and acceptance
-- vendor-neutral external host-profile seed
-- package-owned external host compatibility contract seed
-- host-adapter seed for constrained external execution-host interop
-- package-owned admitted host-profile overlay seed for `oh_my_codex`
-- package-owned external execution artifact landing-path contract seed
-- vendor-neutral external delegated skill runtime contract seed
-- vendor-neutral delegated skill installer seed
-- fail-closed delegated skill installer result-contract seed
-- local-only installer operational evidence-home seed
-- fail-closed collapsed installer summary projection lifecycle-contract seed
-- package-owned bootstrap source under `config/**`, `contracts/**`, `methodology/**`, and `spec/**`
-- a bounded standalone CLI with staged `start`, validation, handoff, local closeout projection, explicit admission, and mechanical execution-artifact validation
-- a host-agnostic semantic + interop boundary for external AI hosts such as OMX, Codex, Claude, Gemini, or another contract-observing host
-
-It intentionally defers:
-
-- packet-bound run kernel
-- provider-backed execution
-- scheduler, notification, and automation backend surfaces
+**English** · [简体中文](README.zh-CN.md)
+
+[![npm](https://img.shields.io/npm/v/@nimiplatform/nimi-coding.svg?label=npm)](https://www.npmjs.com/package/@nimiplatform/nimi-coding)
+[![license](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
+[![node](https://img.shields.io/badge/node-%3E%3D24-brightgreen.svg)](#requirements)
+
+> A **vendor-neutral, AI-native methodology toolkit** for governing
+> high-risk AI-assisted software work. Bootstraps a project-local
+> `.nimi/**` truth surface, ships the `nimicoding` CLI, and turns
+> "AI plausibly finished this" into "the four closure dimensions
+> are evidenced."
+
+Reader documentation: <https://docs.nimi.ai/nimicoding>
+npm package: [`@nimiplatform/nimi-coding`](https://www.npmjs.com/package/@nimiplatform/nimi-coding)
+
+---
+
+## Why This Exists
+
+AI-assisted implementation routinely produces output that **compiles,
+passes existing tests, looks plausible to a reviewer, and is still
+wrong** about authority, scope, semantics, or product meaning. These
+are not bugs in the conventional sense — they are *closure failures*:
+the work was claimed done in a state where the closure conditions had
+not actually held.
+
+A short, non-exhaustive list of failure shapes Nimi Coding is
+designed to catch:
+
+- **Stale-doc anchoring** — the assistant follows a document that
+  looked authoritative but had drifted from the active spec.
+- **Implicit scope expansion** — the assistant edits an adjacent
+  surface "while it's in the file"; ownership silently shifts.
+- **Plausible synthesis** — when authoritative source is missing,
+  the assistant invents a coherent answer indistinguishable from a
+  real one.
+- **Old-route preservation** — a new route is added alongside the
+  old one as "safe migration"; the old route was supposed to be
+  deleted.
+- **Build-pass closure** — work declared done because tests run,
+  even though consumer-facing behavior is wrong.
+- **Pseudo-success** — a typed contract failure is hidden behind a
+  fallback that returns "something" instead of failing closed.
+
+Better prompts and better tests do not address this. The loop
+reviewing the AI's output is the same loop that produced it. Nimi
+Coding introduces **structural separation** instead.
+
+## What Nimi Coding Is (And Is Not)
+
+Nimi Coding is **not** another AI coding assistant. It does not write
+code, dispatch to a provider, or run an agent loop.
+
+It is the **standalone host-agnostic boundary package** that sits as
+a governance layer under whichever AI host you use (Claude, Codex,
+Gemini, OMX, or your own). It ships:
+
+- a package-owned **methodology** under `methodology/**`
+- typed **contracts** under `contracts/**`
+- **bootstrap + host profile** config under `config/**`
+- a **bootstrap spec seed** under `spec/**`
+- the **`nimicoding` CLI** for bootstrap, validation, skill handoff,
+  local closeout, topic lifecycle, sweep audit, sweep design, and
+  high-risk execution gates
+- **host adapter** profile overlays for external AI hosts
+
+It deliberately does **not** ship:
+
+- a packet-bound run kernel
+- provider-backed AI execution
+- a scheduler
+- notification infrastructure
+- an automation backend
 - self-hosted methodology execution
 
-## CLI Status
-
-This repository now carries a boundary-complete standalone `nimicoding` CLI.
-
-At the current stage it provides:
-
-- executable package bin wiring
-- help and version output
-- a primary `nimicoding start` entrypoint for bootstrap, resume, and next-stage AI task prep
-- a conservative `nimicoding clear` entrypoint for removing package-managed setup without deleting project-owned truth
-- a bounded `nimicoding doctor`
-- an explicit `nimicoding blueprint-audit` equivalence check for comparing a fixture or host blueprint root with the candidate canonical tree under `.nimi/spec`
-- surface validators for placement, table-family, projection-edge, guidance-body, domain-admission, and tracked-output admission boundaries
-- an explicit `nimicoding handoff` export
-- an explicit `nimicoding admit-high-risk-decision` semantic admission surface
-- a local-only `nimicoding closeout` projection
-- a bounded local-only `nimicoding ingest-high-risk-execution` projection
-- a bounded local-only `nimicoding review-high-risk-execution` projection
-- a bounded local-only `nimicoding decide-high-risk-execution` projection
-- mechanical validators for execution-packet, orchestration-state, prompt, worker-output, and acceptance
-- skill-specific result contract seeding for reconstruction, doc/spec audit, and local-only high-risk execution closeout
-- seed-only execution contract extraction under `.nimi/contracts/**`
-- package-owned bootstrap source projection from `config/**`, `contracts/**`, `methodology/**`, and `spec/**`
-
-Current `nimicoding start` behavior is intentionally narrow:
-
-- detect the current project state and continue from the right stage
-- create or resume the `.nimi/**` seed by projecting package-owned source into host paths
-- seed AI-native spec-reconstruction guidance inside `.nimi/**`
-- keep support-only methodology assets package-owned unless a host explicitly opts into them
-- seed package-owned machine contracts inside `.nimi/contracts/**`
-- seed package-owned execution schemas for future high-risk methodology artifacts without admitting runtime ownership
-- seed canonical skill-manifest, host-profile, installer, delegated runtime contract, installer result contract, installer operational evidence home, and external handoff truth inside `.nimi/**`
-- seed canonical host-adapter truth inside `.nimi/**` so external execution hosts can be admitted without becoming semantic owners
-- seed canonical collapsed installer summary projection lifecycle truth inside `.nimi/**`
-- update `.gitignore` for local runtime state
-- optionally update `AGENTS.md` and `CLAUDE.md` as a staged confirmation inside `start`
-- explain one step at a time, confirm one step at a time, and apply one step at a time in interactive mode
-- prepare one authoritative JSON AI task package for `spec_reconstruction` or `doc_spec_audit` when the current project stage requires it
-- let the user choose a target host such as Codex, Claude, or oh-my-codex for that next AI task
-- print a short paste-ready prompt directly in the terminal during `start` instead of requiring users to open a generated prompt file
-- fail closed on unknown CLI options
-- validate bootstrap integrity and delegated-runtime posture with `doctor`
-- preserve existing truth files rather than overwriting them
-- refuse unsupported bootstrap contract versions
-
-Current `nimicoding clear` behavior is intentionally narrow:
-
-- remove only managed AI blocks in `AGENTS.md` and `CLAUDE.md`
-- remove only package-owned bootstrap files under `.nimi/config/**`, `.nimi/contracts/**`, and `.nimi/methodology/**` when the local file still exactly matches the packaged seed
-- preserve locally modified bootstrap files even when they live under those package-owned bootstrap paths
-- preserve `.nimi/spec/**`, `.nimi/local/**`, and `.nimi/cache/**`
-- avoid deleting project-owned truth or local operational artifacts implicitly
-
-## Topic Lifecycle Reports
-
-Human-authored local report work now uses a topic lifecycle workspace rooted at:
-
-- `/.nimi/topics/**`
-
-Canonical topic lifecycle roots are:
-
-- `proposal`
-- `ongoing`
-- `pending`
-- `closed`
-
-The primary organization unit is a topic folder:
-
-- `.nimi/topics/<state>/YYYY-MM-DD-topic-slug/`
-
-Each topic folder should carry a lightweight `topic.yaml` state record and may
-include:
-
-- `README.md`
-- `design.md`
-- `preflight.md`
-- `waves.md`
-- `packet-*.md`
-- `closeout.md`
-
-Topic folder rules:
-
-- use sortable date-first topic ids: `YYYY-MM-DD-topic-slug`
-- express lifecycle by moving the topic folder between `proposal`, `ongoing`,
-  `pending`, and `closed`
-- keep one canonical copy of a topic at a time
-- record lifecycle transitions in `topic.yaml`; do not rely on folder moves
-  alone as the state evidence surface
-
-Canonical constraints:
-
-- human-authored topic lifecycle reports must use
-  `/.nimi/topics/{proposal|ongoing|pending|closed}/<topic-id>/**`
-- flat markdown files directly under `/.nimi/topics/` are outside the
-  admitted methodology model
-- `.local/report/**` is not an accepted root for human-authored topic
-  lifecycle reports; keep it only for execution evidence or machine outputs
-- `.local/work/**` is no longer the primary methodology workspace for
-  human-authored topic execution materials
-
-Applicability boundary:
-
-- topic workflow is intentionally heavy and not the default entrypoint for all
-  engineering work
-- use a topic when the work is authority-bearing, high-risk, cross-module,
-  multi-wave, or likely to need remediation / re-audit discipline
-- small low-risk changes should stay on the ordinary non-topic path unless there
-  is an explicit reason they need topic-level governance
-
-Development rhythm:
-
-- a topic is the canonical home for one major iteration line, not a micro
-  requirement backlog
-- waves are the bounded execution unit inside a topic
-- entering `ongoing` requires a topic-local `preflight.md` with one selected
-  next execution target, a bounded stop line, consumed inputs/contexts, expected
-  closeout checks, and explicit forbidden reopenings
-- `pending` is an optional no-active-development state for topics that are not
-  ready to close: use it when you want to distinguish "waiting on evidence or
-  an external trigger" from active `ongoing` work, and record explicit reopen
-  or close criteria instead of leaving that wait implicit
-- each wave should own one primary closure goal and end in a bounded result such
-  as an authority cut, implementation packet, bounded re-audit, or explicit
-  pause/defer note
-- planning-only waves may harden one execution target, but they must not chain
-  indefinitely; if no bounded closure is reached after a planning wave, pause or
-  re-preflight instead of opening unbounded new planning waves
-- closeout stays layered: context closure, wave closeout, and final topic
-  closeout are distinct evidence surfaces
-
-Avoid the older `slug-YYYY-MM-DD.md` shape because it sorts poorly and makes
-cross-report navigation harder. Stable machine report artifacts that are meant
-to behave like a current snapshot, such as `blueprint-equivalence-audit.json`,
-should keep their fixed names.
-
-## Canonical Spec Surface Model
-
-The package seeds the host-local contracts needed to reconstruct and validate a
-canonical spec tree without putting package methodology or lifecycle state under
-the host product-authority root.
-
-At this stage:
-
-- `config/**`, `contracts/**`, `methodology/**`, and `spec/**` are package source for the npm package
-- generated host projects receive injected `.nimi/{config,contracts,methodology}/**` projections and own their `.nimi/spec/**` product authority
-- `start`, `doctor`, `handoff`, `closeout`, and high-risk gating read host-local `.nimi/**` projections instead of requiring access to package source paths
-- `nimicoding blueprint-audit` remains the explicit audit surface for benchmark-vs-canonical equivalence checks; it does not perform routing changes on its own
-- canonical spec generation now reads mixed inputs from `.nimi/config/spec-generation-inputs.yaml` and treats any blueprint root as an optional benchmark rather than a universal host assumption
-- completed canonical reconstruction now requires structural validity and may carry file-level auditability under `.nimi/local/state/spec-generation/spec-generation-audit.yaml`
-- `nimicoding validate-spec-tree` checks canonical tree structure, while `nimicoding validate-spec-audit` checks per-file grounding, inference, and unresolved-gap tracking
-
-Current `nimicoding doctor` behavior is intentionally narrow:
-
-- validate that `.nimi/**` bootstrap seed files are present
-- validate that `.nimi/local/` and `.nimi/cache/` exist and remain ignored
-- validate bootstrap contract compatibility metadata
-- validate bootstrap-only and reconstruction-seeded lifecycle markers
-- validate cross-contract reference alignment across manifest, handoff, runtime, installer, and host-profile truth
-- validate host-adapter boundary truth and adapter selection posture
-- validate admitted package-owned adapter profile overlays for named external hosts
-- validate the packaged external host compatibility contract
-- expose the supported external host posture, examples, and required/forbidden host behavior
-- validate skill result-contract alignment
-- validate the packaged high-risk execution result contract
-- validate the packaged canonical high-risk admission schema contract
-- validate the external execution artifact landing-path contract
-- validate seed-only high-risk execution schemas under `.nimi/contracts/**`
-- validate handoff context-order readiness for an external AI host
-- expose the standalone completion profile, status, completed surfaces, deferred execution surfaces, and promoted parity gaps
-- expose the generic external-host compatibility posture, admitted named overlay posture, and future-only host-specific surfaces
-- validate canonical `.nimi/spec/high-risk-admissions.yaml` record shape against the packaged admission schema contract when present
-- fail closed when lifecycle state, canonical tree readiness, and auditability drift apart
-- report local `doc_spec_audit` closeout artifact status without promoting it to semantic truth
-- emit either human-readable output or machine-readable JSON with `--json`
-
-Current `nimicoding handoff` behavior is intentionally narrow:
-
-- require explicit `--skill <skill-id>`
-- export an authoritative machine-readable external handoff payload with `--json`
-- optionally project a human-readable host briefing with `--prompt`
-- remain host-agnostic: Claude, Codex, Gemini, OMX, or another external host may consume the same contract if it respects the declared boundaries
-- export the package-owned host compatibility contract ref, supported host posture, supported host examples, and required/forbidden host behavior
-- expose whether a generic external host is compatible, whether a named admitted overlay is merely available or currently selected, and which host-specific surfaces remain future-only
-- reuse `doctor` validation and fail closed when bootstrap or delegated handoff posture is invalid
-- allow `spec_reconstruction` handoff during bootstrap-only mode
-- expose selected named adapter overlay metadata when an admitted host profile is selected
-- export `resultContractRef` plus skill-specific closeout summary expectations
-- export execution schema refs, expected artifact kinds, expected local artifact roots, and external execution summary status for `high_risk_execution`
-- refuse `doc_spec_audit` and `high_risk_execution` handoff until the canonical tree under `.nimi/spec` is ready
-
-Current `nimicoding closeout` behavior is intentionally narrow:
-
-- require explicit `--skill`, `--outcome`, and `--verified-at`
-- optionally import those fields plus an optional contract-validated `summary` from an external JSON payload with `--from`
-- project external skill results into a local-only closeout payload
-- optionally write the payload under `.nimi/local/handoff-results/` with `--write-local`
-- fail closed if a `completed` outcome contradicts the current canonical-tree or audit state
-- support contract-validated local-only summary import for `high_risk_execution`
-- fail closed if imported high-risk execution refs escape the declared local artifact roots
-- fail closed if imported high-risk execution summaries omit refs, drift in shape, or claim an illegal external execution status
-- fail closed if imported `summary` content violates the declared skill result contract
-- fail closed if an imported JSON summary does not match the current project or required shape
-- never promote local closeout artifacts to project semantic truth
-
-Current `nimicoding admit-high-risk-decision` behavior is intentionally narrow:
-
-- require explicit `--from <json>` and `--admitted-at <iso8601>`
-- accept only `nimicoding.high-risk-decision.v1` payloads with `decisionStatus: manager_decision_recorded`
-- derive `topic_id` and `packet_id` from the mechanically valid attached packet
-- project canonical admission preview for `.nimi/spec/high-risk-admissions.yaml`
-- write tracked semantic truth only when `--write-spec` is given explicitly
-- fail closed on malformed decision payloads, malformed admissions truth, or missing packet identity
-
-Current `nimicoding ingest-high-risk-execution` behavior is intentionally narrow:
-
-- require explicit `--from <json>` pointing at a local high-risk closeout artifact
-- accept only `high_risk_execution` closeout artifacts with `outcome: completed` and `summary.status: candidate_ready`
-- mechanically validate the referenced packet, orchestration-state, prompt, and worker-output artifacts using the packaged validators
-- require all evidence refs to exist under the declared local artifact roots
-- project a local-only ingest payload and optionally write it under `.nimi/local/handoff-results/`
-- fail closed on contract drift, root escape, missing artifacts, or invalid worker-output/prompt/schema shape
-- never decide semantic acceptance, disposition, or finding judgment
-
-Current `nimicoding review-high-risk-execution` behavior is intentionally narrow:
-
-- require explicit `--from <json>` pointing at a local high-risk ingest artifact
-- accept only `nimicoding.high-risk-ingest.v1` payloads with `ok: true`
-- project a local-only review-ready attachment payload for manager-owned review
-- carry attachment refs, ingest validation evidence, and the declared semantic review owner
-- fail closed if the ingest payload is malformed, not local-only, or mechanically invalid
-- never decide semantic acceptance, disposition, or finding judgment
-
-Current `nimicoding decide-high-risk-execution` behavior is intentionally narrow:
-
-- require explicit `--from <json>`, `--acceptance <path>`, and `--verified-at <iso8601>`
-- accept only `nimicoding.high-risk-review.v1` payloads with `ok: true`
-- require `reviewStatus: ready_for_manager_review`
-- mechanically validate the provided acceptance artifact and require an explicit `Disposition:` line
-- project a local-only manager decision payload and optionally write it under `.nimi/local/handoff-results/`
-- fail closed if the review payload is malformed, not local-only, or points at another project
-- never auto-promote the manager decision into canonical semantic truth without explicit admission
-
-Current mechanical validator behavior is intentionally narrow:
-
-- require an explicit artifact path for each validator command
-- emit machine-readable `validator-cli-result.v1` JSON on both success and refusal
-- validate only the package-owned seed contract shape for execution-packet, orchestration-state, prompt, worker-output, and acceptance
-- fail closed on missing required sections, malformed YAML, or seed-contract drift
-- avoid semantic acceptance, topic orchestration, scheduler ownership, or provider execution claims
-
-The package now carries package-owned bootstrap source under `config/**`,
-`contracts/**`, `methodology/**`, and `spec/**`. `nimicoding start`
-projects those files into a host project's `/.nimi/**`
-surface at runtime. The package also carries adapter overlays under
-`adapters/**/profile.yaml` so external execution hosts such as
-`oh-my-codex` can be admitted as constrained bridges instead of semantic
-owners while keeping external execution closeout local-only, root-bounded,
-and non-semantic until an explicit manager-owned admission writes canonical
-summary truth into `.nimi/spec/high-risk-admissions.yaml`.
-
-Boundary-complete in this package does not mean promoted-runtime parity. The
-package-owned source lives directly under `config/**`, `contracts/**`,
-`methodology/**`, and `spec/**`. Only generated or adopted host projects use
-`.nimi/**`. Standalone does not add `run-*` commands, provider invocation,
-scheduler logic, or transport adapters in this cut.
-
-## Intended Direction
-
-The expected future experience is roughly:
-
-1. install `@nimiplatform/nimi-coding`
-2. run `nimicoding start`
-3. confirm or accept managed AI entrypoints
-4. let an external AI host use seeded `.nimi/**` reconstruction guidance, manifest, host-profile, installer, delegated runtime contract, installer result contract, collapsed installer summary projection lifecycle contract, installer operational evidence guidance, and the authoritative handoff JSON contract to
-   reconstruct the project canonical tree
-5. use the methodology for later high-risk work
-
-## Development Posture
-
-This repository is the standalone boundary package. Deferred runtime surfaces
-such as packet-bound execution, provider-backed execution, scheduler,
-notification, and automation remain outside the packaged scope.
+Runtime ownership stays with an external AI host. The methodology
+and contracts stay portable. You can change AI hosts tomorrow
+without changing the methodology contract.
+
+When a host project runs `nimicoding start`, the package-owned
+sources are *projected* into that project's
+`.nimi/{config,contracts,methodology,spec}/**` surface. The adopted
+project then owns its `.nimi/spec/**` product authority. **The
+package does not make a host read package source paths directly** —
+the adopted project always reads its own projected `.nimi/**`.
+
+## The Mental Model
+
+Four moves separate Nimi Coding from a checklist:
+
+| Move | What it means |
+| --- | --- |
+| **Authority is named** | Every change names where its truth lives (`.nimi/spec/**`), who owns the surface, and what kind of work is happening. |
+| **Execution is packetized** | Implementation is bounded by a frozen packet declaring allowed reads, allowed writes, acceptance invariants, negative tests, stop lines, and reopen conditions — *before* the worker begins. |
+| **Closure is multidimensional** | Four independent closure gates — Authority, Semantic, Consumer, Drift Resistance — must all hold. Three out of four is not closed. |
+| **Roles are separated** | Manager owns wave admission and judgement; Worker owns the packet write set; Auditor performs structural review from a **structurally separate loop** (a different AI session, a different vendor). |
+
+See [Four Closures](https://docs.nimi.ai/nimicoding/four-closures) and
+[The Paradigm](https://docs.nimi.ai/nimicoding/the-paradigm) for the
+full framework.
+
+## Who This Is For
+
+| Persona | What you get |
+| --- | --- |
+| Solo founder shipping with AI | Team-scale review discipline without a team — route the auditor through a second AI session on the same laptop |
+| Small team (2–5) adopting AI | Structural review redundancy that scales without headcount |
+| OSS maintainer accepting AI-authored PRs | Provable contribution discipline — packet boundaries, typed evidence, four-closure gates |
+| Organization under AI-coding compliance pressure | Audit trail and structured acceptance independent of any single AI vendor |
+| Researcher studying AI engineering practice | Observable methodology corpus over real repository history |
+
+If you have ever watched an AI-assisted change look complete to every
+available signal — type checker green, tests green, reviewer
+approved — and turn out to be wrong about authority, scope, or
+product meaning, this package is for you.
+
+## Requirements
+
+| Requirement | Version |
+| --- | --- |
+| Node.js | `>=24.0.0` |
+| Package manager (consumer) | npm, pnpm, yarn, or compatible |
+| pnpm (repository development) | `>=10.0.0` |
+
+A version-controlled project is recommended — `start` creates files.
+
+## Install
+
+In the repository that should receive the `.nimi/**` governance
+layer:
+
+```bash
+npm install --save-dev @nimiplatform/nimi-coding
+# or
+pnpm add -D @nimiplatform/nimi-coding
+```
+
+Check the CLI:
+
+```bash
+npx nimicoding --version
+npx nimicoding --help
+```
+
+## 5-Minute Minimal Path
+
+Most projects should start small. The first successful path is:
+
+```bash
+# 1. Bootstrap .nimi/** in your project root
+npx nimicoding start
+
+# 2. Check the bootstrap is healthy
+npx nimicoding doctor --json
+
+# 3. Hand off canonical spec reconstruction to your AI host
+npx nimicoding handoff --skill spec_reconstruction --json
+
+# 4. After the host consumes that payload and materializes .nimi/spec/**,
+#    validate the canonical tree
+npx nimicoding validate-spec-tree .nimi/spec
+npx nimicoding validate-spec-audit
+```
+
+After this, you have a project-local `.nimi/**` truth surface, a
+typed reconstruction of project authority into `.nimi/spec/**`, and
+mechanical validators you can re-run on every change.
+
+`handoff` exports an authoritative task payload. It does not call an AI
+provider or run the reconstruction itself; the external host must
+consume the payload, write or return the expected artifacts, and then
+the local validators check the result.
+
+You do **not** need to create topics, freeze packets, or run
+high-risk gates for ordinary low-risk changes. Those tools exist for
+authority-bearing, cross-module, multi-wave, or audit-sensitive work.
+
+To remove only package-managed bootstrap material from a test
+project (preserves `.nimi/spec/**`, `.nimi/local/**`, `.nimi/cache/**`,
+and locally modified bootstrap files):
+
+```bash
+npx nimicoding clear --yes
+```
+
+## When You Need More: Topics, Waves, Packets
+
+For authority-bearing, high-risk, or cross-module work, escalate to
+the topic lifecycle. A topic groups one strategic change; waves split
+the topic into bounded units of work; each wave freezes a **packet**
+before the worker begins.
+
+```bash
+nimicoding topic create <slug> --justification <text>
+nimicoding topic wave add <topic-id> <wave-id> <slug> \
+  --goal <text> --owner-domain <domain>
+nimicoding topic packet freeze <topic-id> --from <draft-path>
+nimicoding handoff --skill high_risk_execution --json
+nimicoding ingest-high-risk-execution --from result.json
+nimicoding review-high-risk-execution --from ingest.json
+nimicoding decide-high-risk-execution --from review.json \
+  --acceptance accept.md --verified-at <iso8601>
+```
+
+Each step is bounded by typed validation. Skipping a step or
+smuggling fields through means the CLI refuses (fail closed, no
+exceptions).
+
+## The Four Declared Skills
+
+External AI hosts implement these skills; the `handoff` CLI emits a
+machine-readable payload for each:
+
+| Skill | Purpose | Required at bootstrap |
+| --- | --- | --- |
+| `spec_reconstruction` | Reconstruct canonical project authority into `.nimi/spec/**` with source basis and unresolved-gap tracking | yes |
+| `doc_spec_audit` | Audit per-file grounding and inference against the canonical tree | yes |
+| `audit_sweep` | Split a target root into auditable chunks and record typed evidence | no |
+| `high_risk_execution` | Execute admitted high-risk packets with typed packet / orchestration / prompt / worker-output / acceptance evidence | no |
+
+See [Skills](https://docs.nimi.ai/nimicoding/skills) for contract
+detail.
+
+## CLI Surface
+
+Common commands, grouped by entry scenario:
+
+```bash
+# Bootstrap
+nimicoding start
+nimicoding sync --check
+nimicoding doctor --json
+nimicoding clear --yes
+
+# Skill handoff and local closeout
+nimicoding handoff --skill <id> --json
+nimicoding closeout --from result.json --write-local
+
+# Spec audit
+nimicoding validate-spec-tree .nimi/spec
+nimicoding validate-spec-audit
+nimicoding blueprint-audit
+
+# Topic lifecycle
+nimicoding topic create <slug> --justification <text>
+nimicoding topic wave add|select|admit ...
+nimicoding topic packet freeze ...
+nimicoding topic worker dispatch ...
+nimicoding topic result record ...
+nimicoding topic closeout ...
+nimicoding topic true-close-audit ...
+nimicoding topic run-next-step <topic-id> --json
+
+# Sweep audit / sweep design
+nimicoding sweep audit plan --root <dir> --json
+nimicoding sweep audit chunk ...
+nimicoding sweep design intake|packet-build|result-ingest|finalize ...
+
+# High-risk execution gates
+nimicoding admit-high-risk-decision --from <json> --admitted-at <iso8601>
+nimicoding ingest-high-risk-execution --from <json>
+nimicoding review-high-risk-execution --from <json>
+nimicoding decide-high-risk-execution --from <json> \
+  --acceptance <path> --verified-at <iso8601>
+
+# Mechanical artifact validators
+nimicoding validate-execution-packet <path>
+nimicoding validate-orchestration-state <path>
+nimicoding validate-prompt <path>
+nimicoding validate-worker-output <path>
+nimicoding validate-acceptance <path>
+```
+
+Conceptual CLI overview:
+<https://docs.nimi.ai/nimicoding/cli>
+Field-level reference:
+<https://docs.nimi.ai/nimicoding/reference/cli-commands>
+
+## How Does This Compare To …
+
+| | Cursor / Copilot / Claude Code | Lint / TDD / Code review | Nimi Coding |
+| --- | --- | --- | --- |
+| Writes code | yes | no | **no** |
+| Catches local bugs | partial | yes | n/a |
+| Catches authority drift | no | no | **yes** |
+| Catches consumer-closure failure | no | no | **yes** |
+| Vendor lock-in | yes (per tool) | no | **no — host-agnostic** |
+| Audit trail across AI sessions | chat transcript | PR comments | **typed evidence under `.nimi/**`** |
+
+Nimi Coding sits *underneath* the AI host you already use. It is the
+machinery that lets the work AI did graduate from "looks done" to
+"closed across four dimensions, with evidence."
+
+## Repository Map
+
+| Path | Purpose |
+| --- | --- |
+| `bin/nimicoding.mjs` | Executable package binary |
+| `cli/**` | CLI implementation |
+| `config/**` | Package-owned bootstrap and host profile source |
+| `contracts/**` | Package-owned machine-readable schemas and contracts |
+| `methodology/**` | Package-owned methodology source (policies) |
+| `spec/**` | Bootstrap spec seed and package scope source |
+| `adapters/**` | External host adapter profile overlays (e.g. `oh-my-codex`) |
+| `test/**` | Node test suite and fixtures |
+
+Adopted projects use `.nimi/**` for the projected layer. This
+repository itself keeps the package-owned source directly under
+`config/**`, `contracts/**`, `methodology/**`, and `spec/**`.
+
+## Development
+
+```bash
+pnpm install
+pnpm test           # runs the node:test suite (329 tests at 0.2.1)
+pnpm check:pack     # npm pack --dry-run
+pnpm check:ci       # test + pack + CLI help/version smoke
+```
+
+Local CLI smoke:
+
+```bash
+node ./bin/nimicoding.mjs --version
+node ./bin/nimicoding.mjs --help
+```
+
+Before opening a pull request, read [CONTRIBUTING.md](CONTRIBUTING.md).
+The short version: keep changes scoped, preserve the host-agnostic
+boundary, do not add runtime ownership unless the methodology
+contract is explicitly redesigned, and run the relevant tests before
+claiming the work is done.
+
+## Publishing
+
+Releases are tag-driven through GitHub Actions. A `vX.Y.Z` tag
+publishes the matching `package.json` version after tests, dry-run
+packing, and CLI smoke checks pass. The workflow also supports a
+manual dry-run release gate.
+
+The package publishes with npm provenance enabled.
+
+## Security
+
+Do not disclose vulnerabilities in public GitHub issues. Use a
+private channel:
+
+- GitHub private security advisory for
+  [`nimiplatform/nimi-coding`](https://github.com/nimiplatform/nimi-coding/security/advisories/new)
+- `security@nimi.ai`
+
+See [SECURITY.md](SECURITY.md) for the supported reporting path.
+
+## Documentation
+
+Full reader documentation lives at <https://docs.nimi.ai/nimicoding>,
+including:
+
+- [The Paradigm](https://docs.nimi.ai/nimicoding/the-paradigm)
+- [Four Closures](https://docs.nimi.ai/nimicoding/four-closures)
+- [False Closure Typology](https://docs.nimi.ai/nimicoding/false-closure-typology)
+- [Forbidden Shortcuts](https://docs.nimi.ai/nimicoding/forbidden-shortcuts)
+- [Role Separation](https://docs.nimi.ai/nimicoding/role-separation)
+- [Topic Lifecycle](https://docs.nimi.ai/nimicoding/topic-lifecycle)
+- [The Package](https://docs.nimi.ai/nimicoding/the-package)
+- [CLI Surface](https://docs.nimi.ai/nimicoding/cli)
+- [Installation](https://docs.nimi.ai/nimicoding/installation)
+- [Adoption Path](https://docs.nimi.ai/nimicoding/adoption-path)
+- [Comparison](https://docs.nimi.ai/nimicoding/comparison)
+- [Walkthrough](https://docs.nimi.ai/nimicoding/walkthrough)
+
+## License
+
+MIT. See [LICENSE](LICENSE).

package/README.zh-CN.md

@@ -0,0 +1,307 @@
+# @nimiplatform/nimi-coding
+
+[English](README.md) · **简体中文**
+
+[![npm](https://img.shields.io/npm/v/@nimiplatform/nimi-coding.svg?label=npm)](https://www.npmjs.com/package/@nimiplatform/nimi-coding)
+[![license](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
+[![node](https://img.shields.io/badge/node-%3E%3D24-brightgreen.svg)](#环境要求)
+
+> 一套**厂商中立、AI 原生的方法论工具**（vendor-neutral, AI-native
+> methodology toolkit），专门用于治理高风险的 AI 辅助软件开发。它在项目里
+> 搭建一层 `.nimi/**` 真相面，配套 `nimicoding` CLI，把"AI 看起来做完了"
+> 变成"四个闭合维度都有证据。"
+
+读者文档：<https://docs.nimi.ai/nimicoding>
+npm 包：[`@nimiplatform/nimi-coding`](https://www.npmjs.com/package/@nimiplatform/nimi-coding)
+
+---
+
+## 为什么需要这个项目
+
+AI 辅助实现经常会产出**能编译、能跑通现有测试、Reviewer 看着合理、但实际上在权威、范围、语义或产品意义上是错的**代码。这些不是传统意义上的 bug——它们是*闭合失败*（closure failures）：在闭合条件还没真正成立的状态下，工作就被声明为"完成"了。
+
+Nimi Coding 专门拦截的几种失败形态（非穷举）：
+
+- **过期文档锚定**：模型跟随了一份看似权威、但已经偏离活跃 spec 的文档。
+- **隐式范围扩张**：模型"顺手"改了相邻表面，所有权悄悄发生了转移。
+- **看似合理的捏造**：缺乏权威源时，模型编造一个跟真实答案无法区分的连贯回答。
+- **旧路径保留**：模型"为了安全迁移"在旧路径旁边加了新路径——而旧路径本来应该被删掉。
+- **构建通过即闭合**：因为测试跑过了就宣告完成，但消费方面对的行为是错的。
+- **伪成功**：强类型契约失败被一段返回"某种东西"的回退路径掩盖，没有 fail-closed（失败即关闭）。
+
+更好的 Prompt 和更全的测试都解决不了这个问题。**审查 AI 输出的回路，和产出这个 AI 输出的，是同一个回路。** Nimi Coding 引入的是**结构性的分离**。
+
+## Nimi Coding 是什么（不是什么）
+
+Nimi Coding **不是**另一个 AI 写代码工具。它不写代码、不调度 provider、不跑 agent loop。
+
+它是**独立的、host-agnostic 的边界包**（standalone host-agnostic boundary package），作为治理层坐落在你使用的任意 AI host（Claude、Codex、Gemini、OMX 或自建）下面。它交付：
+
+- 包内自有的**方法论**源（`methodology/**`）
+- 强类型**契约**（`contracts/**`）
+- **bootstrap + host profile** 配置（`config/**`）
+- **bootstrap spec 种子**（`spec/**`）
+- **`nimicoding` CLI**：用于 bootstrap、校验、skill 握手、本地 closeout、topic 生命周期、sweep audit、sweep design、高风险执行闸门
+- 外部 AI host 的**适配器** profile overlay
+
+它**刻意不**交付：
+
+- 一个 packet 绑定的运行内核
+- provider-backed 的 AI 执行
+- 一个调度器
+- 通知基础设施
+- 自动化后端
+- 自托管方法论执行
+
+运行时所有权留在外部 AI host 那里。方法论和契约保持可移植。明天你想换 AI host，方法论合同不需要改。
+
+当一个 host project 跑 `nimicoding start` 时，包内自有的源会被**投影**到该项目的 `.nimi/{config,contracts,methodology,spec}/**`。被采纳的项目随后拥有自己 `.nimi/spec/**` 下的产品权威。**包不会让 host 直接读取包源路径**——被采纳的项目永远读它自己投影出来的 `.nimi/**`。
+
+## 心智模型
+
+让 Nimi Coding 区别于"另一个 checklist"的四个动作：
+
+| 动作 | 含义 |
+| --- | --- |
+| **权威被显式命名** | 每次变更都先写清楚真相住在哪里（`.nimi/spec/**`）、表面归谁所有、属于哪一类工作。 |
+| **执行被 packet 化** | 实现被一份开工前冻结的 packet 限定边界——允许的读、允许的写、验收恒定式、负面测试、停止线、重开条件。worker 不允许扩张范围。 |
+| **闭合是多维的** | 四个独立闭合闸门——权威（Authority）、语义（Semantic）、消费方（Consumer，即真实用户/读者/运维有没有真的用上）、抗漂移（Drift Resistance）——必须全部成立。过三缺一不算关闭。 |
+| **角色分离** | Manager 负责切边界和准入；Worker 在 packet 写集合内执行；Auditor 来自**结构上独立的回路**（另一个 AI 会话、另一家厂商）。 |
+
+完整框架见 [Four Closures](https://docs.nimi.ai/nimicoding/four-closures) 与 [The Paradigm](https://docs.nimi.ai/nimicoding/the-paradigm)。
+
+## 适合谁用
+
+| 角色 | 收益 |
+| --- | --- |
+| 用 AI 推大项目的独立开发者 | 不需要团队就能拿到团队规模的复核纪律——同一台笔记本起第二个 AI 会话当 auditor |
+| 小团队（2–5 人）引入 AI | 不需要扩招就能拿到结构性的复核冗余 |
+| 接受 AI 辅助 PR 的开源维护者 | 可证的贡献纪律——packet 边界、强类型证据、四闭合闸门 |
+| 有 AI 编程合规压力的工程组织 | 独立于任一 AI 厂商的审计轨迹和结构化验收 |
+| 研究 AI 工程实践的研究者 | 一个可观测的方法论语料库，跑在真实仓库历史上 |
+
+如果你见过 AI 辅助的变更在所有信号上看起来完成了——类型检查绿、测试绿、Reviewer 批了——结果在权威、范围或产品意义上是错的，那这个包就是为你做的。
+
+## 环境要求
+
+| 项 | 版本 |
+| --- | --- |
+| Node.js | `>=24.0.0` |
+| 包管理器（消费方） | npm、pnpm、yarn 或兼容工具 |
+| pnpm（仓库开发） | `>=10.0.0` |
+
+建议在版本控制下的项目里使用——`start` 会创建文件。
+
+## 安装
+
+在需要接入 `.nimi/**` 治理层的项目里：
+
+```bash
+npm install --save-dev @nimiplatform/nimi-coding
+# 或
+pnpm add -D @nimiplatform/nimi-coding
+```
+
+确认 CLI：
+
+```bash
+npx nimicoding --version
+npx nimicoding --help
+```
+
+## 5 分钟最小路径
+
+大部分项目都应该从小路径开始。第一条跑通的路径是：
+
+```bash
+# 1. 在项目根目录 bootstrap .nimi/**
+npx nimicoding start
+
+# 2. 检查 bootstrap 健康
+npx nimicoding doctor --json
+
+# 3. 把权威 spec 重建任务握手交给你的 AI host
+npx nimicoding handoff --skill spec_reconstruction --json
+
+# 4. host 消费该 payload 并落地 .nimi/spec/** 后，校验权威树
+npx nimicoding validate-spec-tree .nimi/spec
+npx nimicoding validate-spec-audit
+```
+
+走完这条路径，你会拥有：项目本地的 `.nimi/**` 真相面、一份重建到 `.nimi/spec/**` 的强类型项目权威，以及可以在每次变更上重跑的机械校验器。
+
+`handoff` 导出的是权威任务 payload。它不会调用 AI provider，也不会自己执行 reconstruction；外部 host 必须消费 payload，写入或返回预期工件，然后本地校验器检查结果。
+
+**普通的低风险改动不需要创建 topic、冻结 packet、跑高风险闸门。** 那些工具是给权威级、跨模块、多 wave 或对审计敏感的工作准备的。
+
+如果想从测试项目里只移除包托管的 bootstrap 内容（保留 `.nimi/spec/**`、`.nimi/local/**`、`.nimi/cache/**` 和被本地修改过的 bootstrap 文件）：
+
+```bash
+npx nimicoding clear --yes
+```
+
+## 需要进阶时：Topic、Wave、Packet
+
+权威级、高风险或跨模块的工作，升级到 topic 生命周期。Topic 装一次战略性变更；wave 把 topic 拆成有边界的工作单元；每个 wave 在 worker 动手前冻结一份 **packet**。
+
+```bash
+nimicoding topic create <slug> --justification <text>
+nimicoding topic wave add <topic-id> <wave-id> <slug> \
+  --goal <text> --owner-domain <domain>
+nimicoding topic packet freeze <topic-id> --from <draft-path>
+nimicoding handoff --skill high_risk_execution --json
+nimicoding ingest-high-risk-execution --from result.json
+nimicoding review-high-risk-execution --from ingest.json
+nimicoding decide-high-risk-execution --from review.json \
+  --acceptance accept.md --verified-at <iso8601>
+```
+
+每一步都被强类型校验约束。跳步或者偷塞字段，CLI 直接拒绝（fail closed，没有例外）。
+
+## 四个声明 Skill
+
+外部 AI host 实现这些 skill；`handoff` CLI 为每一个发出机器可读 payload：
+
+| Skill | 用途 | Bootstrap 必需 |
+| --- | --- | --- |
+| `spec_reconstruction` | 把项目权威重建到 `.nimi/spec/**`，带源依据和未决 gap 追踪 | 是 |
+| `doc_spec_audit` | 对照权威树校验每个文件的 grounding 和 inference | 是 |
+| `audit_sweep` | 把目标根切成可审计的 chunk，记录强类型证据 | 否 |
+| `high_risk_execution` | 在准入的高风险 packet 上执行，附带 packet / orchestration / prompt / worker-output / acceptance 强类型证据 | 否 |
+
+契约细节见 [Skills](https://docs.nimi.ai/nimicoding/skills)。
+
+## CLI 总览
+
+按使用场景分组的常用命令：
+
+```bash
+# Bootstrap
+nimicoding start
+nimicoding sync --check
+nimicoding doctor --json
+nimicoding clear --yes
+
+# Skill 握手与本地 closeout
+nimicoding handoff --skill <id> --json
+nimicoding closeout --from result.json --write-local
+
+# Spec 审计
+nimicoding validate-spec-tree .nimi/spec
+nimicoding validate-spec-audit
+nimicoding blueprint-audit
+
+# Topic 生命周期
+nimicoding topic create <slug> --justification <text>
+nimicoding topic wave add|select|admit ...
+nimicoding topic packet freeze ...
+nimicoding topic worker dispatch ...
+nimicoding topic result record ...
+nimicoding topic closeout ...
+nimicoding topic true-close-audit ...
+nimicoding topic run-next-step <topic-id> --json
+
+# Sweep audit / sweep design
+nimicoding sweep audit plan --root <dir> --json
+nimicoding sweep audit chunk ...
+nimicoding sweep design intake|packet-build|result-ingest|finalize ...
+
+# 高风险执行闸门
+nimicoding admit-high-risk-decision --from <json> --admitted-at <iso8601>
+nimicoding ingest-high-risk-execution --from <json>
+nimicoding review-high-risk-execution --from <json>
+nimicoding decide-high-risk-execution --from <json> \
+  --acceptance <path> --verified-at <iso8601>
+
+# 机械工件校验器
+nimicoding validate-execution-packet <path>
+nimicoding validate-orchestration-state <path>
+nimicoding validate-prompt <path>
+nimicoding validate-worker-output <path>
+nimicoding validate-acceptance <path>
+```
+
+CLI 概念总览：<https://docs.nimi.ai/nimicoding/cli>
+字段级 reference：<https://docs.nimi.ai/nimicoding/reference/cli-commands>
+
+## 它和 X 是什么关系
+
+| | Cursor / Copilot / Claude Code | Lint / TDD / Code review | Nimi Coding |
+| --- | --- | --- | --- |
+| 写代码 | ✅ | ❌ | **❌** |
+| 抓局部 bug | 部分 | ✅ | n/a |
+| 抓权威漂移 | ❌ | ❌ | **✅** |
+| 抓消费方闭合失败 | ❌ | ❌ | **✅** |
+| 厂商绑定 | 有（按工具） | 无 | **无——host-agnostic** |
+| 跨 AI 会话的审计轨迹 | 聊天记录 | PR 评论 | **`.nimi/**` 下的强类型证据** |
+
+Nimi Coding 坐在你已经用的 AI host *底下*。它是让 AI 做完的工作从"看起来完成"晋升到"四维闭合、有证据"的机器装置。
+
+## 仓库结构
+
+| 路径 | 用途 |
+| --- | --- |
+| `bin/nimicoding.mjs` | 可执行的包二进制 |
+| `cli/**` | CLI 实现 |
+| `config/**` | 包内自有的 bootstrap 与 host profile 源 |
+| `contracts/**` | 包内自有的机器可读 schema 与契约 |
+| `methodology/**` | 包内自有的方法论源（policy） |
+| `spec/**` | bootstrap spec 种子和包 scope 源 |
+| `adapters/**` | 外部 host 适配器 profile overlay（例如 `oh-my-codex`） |
+| `test/**` | Node 测试套件与 fixture |
+
+被采纳的项目使用 `.nimi/**` 作为投影层。这个仓库自身把包内自有源直接放在 `config/**`、`contracts/**`、`methodology/**`、`spec/**` 下。
+
+## 开发
+
+```bash
+pnpm install
+pnpm test           # 跑 node:test 套件（0.2.1 共 329 用例）
+pnpm check:pack     # npm pack --dry-run
+pnpm check:ci       # test + pack + CLI help/version smoke
+```
+
+本地 CLI smoke：
+
+```bash
+node ./bin/nimicoding.mjs --version
+node ./bin/nimicoding.mjs --help
+```
+
+提交 PR 前请读 [CONTRIBUTING.md](CONTRIBUTING.md)。简版要求：改动有边界、守住 host-agnostic 边界、除非方法论合同显式重设计否则不引入运行时所有权、自称完成前跑过相关测试。
+
+## 发布
+
+Release 由 tag 触发 GitHub Actions。一个 `vX.Y.Z` tag 在 test、pack dry-run、CLI smoke 都通过后，发布与 `package.json` 版本相匹配的包。Workflow 也支持手动的 dry-run release 闸门。
+
+包以启用 npm provenance 发布。
+
+## 安全
+
+不要在公开 GitHub issue 里披露漏洞。请走私密渠道：
+
+- GitHub 私密安全公告：[`nimiplatform/nimi-coding`](https://github.com/nimiplatform/nimi-coding/security/advisories/new)
+- `security@nimi.ai`
+
+支持的上报路径见 [SECURITY.md](SECURITY.md)。
+
+## 文档
+
+完整读者文档：<https://docs.nimi.ai/nimicoding>，包括：
+
+- [The Paradigm](https://docs.nimi.ai/nimicoding/the-paradigm)
+- [Four Closures](https://docs.nimi.ai/nimicoding/four-closures)
+- [False Closure Typology](https://docs.nimi.ai/nimicoding/false-closure-typology)
+- [Forbidden Shortcuts](https://docs.nimi.ai/nimicoding/forbidden-shortcuts)
+- [Role Separation](https://docs.nimi.ai/nimicoding/role-separation)
+- [Topic Lifecycle](https://docs.nimi.ai/nimicoding/topic-lifecycle)
+- [The Package](https://docs.nimi.ai/nimicoding/the-package)
+- [CLI Surface](https://docs.nimi.ai/nimicoding/cli)
+- [Installation](https://docs.nimi.ai/nimicoding/installation)
+- [Adoption Path](https://docs.nimi.ai/nimicoding/adoption-path)
+- [Comparison](https://docs.nimi.ai/nimicoding/comparison)
+- [Walkthrough](https://docs.nimi.ai/nimicoding/walkthrough)
+
+## 许可
+
+MIT。见 [LICENSE](LICENSE)。

package/SECURITY.md

@@ -0,0 +1,26 @@
+# Security Policy
+
+## Supported Versions
+
+Security fixes target the latest published version of
+`@nimiplatform/nimi-coding`.
+
+## Reporting A Vulnerability
+
+Do not disclose vulnerabilities in public GitHub issues.
+
+Use one of these private channels:
+
+- GitHub private security advisory for
+  `https://github.com/nimiplatform/nimi-coding/security/advisories/new`
+- `security@nimi.ai`
+
+Please include:
+
+- affected version or commit
+- reproduction steps
+- expected impact
+- any relevant logs, payloads, or proof-of-concept material
+
+We will acknowledge valid reports privately and coordinate disclosure after a
+fix or mitigation is available.

package/cli/constants.mjs

@@ -1,4 +1,4 @@
-export const VERSION = "0.2.0";
+export const VERSION = "0.2.1";
 export const PACKAGE_NAME = "@nimiplatform/nimi-coding";
 export const BOOTSTRAP_CONTRACT_ID = "nimicoding.bootstrap";
 export const BOOTSTRAP_CONTRACT_VERSION = 1;

package/config/bootstrap.yaml

@@ -1,6 +1,6 @@
 version: 1
 initialized_by: "@nimiplatform/nimi-coding"
-cli_version: "0.2.0"
+cli_version: "0.2.1"
 bootstrap_contract: "nimicoding.bootstrap"
 bootstrap_contract_version: 1
 profile: default

package/contracts/table-family.schema.yaml

@@ -23,6 +23,7 @@ table_family_enum:
   - protocol_surface
   - owner_matrix
   - product_catalog
+  - gate_registry
   - support_registry
 authority_class_enum:
   - product_authority_table
@@ -53,6 +54,11 @@ table_families:
     required_fields: [table_family, owner, catalog_id, entries]
     allowed_fields: [description, authority_refs, id, name, semantics, owner]
     forbidden_fields: [done, covered, coverage_status, audit_date, evidence_report, current, proposed, backlog_status, migration_status, mapping_status, run_id, ledger_ref]
+  - table_family: gate_registry
+    authority_class: product_authority_table
+    required_fields: [table_family, owner, registry_id, schema_version, registry_version, profile_id, tiers, targets, reason_codes, gates]
+    allowed_fields: [description, authority_refs, id, command, tier, target, prerequisite, evidence, blocker_semantics]
+    forbidden_fields: [done, covered, coverage_status, audit_date, evidence_report, current, proposed, backlog_status, migration_status, mapping_status, run_id, ledger_ref]
   - table_family: support_registry
     authority_class: support_registry
     required_fields: [table_family, registry_id, owner, schema_ref, allowed_fields, forbidden_state_fields, entries]
@@ -112,3 +118,4 @@ semantic_constraints:
   - lifecycle_state_and_audit_coverage_must_move_local
   - unknown_table_family_fails_closed
   - product_authority_table_rows_must_define_stable_product_facts
+  - release_gate_registry_must_use_gate_registry_family_not_closed_enum

package/package.json

@@ -1,13 +1,21 @@
 {
   "name": "@nimiplatform/nimi-coding",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "private": false,
   "description": "AI-native coding governance toolkit for bootstrapping .nimi/** into arbitrary projects.",
   "license": "MIT",
+  "homepage": "https://docs.nimi.ai/nimicoding",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/nimiplatform/nimi-coding.git"
   },
+  "bugs": {
+    "url": "https://github.com/nimiplatform/nimi-coding/issues"
+  },
+  "funding": {
+    "type": "github",
+    "url": "https://github.com/sponsors/nimiplatform"
+  },
   "type": "module",
   "publishConfig": {
     "access": "public",
@@ -42,10 +50,16 @@
     "methodology",
     "spec",
     "README.md",
+    "README.zh-CN.md",
+    "CHANGELOG.md",
+    "CONTRIBUTING.md",
+    "SECURITY.md",
+    "CODE_OF_CONDUCT.md",
     "LICENSE"
   ],
   "scripts": {
     "test": "NIMICODING_LANG=en NO_COLOR=1 node --test",
+    "check:ci": "pnpm test && pnpm check:pack && node ./bin/nimicoding.mjs --help >/dev/null && node ./bin/nimicoding.mjs --version >/dev/null",
     "check:pack": "npm pack --dry-run"
   }
 }