@t275005746/gse 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (180) hide show
  1. package/.github/ISSUE_TEMPLATE/bug_report.yml +42 -42
  2. package/.github/ISSUE_TEMPLATE/change_request.yml +50 -50
  3. package/.github/ISSUE_TEMPLATE/config.yml +5 -5
  4. package/.github/PULL_REQUEST_TEMPLATE.md +38 -38
  5. package/.github/workflows/validate-gse.yml +33 -33
  6. package/.gse/README.md +18 -18
  7. package/.gse/gse-development-protocol.md +50 -50
  8. package/.gse/project-profile.md +29 -29
  9. package/.gse/quality-gates.md +25 -25
  10. package/.gse/releases/public-registry-publication-npm.md +49 -0
  11. package/.gse/releases/public-release-owner-required.md +65 -65
  12. package/.gse/releases/public-security-contact-owner-required.md +45 -45
  13. package/.gse/state.json +3 -4
  14. package/CHANGELOG.md +24 -24
  15. package/CONTRIBUTING.md +64 -64
  16. package/LICENSE +21 -21
  17. package/README.md +1 -1
  18. package/README.zh-CN.md +1 -1
  19. package/SECURITY.md +41 -41
  20. package/SUPPORT.md +38 -38
  21. package/assets/marketplace/README.md +7 -7
  22. package/assets/marketplace/gse-listing.json +75 -75
  23. package/assets/templates/acceptance-execution-packet.md +73 -73
  24. package/assets/templates/adr.md +14 -14
  25. package/assets/templates/change-brief.md +16 -16
  26. package/assets/templates/design.md +18 -18
  27. package/assets/templates/dispatch-packet.md +104 -104
  28. package/assets/templates/evidence.md +14 -14
  29. package/assets/templates/execution-quality-pack.md +65 -65
  30. package/assets/templates/goal-map.md +21 -21
  31. package/assets/templates/host-adapter.md +48 -48
  32. package/assets/templates/host-ui-invocation-record.md +42 -42
  33. package/assets/templates/incident-review.md +60 -60
  34. package/assets/templates/public-channel-publication-record.md +49 -49
  35. package/assets/templates/public-ci-run-record.md +53 -53
  36. package/assets/templates/public-release-record.md +65 -65
  37. package/assets/templates/public-repository-settings-record.md +59 -59
  38. package/assets/templates/public-security-contact-record.md +45 -45
  39. package/assets/templates/release-trust-record.md +32 -32
  40. package/assets/templates/review.md +18 -18
  41. package/assets/templates/spec.md +16 -16
  42. package/assets/templates/target-adoption-evidence.md +29 -29
  43. package/assets/templates/tasks.md +17 -17
  44. package/assets/templates/update-release-acceptance-record.md +58 -58
  45. package/examples/README.md +22 -22
  46. package/examples/agent-runtime-host/.claude/gse-adapter.md +6 -6
  47. package/examples/agent-runtime-host/.codex/gse-adapter.md +7 -7
  48. package/examples/agent-runtime-host/.gse/goal-map.md +7 -7
  49. package/examples/agent-runtime-host/.gse/project-profile.md +27 -27
  50. package/examples/agent-runtime-host/.gse/tooling.md +5 -5
  51. package/examples/agent-runtime-host/.mcp.json +9 -9
  52. package/examples/agent-runtime-host/AGENTS.md +5 -5
  53. package/examples/agent-runtime-host/README.md +10 -10
  54. package/examples/agent-runtime-host/docs/model-routing.md +5 -5
  55. package/examples/cli-tool/.gse/project-profile.md +21 -21
  56. package/examples/cli-tool/AGENTS.md +5 -5
  57. package/examples/cli-tool/README.md +12 -12
  58. package/examples/cli-tool/package.json +21 -21
  59. package/examples/small-app/.env.example +2 -2
  60. package/examples/small-app/.github/workflows/ci.yml +8 -8
  61. package/examples/small-app/AGENTS.md +5 -5
  62. package/examples/small-app/README.md +12 -12
  63. package/examples/small-app/package.json +26 -26
  64. package/examples/small-app/playwright.config.ts +4 -4
  65. package/package.json +53 -53
  66. package/references/adoption-recipes.md +171 -171
  67. package/references/agent-roles.md +49 -49
  68. package/references/architecture-health.md +101 -101
  69. package/references/benchmark-audit.md +73 -73
  70. package/references/community-channels.md +46 -46
  71. package/references/compatibility.md +70 -70
  72. package/references/design-basis.md +38 -38
  73. package/references/domain-model.md +129 -129
  74. package/references/domain-quality-gates.md +75 -75
  75. package/references/drift-audit.md +81 -81
  76. package/references/evidence-taxonomy.md +123 -123
  77. package/references/file-ownership.md +107 -107
  78. package/references/final-readiness.md +84 -84
  79. package/references/forward-test.md +133 -133
  80. package/references/goal-map.md +36 -36
  81. package/references/host-adapters.md +119 -119
  82. package/references/learning-system.md +35 -35
  83. package/references/marketplace-discovery.md +46 -46
  84. package/references/model-routing.md +103 -103
  85. package/references/open-source-defaults.md +39 -39
  86. package/references/operating-model.md +52 -52
  87. package/references/packaging.md +277 -277
  88. package/references/project-agent-workspace.md +89 -89
  89. package/references/project-bootstrap.md +122 -122
  90. package/references/project-profile.md +57 -57
  91. package/references/public-release.md +174 -174
  92. package/references/quality-gates.md +100 -100
  93. package/references/recovery.md +176 -176
  94. package/references/release-trust.md +43 -43
  95. package/references/release.md +126 -126
  96. package/references/review.md +141 -141
  97. package/references/router.md +90 -90
  98. package/references/spec-workflow.md +66 -66
  99. package/references/task-levels.md +81 -81
  100. package/references/tool-adapters.md +73 -73
  101. package/scripts/audit-acceptance-execution-packet.mjs +133 -133
  102. package/scripts/audit-adoption-recipes.mjs +99 -99
  103. package/scripts/audit-change-lifecycle.mjs +77 -77
  104. package/scripts/audit-change-system.mjs +134 -134
  105. package/scripts/audit-ci-readiness.mjs +107 -107
  106. package/scripts/audit-close-gate.mjs +323 -323
  107. package/scripts/audit-command-adapters.mjs +91 -91
  108. package/scripts/audit-command-execution.mjs +210 -210
  109. package/scripts/audit-compatibility.mjs +149 -149
  110. package/scripts/audit-completion-readiness.mjs +292 -292
  111. package/scripts/audit-distribution.mjs +251 -251
  112. package/scripts/audit-domain-quality-gates.mjs +108 -108
  113. package/scripts/audit-evidence-placeholders.mjs +126 -126
  114. package/scripts/audit-final-readiness-promotion.mjs +255 -255
  115. package/scripts/audit-final-readiness.mjs +226 -226
  116. package/scripts/audit-fixtures.mjs +154 -154
  117. package/scripts/audit-fresh-session-readiness.mjs +177 -177
  118. package/scripts/audit-host-runtime-evidence-handoff.mjs +159 -159
  119. package/scripts/audit-host-runtime-invocation-drill.mjs +240 -240
  120. package/scripts/audit-host-runtime-invocations.mjs +254 -254
  121. package/scripts/audit-host-ui-invocation.mjs +132 -132
  122. package/scripts/audit-marketplace-discovery.mjs +122 -122
  123. package/scripts/audit-npm-package-metadata.mjs +155 -155
  124. package/scripts/audit-npm-publish-dry-run.mjs +191 -169
  125. package/scripts/audit-npm-tarball-install.mjs +191 -191
  126. package/scripts/audit-open-source-defaults.mjs +92 -92
  127. package/scripts/audit-open-source-readiness.mjs +97 -97
  128. package/scripts/audit-project.mjs +138 -138
  129. package/scripts/audit-public-acceptance-command-dry-run-drill.mjs +203 -203
  130. package/scripts/audit-public-acceptance-readiness.mjs +224 -224
  131. package/scripts/audit-public-channel-publication.mjs +248 -248
  132. package/scripts/audit-public-ci-run.mjs +184 -184
  133. package/scripts/audit-public-collaboration-templates.mjs +98 -98
  134. package/scripts/audit-public-external-gate-probe.mjs +206 -206
  135. package/scripts/audit-public-release-decision.mjs +201 -201
  136. package/scripts/audit-public-release-metadata.mjs +176 -176
  137. package/scripts/audit-public-repository-settings.mjs +237 -237
  138. package/scripts/audit-public-security-contact.mjs +171 -171
  139. package/scripts/audit-readme-docs.mjs +6 -4
  140. package/scripts/audit-recovery-readiness.mjs +98 -98
  141. package/scripts/audit-release-readiness.mjs +106 -106
  142. package/scripts/audit-release-trust.mjs +62 -62
  143. package/scripts/audit-remote-distribution.mjs +266 -266
  144. package/scripts/audit-roadmap-consistency.mjs +235 -235
  145. package/scripts/audit-signing.mjs +147 -147
  146. package/scripts/audit-state-freshness.mjs +14 -9
  147. package/scripts/audit-target-adoption-evidence.mjs +117 -117
  148. package/scripts/audit-target-project.mjs +507 -507
  149. package/scripts/audit-update-release-acceptance.mjs +136 -136
  150. package/scripts/audit-v1-target-validation.mjs +269 -269
  151. package/scripts/audit-validation-profiles.mjs +125 -125
  152. package/scripts/close-change.mjs +116 -116
  153. package/scripts/discover-project-profile.mjs +307 -307
  154. package/scripts/generate-command-adapter.mjs +231 -231
  155. package/scripts/generate-final-acceptance-packet.mjs +181 -181
  156. package/scripts/generate-final-form-progress-report.mjs +205 -205
  157. package/scripts/generate-host-runtime-evidence-handoff.mjs +206 -206
  158. package/scripts/generate-owner-external-gate-kit.mjs +295 -295
  159. package/scripts/generate-public-acceptance-handoff.mjs +168 -168
  160. package/scripts/generate-public-release-checklist.mjs +207 -207
  161. package/scripts/generate-release-bundle.mjs +505 -505
  162. package/scripts/generate-release-owner-action-plan.mjs +172 -172
  163. package/scripts/generate-release-status-manifest.mjs +200 -200
  164. package/scripts/generate-session-prompt.mjs +188 -188
  165. package/scripts/gse.mjs +67 -67
  166. package/scripts/init-change.mjs +265 -265
  167. package/scripts/init-project.mjs +785 -785
  168. package/scripts/install-gse.mjs +234 -234
  169. package/scripts/lib/evidence-placeholders.mjs +28 -28
  170. package/scripts/package-gse.mjs +174 -174
  171. package/scripts/probe-public-external-gates.mjs +167 -167
  172. package/scripts/record-host-invocation.mjs +151 -151
  173. package/scripts/record-public-channel-publication.mjs +178 -178
  174. package/scripts/record-public-ci-run.mjs +180 -180
  175. package/scripts/record-public-release.mjs +175 -175
  176. package/scripts/record-public-repository-settings.mjs +209 -209
  177. package/scripts/record-public-security-contact.mjs +157 -157
  178. package/scripts/sign-gse-package.mjs +83 -83
  179. package/scripts/update-project-state.mjs +223 -223
  180. package/scripts/verify-gse-package.mjs +85 -85
@@ -1,176 +1,176 @@
1
- # Recovery And Handoff
2
-
3
- Use this when work is interrupted, verification fails, a tool or runtime is unavailable, partial edits exist, release rollback may be needed, or a future agent must continue without relying on hidden context.
4
-
5
- Recovery and handoff are part of the evidence loop. The goal is to make the current state understandable, resumable, and reversible.
6
-
7
- ## Trigger Conditions
8
-
9
- Run this protocol when any of these are true:
10
-
11
- - A session is interrupted, refreshed, compacted, or handed to another agent or host.
12
- - A command, tool, MCP server, browser path, model route, subagent dispatch, or verification gate fails unexpectedly.
13
- - The worktree has partial edits, generated artifacts, dirty files, or uncertain ownership.
14
- - A release, migration, rollback, hotfix, incident, or compatibility issue is involved.
15
- - The current agent cannot finish safely within the active slice but has useful evidence or decisions to preserve.
16
- - The user asks to continue from another session, branch, host, or agent.
17
-
18
- Do not create a heavy handoff for a tiny completed edit that already has direct evidence and no residual risk.
19
-
20
- ## Failure Classification
21
-
22
- Classify the situation before deciding the next step.
23
-
24
- | Class | Meaning | Default action |
25
- |---|---|---|
26
- | recoverable failure | A command, test, tool, or assumption failed, but the path is still clear | Record failure, fix smallest cause, rerun focused evidence |
27
- | blocked work | Progress needs user input, missing credentials, unavailable external service, or unavailable required tool | Record blocker, preserve state, ask for the smallest required input |
28
- | rollback required | Current edits or release state are unsafe, misleading, or harmful | Stop new work, identify owned edits, follow project rollback policy |
29
- | handoff required | Another session, agent, host, branch, or future run must continue | Record goal, current state, changed files, evidence, risks, and next action |
30
- | incident recovery | Main path, data, security, privacy, release, or user-visible behavior is broken | Stabilize first, preserve evidence, route through release/incident gates |
31
-
32
- Never hide a failed check by reducing acceptance. Either fix it, mark it as residual risk, or move the slice to not ready.
33
-
34
- ## Resume Or Rollback Decision
35
-
36
- Choose one path and record why:
37
-
38
- - Resume: use when edits are scoped, evidence is trustworthy, and the next verification step is clear.
39
- - Repair: use when a known broken command, test, route, or doc can be fixed inside the current slice.
40
- - Roll back owned edits: use when the current changes are unsafe, contradict scope, or cannot be verified.
41
- - Preserve and hand off: use when meaningful progress exists but completion requires another session, role, host, or external condition.
42
- - Stop and ask: use when user input is required and any assumption would risk data, security, release, or product direction.
43
-
44
- Do not revert user work or unrelated dirty files. Use references/file-ownership.md before rollback or cleanup.
45
-
46
- ## Failed Verification Path
47
-
48
- When verification fails, do not reduce the acceptance bar to make the slice look complete.
49
-
50
- Use this sequence:
51
-
52
- 1. Preserve the failed command, status, and narrow failure reason.
53
- 2. Decide whether the failure invalidates the result, only blocks verification, or exposes unrelated existing risk.
54
- 3. Fix the smallest reusable artifact when the cause is inside the slice.
55
- 4. Re-run the same focused verification before adding new scope.
56
- 5. If the failure cannot be fixed in the slice, mark readiness `not ready` or `result`, record the blocker, and set the next action.
57
-
58
- If the failure concerns release, migration, rollback, public behavior, security/privacy, or data safety, route through `references/release.md` before claiming readiness.
59
-
60
- ## Release Recovery Path
61
-
62
- Use this when release validation, install/update handoff, migration, rollback, compatibility, or incident gates fail.
63
-
64
- Minimum release recovery record:
65
-
66
- ```text
67
- Release scope:
68
- Failed gate:
69
- Release level:
70
- Readiness after failure: not ready | result | verified | accepted
71
- What changed:
72
- What remains safe:
73
- Rollback or resume decision:
74
- Files or artifacts to revert:
75
- Verification to rerun:
76
- Owner or decision needed:
77
- Next action:
78
- ```
79
-
80
- Rules:
81
-
82
- - Do not call a release accepted while a required release gate is failing.
83
- - Prefer file-level revert for low-risk docs/scripts when ownership is clear.
84
- - For generated scaffolds, host adapters, state, schema, runtime config, or compatibility-impacting changes, document downstream regeneration or migration impact.
85
- - If rollback touches user or unrelated files, stop and use `references/file-ownership.md` before changing them.
86
-
87
- ## Incident Follow-Up Path
88
-
89
- Use `assets/templates/incident-review.md` when the recovery involves user-visible breakage, data loss/corruption risk, security/privacy risk, release blocker, repeated failed verification, or a broken main path.
90
-
91
- Incident follow-up must separate:
92
-
93
- - Impact and affected users/systems.
94
- - Timeline and detection signal.
95
- - Root cause and contributing factors.
96
- - Immediate stabilization.
97
- - Verification that proves stabilization.
98
- - Long-term prevention tasks.
99
- - Evidence links and owners.
100
-
101
- Do not turn every failed command into an incident. Use incident review only when the failure has product, release, safety, or repeated-process significance.
102
-
103
- ## Future-Agent Continuation Packet
104
-
105
- When work must continue elsewhere, provide a compact packet that a future agent can run without hidden memory:
106
-
107
- ```text
108
- Goal or spec:
109
- Active slice:
110
- Current evidence status:
111
- Changed files:
112
- Files intentionally untouched:
113
- Commands already run:
114
- Failed or unavailable tools:
115
- Release/recovery decision:
116
- Rollback notes:
117
- Next verification command:
118
- Next action:
119
- ```
120
-
121
- If the handoff is meant to prove fresh-session acceptance, use `references/forward-test.md` and record `accepted by: fresh-session` only after a separate session actually follows the packet.
122
-
123
- ## Minimum Recovery Record
124
-
125
- Use this compact format in evidence logs, handoffs, or final status:
126
-
127
- ```text
128
- Recovery class:
129
- Current objective:
130
- Current state:
131
- Changed files:
132
- Commands run:
133
- Failed or unavailable tools:
134
- Evidence that still holds:
135
- Evidence that is missing or weak:
136
- Rollback or resume decision:
137
- Risks:
138
- Next action:
139
- ```
140
-
141
- Keep command output short. Link to logs or evidence files instead of pasting noisy output.
142
-
143
- ## Handoff Requirements
144
-
145
- A future-agent handoff must include:
146
-
147
- - The active goal or spec and the current slice outcome.
148
- - Files changed and files intentionally left untouched.
149
- - Commands/tests/smokes already run and their result status.
150
- - Known blockers, assumptions, unavailable tools, and residual risk.
151
- - The next concrete action, not a vague instruction to investigate everything.
152
- - Any project-specific rules from `.gse/project-profile.md`, AGENTS.md, or host adapter notes that affected the work.
153
- - Whether the work is result, verified, accepted, blocked, rollback required, or not ready according to references/evidence-taxonomy.md.
154
-
155
- If real subagent tools are unavailable, say so. A sequential-role note or handoff is not real delegation.
156
-
157
- ## Verification After Recovery
158
-
159
- After resuming from recovery or handoff:
160
-
161
- - Re-read the controlling goal, current slice, and project rules before editing.
162
- - Inspect current files instead of trusting the handoff blindly.
163
- - Re-run the smallest focused evidence that proves the recovered path still works.
164
- - Reclassify readiness with references/evidence-taxonomy.md.
165
- - Update the evidence log with what changed since the handoff.
166
-
167
- If evidence changed or contradicted the handoff, prefer current-state evidence.
168
-
169
- ## Integration
170
-
171
- - Use references/file-ownership.md before reverting, moving, deleting, or cleaning files.
172
- - Use references/release.md when recovery affects release, rollback, migration, changelog/release notes, or release acceptance.
173
- - Use references/quality-gates.md when failed verification, cancellation, retry, or recovery behavior affects completion.
174
- - Use references/review.md when recovery changes code, shared workflow rules, release paths, security/privacy behavior, or user-visible product behavior.
175
- - Use references/forward-test.md when recovery or handoff rules become reusable GSE behavior that future agents must follow.
176
- - Use references/learning-system.md only for reusable lessons; do not log noisy transient failures.
1
+ # Recovery And Handoff
2
+
3
+ Use this when work is interrupted, verification fails, a tool or runtime is unavailable, partial edits exist, release rollback may be needed, or a future agent must continue without relying on hidden context.
4
+
5
+ Recovery and handoff are part of the evidence loop. The goal is to make the current state understandable, resumable, and reversible.
6
+
7
+ ## Trigger Conditions
8
+
9
+ Run this protocol when any of these are true:
10
+
11
+ - A session is interrupted, refreshed, compacted, or handed to another agent or host.
12
+ - A command, tool, MCP server, browser path, model route, subagent dispatch, or verification gate fails unexpectedly.
13
+ - The worktree has partial edits, generated artifacts, dirty files, or uncertain ownership.
14
+ - A release, migration, rollback, hotfix, incident, or compatibility issue is involved.
15
+ - The current agent cannot finish safely within the active slice but has useful evidence or decisions to preserve.
16
+ - The user asks to continue from another session, branch, host, or agent.
17
+
18
+ Do not create a heavy handoff for a tiny completed edit that already has direct evidence and no residual risk.
19
+
20
+ ## Failure Classification
21
+
22
+ Classify the situation before deciding the next step.
23
+
24
+ | Class | Meaning | Default action |
25
+ |---|---|---|
26
+ | recoverable failure | A command, test, tool, or assumption failed, but the path is still clear | Record failure, fix smallest cause, rerun focused evidence |
27
+ | blocked work | Progress needs user input, missing credentials, unavailable external service, or unavailable required tool | Record blocker, preserve state, ask for the smallest required input |
28
+ | rollback required | Current edits or release state are unsafe, misleading, or harmful | Stop new work, identify owned edits, follow project rollback policy |
29
+ | handoff required | Another session, agent, host, branch, or future run must continue | Record goal, current state, changed files, evidence, risks, and next action |
30
+ | incident recovery | Main path, data, security, privacy, release, or user-visible behavior is broken | Stabilize first, preserve evidence, route through release/incident gates |
31
+
32
+ Never hide a failed check by reducing acceptance. Either fix it, mark it as residual risk, or move the slice to not ready.
33
+
34
+ ## Resume Or Rollback Decision
35
+
36
+ Choose one path and record why:
37
+
38
+ - Resume: use when edits are scoped, evidence is trustworthy, and the next verification step is clear.
39
+ - Repair: use when a known broken command, test, route, or doc can be fixed inside the current slice.
40
+ - Roll back owned edits: use when the current changes are unsafe, contradict scope, or cannot be verified.
41
+ - Preserve and hand off: use when meaningful progress exists but completion requires another session, role, host, or external condition.
42
+ - Stop and ask: use when user input is required and any assumption would risk data, security, release, or product direction.
43
+
44
+ Do not revert user work or unrelated dirty files. Use references/file-ownership.md before rollback or cleanup.
45
+
46
+ ## Failed Verification Path
47
+
48
+ When verification fails, do not reduce the acceptance bar to make the slice look complete.
49
+
50
+ Use this sequence:
51
+
52
+ 1. Preserve the failed command, status, and narrow failure reason.
53
+ 2. Decide whether the failure invalidates the result, only blocks verification, or exposes unrelated existing risk.
54
+ 3. Fix the smallest reusable artifact when the cause is inside the slice.
55
+ 4. Re-run the same focused verification before adding new scope.
56
+ 5. If the failure cannot be fixed in the slice, mark readiness `not ready` or `result`, record the blocker, and set the next action.
57
+
58
+ If the failure concerns release, migration, rollback, public behavior, security/privacy, or data safety, route through `references/release.md` before claiming readiness.
59
+
60
+ ## Release Recovery Path
61
+
62
+ Use this when release validation, install/update handoff, migration, rollback, compatibility, or incident gates fail.
63
+
64
+ Minimum release recovery record:
65
+
66
+ ```text
67
+ Release scope:
68
+ Failed gate:
69
+ Release level:
70
+ Readiness after failure: not ready | result | verified | accepted
71
+ What changed:
72
+ What remains safe:
73
+ Rollback or resume decision:
74
+ Files or artifacts to revert:
75
+ Verification to rerun:
76
+ Owner or decision needed:
77
+ Next action:
78
+ ```
79
+
80
+ Rules:
81
+
82
+ - Do not call a release accepted while a required release gate is failing.
83
+ - Prefer file-level revert for low-risk docs/scripts when ownership is clear.
84
+ - For generated scaffolds, host adapters, state, schema, runtime config, or compatibility-impacting changes, document downstream regeneration or migration impact.
85
+ - If rollback touches user or unrelated files, stop and use `references/file-ownership.md` before changing them.
86
+
87
+ ## Incident Follow-Up Path
88
+
89
+ Use `assets/templates/incident-review.md` when the recovery involves user-visible breakage, data loss/corruption risk, security/privacy risk, release blocker, repeated failed verification, or a broken main path.
90
+
91
+ Incident follow-up must separate:
92
+
93
+ - Impact and affected users/systems.
94
+ - Timeline and detection signal.
95
+ - Root cause and contributing factors.
96
+ - Immediate stabilization.
97
+ - Verification that proves stabilization.
98
+ - Long-term prevention tasks.
99
+ - Evidence links and owners.
100
+
101
+ Do not turn every failed command into an incident. Use incident review only when the failure has product, release, safety, or repeated-process significance.
102
+
103
+ ## Future-Agent Continuation Packet
104
+
105
+ When work must continue elsewhere, provide a compact packet that a future agent can run without hidden memory:
106
+
107
+ ```text
108
+ Goal or spec:
109
+ Active slice:
110
+ Current evidence status:
111
+ Changed files:
112
+ Files intentionally untouched:
113
+ Commands already run:
114
+ Failed or unavailable tools:
115
+ Release/recovery decision:
116
+ Rollback notes:
117
+ Next verification command:
118
+ Next action:
119
+ ```
120
+
121
+ If the handoff is meant to prove fresh-session acceptance, use `references/forward-test.md` and record `accepted by: fresh-session` only after a separate session actually follows the packet.
122
+
123
+ ## Minimum Recovery Record
124
+
125
+ Use this compact format in evidence logs, handoffs, or final status:
126
+
127
+ ```text
128
+ Recovery class:
129
+ Current objective:
130
+ Current state:
131
+ Changed files:
132
+ Commands run:
133
+ Failed or unavailable tools:
134
+ Evidence that still holds:
135
+ Evidence that is missing or weak:
136
+ Rollback or resume decision:
137
+ Risks:
138
+ Next action:
139
+ ```
140
+
141
+ Keep command output short. Link to logs or evidence files instead of pasting noisy output.
142
+
143
+ ## Handoff Requirements
144
+
145
+ A future-agent handoff must include:
146
+
147
+ - The active goal or spec and the current slice outcome.
148
+ - Files changed and files intentionally left untouched.
149
+ - Commands/tests/smokes already run and their result status.
150
+ - Known blockers, assumptions, unavailable tools, and residual risk.
151
+ - The next concrete action, not a vague instruction to investigate everything.
152
+ - Any project-specific rules from `.gse/project-profile.md`, AGENTS.md, or host adapter notes that affected the work.
153
+ - Whether the work is result, verified, accepted, blocked, rollback required, or not ready according to references/evidence-taxonomy.md.
154
+
155
+ If real subagent tools are unavailable, say so. A sequential-role note or handoff is not real delegation.
156
+
157
+ ## Verification After Recovery
158
+
159
+ After resuming from recovery or handoff:
160
+
161
+ - Re-read the controlling goal, current slice, and project rules before editing.
162
+ - Inspect current files instead of trusting the handoff blindly.
163
+ - Re-run the smallest focused evidence that proves the recovered path still works.
164
+ - Reclassify readiness with references/evidence-taxonomy.md.
165
+ - Update the evidence log with what changed since the handoff.
166
+
167
+ If evidence changed or contradicted the handoff, prefer current-state evidence.
168
+
169
+ ## Integration
170
+
171
+ - Use references/file-ownership.md before reverting, moving, deleting, or cleaning files.
172
+ - Use references/release.md when recovery affects release, rollback, migration, changelog/release notes, or release acceptance.
173
+ - Use references/quality-gates.md when failed verification, cancellation, retry, or recovery behavior affects completion.
174
+ - Use references/review.md when recovery changes code, shared workflow rules, release paths, security/privacy behavior, or user-visible product behavior.
175
+ - Use references/forward-test.md when recovery or handoff rules become reusable GSE behavior that future agents must follow.
176
+ - Use references/learning-system.md only for reusable lessons; do not log noisy transient failures.
@@ -1,43 +1,43 @@
1
- # Release Trust
2
-
3
- Use this when preparing GSE for public, shared, or marketplace-style distribution.
4
-
5
- GSE signing mechanics prove that a package matches a signed manifest. They do not prove maintainer identity, public key custody, account security, or marketplace trust. Treat those as release governance.
6
-
7
- ## Required Release Trust Record
8
-
9
- For every public release, record:
10
-
11
- - Release label and package digest.
12
- - Public key fingerprint.
13
- - Maintainer or release owner.
14
- - Signing machine or signing environment.
15
- - Key custody location.
16
- - Rotation policy.
17
- - Revocation path if a key is compromised.
18
- - Verification command used by a fresh install.
19
- - Accepted by owner or release authority.
20
-
21
- Use `assets/templates/release-trust-record.md`.
22
-
23
- ## Key Custody Rules
24
-
25
- Key custody is a release owner responsibility.
26
-
27
- - Do not commit private keys.
28
- - Do not package private keys.
29
- - Do not generate production keys inside a temporary audit folder.
30
- - Store production private keys in a host secret store, hardware-backed key store, or explicitly approved private release environment.
31
- - Publish public keys and fingerprints with release notes.
32
- - Rotate keys when custody changes, maintainer access changes, or compromise is suspected.
33
- - Keep an owner-approved revocation note for retired keys.
34
-
35
- ## Verification Rules
36
-
37
- A release can claim:
38
-
39
- - `signed`: a package signature exists.
40
- - `verified`: `verify-gse-package.mjs` passes against the published public key.
41
- - `trusted`: signed and verified, with an owner-accepted release trust record.
42
-
43
- Do not claim `trusted` from signing alone.
1
+ # Release Trust
2
+
3
+ Use this when preparing GSE for public, shared, or marketplace-style distribution.
4
+
5
+ GSE signing mechanics prove that a package matches a signed manifest. They do not prove maintainer identity, public key custody, account security, or marketplace trust. Treat those as release governance.
6
+
7
+ ## Required Release Trust Record
8
+
9
+ For every public release, record:
10
+
11
+ - Release label and package digest.
12
+ - Public key fingerprint.
13
+ - Maintainer or release owner.
14
+ - Signing machine or signing environment.
15
+ - Key custody location.
16
+ - Rotation policy.
17
+ - Revocation path if a key is compromised.
18
+ - Verification command used by a fresh install.
19
+ - Accepted by owner or release authority.
20
+
21
+ Use `assets/templates/release-trust-record.md`.
22
+
23
+ ## Key Custody Rules
24
+
25
+ Key custody is a release owner responsibility.
26
+
27
+ - Do not commit private keys.
28
+ - Do not package private keys.
29
+ - Do not generate production keys inside a temporary audit folder.
30
+ - Store production private keys in a host secret store, hardware-backed key store, or explicitly approved private release environment.
31
+ - Publish public keys and fingerprints with release notes.
32
+ - Rotate keys when custody changes, maintainer access changes, or compromise is suspected.
33
+ - Keep an owner-approved revocation note for retired keys.
34
+
35
+ ## Verification Rules
36
+
37
+ A release can claim:
38
+
39
+ - `signed`: a package signature exists.
40
+ - `verified`: `verify-gse-package.mjs` passes against the published public key.
41
+ - `trusted`: signed and verified, with an owner-accepted release trust record.
42
+
43
+ Do not claim `trusted` from signing alone.