@t275005746/gse 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/ISSUE_TEMPLATE/bug_report.yml +42 -42
- package/.github/ISSUE_TEMPLATE/change_request.yml +50 -50
- package/.github/ISSUE_TEMPLATE/config.yml +5 -5
- package/.github/PULL_REQUEST_TEMPLATE.md +38 -38
- package/.github/workflows/validate-gse.yml +33 -33
- package/.gse/README.md +18 -18
- package/.gse/gse-development-protocol.md +50 -50
- package/.gse/project-profile.md +29 -29
- package/.gse/quality-gates.md +25 -25
- package/.gse/releases/public-registry-publication-npm.md +49 -0
- package/.gse/releases/public-release-owner-required.md +65 -65
- package/.gse/releases/public-security-contact-owner-required.md +45 -45
- package/.gse/state.json +3 -4
- package/CHANGELOG.md +24 -24
- package/CONTRIBUTING.md +64 -64
- package/LICENSE +21 -21
- package/README.md +1 -1
- package/README.zh-CN.md +1 -1
- package/SECURITY.md +41 -41
- package/SUPPORT.md +38 -38
- package/assets/marketplace/README.md +7 -7
- package/assets/marketplace/gse-listing.json +75 -75
- package/assets/templates/acceptance-execution-packet.md +73 -73
- package/assets/templates/adr.md +14 -14
- package/assets/templates/change-brief.md +16 -16
- package/assets/templates/design.md +18 -18
- package/assets/templates/dispatch-packet.md +104 -104
- package/assets/templates/evidence.md +14 -14
- package/assets/templates/execution-quality-pack.md +65 -65
- package/assets/templates/goal-map.md +21 -21
- package/assets/templates/host-adapter.md +48 -48
- package/assets/templates/host-ui-invocation-record.md +42 -42
- package/assets/templates/incident-review.md +60 -60
- package/assets/templates/public-channel-publication-record.md +49 -49
- package/assets/templates/public-ci-run-record.md +53 -53
- package/assets/templates/public-release-record.md +65 -65
- package/assets/templates/public-repository-settings-record.md +59 -59
- package/assets/templates/public-security-contact-record.md +45 -45
- package/assets/templates/release-trust-record.md +32 -32
- package/assets/templates/review.md +18 -18
- package/assets/templates/spec.md +16 -16
- package/assets/templates/target-adoption-evidence.md +29 -29
- package/assets/templates/tasks.md +17 -17
- package/assets/templates/update-release-acceptance-record.md +58 -58
- package/examples/README.md +22 -22
- package/examples/agent-runtime-host/.claude/gse-adapter.md +6 -6
- package/examples/agent-runtime-host/.codex/gse-adapter.md +7 -7
- package/examples/agent-runtime-host/.gse/goal-map.md +7 -7
- package/examples/agent-runtime-host/.gse/project-profile.md +27 -27
- package/examples/agent-runtime-host/.gse/tooling.md +5 -5
- package/examples/agent-runtime-host/.mcp.json +9 -9
- package/examples/agent-runtime-host/AGENTS.md +5 -5
- package/examples/agent-runtime-host/README.md +10 -10
- package/examples/agent-runtime-host/docs/model-routing.md +5 -5
- package/examples/cli-tool/.gse/project-profile.md +21 -21
- package/examples/cli-tool/AGENTS.md +5 -5
- package/examples/cli-tool/README.md +12 -12
- package/examples/cli-tool/package.json +21 -21
- package/examples/small-app/.env.example +2 -2
- package/examples/small-app/.github/workflows/ci.yml +8 -8
- package/examples/small-app/AGENTS.md +5 -5
- package/examples/small-app/README.md +12 -12
- package/examples/small-app/package.json +26 -26
- package/examples/small-app/playwright.config.ts +4 -4
- package/package.json +53 -53
- package/references/adoption-recipes.md +171 -171
- package/references/agent-roles.md +49 -49
- package/references/architecture-health.md +101 -101
- package/references/benchmark-audit.md +73 -73
- package/references/community-channels.md +46 -46
- package/references/compatibility.md +70 -70
- package/references/design-basis.md +38 -38
- package/references/domain-model.md +129 -129
- package/references/domain-quality-gates.md +75 -75
- package/references/drift-audit.md +81 -81
- package/references/evidence-taxonomy.md +123 -123
- package/references/file-ownership.md +107 -107
- package/references/final-readiness.md +84 -84
- package/references/forward-test.md +133 -133
- package/references/goal-map.md +36 -36
- package/references/host-adapters.md +119 -119
- package/references/learning-system.md +35 -35
- package/references/marketplace-discovery.md +46 -46
- package/references/model-routing.md +103 -103
- package/references/open-source-defaults.md +39 -39
- package/references/operating-model.md +52 -52
- package/references/packaging.md +277 -277
- package/references/project-agent-workspace.md +89 -89
- package/references/project-bootstrap.md +122 -122
- package/references/project-profile.md +57 -57
- package/references/public-release.md +174 -174
- package/references/quality-gates.md +100 -100
- package/references/recovery.md +176 -176
- package/references/release-trust.md +43 -43
- package/references/release.md +126 -126
- package/references/review.md +141 -141
- package/references/router.md +90 -90
- package/references/spec-workflow.md +66 -66
- package/references/task-levels.md +81 -81
- package/references/tool-adapters.md +73 -73
- package/scripts/audit-acceptance-execution-packet.mjs +133 -133
- package/scripts/audit-adoption-recipes.mjs +99 -99
- package/scripts/audit-change-lifecycle.mjs +77 -77
- package/scripts/audit-change-system.mjs +134 -134
- package/scripts/audit-ci-readiness.mjs +107 -107
- package/scripts/audit-close-gate.mjs +323 -323
- package/scripts/audit-command-adapters.mjs +91 -91
- package/scripts/audit-command-execution.mjs +210 -210
- package/scripts/audit-compatibility.mjs +149 -149
- package/scripts/audit-completion-readiness.mjs +292 -292
- package/scripts/audit-distribution.mjs +251 -251
- package/scripts/audit-domain-quality-gates.mjs +108 -108
- package/scripts/audit-evidence-placeholders.mjs +126 -126
- package/scripts/audit-final-readiness-promotion.mjs +255 -255
- package/scripts/audit-final-readiness.mjs +226 -226
- package/scripts/audit-fixtures.mjs +154 -154
- package/scripts/audit-fresh-session-readiness.mjs +177 -177
- package/scripts/audit-host-runtime-evidence-handoff.mjs +159 -159
- package/scripts/audit-host-runtime-invocation-drill.mjs +240 -240
- package/scripts/audit-host-runtime-invocations.mjs +254 -254
- package/scripts/audit-host-ui-invocation.mjs +132 -132
- package/scripts/audit-marketplace-discovery.mjs +122 -122
- package/scripts/audit-npm-package-metadata.mjs +155 -155
- package/scripts/audit-npm-publish-dry-run.mjs +191 -169
- package/scripts/audit-npm-tarball-install.mjs +191 -191
- package/scripts/audit-open-source-defaults.mjs +92 -92
- package/scripts/audit-open-source-readiness.mjs +97 -97
- package/scripts/audit-project.mjs +138 -138
- package/scripts/audit-public-acceptance-command-dry-run-drill.mjs +203 -203
- package/scripts/audit-public-acceptance-readiness.mjs +224 -224
- package/scripts/audit-public-channel-publication.mjs +248 -248
- package/scripts/audit-public-ci-run.mjs +184 -184
- package/scripts/audit-public-collaboration-templates.mjs +98 -98
- package/scripts/audit-public-external-gate-probe.mjs +206 -206
- package/scripts/audit-public-release-decision.mjs +201 -201
- package/scripts/audit-public-release-metadata.mjs +176 -176
- package/scripts/audit-public-repository-settings.mjs +237 -237
- package/scripts/audit-public-security-contact.mjs +171 -171
- package/scripts/audit-readme-docs.mjs +6 -4
- package/scripts/audit-recovery-readiness.mjs +98 -98
- package/scripts/audit-release-readiness.mjs +106 -106
- package/scripts/audit-release-trust.mjs +62 -62
- package/scripts/audit-remote-distribution.mjs +266 -266
- package/scripts/audit-roadmap-consistency.mjs +235 -235
- package/scripts/audit-signing.mjs +147 -147
- package/scripts/audit-state-freshness.mjs +14 -9
- package/scripts/audit-target-adoption-evidence.mjs +117 -117
- package/scripts/audit-target-project.mjs +507 -507
- package/scripts/audit-update-release-acceptance.mjs +136 -136
- package/scripts/audit-v1-target-validation.mjs +269 -269
- package/scripts/audit-validation-profiles.mjs +125 -125
- package/scripts/close-change.mjs +116 -116
- package/scripts/discover-project-profile.mjs +307 -307
- package/scripts/generate-command-adapter.mjs +231 -231
- package/scripts/generate-final-acceptance-packet.mjs +181 -181
- package/scripts/generate-final-form-progress-report.mjs +205 -205
- package/scripts/generate-host-runtime-evidence-handoff.mjs +206 -206
- package/scripts/generate-owner-external-gate-kit.mjs +295 -295
- package/scripts/generate-public-acceptance-handoff.mjs +168 -168
- package/scripts/generate-public-release-checklist.mjs +207 -207
- package/scripts/generate-release-bundle.mjs +505 -505
- package/scripts/generate-release-owner-action-plan.mjs +172 -172
- package/scripts/generate-release-status-manifest.mjs +200 -200
- package/scripts/generate-session-prompt.mjs +188 -188
- package/scripts/gse.mjs +67 -67
- package/scripts/init-change.mjs +265 -265
- package/scripts/init-project.mjs +785 -785
- package/scripts/install-gse.mjs +234 -234
- package/scripts/lib/evidence-placeholders.mjs +28 -28
- package/scripts/package-gse.mjs +174 -174
- package/scripts/probe-public-external-gates.mjs +167 -167
- package/scripts/record-host-invocation.mjs +151 -151
- package/scripts/record-public-channel-publication.mjs +178 -178
- package/scripts/record-public-ci-run.mjs +180 -180
- package/scripts/record-public-release.mjs +175 -175
- package/scripts/record-public-repository-settings.mjs +209 -209
- package/scripts/record-public-security-contact.mjs +157 -157
- package/scripts/sign-gse-package.mjs +83 -83
- package/scripts/update-project-state.mjs +223 -223
- package/scripts/verify-gse-package.mjs +85 -85
|
@@ -1,159 +1,159 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
import fs from 'node:fs'
|
|
3
|
-
import path from 'node:path'
|
|
4
|
-
import { mkdtempSync, rmSync } from 'node:fs'
|
|
5
|
-
import { tmpdir } from 'node:os'
|
|
6
|
-
import { spawnSync } from 'node:child_process'
|
|
7
|
-
|
|
8
|
-
const args = process.argv.slice(2)
|
|
9
|
-
|
|
10
|
-
function readArg(name, fallback = null) {
|
|
11
|
-
const index = args.indexOf(name)
|
|
12
|
-
if (index === -1) return fallback
|
|
13
|
-
return args[index + 1] ?? fallback
|
|
14
|
-
}
|
|
15
|
-
|
|
16
|
-
const root = path.resolve(readArg('--root', path.join(import.meta.dirname, '..')))
|
|
17
|
-
const jsonOnly = args.includes('--json')
|
|
18
|
-
|
|
19
|
-
function exists(relativePath) {
|
|
20
|
-
return fs.existsSync(path.join(root, relativePath))
|
|
21
|
-
}
|
|
22
|
-
|
|
23
|
-
function read(relativePath) {
|
|
24
|
-
const fullPath = path.join(root, relativePath)
|
|
25
|
-
return fs.existsSync(fullPath) ? fs.readFileSync(fullPath, 'utf8').replace(/^\uFEFF/, '') : ''
|
|
26
|
-
}
|
|
27
|
-
|
|
28
|
-
function run(command, commandArgs) {
|
|
29
|
-
const result = spawnSync(command, commandArgs, {
|
|
30
|
-
cwd: root,
|
|
31
|
-
encoding: 'utf8',
|
|
32
|
-
windowsHide: true,
|
|
33
|
-
})
|
|
34
|
-
return {
|
|
35
|
-
status: result.status ?? 1,
|
|
36
|
-
stdout: (result.stdout ?? '').trim(),
|
|
37
|
-
stderr: (result.stderr ?? '').trim(),
|
|
38
|
-
command: [command, ...commandArgs].join(' '),
|
|
39
|
-
}
|
|
40
|
-
}
|
|
41
|
-
|
|
42
|
-
function parseJson(stdout) {
|
|
43
|
-
try {
|
|
44
|
-
return JSON.parse(stdout)
|
|
45
|
-
} catch {
|
|
46
|
-
return null
|
|
47
|
-
}
|
|
48
|
-
}
|
|
49
|
-
|
|
50
|
-
function check(id, label, ok, evidence, risk = '') {
|
|
51
|
-
return { id, label, status: ok ? 'passed' : 'failed', evidence, risk }
|
|
52
|
-
}
|
|
53
|
-
|
|
54
|
-
const generator = read('scripts/generate-host-runtime-evidence-handoff.mjs')
|
|
55
|
-
const validate = read('scripts/validate-gse.mjs')
|
|
56
|
-
const skill = read('SKILL.md')
|
|
57
|
-
const releaseGenerator = read('scripts/generate-release-bundle.mjs')
|
|
58
|
-
const releaseAudit = read('scripts/audit-release-bundle.mjs')
|
|
59
|
-
const compatibility = read('references/compatibility.md')
|
|
60
|
-
const tmp = mkdtempSync(path.join(tmpdir(), 'gse-host-runtime-handoff-'))
|
|
61
|
-
const out = path.join(tmp, 'host-runtime-evidence-handoff.md')
|
|
62
|
-
const generated = exists('scripts/generate-host-runtime-evidence-handoff.mjs')
|
|
63
|
-
? run(process.execPath, [path.join(root, 'scripts', 'generate-host-runtime-evidence-handoff.mjs'), '--root', root, '--out', out, '--force', '--json'])
|
|
64
|
-
: null
|
|
65
|
-
const generatedData = generated ? parseJson(generated.stdout) : null
|
|
66
|
-
const handoff = fs.existsSync(out) ? fs.readFileSync(out, 'utf8') : ''
|
|
67
|
-
rmSync(tmp, { recursive: true, force: true })
|
|
68
|
-
|
|
69
|
-
const hostFamilies = [
|
|
70
|
-
'Codex-style',
|
|
71
|
-
'Claude Code-style',
|
|
72
|
-
'Hermes/AION-style runtime',
|
|
73
|
-
'WorkBuddy/other IDE agents',
|
|
74
|
-
'Copilot/Gemini-style assistants',
|
|
75
|
-
'Unknown or custom host',
|
|
76
|
-
]
|
|
77
|
-
const boundaries = [
|
|
78
|
-
'Do not claim native slash-command support',
|
|
79
|
-
'Do not claim a host is supported without a host runtime invocation record',
|
|
80
|
-
'subagents, MCP, LSP, browser tools, hooks, and plugins as host/session-specific',
|
|
81
|
-
]
|
|
82
|
-
const commands = [
|
|
83
|
-
'record-host-invocation.mjs',
|
|
84
|
-
'audit-host-runtime-invocations.mjs',
|
|
85
|
-
'audit-final-readiness.mjs',
|
|
86
|
-
'validate-gse.mjs',
|
|
87
|
-
]
|
|
88
|
-
const handoffUsesShellSafeCommandPlaceholders = !/record-host-invocation\.mjs[^\n`]*[<>]/.test(handoff) &&
|
|
89
|
-
!/audit-[a-z-]+\.mjs[^\n`]*[<>]/.test(handoff) &&
|
|
90
|
-
!/validate-gse\.mjs[^\n`]*[<>]/.test(handoff) &&
|
|
91
|
-
handoff.includes('__GSE_OR_PROJECT__') &&
|
|
92
|
-
handoff.includes('__PROJECT_OR_GSE__')
|
|
93
|
-
|
|
94
|
-
const checks = [
|
|
95
|
-
check('HRH01', 'host runtime evidence handoff generator exists', exists('scripts/generate-host-runtime-evidence-handoff.mjs'), 'scripts/generate-host-runtime-evidence-handoff.mjs'),
|
|
96
|
-
check('HRH02', 'generator uses runtime audit and compatibility matrix', generator.includes('audit-host-runtime-invocations.mjs') && generator.includes('references/compatibility.md'), 'generator inputs'),
|
|
97
|
-
check('HRH03', 'generator produces a handoff file', generated?.status === 0 && generatedData?.status === 'written' && handoff.length > 0, generated?.stderr || out),
|
|
98
|
-
check('HRH04', 'handoff covers core host families', hostFamilies.every((term) => handoff.includes(term)), hostFamilies.join(', ')),
|
|
99
|
-
check('HRH04b', 'handoff limits host evidence plan to host matrix rows', generatedData?.summary?.hostFamilies === hostFamilies.length, `${generatedData?.summary?.hostFamilies ?? 'unknown'} generated host family row(s)`),
|
|
100
|
-
check('HRH05', 'handoff includes executable record and verification commands', commands.every((term) => handoff.includes(term)), commands.join(', ')),
|
|
101
|
-
check('HRH06', 'handoff preserves anti-overclaim boundaries', boundaries.every((term) => handoff.includes(term)), boundaries.join(', ')),
|
|
102
|
-
check('HRH07', 'handoff reports current native and portable runtime evidence counts', handoff.includes('Native slash-command records:') && handoff.includes('Portable text-command records:'), 'current runtime evidence summary'),
|
|
103
|
-
check('HRH08', 'skill routes users to host runtime evidence handoff', skill.includes('generate-host-runtime-evidence-handoff.mjs'), 'SKILL.md'),
|
|
104
|
-
check('HRH09', 'consolidated validator includes host runtime handoff audit', validate.includes('audit-host-runtime-evidence-handoff.mjs'), 'scripts/validate-gse.mjs'),
|
|
105
|
-
check('HRH10', 'release bundle includes host runtime evidence handoff', releaseGenerator.includes('host-runtime-evidence-handoff.md') && releaseAudit.includes('host-runtime-evidence-handoff.md'), 'release bundle generator and audit'),
|
|
106
|
-
check('HRH11', 'compatibility matrix still distinguishes documented and verified host claims', compatibility.includes('Never upgrade a host capability from `documented` to `verified`') && compatibility.includes('Host Matrix'), 'references/compatibility.md'),
|
|
107
|
-
check('HRH12', 'handoff command placeholders are shell-safe', handoffUsesShellSafeCommandPlaceholders, 'record and verification commands use __PLACEHOLDER__ style, not <placeholder> shell redirection syntax'),
|
|
108
|
-
]
|
|
109
|
-
|
|
110
|
-
const passed = checks.filter((item) => item.status === 'passed').length
|
|
111
|
-
const failed = checks.length - passed
|
|
112
|
-
const report = {
|
|
113
|
-
root,
|
|
114
|
-
generatedAt: new Date().toISOString(),
|
|
115
|
-
summary: { status: failed === 0 ? 'passed' : 'failed', passed, failed, total: checks.length },
|
|
116
|
-
workflows: {
|
|
117
|
-
hostRuntimeEvidenceHandoff: failed === 0 ? 'verified' : 'failed',
|
|
118
|
-
nativeSlashCommandRecords: generatedData?.summary?.nativeSlashCommandRecords ?? 'unknown',
|
|
119
|
-
portableTextCommandRecords: generatedData?.summary?.portableTextCommandRecords ?? 'unknown',
|
|
120
|
-
},
|
|
121
|
-
limits: [
|
|
122
|
-
'This audit verifies handoff generation and claim boundaries only.',
|
|
123
|
-
'It does not create real runtime evidence for Claude Code, Hermes/AION-style runtimes, WorkBuddy, or native slash-command execution.',
|
|
124
|
-
],
|
|
125
|
-
checks,
|
|
126
|
-
}
|
|
127
|
-
|
|
128
|
-
function renderMarkdown(data) {
|
|
129
|
-
const lines = []
|
|
130
|
-
lines.push('# GSE Host Runtime Evidence Handoff Audit')
|
|
131
|
-
lines.push('')
|
|
132
|
-
lines.push('Generated: ' + data.generatedAt)
|
|
133
|
-
lines.push('Root: ' + data.root)
|
|
134
|
-
lines.push('')
|
|
135
|
-
lines.push('## Summary')
|
|
136
|
-
lines.push('')
|
|
137
|
-
lines.push('- Status: ' + data.summary.status)
|
|
138
|
-
lines.push('- Checks: ' + data.summary.passed + '/' + data.summary.total)
|
|
139
|
-
lines.push('- Host runtime evidence handoff: ' + data.workflows.hostRuntimeEvidenceHandoff)
|
|
140
|
-
lines.push('- Native slash-command records: ' + data.workflows.nativeSlashCommandRecords)
|
|
141
|
-
lines.push('- Portable text-command records: ' + data.workflows.portableTextCommandRecords)
|
|
142
|
-
lines.push('')
|
|
143
|
-
lines.push('## Checks')
|
|
144
|
-
lines.push('')
|
|
145
|
-
for (const item of data.checks) {
|
|
146
|
-
const marker = item.status === 'passed' ? '[x]' : '[ ]'
|
|
147
|
-
lines.push('- ' + marker + ' ' + item.id + ' ' + item.label + ': ' + item.evidence)
|
|
148
|
-
}
|
|
149
|
-
lines.push('')
|
|
150
|
-
lines.push('## Limits')
|
|
151
|
-
lines.push('')
|
|
152
|
-
for (const item of data.limits) lines.push('- ' + item)
|
|
153
|
-
return lines.join('\n') + '\n'
|
|
154
|
-
}
|
|
155
|
-
|
|
156
|
-
if (jsonOnly) console.log(JSON.stringify(report, null, 2))
|
|
157
|
-
else console.log(renderMarkdown(report))
|
|
158
|
-
|
|
159
|
-
if (failed > 0) process.exit(1)
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
import fs from 'node:fs'
|
|
3
|
+
import path from 'node:path'
|
|
4
|
+
import { mkdtempSync, rmSync } from 'node:fs'
|
|
5
|
+
import { tmpdir } from 'node:os'
|
|
6
|
+
import { spawnSync } from 'node:child_process'
|
|
7
|
+
|
|
8
|
+
const args = process.argv.slice(2)
|
|
9
|
+
|
|
10
|
+
function readArg(name, fallback = null) {
|
|
11
|
+
const index = args.indexOf(name)
|
|
12
|
+
if (index === -1) return fallback
|
|
13
|
+
return args[index + 1] ?? fallback
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
const root = path.resolve(readArg('--root', path.join(import.meta.dirname, '..')))
|
|
17
|
+
const jsonOnly = args.includes('--json')
|
|
18
|
+
|
|
19
|
+
function exists(relativePath) {
|
|
20
|
+
return fs.existsSync(path.join(root, relativePath))
|
|
21
|
+
}
|
|
22
|
+
|
|
23
|
+
function read(relativePath) {
|
|
24
|
+
const fullPath = path.join(root, relativePath)
|
|
25
|
+
return fs.existsSync(fullPath) ? fs.readFileSync(fullPath, 'utf8').replace(/^\uFEFF/, '') : ''
|
|
26
|
+
}
|
|
27
|
+
|
|
28
|
+
function run(command, commandArgs) {
|
|
29
|
+
const result = spawnSync(command, commandArgs, {
|
|
30
|
+
cwd: root,
|
|
31
|
+
encoding: 'utf8',
|
|
32
|
+
windowsHide: true,
|
|
33
|
+
})
|
|
34
|
+
return {
|
|
35
|
+
status: result.status ?? 1,
|
|
36
|
+
stdout: (result.stdout ?? '').trim(),
|
|
37
|
+
stderr: (result.stderr ?? '').trim(),
|
|
38
|
+
command: [command, ...commandArgs].join(' '),
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
|
|
42
|
+
function parseJson(stdout) {
|
|
43
|
+
try {
|
|
44
|
+
return JSON.parse(stdout)
|
|
45
|
+
} catch {
|
|
46
|
+
return null
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
|
|
50
|
+
function check(id, label, ok, evidence, risk = '') {
|
|
51
|
+
return { id, label, status: ok ? 'passed' : 'failed', evidence, risk }
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
const generator = read('scripts/generate-host-runtime-evidence-handoff.mjs')
|
|
55
|
+
const validate = read('scripts/validate-gse.mjs')
|
|
56
|
+
const skill = read('SKILL.md')
|
|
57
|
+
const releaseGenerator = read('scripts/generate-release-bundle.mjs')
|
|
58
|
+
const releaseAudit = read('scripts/audit-release-bundle.mjs')
|
|
59
|
+
const compatibility = read('references/compatibility.md')
|
|
60
|
+
const tmp = mkdtempSync(path.join(tmpdir(), 'gse-host-runtime-handoff-'))
|
|
61
|
+
const out = path.join(tmp, 'host-runtime-evidence-handoff.md')
|
|
62
|
+
const generated = exists('scripts/generate-host-runtime-evidence-handoff.mjs')
|
|
63
|
+
? run(process.execPath, [path.join(root, 'scripts', 'generate-host-runtime-evidence-handoff.mjs'), '--root', root, '--out', out, '--force', '--json'])
|
|
64
|
+
: null
|
|
65
|
+
const generatedData = generated ? parseJson(generated.stdout) : null
|
|
66
|
+
const handoff = fs.existsSync(out) ? fs.readFileSync(out, 'utf8') : ''
|
|
67
|
+
rmSync(tmp, { recursive: true, force: true })
|
|
68
|
+
|
|
69
|
+
const hostFamilies = [
|
|
70
|
+
'Codex-style',
|
|
71
|
+
'Claude Code-style',
|
|
72
|
+
'Hermes/AION-style runtime',
|
|
73
|
+
'WorkBuddy/other IDE agents',
|
|
74
|
+
'Copilot/Gemini-style assistants',
|
|
75
|
+
'Unknown or custom host',
|
|
76
|
+
]
|
|
77
|
+
const boundaries = [
|
|
78
|
+
'Do not claim native slash-command support',
|
|
79
|
+
'Do not claim a host is supported without a host runtime invocation record',
|
|
80
|
+
'subagents, MCP, LSP, browser tools, hooks, and plugins as host/session-specific',
|
|
81
|
+
]
|
|
82
|
+
const commands = [
|
|
83
|
+
'record-host-invocation.mjs',
|
|
84
|
+
'audit-host-runtime-invocations.mjs',
|
|
85
|
+
'audit-final-readiness.mjs',
|
|
86
|
+
'validate-gse.mjs',
|
|
87
|
+
]
|
|
88
|
+
const handoffUsesShellSafeCommandPlaceholders = !/record-host-invocation\.mjs[^\n`]*[<>]/.test(handoff) &&
|
|
89
|
+
!/audit-[a-z-]+\.mjs[^\n`]*[<>]/.test(handoff) &&
|
|
90
|
+
!/validate-gse\.mjs[^\n`]*[<>]/.test(handoff) &&
|
|
91
|
+
handoff.includes('__GSE_OR_PROJECT__') &&
|
|
92
|
+
handoff.includes('__PROJECT_OR_GSE__')
|
|
93
|
+
|
|
94
|
+
const checks = [
|
|
95
|
+
check('HRH01', 'host runtime evidence handoff generator exists', exists('scripts/generate-host-runtime-evidence-handoff.mjs'), 'scripts/generate-host-runtime-evidence-handoff.mjs'),
|
|
96
|
+
check('HRH02', 'generator uses runtime audit and compatibility matrix', generator.includes('audit-host-runtime-invocations.mjs') && generator.includes('references/compatibility.md'), 'generator inputs'),
|
|
97
|
+
check('HRH03', 'generator produces a handoff file', generated?.status === 0 && generatedData?.status === 'written' && handoff.length > 0, generated?.stderr || out),
|
|
98
|
+
check('HRH04', 'handoff covers core host families', hostFamilies.every((term) => handoff.includes(term)), hostFamilies.join(', ')),
|
|
99
|
+
check('HRH04b', 'handoff limits host evidence plan to host matrix rows', generatedData?.summary?.hostFamilies === hostFamilies.length, `${generatedData?.summary?.hostFamilies ?? 'unknown'} generated host family row(s)`),
|
|
100
|
+
check('HRH05', 'handoff includes executable record and verification commands', commands.every((term) => handoff.includes(term)), commands.join(', ')),
|
|
101
|
+
check('HRH06', 'handoff preserves anti-overclaim boundaries', boundaries.every((term) => handoff.includes(term)), boundaries.join(', ')),
|
|
102
|
+
check('HRH07', 'handoff reports current native and portable runtime evidence counts', handoff.includes('Native slash-command records:') && handoff.includes('Portable text-command records:'), 'current runtime evidence summary'),
|
|
103
|
+
check('HRH08', 'skill routes users to host runtime evidence handoff', skill.includes('generate-host-runtime-evidence-handoff.mjs'), 'SKILL.md'),
|
|
104
|
+
check('HRH09', 'consolidated validator includes host runtime handoff audit', validate.includes('audit-host-runtime-evidence-handoff.mjs'), 'scripts/validate-gse.mjs'),
|
|
105
|
+
check('HRH10', 'release bundle includes host runtime evidence handoff', releaseGenerator.includes('host-runtime-evidence-handoff.md') && releaseAudit.includes('host-runtime-evidence-handoff.md'), 'release bundle generator and audit'),
|
|
106
|
+
check('HRH11', 'compatibility matrix still distinguishes documented and verified host claims', compatibility.includes('Never upgrade a host capability from `documented` to `verified`') && compatibility.includes('Host Matrix'), 'references/compatibility.md'),
|
|
107
|
+
check('HRH12', 'handoff command placeholders are shell-safe', handoffUsesShellSafeCommandPlaceholders, 'record and verification commands use __PLACEHOLDER__ style, not <placeholder> shell redirection syntax'),
|
|
108
|
+
]
|
|
109
|
+
|
|
110
|
+
const passed = checks.filter((item) => item.status === 'passed').length
|
|
111
|
+
const failed = checks.length - passed
|
|
112
|
+
const report = {
|
|
113
|
+
root,
|
|
114
|
+
generatedAt: new Date().toISOString(),
|
|
115
|
+
summary: { status: failed === 0 ? 'passed' : 'failed', passed, failed, total: checks.length },
|
|
116
|
+
workflows: {
|
|
117
|
+
hostRuntimeEvidenceHandoff: failed === 0 ? 'verified' : 'failed',
|
|
118
|
+
nativeSlashCommandRecords: generatedData?.summary?.nativeSlashCommandRecords ?? 'unknown',
|
|
119
|
+
portableTextCommandRecords: generatedData?.summary?.portableTextCommandRecords ?? 'unknown',
|
|
120
|
+
},
|
|
121
|
+
limits: [
|
|
122
|
+
'This audit verifies handoff generation and claim boundaries only.',
|
|
123
|
+
'It does not create real runtime evidence for Claude Code, Hermes/AION-style runtimes, WorkBuddy, or native slash-command execution.',
|
|
124
|
+
],
|
|
125
|
+
checks,
|
|
126
|
+
}
|
|
127
|
+
|
|
128
|
+
function renderMarkdown(data) {
|
|
129
|
+
const lines = []
|
|
130
|
+
lines.push('# GSE Host Runtime Evidence Handoff Audit')
|
|
131
|
+
lines.push('')
|
|
132
|
+
lines.push('Generated: ' + data.generatedAt)
|
|
133
|
+
lines.push('Root: ' + data.root)
|
|
134
|
+
lines.push('')
|
|
135
|
+
lines.push('## Summary')
|
|
136
|
+
lines.push('')
|
|
137
|
+
lines.push('- Status: ' + data.summary.status)
|
|
138
|
+
lines.push('- Checks: ' + data.summary.passed + '/' + data.summary.total)
|
|
139
|
+
lines.push('- Host runtime evidence handoff: ' + data.workflows.hostRuntimeEvidenceHandoff)
|
|
140
|
+
lines.push('- Native slash-command records: ' + data.workflows.nativeSlashCommandRecords)
|
|
141
|
+
lines.push('- Portable text-command records: ' + data.workflows.portableTextCommandRecords)
|
|
142
|
+
lines.push('')
|
|
143
|
+
lines.push('## Checks')
|
|
144
|
+
lines.push('')
|
|
145
|
+
for (const item of data.checks) {
|
|
146
|
+
const marker = item.status === 'passed' ? '[x]' : '[ ]'
|
|
147
|
+
lines.push('- ' + marker + ' ' + item.id + ' ' + item.label + ': ' + item.evidence)
|
|
148
|
+
}
|
|
149
|
+
lines.push('')
|
|
150
|
+
lines.push('## Limits')
|
|
151
|
+
lines.push('')
|
|
152
|
+
for (const item of data.limits) lines.push('- ' + item)
|
|
153
|
+
return lines.join('\n') + '\n'
|
|
154
|
+
}
|
|
155
|
+
|
|
156
|
+
if (jsonOnly) console.log(JSON.stringify(report, null, 2))
|
|
157
|
+
else console.log(renderMarkdown(report))
|
|
158
|
+
|
|
159
|
+
if (failed > 0) process.exit(1)
|