@t275005746/gse 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/ISSUE_TEMPLATE/bug_report.yml +42 -42
- package/.github/ISSUE_TEMPLATE/change_request.yml +50 -50
- package/.github/ISSUE_TEMPLATE/config.yml +5 -5
- package/.github/PULL_REQUEST_TEMPLATE.md +38 -38
- package/.github/workflows/validate-gse.yml +33 -33
- package/.gse/README.md +18 -18
- package/.gse/gse-development-protocol.md +50 -50
- package/.gse/project-profile.md +29 -29
- package/.gse/quality-gates.md +25 -25
- package/.gse/releases/public-registry-publication-npm.md +49 -0
- package/.gse/releases/public-release-owner-required.md +65 -65
- package/.gse/releases/public-security-contact-owner-required.md +45 -45
- package/.gse/state.json +3 -4
- package/CHANGELOG.md +24 -24
- package/CONTRIBUTING.md +64 -64
- package/LICENSE +21 -21
- package/README.md +1 -1
- package/README.zh-CN.md +1 -1
- package/SECURITY.md +41 -41
- package/SUPPORT.md +38 -38
- package/assets/marketplace/README.md +7 -7
- package/assets/marketplace/gse-listing.json +75 -75
- package/assets/templates/acceptance-execution-packet.md +73 -73
- package/assets/templates/adr.md +14 -14
- package/assets/templates/change-brief.md +16 -16
- package/assets/templates/design.md +18 -18
- package/assets/templates/dispatch-packet.md +104 -104
- package/assets/templates/evidence.md +14 -14
- package/assets/templates/execution-quality-pack.md +65 -65
- package/assets/templates/goal-map.md +21 -21
- package/assets/templates/host-adapter.md +48 -48
- package/assets/templates/host-ui-invocation-record.md +42 -42
- package/assets/templates/incident-review.md +60 -60
- package/assets/templates/public-channel-publication-record.md +49 -49
- package/assets/templates/public-ci-run-record.md +53 -53
- package/assets/templates/public-release-record.md +65 -65
- package/assets/templates/public-repository-settings-record.md +59 -59
- package/assets/templates/public-security-contact-record.md +45 -45
- package/assets/templates/release-trust-record.md +32 -32
- package/assets/templates/review.md +18 -18
- package/assets/templates/spec.md +16 -16
- package/assets/templates/target-adoption-evidence.md +29 -29
- package/assets/templates/tasks.md +17 -17
- package/assets/templates/update-release-acceptance-record.md +58 -58
- package/examples/README.md +22 -22
- package/examples/agent-runtime-host/.claude/gse-adapter.md +6 -6
- package/examples/agent-runtime-host/.codex/gse-adapter.md +7 -7
- package/examples/agent-runtime-host/.gse/goal-map.md +7 -7
- package/examples/agent-runtime-host/.gse/project-profile.md +27 -27
- package/examples/agent-runtime-host/.gse/tooling.md +5 -5
- package/examples/agent-runtime-host/.mcp.json +9 -9
- package/examples/agent-runtime-host/AGENTS.md +5 -5
- package/examples/agent-runtime-host/README.md +10 -10
- package/examples/agent-runtime-host/docs/model-routing.md +5 -5
- package/examples/cli-tool/.gse/project-profile.md +21 -21
- package/examples/cli-tool/AGENTS.md +5 -5
- package/examples/cli-tool/README.md +12 -12
- package/examples/cli-tool/package.json +21 -21
- package/examples/small-app/.env.example +2 -2
- package/examples/small-app/.github/workflows/ci.yml +8 -8
- package/examples/small-app/AGENTS.md +5 -5
- package/examples/small-app/README.md +12 -12
- package/examples/small-app/package.json +26 -26
- package/examples/small-app/playwright.config.ts +4 -4
- package/package.json +53 -53
- package/references/adoption-recipes.md +171 -171
- package/references/agent-roles.md +49 -49
- package/references/architecture-health.md +101 -101
- package/references/benchmark-audit.md +73 -73
- package/references/community-channels.md +46 -46
- package/references/compatibility.md +70 -70
- package/references/design-basis.md +38 -38
- package/references/domain-model.md +129 -129
- package/references/domain-quality-gates.md +75 -75
- package/references/drift-audit.md +81 -81
- package/references/evidence-taxonomy.md +123 -123
- package/references/file-ownership.md +107 -107
- package/references/final-readiness.md +84 -84
- package/references/forward-test.md +133 -133
- package/references/goal-map.md +36 -36
- package/references/host-adapters.md +119 -119
- package/references/learning-system.md +35 -35
- package/references/marketplace-discovery.md +46 -46
- package/references/model-routing.md +103 -103
- package/references/open-source-defaults.md +39 -39
- package/references/operating-model.md +52 -52
- package/references/packaging.md +277 -277
- package/references/project-agent-workspace.md +89 -89
- package/references/project-bootstrap.md +122 -122
- package/references/project-profile.md +57 -57
- package/references/public-release.md +174 -174
- package/references/quality-gates.md +100 -100
- package/references/recovery.md +176 -176
- package/references/release-trust.md +43 -43
- package/references/release.md +126 -126
- package/references/review.md +141 -141
- package/references/router.md +90 -90
- package/references/spec-workflow.md +66 -66
- package/references/task-levels.md +81 -81
- package/references/tool-adapters.md +73 -73
- package/scripts/audit-acceptance-execution-packet.mjs +133 -133
- package/scripts/audit-adoption-recipes.mjs +99 -99
- package/scripts/audit-change-lifecycle.mjs +77 -77
- package/scripts/audit-change-system.mjs +134 -134
- package/scripts/audit-ci-readiness.mjs +107 -107
- package/scripts/audit-close-gate.mjs +323 -323
- package/scripts/audit-command-adapters.mjs +91 -91
- package/scripts/audit-command-execution.mjs +210 -210
- package/scripts/audit-compatibility.mjs +149 -149
- package/scripts/audit-completion-readiness.mjs +292 -292
- package/scripts/audit-distribution.mjs +251 -251
- package/scripts/audit-domain-quality-gates.mjs +108 -108
- package/scripts/audit-evidence-placeholders.mjs +126 -126
- package/scripts/audit-final-readiness-promotion.mjs +255 -255
- package/scripts/audit-final-readiness.mjs +226 -226
- package/scripts/audit-fixtures.mjs +154 -154
- package/scripts/audit-fresh-session-readiness.mjs +177 -177
- package/scripts/audit-host-runtime-evidence-handoff.mjs +159 -159
- package/scripts/audit-host-runtime-invocation-drill.mjs +240 -240
- package/scripts/audit-host-runtime-invocations.mjs +254 -254
- package/scripts/audit-host-ui-invocation.mjs +132 -132
- package/scripts/audit-marketplace-discovery.mjs +122 -122
- package/scripts/audit-npm-package-metadata.mjs +155 -155
- package/scripts/audit-npm-publish-dry-run.mjs +191 -169
- package/scripts/audit-npm-tarball-install.mjs +191 -191
- package/scripts/audit-open-source-defaults.mjs +92 -92
- package/scripts/audit-open-source-readiness.mjs +97 -97
- package/scripts/audit-project.mjs +138 -138
- package/scripts/audit-public-acceptance-command-dry-run-drill.mjs +203 -203
- package/scripts/audit-public-acceptance-readiness.mjs +224 -224
- package/scripts/audit-public-channel-publication.mjs +248 -248
- package/scripts/audit-public-ci-run.mjs +184 -184
- package/scripts/audit-public-collaboration-templates.mjs +98 -98
- package/scripts/audit-public-external-gate-probe.mjs +206 -206
- package/scripts/audit-public-release-decision.mjs +201 -201
- package/scripts/audit-public-release-metadata.mjs +176 -176
- package/scripts/audit-public-repository-settings.mjs +237 -237
- package/scripts/audit-public-security-contact.mjs +171 -171
- package/scripts/audit-readme-docs.mjs +6 -4
- package/scripts/audit-recovery-readiness.mjs +98 -98
- package/scripts/audit-release-readiness.mjs +106 -106
- package/scripts/audit-release-trust.mjs +62 -62
- package/scripts/audit-remote-distribution.mjs +266 -266
- package/scripts/audit-roadmap-consistency.mjs +235 -235
- package/scripts/audit-signing.mjs +147 -147
- package/scripts/audit-state-freshness.mjs +14 -9
- package/scripts/audit-target-adoption-evidence.mjs +117 -117
- package/scripts/audit-target-project.mjs +507 -507
- package/scripts/audit-update-release-acceptance.mjs +136 -136
- package/scripts/audit-v1-target-validation.mjs +269 -269
- package/scripts/audit-validation-profiles.mjs +125 -125
- package/scripts/close-change.mjs +116 -116
- package/scripts/discover-project-profile.mjs +307 -307
- package/scripts/generate-command-adapter.mjs +231 -231
- package/scripts/generate-final-acceptance-packet.mjs +181 -181
- package/scripts/generate-final-form-progress-report.mjs +205 -205
- package/scripts/generate-host-runtime-evidence-handoff.mjs +206 -206
- package/scripts/generate-owner-external-gate-kit.mjs +295 -295
- package/scripts/generate-public-acceptance-handoff.mjs +168 -168
- package/scripts/generate-public-release-checklist.mjs +207 -207
- package/scripts/generate-release-bundle.mjs +505 -505
- package/scripts/generate-release-owner-action-plan.mjs +172 -172
- package/scripts/generate-release-status-manifest.mjs +200 -200
- package/scripts/generate-session-prompt.mjs +188 -188
- package/scripts/gse.mjs +67 -67
- package/scripts/init-change.mjs +265 -265
- package/scripts/init-project.mjs +785 -785
- package/scripts/install-gse.mjs +234 -234
- package/scripts/lib/evidence-placeholders.mjs +28 -28
- package/scripts/package-gse.mjs +174 -174
- package/scripts/probe-public-external-gates.mjs +167 -167
- package/scripts/record-host-invocation.mjs +151 -151
- package/scripts/record-public-channel-publication.mjs +178 -178
- package/scripts/record-public-ci-run.mjs +180 -180
- package/scripts/record-public-release.mjs +175 -175
- package/scripts/record-public-repository-settings.mjs +209 -209
- package/scripts/record-public-security-contact.mjs +157 -157
- package/scripts/sign-gse-package.mjs +83 -83
- package/scripts/update-project-state.mjs +223 -223
- package/scripts/verify-gse-package.mjs +85 -85
|
@@ -1,65 +1,65 @@
|
|
|
1
|
-
# Execution Quality Pack
|
|
2
|
-
|
|
3
|
-
Use this when a change needs explicit execution skills, tool routing, quality gates, and review boundaries.
|
|
4
|
-
|
|
5
|
-
## Task Profile
|
|
6
|
-
|
|
7
|
-
- Level: lite | standard | enterprise
|
|
8
|
-
- Change type:
|
|
9
|
-
- User-visible impact:
|
|
10
|
-
- Data/security/release impact:
|
|
11
|
-
|
|
12
|
-
## Required Skills Or Roles
|
|
13
|
-
|
|
14
|
-
| Role / Skill | Purpose | Required | Evidence |
|
|
15
|
-
|---|---|---|---|
|
|
16
|
-
| Coordinator | Scope, final judgment, integration | yes | plan/state/evidence |
|
|
17
|
-
| Code Locator | Files, symbols, existing tests | when code changes | search/LSP notes |
|
|
18
|
-
| Builder | Bounded implementation | when files change | diff + focused check |
|
|
19
|
-
| QA / Verification | Focused proof | yes | command/browser/API smoke |
|
|
20
|
-
| Reviewer | Spec, quality, architecture, security | risk-based | review notes |
|
|
21
|
-
|
|
22
|
-
## Tool Routing
|
|
23
|
-
|
|
24
|
-
| Tool | Use When | Status | Fallback |
|
|
25
|
-
|---|---|---|---|
|
|
26
|
-
| rg / rg --files | Code and doc location | recommended | shell listing |
|
|
27
|
-
| LSP / index | Large or typed codebase | unknown | rg + existing tests |
|
|
28
|
-
| Browser / Playwright | UI or user-visible flow | unknown | component/API smoke plus notes |
|
|
29
|
-
| OpenSpec | Capability/API/state contract change | optional | .gse/changes/ markdown |
|
|
30
|
-
| Comet | Full lifecycle change | optional | GSE phase/status files |
|
|
31
|
-
| Superpowers | Complex staged execution/review | optional | GSE roles + quality gates |
|
|
32
|
-
| Subagents | Parallel bounded work | unknown | sequential role execution |
|
|
33
|
-
|
|
34
|
-
## Quality Gates Selected
|
|
35
|
-
|
|
36
|
-
```text
|
|
37
|
-
Universal:
|
|
38
|
-
Code:
|
|
39
|
-
UI:
|
|
40
|
-
API/state:
|
|
41
|
-
Security/privacy:
|
|
42
|
-
Performance/cost:
|
|
43
|
-
Resilience/recovery:
|
|
44
|
-
Release/operations:
|
|
45
|
-
```
|
|
46
|
-
|
|
47
|
-
## Evidence Plan
|
|
48
|
-
|
|
49
|
-
```text
|
|
50
|
-
Focused command:
|
|
51
|
-
Browser/API smoke:
|
|
52
|
-
Manual inspection:
|
|
53
|
-
Not run and why:
|
|
54
|
-
Evidence status: result | verified | accepted | not ready
|
|
55
|
-
```
|
|
56
|
-
|
|
57
|
-
## Review And Closure
|
|
58
|
-
|
|
59
|
-
- Spec compliance:
|
|
60
|
-
- Code quality:
|
|
61
|
-
- Architecture/ownership:
|
|
62
|
-
- Residual risk:
|
|
63
|
-
- Close gate command:
|
|
64
|
-
- Next action:
|
|
65
|
-
|
|
1
|
+
# Execution Quality Pack
|
|
2
|
+
|
|
3
|
+
Use this when a change needs explicit execution skills, tool routing, quality gates, and review boundaries.
|
|
4
|
+
|
|
5
|
+
## Task Profile
|
|
6
|
+
|
|
7
|
+
- Level: lite | standard | enterprise
|
|
8
|
+
- Change type:
|
|
9
|
+
- User-visible impact:
|
|
10
|
+
- Data/security/release impact:
|
|
11
|
+
|
|
12
|
+
## Required Skills Or Roles
|
|
13
|
+
|
|
14
|
+
| Role / Skill | Purpose | Required | Evidence |
|
|
15
|
+
|---|---|---|---|
|
|
16
|
+
| Coordinator | Scope, final judgment, integration | yes | plan/state/evidence |
|
|
17
|
+
| Code Locator | Files, symbols, existing tests | when code changes | search/LSP notes |
|
|
18
|
+
| Builder | Bounded implementation | when files change | diff + focused check |
|
|
19
|
+
| QA / Verification | Focused proof | yes | command/browser/API smoke |
|
|
20
|
+
| Reviewer | Spec, quality, architecture, security | risk-based | review notes |
|
|
21
|
+
|
|
22
|
+
## Tool Routing
|
|
23
|
+
|
|
24
|
+
| Tool | Use When | Status | Fallback |
|
|
25
|
+
|---|---|---|---|
|
|
26
|
+
| rg / rg --files | Code and doc location | recommended | shell listing |
|
|
27
|
+
| LSP / index | Large or typed codebase | unknown | rg + existing tests |
|
|
28
|
+
| Browser / Playwright | UI or user-visible flow | unknown | component/API smoke plus notes |
|
|
29
|
+
| OpenSpec | Capability/API/state contract change | optional | .gse/changes/ markdown |
|
|
30
|
+
| Comet | Full lifecycle change | optional | GSE phase/status files |
|
|
31
|
+
| Superpowers | Complex staged execution/review | optional | GSE roles + quality gates |
|
|
32
|
+
| Subagents | Parallel bounded work | unknown | sequential role execution |
|
|
33
|
+
|
|
34
|
+
## Quality Gates Selected
|
|
35
|
+
|
|
36
|
+
```text
|
|
37
|
+
Universal:
|
|
38
|
+
Code:
|
|
39
|
+
UI:
|
|
40
|
+
API/state:
|
|
41
|
+
Security/privacy:
|
|
42
|
+
Performance/cost:
|
|
43
|
+
Resilience/recovery:
|
|
44
|
+
Release/operations:
|
|
45
|
+
```
|
|
46
|
+
|
|
47
|
+
## Evidence Plan
|
|
48
|
+
|
|
49
|
+
```text
|
|
50
|
+
Focused command:
|
|
51
|
+
Browser/API smoke:
|
|
52
|
+
Manual inspection:
|
|
53
|
+
Not run and why:
|
|
54
|
+
Evidence status: result | verified | accepted | not ready
|
|
55
|
+
```
|
|
56
|
+
|
|
57
|
+
## Review And Closure
|
|
58
|
+
|
|
59
|
+
- Spec compliance:
|
|
60
|
+
- Code quality:
|
|
61
|
+
- Architecture/ownership:
|
|
62
|
+
- Residual risk:
|
|
63
|
+
- Close gate command:
|
|
64
|
+
- Next action:
|
|
65
|
+
|
|
@@ -1,21 +1,21 @@
|
|
|
1
|
-
# Goal Map
|
|
2
|
-
|
|
3
|
-
Updated: YYYY-MM-DD
|
|
4
|
-
|
|
5
|
-
## North Star
|
|
6
|
-
|
|
7
|
-
## Current Focus
|
|
8
|
-
|
|
9
|
-
- Priority:
|
|
10
|
-
- Active slice:
|
|
11
|
-
- Next action:
|
|
12
|
-
|
|
13
|
-
## Goal Nodes
|
|
14
|
-
|
|
15
|
-
| ID | Goal | Status | Priority | Evidence | Next Slice |
|
|
16
|
-
|---|---|---|---|---|---|
|
|
17
|
-
|
|
18
|
-
## Risks
|
|
19
|
-
|
|
20
|
-
## Next 3 Slices
|
|
21
|
-
|
|
1
|
+
# Goal Map
|
|
2
|
+
|
|
3
|
+
Updated: YYYY-MM-DD
|
|
4
|
+
|
|
5
|
+
## North Star
|
|
6
|
+
|
|
7
|
+
## Current Focus
|
|
8
|
+
|
|
9
|
+
- Priority:
|
|
10
|
+
- Active slice:
|
|
11
|
+
- Next action:
|
|
12
|
+
|
|
13
|
+
## Goal Nodes
|
|
14
|
+
|
|
15
|
+
| ID | Goal | Status | Priority | Evidence | Next Slice |
|
|
16
|
+
|---|---|---|---|---|---|
|
|
17
|
+
|
|
18
|
+
## Risks
|
|
19
|
+
|
|
20
|
+
## Next 3 Slices
|
|
21
|
+
|
|
@@ -1,48 +1,48 @@
|
|
|
1
|
-
# Host Adapter
|
|
2
|
-
|
|
3
|
-
## Host
|
|
4
|
-
|
|
5
|
-
- Name:
|
|
6
|
-
- Adapter path:
|
|
7
|
-
- Maintainer:
|
|
8
|
-
- Last checked:
|
|
9
|
-
|
|
10
|
-
## Source Of Truth
|
|
11
|
-
|
|
12
|
-
Portable workflow source: `.gse/`
|
|
13
|
-
|
|
14
|
-
Read first:
|
|
15
|
-
|
|
16
|
-
1. `.gse/project-profile.md`
|
|
17
|
-
2. `.gse/goal-map.md`
|
|
18
|
-
3. `.gse/quality-gates.md`
|
|
19
|
-
4. Relevant `.gse/changes/` or `.gse/evidence/` files
|
|
20
|
-
|
|
21
|
-
## Verified Capabilities
|
|
22
|
-
|
|
23
|
-
| Capability | Command/config | Status | Evidence |
|
|
24
|
-
|---|---|---|---|
|
|
25
|
-
| Project rules | - | unknown | - |
|
|
26
|
-
| Skills/commands | - | unknown | - |
|
|
27
|
-
| Subagents | - | unknown | - |
|
|
28
|
-
| MCP/tools | - | unknown | - |
|
|
29
|
-
| LSP/index | - | unknown | - |
|
|
30
|
-
| Browser/UI verification | - | unknown | - |
|
|
31
|
-
| CI/build/test | - | unknown | - |
|
|
32
|
-
|
|
33
|
-
## Host-Specific Start
|
|
34
|
-
|
|
35
|
-
Describe the shortest host-specific instruction that makes this host read `.gse/` first.
|
|
36
|
-
|
|
37
|
-
## Safety And Permissions
|
|
38
|
-
|
|
39
|
-
- Secrets:
|
|
40
|
-
- Write-capable tools:
|
|
41
|
-
- Destructive commands:
|
|
42
|
-
- Network/external services:
|
|
43
|
-
|
|
44
|
-
## Drift Check
|
|
45
|
-
|
|
46
|
-
- Check cadence:
|
|
47
|
-
- What must stay in `.gse/`:
|
|
48
|
-
- What may stay host-specific:
|
|
1
|
+
# Host Adapter
|
|
2
|
+
|
|
3
|
+
## Host
|
|
4
|
+
|
|
5
|
+
- Name:
|
|
6
|
+
- Adapter path:
|
|
7
|
+
- Maintainer:
|
|
8
|
+
- Last checked:
|
|
9
|
+
|
|
10
|
+
## Source Of Truth
|
|
11
|
+
|
|
12
|
+
Portable workflow source: `.gse/`
|
|
13
|
+
|
|
14
|
+
Read first:
|
|
15
|
+
|
|
16
|
+
1. `.gse/project-profile.md`
|
|
17
|
+
2. `.gse/goal-map.md`
|
|
18
|
+
3. `.gse/quality-gates.md`
|
|
19
|
+
4. Relevant `.gse/changes/` or `.gse/evidence/` files
|
|
20
|
+
|
|
21
|
+
## Verified Capabilities
|
|
22
|
+
|
|
23
|
+
| Capability | Command/config | Status | Evidence |
|
|
24
|
+
|---|---|---|---|
|
|
25
|
+
| Project rules | - | unknown | - |
|
|
26
|
+
| Skills/commands | - | unknown | - |
|
|
27
|
+
| Subagents | - | unknown | - |
|
|
28
|
+
| MCP/tools | - | unknown | - |
|
|
29
|
+
| LSP/index | - | unknown | - |
|
|
30
|
+
| Browser/UI verification | - | unknown | - |
|
|
31
|
+
| CI/build/test | - | unknown | - |
|
|
32
|
+
|
|
33
|
+
## Host-Specific Start
|
|
34
|
+
|
|
35
|
+
Describe the shortest host-specific instruction that makes this host read `.gse/` first.
|
|
36
|
+
|
|
37
|
+
## Safety And Permissions
|
|
38
|
+
|
|
39
|
+
- Secrets:
|
|
40
|
+
- Write-capable tools:
|
|
41
|
+
- Destructive commands:
|
|
42
|
+
- Network/external services:
|
|
43
|
+
|
|
44
|
+
## Drift Check
|
|
45
|
+
|
|
46
|
+
- Check cadence:
|
|
47
|
+
- What must stay in `.gse/`:
|
|
48
|
+
- What may stay host-specific:
|
|
@@ -1,42 +1,42 @@
|
|
|
1
|
-
# Host UI Invocation Record
|
|
2
|
-
|
|
3
|
-
Use this when a real host UI, slash-command runtime, command palette, plugin UI, or background-thread host invokes GSE.
|
|
4
|
-
|
|
5
|
-
## Host
|
|
6
|
-
|
|
7
|
-
- Host name:
|
|
8
|
-
- Host version:
|
|
9
|
-
- Project:
|
|
10
|
-
- Adapter path:
|
|
11
|
-
- Invocation method:
|
|
12
|
-
|
|
13
|
-
## Command
|
|
14
|
-
|
|
15
|
-
```text
|
|
16
|
-
/gse help
|
|
17
|
-
```
|
|
18
|
-
|
|
19
|
-
## Result
|
|
20
|
-
|
|
21
|
-
- Status: result | verified | accepted | failed
|
|
22
|
-
- Started at:
|
|
23
|
-
- Finished at:
|
|
24
|
-
- Evidence owner:
|
|
25
|
-
|
|
26
|
-
## Evidence
|
|
27
|
-
|
|
28
|
-
- Screenshot, transcript, thread id, terminal output, or host log:
|
|
29
|
-
- Files read by the host:
|
|
30
|
-
- Files written by the host:
|
|
31
|
-
- Verification command:
|
|
32
|
-
|
|
33
|
-
## Boundaries
|
|
34
|
-
|
|
35
|
-
- Does this prove native slash-command support? true | false | unknown
|
|
36
|
-
- Does this prove portable text-command routing only? true | false | unknown
|
|
37
|
-
- Does this rely on a generated pointer file? true | false | unknown
|
|
38
|
-
- Does this require owner acceptance before being called trusted? true | false | unknown
|
|
39
|
-
|
|
40
|
-
## Residual Risk
|
|
41
|
-
|
|
42
|
-
-
|
|
1
|
+
# Host UI Invocation Record
|
|
2
|
+
|
|
3
|
+
Use this when a real host UI, slash-command runtime, command palette, plugin UI, or background-thread host invokes GSE.
|
|
4
|
+
|
|
5
|
+
## Host
|
|
6
|
+
|
|
7
|
+
- Host name:
|
|
8
|
+
- Host version:
|
|
9
|
+
- Project:
|
|
10
|
+
- Adapter path:
|
|
11
|
+
- Invocation method:
|
|
12
|
+
|
|
13
|
+
## Command
|
|
14
|
+
|
|
15
|
+
```text
|
|
16
|
+
/gse help
|
|
17
|
+
```
|
|
18
|
+
|
|
19
|
+
## Result
|
|
20
|
+
|
|
21
|
+
- Status: result | verified | accepted | failed
|
|
22
|
+
- Started at:
|
|
23
|
+
- Finished at:
|
|
24
|
+
- Evidence owner:
|
|
25
|
+
|
|
26
|
+
## Evidence
|
|
27
|
+
|
|
28
|
+
- Screenshot, transcript, thread id, terminal output, or host log:
|
|
29
|
+
- Files read by the host:
|
|
30
|
+
- Files written by the host:
|
|
31
|
+
- Verification command:
|
|
32
|
+
|
|
33
|
+
## Boundaries
|
|
34
|
+
|
|
35
|
+
- Does this prove native slash-command support? true | false | unknown
|
|
36
|
+
- Does this prove portable text-command routing only? true | false | unknown
|
|
37
|
+
- Does this rely on a generated pointer file? true | false | unknown
|
|
38
|
+
- Does this require owner acceptance before being called trusted? true | false | unknown
|
|
39
|
+
|
|
40
|
+
## Residual Risk
|
|
41
|
+
|
|
42
|
+
-
|
|
@@ -1,60 +1,60 @@
|
|
|
1
|
-
# Incident Review
|
|
2
|
-
|
|
3
|
-
## Summary
|
|
4
|
-
|
|
5
|
-
- Incident title:
|
|
6
|
-
- Date/time range:
|
|
7
|
-
- Status: investigating | mitigated | resolved | follow-up
|
|
8
|
-
- Owner:
|
|
9
|
-
- Evidence status: result | verified | accepted
|
|
10
|
-
|
|
11
|
-
## Impact
|
|
12
|
-
|
|
13
|
-
- Affected users/systems:
|
|
14
|
-
- Severity:
|
|
15
|
-
- User-visible symptoms:
|
|
16
|
-
- Data/security/privacy impact:
|
|
17
|
-
- Release or rollback impact:
|
|
18
|
-
|
|
19
|
-
## Timeline
|
|
20
|
-
|
|
21
|
-
- Detected at:
|
|
22
|
-
- Mitigated at:
|
|
23
|
-
- Resolved at:
|
|
24
|
-
- Key events:
|
|
25
|
-
|
|
26
|
-
## Root Cause
|
|
27
|
-
|
|
28
|
-
- Direct cause:
|
|
29
|
-
- Contributing factors:
|
|
30
|
-
- Why existing gates missed it:
|
|
31
|
-
|
|
32
|
-
## What Detected It
|
|
33
|
-
|
|
34
|
-
- Signal, report, test, monitor, or user feedback:
|
|
35
|
-
- Detection gap:
|
|
36
|
-
|
|
37
|
-
## Stabilization
|
|
38
|
-
|
|
39
|
-
- Immediate action taken:
|
|
40
|
-
- Rollback, revert, or mitigation:
|
|
41
|
-
- Verification that stabilization worked:
|
|
42
|
-
|
|
43
|
-
## What Prevents Recurrence
|
|
44
|
-
|
|
45
|
-
- Prevention change:
|
|
46
|
-
- New or updated gate:
|
|
47
|
-
- Documentation, script, test, monitor, or ownership update:
|
|
48
|
-
|
|
49
|
-
## Action Items
|
|
50
|
-
|
|
51
|
-
| Action | Owner | Evidence needed | Due | Status |
|
|
52
|
-
|---|---|---|---|---|
|
|
53
|
-
| | | | | |
|
|
54
|
-
|
|
55
|
-
## Follow-Up Evidence
|
|
56
|
-
|
|
57
|
-
- Evidence log:
|
|
58
|
-
- Release/recovery record:
|
|
59
|
-
- Remaining risk:
|
|
60
|
-
- Next action:
|
|
1
|
+
# Incident Review
|
|
2
|
+
|
|
3
|
+
## Summary
|
|
4
|
+
|
|
5
|
+
- Incident title:
|
|
6
|
+
- Date/time range:
|
|
7
|
+
- Status: investigating | mitigated | resolved | follow-up
|
|
8
|
+
- Owner:
|
|
9
|
+
- Evidence status: result | verified | accepted
|
|
10
|
+
|
|
11
|
+
## Impact
|
|
12
|
+
|
|
13
|
+
- Affected users/systems:
|
|
14
|
+
- Severity:
|
|
15
|
+
- User-visible symptoms:
|
|
16
|
+
- Data/security/privacy impact:
|
|
17
|
+
- Release or rollback impact:
|
|
18
|
+
|
|
19
|
+
## Timeline
|
|
20
|
+
|
|
21
|
+
- Detected at:
|
|
22
|
+
- Mitigated at:
|
|
23
|
+
- Resolved at:
|
|
24
|
+
- Key events:
|
|
25
|
+
|
|
26
|
+
## Root Cause
|
|
27
|
+
|
|
28
|
+
- Direct cause:
|
|
29
|
+
- Contributing factors:
|
|
30
|
+
- Why existing gates missed it:
|
|
31
|
+
|
|
32
|
+
## What Detected It
|
|
33
|
+
|
|
34
|
+
- Signal, report, test, monitor, or user feedback:
|
|
35
|
+
- Detection gap:
|
|
36
|
+
|
|
37
|
+
## Stabilization
|
|
38
|
+
|
|
39
|
+
- Immediate action taken:
|
|
40
|
+
- Rollback, revert, or mitigation:
|
|
41
|
+
- Verification that stabilization worked:
|
|
42
|
+
|
|
43
|
+
## What Prevents Recurrence
|
|
44
|
+
|
|
45
|
+
- Prevention change:
|
|
46
|
+
- New or updated gate:
|
|
47
|
+
- Documentation, script, test, monitor, or ownership update:
|
|
48
|
+
|
|
49
|
+
## Action Items
|
|
50
|
+
|
|
51
|
+
| Action | Owner | Evidence needed | Due | Status |
|
|
52
|
+
|---|---|---|---|---|
|
|
53
|
+
| | | | | |
|
|
54
|
+
|
|
55
|
+
## Follow-Up Evidence
|
|
56
|
+
|
|
57
|
+
- Evidence log:
|
|
58
|
+
- Release/recovery record:
|
|
59
|
+
- Remaining risk:
|
|
60
|
+
- Next action:
|
|
@@ -1,49 +1,49 @@
|
|
|
1
|
-
# Public Channel Publication Record
|
|
2
|
-
|
|
3
|
-
Publication status: pending | accepted
|
|
4
|
-
|
|
5
|
-
Channel type: github-release | package-registry | marketplace | catalog | other
|
|
6
|
-
|
|
7
|
-
Channel name:
|
|
8
|
-
|
|
9
|
-
Channel URL:
|
|
10
|
-
|
|
11
|
-
Package or listing version:
|
|
12
|
-
|
|
13
|
-
Artifact digest:
|
|
14
|
-
|
|
15
|
-
Review or approval status:
|
|
16
|
-
|
|
17
|
-
Evidence owner:
|
|
18
|
-
|
|
19
|
-
Evidence date:
|
|
20
|
-
|
|
21
|
-
Evidence URL or run id:
|
|
22
|
-
|
|
23
|
-
## Verification
|
|
24
|
-
|
|
25
|
-
Verification command:
|
|
26
|
-
|
|
27
|
-
Verification result:
|
|
28
|
-
|
|
29
|
-
## Acceptance
|
|
30
|
-
|
|
31
|
-
Evidence status: pending | accepted
|
|
32
|
-
|
|
33
|
-
Accepted by:
|
|
34
|
-
|
|
35
|
-
Accepted at:
|
|
36
|
-
|
|
37
|
-
## Boundaries
|
|
38
|
-
|
|
39
|
-
- Does this prove public registry publication? true | false | unknown
|
|
40
|
-
- Does this prove marketplace approval? true | false | unknown
|
|
41
|
-
- Does this prove installability from the channel? true | false | unknown
|
|
42
|
-
|
|
43
|
-
## Residual Risk
|
|
44
|
-
|
|
45
|
-
-
|
|
46
|
-
|
|
47
|
-
## Next Action
|
|
48
|
-
|
|
49
|
-
-
|
|
1
|
+
# Public Channel Publication Record
|
|
2
|
+
|
|
3
|
+
Publication status: pending | accepted
|
|
4
|
+
|
|
5
|
+
Channel type: github-release | package-registry | marketplace | catalog | other
|
|
6
|
+
|
|
7
|
+
Channel name:
|
|
8
|
+
|
|
9
|
+
Channel URL:
|
|
10
|
+
|
|
11
|
+
Package or listing version:
|
|
12
|
+
|
|
13
|
+
Artifact digest:
|
|
14
|
+
|
|
15
|
+
Review or approval status:
|
|
16
|
+
|
|
17
|
+
Evidence owner:
|
|
18
|
+
|
|
19
|
+
Evidence date:
|
|
20
|
+
|
|
21
|
+
Evidence URL or run id:
|
|
22
|
+
|
|
23
|
+
## Verification
|
|
24
|
+
|
|
25
|
+
Verification command:
|
|
26
|
+
|
|
27
|
+
Verification result:
|
|
28
|
+
|
|
29
|
+
## Acceptance
|
|
30
|
+
|
|
31
|
+
Evidence status: pending | accepted
|
|
32
|
+
|
|
33
|
+
Accepted by:
|
|
34
|
+
|
|
35
|
+
Accepted at:
|
|
36
|
+
|
|
37
|
+
## Boundaries
|
|
38
|
+
|
|
39
|
+
- Does this prove public registry publication? true | false | unknown
|
|
40
|
+
- Does this prove marketplace approval? true | false | unknown
|
|
41
|
+
- Does this prove installability from the channel? true | false | unknown
|
|
42
|
+
|
|
43
|
+
## Residual Risk
|
|
44
|
+
|
|
45
|
+
-
|
|
46
|
+
|
|
47
|
+
## Next Action
|
|
48
|
+
|
|
49
|
+
-
|
|
@@ -1,53 +1,53 @@
|
|
|
1
|
-
# Public CI Run Record
|
|
2
|
-
|
|
3
|
-
Repository URL:
|
|
4
|
-
|
|
5
|
-
Workflow name:
|
|
6
|
-
|
|
7
|
-
Workflow file:
|
|
8
|
-
|
|
9
|
-
Run URL:
|
|
10
|
-
|
|
11
|
-
Run status: pending | accepted
|
|
12
|
-
|
|
13
|
-
Run conclusion: pending | success | failure | cancelled | skipped | timed_out | unknown
|
|
14
|
-
|
|
15
|
-
Commit SHA:
|
|
16
|
-
|
|
17
|
-
Branch:
|
|
18
|
-
|
|
19
|
-
Required checks:
|
|
20
|
-
|
|
21
|
-
Evidence owner:
|
|
22
|
-
|
|
23
|
-
Evidence date:
|
|
24
|
-
|
|
25
|
-
Evidence URL or run id:
|
|
26
|
-
|
|
27
|
-
## Verification
|
|
28
|
-
|
|
29
|
-
Verification command:
|
|
30
|
-
|
|
31
|
-
Verification result:
|
|
32
|
-
|
|
33
|
-
## Acceptance
|
|
34
|
-
|
|
35
|
-
Evidence status: pending | accepted
|
|
36
|
-
|
|
37
|
-
Accepted by:
|
|
38
|
-
|
|
39
|
-
Accepted at:
|
|
40
|
-
|
|
41
|
-
## Boundaries
|
|
42
|
-
|
|
43
|
-
- Does this prove a public CI run?
|
|
44
|
-
- Does this prove required checks passed?
|
|
45
|
-
- Does this prove the current release commit?
|
|
46
|
-
|
|
47
|
-
## Residual Risk
|
|
48
|
-
|
|
49
|
-
-
|
|
50
|
-
|
|
51
|
-
## Next Action
|
|
52
|
-
|
|
53
|
-
-
|
|
1
|
+
# Public CI Run Record
|
|
2
|
+
|
|
3
|
+
Repository URL:
|
|
4
|
+
|
|
5
|
+
Workflow name:
|
|
6
|
+
|
|
7
|
+
Workflow file:
|
|
8
|
+
|
|
9
|
+
Run URL:
|
|
10
|
+
|
|
11
|
+
Run status: pending | accepted
|
|
12
|
+
|
|
13
|
+
Run conclusion: pending | success | failure | cancelled | skipped | timed_out | unknown
|
|
14
|
+
|
|
15
|
+
Commit SHA:
|
|
16
|
+
|
|
17
|
+
Branch:
|
|
18
|
+
|
|
19
|
+
Required checks:
|
|
20
|
+
|
|
21
|
+
Evidence owner:
|
|
22
|
+
|
|
23
|
+
Evidence date:
|
|
24
|
+
|
|
25
|
+
Evidence URL or run id:
|
|
26
|
+
|
|
27
|
+
## Verification
|
|
28
|
+
|
|
29
|
+
Verification command:
|
|
30
|
+
|
|
31
|
+
Verification result:
|
|
32
|
+
|
|
33
|
+
## Acceptance
|
|
34
|
+
|
|
35
|
+
Evidence status: pending | accepted
|
|
36
|
+
|
|
37
|
+
Accepted by:
|
|
38
|
+
|
|
39
|
+
Accepted at:
|
|
40
|
+
|
|
41
|
+
## Boundaries
|
|
42
|
+
|
|
43
|
+
- Does this prove a public CI run?
|
|
44
|
+
- Does this prove required checks passed?
|
|
45
|
+
- Does this prove the current release commit?
|
|
46
|
+
|
|
47
|
+
## Residual Risk
|
|
48
|
+
|
|
49
|
+
-
|
|
50
|
+
|
|
51
|
+
## Next Action
|
|
52
|
+
|
|
53
|
+
-
|