@t275005746/gse 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (180) hide show
  1. package/.github/ISSUE_TEMPLATE/bug_report.yml +42 -42
  2. package/.github/ISSUE_TEMPLATE/change_request.yml +50 -50
  3. package/.github/ISSUE_TEMPLATE/config.yml +5 -5
  4. package/.github/PULL_REQUEST_TEMPLATE.md +38 -38
  5. package/.github/workflows/validate-gse.yml +33 -33
  6. package/.gse/README.md +18 -18
  7. package/.gse/gse-development-protocol.md +50 -50
  8. package/.gse/project-profile.md +29 -29
  9. package/.gse/quality-gates.md +25 -25
  10. package/.gse/releases/public-registry-publication-npm.md +49 -0
  11. package/.gse/releases/public-release-owner-required.md +65 -65
  12. package/.gse/releases/public-security-contact-owner-required.md +45 -45
  13. package/.gse/state.json +3 -4
  14. package/CHANGELOG.md +24 -24
  15. package/CONTRIBUTING.md +64 -64
  16. package/LICENSE +21 -21
  17. package/README.md +1 -1
  18. package/README.zh-CN.md +1 -1
  19. package/SECURITY.md +41 -41
  20. package/SUPPORT.md +38 -38
  21. package/assets/marketplace/README.md +7 -7
  22. package/assets/marketplace/gse-listing.json +75 -75
  23. package/assets/templates/acceptance-execution-packet.md +73 -73
  24. package/assets/templates/adr.md +14 -14
  25. package/assets/templates/change-brief.md +16 -16
  26. package/assets/templates/design.md +18 -18
  27. package/assets/templates/dispatch-packet.md +104 -104
  28. package/assets/templates/evidence.md +14 -14
  29. package/assets/templates/execution-quality-pack.md +65 -65
  30. package/assets/templates/goal-map.md +21 -21
  31. package/assets/templates/host-adapter.md +48 -48
  32. package/assets/templates/host-ui-invocation-record.md +42 -42
  33. package/assets/templates/incident-review.md +60 -60
  34. package/assets/templates/public-channel-publication-record.md +49 -49
  35. package/assets/templates/public-ci-run-record.md +53 -53
  36. package/assets/templates/public-release-record.md +65 -65
  37. package/assets/templates/public-repository-settings-record.md +59 -59
  38. package/assets/templates/public-security-contact-record.md +45 -45
  39. package/assets/templates/release-trust-record.md +32 -32
  40. package/assets/templates/review.md +18 -18
  41. package/assets/templates/spec.md +16 -16
  42. package/assets/templates/target-adoption-evidence.md +29 -29
  43. package/assets/templates/tasks.md +17 -17
  44. package/assets/templates/update-release-acceptance-record.md +58 -58
  45. package/examples/README.md +22 -22
  46. package/examples/agent-runtime-host/.claude/gse-adapter.md +6 -6
  47. package/examples/agent-runtime-host/.codex/gse-adapter.md +7 -7
  48. package/examples/agent-runtime-host/.gse/goal-map.md +7 -7
  49. package/examples/agent-runtime-host/.gse/project-profile.md +27 -27
  50. package/examples/agent-runtime-host/.gse/tooling.md +5 -5
  51. package/examples/agent-runtime-host/.mcp.json +9 -9
  52. package/examples/agent-runtime-host/AGENTS.md +5 -5
  53. package/examples/agent-runtime-host/README.md +10 -10
  54. package/examples/agent-runtime-host/docs/model-routing.md +5 -5
  55. package/examples/cli-tool/.gse/project-profile.md +21 -21
  56. package/examples/cli-tool/AGENTS.md +5 -5
  57. package/examples/cli-tool/README.md +12 -12
  58. package/examples/cli-tool/package.json +21 -21
  59. package/examples/small-app/.env.example +2 -2
  60. package/examples/small-app/.github/workflows/ci.yml +8 -8
  61. package/examples/small-app/AGENTS.md +5 -5
  62. package/examples/small-app/README.md +12 -12
  63. package/examples/small-app/package.json +26 -26
  64. package/examples/small-app/playwright.config.ts +4 -4
  65. package/package.json +53 -53
  66. package/references/adoption-recipes.md +171 -171
  67. package/references/agent-roles.md +49 -49
  68. package/references/architecture-health.md +101 -101
  69. package/references/benchmark-audit.md +73 -73
  70. package/references/community-channels.md +46 -46
  71. package/references/compatibility.md +70 -70
  72. package/references/design-basis.md +38 -38
  73. package/references/domain-model.md +129 -129
  74. package/references/domain-quality-gates.md +75 -75
  75. package/references/drift-audit.md +81 -81
  76. package/references/evidence-taxonomy.md +123 -123
  77. package/references/file-ownership.md +107 -107
  78. package/references/final-readiness.md +84 -84
  79. package/references/forward-test.md +133 -133
  80. package/references/goal-map.md +36 -36
  81. package/references/host-adapters.md +119 -119
  82. package/references/learning-system.md +35 -35
  83. package/references/marketplace-discovery.md +46 -46
  84. package/references/model-routing.md +103 -103
  85. package/references/open-source-defaults.md +39 -39
  86. package/references/operating-model.md +52 -52
  87. package/references/packaging.md +277 -277
  88. package/references/project-agent-workspace.md +89 -89
  89. package/references/project-bootstrap.md +122 -122
  90. package/references/project-profile.md +57 -57
  91. package/references/public-release.md +174 -174
  92. package/references/quality-gates.md +100 -100
  93. package/references/recovery.md +176 -176
  94. package/references/release-trust.md +43 -43
  95. package/references/release.md +126 -126
  96. package/references/review.md +141 -141
  97. package/references/router.md +90 -90
  98. package/references/spec-workflow.md +66 -66
  99. package/references/task-levels.md +81 -81
  100. package/references/tool-adapters.md +73 -73
  101. package/scripts/audit-acceptance-execution-packet.mjs +133 -133
  102. package/scripts/audit-adoption-recipes.mjs +99 -99
  103. package/scripts/audit-change-lifecycle.mjs +77 -77
  104. package/scripts/audit-change-system.mjs +134 -134
  105. package/scripts/audit-ci-readiness.mjs +107 -107
  106. package/scripts/audit-close-gate.mjs +323 -323
  107. package/scripts/audit-command-adapters.mjs +91 -91
  108. package/scripts/audit-command-execution.mjs +210 -210
  109. package/scripts/audit-compatibility.mjs +149 -149
  110. package/scripts/audit-completion-readiness.mjs +292 -292
  111. package/scripts/audit-distribution.mjs +251 -251
  112. package/scripts/audit-domain-quality-gates.mjs +108 -108
  113. package/scripts/audit-evidence-placeholders.mjs +126 -126
  114. package/scripts/audit-final-readiness-promotion.mjs +255 -255
  115. package/scripts/audit-final-readiness.mjs +226 -226
  116. package/scripts/audit-fixtures.mjs +154 -154
  117. package/scripts/audit-fresh-session-readiness.mjs +177 -177
  118. package/scripts/audit-host-runtime-evidence-handoff.mjs +159 -159
  119. package/scripts/audit-host-runtime-invocation-drill.mjs +240 -240
  120. package/scripts/audit-host-runtime-invocations.mjs +254 -254
  121. package/scripts/audit-host-ui-invocation.mjs +132 -132
  122. package/scripts/audit-marketplace-discovery.mjs +122 -122
  123. package/scripts/audit-npm-package-metadata.mjs +155 -155
  124. package/scripts/audit-npm-publish-dry-run.mjs +191 -169
  125. package/scripts/audit-npm-tarball-install.mjs +191 -191
  126. package/scripts/audit-open-source-defaults.mjs +92 -92
  127. package/scripts/audit-open-source-readiness.mjs +97 -97
  128. package/scripts/audit-project.mjs +138 -138
  129. package/scripts/audit-public-acceptance-command-dry-run-drill.mjs +203 -203
  130. package/scripts/audit-public-acceptance-readiness.mjs +224 -224
  131. package/scripts/audit-public-channel-publication.mjs +248 -248
  132. package/scripts/audit-public-ci-run.mjs +184 -184
  133. package/scripts/audit-public-collaboration-templates.mjs +98 -98
  134. package/scripts/audit-public-external-gate-probe.mjs +206 -206
  135. package/scripts/audit-public-release-decision.mjs +201 -201
  136. package/scripts/audit-public-release-metadata.mjs +176 -176
  137. package/scripts/audit-public-repository-settings.mjs +237 -237
  138. package/scripts/audit-public-security-contact.mjs +171 -171
  139. package/scripts/audit-readme-docs.mjs +6 -4
  140. package/scripts/audit-recovery-readiness.mjs +98 -98
  141. package/scripts/audit-release-readiness.mjs +106 -106
  142. package/scripts/audit-release-trust.mjs +62 -62
  143. package/scripts/audit-remote-distribution.mjs +266 -266
  144. package/scripts/audit-roadmap-consistency.mjs +235 -235
  145. package/scripts/audit-signing.mjs +147 -147
  146. package/scripts/audit-state-freshness.mjs +14 -9
  147. package/scripts/audit-target-adoption-evidence.mjs +117 -117
  148. package/scripts/audit-target-project.mjs +507 -507
  149. package/scripts/audit-update-release-acceptance.mjs +136 -136
  150. package/scripts/audit-v1-target-validation.mjs +269 -269
  151. package/scripts/audit-validation-profiles.mjs +125 -125
  152. package/scripts/close-change.mjs +116 -116
  153. package/scripts/discover-project-profile.mjs +307 -307
  154. package/scripts/generate-command-adapter.mjs +231 -231
  155. package/scripts/generate-final-acceptance-packet.mjs +181 -181
  156. package/scripts/generate-final-form-progress-report.mjs +205 -205
  157. package/scripts/generate-host-runtime-evidence-handoff.mjs +206 -206
  158. package/scripts/generate-owner-external-gate-kit.mjs +295 -295
  159. package/scripts/generate-public-acceptance-handoff.mjs +168 -168
  160. package/scripts/generate-public-release-checklist.mjs +207 -207
  161. package/scripts/generate-release-bundle.mjs +505 -505
  162. package/scripts/generate-release-owner-action-plan.mjs +172 -172
  163. package/scripts/generate-release-status-manifest.mjs +200 -200
  164. package/scripts/generate-session-prompt.mjs +188 -188
  165. package/scripts/gse.mjs +67 -67
  166. package/scripts/init-change.mjs +265 -265
  167. package/scripts/init-project.mjs +785 -785
  168. package/scripts/install-gse.mjs +234 -234
  169. package/scripts/lib/evidence-placeholders.mjs +28 -28
  170. package/scripts/package-gse.mjs +174 -174
  171. package/scripts/probe-public-external-gates.mjs +167 -167
  172. package/scripts/record-host-invocation.mjs +151 -151
  173. package/scripts/record-public-channel-publication.mjs +178 -178
  174. package/scripts/record-public-ci-run.mjs +180 -180
  175. package/scripts/record-public-release.mjs +175 -175
  176. package/scripts/record-public-repository-settings.mjs +209 -209
  177. package/scripts/record-public-security-contact.mjs +157 -157
  178. package/scripts/sign-gse-package.mjs +83 -83
  179. package/scripts/update-project-state.mjs +223 -223
  180. package/scripts/verify-gse-package.mjs +85 -85
@@ -1,65 +1,65 @@
1
- # Execution Quality Pack
2
-
3
- Use this when a change needs explicit execution skills, tool routing, quality gates, and review boundaries.
4
-
5
- ## Task Profile
6
-
7
- - Level: lite | standard | enterprise
8
- - Change type:
9
- - User-visible impact:
10
- - Data/security/release impact:
11
-
12
- ## Required Skills Or Roles
13
-
14
- | Role / Skill | Purpose | Required | Evidence |
15
- |---|---|---|---|
16
- | Coordinator | Scope, final judgment, integration | yes | plan/state/evidence |
17
- | Code Locator | Files, symbols, existing tests | when code changes | search/LSP notes |
18
- | Builder | Bounded implementation | when files change | diff + focused check |
19
- | QA / Verification | Focused proof | yes | command/browser/API smoke |
20
- | Reviewer | Spec, quality, architecture, security | risk-based | review notes |
21
-
22
- ## Tool Routing
23
-
24
- | Tool | Use When | Status | Fallback |
25
- |---|---|---|---|
26
- | rg / rg --files | Code and doc location | recommended | shell listing |
27
- | LSP / index | Large or typed codebase | unknown | rg + existing tests |
28
- | Browser / Playwright | UI or user-visible flow | unknown | component/API smoke plus notes |
29
- | OpenSpec | Capability/API/state contract change | optional | .gse/changes/ markdown |
30
- | Comet | Full lifecycle change | optional | GSE phase/status files |
31
- | Superpowers | Complex staged execution/review | optional | GSE roles + quality gates |
32
- | Subagents | Parallel bounded work | unknown | sequential role execution |
33
-
34
- ## Quality Gates Selected
35
-
36
- ```text
37
- Universal:
38
- Code:
39
- UI:
40
- API/state:
41
- Security/privacy:
42
- Performance/cost:
43
- Resilience/recovery:
44
- Release/operations:
45
- ```
46
-
47
- ## Evidence Plan
48
-
49
- ```text
50
- Focused command:
51
- Browser/API smoke:
52
- Manual inspection:
53
- Not run and why:
54
- Evidence status: result | verified | accepted | not ready
55
- ```
56
-
57
- ## Review And Closure
58
-
59
- - Spec compliance:
60
- - Code quality:
61
- - Architecture/ownership:
62
- - Residual risk:
63
- - Close gate command:
64
- - Next action:
65
-
1
+ # Execution Quality Pack
2
+
3
+ Use this when a change needs explicit execution skills, tool routing, quality gates, and review boundaries.
4
+
5
+ ## Task Profile
6
+
7
+ - Level: lite | standard | enterprise
8
+ - Change type:
9
+ - User-visible impact:
10
+ - Data/security/release impact:
11
+
12
+ ## Required Skills Or Roles
13
+
14
+ | Role / Skill | Purpose | Required | Evidence |
15
+ |---|---|---|---|
16
+ | Coordinator | Scope, final judgment, integration | yes | plan/state/evidence |
17
+ | Code Locator | Files, symbols, existing tests | when code changes | search/LSP notes |
18
+ | Builder | Bounded implementation | when files change | diff + focused check |
19
+ | QA / Verification | Focused proof | yes | command/browser/API smoke |
20
+ | Reviewer | Spec, quality, architecture, security | risk-based | review notes |
21
+
22
+ ## Tool Routing
23
+
24
+ | Tool | Use When | Status | Fallback |
25
+ |---|---|---|---|
26
+ | rg / rg --files | Code and doc location | recommended | shell listing |
27
+ | LSP / index | Large or typed codebase | unknown | rg + existing tests |
28
+ | Browser / Playwright | UI or user-visible flow | unknown | component/API smoke plus notes |
29
+ | OpenSpec | Capability/API/state contract change | optional | .gse/changes/ markdown |
30
+ | Comet | Full lifecycle change | optional | GSE phase/status files |
31
+ | Superpowers | Complex staged execution/review | optional | GSE roles + quality gates |
32
+ | Subagents | Parallel bounded work | unknown | sequential role execution |
33
+
34
+ ## Quality Gates Selected
35
+
36
+ ```text
37
+ Universal:
38
+ Code:
39
+ UI:
40
+ API/state:
41
+ Security/privacy:
42
+ Performance/cost:
43
+ Resilience/recovery:
44
+ Release/operations:
45
+ ```
46
+
47
+ ## Evidence Plan
48
+
49
+ ```text
50
+ Focused command:
51
+ Browser/API smoke:
52
+ Manual inspection:
53
+ Not run and why:
54
+ Evidence status: result | verified | accepted | not ready
55
+ ```
56
+
57
+ ## Review And Closure
58
+
59
+ - Spec compliance:
60
+ - Code quality:
61
+ - Architecture/ownership:
62
+ - Residual risk:
63
+ - Close gate command:
64
+ - Next action:
65
+
@@ -1,21 +1,21 @@
1
- # Goal Map
2
-
3
- Updated: YYYY-MM-DD
4
-
5
- ## North Star
6
-
7
- ## Current Focus
8
-
9
- - Priority:
10
- - Active slice:
11
- - Next action:
12
-
13
- ## Goal Nodes
14
-
15
- | ID | Goal | Status | Priority | Evidence | Next Slice |
16
- |---|---|---|---|---|---|
17
-
18
- ## Risks
19
-
20
- ## Next 3 Slices
21
-
1
+ # Goal Map
2
+
3
+ Updated: YYYY-MM-DD
4
+
5
+ ## North Star
6
+
7
+ ## Current Focus
8
+
9
+ - Priority:
10
+ - Active slice:
11
+ - Next action:
12
+
13
+ ## Goal Nodes
14
+
15
+ | ID | Goal | Status | Priority | Evidence | Next Slice |
16
+ |---|---|---|---|---|---|
17
+
18
+ ## Risks
19
+
20
+ ## Next 3 Slices
21
+
@@ -1,48 +1,48 @@
1
- # Host Adapter
2
-
3
- ## Host
4
-
5
- - Name:
6
- - Adapter path:
7
- - Maintainer:
8
- - Last checked:
9
-
10
- ## Source Of Truth
11
-
12
- Portable workflow source: `.gse/`
13
-
14
- Read first:
15
-
16
- 1. `.gse/project-profile.md`
17
- 2. `.gse/goal-map.md`
18
- 3. `.gse/quality-gates.md`
19
- 4. Relevant `.gse/changes/` or `.gse/evidence/` files
20
-
21
- ## Verified Capabilities
22
-
23
- | Capability | Command/config | Status | Evidence |
24
- |---|---|---|---|
25
- | Project rules | - | unknown | - |
26
- | Skills/commands | - | unknown | - |
27
- | Subagents | - | unknown | - |
28
- | MCP/tools | - | unknown | - |
29
- | LSP/index | - | unknown | - |
30
- | Browser/UI verification | - | unknown | - |
31
- | CI/build/test | - | unknown | - |
32
-
33
- ## Host-Specific Start
34
-
35
- Describe the shortest host-specific instruction that makes this host read `.gse/` first.
36
-
37
- ## Safety And Permissions
38
-
39
- - Secrets:
40
- - Write-capable tools:
41
- - Destructive commands:
42
- - Network/external services:
43
-
44
- ## Drift Check
45
-
46
- - Check cadence:
47
- - What must stay in `.gse/`:
48
- - What may stay host-specific:
1
+ # Host Adapter
2
+
3
+ ## Host
4
+
5
+ - Name:
6
+ - Adapter path:
7
+ - Maintainer:
8
+ - Last checked:
9
+
10
+ ## Source Of Truth
11
+
12
+ Portable workflow source: `.gse/`
13
+
14
+ Read first:
15
+
16
+ 1. `.gse/project-profile.md`
17
+ 2. `.gse/goal-map.md`
18
+ 3. `.gse/quality-gates.md`
19
+ 4. Relevant `.gse/changes/` or `.gse/evidence/` files
20
+
21
+ ## Verified Capabilities
22
+
23
+ | Capability | Command/config | Status | Evidence |
24
+ |---|---|---|---|
25
+ | Project rules | - | unknown | - |
26
+ | Skills/commands | - | unknown | - |
27
+ | Subagents | - | unknown | - |
28
+ | MCP/tools | - | unknown | - |
29
+ | LSP/index | - | unknown | - |
30
+ | Browser/UI verification | - | unknown | - |
31
+ | CI/build/test | - | unknown | - |
32
+
33
+ ## Host-Specific Start
34
+
35
+ Describe the shortest host-specific instruction that makes this host read `.gse/` first.
36
+
37
+ ## Safety And Permissions
38
+
39
+ - Secrets:
40
+ - Write-capable tools:
41
+ - Destructive commands:
42
+ - Network/external services:
43
+
44
+ ## Drift Check
45
+
46
+ - Check cadence:
47
+ - What must stay in `.gse/`:
48
+ - What may stay host-specific:
@@ -1,42 +1,42 @@
1
- # Host UI Invocation Record
2
-
3
- Use this when a real host UI, slash-command runtime, command palette, plugin UI, or background-thread host invokes GSE.
4
-
5
- ## Host
6
-
7
- - Host name:
8
- - Host version:
9
- - Project:
10
- - Adapter path:
11
- - Invocation method:
12
-
13
- ## Command
14
-
15
- ```text
16
- /gse help
17
- ```
18
-
19
- ## Result
20
-
21
- - Status: result | verified | accepted | failed
22
- - Started at:
23
- - Finished at:
24
- - Evidence owner:
25
-
26
- ## Evidence
27
-
28
- - Screenshot, transcript, thread id, terminal output, or host log:
29
- - Files read by the host:
30
- - Files written by the host:
31
- - Verification command:
32
-
33
- ## Boundaries
34
-
35
- - Does this prove native slash-command support? true | false | unknown
36
- - Does this prove portable text-command routing only? true | false | unknown
37
- - Does this rely on a generated pointer file? true | false | unknown
38
- - Does this require owner acceptance before being called trusted? true | false | unknown
39
-
40
- ## Residual Risk
41
-
42
- -
1
+ # Host UI Invocation Record
2
+
3
+ Use this when a real host UI, slash-command runtime, command palette, plugin UI, or background-thread host invokes GSE.
4
+
5
+ ## Host
6
+
7
+ - Host name:
8
+ - Host version:
9
+ - Project:
10
+ - Adapter path:
11
+ - Invocation method:
12
+
13
+ ## Command
14
+
15
+ ```text
16
+ /gse help
17
+ ```
18
+
19
+ ## Result
20
+
21
+ - Status: result | verified | accepted | failed
22
+ - Started at:
23
+ - Finished at:
24
+ - Evidence owner:
25
+
26
+ ## Evidence
27
+
28
+ - Screenshot, transcript, thread id, terminal output, or host log:
29
+ - Files read by the host:
30
+ - Files written by the host:
31
+ - Verification command:
32
+
33
+ ## Boundaries
34
+
35
+ - Does this prove native slash-command support? true | false | unknown
36
+ - Does this prove portable text-command routing only? true | false | unknown
37
+ - Does this rely on a generated pointer file? true | false | unknown
38
+ - Does this require owner acceptance before being called trusted? true | false | unknown
39
+
40
+ ## Residual Risk
41
+
42
+ -
@@ -1,60 +1,60 @@
1
- # Incident Review
2
-
3
- ## Summary
4
-
5
- - Incident title:
6
- - Date/time range:
7
- - Status: investigating | mitigated | resolved | follow-up
8
- - Owner:
9
- - Evidence status: result | verified | accepted
10
-
11
- ## Impact
12
-
13
- - Affected users/systems:
14
- - Severity:
15
- - User-visible symptoms:
16
- - Data/security/privacy impact:
17
- - Release or rollback impact:
18
-
19
- ## Timeline
20
-
21
- - Detected at:
22
- - Mitigated at:
23
- - Resolved at:
24
- - Key events:
25
-
26
- ## Root Cause
27
-
28
- - Direct cause:
29
- - Contributing factors:
30
- - Why existing gates missed it:
31
-
32
- ## What Detected It
33
-
34
- - Signal, report, test, monitor, or user feedback:
35
- - Detection gap:
36
-
37
- ## Stabilization
38
-
39
- - Immediate action taken:
40
- - Rollback, revert, or mitigation:
41
- - Verification that stabilization worked:
42
-
43
- ## What Prevents Recurrence
44
-
45
- - Prevention change:
46
- - New or updated gate:
47
- - Documentation, script, test, monitor, or ownership update:
48
-
49
- ## Action Items
50
-
51
- | Action | Owner | Evidence needed | Due | Status |
52
- |---|---|---|---|---|
53
- | | | | | |
54
-
55
- ## Follow-Up Evidence
56
-
57
- - Evidence log:
58
- - Release/recovery record:
59
- - Remaining risk:
60
- - Next action:
1
+ # Incident Review
2
+
3
+ ## Summary
4
+
5
+ - Incident title:
6
+ - Date/time range:
7
+ - Status: investigating | mitigated | resolved | follow-up
8
+ - Owner:
9
+ - Evidence status: result | verified | accepted
10
+
11
+ ## Impact
12
+
13
+ - Affected users/systems:
14
+ - Severity:
15
+ - User-visible symptoms:
16
+ - Data/security/privacy impact:
17
+ - Release or rollback impact:
18
+
19
+ ## Timeline
20
+
21
+ - Detected at:
22
+ - Mitigated at:
23
+ - Resolved at:
24
+ - Key events:
25
+
26
+ ## Root Cause
27
+
28
+ - Direct cause:
29
+ - Contributing factors:
30
+ - Why existing gates missed it:
31
+
32
+ ## What Detected It
33
+
34
+ - Signal, report, test, monitor, or user feedback:
35
+ - Detection gap:
36
+
37
+ ## Stabilization
38
+
39
+ - Immediate action taken:
40
+ - Rollback, revert, or mitigation:
41
+ - Verification that stabilization worked:
42
+
43
+ ## What Prevents Recurrence
44
+
45
+ - Prevention change:
46
+ - New or updated gate:
47
+ - Documentation, script, test, monitor, or ownership update:
48
+
49
+ ## Action Items
50
+
51
+ | Action | Owner | Evidence needed | Due | Status |
52
+ |---|---|---|---|---|
53
+ | | | | | |
54
+
55
+ ## Follow-Up Evidence
56
+
57
+ - Evidence log:
58
+ - Release/recovery record:
59
+ - Remaining risk:
60
+ - Next action:
@@ -1,49 +1,49 @@
1
- # Public Channel Publication Record
2
-
3
- Publication status: pending | accepted
4
-
5
- Channel type: github-release | package-registry | marketplace | catalog | other
6
-
7
- Channel name:
8
-
9
- Channel URL:
10
-
11
- Package or listing version:
12
-
13
- Artifact digest:
14
-
15
- Review or approval status:
16
-
17
- Evidence owner:
18
-
19
- Evidence date:
20
-
21
- Evidence URL or run id:
22
-
23
- ## Verification
24
-
25
- Verification command:
26
-
27
- Verification result:
28
-
29
- ## Acceptance
30
-
31
- Evidence status: pending | accepted
32
-
33
- Accepted by:
34
-
35
- Accepted at:
36
-
37
- ## Boundaries
38
-
39
- - Does this prove public registry publication? true | false | unknown
40
- - Does this prove marketplace approval? true | false | unknown
41
- - Does this prove installability from the channel? true | false | unknown
42
-
43
- ## Residual Risk
44
-
45
- -
46
-
47
- ## Next Action
48
-
49
- -
1
+ # Public Channel Publication Record
2
+
3
+ Publication status: pending | accepted
4
+
5
+ Channel type: github-release | package-registry | marketplace | catalog | other
6
+
7
+ Channel name:
8
+
9
+ Channel URL:
10
+
11
+ Package or listing version:
12
+
13
+ Artifact digest:
14
+
15
+ Review or approval status:
16
+
17
+ Evidence owner:
18
+
19
+ Evidence date:
20
+
21
+ Evidence URL or run id:
22
+
23
+ ## Verification
24
+
25
+ Verification command:
26
+
27
+ Verification result:
28
+
29
+ ## Acceptance
30
+
31
+ Evidence status: pending | accepted
32
+
33
+ Accepted by:
34
+
35
+ Accepted at:
36
+
37
+ ## Boundaries
38
+
39
+ - Does this prove public registry publication? true | false | unknown
40
+ - Does this prove marketplace approval? true | false | unknown
41
+ - Does this prove installability from the channel? true | false | unknown
42
+
43
+ ## Residual Risk
44
+
45
+ -
46
+
47
+ ## Next Action
48
+
49
+ -
@@ -1,53 +1,53 @@
1
- # Public CI Run Record
2
-
3
- Repository URL:
4
-
5
- Workflow name:
6
-
7
- Workflow file:
8
-
9
- Run URL:
10
-
11
- Run status: pending | accepted
12
-
13
- Run conclusion: pending | success | failure | cancelled | skipped | timed_out | unknown
14
-
15
- Commit SHA:
16
-
17
- Branch:
18
-
19
- Required checks:
20
-
21
- Evidence owner:
22
-
23
- Evidence date:
24
-
25
- Evidence URL or run id:
26
-
27
- ## Verification
28
-
29
- Verification command:
30
-
31
- Verification result:
32
-
33
- ## Acceptance
34
-
35
- Evidence status: pending | accepted
36
-
37
- Accepted by:
38
-
39
- Accepted at:
40
-
41
- ## Boundaries
42
-
43
- - Does this prove a public CI run?
44
- - Does this prove required checks passed?
45
- - Does this prove the current release commit?
46
-
47
- ## Residual Risk
48
-
49
- -
50
-
51
- ## Next Action
52
-
53
- -
1
+ # Public CI Run Record
2
+
3
+ Repository URL:
4
+
5
+ Workflow name:
6
+
7
+ Workflow file:
8
+
9
+ Run URL:
10
+
11
+ Run status: pending | accepted
12
+
13
+ Run conclusion: pending | success | failure | cancelled | skipped | timed_out | unknown
14
+
15
+ Commit SHA:
16
+
17
+ Branch:
18
+
19
+ Required checks:
20
+
21
+ Evidence owner:
22
+
23
+ Evidence date:
24
+
25
+ Evidence URL or run id:
26
+
27
+ ## Verification
28
+
29
+ Verification command:
30
+
31
+ Verification result:
32
+
33
+ ## Acceptance
34
+
35
+ Evidence status: pending | accepted
36
+
37
+ Accepted by:
38
+
39
+ Accepted at:
40
+
41
+ ## Boundaries
42
+
43
+ - Does this prove a public CI run?
44
+ - Does this prove required checks passed?
45
+ - Does this prove the current release commit?
46
+
47
+ ## Residual Risk
48
+
49
+ -
50
+
51
+ ## Next Action
52
+
53
+ -