@t275005746/gse 0.1.0 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/ISSUE_TEMPLATE/bug_report.yml +42 -42
- package/.github/ISSUE_TEMPLATE/change_request.yml +50 -50
- package/.github/ISSUE_TEMPLATE/config.yml +5 -5
- package/.github/PULL_REQUEST_TEMPLATE.md +38 -38
- package/.github/workflows/validate-gse.yml +33 -33
- package/.gse/README.md +18 -18
- package/.gse/gse-development-protocol.md +50 -50
- package/.gse/project-profile.md +29 -29
- package/.gse/quality-gates.md +25 -25
- package/.gse/releases/public-registry-publication-npm.md +49 -0
- package/.gse/releases/public-release-owner-required.md +65 -65
- package/.gse/releases/public-security-contact-owner-required.md +45 -45
- package/.gse/state.json +147 -27
- package/CHANGELOG.md +31 -15
- package/CONTRIBUTING.md +64 -64
- package/LICENSE +21 -21
- package/README.md +14 -7
- package/README.zh-CN.md +14 -7
- package/SECURITY.md +41 -41
- package/SKILL.md +32 -12
- package/SUPPORT.md +38 -38
- package/assets/marketplace/README.md +7 -7
- package/assets/marketplace/gse-listing.json +75 -75
- package/assets/templates/acceptance-execution-packet.md +73 -73
- package/assets/templates/adr.md +14 -14
- package/assets/templates/change-brief.md +16 -16
- package/assets/templates/design.md +18 -18
- package/assets/templates/dispatch-packet.md +100 -92
- package/assets/templates/evidence.md +15 -9
- package/assets/templates/execution-quality-pack.md +65 -65
- package/assets/templates/goal-map.md +21 -21
- package/assets/templates/host-adapter.md +48 -48
- package/assets/templates/host-ui-invocation-record.md +42 -42
- package/assets/templates/incident-review.md +60 -60
- package/assets/templates/public-channel-publication-record.md +49 -49
- package/assets/templates/public-ci-run-record.md +53 -53
- package/assets/templates/public-release-record.md +65 -65
- package/assets/templates/public-repository-settings-record.md +59 -59
- package/assets/templates/public-security-contact-record.md +45 -45
- package/assets/templates/release-trust-record.md +32 -32
- package/assets/templates/review.md +18 -18
- package/assets/templates/role-fallback-packet.md +49 -0
- package/assets/templates/spec.md +16 -16
- package/assets/templates/target-adoption-evidence.md +29 -29
- package/assets/templates/tasks.md +17 -17
- package/assets/templates/update-release-acceptance-record.md +58 -58
- package/examples/README.md +22 -22
- package/examples/agent-runtime-host/.claude/gse-adapter.md +6 -6
- package/examples/agent-runtime-host/.codex/gse-adapter.md +7 -7
- package/examples/agent-runtime-host/.gse/goal-map.md +7 -7
- package/examples/agent-runtime-host/.gse/project-profile.md +27 -27
- package/examples/agent-runtime-host/.gse/tooling.md +5 -5
- package/examples/agent-runtime-host/.mcp.json +9 -9
- package/examples/agent-runtime-host/AGENTS.md +5 -5
- package/examples/agent-runtime-host/README.md +10 -10
- package/examples/agent-runtime-host/docs/model-routing.md +5 -5
- package/examples/cli-tool/.gse/project-profile.md +21 -21
- package/examples/cli-tool/AGENTS.md +5 -5
- package/examples/cli-tool/README.md +12 -12
- package/examples/cli-tool/package.json +21 -21
- package/examples/small-app/.env.example +2 -2
- package/examples/small-app/.github/workflows/ci.yml +8 -8
- package/examples/small-app/AGENTS.md +5 -5
- package/examples/small-app/README.md +12 -12
- package/examples/small-app/package.json +26 -26
- package/examples/small-app/playwright.config.ts +4 -4
- package/package.json +52 -44
- package/references/adoption-recipes.md +171 -171
- package/references/agent-roles.md +42 -21
- package/references/architecture-health.md +101 -101
- package/references/benchmark-audit.md +73 -73
- package/references/commands.md +74 -45
- package/references/community-channels.md +46 -46
- package/references/compatibility.md +70 -70
- package/references/design-basis.md +38 -38
- package/references/domain-model.md +129 -129
- package/references/domain-quality-gates.md +75 -75
- package/references/drift-audit.md +81 -80
- package/references/evidence-taxonomy.md +145 -108
- package/references/file-ownership.md +97 -93
- package/references/final-form-roadmap.md +201 -0
- package/references/final-readiness.md +84 -84
- package/references/forward-test.md +133 -133
- package/references/goal-map.md +36 -36
- package/references/host-adapters.md +129 -101
- package/references/learning-system.md +42 -26
- package/references/maintenance-cadence.md +51 -0
- package/references/marketplace-discovery.md +46 -46
- package/references/model-routing.md +103 -103
- package/references/open-source-defaults.md +39 -39
- package/references/operating-model.md +52 -52
- package/references/packaging.md +277 -277
- package/references/project-agent-workspace.md +89 -89
- package/references/project-bootstrap.md +122 -122
- package/references/project-guards.md +52 -0
- package/references/project-profile.md +57 -57
- package/references/public-release.md +174 -174
- package/references/quality-gates.md +96 -89
- package/references/recovery.md +176 -176
- package/references/release-trust.md +43 -43
- package/references/release.md +126 -126
- package/references/review.md +141 -141
- package/references/role-dispatch-fallback.md +54 -0
- package/references/router.md +90 -90
- package/references/spec-workflow.md +66 -66
- package/references/task-levels.md +81 -81
- package/references/tool-adapters.md +80 -70
- package/scripts/audit-acceptance-execution-packet.mjs +133 -133
- package/scripts/audit-adoption-recipes.mjs +99 -99
- package/scripts/audit-change-lifecycle.mjs +77 -77
- package/scripts/audit-change-system.mjs +134 -134
- package/scripts/audit-ci-readiness.mjs +107 -107
- package/scripts/audit-close-gate-hardening.mjs +188 -0
- package/scripts/audit-close-gate.mjs +448 -262
- package/scripts/audit-command-adapters.mjs +91 -91
- package/scripts/audit-command-execution.mjs +212 -199
- package/scripts/audit-commands.mjs +7 -5
- package/scripts/audit-compatibility.mjs +149 -149
- package/scripts/audit-completion-plan-drill.mjs +230 -0
- package/scripts/audit-completion-readiness.mjs +290 -287
- package/scripts/audit-continue-preflight.mjs +234 -0
- package/scripts/audit-distribution.mjs +251 -251
- package/scripts/audit-domain-quality-gates.mjs +108 -108
- package/scripts/audit-evidence-levels.mjs +217 -0
- package/scripts/audit-evidence-placeholders.mjs +126 -126
- package/scripts/audit-evidence-review-queue.mjs +206 -0
- package/scripts/audit-final-acceptance-packet.mjs +9 -9
- package/scripts/audit-final-form-progress-report.mjs +19 -18
- package/scripts/audit-final-form-roadmap.mjs +157 -0
- package/scripts/audit-final-form-stale-copy.mjs +2 -2
- package/scripts/audit-final-readiness-promotion.mjs +255 -255
- package/scripts/audit-final-readiness.mjs +226 -226
- package/scripts/audit-fixtures.mjs +154 -154
- package/scripts/audit-fresh-session-readiness.mjs +177 -177
- package/scripts/audit-host-capabilities.mjs +237 -0
- package/scripts/audit-host-runtime-evidence-handoff.mjs +159 -159
- package/scripts/audit-host-runtime-invocation-drill.mjs +240 -240
- package/scripts/audit-host-runtime-invocations.mjs +254 -254
- package/scripts/audit-host-ui-invocation.mjs +132 -132
- package/scripts/audit-installed-sync.mjs +203 -0
- package/scripts/audit-learning-drift.mjs +292 -0
- package/scripts/audit-learning-promotion.mjs +351 -0
- package/scripts/audit-learning-system.mjs +24 -14
- package/scripts/audit-local-final-form-completion.mjs +11 -10
- package/scripts/audit-maintenance-cadence.mjs +139 -0
- package/scripts/audit-maintenance-snapshot.mjs +181 -0
- package/scripts/audit-marketplace-discovery.mjs +122 -122
- package/scripts/audit-npm-package-metadata.mjs +160 -154
- package/scripts/audit-npm-publish-dry-run.mjs +194 -166
- package/scripts/audit-npm-tarball-install.mjs +195 -189
- package/scripts/audit-open-source-defaults.mjs +92 -92
- package/scripts/audit-open-source-readiness.mjs +97 -97
- package/scripts/audit-owner-external-gate-kit.mjs +12 -11
- package/scripts/audit-project-guards.mjs +189 -0
- package/scripts/audit-project.mjs +144 -141
- package/scripts/audit-public-acceptance-command-dry-run-drill.mjs +203 -203
- package/scripts/audit-public-acceptance-handoff.mjs +10 -10
- package/scripts/audit-public-acceptance-readiness.mjs +222 -222
- package/scripts/audit-public-channel-publication.mjs +248 -248
- package/scripts/audit-public-ci-run.mjs +184 -184
- package/scripts/audit-public-collaboration-templates.mjs +98 -98
- package/scripts/audit-public-external-gate-probe.mjs +206 -206
- package/scripts/audit-public-release-checklist.mjs +17 -15
- package/scripts/audit-public-release-decision.mjs +201 -201
- package/scripts/audit-public-release-metadata.mjs +176 -176
- package/scripts/audit-public-repository-settings.mjs +237 -237
- package/scripts/audit-public-security-contact.mjs +171 -171
- package/scripts/audit-readme-docs.mjs +6 -4
- package/scripts/audit-recovery-readiness.mjs +98 -98
- package/scripts/audit-release-bundle.mjs +13 -11
- package/scripts/audit-release-owner-action-plan-drill.mjs +5 -4
- package/scripts/audit-release-owner-action-plan.mjs +10 -10
- package/scripts/audit-release-readiness.mjs +106 -106
- package/scripts/audit-release-status-manifest.mjs +4 -4
- package/scripts/audit-release-trust.mjs +62 -62
- package/scripts/audit-remote-distribution.mjs +266 -266
- package/scripts/audit-roadmap-consistency.mjs +234 -230
- package/scripts/audit-role-dispatch-fallback.mjs +212 -0
- package/scripts/audit-session-sync.mjs +127 -0
- package/scripts/audit-signing.mjs +147 -147
- package/scripts/audit-state-freshness.mjs +20 -14
- package/scripts/audit-state-repair.mjs +360 -0
- package/scripts/audit-target-adoption-evidence.mjs +117 -117
- package/scripts/audit-target-hardening-drills.mjs +267 -0
- package/scripts/audit-target-project.mjs +507 -507
- package/scripts/audit-tool-fallback-policy.mjs +180 -0
- package/scripts/audit-ui-browser-evidence-policy.mjs +191 -0
- package/scripts/audit-update-release-acceptance.mjs +136 -136
- package/scripts/audit-v1-target-validation.mjs +269 -269
- package/scripts/audit-validation-profiles.mjs +125 -123
- package/scripts/backfill-evidence-levels.mjs +98 -0
- package/scripts/check-encoding.mjs +72 -0
- package/scripts/close-change.mjs +116 -116
- package/scripts/discover-project-profile.mjs +307 -307
- package/scripts/generate-command-adapter.mjs +231 -231
- package/scripts/generate-continue-packet.mjs +1214 -0
- package/scripts/generate-final-acceptance-packet.mjs +188 -173
- package/scripts/generate-final-form-progress-report.mjs +191 -189
- package/scripts/generate-host-runtime-evidence-handoff.mjs +198 -191
- package/scripts/generate-maintenance-snapshot.mjs +216 -0
- package/scripts/generate-owner-external-gate-kit.mjs +295 -295
- package/scripts/generate-public-acceptance-handoff.mjs +168 -156
- package/scripts/generate-public-release-checklist.mjs +207 -207
- package/scripts/generate-release-bundle.mjs +505 -505
- package/scripts/generate-release-owner-action-plan.mjs +172 -171
- package/scripts/generate-release-status-manifest.mjs +199 -198
- package/scripts/generate-session-prompt.mjs +188 -188
- package/scripts/gse.mjs +67 -67
- package/scripts/init-change.mjs +265 -265
- package/scripts/init-project.mjs +793 -712
- package/scripts/install-gse.mjs +234 -234
- package/scripts/lib/evidence-placeholders.mjs +28 -28
- package/scripts/package-gse.mjs +174 -174
- package/scripts/probe-public-external-gates.mjs +167 -167
- package/scripts/record-host-invocation.mjs +151 -151
- package/scripts/record-learning.mjs +37 -8
- package/scripts/record-public-channel-publication.mjs +178 -178
- package/scripts/record-public-ci-run.mjs +180 -180
- package/scripts/record-public-release.mjs +175 -175
- package/scripts/record-public-repository-settings.mjs +209 -209
- package/scripts/record-public-security-contact.mjs +157 -157
- package/scripts/record-session-sync.mjs +87 -0
- package/scripts/run-gse-command.mjs +79 -47
- package/scripts/run-validation-profile.mjs +24 -5
- package/scripts/sign-gse-package.mjs +83 -83
- package/scripts/update-project-state.mjs +223 -223
- package/scripts/validate-gse.mjs +216 -0
- package/scripts/verify-gse-package.mjs +85 -85
|
@@ -1,177 +1,177 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
import fs from 'node:fs'
|
|
3
|
-
import path from 'node:path'
|
|
4
|
-
|
|
5
|
-
const args = process.argv.slice(2)
|
|
6
|
-
|
|
7
|
-
function readArg(name, fallback = null) {
|
|
8
|
-
const index = args.indexOf(name)
|
|
9
|
-
if (index === -1) return fallback
|
|
10
|
-
return args[index + 1] ?? fallback
|
|
11
|
-
}
|
|
12
|
-
|
|
13
|
-
const root = path.resolve(readArg('--root', path.join(import.meta.dirname, '..')))
|
|
14
|
-
const jsonOnly = args.includes('--json')
|
|
15
|
-
|
|
16
|
-
function read(relativePath) {
|
|
17
|
-
const fullPath = path.join(root, relativePath)
|
|
18
|
-
return fs.existsSync(fullPath) ? fs.readFileSync(fullPath, 'utf8') : ''
|
|
19
|
-
}
|
|
20
|
-
|
|
21
|
-
function exists(relativePath) {
|
|
22
|
-
return fs.existsSync(path.join(root, relativePath))
|
|
23
|
-
}
|
|
24
|
-
|
|
25
|
-
function check(id, label, ok, evidence, risk = '') {
|
|
26
|
-
return { id, label, status: ok ? 'passed' : 'failed', evidence, risk }
|
|
27
|
-
}
|
|
28
|
-
|
|
29
|
-
function section(markdown, heading) {
|
|
30
|
-
const lines = markdown.split(/\r?\n/)
|
|
31
|
-
const start = lines.findIndex((line) => line.trim() === '## ' + heading)
|
|
32
|
-
if (start === -1) return ''
|
|
33
|
-
const body = []
|
|
34
|
-
for (let index = start + 1; index < lines.length; index += 1) {
|
|
35
|
-
const line = lines[index]
|
|
36
|
-
if (line.startsWith('## ')) break
|
|
37
|
-
body.push(line)
|
|
38
|
-
}
|
|
39
|
-
return body.join('\n').trim()
|
|
40
|
-
}
|
|
41
|
-
|
|
42
|
-
const requiredInputs = [
|
|
43
|
-
'SKILL.md',
|
|
44
|
-
'.gse/gse-design-master-plan.md',
|
|
45
|
-
'.gse/goal-map.md',
|
|
46
|
-
'.gse/current-slice.md',
|
|
47
|
-
'references/forward-test.md',
|
|
48
|
-
'references/evidence-taxonomy.md',
|
|
49
|
-
]
|
|
50
|
-
|
|
51
|
-
const skill = read('SKILL.md')
|
|
52
|
-
const masterPlan = read('.gse/gse-design-master-plan.md')
|
|
53
|
-
const goalMap = read('.gse/goal-map.md')
|
|
54
|
-
const currentSlice = read('.gse/current-slice.md')
|
|
55
|
-
const forwardTest = read('references/forward-test.md')
|
|
56
|
-
const taxonomy = read('references/evidence-taxonomy.md')
|
|
57
|
-
|
|
58
|
-
const outcome = section(currentSlice, 'Outcome')
|
|
59
|
-
const scope = section(currentSlice, 'Scope')
|
|
60
|
-
const acceptance = section(currentSlice, 'Acceptance')
|
|
61
|
-
const evidence = section(currentSlice, 'Evidence') || section(currentSlice, 'Evidence Plan')
|
|
62
|
-
const nextAction = section(currentSlice, 'Next Action')
|
|
63
|
-
|
|
64
|
-
const probePacketLines = [
|
|
65
|
-
'# GSE Fresh-Session Probe Packet',
|
|
66
|
-
'',
|
|
67
|
-
'Purpose: verify whether a separate session can continue GSE development without hidden conversation history.',
|
|
68
|
-
'',
|
|
69
|
-
'Read these files in order:',
|
|
70
|
-
...requiredInputs.map((item) => '- ' + item),
|
|
71
|
-
'',
|
|
72
|
-
'Task for the fresh session:',
|
|
73
|
-
'- Identify the active GSE slice from `.gse/current-slice.md`.',
|
|
74
|
-
'- State outcome, scope, acceptance, evidence, risk, and next action.',
|
|
75
|
-
'- Do not claim accepted unless a separate session actually ran the path or an explicit policy accepts it.',
|
|
76
|
-
'- Do not invent subagent, MCP, LSP, browser, model, hook, or host support.',
|
|
77
|
-
'',
|
|
78
|
-
'Expected active slice:',
|
|
79
|
-
outcome || '(missing)',
|
|
80
|
-
'',
|
|
81
|
-
'Expected next action:',
|
|
82
|
-
nextAction || '(missing)',
|
|
83
|
-
'',
|
|
84
|
-
'Required response fields:',
|
|
85
|
-
'- Forward-test level',
|
|
86
|
-
'- Scenario',
|
|
87
|
-
'- Changed behavior',
|
|
88
|
-
'- Commands or inspection',
|
|
89
|
-
'- Result evidence',
|
|
90
|
-
'- Verification evidence',
|
|
91
|
-
'- Accepted by',
|
|
92
|
-
'- Residual risk',
|
|
93
|
-
'- Next action',
|
|
94
|
-
]
|
|
95
|
-
const probePacket = probePacketLines.join('\n') + '\n'
|
|
96
|
-
|
|
97
|
-
const checks = [
|
|
98
|
-
check('FS01', 'required startup inputs exist', requiredInputs.every(exists), requiredInputs.join(', ')),
|
|
99
|
-
check('FS02', 'SKILL routes GSE changes through control and validation', skill.includes('references/router.md') && skill.includes('scripts/validate-gse.mjs') && skill.includes('references/forward-test.md'), 'SKILL.md'),
|
|
100
|
-
check('FS03', 'master plan preserves fresh-session boundary after owner acceptance', masterPlan.includes('owner-approved AION project-write acceptance is executed') && (masterPlan.includes('fresh-session acceptance remains optional future confidence evidence') || masterPlan.includes('Marketplace discovery, public key custody, and cross-host native command execution remain final-form work') || masterPlan.includes('Marketplace discovery and real host UI invocation remain final-form work') || masterPlan.includes('Public marketplace approval, public registry publication, other host runtime invocation records, and host-native slash-command execution remain final-form work') || masterPlan.includes('Remaining final-form work is
|
|
101
|
-
check('FS04', 'goal map exposes active slice and next action without hidden history', goalMap.includes('- Active slice:') && goalMap.includes('- Next action:') && goalMap.includes('scripts/audit-fresh-session-readiness.mjs'), '.gse/goal-map.md'),
|
|
102
|
-
check('FS05', 'current slice has required GSE fields', Boolean(outcome && scope && acceptance && evidence && nextAction), 'Outcome, Scope, Acceptance, Evidence or Evidence Plan, Next Action'),
|
|
103
|
-
check('FS06', 'probe packet explicitly avoids false acceptance', probePacket.includes('Do not claim accepted unless a separate session actually ran the path or an explicit policy accepts it.'), 'generated probe packet'),
|
|
104
|
-
check('FS07', 'forward-test protocol defines fresh-session acceptance rules', forwardTest.includes('Fresh-session forward test') && forwardTest.includes('accepted by: fresh-session') && forwardTest.includes('separate agent/session actually ran the path'), 'references/forward-test.md'),
|
|
105
|
-
check('FS08', 'evidence taxonomy supports result verified accepted labels', taxonomy.includes('result -> verified -> accepted') && taxonomy.includes('Not enough for `accepted`'), 'references/evidence-taxonomy.md'),
|
|
106
|
-
check('FS09', 'probe packet uses only documented inputs', requiredInputs.every((item) => probePacket.includes(item)) && probePacket.includes('without hidden conversation history'), 'generated probe packet'),
|
|
107
|
-
check('FS10', 'probe packet asks for evidence taxonomy and residual risk', probePacket.includes('Accepted by') && probePacket.includes('Residual risk') && probePacket.includes('Do not claim accepted'), 'generated probe packet fields'),
|
|
108
|
-
]
|
|
109
|
-
|
|
110
|
-
const passed = checks.filter((item) => item.status === 'passed').length
|
|
111
|
-
const failed = checks.length - passed
|
|
112
|
-
const report = {
|
|
113
|
-
root,
|
|
114
|
-
generatedAt: new Date().toISOString(),
|
|
115
|
-
level: 'fresh-session readiness probe',
|
|
116
|
-
scenario: 'Prepare a separate-session GSE continuation packet using documented startup inputs.',
|
|
117
|
-
changedBehavior: 'GSE now has a repeatable readiness check for fresh-session acceptance without overstating acceptance when no separate-session tool is available.',
|
|
118
|
-
evidenceStatus: failed === 0 ? 'verified' : 'result',
|
|
119
|
-
acceptedBy: 'not accepted; no separate-session tool was available to execute the probe in this run',
|
|
120
|
-
summary: { status: failed === 0 ? 'passed' : 'failed', passed, failed, total: checks.length },
|
|
121
|
-
workflows: { freshSessionReadiness: failed === 0 ? 'verified' : 'failed', freshSessionAcceptance: 'not accepted' },
|
|
122
|
-
commandsOrInspection: [
|
|
123
|
-
'Read documented startup inputs: ' + requiredInputs.join(', '),
|
|
124
|
-
'Generate fresh-session probe packet from current slice and forward-test rules',
|
|
125
|
-
'Verify accepted status is not claimed without a real separate-session run',
|
|
126
|
-
],
|
|
127
|
-
probePacket,
|
|
128
|
-
residualRisk: [
|
|
129
|
-
'This readiness probe is not a true fresh-session run.',
|
|
130
|
-
'The result cannot be marked accepted until a separate session, thread, or host-specific equivalent actually follows the packet.',
|
|
131
|
-
'Host-specific thread/subagent tools must be verified before using them as acceptance evidence.',
|
|
132
|
-
],
|
|
133
|
-
nextAction: 'When a separate-session or thread tool is available, run the probe packet and record accepted or failed evidence.',
|
|
134
|
-
checks,
|
|
135
|
-
}
|
|
136
|
-
|
|
137
|
-
function renderMarkdown(data) {
|
|
138
|
-
const lines = []
|
|
139
|
-
lines.push('# GSE Fresh-Session Readiness Audit')
|
|
140
|
-
lines.push('')
|
|
141
|
-
lines.push('Generated: ' + data.generatedAt)
|
|
142
|
-
lines.push('Root: ' + data.root)
|
|
143
|
-
lines.push('')
|
|
144
|
-
lines.push('## Record')
|
|
145
|
-
lines.push('')
|
|
146
|
-
lines.push('- Forward-test level: ' + data.level)
|
|
147
|
-
lines.push('- Scenario: ' + data.scenario)
|
|
148
|
-
lines.push('- Changed behavior: ' + data.changedBehavior)
|
|
149
|
-
lines.push('- Result evidence: probe packet generated from documented inputs')
|
|
150
|
-
lines.push('- Verification evidence: ' + data.summary.passed + '/' + data.summary.total + ' checks passed')
|
|
151
|
-
lines.push('- Evidence status: ' + data.evidenceStatus)
|
|
152
|
-
lines.push('- Accepted by: ' + data.acceptedBy)
|
|
153
|
-
lines.push('- Next action: ' + data.nextAction)
|
|
154
|
-
lines.push('')
|
|
155
|
-
lines.push('## Checks')
|
|
156
|
-
lines.push('')
|
|
157
|
-
for (const item of data.checks) {
|
|
158
|
-
const marker = item.status === 'passed' ? '[x]' : '[ ]'
|
|
159
|
-
lines.push('- ' + marker + ' ' + item.id + ' ' + item.label + ': ' + item.evidence)
|
|
160
|
-
}
|
|
161
|
-
lines.push('')
|
|
162
|
-
lines.push('## Probe Packet')
|
|
163
|
-
lines.push('')
|
|
164
|
-
lines.push('```text')
|
|
165
|
-
lines.push(data.probePacket.trimEnd())
|
|
166
|
-
lines.push('```')
|
|
167
|
-
lines.push('')
|
|
168
|
-
lines.push('## Residual Risk')
|
|
169
|
-
lines.push('')
|
|
170
|
-
for (const item of data.residualRisk) lines.push('- ' + item)
|
|
171
|
-
return lines.join('\n') + '\n'
|
|
172
|
-
}
|
|
173
|
-
|
|
174
|
-
if (jsonOnly) console.log(JSON.stringify(report, null, 2))
|
|
175
|
-
else console.log(renderMarkdown(report))
|
|
176
|
-
|
|
177
|
-
if (failed > 0) process.exit(1)
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
import fs from 'node:fs'
|
|
3
|
+
import path from 'node:path'
|
|
4
|
+
|
|
5
|
+
const args = process.argv.slice(2)
|
|
6
|
+
|
|
7
|
+
function readArg(name, fallback = null) {
|
|
8
|
+
const index = args.indexOf(name)
|
|
9
|
+
if (index === -1) return fallback
|
|
10
|
+
return args[index + 1] ?? fallback
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
const root = path.resolve(readArg('--root', path.join(import.meta.dirname, '..')))
|
|
14
|
+
const jsonOnly = args.includes('--json')
|
|
15
|
+
|
|
16
|
+
function read(relativePath) {
|
|
17
|
+
const fullPath = path.join(root, relativePath)
|
|
18
|
+
return fs.existsSync(fullPath) ? fs.readFileSync(fullPath, 'utf8') : ''
|
|
19
|
+
}
|
|
20
|
+
|
|
21
|
+
function exists(relativePath) {
|
|
22
|
+
return fs.existsSync(path.join(root, relativePath))
|
|
23
|
+
}
|
|
24
|
+
|
|
25
|
+
function check(id, label, ok, evidence, risk = '') {
|
|
26
|
+
return { id, label, status: ok ? 'passed' : 'failed', evidence, risk }
|
|
27
|
+
}
|
|
28
|
+
|
|
29
|
+
function section(markdown, heading) {
|
|
30
|
+
const lines = markdown.split(/\r?\n/)
|
|
31
|
+
const start = lines.findIndex((line) => line.trim() === '## ' + heading)
|
|
32
|
+
if (start === -1) return ''
|
|
33
|
+
const body = []
|
|
34
|
+
for (let index = start + 1; index < lines.length; index += 1) {
|
|
35
|
+
const line = lines[index]
|
|
36
|
+
if (line.startsWith('## ')) break
|
|
37
|
+
body.push(line)
|
|
38
|
+
}
|
|
39
|
+
return body.join('\n').trim()
|
|
40
|
+
}
|
|
41
|
+
|
|
42
|
+
const requiredInputs = [
|
|
43
|
+
'SKILL.md',
|
|
44
|
+
'.gse/gse-design-master-plan.md',
|
|
45
|
+
'.gse/goal-map.md',
|
|
46
|
+
'.gse/current-slice.md',
|
|
47
|
+
'references/forward-test.md',
|
|
48
|
+
'references/evidence-taxonomy.md',
|
|
49
|
+
]
|
|
50
|
+
|
|
51
|
+
const skill = read('SKILL.md')
|
|
52
|
+
const masterPlan = read('.gse/gse-design-master-plan.md')
|
|
53
|
+
const goalMap = read('.gse/goal-map.md')
|
|
54
|
+
const currentSlice = read('.gse/current-slice.md')
|
|
55
|
+
const forwardTest = read('references/forward-test.md')
|
|
56
|
+
const taxonomy = read('references/evidence-taxonomy.md')
|
|
57
|
+
|
|
58
|
+
const outcome = section(currentSlice, 'Outcome')
|
|
59
|
+
const scope = section(currentSlice, 'Scope')
|
|
60
|
+
const acceptance = section(currentSlice, 'Acceptance')
|
|
61
|
+
const evidence = section(currentSlice, 'Evidence') || section(currentSlice, 'Evidence Plan')
|
|
62
|
+
const nextAction = section(currentSlice, 'Next Action')
|
|
63
|
+
|
|
64
|
+
const probePacketLines = [
|
|
65
|
+
'# GSE Fresh-Session Probe Packet',
|
|
66
|
+
'',
|
|
67
|
+
'Purpose: verify whether a separate session can continue GSE development without hidden conversation history.',
|
|
68
|
+
'',
|
|
69
|
+
'Read these files in order:',
|
|
70
|
+
...requiredInputs.map((item) => '- ' + item),
|
|
71
|
+
'',
|
|
72
|
+
'Task for the fresh session:',
|
|
73
|
+
'- Identify the active GSE slice from `.gse/current-slice.md`.',
|
|
74
|
+
'- State outcome, scope, acceptance, evidence, risk, and next action.',
|
|
75
|
+
'- Do not claim accepted unless a separate session actually ran the path or an explicit policy accepts it.',
|
|
76
|
+
'- Do not invent subagent, MCP, LSP, browser, model, hook, or host support.',
|
|
77
|
+
'',
|
|
78
|
+
'Expected active slice:',
|
|
79
|
+
outcome || '(missing)',
|
|
80
|
+
'',
|
|
81
|
+
'Expected next action:',
|
|
82
|
+
nextAction || '(missing)',
|
|
83
|
+
'',
|
|
84
|
+
'Required response fields:',
|
|
85
|
+
'- Forward-test level',
|
|
86
|
+
'- Scenario',
|
|
87
|
+
'- Changed behavior',
|
|
88
|
+
'- Commands or inspection',
|
|
89
|
+
'- Result evidence',
|
|
90
|
+
'- Verification evidence',
|
|
91
|
+
'- Accepted by',
|
|
92
|
+
'- Residual risk',
|
|
93
|
+
'- Next action',
|
|
94
|
+
]
|
|
95
|
+
const probePacket = probePacketLines.join('\n') + '\n'
|
|
96
|
+
|
|
97
|
+
const checks = [
|
|
98
|
+
check('FS01', 'required startup inputs exist', requiredInputs.every(exists), requiredInputs.join(', ')),
|
|
99
|
+
check('FS02', 'SKILL routes GSE changes through control and validation', skill.includes('references/router.md') && skill.includes('scripts/validate-gse.mjs') && skill.includes('references/forward-test.md'), 'SKILL.md'),
|
|
100
|
+
check('FS03', 'master plan preserves fresh-session boundary after owner acceptance', masterPlan.includes('owner-approved AION project-write acceptance is executed') && (masterPlan.includes('fresh-session acceptance remains optional future confidence evidence') || masterPlan.includes('Marketplace discovery, public key custody, and cross-host native command execution remain final-form work') || masterPlan.includes('Marketplace discovery and real host UI invocation remain final-form work') || masterPlan.includes('Public marketplace approval, public registry publication, other host runtime invocation records, and host-native slash-command execution remain final-form work') || masterPlan.includes('Remaining final-form work is host-native slash-command support with real host runtime evidence.') || masterPlan.includes('The Final Form Roadmap now lives in `references/final-form-roadmap.md`')), '.gse/gse-design-master-plan.md'),
|
|
101
|
+
check('FS04', 'goal map exposes active slice and next action without hidden history', goalMap.includes('- Active slice:') && goalMap.includes('- Next action:') && goalMap.includes('scripts/audit-fresh-session-readiness.mjs'), '.gse/goal-map.md'),
|
|
102
|
+
check('FS05', 'current slice has required GSE fields', Boolean(outcome && scope && acceptance && evidence && nextAction), 'Outcome, Scope, Acceptance, Evidence or Evidence Plan, Next Action'),
|
|
103
|
+
check('FS06', 'probe packet explicitly avoids false acceptance', probePacket.includes('Do not claim accepted unless a separate session actually ran the path or an explicit policy accepts it.'), 'generated probe packet'),
|
|
104
|
+
check('FS07', 'forward-test protocol defines fresh-session acceptance rules', forwardTest.includes('Fresh-session forward test') && forwardTest.includes('accepted by: fresh-session') && forwardTest.includes('separate agent/session actually ran the path'), 'references/forward-test.md'),
|
|
105
|
+
check('FS08', 'evidence taxonomy supports result verified accepted labels', taxonomy.includes('result -> verified -> accepted') && taxonomy.includes('Not enough for `accepted`'), 'references/evidence-taxonomy.md'),
|
|
106
|
+
check('FS09', 'probe packet uses only documented inputs', requiredInputs.every((item) => probePacket.includes(item)) && probePacket.includes('without hidden conversation history'), 'generated probe packet'),
|
|
107
|
+
check('FS10', 'probe packet asks for evidence taxonomy and residual risk', probePacket.includes('Accepted by') && probePacket.includes('Residual risk') && probePacket.includes('Do not claim accepted'), 'generated probe packet fields'),
|
|
108
|
+
]
|
|
109
|
+
|
|
110
|
+
const passed = checks.filter((item) => item.status === 'passed').length
|
|
111
|
+
const failed = checks.length - passed
|
|
112
|
+
const report = {
|
|
113
|
+
root,
|
|
114
|
+
generatedAt: new Date().toISOString(),
|
|
115
|
+
level: 'fresh-session readiness probe',
|
|
116
|
+
scenario: 'Prepare a separate-session GSE continuation packet using documented startup inputs.',
|
|
117
|
+
changedBehavior: 'GSE now has a repeatable readiness check for fresh-session acceptance without overstating acceptance when no separate-session tool is available.',
|
|
118
|
+
evidenceStatus: failed === 0 ? 'verified' : 'result',
|
|
119
|
+
acceptedBy: 'not accepted; no separate-session tool was available to execute the probe in this run',
|
|
120
|
+
summary: { status: failed === 0 ? 'passed' : 'failed', passed, failed, total: checks.length },
|
|
121
|
+
workflows: { freshSessionReadiness: failed === 0 ? 'verified' : 'failed', freshSessionAcceptance: 'not accepted' },
|
|
122
|
+
commandsOrInspection: [
|
|
123
|
+
'Read documented startup inputs: ' + requiredInputs.join(', '),
|
|
124
|
+
'Generate fresh-session probe packet from current slice and forward-test rules',
|
|
125
|
+
'Verify accepted status is not claimed without a real separate-session run',
|
|
126
|
+
],
|
|
127
|
+
probePacket,
|
|
128
|
+
residualRisk: [
|
|
129
|
+
'This readiness probe is not a true fresh-session run.',
|
|
130
|
+
'The result cannot be marked accepted until a separate session, thread, or host-specific equivalent actually follows the packet.',
|
|
131
|
+
'Host-specific thread/subagent tools must be verified before using them as acceptance evidence.',
|
|
132
|
+
],
|
|
133
|
+
nextAction: 'When a separate-session or thread tool is available, run the probe packet and record accepted or failed evidence.',
|
|
134
|
+
checks,
|
|
135
|
+
}
|
|
136
|
+
|
|
137
|
+
function renderMarkdown(data) {
|
|
138
|
+
const lines = []
|
|
139
|
+
lines.push('# GSE Fresh-Session Readiness Audit')
|
|
140
|
+
lines.push('')
|
|
141
|
+
lines.push('Generated: ' + data.generatedAt)
|
|
142
|
+
lines.push('Root: ' + data.root)
|
|
143
|
+
lines.push('')
|
|
144
|
+
lines.push('## Record')
|
|
145
|
+
lines.push('')
|
|
146
|
+
lines.push('- Forward-test level: ' + data.level)
|
|
147
|
+
lines.push('- Scenario: ' + data.scenario)
|
|
148
|
+
lines.push('- Changed behavior: ' + data.changedBehavior)
|
|
149
|
+
lines.push('- Result evidence: probe packet generated from documented inputs')
|
|
150
|
+
lines.push('- Verification evidence: ' + data.summary.passed + '/' + data.summary.total + ' checks passed')
|
|
151
|
+
lines.push('- Evidence status: ' + data.evidenceStatus)
|
|
152
|
+
lines.push('- Accepted by: ' + data.acceptedBy)
|
|
153
|
+
lines.push('- Next action: ' + data.nextAction)
|
|
154
|
+
lines.push('')
|
|
155
|
+
lines.push('## Checks')
|
|
156
|
+
lines.push('')
|
|
157
|
+
for (const item of data.checks) {
|
|
158
|
+
const marker = item.status === 'passed' ? '[x]' : '[ ]'
|
|
159
|
+
lines.push('- ' + marker + ' ' + item.id + ' ' + item.label + ': ' + item.evidence)
|
|
160
|
+
}
|
|
161
|
+
lines.push('')
|
|
162
|
+
lines.push('## Probe Packet')
|
|
163
|
+
lines.push('')
|
|
164
|
+
lines.push('```text')
|
|
165
|
+
lines.push(data.probePacket.trimEnd())
|
|
166
|
+
lines.push('```')
|
|
167
|
+
lines.push('')
|
|
168
|
+
lines.push('## Residual Risk')
|
|
169
|
+
lines.push('')
|
|
170
|
+
for (const item of data.residualRisk) lines.push('- ' + item)
|
|
171
|
+
return lines.join('\n') + '\n'
|
|
172
|
+
}
|
|
173
|
+
|
|
174
|
+
if (jsonOnly) console.log(JSON.stringify(report, null, 2))
|
|
175
|
+
else console.log(renderMarkdown(report))
|
|
176
|
+
|
|
177
|
+
if (failed > 0) process.exit(1)
|
|
@@ -0,0 +1,237 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
import fs from 'node:fs'
|
|
3
|
+
import os from 'node:os'
|
|
4
|
+
import path from 'node:path'
|
|
5
|
+
import { fileURLToPath } from 'node:url'
|
|
6
|
+
import { spawnSync } from 'node:child_process'
|
|
7
|
+
|
|
8
|
+
const args = process.argv.slice(2)
|
|
9
|
+
|
|
10
|
+
function readArg(name, fallback = null) {
|
|
11
|
+
const index = args.indexOf(name)
|
|
12
|
+
if (index === -1) return fallback
|
|
13
|
+
return args[index + 1] ?? fallback
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
const root = path.resolve(readArg('--root', path.join(import.meta.dirname, '..')))
|
|
17
|
+
const targetArg = readArg('--target')
|
|
18
|
+
const jsonOnly = args.includes('--json')
|
|
19
|
+
|
|
20
|
+
const requiredCapabilities = ['native-slash-command', 'browser', 'mcp', 'lsp', 'subagent', 'ci']
|
|
21
|
+
const allowedStatuses = new Set(['verified', 'documented', 'unknown', 'unavailable', 'external-required'])
|
|
22
|
+
|
|
23
|
+
function readText(filePath) {
|
|
24
|
+
return fs.existsSync(filePath) ? fs.readFileSync(filePath, 'utf8').replace(/^\uFEFF/, '') : ''
|
|
25
|
+
}
|
|
26
|
+
|
|
27
|
+
function parseCapabilityTable(text) {
|
|
28
|
+
const rows = []
|
|
29
|
+
for (const line of text.split(/\r?\n/)) {
|
|
30
|
+
const trimmed = line.trim()
|
|
31
|
+
if (!trimmed.startsWith('|')) continue
|
|
32
|
+
if (/^\|\s*-+/.test(trimmed)) continue
|
|
33
|
+
if (/^\|\s*Capability\s*\|/i.test(trimmed)) continue
|
|
34
|
+
const cells = trimmed
|
|
35
|
+
.slice(1, trimmed.endsWith('|') ? -1 : undefined)
|
|
36
|
+
.split('|')
|
|
37
|
+
.map((cell) => cell.trim())
|
|
38
|
+
if (cells.length < 6) continue
|
|
39
|
+
rows.push({
|
|
40
|
+
capability: cells[0].toLowerCase(),
|
|
41
|
+
hostOrTool: cells[1],
|
|
42
|
+
status: cells[2],
|
|
43
|
+
evidence: cells[3],
|
|
44
|
+
claimBoundary: cells[4],
|
|
45
|
+
lastChecked: cells[5],
|
|
46
|
+
})
|
|
47
|
+
}
|
|
48
|
+
return rows
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
function hasConcreteEvidence(value) {
|
|
52
|
+
const normalized = String(value || '').trim().toLowerCase()
|
|
53
|
+
return Boolean(normalized && !['-', 'n/a', 'none', 'unknown', 'tbd', 'todo'].includes(normalized))
|
|
54
|
+
}
|
|
55
|
+
|
|
56
|
+
export function readHostCapabilities(target) {
|
|
57
|
+
const filePath = path.join(target, '.gse', 'host-capabilities.md')
|
|
58
|
+
const exists = fs.existsSync(filePath)
|
|
59
|
+
const text = exists ? readText(filePath) : ''
|
|
60
|
+
const capabilities = parseCapabilityTable(text)
|
|
61
|
+
const byCapability = new Map(capabilities.map((item) => [item.capability, item]))
|
|
62
|
+
const missingRequired = requiredCapabilities.filter((capability) => !byCapability.has(capability))
|
|
63
|
+
const invalidStatus = capabilities.filter((item) => !allowedStatuses.has(item.status))
|
|
64
|
+
const missingEvidenceForVerified = capabilities.filter((item) => item.status === 'verified' && !hasConcreteEvidence(item.evidence))
|
|
65
|
+
const nativeSlash = byCapability.get('native-slash-command') ?? null
|
|
66
|
+
const nativeSlashOverclaim =
|
|
67
|
+
nativeSlash?.status === 'verified' &&
|
|
68
|
+
(
|
|
69
|
+
!/native/i.test(nativeSlash.evidence) ||
|
|
70
|
+
/portable|text-command|run-gse-command|generate-continue-packet/i.test(nativeSlash.evidence)
|
|
71
|
+
)
|
|
72
|
+
const documentedWithoutBoundary = capabilities.filter((item) =>
|
|
73
|
+
['documented', 'external-required'].includes(item.status) && !hasConcreteEvidence(item.claimBoundary),
|
|
74
|
+
)
|
|
75
|
+
const status = !exists
|
|
76
|
+
? 'warning'
|
|
77
|
+
: capabilities.length === 0 ||
|
|
78
|
+
missingRequired.length > 0 ||
|
|
79
|
+
invalidStatus.length > 0 ||
|
|
80
|
+
missingEvidenceForVerified.length > 0 ||
|
|
81
|
+
nativeSlashOverclaim ||
|
|
82
|
+
documentedWithoutBoundary.length > 0
|
|
83
|
+
? 'failed'
|
|
84
|
+
: 'passed'
|
|
85
|
+
return {
|
|
86
|
+
path: '.gse/host-capabilities.md',
|
|
87
|
+
exists,
|
|
88
|
+
status,
|
|
89
|
+
capabilities,
|
|
90
|
+
summary: {
|
|
91
|
+
requiredCapabilities,
|
|
92
|
+
total: capabilities.length,
|
|
93
|
+
verified: capabilities.filter((item) => item.status === 'verified').map((item) => item.capability),
|
|
94
|
+
documented: capabilities.filter((item) => item.status === 'documented').map((item) => item.capability),
|
|
95
|
+
unknown: capabilities.filter((item) => item.status === 'unknown').map((item) => item.capability),
|
|
96
|
+
unavailable: capabilities.filter((item) => item.status === 'unavailable').map((item) => item.capability),
|
|
97
|
+
externalRequired: capabilities.filter((item) => item.status === 'external-required').map((item) => item.capability),
|
|
98
|
+
missingRequired,
|
|
99
|
+
invalidStatus: invalidStatus.map((item) => item.capability),
|
|
100
|
+
missingEvidenceForVerified: missingEvidenceForVerified.map((item) => item.capability),
|
|
101
|
+
nativeSlashOverclaim: nativeSlashOverclaim ? ['native-slash-command'] : [],
|
|
102
|
+
documentedWithoutBoundary: documentedWithoutBoundary.map((item) => item.capability),
|
|
103
|
+
},
|
|
104
|
+
}
|
|
105
|
+
}
|
|
106
|
+
|
|
107
|
+
function run(script, commandArgs) {
|
|
108
|
+
const result = spawnSync(process.execPath, [path.join(root, 'scripts', script), ...commandArgs], {
|
|
109
|
+
cwd: root,
|
|
110
|
+
encoding: 'utf8',
|
|
111
|
+
windowsHide: true,
|
|
112
|
+
})
|
|
113
|
+
return {
|
|
114
|
+
command: [process.execPath, path.join(root, 'scripts', script), ...commandArgs].join(' '),
|
|
115
|
+
status: result.status ?? 1,
|
|
116
|
+
stdout: (result.stdout ?? '').trim(),
|
|
117
|
+
stderr: (result.stderr ?? '').trim(),
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
|
|
121
|
+
function check(id, label, ok, evidence, risk = '') {
|
|
122
|
+
return { id, label, status: ok ? 'passed' : 'failed', evidence, risk }
|
|
123
|
+
}
|
|
124
|
+
|
|
125
|
+
function createFixture(content) {
|
|
126
|
+
const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'gse-host-capabilities-'))
|
|
127
|
+
const init = run('init-project.mjs', ['--target', dir, '--mode', 'enterprise', '--json'])
|
|
128
|
+
if (content) {
|
|
129
|
+
fs.writeFileSync(path.join(dir, '.gse', 'host-capabilities.md'), content.trimStart().replace(/\n/g, '\r\n'), 'utf8')
|
|
130
|
+
}
|
|
131
|
+
return { dir, init }
|
|
132
|
+
}
|
|
133
|
+
|
|
134
|
+
function audit(target) {
|
|
135
|
+
const resolvedTarget = path.resolve(target)
|
|
136
|
+
const hostCapabilities = readHostCapabilities(resolvedTarget)
|
|
137
|
+
const hostAdapters = readText(path.join(root, 'references', 'host-adapters.md'))
|
|
138
|
+
const toolAdapters = readText(path.join(root, 'references', 'tool-adapters.md'))
|
|
139
|
+
const qualityGates = readText(path.join(root, 'references', 'quality-gates.md'))
|
|
140
|
+
const initProject = readText(path.join(root, 'scripts', 'init-project.mjs'))
|
|
141
|
+
const continuePacket = readText(path.join(root, 'scripts', 'generate-continue-packet.mjs'))
|
|
142
|
+
const validationProfile = readText(path.join(root, 'scripts', 'run-validation-profile.mjs'))
|
|
143
|
+
const validator = readText(path.join(root, 'scripts', 'validate-gse.mjs'))
|
|
144
|
+
const checks = [
|
|
145
|
+
check('HC01', 'host capability record is present or reported as warning', hostCapabilities.exists || hostCapabilities.status === 'warning', hostCapabilities.exists ? hostCapabilities.path : 'missing host capability record warning'),
|
|
146
|
+
check('HC02', 'capability table covers required capability rows when present', !hostCapabilities.exists || hostCapabilities.summary.missingRequired.length === 0, hostCapabilities.summary.missingRequired.join(', ') || 'required capabilities present'),
|
|
147
|
+
check('HC03', 'capability statuses use allowed vocabulary', !hostCapabilities.exists || hostCapabilities.summary.invalidStatus.length === 0, hostCapabilities.summary.invalidStatus.join(', ') || Array.from(allowedStatuses).join(', ')),
|
|
148
|
+
check('HC04', 'verified capabilities include concrete evidence', !hostCapabilities.exists || hostCapabilities.summary.missingEvidenceForVerified.length === 0, hostCapabilities.summary.missingEvidenceForVerified.join(', ') || 'verified rows have evidence'),
|
|
149
|
+
check('HC05', 'native slash-command is not verified from portable command evidence', !hostCapabilities.exists || hostCapabilities.summary.nativeSlashOverclaim.length === 0, hostCapabilities.summary.nativeSlashOverclaim.join(', ') || 'native slash-command boundary preserved'),
|
|
150
|
+
check('HC06', 'documented and external-required rows include claim boundaries', !hostCapabilities.exists || hostCapabilities.summary.documentedWithoutBoundary.length === 0, hostCapabilities.summary.documentedWithoutBoundary.join(', ') || 'claim boundaries present'),
|
|
151
|
+
check('HC07', 'host/tool docs explain capability record and claim boundary', hostAdapters.includes('.gse/host-capabilities.md') && toolAdapters.includes('.gse/host-capabilities.md') && qualityGates.includes('host-capabilities'), 'references host/tool/quality docs'),
|
|
152
|
+
check('HC08', 'init-project scaffolds host capability records', initProject.includes('host-capabilities.md') && initProject.includes('native-slash-command') && initProject.includes('external-required'), 'scripts/init-project.mjs'),
|
|
153
|
+
check('HC09', 'continue packet surfaces host capability readiness', continuePacket.includes('readHostCapabilities') && continuePacket.includes('CP16') && continuePacket.includes('hostCapabilities'), 'scripts/generate-continue-packet.mjs'),
|
|
154
|
+
check('HC10', 'validation routes include host capability audit', validationProfile.includes('audit-host-capabilities.mjs') && validator.includes('audit-host-capabilities.mjs'), 'validation profile and validate-gse'),
|
|
155
|
+
]
|
|
156
|
+
const passed = checks.filter((item) => item.status === 'passed').length
|
|
157
|
+
const failed = checks.length - passed
|
|
158
|
+
return {
|
|
159
|
+
target: resolvedTarget,
|
|
160
|
+
generatedAt: new Date().toISOString(),
|
|
161
|
+
summary: { status: failed === 0 ? hostCapabilities.status : 'failed', passed, failed, total: checks.length },
|
|
162
|
+
workflows: {
|
|
163
|
+
hostCapabilityRecords: failed === 0 && hostCapabilities.status !== 'failed' ? 'verified' : 'failed',
|
|
164
|
+
nativeSlashCommandBoundary: failed === 0 ? 'verified' : 'failed',
|
|
165
|
+
},
|
|
166
|
+
hostCapabilities,
|
|
167
|
+
checks,
|
|
168
|
+
limits: [
|
|
169
|
+
'Host capability records prove local record/audit mechanics and recorded project facts.',
|
|
170
|
+
'They do not create native slash-command, browser, MCP, LSP, subagent, or CI capability.',
|
|
171
|
+
'Native slash-command support still requires real host runtime invocation evidence.',
|
|
172
|
+
],
|
|
173
|
+
}
|
|
174
|
+
}
|
|
175
|
+
|
|
176
|
+
function selfTestReport() {
|
|
177
|
+
const valid = createFixture()
|
|
178
|
+
const invalid = createFixture([
|
|
179
|
+
'# Host Capabilities',
|
|
180
|
+
'',
|
|
181
|
+
'| Capability | Host/Tool | Status | Evidence | Claim Boundary | Last Checked |',
|
|
182
|
+
'|---|---|---|---|---|---|',
|
|
183
|
+
'| native-slash-command | Codex | verified | portable run-gse-command smoke | Claims native slash support | 2026-07-09 |',
|
|
184
|
+
'| browser | Playwright | verified | - | Browser smoke available | 2026-07-09 |',
|
|
185
|
+
'| mcp | MCP | maybe | - | Unknown | 2026-07-09 |',
|
|
186
|
+
'| lsp | LSP | unknown | - | Unknown | 2026-07-09 |',
|
|
187
|
+
'| subagent | Host dispatch | unknown | - | Unknown | 2026-07-09 |',
|
|
188
|
+
'| ci | GitHub Actions | documented | .github/workflows/validate-gse.yml | | 2026-07-09 |',
|
|
189
|
+
'',
|
|
190
|
+
].join('\n'))
|
|
191
|
+
const missingDir = fs.mkdtempSync(path.join(os.tmpdir(), 'gse-host-capabilities-missing-'))
|
|
192
|
+
fs.mkdirSync(path.join(missingDir, '.gse'), { recursive: true })
|
|
193
|
+
const validReport = audit(valid.dir)
|
|
194
|
+
const invalidReport = audit(invalid.dir)
|
|
195
|
+
const missingReport = audit(missingDir)
|
|
196
|
+
fs.rmSync(valid.dir, { recursive: true, force: true })
|
|
197
|
+
fs.rmSync(invalid.dir, { recursive: true, force: true })
|
|
198
|
+
fs.rmSync(missingDir, { recursive: true, force: true })
|
|
199
|
+
const checks = [
|
|
200
|
+
check('HCA01', 'init-project creates host capability record scaffold', valid.init.status === 0 && validReport.hostCapabilities.exists, 'scripts/init-project.mjs'),
|
|
201
|
+
check('HCA02', 'scaffold covers required capabilities', validReport.hostCapabilities.summary.missingRequired.length === 0, validReport.hostCapabilities.capabilities.map((item) => item.capability).join(', ')),
|
|
202
|
+
check('HCA03', 'missing host capability file is warning, not hard failure', missingReport.hostCapabilities.status === 'warning', 'missing fixture'),
|
|
203
|
+
check('HCA04', 'invalid status, missing verified evidence, missing boundary, and native overclaim fail', invalidReport.summary.status === 'failed' && invalidReport.hostCapabilities.summary.invalidStatus.includes('mcp') && invalidReport.hostCapabilities.summary.missingEvidenceForVerified.includes('browser') && invalidReport.hostCapabilities.summary.nativeSlashOverclaim.includes('native-slash-command') && invalidReport.hostCapabilities.summary.documentedWithoutBoundary.includes('ci'), 'invalid fixture'),
|
|
204
|
+
check('HCA05', 'audit source is wired to continue packet and validation scripts', validReport.checks.find((item) => item.id === 'HC09')?.status === 'passed' && validReport.checks.find((item) => item.id === 'HC10')?.status === 'passed', 'continue/validation wiring'),
|
|
205
|
+
]
|
|
206
|
+
const passed = checks.filter((item) => item.status === 'passed').length
|
|
207
|
+
const failed = checks.length - passed
|
|
208
|
+
return {
|
|
209
|
+
root,
|
|
210
|
+
generatedAt: new Date().toISOString(),
|
|
211
|
+
summary: { status: failed === 0 ? 'passed' : 'failed', passed, failed, total: checks.length },
|
|
212
|
+
workflows: {
|
|
213
|
+
hostCapabilityRecords: failed === 0 ? 'verified' : 'failed',
|
|
214
|
+
initProjectHostCapabilityScaffold: failed === 0 ? 'verified' : 'failed',
|
|
215
|
+
nativeSlashCommandBoundary: failed === 0 ? 'verified' : 'failed',
|
|
216
|
+
},
|
|
217
|
+
fixture: {
|
|
218
|
+
validStatus: validReport.hostCapabilities.status,
|
|
219
|
+
invalidStatus: invalidReport.hostCapabilities.status,
|
|
220
|
+
missingStatus: missingReport.hostCapabilities.status,
|
|
221
|
+
},
|
|
222
|
+
checks,
|
|
223
|
+
limits: [
|
|
224
|
+
'This self-test verifies scaffold, parsing, and claim-boundary mechanics.',
|
|
225
|
+
'It does not prove live host capabilities.',
|
|
226
|
+
],
|
|
227
|
+
}
|
|
228
|
+
}
|
|
229
|
+
|
|
230
|
+
const isCli = process.argv[1] && fileURLToPath(import.meta.url) === path.resolve(process.argv[1])
|
|
231
|
+
|
|
232
|
+
if (isCli) {
|
|
233
|
+
const report = targetArg ? audit(targetArg) : selfTestReport()
|
|
234
|
+
if (jsonOnly) console.log(JSON.stringify(report, null, 2))
|
|
235
|
+
else console.log(JSON.stringify(report, null, 2))
|
|
236
|
+
if (report.summary.status === 'failed') process.exit(1)
|
|
237
|
+
}
|