@t275005746/gse 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (228) hide show
  1. package/.github/ISSUE_TEMPLATE/bug_report.yml +42 -42
  2. package/.github/ISSUE_TEMPLATE/change_request.yml +50 -50
  3. package/.github/ISSUE_TEMPLATE/config.yml +5 -5
  4. package/.github/PULL_REQUEST_TEMPLATE.md +38 -38
  5. package/.github/workflows/validate-gse.yml +33 -33
  6. package/.gse/README.md +18 -18
  7. package/.gse/gse-development-protocol.md +50 -50
  8. package/.gse/project-profile.md +29 -29
  9. package/.gse/quality-gates.md +25 -25
  10. package/.gse/releases/public-registry-publication-npm.md +49 -0
  11. package/.gse/releases/public-release-owner-required.md +65 -65
  12. package/.gse/releases/public-security-contact-owner-required.md +45 -45
  13. package/.gse/state.json +147 -27
  14. package/CHANGELOG.md +31 -15
  15. package/CONTRIBUTING.md +64 -64
  16. package/LICENSE +21 -21
  17. package/README.md +14 -7
  18. package/README.zh-CN.md +14 -7
  19. package/SECURITY.md +41 -41
  20. package/SKILL.md +32 -12
  21. package/SUPPORT.md +38 -38
  22. package/assets/marketplace/README.md +7 -7
  23. package/assets/marketplace/gse-listing.json +75 -75
  24. package/assets/templates/acceptance-execution-packet.md +73 -73
  25. package/assets/templates/adr.md +14 -14
  26. package/assets/templates/change-brief.md +16 -16
  27. package/assets/templates/design.md +18 -18
  28. package/assets/templates/dispatch-packet.md +100 -92
  29. package/assets/templates/evidence.md +15 -9
  30. package/assets/templates/execution-quality-pack.md +65 -65
  31. package/assets/templates/goal-map.md +21 -21
  32. package/assets/templates/host-adapter.md +48 -48
  33. package/assets/templates/host-ui-invocation-record.md +42 -42
  34. package/assets/templates/incident-review.md +60 -60
  35. package/assets/templates/public-channel-publication-record.md +49 -49
  36. package/assets/templates/public-ci-run-record.md +53 -53
  37. package/assets/templates/public-release-record.md +65 -65
  38. package/assets/templates/public-repository-settings-record.md +59 -59
  39. package/assets/templates/public-security-contact-record.md +45 -45
  40. package/assets/templates/release-trust-record.md +32 -32
  41. package/assets/templates/review.md +18 -18
  42. package/assets/templates/role-fallback-packet.md +49 -0
  43. package/assets/templates/spec.md +16 -16
  44. package/assets/templates/target-adoption-evidence.md +29 -29
  45. package/assets/templates/tasks.md +17 -17
  46. package/assets/templates/update-release-acceptance-record.md +58 -58
  47. package/examples/README.md +22 -22
  48. package/examples/agent-runtime-host/.claude/gse-adapter.md +6 -6
  49. package/examples/agent-runtime-host/.codex/gse-adapter.md +7 -7
  50. package/examples/agent-runtime-host/.gse/goal-map.md +7 -7
  51. package/examples/agent-runtime-host/.gse/project-profile.md +27 -27
  52. package/examples/agent-runtime-host/.gse/tooling.md +5 -5
  53. package/examples/agent-runtime-host/.mcp.json +9 -9
  54. package/examples/agent-runtime-host/AGENTS.md +5 -5
  55. package/examples/agent-runtime-host/README.md +10 -10
  56. package/examples/agent-runtime-host/docs/model-routing.md +5 -5
  57. package/examples/cli-tool/.gse/project-profile.md +21 -21
  58. package/examples/cli-tool/AGENTS.md +5 -5
  59. package/examples/cli-tool/README.md +12 -12
  60. package/examples/cli-tool/package.json +21 -21
  61. package/examples/small-app/.env.example +2 -2
  62. package/examples/small-app/.github/workflows/ci.yml +8 -8
  63. package/examples/small-app/AGENTS.md +5 -5
  64. package/examples/small-app/README.md +12 -12
  65. package/examples/small-app/package.json +26 -26
  66. package/examples/small-app/playwright.config.ts +4 -4
  67. package/package.json +52 -44
  68. package/references/adoption-recipes.md +171 -171
  69. package/references/agent-roles.md +42 -21
  70. package/references/architecture-health.md +101 -101
  71. package/references/benchmark-audit.md +73 -73
  72. package/references/commands.md +74 -45
  73. package/references/community-channels.md +46 -46
  74. package/references/compatibility.md +70 -70
  75. package/references/design-basis.md +38 -38
  76. package/references/domain-model.md +129 -129
  77. package/references/domain-quality-gates.md +75 -75
  78. package/references/drift-audit.md +81 -80
  79. package/references/evidence-taxonomy.md +145 -108
  80. package/references/file-ownership.md +97 -93
  81. package/references/final-form-roadmap.md +201 -0
  82. package/references/final-readiness.md +84 -84
  83. package/references/forward-test.md +133 -133
  84. package/references/goal-map.md +36 -36
  85. package/references/host-adapters.md +129 -101
  86. package/references/learning-system.md +42 -26
  87. package/references/maintenance-cadence.md +51 -0
  88. package/references/marketplace-discovery.md +46 -46
  89. package/references/model-routing.md +103 -103
  90. package/references/open-source-defaults.md +39 -39
  91. package/references/operating-model.md +52 -52
  92. package/references/packaging.md +277 -277
  93. package/references/project-agent-workspace.md +89 -89
  94. package/references/project-bootstrap.md +122 -122
  95. package/references/project-guards.md +52 -0
  96. package/references/project-profile.md +57 -57
  97. package/references/public-release.md +174 -174
  98. package/references/quality-gates.md +96 -89
  99. package/references/recovery.md +176 -176
  100. package/references/release-trust.md +43 -43
  101. package/references/release.md +126 -126
  102. package/references/review.md +141 -141
  103. package/references/role-dispatch-fallback.md +54 -0
  104. package/references/router.md +90 -90
  105. package/references/spec-workflow.md +66 -66
  106. package/references/task-levels.md +81 -81
  107. package/references/tool-adapters.md +80 -70
  108. package/scripts/audit-acceptance-execution-packet.mjs +133 -133
  109. package/scripts/audit-adoption-recipes.mjs +99 -99
  110. package/scripts/audit-change-lifecycle.mjs +77 -77
  111. package/scripts/audit-change-system.mjs +134 -134
  112. package/scripts/audit-ci-readiness.mjs +107 -107
  113. package/scripts/audit-close-gate-hardening.mjs +188 -0
  114. package/scripts/audit-close-gate.mjs +448 -262
  115. package/scripts/audit-command-adapters.mjs +91 -91
  116. package/scripts/audit-command-execution.mjs +212 -199
  117. package/scripts/audit-commands.mjs +7 -5
  118. package/scripts/audit-compatibility.mjs +149 -149
  119. package/scripts/audit-completion-plan-drill.mjs +230 -0
  120. package/scripts/audit-completion-readiness.mjs +290 -287
  121. package/scripts/audit-continue-preflight.mjs +234 -0
  122. package/scripts/audit-distribution.mjs +251 -251
  123. package/scripts/audit-domain-quality-gates.mjs +108 -108
  124. package/scripts/audit-evidence-levels.mjs +217 -0
  125. package/scripts/audit-evidence-placeholders.mjs +126 -126
  126. package/scripts/audit-evidence-review-queue.mjs +206 -0
  127. package/scripts/audit-final-acceptance-packet.mjs +9 -9
  128. package/scripts/audit-final-form-progress-report.mjs +19 -18
  129. package/scripts/audit-final-form-roadmap.mjs +157 -0
  130. package/scripts/audit-final-form-stale-copy.mjs +2 -2
  131. package/scripts/audit-final-readiness-promotion.mjs +255 -255
  132. package/scripts/audit-final-readiness.mjs +226 -226
  133. package/scripts/audit-fixtures.mjs +154 -154
  134. package/scripts/audit-fresh-session-readiness.mjs +177 -177
  135. package/scripts/audit-host-capabilities.mjs +237 -0
  136. package/scripts/audit-host-runtime-evidence-handoff.mjs +159 -159
  137. package/scripts/audit-host-runtime-invocation-drill.mjs +240 -240
  138. package/scripts/audit-host-runtime-invocations.mjs +254 -254
  139. package/scripts/audit-host-ui-invocation.mjs +132 -132
  140. package/scripts/audit-installed-sync.mjs +203 -0
  141. package/scripts/audit-learning-drift.mjs +292 -0
  142. package/scripts/audit-learning-promotion.mjs +351 -0
  143. package/scripts/audit-learning-system.mjs +24 -14
  144. package/scripts/audit-local-final-form-completion.mjs +11 -10
  145. package/scripts/audit-maintenance-cadence.mjs +139 -0
  146. package/scripts/audit-maintenance-snapshot.mjs +181 -0
  147. package/scripts/audit-marketplace-discovery.mjs +122 -122
  148. package/scripts/audit-npm-package-metadata.mjs +160 -154
  149. package/scripts/audit-npm-publish-dry-run.mjs +194 -166
  150. package/scripts/audit-npm-tarball-install.mjs +195 -189
  151. package/scripts/audit-open-source-defaults.mjs +92 -92
  152. package/scripts/audit-open-source-readiness.mjs +97 -97
  153. package/scripts/audit-owner-external-gate-kit.mjs +12 -11
  154. package/scripts/audit-project-guards.mjs +189 -0
  155. package/scripts/audit-project.mjs +144 -141
  156. package/scripts/audit-public-acceptance-command-dry-run-drill.mjs +203 -203
  157. package/scripts/audit-public-acceptance-handoff.mjs +10 -10
  158. package/scripts/audit-public-acceptance-readiness.mjs +222 -222
  159. package/scripts/audit-public-channel-publication.mjs +248 -248
  160. package/scripts/audit-public-ci-run.mjs +184 -184
  161. package/scripts/audit-public-collaboration-templates.mjs +98 -98
  162. package/scripts/audit-public-external-gate-probe.mjs +206 -206
  163. package/scripts/audit-public-release-checklist.mjs +17 -15
  164. package/scripts/audit-public-release-decision.mjs +201 -201
  165. package/scripts/audit-public-release-metadata.mjs +176 -176
  166. package/scripts/audit-public-repository-settings.mjs +237 -237
  167. package/scripts/audit-public-security-contact.mjs +171 -171
  168. package/scripts/audit-readme-docs.mjs +6 -4
  169. package/scripts/audit-recovery-readiness.mjs +98 -98
  170. package/scripts/audit-release-bundle.mjs +13 -11
  171. package/scripts/audit-release-owner-action-plan-drill.mjs +5 -4
  172. package/scripts/audit-release-owner-action-plan.mjs +10 -10
  173. package/scripts/audit-release-readiness.mjs +106 -106
  174. package/scripts/audit-release-status-manifest.mjs +4 -4
  175. package/scripts/audit-release-trust.mjs +62 -62
  176. package/scripts/audit-remote-distribution.mjs +266 -266
  177. package/scripts/audit-roadmap-consistency.mjs +234 -230
  178. package/scripts/audit-role-dispatch-fallback.mjs +212 -0
  179. package/scripts/audit-session-sync.mjs +127 -0
  180. package/scripts/audit-signing.mjs +147 -147
  181. package/scripts/audit-state-freshness.mjs +20 -14
  182. package/scripts/audit-state-repair.mjs +360 -0
  183. package/scripts/audit-target-adoption-evidence.mjs +117 -117
  184. package/scripts/audit-target-hardening-drills.mjs +267 -0
  185. package/scripts/audit-target-project.mjs +507 -507
  186. package/scripts/audit-tool-fallback-policy.mjs +180 -0
  187. package/scripts/audit-ui-browser-evidence-policy.mjs +191 -0
  188. package/scripts/audit-update-release-acceptance.mjs +136 -136
  189. package/scripts/audit-v1-target-validation.mjs +269 -269
  190. package/scripts/audit-validation-profiles.mjs +125 -123
  191. package/scripts/backfill-evidence-levels.mjs +98 -0
  192. package/scripts/check-encoding.mjs +72 -0
  193. package/scripts/close-change.mjs +116 -116
  194. package/scripts/discover-project-profile.mjs +307 -307
  195. package/scripts/generate-command-adapter.mjs +231 -231
  196. package/scripts/generate-continue-packet.mjs +1214 -0
  197. package/scripts/generate-final-acceptance-packet.mjs +188 -173
  198. package/scripts/generate-final-form-progress-report.mjs +191 -189
  199. package/scripts/generate-host-runtime-evidence-handoff.mjs +198 -191
  200. package/scripts/generate-maintenance-snapshot.mjs +216 -0
  201. package/scripts/generate-owner-external-gate-kit.mjs +295 -295
  202. package/scripts/generate-public-acceptance-handoff.mjs +168 -156
  203. package/scripts/generate-public-release-checklist.mjs +207 -207
  204. package/scripts/generate-release-bundle.mjs +505 -505
  205. package/scripts/generate-release-owner-action-plan.mjs +172 -171
  206. package/scripts/generate-release-status-manifest.mjs +199 -198
  207. package/scripts/generate-session-prompt.mjs +188 -188
  208. package/scripts/gse.mjs +67 -67
  209. package/scripts/init-change.mjs +265 -265
  210. package/scripts/init-project.mjs +793 -712
  211. package/scripts/install-gse.mjs +234 -234
  212. package/scripts/lib/evidence-placeholders.mjs +28 -28
  213. package/scripts/package-gse.mjs +174 -174
  214. package/scripts/probe-public-external-gates.mjs +167 -167
  215. package/scripts/record-host-invocation.mjs +151 -151
  216. package/scripts/record-learning.mjs +37 -8
  217. package/scripts/record-public-channel-publication.mjs +178 -178
  218. package/scripts/record-public-ci-run.mjs +180 -180
  219. package/scripts/record-public-release.mjs +175 -175
  220. package/scripts/record-public-repository-settings.mjs +209 -209
  221. package/scripts/record-public-security-contact.mjs +157 -157
  222. package/scripts/record-session-sync.mjs +87 -0
  223. package/scripts/run-gse-command.mjs +79 -47
  224. package/scripts/run-validation-profile.mjs +24 -5
  225. package/scripts/sign-gse-package.mjs +83 -83
  226. package/scripts/update-project-state.mjs +223 -223
  227. package/scripts/validate-gse.mjs +216 -0
  228. package/scripts/verify-gse-package.mjs +85 -85
@@ -49,20 +49,28 @@ const dryRun = run('record-learning.mjs', ['--target', target, '--summary', summ
49
49
  const afterDryRun = fs.existsSync(learningsPath) ? fs.readFileSync(learningsPath, 'utf8') : ''
50
50
  const writeRun = run('record-learning.mjs', ['--target', target, '--summary', summary, '--trigger', 'encoding review', '--source', 'audit fixture', '--impact', 'prevents false mojibake fixes', '--execute', '--json'])
51
51
  const afterWrite = fs.existsSync(learningsPath) ? fs.readFileSync(learningsPath, 'utf8') : ''
52
- const duplicateRun = run('record-learning.mjs', ['--target', target, '--summary', summary, '--trigger', 'encoding review again', '--source', 'audit fixture', '--execute', '--json'])
53
- const afterDuplicate = fs.existsSync(learningsPath) ? fs.readFileSync(learningsPath, 'utf8') : ''
54
- const commandDryRun = run('run-gse-command.mjs', ['--root', root, '--target', target, '--command', `/gse learn --summary ${summary} via command --trigger command audit --source run-gse-command`, '--json'])
55
- const commandWriteRun = run('run-gse-command.mjs', ['--root', root, '--target', target, '--command', '/gse learn --summary Capture tool capability mismatches as reusable lessons --trigger tool mismatch --source command audit', '--execute', '--json'])
56
- const afterCommandWrite = fs.existsSync(learningsPath) ? fs.readFileSync(learningsPath, 'utf8') : ''
52
+ const duplicateRun = run('record-learning.mjs', ['--target', target, '--summary', summary, '--trigger', 'encoding review again', '--source', 'audit fixture', '--execute', '--json'])
53
+ const afterDuplicate = fs.existsSync(learningsPath) ? fs.readFileSync(learningsPath, 'utf8') : ''
54
+ const commandDryRun = run('run-gse-command.mjs', ['--root', root, '--target', target, '--command', `/gse learn --summary ${summary} via command --trigger command audit --source run-gse-command`, '--json'])
55
+ const commandWriteRun = run('run-gse-command.mjs', ['--root', root, '--target', target, '--command', '/gse learn --summary Capture tool capability mismatches as reusable lessons --trigger tool mismatch --source command audit', '--execute', '--json'])
56
+ const afterCommandWrite = fs.existsSync(learningsPath) ? fs.readFileSync(learningsPath, 'utf8') : ''
57
+ const promoteDryRun = run('run-gse-command.mjs', ['--root', root, '--target', target, '--command', '/gse learn --promote', '--json'])
58
+ const promoteWriteRun = run('run-gse-command.mjs', ['--root', root, '--target', target, '--command', '/gse learn --promote', '--execute', '--json'])
59
+ const promotionsPath = path.join(target, '.gse', 'learning-promotions.md')
60
+ const promotionsText = fs.existsSync(promotionsPath) ? fs.readFileSync(promotionsPath, 'utf8') : ''
57
61
 
58
62
  const waiting = parseJson(waitingRun.stdout)
59
63
  const dry = parseJson(dryRun.stdout)
60
64
  const written = parseJson(writeRun.stdout)
61
65
  const duplicate = parseJson(duplicateRun.stdout)
62
- const commandDry = parseJson(commandDryRun.stdout)
63
- const commandDryChild = parseJson(commandDry?.execution?.stdout ?? '')
64
- const commandWrite = parseJson(commandWriteRun.stdout)
65
- const commandWriteChild = parseJson(commandWrite?.execution?.stdout ?? '')
66
+ const commandDry = parseJson(commandDryRun.stdout)
67
+ const commandDryChild = parseJson(commandDry?.execution?.stdout ?? '')
68
+ const commandWrite = parseJson(commandWriteRun.stdout)
69
+ const commandWriteChild = parseJson(commandWrite?.execution?.stdout ?? '')
70
+ const promoteDry = parseJson(promoteDryRun.stdout)
71
+ const promoteDryChild = parseJson(promoteDry?.execution?.stdout ?? '')
72
+ const promoteWrite = parseJson(promoteWriteRun.stdout)
73
+ const promoteWriteChild = parseJson(promoteWrite?.execution?.stdout ?? '')
66
74
 
67
75
  const checks = [
68
76
  check('LRN01', 'record-learning script exists', fs.existsSync(path.join(root, 'scripts', 'record-learning.mjs')), 'scripts/record-learning.mjs'),
@@ -71,10 +79,12 @@ const checks = [
71
79
  check('LRN04', 'missing summary returns waiting-for-input without failing', waitingRun.status === 0 && waiting?.status === 'waiting-for-input', 'record-learning without --summary'),
72
80
  check('LRN05', 'dry-run previews learning without modifying file', dryRun.status === 0 && dry?.status === 'ready' && before === afterDryRun && dry?.preview?.includes(summary), 'record-learning dry-run'),
73
81
  check('LRN06', 'execute appends structured learning entry', writeRun.status === 0 && written?.status === 'written' && afterWrite.includes('- Summary: ' + summary) && afterWrite.includes('- Trigger: encoding review') && afterWrite.includes('- Status: learning-note'), 'record-learning --execute'),
74
- check('LRN07', 'duplicate summary is skipped without appending again', duplicateRun.status === 0 && duplicate?.status === 'skipped' && afterDuplicate === afterWrite, 'duplicate record-learning --execute'),
75
- check('LRN08', '/gse learn dry-runs through portable command runner', commandDryRun.status === 0 && commandDry?.verb === 'learn' && commandDryChild?.status === 'ready', '/gse learn'),
76
- check('LRN09', '/gse learn --execute writes through portable command runner', commandWriteRun.status === 0 && commandWrite?.verb === 'learn' && commandWriteChild?.status === 'written' && afterCommandWrite.includes('Capture tool capability mismatches as reusable lessons'), '/gse learn --execute'),
77
- ]
82
+ check('LRN07', 'duplicate summary increments occurrence without appending another entry', duplicateRun.status === 0 && duplicate?.status === 'updated' && afterDuplicate.includes('- Occurrences: 2') && (afterDuplicate.match(new RegExp('- Summary: ' + summary.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'), 'g')) ?? []).length === 1, 'duplicate record-learning --execute'),
83
+ check('LRN08', '/gse learn dry-runs through portable command runner', commandDryRun.status === 0 && commandDry?.verb === 'learn' && commandDryChild?.status === 'ready', '/gse learn'),
84
+ check('LRN09', '/gse learn --execute writes through portable command runner', commandWriteRun.status === 0 && commandWrite?.verb === 'learn' && commandWriteChild?.status === 'written' && afterCommandWrite.includes('Capture tool capability mismatches as reusable lessons'), '/gse learn --execute'),
85
+ check('LRN10', '/gse learn --promote dry-runs promotion analysis', promoteDryRun.status === 0 && promoteDry?.verb === 'learn' && promoteDryChild?.workflows?.learningPromotion === 'verified', '/gse learn --promote'),
86
+ check('LRN11', '/gse learn --promote --execute writes candidate-only report', promoteWriteRun.status === 0 && promoteWrite?.verb === 'learn' && promoteWriteChild?.write?.status === 'written' && promotionsText.includes('# Learning Promotions'), '/gse learn --promote --execute'),
87
+ ]
78
88
 
79
89
  const passed = checks.filter((item) => item.status === 'passed').length
80
90
  const failed = checks.length - passed
@@ -87,7 +97,7 @@ const report = {
87
97
  learningCommand: failed === 0 ? 'verified' : 'failed',
88
98
  learningStore: failed === 0 ? 'verified' : 'failed',
89
99
  },
90
- commands: [waitingRun.command, dryRun.command, writeRun.command, duplicateRun.command, commandDryRun.command, commandWriteRun.command],
100
+ commands: [waitingRun.command, dryRun.command, writeRun.command, duplicateRun.command, commandDryRun.command, commandWriteRun.command, promoteDryRun.command, promoteWriteRun.command],
91
101
  limits: [
92
102
  'This verifies deterministic learning capture and duplicate prevention.',
93
103
  'It does not automatically decide which lessons are worth recording; the agent or owner still supplies the summary.',
@@ -45,10 +45,11 @@ const publicAcceptance = run('audit-public-acceptance-readiness.mjs')
45
45
  const completionReadiness = run('audit-completion-readiness.mjs')
46
46
 
47
47
  const finalRows = finalReadiness.data?.matrix ?? []
48
- const nonExternalIncompleteRows = finalRows.filter((row) => {
49
- if (row.status === 'verified') return false
50
- return !['owner-required', 'external-required'].includes(row.status)
51
- })
48
+ const nonExternalIncompleteRows = finalRows.filter((row) => {
49
+ if (row.status === 'verified') return false
50
+ if (row.status === 'not-claimed') return false
51
+ return !['owner-required', 'external-required'].includes(row.status)
52
+ })
52
53
  const pendingGates = publicAcceptance.data?.pendingGates ?? []
53
54
  const pendingGateAreas = pendingGates.map((gate) => gate.area)
54
55
  const expectedPendingAreas = pendingGateAreas
@@ -57,11 +58,11 @@ const checks = [
57
58
  check('LFC01', 'final readiness audit passes', finalReadiness.status === 0 && finalReadiness.data?.summary?.failed === 0, finalReadiness.command),
58
59
  check('LFC02', 'completion readiness audit passes', completionReadiness.status === 0 && completionReadiness.data?.summary?.failed === 0, completionReadiness.command),
59
60
  check('LFC03', 'final-form progress report shows local engineering readiness at 100', progress.status === 0 && progress.data?.workflows?.localEngineeringReadiness === 100, 'localEngineeringReadiness=' + progress.data?.workflows?.localEngineeringReadiness),
60
- check('LFC04', 'full final-form readiness remains bounded by owner/external gates', progress.status === 0 && progress.data?.workflows?.publicAccepted === 'not-accepted' && Number(progress.data?.workflows?.pendingGates) > 0, 'publicAccepted=' + progress.data?.workflows?.publicAccepted + '; pendingGates=' + progress.data?.workflows?.pendingGates),
61
+ check('LFC04', 'portable-core final-form readiness is accepted when only optional host-native claims remain not-claimed', progress.status === 0 && progress.data?.workflows?.publicAccepted === 'verified' && Number(progress.data?.workflows?.pendingGates) === 0, 'publicAccepted=' + progress.data?.workflows?.publicAccepted + '; pendingGates=' + progress.data?.workflows?.pendingGates),
61
62
  check('LFC05', 'all incomplete final readiness rows are owner/external only', nonExternalIncompleteRows.length === 0, nonExternalIncompleteRows.length ? JSON.stringify(nonExternalIncompleteRows) : 'no local incomplete rows'),
62
- check('LFC06', 'public acceptance doctor passes and keeps public acceptance unclaimed', publicAcceptance.status === 0 && publicAcceptance.data?.summary?.failed === 0 && publicAcceptance.data?.summary?.publicAccepted === 'not-accepted', publicAcceptance.command),
63
- check('LFC07', 'public acceptance pending gates are current external/owner gate set', pendingGateAreas.length > 0 && expectedPendingAreas.every((area) => pendingGateAreas.includes(area)) && pendingGateAreas.length === expectedPendingAreas.length, pendingGateAreas.join(', ')),
64
- check('LFC08', 'pending gates expose executable record and preflight commands', pendingGates.length > 0 && pendingGates.every((gate) => gate.recordCommand && gate.preflightCommand && gate.requiredEvidence && gate.owner), 'pending gate command templates'),
63
+ check('LFC06', 'public acceptance doctor passes and accepts required GSE core gates', publicAcceptance.status === 0 && publicAcceptance.data?.summary?.failed === 0 && publicAcceptance.data?.summary?.publicAccepted === 'verified', publicAcceptance.command),
64
+ check('LFC07', 'public acceptance has no pending owner/external gates after optional host-native claims are excluded', pendingGateAreas.length === 0 && expectedPendingAreas.length === 0, pendingGateAreas.join(', ') || 'none'),
65
+ check('LFC08', 'pending gate command templates are not required when no owner/external gates remain', pendingGates.length === 0 || pendingGates.every((gate) => gate.recordCommand && gate.preflightCommand && gate.requiredEvidence && gate.owner), 'pending gate command templates'),
65
66
  ]
66
67
 
67
68
  const passed = checks.filter((item) => item.status === 'passed').length
@@ -91,8 +92,8 @@ const report = {
91
92
  })),
92
93
  limits: [
93
94
  'This audit proves local GSE engineering completion boundaries only.',
94
- 'It does not create public repository settings, public CI, registry publication, marketplace approval, security contact acceptance, native slash-command evidence, or other host runtime evidence.',
95
- 'A public-final claim still requires accepted owner/external records and final readiness re-audit.',
95
+ 'It does not create optional host-native slash-command evidence.',
96
+ 'A host-native slash claim still requires a per-host accepted invocation record and final readiness re-audit.',
96
97
  ],
97
98
  checks,
98
99
  }
@@ -0,0 +1,139 @@
1
+ #!/usr/bin/env node
2
+ import fs from 'node:fs'
3
+ import path from 'node:path'
4
+
5
+ const args = process.argv.slice(2)
6
+
7
+ function readArg(name, fallback = null) {
8
+ const index = args.indexOf(name)
9
+ if (index === -1) return fallback
10
+ return args[index + 1] ?? fallback
11
+ }
12
+
13
+ const root = path.resolve(readArg('--root', path.join(import.meta.dirname, '..')))
14
+ const jsonOnly = args.includes('--json')
15
+
16
+ function read(relativePath) {
17
+ const fullPath = path.join(root, relativePath)
18
+ return fs.existsSync(fullPath) ? fs.readFileSync(fullPath, 'utf8').replace(/^\uFEFF/, '') : ''
19
+ }
20
+
21
+ function exists(relativePath) {
22
+ return fs.existsSync(path.join(root, relativePath))
23
+ }
24
+
25
+ function check(id, label, ok, evidence, risk = '') {
26
+ return { id, label, status: ok ? 'passed' : 'failed', evidence, risk }
27
+ }
28
+
29
+ const maintenance = read('references/maintenance-cadence.md')
30
+ const skill = read('SKILL.md')
31
+ const validationProfile = read('scripts/run-validation-profile.mjs')
32
+ const validator = read('scripts/validate-gse.mjs')
33
+ const commandRunner = read('scripts/run-gse-command.mjs')
34
+ const roadmap = read('references/final-form-roadmap.md')
35
+ const masterPlan = read('.gse/gse-design-master-plan.md')
36
+
37
+ const requiredAreas = [
38
+ 'Benchmark audit',
39
+ 'Drift audit',
40
+ 'Dependency and security review',
41
+ 'Forward test',
42
+ 'Target-project hardening drill',
43
+ 'Public acceptance doctor',
44
+ 'Installed skill sync',
45
+ 'Active session sync',
46
+ ]
47
+
48
+ const requiredCommands = [
49
+ 'audit-final-form-roadmap.mjs',
50
+ 'audit-learning-drift.mjs',
51
+ 'audit-release-trust.mjs',
52
+ 'forward-test-gse.mjs',
53
+ 'audit-target-hardening-drills.mjs',
54
+ 'audit-public-acceptance-readiness.mjs',
55
+ 'audit-installed-sync.mjs',
56
+ 'audit-session-sync.mjs',
57
+ 'record-session-sync.mjs',
58
+ 'generate-maintenance-snapshot.mjs',
59
+ 'audit-maintenance-snapshot.mjs',
60
+ 'run-gse-command.mjs',
61
+ ]
62
+
63
+ const scriptTargets = [
64
+ 'scripts/audit-final-form-roadmap.mjs',
65
+ 'scripts/audit-learning-drift.mjs',
66
+ 'scripts/audit-release-trust.mjs',
67
+ 'scripts/forward-test-gse.mjs',
68
+ 'scripts/audit-target-hardening-drills.mjs',
69
+ 'scripts/audit-public-acceptance-readiness.mjs',
70
+ 'scripts/audit-installed-sync.mjs',
71
+ 'scripts/audit-session-sync.mjs',
72
+ 'scripts/record-session-sync.mjs',
73
+ 'scripts/generate-maintenance-snapshot.mjs',
74
+ 'scripts/audit-maintenance-snapshot.mjs',
75
+ 'scripts/run-gse-command.mjs',
76
+ ]
77
+
78
+ const checks = [
79
+ check('MC01', 'maintenance cadence reference exists', exists('references/maintenance-cadence.md'), 'references/maintenance-cadence.md'),
80
+ check('MC02', 'cadence covers all final-form upkeep areas', requiredAreas.every((term) => maintenance.includes(term)), requiredAreas.join(', ')),
81
+ check('MC03', 'cadence maps each area to executable commands', requiredCommands.every((term) => maintenance.includes(term)), requiredCommands.join(', ')),
82
+ check('MC04', 'cadence distinguishes recurring maintenance from external acceptance', maintenance.includes('not a substitute for native host evidence') && maintenance.includes('remaining external gates stay visible'), 'claim boundary'),
83
+ check('MC05', 'all referenced maintenance scripts exist', scriptTargets.every((target) => exists(target)), scriptTargets.join(', ')),
84
+ check('MC06', 'skill routing exposes maintenance cadence', skill.includes('references/maintenance-cadence.md') && skill.includes('audit-maintenance-cadence.mjs'), 'SKILL.md'),
85
+ check('MC07', 'portable command runner exposes /gse maintenance snapshot route', commandRunner.includes('maintenance') && commandRunner.includes('generate-maintenance-snapshot.mjs'), 'scripts/run-gse-command.mjs'),
86
+ check('MC08', 'validation profile includes maintenance cadence audit', validationProfile.includes('audit-maintenance-cadence.mjs'), 'scripts/run-validation-profile.mjs'),
87
+ check('MC09', 'consolidated validator includes maintenance cadence audit', validator.includes('audit-maintenance-cadence.mjs'), 'scripts/validate-gse.mjs'),
88
+ check('MC10', 'final-form roadmap tracks maintenance cadence as Wave 5 capability', roadmap.includes('Maintenance cadence') && roadmap.includes('audit-maintenance-cadence.mjs'), 'references/final-form-roadmap.md'),
89
+ check('MC11', 'master plan current priority includes maintenance cadence evidence', masterPlan.includes('maintenance cadence') && masterPlan.includes('audit-maintenance-cadence.mjs'), '.gse/gse-design-master-plan.md'),
90
+ ]
91
+
92
+ const passed = checks.filter((item) => item.status === 'passed').length
93
+ const failed = checks.length - passed
94
+ const report = {
95
+ root,
96
+ generatedAt: new Date().toISOString(),
97
+ summary: { status: failed === 0 ? 'passed' : 'failed', passed, failed, total: checks.length },
98
+ workflows: {
99
+ maintenanceCadence: failed === 0 ? 'verified' : 'failed',
100
+ externalNativeSlashCommand: 'external-required',
101
+ },
102
+ limits: [
103
+ 'This audit verifies recurring maintenance coverage and command wiring.',
104
+ 'It does not prove a real host-native slash command, public CI run, marketplace approval, or owner acceptance.',
105
+ ],
106
+ checks,
107
+ }
108
+
109
+ function renderMarkdown(data) {
110
+ const lines = []
111
+ lines.push('# GSE Maintenance Cadence Audit')
112
+ lines.push('')
113
+ lines.push('Generated: ' + data.generatedAt)
114
+ lines.push('Root: ' + data.root)
115
+ lines.push('')
116
+ lines.push('## Summary')
117
+ lines.push('')
118
+ lines.push('- Status: ' + data.summary.status)
119
+ lines.push('- Checks: ' + data.summary.passed + '/' + data.summary.total)
120
+ lines.push('- Maintenance cadence: ' + data.workflows.maintenanceCadence)
121
+ lines.push('- External native slash command: ' + data.workflows.externalNativeSlashCommand)
122
+ lines.push('')
123
+ lines.push('## Checks')
124
+ lines.push('')
125
+ for (const item of data.checks) {
126
+ const marker = item.status === 'passed' ? '[x]' : '[ ]'
127
+ lines.push('- ' + marker + ' ' + item.id + ' ' + item.label + ': ' + item.evidence)
128
+ }
129
+ lines.push('')
130
+ lines.push('## Limits')
131
+ lines.push('')
132
+ for (const item of data.limits) lines.push('- ' + item)
133
+ return lines.join('\n') + '\n'
134
+ }
135
+
136
+ if (jsonOnly) console.log(JSON.stringify(report, null, 2))
137
+ else console.log(renderMarkdown(report))
138
+
139
+ if (failed > 0) process.exit(1)
@@ -0,0 +1,181 @@
1
+ #!/usr/bin/env node
2
+ import fs from 'node:fs'
3
+ import os from 'node:os'
4
+ import path from 'node:path'
5
+ import { spawnSync } from 'node:child_process'
6
+
7
+ const args = process.argv.slice(2)
8
+
9
+ function readArg(name, fallback = null) {
10
+ const index = args.indexOf(name)
11
+ if (index === -1) return fallback
12
+ return args[index + 1] ?? fallback
13
+ }
14
+
15
+ const root = path.resolve(readArg('--root', path.join(import.meta.dirname, '..')))
16
+ const jsonOnly = args.includes('--json')
17
+
18
+ function read(relativePath) {
19
+ const fullPath = path.join(root, relativePath)
20
+ return fs.existsSync(fullPath) ? fs.readFileSync(fullPath, 'utf8').replace(/^\uFEFF/, '') : ''
21
+ }
22
+
23
+ function exists(relativePath) {
24
+ return fs.existsSync(path.join(root, relativePath))
25
+ }
26
+
27
+ function run(script, commandArgs) {
28
+ const result = spawnSync(process.execPath, [path.join(root, 'scripts', script), ...commandArgs], {
29
+ cwd: root,
30
+ encoding: 'utf8',
31
+ windowsHide: true,
32
+ })
33
+ const stdout = (result.stdout ?? '').trim()
34
+ let data = null
35
+ try {
36
+ data = JSON.parse(stdout)
37
+ } catch {
38
+ data = null
39
+ }
40
+ return {
41
+ command: [process.execPath, path.join(root, 'scripts', script), ...commandArgs].join(' '),
42
+ status: result.status ?? 1,
43
+ ok: (result.status ?? 1) === 0 || data?.summary?.failed === 0,
44
+ data,
45
+ stderr: (result.stderr ?? '').trim(),
46
+ }
47
+ }
48
+
49
+ function check(id, label, ok, evidence, risk = '') {
50
+ return { id, label, status: ok ? 'passed' : 'failed', evidence, risk }
51
+ }
52
+
53
+ const skill = read('SKILL.md')
54
+ const maintenanceRef = read('references/maintenance-cadence.md')
55
+ const commandRunner = read('scripts/run-gse-command.mjs')
56
+ const validationProfile = read('scripts/run-validation-profile.mjs')
57
+ const validator = read('scripts/validate-gse.mjs')
58
+ const snapshotScript = read('scripts/generate-maintenance-snapshot.mjs')
59
+ const canonicalSnapshotPath = path.join(root, '.gse', 'maintenance', 'latest-maintenance-snapshot.json')
60
+ let canonicalSnapshot = null
61
+ try {
62
+ canonicalSnapshot = fs.existsSync(canonicalSnapshotPath)
63
+ ? JSON.parse(fs.readFileSync(canonicalSnapshotPath, 'utf8').replace(/^\uFEFF/, ''))
64
+ : null
65
+ } catch {
66
+ canonicalSnapshot = null
67
+ }
68
+
69
+ const dryRun = run('generate-maintenance-snapshot.mjs', ['--root', root, '--target', root, '--skip-release-bundle', '--json'])
70
+ const packageSmokeRun = run('generate-maintenance-snapshot.mjs', ['--root', root, '--target', root, '--package-smoke', '--skip-release-bundle', '--json'])
71
+ const tempOut = path.join(fs.mkdtempSync(path.join(os.tmpdir(), 'gse-maintenance-snapshot-')), 'snapshot.json')
72
+ const writeRun = run('generate-maintenance-snapshot.mjs', ['--root', root, '--target', root, '--skip-release-bundle', '--out', tempOut, '--execute', '--json'])
73
+ const writtenSnapshot = fs.existsSync(tempOut)
74
+ ? JSON.parse(fs.readFileSync(tempOut, 'utf8').replace(/^\uFEFF/, ''))
75
+ : null
76
+
77
+ function runCanonicalFailureFixture() {
78
+ const fixtureRoot = fs.mkdtempSync(path.join(os.tmpdir(), 'gse-maintenance-canonical-failure-'))
79
+ const fixtureScripts = path.join(fixtureRoot, 'scripts')
80
+ const fixtureMaintenance = path.join(fixtureRoot, '.gse', 'maintenance')
81
+ fs.mkdirSync(fixtureScripts, { recursive: true })
82
+ fs.mkdirSync(fixtureMaintenance, { recursive: true })
83
+ fs.copyFileSync(path.join(root, 'scripts', 'generate-maintenance-snapshot.mjs'), path.join(fixtureScripts, 'generate-maintenance-snapshot.mjs'))
84
+ fs.writeFileSync(path.join(fixtureScripts, 'audit-maintenance-cadence.mjs'), [
85
+ '#!/usr/bin/env node',
86
+ 'console.log(JSON.stringify({ summary: { status: "failed", passed: 0, failed: 1, total: 1 } }))',
87
+ 'process.exit(1)',
88
+ '',
89
+ ].join('\n'), 'utf8')
90
+ const canonicalPath = path.join(fixtureMaintenance, 'latest-maintenance-snapshot.json')
91
+ const failedPath = path.join(fixtureMaintenance, 'latest-maintenance-snapshot.failed.json')
92
+ const previousCanonical = {
93
+ schemaVersion: 1,
94
+ summary: { status: 'passed' },
95
+ fixtureMarker: 'previous-passing-snapshot',
96
+ }
97
+ fs.writeFileSync(canonicalPath, JSON.stringify(previousCanonical, null, 2) + '\n', 'utf8')
98
+ const result = spawnSync(process.execPath, [
99
+ path.join(fixtureScripts, 'generate-maintenance-snapshot.mjs'),
100
+ '--root',
101
+ fixtureRoot,
102
+ '--target',
103
+ fixtureRoot,
104
+ '--execute',
105
+ '--json',
106
+ ], {
107
+ cwd: fixtureRoot,
108
+ encoding: 'utf8',
109
+ windowsHide: true,
110
+ })
111
+ let canonicalAfter = null
112
+ let failedSnapshot = null
113
+ let stdout = null
114
+ try {
115
+ canonicalAfter = JSON.parse(fs.readFileSync(canonicalPath, 'utf8').replace(/^\uFEFF/, ''))
116
+ } catch {
117
+ canonicalAfter = null
118
+ }
119
+ try {
120
+ failedSnapshot = JSON.parse(fs.readFileSync(failedPath, 'utf8').replace(/^\uFEFF/, ''))
121
+ } catch {
122
+ failedSnapshot = null
123
+ }
124
+ try {
125
+ stdout = JSON.parse((result.stdout ?? '').trim())
126
+ } catch {
127
+ stdout = null
128
+ }
129
+ return {
130
+ command: [process.execPath, path.join(fixtureScripts, 'generate-maintenance-snapshot.mjs'), '--root', fixtureRoot, '--target', fixtureRoot, '--execute', '--json'].join(' '),
131
+ status: result.status ?? 1,
132
+ canonicalPreserved: canonicalAfter?.fixtureMarker === previousCanonical.fixtureMarker && canonicalAfter?.summary?.status === 'passed',
133
+ failedWritten: failedSnapshot?.summary?.status === 'failed' && failedSnapshot?.canonicalWritePolicy === 'failed-canonical-write-isolated',
134
+ stdoutPolicy: stdout?.canonicalWritePolicy === 'failed-canonical-write-isolated',
135
+ stderr: (result.stderr ?? '').trim(),
136
+ }
137
+ }
138
+
139
+ const canonicalFailureFixture = runCanonicalFailureFixture()
140
+
141
+ const requiredIds = ['MS01', 'MS02', 'MS03', 'MS04', 'MS05', 'MS06', 'MS07', 'MS08', 'MS09']
142
+ const checks = [
143
+ check('MSS01', 'maintenance snapshot generator exists', exists('scripts/generate-maintenance-snapshot.mjs'), 'scripts/generate-maintenance-snapshot.mjs'),
144
+ check('MSS02', 'snapshot generator runs read-only dry-run', dryRun.ok && dryRun.data?.summary?.status === 'passed', dryRun.command, dryRun.stderr),
145
+ check('MSS03', 'snapshot covers recurring final-form check set', requiredIds.every((id) => dryRun.data?.results?.some((item) => item.id === id)), requiredIds.join(', ')),
146
+ check('MSS04', 'snapshot write is execute-gated and writes JSON/Markdown', writeRun.ok && fs.existsSync(tempOut) && fs.existsSync(tempOut.replace(/\.json$/i, '.md')), tempOut),
147
+ check('MSS05', 'written snapshot has machine-readable result summaries', writtenSnapshot?.results?.every((item) => item.id && item.area && item.status && item.command), 'snapshot results'),
148
+ check('MSS06', 'SKILL routes maintenance snapshot helper', skill.includes('generate-maintenance-snapshot.mjs') && skill.includes('audit-maintenance-snapshot.mjs'), 'SKILL.md'),
149
+ check('MSS07', 'maintenance reference documents snapshot command', maintenanceRef.includes('generate-maintenance-snapshot.mjs') && maintenanceRef.includes('latest-maintenance-snapshot.json'), 'references/maintenance-cadence.md'),
150
+ check('MSS08', 'portable /gse maintenance route uses snapshot generator', commandRunner.includes('generate-maintenance-snapshot.mjs') && commandRunner.includes('snapshot'), 'scripts/run-gse-command.mjs'),
151
+ check('MSS09', 'validation profile includes maintenance snapshot audit', validationProfile.includes('audit-maintenance-snapshot.mjs'), 'scripts/run-validation-profile.mjs'),
152
+ check('MSS10', 'consolidated validator includes maintenance snapshot audit', validator.includes('audit-maintenance-snapshot.mjs'), 'scripts/validate-gse.mjs'),
153
+ check('MSS11', 'canonical snapshot is present when recorded', canonicalSnapshot ? canonicalSnapshot.summary?.status === 'passed' : true, canonicalSnapshotPath),
154
+ check('MSS12', 'snapshot preserves host-native slash-command boundary', snapshotScript.includes('does not prove native host slash-command support'), 'scripts/generate-maintenance-snapshot.mjs'),
155
+ check('MSS13', 'snapshot supports installed package smoke mode', packageSmokeRun.ok && packageSmokeRun.data?.summary?.packageSmoke === true && !packageSmokeRun.data?.results?.some((item) => item.id === 'MS02'), packageSmokeRun.command, packageSmokeRun.stderr),
156
+ check('MSS14', 'failed canonical maintenance snapshot writes are isolated from the last passing latest snapshot', canonicalFailureFixture.status !== 0 && canonicalFailureFixture.canonicalPreserved && canonicalFailureFixture.failedWritten && canonicalFailureFixture.stdoutPolicy, canonicalFailureFixture.command, canonicalFailureFixture.stderr),
157
+ check('MSS15', 'snapshot documents canonical failure isolation policy', snapshotScript.includes('failed checks are written to latest-maintenance-snapshot.failed.json'), 'scripts/generate-maintenance-snapshot.mjs'),
158
+ ]
159
+
160
+ const passed = checks.filter((item) => item.status === 'passed').length
161
+ const failed = checks.length - passed
162
+ const report = {
163
+ root,
164
+ generatedAt: new Date().toISOString(),
165
+ summary: { status: failed === 0 ? 'passed' : 'failed', passed, failed, total: checks.length },
166
+ workflows: {
167
+ maintenanceSnapshot: failed === 0 ? 'verified' : 'failed',
168
+ dryRunStatus: dryRun.data?.summary?.status ?? 'unknown',
169
+ writeStatus: writeRun.data?.summary?.status ?? 'unknown',
170
+ },
171
+ limits: [
172
+ 'This audit verifies snapshot mechanics and routing.',
173
+ 'It does not prove a native host slash command or replace installed-root sync evidence.',
174
+ ],
175
+ checks,
176
+ }
177
+
178
+ if (jsonOnly) console.log(JSON.stringify(report, null, 2))
179
+ else console.log(JSON.stringify(report, null, 2))
180
+
181
+ if (failed > 0) process.exit(1)