@t275005746/gse 0.1.0 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/ISSUE_TEMPLATE/bug_report.yml +42 -42
- package/.github/ISSUE_TEMPLATE/change_request.yml +50 -50
- package/.github/ISSUE_TEMPLATE/config.yml +5 -5
- package/.github/PULL_REQUEST_TEMPLATE.md +38 -38
- package/.github/workflows/validate-gse.yml +33 -33
- package/.gse/README.md +18 -18
- package/.gse/gse-development-protocol.md +50 -50
- package/.gse/project-profile.md +29 -29
- package/.gse/quality-gates.md +25 -25
- package/.gse/releases/public-registry-publication-npm.md +49 -0
- package/.gse/releases/public-release-owner-required.md +65 -65
- package/.gse/releases/public-security-contact-owner-required.md +45 -45
- package/.gse/state.json +147 -27
- package/CHANGELOG.md +31 -15
- package/CONTRIBUTING.md +64 -64
- package/LICENSE +21 -21
- package/README.md +14 -7
- package/README.zh-CN.md +14 -7
- package/SECURITY.md +41 -41
- package/SKILL.md +32 -12
- package/SUPPORT.md +38 -38
- package/assets/marketplace/README.md +7 -7
- package/assets/marketplace/gse-listing.json +75 -75
- package/assets/templates/acceptance-execution-packet.md +73 -73
- package/assets/templates/adr.md +14 -14
- package/assets/templates/change-brief.md +16 -16
- package/assets/templates/design.md +18 -18
- package/assets/templates/dispatch-packet.md +100 -92
- package/assets/templates/evidence.md +15 -9
- package/assets/templates/execution-quality-pack.md +65 -65
- package/assets/templates/goal-map.md +21 -21
- package/assets/templates/host-adapter.md +48 -48
- package/assets/templates/host-ui-invocation-record.md +42 -42
- package/assets/templates/incident-review.md +60 -60
- package/assets/templates/public-channel-publication-record.md +49 -49
- package/assets/templates/public-ci-run-record.md +53 -53
- package/assets/templates/public-release-record.md +65 -65
- package/assets/templates/public-repository-settings-record.md +59 -59
- package/assets/templates/public-security-contact-record.md +45 -45
- package/assets/templates/release-trust-record.md +32 -32
- package/assets/templates/review.md +18 -18
- package/assets/templates/role-fallback-packet.md +49 -0
- package/assets/templates/spec.md +16 -16
- package/assets/templates/target-adoption-evidence.md +29 -29
- package/assets/templates/tasks.md +17 -17
- package/assets/templates/update-release-acceptance-record.md +58 -58
- package/examples/README.md +22 -22
- package/examples/agent-runtime-host/.claude/gse-adapter.md +6 -6
- package/examples/agent-runtime-host/.codex/gse-adapter.md +7 -7
- package/examples/agent-runtime-host/.gse/goal-map.md +7 -7
- package/examples/agent-runtime-host/.gse/project-profile.md +27 -27
- package/examples/agent-runtime-host/.gse/tooling.md +5 -5
- package/examples/agent-runtime-host/.mcp.json +9 -9
- package/examples/agent-runtime-host/AGENTS.md +5 -5
- package/examples/agent-runtime-host/README.md +10 -10
- package/examples/agent-runtime-host/docs/model-routing.md +5 -5
- package/examples/cli-tool/.gse/project-profile.md +21 -21
- package/examples/cli-tool/AGENTS.md +5 -5
- package/examples/cli-tool/README.md +12 -12
- package/examples/cli-tool/package.json +21 -21
- package/examples/small-app/.env.example +2 -2
- package/examples/small-app/.github/workflows/ci.yml +8 -8
- package/examples/small-app/AGENTS.md +5 -5
- package/examples/small-app/README.md +12 -12
- package/examples/small-app/package.json +26 -26
- package/examples/small-app/playwright.config.ts +4 -4
- package/package.json +52 -44
- package/references/adoption-recipes.md +171 -171
- package/references/agent-roles.md +42 -21
- package/references/architecture-health.md +101 -101
- package/references/benchmark-audit.md +73 -73
- package/references/commands.md +74 -45
- package/references/community-channels.md +46 -46
- package/references/compatibility.md +70 -70
- package/references/design-basis.md +38 -38
- package/references/domain-model.md +129 -129
- package/references/domain-quality-gates.md +75 -75
- package/references/drift-audit.md +81 -80
- package/references/evidence-taxonomy.md +145 -108
- package/references/file-ownership.md +97 -93
- package/references/final-form-roadmap.md +201 -0
- package/references/final-readiness.md +84 -84
- package/references/forward-test.md +133 -133
- package/references/goal-map.md +36 -36
- package/references/host-adapters.md +129 -101
- package/references/learning-system.md +42 -26
- package/references/maintenance-cadence.md +51 -0
- package/references/marketplace-discovery.md +46 -46
- package/references/model-routing.md +103 -103
- package/references/open-source-defaults.md +39 -39
- package/references/operating-model.md +52 -52
- package/references/packaging.md +277 -277
- package/references/project-agent-workspace.md +89 -89
- package/references/project-bootstrap.md +122 -122
- package/references/project-guards.md +52 -0
- package/references/project-profile.md +57 -57
- package/references/public-release.md +174 -174
- package/references/quality-gates.md +96 -89
- package/references/recovery.md +176 -176
- package/references/release-trust.md +43 -43
- package/references/release.md +126 -126
- package/references/review.md +141 -141
- package/references/role-dispatch-fallback.md +54 -0
- package/references/router.md +90 -90
- package/references/spec-workflow.md +66 -66
- package/references/task-levels.md +81 -81
- package/references/tool-adapters.md +80 -70
- package/scripts/audit-acceptance-execution-packet.mjs +133 -133
- package/scripts/audit-adoption-recipes.mjs +99 -99
- package/scripts/audit-change-lifecycle.mjs +77 -77
- package/scripts/audit-change-system.mjs +134 -134
- package/scripts/audit-ci-readiness.mjs +107 -107
- package/scripts/audit-close-gate-hardening.mjs +188 -0
- package/scripts/audit-close-gate.mjs +448 -262
- package/scripts/audit-command-adapters.mjs +91 -91
- package/scripts/audit-command-execution.mjs +212 -199
- package/scripts/audit-commands.mjs +7 -5
- package/scripts/audit-compatibility.mjs +149 -149
- package/scripts/audit-completion-plan-drill.mjs +230 -0
- package/scripts/audit-completion-readiness.mjs +290 -287
- package/scripts/audit-continue-preflight.mjs +234 -0
- package/scripts/audit-distribution.mjs +251 -251
- package/scripts/audit-domain-quality-gates.mjs +108 -108
- package/scripts/audit-evidence-levels.mjs +217 -0
- package/scripts/audit-evidence-placeholders.mjs +126 -126
- package/scripts/audit-evidence-review-queue.mjs +206 -0
- package/scripts/audit-final-acceptance-packet.mjs +9 -9
- package/scripts/audit-final-form-progress-report.mjs +19 -18
- package/scripts/audit-final-form-roadmap.mjs +157 -0
- package/scripts/audit-final-form-stale-copy.mjs +2 -2
- package/scripts/audit-final-readiness-promotion.mjs +255 -255
- package/scripts/audit-final-readiness.mjs +226 -226
- package/scripts/audit-fixtures.mjs +154 -154
- package/scripts/audit-fresh-session-readiness.mjs +177 -177
- package/scripts/audit-host-capabilities.mjs +237 -0
- package/scripts/audit-host-runtime-evidence-handoff.mjs +159 -159
- package/scripts/audit-host-runtime-invocation-drill.mjs +240 -240
- package/scripts/audit-host-runtime-invocations.mjs +254 -254
- package/scripts/audit-host-ui-invocation.mjs +132 -132
- package/scripts/audit-installed-sync.mjs +203 -0
- package/scripts/audit-learning-drift.mjs +292 -0
- package/scripts/audit-learning-promotion.mjs +351 -0
- package/scripts/audit-learning-system.mjs +24 -14
- package/scripts/audit-local-final-form-completion.mjs +11 -10
- package/scripts/audit-maintenance-cadence.mjs +139 -0
- package/scripts/audit-maintenance-snapshot.mjs +181 -0
- package/scripts/audit-marketplace-discovery.mjs +122 -122
- package/scripts/audit-npm-package-metadata.mjs +160 -154
- package/scripts/audit-npm-publish-dry-run.mjs +194 -166
- package/scripts/audit-npm-tarball-install.mjs +195 -189
- package/scripts/audit-open-source-defaults.mjs +92 -92
- package/scripts/audit-open-source-readiness.mjs +97 -97
- package/scripts/audit-owner-external-gate-kit.mjs +12 -11
- package/scripts/audit-project-guards.mjs +189 -0
- package/scripts/audit-project.mjs +144 -141
- package/scripts/audit-public-acceptance-command-dry-run-drill.mjs +203 -203
- package/scripts/audit-public-acceptance-handoff.mjs +10 -10
- package/scripts/audit-public-acceptance-readiness.mjs +222 -222
- package/scripts/audit-public-channel-publication.mjs +248 -248
- package/scripts/audit-public-ci-run.mjs +184 -184
- package/scripts/audit-public-collaboration-templates.mjs +98 -98
- package/scripts/audit-public-external-gate-probe.mjs +206 -206
- package/scripts/audit-public-release-checklist.mjs +17 -15
- package/scripts/audit-public-release-decision.mjs +201 -201
- package/scripts/audit-public-release-metadata.mjs +176 -176
- package/scripts/audit-public-repository-settings.mjs +237 -237
- package/scripts/audit-public-security-contact.mjs +171 -171
- package/scripts/audit-readme-docs.mjs +6 -4
- package/scripts/audit-recovery-readiness.mjs +98 -98
- package/scripts/audit-release-bundle.mjs +13 -11
- package/scripts/audit-release-owner-action-plan-drill.mjs +5 -4
- package/scripts/audit-release-owner-action-plan.mjs +10 -10
- package/scripts/audit-release-readiness.mjs +106 -106
- package/scripts/audit-release-status-manifest.mjs +4 -4
- package/scripts/audit-release-trust.mjs +62 -62
- package/scripts/audit-remote-distribution.mjs +266 -266
- package/scripts/audit-roadmap-consistency.mjs +234 -230
- package/scripts/audit-role-dispatch-fallback.mjs +212 -0
- package/scripts/audit-session-sync.mjs +127 -0
- package/scripts/audit-signing.mjs +147 -147
- package/scripts/audit-state-freshness.mjs +20 -14
- package/scripts/audit-state-repair.mjs +360 -0
- package/scripts/audit-target-adoption-evidence.mjs +117 -117
- package/scripts/audit-target-hardening-drills.mjs +267 -0
- package/scripts/audit-target-project.mjs +507 -507
- package/scripts/audit-tool-fallback-policy.mjs +180 -0
- package/scripts/audit-ui-browser-evidence-policy.mjs +191 -0
- package/scripts/audit-update-release-acceptance.mjs +136 -136
- package/scripts/audit-v1-target-validation.mjs +269 -269
- package/scripts/audit-validation-profiles.mjs +125 -123
- package/scripts/backfill-evidence-levels.mjs +98 -0
- package/scripts/check-encoding.mjs +72 -0
- package/scripts/close-change.mjs +116 -116
- package/scripts/discover-project-profile.mjs +307 -307
- package/scripts/generate-command-adapter.mjs +231 -231
- package/scripts/generate-continue-packet.mjs +1214 -0
- package/scripts/generate-final-acceptance-packet.mjs +188 -173
- package/scripts/generate-final-form-progress-report.mjs +191 -189
- package/scripts/generate-host-runtime-evidence-handoff.mjs +198 -191
- package/scripts/generate-maintenance-snapshot.mjs +216 -0
- package/scripts/generate-owner-external-gate-kit.mjs +295 -295
- package/scripts/generate-public-acceptance-handoff.mjs +168 -156
- package/scripts/generate-public-release-checklist.mjs +207 -207
- package/scripts/generate-release-bundle.mjs +505 -505
- package/scripts/generate-release-owner-action-plan.mjs +172 -171
- package/scripts/generate-release-status-manifest.mjs +199 -198
- package/scripts/generate-session-prompt.mjs +188 -188
- package/scripts/gse.mjs +67 -67
- package/scripts/init-change.mjs +265 -265
- package/scripts/init-project.mjs +793 -712
- package/scripts/install-gse.mjs +234 -234
- package/scripts/lib/evidence-placeholders.mjs +28 -28
- package/scripts/package-gse.mjs +174 -174
- package/scripts/probe-public-external-gates.mjs +167 -167
- package/scripts/record-host-invocation.mjs +151 -151
- package/scripts/record-learning.mjs +37 -8
- package/scripts/record-public-channel-publication.mjs +178 -178
- package/scripts/record-public-ci-run.mjs +180 -180
- package/scripts/record-public-release.mjs +175 -175
- package/scripts/record-public-repository-settings.mjs +209 -209
- package/scripts/record-public-security-contact.mjs +157 -157
- package/scripts/record-session-sync.mjs +87 -0
- package/scripts/run-gse-command.mjs +79 -47
- package/scripts/run-validation-profile.mjs +24 -5
- package/scripts/sign-gse-package.mjs +83 -83
- package/scripts/update-project-state.mjs +223 -223
- package/scripts/validate-gse.mjs +216 -0
- package/scripts/verify-gse-package.mjs +85 -85
|
@@ -1,45 +1,45 @@
|
|
|
1
|
-
# Public Security Contact Record
|
|
2
|
-
|
|
3
|
-
Contact status: pending | accepted
|
|
4
|
-
|
|
5
|
-
Contact type: email | url | github-security-advisory | other
|
|
6
|
-
|
|
7
|
-
Contact value:
|
|
8
|
-
|
|
9
|
-
Policy path: `SECURITY.md`
|
|
10
|
-
|
|
11
|
-
Evidence owner:
|
|
12
|
-
|
|
13
|
-
Evidence date:
|
|
14
|
-
|
|
15
|
-
Evidence URL or run id:
|
|
16
|
-
|
|
17
|
-
## Public Disclosure Policy
|
|
18
|
-
|
|
19
|
-
- Is this contact public? true | false | unknown
|
|
20
|
-
- Security policy updated? true | false | unknown
|
|
21
|
-
- Private fallback channel:
|
|
22
|
-
- Response expectation:
|
|
23
|
-
- Embargo or disclosure notes:
|
|
24
|
-
|
|
25
|
-
## Verification
|
|
26
|
-
|
|
27
|
-
Verification command:
|
|
28
|
-
|
|
29
|
-
Verification result:
|
|
30
|
-
|
|
31
|
-
## Acceptance
|
|
32
|
-
|
|
33
|
-
Evidence status: pending | accepted
|
|
34
|
-
|
|
35
|
-
Accepted by:
|
|
36
|
-
|
|
37
|
-
Accepted at:
|
|
38
|
-
|
|
39
|
-
## Residual Risk
|
|
40
|
-
|
|
41
|
-
-
|
|
42
|
-
|
|
43
|
-
## Next Action
|
|
44
|
-
|
|
45
|
-
-
|
|
1
|
+
# Public Security Contact Record
|
|
2
|
+
|
|
3
|
+
Contact status: pending | accepted
|
|
4
|
+
|
|
5
|
+
Contact type: email | url | github-security-advisory | other
|
|
6
|
+
|
|
7
|
+
Contact value:
|
|
8
|
+
|
|
9
|
+
Policy path: `SECURITY.md`
|
|
10
|
+
|
|
11
|
+
Evidence owner:
|
|
12
|
+
|
|
13
|
+
Evidence date:
|
|
14
|
+
|
|
15
|
+
Evidence URL or run id:
|
|
16
|
+
|
|
17
|
+
## Public Disclosure Policy
|
|
18
|
+
|
|
19
|
+
- Is this contact public? true | false | unknown
|
|
20
|
+
- Security policy updated? true | false | unknown
|
|
21
|
+
- Private fallback channel:
|
|
22
|
+
- Response expectation:
|
|
23
|
+
- Embargo or disclosure notes:
|
|
24
|
+
|
|
25
|
+
## Verification
|
|
26
|
+
|
|
27
|
+
Verification command:
|
|
28
|
+
|
|
29
|
+
Verification result:
|
|
30
|
+
|
|
31
|
+
## Acceptance
|
|
32
|
+
|
|
33
|
+
Evidence status: pending | accepted
|
|
34
|
+
|
|
35
|
+
Accepted by:
|
|
36
|
+
|
|
37
|
+
Accepted at:
|
|
38
|
+
|
|
39
|
+
## Residual Risk
|
|
40
|
+
|
|
41
|
+
-
|
|
42
|
+
|
|
43
|
+
## Next Action
|
|
44
|
+
|
|
45
|
+
-
|
|
@@ -1,32 +1,32 @@
|
|
|
1
|
-
# Release Trust Record
|
|
2
|
-
|
|
3
|
-
Release label:
|
|
4
|
-
Package digest:
|
|
5
|
-
Public key fingerprint:
|
|
6
|
-
Signing algorithm: ed25519
|
|
7
|
-
|
|
8
|
-
## Release Owner
|
|
9
|
-
|
|
10
|
-
Owner:
|
|
11
|
-
Accepted by:
|
|
12
|
-
Accepted at:
|
|
13
|
-
|
|
14
|
-
## Key Custody
|
|
15
|
-
|
|
16
|
-
Private key location:
|
|
17
|
-
Signing environment:
|
|
18
|
-
Rotation policy:
|
|
19
|
-
Revocation path:
|
|
20
|
-
|
|
21
|
-
## Verification
|
|
22
|
-
|
|
23
|
-
Package URL:
|
|
24
|
-
Public key URL or path:
|
|
25
|
-
Signature path:
|
|
26
|
-
Verification command:
|
|
27
|
-
Install command:
|
|
28
|
-
|
|
29
|
-
## Residual Risk
|
|
30
|
-
|
|
31
|
-
## Notes
|
|
32
|
-
|
|
1
|
+
# Release Trust Record
|
|
2
|
+
|
|
3
|
+
Release label:
|
|
4
|
+
Package digest:
|
|
5
|
+
Public key fingerprint:
|
|
6
|
+
Signing algorithm: ed25519
|
|
7
|
+
|
|
8
|
+
## Release Owner
|
|
9
|
+
|
|
10
|
+
Owner:
|
|
11
|
+
Accepted by:
|
|
12
|
+
Accepted at:
|
|
13
|
+
|
|
14
|
+
## Key Custody
|
|
15
|
+
|
|
16
|
+
Private key location:
|
|
17
|
+
Signing environment:
|
|
18
|
+
Rotation policy:
|
|
19
|
+
Revocation path:
|
|
20
|
+
|
|
21
|
+
## Verification
|
|
22
|
+
|
|
23
|
+
Package URL:
|
|
24
|
+
Public key URL or path:
|
|
25
|
+
Signature path:
|
|
26
|
+
Verification command:
|
|
27
|
+
Install command:
|
|
28
|
+
|
|
29
|
+
## Residual Risk
|
|
30
|
+
|
|
31
|
+
## Notes
|
|
32
|
+
|
|
@@ -1,18 +1,18 @@
|
|
|
1
|
-
# Review
|
|
2
|
-
|
|
3
|
-
## Spec Compliance
|
|
4
|
-
|
|
5
|
-
## Code Quality
|
|
6
|
-
|
|
7
|
-
## Architecture / Ownership
|
|
8
|
-
|
|
9
|
-
## Security / Privacy
|
|
10
|
-
|
|
11
|
-
## Regression Risk
|
|
12
|
-
|
|
13
|
-
## Evidence Review
|
|
14
|
-
|
|
15
|
-
## Findings
|
|
16
|
-
|
|
17
|
-
## Closure
|
|
18
|
-
|
|
1
|
+
# Review
|
|
2
|
+
|
|
3
|
+
## Spec Compliance
|
|
4
|
+
|
|
5
|
+
## Code Quality
|
|
6
|
+
|
|
7
|
+
## Architecture / Ownership
|
|
8
|
+
|
|
9
|
+
## Security / Privacy
|
|
10
|
+
|
|
11
|
+
## Regression Risk
|
|
12
|
+
|
|
13
|
+
## Evidence Review
|
|
14
|
+
|
|
15
|
+
## Findings
|
|
16
|
+
|
|
17
|
+
## Closure
|
|
18
|
+
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
# Role Fallback Packet
|
|
2
|
+
|
|
3
|
+
Use this packet for one role in a real-subagent run, sequential fallback, or handoff session.
|
|
4
|
+
|
|
5
|
+
## Dispatch Boundary
|
|
6
|
+
|
|
7
|
+
- Execution mode: real-subagent | sequential-role | handoff-session
|
|
8
|
+
- Real delegation used: yes | no
|
|
9
|
+
- Host/tool used:
|
|
10
|
+
- Tool status: verified | documented | unknown | unavailable
|
|
11
|
+
- Fallback reason:
|
|
12
|
+
- Dispatch evidence:
|
|
13
|
+
|
|
14
|
+
## Role
|
|
15
|
+
|
|
16
|
+
- Role: Planner | Locator | Implementer | Verifier | Reviewer | Docs/Evidence | Release
|
|
17
|
+
- Skill focus:
|
|
18
|
+
- Objective:
|
|
19
|
+
- Non-goals:
|
|
20
|
+
|
|
21
|
+
## Ownership
|
|
22
|
+
|
|
23
|
+
- Allowed files:
|
|
24
|
+
- Forbidden files:
|
|
25
|
+
- Read-only files:
|
|
26
|
+
- Shared files requiring coordinator review:
|
|
27
|
+
- Pre-existing dirty files:
|
|
28
|
+
|
|
29
|
+
## Required Inputs
|
|
30
|
+
|
|
31
|
+
1.
|
|
32
|
+
2.
|
|
33
|
+
3.
|
|
34
|
+
|
|
35
|
+
## Expected Output
|
|
36
|
+
|
|
37
|
+
- Role output evidence:
|
|
38
|
+
- Files inspected:
|
|
39
|
+
- Files changed:
|
|
40
|
+
- Verification command/check:
|
|
41
|
+
- Evidence level: result | verified-unit | verified-component | verified-api | verified-browser | verified-ci | accepted-owner | accepted-release | external-required
|
|
42
|
+
- Residual risk:
|
|
43
|
+
- Stop condition:
|
|
44
|
+
- Claim boundary:
|
|
45
|
+
|
|
46
|
+
## Completion
|
|
47
|
+
|
|
48
|
+
- Status: DONE | DONE_WITH_CONCERNS | NEEDS_CONTEXT | BLOCKED
|
|
49
|
+
- Coordinator integration required: yes | no
|
package/assets/templates/spec.md
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
|
-
# Spec
|
|
2
|
-
|
|
3
|
-
## User Outcome
|
|
4
|
-
|
|
5
|
-
## Behavior
|
|
6
|
-
|
|
7
|
-
## State / Data Flow
|
|
8
|
-
|
|
9
|
-
## Error and Recovery
|
|
10
|
-
|
|
11
|
-
## Permissions and Privacy
|
|
12
|
-
|
|
13
|
-
## Acceptance Criteria
|
|
14
|
-
|
|
15
|
-
## Non-goals
|
|
16
|
-
|
|
1
|
+
# Spec
|
|
2
|
+
|
|
3
|
+
## User Outcome
|
|
4
|
+
|
|
5
|
+
## Behavior
|
|
6
|
+
|
|
7
|
+
## State / Data Flow
|
|
8
|
+
|
|
9
|
+
## Error and Recovery
|
|
10
|
+
|
|
11
|
+
## Permissions and Privacy
|
|
12
|
+
|
|
13
|
+
## Acceptance Criteria
|
|
14
|
+
|
|
15
|
+
## Non-goals
|
|
16
|
+
|
|
@@ -1,29 +1,29 @@
|
|
|
1
|
-
# Target Project Adoption Evidence
|
|
2
|
-
|
|
3
|
-
Use this record when applying or testing GSE against a real target project without claiming broad certification.
|
|
4
|
-
|
|
5
|
-
```text
|
|
6
|
-
Target project:
|
|
7
|
-
Adoption path: existing repo | fresh install | update existing GSE | host adapter | fresh session
|
|
8
|
-
Project rules read:
|
|
9
|
-
Files inspected:
|
|
10
|
-
Files changed:
|
|
11
|
-
Commands run:
|
|
12
|
-
Detected project type:
|
|
13
|
-
Detected package manager:
|
|
14
|
-
Detected scripts:
|
|
15
|
-
Host/tool statuses:
|
|
16
|
-
Evidence status: result | verified | accepted | not ready
|
|
17
|
-
Accepted by:
|
|
18
|
-
Residual risks:
|
|
19
|
-
Next action:
|
|
20
|
-
```
|
|
21
|
-
|
|
22
|
-
## Rules
|
|
23
|
-
|
|
24
|
-
- Use `Files changed: none` for read-only adoption evidence.
|
|
25
|
-
- Treat discovered commands, package scripts, config files, and host rules as `documented` until executed.
|
|
26
|
-
- Treat tool availability as `unknown` unless the tool was actually checked in the current project/session.
|
|
27
|
-
- Do not claim arbitrary real-repo certification from one target-project adoption record.
|
|
28
|
-
- Do not claim host runtime support, subagent support, browser support, MCP support, CI support, release publication, or owner acceptance without direct evidence.
|
|
29
|
-
- Keep `accepted` separate from `verified`; use `Accepted by: not accepted` unless a real acceptance gate ran.
|
|
1
|
+
# Target Project Adoption Evidence
|
|
2
|
+
|
|
3
|
+
Use this record when applying or testing GSE against a real target project without claiming broad certification.
|
|
4
|
+
|
|
5
|
+
```text
|
|
6
|
+
Target project:
|
|
7
|
+
Adoption path: existing repo | fresh install | update existing GSE | host adapter | fresh session
|
|
8
|
+
Project rules read:
|
|
9
|
+
Files inspected:
|
|
10
|
+
Files changed:
|
|
11
|
+
Commands run:
|
|
12
|
+
Detected project type:
|
|
13
|
+
Detected package manager:
|
|
14
|
+
Detected scripts:
|
|
15
|
+
Host/tool statuses:
|
|
16
|
+
Evidence status: result | verified | accepted | not ready
|
|
17
|
+
Accepted by:
|
|
18
|
+
Residual risks:
|
|
19
|
+
Next action:
|
|
20
|
+
```
|
|
21
|
+
|
|
22
|
+
## Rules
|
|
23
|
+
|
|
24
|
+
- Use `Files changed: none` for read-only adoption evidence.
|
|
25
|
+
- Treat discovered commands, package scripts, config files, and host rules as `documented` until executed.
|
|
26
|
+
- Treat tool availability as `unknown` unless the tool was actually checked in the current project/session.
|
|
27
|
+
- Do not claim arbitrary real-repo certification from one target-project adoption record.
|
|
28
|
+
- Do not claim host runtime support, subagent support, browser support, MCP support, CI support, release publication, or owner acceptance without direct evidence.
|
|
29
|
+
- Keep `accepted` separate from `verified`; use `Accepted by: not accepted` unless a real acceptance gate ran.
|
|
@@ -1,17 +1,17 @@
|
|
|
1
|
-
# Tasks
|
|
2
|
-
|
|
3
|
-
## Slice Plan
|
|
4
|
-
|
|
5
|
-
- [ ] Define outcome, scope, acceptance, evidence, risk, and next action.
|
|
6
|
-
- [ ] Locate existing patterns and ownership boundaries.
|
|
7
|
-
- [ ] Implement the smallest verifiable change.
|
|
8
|
-
- [ ] Run focused verification.
|
|
9
|
-
- [ ] Record evidence and residual risk.
|
|
10
|
-
- [ ] Update state, goal map, and handoff notes when relevant.
|
|
11
|
-
|
|
12
|
-
## Non-Goals
|
|
13
|
-
|
|
14
|
-
## Dependencies
|
|
15
|
-
|
|
16
|
-
## Stop Conditions
|
|
17
|
-
|
|
1
|
+
# Tasks
|
|
2
|
+
|
|
3
|
+
## Slice Plan
|
|
4
|
+
|
|
5
|
+
- [ ] Define outcome, scope, acceptance, evidence, risk, and next action.
|
|
6
|
+
- [ ] Locate existing patterns and ownership boundaries.
|
|
7
|
+
- [ ] Implement the smallest verifiable change.
|
|
8
|
+
- [ ] Run focused verification.
|
|
9
|
+
- [ ] Record evidence and residual risk.
|
|
10
|
+
- [ ] Update state, goal map, and handoff notes when relevant.
|
|
11
|
+
|
|
12
|
+
## Non-Goals
|
|
13
|
+
|
|
14
|
+
## Dependencies
|
|
15
|
+
|
|
16
|
+
## Stop Conditions
|
|
17
|
+
|
|
@@ -1,58 +1,58 @@
|
|
|
1
|
-
# Update Or Release Acceptance Record
|
|
2
|
-
|
|
3
|
-
Use this in a project evidence log when a GSE update, workflow update, scaffold change, package release, or project release needs a compact acceptance record.
|
|
4
|
-
|
|
5
|
-
Keep the record short. Link to command output, CI, smoke reports, or evidence files instead of pasting long logs.
|
|
6
|
-
|
|
7
|
-
```text
|
|
8
|
-
Record type: update | release | scaffold | adapter | incident hotfix
|
|
9
|
-
Project path:
|
|
10
|
-
Goal or slice:
|
|
11
|
-
Release label or change id:
|
|
12
|
-
Evidence status: result | verified | accepted | not ready
|
|
13
|
-
|
|
14
|
-
Local decisions preserved:
|
|
15
|
-
Files changed:
|
|
16
|
-
Files intentionally not changed:
|
|
17
|
-
Commands run:
|
|
18
|
-
Focused verification:
|
|
19
|
-
Compatibility evidence:
|
|
20
|
-
Migration notes:
|
|
21
|
-
Rollback notes:
|
|
22
|
-
Owner or acceptance gate:
|
|
23
|
-
Accepted by:
|
|
24
|
-
Residual risks:
|
|
25
|
-
Next action:
|
|
26
|
-
```
|
|
27
|
-
|
|
28
|
-
## Status Rules
|
|
29
|
-
|
|
30
|
-
- `result`: the update, release notes, scaffold, adapter, or record exists.
|
|
31
|
-
- `verified`: focused checks prove the affected behavior in the current environment, and residual risk is recorded.
|
|
32
|
-
- `accepted`: the required owner, release policy, CI gate, smoke gate, archive gate, or explicitly named acceptance policy has accepted the verified result.
|
|
33
|
-
- `not ready`: required evidence is missing, contradicted, or outside the current environment.
|
|
34
|
-
|
|
35
|
-
## Anti-Overclaim Rules
|
|
36
|
-
|
|
37
|
-
- Do not mark `accepted` only because `validate-gse.mjs`, tests, lint, or a local smoke passed.
|
|
38
|
-
- Do not claim release publication, package install, production rollout, host runtime support, registry access, subagent support, MCP support, browser support, or owner approval unless the evidence names that gate.
|
|
39
|
-
- Keep unavailable or unverified tools as `unknown`, `documented`, or `unavailable`; do not convert them to `verified` through this record.
|
|
40
|
-
- If rollback is unknown, say `unknown`; do not infer rollback safety from file existence.
|
|
41
|
-
- If the user or release owner has not accepted a user-visible or irreversible change, write `Accepted by: not accepted`.
|
|
42
|
-
|
|
43
|
-
## Minimal Examples
|
|
44
|
-
|
|
45
|
-
```text
|
|
46
|
-
Evidence status: verified
|
|
47
|
-
Focused verification: node <skill>/scripts/validate-gse.mjs --root <skill> passed
|
|
48
|
-
Owner or acceptance gate: not required for internal template wording update
|
|
49
|
-
Accepted by: policy: Lite focused smoke policy
|
|
50
|
-
```
|
|
51
|
-
|
|
52
|
-
```text
|
|
53
|
-
Evidence status: verified
|
|
54
|
-
Focused verification: npm run smoke passed in target project
|
|
55
|
-
Owner or acceptance gate: release owner approval required
|
|
56
|
-
Accepted by: not accepted
|
|
57
|
-
Residual risks: production publish not executed; rollback not exercised
|
|
58
|
-
```
|
|
1
|
+
# Update Or Release Acceptance Record
|
|
2
|
+
|
|
3
|
+
Use this in a project evidence log when a GSE update, workflow update, scaffold change, package release, or project release needs a compact acceptance record.
|
|
4
|
+
|
|
5
|
+
Keep the record short. Link to command output, CI, smoke reports, or evidence files instead of pasting long logs.
|
|
6
|
+
|
|
7
|
+
```text
|
|
8
|
+
Record type: update | release | scaffold | adapter | incident hotfix
|
|
9
|
+
Project path:
|
|
10
|
+
Goal or slice:
|
|
11
|
+
Release label or change id:
|
|
12
|
+
Evidence status: result | verified | accepted | not ready
|
|
13
|
+
|
|
14
|
+
Local decisions preserved:
|
|
15
|
+
Files changed:
|
|
16
|
+
Files intentionally not changed:
|
|
17
|
+
Commands run:
|
|
18
|
+
Focused verification:
|
|
19
|
+
Compatibility evidence:
|
|
20
|
+
Migration notes:
|
|
21
|
+
Rollback notes:
|
|
22
|
+
Owner or acceptance gate:
|
|
23
|
+
Accepted by:
|
|
24
|
+
Residual risks:
|
|
25
|
+
Next action:
|
|
26
|
+
```
|
|
27
|
+
|
|
28
|
+
## Status Rules
|
|
29
|
+
|
|
30
|
+
- `result`: the update, release notes, scaffold, adapter, or record exists.
|
|
31
|
+
- `verified`: focused checks prove the affected behavior in the current environment, and residual risk is recorded.
|
|
32
|
+
- `accepted`: the required owner, release policy, CI gate, smoke gate, archive gate, or explicitly named acceptance policy has accepted the verified result.
|
|
33
|
+
- `not ready`: required evidence is missing, contradicted, or outside the current environment.
|
|
34
|
+
|
|
35
|
+
## Anti-Overclaim Rules
|
|
36
|
+
|
|
37
|
+
- Do not mark `accepted` only because `validate-gse.mjs`, tests, lint, or a local smoke passed.
|
|
38
|
+
- Do not claim release publication, package install, production rollout, host runtime support, registry access, subagent support, MCP support, browser support, or owner approval unless the evidence names that gate.
|
|
39
|
+
- Keep unavailable or unverified tools as `unknown`, `documented`, or `unavailable`; do not convert them to `verified` through this record.
|
|
40
|
+
- If rollback is unknown, say `unknown`; do not infer rollback safety from file existence.
|
|
41
|
+
- If the user or release owner has not accepted a user-visible or irreversible change, write `Accepted by: not accepted`.
|
|
42
|
+
|
|
43
|
+
## Minimal Examples
|
|
44
|
+
|
|
45
|
+
```text
|
|
46
|
+
Evidence status: verified
|
|
47
|
+
Focused verification: node <skill>/scripts/validate-gse.mjs --root <skill> passed
|
|
48
|
+
Owner or acceptance gate: not required for internal template wording update
|
|
49
|
+
Accepted by: policy: Lite focused smoke policy
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
```text
|
|
53
|
+
Evidence status: verified
|
|
54
|
+
Focused verification: npm run smoke passed in target project
|
|
55
|
+
Owner or acceptance gate: release owner approval required
|
|
56
|
+
Accepted by: not accepted
|
|
57
|
+
Residual risks: production publish not executed; rollback not exercised
|
|
58
|
+
```
|
package/examples/README.md
CHANGED
|
@@ -1,22 +1,22 @@
|
|
|
1
|
-
# GSE Example Fixtures
|
|
2
|
-
|
|
3
|
-
These fixtures are intentionally small. They are project shapes for forward tests and future agents, not full applications.
|
|
4
|
-
|
|
5
|
-
Use `references/adoption-recipes.md` to map fixture behavior to fresh install, existing repo adoption, update, or host adapter adoption paths.
|
|
6
|
-
|
|
7
|
-
## Fixtures
|
|
8
|
-
|
|
9
|
-
| Fixture | Shape | GSE workflows it can exercise |
|
|
10
|
-
|---|---|---|
|
|
11
|
-
| `small-app` | JavaScript/TypeScript app shape with package scripts, CI, Playwright config, and `.env.example` | bootstrap, project-profile discovery, quality gates, release evidence |
|
|
12
|
-
| `agent-runtime-host` | Agent-runtime product shape with `.gse/`, host adapter notes, MCP config placeholder, and runtime docs | host adapter, drift audit, recovery/handoff, tool/model status classification |
|
|
13
|
-
| `cli-tool` | JavaScript/TypeScript CLI package shape with `bin`, smoke, build, lint, typecheck, and package dry-run scripts | package adoption, command smoke evidence, release dry-run evidence, project-profile discovery |
|
|
14
|
-
|
|
15
|
-
## Rules
|
|
16
|
-
|
|
17
|
-
- No secrets. Use `.env.example` with placeholder names only.
|
|
18
|
-
- No lockfiles, caches, screenshots, build outputs, or generated noise.
|
|
19
|
-
- Keep fixture files short enough for a future agent to inspect quickly.
|
|
20
|
-
- Treat config presence as documented, not verified, until a focused command is run.
|
|
21
|
-
- Use these fixtures for structural and fixture forward tests; do not claim fresh-session acceptance from fixture presence alone.
|
|
22
|
-
- Run `node scripts/audit-fixtures.mjs --root <gse-skill-root> --json` for the repeatable fixture smoke.
|
|
1
|
+
# GSE Example Fixtures
|
|
2
|
+
|
|
3
|
+
These fixtures are intentionally small. They are project shapes for forward tests and future agents, not full applications.
|
|
4
|
+
|
|
5
|
+
Use `references/adoption-recipes.md` to map fixture behavior to fresh install, existing repo adoption, update, or host adapter adoption paths.
|
|
6
|
+
|
|
7
|
+
## Fixtures
|
|
8
|
+
|
|
9
|
+
| Fixture | Shape | GSE workflows it can exercise |
|
|
10
|
+
|---|---|---|
|
|
11
|
+
| `small-app` | JavaScript/TypeScript app shape with package scripts, CI, Playwright config, and `.env.example` | bootstrap, project-profile discovery, quality gates, release evidence |
|
|
12
|
+
| `agent-runtime-host` | Agent-runtime product shape with `.gse/`, host adapter notes, MCP config placeholder, and runtime docs | host adapter, drift audit, recovery/handoff, tool/model status classification |
|
|
13
|
+
| `cli-tool` | JavaScript/TypeScript CLI package shape with `bin`, smoke, build, lint, typecheck, and package dry-run scripts | package adoption, command smoke evidence, release dry-run evidence, project-profile discovery |
|
|
14
|
+
|
|
15
|
+
## Rules
|
|
16
|
+
|
|
17
|
+
- No secrets. Use `.env.example` with placeholder names only.
|
|
18
|
+
- No lockfiles, caches, screenshots, build outputs, or generated noise.
|
|
19
|
+
- Keep fixture files short enough for a future agent to inspect quickly.
|
|
20
|
+
- Treat config presence as documented, not verified, until a focused command is run.
|
|
21
|
+
- Use these fixtures for structural and fixture forward tests; do not claim fresh-session acceptance from fixture presence alone.
|
|
22
|
+
- Run `node scripts/audit-fixtures.mjs --root <gse-skill-root> --json` for the repeatable fixture smoke.
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
# Claude Code Adapter
|
|
2
|
-
|
|
3
|
-
Source of truth: `.gse/`.
|
|
4
|
-
|
|
5
|
-
- Commands and agents should point back to `.gse/` for goals, evidence, quality gates, and learning rules.
|
|
6
|
-
- Do not copy the goal map into this folder.
|
|
1
|
+
# Claude Code Adapter
|
|
2
|
+
|
|
3
|
+
Source of truth: `.gse/`.
|
|
4
|
+
|
|
5
|
+
- Commands and agents should point back to `.gse/` for goals, evidence, quality gates, and learning rules.
|
|
6
|
+
- Do not copy the goal map into this folder.
|
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
# Codex Adapter
|
|
2
|
-
|
|
3
|
-
Source of truth: `.gse/`.
|
|
4
|
-
|
|
5
|
-
- Read `.gse/project-profile.md` before using host-specific tools.
|
|
6
|
-
- Mark subagent, MCP, browser, and LSP capabilities as verified only after current-session evidence.
|
|
7
|
-
- Use `references/drift-audit.md` when adapter claims and current tools disagree.
|
|
1
|
+
# Codex Adapter
|
|
2
|
+
|
|
3
|
+
Source of truth: `.gse/`.
|
|
4
|
+
|
|
5
|
+
- Read `.gse/project-profile.md` before using host-specific tools.
|
|
6
|
+
- Mark subagent, MCP, browser, and LSP capabilities as verified only after current-session evidence.
|
|
7
|
+
- Use `references/drift-audit.md` when adapter claims and current tools disagree.
|
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
# Goal Map
|
|
2
|
-
|
|
3
|
-
## Current Focus
|
|
4
|
-
|
|
5
|
-
- Priority: P1
|
|
6
|
-
- Active slice: Verify host adapter and drift audit behavior.
|
|
7
|
-
- Next action: Inspect host adapter notes before claiming capabilities.
|
|
1
|
+
# Goal Map
|
|
2
|
+
|
|
3
|
+
## Current Focus
|
|
4
|
+
|
|
5
|
+
- Priority: P1
|
|
6
|
+
- Active slice: Verify host adapter and drift audit behavior.
|
|
7
|
+
- Next action: Inspect host adapter notes before claiming capabilities.
|
|
@@ -1,27 +1,27 @@
|
|
|
1
|
-
# Project Profile
|
|
2
|
-
|
|
3
|
-
## Identity
|
|
4
|
-
|
|
5
|
-
- Product/system name: Example Runtime
|
|
6
|
-
- Repository type: agent-runtime product fixture
|
|
7
|
-
- Main languages/frameworks: TypeScript, Node.js
|
|
8
|
-
|
|
9
|
-
## Tool Connections
|
|
10
|
-
|
|
11
|
-
| Tool | Purpose | Command/config | Status |
|
|
12
|
-
|---|---|---|---|
|
|
13
|
-
| MCP | external tools/data | `.mcp.json` | documented |
|
|
14
|
-
| Subagents | delegated work | host-specific | unknown |
|
|
15
|
-
| Browser | UI smoke | not configured | unknown |
|
|
16
|
-
| Model router | provider/model routing | docs/model-routing.md | documented |
|
|
17
|
-
|
|
18
|
-
## Agent Host Adapters
|
|
19
|
-
|
|
20
|
-
- Codex: `.codex/gse-adapter.md` documented.
|
|
21
|
-
- Claude Code: `.claude/gse-adapter.md` documented.
|
|
22
|
-
- Other hosts: unknown.
|
|
23
|
-
|
|
24
|
-
## Known Gotchas
|
|
25
|
-
|
|
26
|
-
- Config presence is documented, not verified.
|
|
27
|
-
- Drift audit is required before trusting old host capability claims.
|
|
1
|
+
# Project Profile
|
|
2
|
+
|
|
3
|
+
## Identity
|
|
4
|
+
|
|
5
|
+
- Product/system name: Example Runtime
|
|
6
|
+
- Repository type: agent-runtime product fixture
|
|
7
|
+
- Main languages/frameworks: TypeScript, Node.js
|
|
8
|
+
|
|
9
|
+
## Tool Connections
|
|
10
|
+
|
|
11
|
+
| Tool | Purpose | Command/config | Status |
|
|
12
|
+
|---|---|---|---|
|
|
13
|
+
| MCP | external tools/data | `.mcp.json` | documented |
|
|
14
|
+
| Subagents | delegated work | host-specific | unknown |
|
|
15
|
+
| Browser | UI smoke | not configured | unknown |
|
|
16
|
+
| Model router | provider/model routing | docs/model-routing.md | documented |
|
|
17
|
+
|
|
18
|
+
## Agent Host Adapters
|
|
19
|
+
|
|
20
|
+
- Codex: `.codex/gse-adapter.md` documented.
|
|
21
|
+
- Claude Code: `.claude/gse-adapter.md` documented.
|
|
22
|
+
- Other hosts: unknown.
|
|
23
|
+
|
|
24
|
+
## Known Gotchas
|
|
25
|
+
|
|
26
|
+
- Config presence is documented, not verified.
|
|
27
|
+
- Drift audit is required before trusting old host capability claims.
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
# Tooling
|
|
2
|
-
|
|
3
|
-
- MCP config: documented by `.mcp.json`, not verified.
|
|
4
|
-
- Model routing docs: documented by `docs/model-routing.md`, not verified.
|
|
5
|
-
- Subagent capability: unknown until host tools are visible in the active session.
|
|
1
|
+
# Tooling
|
|
2
|
+
|
|
3
|
+
- MCP config: documented by `.mcp.json`, not verified.
|
|
4
|
+
- Model routing docs: documented by `docs/model-routing.md`, not verified.
|
|
5
|
+
- Subagent capability: unknown until host tools are visible in the active session.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
{
|
|
2
|
-
"mcpServers": {
|
|
3
|
-
"fixture-docs": {
|
|
4
|
-
"command": "node",
|
|
5
|
-
"args": ["scripts/fixture-mcp.js"],
|
|
6
|
-
"status": "documented-not-verified"
|
|
7
|
-
}
|
|
8
|
-
}
|
|
9
|
-
}
|
|
1
|
+
{
|
|
2
|
+
"mcpServers": {
|
|
3
|
+
"fixture-docs": {
|
|
4
|
+
"command": "node",
|
|
5
|
+
"args": ["scripts/fixture-mcp.js"],
|
|
6
|
+
"status": "documented-not-verified"
|
|
7
|
+
}
|
|
8
|
+
}
|
|
9
|
+
}
|