@t275005746/gse 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (207) hide show
  1. package/.github/ISSUE_TEMPLATE/bug_report.yml +42 -0
  2. package/.github/ISSUE_TEMPLATE/change_request.yml +50 -0
  3. package/.github/ISSUE_TEMPLATE/config.yml +5 -0
  4. package/.github/PULL_REQUEST_TEMPLATE.md +38 -0
  5. package/.github/workflows/validate-gse.yml +33 -0
  6. package/.gse/README.md +18 -0
  7. package/.gse/gse-development-protocol.md +50 -0
  8. package/.gse/project-profile.md +29 -0
  9. package/.gse/quality-gates.md +25 -0
  10. package/.gse/releases/public-channel-publication-pending.md +49 -0
  11. package/.gse/releases/public-ci-run-pending.md +53 -0
  12. package/.gse/releases/public-release-owner-required.md +65 -0
  13. package/.gse/releases/public-repository-settings-owner-required.md +59 -0
  14. package/.gse/releases/public-security-contact-owner-required.md +45 -0
  15. package/.gse/state.json +27 -0
  16. package/CHANGELOG.md +24 -0
  17. package/CONTRIBUTING.md +64 -0
  18. package/LICENSE +21 -0
  19. package/README.md +236 -0
  20. package/README.zh-CN.md +236 -0
  21. package/SECURITY.md +41 -0
  22. package/SKILL.md +148 -0
  23. package/SUPPORT.md +38 -0
  24. package/agents/openai.yaml +4 -0
  25. package/assets/marketplace/README.md +7 -0
  26. package/assets/marketplace/gse-listing.json +75 -0
  27. package/assets/templates/acceptance-execution-packet.md +73 -0
  28. package/assets/templates/adr.md +14 -0
  29. package/assets/templates/change-brief.md +16 -0
  30. package/assets/templates/design.md +18 -0
  31. package/assets/templates/dispatch-packet.md +104 -0
  32. package/assets/templates/evidence.md +14 -0
  33. package/assets/templates/execution-quality-pack.md +65 -0
  34. package/assets/templates/goal-map.md +21 -0
  35. package/assets/templates/host-adapter.md +48 -0
  36. package/assets/templates/host-ui-invocation-record.md +42 -0
  37. package/assets/templates/incident-review.md +60 -0
  38. package/assets/templates/public-channel-publication-record.md +49 -0
  39. package/assets/templates/public-ci-run-record.md +53 -0
  40. package/assets/templates/public-release-record.md +65 -0
  41. package/assets/templates/public-repository-settings-record.md +59 -0
  42. package/assets/templates/public-security-contact-record.md +45 -0
  43. package/assets/templates/release-trust-record.md +32 -0
  44. package/assets/templates/review.md +18 -0
  45. package/assets/templates/spec.md +16 -0
  46. package/assets/templates/target-adoption-evidence.md +29 -0
  47. package/assets/templates/tasks.md +17 -0
  48. package/assets/templates/update-release-acceptance-record.md +58 -0
  49. package/examples/README.md +22 -0
  50. package/examples/agent-runtime-host/.claude/gse-adapter.md +6 -0
  51. package/examples/agent-runtime-host/.codex/gse-adapter.md +7 -0
  52. package/examples/agent-runtime-host/.gse/goal-map.md +7 -0
  53. package/examples/agent-runtime-host/.gse/project-profile.md +27 -0
  54. package/examples/agent-runtime-host/.gse/tooling.md +5 -0
  55. package/examples/agent-runtime-host/.mcp.json +9 -0
  56. package/examples/agent-runtime-host/AGENTS.md +5 -0
  57. package/examples/agent-runtime-host/README.md +10 -0
  58. package/examples/agent-runtime-host/docs/model-routing.md +5 -0
  59. package/examples/cli-tool/.gse/project-profile.md +21 -0
  60. package/examples/cli-tool/AGENTS.md +5 -0
  61. package/examples/cli-tool/README.md +12 -0
  62. package/examples/cli-tool/package.json +21 -0
  63. package/examples/small-app/.env.example +2 -0
  64. package/examples/small-app/.github/workflows/ci.yml +8 -0
  65. package/examples/small-app/AGENTS.md +5 -0
  66. package/examples/small-app/README.md +12 -0
  67. package/examples/small-app/package.json +26 -0
  68. package/examples/small-app/playwright.config.ts +4 -0
  69. package/package.json +53 -0
  70. package/references/adoption-recipes.md +171 -0
  71. package/references/agent-roles.md +49 -0
  72. package/references/architecture-health.md +101 -0
  73. package/references/benchmark-audit.md +73 -0
  74. package/references/commands.md +295 -0
  75. package/references/community-channels.md +46 -0
  76. package/references/compatibility.md +70 -0
  77. package/references/design-basis.md +38 -0
  78. package/references/domain-model.md +129 -0
  79. package/references/domain-quality-gates.md +75 -0
  80. package/references/drift-audit.md +81 -0
  81. package/references/evidence-taxonomy.md +123 -0
  82. package/references/file-ownership.md +107 -0
  83. package/references/final-readiness.md +84 -0
  84. package/references/forward-test.md +133 -0
  85. package/references/goal-map.md +36 -0
  86. package/references/host-adapters.md +119 -0
  87. package/references/learning-system.md +35 -0
  88. package/references/marketplace-discovery.md +46 -0
  89. package/references/model-routing.md +103 -0
  90. package/references/open-source-defaults.md +39 -0
  91. package/references/operating-model.md +52 -0
  92. package/references/packaging.md +277 -0
  93. package/references/project-agent-workspace.md +89 -0
  94. package/references/project-bootstrap.md +122 -0
  95. package/references/project-profile.md +57 -0
  96. package/references/public-release.md +174 -0
  97. package/references/quality-gates.md +100 -0
  98. package/references/recovery.md +176 -0
  99. package/references/release-trust.md +43 -0
  100. package/references/release.md +126 -0
  101. package/references/review.md +141 -0
  102. package/references/router.md +90 -0
  103. package/references/spec-workflow.md +66 -0
  104. package/references/task-levels.md +81 -0
  105. package/references/tool-adapters.md +73 -0
  106. package/scripts/audit-acceptance-execution-packet.mjs +133 -0
  107. package/scripts/audit-adoption-recipes.mjs +99 -0
  108. package/scripts/audit-adoption.mjs +154 -0
  109. package/scripts/audit-change-lifecycle.mjs +77 -0
  110. package/scripts/audit-change-system.mjs +134 -0
  111. package/scripts/audit-ci-readiness.mjs +107 -0
  112. package/scripts/audit-close-gate.mjs +323 -0
  113. package/scripts/audit-command-adapters.mjs +91 -0
  114. package/scripts/audit-command-execution.mjs +210 -0
  115. package/scripts/audit-commands.mjs +117 -0
  116. package/scripts/audit-compatibility.mjs +149 -0
  117. package/scripts/audit-completion-readiness.mjs +292 -0
  118. package/scripts/audit-distribution.mjs +251 -0
  119. package/scripts/audit-domain-quality-gates.mjs +108 -0
  120. package/scripts/audit-evidence-placeholders.mjs +126 -0
  121. package/scripts/audit-final-acceptance-packet.mjs +148 -0
  122. package/scripts/audit-final-form-progress-report.mjs +161 -0
  123. package/scripts/audit-final-form-stale-copy.mjs +221 -0
  124. package/scripts/audit-final-readiness-promotion.mjs +255 -0
  125. package/scripts/audit-final-readiness.mjs +226 -0
  126. package/scripts/audit-fixtures.mjs +154 -0
  127. package/scripts/audit-fresh-session-readiness.mjs +177 -0
  128. package/scripts/audit-gse.mjs +275 -0
  129. package/scripts/audit-host-adapters.mjs +119 -0
  130. package/scripts/audit-host-runtime-evidence-handoff.mjs +159 -0
  131. package/scripts/audit-host-runtime-invocation-drill.mjs +240 -0
  132. package/scripts/audit-host-runtime-invocations.mjs +254 -0
  133. package/scripts/audit-host-ui-invocation.mjs +132 -0
  134. package/scripts/audit-learning-system.mjs +103 -0
  135. package/scripts/audit-local-final-form-completion.mjs +131 -0
  136. package/scripts/audit-marketplace-discovery.mjs +122 -0
  137. package/scripts/audit-npm-package-metadata.mjs +155 -0
  138. package/scripts/audit-npm-publish-dry-run.mjs +169 -0
  139. package/scripts/audit-npm-tarball-install.mjs +191 -0
  140. package/scripts/audit-open-source-defaults.mjs +92 -0
  141. package/scripts/audit-open-source-readiness.mjs +97 -0
  142. package/scripts/audit-owner-external-gate-kit.mjs +218 -0
  143. package/scripts/audit-project.mjs +323 -0
  144. package/scripts/audit-public-acceptance-command-dry-run-drill.mjs +203 -0
  145. package/scripts/audit-public-acceptance-handoff.mjs +142 -0
  146. package/scripts/audit-public-acceptance-readiness.mjs +224 -0
  147. package/scripts/audit-public-channel-publication.mjs +248 -0
  148. package/scripts/audit-public-ci-run.mjs +184 -0
  149. package/scripts/audit-public-collaboration-templates.mjs +98 -0
  150. package/scripts/audit-public-external-gate-probe.mjs +206 -0
  151. package/scripts/audit-public-release-checklist.mjs +133 -0
  152. package/scripts/audit-public-release-decision.mjs +201 -0
  153. package/scripts/audit-public-release-metadata.mjs +176 -0
  154. package/scripts/audit-public-repository-settings.mjs +237 -0
  155. package/scripts/audit-public-security-contact.mjs +171 -0
  156. package/scripts/audit-readme-docs.mjs +185 -0
  157. package/scripts/audit-recovery-readiness.mjs +98 -0
  158. package/scripts/audit-release-bundle.mjs +251 -0
  159. package/scripts/audit-release-owner-action-plan-drill.mjs +277 -0
  160. package/scripts/audit-release-owner-action-plan.mjs +164 -0
  161. package/scripts/audit-release-readiness.mjs +106 -0
  162. package/scripts/audit-release-status-manifest.mjs +165 -0
  163. package/scripts/audit-release-trust.mjs +62 -0
  164. package/scripts/audit-remote-distribution.mjs +266 -0
  165. package/scripts/audit-roadmap-consistency.mjs +235 -0
  166. package/scripts/audit-signing.mjs +147 -0
  167. package/scripts/audit-state-freshness.mjs +113 -0
  168. package/scripts/audit-target-adoption-evidence.mjs +117 -0
  169. package/scripts/audit-target-project.mjs +507 -0
  170. package/scripts/audit-update-release-acceptance.mjs +136 -0
  171. package/scripts/audit-v1-target-validation.mjs +269 -0
  172. package/scripts/audit-validation-profiles.mjs +125 -0
  173. package/scripts/close-change.mjs +116 -0
  174. package/scripts/discover-project-profile.mjs +307 -0
  175. package/scripts/forward-test-gse.mjs +146 -0
  176. package/scripts/generate-command-adapter.mjs +231 -0
  177. package/scripts/generate-final-acceptance-packet.mjs +181 -0
  178. package/scripts/generate-final-form-progress-report.mjs +205 -0
  179. package/scripts/generate-host-adapter.mjs +73 -0
  180. package/scripts/generate-host-runtime-evidence-handoff.mjs +206 -0
  181. package/scripts/generate-owner-external-gate-kit.mjs +295 -0
  182. package/scripts/generate-public-acceptance-handoff.mjs +168 -0
  183. package/scripts/generate-public-release-checklist.mjs +207 -0
  184. package/scripts/generate-release-bundle.mjs +505 -0
  185. package/scripts/generate-release-owner-action-plan.mjs +172 -0
  186. package/scripts/generate-release-status-manifest.mjs +200 -0
  187. package/scripts/generate-session-prompt.mjs +188 -0
  188. package/scripts/gse.mjs +67 -0
  189. package/scripts/init-change.mjs +265 -0
  190. package/scripts/init-project.mjs +785 -0
  191. package/scripts/install-gse.mjs +234 -0
  192. package/scripts/lib/evidence-placeholders.mjs +28 -0
  193. package/scripts/package-gse.mjs +174 -0
  194. package/scripts/probe-public-external-gates.mjs +167 -0
  195. package/scripts/record-host-invocation.mjs +151 -0
  196. package/scripts/record-learning.mjs +137 -0
  197. package/scripts/record-public-channel-publication.mjs +178 -0
  198. package/scripts/record-public-ci-run.mjs +180 -0
  199. package/scripts/record-public-release.mjs +175 -0
  200. package/scripts/record-public-repository-settings.mjs +209 -0
  201. package/scripts/record-public-security-contact.mjs +157 -0
  202. package/scripts/run-gse-command.mjs +538 -0
  203. package/scripts/run-validation-profile.mjs +146 -0
  204. package/scripts/sign-gse-package.mjs +83 -0
  205. package/scripts/update-project-state.mjs +223 -0
  206. package/scripts/validate-gse.mjs +1168 -0
  207. package/scripts/verify-gse-package.mjs +85 -0
@@ -0,0 +1,307 @@
1
+ #!/usr/bin/env node
2
+ import fs from 'node:fs'
3
+ import path from 'node:path'
4
+
5
+ const args = process.argv.slice(2)
6
+
7
+ function readArg(name, fallback = null) {
8
+ const index = args.indexOf(name)
9
+ if (index === -1) return fallback
10
+ return args[index + 1] ?? fallback
11
+ }
12
+
13
+ const target = path.resolve(readArg('--target', process.cwd()))
14
+ const write = args.includes('--write')
15
+ const force = args.includes('--force')
16
+ const json = args.includes('--json')
17
+ const profilePath = path.join(target, '.gse', 'project-profile.md')
18
+
19
+ function exists(relativePath) {
20
+ return fs.existsSync(path.join(target, relativePath))
21
+ }
22
+
23
+ function readText(relativePath) {
24
+ const filePath = path.join(target, relativePath)
25
+ if (!fs.existsSync(filePath)) return null
26
+ return fs.readFileSync(filePath, 'utf8')
27
+ }
28
+
29
+ function safeJson(relativePath) {
30
+ const text = readText(relativePath)
31
+ if (!text) return null
32
+ try {
33
+ return JSON.parse(text.replace(/^\uFEFF/, ''))
34
+ } catch {
35
+ return null
36
+ }
37
+ }
38
+
39
+ function listExisting(paths) {
40
+ return paths.filter((item) => exists(item))
41
+ }
42
+
43
+ function detectPackageManager() {
44
+ if (exists('pnpm-lock.yaml')) return 'pnpm'
45
+ if (exists('bun.lockb') || exists('bun.lock')) return 'bun'
46
+ if (exists('yarn.lock')) return 'yarn'
47
+ if (exists('package-lock.json')) return 'npm'
48
+ if (exists('package.json')) return 'npm or project-specific'
49
+ return ''
50
+ }
51
+
52
+ function detectFrameworks(pkg) {
53
+ if (!pkg) return []
54
+ const deps = { ...(pkg.dependencies ?? {}), ...(pkg.devDependencies ?? {}) }
55
+ const frameworks = []
56
+ const checks = [
57
+ ['next', 'Next.js'],
58
+ ['react', 'React'],
59
+ ['vite', 'Vite'],
60
+ ['vue', 'Vue'],
61
+ ['svelte', 'Svelte'],
62
+ ['typescript', 'TypeScript'],
63
+ ['playwright', 'Playwright'],
64
+ ['@playwright/test', 'Playwright'],
65
+ ['vitest', 'Vitest'],
66
+ ['jest', 'Jest'],
67
+ ['eslint', 'ESLint'],
68
+ ['prettier', 'Prettier'],
69
+ ]
70
+ for (const [dep, label] of checks) {
71
+ if (deps[dep] && !frameworks.includes(label)) frameworks.push(label)
72
+ }
73
+ return frameworks
74
+ }
75
+
76
+ function detectScripts(pkg) {
77
+ const scripts = pkg?.scripts ?? {}
78
+ const wanted = ['install', 'dev', 'start', 'test', 'test:unit', 'test:e2e', 'lint', 'typecheck', 'check', 'build', 'format']
79
+ const names = new Set(wanted.filter((name) => scripts[name]))
80
+ for (const name of Object.keys(scripts)) {
81
+ if (/^(smoke|evidence|replay|eval|release|deploy|publish|electron):/.test(name)) names.add(name)
82
+ }
83
+ return [...names]
84
+ .filter((name) => scripts[name])
85
+ .map((name) => ({ name, command: scripts[name] }))
86
+ }
87
+
88
+ function detectWorkflows() {
89
+ const dir = path.join(target, '.github', 'workflows')
90
+ if (!fs.existsSync(dir)) return []
91
+ return fs.readdirSync(dir).filter((name) => /\.ya?ml$/i.test(name)).map((name) => `.github/workflows/${name}`)
92
+ }
93
+
94
+ function detectMcpFiles() {
95
+ return listExisting([
96
+ '.mcp.json',
97
+ 'mcp.json',
98
+ '.cursor/mcp.json',
99
+ '.claude/mcp.json',
100
+ '.codex/mcp.json',
101
+ ])
102
+ }
103
+
104
+ function detectAgentRules() {
105
+ return listExisting([
106
+ 'AGENTS.md',
107
+ 'CLAUDE.md',
108
+ 'GEMINI.md',
109
+ 'CONTEXT.md',
110
+ 'CONTEXT-MAP.md',
111
+ '.cursorrules',
112
+ '.windsurfrules',
113
+ ])
114
+ }
115
+
116
+ function detectDocs() {
117
+ return listExisting([
118
+ 'README.md',
119
+ 'CONTRIBUTING.md',
120
+ 'CODING_STANDARDS.md',
121
+ 'SECURITY.md',
122
+ 'CHANGELOG.md',
123
+ 'docs/adr',
124
+ 'docs/architecture.md',
125
+ ])
126
+ }
127
+
128
+ function detectConfigFiles() {
129
+ return listExisting([
130
+ 'package.json',
131
+ 'tsconfig.json',
132
+ 'Makefile',
133
+ 'justfile',
134
+ 'pyproject.toml',
135
+ 'Cargo.toml',
136
+ 'go.mod',
137
+ 'playwright.config.ts',
138
+ 'playwright.config.js',
139
+ 'vite.config.ts',
140
+ 'vite.config.js',
141
+ 'next.config.js',
142
+ 'eslint.config.js',
143
+ 'eslint.config.mjs',
144
+ '.prettierrc',
145
+ '.pre-commit-config.yaml',
146
+ '.env.example',
147
+ ])
148
+ }
149
+
150
+ function inferRepoType(pkg, configs) {
151
+ if (pkg) return 'JavaScript/TypeScript package or web app'
152
+ if (configs.includes('pyproject.toml')) return 'Python project'
153
+ if (configs.includes('Cargo.toml')) return 'Rust project'
154
+ if (configs.includes('go.mod')) return 'Go project'
155
+ return 'unknown'
156
+ }
157
+
158
+ function table(rows) {
159
+ if (rows.length === 0) return '| Item | Value | Status | Evidence |\n|---|---|---|---|\n| - | - | unknown | - |'
160
+ return ['| Item | Value | Status | Evidence |', '|---|---|---|---|', ...rows.map((row) => `| ${row.item} | ${row.value} | ${row.status} | ${row.evidence} |`)].join('\n')
161
+ }
162
+
163
+ function renderMarkdown(model) {
164
+ const scriptLines = model.scripts.length
165
+ ? model.scripts.map((item) => `- ${item.name}: \`${item.command}\` (documented in package.json)`).join('\n')
166
+ : '- No package scripts detected.'
167
+
168
+ const toolRows = [
169
+ ...model.toolConnections.map((item) => ({
170
+ item: item.tool,
171
+ value: item.purpose,
172
+ status: item.status,
173
+ evidence: item.evidence,
174
+ })),
175
+ ]
176
+
177
+ return `# Project Profile
178
+
179
+ Generated: ${model.generatedAt}
180
+
181
+ Keep this file short and factual. Project-specific rules override generic GSE defaults.
182
+
183
+ ## Identity
184
+
185
+ - Product/system name: ${model.identity.name}
186
+ - Repository type: ${model.identity.repoType}
187
+ - Main languages/frameworks: ${model.identity.frameworks.length ? model.identity.frameworks.join(', ') : 'unknown'}
188
+ - Package manager: ${model.identity.packageManager || 'unknown'}
189
+
190
+ ## Evidence Sources
191
+
192
+ - Agent rules: ${model.sources.agentRules.length ? model.sources.agentRules.join(', ') : '-'}
193
+ - Docs: ${model.sources.docs.length ? model.sources.docs.join(', ') : '-'}
194
+ - Config files: ${model.sources.configFiles.length ? model.sources.configFiles.join(', ') : '-'}
195
+ - CI workflows: ${model.sources.workflows.length ? model.sources.workflows.join(', ') : '-'}
196
+
197
+ ## Development Commands
198
+
199
+ ${scriptLines}
200
+
201
+ ## Standards
202
+
203
+ - Coding standards: ${model.sources.docs.includes('CODING_STANDARDS.md') ? 'documented in CODING_STANDARDS.md' : 'unknown'}
204
+ - Formatting: ${model.formatting.length ? model.formatting.join(', ') : 'unknown'}
205
+ - Testing expectations: ${model.testing.length ? model.testing.join(', ') : 'unknown'}
206
+ - Documentation expectations: ${model.sources.docs.includes('CONTRIBUTING.md') ? 'documented in CONTRIBUTING.md' : 'unknown'}
207
+
208
+ ## Tool Connections
209
+
210
+ ${table(toolRows)}
211
+
212
+ ## Agent Host Adapters
213
+
214
+ - Codex: ${model.sources.agentRules.includes('AGENTS.md') ? 'documented via AGENTS.md' : 'unknown'}
215
+ - Claude Code: ${model.sources.agentRules.includes('CLAUDE.md') || exists('.claude') ? 'documented' : 'unknown'}
216
+ - Hermes/AION-style runtime: unknown
217
+ - WorkBuddy/other: unknown
218
+
219
+ ## Security And Permissions
220
+
221
+ - Secrets handling: ${model.sources.configFiles.includes('.env.example') ? 'documented by .env.example presence; real secrets not inspected' : 'unknown'}
222
+ - Write-capable tools: unknown
223
+ - Destructive commands: unknown
224
+ - External services: ${model.externalServices.length ? model.externalServices.join(', ') : 'unknown'}
225
+
226
+ ## Release And Rollback
227
+
228
+ - Release command/process: ${model.release.length ? model.release.join(', ') : 'unknown'}
229
+ - Rollback: unknown
230
+ - Smoke checks: ${model.smoke.length ? model.smoke.join(', ') : 'unknown'}
231
+
232
+ ## Known Gotchas
233
+
234
+ - Tool presence from config is marked documented, not verified. Run focused commands before relying on any tool.
235
+ `
236
+ }
237
+
238
+ const pkg = safeJson('package.json')
239
+ const deps = { ...(pkg?.dependencies ?? {}), ...(pkg?.devDependencies ?? {}) }
240
+ const configs = detectConfigFiles()
241
+ const workflows = detectWorkflows()
242
+ const scripts = detectScripts(pkg)
243
+ const frameworks = detectFrameworks(pkg)
244
+ const mcpFiles = detectMcpFiles()
245
+ const agentRules = detectAgentRules()
246
+ const docs = detectDocs()
247
+
248
+ const formatting = []
249
+ if (configs.some((item) => item.includes('prettier'))) formatting.push('Prettier documented by config')
250
+ if (configs.some((item) => item.includes('eslint'))) formatting.push('ESLint documented by config')
251
+
252
+ const testing = []
253
+ for (const script of scripts) {
254
+ if (script.name.includes('test')) testing.push(`${script.name} script documented`)
255
+ }
256
+ if (configs.some((item) => item.startsWith('playwright.config'))) testing.push('Playwright config documented')
257
+
258
+ const toolConnections = []
259
+ if (mcpFiles.length) toolConnections.push({ tool: 'MCP', purpose: 'External tool/data connections', status: 'documented', evidence: mcpFiles.join(', ') })
260
+ else toolConnections.push({ tool: 'MCP', purpose: 'External tool/data connections', status: 'unknown', evidence: '-' })
261
+ const playwrightEvidence = []
262
+ if (deps.playwright || deps['@playwright/test']) playwrightEvidence.push('package.json dependency')
263
+ if (scripts.some((item) => item.name.includes('smoke') && /browser|ui|playwright/i.test(item.command + ' ' + item.name))) playwrightEvidence.push('package.json smoke script')
264
+ if (configs.some((item) => item.startsWith('playwright.config'))) playwrightEvidence.push(configs.filter((item) => item.startsWith('playwright.config')).join(', '))
265
+ if (playwrightEvidence.length) toolConnections.push({ tool: 'Browser/Playwright', purpose: 'UI smoke and browser automation', status: 'documented', evidence: playwrightEvidence.join(', ') })
266
+ else toolConnections.push({ tool: 'Browser/Playwright', purpose: 'UI smoke and browser automation', status: 'unknown', evidence: '-' })
267
+ if (workflows.length) toolConnections.push({ tool: 'CI', purpose: 'Automated gates', status: 'documented', evidence: workflows.join(', ') })
268
+ else toolConnections.push({ tool: 'CI', purpose: 'Automated gates', status: 'unknown', evidence: '-' })
269
+ toolConnections.push({ tool: 'LSP/index', purpose: 'Symbol navigation', status: 'unknown', evidence: '-' })
270
+
271
+ const release = scripts.filter((item) => /release|deploy|publish/i.test(item.name)).map((item) => `${item.name}: ${item.command}`)
272
+ const smoke = scripts.filter((item) => /smoke|check|test:e2e/i.test(item.name)).map((item) => `${item.name}: ${item.command}`)
273
+ const externalServices = []
274
+ if (configs.includes('.env.example')) externalServices.push('.env.example present')
275
+
276
+ const model = {
277
+ target,
278
+ generatedAt: new Date().toISOString(),
279
+ identity: {
280
+ name: pkg?.name ?? path.basename(target),
281
+ repoType: inferRepoType(pkg, configs),
282
+ frameworks,
283
+ packageManager: detectPackageManager(),
284
+ },
285
+ sources: { agentRules, docs, configFiles: configs, workflows },
286
+ scripts,
287
+ formatting,
288
+ testing,
289
+ toolConnections,
290
+ release,
291
+ smoke,
292
+ externalServices,
293
+ }
294
+
295
+ const markdown = renderMarkdown(model)
296
+
297
+ if (write) {
298
+ fs.mkdirSync(path.dirname(profilePath), { recursive: true })
299
+ if (!force && fs.existsSync(profilePath)) {
300
+ console.error(`Refusing to overwrite existing ${profilePath}. Pass --force to overwrite.`)
301
+ process.exit(2)
302
+ }
303
+ fs.writeFileSync(profilePath, markdown, 'utf8')
304
+ }
305
+
306
+ if (json) console.log(JSON.stringify(model, null, 2))
307
+ else console.log(markdown)
@@ -0,0 +1,146 @@
1
+ #!/usr/bin/env node
2
+ import fs from 'node:fs'
3
+ import path from 'node:path'
4
+ import { spawnSync } from 'node:child_process'
5
+
6
+ const args = process.argv.slice(2)
7
+
8
+ function readArg(name, fallback = null) {
9
+ const index = args.indexOf(name)
10
+ if (index === -1) return fallback
11
+ return args[index + 1] ?? fallback
12
+ }
13
+
14
+ const root = path.resolve(readArg('--root', path.join(import.meta.dirname, '..')))
15
+ const jsonOnly = args.includes('--json')
16
+
17
+ function exists(relativePath) {
18
+ return fs.existsSync(path.join(root, relativePath))
19
+ }
20
+
21
+ function readText(relativePath) {
22
+ const fullPath = path.join(root, relativePath)
23
+ if (!fs.existsSync(fullPath)) return ''
24
+ return fs.readFileSync(fullPath, 'utf8')
25
+ }
26
+
27
+ function runNode(script, commandArgs) {
28
+ return spawnSync(process.execPath, [script, ...commandArgs], {
29
+ cwd: root,
30
+ encoding: 'utf8',
31
+ windowsHide: true,
32
+ })
33
+ }
34
+
35
+ function parseJson(text) {
36
+ try {
37
+ return JSON.parse(text)
38
+ } catch {
39
+ return null
40
+ }
41
+ }
42
+
43
+ function check(id, label, ok, evidence, risk = '') {
44
+ return { id, label, status: ok ? 'passed' : 'failed', evidence, risk }
45
+ }
46
+
47
+ const requiredDocs = [
48
+ 'SKILL.md',
49
+ 'references/router.md',
50
+ 'references/forward-test.md',
51
+ 'references/evidence-taxonomy.md',
52
+ 'examples/README.md',
53
+ ]
54
+
55
+ const startupText = readText('SKILL.md')
56
+ const routerText = readText('references/router.md')
57
+ const forwardText = readText('references/forward-test.md')
58
+ const taxonomyText = readText('references/evidence-taxonomy.md')
59
+ const examplesText = readText('examples/README.md')
60
+
61
+ const smallAppTarget = path.join(root, 'examples', 'small-app')
62
+ const profileRun = runNode(path.join(root, 'scripts', 'discover-project-profile.mjs'), ['--target', smallAppTarget, '--json'])
63
+ const profile = profileRun.status === 0 ? parseJson(profileRun.stdout) : null
64
+ const frameworkSet = new Set(profile?.identity?.frameworks ?? [])
65
+ const toolStatuses = new Set((profile?.toolConnections ?? []).map((item) => item.status))
66
+
67
+ const codexAdapter = readText('examples/agent-runtime-host/.codex/gse-adapter.md')
68
+ const claudeAdapter = readText('examples/agent-runtime-host/.claude/gse-adapter.md')
69
+ const runtimeProfile = readText('examples/agent-runtime-host/.gse/project-profile.md')
70
+ const runtimeTooling = readText('examples/agent-runtime-host/.gse/tooling.md')
71
+ const modelRouting = readText('examples/agent-runtime-host/docs/model-routing.md')
72
+
73
+ const checks = [
74
+ check('FT01', 'documented startup inputs exist', requiredDocs.every(exists), requiredDocs.join(', ')),
75
+ check('FT02', 'SKILL startup routes GSE changes through validation', startupText.includes('scripts/validate-gse.mjs') && startupText.includes('references/router.md'), 'SKILL.md startup flow'),
76
+ check('FT03', 'router exposes GSE self-development route', routerText.includes('GSE self-development') && routerText.includes('.gse/gse-design-master-plan.md') && routerText.includes('current-slice'), 'references/router.md'),
77
+ check('FT04', 'forward-test protocol defines fixture versus fresh-session gates', forwardText.includes('Fixture forward test') && forwardText.includes('Fresh-session forward test') && forwardText.includes('accepted by: fresh-session'), 'references/forward-test.md'),
78
+ check('FT05', 'evidence taxonomy distinguishes result verified accepted', taxonomyText.includes('result -> verified -> accepted') && taxonomyText.includes('Not enough for `accepted`'), 'references/evidence-taxonomy.md'),
79
+ check('FT06', 'fixture docs forbid claiming fresh-session acceptance from fixture presence', examplesText.includes('do not claim fresh-session acceptance') && examplesText.includes('audit-fixtures.mjs'), 'examples/README.md'),
80
+ check('FT07', 'small-app fixture profile discovery runs from documented command', profileRun.status === 0 && Boolean(profile), 'discover-project-profile.mjs --target examples/small-app --json'),
81
+ check('FT08', 'small-app profile discovery detects representative app shape', frameworkSet.has('React') && frameworkSet.has('Vite') && frameworkSet.has('TypeScript') && frameworkSet.has('Playwright'), 'frameworks: ' + [...frameworkSet].join(', ')),
82
+ check('FT09', 'small-app keeps configured tools documented not over-verified', toolStatuses.has('documented') && toolStatuses.has('unknown') && ![...(profile?.toolConnections ?? [])].some((item) => item.status === 'verified'), 'tool statuses: ' + [...toolStatuses].join(', ')),
83
+ check('FT10', 'agent-runtime host adapters point back to .gse source of truth', codexAdapter.includes('Source of truth: `.gse/`.') && claudeAdapter.includes('Source of truth: `.gse/`.'), 'Codex and Claude adapter notes'),
84
+ check('FT11', 'agent-runtime fixture avoids unsupported capability claims', runtimeProfile.includes('unknown') && runtimeTooling.includes('not verified') && modelRouting.includes('provider support from docs alone'), 'runtime profile/tooling/model routing status text'),
85
+ ]
86
+
87
+ const passed = checks.filter((item) => item.status === 'passed').length
88
+ const failed = checks.length - passed
89
+ const report = {
90
+ root,
91
+ generatedAt: new Date().toISOString(),
92
+ level: 'fixture forward test',
93
+ scenario: 'Documented GSE startup plus small-app and agent-runtime-host fixture adoption',
94
+ changedBehavior: 'Future agents can use SKILL.md, router, forward-test, evidence taxonomy, and fixtures without hidden author memory.',
95
+ evidenceStatus: failed === 0 ? 'verified' : 'result',
96
+ acceptedBy: 'not accepted; fresh-session acceptance requires a separate agent/session or explicit acceptance policy',
97
+ summary: { status: failed === 0 ? 'passed' : 'failed', passed, failed, total: checks.length },
98
+ commandsOrInspection: [
99
+ 'Read SKILL.md, references/router.md, references/forward-test.md, references/evidence-taxonomy.md, examples/README.md',
100
+ 'Run node scripts/discover-project-profile.mjs --target examples/small-app --json',
101
+ 'Inspect examples/agent-runtime-host host adapters and tool/model status files',
102
+ ],
103
+ residualRisk: [
104
+ 'This is fixture-level verification, not a true fresh-session run.',
105
+ 'No package install, CI, browser, MCP, LSP, or external service was executed.',
106
+ 'Real repository adoption still needs a later smoke against an existing repo fixture or project.',
107
+ ],
108
+ nextAction: 'Add real-repo adoption smoke or run a true fresh-session forward test when a separate-session tool is available.',
109
+ checks,
110
+ }
111
+
112
+ function renderMarkdown(data) {
113
+ const lines = []
114
+ lines.push('# GSE Forward Test')
115
+ lines.push('')
116
+ lines.push('Generated: ' + data.generatedAt)
117
+ lines.push('Root: ' + data.root)
118
+ lines.push('')
119
+ lines.push('## Record')
120
+ lines.push('')
121
+ lines.push('- Forward-test level: ' + data.level)
122
+ lines.push('- Scenario: ' + data.scenario)
123
+ lines.push('- Changed behavior: ' + data.changedBehavior)
124
+ lines.push('- Result evidence: documented inputs and fixture checks exist')
125
+ lines.push('- Verification evidence: ' + data.summary.passed + '/' + data.summary.total + ' checks passed')
126
+ lines.push('- Evidence status: ' + data.evidenceStatus)
127
+ lines.push('- Accepted by: ' + data.acceptedBy)
128
+ lines.push('- Next action: ' + data.nextAction)
129
+ lines.push('')
130
+ lines.push('## Checks')
131
+ lines.push('')
132
+ for (const item of data.checks) {
133
+ const marker = item.status === 'passed' ? '[x]' : '[ ]'
134
+ lines.push('- ' + marker + ' ' + item.id + ' ' + item.label + ': ' + item.evidence)
135
+ }
136
+ lines.push('')
137
+ lines.push('## Residual Risk')
138
+ lines.push('')
139
+ for (const item of data.residualRisk) lines.push('- ' + item)
140
+ return lines.join('\n') + '\n'
141
+ }
142
+
143
+ if (jsonOnly) console.log(JSON.stringify(report, null, 2))
144
+ else console.log(renderMarkdown(report))
145
+
146
+ if (failed > 0) process.exit(1)
@@ -0,0 +1,231 @@
1
+ #!/usr/bin/env node
2
+ import fs from 'node:fs'
3
+ import path from 'node:path'
4
+
5
+ const args = process.argv.slice(2)
6
+
7
+ function readArg(name, fallback = null) {
8
+ const index = args.indexOf(name)
9
+ if (index === -1) return fallback
10
+ return args[index + 1] ?? fallback
11
+ }
12
+
13
+ const target = path.resolve(readArg('--target', process.cwd()))
14
+ const hostArg = readArg('--host', 'all')
15
+ const force = args.includes('--force')
16
+ const dryRun = args.includes('--dry-run')
17
+ const jsonOnly = args.includes('--json')
18
+
19
+ const portableReadOrder = [
20
+ 'Project instructions such as AGENTS.md, CLAUDE.md, README, or repository-specific rules.',
21
+ '.gse/README.md',
22
+ '.gse/project-profile.md',
23
+ '.gse/state.json',
24
+ '.gse/goal-map.md',
25
+ '.gse/quality-gates.md',
26
+ ]
27
+
28
+ function portablePointerContent({ title, hostName, extraNotes = [] }) {
29
+ const notes = extraNotes.length
30
+ ? '\n\nHost-specific notes:\n\n' + extraNotes.map((item) => '- ' + item).join('\n')
31
+ : ''
32
+ return `# ${title}
33
+
34
+ Source of truth: .gse/.
35
+
36
+ This file is a ${hostName} pointer for GSE. It does not prove native /gse slash-command support or verified runtime tools.
37
+
38
+ Read in order:
39
+
40
+ ${portableReadOrder.map((item, index) => `${index + 1}. ${item}`).join('\n')}
41
+
42
+ Route /gse ..., gse: ..., and "continue with GSE" requests through references/commands.md in the installed GSE skill.
43
+
44
+ Portable execution path:
45
+
46
+ \`\`\`text
47
+ node <gse-skill>/scripts/run-gse-command.mjs --target <project-root> --command "/gse help"
48
+ \`\`\`
49
+
50
+ Capability status vocabulary: verified, documented, unknown, unavailable.
51
+
52
+ Do not mark subagents, MCP, browser, LSP/index, hooks, workers, model routing, or native slash commands as verified unless this host/session produced current evidence.
53
+ ${notes}
54
+ `
55
+ }
56
+
57
+ const adapters = {
58
+ claude: {
59
+ nativeSlashCommand: true,
60
+ relativePath: path.join('.claude', 'commands', 'gse.md'),
61
+ content: `# /gse
62
+
63
+ Use GSE for this project.
64
+
65
+ Read in order:
66
+
67
+ 1. Project instructions such as AGENTS.md, CLAUDE.md, or repository-specific rules.
68
+ 2. .gse/README.md
69
+ 3. .gse/project-profile.md
70
+ 4. .gse/state.json
71
+ 5. .gse/goal-map.md
72
+ 6. .gse/quality-gates.md
73
+
74
+ Route the user's arguments through references/commands.md in the installed GSE skill.
75
+
76
+ Portable execution path:
77
+
78
+ \`\`\`text
79
+ node <gse-skill>/scripts/run-gse-command.mjs --target <project-root> --command "/gse help"
80
+ \`\`\`
81
+
82
+ Do not duplicate the goal map, evidence log, or quality gates in .claude/.
83
+ Do not mark tools, subagents, MCP, browser, LSP, hooks, or slash commands as verified unless this session checked them.
84
+
85
+ Expected command shapes:
86
+
87
+ - /gse help
88
+ - /gse init
89
+ - /gse adopt
90
+ - /gse continue
91
+ - /gse change
92
+ - /gse slice
93
+ - /gse verify
94
+ - /gse audit
95
+ - /gse close
96
+ `,
97
+ },
98
+ codex: {
99
+ nativeSlashCommand: false,
100
+ relativePath: path.join('.codex', 'gse-command.md'),
101
+ content: `# GSE Command Adapter For Codex
102
+
103
+ Source of truth: .gse/.
104
+
105
+ This file is a Codex-facing pointer, not proof of a native project-level /gse slash-command mechanism.
106
+
107
+ Use the installed GSE skill and references/commands.md when the user writes /gse ..., gse: ..., or asks to continue with GSE.
108
+
109
+ Portable execution path:
110
+
111
+ \`\`\`text
112
+ node <gse-skill>/scripts/run-gse-command.mjs --target <project-root> --command "/gse help"
113
+ \`\`\`
114
+
115
+ Read in order:
116
+
117
+ 1. AGENTS.md
118
+ 2. .gse/README.md
119
+ 3. .gse/project-profile.md
120
+ 4. .gse/state.json
121
+ 5. .gse/goal-map.md
122
+ 6. .gse/quality-gates.md
123
+
124
+ Capability status vocabulary: verified, documented, unknown, unavailable.
125
+ `,
126
+ },
127
+ hermes: {
128
+ nativeSlashCommand: false,
129
+ relativePath: path.join('.gse', 'host-adapters', 'hermes-runtime.md'),
130
+ content: portablePointerContent({
131
+ title: 'Hermes/AION Runtime GSE Adapter',
132
+ hostName: 'Hermes/AION-style runtime',
133
+ extraNotes: [
134
+ 'Keep user-facing product identity in the product docs; runtime names belong only to internal implementation notes.',
135
+ 'Treat workers, memory, tools, model routing, and browser loops as unknown until the target project records evidence.',
136
+ ],
137
+ }),
138
+ },
139
+ workbuddy: {
140
+ nativeSlashCommand: false,
141
+ relativePath: path.join('.gse', 'host-adapters', 'workbuddy.md'),
142
+ content: portablePointerContent({
143
+ title: 'WorkBuddy GSE Adapter',
144
+ hostName: 'WorkBuddy-style IDE agent',
145
+ extraNotes: [
146
+ 'Use the IDE or plugin command surface only after the project records how WorkBuddy discovers this file.',
147
+ 'Keep local tool, MCP, index, browser, and subagent claims unknown until checked in that workspace.',
148
+ ],
149
+ }),
150
+ },
151
+ copilot: {
152
+ nativeSlashCommand: false,
153
+ relativePath: path.join('.github', 'copilot-instructions.md'),
154
+ content: portablePointerContent({
155
+ title: 'GitHub Copilot GSE Adapter',
156
+ hostName: 'GitHub Copilot-style assistant',
157
+ extraNotes: [
158
+ 'Use this repository instruction file as a short pointer to the project-local GSE workspace.',
159
+ 'Keep issue, PR, CI, and repository settings claims unknown until the public repository records evidence.',
160
+ ],
161
+ }),
162
+ },
163
+ gemini: {
164
+ nativeSlashCommand: false,
165
+ relativePath: 'GEMINI.md',
166
+ content: portablePointerContent({
167
+ title: 'Gemini GSE Adapter',
168
+ hostName: 'Gemini-style assistant',
169
+ extraNotes: [
170
+ 'Use this file as a short pointer when the host reads repository-level Gemini instructions.',
171
+ 'Keep command, tool, MCP, browser, and subagent claims unknown until the current host records evidence.',
172
+ ],
173
+ }),
174
+ },
175
+ generic: {
176
+ nativeSlashCommand: false,
177
+ relativePath: path.join('.gse', 'host-adapters', 'generic-agent.md'),
178
+ content: portablePointerContent({
179
+ title: 'Generic Agent GSE Adapter',
180
+ hostName: 'generic or unknown agent host',
181
+ extraNotes: [
182
+ 'Use this adapter when a host has no known native command location yet.',
183
+ 'Replace this file with a host-specific adapter only after that host has a real folder, hook, command, skill, plugin, or MCP mechanism.',
184
+ ],
185
+ }),
186
+ },
187
+ }
188
+
189
+ function writeFile(relativePath, content) {
190
+ const fullPath = path.join(target, relativePath)
191
+ if (fs.existsSync(fullPath) && !force) return { status: 'skipped', fullPath }
192
+ if (!dryRun) {
193
+ fs.mkdirSync(path.dirname(fullPath), { recursive: true })
194
+ fs.writeFileSync(fullPath, content.trimStart().replace(/\n/g, '\r\n'), 'utf8')
195
+ }
196
+ return { status: dryRun ? 'would-write' : 'written', fullPath }
197
+ }
198
+
199
+ const hosts = hostArg === 'all' ? Object.keys(adapters) : hostArg.split(',').map((item) => item.trim()).filter(Boolean)
200
+ const invalid = hosts.filter((host) => !adapters[host])
201
+ if (invalid.length) {
202
+ console.error('Invalid --host value: ' + invalid.join(', ') + '. Expected claude, codex, hermes, workbuddy, copilot, gemini, generic, or all.')
203
+ process.exit(1)
204
+ }
205
+
206
+ const results = hosts.map((host) => {
207
+ const adapter = adapters[host]
208
+ const write = writeFile(adapter.relativePath, adapter.content)
209
+ return {
210
+ host,
211
+ nativeSlashCommand: adapter.nativeSlashCommand,
212
+ status: write.status,
213
+ path: write.fullPath,
214
+ relativePath: adapter.relativePath.replace(/\\/g, '/'),
215
+ }
216
+ })
217
+
218
+ const report = {
219
+ target,
220
+ dryRun,
221
+ force,
222
+ hosts,
223
+ results,
224
+ limits: [
225
+ 'Claude adapter emits a native project slash-command file under .claude/commands.',
226
+ 'Codex adapter is a skill/text-command pointer until a project-level native slash-command file mechanism is verified.',
227
+ 'Hermes, WorkBuddy, Copilot, Gemini, and generic adapters are portable pointers only; they do not prove host runtime invocation.',
228
+ ],
229
+ }
230
+
231
+ console.log(JSON.stringify(report, null, 2))