archctx 0.1.3 → 0.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/NOTICE.md +23 -0
- package/assets/README.md +15 -0
- package/assets/catalog.yaml +393 -0
- package/assets/practices/api.contract-before-implementation.yaml +70 -0
- package/assets/practices/compatibility.expiry-contract.yaml +71 -0
- package/assets/practices/compatibility.single-owner.yaml +78 -0
- package/assets/practices/data.single-authoritative-model.yaml +67 -0
- package/assets/practices/decision.record-significant-change.yaml +69 -0
- package/assets/practices/migration.target-and-removal-state.yaml +82 -0
- package/assets/practices/modularity.no-new-cycle.yaml +71 -0
- package/assets/practices/modularity.respect-dependency-direction.yaml +74 -0
- package/assets/practices/observability.boundary-telemetry.yaml +65 -0
- package/assets/practices/ownership.explicit-lifecycle-owner.yaml +74 -0
- package/assets/practices/s6-expanded.yaml +1278 -0
- package/assets/practices/security.least-privilege.yaml +70 -0
- package/assets/practices/supply-chain.pinned-dependencies.yaml +65 -0
- package/assets/profiles/s6.yaml +194 -0
- package/assets/sources/core.yaml +211 -0
- package/assets/sources/s6.yaml +122 -0
- package/bin/archctx.mjs +17591 -1752
- package/package.json +6 -2
- package/schemas/cloud/attestation-v2.schema.json +85 -0
- package/schemas/cloud/attestation.schema.json +49 -0
- package/schemas/cloud/check-delivery.schema.json +25 -0
- package/schemas/cloud/cloud-egress-envelope.schema.json +19 -0
- package/schemas/cloud/device-identity.schema.json +18 -0
- package/schemas/cloud/entitlement.schema.json +24 -0
- package/schemas/cloud/governance-key-status.schema.json +19 -0
- package/schemas/cloud/org-runner-identity.schema.json +21 -0
- package/schemas/cloud/review-challenge-v2.schema.json +23 -0
- package/schemas/cloud/runner-identity.schema.json +42 -0
- package/schemas/integrations/adapter-fidelity.schema.json +21 -0
- package/schemas/integrations/chatgpt-ga-tool.schema.json +25 -0
- package/schemas/integrations/likec4-mapping.schema.json +32 -0
- package/schemas/integrations/structurizr-mapping.schema.json +33 -0
- package/schemas/repo/architecture-intervention.schema.json +41 -0
- package/schemas/repo/architecture-node.schema.json +50 -0
- package/schemas/repo/architecture-relation.schema.json +26 -0
- package/schemas/repo/compatibility-contract.schema.json +49 -0
- package/schemas/repo/constraint.schema.json +56 -0
- package/schemas/repo/cross-repo-relation.schema.json +47 -0
- package/schemas/repo/landscape.schema.json +50 -0
- package/schemas/repo/practices/practice-policy.schema.json +72 -0
- package/schemas/repo/practices/practice-profile.schema.json +30 -0
- package/schemas/repo/practices/practice-source.schema.json +34 -0
- package/schemas/repo/practices/practice-waiver.schema.json +27 -0
- package/schemas/repo/practices/practice.schema.json +88 -0
- package/schemas/runtime/agent-job.schema.json +63 -0
- package/schemas/runtime/architecture-candidate-delta-policy.schema.json +129 -0
- package/schemas/runtime/architecture-candidate-delta.schema.json +386 -0
- package/schemas/runtime/architecture-event.schema.json +76 -0
- package/schemas/runtime/architecture-snapshot.schema.json +61 -0
- package/schemas/runtime/architecture-subject-selector.schema.json +31 -0
- package/schemas/runtime/changeset.schema.json +65 -0
- package/schemas/runtime/evidence-binding.schema.json +37 -0
- package/schemas/runtime/evidence-item.schema.json +58 -0
- package/schemas/runtime/explorer-projection.schema.json +92 -0
- package/schemas/runtime/explorer-service.schema.json +19 -0
- package/schemas/runtime/external-document-resource.schema.json +55 -0
- package/schemas/runtime/investigation-report.schema.json +119 -0
- package/schemas/runtime/notification-event.schema.json +18 -0
- package/schemas/runtime/notification-provider.schema.json +26 -0
- package/schemas/runtime/practice-catalog-manifest.schema.json +22 -0
- package/schemas/runtime/practice-check-result.schema.json +45 -0
- package/schemas/runtime/practice-checkpoint.schema.json +127 -0
- package/schemas/runtime/practice-guidance.schema.json +44 -0
- package/schemas/runtime/practice-match.schema.json +41 -0
- package/schemas/runtime/product-version-manifest.schema.json +115 -0
- package/schemas/runtime/projection-target.schema.json +52 -0
- package/schemas/runtime/recommendation-feedback.schema.json +53 -0
- package/schemas/runtime/recommendation-run.schema.json +62 -0
- package/schemas/runtime/recommendation.schema.json +26 -0
- package/schemas/runtime/retrieval-config.schema.json +44 -0
- package/schemas/runtime/retrieval-decision.schema.json +49 -0
- package/schemas/runtime/retrieval-eval.schema.json +29 -0
- package/schemas/runtime/review-result.schema.json +48 -0
- package/schemas/runtime/task-context.schema.json +53 -0
|
@@ -0,0 +1,1278 @@
|
|
|
1
|
+
[
|
|
2
|
+
{
|
|
3
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
4
|
+
"id": "api.schema-version-contract",
|
|
5
|
+
"revision": 1,
|
|
6
|
+
"status": "active",
|
|
7
|
+
"title": "Version public schemas before consumers depend on them",
|
|
8
|
+
"summary": "Public request, response, event, or configuration schemas should carry an explicit version before downstream code depends on the new shape.",
|
|
9
|
+
"category": "api",
|
|
10
|
+
"tags": ["api", "schema", "version"],
|
|
11
|
+
"appliesTo": {
|
|
12
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
13
|
+
"languages": [],
|
|
14
|
+
"frameworks": [],
|
|
15
|
+
"pathGlobs": ["src/**", "packages/**", "schemas/**", "openapi/**"],
|
|
16
|
+
"nodeKinds": ["public-api", "service", "module"],
|
|
17
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "**/*.md"]
|
|
18
|
+
},
|
|
19
|
+
"triggers": {
|
|
20
|
+
"candidateTerms": ["schema version", "api version", "contract version", "event version"],
|
|
21
|
+
"pressureSignals": ["schema-version-missing"],
|
|
22
|
+
"structuralPredicates": []
|
|
23
|
+
},
|
|
24
|
+
"evidencePolicy": {
|
|
25
|
+
"minimumStrengthForRecommendation": "declared",
|
|
26
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
27
|
+
"minimumStrengthForEnforcement": "observed",
|
|
28
|
+
"requiredKindsForEnforcement": ["diff", "test"],
|
|
29
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
30
|
+
},
|
|
31
|
+
"guidance": {
|
|
32
|
+
"questions": ["Which public shape changed?", "Where is the version recorded?"],
|
|
33
|
+
"preferred": ["Version the boundary before implementation code depends on it."],
|
|
34
|
+
"avoid": ["Treating implementation tests as the only contract."]
|
|
35
|
+
},
|
|
36
|
+
"checks": [{ "checkId": "compatibility-contract-required", "mode": "deterministic", "parameters": { "scope": "schema-version" } }],
|
|
37
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
38
|
+
"provenance": {
|
|
39
|
+
"sourceKind": "curated-reference",
|
|
40
|
+
"sourceRefs": [{ "sourceId": "structurizr.dsl" }, { "sourceId": "archcontext.adr.0012" }],
|
|
41
|
+
"curator": "archcontext-maintainers",
|
|
42
|
+
"reviewedAt": "2026-06-24"
|
|
43
|
+
},
|
|
44
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
45
|
+
},
|
|
46
|
+
{
|
|
47
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
48
|
+
"id": "api.backward-compatible-error-shape",
|
|
49
|
+
"revision": 1,
|
|
50
|
+
"status": "active",
|
|
51
|
+
"title": "Preserve public error shape compatibility",
|
|
52
|
+
"summary": "API error codes, envelopes, and machine-readable fields should remain compatible unless the contract declares a breaking version.",
|
|
53
|
+
"category": "api",
|
|
54
|
+
"tags": ["api", "compatibility", "errors"],
|
|
55
|
+
"appliesTo": {
|
|
56
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
57
|
+
"languages": [],
|
|
58
|
+
"frameworks": [],
|
|
59
|
+
"pathGlobs": ["src/**", "packages/**", "routes/**", "openapi/**"],
|
|
60
|
+
"nodeKinds": ["public-api", "service"],
|
|
61
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
62
|
+
},
|
|
63
|
+
"triggers": {
|
|
64
|
+
"candidateTerms": ["error shape", "error code", "api error", "problem details"],
|
|
65
|
+
"pressureSignals": ["error-contract-changed"],
|
|
66
|
+
"structuralPredicates": []
|
|
67
|
+
},
|
|
68
|
+
"evidencePolicy": {
|
|
69
|
+
"minimumStrengthForRecommendation": "declared",
|
|
70
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
71
|
+
"minimumStrengthForEnforcement": "observed",
|
|
72
|
+
"requiredKindsForEnforcement": ["diff", "test"],
|
|
73
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
74
|
+
},
|
|
75
|
+
"guidance": {
|
|
76
|
+
"questions": ["Which clients parse this error?", "Is the breaking version explicit?"],
|
|
77
|
+
"preferred": ["Add compatibility tests for public error envelopes."],
|
|
78
|
+
"avoid": ["Renaming machine-readable fields without a version boundary."]
|
|
79
|
+
},
|
|
80
|
+
"checks": [{ "checkId": "compatibility-contract-required", "mode": "deterministic", "parameters": { "scope": "error-shape" } }],
|
|
81
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
82
|
+
"provenance": {
|
|
83
|
+
"sourceKind": "curated-reference",
|
|
84
|
+
"sourceRefs": [{ "sourceId": "twelve-factor" }, { "sourceId": "archcontext.adr.0010" }],
|
|
85
|
+
"curator": "archcontext-maintainers",
|
|
86
|
+
"reviewedAt": "2026-06-24"
|
|
87
|
+
},
|
|
88
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
89
|
+
},
|
|
90
|
+
{
|
|
91
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
92
|
+
"id": "api.idempotency-contract",
|
|
93
|
+
"revision": 1,
|
|
94
|
+
"status": "active",
|
|
95
|
+
"title": "Declare idempotency for retried public operations",
|
|
96
|
+
"summary": "Public mutation endpoints and jobs that can be retried should declare the idempotency key, replay behavior, and duplicate side-effect policy.",
|
|
97
|
+
"category": "api",
|
|
98
|
+
"tags": ["api", "idempotency", "retries"],
|
|
99
|
+
"appliesTo": {
|
|
100
|
+
"repositoryKinds": ["application", "service"],
|
|
101
|
+
"languages": [],
|
|
102
|
+
"frameworks": [],
|
|
103
|
+
"pathGlobs": ["src/**", "packages/**", "routes/**", "workers/**"],
|
|
104
|
+
"nodeKinds": ["service", "job", "public-api"],
|
|
105
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
106
|
+
},
|
|
107
|
+
"triggers": {
|
|
108
|
+
"candidateTerms": ["idempotency", "retry", "replay", "dedupe"],
|
|
109
|
+
"pressureSignals": ["retryable-mutation"],
|
|
110
|
+
"structuralPredicates": []
|
|
111
|
+
},
|
|
112
|
+
"evidencePolicy": {
|
|
113
|
+
"minimumStrengthForRecommendation": "declared",
|
|
114
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
115
|
+
"minimumStrengthForEnforcement": "observed",
|
|
116
|
+
"requiredKindsForEnforcement": ["diff", "test"],
|
|
117
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
118
|
+
},
|
|
119
|
+
"guidance": {
|
|
120
|
+
"questions": ["What prevents duplicate side effects?", "How is replay observed?"],
|
|
121
|
+
"preferred": ["Document the idempotency key and test duplicate delivery."],
|
|
122
|
+
"avoid": ["Assuming clients will not retry."]
|
|
123
|
+
},
|
|
124
|
+
"checks": [{ "checkId": "required-test-evidence", "mode": "deterministic", "parameters": { "scope": "idempotency" } }],
|
|
125
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
126
|
+
"provenance": {
|
|
127
|
+
"sourceKind": "curated-reference",
|
|
128
|
+
"sourceRefs": [{ "sourceId": "twelve-factor" }, { "sourceId": "archcontext.adr.0036" }],
|
|
129
|
+
"curator": "archcontext-maintainers",
|
|
130
|
+
"reviewedAt": "2026-06-24"
|
|
131
|
+
},
|
|
132
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
133
|
+
},
|
|
134
|
+
{
|
|
135
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
136
|
+
"id": "compatibility.deprecation-window",
|
|
137
|
+
"revision": 1,
|
|
138
|
+
"status": "active",
|
|
139
|
+
"title": "Give deprecated compatibility paths a dated removal window",
|
|
140
|
+
"summary": "Compatibility code should declare a deprecation date, removal condition, and owner before the old path can be removed.",
|
|
141
|
+
"category": "compatibility",
|
|
142
|
+
"tags": ["compatibility", "deprecation", "removal"],
|
|
143
|
+
"appliesTo": {
|
|
144
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
145
|
+
"languages": [],
|
|
146
|
+
"frameworks": [],
|
|
147
|
+
"pathGlobs": ["src/**", "packages/**", "migrations/**"],
|
|
148
|
+
"nodeKinds": ["module", "service"],
|
|
149
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
150
|
+
},
|
|
151
|
+
"triggers": {
|
|
152
|
+
"candidateTerms": ["deprecated", "compatibility path", "removal window", "sunset"],
|
|
153
|
+
"pressureSignals": ["compatibility-removal"],
|
|
154
|
+
"structuralPredicates": []
|
|
155
|
+
},
|
|
156
|
+
"evidencePolicy": {
|
|
157
|
+
"minimumStrengthForRecommendation": "declared",
|
|
158
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
159
|
+
"minimumStrengthForEnforcement": "observed",
|
|
160
|
+
"requiredKindsForEnforcement": ["diff", "human-attestation"],
|
|
161
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
162
|
+
},
|
|
163
|
+
"guidance": {
|
|
164
|
+
"questions": ["Who owns removal?", "What date or signal ends the compatibility path?"],
|
|
165
|
+
"preferred": ["Attach deprecation metadata near the compatibility branch."],
|
|
166
|
+
"avoid": ["Leaving compatibility code without a removal owner."]
|
|
167
|
+
},
|
|
168
|
+
"checks": [{ "checkId": "migration-removal-condition", "mode": "deterministic", "parameters": { "scope": "compatibility-path" } }],
|
|
169
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
170
|
+
"provenance": {
|
|
171
|
+
"sourceKind": "archcontext-native",
|
|
172
|
+
"sourceRefs": [{ "sourceId": "archcontext.adr.0009" }, { "sourceId": "archcontext.adr.0010" }],
|
|
173
|
+
"curator": "archcontext-maintainers",
|
|
174
|
+
"reviewedAt": "2026-06-24"
|
|
175
|
+
},
|
|
176
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
177
|
+
},
|
|
178
|
+
{
|
|
179
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
180
|
+
"id": "compatibility.rollback-entrypoint",
|
|
181
|
+
"revision": 1,
|
|
182
|
+
"status": "active",
|
|
183
|
+
"title": "Keep a rollback entrypoint for compatibility changes",
|
|
184
|
+
"summary": "Compatibility-sensitive releases should identify the entrypoint that can restore the previous behavior without a broad refactor.",
|
|
185
|
+
"category": "compatibility",
|
|
186
|
+
"tags": ["compatibility", "rollback", "release"],
|
|
187
|
+
"appliesTo": {
|
|
188
|
+
"repositoryKinds": ["application", "service"],
|
|
189
|
+
"languages": [],
|
|
190
|
+
"frameworks": [],
|
|
191
|
+
"pathGlobs": ["src/**", "packages/**", "deploy/**", ".github/**"],
|
|
192
|
+
"nodeKinds": ["service", "module"],
|
|
193
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
194
|
+
},
|
|
195
|
+
"triggers": {
|
|
196
|
+
"candidateTerms": ["rollback", "restore previous behavior", "feature flag", "compatibility"],
|
|
197
|
+
"pressureSignals": ["compatibility-risk"],
|
|
198
|
+
"structuralPredicates": []
|
|
199
|
+
},
|
|
200
|
+
"evidencePolicy": {
|
|
201
|
+
"minimumStrengthForRecommendation": "declared",
|
|
202
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
203
|
+
"minimumStrengthForEnforcement": "observed",
|
|
204
|
+
"requiredKindsForEnforcement": ["diff", "runtime-check"],
|
|
205
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
206
|
+
},
|
|
207
|
+
"guidance": {
|
|
208
|
+
"questions": ["What command or flag restores the old behavior?", "Who can execute it?"],
|
|
209
|
+
"preferred": ["Keep rollback evidence close to the release change."],
|
|
210
|
+
"avoid": ["Using a revert as the only rollback plan."]
|
|
211
|
+
},
|
|
212
|
+
"checks": [{ "checkId": "observed-before-enforced", "mode": "deterministic", "parameters": { "scope": "rollback-entrypoint" } }],
|
|
213
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
214
|
+
"provenance": {
|
|
215
|
+
"sourceKind": "curated-reference",
|
|
216
|
+
"sourceRefs": [{ "sourceId": "twelve-factor" }, { "sourceId": "azure.architecture" }],
|
|
217
|
+
"curator": "archcontext-maintainers",
|
|
218
|
+
"reviewedAt": "2026-06-24"
|
|
219
|
+
},
|
|
220
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
221
|
+
},
|
|
222
|
+
{
|
|
223
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
224
|
+
"id": "data.schema-ownership-boundary",
|
|
225
|
+
"revision": 1,
|
|
226
|
+
"status": "active",
|
|
227
|
+
"title": "Assign one owner to shared data schemas",
|
|
228
|
+
"summary": "Shared tables, events, and data contracts should name the owner that can approve shape and semantic changes.",
|
|
229
|
+
"category": "data",
|
|
230
|
+
"tags": ["data", "schema", "ownership"],
|
|
231
|
+
"appliesTo": {
|
|
232
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
233
|
+
"languages": [],
|
|
234
|
+
"frameworks": [],
|
|
235
|
+
"pathGlobs": ["src/**", "packages/**", "schemas/**", "migrations/**"],
|
|
236
|
+
"nodeKinds": ["data-model", "module"],
|
|
237
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
238
|
+
},
|
|
239
|
+
"triggers": {
|
|
240
|
+
"candidateTerms": ["shared schema", "table owner", "data contract", "schema ownership"],
|
|
241
|
+
"pressureSignals": ["data-schema-shared"],
|
|
242
|
+
"structuralPredicates": []
|
|
243
|
+
},
|
|
244
|
+
"evidencePolicy": {
|
|
245
|
+
"minimumStrengthForRecommendation": "declared",
|
|
246
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
247
|
+
"minimumStrengthForEnforcement": "observed",
|
|
248
|
+
"requiredKindsForEnforcement": ["diff", "human-attestation"],
|
|
249
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
250
|
+
},
|
|
251
|
+
"guidance": {
|
|
252
|
+
"questions": ["Who owns the schema semantics?", "Where is approval recorded?"],
|
|
253
|
+
"preferred": ["Record the owning service or team with the schema."],
|
|
254
|
+
"avoid": ["Letting every consumer modify shared data shape."]
|
|
255
|
+
},
|
|
256
|
+
"checks": [{ "checkId": "single-authoritative-model", "mode": "deterministic", "parameters": { "scope": "shared-data-schema" } }],
|
|
257
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
258
|
+
"provenance": {
|
|
259
|
+
"sourceKind": "archcontext-native",
|
|
260
|
+
"sourceRefs": [{ "sourceId": "archcontext.adr.0008" }, { "sourceId": "backstage" }],
|
|
261
|
+
"curator": "archcontext-maintainers",
|
|
262
|
+
"reviewedAt": "2026-06-24"
|
|
263
|
+
},
|
|
264
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
265
|
+
},
|
|
266
|
+
{
|
|
267
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
268
|
+
"id": "data.migration-backfill-evidence",
|
|
269
|
+
"revision": 1,
|
|
270
|
+
"status": "active",
|
|
271
|
+
"title": "Backfills need reconciliation evidence",
|
|
272
|
+
"summary": "Data migrations that backfill or rewrite existing records should include deterministic reconciliation evidence before enforcement.",
|
|
273
|
+
"category": "data",
|
|
274
|
+
"tags": ["data", "migration", "backfill"],
|
|
275
|
+
"appliesTo": {
|
|
276
|
+
"repositoryKinds": ["application", "service"],
|
|
277
|
+
"languages": [],
|
|
278
|
+
"frameworks": [],
|
|
279
|
+
"pathGlobs": ["src/**", "packages/**", "migrations/**", "scripts/**"],
|
|
280
|
+
"nodeKinds": ["job", "data-model"],
|
|
281
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
282
|
+
},
|
|
283
|
+
"triggers": {
|
|
284
|
+
"candidateTerms": ["backfill", "reconcile", "migration evidence", "record count"],
|
|
285
|
+
"pressureSignals": ["data-backfill"],
|
|
286
|
+
"structuralPredicates": []
|
|
287
|
+
},
|
|
288
|
+
"evidencePolicy": {
|
|
289
|
+
"minimumStrengthForRecommendation": "declared",
|
|
290
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
291
|
+
"minimumStrengthForEnforcement": "observed",
|
|
292
|
+
"requiredKindsForEnforcement": ["runtime-check", "test"],
|
|
293
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
294
|
+
},
|
|
295
|
+
"guidance": {
|
|
296
|
+
"questions": ["What proves old and new records reconcile?", "What is the rollback for partial backfill?"],
|
|
297
|
+
"preferred": ["Capture counts or sampled checks as runtime evidence."],
|
|
298
|
+
"avoid": ["Trusting a successful job exit without data reconciliation."]
|
|
299
|
+
},
|
|
300
|
+
"checks": [{ "checkId": "required-test-evidence", "mode": "deterministic", "parameters": { "scope": "backfill-reconciliation" } }],
|
|
301
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
302
|
+
"provenance": {
|
|
303
|
+
"sourceKind": "archcontext-native",
|
|
304
|
+
"sourceRefs": [{ "sourceId": "archcontext.adr.0009" }, { "sourceId": "opentelemetry" }],
|
|
305
|
+
"curator": "archcontext-maintainers",
|
|
306
|
+
"reviewedAt": "2026-06-24"
|
|
307
|
+
},
|
|
308
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
309
|
+
},
|
|
310
|
+
{
|
|
311
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
312
|
+
"id": "data.event-version-lineage",
|
|
313
|
+
"revision": 1,
|
|
314
|
+
"status": "active",
|
|
315
|
+
"title": "Event data changes should preserve version lineage",
|
|
316
|
+
"summary": "Event payload changes should record the old and new versions, consumers affected, and compatibility expectations.",
|
|
317
|
+
"category": "data",
|
|
318
|
+
"tags": ["data", "events", "versioning"],
|
|
319
|
+
"appliesTo": {
|
|
320
|
+
"repositoryKinds": ["application", "service"],
|
|
321
|
+
"languages": [],
|
|
322
|
+
"frameworks": [],
|
|
323
|
+
"pathGlobs": ["src/**", "packages/**", "events/**", "schemas/**"],
|
|
324
|
+
"nodeKinds": ["public-api", "data-model"],
|
|
325
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
326
|
+
},
|
|
327
|
+
"triggers": {
|
|
328
|
+
"candidateTerms": ["event version", "payload version", "consumer lineage", "schema evolution"],
|
|
329
|
+
"pressureSignals": ["event-schema-changed"],
|
|
330
|
+
"structuralPredicates": []
|
|
331
|
+
},
|
|
332
|
+
"evidencePolicy": {
|
|
333
|
+
"minimumStrengthForRecommendation": "declared",
|
|
334
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
335
|
+
"minimumStrengthForEnforcement": "observed",
|
|
336
|
+
"requiredKindsForEnforcement": ["diff", "test"],
|
|
337
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
338
|
+
},
|
|
339
|
+
"guidance": {
|
|
340
|
+
"questions": ["Which consumers read this event?", "What is the old-to-new lineage?"],
|
|
341
|
+
"preferred": ["Record the version lineage in the schema or catalog."],
|
|
342
|
+
"avoid": ["Changing event semantics without consumer-visible metadata."]
|
|
343
|
+
},
|
|
344
|
+
"checks": [{ "checkId": "compatibility-contract-required", "mode": "deterministic", "parameters": { "scope": "event-lineage" } }],
|
|
345
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
346
|
+
"provenance": {
|
|
347
|
+
"sourceKind": "curated-reference",
|
|
348
|
+
"sourceRefs": [{ "sourceId": "kubernetes.docs" }, { "sourceId": "archcontext.adr.0010" }],
|
|
349
|
+
"curator": "archcontext-maintainers",
|
|
350
|
+
"reviewedAt": "2026-06-24"
|
|
351
|
+
},
|
|
352
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
353
|
+
},
|
|
354
|
+
{
|
|
355
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
356
|
+
"id": "decision.tradeoff-options-recorded",
|
|
357
|
+
"revision": 1,
|
|
358
|
+
"status": "active",
|
|
359
|
+
"title": "Record alternatives for significant architectural decisions",
|
|
360
|
+
"summary": "Architecture changes should capture rejected alternatives and the tradeoff that made the selected option acceptable.",
|
|
361
|
+
"category": "decisions",
|
|
362
|
+
"tags": ["decision", "adr", "tradeoff"],
|
|
363
|
+
"appliesTo": {
|
|
364
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
365
|
+
"languages": [],
|
|
366
|
+
"frameworks": [],
|
|
367
|
+
"pathGlobs": ["docs/**", "adr/**", "plans/**", "src/**", "packages/**"],
|
|
368
|
+
"nodeKinds": ["module", "service"],
|
|
369
|
+
"negativePathGlobs": ["test/**", "tests/**", "fixtures/**"]
|
|
370
|
+
},
|
|
371
|
+
"triggers": {
|
|
372
|
+
"candidateTerms": ["tradeoff", "alternative", "ADR", "decision"],
|
|
373
|
+
"pressureSignals": ["architecture-decision"],
|
|
374
|
+
"structuralPredicates": []
|
|
375
|
+
},
|
|
376
|
+
"evidencePolicy": {
|
|
377
|
+
"minimumStrengthForRecommendation": "declared",
|
|
378
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
379
|
+
"minimumStrengthForEnforcement": "observed",
|
|
380
|
+
"requiredKindsForEnforcement": ["human-attestation", "diff"],
|
|
381
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
382
|
+
},
|
|
383
|
+
"guidance": {
|
|
384
|
+
"questions": ["What alternatives were considered?", "What constraint selected this option?"],
|
|
385
|
+
"preferred": ["Keep rejected alternatives with the decision record."],
|
|
386
|
+
"avoid": ["Recording only the chosen design."]
|
|
387
|
+
},
|
|
388
|
+
"checks": [{ "checkId": "context-stale-completion", "mode": "deterministic", "parameters": { "scope": "decision-record" } }],
|
|
389
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
390
|
+
"provenance": {
|
|
391
|
+
"sourceKind": "curated-reference",
|
|
392
|
+
"sourceRefs": [{ "sourceId": "madr" }, { "sourceId": "archcontext.adr.0012" }],
|
|
393
|
+
"curator": "archcontext-maintainers",
|
|
394
|
+
"reviewedAt": "2026-06-24"
|
|
395
|
+
},
|
|
396
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
397
|
+
},
|
|
398
|
+
{
|
|
399
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
400
|
+
"id": "decision.decision-review-date",
|
|
401
|
+
"revision": 1,
|
|
402
|
+
"status": "active",
|
|
403
|
+
"title": "Time-bound decisions need a review date",
|
|
404
|
+
"summary": "Decisions made under uncertainty should include the date, owner, or signal that reopens the decision.",
|
|
405
|
+
"category": "decisions",
|
|
406
|
+
"tags": ["decision", "review", "lifecycle"],
|
|
407
|
+
"appliesTo": {
|
|
408
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
409
|
+
"languages": [],
|
|
410
|
+
"frameworks": [],
|
|
411
|
+
"pathGlobs": ["docs/**", "adr/**", "plans/**", "src/**", "packages/**"],
|
|
412
|
+
"nodeKinds": ["module", "service"],
|
|
413
|
+
"negativePathGlobs": ["test/**", "tests/**", "fixtures/**"]
|
|
414
|
+
},
|
|
415
|
+
"triggers": {
|
|
416
|
+
"candidateTerms": ["review date", "revisit", "decision expiry", "temporary decision"],
|
|
417
|
+
"pressureSignals": ["time-bound-decision"],
|
|
418
|
+
"structuralPredicates": []
|
|
419
|
+
},
|
|
420
|
+
"evidencePolicy": {
|
|
421
|
+
"minimumStrengthForRecommendation": "declared",
|
|
422
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
423
|
+
"minimumStrengthForEnforcement": "observed",
|
|
424
|
+
"requiredKindsForEnforcement": ["human-attestation", "diff"],
|
|
425
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
426
|
+
},
|
|
427
|
+
"guidance": {
|
|
428
|
+
"questions": ["What condition invalidates this decision?", "Who owns the review?"],
|
|
429
|
+
"preferred": ["Attach reviewAfter or an equivalent decision review signal."],
|
|
430
|
+
"avoid": ["Leaving temporary decisions with permanent force."]
|
|
431
|
+
},
|
|
432
|
+
"checks": [{ "checkId": "migration-review-date", "mode": "deterministic", "parameters": { "scope": "decision-lifecycle" } }],
|
|
433
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
434
|
+
"provenance": {
|
|
435
|
+
"sourceKind": "curated-reference",
|
|
436
|
+
"sourceRefs": [{ "sourceId": "madr" }, { "sourceId": "archcontext.adr.0009" }],
|
|
437
|
+
"curator": "archcontext-maintainers",
|
|
438
|
+
"reviewedAt": "2026-06-24"
|
|
439
|
+
},
|
|
440
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
441
|
+
},
|
|
442
|
+
{
|
|
443
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
444
|
+
"id": "decision.supersession-link",
|
|
445
|
+
"revision": 1,
|
|
446
|
+
"status": "active",
|
|
447
|
+
"title": "Superseded decisions should link to their replacement",
|
|
448
|
+
"summary": "When a decision is replaced, the old record should identify the new record so readers do not follow stale architecture guidance.",
|
|
449
|
+
"category": "decisions",
|
|
450
|
+
"tags": ["decision", "supersession", "adr"],
|
|
451
|
+
"appliesTo": {
|
|
452
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
453
|
+
"languages": [],
|
|
454
|
+
"frameworks": [],
|
|
455
|
+
"pathGlobs": ["docs/**", "adr/**", "plans/**", "src/**", "packages/**"],
|
|
456
|
+
"nodeKinds": ["module", "service"],
|
|
457
|
+
"negativePathGlobs": ["test/**", "tests/**", "fixtures/**"]
|
|
458
|
+
},
|
|
459
|
+
"triggers": {
|
|
460
|
+
"candidateTerms": ["superseded", "replaced by", "decision lineage", "ADR supersedes"],
|
|
461
|
+
"pressureSignals": ["decision-superseded"],
|
|
462
|
+
"structuralPredicates": []
|
|
463
|
+
},
|
|
464
|
+
"evidencePolicy": {
|
|
465
|
+
"minimumStrengthForRecommendation": "declared",
|
|
466
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
467
|
+
"minimumStrengthForEnforcement": "observed",
|
|
468
|
+
"requiredKindsForEnforcement": ["diff", "human-attestation"],
|
|
469
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
470
|
+
},
|
|
471
|
+
"guidance": {
|
|
472
|
+
"questions": ["Which decision replaces this one?", "Is stale guidance clearly marked?"],
|
|
473
|
+
"preferred": ["Keep the supersession link in both old and new records."],
|
|
474
|
+
"avoid": ["Deleting the old decision history."]
|
|
475
|
+
},
|
|
476
|
+
"checks": [{ "checkId": "context-stale-completion", "mode": "deterministic", "parameters": { "scope": "decision-supersession" } }],
|
|
477
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
478
|
+
"provenance": {
|
|
479
|
+
"sourceKind": "curated-reference",
|
|
480
|
+
"sourceRefs": [{ "sourceId": "madr" }, { "sourceId": "archcontext.adr.0012" }],
|
|
481
|
+
"curator": "archcontext-maintainers",
|
|
482
|
+
"reviewedAt": "2026-06-24"
|
|
483
|
+
},
|
|
484
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
485
|
+
},
|
|
486
|
+
{
|
|
487
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
488
|
+
"id": "migration.parallel-run-observability",
|
|
489
|
+
"revision": 1,
|
|
490
|
+
"status": "active",
|
|
491
|
+
"title": "Parallel migrations need observable old and new paths",
|
|
492
|
+
"summary": "A migration that runs old and new behavior in parallel should emit comparable telemetry for both paths before cutover.",
|
|
493
|
+
"category": "migration",
|
|
494
|
+
"tags": ["migration", "observability", "parallel-run"],
|
|
495
|
+
"appliesTo": {
|
|
496
|
+
"repositoryKinds": ["application", "service"],
|
|
497
|
+
"languages": [],
|
|
498
|
+
"frameworks": [],
|
|
499
|
+
"pathGlobs": ["src/**", "packages/**", "migrations/**", "workers/**"],
|
|
500
|
+
"nodeKinds": ["service", "job", "module"],
|
|
501
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
502
|
+
},
|
|
503
|
+
"triggers": {
|
|
504
|
+
"candidateTerms": ["parallel run", "dual write", "cutover", "shadow"],
|
|
505
|
+
"pressureSignals": ["migration-parallel-run"],
|
|
506
|
+
"structuralPredicates": []
|
|
507
|
+
},
|
|
508
|
+
"evidencePolicy": {
|
|
509
|
+
"minimumStrengthForRecommendation": "declared",
|
|
510
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
511
|
+
"minimumStrengthForEnforcement": "observed",
|
|
512
|
+
"requiredKindsForEnforcement": ["runtime-check", "diff"],
|
|
513
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
514
|
+
},
|
|
515
|
+
"guidance": {
|
|
516
|
+
"questions": ["Can old and new path behavior be compared?", "What stops the cutover?"],
|
|
517
|
+
"preferred": ["Emit paired metrics during the overlap window."],
|
|
518
|
+
"avoid": ["Cutting over without comparable telemetry."]
|
|
519
|
+
},
|
|
520
|
+
"checks": [{ "checkId": "boundary-telemetry-required", "mode": "deterministic", "parameters": { "scope": "parallel-migration" } }],
|
|
521
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
522
|
+
"provenance": {
|
|
523
|
+
"sourceKind": "archcontext-native",
|
|
524
|
+
"sourceRefs": [{ "sourceId": "archcontext.adr.0009" }, { "sourceId": "opentelemetry" }],
|
|
525
|
+
"curator": "archcontext-maintainers",
|
|
526
|
+
"reviewedAt": "2026-06-24"
|
|
527
|
+
},
|
|
528
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
529
|
+
},
|
|
530
|
+
{
|
|
531
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
532
|
+
"id": "migration.backfill-reconciliation",
|
|
533
|
+
"revision": 1,
|
|
534
|
+
"status": "active",
|
|
535
|
+
"title": "Migration backfills need explicit reconciliation",
|
|
536
|
+
"summary": "Backfill migrations should record the reconciliation check that proves target state matches source intent.",
|
|
537
|
+
"category": "migration",
|
|
538
|
+
"tags": ["migration", "backfill", "reconciliation"],
|
|
539
|
+
"appliesTo": {
|
|
540
|
+
"repositoryKinds": ["application", "service"],
|
|
541
|
+
"languages": [],
|
|
542
|
+
"frameworks": [],
|
|
543
|
+
"pathGlobs": ["src/**", "packages/**", "migrations/**", "scripts/**"],
|
|
544
|
+
"nodeKinds": ["job", "data-model"],
|
|
545
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
546
|
+
},
|
|
547
|
+
"triggers": {
|
|
548
|
+
"candidateTerms": ["backfill reconciliation", "migration count", "target state", "source state"],
|
|
549
|
+
"pressureSignals": ["migration-backfill"],
|
|
550
|
+
"structuralPredicates": []
|
|
551
|
+
},
|
|
552
|
+
"evidencePolicy": {
|
|
553
|
+
"minimumStrengthForRecommendation": "declared",
|
|
554
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
555
|
+
"minimumStrengthForEnforcement": "observed",
|
|
556
|
+
"requiredKindsForEnforcement": ["runtime-check", "test"],
|
|
557
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
558
|
+
},
|
|
559
|
+
"guidance": {
|
|
560
|
+
"questions": ["What proves the target state is complete?", "How are mismatches handled?"],
|
|
561
|
+
"preferred": ["Capture reconciliation output as evidence."],
|
|
562
|
+
"avoid": ["Treating migration execution as proof of correctness."]
|
|
563
|
+
},
|
|
564
|
+
"checks": [{ "checkId": "migration-removal-condition", "mode": "deterministic", "parameters": { "scope": "backfill-reconciliation" } }],
|
|
565
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
566
|
+
"provenance": {
|
|
567
|
+
"sourceKind": "archcontext-native",
|
|
568
|
+
"sourceRefs": [{ "sourceId": "archcontext.adr.0009" }, { "sourceId": "archcontext.spec" }],
|
|
569
|
+
"curator": "archcontext-maintainers",
|
|
570
|
+
"reviewedAt": "2026-06-24"
|
|
571
|
+
},
|
|
572
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
573
|
+
},
|
|
574
|
+
{
|
|
575
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
576
|
+
"id": "migration.rollback-plan",
|
|
577
|
+
"revision": 1,
|
|
578
|
+
"status": "active",
|
|
579
|
+
"title": "Stateful migrations need a rollback or containment plan",
|
|
580
|
+
"summary": "Stateful migration slices should record whether rollback is possible and, if not, how forward repair is contained.",
|
|
581
|
+
"category": "migration",
|
|
582
|
+
"tags": ["migration", "rollback", "state"],
|
|
583
|
+
"appliesTo": {
|
|
584
|
+
"repositoryKinds": ["application", "service"],
|
|
585
|
+
"languages": [],
|
|
586
|
+
"frameworks": [],
|
|
587
|
+
"pathGlobs": ["src/**", "packages/**", "migrations/**", "deploy/**"],
|
|
588
|
+
"nodeKinds": ["job", "service", "data-model"],
|
|
589
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
590
|
+
},
|
|
591
|
+
"triggers": {
|
|
592
|
+
"candidateTerms": ["rollback plan", "forward repair", "stateful migration", "irreversible"],
|
|
593
|
+
"pressureSignals": ["stateful-migration"],
|
|
594
|
+
"structuralPredicates": []
|
|
595
|
+
},
|
|
596
|
+
"evidencePolicy": {
|
|
597
|
+
"minimumStrengthForRecommendation": "declared",
|
|
598
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
599
|
+
"minimumStrengthForEnforcement": "observed",
|
|
600
|
+
"requiredKindsForEnforcement": ["human-attestation", "runtime-check"],
|
|
601
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
602
|
+
},
|
|
603
|
+
"guidance": {
|
|
604
|
+
"questions": ["Is rollback possible after writes?", "What contains forward repair risk?"],
|
|
605
|
+
"preferred": ["Document rollback or containment before cutover."],
|
|
606
|
+
"avoid": ["Relying on database backups as the only plan."]
|
|
607
|
+
},
|
|
608
|
+
"checks": [{ "checkId": "observed-before-enforced", "mode": "deterministic", "parameters": { "scope": "stateful-migration" } }],
|
|
609
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
610
|
+
"provenance": {
|
|
611
|
+
"sourceKind": "archcontext-native",
|
|
612
|
+
"sourceRefs": [{ "sourceId": "archcontext.adr.0009" }, { "sourceId": "azure.architecture" }],
|
|
613
|
+
"curator": "archcontext-maintainers",
|
|
614
|
+
"reviewedAt": "2026-06-24"
|
|
615
|
+
},
|
|
616
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
617
|
+
},
|
|
618
|
+
{
|
|
619
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
620
|
+
"id": "modularity.layer-contract-declared",
|
|
621
|
+
"revision": 1,
|
|
622
|
+
"status": "active",
|
|
623
|
+
"title": "Declare layer contracts before enforcing dependency direction",
|
|
624
|
+
"summary": "Layering rules should point to the module contract they protect, not only to forbidden import edges.",
|
|
625
|
+
"category": "modularity",
|
|
626
|
+
"tags": ["modularity", "layers", "contracts"],
|
|
627
|
+
"appliesTo": {
|
|
628
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
629
|
+
"languages": [],
|
|
630
|
+
"frameworks": [],
|
|
631
|
+
"pathGlobs": ["src/**", "packages/**", "apps/**", "services/**"],
|
|
632
|
+
"nodeKinds": ["module", "package"],
|
|
633
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
634
|
+
},
|
|
635
|
+
"triggers": {
|
|
636
|
+
"candidateTerms": ["layer contract", "dependency direction", "module boundary", "architecture rule"],
|
|
637
|
+
"pressureSignals": ["layer-rule-added"],
|
|
638
|
+
"structuralPredicates": []
|
|
639
|
+
},
|
|
640
|
+
"evidencePolicy": {
|
|
641
|
+
"minimumStrengthForRecommendation": "declared",
|
|
642
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
643
|
+
"minimumStrengthForEnforcement": "observed",
|
|
644
|
+
"requiredKindsForEnforcement": ["diff", "architecture-model"],
|
|
645
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
646
|
+
},
|
|
647
|
+
"guidance": {
|
|
648
|
+
"questions": ["Which contract does this layer protect?", "Where is allowed direction declared?"],
|
|
649
|
+
"preferred": ["Tie dependency checks to named layer contracts."],
|
|
650
|
+
"avoid": ["Adding import bans without explaining the protected boundary."]
|
|
651
|
+
},
|
|
652
|
+
"checks": [{ "checkId": "dependency-direction", "mode": "deterministic", "parameters": { "scope": "layer-contract" } }],
|
|
653
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
654
|
+
"provenance": {
|
|
655
|
+
"sourceKind": "curated-reference",
|
|
656
|
+
"sourceRefs": [{ "sourceId": "archunit" }, { "sourceId": "structurizr.dsl" }],
|
|
657
|
+
"curator": "archcontext-maintainers",
|
|
658
|
+
"reviewedAt": "2026-06-24"
|
|
659
|
+
},
|
|
660
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
661
|
+
},
|
|
662
|
+
{
|
|
663
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
664
|
+
"id": "modularity.no-shared-internal-imports",
|
|
665
|
+
"revision": 1,
|
|
666
|
+
"status": "active",
|
|
667
|
+
"title": "Shared internals should not become cross-boundary imports",
|
|
668
|
+
"summary": "Internal modules should stay private to their owning boundary unless promoted to a public contract.",
|
|
669
|
+
"category": "modularity",
|
|
670
|
+
"tags": ["modularity", "internal", "imports"],
|
|
671
|
+
"appliesTo": {
|
|
672
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
673
|
+
"languages": [],
|
|
674
|
+
"frameworks": [],
|
|
675
|
+
"pathGlobs": ["src/**", "packages/**", "apps/**", "services/**"],
|
|
676
|
+
"nodeKinds": ["module", "package"],
|
|
677
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
678
|
+
},
|
|
679
|
+
"triggers": {
|
|
680
|
+
"candidateTerms": ["internal import", "shared internals", "private module", "boundary import"],
|
|
681
|
+
"pressureSignals": ["internal-import-cross-boundary"],
|
|
682
|
+
"structuralPredicates": []
|
|
683
|
+
},
|
|
684
|
+
"evidencePolicy": {
|
|
685
|
+
"minimumStrengthForRecommendation": "declared",
|
|
686
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
687
|
+
"minimumStrengthForEnforcement": "observed",
|
|
688
|
+
"requiredKindsForEnforcement": ["import-edge", "diff"],
|
|
689
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
690
|
+
},
|
|
691
|
+
"guidance": {
|
|
692
|
+
"questions": ["Is this import part of a public contract?", "Which package owns the internal module?"],
|
|
693
|
+
"preferred": ["Promote shared behavior through an explicit public boundary."],
|
|
694
|
+
"avoid": ["Depending on another module's internal path."]
|
|
695
|
+
},
|
|
696
|
+
"checks": [{ "checkId": "dependency-direction", "mode": "deterministic", "parameters": { "scope": "internal-import" } }],
|
|
697
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
698
|
+
"provenance": {
|
|
699
|
+
"sourceKind": "curated-reference",
|
|
700
|
+
"sourceRefs": [{ "sourceId": "archunit" }, { "sourceId": "archcontext.adr.0012" }],
|
|
701
|
+
"curator": "archcontext-maintainers",
|
|
702
|
+
"reviewedAt": "2026-06-24"
|
|
703
|
+
},
|
|
704
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
705
|
+
},
|
|
706
|
+
{
|
|
707
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
708
|
+
"id": "observability.error-budget-signal",
|
|
709
|
+
"revision": 1,
|
|
710
|
+
"status": "active",
|
|
711
|
+
"title": "Operational changes should expose an error-budget signal",
|
|
712
|
+
"summary": "Changes that affect runtime reliability should identify the metric or signal that shows whether the error budget is being consumed.",
|
|
713
|
+
"category": "observability",
|
|
714
|
+
"tags": ["observability", "slo", "error-budget"],
|
|
715
|
+
"appliesTo": {
|
|
716
|
+
"repositoryKinds": ["application", "service"],
|
|
717
|
+
"languages": [],
|
|
718
|
+
"frameworks": [],
|
|
719
|
+
"pathGlobs": ["src/**", "packages/**", "services/**", "deploy/**"],
|
|
720
|
+
"nodeKinds": ["service", "job"],
|
|
721
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
722
|
+
},
|
|
723
|
+
"triggers": {
|
|
724
|
+
"candidateTerms": ["error budget", "SLO", "latency objective", "availability"],
|
|
725
|
+
"pressureSignals": ["runtime-reliability-risk"],
|
|
726
|
+
"structuralPredicates": []
|
|
727
|
+
},
|
|
728
|
+
"evidencePolicy": {
|
|
729
|
+
"minimumStrengthForRecommendation": "declared",
|
|
730
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
731
|
+
"minimumStrengthForEnforcement": "observed",
|
|
732
|
+
"requiredKindsForEnforcement": ["runtime-check", "diff"],
|
|
733
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
734
|
+
},
|
|
735
|
+
"guidance": {
|
|
736
|
+
"questions": ["Which signal shows budget burn?", "Where is it observed after deploy?"],
|
|
737
|
+
"preferred": ["Bind release readiness to a named reliability signal."],
|
|
738
|
+
"avoid": ["Shipping reliability-affecting changes without an observable guardrail."]
|
|
739
|
+
},
|
|
740
|
+
"checks": [{ "checkId": "boundary-telemetry-required", "mode": "deterministic", "parameters": { "scope": "error-budget" } }],
|
|
741
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
742
|
+
"provenance": {
|
|
743
|
+
"sourceKind": "curated-reference",
|
|
744
|
+
"sourceRefs": [{ "sourceId": "opentelemetry" }, { "sourceId": "azure.architecture" }],
|
|
745
|
+
"curator": "archcontext-maintainers",
|
|
746
|
+
"reviewedAt": "2026-06-24"
|
|
747
|
+
},
|
|
748
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
749
|
+
},
|
|
750
|
+
{
|
|
751
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
752
|
+
"id": "observability.release-health-probe",
|
|
753
|
+
"revision": 1,
|
|
754
|
+
"status": "active",
|
|
755
|
+
"title": "Release health probes should cover the changed boundary",
|
|
756
|
+
"summary": "Release readiness checks should probe the user-visible or integration boundary affected by the change.",
|
|
757
|
+
"category": "observability",
|
|
758
|
+
"tags": ["observability", "release", "health"],
|
|
759
|
+
"appliesTo": {
|
|
760
|
+
"repositoryKinds": ["application", "service"],
|
|
761
|
+
"languages": [],
|
|
762
|
+
"frameworks": [],
|
|
763
|
+
"pathGlobs": ["src/**", "packages/**", "deploy/**", ".github/**"],
|
|
764
|
+
"nodeKinds": ["service", "public-api"],
|
|
765
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
766
|
+
},
|
|
767
|
+
"triggers": {
|
|
768
|
+
"candidateTerms": ["health probe", "release check", "synthetic check", "readiness"],
|
|
769
|
+
"pressureSignals": ["release-health-risk"],
|
|
770
|
+
"structuralPredicates": []
|
|
771
|
+
},
|
|
772
|
+
"evidencePolicy": {
|
|
773
|
+
"minimumStrengthForRecommendation": "declared",
|
|
774
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
775
|
+
"minimumStrengthForEnforcement": "observed",
|
|
776
|
+
"requiredKindsForEnforcement": ["runtime-check", "test"],
|
|
777
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
778
|
+
},
|
|
779
|
+
"guidance": {
|
|
780
|
+
"questions": ["What boundary does the probe exercise?", "How is failure surfaced?"],
|
|
781
|
+
"preferred": ["Keep release health checks aligned with changed behavior."],
|
|
782
|
+
"avoid": ["Using a generic liveness check as feature readiness evidence."]
|
|
783
|
+
},
|
|
784
|
+
"checks": [{ "checkId": "observed-before-enforced", "mode": "deterministic", "parameters": { "scope": "release-health" } }],
|
|
785
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
786
|
+
"provenance": {
|
|
787
|
+
"sourceKind": "curated-reference",
|
|
788
|
+
"sourceRefs": [{ "sourceId": "kubernetes.docs" }, { "sourceId": "opentelemetry" }],
|
|
789
|
+
"curator": "archcontext-maintainers",
|
|
790
|
+
"reviewedAt": "2026-06-24"
|
|
791
|
+
},
|
|
792
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
793
|
+
},
|
|
794
|
+
{
|
|
795
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
796
|
+
"id": "observability.queue-boundary-metrics",
|
|
797
|
+
"revision": 1,
|
|
798
|
+
"status": "active",
|
|
799
|
+
"title": "Queue boundaries need lag and failure metrics",
|
|
800
|
+
"summary": "Async boundaries should expose queue lag, retry, and dead-letter signals before they become release gates.",
|
|
801
|
+
"category": "observability",
|
|
802
|
+
"tags": ["observability", "queue", "async"],
|
|
803
|
+
"appliesTo": {
|
|
804
|
+
"repositoryKinds": ["application", "service"],
|
|
805
|
+
"languages": [],
|
|
806
|
+
"frameworks": [],
|
|
807
|
+
"pathGlobs": ["src/**", "packages/**", "workers/**", "services/**"],
|
|
808
|
+
"nodeKinds": ["job", "service"],
|
|
809
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
810
|
+
},
|
|
811
|
+
"triggers": {
|
|
812
|
+
"candidateTerms": ["queue lag", "dead letter", "retry metric", "async boundary"],
|
|
813
|
+
"pressureSignals": ["async-boundary-added"],
|
|
814
|
+
"structuralPredicates": []
|
|
815
|
+
},
|
|
816
|
+
"evidencePolicy": {
|
|
817
|
+
"minimumStrengthForRecommendation": "declared",
|
|
818
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
819
|
+
"minimumStrengthForEnforcement": "observed",
|
|
820
|
+
"requiredKindsForEnforcement": ["runtime-check", "diff"],
|
|
821
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
822
|
+
},
|
|
823
|
+
"guidance": {
|
|
824
|
+
"questions": ["What shows backlog growth?", "How are poison messages surfaced?"],
|
|
825
|
+
"preferred": ["Emit queue lag, retry, and failure metrics at the boundary."],
|
|
826
|
+
"avoid": ["Observing only the producer or only the consumer."]
|
|
827
|
+
},
|
|
828
|
+
"checks": [{ "checkId": "boundary-telemetry-required", "mode": "deterministic", "parameters": { "scope": "queue-boundary" } }],
|
|
829
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
830
|
+
"provenance": {
|
|
831
|
+
"sourceKind": "curated-reference",
|
|
832
|
+
"sourceRefs": [{ "sourceId": "opentelemetry" }, { "sourceId": "cncf.app-delivery" }],
|
|
833
|
+
"curator": "archcontext-maintainers",
|
|
834
|
+
"reviewedAt": "2026-06-24"
|
|
835
|
+
},
|
|
836
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
837
|
+
},
|
|
838
|
+
{
|
|
839
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
840
|
+
"id": "ownership.escalation-contact",
|
|
841
|
+
"revision": 1,
|
|
842
|
+
"status": "active",
|
|
843
|
+
"title": "Runtime ownership needs an escalation contact",
|
|
844
|
+
"summary": "Operationally relevant services and jobs should identify the escalation path for incident or release-blocking decisions.",
|
|
845
|
+
"category": "ownership",
|
|
846
|
+
"tags": ["ownership", "operations", "escalation"],
|
|
847
|
+
"appliesTo": {
|
|
848
|
+
"repositoryKinds": ["application", "service"],
|
|
849
|
+
"languages": [],
|
|
850
|
+
"frameworks": [],
|
|
851
|
+
"pathGlobs": ["src/**", "packages/**", "services/**", "deploy/**"],
|
|
852
|
+
"nodeKinds": ["service", "job"],
|
|
853
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
854
|
+
},
|
|
855
|
+
"triggers": {
|
|
856
|
+
"candidateTerms": ["escalation", "oncall", "operational owner", "incident contact"],
|
|
857
|
+
"pressureSignals": ["runtime-owner-needed"],
|
|
858
|
+
"structuralPredicates": []
|
|
859
|
+
},
|
|
860
|
+
"evidencePolicy": {
|
|
861
|
+
"minimumStrengthForRecommendation": "declared",
|
|
862
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
863
|
+
"minimumStrengthForEnforcement": "observed",
|
|
864
|
+
"requiredKindsForEnforcement": ["human-attestation", "diff"],
|
|
865
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
866
|
+
},
|
|
867
|
+
"guidance": {
|
|
868
|
+
"questions": ["Who answers incident questions?", "Where is escalation recorded?"],
|
|
869
|
+
"preferred": ["Store escalation contact in the service catalog or owner metadata."],
|
|
870
|
+
"avoid": ["Depending on tribal knowledge for runtime ownership."]
|
|
871
|
+
},
|
|
872
|
+
"checks": [{ "checkId": "owner-required", "mode": "deterministic", "parameters": { "scope": "runtime-escalation" } }],
|
|
873
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
874
|
+
"provenance": {
|
|
875
|
+
"sourceKind": "curated-reference",
|
|
876
|
+
"sourceRefs": [{ "sourceId": "backstage" }, { "sourceId": "cncf.app-delivery" }],
|
|
877
|
+
"curator": "archcontext-maintainers",
|
|
878
|
+
"reviewedAt": "2026-06-24"
|
|
879
|
+
},
|
|
880
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
881
|
+
},
|
|
882
|
+
{
|
|
883
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
884
|
+
"id": "ownership.service-catalog-entry",
|
|
885
|
+
"revision": 1,
|
|
886
|
+
"status": "active",
|
|
887
|
+
"title": "Deployable components should have a service catalog entry",
|
|
888
|
+
"summary": "A deployable component should have catalog metadata for owner, lifecycle, and runtime classification before governance relies on it.",
|
|
889
|
+
"category": "ownership",
|
|
890
|
+
"tags": ["ownership", "catalog", "service"],
|
|
891
|
+
"appliesTo": {
|
|
892
|
+
"repositoryKinds": ["application", "service"],
|
|
893
|
+
"languages": [],
|
|
894
|
+
"frameworks": [],
|
|
895
|
+
"pathGlobs": ["src/**", "packages/**", "services/**", "catalog/**"],
|
|
896
|
+
"nodeKinds": ["service", "module"],
|
|
897
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
898
|
+
},
|
|
899
|
+
"triggers": {
|
|
900
|
+
"candidateTerms": ["service catalog", "catalog-info", "component owner", "lifecycle"],
|
|
901
|
+
"pressureSignals": ["deployable-component"],
|
|
902
|
+
"structuralPredicates": []
|
|
903
|
+
},
|
|
904
|
+
"evidencePolicy": {
|
|
905
|
+
"minimumStrengthForRecommendation": "declared",
|
|
906
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
907
|
+
"minimumStrengthForEnforcement": "observed",
|
|
908
|
+
"requiredKindsForEnforcement": ["diff", "human-attestation"],
|
|
909
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
910
|
+
},
|
|
911
|
+
"guidance": {
|
|
912
|
+
"questions": ["Where is this component cataloged?", "Does the catalog identify lifecycle and owner?"],
|
|
913
|
+
"preferred": ["Keep ownership metadata machine-readable."],
|
|
914
|
+
"avoid": ["Using README text as the only component inventory."]
|
|
915
|
+
},
|
|
916
|
+
"checks": [{ "checkId": "owner-required", "mode": "deterministic", "parameters": { "scope": "service-catalog" } }],
|
|
917
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
918
|
+
"provenance": {
|
|
919
|
+
"sourceKind": "curated-reference",
|
|
920
|
+
"sourceRefs": [{ "sourceId": "backstage" }, { "sourceId": "archcontext.spec" }],
|
|
921
|
+
"curator": "archcontext-maintainers",
|
|
922
|
+
"reviewedAt": "2026-06-24"
|
|
923
|
+
},
|
|
924
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
925
|
+
},
|
|
926
|
+
{
|
|
927
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
928
|
+
"id": "ownership.operational-owner",
|
|
929
|
+
"revision": 1,
|
|
930
|
+
"status": "active",
|
|
931
|
+
"title": "Jobs and automations need an operational owner",
|
|
932
|
+
"summary": "Scheduled, async, or automated work should identify the person or team accountable for failures and stale behavior.",
|
|
933
|
+
"category": "ownership",
|
|
934
|
+
"tags": ["ownership", "jobs", "automation"],
|
|
935
|
+
"appliesTo": {
|
|
936
|
+
"repositoryKinds": ["application", "service"],
|
|
937
|
+
"languages": [],
|
|
938
|
+
"frameworks": [],
|
|
939
|
+
"pathGlobs": ["src/**", "packages/**", "scripts/**", "workers/**", ".github/**"],
|
|
940
|
+
"nodeKinds": ["job", "module"],
|
|
941
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
942
|
+
},
|
|
943
|
+
"triggers": {
|
|
944
|
+
"candidateTerms": ["scheduled job", "automation owner", "workflow owner", "operational owner"],
|
|
945
|
+
"pressureSignals": ["automation-owner-needed"],
|
|
946
|
+
"structuralPredicates": []
|
|
947
|
+
},
|
|
948
|
+
"evidencePolicy": {
|
|
949
|
+
"minimumStrengthForRecommendation": "declared",
|
|
950
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
951
|
+
"minimumStrengthForEnforcement": "observed",
|
|
952
|
+
"requiredKindsForEnforcement": ["human-attestation", "diff"],
|
|
953
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
954
|
+
},
|
|
955
|
+
"guidance": {
|
|
956
|
+
"questions": ["Who handles failure alerts?", "Where is stale automation reviewed?"],
|
|
957
|
+
"preferred": ["Attach owner metadata to scheduled and async work."],
|
|
958
|
+
"avoid": ["Letting automation outlive its owner."]
|
|
959
|
+
},
|
|
960
|
+
"checks": [{ "checkId": "owner-required", "mode": "deterministic", "parameters": { "scope": "automation-owner" } }],
|
|
961
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
962
|
+
"provenance": {
|
|
963
|
+
"sourceKind": "archcontext-native",
|
|
964
|
+
"sourceRefs": [{ "sourceId": "archcontext.adr.0036" }, { "sourceId": "backstage" }],
|
|
965
|
+
"curator": "archcontext-maintainers",
|
|
966
|
+
"reviewedAt": "2026-06-24"
|
|
967
|
+
},
|
|
968
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
969
|
+
},
|
|
970
|
+
{
|
|
971
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
972
|
+
"id": "security.secret-redaction-old",
|
|
973
|
+
"revision": 1,
|
|
974
|
+
"status": "deprecated",
|
|
975
|
+
"title": "Deprecated secret redaction checklist",
|
|
976
|
+
"summary": "Legacy secret redaction guidance is retained for migration lineage and superseded by the repo-ingress secret material practice.",
|
|
977
|
+
"category": "security",
|
|
978
|
+
"tags": ["security", "secrets", "deprecated"],
|
|
979
|
+
"appliesTo": {
|
|
980
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
981
|
+
"languages": [],
|
|
982
|
+
"frameworks": [],
|
|
983
|
+
"pathGlobs": ["src/**", "packages/**", "scripts/**"],
|
|
984
|
+
"nodeKinds": ["module", "service"],
|
|
985
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
986
|
+
},
|
|
987
|
+
"triggers": {
|
|
988
|
+
"candidateTerms": ["secret redaction", "token redaction", "legacy secret scan"],
|
|
989
|
+
"pressureSignals": ["secret-redaction"],
|
|
990
|
+
"structuralPredicates": []
|
|
991
|
+
},
|
|
992
|
+
"evidencePolicy": {
|
|
993
|
+
"minimumStrengthForRecommendation": "declared",
|
|
994
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
995
|
+
"minimumStrengthForEnforcement": "observed",
|
|
996
|
+
"requiredKindsForEnforcement": ["diff", "runtime-check"],
|
|
997
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
998
|
+
},
|
|
999
|
+
"guidance": {
|
|
1000
|
+
"questions": ["Is this legacy guidance still referenced?", "Which active practice replaces it?"],
|
|
1001
|
+
"preferred": ["Use security.secret-material-never-enters-repo for new work."],
|
|
1002
|
+
"avoid": ["Adding new policy against deprecated guidance."]
|
|
1003
|
+
},
|
|
1004
|
+
"checks": [{ "checkId": "least-privilege-required", "mode": "deterministic", "parameters": { "scope": "legacy-secret-redaction" } }],
|
|
1005
|
+
"enforcement": { "default": "advisory", "promotableTo": "advisory", "repoOptInRequired": true },
|
|
1006
|
+
"provenance": {
|
|
1007
|
+
"sourceKind": "archcontext-native",
|
|
1008
|
+
"sourceRefs": [{ "sourceId": "archcontext.adr.0036" }, { "sourceId": "openssf.scorecard" }],
|
|
1009
|
+
"curator": "archcontext-maintainers",
|
|
1010
|
+
"reviewedAt": "2026-06-24"
|
|
1011
|
+
},
|
|
1012
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
1013
|
+
},
|
|
1014
|
+
{
|
|
1015
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
1016
|
+
"id": "security.secret-material-never-enters-repo",
|
|
1017
|
+
"revision": 1,
|
|
1018
|
+
"status": "active",
|
|
1019
|
+
"title": "Secret material should never enter repository artifacts",
|
|
1020
|
+
"summary": "Secrets, tokens, and credential-bearing payloads should be blocked before they enter source, logs, fixtures, or verification packets.",
|
|
1021
|
+
"category": "security",
|
|
1022
|
+
"tags": ["security", "secrets", "dlp"],
|
|
1023
|
+
"appliesTo": {
|
|
1024
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
1025
|
+
"languages": [],
|
|
1026
|
+
"frameworks": [],
|
|
1027
|
+
"pathGlobs": ["src/**", "packages/**", "scripts/**", "docs/verification/**"],
|
|
1028
|
+
"nodeKinds": ["module", "service", "job"],
|
|
1029
|
+
"negativePathGlobs": ["test/**", "tests/**", "fixtures/**"]
|
|
1030
|
+
},
|
|
1031
|
+
"triggers": {
|
|
1032
|
+
"candidateTerms": ["secret material", "credential", "token", "DLP"],
|
|
1033
|
+
"pressureSignals": ["secret-material-risk"],
|
|
1034
|
+
"structuralPredicates": []
|
|
1035
|
+
},
|
|
1036
|
+
"evidencePolicy": {
|
|
1037
|
+
"minimumStrengthForRecommendation": "declared",
|
|
1038
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
1039
|
+
"minimumStrengthForEnforcement": "observed",
|
|
1040
|
+
"requiredKindsForEnforcement": ["runtime-check", "diff"],
|
|
1041
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
1042
|
+
},
|
|
1043
|
+
"guidance": {
|
|
1044
|
+
"questions": ["Where is secret ingress blocked?", "What proves the evidence packet is metadata-only?"],
|
|
1045
|
+
"preferred": ["Reject secret-like content before persistence."],
|
|
1046
|
+
"avoid": ["Relying on redaction after secrets are already stored."]
|
|
1047
|
+
},
|
|
1048
|
+
"checks": [{ "checkId": "least-privilege-required", "mode": "deterministic", "parameters": { "scope": "secret-ingress" } }],
|
|
1049
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
1050
|
+
"provenance": {
|
|
1051
|
+
"sourceKind": "archcontext-native",
|
|
1052
|
+
"sourceRefs": [{ "sourceId": "archcontext.adr.0036" }, { "sourceId": "openssf.scorecard" }],
|
|
1053
|
+
"curator": "archcontext-maintainers",
|
|
1054
|
+
"reviewedAt": "2026-06-24"
|
|
1055
|
+
},
|
|
1056
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": ["security.secret-redaction-old"] }
|
|
1057
|
+
},
|
|
1058
|
+
{
|
|
1059
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
1060
|
+
"id": "security.audit-log-redaction",
|
|
1061
|
+
"revision": 1,
|
|
1062
|
+
"status": "active",
|
|
1063
|
+
"title": "Audit logs should redact sensitive payload fields",
|
|
1064
|
+
"summary": "Security and governance audit logs should keep metadata needed for replay while excluding credentials, raw prompts, source bodies, and private paths.",
|
|
1065
|
+
"category": "security",
|
|
1066
|
+
"tags": ["security", "audit", "privacy"],
|
|
1067
|
+
"appliesTo": {
|
|
1068
|
+
"repositoryKinds": ["application", "service"],
|
|
1069
|
+
"languages": [],
|
|
1070
|
+
"frameworks": [],
|
|
1071
|
+
"pathGlobs": ["src/**", "packages/**", "scripts/**", "docs/verification/**"],
|
|
1072
|
+
"nodeKinds": ["service", "module"],
|
|
1073
|
+
"negativePathGlobs": ["test/**", "tests/**", "fixtures/**"]
|
|
1074
|
+
},
|
|
1075
|
+
"triggers": {
|
|
1076
|
+
"candidateTerms": ["audit log", "redaction", "metadata-only", "private path"],
|
|
1077
|
+
"pressureSignals": ["audit-payload-persisted"],
|
|
1078
|
+
"structuralPredicates": []
|
|
1079
|
+
},
|
|
1080
|
+
"evidencePolicy": {
|
|
1081
|
+
"minimumStrengthForRecommendation": "declared",
|
|
1082
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
1083
|
+
"minimumStrengthForEnforcement": "observed",
|
|
1084
|
+
"requiredKindsForEnforcement": ["runtime-check", "diff"],
|
|
1085
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
1086
|
+
},
|
|
1087
|
+
"guidance": {
|
|
1088
|
+
"questions": ["Which fields are persisted?", "Does the packet contain source or secrets?"],
|
|
1089
|
+
"preferred": ["Persist digests and typed metadata instead of raw sensitive values."],
|
|
1090
|
+
"avoid": ["Saving full request bodies as audit evidence."]
|
|
1091
|
+
},
|
|
1092
|
+
"checks": [{ "checkId": "least-privilege-required", "mode": "deterministic", "parameters": { "scope": "audit-log-redaction" } }],
|
|
1093
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
1094
|
+
"provenance": {
|
|
1095
|
+
"sourceKind": "archcontext-native",
|
|
1096
|
+
"sourceRefs": [{ "sourceId": "archcontext.adr.0036" }, { "sourceId": "archcontext.spec" }],
|
|
1097
|
+
"curator": "archcontext-maintainers",
|
|
1098
|
+
"reviewedAt": "2026-06-24"
|
|
1099
|
+
},
|
|
1100
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
1101
|
+
},
|
|
1102
|
+
{
|
|
1103
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
1104
|
+
"id": "security.external-permission-review",
|
|
1105
|
+
"revision": 1,
|
|
1106
|
+
"status": "active",
|
|
1107
|
+
"title": "External integration permissions need least-privilege review",
|
|
1108
|
+
"summary": "New external providers, apps, or webhooks should record the scopes requested and the least-privilege reason for each scope.",
|
|
1109
|
+
"category": "security",
|
|
1110
|
+
"tags": ["security", "permissions", "external"],
|
|
1111
|
+
"appliesTo": {
|
|
1112
|
+
"repositoryKinds": ["application", "service"],
|
|
1113
|
+
"languages": [],
|
|
1114
|
+
"frameworks": [],
|
|
1115
|
+
"pathGlobs": ["src/**", "packages/**", "deploy/**", ".github/**"],
|
|
1116
|
+
"nodeKinds": ["service", "module"],
|
|
1117
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
1118
|
+
},
|
|
1119
|
+
"triggers": {
|
|
1120
|
+
"candidateTerms": ["permission scope", "webhook permission", "external app", "least privilege"],
|
|
1121
|
+
"pressureSignals": ["external-permission-added"],
|
|
1122
|
+
"structuralPredicates": []
|
|
1123
|
+
},
|
|
1124
|
+
"evidencePolicy": {
|
|
1125
|
+
"minimumStrengthForRecommendation": "declared",
|
|
1126
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
1127
|
+
"minimumStrengthForEnforcement": "observed",
|
|
1128
|
+
"requiredKindsForEnforcement": ["human-attestation", "diff"],
|
|
1129
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
1130
|
+
},
|
|
1131
|
+
"guidance": {
|
|
1132
|
+
"questions": ["Which scopes are requested?", "Can any scope be narrowed?"],
|
|
1133
|
+
"preferred": ["Record permission rationale with the integration config."],
|
|
1134
|
+
"avoid": ["Requesting broad scopes for future convenience."]
|
|
1135
|
+
},
|
|
1136
|
+
"checks": [{ "checkId": "least-privilege-required", "mode": "deterministic", "parameters": { "scope": "external-permission" } }],
|
|
1137
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
1138
|
+
"provenance": {
|
|
1139
|
+
"sourceKind": "curated-reference",
|
|
1140
|
+
"sourceRefs": [{ "sourceId": "openssf.scorecard" }, { "sourceId": "archcontext.adr.0036" }],
|
|
1141
|
+
"curator": "archcontext-maintainers",
|
|
1142
|
+
"reviewedAt": "2026-06-24"
|
|
1143
|
+
},
|
|
1144
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
1145
|
+
},
|
|
1146
|
+
{
|
|
1147
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
1148
|
+
"id": "supply-chain.sbom-manifest",
|
|
1149
|
+
"revision": 1,
|
|
1150
|
+
"status": "active",
|
|
1151
|
+
"title": "Release artifacts should have an SBOM or dependency manifest",
|
|
1152
|
+
"summary": "Published artifacts should carry a dependency inventory that can be tied back to the released digest.",
|
|
1153
|
+
"category": "supply-chain",
|
|
1154
|
+
"tags": ["supply-chain", "sbom", "release"],
|
|
1155
|
+
"appliesTo": {
|
|
1156
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
1157
|
+
"languages": [],
|
|
1158
|
+
"frameworks": [],
|
|
1159
|
+
"pathGlobs": ["package.json", "packages/**", "src/**", "dist/**", ".github/**"],
|
|
1160
|
+
"nodeKinds": ["package", "module"],
|
|
1161
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
1162
|
+
},
|
|
1163
|
+
"triggers": {
|
|
1164
|
+
"candidateTerms": ["SBOM", "dependency manifest", "release artifact", "software bill of materials"],
|
|
1165
|
+
"pressureSignals": ["artifact-release"],
|
|
1166
|
+
"structuralPredicates": []
|
|
1167
|
+
},
|
|
1168
|
+
"evidencePolicy": {
|
|
1169
|
+
"minimumStrengthForRecommendation": "declared",
|
|
1170
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
1171
|
+
"minimumStrengthForEnforcement": "observed",
|
|
1172
|
+
"requiredKindsForEnforcement": ["package-manifest", "diff"],
|
|
1173
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
1174
|
+
},
|
|
1175
|
+
"guidance": {
|
|
1176
|
+
"questions": ["Which manifest describes the artifact?", "Can the manifest be tied to the released digest?"],
|
|
1177
|
+
"preferred": ["Record dependency inventory with release evidence."],
|
|
1178
|
+
"avoid": ["Publishing artifacts without inventory."]
|
|
1179
|
+
},
|
|
1180
|
+
"checks": [{ "checkId": "pinned-dependencies-required", "mode": "deterministic", "parameters": { "scope": "sbom" } }],
|
|
1181
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
1182
|
+
"provenance": {
|
|
1183
|
+
"sourceKind": "curated-reference",
|
|
1184
|
+
"sourceRefs": [{ "sourceId": "openssf.scorecard" }, { "sourceId": "cncf.app-delivery" }],
|
|
1185
|
+
"curator": "archcontext-maintainers",
|
|
1186
|
+
"reviewedAt": "2026-06-24"
|
|
1187
|
+
},
|
|
1188
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
1189
|
+
},
|
|
1190
|
+
{
|
|
1191
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
1192
|
+
"id": "supply-chain.release-artifact-digest",
|
|
1193
|
+
"revision": 1,
|
|
1194
|
+
"status": "active",
|
|
1195
|
+
"title": "Release artifacts should record immutable digests",
|
|
1196
|
+
"summary": "Release evidence should store artifact digests so consumers can verify the bytes that were reviewed and shipped.",
|
|
1197
|
+
"category": "supply-chain",
|
|
1198
|
+
"tags": ["supply-chain", "digest", "release"],
|
|
1199
|
+
"appliesTo": {
|
|
1200
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
1201
|
+
"languages": [],
|
|
1202
|
+
"frameworks": [],
|
|
1203
|
+
"pathGlobs": ["package.json", "packages/**", "dist/**", "release/**", ".github/**"],
|
|
1204
|
+
"nodeKinds": ["package", "module"],
|
|
1205
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
1206
|
+
},
|
|
1207
|
+
"triggers": {
|
|
1208
|
+
"candidateTerms": ["artifact digest", "sha256", "release digest", "provenance"],
|
|
1209
|
+
"pressureSignals": ["artifact-release"],
|
|
1210
|
+
"structuralPredicates": []
|
|
1211
|
+
},
|
|
1212
|
+
"evidencePolicy": {
|
|
1213
|
+
"minimumStrengthForRecommendation": "declared",
|
|
1214
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
1215
|
+
"minimumStrengthForEnforcement": "observed",
|
|
1216
|
+
"requiredKindsForEnforcement": ["runtime-check", "diff"],
|
|
1217
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
1218
|
+
},
|
|
1219
|
+
"guidance": {
|
|
1220
|
+
"questions": ["Which digest identifies the shipped artifact?", "Where is digest verification recorded?"],
|
|
1221
|
+
"preferred": ["Persist immutable artifact digests in release evidence."],
|
|
1222
|
+
"avoid": ["Reviewing one artifact and publishing another without digest linkage."]
|
|
1223
|
+
},
|
|
1224
|
+
"checks": [{ "checkId": "observed-before-enforced", "mode": "deterministic", "parameters": { "scope": "artifact-digest" } }],
|
|
1225
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
1226
|
+
"provenance": {
|
|
1227
|
+
"sourceKind": "curated-reference",
|
|
1228
|
+
"sourceRefs": [{ "sourceId": "openssf.scorecard" }, { "sourceId": "twelve-factor" }],
|
|
1229
|
+
"curator": "archcontext-maintainers",
|
|
1230
|
+
"reviewedAt": "2026-06-24"
|
|
1231
|
+
},
|
|
1232
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
1233
|
+
},
|
|
1234
|
+
{
|
|
1235
|
+
"schemaVersion": "archcontext.practice/v1",
|
|
1236
|
+
"id": "supply-chain.dependency-update-review",
|
|
1237
|
+
"revision": 1,
|
|
1238
|
+
"status": "active",
|
|
1239
|
+
"title": "Dependency updates should include intent and risk review",
|
|
1240
|
+
"summary": "Dependency updates that affect runtime or tooling should record why the update is needed and what compatibility risk was checked.",
|
|
1241
|
+
"category": "supply-chain",
|
|
1242
|
+
"tags": ["supply-chain", "dependencies", "review"],
|
|
1243
|
+
"appliesTo": {
|
|
1244
|
+
"repositoryKinds": ["application", "service", "library"],
|
|
1245
|
+
"languages": [],
|
|
1246
|
+
"frameworks": [],
|
|
1247
|
+
"pathGlobs": ["package.json", "bun.lock", "packages/**", "src/**"],
|
|
1248
|
+
"nodeKinds": ["package", "module"],
|
|
1249
|
+
"negativePathGlobs": ["docs/**", "test/**", "tests/**", "fixtures/**"]
|
|
1250
|
+
},
|
|
1251
|
+
"triggers": {
|
|
1252
|
+
"candidateTerms": ["dependency update", "lockfile", "package upgrade", "supply chain"],
|
|
1253
|
+
"pressureSignals": ["dependency-updated"],
|
|
1254
|
+
"structuralPredicates": []
|
|
1255
|
+
},
|
|
1256
|
+
"evidencePolicy": {
|
|
1257
|
+
"minimumStrengthForRecommendation": "declared",
|
|
1258
|
+
"minimumStrengthForCheckpoint": "observed",
|
|
1259
|
+
"minimumStrengthForEnforcement": "observed",
|
|
1260
|
+
"requiredKindsForEnforcement": ["package-manifest", "test"],
|
|
1261
|
+
"maxEnforcementWhenOnlyHeuristic": "advisory"
|
|
1262
|
+
},
|
|
1263
|
+
"guidance": {
|
|
1264
|
+
"questions": ["Why is the dependency changing?", "What compatibility or security risk was reviewed?"],
|
|
1265
|
+
"preferred": ["Pair lockfile changes with intent and verification evidence."],
|
|
1266
|
+
"avoid": ["Landing broad dependency churn without review context."]
|
|
1267
|
+
},
|
|
1268
|
+
"checks": [{ "checkId": "pinned-dependencies-required", "mode": "deterministic", "parameters": { "scope": "dependency-update" } }],
|
|
1269
|
+
"enforcement": { "default": "advisory", "promotableTo": "checkpoint", "repoOptInRequired": true },
|
|
1270
|
+
"provenance": {
|
|
1271
|
+
"sourceKind": "curated-reference",
|
|
1272
|
+
"sourceRefs": [{ "sourceId": "openssf.scorecard" }, { "sourceId": "archcontext.adr.0036" }],
|
|
1273
|
+
"curator": "archcontext-maintainers",
|
|
1274
|
+
"reviewedAt": "2026-06-24"
|
|
1275
|
+
},
|
|
1276
|
+
"lifecycle": { "introducedAt": "2026-06-24", "reviewAfter": "2026-09-24", "supersedes": [] }
|
|
1277
|
+
}
|
|
1278
|
+
]
|