bootproof 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +840 -152
- package/dist/agent-plan.d.ts +44 -0
- package/dist/agent-plan.js +826 -0
- package/dist/agent-run.d.ts +117 -0
- package/dist/agent-run.js +459 -0
- package/dist/ai-repair.d.ts +58 -0
- package/dist/ai-repair.js +380 -0
- package/dist/cli.js +730 -46
- package/dist/diagnosis.js +101 -16
- package/dist/diff.d.ts +29 -0
- package/dist/diff.js +569 -0
- package/dist/exec.d.ts +30 -2
- package/dist/exec.js +329 -51
- package/dist/external-health.d.ts +16 -0
- package/dist/external-health.js +214 -0
- package/dist/infer.js +238 -39
- package/dist/plan.js +2 -0
- package/dist/proof.d.ts +78 -2
- package/dist/proof.js +265 -12
- package/dist/receipt.d.ts +52 -0
- package/dist/receipt.js +356 -0
- package/dist/redact.d.ts +4 -0
- package/dist/redact.js +86 -2
- package/dist/registry.d.ts +82 -30
- package/dist/registry.js +355 -53
- package/dist/remote.js +3 -3
- package/dist/repair-playbooks.d.ts +24 -0
- package/dist/repair-playbooks.js +593 -0
- package/dist/repair-safety.d.ts +130 -0
- package/dist/repair-safety.js +766 -0
- package/dist/repair.d.ts +43 -11
- package/dist/repair.js +716 -7
- package/dist/run.d.ts +3 -0
- package/dist/run.js +218 -41
- package/dist/sbom.d.ts +22 -0
- package/dist/sbom.js +99 -0
- package/dist/taxonomy.d.ts +8 -3
- package/dist/taxonomy.js +404 -8
- package/dist/types.d.ts +40 -1
- package/docs/AGENT_IN_THE_LOOP.md +171 -0
- package/docs/AGENT_RUN_RECEIPTS.md +38 -0
- package/docs/CI_ACTION.md +67 -2
- package/docs/DETERMINISTIC_REPAIR_SAFETY_MODEL.md +705 -0
- package/docs/FAILURE_TAXONOMY.md +28 -1
- package/docs/HONESTY_CONTRACT.md +34 -12
- package/docs/LAUNCH_PLAYBOOK.md +232 -0
- package/docs/REAL_WORLD_FIXTURES.md +105 -0
- package/docs/REGISTRY.md +48 -28
- package/docs/REPAIR_RECEIPT.md +54 -8
- package/docs/agent-loop-gap-analysis.md +188 -0
- package/docs/examples/registry-seeds/advertised-port-mismatch.json +28 -0
- package/docs/examples/registry-seeds/airbyte-abctl-external-orchestrator.json +36 -0
- package/docs/examples/registry-seeds/go-ollama-service.json +36 -0
- package/docs/examples/registry-seeds/laravel-vite-sqlite.json +36 -0
- package/docs/examples/registry-seeds/monorepo-ambiguous-health.json +29 -0
- package/docs/examples/registry-seeds/php-composer.json +33 -0
- package/docs/examples/registry-seeds/rails-bundler.json +32 -0
- package/docs/examples/registry-seeds/sentry-devenv-direnv.json +41 -0
- package/docs/schemas/action-verdict-v1.schema.json +64 -0
- package/docs/schemas/agent-plan-v1.schema.json +148 -0
- package/docs/schemas/agent-run-receipts-v1.schema.json +192 -0
- package/docs/schemas/ai-repair-suggestion-v1.schema.json +70 -0
- package/docs/schemas/ci-context-v1.schema.json +63 -0
- package/docs/schemas/diff-result-v1.schema.json +66 -0
- package/docs/schemas/federated-receipt-v1.schema.json +51 -0
- package/docs/schemas/registry-entry-v1.schema.json +95 -0
- package/docs/schemas/registry-seed-example-v1.schema.json +102 -0
- package/docs/schemas/repair-action-v1.schema.json +136 -0
- package/docs/schemas/repair-receipt-v1.schema.json +221 -0
- package/package.json +10 -6
package/docs/FAILURE_TAXONOMY.md
CHANGED
|
@@ -15,14 +15,39 @@ Unknown evidence remains `unknown_failure`. BootProof does not pick a more marke
|
|
|
15
15
|
|---|---|---|
|
|
16
16
|
| `not_an_application` | No trustworthy runnable entrypoint was found. | Select a runnable workspace or add an explicit start command. |
|
|
17
17
|
| `orchestration_not_supported` | An application stack was detected, but no explicit supported entrypoint or source-built Compose web service was found. | Use the repository's documented runbook; treat the signed result as diagnosis, not boot proof. |
|
|
18
|
+
| `go_service_orchestration_not_supported` | A Go service was detected, but no safe runnable service command and health contract could be established. | Use the documented service command or provide an explicit reviewed override; do not treat detection as boot proof. |
|
|
19
|
+
| `host_execution_not_acknowledged` | Host execution, including execution of a cloned remote repository, was selected without the explicit `--unsafe-local` acknowledgement. | Review the inferred commands, then rerun with `--provider local --unsafe-local` only if you accept host execution. |
|
|
20
|
+
| `auth_required` | An externally managed health endpoint returned HTTP 401 or 403. | Use a separate unauthenticated health endpoint or verify authentication manually without exposing credentials. |
|
|
21
|
+
| `external_health_unreachable` | An externally managed health endpoint could not be reached or did not return HTTP 2xx/3xx. | Confirm the service and endpoint are reachable, then rerun external verification. |
|
|
18
22
|
| `runtime_engine_mismatch` | Node.js does not satisfy the declared engine. | Switch to a compatible runtime and rerun. |
|
|
23
|
+
| `missing_ruby_version` | The exact Ruby version selected by rbenv is not installed. | Run `rbenv install <version>`. |
|
|
19
24
|
| `missing_package_manager` | The declared package manager executable is absent. | Enable Corepack or install the required manager. |
|
|
20
|
-
| `missing_runtime_tool` | An explicit
|
|
25
|
+
| `missing_runtime_tool` | An explicit Ruby, Bundler, Make, Python, PHP, or Composer run path was selected, but the executable is absent. | Install the repository-supported runtime or tool and rerun. |
|
|
26
|
+
| `go_runtime_missing` | A selected Go service command cannot run because the `go` executable is unavailable. | Install the repository-supported Go version and rerun. |
|
|
27
|
+
| `go_build_failed` | Go module resolution or compilation failed for the selected service. | Inspect the preserved compiler/module evidence and resolve the specific source or dependency error. |
|
|
28
|
+
| `missing_project_cli` | A selected package script references a repository CLI that is unavailable in the prepared development environment. | Complete the repository's documented bootstrap or development-environment setup, then rerun. |
|
|
29
|
+
| `missing_php_runtime` | The repository requires PHP, but the `php` executable is unavailable. | Install a repository-supported PHP version; mention Homebrew only when its presence is evidenced. |
|
|
30
|
+
| `missing_composer` | The repository requires Composer, but the `composer` executable is unavailable. | Install Composer through an evidenced or documented method. |
|
|
31
|
+
| `unsupported_php_version_for_composer_lock` | The current PHP version does not satisfy package constraints recorded in `composer.lock`. | Select a compatible PHP version, then rerun `composer install`; do not edit the lockfile as the first step. |
|
|
32
|
+
| `missing_php_vendor_autoload` | `vendor/autoload.php` is absent after PHP dependencies failed or were not installed. | Resolve PHP/Composer compatibility, then run `composer install`. |
|
|
33
|
+
| `laravel_sqlite_database_missing` | Laravel's configured SQLite database file does not exist. | Review and approve creation of `database/database.sqlite`, then separately approve `php artisan migrate`. |
|
|
34
|
+
| `laravel_migrations_required` | Laravel started, but one or more required database tables are missing. | Run `php artisan migrate` only with explicit approval because it mutates local database state. |
|
|
35
|
+
| `missing_build_tool` | A named native build tool required by a dependency is absent. | Install the reported tool, such as `brew install cmake`. |
|
|
36
|
+
| `native_extension_compile_failed` | A gem native extension failed to compile. | Install the affected gem's native dependencies and rerun installation. |
|
|
21
37
|
| `package_manager_version_mismatch` | The available package-manager version differs from the exact/simple declared version. | Activate the declared version, then rerun. |
|
|
22
38
|
| `dependency_install_skipped` | A dependency-backed application was not started because install was not requested. | Review the install command and opt in with `--install`. |
|
|
23
39
|
| `python_flask_setup_required` | Python/Flask setup requires migrations, initialization, workers, frontend, or service orchestration not yet supported safely. | Complete the documented setup manually; do not treat detection as full support. |
|
|
40
|
+
| `laravel_vite_ci_hmr_blocked` | Laravel's Vite plugin refused to start the HMR asset server in CI. | Use a production asset build in CI, or run the Laravel application server for app verification. |
|
|
24
41
|
| `missing_env_var` | Required environment configuration is missing. | Supply real values through the repository's documented path. BootProof will not edit `.env`. |
|
|
42
|
+
| `missing_database_config` | `config/database.yml` could not be loaded or is absent. | Create it from the repository's documented example and review it. |
|
|
43
|
+
| `missing_required_config` | Another explicitly named required configuration file is absent. | Restore the reported file from the repository's documented example. |
|
|
25
44
|
| `database_unreachable` | A required database or cache could not be reached. | Start the real required service and verify its address. |
|
|
45
|
+
| `postgres_unavailable` | PostgreSQL refused or could not accept the connection. | Start PostgreSQL and verify the configured host and port. |
|
|
46
|
+
| `postgres_role_missing` | PostgreSQL is reachable, but the configured role does not exist. | Create the role or configure an existing one. |
|
|
47
|
+
| `database_schema_missing` | PostgreSQL reports an undefined table or missing relation. | Run the repository's documented migrations or database setup. |
|
|
48
|
+
| `unsupported_database_version` | The installed PostgreSQL version is outside the repository's supported range. | Install or select a supported version. |
|
|
49
|
+
| `unsupported_database_config` | `config/database.yml` contains unsupported database names. | Use only the repository-supported names. |
|
|
50
|
+
| `redis_unavailable` | Redis refused or could not accept the connection. | Start Redis and verify the configured host and port. |
|
|
26
51
|
| `postgres_auth_env_missing` | Postgres was reached but authentication or env configuration did not match. | Correct the real database configuration; BootProof will not invent credentials. |
|
|
27
52
|
| `migrations_missing` | The database schema is absent or behind. | Run the repository's documented migration flow. Repair is attempted only for one unambiguous recognized framework. |
|
|
28
53
|
| `port_in_use` | The application port is occupied. | Stop the process or use a supported explicit port. |
|
|
@@ -33,8 +58,10 @@ Unknown evidence remains `unknown_failure`. BootProof does not pick a more marke
|
|
|
33
58
|
| `docker_unavailable` | Docker is required by the plan but unavailable. | Start Docker or explicitly choose a safe local path. |
|
|
34
59
|
| `install_failed` | Dependency installation failed for an otherwise unclassified reason. | Inspect preserved install evidence and fix the underlying cause. |
|
|
35
60
|
| `app_exited_early` | The application exited before health was observed. | Inspect process evidence and fix startup. |
|
|
61
|
+
| `health_preoccupied` | A health candidate was already responding successfully before BootProof started the application. | Stop the existing service and rerun, or explicitly verify it with `bootproof verify-url <url>`. |
|
|
36
62
|
| `health_check_timeout` | No HTTP response was observed before timeout. | Check logs, port inference, and health candidates. |
|
|
37
63
|
| `health_http_error` | A health candidate returned HTTP 5xx. | Fix the server error; a responding process is not yet healthy. |
|
|
64
|
+
| `health_candidate_port_mismatch` | Process output advertised a different port from the inferred application health URL. | Confirm the primary app command and intended health port; do not mistake an asset server for the Laravel app. |
|
|
38
65
|
| `workspace_ambiguous` | Multiple applications or health targets are plausible. | Choose one with `--workspace <dir>`. |
|
|
39
66
|
| `unknown_failure` | Available evidence does not match a trustworthy detector. | Inspect the signed raw evidence and report a reproducible detector case. |
|
|
40
67
|
|
package/docs/HONESTY_CONTRACT.md
CHANGED
|
@@ -13,15 +13,18 @@ BootProof's promise is not that every repository boots. Its promise is that the
|
|
|
13
13
|
7. Ambiguous workspaces are surfaced instead of guessed.
|
|
14
14
|
8. Generated files are referenced as generated evidence only when they were actually written.
|
|
15
15
|
9. Refusals and execution failures write signed failed attestations where a signer is available.
|
|
16
|
-
10. Failed attestations preserve available
|
|
16
|
+
10. Failed attestations preserve available diagnostic evidence, redacted at capture before it is persisted. Registry export applies its own additional public-artifact redaction.
|
|
17
17
|
11. A process starting is not enough. A health signal must be observed.
|
|
18
18
|
12. Confidence describes evidence found, not predicted success.
|
|
19
19
|
13. An image-only Compose service does not prove the checked-out source. Compose application proof requires a repository-local build context, a published HTTP port, and an observed HTTP response.
|
|
20
|
-
14. A repair
|
|
21
|
-
15.
|
|
22
|
-
16.
|
|
23
|
-
17.
|
|
24
|
-
18.
|
|
20
|
+
14. A deterministic repair suggestion requires a signature-valid classified failed attestation.
|
|
21
|
+
15. A valid signature proves the attestation was not altered after signing. It does not, by itself, prove WHO produced it. BootProof distinguishes self-signed, known-signer, and unknown-foreign signatures, and binds directory verification to the repository's current commit.
|
|
22
|
+
16. Commands run only after the exact command, mutation scope, and risk are shown and the user types uppercase `Y`. JSON and CI modes never approve commands.
|
|
23
|
+
17. Repair generation never patches the user's working tree; applying a diff requires the separate explicit `apply-repair` command.
|
|
24
|
+
18. Repair diffs are restricted to boot-plumbing scope; application logic is never edited.
|
|
25
|
+
19. Declined, failed, progressed, and verified repair attempts remain distinct signed receipt states.
|
|
26
|
+
20. Explicit repair application requires a valid signed receipt and exact file preimages; stale or tampered receipts write nothing.
|
|
27
|
+
21. A health response may only be recorded as a verified boot if it could have come from the process BootProof started. Pre-existing responders are refused (`health_preoccupied`); a response observed after the supervised process has exited is not a boot.
|
|
25
28
|
|
|
26
29
|
These behaviors are enforced by tests.
|
|
27
30
|
|
|
@@ -71,16 +74,22 @@ A repository Compose receipt is equally narrow. `docker compose up -d` exit 0 pr
|
|
|
71
74
|
|
|
72
75
|
## Verified Repairs
|
|
73
76
|
|
|
74
|
-
`bootproof fix`
|
|
77
|
+
`bootproof fix` reads the latest signature-valid classified failure. The first interactive
|
|
78
|
+
command playbooks cover missing CMake and unavailable Redis; `RAILS_ENV` receives a safe
|
|
79
|
+
instruction only. Commands are structured argv, pass the safety validator, and require the
|
|
80
|
+
literal response `Y`. After an approved command, BootProof copies the repository to a temporary
|
|
81
|
+
sandbox and reruns the normal proof engine.
|
|
75
82
|
|
|
76
83
|
The original working tree is never used as the repair target. BootProof writes only its evidence under `.bootproof/`:
|
|
77
84
|
|
|
78
85
|
- the signed failed before attestation
|
|
79
86
|
- a human-reviewable patch when files changed
|
|
80
|
-
- the signed
|
|
81
|
-
- the signed repair receipt
|
|
87
|
+
- the signed after attestation when a command was rerun
|
|
88
|
+
- the signed repair receipt recording suggestion, approval, application, progress, and verification
|
|
82
89
|
|
|
83
|
-
|
|
90
|
+
Declined, failed, and unverified attempts still produce receipts because failed attestations and
|
|
91
|
+
repair attempts are valuable. `verified` remains false unless the rerun observes healthy HTTP.
|
|
92
|
+
`progressed` is true only for verified health or a changed failure class.
|
|
84
93
|
|
|
85
94
|
`bootproof fix` never auto-applies a patch. `bootproof apply-repair` is a separate, explicit mutation command. It verifies the receipt signature, scope whitelist, signed content hashes, and current preimages before writing. A mismatch writes nothing.
|
|
86
95
|
|
|
@@ -94,9 +103,22 @@ Current local runs use:
|
|
|
94
103
|
local_developer_signed
|
|
95
104
|
```
|
|
96
105
|
|
|
97
|
-
|
|
106
|
+
The embedded public key proves integrity only. Local verification reports whether that key is
|
|
107
|
+
this machine's signer, an explicitly pinned signer in `~/.bootproof/known_signers.json`, or an
|
|
108
|
+
unknown foreign signer. Pinning uses `bootproof verify <proof> --trust-signer` and never happens
|
|
109
|
+
automatically on first use.
|
|
98
110
|
|
|
99
|
-
`
|
|
111
|
+
`--require-known-signer` fails on unknown foreign signers. Directory verification compares the
|
|
112
|
+
attested commit with live Git `HEAD`, and `--strict` fails if they differ.
|
|
113
|
+
|
|
114
|
+
Local attestations are useful evidence. CI/OIDC attestations are stronger supply-chain proof.
|
|
115
|
+
BootProof does not pretend local laptop proof is enterprise CI proof.
|
|
116
|
+
|
|
117
|
+
`ci_oidc_signed` is emitted when `--ci-oidc` is passed to `bootproof up` inside a GitHub Actions
|
|
118
|
+
workflow with `permissions: id-token: write`. The composite Action exposes this as the `ci-oidc`
|
|
119
|
+
input (default: `false`). When enabled, BootProof fetches the runner's OIDC token and embeds the
|
|
120
|
+
claims (iss, sub, repository, run_id, workflow, etc.) in the attestation trust block. The
|
|
121
|
+
ed25519 signature still provides integrity; the OIDC evidence provides CI provenance.
|
|
100
122
|
|
|
101
123
|
## Network And Sharing
|
|
102
124
|
|
|
@@ -0,0 +1,232 @@
|
|
|
1
|
+
# The First 1,000 Receipts — Launch Playbook
|
|
2
|
+
|
|
3
|
+
> Distribution is the engine; the moat is its exhaust.
|
|
4
|
+
|
|
5
|
+
This is the concrete, week-by-week plan for getting BootProof from zero to the first 1,000 Living Receipts in the wild. Every phase has a single success metric. If the metric doesn't hit, the phase isn't done — don't move on, fix why.
|
|
6
|
+
|
|
7
|
+
---
|
|
8
|
+
|
|
9
|
+
## The thesis (read this first)
|
|
10
|
+
|
|
11
|
+
The Living Receipt is not the moat. It is the **distribution weapon** — a viral, self-proving object that floods the gates with users. The moat (workflow lock-in as the merge gate, plus a compounding boot-inference flywheel) is **earned at scale**, not owned on day one.
|
|
12
|
+
|
|
13
|
+
The slop crisis is real and cresting: curl shut down its bug bounty (January 2026), Jazzband shut down entirely, tldraw auto-closes all external PRs, Ghostty's Mitchell Hashimoto named the exact mechanism BootProof attacks ("running it was the filter"). The demand is assembled and screaming. The audience is not cold — they are posting in GitHub community discussion #185387, literally spec'ing the feature.
|
|
14
|
+
|
|
15
|
+
The only thing standing between BootProof and 1,000 receipts is the single thing every prior project skipped: **shipping and distributing**. This playbook exists to make that skip impossible.
|
|
16
|
+
|
|
17
|
+
---
|
|
18
|
+
|
|
19
|
+
## Phase 0 — Ship the alpha (TODAY, before anything else)
|
|
20
|
+
|
|
21
|
+
**Goal:** a stranger can `npx bootproof up <repo>` and get a Living Receipt.
|
|
22
|
+
|
|
23
|
+
**Checklist:**
|
|
24
|
+
- [x] Fix the npm package metadata (homepage/repository fields point to the wrong URL — `rossbuckley1990-hash/bootproof` instead of `bootproof/bootproof`). This is a 5-minute fix that has been leaking every visitor. **Fixed in commit on `main` — `repository`, `bugs.url`, and `homepage` now all point to `github.com/bootproof/bootproof`. The published npm package at `0.1.0` still has the old URL until 0.3.0 is published (next item).**
|
|
25
|
+
- [ ] Publish `0.3.0` to npm. The published version is `0.1.0`; the repo is three minor versions ahead. The publishing muscle exists — the release cadence is broken. **Requires `npm publish` with npm credentials — run locally, not from a CI/sandbox. The `release:check` script (`npm test && npm run build && npm run pack:check && npm publish --dry-run`) is the pre-flight.**
|
|
26
|
+
- [x] The Living Receipt HTML (`assets/living-receipt.html`) is on `main` and reachable via raw.githubusercontent.com.
|
|
27
|
+
- [x] The badge template (`assets/bootproof-badge-template.md`) is on `main`.
|
|
28
|
+
- [x] The README links to the Living Receipt with a clickable badge.
|
|
29
|
+
|
|
30
|
+
**Success metric:** `npx bootproof up https://github.com/any-public-repo` works on a fresh machine with Node 20+. No errors. Writes a receipt.
|
|
31
|
+
|
|
32
|
+
**If this doesn't work, nothing else in this playbook matters.** Do not proceed to Phase 1 until a stranger can run the command and get a receipt.
|
|
33
|
+
|
|
34
|
+
---
|
|
35
|
+
|
|
36
|
+
## Phase 1 — Maintainer #1 (Week 1)
|
|
37
|
+
|
|
38
|
+
**Goal:** one prominent open-source maintainer adopts BootProof as a PR gate.
|
|
39
|
+
|
|
40
|
+
**Why this first:** the slop-crisis maintainers are the exact audience, they're already gathered, and one public adoption is the equivalent of Slack's "8,000 signups in 24 hours" — but slower, over weeks, because maintainer-to-maintainer viral spread is real but skeptical.
|
|
41
|
+
|
|
42
|
+
**The target list (in priority order):**
|
|
43
|
+
|
|
44
|
+
1. **The GitHub community discussion #185387 participants.** This is the single highest-signal list. People who posted in "Exploring Solutions to Tackle Low-Quality Contributions on GitHub" are literally asking for this. Read the thread, identify the most active commenters, DM them with the receipt attached.
|
|
45
|
+
|
|
46
|
+
2. **The curl orbit.** Daniel Stenberg shut down curl's bug bounty in January 2026 because AI slop reports collapsed the valid-rate from 1-in-6 to 1-in-20. BootProof is the automated version of "did you actually run it?" — exactly the filter he lost. He is reachable on GitHub and Mastodon.
|
|
47
|
+
|
|
48
|
+
3. **The Ghostty orbit.** Mitchell Hashimoto named the exact mechanism ("running it was the filter") that BootProof re-imposes. He is reachable on GitHub.
|
|
49
|
+
|
|
50
|
+
4. **The tldraw orbit.** They auto-close all external PRs — the most extreme response to slop. A BootProof gate is the less drastic alternative they haven't tried yet.
|
|
51
|
+
|
|
52
|
+
5. **The six stargazers.** `serious-angel`, `jon91`, `highway900`, `mkkzkk`, `DoddiC`, `tkersey`. They already raised their hands. They're the warmest leads you have.
|
|
53
|
+
|
|
54
|
+
**The DM template (3 lines, attach the Living Receipt HTML):**
|
|
55
|
+
|
|
56
|
+
```
|
|
57
|
+
Hi [name] — I saw your [post/comment about AI slop in PRs]. I built
|
|
58
|
+
something that might help: a tool that actually boots a repo and signs
|
|
59
|
+
proof of what happened. I attached a Living Receipt — double-click it,
|
|
60
|
+
it verifies itself in your browser. If it's useful, I'd value your
|
|
61
|
+
honest reaction. If not, tell me why. — Ross
|
|
62
|
+
```
|
|
63
|
+
|
|
64
|
+
**Rules:**
|
|
65
|
+
- Do NOT lead with the architecture, the trust ladder, or the moat thesis. Lead with the artifact.
|
|
66
|
+
- Do NOT pitch the hosted runner, the enterprise tier, or the roadmap. Pitch the free thing.
|
|
67
|
+
- Do NOT send a form letter. Reference something specific they said about slop.
|
|
68
|
+
- Attach the Living Receipt HTML. The artifact does the convincing — your words just get them to open it.
|
|
69
|
+
|
|
70
|
+
**Success metric:** one maintainer runs `npx bootproof up` on a repo they care about and replies with a reaction that isn't "cool, thanks." The reaction you're looking for is "wait, how does this work?" or "can I use this as a PR gate?" — those are buying signals.
|
|
71
|
+
|
|
72
|
+
**If you don't get a reply from any of the six stargazers in 72 hours:** the problem isn't the message, it's that the artifact doesn't land. Go back and watch someone open it in person. The "what the hell" moment has to be visible on their face. If it isn't, the receipt isn't good enough yet.
|
|
73
|
+
|
|
74
|
+
---
|
|
75
|
+
|
|
76
|
+
## Phase 2 — The public launch (Week 2)
|
|
77
|
+
|
|
78
|
+
**Goal:** 100 receipts in the wild, traced to a single public launch.
|
|
79
|
+
|
|
80
|
+
**The launch surfaces, in order:**
|
|
81
|
+
|
|
82
|
+
### 2a. Hacker News (Tuesday or Wednesday, 7–9am Pacific)
|
|
83
|
+
|
|
84
|
+
**Title (use exactly this — it's been pressure-tested against the HN aesthetic):**
|
|
85
|
+
|
|
86
|
+
> Show HN: BootProof — the run button that can't lie (boots any repo, signs proof)
|
|
87
|
+
|
|
88
|
+
**First comment (yours, posted immediately):**
|
|
89
|
+
|
|
90
|
+
```
|
|
91
|
+
I built this because AI-generated PRs that merge clean but don't actually
|
|
92
|
+
boot are drowning maintainers. curl shut down its bug bounty over this.
|
|
93
|
+
tldraw auto-closes all external PRs. The filter that used to exist —
|
|
94
|
+
"you had to actually run the code to contribute" — is gone.
|
|
95
|
+
|
|
96
|
+
BootProof re-imposes it. Point it at any repo, it infers how to run,
|
|
97
|
+
boots it, observes whether localhost actually responds, and signs a
|
|
98
|
+
receipt. The receipt is a single HTML file that re-verifies its own
|
|
99
|
+
signature in your browser. Tamper with one byte and the verdict collapses.
|
|
100
|
+
|
|
101
|
+
Two real captures in the repo: one that boots to HTTP 200, one that
|
|
102
|
+
builds clean and segfaults at runtime. Both are real, not mock.
|
|
103
|
+
|
|
104
|
+
Free, open source, Apache 2.0. I'm looking for maintainers who want
|
|
105
|
+
to try it as a PR gate. — Ross
|
|
106
|
+
```
|
|
107
|
+
|
|
108
|
+
**Rules:**
|
|
109
|
+
- Do NOT post on Monday (low traffic) or Friday (weekend death).
|
|
110
|
+
- Do NOT post on the hour — post at :07 or :12 to avoid the submission queue.
|
|
111
|
+
- Do NOT use a link shortener. HN penalizes them.
|
|
112
|
+
- Respond to every comment within 15 minutes for the first 4 hours. The first hour determines whether it hits the front page.
|
|
113
|
+
- When someone says "why not just use CI?" — answer: "CI tells you the script exited 0. BootProof tells you localhost responded. Green CI, dead app is the entire slop archetype. Here's a receipt: [link]."
|
|
114
|
+
|
|
115
|
+
### 2b. r/programming (same day, 2 hours after HN)
|
|
116
|
+
|
|
117
|
+
Cross-post the HN link. Title: "BootProof — a run button that actually verifies your repo boots (signed proof, not green CI)".
|
|
118
|
+
|
|
119
|
+
### 2c. r/devops, r/node, r/rust, r/python (staggered over Week 2)
|
|
120
|
+
|
|
121
|
+
One post per subreddit, tailored to the language. For r/rust, lead with the segfault receipt. For r/node, lead with the HTTP 200 receipt. For r/devops, lead with the CI-gate angle.
|
|
122
|
+
|
|
123
|
+
### 2d. The agent-integration communities
|
|
124
|
+
|
|
125
|
+
Post in the Cursor Discord, the Claude Code community, the Devin Slack. The pitch: "your agent emits a Living Receipt when it finishes — the human verifies it actually booted before merging." This is the "App Store moment" distribution surface.
|
|
126
|
+
|
|
127
|
+
**Success metric:** 100 Living Receipts downloaded from the repo (track via GitHub raw file download analytics), 50 npm installs, 10 badges appearing in public READMEs (search GitHub for `bootproof` in README files).
|
|
128
|
+
|
|
129
|
+
**If HN doesn't hit the front page:** the title or the first comment didn't land. The most common failure mode is leading with the technology instead of the pain. Rewrite the first comment to lead with curl/tldraw, not with ed25519.
|
|
130
|
+
|
|
131
|
+
---
|
|
132
|
+
|
|
133
|
+
## Phase 3 — The agent integrations (Week 3)
|
|
134
|
+
|
|
135
|
+
**Goal:** BootProof is the default "does-it-boot" check in at least one agent ecosystem.
|
|
136
|
+
|
|
137
|
+
**The targets:**
|
|
138
|
+
|
|
139
|
+
1. **A Claude Code skill** — `bootproof-verify` — that an agent can invoke after writing code. The skill runs `bootproof up` on the changed workspace and attaches the Living Receipt to the PR. This is the highest-leverage integration because Claude Code users are the exact audience generating slop.
|
|
140
|
+
|
|
141
|
+
2. **A Cursor rule** — `.cursorrules` snippet that tells Cursor to run BootProof before declaring a task complete. Distribute as a copy-paste snippet in the README.
|
|
142
|
+
|
|
143
|
+
3. **A GitHub Action** — `bootproof/bootproof-action@v1` — that runs on every PR, boots the repo, and posts the Living Receipt as a comment. This is the merge-gate moat in its earliest form. Get it into the GitHub Actions marketplace. Be the top result for "boot" and "verify" and "run".
|
|
144
|
+
|
|
145
|
+
4. **A Devin integration** — reach out to the Devin team. Their agents produce code; BootProof proves it runs. Co-marketing opportunity.
|
|
146
|
+
|
|
147
|
+
**The pitch to agent builders:**
|
|
148
|
+
|
|
149
|
+
```
|
|
150
|
+
Your agent writes code and says "done." The human has to trust it.
|
|
151
|
+
BootProof makes the agent prove it — runs the repo, observes health,
|
|
152
|
+
signs a receipt. The human clicks the receipt, it verifies itself,
|
|
153
|
+
they see the actual boot. No more "the agent said it worked" — now
|
|
154
|
+
it's "the agent proved it boots."
|
|
155
|
+
```
|
|
156
|
+
|
|
157
|
+
**Success metric:** one agent integration shipped and used by at least 10 developers. The Claude Code skill is the most reachable — it's a single file.
|
|
158
|
+
|
|
159
|
+
---
|
|
160
|
+
|
|
161
|
+
## Phase 4 — The "Green CI, Dead App" gallery (Week 4+)
|
|
162
|
+
|
|
163
|
+
**Goal:** a public, indexed gallery of real slop PRs that pass CI but don't boot, each with its Living Receipt.
|
|
164
|
+
|
|
165
|
+
**This is the content engine.** Every entry is simultaneously:
|
|
166
|
+
- Proof (a real receipt)
|
|
167
|
+
- Propaganda (the contrast with GitHub's green check)
|
|
168
|
+
- Distribution (every receipt links home)
|
|
169
|
+
|
|
170
|
+
**How to build it:**
|
|
171
|
+
|
|
172
|
+
1. Find public PRs that pass CI but are reported as "doesn't work" in comments. Search GitHub for `"doesn't work"`, `"won't run"`, `"broken"` in PR comments on popular repos.
|
|
173
|
+
2. Run `bootproof up` on the PR's branch.
|
|
174
|
+
3. Generate a Living Receipt.
|
|
175
|
+
4. Post it to `gallery/` in the repo, with a one-line description: "PR #1234 on repo X — green CI, dead app, BootProof says NOT BOOTED with classified failure Y."
|
|
176
|
+
5. Each gallery entry has its own badge that links to its receipt.
|
|
177
|
+
|
|
178
|
+
**The viral loop:**
|
|
179
|
+
|
|
180
|
+
```
|
|
181
|
+
gallery entry → HN/Reddit/Twitter → click → Living Receipt →
|
|
182
|
+
"Get your own receipt" → npx bootproof up → new receipt →
|
|
183
|
+
new badge in a new README → new gallery entry → repeat
|
|
184
|
+
```
|
|
185
|
+
|
|
186
|
+
**Success metric:** 50 gallery entries, each one a real public slop PR with a real receipt. The gallery itself becomes a destination — "the slop museum."
|
|
187
|
+
|
|
188
|
+
---
|
|
189
|
+
|
|
190
|
+
## The loop that ties it all together
|
|
191
|
+
|
|
192
|
+
```
|
|
193
|
+
Phase 1: maintainer #1 (credibility)
|
|
194
|
+
↓
|
|
195
|
+
Phase 2: public launch (100 receipts in the wild)
|
|
196
|
+
↓
|
|
197
|
+
Phase 3: agent integrations (default-status in one ecosystem)
|
|
198
|
+
↓
|
|
199
|
+
Phase 4: gallery (compounding content engine)
|
|
200
|
+
↓
|
|
201
|
+
Each receipt → badge in a README → click → new user → new receipt → repeat
|
|
202
|
+
↓
|
|
203
|
+
Workflow lock-in (the merge gate) + boot-inference flywheel (each run makes the next inference better)
|
|
204
|
+
↓
|
|
205
|
+
The moat. Earned, not built.
|
|
206
|
+
```
|
|
207
|
+
|
|
208
|
+
---
|
|
209
|
+
|
|
210
|
+
## What NOT to do (the trap list)
|
|
211
|
+
|
|
212
|
+
1. **Do not build the hosted runner before Phase 4.** The `neutral_runner_signed` trust level is the cash-cow path, but it's premature. The free local-signed receipt is the distribution weapon. Build the hosted runner when you have 1,000 receipts and someone offers to pay for it.
|
|
213
|
+
|
|
214
|
+
2. **Do not build the failure-taxonomy dashboard before Phase 4.** The corpus becomes a moat only if each run feeds back into measurably better inference that users feel. Ship the inference improvement first; dashboard it later.
|
|
215
|
+
|
|
216
|
+
3. **Do not write a blog post about the architecture.** Write a blog post about curl shutting down its bug bounty. The architecture is not the story — the pain is.
|
|
217
|
+
|
|
218
|
+
4. **Do not rename anything.** "BootProof" is fine. "Living Receipt" is fine. The urge to rename is the cathedral instinct sneaking back in.
|
|
219
|
+
|
|
220
|
+
5. **Do not wait for the engine to be perfect before launching.** The engine in `scripts/bootproof_up.mjs` is MVP — it handles Node, Rust, Go, Python. That's enough for the first 1,000 receipts. Ship it. Add more stacks based on what users actually ask for.
|
|
221
|
+
|
|
222
|
+
6. **Do not skip the DM step.** The temptation is to go straight to HN and skip the maintainer-by-maintainer grind. That's the exact skip that has cost every prior launch. The DMs are where you learn whether the artifact lands. HN is where you scale what already works.
|
|
223
|
+
|
|
224
|
+
---
|
|
225
|
+
|
|
226
|
+
## The honest gate
|
|
227
|
+
|
|
228
|
+
None of this is real until **maintainer #1** runs it on a repo they care about and reacts. The Living Receipt in `assets/living-receipt.html` is the artifact. The DM template in Phase 1 is the message. The six stargazers are the warmest leads.
|
|
229
|
+
|
|
230
|
+
Open the receipt yourself first. Feel the "what the hell" moment. Then attach it to the first DM.
|
|
231
|
+
|
|
232
|
+
That's the move. Everything else in this playbook is downstream of it.
|
|
@@ -0,0 +1,105 @@
|
|
|
1
|
+
# Real-World Fixture Guide
|
|
2
|
+
|
|
3
|
+
BootProof uses small, synthetic fixtures to preserve lessons from real repository
|
|
4
|
+
testing without copying entire third-party repositories. A fixture captures only
|
|
5
|
+
the structural markers and minimal evidence needed to exercise an inference,
|
|
6
|
+
classification, safety decision, or verification path.
|
|
7
|
+
|
|
8
|
+
Predictions and examples are not proof. A fixture may show what BootProof should
|
|
9
|
+
infer or classify, but verified boot still requires observed health evidence from
|
|
10
|
+
the application or an explicitly external health endpoint.
|
|
11
|
+
|
|
12
|
+
## Why Fixtures Stay Small
|
|
13
|
+
|
|
14
|
+
Whole external repositories are unsuitable test fixtures because they:
|
|
15
|
+
|
|
16
|
+
- add large, unstable dependency trees;
|
|
17
|
+
- can contain copyrighted implementation details or vendor configuration;
|
|
18
|
+
- may expose secrets, usernames, local paths, or private operational data;
|
|
19
|
+
- change independently of BootProof and make tests nondeterministic; and
|
|
20
|
+
- can tempt tests to execute untrusted setup or orchestration commands.
|
|
21
|
+
|
|
22
|
+
BootProof fixtures instead use placeholder package names, empty marker files,
|
|
23
|
+
minimal manifests, and short synthetic evidence strings. They should reproduce
|
|
24
|
+
the shape of a failure, not the source repository.
|
|
25
|
+
|
|
26
|
+
## Coverage Map
|
|
27
|
+
|
|
28
|
+
The documentation seeds under
|
|
29
|
+
[`examples/registry-seeds/`](examples/registry-seeds/) summarize the current
|
|
30
|
+
real-world coverage:
|
|
31
|
+
|
|
32
|
+
| Seed | Representative repository class |
|
|
33
|
+
|---|---|
|
|
34
|
+
| `laravel-vite-sqlite` | Laravel backend with Vite assets and local SQLite setup |
|
|
35
|
+
| `rails-bundler` | Rails application with Ruby/Bundler runtime and native extension blockers |
|
|
36
|
+
| `php-composer` | Composer lockfile and vendor bootstrap failures |
|
|
37
|
+
| `go-ollama-service` | Go service with an evidenced command, port, and health contract |
|
|
38
|
+
| `airbyte-abctl-external-orchestrator` | Heavy external orchestration through abctl, kind, Helm, and Kubernetes |
|
|
39
|
+
| `sentry-devenv-direnv` | Large Python/Node hybrid with devenv and direnv setup |
|
|
40
|
+
| `monorepo-ambiguous-health` | Multiple plausible workspaces or health targets |
|
|
41
|
+
| `advertised-port-mismatch` | Process output advertises a different port from the inferred health candidate |
|
|
42
|
+
|
|
43
|
+
These JSON files use `bootproof/registry-seed-example/v1`. They are
|
|
44
|
+
documentation examples, not signed attestations, importable deterministic
|
|
45
|
+
playbooks, public corpus submissions, or production registry entries.
|
|
46
|
+
|
|
47
|
+
## Seed Fields
|
|
48
|
+
|
|
49
|
+
Each seed records:
|
|
50
|
+
|
|
51
|
+
- structural markers that may be represented by a minimal fixture;
|
|
52
|
+
- expected classifications or inference labels;
|
|
53
|
+
- a conservative safe next step;
|
|
54
|
+
- whether repair is approval-required or refused;
|
|
55
|
+
- whether the application is externally orchestrated;
|
|
56
|
+
- whether the described path can eventually support verified boot or only a
|
|
57
|
+
failed/diagnostic receipt; and
|
|
58
|
+
- the observed evidence still required before any verified claim.
|
|
59
|
+
|
|
60
|
+
`repairDisposition: automatic` is reserved for non-mutating behavior. It must
|
|
61
|
+
never be used to authorize silent command execution, host mutation, database
|
|
62
|
+
mutation, or repository patches. Commands and patches remain approval-gated.
|
|
63
|
+
|
|
64
|
+
## Adding A Fixture Safely
|
|
65
|
+
|
|
66
|
+
1. Identify the smallest structural markers required for the behavior.
|
|
67
|
+
2. Write synthetic manifests and evidence instead of copying vendor files.
|
|
68
|
+
3. Remove real repository names when they are not necessary to the detector.
|
|
69
|
+
4. Use placeholders for hosts, package names, paths, and versions.
|
|
70
|
+
5. Never include `.env` contents, tokens, credentials, private keys, user data,
|
|
71
|
+
private hostnames, or username-bearing local paths.
|
|
72
|
+
6. Add a focused test for the intended inference or classifier and at least one
|
|
73
|
+
nearby case that must not be overclassified.
|
|
74
|
+
7. Keep commands inert in fixtures. Tests must not install tools, start external
|
|
75
|
+
orchestrators, run migrations, or execute repository setup scripts.
|
|
76
|
+
8. Document whether the safe next step is approval-required or refused.
|
|
77
|
+
9. Require a real health observation before a test or example can represent a
|
|
78
|
+
verified boot.
|
|
79
|
+
|
|
80
|
+
Public documentation may name a real repository family when that context is
|
|
81
|
+
useful, but it must not reproduce vendor config blobs, source files, private
|
|
82
|
+
incident data, or proprietary runbooks. Evidence strings should be the minimum
|
|
83
|
+
short patterns needed to explain classifier behavior.
|
|
84
|
+
|
|
85
|
+
## Evidence And Honesty
|
|
86
|
+
|
|
87
|
+
Classifiers must remain evidence-based and conservative. A marker can justify an
|
|
88
|
+
inference, and an exact failure string can justify a failure class, but neither
|
|
89
|
+
proves that the application booted.
|
|
90
|
+
|
|
91
|
+
BootProof may record a failed or diagnostic receipt when setup is incomplete,
|
|
92
|
+
orchestrator ownership is external, a workspace is ambiguous, or a health
|
|
93
|
+
candidate is wrong. It may report verified boot only after observed health
|
|
94
|
+
evidence satisfies the health contract.
|
|
95
|
+
|
|
96
|
+
For external orchestration, BootProof must state that it verified an
|
|
97
|
+
already-running service and must not claim that it started the application.
|
|
98
|
+
|
|
99
|
+
## Registry Boundary
|
|
100
|
+
|
|
101
|
+
Seed examples are local documentation only. Reading or testing them performs no
|
|
102
|
+
network calls, telemetry, upload, registry submission, Cloud API request, or
|
|
103
|
+
automatic file mutation. To produce a real redacted registry entry, use the
|
|
104
|
+
explicit local export workflow described in [REGISTRY.md](REGISTRY.md).
|
|
105
|
+
|
package/docs/REGISTRY.md
CHANGED
|
@@ -1,49 +1,69 @@
|
|
|
1
|
-
#
|
|
1
|
+
# Registry Export Formats
|
|
2
2
|
|
|
3
|
-
BootProof does not operate a public
|
|
3
|
+
BootProof supports local, redacted registry artifacts. It does not operate a public index from
|
|
4
|
+
this repository, upload evidence automatically, or call a registry service.
|
|
4
5
|
|
|
5
|
-
|
|
6
|
+
Create a local entry explicitly:
|
|
6
7
|
|
|
7
|
-
```
|
|
8
|
-
|
|
8
|
+
```bash
|
|
9
|
+
bootproof registry export .
|
|
9
10
|
```
|
|
10
11
|
|
|
11
|
-
|
|
12
|
+
This writes `.bootproof/registry-entry.json` using
|
|
13
|
+
`bootproof/registry-entry/v1`. `bootproof attest export .` remains a compatibility alias.
|
|
12
14
|
|
|
13
|
-
|
|
14
|
-
bootproof attest export .
|
|
15
|
-
```
|
|
15
|
+
## Public/Federated Registry
|
|
16
16
|
|
|
17
|
-
|
|
17
|
+
Public repositories may explicitly create a public-candidate wrapper:
|
|
18
18
|
|
|
19
|
-
```
|
|
20
|
-
|
|
19
|
+
```bash
|
|
20
|
+
bootproof registry export . --federated
|
|
21
21
|
```
|
|
22
22
|
|
|
23
|
-
|
|
23
|
+
This writes a redacted, signed `bootproof/federated-receipt/v1` artifact under
|
|
24
|
+
`.bootproof/registry/`. A repository owner may review and deliberately commit that receipt to
|
|
25
|
+
the repository's own Git history.
|
|
26
|
+
|
|
27
|
+
A future BootProof indexer could crawl public receipts, verify signatures, and build an open
|
|
28
|
+
commons of verified boot, failure, and repair knowledge. The crawler and public index do not
|
|
29
|
+
exist in this repository and are not implemented by this command.
|
|
24
30
|
|
|
25
|
-
|
|
31
|
+
`bootproof attest check` distinguishes this machine's signer, explicitly pinned known signers,
|
|
32
|
+
and unknown foreign signers. Signature integrity alone does not establish authorship.
|
|
26
33
|
|
|
27
|
-
|
|
34
|
+
## Private Cloud Registry
|
|
28
35
|
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
- failure corpus: classified failures improve detectors without converting failures into success claims
|
|
36
|
+
Organisations may later explicitly upload redacted attestations and repair receipts to
|
|
37
|
+
BootProof Cloud. Private repository data would remain governed, tenant-isolated, and paid.
|
|
32
38
|
|
|
33
|
-
|
|
39
|
+
This repository only supports producing a `cloud_upload_candidate` local export. BootProof
|
|
40
|
+
Cloud, upload transport, billing, governance, and hosted registry storage are intentionally
|
|
41
|
+
not implemented here.
|
|
34
42
|
|
|
35
43
|
## Consent And Privacy
|
|
36
44
|
|
|
37
|
-
1.
|
|
38
|
-
2.
|
|
39
|
-
3.
|
|
40
|
-
4.
|
|
41
|
-
|
|
45
|
+
1. Every registry entry has `optInRequired: true`; federated wrappers contain that entry.
|
|
46
|
+
2. Export builders perform no network calls and do not upload telemetry or evidence.
|
|
47
|
+
3. Files are written only after an explicit export command.
|
|
48
|
+
4. Raw environment values, tokens, private keys, protected `.env` contents, and local username
|
|
49
|
+
paths are excluded or redacted.
|
|
50
|
+
5. Repository owner and name identifiers are hashed; a public repository URL is included only
|
|
51
|
+
when it is a credential-free URL on a supported public Git host.
|
|
52
|
+
6. Full local attestations may contain raw evidence and should not be treated as public exports.
|
|
53
|
+
|
|
54
|
+
The strict schemas are:
|
|
42
55
|
|
|
43
|
-
|
|
56
|
+
- [`schemas/registry-entry-v1.schema.json`](schemas/registry-entry-v1.schema.json)
|
|
57
|
+
- [`schemas/federated-receipt-v1.schema.json`](schemas/federated-receipt-v1.schema.json)
|
|
44
58
|
|
|
45
|
-
##
|
|
59
|
+
## Documentation Seeds
|
|
46
60
|
|
|
47
|
-
|
|
61
|
+
Small synthetic examples of the real-world classifier and inference coverage live
|
|
62
|
+
under [`examples/registry-seeds/`](examples/registry-seeds/). They use the
|
|
63
|
+
documentation-only
|
|
64
|
+
[`registry-seed-example-v1` schema](schemas/registry-seed-example-v1.schema.json)
|
|
65
|
+
and are explained in [REAL_WORLD_FIXTURES.md](REAL_WORLD_FIXTURES.md).
|
|
48
66
|
|
|
49
|
-
|
|
67
|
+
These examples are not attestations, proof, upload requests, or production
|
|
68
|
+
registry entries. They contain no network behavior and are never submitted
|
|
69
|
+
automatically.
|