gsdd-cli 0.16.1 → 0.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (47) hide show
  1. package/README.md +109 -60
  2. package/agents/README.md +1 -1
  3. package/bin/adapters/claude.mjs +8 -1
  4. package/bin/adapters/codex.mjs +5 -1
  5. package/bin/adapters/opencode.mjs +7 -1
  6. package/bin/gsdd.mjs +6 -4
  7. package/bin/lib/evidence-contract.mjs +112 -0
  8. package/bin/lib/health-truth.mjs +29 -31
  9. package/bin/lib/health.mjs +32 -80
  10. package/bin/lib/init-runtime.mjs +44 -24
  11. package/bin/lib/init.mjs +3 -7
  12. package/bin/lib/lifecycle-preflight.mjs +333 -0
  13. package/bin/lib/lifecycle-state.mjs +293 -0
  14. package/bin/lib/phase.mjs +81 -26
  15. package/bin/lib/provenance.mjs +20 -1
  16. package/bin/lib/rendering.mjs +8 -0
  17. package/bin/lib/runtime-freshness.mjs +239 -0
  18. package/bin/lib/session-fingerprint.mjs +106 -0
  19. package/distilled/DESIGN.md +398 -12
  20. package/distilled/EVIDENCE-INDEX.md +105 -0
  21. package/distilled/README.md +44 -28
  22. package/distilled/SKILL.md +4 -4
  23. package/distilled/templates/agents.block.md +1 -1
  24. package/distilled/workflows/audit-milestone.md +50 -0
  25. package/distilled/workflows/complete-milestone.md +38 -2
  26. package/distilled/workflows/execute.md +13 -0
  27. package/distilled/workflows/map-codebase.md +14 -3
  28. package/distilled/workflows/new-milestone.md +13 -0
  29. package/distilled/workflows/new-project.md +3 -1
  30. package/distilled/workflows/plan.md +3 -1
  31. package/distilled/workflows/progress.md +68 -13
  32. package/distilled/workflows/quick.md +15 -8
  33. package/distilled/workflows/resume.md +14 -1
  34. package/distilled/workflows/verify.md +52 -17
  35. package/docs/BROWNFIELD-PROOF.md +95 -0
  36. package/docs/RUNTIME-SUPPORT.md +77 -0
  37. package/docs/USER-GUIDE.md +439 -0
  38. package/docs/VERIFICATION-DISCIPLINE.md +59 -0
  39. package/docs/claude/context-monitor.md +98 -0
  40. package/docs/proof/consumer-node-cli/README.md +37 -0
  41. package/docs/proof/consumer-node-cli/ROADMAP.md +14 -0
  42. package/docs/proof/consumer-node-cli/SPEC.md +17 -0
  43. package/docs/proof/consumer-node-cli/brief.md +9 -0
  44. package/docs/proof/consumer-node-cli/phases/01-foundation/01-01-PLAN.md +34 -0
  45. package/docs/proof/consumer-node-cli/phases/01-foundation/01-01-SUMMARY.md +10 -0
  46. package/docs/proof/consumer-node-cli/phases/01-foundation/01-VERIFICATION.md +30 -0
  47. package/package.json +34 -27
@@ -8,7 +8,7 @@ They reuse the same planner, executor, and verifier roles but skip research and
8
8
  <anti_patterns>
9
9
  - Do not execute before the user sees the plan preview (Step 3.7 must complete before Step 4)
10
10
  - Do not proceed past file verification gates if the expected file does not exist on disk — a plan that exists only in conversation context will be lost on compaction
11
- - Do not ask more than 2 approach clarification questions — if 3+ grey areas exist, recommend /gsdd-plan instead
11
+ - Do not ask more than 2 approach clarification questions — if the bounded change is still undefined, recommend `/gsdd-new-project`; if the change is defined but 3+ grey areas remain, recommend `/gsdd-plan` instead
12
12
  - Do not create APPROACH.md for quick tasks — use inline $APPROACH_CONTEXT only
13
13
  - Do not update ROADMAP.md or SPEC.md from quick tasks — these are phase-level artifacts
14
14
  - Do not skip config.json reads — workflow toggles (discuss, planCheck, verifier) control flow
@@ -37,9 +37,10 @@ Store the response as `$DESCRIPTION`. If empty, re-prompt.
37
37
  2. Scan `.planning/quick/` for existing task directories. Calculate `$NEXT_NUM` as the next 3-digit number (001, 002, ...).
38
38
  3. Generate `$SLUG` from `$DESCRIPTION` (lowercase, hyphens, max 40 chars).
39
39
  4. Create `.planning/quick/$NEXT_NUM-$SLUG/`.
40
- 5. If `.planning/codebase/` exists, read `.planning/codebase/ARCHITECTURE.md` and `.planning/codebase/STACK.md`. Summarize key findings in <=500 words as `$CODEBASE_CONTEXT`. If `.planning/codebase/` does not exist, set `$CODEBASE_CONTEXT` to empty.
41
- 6. **Session-boundary fallback:** If `.planning/.continue-here.bak` exists, read its `<judgment>` section. Use `<active_constraints>` and `<anti_regression>` rules as task-scoping context (do not violate active constraints; do not regress on listed invariants). After reading, run `gsdd file-op delete .planning/.continue-here.bak --missing ok` (auto-clean).
42
- 7. Inspect the live branch/worktree surface separately from checkpoint or planning artifacts. If the current branch appears stale/spent, PR-less with overlapping write scope, or otherwise like the wrong execution surface, warn before proceeding. This is advisory for quick tasks unless the mismatch makes the task description materially misleading.
40
+ 5. If `.planning/codebase/` exists, read whichever of `.planning/codebase/ARCHITECTURE.md`, `.planning/codebase/STACK.md`, `.planning/codebase/CONVENTIONS.md`, and `.planning/codebase/CONCERNS.md` are present. Summarize key findings from available docs in <=500 words as `$CODEBASE_CONTEXT`, emphasizing: safest surfaces to touch, risky zones to avoid, must-know conventions/traps, and what must be re-verified after change. Note any missing docs in the summary.
41
+ 6. If `.planning/codebase/` does not exist, build a just-enough inline brownfield baseline instead of stopping. Read the repo root guidance that is cheap and stable (`README.md`, root manifest such as `package.json` / `pyproject.toml` / `Cargo.toml` when present, top-level app entrypoints, and any obviously relevant config or module files surfaced by `$DESCRIPTION`). Summarize the findings in <=500 words as `$CODEBASE_CONTEXT`, explicitly labeling it as a provisional baseline and calling out unknowns. Emphasize: likely implementation surface, likely dependency boundaries, conventions already visible, risky areas to avoid touching blindly, and what must be re-verified after the change. If the repo is still too unclear after this pass, keep that uncertainty explicit so Step 3.6 can recommend `/gsdd-map-codebase`.
42
+ 7. **Session-boundary fallback:** If `.planning/.continue-here.bak` exists, read its `<judgment>` section. Use `<active_constraints>` and `<anti_regression>` rules as task-scoping context (do not violate active constraints; do not regress on listed invariants). After reading, run `gsdd file-op delete .planning/.continue-here.bak --missing ok` (auto-clean).
43
+ 8. Inspect the live branch/worktree surface separately from checkpoint or planning artifacts. If the current branch appears stale/spent, PR-less with overlapping write scope, or otherwise like the wrong execution surface, warn before proceeding. This is advisory for quick tasks unless the mismatch makes the task description materially misleading.
43
44
 
44
45
  If `.planning/quick/` does not exist, create it along with an empty `LOG.md`:
45
46
 
@@ -79,7 +80,7 @@ For each grey area, present 2-3 concrete options with a recommended default:
79
80
 
80
81
  - If user says "go ahead" / "your call" / presses Enter → use the recommendation.
81
82
  - If user specifies a preference → record it.
82
- - Maximum 2 questions. If the task has 3+ grey areas, it's not a quick task.
83
+ - Maximum 2 questions. If the bounded change is still undefined after clarification, recommend `/gsdd-new-project`. If the change is defined but the task still has 3+ grey areas, it's not a quick task — recommend `/gsdd-plan`.
83
84
 
84
85
  ### Output
85
86
 
@@ -101,7 +102,7 @@ Delegate to the planner role in quick mode.
101
102
  **Context to provide:**
102
103
  - Task description: `$DESCRIPTION`
103
104
  - Approach context: `$APPROACH_CONTEXT` (user-confirmed decisions from Step 2.5 — treat as locked constraints, do not revisit)
104
- - Codebase context: `$CODEBASE_CONTEXT` (existing architecture and stack — use for orientation, not as constraints; empty if no codebase map exists)
105
+ - Codebase context: `$CODEBASE_CONTEXT` (existing brownfield codebase summary from codebase maps when they exist, otherwise the inline brownfield baseline from Step 2 — use for orientation and risk awareness, not as hard constraints)
105
106
  - Mode: quick (single plan, 1-3 tasks, no research phase)
106
107
  - Output path: `.planning/quick/$NEXT_NUM-$SLUG/$NEXT_NUM-PLAN.md`
107
108
 
@@ -178,8 +179,10 @@ Evaluate the plan against quick-scope boundaries. Read the plan file and check:
178
179
  | Files modified | >8 distinct files in plan | "This task touches {N} files — consider `/gsdd-plan` for full ceremony." |
179
180
  | Architecture keywords in `$DESCRIPTION` | contains: `refactor`, `migration`, `security`, `auth`, `API design`, `schema`, `database` | "This looks like architectural work — consider `/gsdd-plan` for approach exploration." |
180
181
  | New public APIs | Plan tasks create new route files, API endpoints, or exported interfaces | "New public surface area detected — consider `/gsdd-plan` for approach exploration." |
182
+ | Orientation gap | No `.planning/codebase/` exists AND the inline brownfield baseline still cannot name a clear implementation surface, dependency boundary, or safe-to-touch module | "This repo still needs deeper orientation — consider `/gsdd-map-codebase` before changing code." |
183
+ | Undefined bounded change | `$DESCRIPTION` still does not identify a concrete bug, feature, target surface, or observable outcome after clarification | "This does not yet describe a bounded change — use `/gsdd-new-project` to define the work first." |
181
184
 
182
- If any signal fires, set `$SCOPE_WARNING` to the first matching advisory text. Multiple signals concatenate.
185
+ If any signals fire, concatenate the matching advisory text in the listed order as `$SCOPE_WARNING`. If the undefined bounded change signal fires, keep that advisory first so the routing recommendation stays explicit.
183
186
  If no signals fire, `$SCOPE_WARNING` is empty.
184
187
 
185
188
  This is advisory only — it does NOT block execution.
@@ -216,11 +219,15 @@ Plan check issues: {$CHECKER_ISSUES}
216
219
 
217
220
  Present options (default-yes — pressing Enter proceeds):
218
221
  - If `$SCOPE_WARNING` is empty: `[Enter to proceed / edit description / abort]`
219
- - If `$SCOPE_WARNING` is non-empty: `[Enter to proceed / switch to /gsdd-plan / edit description / abort]`
222
+ - If `$SCOPE_WARNING` contains `/gsdd-new-project`: `[Enter to proceed / switch to /gsdd-new-project / edit description / abort]`
223
+ - Otherwise if `$SCOPE_WARNING` contains `/gsdd-map-codebase`: `[Enter to proceed / switch to /gsdd-map-codebase / edit description / abort]`
224
+ - Otherwise if `$SCOPE_WARNING` is non-empty: `[Enter to proceed / switch to /gsdd-plan / edit description / abort]`
220
225
 
221
226
  Handle response:
222
227
  - **Enter (or "yes"):** proceed to Step 4.
223
228
  - **"edit description":** clean up the task directory, then return to Step 1 with `$DESCRIPTION` pre-filled as the starting point.
229
+ - **"switch to /gsdd-new-project":** clean up the task directory, then stop quick workflow and report: "Use `/gsdd-new-project` to define the bounded work first. Task description: {$DESCRIPTION}"
230
+ - **"switch to /gsdd-map-codebase":** clean up the task directory, then stop quick workflow and report: "Use `/gsdd-map-codebase` for a deeper brownfield baseline before quick work. Task description: {$DESCRIPTION}"
224
231
  - **"switch to /gsdd-plan":** clean up the task directory, then stop quick workflow and report: "Use `/gsdd-plan` for full ceremony with approach exploration. Task description: {$DESCRIPTION}"
225
232
  - **"abort":** clean up the task directory, report cancellation, stop.
226
233
 
@@ -16,6 +16,19 @@ Infer runtime from the launching surface when obvious: `.claude/` -> `claude-cod
16
16
  When a checkpoint's `runtime` differs from the inferred current runtime, surface it as an informational note in `<present_status>` — it is context, not a gate.
17
17
  </runtime_contract>
18
18
 
19
+ <lifecycle_preflight>
20
+ Before loading checkpoint state or cleaning up any checkpoint file, run:
21
+
22
+ - `gsdd lifecycle-preflight resume`
23
+
24
+ If the preflight result is `blocked`, STOP and report the blocker instead of inferring resume eligibility from workflow-local prose.
25
+
26
+ Treat the preflight as an authorization seam over shared repo truth only:
27
+ - it may authorize or reject resume
28
+ - it does not mutate phase or milestone state
29
+ - the owned write for this workflow remains checkpoint cleanup when the user actually resumes from `.continue-here.md`
30
+ </lifecycle_preflight>
31
+
19
32
  <process>
20
33
 
21
34
  <detect_state>
@@ -187,7 +200,7 @@ Evaluate in priority order and present the primary recommendation:
187
200
  Route based on the `workflow` frontmatter:
188
201
  - `phase` — route to `/gsdd-execute` (or `/gsdd-plan`/`/gsdd-verify` based on checkpoint context)
189
202
  - `quick` — route to `/gsdd-quick` to complete the task
190
- - `generic` — present the next_action and let the user decide
203
+ - `generic` — present the checkpoint `next_action` and let the user decide. This workflow still owns checkpoint cleanup only if the user explicitly resumes from that checkpoint, but downstream read-only `progress` routing must treat the surviving generic checkpoint as informational context rather than an automatic blocker.
191
204
 
192
205
  If `<validate_checkpoint>` marked the checkpoint as stale, keep the same routing logic. The user may still choose to resume from the checkpoint after reviewing the warning. If the user chooses a different path, leave the checkpoint in place and continue without it.
193
206
 
@@ -20,6 +20,19 @@ Establish your verification basis (must-have sources, requirement scope, previou
20
20
  If a previous `.planning/phases/{phase_dir}/{phase_num}-VERIFICATION.md` exists, read it first and treat this as re-verification.
21
21
  </load_context>
22
22
 
23
+ <lifecycle_preflight>
24
+ Before code inspection or report writing, run:
25
+
26
+ - `gsdd lifecycle-preflight verify {phase_num} --expects-mutation phase-status`
27
+
28
+ If the preflight result is `blocked`, STOP and report the blocker instead of inferring lifecycle eligibility from prompt-local prose.
29
+
30
+ Treat the preflight as an authorization seam over shared repo truth only:
31
+ - it may authorize or reject verification
32
+ - it does not mutate `.planning/ROADMAP.md` by itself
33
+ - owned writes remain the verification artifact plus any explicit `gsdd phase-status` transition that occurs later on `passed`
34
+ </lifecycle_preflight>
35
+
23
36
  <runtime_contract>
24
37
  Verification uses the same `Runtime` and `Assurance` types as planning and execution.
25
38
  Infer runtime from the launching surface when obvious: `.claude/` -> `claude-code`, `.codex/` or Codex portable skill -> `codex-cli`, `.opencode/` -> `opencode`, otherwise `other`.
@@ -75,28 +88,41 @@ Also check for orphan requirements:
75
88
  Risk classification:
76
89
  For each truth, assess: does it involve a behavioral change, UX change, or user-visible outcome without a clear, relevant acceptance criterion?
77
90
 
78
- - If yes → mark it `risk: high`. This truth will require `runtime-check` or `user-confirmation` proof in the proof contract step below. Code-evidence alone is insufficient.
79
- - If no → `risk: normal`. Code-evidence or repo-test is sufficient.
91
+ - If yes → mark it `risk: high`. This truth will require runtime-grade evidence in the evidence contract step below. `code` alone is insufficient.
92
+ - If no → `risk: normal`. `code` is the floor, and `test` is preferred when the repo has a direct automated check.
80
93
 
81
94
  This is the verifier's own internal judgment — not a field imported from the plan. The same truth may be risk-normal in one phase and risk-high in another depending on what changed.
82
95
  </must_haves>
83
96
 
84
- <proof_contract>
85
- Before beginning artifact inspection, classify each must-have truth by its required proof type. This step separates "did the artifact pass levels 1–3?" from "did the outcome have the right kind of proof?"
86
- Proof types (from SPEC.md `VerificationEvidence`):
87
- - `repo-test` — a passing automated test in the repo directly exercises this outcome
88
- - `code-evidence` — source inspection confirms the implementation is present and wired
89
- - `runtime-check` — a live execution confirms the behavior (script, curl, manual run)
90
- - `user-confirmation` — a human observer confirmed the user-visible outcome
97
+ <evidence_contract>
98
+ Before beginning artifact inspection, classify the phase closure posture and apply the fixed evidence kinds. This step separates "did the artifact pass levels 1–3?" from "did the outcome have the right kind of evidence?"
99
+
100
+ Stable evidence kinds:
101
+ - `code` — source inspection confirms the implementation is present and wired
102
+ - `test` — a passing automated check in the repo directly exercises the outcome
103
+ - `runtime` — a live execution confirms the behavior (script, curl, manual run)
104
+ - `delivery` — shipped or distributable proof exists (merged PR, packaged artifact, published doc/proof pack, release evidence)
105
+ - `human` — a human observer confirmed a visual or judgment-based outcome
106
+
107
+ Delivery posture:
108
+ - `repo_only` — the phase outcome stays inside repo truth; no shipped runtime or external delivery claim is needed
109
+ - `delivery_sensitive` — the phase claims a live behavior, shipped UX, install/release posture, or other externally consumed runtime outcome
110
+
111
+ Apply the shared `verify` matrix:
91
112
 
92
- Assign required proof type per truth using the risk classification from `<must_haves>`:
93
- - `risk: high` truths (behavioral/UX changes, user-visible outcomes without acceptance criteria) → require `runtime-check` or `user-confirmation`. Code-evidence alone is **not sufficient**.
94
- - `risk: normal` truths (structural or content changes) → `code-evidence` is sufficient. `repo-test` is always valid regardless of risk level.
113
+ | delivery_posture | required evidence | recommended evidence | cannot carry closure alone |
114
+ | -------------------- | ----------------- | -------------------------- | -------------------------- |
115
+ | `repo_only` | `code` | `test` | `human`, `delivery` |
116
+ | `delivery_sensitive` | `code`, `runtime` | `test`, `delivery`, `human` | `code`, `human` |
95
117
 
96
- If the required proof type cannot be collected programmatically (e.g., runtime environment unavailable) → route that truth to `human_verification` in the report, not to `gaps`.
118
+ Rules:
119
+ - repo-only work must not invent `runtime` or `delivery` proof just to satisfy a template
120
+ - delivery-sensitive closure must not pass on prose, `code`-only inspection, or `human` confirmation without the required `runtime` evidence
121
+ - `human` evidence supports ambiguous or visual outcomes; it does not replace required `code` or `runtime` evidence
122
+ - if a required evidence kind cannot be collected, record it in `missing_evidence`; route purely human-observable follow-up to `human_verification` only when the blocking runtime/delivery requirement is already satisfied
97
123
 
98
- Note: this step does NOT replace levels 1–3. An artifact can satisfy the proof-type requirement and still fail Level 2 (substantive) or Level 3 (wired). Both checks must run.
99
- </proof_contract>
124
+ Note: this step does NOT replace levels 1–3. An artifact can satisfy the evidence-kind requirement and still fail Level 2 (substantive) or Level 3 (wired). Both checks must run.
125
+ </evidence_contract>
100
126
 
101
127
  <verification_levels>
102
128
  Check every artifact at three levels. A common failure mode is a file that exists but is still a stub.
@@ -215,6 +241,12 @@ assurance: cross_runtime_checked
215
241
  verified: 2026-03-11T12:00:00Z
216
242
  status: gaps_found
217
243
  score: 2/3 must-haves verified
244
+ delivery_posture: delivery_sensitive
245
+ evidence_contract:
246
+ required_kinds: [code, runtime]
247
+ recommended_kinds: [test, delivery, human]
248
+ observed_kinds: [code]
249
+ missing_kinds: [runtime]
218
250
  re_verification:
219
251
  previous_status: gaps_found
220
252
  previous_score: 1/3
@@ -226,7 +258,9 @@ re_verification:
226
258
  gaps:
227
259
  - truth: "Users can create a user from the page"
228
260
  status: failed
229
- proof_type: runtime-check # required proof type for this truth
261
+ required_evidence: [code, runtime]
262
+ observed_evidence: [code]
263
+ missing_evidence: [runtime]
230
264
  severity: blocker # blocker = required proof absent; warning = artifact missing but proof exists via other means
231
265
  reason: "Form submits, but route returns placeholder data"
232
266
  artifacts:
@@ -304,10 +338,11 @@ Status rules:
304
338
 
305
339
  Frontmatter guidance:
306
340
  - `phase`, `runtime`, `assurance`, `verified`, `status`, and `score` are the minimal report fields
341
+ - `delivery_posture` plus `evidence_contract.required_kinds|recommended_kinds|observed_kinds|missing_kinds` must reflect the shared verify matrix actually used for this phase
307
342
  - when gaps or human checks exist, keep them machine-readable in frontmatter — do not collapse them into prose-only body text
308
343
  - keep `re_verification`, `gaps`, and `human_verification` structured when they materially help re-verification, gap closure, or explicit human handoff
309
344
  - keep `<git_delivery_check>` in frontmatter with the observed `branch`, `commits_ahead_of_main`, and `pr_state` values from the delivery checks above
310
- - use `severity: warning` in gaps when an artifact is missing but proof exists through other means; use `severity: blocker` only when the required proof type (`runtime-check`, `repo-test`, or `user-confirmation` where mandated) could not be satisfied by any available evidence
345
+ - use `severity: warning` in gaps when an artifact is missing but required evidence still exists through other means; use `severity: blocker` only when one or more required evidence kinds in `missing_evidence` could not be satisfied
311
346
  - if verification runs in the same runtime/vendor as execution, cap frontmatter `assurance` at `self_checked`
312
347
  - if verification runs in a different runtime/vendor than execution, set frontmatter `assurance: cross_runtime_checked`
313
348
  </report_format>
@@ -0,0 +1,95 @@
1
+ # Brownfield Proof
2
+
3
+ This is the strongest tracked public proof for Workspine's release-floor claim: a real brownfield-style consumer repo that used the shipped workflow contract, hit a real failure, and recovered through the same `plan -> execute -> verify` loop.
4
+
5
+ ## What this proves
6
+
7
+ In a fresh consumer repo, Workspine produced:
8
+
9
+ - durable planning artifacts
10
+ - runnable workflow entry surfaces
11
+ - a concrete phase plan
12
+ - a real execution summary
13
+ - a failed verification
14
+ - a real fix
15
+ - a successful re-verification
16
+
17
+ That proves the repo-native delivery contract is not just conceptual.
18
+
19
+ ## Public proof pack
20
+
21
+ Open the tracked proof pack:
22
+
23
+ - [Consumer proof pack index](proof/consumer-node-cli/README.md)
24
+
25
+ Key exported artifacts:
26
+
27
+ - [brief.md](proof/consumer-node-cli/brief.md)
28
+ - [SPEC.md](proof/consumer-node-cli/SPEC.md)
29
+ - [ROADMAP.md](proof/consumer-node-cli/ROADMAP.md)
30
+ - [01-01-PLAN.md](proof/consumer-node-cli/phases/01-foundation/01-01-PLAN.md)
31
+ - [01-01-SUMMARY.md](proof/consumer-node-cli/phases/01-foundation/01-01-SUMMARY.md)
32
+ - [01-VERIFICATION.md](proof/consumer-node-cli/phases/01-foundation/01-VERIFICATION.md)
33
+
34
+ ## The worked flow
35
+
36
+ ### 1. Initialize a fresh consumer repo
37
+
38
+ The exported proof pack comes from a new non-framework project that used the shipped `gsdd init` flow.
39
+
40
+ The generated surface included:
41
+
42
+ - portable `.agents/skills/gsdd-*`
43
+ - consumer `.planning/` state
44
+ - a Codex-native checker adapter
45
+ - a compact consumer `AGENTS.md`
46
+
47
+ ### 2. Plan real work
48
+
49
+ The consumer brief required a named greeting:
50
+
51
+ - `node index.js --name Ada` should print `Hello, Ada!`
52
+
53
+ That requirement is preserved in the exported [brief](proof/consumer-node-cli/brief.md), [spec](proof/consumer-node-cli/SPEC.md), and [phase plan](proof/consumer-node-cli/phases/01-foundation/01-01-PLAN.md).
54
+
55
+ ### 3. Execute and hit a real miss
56
+
57
+ The first implementation missed the named-greeting requirement:
58
+
59
+ - `node index.js --name Ada` returned `Hello, world!`
60
+
61
+ That miss is preserved in the exported [verification report](proof/consumer-node-cli/phases/01-foundation/01-VERIFICATION.md).
62
+
63
+ ### 4. Verify, fix, and re-verify
64
+
65
+ The consumer repo then followed the same framework contract to:
66
+
67
+ - identify the failed requirement
68
+ - update the implementation and test path
69
+ - re-run verification
70
+ - close with a passing result
71
+
72
+ The final passing behavior is:
73
+
74
+ - `node index.js --name Ada` returns `Hello, Ada!`
75
+
76
+ ## Why this matters
77
+
78
+ This proof is stronger than a polished README claim because it shows the exact behavior Workspine is trying to preserve:
79
+
80
+ - plan from durable artifacts
81
+ - execute against real repo state
82
+ - let verification catch a real miss
83
+ - recover without losing the thread
84
+
85
+ That is the release-floor claim in practice.
86
+
87
+ ## What this does not prove
88
+
89
+ This proof does not claim:
90
+
91
+ - equal runtime ergonomics across every supported runtime
92
+ - parity validation on Cursor, Copilot, or Gemini CLI
93
+ - enterprise-hardening or orchestration-platform behavior
94
+
95
+ Those are outside the current proof floor.
@@ -0,0 +1,77 @@
1
+ # Runtime Support Matrix
2
+
3
+ Workspine is designed as a portable multi-runtime delivery framework, but the proof bar is not the same for every runtime today.
4
+
5
+ This matrix is the release-floor truth surface.
6
+
7
+ ## Support tiers
8
+
9
+ ### Directly validated
10
+
11
+ The workflow contract has direct repo proof for these runtimes:
12
+
13
+ - **Claude Code**
14
+ - **Codex CLI**
15
+ - **OpenCode**
16
+
17
+ These are the strongest public runtime claims.
18
+
19
+ ### Same core workflow
20
+
21
+ These runtimes use the same portable workflow surfaces, but this release does not claim equal runtime proof or equal ergonomics:
22
+
23
+ - **Cursor**
24
+ - **GitHub Copilot**
25
+ - **Gemini CLI**
26
+
27
+ ### Fallback / manual use
28
+
29
+ Any tool that can read the generated markdown workflows can still use the framework manually, but that is outside the current native-proof story.
30
+
31
+ ## Current runtime surfaces
32
+
33
+ | Runtime | Current claim | Entry surface | Notes |
34
+ | --- | --- | --- | --- |
35
+ | Claude Code | Directly validated | `.claude/skills/`, `.claude/commands/`, `.claude/agents/` | Native surface was a mandatory Phase 32 validation target; installed generated files are freshness-checked locally |
36
+ | OpenCode | Directly validated | `.opencode/commands/`, `.opencode/agents/` | Native command and checker path; installed generated files are freshness-checked locally |
37
+ | Codex CLI | Directly validated | `.agents/skills/gsdd-*` plus `.codex/agents/gsdd-plan-checker.toml` | Portable skill entry, native checker adapter, mandatory Phase 32 validation target |
38
+ | Cursor | Same core workflow | `.agents/skills/gsdd-*` | Skills-native path; generated skill files are freshness-checked locally, but the runtime is not claimed as parity-validated |
39
+ | GitHub Copilot | Same core workflow | `.agents/skills/gsdd-*` | Skills-native path; generated skill files are freshness-checked locally, but the runtime is not claimed as parity-validated |
40
+ | Gemini CLI | Same core workflow | `.agents/skills/gsdd-*` | Skills-native path; governance is optional, generated skill files are freshness-checked locally, and parity is not claimed |
41
+
42
+ ## Generated-surface freshness
43
+
44
+ The authored source contract stays in `distilled/workflows/*`. Generated runtime-facing files are trusted only through deterministic rendering:
45
+
46
+ - `gsdd health` compares any installed generated surfaces under `.agents/skills/`, `.claude/`, `.opencode/`, and `.codex/` against current render output.
47
+ - `gsdd update` regenerates drifted generated surfaces from the authored workflow and delegate sources.
48
+ - Missing generated surfaces are not treated as drift unless the corresponding runtime surface is actually installed locally.
49
+
50
+ ## What stays portable
51
+
52
+ The portable invariant for this release is the workflow contract:
53
+
54
+ - planning
55
+ - checking and revision loops
56
+ - execution discipline
57
+ - verification
58
+ - handoff and durable repo artifacts
59
+
60
+ ## What does not stay equal yet
61
+
62
+ This release does **not** claim that every runtime has:
63
+
64
+ - the same native adapter richness
65
+ - the same invocation ergonomics
66
+ - the same validation depth
67
+ - the same checker/orchestration mechanics
68
+
69
+ Portable contract does not mean equal UX everywhere.
70
+
71
+ ## Proof references
72
+
73
+ - `README.md`
74
+ - `docs/BROWNFIELD-PROOF.md`
75
+ - `docs/proof/consumer-node-cli/README.md`
76
+ - `docs/VERIFICATION-DISCIPLINE.md`
77
+ - `gsdd health` / `gsdd update`