gsdd-cli 0.18.0 → 0.18.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -14,19 +14,20 @@ If SPEC.md is missing, the project has not been initialized — run `/gsdd-new-p
14
14
  If MILESTONES.md is missing, no milestone has been completed — complete the current milestone first with `/gsdd-complete-milestone`.
15
15
  </prerequisites>
16
16
 
17
- <load_context>
18
- Before starting, read these files:
19
-
20
- 1. `.planning/SPEC.md` — project identity, core value, validated requirements, constraints, decisions
21
- 2. `.planning/MILESTONES.md` — what shipped previously, last milestone version and date
22
- 3. `.planning/ROADMAP.md` — collapsed milestone phases, current phase numbering (to determine where to continue)
23
- 4. `.planning/config.json` — `workflow.research`, `researchDepth`, `gitProtocol`
24
- </load_context>
17
+ <load_context>
18
+ Before starting, read these files:
19
+
20
+ 1. `.planning/SPEC.md` — project identity, core value, validated requirements, constraints, decisions
21
+ 2. `.planning/MILESTONES.md` — what shipped previously, last milestone version and date
22
+ 3. `.planning/ROADMAP.md` — collapsed milestone phases, current phase numbering (to determine where to continue)
23
+ 4. `.planning/config.json` — `workflow.research`, `researchDepth`, `gitProtocol`
24
+ 5. `.planning/brownfield-change/CHANGE.md`, `.planning/brownfield-change/HANDOFF.md`, and `.planning/brownfield-change/VERIFICATION.md` when an active bounded change is being widened into the next milestone
25
+ </load_context>
25
26
 
26
27
  <lifecycle_preflight>
27
28
  Before presenting the last milestone or gathering new milestone goals, run:
28
29
 
29
- - `gsdd lifecycle-preflight new-milestone`
30
+ - `node .planning/bin/gsdd.mjs lifecycle-preflight new-milestone`
30
31
 
31
32
  If the preflight result is `blocked`, STOP and report the blocker instead of inferring milestone-start eligibility from workflow-local prose.
32
33
 
@@ -36,15 +37,26 @@ Treat the preflight as an authorization seam over shared repo truth only:
36
37
  - owned writes remain the new milestone requirements, roadmap entries, and phase-directory scaffolding
37
38
  </lifecycle_preflight>
38
39
 
39
- <integration_surface_check>
40
+ <integration_surface_check>
40
41
  Before mutating milestone truth, inspect the current branch/worktree as a separate provenance surface:
41
42
  - current branch
42
43
  - divergence from `main`
43
44
  - staged / unstaged / untracked local truth
44
45
  - whether the branch appears stale/spent or mixed-scope
45
46
 
46
- If milestone truth on disk is local-only or AI-generated draft truth, or if the checked-out branch is clearly not the intended integration surface, say so explicitly before continuing. Do not flatten local draft planning truth into committed repo truth.
47
- </integration_surface_check>
47
+ If milestone truth on disk is local-only or AI-generated draft truth, or if the checked-out branch is clearly not the intended integration surface, say so explicitly before continuing. Do not flatten local draft planning truth into committed repo truth.
48
+ </integration_surface_check>
49
+
50
+ <brownfield_widening_inputs>
51
+ If `.planning/brownfield-change/CHANGE.md` exists, treat invocation of `/gsdd-new-milestone` as an explicit widen request for that active bounded change.
52
+
53
+ Before gathering new milestone goals, read and preserve:
54
+ - `CHANGE.md` for the current goal, scope, done-when, next action, and declared write scope
55
+ - `HANDOFF.md` for active constraints, unresolved uncertainty, decision posture, and anti-regression
56
+ - `VERIFICATION.md` for proof already gathered, remaining gaps, and any partial validation that the new milestone should inherit honestly
57
+
58
+ Do not force the user to rediscover this context and do not create a new promotion artifact before milestone setup.
59
+ </brownfield_widening_inputs>
48
60
 
49
61
  <process>
50
62
 
@@ -61,13 +73,15 @@ Delivered:
61
73
  - [Accomplishment 3]
62
74
  ```
63
75
 
64
- ## 2. Gather What to Build Next
76
+ ## 2. Gather What to Build Next
65
77
 
66
78
  Ask the user what the next milestone should focus on. Explore:
67
79
  - What problem does this milestone solve?
68
80
  - Who benefits?
69
- - What is explicitly out of scope for this milestone?
70
- - Any constraints (deadline, team size, dependencies)?
81
+ - What is explicitly out of scope for this milestone?
82
+ - Any constraints (deadline, team size, dependencies)?
83
+
84
+ If widening from an active brownfield change, start by presenting the preserved brownfield goal/scope/proof context and ask what now needs milestone-owned lifecycle state beyond that bounded lane.
71
85
 
72
86
  If a `.planning/MILESTONE-BRIEF.md` exists, use it as the input instead of asking. Note any assumptions inferred from the brief.
73
87
  (MILESTONE-BRIEF.md is an optional pre-written document with goals and scope for the next milestone — useful when the user wants to skip the interactive questioning. Create it manually in `.planning/` before running this workflow.)
@@ -125,12 +139,13 @@ Present key findings before moving to requirements.
125
139
 
126
140
  Read SPEC.md Must Have section. Identify the requirement ID pattern in use (e.g., `[FLOW-01]`, `[PLAN-01]`).
127
141
 
128
- Based on milestone goals and research findings (if any), define the new Must Have requirements for this milestone:
142
+ Based on milestone goals and research findings (if any), define the new Must Have requirements for this milestone:
129
143
 
130
- - Each requirement must be user-centric: "User can X"
131
- - Each must have a `[Done-When:]` completion criterion
132
- - IDs follow the existing category pattern or introduce a new category for new capability areas
133
- - Do NOT duplicate or restate requirements already in the Validated section
144
+ - Each requirement must be user-centric: "User can X"
145
+ - Each must have a `[Done-When:]` completion criterion
146
+ - IDs follow the existing category pattern or introduce a new category for new capability areas
147
+ - Do NOT duplicate or restate requirements already in the Validated section
148
+ - If widening from an active brownfield change, convert the preserved `CHANGE.md` / `HANDOFF.md` / `VERIFICATION.md` context into milestone requirements instead of restating the work from scratch
134
149
 
135
150
  Present the full proposed requirements list:
136
151
 
@@ -154,10 +169,11 @@ Determine the starting phase number:
154
169
  - Check MILESTONES.md for the last phase range (e.g., "Phases 1–5")
155
170
  - New phases start from max + 1
156
171
 
157
- Design 2-5 phases that cover all new requirements:
158
- - Each phase has a goal (one sentence), requirement assignments, and 2-4 success criteria
159
- - All requirements must be assigned to exactly one phase
160
- - Verify 100% coverage before writing
172
+ Design 2-5 phases that cover all new requirements:
173
+ - Each phase has a goal (one sentence), requirement assignments, and 2-4 success criteria
174
+ - All requirements must be assigned to exactly one phase
175
+ - Verify 100% coverage before writing
176
+ - If widening from an active brownfield change, make the phase design preserve the already-captured scope, decisions, and proof/gap context instead of inserting a rediscovery phase
161
177
 
162
178
  Present the proposed roadmap:
163
179
 
@@ -25,22 +25,23 @@ When `autoAdvance: true`, this workflow runs non-interactively:
25
25
  All other sections (`<detect_mode>`, `<codebase_context>`, `<research>`, `<spec_creation>`, `<roadmap_creation>`, `<success_criteria>`) execute normally. Auto mode bypasses: the `<questioning>` section, both `<approval_gate>` blocks, the user question in `<project_principles>`, and the user question in `<capability_gates>`. All other workflow logic executes normally.
26
26
  </auto_mode>
27
27
 
28
- <load_context>
29
- Before starting, read these files (if they exist):
30
- 1. `AGENTS.md` (root) — understand the full SDD workflow and governance rules.
31
- 2. `.planning/templates/spec.md` — template for creating SPEC.md
32
- 3. `.planning/templates/roadmap.md` — template for creating ROADMAP.md
28
+ <load_context>
29
+ Before starting, read these files (if they exist):
30
+ 1. `AGENTS.md` (root) — understand the full SDD workflow and governance rules.
31
+ 2. `.planning/templates/spec.md` — template for creating SPEC.md
32
+ 3. `.planning/templates/roadmap.md` — template for creating ROADMAP.md
33
33
  4. Project root files: `package.json`, `README.md`, main entry point, `.gitignore`
34
34
  5. `.planning/config.json` — The deterministic project settings. Key fields:
35
35
  - `researchDepth`: balanced | fast | deep — controls research thoroughness
36
36
  - `parallelization`: true | false � whether to run delegate work in parallel when the platform supports it; when false, run the same delegates sequentially
37
37
  - `workflow.research`: true | false — whether to do SOTA research before spec
38
38
  - `workflow.planCheck`: true | false — whether plan-check agent runs later
39
- - `workflow.verifier`: true | false — whether verifier runs after execution
40
- - `modelProfile`: balanced | quality | budget — model selection hint
41
- - `gitProtocol`: advisory git guidance only — follow repo/user conventions first and never invent phase/plan/task git naming by default
42
- 6. Any existing `.planning/SPEC.md` or `.planning/ROADMAP.md` (if resuming)
43
- </load_context>
39
+ - `workflow.verifier`: true | false — whether verifier runs after execution
40
+ - `modelProfile`: balanced | quality | budget — model selection hint
41
+ - `gitProtocol`: advisory git guidance only — follow repo/user conventions first and never invent phase/plan/task git naming by default
42
+ 6. Any existing `.planning/SPEC.md` or `.planning/ROADMAP.md` (if resuming)
43
+ 7. `.planning/brownfield-change/CHANGE.md`, `HANDOFF.md`, and `VERIFICATION.md` (when present as the widening input from an active bounded change)
44
+ </load_context>
44
45
 
45
46
  <project_principles>
46
47
  **(SOTA Insight: Derived from Spec-Kit)**
@@ -52,13 +53,25 @@ Ask the user: "What are the core principles for this project regarding code qual
52
53
  Capture these directly at the top of the upcoming `SPEC.md` to guide all future agent execution.
53
54
  </project_principles>
54
55
 
55
- <detect_mode>
56
- Determine the situation:
57
-
58
- - **Greenfield**: No existing code. Empty or minimal project. Skip codebase audit, go to questioning.
59
- - **Brownfield**: Existing codebase. You MUST audit before questioning.
60
- - **Resuming**: `.planning/SPEC.md` already exists. Read it, confirm current state with developer, continue from where things left off.
61
- </detect_mode>
56
+ <detect_mode>
57
+ Determine the situation:
58
+
59
+ - **Greenfield**: No existing code. Empty or minimal project. Skip codebase audit, go to questioning.
60
+ - **Brownfield**: Existing codebase. You MUST audit before questioning.
61
+ - **Resuming**: `.planning/SPEC.md` already exists. Read it, confirm current state with developer, continue from where things left off.
62
+ - **Concrete brownfield continuity already exists**: if `.planning/brownfield-change/CHANGE.md` exists, treat `/gsdd-new-project` as an explicit widen path into full milestone setup, not as the default resume route for that bounded change. Preserve the current bounded context unless the user clearly wants to widen scope.
63
+ </detect_mode>
64
+
65
+ <brownfield_widening_context>
66
+ If `.planning/brownfield-change/CHANGE.md` exists, treat it as an explicit widening input rather than as noise to rediscover:
67
+
68
+ 1. Read `CHANGE.md` for the active goal, in-scope/out-of-scope, done-when, next action, and declared write scope.
69
+ 2. Read `HANDOFF.md` for preserved constraints, unresolved uncertainty, decision posture, and anti-regression rules.
70
+ 3. Read `VERIFICATION.md` for existing proof, open gaps, and any partial validation that the first milestone should inherit honestly.
71
+
72
+ Do not create a new promotion artifact. Reuse the existing brownfield folder directly when widening into milestone setup.
73
+ If `.planning/MILESTONES.md` already contains shipped milestone history, stop and route this widen request to `/gsdd-new-milestone` instead of reopening first-milestone initialization here.
74
+ </brownfield_widening_context>
62
75
 
63
76
  <milestone_context>
64
77
  Determine research context before spawning researchers. Check if `.planning/SPEC.md` has existing Validated requirements:
@@ -83,9 +96,11 @@ Check whether `.planning/codebase/STACK.md`, `.planning/codebase/ARCHITECTURE.md
83
96
 
84
97
  Inform the user: "No codebase maps found. Running codebase mapping before continuing."
85
98
 
86
- This is an internal prerequisite of `new-project`, not a user-facing routing requirement. If the user started with `/gsdd-new-project` on a brownfield repo, do not bounce them out and tell them to restart with `/gsdd-map-codebase`. Run the mapping dependency, then continue this workflow.
87
-
88
- Read and follow `.agents/skills/gsdd-map-codebase/SKILL.md` now. Execute its full flow (check existing, spawn mappers, validate, secrets scan). When map-codebase completes, return here and continue from Brownfield Validated Requirements Inference below.
99
+ This is an internal prerequisite of `new-project`, not a user-facing routing requirement. If the user started with `/gsdd-new-project` on a brownfield repo, do not bounce them out and tell them to restart with `/gsdd-map-codebase`. Run the mapping dependency, then continue this workflow.
100
+
101
+ If `.planning/brownfield-change/CHANGE.md` exists, keep it as the current bounded continuity anchor while you do this work. Do not treat its presence as evidence that the user should have used another command instead. The only question is whether they intentionally want to widen that bounded brownfield change into full milestone planning.
102
+
103
+ Read and follow `.agents/skills/gsdd-map-codebase/SKILL.md` now. Execute its full flow (check existing, spawn mappers, validate, secrets scan). When map-codebase completes, return here and continue from Brownfield Validated Requirements Inference below.
89
104
 
90
105
  ### Brownfield Validated Requirements Inference
91
106
 
@@ -105,12 +120,14 @@ Example format (for SPEC.md requirements section):
105
120
  Brief the developer with a 4-5 sentence summary before starting the questioning phase.
106
121
  </codebase_context>
107
122
 
108
- <questioning>
109
- This is the most important step. You are NOT filling out a form. You are having a CONVERSATION.
110
- You are extracting a vision, not gathering requirements.
111
-
112
- **Start immediately by asking the user: "What do you want to build?"**
113
- (Wait for their response before continuing).
123
+ <questioning>
124
+ This is the most important step. You are NOT filling out a form. You are having a CONVERSATION.
125
+ You are extracting a vision, not gathering requirements.
126
+
127
+ If you are widening from active brownfield continuity, begin by summarizing what `CHANGE.md`, `HANDOFF.md`, and `VERIFICATION.md` already establish. Ask only for the delta needed to justify full milestone scope; do not make the user rediscover context already preserved on disk.
128
+
129
+ **Start immediately by asking the user: "What do you want to build?"**
130
+ (Wait for their response before continuing).
114
131
 
115
132
  ### What Downstream Phases Need From You
116
133
  Every phase reads what you produce. If you're vague, the cost compounds:
@@ -57,7 +57,7 @@ Question budget:
57
57
  </gather_state>
58
58
 
59
59
  <write_checkpoint>
60
- Before writing the new checkpoint, run `gsdd file-op delete .planning/.continue-here.bak --missing ok` to clear the prior session backup. This is cleanup-only and should no-op safely if the backup is absent.
60
+ Before writing the new checkpoint, run `node .planning/bin/gsdd.mjs file-op delete .planning/.continue-here.bak --missing ok` to clear the prior session backup. This is cleanup-only and should no-op safely if the backup is absent.
61
61
 
62
62
  When the current branch/worktree is known to be evidence-only, stale/spent, or otherwise not the next intended execution surface, say that explicitly in `<current_state>`, `<remaining_work>`, and `<anti_regression>`. Do not flatten evidence-only local state into the same continuity story as the next execution surface.
63
63
 
@@ -8,13 +8,13 @@ Your plans are specific enough that an executor can follow them without guessing
8
8
  <load_context>
9
9
  Before starting, read these files:
10
10
  1. `.planning/SPEC.md` - requirements, constraints, key decisions, current state
11
- 2. `.planning/ROADMAP.md` - find the target phase, its goal, requirements, and success criteria
11
+ 2. `.planning/ROADMAP.md` - find the target phase, its goal, requirements, success criteria, explicit out-of-scope, and stop/replan conditions
12
12
  3. `.planning/research/*.md` - if research exists and is relevant to this phase
13
13
  4. `.planning/phases/*-APPROACH.md` - approach decisions from user discussion (if exists)
14
14
  5. `.planning/phases/*-PLAN.md` - any previous plans that affect this phase
15
15
  6. Relevant source code - if this phase builds on existing code, read the key files
16
16
  7. `.planning/phases/*-SUMMARY.md` for the prior completed phase - if a `<judgment>` section is present, read all four sub-sections. The `<judgment>` carries forward active constraints, unresolved uncertainty, decision posture, and anti-regression rules from the prior phase. Honor these as input context alongside SPEC.md decisions and APPROACH.md choices.
17
- 8. **Session-boundary fallback:** If no prior completed phase SUMMARY.md with a `<judgment>` section was found in step 7, check whether `.planning/.continue-here.bak` exists. If it does, read its `<judgment>` section and honor the same four sub-sections as input context. After reading, run `gsdd file-op delete .planning/.continue-here.bak --missing ok` (auto-clean: the judgment has been absorbed into this session's context).
17
+ 8. **Session-boundary fallback:** If no prior completed phase SUMMARY.md with a `<judgment>` section was found in step 7, check whether `.planning/.continue-here.bak` exists. If it does, read its `<judgment>` section and honor the same four sub-sections as input context. After reading, run `node .planning/bin/gsdd.mjs file-op delete .planning/.continue-here.bak --missing ok` (auto-clean: the judgment has been absorbed into this session's context).
18
18
  Identify the target phase: the first phase with status `[ ]` or `[-]` in `ROADMAP.md`.
19
19
  </load_context>
20
20
 
@@ -105,13 +105,30 @@ Trigger questions per item:
105
105
  - If all items are **Resolved**: proceed to goal_backward_planning.
106
106
  - If any item is **Open** or **Ambiguous**: STOP. Report each item with the specific question that would resolve it. Do not produce an execution-ready plan until the user resolves these items.
107
107
  - Exception — **minor technical ambiguity** (e.g., exact error message wording, logging format) that does not change user-facing behavior: note it as a warning in the plan Notes section and proceed. Do not use this exception for behavioral or acceptance-criteria ambiguity.
108
- </spec_quality_check>
109
-
110
- <goal_backward_planning>
111
- Plan backward from success criteria.
112
-
113
- ### Step 1: State the must-haves
114
- From `ROADMAP.md`, list the success criteria for this phase. These are your non-negotiable targets.
108
+ </spec_quality_check>
109
+
110
+ <phase_contract_gate>
111
+ Before goal_backward_planning, verify that the target phase contract in `ROADMAP.md` is strong enough to support execution planning.
112
+
113
+ The phase entry must provide all of:
114
+ - assigned requirement IDs
115
+ - explicit success criteria
116
+ - explicit out-of-scope or anti-goals
117
+ - explicit stop/replan conditions
118
+
119
+ Also verify milestone truth is not self-contradictory across the planning surfaces you loaded:
120
+ - the active milestone in `.planning/SPEC.md` must match the active roadmap section you are planning from
121
+ - the target phase number/name must match across SPEC current state and ROADMAP next-step guidance when both are present
122
+
123
+ If any of these are missing or contradictory, STOP. Report the exact missing contract field or contradiction. Do not improvise a stronger phase contract from chat context alone.
124
+ </phase_contract_gate>
125
+
126
+ <goal_backward_planning>
127
+ Plan backward from success criteria.
128
+
129
+ ### Step 1: State the must-haves
130
+ From `ROADMAP.md`, list the success criteria for this phase. These are your non-negotiable targets.
131
+ Also list the phase out-of-scope boundaries and stop/replan conditions. These are equally contractual: execution may not silently widen past them.
115
132
 
116
133
  ### Step 2: Derive artifacts
117
134
  For each success criterion, what concrete artifacts must exist?
@@ -149,11 +166,33 @@ files-modified:
149
166
  - src/lib/auth.ts
150
167
  - src/routes/session.ts
151
168
  autonomous: true
152
- requirements:
153
- - REQ-AUTH-01
154
- must_haves:
155
- truths:
156
- - User can sign in with email and password.
169
+ requirements:
170
+ - REQ-AUTH-01
171
+ non_goals:
172
+ - Do not redesign auth UX beyond the scoped sign-in flow.
173
+ hard_boundaries:
174
+ - Do not touch signup, billing, or unrelated session consumers in this plan.
175
+ escalation_triggers:
176
+ - Stop if the request requires changing scoped success criteria or touching a forbidden surface.
177
+ approval_gates:
178
+ - Ask before any destructive data migration or external delivery action.
179
+ anti_regression_targets:
180
+ - Existing session middleware behavior remains unchanged for already-supported routes.
181
+ known_unknowns:
182
+ - Exact copy wording for auth errors may still need product confirmation.
183
+ high_leverage_surfaces: []
184
+ second_pass_required: false
185
+ closure_claim_limit: Do not claim phase completion until verification satisfies the evidence contract for the scoped truths.
186
+ parallelism_budget:
187
+ max_concurrent_plans: 1
188
+ safe_parallelism: []
189
+ leverage:
190
+ lost: Slightly more planning ceremony for this plan.
191
+ kept: Existing auth/session architecture and repo conventions.
192
+ gained: Explicit anti-drift boundaries and fail-closed escalation.
193
+ must_haves:
194
+ truths:
195
+ - User can sign in with email and password.
157
196
  artifacts:
158
197
  - path: src/routes/session.ts
159
198
  provides: Session route handlers
@@ -164,12 +203,16 @@ must_haves:
164
203
  ---
165
204
  ```
166
205
 
167
- Schema rules:
168
- - `autonomous: false` if any task uses `checkpoint:*`
169
- - `requirements` must not be empty
170
- - `files-modified` should list the files this plan is expected to touch
171
- - `must_haves` must trace back to roadmap success criteria
172
- </plan_schema>
206
+ Schema rules:
207
+ - `autonomous: false` if any task uses `checkpoint:*`
208
+ - `requirements` must not be empty
209
+ - `files-modified` should list the files this plan is expected to touch
210
+ - `must_haves` must trace back to roadmap success criteria
211
+ - `non_goals`, `hard_boundaries`, `escalation_triggers`, and `closure_claim_limit` must not be empty
212
+ - `leverage.lost`, `leverage.kept`, and `leverage.gained` must all be explicit
213
+ - `second_pass_required: true` if `high_leverage_surfaces` is non-empty
214
+ - `parallelism_budget.max_concurrent_plans` must stay `1` unless the plan proves disjoint write ownership
215
+ </plan_schema>
173
216
 
174
217
  <task_format>
175
218
  Each executable task must use this XML structure:
@@ -251,11 +294,33 @@ files-modified:
251
294
  - src/routes/users.ts
252
295
  - src/app/users/page.tsx
253
296
  autonomous: true
254
- requirements:
255
- - REQ-USER-01
256
- must_haves:
257
- truths:
258
- - Users can view the list page.
297
+ requirements:
298
+ - REQ-USER-01
299
+ non_goals:
300
+ - Do not redesign adjacent user-management surfaces outside the scoped list page.
301
+ hard_boundaries:
302
+ - Do not touch billing, permissions, or unrelated dashboard routes in this plan.
303
+ escalation_triggers:
304
+ - Stop if the requested work expands beyond the phase success criteria or crosses a forbidden surface.
305
+ approval_gates:
306
+ - Ask before destructive migrations, external release actions, or rewriting approved product decisions.
307
+ anti_regression_targets:
308
+ - Existing user route behavior outside the new list view remains unchanged.
309
+ known_unknowns:
310
+ - Final empty-state copy may still need product confirmation.
311
+ high_leverage_surfaces: []
312
+ second_pass_required: false
313
+ closure_claim_limit: Do not claim phase completion until verification confirms the scoped truths with the required evidence.
314
+ parallelism_budget:
315
+ max_concurrent_plans: 1
316
+ safe_parallelism: []
317
+ leverage:
318
+ lost: Slightly more planning ceremony for stronger execution boundaries.
319
+ kept: Existing route/component conventions and repo-native workflow.
320
+ gained: Better anti-drift enforcement and more honest closure limits.
321
+ must_haves:
322
+ truths:
323
+ - Users can view the list page.
259
324
  artifacts:
260
325
  - path: src/routes/users.ts
261
326
  provides: Users route handlers
@@ -274,12 +339,30 @@ must_haves:
274
339
  - [Relevant context file or source path]
275
340
  - [Relevant prior summary only if genuinely needed]
276
341
 
277
- ## Requirements Covered
278
- - [REQ-ID]
279
-
280
- ## Must-Haves
281
- 1. [Observable truth from ROADMAP.md]
282
- 2. [Observable truth from ROADMAP.md]
342
+ ## Requirements Covered
343
+ - [REQ-ID]
344
+
345
+ ## Must-Haves
346
+ 1. [Observable truth from ROADMAP.md]
347
+ 2. [Observable truth from ROADMAP.md]
348
+
349
+ ## Anti-Goals
350
+ - [What this plan must not expand into]
351
+
352
+ ## Hard Boundaries
353
+ - [Files, modules, workflows, or delivery surfaces that stay out of scope]
354
+
355
+ ## Evidence Contract
356
+ - [Which tests, runtime checks, docs, or artifacts must exist before this plan can be claimed complete]
357
+
358
+ ## Common Pitfalls
359
+ - [Typical ways this work drifts, overclaims, or breaks neighboring behavior]
360
+
361
+ ## Stop-And-Challenge
362
+ - [Trigger condition that must pause execution and force clarification]
363
+
364
+ ## Approval Gates
365
+ - [Decision or side-effect boundaries that require explicit user approval]
283
366
 
284
367
  <checks>
285
368
  <plan_check>
@@ -301,15 +384,23 @@ notes: [What the checker actually validated or why it was skipped]
301
384
  ...
302
385
  </task>
303
386
 
304
- ## Verification
305
- - [Overall plan-level verification or smoke checks]
306
-
307
- ## Success Criteria
308
- - [What must be true when this plan is complete]
309
-
310
- ## Notes
311
- [Gotchas, implementation notes, or explicit assumptions]
312
- ```
387
+ ## Verification
388
+ - [Overall plan-level verification or smoke checks]
389
+
390
+ ## Success Criteria
391
+ - [What must be true when this plan is complete]
392
+
393
+ ## High-Leverage Review
394
+ - [Which high-leverage surfaces are touched and whether a second pass is required]
395
+
396
+ ## Leverage Review
397
+ - Lost: [What leverage this plan sacrifices]
398
+ - Kept: [What existing leverage or conventions it preserves]
399
+ - Gained: [What leverage this plan creates]
400
+
401
+ ## Notes
402
+ [Gotchas, implementation notes, or explicit assumptions]
403
+ ```
313
404
 
314
405
  **MANDATORY: You MUST write PLAN.md to disk at `.planning/phases/{phase_dir}/{plan_id}-PLAN.md`. Output to conversation alone is NOT sufficient. If this file is not written to disk, planning is NOT complete.**
315
406
  </plan_structure>
@@ -400,10 +491,15 @@ After the planner produces a draft plan, an independent checker reviews it in fr
400
491
  3. `dependency_correctness` - ordering, dependencies, and plan structure are coherent
401
492
  4. `key_link_completeness` - important wiring links are planned, not just isolated artifacts
402
493
  5. `scope_sanity` - plans are sized so an executor can complete them without context collapse
403
- 6. `must_have_quality` - success criteria are specific, observable, and reflected in tasks
404
- 7. `context_compliance` - locked decisions are honored and deferred ideas stay out of scope
405
- 8. `goal_achievement` - the plan, if executed perfectly, actually achieves the stated phase goal: goal addressed (tasks deliver the goal), success criteria reachable (each criterion traceable to a task verify output), and outcome observable (a human or automated check can confirm the goal was met)
406
- 9. `approach_alignment` - when APPROACH.md exists, plans implement the chosen approaches, not alternatives. Blocker if plan contradicts an explicit user choice. Warning if plan drifts from recommendation without justification. Skipped when no APPROACH.md is provided.
494
+ 6. `must_have_quality` - success criteria are specific, observable, and reflected in tasks
495
+ 7. `context_compliance` - locked decisions are honored and deferred ideas stay out of scope
496
+ 8. `goal_achievement` - the plan, if executed perfectly, actually achieves the stated phase goal: goal addressed (tasks deliver the goal), success criteria reachable (each criterion traceable to a task verify output), and outcome observable (a human or automated check can confirm the goal was met)
497
+ 9. `scope_boundaries` - anti-goals and hard boundaries are explicit, enforceable, and reflected in the task set
498
+ 10. `anti_regression_capture` - anti-regression targets are named and mapped to verification
499
+ 11. `escalation_integrity` - stop-and-challenge triggers and approval gates are present where side effects or ambiguity warrant them
500
+ 12. `closure_honesty` - closure claim limit prevents the plan from overclaiming what verification can prove
501
+ 13. `high_leverage_review` - high-leverage surfaces and second-pass obligations are recorded honestly
502
+ 14. `approach_alignment` - when APPROACH.md exists, plans implement the chosen approaches, not alternatives. Blocker if plan contradicts an explicit user choice. Warning if plan drifts from recommendation without justification. Skipped when no APPROACH.md is provided.
407
503
  ### Invoking the Checker
408
504
  1. If `.planning/config.json` has `workflow.planCheck: false`, skip the independent checker. Perform the planner self-check below and report `reduced_assurance`.
409
505
  2. If plan checking is enabled, check if your runtime provides a `gsdd-plan-checker` agent.
@@ -420,7 +516,7 @@ After the planner produces a draft plan, an independent checker reviews it in fr
420
516
  "summary": "One sentence overall assessment",
421
517
  "issues": [
422
518
  {
423
- "dimension": "requirement_coverage | task_completeness | dependency_correctness | key_link_completeness | scope_sanity | must_have_quality | context_compliance | goal_achievement | approach_alignment",
519
+ "dimension": "requirement_coverage | task_completeness | dependency_correctness | key_link_completeness | scope_sanity | must_have_quality | context_compliance | goal_achievement | scope_boundaries | anti_regression_capture | escalation_integrity | closure_honesty | high_leverage_review | approach_alignment",
424
520
  "severity": "blocker | warning",
425
521
  "description": "What is wrong",
426
522
  "plan": "01-PLAN",
@@ -464,22 +560,35 @@ For every success criterion from `ROADMAP.md`:
464
560
  - [ ] At least one task produces an artifact that satisfies it
465
561
  - [ ] The task's `<verify>` section checks it specifically
466
562
  - [ ] The criterion is covered explicitly, not only implied
467
- ### Check Task Completeness
468
- For each task:
469
- - [ ] The `<files>` section lists every file to create or modify
470
- - [ ] The `<action>` is specific enough that an executor will not need to guess
471
- - [ ] The `<verify>` steps include at least one runnable command
563
+ ### Check Task Completeness
564
+ For each task:
565
+ - [ ] The `<files>` section lists every file to create or modify
566
+ - [ ] The `<action>` is specific enough that an executor will not need to guess
567
+ - [ ] The `<verify>` steps include at least one runnable command
472
568
  - [ ] If a `<verify>` step references a test file, an earlier task creates that file
473
- - [ ] The `<done>` description matches the must-have or success criterion it covers
474
- - [ ] `checkpoint:*` usage is consistent with `autonomous`
475
-
476
- ### Red Flags
477
- - A success criterion has no task covering it
478
- - A task has no corresponding success criterion
479
- - Two tasks modify the same file in contradictory ways
480
- - A task depends on output from a later task
481
- - All verify steps are observational text with no runnable commands
482
- </plan_self_check>
569
+ - [ ] The `<done>` description matches the must-have or success criterion it covers
570
+ - [ ] `checkpoint:*` usage is consistent with `autonomous`
571
+
572
+ ### Check The Anti-Drift Contract
573
+ - [ ] `non_goals` are explicit and would stop adjacent cleanup or feature widening
574
+ - [ ] `hard_boundaries` identify the main no-touch surfaces
575
+ - [ ] `escalation_triggers` force stop-and-challenge instead of silent interpretation
576
+ - [ ] `approval_gates` appear anywhere side effects or irreversible choices could happen
577
+ - [ ] `anti_regression_targets` are concrete enough for verification to check later
578
+ - [ ] `closure_claim_limit` prevents the executor from claiming more than the evidence can support
579
+ - [ ] `leverage.lost`, `leverage.kept`, and `leverage.gained` are explicit and defensible
580
+ - [ ] If `high_leverage_surfaces` is non-empty, `second_pass_required` is true and named in the plan body
581
+
582
+ ### Red Flags
583
+ - A success criterion has no task covering it
584
+ - A task has no corresponding success criterion
585
+ - Two tasks modify the same file in contradictory ways
586
+ - A task depends on output from a later task
587
+ - All verify steps are observational text with no runnable commands
588
+ - The plan can drift into adjacent cleanup because the anti-goals or hard boundaries are vague
589
+ - The executor could cross a risky boundary without tripping a stop-and-challenge condition
590
+ - The plan claims phase completion more broadly than its own evidence contract can prove
591
+ </plan_self_check>
483
592
 
484
593
  <success_criteria>
485
594
  Planning is done when all of these are true:
@@ -487,19 +596,21 @@ Planning is done when all of these are true:
487
596
  - [ ] Target phase identified from `ROADMAP.md`
488
597
  - [ ] Approach exploration completed or explicitly skipped with `reduced_alignment` reported
489
598
  - [ ] When `workflow.discuss: true`: user alignment confirmed via APPROACH.md before planning
490
- - [ ] Research check completed where needed
491
- - [ ] Plan self-check passed
492
- - [ ] Success criteria from `ROADMAP.md` are represented as must-haves
493
- - [ ] Goal-backward derivation from criteria to artifacts to key links to tasks is explicit
494
- - [ ] Every plan has frontmatter with `phase`, `plan`, `type`, `wave`, `depends_on`, `files-modified`, `autonomous`, `requirements`, and `must_haves`
495
- - [ ] Every plan frontmatter records `runtime` and `assurance`
496
- - [ ] Every plan records checker outcome in a structured `<checks>` block
497
- - [ ] Every task has XML structure with `id`, `type`, `files`, `action`, `verify`, and `done`
498
- - [ ] Every task has at least one runnable verify command
499
- - [ ] Plan sizing stays within 2-5 tasks, preferring 2-3
500
- - [ ] Locked decisions from `.planning/SPEC.md` and APPROACH.md are honored
501
- - [ ] Any git guidance stays repo-native and follows `.planning/config.json`
502
- </success_criteria>
599
+ - [ ] Research check completed where needed
600
+ - [ ] Roadmap phase contract includes requirements, success criteria, explicit out-of-scope, and explicit stop/replan conditions
601
+ - [ ] Plan self-check passed
602
+ - [ ] Success criteria from `ROADMAP.md` are represented as must-haves
603
+ - [ ] Goal-backward derivation from criteria to artifacts to key links to tasks is explicit
604
+ - [ ] Every plan has frontmatter with `phase`, `plan`, `type`, `wave`, `depends_on`, `files-modified`, `autonomous`, `requirements`, `non_goals`, `hard_boundaries`, `escalation_triggers`, `approval_gates`, `anti_regression_targets`, `closure_claim_limit`, `parallelism_budget`, `leverage`, and `must_haves`
605
+ - [ ] Every plan frontmatter records `runtime` and `assurance`
606
+ - [ ] Every plan records checker outcome in a structured `<checks>` block
607
+ - [ ] Every task has XML structure with `id`, `type`, `files`, `action`, `verify`, and `done`
608
+ - [ ] Every task has at least one runnable verify command
609
+ - [ ] Plan sizing stays within 2-5 tasks, preferring 2-3
610
+ - [ ] Locked decisions from `.planning/SPEC.md` and APPROACH.md are honored
611
+ - [ ] Plan body includes explicit `## Anti-Goals`, `## Hard Boundaries`, `## Evidence Contract`, `## Common Pitfalls`, `## Stop-And-Challenge`, `## Approval Gates`, and `## Leverage Review` sections
612
+ - [ ] Any git guidance stays repo-native and follows `.planning/config.json`
613
+ </success_criteria>
503
614
 
504
615
  <completion>
505
616
  Report to the user what was accomplished, then present the next step: