gsdd-cli 0.19.0 → 0.19.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -5,6 +5,7 @@ You are the fresh-context plan checker for `/gsdd-plan`.
5
5
  Read only the explicit inputs provided by the orchestrator:
6
6
  - target phase goal and requirement IDs
7
7
  - relevant locked decisions or deferred items from `.planning/SPEC.md`
8
+ - project config from `.planning/config.json`, especially `workflow.discuss` and `workflow.planCheck`
8
9
  - approach decisions from `.planning/phases/*-APPROACH.md` (if provided)
9
10
  - any relevant phase research file
10
11
  - the produced `.planning/phases/*-PLAN.md` file(s)
@@ -29,7 +30,16 @@ Verify these dimensions:
29
30
  - **Goal addressed?** Compare the phase goal statement to the plan's collective task outputs. Would successful completion of all tasks deliver the goal? If the goal says "users can authenticate" but tasks only set up database schema → `blocker`.
30
31
  - **Success criteria reachable?** Are the phase success criteria from ROADMAP.md achievable through the planned tasks? Each success criterion should be traceable to at least one task's verify output → `blocker` if unreachable.
31
32
  - **Outcome observable?** After execution, could a human or automated check confirm the goal was met? Plans that produce only internal artifacts with no user-visible or testable outcome → `warning`.
33
+ - `scope_boundaries`: hard boundaries, anti-goals, and explicit out-of-scope items are preserved in task scope.
34
+ - `anti_regression_capture`: known prior failures, compatibility risks, and behavior that must not regress are represented in tasks or verification.
35
+ - `escalation_integrity`: tasks include checkpoints or escalation when evidence, permissions, user decisions, or risky ambiguity are required.
36
+ - `closure_honesty`: the plan's done criteria and evidence limits support only claims that execution can actually prove.
37
+ - `high_leverage_review`: high-leverage surfaces have a second-pass review or equivalent contradiction/staleness check before completion.
32
38
  - `approach_alignment`: when APPROACH.md is provided, verify that plan tasks implement the chosen approaches from the user's decisions. Check:
39
+ - **Alignment proof valid?** When `workflow.discuss` is `true`, APPROACH.md must record `alignment_status: user_confirmed` or `alignment_status: approved_skip`. Missing alignment proof, unknown status, or agent-discretion-only proof -> `blocker` with `fix_hint` telling the planner to revise APPROACH.md through real user alignment or an explicit user-approved skip.
40
+ - **Canonical proof fields present?** APPROACH.md must include all canonical proof fields: `alignment_status`, `alignment_method`, `user_confirmed_at`, `explicit_skip_approved`, `skip_scope`, `skip_rationale`, and `confirmed_decisions`. Missing fields -> `blocker`.
41
+ - **User confirmation present?** For `alignment_status: user_confirmed`, `confirmed_decisions` must include at least one non-placeholder locked decision; `explicit_skip_approved` may be `false`, and `skip_scope`/`skip_rationale` may be `N/A`. Empty `confirmed_decisions`, chat-memory-only proof, or decisions attributed only to the agent -> `blocker`.
42
+ - **Approved skip explicit?** For `alignment_status: approved_skip`, APPROACH.md must include `explicit_skip_approved: true`, `alignment_method`, `user_confirmed_at`, substantive `skip_scope`, substantive `skip_rationale`, and `confirmed_decisions` may be `N/A - approved skip`. Agent-only "No questions needed" or `explicit_skip_approved: false` -> `blocker`.
33
43
  - **Chosen honored?** Does each plan task align with the approach chosen in APPROACH.md for its gray area? A task that implements an alternative the user explicitly rejected -> `blocker`.
34
44
  - **Discretion respected?** "Agent's Discretion" items allow planner flexibility — do NOT flag these as misalignment.
35
45
  - **Deferred excluded?** Deferred ideas from APPROACH.md must not appear in plan tasks -> `blocker` if found.
@@ -43,8 +53,8 @@ Return JSON only as a single object with this shape:
43
53
  "summary": "One sentence overall assessment",
44
54
  "issues": [
45
55
  {
46
- "dimension": "requirement_coverage | task_completeness | dependency_correctness | key_link_completeness | scope_sanity | must_have_quality | context_compliance | goal_achievement | approach_alignment",
47
- "severity": "blocker",
56
+ "dimension": "requirement_coverage | task_completeness | dependency_correctness | key_link_completeness | scope_sanity | must_have_quality | context_compliance | goal_achievement | scope_boundaries | anti_regression_capture | escalation_integrity | closure_honesty | high_leverage_review | approach_alignment",
57
+ "severity": "blocker | warning",
48
58
  "description": "What is wrong",
49
59
  "plan": "01-PLAN",
50
60
  "task": "1-02",
@@ -56,8 +66,8 @@ Return JSON only as a single object with this shape:
56
66
 
57
67
  Rules:
58
68
  - Status must be either `"passed"` or `"issues_found"`.
59
- - Use `"status": "passed"` only when no blockers remain. Warnings may still be listed.
60
- - Use `"status": "issues_found"` when any blocker exists or when warnings should be surfaced for revision.
69
+ - Use `"status": "passed"` only when `"issues": []`.
70
+ - Use `"status": "issues_found"` when any blocker or warning exists so the orchestrator must surface it for revision or explicit acceptance.
61
71
  - Keep `fix_hint` targeted. The planner should patch the existing plan, not replan from scratch, unless the issue is fundamental.
62
72
  - If there are no issues, return `"issues": []`.
63
73
 
@@ -42,6 +42,11 @@ Determine milestone `delivery_posture` before grading requirements or flows:
42
42
  - `repo_only` — the milestone claim is still repo-local and does not depend on shipped runtime or release proof
43
43
  - `delivery_sensitive` — the milestone claims shipped UX, release/install behavior, published proof, or other externally consumed runtime outcomes
44
44
 
45
+ Determine `release_claim_posture` as the release wording boundary layered over `delivery_posture`:
46
+ - `repo_closeout` — default. The milestone can be described as repo-local closeout only; do not imply shipped availability, public support, runtime validation, generated-surface freshness, tags, packages, or GitHub Releases.
47
+ - `runtime_validated_closeout` — a named runtime behavior or generated/runtime surface was directly executed and observed. The claim must name only the validated runtime or surface and must include `runtime` evidence.
48
+ - `delivery_supported_closeout` — the milestone supports externally consumed release, install, support, or public-facing delivery claims. The audit must satisfy the `delivery_sensitive` evidence bar and include concrete `delivery` evidence appropriate to the claim.
49
+
45
50
  Apply the shared `audit-milestone` matrix:
46
51
 
47
52
  | delivery_posture | required evidence | recommended evidence | cannot carry closure alone |
@@ -54,6 +59,12 @@ Rules:
54
59
  - delivery-sensitive audits must not pass on phase prose, code inspection, or tests alone; required `runtime` and `delivery` evidence must be explicitly present
55
60
  - `human` evidence is supportive only at audit level unless the audit is already otherwise satisfied
56
61
  - record the selected `delivery_posture`, `required_kinds`, `observed_kinds`, and `missing_kinds` in audit frontmatter so completion inherits the same closure contract
62
+ - record `release_claim_posture`, unsupported claims, waivers, deferrals, and contradiction checks in audit frontmatter; completion inherits these fields
63
+ - missing required evidence cannot be waived while preserving a stronger release claim. A waiver is valid only when it narrows the claim posture or records a deferred unsupported claim.
64
+ - deferrals must name the unsupported claim, missing evidence kind(s), and later workflow or milestone candidate when known
65
+ - contradiction checks must cover evidence, public-surface, runtime, delivery, planning-drift, and generated-surface contradictions; stop or downgrade when the claim outruns the evidence
66
+ - `delivery_posture` and `release_claim_posture` must remain compatible: `repo_closeout` and `runtime_validated_closeout` pair with `repo_only`; `delivery_supported_closeout` pairs with `delivery_sensitive`
67
+ - local-only `.planning/` proof may support `repo_closeout`, but public-facing release/support claims need tracked public or repo-visible evidence when intended for external readers
57
68
  </evidence_contract>
58
69
 
59
70
  <process>
@@ -114,6 +125,7 @@ Combine:
114
125
  - Phase-level gaps and tech debt (from step 2)
115
126
  - Integration checker's report (wiring gaps, auth gaps, broken flows, requirements integration map)
116
127
  - Evidence observations by kind (`code`, `test`, `runtime`, `delivery`, `human`) from phase verifications, summaries, integration findings, and delivery metadata
128
+ - Release claim posture observations: selected `release_claim_posture`, unsupported claims, waivers, deferrals, and contradiction checks for public, runtime, delivery, planning-drift, and generated-surface claims
117
129
 
118
130
  ## 5. 3-Source Cross-Reference
119
131
 
@@ -170,10 +182,22 @@ audited: {ISO-8601 timestamp}
170
182
  status: passed | gaps_found | tech_debt
171
183
  reduced_assurance: false
172
184
  delivery_posture: repo_only | delivery_sensitive
185
+ release_claim_posture: repo_closeout | runtime_validated_closeout | delivery_supported_closeout
173
186
  evidence_contract:
174
187
  required_kinds: [code, test]
175
188
  observed_kinds: [code, test]
176
189
  missing_kinds: []
190
+ release_claim_contract:
191
+ unsupported_claims: []
192
+ waivers: []
193
+ deferrals: []
194
+ contradiction_checks:
195
+ evidence: passed | failed
196
+ public_surface: passed | failed | not_applicable
197
+ runtime: passed | failed | not_applicable
198
+ delivery: passed | failed | not_applicable
199
+ planning_drift: passed | failed
200
+ generated_surface: passed | failed | not_applicable
177
201
  scores:
178
202
  requirements: N/M
179
203
  phases: N/M
@@ -213,6 +237,10 @@ Evidence gate:
213
237
  - a `passed` audit must have no `missing_kinds` for the selected `delivery_posture`
214
238
  - `delivery_sensitive` audits cannot pass without explicit `runtime` and `delivery` evidence
215
239
  - `repo_only` audits cannot be downgraded merely because `runtime` or `delivery` evidence was never relevant
240
+ - a `passed` audit must have no unsupported stronger release claims unless they are explicitly downgraded or deferred in `release_claim_contract`
241
+ - invalid waivers are blockers: human approval cannot replace missing `code`, `test`, `runtime`, or `delivery` evidence for a stronger claim
242
+ - public/support wording must be scoped to tracked public or repo-visible evidence; local-only `.planning/` artifacts cannot carry public release claims by themselves
243
+ - generated-surface freshness is claim-scoped: W11-style drift blocks only claims that depend on generated runtime/helper freshness, not unrelated repo-only closeout
216
244
 
217
245
  **MANDATORY: The milestone audit report must exist at `.planning/v{version}-MILESTONE-AUDIT.md` on disk before presenting results. If the file was not written, STOP and report the write failure. Do NOT present audit results from conversation context alone — this is the highest-cost artifact to regenerate. Do NOT downgrade a write failure into "results shown inline anyway."**
218
246
 
@@ -222,7 +250,7 @@ Route by audit status:
222
250
 
223
251
  ### If passed:
224
252
  - Report: all requirements covered, cross-phase integration verified, auth protection verified, E2E flows complete
225
- - Next step: complete the milestone (archive and tag)
253
+ - Next step: complete the milestone (archive; any tag remains advisory and evidence-scoped)
226
254
 
227
255
  ### If gaps_found:
228
256
  - Report: list unsatisfied requirements, auth or cross-phase issues, broken flows
@@ -1,5 +1,5 @@
1
1
  <role>
2
- You are the MILESTONE CLOSER. Your job is to formally archive a shipped milestone — gather stats, archive planning artifacts, evolve SPEC.md, collapse the roadmap, and prepare for the next cycle.
2
+ You are the MILESTONE CLOSER. Your job is to formally archive a completed milestone — gather stats, archive planning artifacts, evolve SPEC.md, collapse the roadmap, and prepare for the next cycle.
3
3
 
4
4
  Core mindset: archive facts, not intentions. Every claim in the archived record must be derivable from phase SUMMARY.md files or git history.
5
5
 
@@ -54,14 +54,27 @@ Stable evidence kinds carried forward from audit:
54
54
 
55
55
  Read the audit frontmatter and preserve:
56
56
  - `delivery_posture`
57
+ - `release_claim_posture`
57
58
  - `evidence_contract.required_kinds`
58
59
  - `evidence_contract.observed_kinds`
59
60
  - `evidence_contract.missing_kinds`
61
+ - `release_claim_contract.unsupported_claims`
62
+ - `release_claim_contract.waivers`
63
+ - `release_claim_contract.deferrals`
64
+ - `release_claim_contract.contradiction_checks`
60
65
 
61
66
  Shared closure rules:
62
67
  - `repo_only` completion may proceed with repo-local closure evidence only; do not invent `runtime` or `delivery` proof
63
68
  - `delivery_sensitive` completion must not proceed on code/prose-only evidence; the audit must already show required `code`, `test`, `runtime`, and `delivery` evidence with no missing required kinds
64
69
  - if the audit omits the evidence contract or still has missing required kinds, STOP and route back to `/gsdd-audit-milestone` or `/gsdd-plan-milestone-gaps` instead of silently closing the milestone
70
+ - release claim postures are inherited from audit:
71
+ - `repo_closeout` permits repo-local milestone closure only and must not imply public support, delivery, runtime validation, generated-surface freshness, package publication, tags, or GitHub Releases
72
+ - `runtime_validated_closeout` may name only the runtime or surface with explicit `runtime` evidence
73
+ - `delivery_supported_closeout` requires the audit's `delivery_sensitive` bar plus concrete `delivery` evidence for the public/release/support claim
74
+ - inherited `delivery_posture` and `release_claim_posture` must be compatible: `repo_closeout` and `runtime_validated_closeout` use `repo_only`; `delivery_supported_closeout` uses `delivery_sensitive`
75
+ - waivers are valid only when they narrow the release claim or defer an unsupported claim. Deferrals must name the unsupported claim, missing evidence kind(s), and later workflow or milestone candidate when known. STOP if a waiver preserves a stronger claim while required evidence is missing.
76
+ - STOP if `release_claim_contract.unsupported_claims` remain without downgrade or deferral, if unsupported claims, invalid waivers, or failed contradiction checks remain, or if completion wording would claim more than the audit evidence supports. Failed contradiction checks are claim-scoped: generated-surface failures block only runtime/generated freshness claims, not unrelated `repo_closeout` completion.
77
+ - local-only `.planning/` proof can support repo closeout, but cannot become public release proof by itself.
65
78
  </evidence_contract>
66
79
 
67
80
  <process>
@@ -72,22 +85,18 @@ Check:
72
85
  - **Phase completion**: Are all ROADMAP.md phases for this milestone marked `[x]`? List any that are not.
73
86
  - **Audit status**: Does a MILESTONE-AUDIT.md exist and have status `passed`? If it has status `gaps_found`, the milestone has open gaps.
74
87
  - **Audit evidence posture**: Does the passed audit frontmatter include `delivery_posture` and an `evidence_contract` block with no missing required kinds?
88
+ - **Release claim posture**: Does the passed audit include compatible `delivery_posture`/`release_claim_posture` values and `release_claim_contract`, with unsupported claims either downgraded or deferred, no invalid waivers, and no failed claim-scoped contradiction checks?
75
89
  - **Spent-branch guard**: Run `git branch --merged origin/main` (substitute `master` or the configured default branch from `config.json → gitProtocol.branch` if different) and verify HEAD is not a spent/already-merged branch. If the current branch already backs a merged PR, STOP - do not instruct any commit or tag operations. Prompt the user to check out a fresh active branch before continuing.
76
90
  - **Integration-surface warning pass**: Inspect staged, unstaged, untracked, unpushed, and PR-less local truth separately from the milestone artifacts. Warn if the archive is being attempted from a mixed-scope or stale branch even when the milestone documents themselves look complete.
77
91
 
78
- **If phases incomplete, audit not passed, or the audit evidence contract is missing/insufficient:**
92
+ **If phases incomplete, audit not passed, the audit evidence contract is missing/insufficient, or the inherited release claim contract has unsupported claims, invalid waivers, missing/failed claim-scoped contradiction checks, incompatible posture metadata, or invalid posture metadata:**
79
93
 
80
- Present options:
81
- 1. **Proceed anyway** — archive with known gaps noted in MILESTONES.md
82
- 2. **Run audit first** — `/gsdd-audit-milestone` (if audit is missing or stale)
83
- 3. **Close gaps first** — `/gsdd-plan-milestone-gaps` (if audit found gaps)
84
- 4. **Abort** — stop without archiving
94
+ STOP without archiving. Route to the narrowest corrective workflow instead:
95
+ 1. **Run audit first** — `/gsdd-audit-milestone` if audit is missing, stale, or missing required release-claim schema.
96
+ 2. **Close gaps first** — `/gsdd-plan-milestone-gaps` if audit found gaps or the release claim outruns available evidence.
97
+ 3. **Abort** — stop without archiving if the user does not want corrective work now.
85
98
 
86
- **STOP. Wait for user selection.**
87
-
88
- Exception: if `config.json -> mode` is `yolo`, skip the stop gate and proceed with a note about any gaps.
89
-
90
- **If all phases complete, audit passed, and the audit evidence contract is satisfied:** Proceed.
99
+ **If all phases complete, audit passed, the audit evidence contract is satisfied, and the inherited release claim contract has no unsupported stronger claims:** Proceed.
91
100
 
92
101
  ## 2. Determine Version
93
102
 
@@ -101,6 +110,7 @@ Extract from phase SUMMARY.md files and git:
101
110
  - Test count if discernible from SUMMARY files
102
111
  - Start date (first phase completion date) and end date (today)
103
112
  - Brief git stats: `git log --oneline --since="[start date]" | wc -l` for commit count
113
+ - Inherited closeout posture: `delivery_posture`, `release_claim_posture`, waivers, deferrals, and contradiction check result from the passed audit
104
114
 
105
115
  Present a concise stats block for review.
106
116
 
@@ -117,10 +127,10 @@ Create `.planning/milestones/v[X.Y]-ROADMAP.md` with full milestone details:
117
127
  ```markdown
118
128
  # Milestone v[X.Y]: [Name]
119
129
 
120
- **Status:** ✅ SHIPPED [date]
130
+ **Status:** ✅ COMPLETED [date]
121
131
  **Phases:** [N]–[M]
122
132
  **Total Plans:** [count]
123
- **Tag:** v[X.Y]
133
+ **Suggested tag:** v[X.Y] (advisory only; do not imply this tag exists unless git confirms it)
124
134
 
125
135
  ## Overview
126
136
 
@@ -218,7 +228,10 @@ Append an entry to `.planning/MILESTONES.md`:
218
228
 
219
229
  **Phases:** [N]–[M] | **Plans:** [count] | **Tasks:** [count] | **Tests:** [N] assertions, 0 failures
220
230
 
221
- **Delivered:** [One sentence summary of what shipped.]
231
+ **Completed:** [One sentence summary of what the milestone closed.]
232
+
233
+ **Release claim posture:** [repo_closeout | runtime_validated_closeout | delivery_supported_closeout]
234
+ **Unsupported claims deferred:** [none or concise list]
222
235
 
223
236
  **Key accomplishments:**
224
237
  1. [Accomplishment 1]
@@ -228,14 +241,14 @@ Append an entry to `.planning/MILESTONES.md`:
228
241
 
229
242
  **Archive:** `.planning/milestones/v[X.Y]-ROADMAP.md`
230
243
  **Requirements:** `.planning/milestones/v[X.Y]-REQUIREMENTS.md`
231
- **Tag:** `v[X.Y]`
244
+ **Suggested tag:** `v[X.Y]` (advisory; omit or mark not created unless git confirms it exists)
232
245
  ```
233
246
 
234
247
  ## 9. Evolve SPEC.md
235
248
 
236
249
  Update SPEC.md to reflect the completed milestone:
237
250
 
238
- **Move shipped requirements:**
251
+ **Move completed requirements:**
239
252
  - Move all Must Have requirements that were satisfied this milestone to the `### Validated (existing capabilities)` section
240
253
  - Format: `- [x] **[ID]**: [title] — [brief outcome note]`
241
254
 
@@ -244,7 +257,7 @@ Update SPEC.md to reflect the completed milestone:
244
257
  ```markdown
245
258
  ## Current State
246
259
 
247
- - **Milestone:** v[X.Y] [Name] — SHIPPED [date]
260
+ - **Milestone:** v[X.Y] [Name] — COMPLETED [date]
248
261
  - **Phases:** [N]–[M] complete, all requirements verified ([N]/[N]), [test count] tests passing
249
262
  - **Archive:** `.planning/milestones/v[X.Y]-ROADMAP.md`
250
263
  - **Decisions:** [D1–DN] evidence-backed, all in [reference if applicable]
@@ -264,12 +277,12 @@ Replace the active milestone phases in ROADMAP.md with a collapsed `<details>` b
264
277
 
265
278
  ## Milestones
266
279
 
267
- - ✅ **v[X.Y] [Name]** — Phases [N]–[M] (shipped [date])
280
+ - ✅ **v[X.Y] [Name]** — Phases [N]–[M] (completed [date])
268
281
 
269
282
  ## Phases
270
283
 
271
284
  <details>
272
- <summary>✅ v[X.Y] [Name] (Phases [N]–[M]) — SHIPPED [date]</summary>
285
+ <summary>✅ v[X.Y] [Name] (Phases [N]–[M]) — COMPLETED [date]</summary>
273
286
 
274
287
  - [x] **Phase [N]: [Name]** — completed [date]
275
288
  - [x] **Phase [N+1]: [Name]** — completed [date]
@@ -298,7 +311,7 @@ Advisory: Tag this milestone in git:
298
311
  </process>
299
312
 
300
313
  <success_criteria>
301
- - [ ] Readiness verified (phases complete + audit passed, or user chose to proceed with gaps)
314
+ - [ ] Readiness verified (phases complete, audit passed, evidence contract satisfied, and inherited release claim contract valid)
302
315
  - [ ] Version confirmed
303
316
  - [ ] Stats gathered from SUMMARY.md files and git
304
317
  - [ ] Accomplishments extracted and reviewed
@@ -306,7 +319,7 @@ Advisory: Tag this milestone in git:
306
319
  - [ ] `.planning/milestones/v[X.Y]-REQUIREMENTS.md` created with all requirement statuses
307
320
  - [ ] `.planning/MILESTONES.md` updated with new entry
308
321
  - [ ] SPEC.md Must Have requirements moved to Validated section
309
- - [ ] SPEC.md Current State updated to reflect shipped status
322
+ - [ ] SPEC.md Current State updated to reflect completed status
310
323
  - [ ] ROADMAP.md collapsed with `<details>` block pointing to archive
311
324
  - [ ] Advisory git tag suggestion presented
312
325
  </success_criteria>
@@ -330,7 +343,7 @@ Archived:
330
343
 
331
344
  Also available:
332
345
  - `/gsdd-progress` — check overall project status
333
- - `/gsdd-audit-milestone` — re-audit before archiving (if you skipped the audit)
346
+ - `/gsdd-audit-milestone` — re-audit if source truth changed before archive
334
347
 
335
348
  Consider clearing context before starting the next workflow for best results.
336
349
  ---
@@ -6,15 +6,20 @@ You DO NOT freelance. You DO NOT add features outside the plan.
6
6
  </role>
7
7
 
8
8
  <load_context>
9
- CRITICAL: Read every file below before performing any other actions. This is your primary context.
10
-
11
- 1. `.planning/phases/{plan_id}-PLAN.md` or the target plan file provided by the orchestrator
12
- 2. `.planning/SPEC.md` - requirements, constraints, and current state
13
- 3. `.planning/ROADMAP.md` - phase goal and success criteria
14
- 4. Previous phase summaries beyond the immediately prior completed phase, if they are genuinely relevant
15
- 5. Relevant source files listed in the plan's `<files>` sections
16
- 6. `.planning/phases/*-SUMMARY.md` for the immediately prior completed phase - if a `<judgment>` section is present, read all four sub-sections. Honor `<anti_regression>` rules as execution constraints. Use `<active_constraints>` and `<decision_posture>` to calibrate deviation decisions.
17
- 7. **Session-boundary fallback:** If no prior completed phase SUMMARY.md with a `<judgment>` section was found in step 6, check whether `.planning/.continue-here.bak` exists. If it does, read its `<judgment>` section. Honor `<anti_regression>` rules as execution constraints and use `<active_constraints>` and `<decision_posture>` to calibrate deviation decisions. After reading, run `node .planning/bin/gsdd.mjs file-op delete .planning/.continue-here.bak --missing ok` (auto-clean).
9
+ Load only the context needed for the next safe action. Use these tiers instead of rereading every possible file before implementation.
10
+
11
+ ### mandatory_now
12
+ Read before mutation: target `PLAN.md` frontmatter/current task/boundaries; bounded `.planning/SPEC.md` current state, active requirement IDs, and relevant constraints; `.planning/ROADMAP.md` phase goal/status/success criteria; immediately prior `.planning/phases/*-SUMMARY.md` `<judgment>` when present; and the preflight result from `<lifecycle_preflight>`.
13
+ If no immediately prior SUMMARY `<judgment>` exists, check whether `.planning/.continue-here.bak` exists before mutation. If it exists, read its `<judgment>`, honor `<anti_regression>`, `<active_constraints>`, and `<decision_posture>`, then run `node .planning/bin/gsdd.mjs file-op delete .planning/.continue-here.bak --missing ok` (workflow-owned auto-clean).
14
+
15
+ ### task_scoped
16
+ Read before editing each task, not all at startup: current task `<files>` entries, relevant source needed for current symbols/callers/tests/generated surfaces, and focused neighboring references found by targeted search.
17
+
18
+ ### reference_only
19
+ Consult deeper `.planning/SPEC.md` and `.planning/ROADMAP.md` sections only for the specific decision, requirement, or status being validated.
20
+
21
+ ### deferred_or_conditional
22
+ Read only when the current task or a deviation needs them: older phase summaries and broader historical context beyond the mandatory-now handoff.
18
23
  </load_context>
19
24
 
20
25
  <repo_root_helper_contract>
@@ -23,9 +28,7 @@ All `node .planning/bin/gsdd.mjs ...` helper commands below assume the current w
23
28
 
24
29
  <lifecycle_preflight>
25
30
  Before implementing or mutating any lifecycle artifact, run:
26
-
27
31
  - `node .planning/bin/gsdd.mjs lifecycle-preflight execute {phase_num} --expects-mutation phase-status`
28
-
29
32
  If the preflight result is `blocked`, STOP and surface the blocker instead of inferring eligibility from workflow-local prose.
30
33
 
31
34
  Treat the preflight as an authorization seam over shared repo truth only:
@@ -52,7 +55,6 @@ If plan runtime/assurance is missing, use `status: unknown`.
52
55
  A phase often contains multiple plans. When invoked at the phase level (no specific plan provided), run this orchestration step first.
53
56
 
54
57
  ### Discover Plans and Group by Wave
55
-
56
58
  1. Scan `.planning/phases/{phase_dir}/` for all `*-PLAN.md` files.
57
59
  2. For each plan, read its frontmatter `wave` field (default: `wave: 1` if absent).
58
60
  3. Group plans by wave number. Collect the set of distinct wave numbers and sort them ascending.
@@ -70,7 +72,6 @@ Plans already complete (have SUMMARY): {list}
70
72
  Confirm with the user before proceeding if any existing SUMMARYs look stale or incomplete.
71
73
 
72
74
  ### Execute Wave by Wave
73
-
74
75
  For each wave in ascending order:
75
76
  1. Execute each plan in the wave **sequentially** using the `<execution_loop>` below.
76
77
  2. After each plan: verify `{plan_id}-SUMMARY.md` exists on disk.
@@ -79,7 +80,6 @@ For each wave in ascending order:
79
80
  5. After all plans in a wave are complete, advance to the next wave.
80
81
 
81
82
  ### Aggregate Summary
82
-
83
83
  After all waves complete, produce a brief aggregate report:
84
84
  ```
85
85
  Phase {N} complete.
@@ -98,14 +98,14 @@ For each task in the plan, follow this loop:
98
98
 
99
99
  ```text
100
100
  1. Read the plan frontmatter and current task.
101
- 2. Implement the task action.
102
- 3. Run the task's verify steps.
103
- 4. Handle any git actions using repo or user conventions.
104
- 5. Record task completion in your working notes and final SUMMARY.md.
101
+ 2. Read the task_scoped files and focused references needed for that task.
102
+ 3. Implement the task action.
103
+ 4. Run the task's verify steps.
104
+ 5. Handle any git actions using repo or user conventions.
105
+ 6. Record task completion in your working notes and final SUMMARY.md.
105
106
  ```
106
107
 
107
108
  ### Frontmatter And Task Semantics
108
-
109
109
  The executor consumes the plan schema defined by `/gsdd-plan`:
110
110
  - frontmatter keys: `phase`, `plan`, `type`, `wave`, `depends_on`, `files-modified`, `autonomous`, `requirements`, `must_haves`, `tdd`
111
111
  - task types:
@@ -120,15 +120,12 @@ Checkpoint tasks are contract boundaries. Continuing past one silently breaks th
120
120
  - Follow the `<action>` precisely.
121
121
  - If a task references existing code, read it first and match existing patterns.
122
122
  - If you are unsure about something, check `.planning/SPEC.md` decisions first, then ask if still unclear.
123
+ - Do not run destructive git, broad cleanup, or file deletion actions without explicit human approval, except explicitly named workflow-owned housekeeping commands such as `.planning/.continue-here.bak` auto-clean.
123
124
 
124
125
  ### Change-Impact Discipline
125
- Before modifying any existing behavior, run a ripple check:
126
-
127
- 1. Grep before you change.
128
- ```bash
129
- grep -r "thing-being-changed" . --include="*.md" --include="*.ts" --include="*.js"
130
- ```
131
- Update every relevant reference.
126
+ Before modifying any existing behavior, run a targeted ripple check for the current task:
127
+ 1. Search before you change.
128
+ Search for the specific symbol, file path, command, status word, or contract term being changed. Keep the search scoped to the affected task and adjacent references unless the plan explicitly requires a broader migration. Update every relevant reference you find.
132
129
  Missing one creates a stale reference: code or docs that still look valid but mislead the next agent or developer.
133
130
 
134
131
  2. Create before you reference.
@@ -136,11 +133,10 @@ Before modifying any existing behavior, run a ripple check:
136
133
  This prevents workflows, summaries, and code from pointing at artifacts that were never created.
137
134
 
138
135
  3. Verify imports survive deletion.
139
- When removing an import, function, or variable, grep for all usages before deleting it.
136
+ When removing an import, function, or variable, search for all usages before deleting it.
140
137
  This catches dead references before they turn into broken execution paths.
141
138
 
142
139
  ### TDD Execution
143
-
144
140
  If a task frontmatter includes `tdd: true`, switch to RED-GREEN-REFACTOR cycle for that task:
145
141
 
146
142
  **RED — Write the failing test first**
@@ -290,13 +286,17 @@ Keep the update factual and compact:
290
286
 
291
287
  ### 2. Update ROADMAP.md Phase Status
292
288
  Do not hand-edit the ROADMAP checkbox line. Use the status-aware helper instead:
293
-
294
289
  - Run `node .planning/bin/gsdd.mjs phase-status {N} in_progress` when implementation work has started or this plan completes.
295
290
  - Do NOT run `node .planning/bin/gsdd.mjs phase-status {N} done` from execute. Only verify may close a phase after writing a `status: passed` VERIFICATION.md.
296
291
 
297
292
  The helper owns the `[ ]` / `[-]` / `[x]` mutation for `.planning/ROADMAP.md`, including both the overview line and the matching `## Phase Details` `**Status**` line when both exist.
298
293
 
299
- ### 3. Write Phase Summary
294
+ ### 3. Rebaseline Reviewed Planning State
295
+ After `.planning/SPEC.md` and `phase-status` updates are complete and reviewed as intentional, run:
296
+ - `node .planning/bin/gsdd.mjs session-fingerprint write`
297
+ This is the explicit planning-state handoff. Do not rely on a no-op `phase-status` command to rebaseline SPEC drift.
298
+
299
+ ### 4. Write Phase Summary
300
300
  Create `.planning/phases/{phase_dir}/{plan_id}-SUMMARY.md` with:
301
301
 
302
302
  ```markdown
@@ -410,7 +410,8 @@ For each completed task:
410
410
  For state updates:
411
411
  [ ] .planning/SPEC.md "Current State" is accurate
412
412
  [ ] ROADMAP.md status remains open (`[-]` if status was updated) until verification passes
413
- [ ] SUMMARY.md exists and reflects the actual work
413
+ [ ] `node .planning/bin/gsdd.mjs session-fingerprint write` ran after reviewed SPEC and phase-status updates
414
+ [ ] SUMMARY.md exists with `<checks>`, `<handoff>`, `<deltas>`, and `<judgment>` and reflects the actual work
414
415
 
415
416
  Overall:
416
417
  [ ] Any git actions taken match what you are reporting
@@ -426,13 +427,14 @@ Execution is done when all of these are true:
426
427
  - [ ] All `type="auto"` tasks in the plan are implemented and verified
427
428
  - [ ] Any checkpoint task caused an explicit stop and handoff instead of silent continuation
428
429
  - [ ] Deviation rules were followed
429
- - [ ] Mandatory context files read first when provided
430
+ - [ ] Mandatory-now context and task-scoped files read at the correct execution point
430
431
  - [ ] Authentication gates handled with the auth-gate protocol
431
432
  - [ ] `.planning/SPEC.md` current state is updated accurately
432
433
  - [ ] `ROADMAP.md` uses `[ ]`, `[-]`, `[x]` consistently and is not marked `[x]` by execute
434
+ - [ ] `node .planning/bin/gsdd.mjs session-fingerprint write` was run after reviewed planning-state updates
433
435
  - [ ] `SUMMARY.md` is written
434
436
  - [ ] `SUMMARY.md` frontmatter records `runtime` and `assurance`
435
- - [ ] `SUMMARY.md` includes structured `<checks>`, `<handoff>`, and `<deltas>` sections
437
+ - [ ] `SUMMARY.md` includes structured `<checks>`, `<handoff>`, `<deltas>`, and `<judgment>` sections
436
438
  - [ ] Self-check passed
437
439
  - [ ] Any git actions honor repo or user conventions and `.planning/config.json`
438
440
  </success_criteria>
@@ -22,6 +22,14 @@ Identify the target phase: the first phase with status `[ ]` or `[-]` in `ROADMA
22
22
  All `node .planning/bin/gsdd.mjs ...` helper commands below assume the current working directory is the repo root. If the runtime launched from a subdirectory, change to the repo root before running them.
23
23
  </repo_root_helper_contract>
24
24
 
25
+ <lifecycle_preflight>
26
+ Before writing or rewriting phase planning artifacts, run:
27
+
28
+ - `node .planning/bin/gsdd.mjs lifecycle-preflight plan {phase_num}`
29
+
30
+ If the preflight result is `blocked`, STOP and report the blocker instead of inferring planning eligibility from workflow-local prose. Read-only status checks may warn, but plan creation is an owned-write lifecycle action and must not silently proceed through material planning-state drift.
31
+ </lifecycle_preflight>
32
+
25
33
  <integration_surface_check>
26
34
  Before planning roadmap work, inspect the live integration surface separately from checkpoint or planning artifacts:
27
35
  - current branch name
@@ -411,18 +419,15 @@ notes: [What the checker actually validated or why it was skipped]
411
419
 
412
420
  <approach_exploration>
413
421
  ### When This Runs
414
-
415
422
  Check `.planning/config.json` for `workflow.discuss`:
416
423
  - If `workflow.discuss: false` (or key missing): skip this section, go to `<goal_backward_planning>`. Note `reduced_alignment` in the orchestration summary.
417
424
  - If `workflow.discuss: true`: mandatory before planning.
418
425
 
419
426
  ### Check for Existing APPROACH.md
420
-
421
427
  Check if `{phase_dir}/{padded_phase}-APPROACH.md` exists.
422
-
423
428
  **If exists:**
424
429
  Offer the user a choice:
425
- - "Use existing" — load decisions from APPROACH.md, skip to `<goal_backward_planning>`
430
+ - "Use existing" — load decisions from APPROACH.md, validate the alignment proof below, then continue to `<goal_backward_planning>` only if the proof is valid
426
431
  - "Update it" — run the approach explorer to revise decisions
427
432
  - "View it" — display APPROACH.md contents, then offer "Use existing" / "Update"
428
433
 
@@ -430,9 +435,7 @@ Offer the user a choice:
430
435
  Run the approach explorer.
431
436
 
432
437
  ### Running the Approach Explorer
433
-
434
438
  **Primary path — inline conversation with research subagents:**
435
-
436
439
  The conversation with the user runs inline in the main context. For each technical gray area, a read-only research subagent is spawned to isolate heavy codebase and documentation reads, returning only compressed summaries.
437
440
 
438
441
  1. Load context: read ONLY locked decisions from `.planning/SPEC.md` and the target phase goal/requirements from `.planning/ROADMAP.md`.
@@ -458,7 +461,7 @@ The conversation with the user runs inline in the main context. For each technic
458
461
  **Native agent optimization:**
459
462
 
460
463
  If your runtime provides an interactive `gsdd-approach-explorer` agent:
461
- - Invoke it with: target phase goal, requirement IDs, locked decisions, phase research (if exists), relevant codebase files
464
+ - Invoke it with: target phase goal, requirement IDs, project config from `.planning/config.json` (especially `workflow.discuss`), locked decisions, phase research (if exists), relevant codebase files
462
465
  - The native agent runs the full exploration in its own context window
463
466
  - This is an optimization — the output (APPROACH.md) is identical to the primary path
464
467
 
@@ -471,8 +474,8 @@ If neither the primary path nor native agent is available (e.g., the runtime can
471
474
  - Explicitly report `reduced_alignment` — the user did not get full research-backed exploration
472
475
 
473
476
  ### Using APPROACH.md Decisions
474
-
475
477
  After approach exploration completes (or existing APPROACH.md is loaded):
478
+ - If `workflow.discuss: true`, validate that APPROACH.md records `alignment_status: user_confirmed` or `alignment_status: approved_skip` with the canonical fields `alignment_method`, `user_confirmed_at`, `explicit_skip_approved`, `skip_scope`, `skip_rationale`, and `confirmed_decisions` before goal-backward planning begins. Stop and update the APPROACH artifact if proof is missing, unknown, agent-discretion-only, or based only on agent "No questions needed" judgment.
476
479
  - Treat decisions from APPROACH.md as locked constraints, same priority as `.planning/SPEC.md` decisions
477
480
  - "Agent's Discretion" items from APPROACH.md give the planner flexibility — do not treat them as locked
478
481
  - Thread the APPROACH.md file path to both the planner prompt and the plan-checker prompt
@@ -485,11 +488,9 @@ The approach explorer's full role contract is at `.planning/templates/roles/appr
485
488
 
486
489
  <plan_check_orchestration>
487
490
  ### How Plan Checking Works
488
-
489
491
  After the planner produces a draft plan, an independent checker reviews it in fresh context. The checker does not inherit the planner's hidden reasoning; it treats the plan as an untrusted draft.
490
492
 
491
493
  ### What The Checker Verifies
492
-
493
494
  1. `requirement_coverage` - every phase requirement is covered by at least one concrete task
494
495
  2. `task_completeness` - every task has files, action, verify, and done fields; verify quality sub-checks ensure at least one runnable command per task, flag slow or watch-mode verification, and check test file ordering
495
496
  3. `dependency_correctness` - ordering, dependencies, and plan structure are coherent
@@ -503,20 +504,21 @@ After the planner produces a draft plan, an independent checker reviews it in fr
503
504
  11. `escalation_integrity` - stop-and-challenge triggers and approval gates are present where side effects or ambiguity warrant them
504
505
  12. `closure_honesty` - closure claim limit prevents the plan from overclaiming what verification can prove
505
506
  13. `high_leverage_review` - high-leverage surfaces and second-pass obligations are recorded honestly
506
- 14. `approach_alignment` - when APPROACH.md exists, plans implement the chosen approaches, not alternatives. Blocker if plan contradicts an explicit user choice. Warning if plan drifts from recommendation without justification. Skipped when no APPROACH.md is provided.
507
+ 14. `approach_alignment` - when APPROACH.md exists, plans implement the chosen approaches, not alternatives. Blocker if plan contradicts an explicit user choice. Warning if plan drifts from recommendation without justification. When `workflow.discuss: true`, missing, proofless, agent-discretion-only, or invalid APPROACH.md is a blocker before a plan can be accepted.
507
508
  ### Invoking the Checker
508
- 1. If `.planning/config.json` has `workflow.planCheck: false`, skip the independent checker. Perform the planner self-check below and report `reduced_assurance`.
509
+ 1. If `.planning/config.json` has `workflow.planCheck: false`, skip the independent checker. Perform the planner self-check below and report `reduced_assurance`. This does not skip the earlier alignment-proof gate when `workflow.discuss: true`.
509
510
  2. If plan checking is enabled, check if your runtime provides a `gsdd-plan-checker` agent.
510
511
  3. If a native checker agent is available, invoke it in a fresh context with only these explicit inputs:
511
512
  - target phase goal and requirement IDs
512
513
  - relevant locked decisions / deferred items from `.planning/SPEC.md`
514
+ - project config from `.planning/config.json`, especially `workflow.discuss` and `workflow.planCheck`
513
515
  - approach decisions from `.planning/phases/*-APPROACH.md` (if exists)
514
516
  - relevant phase research file(s)
515
517
  - produced `.planning/phases/*-PLAN.md` file(s)
516
518
  4. Require the checker to return a single JSON object:
517
519
  ```json
518
520
  {
519
- "status": "passed",
521
+ "status": "issues_found",
520
522
  "summary": "One sentence overall assessment",
521
523
  "issues": [
522
524
  {
@@ -530,10 +532,10 @@ After the planner produces a draft plan, an independent checker reviews it in fr
530
532
  ]
531
533
  }
532
534
  ```
533
- Status must be either "passed" or "issues_found".
535
+ Status must be either "passed" or "issues_found". Use "passed" only when "issues": []; any blocker or warning must use "issues_found".
534
536
  5. If the checker returns `passed`, finish and summarize.
535
537
  6. If the checker returns `issues_found`, revise the existing plan files only where needed, then invoke the checker again.
536
- 7. Maximum 3 checker cycles total. If blockers remain after cycle 3, stop and escalate to the user instead of pretending the plan is ready.
538
+ 7. Maximum 3 checker cycles total. If any blockers or warnings remain after cycle 3, stop and escalate to the user instead of pretending the plan is ready.
537
539
  8. If no native checker agent is available in your runtime, perform the planner self-check below and explicitly report `reduced_assurance` rather than claiming an independent checker ran.
538
540
  When the checker outcome is finalized, write the result into the plan artifact:
539
541
  - checker ran in same runtime or planner self-check only -> set frontmatter `assurance: self_checked`
@@ -553,7 +555,7 @@ The checker returns structured JSON feedback with specific issues, severities, a
553
555
 
554
556
  ### When To Escalate
555
557
 
556
- If blockers remain after 3 checker cycles, the orchestrator stops and escalates to the user. It does not pretend the plan is ready.
558
+ If any blockers or warnings remain after 3 checker cycles, the orchestrator stops and escalates to the user. It does not pretend the plan is ready.
557
559
  </plan_check_orchestration>
558
560
 
559
561
  <plan_self_check>
@@ -117,12 +117,12 @@ Apply the shared `verify` matrix:
117
117
  | delivery_posture | required evidence | recommended evidence | cannot carry closure alone |
118
118
  | -------------------- | ----------------- | -------------------------- | -------------------------- |
119
119
  | `repo_only` | `code` | `test` | `human`, `delivery` |
120
- | `delivery_sensitive` | `code`, `runtime` | `test`, `delivery`, `human` | `code`, `human` |
120
+ | `delivery_sensitive` | `code`, `runtime`, `delivery` | `test`, `human` | `code`, `human` |
121
121
 
122
122
  Rules:
123
123
  - repo-only work must not invent `runtime` or `delivery` proof just to satisfy a template
124
- - delivery-sensitive closure must not pass on prose, `code`-only inspection, or `human` confirmation without the required `runtime` evidence
125
- - `human` evidence supports ambiguous or visual outcomes; it does not replace required `code` or `runtime` evidence
124
+ - delivery-sensitive closure must not pass on prose, `code`-only inspection, or `human` confirmation without the required `runtime` and `delivery` evidence
125
+ - `human` evidence supports ambiguous or visual outcomes; it does not replace required `code`, `runtime`, or `delivery` evidence
126
126
  - if a required evidence kind cannot be collected, record it in `missing_evidence`; route purely human-observable follow-up to `human_verification` only when the blocking runtime/delivery requirement is already satisfied
127
127
 
128
128
  Note: this step does NOT replace levels 1–3. An artifact can satisfy the evidence-kind requirement and still fail Level 2 (substantive) or Level 3 (wired). Both checks must run.
@@ -247,10 +247,10 @@ status: gaps_found
247
247
  score: 2/3 must-haves verified
248
248
  delivery_posture: delivery_sensitive
249
249
  evidence_contract:
250
- required_kinds: [code, runtime]
251
- recommended_kinds: [test, delivery, human]
250
+ required_kinds: [code, runtime, delivery]
251
+ recommended_kinds: [test, human]
252
252
  observed_kinds: [code]
253
- missing_kinds: [runtime]
253
+ missing_kinds: [runtime, delivery]
254
254
  re_verification:
255
255
  previous_status: gaps_found
256
256
  previous_score: 1/3
@@ -262,9 +262,9 @@ re_verification:
262
262
  gaps:
263
263
  - truth: "Users can create a user from the page"
264
264
  status: failed
265
- required_evidence: [code, runtime]
265
+ required_evidence: [code, runtime, delivery]
266
266
  observed_evidence: [code]
267
- missing_evidence: [runtime]
267
+ missing_evidence: [runtime, delivery]
268
268
  severity: blocker # blocker = required proof absent; warning = artifact missing but proof exists via other means
269
269
  reason: "Form submits, but route returns placeholder data"
270
270
  artifacts:
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "gsdd-cli",
3
- "version": "0.19.0",
3
+ "version": "0.19.1",
4
4
  "description": "Workspine — a repo-native delivery spine for long-horizon AI-assisted work, with directly validated support for Claude Code, Codex CLI, and OpenCode, published as gsdd-cli.",
5
5
  "type": "module",
6
6
  "bin": {