gsdd-cli 0.27.0 → 0.29.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (84) hide show
  1. package/README.md +53 -22
  2. package/agents/DISTILLATION.md +2 -2
  3. package/agents/README.md +4 -4
  4. package/agents/approach-explorer.md +4 -4
  5. package/agents/executor.md +20 -20
  6. package/agents/integration-checker.md +2 -2
  7. package/agents/planner.md +10 -26
  8. package/agents/researcher.md +2 -2
  9. package/agents/roadmapper.md +6 -6
  10. package/agents/synthesizer.md +18 -18
  11. package/agents/verifier.md +3 -3
  12. package/bin/adapters/agents.mjs +3 -3
  13. package/bin/adapters/claude.mjs +16 -14
  14. package/bin/adapters/opencode.mjs +15 -12
  15. package/bin/gsdd.mjs +16 -13
  16. package/bin/lib/{models.mjs → config.mjs} +23 -16
  17. package/bin/lib/control-map.mjs +17 -488
  18. package/bin/lib/health-truth.mjs +8 -13
  19. package/bin/lib/health.mjs +25 -39
  20. package/bin/lib/init-flow.mjs +44 -38
  21. package/bin/lib/init-prompts.mjs +3 -3
  22. package/bin/lib/init-runtime.mjs +11 -30
  23. package/bin/lib/lifecycle-preflight.mjs +97 -410
  24. package/bin/lib/lifecycle-state.mjs +2 -1
  25. package/bin/lib/next.mjs +243 -20
  26. package/bin/lib/phase.mjs +706 -280
  27. package/bin/lib/plan-constants.mjs +0 -5
  28. package/bin/lib/rendering.mjs +64 -44
  29. package/bin/lib/runtime-freshness.mjs +18 -15
  30. package/bin/lib/state-dir.mjs +45 -0
  31. package/bin/lib/templates.mjs +59 -22
  32. package/bin/lib/work-context.mjs +12 -1
  33. package/bin/lib/workflows.mjs +0 -1
  34. package/bin/lib/workspace-root.mjs +11 -6
  35. package/distilled/DESIGN.md +89 -31
  36. package/distilled/EVIDENCE-INDEX.md +18 -5
  37. package/distilled/README.md +23 -33
  38. package/distilled/SKILL.md +9 -10
  39. package/distilled/templates/agents.block.md +5 -5
  40. package/distilled/templates/approach.md +3 -3
  41. package/distilled/templates/auth-matrix.md +2 -2
  42. package/distilled/templates/brownfield-change/CHANGE.md +1 -1
  43. package/distilled/templates/delegates/approach-explorer.md +5 -5
  44. package/distilled/templates/delegates/mapper-arch.md +3 -3
  45. package/distilled/templates/delegates/mapper-concerns.md +4 -4
  46. package/distilled/templates/delegates/mapper-quality.md +3 -3
  47. package/distilled/templates/delegates/mapper-tech.md +3 -3
  48. package/distilled/templates/delegates/plan-checker.md +18 -19
  49. package/distilled/templates/delegates/researcher-architecture.md +3 -3
  50. package/distilled/templates/delegates/researcher-features.md +3 -3
  51. package/distilled/templates/delegates/researcher-pitfalls.md +3 -3
  52. package/distilled/templates/delegates/researcher-stack.md +3 -3
  53. package/distilled/templates/delegates/researcher-synthesizer.md +7 -7
  54. package/distilled/templates/research/architecture.md +1 -1
  55. package/distilled/templates/research/pitfalls.md +1 -1
  56. package/distilled/templates/research/stack.md +1 -1
  57. package/distilled/templates/roadmap.md +4 -4
  58. package/distilled/templates/spec.md +2 -2
  59. package/distilled/templates/ui-proof.md +81 -181
  60. package/distilled/workflows/audit-milestone.md +23 -23
  61. package/distilled/workflows/complete-milestone.md +35 -35
  62. package/distilled/workflows/execute.md +34 -35
  63. package/distilled/workflows/map-codebase.md +30 -30
  64. package/distilled/workflows/new-milestone.md +18 -18
  65. package/distilled/workflows/new-project.md +45 -45
  66. package/distilled/workflows/pause.md +15 -15
  67. package/distilled/workflows/plan.md +106 -114
  68. package/distilled/workflows/progress.md +40 -39
  69. package/distilled/workflows/quick.md +49 -50
  70. package/distilled/workflows/resume.md +23 -22
  71. package/distilled/workflows/verify-work.md +7 -7
  72. package/distilled/workflows/verify.md +26 -26
  73. package/docs/BROWNFIELD-PROOF.md +1 -1
  74. package/docs/RUNTIME-SUPPORT.md +13 -13
  75. package/docs/USER-GUIDE.md +26 -21
  76. package/docs/claude/context-monitor.md +1 -1
  77. package/docs/proof/consumer-node-cli/README.md +1 -1
  78. package/package.json +3 -3
  79. package/bin/lib/closeout-report.mjs +0 -318
  80. package/bin/lib/evidence-contract.mjs +0 -325
  81. package/bin/lib/provenance.mjs +0 -390
  82. package/bin/lib/session-fingerprint.mjs +0 -223
  83. package/bin/lib/ui-proof.mjs +0 -1007
  84. package/distilled/workflows/plan-milestone-gaps.md +0 -204
@@ -1,200 +1,100 @@
1
- # UI Proof Bundle Template
1
+ # Browser Proof Observation Template
2
2
 
3
- Use this template when work affects rendered UI or when a plan defines `ui_proof_slots`. Keep the bundle compact, claim-specific, and attached to the relevant phase, quick task, or brownfield change.
3
+ Use this template when work affects rendered UI or when a plan sets
4
+ `browser_proof_required: true`. Keep the record compact, claim-specific, and
5
+ attached to the relevant phase, quick task, or brownfield change.
4
6
 
5
- UI proof uses the existing closure evidence kinds only: `code`, `test`, `runtime`, `delivery`, and `human`. Screenshots, traces, videos, reports, accessibility scans, Gherkin, visual diffs, and manual notes are artifact types or activities that map onto those evidence kinds. They are not new evidence kinds.
7
+ Browser proof uses the existing closure evidence kinds only: `code`, `test`,
8
+ `runtime`, `delivery`, and `human`. Screenshots, traces, videos, reports,
9
+ accessibility scans, visual diffs, and manual notes are artifacts or activities
10
+ that map onto those evidence kinds. They are not new evidence kinds.
6
11
 
7
- For live rendered UI evidence, default to `agent-browser`: open the route, capture an interactive snapshot/refs when interaction is part of the claim, exercise the changed flow, capture screenshots for the planned viewport(s), and record console/network observations when they affect the claim. If the repo already has Playwright tests or a package script wrapping them, those remain the canonical repeatable regression path; use them as `test` evidence and use `agent-browser` for complementary live runtime proof. Do not introduce new Playwright, Cypress, Storybook, CI, browser MCP, or visual-regression infrastructure just to satisfy this template. Use Playwright scripting only for checks `agent-browser` cannot cover cleanly, such as JS-disabled behavior, structured console listeners, or multi-context testing.
12
+ For live rendered UI evidence, default to `agent-browser`: open the route,
13
+ capture interactive refs when interaction is part of the claim, exercise the
14
+ changed flow, capture screenshots for planned viewport(s), and record
15
+ console/network observations when they affect the claim. If the repo already
16
+ has Playwright tests or a package script wrapping them, those remain the
17
+ repeatable regression path; use them as `test` evidence and use browser
18
+ observation for complementary runtime proof.
8
19
 
9
- Tool availability is part of the proof record. In runtimes where `agent-browser` is not available, first state that availability constraint, then use the closest project-native interactive browser path and record the fallback in `evidence_inputs.tools_used`, `commands_or_manual_steps`, and `claim_limits`. A fallback can support a narrowed local runtime claim, but it must not silently pretend that the default `agent-browser` path ran.
20
+ Do not introduce new Playwright, Cypress, Storybook, CI, browser MCP, or visual
21
+ regression infrastructure just to satisfy this template. Use Playwright
22
+ scripting only for checks `agent-browser` cannot cover cleanly, such as
23
+ JS-disabled behavior, structured console listeners, or multi-context testing.
10
24
 
11
- ## Planned Proof Slots
25
+ Tool availability is part of the proof record. In runtimes where
26
+ `agent-browser` is not available, first state that availability constraint, then
27
+ use the closest project-native interactive browser path and narrow the claim to
28
+ what that fallback actually proves.
12
29
 
13
- Every UI-sensitive plan needs either at least one slot under `ui_proof_slots` or an explicit `no_ui_proof_rationale` explaining why no rendered UI proof is required.
30
+ ## Plan Declaration
14
31
 
15
- ```yaml
16
- ui_proof_slots:
17
- - slot_id: ui-01
18
- requirement_id: REQ-01
19
- claim: "User can complete the changed flow without a broken rendered UI."
20
- route_state: "/example route, role, data state, and UI state to inspect"
21
- required_evidence_kinds: [test, runtime]
22
- optional_evidence_kinds: [human]
23
- minimum_observations:
24
- - "Changed control is visible and usable in the stated state."
25
- - "Expected interaction completes without console/runtime error."
26
- expected_artifact_types: [screenshot, report]
27
- validation_command: "gsdd ui-proof compare {work_item_dir}/ui-proof-slots.json {work_item_dir}/UI-PROOF.md"
28
- environment:
29
- app_url: "http://localhost:3000"
30
- data_state: "synthetic or seeded data"
31
- viewport:
32
- width: 1280
33
- height: 720
34
- notes: "State why this viewport is enough for the claim, or add separate slots/observations for mobile, desktop, or responsive states."
35
- manual_acceptance_required: false
36
- claim_limit: "Does not prove cross-browser layout, full accessibility conformance, production delivery, or unrelated UI states."
37
- no_ui_proof_rationale: null
38
- ```
32
+ Every UI-sensitive plan should contain:
39
33
 
40
- Slot rules:
41
- - Keep each slot tied to one exact UI claim.
42
- - Use the lightest proof that can catch a botched rendered experience for that claim.
43
- - Specify the route/state, viewport choice, minimum observations, expected artifact types, and runnable validation path tightly enough that a checker can reject vague proof before execution.
44
- - The planner chooses the viewport set, but the slot must explain the choice. Include desktop and mobile proof when the claim covers responsive layout or when the changed surface is likely to behave differently across those sizes; otherwise narrow the claim limit.
45
- - Source annotations, AST/cAST findings, semantic search hits, comments, and Semble-like retrieval may help discover proof obligations. They are discovery hints only; they do not satisfy proof slots.
46
- - Do not add Playwright, Cypress, Storybook, Cucumber, CI, browser MCP, or visual-regression tooling by default.
47
- - Human approval is required for visual taste, accessibility judgment, baseline acceptance, subjective polish/layout quality, and privacy publication decisions.
48
- - Human approval does not replace required non-human evidence when the slot requires `code`, `test`, `runtime`, or `delivery` evidence.
49
-
50
- ## Observed Proof Bundle
51
-
52
- Create or update this bundle during execution or verification when planned UI proof slots exist. JSON is the canonical machine-readable proof bundle format. Markdown proof files must include fenced JSON for deterministic validation.
53
-
54
- Replace placeholders such as `{work_item_dir}` with the current phase, quick-task, or brownfield-change directory before running commands or validating the bundle.
55
-
56
- ```json
57
- {
58
- "proof_bundle_version": 1,
59
- "scope": {
60
- "work_item": "phase-or-quick-or-brownfield-id",
61
- "requirement_ids": ["REQ-01"],
62
- "slot_ids": ["ui-01"],
63
- "claim": "User can complete the changed flow without a broken rendered UI."
64
- },
65
- "route_state": {
66
- "route": "/example",
67
- "state": "role, data state, feature flag, loading/error/empty state, or component story"
68
- },
69
- "environment": {
70
- "app_url": "http://localhost:3000",
71
- "browser": "agent-browser default; record fallback when unavailable",
72
- "browser_version": "record if known",
73
- "os": "record if relevant",
74
- "data_state": "synthetic or seeded data"
75
- },
76
- "viewport": {
77
- "width": 1280,
78
- "height": 720,
79
- "device_scale_factor": "record if relevant"
80
- },
81
- "evidence_inputs": {
82
- "kinds": ["test", "runtime"],
83
- "tools_used": ["playwright", "agent-browser"]
84
- },
85
- "commands_or_manual_steps": [
86
- {
87
- "command": "npm run test:e2e -- changed-flow.spec.ts",
88
- "exit_code": 0,
89
- "result": "passed",
90
- "attempts": 1
91
- },
92
- {
93
- "command": "agent-browser open http://localhost:3000/example && agent-browser snapshot -i && agent-browser screenshot {work_item_dir}/artifacts/example-1280.png --full",
94
- "result": "passed",
95
- "attempts": 1
96
- },
97
- {
98
- "manual_step": "Using agent-browser refs, complete the changed interaction as a synthetic user and check for visible breakage or relevant console/network failures.",
99
- "result": "passed"
100
- }
101
- ],
102
- "observations": [
103
- {
104
- "observation": "Changed control is visible and completes the flow.",
105
- "claim": "User can complete the changed flow without a broken rendered UI.",
106
- "route_state": {
107
- "route": "/example",
108
- "state": "role, data state, feature flag, loading/error/empty state, or component story"
109
- },
110
- "evidence_kind": "runtime",
111
- "artifact_refs": ["test-results/changed-flow-report/index.html", "{work_item_dir}/artifacts/example-1280.png"],
112
- "privacy": {
113
- "data_classification": "synthetic",
114
- "raw_artifacts_safe_to_publish": false,
115
- "retention": "temporary_review"
116
- },
117
- "result": "passed",
118
- "claim_limit": "Does not prove Safari/WebKit behavior."
119
- }
120
- ],
121
- "artifacts": [
122
- {
123
- "path": "test-results/changed-flow-report/index.html",
124
- "type": "report",
125
- "visibility": "local_only",
126
- "retention": "temporary_review",
127
- "sensitivity": "possible",
128
- "safe_to_publish": false,
129
- "notes": "Local report only; not public proof."
130
- },
131
- {
132
- "path": "{work_item_dir}/artifacts/example-1280.png",
133
- "type": "screenshot",
134
- "visibility": "local_only",
135
- "retention": "temporary_review",
136
- "sensitivity": "possible",
137
- "safe_to_publish": false,
138
- "notes": "Local screenshot only; not public proof unless sanitized and reclassified."
139
- }
140
- ],
141
- "privacy": {
142
- "data_classification": "synthetic",
143
- "redactions": [],
144
- "raw_artifacts_safe_to_publish": false,
145
- "retention": "Keep metadata bundle; keep raw artifacts only while needed for review or failed proof triage."
146
- },
147
- "manual_acceptance": {
148
- "required": false,
149
- "reviewer": null,
150
- "result": "not_applicable"
151
- },
152
- "result": {
153
- "claim_status": "passed",
154
- "comparison_status_by_slot": {
155
- "ui-01": "satisfied"
156
- },
157
- "failure_classification": null
158
- },
159
- "claim_limits": [
160
- "Does not prove Safari/WebKit behavior.",
161
- "Does not prove full WCAG conformance.",
162
- "Does not prove deployed production behavior."
163
- ]
164
- }
34
+ ```yaml
35
+ browser_proof_required: true
36
+ browser_proof_rationale: Visible route or interaction changes require rendered browser proof.
165
37
  ```
166
38
 
167
- Bundle rules:
168
- - Reference raw screenshots, traces, videos, DOM snapshots, reports, accessibility scans, Gherkin, and visual diffs by path or link. Do not store raw binary or sensitive artifacts inline.
169
- - Each observation must identify the claim, route/state, evidence kind, artifact references behind it, privacy metadata, result, and claim limit it supports.
170
- - Every observation `artifact_refs` value must match an `artifacts[].path` or `artifacts[].url` value.
171
- - Artifact count is never proof. Unsupported or weakly linked artifacts are `partial`, `missing`, `waived`, or `deferred`, not `satisfied`.
172
- - Each artifact must record the locked privacy fields `visibility`, `retention`, `sensitivity`, and `safe_to_publish`.
173
- - Raw screenshots, traces, videos, DOM snapshots, and reports default to `visibility: local_only` plus `safe_to_publish: false` unless explicitly classified as sanitized and safe to publish.
174
- - Local-only or `safe_to_publish: false` artifacts can support local review only; they must not back tracked, public, delivery, release, or publication proof claims.
175
- - Human acceptance may close a narrowed claim only by recording waiver, deferment, or proof debt; it must not upgrade missing or mismatched non-human proof to `satisfied`.
176
- - Quick-mode UI proof should use deterministic synthetic IDs such as `quick-001` and `quick-001-ui-01` when roadmap requirement IDs do not exist.
177
- - Classify failed UI proof using existing GSDD gap/proof-debt language: `product_bug`, `missing_infra`, `flaky_harness`, or `ambiguous_spec`. Do not add new result statuses or evidence kinds for those causes.
39
+ Plans that do not claim rendered UI behavior should contain:
178
40
 
179
- ## Deterministic Validation
41
+ ```yaml
42
+ browser_proof_required: false
43
+ browser_proof_rationale: CLI/docs/backend-only work; no visible UI behavior is claimed.
44
+ ```
180
45
 
181
- Use `gsdd ui-proof validate <path>` on JSON proof-bundle metadata or markdown fenced JSON before relying on a bundle for closure; add `--claim <public|publication|tracked|delivery|release>` only when validating that stronger proof use. Use `gsdd ui-proof compare <planned-slots-json> [observed-bundle-json ...]` when verifying planned proof slots against observed bundles through the deterministic product-facing path. Required planned-slot fields are `slot_id`, `claim`, `route_state`, `required_evidence_kinds`, `minimum_observations`, `expected_artifact_types`, `validation_command`, `environment`, `viewport`, `manual_acceptance_required`, and `claim_limit`. Required observed-bundle top-level fields are `proof_bundle_version`, `scope`, `route_state`, `environment`, `viewport`, `evidence_inputs`, `commands_or_manual_steps`, `observations`, `artifacts`, `privacy`, `result`, and `claim_limits`. The validator checks planned-slot specificity, required bundle and observation fields, structured command/manual-step entries, fixed evidence kinds, concise `tools_used` IDs, `result.claim_status`, observation `result`, comparison statuses, failure classification for failed/partial proof, non-empty claim limits, locked artifact and observation privacy fields, observation-to-artifact references, workspace-relative/http(s) artifact references, existing local artifact paths when validating from files, and explicit public/tracked/delivery proof claims that rely on local-only, unsafe, unsanitized, or privacy-contradictory artifacts. `claim_status`, observation `result`, and command/manual-step `result` use `passed`, `failed`, `partial`, `waived`, `deferred`, or `not_applicable`; failed/partial proof uses `product_bug`, `missing_infra`, `flaky_harness`, or `ambiguous_spec`. It does not inspect raw screenshot, trace, video, DOM, or report contents and does not require any specific browser provider such as `agent-browser`.
46
+ When browser proof is required, the plan body should include:
47
+
48
+ ```markdown
49
+ ## Browser Proof Plan
50
+ Routes/states: /example route, role, data state, and UI state to inspect
51
+ Viewports: Desktop 1280px and mobile 390px, or a narrowed viewport claim
52
+ Runtime path: agent-browser preferred; explain fallback constraints if unavailable
53
+ Evidence kind: runtime
54
+ No-command rationale: agent-browser/manual refs were required for this local runtime; claim is limited to the observed session.
55
+ Observations: Changed control is visible, interaction completes, no relevant console/network failures
56
+ Artifacts: .work/.../artifacts/example-1280.png (local-only unless sanitized)
57
+ Claim limit: Proves only this changed route/state and viewport set
58
+ ```
182
59
 
183
- ## Comparison Statuses
60
+ If no command can reproduce the proof because the runtime path is manual or
61
+ interactive only, replace `Evidence command:` with:
184
62
 
185
- Use these statuses when comparing planned slots to observed proof:
63
+ ```markdown
64
+ No-command rationale: agent-browser/manual refs were required for this local runtime; claim is limited to the observed session.
65
+ ```
186
66
 
187
- | Status | Meaning | Claim impact |
188
- | --- | --- | --- |
189
- | `satisfied` | Required observations and evidence kinds are present, scoped, and inspectable for the exact claim. | Supports the scoped UI claim. |
190
- | `partial` | Some proof exists, but observations, artifact references, evidence kinds, privacy metadata, or assurance are weaker than planned. | Record a reduced claim or gap. |
191
- | `missing` | Required proof is absent. | Blocks the UI claim unless explicitly waived or deferred. |
192
- | `waived` | A human or approved plan waiver accepts the risk. | Does not prove the UI claim. |
193
- | `deferred` | Proof moved to later work. | Current work must not claim the UI behavior is proven. |
194
- | `not_applicable` | Accepted rationale says no UI proof is required. | No UI proof gap for that claim. |
67
+ ## Observation Record
68
+
69
+ Write one record per checked flow:
70
+
71
+ ```markdown
72
+ ## Browser Proof Observation
73
+
74
+ - Plan: 01-example/01-PLAN.md
75
+ - Flow: /example route, role, data state, and UI state checked
76
+ - Viewports: 1280x720 desktop, 390x844 mobile
77
+ - Runtime path: agent-browser
78
+ - Evidence kind: runtime
79
+ - No-command rationale: agent-browser/manual refs were required for this local runtime; claim is limited to the observed session.
80
+ - Observed: Changed control rendered, interaction completed, no relevant console/network failures
81
+ - Artifacts:
82
+ - .work/.../artifacts/example-1280.png — local-only, not safe to publish
83
+ - .work/.../artifacts/example-390.png — local-only, not safe to publish
84
+ - Privacy/safety: artifacts are local-only and not safe to publish unless sanitized
85
+ - Result: passed
86
+ - Claim limit: Proves only the scoped route/state, data setup, and viewport set.
87
+ - Stale after: route markup, interaction behavior, data fixture, or viewport assumptions change.
88
+ ```
195
89
 
196
- Proof debt notes should name the slot, claim, route/state, missing or weak linkage, human acceptance basis, narrowed claim limit, and follow-up trigger.
90
+ For failed or partial proof, use the failure-cause names defined in
91
+ `distilled/references/proof-rules.md` and record the narrowed claim or follow-up
92
+ trigger.
197
93
 
198
94
  ## Claim Boundary
199
95
 
200
- A UI proof bundle proves only the scoped claim, route/state, environment, viewport, observations, and evidence kinds it records. It does not imply broad visual quality, cross-browser coverage, full accessibility conformance, production delivery, release readiness, or public proof unless those dimensions are explicitly planned, evidenced, and classified safe to publish.
96
+ Browser proof proves only the scoped route/state, environment, viewport,
97
+ observations, artifacts, and evidence kinds it records. It does not imply broad
98
+ visual quality, cross-browser coverage, full accessibility conformance,
99
+ production delivery, release readiness, or public proof unless those dimensions
100
+ are explicitly planned, evidenced, and safe to publish.
@@ -6,28 +6,28 @@ Core mindset: individual phases can pass while the milestone fails. Integration
6
6
 
7
7
  <load_context>
8
8
  Before starting, read these files:
9
- 1. `.planning/ROADMAP.md` - milestone phases, definitions of done, requirement assignments
10
- 2. `.planning/SPEC.md` - requirement IDs, descriptions, and checkbox status
11
- 3. All phase VERIFICATION.md files (from `.planning/phases/`)
12
- 4. All phase SUMMARY.md files (from `.planning/phases/`)
13
- 5. `.planning/AUTH_MATRIX.md` (if it exists) — authorization matrix for matrix-driven auth verification
9
+ 1. `.work/ROADMAP.md` - milestone phases, definitions of done, requirement assignments
10
+ 2. `.work/SPEC.md` - requirement IDs, descriptions, and checkbox status
11
+ 3. All phase VERIFICATION.md files (from `.work/phases/`)
12
+ 4. All phase SUMMARY.md files (from `.work/phases/`)
13
+ 5. `.work/AUTH_MATRIX.md` (if it exists) — authorization matrix for matrix-driven auth verification
14
14
  </load_context>
15
15
 
16
16
  <repo_root_helper_contract>
17
- All `node .planning/bin/gsdd.mjs ...` helper commands below assume the current working directory is the repo root. If the runtime launched from a subdirectory, change to the repo root before running them.
17
+ All `node .work/bin/gsdd.mjs ...` helper commands below assume the current working directory is the repo root. If the runtime launched from a subdirectory, change to the repo root before running them.
18
18
  </repo_root_helper_contract>
19
19
 
20
20
  <lifecycle_preflight>
21
21
  Before determining milestone scope or spawning the integration checker, run:
22
22
 
23
- - `node .planning/bin/gsdd.mjs lifecycle-preflight audit-milestone`
23
+ - `node .work/bin/gsdd.mjs lifecycle-preflight audit-milestone`
24
24
 
25
25
  If the preflight result is `blocked`, STOP and report the blocker instead of inferring milestone eligibility from workflow-local prose.
26
26
 
27
27
  Treat the preflight as an authorization seam over shared repo truth only:
28
28
  - it may authorize or reject milestone audit
29
29
  - it does not archive or mutate milestone state
30
- - the owned write for this workflow remains `.planning/v{version}-MILESTONE-AUDIT.md`
30
+ - the owned write for this workflow remains `.work/v{version}-MILESTONE-AUDIT.md`
31
31
  </lifecycle_preflight>
32
32
 
33
33
  <evidence_contract>
@@ -64,25 +64,25 @@ Rules:
64
64
  - deferrals must name the unsupported claim, missing evidence kind(s), and later workflow or milestone candidate when known
65
65
  - contradiction checks must cover evidence, public-surface, runtime, delivery, planning-drift, and generated-surface contradictions; stop or downgrade when the claim outruns the evidence
66
66
  - `delivery_posture` and `release_claim_posture` must remain compatible: `repo_closeout` and `runtime_validated_closeout` pair with `repo_only`; `delivery_supported_closeout` pairs with `delivery_sensitive`
67
- - local-only `.planning/` proof may support `repo_closeout`, but public-facing release/support claims need tracked public or repo-visible evidence when intended for external readers
67
+ - local-only `.work/` proof may support `repo_closeout`, but public-facing release/support claims need tracked public or repo-visible evidence when intended for external readers
68
68
  </evidence_contract>
69
69
 
70
70
  <process>
71
71
 
72
72
  ## 1. Determine Milestone Scope
73
73
 
74
- Parse `.planning/ROADMAP.md` for:
74
+ Parse `.work/ROADMAP.md` for:
75
75
  - All phases in the current milestone (sorted numerically)
76
76
  - Milestone definition of done
77
77
  - Phase-to-requirement mappings (the Requirements field in each phase detail)
78
78
 
79
- Parse `.planning/SPEC.md` for:
79
+ Parse `.work/SPEC.md` for:
80
80
  - All requirement IDs with descriptions
81
81
  - Current checkbox status (`[x]` vs `[ ]`)
82
82
 
83
83
  ## 2. Read All Phase Verifications
84
84
 
85
- For each phase directory in `.planning/phases/`, read the VERIFICATION.md.
85
+ For each phase directory in `.work/phases/`, read the VERIFICATION.md.
86
86
 
87
87
  From each VERIFICATION.md, extract:
88
88
  - **Status:** passed | gaps_found | human_needed
@@ -99,14 +99,14 @@ With phase context collected, delegate cross-phase integration checking:
99
99
 
100
100
  <delegate>
101
101
  **Identity:** Integration Checker
102
- **Instruction:** Read `.planning/templates/roles/integration-checker.md`, then check cross-phase integration.
102
+ **Instruction:** Read `.work/templates/roles/integration-checker.md`, then check cross-phase integration.
103
103
 
104
104
  **Context to provide:**
105
105
  - Phase directories in milestone scope
106
106
  - Key exports from each phase (extracted from SUMMARYs)
107
107
  - API routes and endpoints created
108
108
  - Milestone requirement IDs with descriptions and assigned phases
109
- - `.planning/AUTH_MATRIX.md` path (if it exists)
109
+ - `.work/AUTH_MATRIX.md` path (if it exists)
110
110
 
111
111
  **Task:** Verify cross-phase wiring, API coverage, auth protection, and E2E user flows. Return structured integration report with wiring summary, API coverage, auth protection, E2E flow status, and Requirements Integration Map.
112
112
 
@@ -126,7 +126,7 @@ Combine:
126
126
  - Integration checker's report (wiring gaps, auth gaps, broken flows, requirements integration map)
127
127
  - Evidence observations by kind (`code`, `test`, `runtime`, `delivery`, `human`) from phase verifications, summaries, integration findings, and delivery metadata
128
128
  - Release claim posture observations: selected `release_claim_posture`, unsupported claims, waivers, deferrals, and contradiction checks for public, runtime, delivery, planning-drift, and generated-surface claims
129
- - UI proof debt from phase/quick proof bundles or verification gaps, preserving the rule that waiver/deferment/human acceptance narrows claims rather than satisfying missing proof
129
+ - Browser-proof debt from phase/quick observation records or verification gaps, preserving the rule that waiver/deferment/human acceptance narrows claims rather than satisfying missing proof
130
130
 
131
131
  ## 5. 3-Source Cross-Reference
132
132
 
@@ -134,12 +134,12 @@ Cross-reference three independent sources for each requirement to determine sati
134
134
 
135
135
  ### 5a. Parse SPEC.md Requirements
136
136
 
137
- Extract all requirement IDs from `.planning/SPEC.md`:
137
+ Extract all requirement IDs from `.work/SPEC.md`:
138
138
  - Requirement ID, description, checkbox status (`[x]` vs `[ ]`)
139
139
 
140
140
  ### 5b. Parse ROADMAP.md Phase-to-Requirement Mapping
141
141
 
142
- For each phase in `.planning/ROADMAP.md`, extract the Requirements field:
142
+ For each phase in `.work/ROADMAP.md`, extract the Requirements field:
143
143
  - Which requirements are assigned to which phase
144
144
 
145
145
  ### 5c. Parse Phase VERIFICATION.md Requirements Tables
@@ -170,11 +170,11 @@ For each requirement, determine status using all available sources:
170
170
 
171
171
  **FAIL gate:** Any `unsatisfied` requirement forces `gaps_found` status on the milestone audit. No exceptions.
172
172
 
173
- **Orphan detection:** Requirements in `.planning/SPEC.md` that are mapped to phases in `.planning/ROADMAP.md` but absent from ALL phase VERIFICATION.md files are orphaned. Orphaned requirements are treated as `unsatisfied` - they were assigned but never verified by any phase.
173
+ **Orphan detection:** Requirements in `.work/SPEC.md` that are mapped to phases in `.work/ROADMAP.md` but absent from ALL phase VERIFICATION.md files are orphaned. Orphaned requirements are treated as `unsatisfied` - they were assigned but never verified by any phase.
174
174
 
175
175
  ## 6. Write Milestone Audit Report
176
176
 
177
- Create `.planning/v{version}-MILESTONE-AUDIT.md` with structured frontmatter:
177
+ Create `.work/v{version}-MILESTONE-AUDIT.md` with structured frontmatter:
178
178
 
179
179
  ```yaml
180
180
  ---
@@ -240,10 +240,10 @@ Evidence gate:
240
240
  - `repo_only` audits cannot be downgraded merely because `runtime` or `delivery` evidence was never relevant
241
241
  - a `passed` audit must have no unsupported stronger release claims unless they are explicitly downgraded or deferred in `release_claim_contract`
242
242
  - invalid waivers are blockers: human approval cannot replace missing `code`, `test`, `runtime`, or `delivery` evidence for a stronger claim
243
- - public/support wording must be scoped to tracked public or repo-visible evidence; local-only `.planning/` artifacts cannot carry public release claims by themselves
243
+ - public/support wording must be scoped to tracked public or repo-visible evidence; local-only `.work/` artifacts cannot carry public release claims by themselves
244
244
  - generated-surface freshness is claim-scoped: W11-style drift blocks only claims that depend on generated runtime/helper freshness, not unrelated repo-only closeout
245
245
 
246
- **MANDATORY: The milestone audit report must exist at `.planning/v{version}-MILESTONE-AUDIT.md` on disk before presenting results. If the file was not written, STOP and report the write failure. Do NOT present audit results from conversation context alone — this is the highest-cost artifact to regenerate. Do NOT downgrade a write failure into "results shown inline anyway."**
246
+ **MANDATORY: The milestone audit report must exist at `.work/v{version}-MILESTONE-AUDIT.md` on disk before presenting results. If the file was not written, STOP and report the write failure. Do NOT present audit results from conversation context alone — this is the highest-cost artifact to regenerate. Do NOT downgrade a write failure into "results shown inline anyway."**
247
247
 
248
248
  ## 7. Present Results
249
249
 
@@ -285,13 +285,13 @@ Audit is complete when all of these are true:
285
285
  Report the audit result to the user, then present the next step:
286
286
 
287
287
  ---
288
- **Completed:** Milestone audit — created `.planning/v{version}-MILESTONE-AUDIT.md`.
288
+ **Completed:** Milestone audit — created `.work/v{version}-MILESTONE-AUDIT.md`.
289
289
 
290
290
  If status is `passed`:
291
291
  **Next step:** `/gsdd-complete-milestone` — archive the milestone and prepare for the next
292
292
 
293
293
  If status is `gaps_found`:
294
- **Next step:** `/gsdd-plan-milestone-gaps` — create gap-closure phases for the unsatisfied requirements
294
+ **Next step:** `/gsdd-plan` amend/extend mode — create gap-closure phases for the unsatisfied requirements
295
295
 
296
296
  If status is `tech_debt`:
297
297
  **Next step:** Either `/gsdd-complete-milestone` (accept debt) or `/gsdd-plan` (cleanup phase)
@@ -7,39 +7,39 @@ Scope boundary: you archive the current milestone. You do not start the next one
7
7
  </role>
8
8
 
9
9
  <prerequisites>
10
- `.planning/ROADMAP.md` must exist with phases.
11
- `.planning/SPEC.md` must exist.
12
- If `.planning/MILESTONES.md` does not exist, create it now (this is the first milestone completion — Step 8 will write the first entry).
10
+ `.work/ROADMAP.md` must exist with phases.
11
+ `.work/SPEC.md` must exist.
12
+ If `.work/MILESTONES.md` does not exist, create it now (this is the first milestone completion — Step 8 will write the first entry).
13
13
 
14
- If `.planning/milestones/` does not exist, create it before writing archive files.
14
+ If `.work/milestones/` does not exist, create it before writing archive files.
15
15
  </prerequisites>
16
16
 
17
17
  <load_context>
18
18
  Before starting, read these files:
19
19
 
20
- 1. `.planning/ROADMAP.md` — phase statuses, milestone name, phase range
21
- 2. `.planning/SPEC.md` — requirements, validated capabilities, current state section
22
- 3. `.planning/MILESTONES.md` — previous milestone entries (for format reference); if this is the first milestone, skip — no previous entries exist yet
23
- 4. `.planning/config.json` — `gitProtocol`, `mode` (for STOP gate behavior)
24
- 5. All phase SUMMARY.md files in `.planning/phases/` — accomplishments, task counts
25
- 6. Most recent `.planning/v*-MILESTONE-AUDIT.md` — audit status (passed / gaps_found)
20
+ 1. `.work/ROADMAP.md` — phase statuses, milestone name, phase range
21
+ 2. `.work/SPEC.md` — requirements, validated capabilities, current state section
22
+ 3. `.work/MILESTONES.md` — previous milestone entries (for format reference); if this is the first milestone, skip — no previous entries exist yet
23
+ 4. `.work/config.json` — `gitProtocol`, `mode` (for STOP gate behavior)
24
+ 5. All phase SUMMARY.md files in `.work/phases/` — accomplishments, task counts
25
+ 6. Most recent `.work/v*-MILESTONE-AUDIT.md` — audit status (passed / gaps_found)
26
26
  </load_context>
27
27
 
28
28
  <repo_root_helper_contract>
29
- All `node .planning/bin/gsdd.mjs ...` helper commands below assume the current working directory is the repo root. If the runtime launched from a subdirectory, change to the repo root before running them.
29
+ All `node .work/bin/gsdd.mjs ...` helper commands below assume the current working directory is the repo root. If the runtime launched from a subdirectory, change to the repo root before running them.
30
30
  </repo_root_helper_contract>
31
31
 
32
32
  <lifecycle_preflight>
33
33
  Before verifying readiness or gathering archive stats, run:
34
34
 
35
- - `node .planning/bin/gsdd.mjs lifecycle-preflight complete-milestone`
35
+ - `node .work/bin/gsdd.mjs lifecycle-preflight complete-milestone`
36
36
 
37
37
  If the preflight result is `blocked`, STOP and report the blocker instead of inferring milestone-close eligibility from workflow-local prose.
38
38
 
39
39
  Treat the preflight as an authorization seam over shared repo truth only:
40
40
  - it may authorize or reject milestone completion
41
41
  - it does not mutate lifecycle state by itself
42
- - owned writes remain the archive artifacts, `MILESTONES.md`, `.planning/SPEC.md`, and the retained `ROADMAP.md` collapse
42
+ - owned writes remain the archive artifacts, `MILESTONES.md`, `.work/SPEC.md`, and the retained `ROADMAP.md` collapse
43
43
  </lifecycle_preflight>
44
44
 
45
45
  <evidence_contract>
@@ -66,7 +66,7 @@ Read the audit frontmatter and preserve:
66
66
  Shared closure rules:
67
67
  - `repo_only` completion may proceed with repo-local closure evidence only; do not invent `runtime` or `delivery` proof
68
68
  - `delivery_sensitive` completion must not proceed on code/prose-only evidence; the audit must already show required `code`, `test`, `runtime`, and `delivery` evidence with no missing required kinds
69
- - if the audit omits the evidence contract or still has missing required kinds, STOP and route back to `/gsdd-audit-milestone` or `/gsdd-plan-milestone-gaps` instead of silently closing the milestone
69
+ - if the audit omits the evidence contract or still has missing required kinds, STOP and route back to `/gsdd-audit-milestone` or `/gsdd-plan` amend/extend mode instead of silently closing the milestone
70
70
  - release claim postures are inherited from audit:
71
71
  - `repo_closeout` permits repo-local milestone closure only and must not imply public support, delivery, runtime validation, generated-surface freshness, package publication, tags, or GitHub Releases
72
72
  - `runtime_validated_closeout` may name only the runtime or surface with explicit `runtime` evidence
@@ -74,7 +74,7 @@ Shared closure rules:
74
74
  - inherited `delivery_posture` and `release_claim_posture` must be compatible: `repo_closeout` and `runtime_validated_closeout` use `repo_only`; `delivery_supported_closeout` uses `delivery_sensitive`
75
75
  - waivers are valid only when they narrow the release claim or defer an unsupported claim. Deferrals must name the unsupported claim, missing evidence kind(s), and later workflow or milestone candidate when known. STOP if a waiver preserves a stronger claim while required evidence is missing.
76
76
  - STOP if `release_claim_contract.unsupported_claims` remain without downgrade or deferral, if unsupported claims, invalid waivers, or failed contradiction checks remain, or if completion wording would claim more than the audit evidence supports. Failed contradiction checks are claim-scoped: generated-surface failures block only runtime/generated freshness claims, not unrelated `repo_closeout` completion.
77
- - local-only `.planning/` proof can support repo closeout, but cannot become public release proof by itself.
77
+ - local-only `.work/` proof can support repo closeout, but cannot become public release proof by itself.
78
78
  </evidence_contract>
79
79
 
80
80
  <process>
@@ -93,7 +93,7 @@ Check:
93
93
 
94
94
  STOP without archiving. Route to the narrowest corrective workflow instead:
95
95
  1. **Run audit first** — `/gsdd-audit-milestone` if audit is missing, stale, or missing required release-claim schema.
96
- 2. **Close gaps first** — `/gsdd-plan-milestone-gaps` if audit found gaps or the release claim outruns available evidence.
96
+ 2. **Close gaps first** — `/gsdd-plan` amend/extend mode if audit found gaps or the release claim outruns available evidence.
97
97
  3. **Abort** — stop without archiving if the user does not want corrective work now.
98
98
 
99
99
  **If all phases complete, audit passed, the audit evidence contract is satisfied, and the inherited release claim contract has no unsupported stronger claims:** Proceed.
@@ -122,7 +122,7 @@ Present 4-8 accomplishments for review. Trim or adjust with user before writing
122
122
 
123
123
  ## 5. Archive Roadmap
124
124
 
125
- Create `.planning/milestones/v[X.Y]-ROADMAP.md` with full milestone details:
125
+ Create `.work/milestones/v[X.Y]-ROADMAP.md` with full milestone details:
126
126
 
127
127
  ```markdown
128
128
  # Milestone v[X.Y]: [Name]
@@ -173,19 +173,19 @@ Plans:
173
173
 
174
174
  ---
175
175
 
176
- *For current project status, see `.planning/ROADMAP.md`*
176
+ *For current project status, see `.work/ROADMAP.md`*
177
177
  ```
178
178
 
179
179
  ## 6. Archive Requirements
180
180
 
181
- Create `.planning/milestones/v[X.Y]-REQUIREMENTS.md`:
181
+ Create `.work/milestones/v[X.Y]-REQUIREMENTS.md`:
182
182
 
183
183
  ```markdown
184
184
  # Requirements Archive: v[X.Y] Milestone
185
185
 
186
186
  **Archived:** [date]
187
187
  **Milestone:** [name]
188
- **Source:** `.planning/SPEC.md` requirements section at milestone completion
188
+ **Source:** `.work/SPEC.md` requirements section at milestone completion
189
189
 
190
190
  ---
191
191
 
@@ -211,17 +211,17 @@ Create `.planning/milestones/v[X.Y]-REQUIREMENTS.md`:
211
211
 
212
212
  ---
213
213
 
214
- *Source: `.planning/SPEC.md` as of [date]*
214
+ *Source: `.work/SPEC.md` as of [date]*
215
215
  *Next milestone requirements: defined via `/gsdd-new-milestone`*
216
216
  ```
217
217
 
218
218
  ## 7. Move Audit File
219
219
 
220
- If `.planning/v[X.Y]-MILESTONE-AUDIT.md` exists, note its location in the MILESTONES.md entry. (Leave the file in `.planning/` — it is already in the gitignored planning directory. No move required unless you prefer to co-locate it with the other archives.)
220
+ If `.work/v[X.Y]-MILESTONE-AUDIT.md` exists, note its location in the MILESTONES.md entry. (Leave the file in `.work/` — it is already in the gitignored planning directory. No move required unless you prefer to co-locate it with the other archives.)
221
221
 
222
222
  ## 8. Update MILESTONES.md
223
223
 
224
- Append an entry to `.planning/MILESTONES.md`:
224
+ Append an entry to `.work/MILESTONES.md`:
225
225
 
226
226
  ```markdown
227
227
  ## ✅ v[X.Y] — [Name] ([date])
@@ -239,8 +239,8 @@ Append an entry to `.planning/MILESTONES.md`:
239
239
  3. [Accomplishment 3]
240
240
  4. [Accomplishment 4]
241
241
 
242
- **Archive:** `.planning/milestones/v[X.Y]-ROADMAP.md`
243
- **Requirements:** `.planning/milestones/v[X.Y]-REQUIREMENTS.md`
242
+ **Archive:** `.work/milestones/v[X.Y]-ROADMAP.md`
243
+ **Requirements:** `.work/milestones/v[X.Y]-REQUIREMENTS.md`
244
244
  **Suggested tag:** `v[X.Y]` (advisory; omit or mark not created unless git confirms it exists)
245
245
  ```
246
246
 
@@ -259,7 +259,7 @@ Update SPEC.md to reflect the completed milestone:
259
259
 
260
260
  - **Milestone:** v[X.Y] [Name] — COMPLETED [date]
261
261
  - **Phases:** [N]–[M] complete, all requirements verified ([N]/[N]), [test count] tests passing
262
- - **Archive:** `.planning/milestones/v[X.Y]-ROADMAP.md`
262
+ - **Archive:** `.work/milestones/v[X.Y]-ROADMAP.md`
263
263
  - **Decisions:** [D1–DN] evidence-backed, all in [reference if applicable]
264
264
  - **Blockers:** None — [list any LATER-priority gaps if applicable]
265
265
  - **Next:** `/gsdd-new-milestone` to plan v[X.next] work
@@ -288,7 +288,7 @@ Replace the active milestone phases in ROADMAP.md with a collapsed `<details>` b
288
288
  - [x] **Phase [N+1]: [Name]** — completed [date]
289
289
  [...]
290
290
 
291
- Full details: [`.planning/milestones/v[X.Y]-ROADMAP.md`](milestones/v[X.Y]-ROADMAP.md)
291
+ Full details: [`.work/milestones/v[X.Y]-ROADMAP.md`](milestones/v[X.Y]-ROADMAP.md)
292
292
 
293
293
  </details>
294
294
 
@@ -315,9 +315,9 @@ Advisory: Tag this milestone in git:
315
315
  - [ ] Version confirmed
316
316
  - [ ] Stats gathered from SUMMARY.md files and git
317
317
  - [ ] Accomplishments extracted and reviewed
318
- - [ ] `.planning/milestones/v[X.Y]-ROADMAP.md` created with full phase details
319
- - [ ] `.planning/milestones/v[X.Y]-REQUIREMENTS.md` created with all requirement statuses
320
- - [ ] `.planning/MILESTONES.md` updated with new entry
318
+ - [ ] `.work/milestones/v[X.Y]-ROADMAP.md` created with full phase details
319
+ - [ ] `.work/milestones/v[X.Y]-REQUIREMENTS.md` created with all requirement statuses
320
+ - [ ] `.work/MILESTONES.md` updated with new entry
321
321
  - [ ] SPEC.md Must Have requirements moved to Validated section
322
322
  - [ ] SPEC.md Current State updated to reflect completed status
323
323
  - [ ] ROADMAP.md collapsed with `<details>` block pointing to archive
@@ -333,11 +333,11 @@ Report to the user what was archived, then present the next step:
333
333
  **Completed:** Milestone v[X.Y] [Name] archived.
334
334
 
335
335
  Archived:
336
- - `.planning/milestones/v[X.Y]-ROADMAP.md` — full phase details
337
- - `.planning/milestones/v[X.Y]-REQUIREMENTS.md` — requirements at milestone completion
338
- - `.planning/MILESTONES.md` — updated milestone history
339
- - `.planning/SPEC.md` — requirements evolved, current state updated
340
- - `.planning/ROADMAP.md` — active phases collapsed to `<details>`
336
+ - `.work/milestones/v[X.Y]-ROADMAP.md` — full phase details
337
+ - `.work/milestones/v[X.Y]-REQUIREMENTS.md` — requirements at milestone completion
338
+ - `.work/MILESTONES.md` — updated milestone history
339
+ - `.work/SPEC.md` — requirements evolved, current state updated
340
+ - `.work/ROADMAP.md` — active phases collapsed to `<details>`
341
341
 
342
342
  **Next step:** `/gsdd-new-milestone` — start the next milestone cycle
343
343