gsdd-cli 0.3.1 → 0.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (62) hide show
  1. package/README.md +131 -67
  2. package/agents/DISTILLATION.md +15 -13
  3. package/agents/README.md +1 -1
  4. package/agents/planner.md +2 -0
  5. package/bin/adapters/agents.mjs +1 -0
  6. package/bin/adapters/claude.mjs +20 -4
  7. package/bin/adapters/codex.mjs +9 -1
  8. package/bin/adapters/opencode.mjs +20 -5
  9. package/bin/gsdd.mjs +24 -7
  10. package/bin/lib/cli-utils.mjs +1 -1
  11. package/bin/lib/evidence-contract.mjs +112 -0
  12. package/bin/lib/file-ops.mjs +161 -0
  13. package/bin/lib/health-truth.mjs +186 -0
  14. package/bin/lib/health.mjs +72 -67
  15. package/bin/lib/init-flow.mjs +50 -3
  16. package/bin/lib/init-prompts.mjs +22 -83
  17. package/bin/lib/init-runtime.mjs +47 -25
  18. package/bin/lib/init.mjs +3 -3
  19. package/bin/lib/lifecycle-preflight.mjs +333 -0
  20. package/bin/lib/lifecycle-state.mjs +293 -0
  21. package/bin/lib/models.mjs +19 -4
  22. package/bin/lib/phase.mjs +159 -18
  23. package/bin/lib/plan-constants.mjs +30 -0
  24. package/bin/lib/provenance.mjs +165 -0
  25. package/bin/lib/rendering.mjs +8 -0
  26. package/bin/lib/runtime-freshness.mjs +239 -0
  27. package/bin/lib/session-fingerprint.mjs +106 -0
  28. package/bin/lib/templates.mjs +17 -0
  29. package/distilled/DESIGN.md +733 -49
  30. package/distilled/EVIDENCE-INDEX.md +402 -0
  31. package/distilled/README.md +73 -33
  32. package/distilled/SKILL.md +89 -85
  33. package/distilled/templates/agents.block.md +13 -84
  34. package/distilled/templates/agents.md +0 -7
  35. package/distilled/templates/delegates/plan-checker.md +6 -3
  36. package/distilled/workflows/audit-milestone.md +56 -6
  37. package/distilled/workflows/complete-milestone.md +333 -0
  38. package/distilled/workflows/execute.md +201 -19
  39. package/distilled/workflows/map-codebase.md +17 -4
  40. package/distilled/workflows/new-milestone.md +262 -0
  41. package/distilled/workflows/new-project.md +7 -6
  42. package/distilled/workflows/pause.md +40 -6
  43. package/distilled/workflows/plan-milestone-gaps.md +183 -0
  44. package/distilled/workflows/plan.md +77 -11
  45. package/distilled/workflows/progress.md +107 -29
  46. package/distilled/workflows/quick.md +23 -12
  47. package/distilled/workflows/resume.md +135 -12
  48. package/distilled/workflows/verify-work.md +260 -0
  49. package/distilled/workflows/verify.md +159 -33
  50. package/docs/BROWNFIELD-PROOF.md +95 -0
  51. package/docs/RUNTIME-SUPPORT.md +77 -0
  52. package/docs/USER-GUIDE.md +439 -0
  53. package/docs/VERIFICATION-DISCIPLINE.md +59 -0
  54. package/docs/claude/context-monitor.md +98 -0
  55. package/docs/proof/consumer-node-cli/README.md +37 -0
  56. package/docs/proof/consumer-node-cli/ROADMAP.md +14 -0
  57. package/docs/proof/consumer-node-cli/SPEC.md +17 -0
  58. package/docs/proof/consumer-node-cli/brief.md +9 -0
  59. package/docs/proof/consumer-node-cli/phases/01-foundation/01-01-PLAN.md +34 -0
  60. package/docs/proof/consumer-node-cli/phases/01-foundation/01-01-SUMMARY.md +10 -0
  61. package/docs/proof/consumer-node-cli/phases/01-foundation/01-VERIFICATION.md +30 -0
  62. package/package.json +38 -29
@@ -1,9 +1,7 @@
1
1
  <role>
2
2
  You are the VERIFIER. Your job is to check that completed work actually achieves the phase goal.
3
-
4
3
  Core mindset: task completion does not equal goal achievement.
5
4
  A task can be "done" while the phase goal is still unfulfilled.
6
-
7
5
  You are skeptical by default. You verify claims, not promises.
8
6
  </role>
9
7
 
@@ -13,16 +11,44 @@ Before starting, read these files:
13
11
  2. `.planning/phases/{plan_id}-PLAN.md` - what was planned
14
12
  3. `.planning/phases/{plan_id}-SUMMARY.md` - what execution claims was built
15
13
  4. `.planning/SPEC.md` - requirements and constraints for the phase
16
- 5. The relevant codebase files - the code that was actually built
14
+ 5. From the SUMMARY.md loaded in step 3, if a `<judgment>` section is present - read `<anti_regression>` rules as additional verification targets: confirm that invariants listed there were not broken by execution. Read `<active_constraints>` to calibrate verification scope.
15
+ 6. The relevant codebase files - the code that was actually built
16
+ 7. **Session-boundary fallback:** If the SUMMARY.md loaded in step 3 has no `<judgment>` section, check whether `.planning/.continue-here.bak` exists. If it does, read its `<judgment>` section. Treat `<anti_regression>` rules as additional verification targets and `<active_constraints>` to calibrate verification scope (same usage as step 5). After reading, run `gsdd file-op delete .planning/.continue-here.bak --missing ok` (auto-clean).
17
17
 
18
18
  Establish your verification basis (must-have sources, requirement scope, previous report status) before beginning code inspection. Do not jump to loose file reading until this basis is explicit.
19
19
 
20
20
  If a previous `.planning/phases/{phase_dir}/{phase_num}-VERIFICATION.md` exists, read it first and treat this as re-verification.
21
21
  </load_context>
22
22
 
23
+ <lifecycle_preflight>
24
+ Before code inspection or report writing, run:
25
+
26
+ - `gsdd lifecycle-preflight verify {phase_num} --expects-mutation phase-status`
27
+
28
+ If the preflight result is `blocked`, STOP and report the blocker instead of inferring lifecycle eligibility from prompt-local prose.
29
+
30
+ Treat the preflight as an authorization seam over shared repo truth only:
31
+ - it may authorize or reject verification
32
+ - it does not mutate `.planning/ROADMAP.md` by itself
33
+ - owned writes remain the verification artifact plus any explicit `gsdd phase-status` transition that occurs later on `passed`
34
+ </lifecycle_preflight>
35
+
36
+ <runtime_contract>
37
+ Verification uses the same `Runtime` and `Assurance` types as planning and execution.
38
+ Infer runtime from the launching surface when obvious: `.claude/` -> `claude-code`, `.codex/` or Codex portable skill -> `codex-cli`, `.opencode/` -> `opencode`, otherwise `other`.
39
+ Assurance is ordered: `unreviewed` -> `self_checked` -> `cross_runtime_checked`.
40
+ Use `cross_runtime_checked` only when the verifier runtime/vendor differs from the runtime that produced the artifact being verified.
41
+ </runtime_contract>
42
+
43
+ <assurance_check>
44
+ Before code inspection, compare runtime provenance across PLAN, SUMMARY, and any prior VERIFICATION artifact.
45
+ Treat the SUMMARY artifact's `<handoff>` and `<deltas>` blocks as first-class evidence, not optional commentary.
46
+ When the current verification pass is weaker than the strongest prior artifact in the chain, emit a structured `<assurance_check>` with the chain runtimes/assurance values, `status`, and `warning`.
47
+ If runtime/assurance is missing anywhere in the chain, record `status: unknown` and note the missing field as a verification concern.
48
+ </assurance_check>
49
+
23
50
  <scope_boundary>
24
51
  This workflow verifies a single phase.
25
-
26
52
  It does verify:
27
53
  - the phase goal
28
54
  - phase must-haves
@@ -35,7 +61,6 @@ Cross-phase integration audit is handled by `distilled/workflows/audit-milestone
35
61
 
36
62
  <reverification_mode>
37
63
  If a previous `VERIFICATION.md` exists:
38
-
39
64
  1. Load the previous `status`, `score`, and structured `gaps`.
40
65
  2. Focus full verification on previously failed items.
41
66
  3. Run quick regression checks on items that previously passed.
@@ -46,7 +71,6 @@ If no previous `VERIFICATION.md` exists, perform an initial verification pass.
46
71
 
47
72
  <must_haves>
48
73
  Establish what must be true before the phase can be called complete.
49
-
50
74
  Source priority:
51
75
  1. plan frontmatter `must_haves`
52
76
  2. roadmap success criteria
@@ -60,11 +84,48 @@ For each truth:
60
84
  Also check for orphan requirements:
61
85
  - requirements expected by roadmap scope but claimed by no plan
62
86
  - requirements that no verified truth, artifact, or key link actually satisfies
87
+
88
+ Risk classification:
89
+ For each truth, assess: does it involve a behavioral change, UX change, or user-visible outcome without a clear, relevant acceptance criterion?
90
+
91
+ - If yes → mark it `risk: high`. This truth will require runtime-grade evidence in the evidence contract step below. `code` alone is insufficient.
92
+ - If no → `risk: normal`. `code` is the floor, and `test` is preferred when the repo has a direct automated check.
93
+
94
+ This is the verifier's own internal judgment — not a field imported from the plan. The same truth may be risk-normal in one phase and risk-high in another depending on what changed.
63
95
  </must_haves>
64
96
 
97
+ <evidence_contract>
98
+ Before beginning artifact inspection, classify the phase closure posture and apply the fixed evidence kinds. This step separates "did the artifact pass levels 1–3?" from "did the outcome have the right kind of evidence?"
99
+
100
+ Stable evidence kinds:
101
+ - `code` — source inspection confirms the implementation is present and wired
102
+ - `test` — a passing automated check in the repo directly exercises the outcome
103
+ - `runtime` — a live execution confirms the behavior (script, curl, manual run)
104
+ - `delivery` — shipped or distributable proof exists (merged PR, packaged artifact, published doc/proof pack, release evidence)
105
+ - `human` — a human observer confirmed a visual or judgment-based outcome
106
+
107
+ Delivery posture:
108
+ - `repo_only` — the phase outcome stays inside repo truth; no shipped runtime or external delivery claim is needed
109
+ - `delivery_sensitive` — the phase claims a live behavior, shipped UX, install/release posture, or other externally consumed runtime outcome
110
+
111
+ Apply the shared `verify` matrix:
112
+
113
+ | delivery_posture | required evidence | recommended evidence | cannot carry closure alone |
114
+ | -------------------- | ----------------- | -------------------------- | -------------------------- |
115
+ | `repo_only` | `code` | `test` | `human`, `delivery` |
116
+ | `delivery_sensitive` | `code`, `runtime` | `test`, `delivery`, `human` | `code`, `human` |
117
+
118
+ Rules:
119
+ - repo-only work must not invent `runtime` or `delivery` proof just to satisfy a template
120
+ - delivery-sensitive closure must not pass on prose, `code`-only inspection, or `human` confirmation without the required `runtime` evidence
121
+ - `human` evidence supports ambiguous or visual outcomes; it does not replace required `code` or `runtime` evidence
122
+ - if a required evidence kind cannot be collected, record it in `missing_evidence`; route purely human-observable follow-up to `human_verification` only when the blocking runtime/delivery requirement is already satisfied
123
+
124
+ Note: this step does NOT replace levels 1–3. An artifact can satisfy the evidence-kind requirement and still fail Level 2 (substantive) or Level 3 (wired). Both checks must run.
125
+ </evidence_contract>
126
+
65
127
  <verification_levels>
66
128
  Check every artifact at three levels. A common failure mode is a file that exists but is still a stub.
67
-
68
129
  ### Level 1: Exists
69
130
  Does the artifact physically exist?
70
131
 
@@ -75,7 +136,6 @@ ls -la tests/users.route.test.ts
75
136
 
76
137
  ### Level 2: Substantive
77
138
  Is the artifact real code, or a placeholder?
78
-
79
139
  Stub detection patterns:
80
140
  - empty function body
81
141
  - placeholder return such as `null`, `[]`, or `{}`
@@ -90,7 +150,6 @@ If any required artifact is a stub at Level 2, that supporting truth fails.
90
150
 
91
151
  ### Level 3: Wired
92
152
  Is the artifact connected to the phase flow it is supposed to support?
93
-
94
153
  Examples:
95
154
  - component -> page or route
96
155
  - form -> handler
@@ -104,20 +163,19 @@ If an artifact exists and is substantive but not wired, mark it as unwired.
104
163
  <key_link_checks>
105
164
  Check phase-local key links explicitly:
106
165
 
107
- | Link Type | What To Check |
108
- |-----------|----------------|
109
- | Component -> API | Request is made and response is used |
110
- | API -> storage | Query or write occurs and result is returned |
111
- | Form -> handler | Submit path triggers real work, not only `preventDefault()` |
112
- | State -> render | State is actually displayed or consumed |
113
- | Config -> runtime | Config is loaded where the behavior depends on it |
166
+ | Link Type | What To Check |
167
+ | ----------------- | ----------------------------------------------------------- |
168
+ | Component -> API | Request is made and response is used |
169
+ | API -> storage | Query or write occurs and result is returned |
170
+ | Form -> handler | Submit path triggers real work, not only `preventDefault()` |
171
+ | State -> render | State is actually displayed or consumed |
172
+ | Config -> runtime | Config is loaded where the behavior depends on it |
114
173
 
115
174
  Use direct file inspection and targeted grep. Do not inflate this into a milestone-wide audit.
116
175
  </key_link_checks>
117
176
 
118
177
  <anti_pattern_scan>
119
178
  Scan the phase output for anti-patterns:
120
-
121
179
  ```bash
122
180
  grep -rn "TODO\\|FIXME\\|HACK\\|XXX" src/
123
181
  grep -rn "catch.*{}" src/
@@ -125,6 +183,7 @@ grep -rn "console.log" src/ --include="*.ts" --include="*.js" | grep -v test | g
125
183
  ```
126
184
 
127
185
  Also look for:
186
+
128
187
  - placeholder components
129
188
  - static mock responses where live behavior is expected
130
189
  - orphaned files added in the phase but never referenced
@@ -132,6 +191,7 @@ Also look for:
132
191
 
133
192
  <grouped_gaps>
134
193
  Before finalizing the report, group related failures by concern:
194
+
135
195
  - truth failures that share the same broken artifact or key link
136
196
  - requirement failures caused by the same missing implementation seam
137
197
  - human-verification items that belong to the same user-visible flow
@@ -141,6 +201,7 @@ Do not return a flat symptom list when the same underlying breakage explains mul
141
201
 
142
202
  <requirements_coverage>
143
203
  Requirements coverage is not optional bookkeeping. For each phase requirement:
204
+
144
205
  1. Collect the phase requirements from the strongest available planning source
145
206
  2. Restate each requirement in concrete implementation terms
146
207
  3. Map each requirement to the truths, artifacts, and key links that should satisfy it
@@ -150,15 +211,42 @@ Requirements coverage is not optional bookkeeping. For each phase requirement:
150
211
  Orphaned requirements must be reported even if the overall phase otherwise looks strong.
151
212
  </requirements_coverage>
152
213
 
214
+ <git_delivery_collection>
215
+ Before writing the verification report, collect delivery metadata for the current branch and emit it in frontmatter.
216
+
217
+ Run these checks:
218
+
219
+ - `git rev-parse --abbrev-ref HEAD` -> current branch name for `branch`
220
+ - `git rev-list --count "main..HEAD"` -> commit count for `commits_ahead_of_main`
221
+ - `gh pr list --head "<branch>" --state all --json state,number,title,url --limit 1` -> PR state for `pr_state`
222
+ - `git status --short` -> detect uncommitted local changes that should be mentioned as a delivery warning
223
+
224
+ Recording rules:
225
+
226
+ - Always write a `<git_delivery_check>` block in frontmatter with real observed values for `branch`, `commits_ahead_of_main`, and `pr_state`.
227
+ - If `main` does not exist or the count command fails, set `commits_ahead_of_main: unknown` and note the failure in the report body.
228
+ - If no PR matches the current branch, set `pr_state: none`.
229
+ - If `gh` is unavailable or the PR query fails, set `pr_state: unknown` and note the failure in the report body.
230
+ - Missing PR, unmerged commits, or a dirty worktree are delivery warnings only. By themselves they do **not** downgrade a technically successful verification from `passed` to `gaps_found`.
231
+ - If the phase already has substantive implementation gaps, keep those gaps primary and include delivery observations as warning-level supporting context.
232
+ </git_delivery_collection>
233
+
153
234
  <report_format>
154
235
  Write `.planning/phases/{phase_dir}/{phase_num}-VERIFICATION.md` with structured frontmatter first:
155
-
156
236
  ```markdown
157
237
  ---
158
238
  phase: 01-foundation
239
+ runtime: opencode
240
+ assurance: cross_runtime_checked
159
241
  verified: 2026-03-11T12:00:00Z
160
242
  status: gaps_found
161
243
  score: 2/3 must-haves verified
244
+ delivery_posture: delivery_sensitive
245
+ evidence_contract:
246
+ required_kinds: [code, runtime]
247
+ recommended_kinds: [test, delivery, human]
248
+ observed_kinds: [code]
249
+ missing_kinds: [runtime]
162
250
  re_verification:
163
251
  previous_status: gaps_found
164
252
  previous_score: 1/3
@@ -170,12 +258,21 @@ re_verification:
170
258
  gaps:
171
259
  - truth: "Users can create a user from the page"
172
260
  status: failed
261
+ required_evidence: [code, runtime]
262
+ observed_evidence: [code]
263
+ missing_evidence: [runtime]
264
+ severity: blocker # blocker = required proof absent; warning = artifact missing but proof exists via other means
173
265
  reason: "Form submits, but route returns placeholder data"
174
266
  artifacts:
175
267
  - path: "src/routes/users.ts"
176
268
  issue: "POST handler returns static object"
177
269
  missing:
178
270
  - "Persist submitted data before returning it"
271
+ <git_delivery_check>
272
+ branch: "feature/branch-name"
273
+ commits_ahead_of_main: 0
274
+ pr_state: "open"
275
+ </git_delivery_check>
179
276
  human_verification:
180
277
  - test: "Open the users page and submit the form"
181
278
  expected: "The new user appears in the rendered list"
@@ -189,33 +286,41 @@ human_verification:
189
286
  **Status:** [passed | gaps_found | human_needed]
190
287
  **Re-verification:** [Yes or No]
191
288
 
289
+ ## Verification Basis
290
+
291
+ - Plan runtime / assurance: [runtime] / [assurance]
292
+ - Summary runtime / assurance: [runtime] / [assurance]
293
+ - Verification runtime / assurance: [runtime] / [assurance]
294
+ - Handoff status: [clean | downgraded | unknown]
295
+ - Deltas reviewed: [count and classes]
296
+
192
297
  ## Goal Achievement
193
298
 
194
299
  ### Observable Truths
195
300
 
196
- | # | Truth | Status | Evidence |
197
- |---|-------|--------|----------|
198
- | 1 | [truth] | VERIFIED | [evidence] |
301
+ | # | Truth | Status | Evidence |
302
+ | --- | ------- | -------- | ---------- |
303
+ | 1 | [truth] | VERIFIED | [evidence] |
199
304
 
200
305
  ### Artifact Verification
201
306
 
202
307
  | Artifact | Exists | Substantive | Wired | Notes |
203
- |----------|--------|-------------|-------|-------|
308
+ | -------- | ------ | ----------- | ----- | ----- |
204
309
 
205
310
  ### Key Link Verification
206
311
 
207
- | From | To | Via | Status | Notes |
208
- |------|----|-----|--------|-------|
312
+ | From | To | Via | Status | Notes |
313
+ | ---- | --- | --- | ------ | ----- |
209
314
 
210
315
  ### Requirements Coverage
211
316
 
212
317
  | Requirement | Status | Evidence |
213
- |-------------|--------|----------|
318
+ | ----------- | ------ | -------- |
214
319
 
215
320
  ### Anti-Patterns
216
321
 
217
322
  | Pattern | Location | Severity | Impact |
218
- |---------|----------|----------|--------|
323
+ | ------- | -------- | -------- | ------ |
219
324
 
220
325
  ### Human Verification Required
221
326
 
@@ -232,25 +337,34 @@ Status rules:
232
337
  - use `human_needed` when automated checks pass but one or more human-verification items remain
233
338
 
234
339
  Frontmatter guidance:
235
- - `phase`, `verified`, `status`, and `score` are the minimal report fields
340
+ - `phase`, `runtime`, `assurance`, `verified`, `status`, and `score` are the minimal report fields
341
+ - `delivery_posture` plus `evidence_contract.required_kinds|recommended_kinds|observed_kinds|missing_kinds` must reflect the shared verify matrix actually used for this phase
236
342
  - when gaps or human checks exist, keep them machine-readable in frontmatter — do not collapse them into prose-only body text
237
343
  - keep `re_verification`, `gaps`, and `human_verification` structured when they materially help re-verification, gap closure, or explicit human handoff
344
+ - keep `<git_delivery_check>` in frontmatter with the observed `branch`, `commits_ahead_of_main`, and `pr_state` values from the delivery checks above
345
+ - use `severity: warning` in gaps when an artifact is missing but required evidence still exists through other means; use `severity: blocker` only when one or more required evidence kinds in `missing_evidence` could not be satisfied
346
+ - if verification runs in the same runtime/vendor as execution, cap frontmatter `assurance` at `self_checked`
347
+ - if verification runs in a different runtime/vendor than execution, set frontmatter `assurance: cross_runtime_checked`
238
348
  </report_format>
239
349
 
240
350
  <next_steps>
241
351
  Based on the verification result:
242
352
 
243
353
  ### `passed`
354
+
244
355
  - phase is ready to move forward
245
356
  - communicate that the phase goal was verified successfully
246
357
 
247
358
  ### `gaps_found`
359
+
248
360
  Present a focused recommendation:
361
+
249
362
  1. fix inline if the gaps are small and local
250
363
  2. re-plan if the gaps reveal a design problem
251
364
  3. explicitly accept the known issue only if the developer chooses to
252
365
 
253
366
  ### `human_needed`
367
+
254
368
  - list the exact manual checks
255
369
  - state the expected outcome for each one
256
370
  - do not convert human-needed status into passed until those checks are acknowledged
@@ -264,6 +378,10 @@ File: `.planning/phases/{phase_dir}/{phase_num}-VERIFICATION.md`
264
378
  This is non-negotiable. Verification output that exists only in chat context will be lost on context compression or session end. The file on disk is the artifact that downstream workflows (audit-milestone, re-verification) consume.
265
379
 
266
380
  If you cannot write the file (permissions, path issue), STOP and report the blocker to the user. Do NOT silently skip the write.
381
+
382
+ Before any ROADMAP closure step, confirm the required phase `SUMMARY.md` still exists on disk. If `SUMMARY.md` is missing, STOP and report the blocker — do NOT treat verification as terminally successful and do NOT close ROADMAP state from conversation context alone.
383
+
384
+ After writing VERIFICATION.md, if `status: passed`, run `gsdd phase-status {phase_num} done` to close the phase entry in `.planning/ROADMAP.md`. Execute is the primary owner of ROADMAP status, but execute can be interrupted before its state_updates run. Verify is the terminal workflow and must close the ROADMAP entry when it confirms the phase is complete. If the helper cannot update ROADMAP.md (path issue, missing phase, invalid state), STOP and report the blocker — do NOT complete verification without closing the phase.
267
385
  </persistence>
268
386
 
269
387
  <success_criteria>
@@ -277,7 +395,12 @@ Verification is done when all of these are true:
277
395
  - [ ] Requirements coverage was evaluated
278
396
  - [ ] Anti-pattern scan was run
279
397
  - [ ] `VERIFICATION.md` was written with structured frontmatter and a full report
398
+ - [ ] `VERIFICATION.md` frontmatter records `runtime` and `assurance`
399
+ - [ ] `VERIFICATION.md` frontmatter records git delivery metadata for the current branch
400
+ - [ ] Verification explicitly reviewed SUMMARY `<handoff>` and `<deltas>` content
280
401
  - [ ] Status is one of `passed`, `gaps_found`, or `human_needed`
402
+ - [ ] The required phase `SUMMARY.md` still exists before any ROADMAP closure on passed status
403
+ - [ ] If status is `passed`, ROADMAP.md phase entry is `[x]` via `gsdd phase-status`
281
404
  - [ ] The developer was informed of the result and recommended next step
282
405
  - [ ] Related failures grouped by concern, not returned as a flat symptom list
283
406
  - [ ] Requirements coverage chain completed (collect, restate, map, report, check orphans)
@@ -287,21 +410,24 @@ Verification is done when all of these are true:
287
410
  Report the verification result to the user, then present the next step:
288
411
 
289
412
  ---
413
+
290
414
  **Completed:** Phase verification — created `.planning/phases/{phase_dir}/{phase_num}-VERIFICATION.md`.
291
415
 
292
416
  If status is `passed`:
293
- **Next step:** `/gsdd:progress` — check status and route to the next phase or milestone audit
417
+ **Next step:** `/gsdd-progress` — check status and route to the next phase or milestone audit
294
418
 
295
419
  If status is `gaps_found`:
296
- **Next step:** `/gsdd:plan` — re-plan to close the identified gaps
420
+ **Next step:** `/gsdd-plan` — re-plan to close the identified gaps
297
421
 
298
422
  If status is `human_needed`:
299
- **Next step:** Complete the manual checks listed above, then run `/gsdd:verify` again
423
+ **Next step:** `/gsdd-verify-work` run conversational UAT to test items interactively and capture results in UAT.md
424
+ - After UAT is complete, run `/gsdd-verify` again with the UAT results as additional context
300
425
 
301
426
  Also available:
302
- - `/gsdd:execute` — fix gaps inline without re-planning (small fixes only)
303
- - `/gsdd:pause` — save context for later if stopping work
427
+
428
+ - `/gsdd-execute` — fix gaps inline without re-planning (small fixes only)
429
+ - `/gsdd-pause` — save context for later if stopping work
304
430
 
305
431
  Consider clearing context before starting the next workflow for best results.
306
- ---
432
+
307
433
  </completion>
@@ -0,0 +1,95 @@
1
+ # Brownfield Proof
2
+
3
+ This is the strongest tracked public proof for Workspine's release-floor claim: a real brownfield-style consumer repo that used the shipped workflow contract, hit a real failure, and recovered through the same `plan -> execute -> verify` loop.
4
+
5
+ ## What this proves
6
+
7
+ In a fresh consumer repo, Workspine produced:
8
+
9
+ - durable planning artifacts
10
+ - runnable workflow entry surfaces
11
+ - a concrete phase plan
12
+ - a real execution summary
13
+ - a failed verification
14
+ - a real fix
15
+ - a successful re-verification
16
+
17
+ That proves the repo-native delivery contract is not just conceptual.
18
+
19
+ ## Public proof pack
20
+
21
+ Open the tracked proof pack:
22
+
23
+ - [Consumer proof pack index](proof/consumer-node-cli/README.md)
24
+
25
+ Key exported artifacts:
26
+
27
+ - [brief.md](proof/consumer-node-cli/brief.md)
28
+ - [SPEC.md](proof/consumer-node-cli/SPEC.md)
29
+ - [ROADMAP.md](proof/consumer-node-cli/ROADMAP.md)
30
+ - [01-01-PLAN.md](proof/consumer-node-cli/phases/01-foundation/01-01-PLAN.md)
31
+ - [01-01-SUMMARY.md](proof/consumer-node-cli/phases/01-foundation/01-01-SUMMARY.md)
32
+ - [01-VERIFICATION.md](proof/consumer-node-cli/phases/01-foundation/01-VERIFICATION.md)
33
+
34
+ ## The worked flow
35
+
36
+ ### 1. Initialize a fresh consumer repo
37
+
38
+ The exported proof pack comes from a new non-framework project that used the shipped `gsdd init` flow.
39
+
40
+ The generated surface included:
41
+
42
+ - portable `.agents/skills/gsdd-*`
43
+ - consumer `.planning/` state
44
+ - a Codex-native checker adapter
45
+ - a compact consumer `AGENTS.md`
46
+
47
+ ### 2. Plan real work
48
+
49
+ The consumer brief required a named greeting:
50
+
51
+ - `node index.js --name Ada` should print `Hello, Ada!`
52
+
53
+ That requirement is preserved in the exported [brief](proof/consumer-node-cli/brief.md), [spec](proof/consumer-node-cli/SPEC.md), and [phase plan](proof/consumer-node-cli/phases/01-foundation/01-01-PLAN.md).
54
+
55
+ ### 3. Execute and hit a real miss
56
+
57
+ The first implementation missed the named-greeting requirement:
58
+
59
+ - `node index.js --name Ada` returned `Hello, world!`
60
+
61
+ That miss is preserved in the exported [verification report](proof/consumer-node-cli/phases/01-foundation/01-VERIFICATION.md).
62
+
63
+ ### 4. Verify, fix, and re-verify
64
+
65
+ The consumer repo then followed the same framework contract to:
66
+
67
+ - identify the failed requirement
68
+ - update the implementation and test path
69
+ - re-run verification
70
+ - close with a passing result
71
+
72
+ The final passing behavior is:
73
+
74
+ - `node index.js --name Ada` returns `Hello, Ada!`
75
+
76
+ ## Why this matters
77
+
78
+ This proof is stronger than a polished README claim because it shows the exact behavior Workspine is trying to preserve:
79
+
80
+ - plan from durable artifacts
81
+ - execute against real repo state
82
+ - let verification catch a real miss
83
+ - recover without losing the thread
84
+
85
+ That is the release-floor claim in practice.
86
+
87
+ ## What this does not prove
88
+
89
+ This proof does not claim:
90
+
91
+ - equal runtime ergonomics across every supported runtime
92
+ - parity validation on Cursor, Copilot, or Gemini CLI
93
+ - enterprise-hardening or orchestration-platform behavior
94
+
95
+ Those are outside the current proof floor.
@@ -0,0 +1,77 @@
1
+ # Runtime Support Matrix
2
+
3
+ Workspine is designed as a portable multi-runtime delivery framework, but the proof bar is not the same for every runtime today.
4
+
5
+ This matrix is the release-floor truth surface.
6
+
7
+ ## Support tiers
8
+
9
+ ### Directly validated
10
+
11
+ The workflow contract has direct repo proof for these runtimes:
12
+
13
+ - **Claude Code**
14
+ - **Codex CLI**
15
+ - **OpenCode**
16
+
17
+ These are the strongest public runtime claims.
18
+
19
+ ### Same core workflow
20
+
21
+ These runtimes use the same portable workflow surfaces, but this release does not claim equal runtime proof or equal ergonomics:
22
+
23
+ - **Cursor**
24
+ - **GitHub Copilot**
25
+ - **Gemini CLI**
26
+
27
+ ### Fallback / manual use
28
+
29
+ Any tool that can read the generated markdown workflows can still use the framework manually, but that is outside the current native-proof story.
30
+
31
+ ## Current runtime surfaces
32
+
33
+ | Runtime | Current claim | Entry surface | Notes |
34
+ | --- | --- | --- | --- |
35
+ | Claude Code | Directly validated | `.claude/skills/`, `.claude/commands/`, `.claude/agents/` | Native surface was a mandatory Phase 32 validation target; installed generated files are freshness-checked locally |
36
+ | OpenCode | Directly validated | `.opencode/commands/`, `.opencode/agents/` | Native command and checker path; installed generated files are freshness-checked locally |
37
+ | Codex CLI | Directly validated | `.agents/skills/gsdd-*` plus `.codex/agents/gsdd-plan-checker.toml` | Portable skill entry, native checker adapter, mandatory Phase 32 validation target |
38
+ | Cursor | Same core workflow | `.agents/skills/gsdd-*` | Skills-native path; generated skill files are freshness-checked locally, but the runtime is not claimed as parity-validated |
39
+ | GitHub Copilot | Same core workflow | `.agents/skills/gsdd-*` | Skills-native path; generated skill files are freshness-checked locally, but the runtime is not claimed as parity-validated |
40
+ | Gemini CLI | Same core workflow | `.agents/skills/gsdd-*` | Skills-native path; governance is optional, generated skill files are freshness-checked locally, and parity is not claimed |
41
+
42
+ ## Generated-surface freshness
43
+
44
+ The authored source contract stays in `distilled/workflows/*`. Generated runtime-facing files are trusted only through deterministic rendering:
45
+
46
+ - `gsdd health` compares any installed generated surfaces under `.agents/skills/`, `.claude/`, `.opencode/`, and `.codex/` against current render output.
47
+ - `gsdd update` regenerates drifted generated surfaces from the authored workflow and delegate sources.
48
+ - Missing generated surfaces are not treated as drift unless the corresponding runtime surface is actually installed locally.
49
+
50
+ ## What stays portable
51
+
52
+ The portable invariant for this release is the workflow contract:
53
+
54
+ - planning
55
+ - checking and revision loops
56
+ - execution discipline
57
+ - verification
58
+ - handoff and durable repo artifacts
59
+
60
+ ## What does not stay equal yet
61
+
62
+ This release does **not** claim that every runtime has:
63
+
64
+ - the same native adapter richness
65
+ - the same invocation ergonomics
66
+ - the same validation depth
67
+ - the same checker/orchestration mechanics
68
+
69
+ Portable contract does not mean equal UX everywhere.
70
+
71
+ ## Proof references
72
+
73
+ - `README.md`
74
+ - `docs/BROWNFIELD-PROOF.md`
75
+ - `docs/proof/consumer-node-cli/README.md`
76
+ - `docs/VERIFICATION-DISCIPLINE.md`
77
+ - `gsdd health` / `gsdd update`