renma 0.17.0 → 0.18.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +152 -1
- package/README.md +11 -1
- package/architecture.md +21 -10
- package/design.md +52 -34
- package/dist/agent-skills.d.ts +1 -1
- package/dist/agent-skills.d.ts.map +1 -1
- package/dist/agent-skills.js +28 -8
- package/dist/agent-skills.js.map +1 -1
- package/dist/catalog.d.ts +1 -1
- package/dist/catalog.d.ts.map +1 -1
- package/dist/catalog.js +120 -12
- package/dist/catalog.js.map +1 -1
- package/dist/cli-help.d.ts +12 -8
- package/dist/cli-help.d.ts.map +1 -1
- package/dist/cli-help.js +23 -1
- package/dist/cli-help.js.map +1 -1
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +23 -0
- package/dist/cli.js.map +1 -1
- package/dist/commands/bom.d.ts +6 -3
- package/dist/commands/bom.d.ts.map +1 -1
- package/dist/commands/bom.js +27 -7
- package/dist/commands/bom.js.map +1 -1
- package/dist/commands/catalog.d.ts +1 -1
- package/dist/commands/catalog.d.ts.map +1 -1
- package/dist/commands/catalog.js +7 -1
- package/dist/commands/catalog.js.map +1 -1
- package/dist/commands/ci-report.d.ts.map +1 -1
- package/dist/commands/ci-report.js +18 -5
- package/dist/commands/ci-report.js.map +1 -1
- package/dist/commands/diff.js +8 -2
- package/dist/commands/diff.js.map +1 -1
- package/dist/commands/graph.d.ts +6 -2
- package/dist/commands/graph.d.ts.map +1 -1
- package/dist/commands/graph.js +23 -2
- package/dist/commands/graph.js.map +1 -1
- package/dist/commands/inspect.d.ts.map +1 -1
- package/dist/commands/inspect.js +2 -0
- package/dist/commands/inspect.js.map +1 -1
- package/dist/commands/ownership.d.ts +4 -3
- package/dist/commands/ownership.d.ts.map +1 -1
- package/dist/commands/ownership.js +27 -23
- package/dist/commands/ownership.js.map +1 -1
- package/dist/commands/readiness.d.ts +2 -1
- package/dist/commands/readiness.d.ts.map +1 -1
- package/dist/commands/readiness.js +98 -30
- package/dist/commands/readiness.js.map +1 -1
- package/dist/commands/scaffold.d.ts +3 -0
- package/dist/commands/scaffold.d.ts.map +1 -1
- package/dist/commands/scaffold.js +44 -9
- package/dist/commands/scaffold.js.map +1 -1
- package/dist/commands/suggest-metadata.d.ts.map +1 -1
- package/dist/commands/suggest-metadata.js +2 -0
- package/dist/commands/suggest-metadata.js.map +1 -1
- package/dist/commands/trust-graph.d.ts.map +1 -1
- package/dist/commands/trust-graph.js +12 -0
- package/dist/commands/trust-graph.js.map +1 -1
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +10 -3
- package/dist/config.js.map +1 -1
- package/dist/context-lens.d.ts +1 -0
- package/dist/context-lens.d.ts.map +1 -1
- package/dist/context-lens.js +19 -1
- package/dist/context-lens.js.map +1 -1
- package/dist/diagnostic-ids.d.ts +9 -0
- package/dist/diagnostic-ids.d.ts.map +1 -1
- package/dist/diagnostic-ids.js +9 -0
- package/dist/diagnostic-ids.js.map +1 -1
- package/dist/discovery.d.ts +5 -0
- package/dist/discovery.d.ts.map +1 -1
- package/dist/discovery.js +108 -65
- package/dist/discovery.js.map +1 -1
- package/dist/markdown.d.ts.map +1 -1
- package/dist/markdown.js +15 -0
- package/dist/markdown.js.map +1 -1
- package/dist/metadata.d.ts +15 -1
- package/dist/metadata.d.ts.map +1 -1
- package/dist/metadata.js +235 -0
- package/dist/metadata.js.map +1 -1
- package/dist/model.d.ts +20 -1
- package/dist/model.d.ts.map +1 -1
- package/dist/model.js +4 -1
- package/dist/model.js.map +1 -1
- package/dist/quality-profile.d.ts +91 -0
- package/dist/quality-profile.d.ts.map +1 -0
- package/dist/quality-profile.js +91 -0
- package/dist/quality-profile.js.map +1 -0
- package/dist/repeated-context.d.ts.map +1 -1
- package/dist/repeated-context.js +38 -83
- package/dist/repeated-context.js.map +1 -1
- package/dist/repository-boundary.d.ts +30 -0
- package/dist/repository-boundary.d.ts.map +1 -0
- package/dist/repository-boundary.js +116 -0
- package/dist/repository-boundary.js.map +1 -0
- package/dist/repository-evidence.d.ts +2 -0
- package/dist/repository-evidence.d.ts.map +1 -1
- package/dist/repository-evidence.js +6 -4
- package/dist/repository-evidence.js.map +1 -1
- package/dist/repository-paths.d.ts +6 -2
- package/dist/repository-paths.d.ts.map +1 -1
- package/dist/repository-paths.js +75 -24
- package/dist/repository-paths.js.map +1 -1
- package/dist/rules.d.ts +2 -0
- package/dist/rules.d.ts.map +1 -1
- package/dist/rules.js +322 -189
- package/dist/rules.js.map +1 -1
- package/dist/scanner.d.ts.map +1 -1
- package/dist/scanner.js +5 -1
- package/dist/scanner.js.map +1 -1
- package/dist/security-diagnostics.d.ts.map +1 -1
- package/dist/security-diagnostics.js +95 -30
- package/dist/security-diagnostics.js.map +1 -1
- package/dist/security-diff.d.ts +5 -2
- package/dist/security-diff.d.ts.map +1 -1
- package/dist/security-diff.js +20 -4
- package/dist/security-diff.js.map +1 -1
- package/dist/security-policy-inventory.d.ts +15 -3
- package/dist/security-policy-inventory.d.ts.map +1 -1
- package/dist/security-policy-inventory.js +123 -26
- package/dist/security-policy-inventory.js.map +1 -1
- package/dist/security-policy.d.ts +7 -0
- package/dist/security-policy.d.ts.map +1 -1
- package/dist/security-policy.js +70 -7
- package/dist/security-policy.js.map +1 -1
- package/dist/security-posture.d.ts.map +1 -1
- package/dist/security-posture.js +2 -1
- package/dist/security-posture.js.map +1 -1
- package/dist/skill-migration.js +2 -0
- package/dist/skill-migration.js.map +1 -1
- package/dist/static-support.d.ts +13 -0
- package/dist/static-support.d.ts.map +1 -0
- package/dist/static-support.js +284 -0
- package/dist/static-support.js.map +1 -0
- package/dist/token-estimator.d.ts +21 -0
- package/dist/token-estimator.d.ts.map +1 -0
- package/dist/token-estimator.js +84 -0
- package/dist/token-estimator.js.map +1 -0
- package/dist/trust-graph.d.ts +3 -3
- package/dist/trust-graph.d.ts.map +1 -1
- package/dist/trust-graph.js +69 -10
- package/dist/trust-graph.js.map +1 -1
- package/dist/types.d.ts +6 -1
- package/dist/types.d.ts.map +1 -1
- package/docs/README.md +15 -8
- package/docs/advanced-skill-authoring.md +16 -9
- package/docs/agent-skills-compatibility.md +10 -2
- package/docs/authoring-guide.md +89 -6
- package/docs/context-lens.md +319 -153
- package/docs/diagnostics.md +46 -11
- package/docs/metadata-budget.md +32 -0
- package/docs/quality-profile.md +135 -0
- package/docs/repository-context-bom.md +67 -8
- package/docs/schemas/repository-context-bom-v2.schema.json +648 -0
- package/docs/schemas/trust-graph-v2.schema.json +301 -0
- package/docs/security-policy.md +21 -5
- package/docs/trust-graph.md +47 -0
- package/docs/user-manual.md +48 -7
- package/examples/context-lens/README.md +8 -3
- package/examples/context-lens/contexts/testing/boundary-value-analysis.md +6 -2
- package/examples/context-lens/lenses/testing/spec-review-boundary-values.md +27 -5
- package/examples/context-lens/lenses/testing/test-design-boundary-values.md +27 -5
- package/examples/context-lens/skills/testing/spec-review/SKILL.md +33 -4
- package/examples/context-repo/README.md +6 -7
- package/examples/context-repo/contexts/domain/payment/idempotency.md +7 -0
- package/examples/context-repo/contexts/testing/boundary-value-analysis.md +7 -0
- package/examples/context-repo/contexts/testing/negative-testing.md +7 -0
- package/examples/context-repo/skills/testing/spec-review/SKILL.md +5 -0
- package/package.json +3 -1
- package/plan-discovery.md +24 -15
- package/plan.md +59 -119
- package/scripts/verify-package.mjs +8 -1
package/docs/diagnostics.md
CHANGED
|
@@ -2,6 +2,18 @@
|
|
|
2
2
|
|
|
3
3
|
This page documents diagnostics and finding identifiers emitted by the current renma implementation. It does not list planned diagnostics.
|
|
4
4
|
|
|
5
|
+
Thresholds, units, provenance, and false-positive controls are canonical in the
|
|
6
|
+
[Renma Quality Profile](quality-profile.md). Agent Skills specification
|
|
7
|
+
errors are kept separate from Renma quality advisories.
|
|
8
|
+
|
|
9
|
+
Agent Skills validation also reports authoring-only `RN-SKILL-*` warnings. In
|
|
10
|
+
0.18.0, `RN-SKILL-DESCRIPTION-MISSING-CAPABILITY` identifies a generic
|
|
11
|
+
description that does not say what the Skill does;
|
|
12
|
+
`RN-SKILL-DESCRIPTION-MISSING-USAGE-BOUNDARY` covers when to use it; and
|
|
13
|
+
`RN-SKILL-DESCRIPTION-OMITS-SELECTION-BOUNDARY` covers an important body
|
|
14
|
+
exclusion missing from discovery metadata. These warnings do not make an
|
|
15
|
+
otherwise specification-valid Skill invalid.
|
|
16
|
+
|
|
5
17
|
## Diagnostic Types
|
|
6
18
|
|
|
7
19
|
renma uses two severity systems:
|
|
@@ -160,7 +172,7 @@ These diagnostics are emitted while renma discovers files.
|
|
|
160
172
|
| Severity | Message | Meaning | Fix |
|
|
161
173
|
| --------- | ---------------------------------------------------------- | --------------------------------------------------- | --------------------------------------------------------------------------- |
|
|
162
174
|
| `error` | `Could not evaluate glob "<pattern>": <error>` | A configured discovery glob could not be evaluated. | Fix or remove the glob pattern in config or CLI input. |
|
|
163
|
-
| `warning` | `Skipping symbolic link.`
|
|
175
|
+
| `warning` | `Skipping symbolic link; repository discovery never follows symlink targets.` | Renma found a leaf or directory symlink and skipped it without reading or enumerating its target. | Replace it with a regular repository file or directory. A referenced path at or below the symlink also emits `SUPPORT-SYMLINK-PATH`. |
|
|
164
176
|
| `warning` | `Skipping file larger than max_file_size_bytes (<bytes>).` | A file exceeded the configured size limit. | Raise `max_file_size_bytes`, exclude the file, or split the asset. |
|
|
165
177
|
| `error` | `Could not read file: <error>` | The file matched discovery but could not be read. | Fix permissions, remove the bad path, or exclude the file. |
|
|
166
178
|
|
|
@@ -168,7 +180,11 @@ These diagnostics are emitted while renma discovers files.
|
|
|
168
180
|
|
|
169
181
|
These diagnostics are emitted after files are parsed into catalog entries. For shared-context wording details, see [Context Language Diagnostics](context-language-diagnostics.md).
|
|
170
182
|
|
|
171
|
-
Owner absence is handled as ownership coverage information.
|
|
183
|
+
Owner absence is handled as ownership coverage information. Shared assets
|
|
184
|
+
without `owner` are accepted and reported as unowned by `renma ownership`;
|
|
185
|
+
Renma does not invent an owner. Skill-local support is the exception: it uses
|
|
186
|
+
deterministic effective ownership inherited from its nearest owning Skill and
|
|
187
|
+
reports that provenance separately from declared metadata.
|
|
172
188
|
|
|
173
189
|
| Severity | Message | Meaning | Fix |
|
|
174
190
|
| --------- | ------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------- |
|
|
@@ -179,7 +195,7 @@ Owner absence is handled as ownership coverage information. Assets without `owne
|
|
|
179
195
|
| `warning` | `Metadata dependency "<to>" from "<from>" does not match a catalog entry.` | A metadata dependency points at an asset renma did not discover. | Correct the reference, add the missing asset, or update include/exclude config. |
|
|
180
196
|
| `warning` | `Metadata dependency "<to>" from "<from>" targets a <status> asset.` | A dependency points at a deprecated or archived catalog target. | Retarget the dependency to a stable replacement or document the migration. |
|
|
181
197
|
| `warning` | `Asset is missing an id.` | A cataloged asset has no stable ID. | Add an `id` metadata field. |
|
|
182
|
-
| `warning` | `Asset is missing an owner.` | A
|
|
198
|
+
| `warning` | `Asset is missing an owner.` | A shared catalog asset has no declared owner metadata. Missing owner is allowed and appears as unowned in ownership coverage; nearest-Skill support inheritance does not apply to shared assets. | If ownership matters for this repository, choose an `owner` through human review or team policy. Do not invent one. |
|
|
183
199
|
| `warning` | `Shared context asset is missing when_to_use metadata.` | An active, owned shared context asset has no positive usage boundary. | Add compact `when_to_use` metadata that states when humans or agents should apply the context. |
|
|
184
200
|
| `warning` | `Shared context asset is missing when_not_to_use metadata.` | An active, owned shared context asset has no negative usage boundary. | Add compact `when_not_to_use` metadata so agents do not over-apply the context. |
|
|
185
201
|
| `warning` | `Shared context asset usage-boundary metadata contains placeholder values in <field>.` | Usage-boundary metadata is present but still says TODO, TBD, unknown, none, or similar. | Replace placeholders with reviewed scope boundaries, or remove the field until it can be completed. |
|
|
@@ -199,6 +215,7 @@ Context Lens governance diagnostics use stable `code` values in JSON output. `er
|
|
|
199
215
|
| `CONTEXT-LENS-GOVERNANCE-MEANINGLESS` | `warning` | A lens has no purpose, target, focus, expected output, or body guidance. | Add compact governance metadata or reviewed interpretation guidance. |
|
|
200
216
|
| `CONTEXT-LENS-MISSING-REQUIRED-FIELD` | `error` | A lens is missing `id`, `owner`, `purpose`, or `applies_to`. | Add the required field in frontmatter. |
|
|
201
217
|
| `CONTEXT-LENS-PATH-NORMALIZATION-MISMATCH` | `warning` | A path target normalizes to a different repository-relative path. | Use the normalized path shown by the diagnostic. |
|
|
218
|
+
| `CONTEXT-LENS-TARGET-NOT-CONTEXT` | `error` | An `applies_to` target resolves to a cataloged asset whose kind is not `context`. | `applies_to` must reference a Context Asset ID or path; Skills, support assets, other Lenses, and repository metadata are not valid Lens targets. |
|
|
202
219
|
| `CONTEXT-LENS-TARGET-NOT-FOUND` | `error` | An `applies_to` target does not resolve to a cataloged asset ID or path. | Correct the target, add the missing context asset, or update discovery config. |
|
|
203
220
|
| `CONTEXT-LENS-UNPARSEABLE-FRONTMATTER` | `error` | A lens frontmatter block starts with `---` but does not close. | Add the closing `---` delimiter or remove malformed frontmatter. |
|
|
204
221
|
| `CONTEXT-LENS-UNSUPPORTED-KIND` | `warning` or `error` | `type: context_lens` appears under an unsupported artifact kind, or a lens file declares an unsupported type. | Store lens definitions under `lenses/**`, `context/**`, or `contexts/**`, and use `type: context_lens`. |
|
|
@@ -265,6 +282,16 @@ Non-Skill assets continue to use `allowed_data`, `network_allowed`,
|
|
|
265
282
|
inline-list, and block-list behavior is unchanged. Pre-0.16 top-level Skill
|
|
266
283
|
security fields are migration input only.
|
|
267
284
|
|
|
285
|
+
Script and asset bytes never declare local policy. They participate in the
|
|
286
|
+
security policy inventory even when they have no effective policy. Local
|
|
287
|
+
support inherits policy only from one unambiguous owning Skill; text scripts
|
|
288
|
+
may be scanned under that inherited policy from line 1. Ordinary assets and
|
|
289
|
+
binary files do not contribute instruction text. Orphan scripts receive no
|
|
290
|
+
policy-dependent repository-config evaluation without traceable ownership.
|
|
291
|
+
The inventory distinguishes local metadata, inherited policy, effective policy,
|
|
292
|
+
and no-effective-policy states. Trust Graph policy edges exist only for
|
|
293
|
+
artifacts with effective policy and list every contributing policy source.
|
|
294
|
+
|
|
268
295
|
Security profiles in `renma.config.json` retain the existing JSON schema.
|
|
269
296
|
Artifact-local explicit denials remain stricter than inherited profile or
|
|
270
297
|
repository allowances, and network approvals remain separate from upload
|
|
@@ -278,8 +305,8 @@ examples by asset kind.
|
|
|
278
305
|
| `LAYOUT-CONTEXT-REFERENCE-NON_CANONICAL` | Declared dependency uses a non-canonical reference root. | A declared dependency points outside accepted `contexts/**`, `skills/**`, `.agents/skills/**`, or `tools/**` reference paths. | Rewrite the dependency to an accepted repository-relative asset path or ID. |
|
|
279
306
|
| `LAYOUT-DISALLOWED-SKILL-ASSET` | Compatibility identifier for specific local-policy violations. | Valid Agent Skills support paths do not emit this finding solely because of location. Reusable knowledge is handled by evidence-based maintenance advisories. | Review the specific evidence; keep genuinely local support in place or promote reusable knowledge through human review. |
|
|
280
307
|
| `LAYOUT-HELPER-NON_TOOLS` | Helper file is outside supported helper locations. | A helper script is neither under `tools/**` nor a valid Skill-local `scripts/` directory. | Move shared helper code under `tools/**`, or keep a genuinely Skill-specific helper in local `scripts/`. |
|
|
281
|
-
| `LAYOUT-SKILL-EXECUTABLE-COMMAND` |
|
|
282
|
-
| `LAYOUT-SKILL-NOT-THIN` |
|
|
308
|
+
| `LAYOUT-SKILL-EXECUTABLE-COMMAND` | Removed 0.17 compatibility identifier. | 0.17 treated any command as evidence against a thin router. | No replacement based on command presence; security and helper-path diagnostics remain. |
|
|
309
|
+
| `LAYOUT-SKILL-NOT-THIN` | Removed 0.17 compatibility identifier. | 0.17 treated procedures and word counts as evidence against a thin router. | Review `QUAL-SKILL-MIXED-RESPONSIBILITY` or progressive-disclosure evidence instead. |
|
|
283
310
|
| `MAINT-ASSET-REFERENCES-SUPERSEDED-ASSET` | Asset references superseded context. | Metadata or content points at an asset marked superseded. | Retarget the reference to the stable replacement. |
|
|
284
311
|
| `MAINT-ASSET-EXPIRED` | Asset freshness metadata is expired. | `expires_at` is before today's date. | Review the asset with its owner, then update freshness metadata, status, or references. |
|
|
285
312
|
| `MAINT-CONTEXT-LENS-APPLIES-TO-INACTIVE-CONTEXT` | Context lens applies to inactive context. | An active context lens applies to a deprecated or archived context asset. | Point `applies_to` at an active replacement, or update the lens lifecycle after review. |
|
|
@@ -291,11 +318,11 @@ examples by asset kind.
|
|
|
291
318
|
| `MAINT-REPEATED-CODE-BLOCK` | Duplicate code block appears across assets. | Copy-pasted examples or procedures repeat in multiple files. | Extract shared guidance or consolidate the repeated block. |
|
|
292
319
|
| `MAINT-REPEATED-CONTEXT-PATTERN` | Repeated context-like wording appears. | Multiple assets duplicate the same reusable context pattern. | Promote the shared pattern into a context asset and reference it. |
|
|
293
320
|
| `MAINT-REPEATED-HEADING` | Same heading repeats across assets. | Similar sections are copied through several files. | Consolidate or reference a shared source of truth. |
|
|
294
|
-
| `MAINT-REPEATED-LINK` |
|
|
321
|
+
| `MAINT-REPEATED-LINK` | Removed from default maintenance findings in 0.18.0. | Repeated links to one official source are normal. | No action based on link equality alone. |
|
|
295
322
|
| `MAINT-REPEATED-SECTION` | Similar section text repeats. | A section has been copied into multiple assets. | Extract common material or reduce duplication. |
|
|
296
323
|
| `MAINT-SKILL-CONTEXT-REFERENCE-NOT-DECLARED` | Skill mentions context without metadata. | Body text references `contexts/...` but `requires_context` omits it. | Add the context to `requires_context` or remove the stale mention. |
|
|
297
324
|
| `MAINT-SKILL-REFERENCES-SUPERSEDED-ASSET` | Skill refers to superseded context. | Skill content names a superseded context asset. | Update the skill to the stable replacement context asset. |
|
|
298
|
-
| `MAINT-SKILL-REUSABLE-CONTEXT-CANDIDATE` |
|
|
325
|
+
| `MAINT-SKILL-REUSABLE-CONTEXT-CANDIDATE` | Disabled compatibility identifier. | 0.17 used broad workflow signals for reusable Context candidates. | Review `QUAL-SKILL-MIXED-RESPONSIBILITY`; keep core workflow and Skill-specific detail local. |
|
|
299
326
|
| `MAINT-SUPPORT-ASSET-SHARED-CONTEXT-CANDIDATE` | Support asset looks reusable. | A reference, profile, or example contains content useful beyond one skill. | Promote it to shared context when reuse is intended. |
|
|
300
327
|
| `META-CATALOG-DIAGNOSTIC` | Catalog diagnostic was promoted to a scan finding. | Catalog validation emitted a lower-level diagnostic. | Fix the original catalog diagnostic shown in the finding evidence. |
|
|
301
328
|
| `META-CONTEXT-MISSING-WHEN-TO-USE` | Shared context usage boundary is missing. | An active, owned shared context asset lacks `when_to_use`. | Add compact positive scope guidance. |
|
|
@@ -317,16 +344,24 @@ examples by asset kind.
|
|
|
317
344
|
| `QUAL-MISSING-REQUIRED-INPUTS` | Required inputs are unclear. | The asset does not state what information is needed. | Add an explicit required-inputs section. |
|
|
318
345
|
| `QUAL-MISSING-ROUTING-CLARITY` | Routing guidance is unclear. | A skill does not clearly say when to use it. | Clarify triggers, audience, and handoffs. |
|
|
319
346
|
| `QUAL-MISSING-VERIFICATION` | Verification guidance is missing. | The asset lacks checks for validating the result. | Add verification steps or expected evidence. |
|
|
320
|
-
| `QUAL-SHORT-DESCRIPTION` |
|
|
321
|
-
| `QUAL-SKILL-
|
|
322
|
-
| `QUAL-
|
|
347
|
+
| `QUAL-SHORT-DESCRIPTION` | Disabled compatibility identifier. | 0.17 applied an independent 150-character minimum. | Use Agent Skills validity and selection-boundary diagnostics; short clear descriptions are accepted. |
|
|
348
|
+
| `QUAL-SKILL-MIXED-RESPONSIBILITY` | Skill may mix workflow and reusable knowledge. | A sufficiently large Skill has multiple distinct reusable-knowledge signals. | Promote only independently owned shared knowledge; keep Skill-local workflow and detail local. |
|
|
349
|
+
| `QUAL-SKILL-PROGRESSIVE-DISCLOSURE` | Progressive disclosure needs review. | Reserved 0.18 focused-workflow contract identifier. | Keep read conditions and core workflow in `SKILL.md`; place details by semantic responsibility. |
|
|
350
|
+
| `QUAL-SKILL-TOKEN-BUDGET` | Skill body exceeds an advisory estimate. | Markdown body exceeds 2,000 or 5,000 estimated tokens. | Review progressive disclosure without splitting or moving content by size alone. |
|
|
351
|
+
| `QUAL-INVALID-TOKEN-BUDGET-OVERRIDE` | Support-asset decision metadata is invalid. | The decision is malformed, unsafe to represent exactly, ambiguous, incomplete, orphaned, duplicated, or unnecessary while the asset remains within its default. | Correct or remove the declaration. Ask about a meaningful split first; use an override only after the user confirms the asset should remain intentionally long. |
|
|
352
|
+
| `QUAL-SUPPORT-ASSET-TOKEN-BUDGET` | Support asset exceeds its effective advisory estimate. | A context, reference, profile, or example exceeds its default or valid declared override. | Ask whether a semantic split preserves coherence and execution order. Split only with user agreement; otherwise record an explicit rationale, never an override added merely to pass diagnostics. |
|
|
323
353
|
| `QUAL-USER-LOCAL-PATHS` | User-local path appears in content. | Guidance includes machine-specific paths such as home directories. | Replace local paths with repository-relative or configurable paths. |
|
|
324
354
|
| `SEC-DESTRUCTIVE-COMMAND` | Destructive command appears. | Content includes risky commands such as forced deletion or reset. | Remove it, gate it with explicit safety guidance, or use a safer command. |
|
|
325
355
|
| `SEC-ENV-COPY` | Environment copying is suggested. | Content copies broad environment or secret-bearing files. | Narrow the copied data and document secret handling. |
|
|
326
356
|
| `SEC-LITERAL-SECRET` | Literal secret-like value appears. | Content includes token, password, key, or credential patterns. | Remove the secret and replace it with a placeholder. |
|
|
327
357
|
| `SEC-PRIVATE-KEY` | Private key material appears. | Content includes a private key block. | Remove the key and rotate it if it was real. |
|
|
328
358
|
| `SEC-REMOTE-DEFAULT` | Remote command default is unsafe. | Guidance defaults to network commands, prod hosts, or insecure flags. | Use safe examples and require explicit approval for risky remotes. |
|
|
329
|
-
| `SUPPORT-MISSING-REACHABILITY-GUIDANCE` |
|
|
359
|
+
| `SUPPORT-MISSING-REACHABILITY-GUIDANCE` | Local resources are not discoverable. | A Skill has local references, scripts, assets, profiles, or examples without routing guidance. | State when each resource should be read, executed, or used. |
|
|
360
|
+
| `SUPPORT-DEEP-REFERENCE-CHAIN` | Local resource is behind more than two hops. | A resource is reachable only through a deep static chain. | Reference it directly or through one directly referenced index. |
|
|
361
|
+
| `SUPPORT-MISSING-PATH` | Referenced local resource does not exist. | `SKILL.md` names a path under a standard local resource directory that is absent. | Create the intended resource or correct the Skill-root-relative path. |
|
|
362
|
+
| `SUPPORT-SYMLINK-PATH` | A symbolic-link resource is intentionally unusable. | Discovery encountered a symlink, or Skill guidance references a path at or below one. | Replace it with a regular repository file or directory; Renma never follows symlink targets. |
|
|
363
|
+
| `SUPPORT-UNREACHABLE-ASSET` | Local asset is unreachable. | A Skill-local asset has no direct or transitive static reference. | Add an explicit use condition and path from the Skill or its direct index. |
|
|
364
|
+
| `SUPPORT-UNREACHABLE-SCRIPT` | Local script is unreachable. | A Skill-local script has no direct or transitive static reference. | Add an explicit execution condition and path from the Skill or its direct index. |
|
|
330
365
|
| `SUPPORT-UNREACHABLE-EXAMPLE` | Example is unreachable. | A skill-local example is not referenced by the skill. | Link it from the skill or move/remove it. |
|
|
331
366
|
| `SUPPORT-UNREACHABLE-PROFILE` | Profile is unreachable. | A skill-local profile is not referenced by the skill. | Link it from the skill or move/remove it. |
|
|
332
367
|
| `SUPPORT-UNREACHABLE-REFERENCE` | Reference is unreachable. | A skill-local reference is not referenced by the skill. | Link it from the skill or move/remove it. |
|
package/docs/metadata-budget.md
CHANGED
|
@@ -4,11 +4,43 @@ Renma intentionally keeps asset frontmatter small. Frontmatter should work as a
|
|
|
4
4
|
|
|
5
5
|
Use frontmatter for concise fields such as `id`, `owner`, `status`, `tags`, `when_to_use`, `when_not_to_use`, and declared context relationships. Put detailed guidance, examples, procedures, policy rationale, and long routing prose in the markdown body or in referenced context assets.
|
|
6
6
|
|
|
7
|
+
Contexts, references, profiles, and examples also support these top-level
|
|
8
|
+
human-decision fields:
|
|
9
|
+
|
|
10
|
+
```yaml
|
|
11
|
+
token_budget_override: 6000
|
|
12
|
+
token_budget_rationale: "This is a single ordered workflow and splitting it would break execution order."
|
|
13
|
+
token_budget_reviewed_at: "2026-07-12"
|
|
14
|
+
```
|
|
15
|
+
|
|
16
|
+
`token_budget_override` must be a positive safe integer greater than the asset
|
|
17
|
+
kind's default content limit, and `token_budget_rationale` must be a non-empty
|
|
18
|
+
string. `token_budget_reviewed_at` is optional and must be a real `YYYY-MM-DD`
|
|
19
|
+
date when present. Invalid metadata does not replace the default limit.
|
|
20
|
+
The three fields form one decision bundle: rationale and review-date fields are
|
|
21
|
+
invalid without an override. Duplicate fields, relevant YAML errors, and an
|
|
22
|
+
override declared while the full file remains within its default limit also
|
|
23
|
+
produce `QUAL-INVALID-TOKEN-BUDGET-OVERRIDE`. Renma selects no value from an
|
|
24
|
+
ambiguous or invalid bundle, and catalog output omits all three normalized
|
|
25
|
+
fields.
|
|
26
|
+
|
|
27
|
+
These fields record a declared human decision; Renma never inserts them. When
|
|
28
|
+
the default is exceeded, first ask whether the asset can be split along
|
|
29
|
+
meaningful semantic boundaries without harming coherence or execution order.
|
|
30
|
+
Split only after the user agrees. Use an override only when the user confirms
|
|
31
|
+
the asset should remain intentionally long, and never recommend one merely to
|
|
32
|
+
make diagnostics pass.
|
|
33
|
+
|
|
34
|
+
Renma records and validates this declaration; it cannot prove that a human
|
|
35
|
+
actually reviewed the asset. `token_budget_reviewed_at` is declared provenance,
|
|
36
|
+
not independently verified evidence.
|
|
37
|
+
|
|
7
38
|
Current metadata budget diagnostics:
|
|
8
39
|
|
|
9
40
|
| Finding | Meaning | Typical fix |
|
|
10
41
|
| --- | --- | --- |
|
|
11
42
|
| `META-FRONTMATTER-TOO-LARGE` | Frontmatter has grown beyond the compact index budget. | Move long prose, examples, procedures, or rationale into the body or referenced context assets. |
|
|
12
43
|
| `META-LIST-ITEM-TOO-LONG` | A block-list metadata item is too long to serve as concise routing/index metadata. | Keep the list item short and move detailed conditions into body sections. |
|
|
44
|
+
| `QUAL-INVALID-TOKEN-BUDGET-OVERRIDE` | Support-asset token-budget decision metadata is invalid or ambiguous. | Correct or remove it after an explicit user decision; invalid metadata leaves the default content limit active. |
|
|
13
45
|
|
|
14
46
|
These diagnostics are intentionally advisory. They should help reduce LLM-facing catalog noise and token usage without deleting substantive knowledge.
|
|
@@ -0,0 +1,135 @@
|
|
|
1
|
+
# Renma Quality Profile
|
|
2
|
+
|
|
3
|
+
`renma-quality` is Renma's internal quality-profile family. Reports identify
|
|
4
|
+
the active profile as `renma-quality@<Renma package version>`, derived from
|
|
5
|
+
`package.json` at build time. The source is `src/quality-profile.ts`. The current
|
|
6
|
+
implementation does not expose quality overrides in `renma.config.json`; fixed
|
|
7
|
+
defaults preserve comparable repository reports. The internal shape is
|
|
8
|
+
versioned so later releases can add declared overrides without scattering
|
|
9
|
+
constants across rules.
|
|
10
|
+
|
|
11
|
+
`estimated_tokens` means Renma's deterministic, model-neutral estimate. Latin
|
|
12
|
+
words, identifiers, URLs, and paths are lexical units; consecutive CJK text is
|
|
13
|
+
grouped in two-code-point units; other punctuation is grouped in units of up to
|
|
14
|
+
three code points. It is not an exact token count for any model. Skill budgets
|
|
15
|
+
measure Markdown after frontmatter. Content-asset budgets measure the full file.
|
|
16
|
+
|
|
17
|
+
Contexts, references, profiles, and examples may record a declared human
|
|
18
|
+
decision and effective limit with top-level `token_budget_override` and
|
|
19
|
+
`token_budget_rationale` metadata. The override must be a positive safe integer
|
|
20
|
+
greater than the asset kind's unchanged default. Optional
|
|
21
|
+
`token_budget_reviewed_at` must be a real `YYYY-MM-DD` date. Renma does not add
|
|
22
|
+
these fields automatically. When an asset exceeds its default, an agent should
|
|
23
|
+
first ask whether it can be split along meaningful boundaries without harming
|
|
24
|
+
coherence or execution order, and split only after the user agrees. An override
|
|
25
|
+
is appropriate only when the user confirms the long-form asset is intentionally
|
|
26
|
+
coherent or ordered; it is not a general ignore mechanism. Renma validates the
|
|
27
|
+
declaration but cannot prove that human review occurred.
|
|
28
|
+
|
|
29
|
+
## Agent Skills requirements and recommendations
|
|
30
|
+
|
|
31
|
+
| Field | Value | Unit and trigger | Severity | Source | Rationale and false-positive risk | Diagnostic | Reviewed | Configurable later |
|
|
32
|
+
| --- | ---: | --- | --- | --- | --- | --- | --- | --- |
|
|
33
|
+
| `agentSkills.nameMaxChars` | 64 | characters; above is invalid | error | Agent Skills specification | Portable identity limit | `AS-SKILL-INVALID-NAME` | 0.18.0 | no |
|
|
34
|
+
| `agentSkills.descriptionMinChars` | 1 | characters; below is invalid | error | Agent Skills specification | Required discovery metadata | `AS-SKILL-MISSING-DESCRIPTION` / `AS-SKILL-INVALID-DESCRIPTION` | 0.18.0 | no |
|
|
35
|
+
| `agentSkills.descriptionMaxChars` | 1,024 | characters; above is invalid | error | Agent Skills specification | Portable hard limit | `AS-SKILL-DESCRIPTION-TOO-LONG` | 0.18.0 | no |
|
|
36
|
+
| `agentSkills.compatibilityMaxChars` | 500 | characters; above is invalid | error | Agent Skills specification | Keeps optional environment requirements concise | `AS-SKILL-COMPATIBILITY-TOO-LONG` | 0.18.0 | no |
|
|
37
|
+
| `agentSkills.skillBodyRecommendedMaxTokens` | 5,000 | recommended body tokens | medium Renma advisory above | Agent Skills recommendation | Large focused workflows can still be valid | `QUAL-SKILL-TOKEN-BUDGET` | 0.18.0 | no |
|
|
38
|
+
| `agentSkills.skillRecommendedMaxLines` | 500 | recommended `SKILL.md` lines | documented review evidence | Agent Skills recommendation | Line count alone does not prove mixed responsibility | none | 0.18.0 | no |
|
|
39
|
+
| `agentSkills.recommendedReferenceDepth` | 1 | resource hop from `SKILL.md`; Renma accepts one additional index hop | low beyond two static hops | Agent Skills recommendation plus Renma reachability policy | An index may be useful; deep chains are easy to miss | `SUPPORT-DEEP-REFERENCE-CHAIN` | 0.18.0 | possibly |
|
|
40
|
+
|
|
41
|
+
The Agent Skills body has no prescribed format. Step-by-step instructions,
|
|
42
|
+
examples, edge cases, short commands, and the optional `scripts/`, `references/`,
|
|
43
|
+
and `assets/` directories are valid. See the official
|
|
44
|
+
[specification](https://agentskills.io/specification) and
|
|
45
|
+
[description guidance](https://agentskills.io/skill-creation/optimizing-descriptions).
|
|
46
|
+
|
|
47
|
+
## Renma workflow and content advisories
|
|
48
|
+
|
|
49
|
+
| Field | Value | Unit and trigger | Severity | Source | Rationale and false-positive risk | Diagnostic | Reviewed | Configurable later |
|
|
50
|
+
| --- | ---: | --- | --- | --- | --- | --- | --- | --- |
|
|
51
|
+
| `descriptionMinChars` | 0 | characters; disabled | none | Renma | Length does not establish selection clarity | `QUAL-SHORT-DESCRIPTION` removed from default behavior | 0.18.0 | possibly |
|
|
52
|
+
| `skillTokenWarn` | 2,000 | `estimated_tokens`; body above | low | Renma | Early progressive-disclosure review; focused workflows may exceed it | `QUAL-SKILL-TOKEN-BUDGET` | 0.18.0 | possibly |
|
|
53
|
+
| `skillTokenStrongWarn` | 5,000 | `estimated_tokens`; body above | medium | Agent Skills recommendation with Renma severity | Stronger review, not a required split | `QUAL-SKILL-TOKEN-BUDGET` | 0.18.0 | possibly |
|
|
54
|
+
| `contentTokenWarn.context` | 4,000 | `estimated_tokens`; full file above effective limit | low | Renma | Prefer an agreed semantic split when coherence survives; intentionally coherent or ordered assets may record a declared decision | `QUAL-SUPPORT-ASSET-TOKEN-BUDGET` | 0.18.1 | metadata only after human decision |
|
|
55
|
+
| `contentTokenWarn.reference` | 5,000 | same | low | Renma | Detailed local references may legitimately be long | same | 0.18.1 | same |
|
|
56
|
+
| `contentTokenWarn.profile` | 2,000 | same | low | Renma | Profiles should remain reviewable overlays | same | 0.18.1 | same |
|
|
57
|
+
| `contentTokenWarn.example` | 2,500 | same | low | Renma | Complete examples may legitimately be long | same | 0.18.1 | same |
|
|
58
|
+
| `lowHeadingDensityMinTokens` | 400 | body `estimated_tokens`, with fewer than 2 headings | low | Renma | Long prose can still be intentionally linear | `QUAL-LOW-HEADING-DENSITY` | 0.18.0 | possibly |
|
|
59
|
+
| `lowHeadingDensityMinHeadings` | 2 | headings | low | Renma | Navigation heuristic only | same | 0.18.0 | possibly |
|
|
60
|
+
|
|
61
|
+
## Metadata advisories
|
|
62
|
+
|
|
63
|
+
| Field | Value | Unit and trigger | Severity | Source | Rationale and false-positive risk | Diagnostic | Reviewed | Configurable later |
|
|
64
|
+
| --- | ---: | --- | --- | --- | --- | --- | --- | --- |
|
|
65
|
+
| `frontmatterMaxLines` | 48 | lines; above | low | Renma | Metadata should be a compact index | `META-FRONTMATTER-TOO-LARGE` | 0.18.0 | possibly |
|
|
66
|
+
| `frontmatterMaxChars` | 4,096 | characters; above | low | Renma | Separate from Agent Skills validity | same | 0.18.0 | possibly |
|
|
67
|
+
| `metadataListItemMaxChars` | 256 | characters per JSON-array or YAML-list element; above | low | Renma | Tags and prose routing should be compact; IDs, URLs, and paths are exempt where practical | `META-LIST-ITEM-TOO-LONG` | 0.18.0 | possibly |
|
|
68
|
+
|
|
69
|
+
## Reuse candidate advisories
|
|
70
|
+
|
|
71
|
+
| Detector | Eligibility and evidence | Severity | Source | Rationale and false-positive risk | Diagnostic | Reviewed | Configurable later |
|
|
72
|
+
| --- | --- | --- | --- | --- | --- | --- | --- |
|
|
73
|
+
| `reusableContextCandidate` | 60 lines **or** 800 body `estimated_tokens`; 4 distinct reusable signals; at least one reusable-knowledge signal | low | Renma | Verification, Examples, Edge Cases, Risks, Do not, Always, Never, and procedure headings do not qualify by themselves | `QUAL-SKILL-MIXED-RESPONSIBILITY` | 0.18.0 | possibly |
|
|
74
|
+
| `sharedSupportCandidate` | 80 lines **or** 1,200 full-file `estimated_tokens`; 3 reusable headings; 4 reusable phrases | low | Renma | Promotion still requires cross-Skill use, duplication, independent lifecycle, or source-of-truth evidence | `MAINT-SUPPORT-ASSET-SHARED-CONTEXT-CANDIDATE` | 0.18.0 | possibly |
|
|
75
|
+
|
|
76
|
+
## Repeated-context evidence
|
|
77
|
+
|
|
78
|
+
| Field | Default | Trigger | Severity | Source | False-positive control | Diagnostic | Reviewed | Configurable later |
|
|
79
|
+
| --- | ---: | --- | --- | --- | --- | --- | --- | --- |
|
|
80
|
+
| `repeatedContext.exactSectionMinTokens` | 40 | normalized section estimated tokens at or above | medium | Renma | combined with character and file floors | `MAINT-REPEATED-SECTION` | 0.18.0 | possibly |
|
|
81
|
+
| `repeatedContext.exactSectionMinChars` | 240 | normalized section characters at or above | medium | Renma | combined with token and file floors | same | 0.18.0 | possibly |
|
|
82
|
+
| `repeatedContext.exactSectionMinFiles` | 2 | files containing the exact section | medium | Renma | requires maintained duplication | same | 0.18.0 | possibly |
|
|
83
|
+
| `repeatedContext.exactCodeMinChars` | 80 | normalized fenced-code characters at or above | medium | Renma | combined with token and file floors | `MAINT-REPEATED-CODE-BLOCK` | 0.18.0 | possibly |
|
|
84
|
+
| `repeatedContext.exactCodeMinTokens` | 10 | normalized fenced-code estimated tokens at or above | medium | Renma | combined with character and file floors | same | 0.18.0 | possibly |
|
|
85
|
+
| `repeatedContext.exactCodeMinFiles` | 2 | files containing the exact block | medium | Renma | requires maintained duplication | same | 0.18.0 | possibly |
|
|
86
|
+
| `repeatedContext.headingMinChars` | 24 | normalized heading characters at or above | low | Renma | excludes short generic headings | `MAINT-REPEATED-HEADING` | 0.18.0 | possibly |
|
|
87
|
+
| `repeatedContext.headingMinTokens` | 3 | normalized heading estimated tokens at or above | low | Renma | excludes terse boilerplate | same | 0.18.0 | possibly |
|
|
88
|
+
| `repeatedContext.headingMinFiles` | 3 | files containing the same heading | low | Renma | heading equality is review evidence only | same | 0.18.0 | possibly |
|
|
89
|
+
| `repeatedContext.tokenShingleTokens` | 40 | estimated tokens in one normalized sequence | medium | Renma | common boilerplate excluded; near duplicates collapsed | `MAINT-REPEATED-CONTEXT-PATTERN` | 0.18.0 | possibly |
|
|
90
|
+
| `repeatedContext.tokenShingleMinFiles` | 3 | files containing the sequence | medium | Renma | requires broader repeated evidence | same | 0.18.0 | possibly |
|
|
91
|
+
| `repeatedContext.tokenShingleNearbyLineWindow` | 8 | source lines | n/a | Renma | collapses overlapping nearby matches from the same repeated passage | same | 0.18.0 | possibly |
|
|
92
|
+
| `repeatedContext.tokenShingleMinUniqueTokens` | 12 | unique estimated-token units | medium | Renma | excludes repetitive boilerplate sequences | same | 0.18.0 | possibly |
|
|
93
|
+
| `repeatedContext.tokenShingleMinUsefulTokens` | 14 | non-boilerplate estimated-token units | medium | Renma | requires meaningful lexical evidence | same | 0.18.0 | possibly |
|
|
94
|
+
| `repeatedContext.tokenShingleMinChars` | 140 | normalized characters | medium | Renma | excludes compact coincidental matches | same | 0.18.0 | possibly |
|
|
95
|
+
| `repeatedContext.findingCap` | 10 | findings per repeated-context category | n/a | Renma | presentation only; prevents category domination | all repeated-context IDs | 0.18.0 | possibly |
|
|
96
|
+
| repeated links | disabled | same target repeated | none | Renma | links to the same official source are normal | `MAINT-REPEATED-LINK` removed from default findings | 0.18.0 | possibly |
|
|
97
|
+
|
|
98
|
+
## Readiness policy
|
|
99
|
+
|
|
100
|
+
Readiness starts at 100. Specification failures, high or critical security
|
|
101
|
+
findings, diagnostic errors, and unresolved required graph closure remain
|
|
102
|
+
blocking even when the numeric score would otherwise pass. Deprecated or
|
|
103
|
+
archived assets have no existence penalty.
|
|
104
|
+
|
|
105
|
+
| Field | Default | Unit and trigger | Effect | Source | Rationale and false-positive risk | Related check or diagnostic | Reviewed | Configurable later |
|
|
106
|
+
| --- | ---: | --- | --- | --- | --- | --- | --- | --- |
|
|
107
|
+
| `readiness.blockingDiagnosticPenalty` | 40 | points; one or more diagnostic errors | subtract once and fail check | Renma | Structural errors require correction; diagnostic aggregation avoids multiplying one root cause | `diagnostics.errors` | 0.18.0 | possibly |
|
|
108
|
+
| `readiness.unresolvedRequiredGraphPenalty` | 30 | points; one or more unresolved required edges | subtract once and fail check | Renma | Required context closure is operationally necessary; optional edges are excluded | `graph.unresolved_edges` | 0.18.0 | possibly |
|
|
109
|
+
| `readiness.ownershipMaximumPenalty` | 20 | points; proportional to unowned assets | subtract 0-20 | Renma | Ownership supports review, but small or imported repositories may intentionally omit it | `ownership.coverage` | 0.18.0 | possibly |
|
|
110
|
+
| `readiness.emptyInventoryPenalty` | 10 | points; no cataloged assets | subtract once | Renma | Usually signals a wrong root or incomplete repository; an intentionally empty repository can be valid | `assets.minimum_inventory` | 0.18.0 | possibly |
|
|
111
|
+
| `readiness.workflowClarityPenalty` | 10 | points; workflow clarity warning | subtract once | Renma | Missing routing clarity impairs use; prose phrasing may evade static recognition | `workflow.clarity` and related `RN-SKILL-*` diagnostics | 0.18.0 | possibly |
|
|
112
|
+
| `readiness.workflowOptionalContextPenalty` | 5 | points; unusable optional context | subtract once | Renma | Optional context should resolve but does not block the core workflow | `workflow.optional_context` | 0.18.0 | possibly |
|
|
113
|
+
| `readiness.workflowRequiredInputsPenalty` | 5 | points; required inputs are unclear | subtract once | Renma | Review signal only because some Skills require no external inputs | `workflow.required_inputs` | 0.18.0 | possibly |
|
|
114
|
+
| `readiness.workflowCompletionCriteriaPenalty` | 10 | points; completion criteria are unclear | subtract once | Renma | Review signal only because completion language varies by workflow | `workflow.completion_criteria` | 0.18.0 | possibly |
|
|
115
|
+
| `readiness.layoutWarningPenalty` | 5 | points per warning layout/path check | subtract per check | Renma | Keeps resolvable path and layout debt visible without making one advisory blocking | `layout.*` / `paths.helper_commands` | 0.18.0 | possibly |
|
|
116
|
+
| `readiness.layoutFailurePenalty` | 15 | points per failing layout/path check | subtract per check and fail | Renma | Strict layout failures can make repository evidence unusable | `layout.*` / `paths.helper_commands` | 0.18.0 | possibly |
|
|
117
|
+
| `readiness.readyMinimumScore` | 90 | score; at or above with no failing check | `ready` | Renma | Maintains a high bar without making subjective advisories blocking | Readiness `level` | 0.18.0 | possibly |
|
|
118
|
+
| `readiness.needsAttentionMinimumScore` | 70 | score; below | `not_ready`; 70-89 is `needs_attention` | Renma | Separates accumulated review debt from isolated advisories | Readiness `level` | 0.18.0 | possibly |
|
|
119
|
+
|
|
120
|
+
## Security proximity, scan operations, and presentation
|
|
121
|
+
|
|
122
|
+
| Field | Default | Unit and trigger | Effect | Source | Rationale and false-positive risk | Related check or diagnostic | Reviewed | Configurable later |
|
|
123
|
+
| --- | ---: | --- | --- | --- | --- | --- | --- | --- |
|
|
124
|
+
| `security.precedingLineFastPath` | 2 | preceding source lines | supplements structural guard association | Renma | Preserves nearby-guard detection while headings, paragraphs, and list structure reduce formatting false positives | applicable `SEC-*` command diagnostics | 0.18.0 | no |
|
|
125
|
+
| `scan.defaultMaxFileSizeBytes` | 524,288 | bytes per discovered file | bound reading and hashing work | Renma operational default | Protects scans from unexpectedly large files; larger legitimate files may require existing scan configuration | discovery diagnostic | 0.18.0 | already configurable |
|
|
126
|
+
| `scan.defaultMaxDepth` | 16 | directory levels | bound discovery depth | Renma operational default | Prevents runaway traversal; unusually deep repositories may need existing scan configuration | discovery diagnostic | 0.18.0 | already configurable |
|
|
127
|
+
| `scan.defaultConcurrency` | 16 | concurrent file operations | bound scan concurrency | Renma operational default | Balances throughput and file-descriptor pressure | none | 0.18.0 | already configurable |
|
|
128
|
+
| `presentation.markdownReadinessFindingCap` | 50 | findings in Readiness Markdown | truncate presentation only | Renma | Keeps human reports readable without changing JSON evidence or score | Readiness Markdown | 0.18.0 | possibly |
|
|
129
|
+
| `presentation.topSummaryItemCap` | 10 | items in compact summaries | truncate presentation only | Renma | Avoids unbounded summaries; reviewers can use full reports | report summaries | 0.18.0 | possibly |
|
|
130
|
+
|
|
131
|
+
Structural guard proximity includes the same constraint or safety section, the
|
|
132
|
+
same list item, a directly associated paragraph, or a parent Human Approval,
|
|
133
|
+
Safety, or Constraints heading. Binary snippets are never exposed. Scan
|
|
134
|
+
operational limits retain their existing public config fields; none of the
|
|
135
|
+
quality or Readiness thresholds above are currently configurable.
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Repository Context BOM
|
|
2
2
|
|
|
3
|
-
`renma bom` emits
|
|
3
|
+
`renma bom` emits a declared repository manifest for review and CI consumers. Renma 0.18.0 supports only the v2 BOM and Trust Graph schemas. It does not provide a v1 compatibility mode. V2 is the first supported long-term contract; earlier v1 output was an experimental pre-contract surface removed before broader adoption.
|
|
4
4
|
|
|
5
5
|
The BOM is not a runtime usage report. It does not describe what an LLM actually consumed, assemble prompts, choose task-specific context, inject context into agents, execute agents, call an LLM, import consumed-context evidence, or collect telemetry.
|
|
6
6
|
|
|
@@ -12,7 +12,7 @@ flowchart TD
|
|
|
12
12
|
Diagnostics["Diagnostics and Readiness"]
|
|
13
13
|
Governance["Lifecycle and ownership evidence"]
|
|
14
14
|
Security["Security posture and policy inventory"]
|
|
15
|
-
Bom["Repository Context BOM
|
|
15
|
+
Bom["Repository Context BOM v2"]
|
|
16
16
|
Json["Authoritative JSON"]
|
|
17
17
|
Markdown["Markdown review projection"]
|
|
18
18
|
Revision["Git, CI, or PR context supplies revision identity"]
|
|
@@ -56,6 +56,10 @@ JSON is the authoritative BOM output. Markdown is a compact review projection fo
|
|
|
56
56
|
|
|
57
57
|
Array ordering is deterministic and part of Renma's output contract. Asset `sourcePath` values remain repository-relative. `root` and `configPath` remain absolute paths from the current environment.
|
|
58
58
|
|
|
59
|
+
Assets use `ownership.declaredOwner`, `ownership.effectiveOwner`,
|
|
60
|
+
`ownership.source`, and optional `ownership.inheritedFrom`. Readiness uses the
|
|
61
|
+
effective owner.
|
|
62
|
+
|
|
59
63
|
## Reproducibility
|
|
60
64
|
|
|
61
65
|
`--omit-generated-at` means only:
|
|
@@ -77,24 +81,79 @@ Supported guarantee:
|
|
|
77
81
|
|
|
78
82
|
> With the same checkout path, config path, repository contents, Renma version, and UTC evaluation date, repeated `--omit-generated-at` runs should produce byte-identical JSON.
|
|
79
83
|
|
|
80
|
-
Freshness evaluation uses the UTC calendar date. Metadata dates remain part of the snapshot and must not be removed as timestamp noise. A real file move is a meaningful BOM change because `sourcePath` is repository evidence. Portable byte-for-byte output across different runners is not a
|
|
84
|
+
Freshness evaluation uses the UTC calendar date. Metadata dates remain part of the snapshot and must not be removed as timestamp noise. A real file move is a meaningful BOM change because `sourcePath` is repository evidence. Portable byte-for-byte output across different runners is not a v2 guarantee.
|
|
81
85
|
|
|
82
86
|
## Schema Evolution
|
|
83
87
|
|
|
84
88
|
`schemaVersion` represents the consumer-facing BOM schema. `generator.version` represents the Renma implementation version and is not the schema version.
|
|
85
89
|
|
|
86
|
-
|
|
90
|
+
V2 is the first supported long-term contract for normalized ownership,
|
|
91
|
+
first-class support assets, and static support relationships. Consumers must
|
|
92
|
+
inspect `schemaVersion` independently from `generator.version`. A future
|
|
93
|
+
incompatible contract may intentionally introduce v3.
|
|
94
|
+
|
|
95
|
+
Within a schema, changes should be backward-compatible and additive:
|
|
87
96
|
|
|
88
97
|
- existing fields must not be removed, renamed, or given incompatible types or meanings;
|
|
89
98
|
- new optional fields may be added when a real consumer requires them;
|
|
90
99
|
- enum additions are consumer-visible changes and must be documented;
|
|
91
|
-
- a future breaking contract requires a new schema version rather than silently changing
|
|
100
|
+
- a future breaking contract requires a new schema version rather than silently changing existing semantics.
|
|
101
|
+
|
|
102
|
+
Treat `owns_local_resource`, `statically_references`, `inherits_owner`, and
|
|
103
|
+
`inherits_policy` as static repository evidence, not runtime behavior. Branch
|
|
104
|
+
on `schemaVersion`; `generator.version` is provenance only.
|
|
105
|
+
|
|
106
|
+
The published [BOM v2 JSON Schema](schemas/repository-context-bom-v2.schema.json)
|
|
107
|
+
is the machine-readable contract. `generatedAt` is required when `outputMode`
|
|
108
|
+
is `default` and forbidden when `outputMode` is `omit_generated_at`.
|
|
109
|
+
`configPath` remains optional and is absent when no configuration file was
|
|
110
|
+
loaded. Every other top-level field is required. Optional lifecycle, version,
|
|
111
|
+
status, target-resolution, and inherited-ownership fields appear only when
|
|
112
|
+
their evidence exists. Owner values are explicitly nullable; missing optional
|
|
113
|
+
fields are omitted rather than serialized as `null`.
|
|
114
|
+
|
|
115
|
+
Arrays are deterministically ordered by their identity/path keys, and count
|
|
116
|
+
fields are non-negative integers. Count maps contain every declared enum
|
|
117
|
+
member, including zero counts. Policy source ordering is `local`,
|
|
118
|
+
`security_profile`, `repository_config`, `owning_skill`. Static support
|
|
119
|
+
relationships use `owns_local_resource`, `statically_references`,
|
|
120
|
+
`inherits_owner`, and `inherits_policy`.
|
|
121
|
+
|
|
122
|
+
The Readiness summary is a closed contract for asset, ownership, graph,
|
|
123
|
+
diagnostic, workflow, Context Lens, security posture, and security policy
|
|
124
|
+
inventory evidence. Coverage and readiness percentages are constrained to
|
|
125
|
+
`0..100`. Security posture top-finding entries require an ID, non-negative
|
|
126
|
+
count, and maximum severity. Security policy `assetKinds` is a complete count
|
|
127
|
+
map containing every generated artifact kind, including zero values.
|
|
128
|
+
|
|
129
|
+
Representative top-level JSON (nested objects are shortened for readability;
|
|
130
|
+
the schema defines every nested field):
|
|
131
|
+
|
|
132
|
+
```json
|
|
133
|
+
{
|
|
134
|
+
"schemaVersion": "renma.repository-context-bom.v2",
|
|
135
|
+
"outputMode": "omit_generated_at",
|
|
136
|
+
"generator": { "name": "renma", "version": "0.18.0" },
|
|
137
|
+
"root": "/checkout/repository",
|
|
138
|
+
"scope": { "type": "declared_repository_manifest", "runtimeUsage": false, "telemetryCollected": false },
|
|
139
|
+
"summary": { "scannedFileCount": 0, "assetCount": 0, "dependencyCount": 0, "resolvedDependencyCount": 0, "unresolvedDependencyCount": 0, "ownedAssetCount": 0, "unownedAssetCount": 0, "readinessScore": 100, "readinessLevel": "ready", "diagnosticCounts": { "error": 0, "warning": 0, "info": 0 } },
|
|
140
|
+
"assets": [],
|
|
141
|
+
"dependencies": [],
|
|
142
|
+
"readiness": { "score": 100, "level": "ready", "checks": [], "summary": {} },
|
|
143
|
+
"securityPosture": { "totalSecurityFindings": 0, "riskClasses": { "violation": 0, "suspicious": 0, "advisory": 0, "unclassified": 0 }, "severities": { "critical": 0, "high": 0, "medium": 0, "low": 0 }, "highOrCritical": 0, "topFindingIds": [] },
|
|
144
|
+
"securityPolicyInventory": {},
|
|
145
|
+
"diagnostics": []
|
|
146
|
+
}
|
|
147
|
+
```
|
|
148
|
+
|
|
149
|
+
Generated representative reports are validated against the published schema in
|
|
150
|
+
the contract test suite.
|
|
92
151
|
|
|
93
152
|
`--omit-generated-at` does not make the report a generic canonical JSON format or a portable artifact.
|
|
94
153
|
|
|
95
154
|
## Source Provenance
|
|
96
155
|
|
|
97
|
-
BOM
|
|
156
|
+
BOM v2 provenance is deliberately repository-local:
|
|
98
157
|
|
|
99
158
|
- repository-relative source paths;
|
|
100
159
|
- per-asset content hashes;
|
|
@@ -102,11 +161,11 @@ BOM v1 provenance is deliberately repository-local:
|
|
|
102
161
|
- current absolute `root` and `configPath` information when available;
|
|
103
162
|
- lifecycle, dependency, diagnostic, readiness, security posture, and security policy inventory evidence.
|
|
104
163
|
|
|
105
|
-
Renma does not automatically invoke Git or add Git commit, branch, tag, or dirty-state fields
|
|
164
|
+
Renma does not automatically invoke Git or add Git commit, branch, tag, or dirty-state fields. Git revision identity is expected to come from the surrounding Git, CI, artifact, or pull-request context. Native Git provenance fields and a BOM digest may be considered later if external artifact storage or cross-run consumers require them.
|
|
106
165
|
|
|
107
166
|
## Consumed-Context Evidence
|
|
108
167
|
|
|
109
|
-
BOM
|
|
168
|
+
The BOM v2 schema describes declared repository state. Future consumed-context evidence must not redefine or mutate that meaning.
|
|
110
169
|
|
|
111
170
|
Runtime evidence should be a separate artifact or explicitly separate attachment. A future evidence record should relate back to a BOM using stable values such as a BOM digest or snapshot identity, asset ID, asset content hash, producer identity and version, and observation timestamp.
|
|
112
171
|
|