scene-capability-engine 3.6.45 → 3.6.47

package/CHANGELOG.md

@@ -7,6 +7,28 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [3.6.47] - 2026-03-14
+
+### Changed
+- Promoted "clarification before disable" to a global SCE baseline rule: missing business scene/module/page/entity context now defaults to clarification in builtin interactive governance, is written into steering/template core principles, and is documented as mandatory for all SCE-integrated projects with no exceptions.
+- Added `clarification-first-audit` as a release/audit guard so core scripts, policy/docs, starter/template baselines, and legacy fallback phrases are continuously checked for regression.
+- Wired `clarification-first-audit` into `test.yml`, `release.yml`, and `steering-hygiene.yml` so CI, tag releases, and scheduled hygiene runs all enforce the clarification-first baseline.
+- Extended takeover baseline auto-alignment so older adopted projects also repair missing clarification-first `CORE_PRINCIPLES` content during best-effort startup/default alignment.
+- Added CLI integration coverage for `sce adopt`, `sce upgrade`, and startup takeover auto-alignment so clarification-first baseline propagation is verified end-to-end on real project fixtures.
+- Extended takeover baseline to auto-create `.sce/config/errorbook-registry.json` and to inventory project-defined mistake-book/postmortem style artifacts so SCE takeover converges them into the canonical `errorbook` flow instead of letting parallel mechanisms coexist.
+- Added three more global core principles to the steering baseline: forbid blind fixes without problem evidence, require evaluation before any steering entry is added/removed/rewritten, and default frontend/backend mismatch fixes to align the frontend to the existing backend API contract unless an interface change is explicitly requested.
+
+## [3.6.46] - 2026-03-13
+
+### Added
+- Added `scripts/npm-package-runtime-asset-check.js` and the `npm run gate:npm-runtime-assets` release gate to verify that every runtime `scripts/*.js` file is present in the npm pack dry-run payload before publish.
+- Added Spec `123-00-npm-package-runtime-asset-integrity` with requirements, design, tasks, and deliverables to formalize the npm runtime asset integrity fix.
+- Added unit coverage for runtime script discovery, pack payload parsing, missing-script detection, and pack execution failure reporting.
+
+### Fixed
+- Fixed npm package publish contents by including the root `scripts/` directory in the package `files` allowlist, so installed `sce` tarballs no longer crash on missing runtime assets such as `scripts/git-managed-gate.js`.
+- Fixed the new runtime asset gate on Windows by executing `npm pack --json --dry-run` through a shell-compatible path and raising the output buffer ceiling for large package manifests.
+
 ## [3.6.45] - 2026-03-13
 
 ### Added

package/README.md

@@ -139,6 +139,7 @@ sce auth status --json
 SCE is opinionated by default.
 
 - `studio plan` runs intake and scene/spec governance unless policy explicitly allows bypass.
+- When business scene/module/page/entity context is missing, SCE must route to clarification first; unknown business scope must not be turned into blanket disable.
 - `verify` and `release` enforce problem-closure and related gates when a spec is bound.
 - Autonomous program execution applies gate evaluation, fallback-chain logic, governance replay, and auto-remediation.
 - State persistence prefers SQLite, not ad hoc local caches.

package/README.zh.md

@@ -144,6 +144,7 @@ sce auth status --json
 SCE 默认是强治理的。
 
 - `studio plan` 默认执行 intake 与 scene/spec 治理，除非策略显式允许绕过
+- 缺少业务场景/模块/页面/实体上下文时，SCE 必须先进入澄清，而不是把未知业务范围直接变成一刀切禁用
 - 当 spec 绑定时，`verify` 和 `release` 默认执行 problem-closure 等相关门禁
 - `close-loop-program` 默认带 gate 评估、fallback-chain、governance replay、auto-remediation
 - 状态持久化默认优先走 SQLite，而不是零散本地缓存

package/docs/agent-runtime/symbol-evidence.schema.json

@@ -86,7 +86,7 @@
           "type": "string",
           "enum": [
             "allow_write",
-            "block_high_risk_write"
+            "clarify_business_scope"
           ]
         },
         "advisory": {

package/docs/command-reference.md

@@ -366,6 +366,8 @@ sce workspace takeover-apply --json
 # until manual migration is completed.
 # For adopted projects, startup auto-runs takeover baseline alignment
 # before command execution (best effort, non-blocking).
+# Takeover alignment now also repairs missing clarification-first
+# CORE_PRINCIPLES baseline when older adopted projects drift.
 
 # Legacy commands (still supported)
 sce workspace sync
@@ -1806,8 +1808,14 @@ Interactive dialogue governance helper (script-level communication-rule gate):
   - Default policy: `docs/interactive-customization/dialogue-governance-policy-baseline.json` (fallback builtin policy when missing)
   - Default authorization dialogue policy: `docs/interactive-customization/authorization-dialogue-policy-baseline.json`
   - Default profile: `business-user` (use `system-maintainer` for maintenance/operator conversations)
+  - Missing business scene/module/page/entity context defaults to `clarify`; unknown scope must not be converted into blanket disable fallback.
   - `--fail-on-deny` exits with code `2` to block unsafe requests in CI/automation.
 
+Clarification-first baseline audit helper:
+- `node scripts/clarification-first-audit.js [--project-path <path>] [--out <path>] [--fail-on-violation] [--json]`: verify that SCE global clarification-first baselines are present across core scripts, policy/docs, starter/template assets, and that legacy blanket-disable phrases do not reappear in tracked source/docs.
+  - Default behavior: audit current project root.
+  - `--fail-on-violation` exits with code `2` when required clarification-first baselines drift or prohibited legacy phrases are detected.
+
 Interactive change-plan generator helper (script-level stage-B planning bridge):
 - `node scripts/interactive-plan-build.js --intent <path> [--context <path>] [--execution-mode <suggestion|apply>] [--out-plan <path>] [--out-markdown <path>] [--json]`: generate structured `Change_Plan` from `Change_Intent`, including action candidates, risk level, verification checks, rollback plan, approval status, and gate hint command.
   - Default outputs:

package/docs/interactive-customization/dialogue-governance-policy-baseline.json

@@ -41,11 +41,13 @@
     "Always restate objective, scope, and expected impact before recommendations.",
     "When risk or permission is involved, explicitly list required approvals and authorization.",
     "If requirement is ambiguous, ask at most two focused clarification questions.",
+    "If business scene, module, page, entity, or constraints are missing, clarify and narrow scope before using any fallback restriction; do not replace understanding with blanket disable.",
     "Never propose credential export, approval bypass, or secret leakage."
   ],
   "clarification_templates": [
     "What business metric should improve first (speed, accuracy, cost, compliance)?",
-    "Which module/page should be changed first, and what must remain unchanged?"
+    "Which module/page should be changed first, and what must remain unchanged?",
+    "Which entity or business rule is affected, and what constraint must stay intact?"
   ],
   "profiles": {
     "business-user": {
@@ -75,6 +77,7 @@
       ],
       "response_rules": [
         "For maintenance requests, require change ticket, rollback plan, and approval role before execution.",
+        "When business context is incomplete, ask for the affected module/page/entity before considering deny or write restrictions.",
         "If request targets production, require staged validation evidence first."
       ],
       "clarification_templates": [

package/docs/interactive-customization/embedded-assistant-authorization-dialogue-rules.md

@@ -31,6 +31,7 @@ This guide defines mandatory conversation and authorization behavior for an embe
 3. Confirmation before mutation:
 - For `apply`, assistant must ask a final explicit confirmation.
 - Confirmation text must include impact summary and rollback availability.
+- Missing business scene/context must trigger clarification first; it must not be treated as a reason to blanket-disable the request.
 
 ## 4. Step-Up Authorization Rules
 
@@ -49,6 +50,10 @@ This guide defines mandatory conversation and authorization behavior for an embe
   - reject execution,
   - explain the blocked policy reason in plain language,
   - provide at least one safe alternative (`suggestion`, ticket, or scope reduction).
+- If business context or symbol evidence is incomplete, assistant must:
+  - ask for missing `module/page/entity/business constraint` details,
+  - reduce scope to a verifiable change candidate,
+  - avoid using fallback as a blanket disable substitute before context is understood.
 - If environment is rate-limited or unstable (`429`/timeouts), assistant must:
   - avoid aggressive retries,
   - switch to phased queue execution guidance,

package/docs/releases/README.md

@@ -9,6 +9,8 @@ This directory stores release-facing documents:
 ## Archived Versions
 
 - [Release checklist](../release-checklist.md)
+- [v3.6.47 release notes](./v3.6.47.md)
+- [v3.6.46 release notes](./v3.6.46.md)
 - [v3.6.45 release notes](./v3.6.45.md)
 - [v3.6.44 release notes](./v3.6.44.md)
 - [v3.6.43 release notes](./v3.6.43.md)

package/docs/releases/v3.6.46.md

@@ -0,0 +1,23 @@
+# v3.6.46 Release Notes
+
+Release date: 2026-03-13
+
+## Highlights
+
+- Fixed the npm package publish surface so the root `scripts/` directory is included in the released tarball again.
+- Added `npm run gate:npm-runtime-assets`, which inspects `npm pack --json --dry-run` output and blocks publish if any runtime `scripts/*.js` file would be missing from the package.
+- Hardened the new gate for Windows by running `npm pack` through a shell-compatible path and increasing the command output buffer for the repository's large manifest.
+
+## Verification
+
+- `npx jest tests/unit/scripts/npm-package-runtime-asset-check.test.js --runInBand`
+- `node scripts/npm-package-runtime-asset-check.js --json`
+- `npm pack --json --dry-run`
+- Installed the packed `scene-capability-engine-3.6.46.tgz` into a clean temp project and verified:
+  - `node node_modules/scene-capability-engine/bin/scene-capability-engine.js --version`
+  - `node node_modules/scene-capability-engine/bin/scene-capability-engine.js workspace delivery-audit --json`
+
+## Release Notes
+
+- This release fixes the broken runtime asset packaging observed in `3.6.44` and `3.6.45`. The failure mode was a missing `scripts/git-managed-gate.js`, but the underlying defect affected the full root `scripts/` runtime surface.
+- For already-installed `3.6.44` or `3.6.45`, the smallest emergency patch is to restore `scripts/git-managed-gate.js` into the installed package. `3.6.46` is the proper fix and should replace those versions.

package/docs/releases/v3.6.47.md

@@ -0,0 +1,23 @@
+# v3.6.47 Release Notes
+
+Release date: 2026-03-14
+
+## Highlights
+
+- Promoted clarification-first into an SCE-wide baseline: when business scene, module, page, entity, or constraints are unclear, the assistant must narrow scope first instead of converting uncertainty into blanket disable.
+- Extended takeover baseline alignment so adopted and upgraded projects automatically repair missing core principles, auto-seed `.sce/config/errorbook-registry.json`, and inventory project-defined postmortem or mistake-book style mechanisms for convergence into `.sce/errorbook`.
+- Added three more global steering baselines: no blind fixes without problem evidence, no arbitrary steering entry add/remove without evaluation, and frontend/backend mismatch fixes must default to the existing backend API contract unless an interface change is explicitly requested.
+
+## Validation
+
+- `npx jest tests/unit/workspace/takeover-baseline.test.js --runInBand`
+- `npx jest tests/integration/adopt-upgrade-clarification-first.integration.test.js --runInBand`
+- `npx jest tests/integration/takeover-baseline-cli.integration.test.js --runInBand`
+- `npm run audit:steering`
+- `npm run gate:errorbook-registry-health`
+- `npm run prepublishOnly`
+
+## Release Notes
+
+- This patch release formalizes the steering and takeover rules discussed during recent SCE hardening work, so they are no longer implicit operator expectations but enforced project baselines.
+- Existing SCE-integrated projects now inherit these rules automatically through startup takeover alignment, `sce adopt`, and `sce upgrade`, which prevents drift between newly adopted projects and older onboarded repositories.

package/docs/sce-business-mode-map.md

@@ -34,6 +34,8 @@ After SCE integration is enabled:
 5. `gated execution`: runtime policy + authorization tier + approval gate.
 6. `execution + audit`: execute or block, then emit summary and evidence.
 
+If business scene or symbol evidence is incomplete, route to scope clarification first instead of using a blanket fallback disable.
+
 ## 5. Mode Playbooks
 
 ### 5.1 user-mode (business usage UI)
@@ -100,4 +102,3 @@ See also: `docs/security-governance-default-baseline.md`
 3. Enable required gate artifacts and audit logs.
 4. Run weekly governance and release gates.
 5. Keep capability matrix and ontology mapping updated per release.
-

package/docs/sce-capability-matrix-e2e-example.md

@@ -27,7 +27,8 @@ node scripts/symbol-evidence-locate.js \
 
 Expected:
 - reliable evidence => `fallback_action=allow_write`
-- no reliable evidence => `fallback_action=block_high_risk_write` and exit code `2`
+- no reliable evidence => `fallback_action=clarify_business_scope` and exit code `2`
+- assistant must narrow module/page/entity and business constraints before deciding whether writes should proceed
 
 ## 3) Failure Attribution and Bounded Repair
 

package/docs/security-governance-default-baseline.md

@@ -5,6 +5,8 @@ This baseline is the default operating policy for SCE-driven delivery, including
 ## 1. Context and Data Safety
 
 - Enforce strict context contract validation (`--context-contract`, strict mode on).
+- Missing business scene/module/page/entity context must route to clarification first; unknown scope is never a valid reason for blanket disable.
+- This clarification-first rule applies to every SCE-integrated project and surface with no project-specific exception.
 - Block forbidden keys (for example secrets/private keys) from UI/provider payloads.
 - Keep payload masking enabled for business data and identity fields.
 - Reject context payloads that exceed size budget or schema bounds.

package/docs/starter-kit/README.md

@@ -2,6 +2,8 @@
 
 This starter kit is the default baseline for onboarding an external project (including Moqui-based solutions) into SCE without project-specific flags.
 
+It also inherits SCE's clarification-first rule: if business scene/module/page/entity context is missing, the assistant must narrow scope before any deny/disable fallback. This baseline applies to every onboarded project with no project-specific exception.
+
 ## Included Assets
 
 - `handoff-manifest.starter.json`: minimal manifest contract that works with `sce auto handoff` and `sce scene package-publish-batch`.
@@ -33,6 +35,7 @@ node scripts/release-ops-weekly-summary.js --json
 
 - `scene package publish-batch` gate passes.
 - capability lexicon unknown count is zero.
+- missing business scope is handled through clarification, not blanket disable fallback.
 - release preflight is not blocked for hard-gate profiles.
 - weekly ops summary risk is not `high` unless explicitly approved.
 

package/docs/zh/releases/README.md

@@ -9,6 +9,8 @@
 ## 历史版本归档
 
 - [发布检查清单](../release-checklist.md)
+- [v3.6.47 发布说明](./v3.6.47.md)
+- [v3.6.46 发布说明](./v3.6.46.md)
 - [v3.6.45 发布说明](./v3.6.45.md)
 - [v3.6.44 发布说明](./v3.6.44.md)
 - [v3.6.43 发布说明](./v3.6.43.md)

package/docs/zh/releases/v3.6.46.md

@@ -0,0 +1,23 @@
+# v3.6.46 发布说明
+
+发布日期：2026-03-13
+
+## 重点变化
+
+- 修复 npm 包发布内容，重新把根目录 `scripts/` 一并纳入 tarball，避免安装后的 `sce` 因缺少运行时脚本而崩溃。
+- 新增 `npm run gate:npm-runtime-assets`，基于 `npm pack --json --dry-run` 检查所有运行时 `scripts/*.js` 是否都会进入发布包，缺失时直接阻断发布。
+- 加固了该门禁在 Windows 下的执行路径，避免 `npm pack` 命令解析和大体积输出导致误判。
+
+## 验证
+
+- `npx jest tests/unit/scripts/npm-package-runtime-asset-check.test.js --runInBand`
+- `node scripts/npm-package-runtime-asset-check.js --json`
+- `npm pack --json --dry-run`
+- 将打出的 `scene-capability-engine-3.6.46.tgz` 安装到全新临时工程后验证：
+  - `node node_modules/scene-capability-engine/bin/scene-capability-engine.js --version`
+  - `node node_modules/scene-capability-engine/bin/scene-capability-engine.js workspace delivery-audit --json`
+
+## 发布说明
+
+- 这次补丁修复的是 `3.6.44` 与 `3.6.45` 中已经暴露的 npm 运行时缺件问题。表面报错是 `scripts/git-managed-gate.js` 缺失，但根因是整个根级 `scripts/` 运行时面没有被发布进去。
+- 对已经安装的 `3.6.44` 或 `3.6.45`，最小应急补丁是补回安装目录中的 `scripts/git-managed-gate.js`；`3.6.46` 才是完整的正式修复版本。

package/docs/zh/releases/v3.6.47.md

@@ -0,0 +1,23 @@
+# v3.6.47 发布说明
+
+发布日期：2026-03-14
+
+## 重点变化
+
+- 将 clarification-first 提升为 SCE 全局基线：业务场景、模块、页面、实体或约束不清楚时，必须先澄清范围，禁止把“不理解业务”直接落成一刀切禁用。
+- 扩展 takeover baseline 对齐能力：已接管和升级项目现在会自动补齐缺失的核心原则、自动落 `.sce/config/errorbook-registry.json`，并把项目内自定义复盘册/问题账本类机制盘点后统一收敛到 `.sce/errorbook`。
+- 新增三条全局 steering 基线：禁止盲改问题、禁止未经评估随意增删 steering 条目、以及问题修复时前后端接口不一致默认以后端现有契约为准。
+
+## 验证
+
+- `npx jest tests/unit/workspace/takeover-baseline.test.js --runInBand`
+- `npx jest tests/integration/adopt-upgrade-clarification-first.integration.test.js --runInBand`
+- `npx jest tests/integration/takeover-baseline-cli.integration.test.js --runInBand`
+- `npm run audit:steering`
+- `npm run gate:errorbook-registry-health`
+- `npm run prepublishOnly`
+
+## 发布说明
+
+- 这个补丁版把最近一轮 SCE 治理收敛中的关键规则正式固化为了可执行基线，不再依赖操作者“记得遵守”。
+- 之后无论是 startup auto-takeover、`sce adopt` 还是 `sce upgrade`，都会自动把这些规则补齐到项目里，避免新老接入项目在治理要求上继续分叉。