npm - soloforge - Versions diffs - 1.3.1 → 1.3.2 - Mend

soloforge 1.3.1 → 1.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (118) hide show

package/dist/engine/release_readiness_gate.js CHANGED Viewed

@@ -20,9 +20,10 @@
  * 12. 中文注释检查
  * 13. 第五批一致性校验
  * 14. 依赖漏洞扫描
- * 15. Batch6 架构决策与设计产物真实消费
+ * 15. 发布问题架构决策与设计产物真实消费
  */
 import fs from "node:fs";
+import os from "node:os";
 import path from "node:path";
 // ── 辅助函数 ──
 function safeRead(filePath) {
@@ -1135,7 +1136,7 @@ async function checkBatchIssueFormatConsistency(rootDir, hardFail, _info) {
         hardFail("BATCH_ISSUE_FORMAT_INCONSISTENT", "loadBatchIssueDetails 导出未找到", ["scripts/batch_issue_details.mjs"], "构建系统", "共享解析脚本导出不正确", "修复脚本");
         return;
     }
-    const expectedCounts = { 1: 19, 2: 12, 3: 9, 4: 13, 5: 6, 6: 2 };
+    const expectedCounts = { 1: 19, 2: 12, 3: 9, 4: 13, 5: 6, 6: 4 };
     const requiredPerProblemSections = [
         "问题背景", "用户反馈 / 触发场景", "根因分析", "解决方案", "方案细节",
         "硬规则", "非目标", "影响范围", "落地文件", "验收标准", "回归风险",
@@ -1342,33 +1343,28 @@ async function checkKnowledgeAssetSchema(rootDir, hardFail, _info) {
 }
 // ── Phase 11: engine console.log 检查 ──
 function checkEngineConsoleLog(rootDir, hardFail) {
-    const targets = ["src/engine/", "src/index.ts"];
-    for (const target of targets) {
-        const fullTarget = path.join(rootDir, target);
-        if (!fs.existsSync(fullTarget))
-            continue;
-        const isDir = fs.statSync(fullTarget).isDirectory();
-        const files = isDir
-            ? findFilesRecursive(fullTarget, ".ts")
-            : [fullTarget];
-        for (const file of files) {
-            const content = fs.readFileSync(file, "utf-8");
-            const lines = content.split("\n");
-            for (let i = 0; i < lines.length; i++) {
-                const line = lines[i];
-                if (/^\s*\/\//.test(line))
-                    continue;
-                if (/^\s*\*|^\s*\/\*/.test(line))
-                    continue;
-                if (/"console\.log"|`console\.log`|'console\.log'|console\\.log/.test(line))
-                    continue;
-                // 日志模块内部 stdout 封装允许 console.log
-                if (/logger\.ts$/.test(file) && /^\s*console\.log\(/.test(line))
-                    continue;
-                if (/console\.log\s*\(/.test(line)) {
-                    const rel = path.relative(rootDir, file);
-                    hardFail("ENGINE_CONSOLE_LOG", `${rel}:${i + 1} 使用 console.log（应使用 logger 或 console.error 写 stderr）`, [rel], "发布门禁 console 检查", "旧 gate 不检查 engine console.log", "替换为 logger 模块调用");
-                }
+    // 扫描全 src/ 目录（不仅 engine）
+    const srcDir = path.join(rootDir, "src");
+    if (!fs.existsSync(srcDir))
+        return;
+    const files = findFilesRecursive(srcDir, ".ts");
+    for (const file of files) {
+        const content = fs.readFileSync(file, "utf-8");
+        const lines = content.split("\n");
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            if (/^\s*\/\//.test(line))
+                continue;
+            if (/^\s*\*|^\s*\/\*/.test(line))
+                continue;
+            if (/"console\.log"|`console\.log`|'console\.log'|console\\.log/.test(line))
+                continue;
+            // 日志模块内部 stdout 封装允许 console.log
+            if (/logger\.ts$/.test(file) && /^\s*console\.log\(/.test(line))
+                continue;
+            if (/console\.log\s*\(/.test(line)) {
+                const rel = path.relative(rootDir, file);
+                hardFail("ENGINE_CONSOLE_LOG", `${rel}:${i + 1} 使用 console.log（应使用 logger 或 console.error 写 stderr）`, [rel], "发布门禁 console 检查", "旧 gate 不检查 src/ 全目录 console.log", "替换为 logger 模块调用");
             }
         }
     }
@@ -1512,44 +1508,576 @@ function checkDependencyAudit(rootDir, hardFail, _info) {
         hardFail("DEPENDENCY_AUDIT", "漏洞扫描报告格式无效", ["package.json"], "依赖健康", "旧 gate 不验证报告格式", "删除 .soloforge/advisory-report.json 并重新运行 npm run audit-deps");
     }
 }
-// ── 15. Batch6 架构决策与设计产物真实消费 ──
-async function checkBatch6DesignPath(rootDir, hardFail, _info) {
+// ── 15. 发布问题全局合同 ──
+async function checkReleaseIssueDesignPath(rootDir, hardFail, _info) {
     const toolsText = safeRead(path.join(rootDir, "src", "adapters", "claude_code", "tools.ts")) ?? "";
     const cliText = safeRead(path.join(rootDir, "src", "bin", "soloforge.ts")) ?? "";
     const workflowText = safeRead(path.join(rootDir, "src", "adapters", "shared", "workflow_template.ts")) ?? "";
+    // ══ 前置检查: roadmap 状态与发布文档一致性 ══
+    const roadmapText = safeRead(path.join(rootDir, "src", "engine", "implementation_roadmap_registry.ts")) ?? "";
+    const gateDocText = safeRead(path.join(rootDir, "docs", "正式发布门槛.md")) ?? "";
+    if (/status:\s*"in_repair"/.test(roadmapText)) {
+        hardFail("RELEASE_ISSUE_ROADMAP_IN_REPAIR", "发布问题仍有 in_repair 状态，不得通过发布门禁", ["src/engine/implementation_roadmap_registry.ts"], "release-issues", "roadmap 状态为 in_repair 时不能声称完成", "完成所有返修后改为 implemented_verified");
+    }
+    // 发布问题场景矩阵: 结构化场景注册表验证测试文件存在 + 执行证据
+    {
+        const { validateReleaseIssueScenarios, executeReleaseIssueScenarios } = await import("./release_issue_scenario_registry.js");
+        const scenarioResult = validateReleaseIssueScenarios(rootDir);
+        _info(`  发布问题场景: ${scenarioResult.scenario_count} 条，覆盖 ${scenarioResult.covered_problems.join(", ")}`);
+        if (scenarioResult.missing_runners.length > 0) {
+            hardFail("RELEASE_ISSUE_SCENARIO_NO_RUNNER", `发布问题场景缺少 runner: ${scenarioResult.missing_runners.join("; ")}`, ["src/engine/release_issue_scenario_registry.ts"], "release-issues", "所有场景必须有真实生产入口 runner", "为缺失场景添加 runner");
+        }
+        if (scenarioResult.missing_tests.length > 0) {
+            hardFail("RELEASE_ISSUE_SCENARIO_TESTS_MISSING", `发布问题场景引用的测试文件缺失: ${scenarioResult.missing_tests.join("; ")}`, scenarioResult.missing_tests.map(m => m.split(": ")[1] ?? "unknown"), "release-issues", "场景测试文件必须存在", "创建缺失的测试文件");
+        }
+        // 运行所有场景收集执行证据（全部必须有 runner）
+        const execResults = await executeReleaseIssueScenarios();
+        const failed = execResults.filter(r => r.status === "fail");
+        _info(`  发布问题场景执行: ${execResults.length} 条已执行，${failed.length} 条失败`);
+        if (failed.length > 0) {
+            hardFail("RELEASE_ISSUE_SCENARIO_EXECUTION_FAILED", `发布问题场景执行失败: ${failed.map(f => `${f.scenario_id}: ${f.error ?? "unknown"}`).join("; ")}`, ["src/engine/release_issue_scenario_registry.ts"], "release-issues", "所有场景执行必须通过", "修复失败场景的 runner 逻辑");
+        }
+        // R10: 所有场景必须有 production_trace 且 tool_entrypoint 引用真实工具
+        const noTrace = execResults.filter(r => !r.production_trace);
+        if (noTrace.length > 0) {
+            hardFail("RELEASE_ISSUE_SCENARIO_NO_PRODUCTION_TRACE", `场景缺少 production_trace: ${noTrace.map(r => r.scenario_id).join("; ")}`, ["src/engine/release_issue_scenario_registry.ts"], "release-issues", "所有场景必须有 production_trace 记录真实入口", "为缺失场景添加 production_trace");
+        }
+        // R12: production_trace 的 diagnostic_codes 必须非空（来自工具返回值或函数调用结果）
+        const noDiagCodes = execResults.filter(r => r.production_trace && (!r.production_trace.diagnostic_codes || r.production_trace.diagnostic_codes.length === 0));
+        if (noDiagCodes.length > 0) {
+            hardFail("RELEASE_ISSUE_SCENARIO_NO_PRODUCTION_TRACE", `场景 production_trace 缺少 diagnostic_codes: ${noDiagCodes.map(r => r.scenario_id).join("; ")}`, ["src/engine/release_issue_scenario_registry.ts"], "release-issues", "所有 production_trace 必须包含来自工具/函数返回值的 diagnostic_codes", "为场景添加真实 diagnostic_codes");
+        }
+        // R10: 每个 problem 必须至少有一个场景通过真实 MCP 工具入口执行
+        const realToolNames = ["sf_classify", "sf_expand", "sf_verify", "sf_deliver", "sf_learn", "sf_accept", "sf_record_verification_execution", "sf_scaffold"];
+        // 用 scenario_id 前缀识别 problem 归属
+        const problemPrefixes = {
+            "problem-61": ["release-scenario-architecture-workshop-", "release-scenario-decision-workshop-"],
+            "problem-62": ["release-scenario-design-pack-"],
+            "problem-63": ["release-scenario-template-contract-"],
+            "problem-64": ["release-scenario-template-visibility-"],
+        };
+        for (const [problem, prefixes] of Object.entries(problemPrefixes)) {
+            const problemScenarios = execResults.filter(r => prefixes.some(p => r.scenario_id.startsWith(p)));
+            const withRealTools = problemScenarios.filter(r => r.production_trace && realToolNames.some(t => r.production_trace.tool_entrypoint.includes(t)));
+            if (withRealTools.length === 0 && problemScenarios.length > 0) {
+                hardFail("RELEASE_ISSUE_SCENARIO_NO_PRODUCTION_TRACE", `${problem} 无场景通过真实 MCP 工具入口执行`, ["src/engine/release_issue_scenario_registry.ts"], "release-issues", `R10 ${problem} 必须有通过 sf_classify/sf_expand 等真实 MCP 工具执行的场景`, "用 createToolHarness + callTool 重写 runner");
+            }
+        }
+        // R13: problem-61 必须证明 awaiting_confirmation 阻断 + 确认放行双向
+        {
+            const p61 = execResults.filter(r => r.scenario_id.startsWith("release-scenario-decision-workshop-"));
+            // 阻断证据: evidence 包含 "awaiting" 或 diagnostic_codes 包含决策研讨阻断码
+            const hasAwaiting = p61.some(r => r.evidence?.includes("awaiting") ||
+                r.production_trace?.diagnostic_codes?.some(c => c.includes("决策研讨") || c.includes("awaiting_confirmation")));
+            // 放行证据: 至少一个 decision_workshop 场景通过两次 sf_expand（tool_entrypoint 含两个 sf_expand）
+            const hasConfirmedPass = p61.some(r => r.status === "pass" && r.production_trace?.tool_entrypoint &&
+                (r.production_trace.tool_entrypoint.match(/sf_expand/g) ?? []).length >= 2);
+            if (!hasAwaiting || !hasConfirmedPass) {
+                hardFail("RELEASE_ISSUE_SCENARIO_NO_PRODUCTION_TRACE", `problem-61 缺少 awaiting_confirmation 阻断+放行双向证据 (awaiting=${hasAwaiting}, confirmed=${hasConfirmedPass})`, ["src/engine/release_issue_scenario_registry.ts"], "release-issues", "problem-61 必须有场景证明 decision_workshop 阻断后确认放行", "确保 data-migration/security-policy 等场景含 awaiting 阻断和确认放行双向证据");
+            }
+        }
+        // problem-63 必须在同一正式产物任务上证明阻断、清零、接受与交付，不能由描述文字自证。
+        {
+            const p63 = execResults.filter(r => r.scenario_id.startsWith("release-scenario-template-contract-"));
+            const lifecycleProof = p63.find(r => r.scenario_id === "release-scenario-template-contract-repair-directive")?.behavioral_proof;
+            const sameTask = lifecycleProof?.task_id
+                && lifecycleProof.blocked_task_id === lifecycleProof.task_id
+                && lifecycleProof.delivered_task_id === lifecycleProof.task_id;
+            const completed = lifecycleProof?.contract_blocked === true
+                && lifecycleProof?.repair_directive_cleared === true
+                && lifecycleProof?.artifact_status === "accepted"
+                && !!lifecycleProof?.acceptance_confirmation_ref
+                && lifecycleProof?.delivery_succeeded === true;
+            if (!sameTask || !completed) {
+                hardFail("RELEASE_ISSUE_SCENARIO_NO_PRODUCTION_TRACE", `problem-63 缺少同任务正式产物生命周期证据 (same_task=${!!sameTask}, completed=${completed})`, ["src/engine/release_issue_scenario_registry.ts"], "release-issues", "problem-63 必须从同一 task 的 artifact_output 证明阻断、重验、显式接受和成功交付", "修复 repair-directive 场景的 behavioral_proof 与真实工具链");
+            }
+        }
+    }
+    // R10: index_only 泄漏行为门禁 — 通过真实 sf_expand 验证 index_only 不进入 prompt
+    {
+        const { createToolHarness } = await import("./release_tool_harness.js");
+        const { clearInjectionContractCache } = await import("./knowledge_injection_boundary.js");
+        clearInjectionContractCache();
+        try {
+            const harness = await createToolHarness({ copyKnowledge: true });
+            try {
+                const all = harness.knowledgeIndex.getAllEntries();
+                // 找到 index_only 条目
+                const { buildTemplateAssetContracts } = await import("./template_asset_contract_registry.js");
+                const contracts = buildTemplateAssetContracts(rootDir);
+                const indexOnlyIds = new Set(contracts.filter(c => c.runtime_visibility === "index_only").map(c => c.asset_id));
+                // R12: 前置条件缺失 = hardFail，不得静默跳过
+                if (all.project.length === 0) {
+                    hardFail("RELEASE_ISSUE_INDEX_ONLY_PROMPT_LEAK", "copyKnowledge 后无项目资产被索引，前置条件不满足", ["src/engine/knowledge_injection_boundary.ts"], "release-issues", "index_only 行为检查必须有同步+索引的资产", "检查 copyKnowledgeToProject 和 KIM build");
+                }
+                if (indexOnlyIds.size === 0) {
+                    hardFail("RELEASE_ISSUE_INDEX_ONLY_PROMPT_LEAK", "模板合同中无 index_only 资产，前置条件不满足", ["src/engine/template_asset_contract_registry.ts"], "release-issues", "index_only 行为检查必须存在 index_only 合同", "检查 buildTemplateAssetContracts 是否注册了 index_only 资产");
+                }
+                const clsRaw = await harness.callTool("sf_classify", { intent: "添加用户管理功能" });
+                const cls = harness.parseResult(clsRaw);
+                if (!cls.task_id) {
+                    hardFail("RELEASE_ISSUE_INDEX_ONLY_PROMPT_LEAK", "sf_classify 未返回 task_id，前置条件不满足", ["src/engine/classifier.ts"], "release-issues", "index_only 行为检查必须 sf_classify 返回有效 task_id", "检查分类器是否正常返回");
+                }
+                const expRaw = await harness.callTool("sf_expand", { task_id: cls.task_id });
+                const exp = harness.parseResult(expRaw);
+                // index_only 资产不得进入 matched_knowledge
+                const leaked = (exp.matched_knowledge ?? []).filter((k) => indexOnlyIds.has(k.id));
+                if (leaked.length > 0) {
+                    hardFail("RELEASE_ISSUE_INDEX_ONLY_PROMPT_LEAK", `index_only 资产泄漏到 expand 结果: ${leaked.map((k) => k.id).join(", ")}`, ["src/engine/knowledge_injection_boundary.ts"], "release-issues", "index_only 资产不得进入 matched_knowledge 或 prompt", "修复注入边界逻辑");
+                }
+                // prompt 中也不得包含 index_only 资产内容
+                const promptStr = exp.prompt ?? "";
+                const leakedInPrompt = all.project.filter((e) => {
+                    const contract = contracts.find(c => c.asset_id === e.id || c.path.endsWith(e.name + ".md"));
+                    return contract?.runtime_visibility === "index_only" && e.body && promptStr.includes(e.body.slice(0, 50));
+                });
+                if (leakedInPrompt.length > 0) {
+                    hardFail("RELEASE_ISSUE_INDEX_ONLY_PROMPT_LEAK", `index_only 资产内容泄漏到 prompt: ${leakedInPrompt.map((e) => e.id).join(", ")}`, ["src/engine/knowledge_injection_boundary.ts"], "release-issues", "index_only 资产内容不得出现在 prompt 中", "修复注入边界逻辑");
+                }
+            }
+            finally {
+                harness.cleanup();
+            }
+        }
+        catch (err) {
+            // R11: fail-closed — 缺少前置条件或异常 = hard_fail
+            hardFail("RELEASE_ISSUE_INDEX_ONLY_PROMPT_LEAK", `index_only 行为检查失败: ${err.message}`, ["src/engine/knowledge_injection_boundary.ts"], "release-issues", "index_only 行为检查不得跳过", "修复 index_only 检查前置条件");
+        }
+    }
+    // R10: 权威来源 fail-closed 主动负向测试 — 已注册但文件缺失必须被阻断
+    {
+        const { getConsumptionTraces, clearConsumptionTraces } = await import("./consumption_trace_store.js");
+        // 先检查已有 traces
+        const traces = getConsumptionTraces();
+        const authorityLeaks = traces.filter((t) => t.matched_reason?.includes("权威来源文件缺失") && t.contract_decision === "allowed");
+        if (authorityLeaks.length > 0) {
+            hardFail("RELEASE_ISSUE_AUTHORITIVE_FAIL_OPEN", `权威来源缺失的资产被 allowed: ${authorityLeaks.map((t) => t.asset_id).join(", ")}`, ["src/knowledge/index_manager.ts"], "release-issues", "已注册资产权威来源缺失时必须 fail-closed", "检查 filterByContractGate 逻辑");
+        }
+        // 主动负向测试: 创建临时项目，manifest 指向不存在的权威文件
+        try {
+            const { copyKnowledgeToProject } = await import("./template_init_sync.js");
+            const { KnowledgeIndexManager } = await import("../knowledge/index_manager.js");
+            const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "soloforge-r10-auth-"));
+            try {
+                await copyKnowledgeToProject(rootDir, tmpDir);
+                const manifestPath = path.join(tmpDir, ".soloforge", "sync-manifest.json");
+                const manifest = JSON.parse(fs.readFileSync(manifestPath, "utf-8"));
+                const domainKey = Object.keys(manifest.entries).find(k => k.startsWith("domain/"));
+                // R12: 找不到 domain 条目 = hardFail，不得静默通过
+                if (!domainKey) {
+                    hardFail("RELEASE_ISSUE_AUTHORITIVE_FAIL_OPEN", "sync-manifest 中无 domain/ 条目可做篡改测试，前置条件不满足", ["src/engine/template_init_sync.ts"], "release-issues", "权威 fail-closed 测试必须找到可篡改的 domain 合同", "检查 copyKnowledgeToProject 是否同步了 domain 资产");
+                }
+                manifest.entries[domainKey].source_contract_path = "templates/knowledge/domain/不存在的权威文件.md";
+                fs.writeFileSync(manifestPath, JSON.stringify(manifest, null, 2), "utf-8");
+                clearConsumptionTraces();
+                const kim = new KnowledgeIndexManager({
+                    tech_stack: { backend: { lang: "java", framework: "spring-boot" }, frontend: { lang: "typescript", framework: "react" } },
+                    _projectPath: tmpDir,
+                }, { watch: false });
+                await kim.build();
+                const domainEntries = kim.getAllEntries().project.filter((e) => e.file_path?.replace(/\\/g, "/").includes(domainKey));
+                await kim.close();
+                // 权威来源缺失 → 不得被索引
+                if (domainEntries.length > 0) {
+                    hardFail("RELEASE_ISSUE_AUTHORITIVE_FAIL_OPEN", `权威缺失的资产被索引: ${domainKey}`, ["src/knowledge/index_manager.ts"], "release-issues", "已注册资产权威来源缺失时必须 fail-closed", "检查 filterByContractGate 逻辑");
+                }
+            }
+            finally {
+                fs.rmSync(tmpDir, { recursive: true, force: true });
+            }
+        }
+        catch (err) {
+            // R11: fail-closed — 找不到篡改目标或执行异常 = hard_fail
+            hardFail("RELEASE_ISSUE_AUTHORITIVE_FAIL_OPEN", `权威 fail-closed 主动测试失败: ${err.message}`, ["src/knowledge/index_manager.ts"], "release-issues", "权威来源缺失测试不得跳过", "检查 filterByContractGate 和模板合同配置");
+        }
+    }
+    // 工作流硬规则正文单真源检查
+    {
+        const { WORKFLOW_TEMPLATE_HARD_RULES } = await import("./asset_manifest.js");
+        const { generateWorkflowRules } = await import("../adapters/shared/workflow_template.js");
+        const emptyRules = WORKFLOW_TEMPLATE_HARD_RULES.filter(r => r.enforcement_status === "enforced" && (!r.user_instruction || r.user_instruction.trim() === ""));
+        if (emptyRules.length > 0) {
+            hardFail("WORKFLOW_RULE_EMPTY_INSTRUCTION", `enforced 规则 user_instruction 为空: ${emptyRules.map(r => r.rule_id).join(", ")}`, ["src/engine/asset_manifest.ts"], "release-issues", "enforced 规则必须有非空 user_instruction", "为空规则补充用户可见指令文本");
+        }
+        const output = generateWorkflowRules({});
+        for (const rule of WORKFLOW_TEMPLATE_HARD_RULES) {
+            if (rule.user_instruction) {
+                const lines = rule.user_instruction.split("\n").filter(l => l.trim());
+                for (const line of lines) {
+                    if (!output.includes(line)) {
+                        hardFail("WORKFLOW_RULE_TEXT_MISSING_IN_OUTPUT", `规则 ${rule.rule_id} 正文未出现在生成输出: ${line}`, ["src/engine/asset_manifest.ts", "src/adapters/shared/workflow_template.ts"], "release-issues", "每条规则正文必须出现在 generateWorkflowRules 输出", "检查 WORKFLOW_STEPS 中是否遗漏该规则");
+                    }
+                }
+            }
+            if (!output.includes(`id=${rule.rule_id}`)) {
+                hardFail("WORKFLOW_RULE_MARKER_MISSING", `规则 ${rule.rule_id} marker 未出现在生成输出`, ["src/adapters/shared/workflow_template.ts"], "release-issues", "每条规则 marker 必须出现在 generateWorkflowRules 输出", "将规则添加到 WORKFLOW_STEPS");
+            }
+        }
+    }
+    if (/发布问题.*100%|100%.*发布问题/.test(gateDocText)) {
+        hardFail("RELEASE_ISSUE_DOC_PREMATURE_100", "发布门槛文档提前声称发布问题 100% 完成", ["docs/正式发布门槛.md"], "release-issues", "文档不得在返修未完成前声称 100%", "完成所有返修后更新文档");
+    }
+    // ══ 问题六十一: 通用决策研讨机制 ══
+    // TaskContext 必须有强类型通用决策研讨字段
+    const typesText = safeRead(path.join(rootDir, "src", "types.ts")) ?? "";
+    if (!typesText.includes("decision_workshop?: import")) {
+        hardFail("RELEASE_ISSUE_TASKCONTEXT_WEAK_TYPE", "TaskContext 缺少强类型 decision_workshop 字段", ["src/types.ts"], "problem-61", "使用 (ctx as any).decision_workshop 是弱类型", "在 TaskContext 添加 decision_workshop 强类型字段");
+    }
+    // tools.ts 不得使用 (ctx as any).decision_workshop
+    if (toolsText.includes("(ctx as any).decision_workshop")) {
+        hardFail("RELEASE_ISSUE_TOOLS_ANY_CAST", "tools.ts 仍使用 (ctx as any).decision_workshop 弱类型", ["src/adapters/claude_code/tools.ts"], "problem-61", "必须使用 TaskContext 强类型字段", "将 (ctx as any).decision_workshop 改为 ctx.decision_workshop");
+    }
+    // ExpandSchema 必须支持 decision_workshop 输入
+    if (!toolsText.includes("decision_workshop: z.unknown()")) {
+        hardFail("RELEASE_ISSUE_EXPAND_NO_WORKSHOP_INPUT", "ExpandSchema 不支持通用 decision_workshop 输入", ["src/adapters/claude_code/tools.ts"], "problem-61", "用户无法回传确认后的决策合同", "在 ExpandSchema 添加 decision_workshop 输入参数");
+    }
+    // 架构决策研讨子包必须接入 sf_expand
     if (!toolsText.includes("checkArchitectureDecisionWorkshopGate({") ||
         !toolsText.includes("projectContext: detectedArchitectureContext")) {
-        hardFail("BATCH6_MAINLINE_MISSING", "问题六十一未接入 sf_expand 架构研讨阻断路径", ["src/adapters/claude_code/tools.ts"], "problem-61", "仅有合同或模板不能证明主链路消费", "在 sf_expand 真实路由调用架构研讨门");
+        hardFail("RELEASE_ISSUE_MAINLINE_MISSING", "问题六十一架构研讨子包未接入 sf_expand", ["src/adapters/claude_code/tools.ts"], "problem-61", "仅有合同或模板不能证明主链路消费", "在 sf_expand 真实路由调用架构研讨门");
+    }
+    // 通用决策研讨必须接入 sf_expand（可组合决策包）
+    if (!toolsText.includes("lazyDecisionWorkshop") || !toolsText.includes("matchDecisionPacks") || !toolsText.includes("nonArchPacks")) {
+        hardFail("RELEASE_ISSUE_DECISION_WORKSHOP_MISSING", "问题六十一通用决策研讨未接入 sf_expand 可组合决策包", ["src/adapters/claude_code/tools.ts"], "problem-61", "非架构高影响任务也必须门禁，且必须支持组合多个决策包", "在 sf_expand 接入 matchDecisionPacks 门禁");
+    }
+    // DecisionPackRegistry 必须有 business_process 和 delivery_validation 独立包
+    {
+        const dwText = safeRead(path.join(rootDir, "src", "engine", "decision_workshop.ts")) ?? "";
+        if (!dwText.includes("business_process") || !dwText.includes("delivery_validation")) {
+            hardFail("RELEASE_ISSUE_DECISION_PACK_MISSING", "问题六十一 DecisionPackRegistry 缺少 business_process 或 delivery_validation 独立包", ["src/engine/decision_workshop.ts"], "problem-61", "业务流程和交付验证必须可独立触发", "在 DECISION_PACKS 添加 business_process 和 delivery_validation");
+        }
+    }
+    try {
+        const dw = await import(path.join(rootDir, "dist", "engine", "decision_workshop.js"));
+        // must-fail: 未确认的技术选型必须阻断
+        const techContract = dw.createDecisionWorkshop("gate-test", "technology_selection");
+        const techGate = dw.evaluateDecisionWorkshop(techContract);
+        if (techGate.allowed) {
+            hardFail("RELEASE_ISSUE_DECISION_FALSE_PASS", "问题六十一未确认技术选型草稿错误放行", ["src/engine/decision_workshop.ts"], "problem-61", "技术选型未确认应阻断", "修复 evaluateDecisionWorkshop");
+        }
+        // must-fail: 低风险任务不需要研讨
+        const lowRisk = dw.requiresDecisionWorkshop({ intent: "修复按钮颜色" });
+        if (lowRisk.required) {
+            hardFail("RELEASE_ISSUE_DECISION_LOW_RISK_BLOCKED", "问题六十一低风险任务错误触发决策研讨", ["src/engine/decision_workshop.ts"], "problem-61", "低风险任务不应触发研讨", "修复 requiresDecisionWorkshop 触发条件");
+        }
+        // must-pass: 确认的技术选型放行
+        const confirmed = dw.createDecisionWorkshop("gate-test-2", "technology_selection");
+        confirmed.extended_domains.technology_selection.status = "confirmed";
+        confirmed.extended_domains.technology_selection.user_confirmation_ref = "user-ok";
+        if (!dw.evaluateDecisionWorkshop(confirmed).allowed) {
+            hardFail("RELEASE_ISSUE_DECISION_CONFIRMED_BLOCKED", "问题六十一已确认决策仍被阻断", ["src/engine/decision_workshop.ts"], "problem-61", "已确认决策应放行", "修复 evaluateDecisionWorkshop 确认检查");
+        }
     }
+    catch (error) {
+        hardFail("RELEASE_ISSUE_DECISION_LOAD_FAILED", `无法执行问题六十一行为复验: ${error?.message ?? error}`, ["src/engine/decision_workshop.ts"], "problem-61", "模块不可执行", "修复构建或导出");
+    }
+    // ══ 问题六十二: 标准资产覆盖机制 ══
     if (!toolsText.includes("verifyDesignArtifactPack(projectPath, designPack)") ||
         !toolsText.includes("ctx.design_artifact_pack.status !== \"implementation_ready\"") ||
         !toolsText.includes("checkDesignArtifactWriteGate({ ctx, toolName: name, sideEffects: effectiveSideEffects })")) {
-        hardFail("BATCH6_MAINLINE_MISSING", "问题六十二未同时接入真实 sf_verify、实现写入与 sf_deliver 就绪阻断", ["src/adapters/claude_code/tools.ts"], "problem-62", "仅有文档校验函数不能阻断用户编码/交付", "在验证、写入与交付路径消费设计产物包状态");
+        hardFail("RELEASE_ISSUE_MAINLINE_MISSING", "问题六十二设计产物包子机制未接入真实消费路径", ["src/adapters/claude_code/tools.ts"], "problem-62", "仅有文档校验函数不能阻断用户编码/交付", "在验证、写入与交付路径消费设计产物包状态");
     }
     if (!cliText.includes("cmdAuditDesignArtifacts") ||
         !cliText.includes("cmdUpgradeDesignArtifacts") ||
         !cliText.includes("currentTask?.design_artifact_pack")) {
-        hardFail("BATCH6_USER_CLI_MISSING", "问题六十二缺少用户 CLI 审计/升级或 Claude Code 写入 hook 阻断路径", ["src/bin/soloforge.ts"], "problem-62", "MCP 内部调用不能覆盖用户现有文档升级与直接 Edit/Write 路径", "接入 audit/upgrade CLI 与 check-write 设计产物门");
+        hardFail("RELEASE_ISSUE_USER_CLI_MISSING", "问题六十二缺少用户 CLI 审计/升级或 Claude Code 写入 hook 阻断路径", ["src/bin/soloforge.ts"], "problem-62", "MCP 内部调用不能覆盖用户现有文档升级与直接 Edit/Write 路径", "接入 audit/upgrade CLI 与 check-write 设计产物门");
     }
-    if (!workflowText.includes("wf-architecture-workshop-first") || !workflowText.includes("wf-design-artifact-pack")) {
-        hardFail("BATCH6_USER_INJECTION_MISSING", "用户项目工作流模板未注入 Batch6 薄硬协议", ["src/adapters/shared/workflow_template.ts"], "problem-61/problem-62", "运行时有门但用户不可预期会造成体验断裂", "向 workflow template 注入硬规则");
+    // 标准资产覆盖机制必须使用真实注册表审计
+    try {
+        const cov = await import(path.join(rootDir, "dist", "engine", "standard_asset_coverage.js"));
+        const car = await import(path.join(rootDir, "dist", "engine", "consumable_asset_registry.js"));
+        const manifest = await import(path.join(rootDir, "dist", "engine", "asset_manifest.js"));
+        // 从真实注册表构建消费证据
+        const registeredAssets = car.listBuiltinConsumableAssets();
+        const consumablePaths = new Set(registeredAssets.map((a) => a.path));
+        const ownerMap = new Map(registeredAssets.map((a) => [a.path, a.owner_mechanism_id ?? ""]));
+        const manifestEntries = manifest.ASSET_MANIFEST;
+        const consumerMap = new Map(manifestEntries.map((e) => [e.path, []]));
+        const visibilityMap = new Map(manifestEntries.map((e) => [e.path, e.consumption_mode ?? "unknown"]));
+        const report = cov.auditStandardAssetCoverage(rootDir, consumablePaths, ownerMap, consumerMap, visibilityMap);
+        // 必须能审计并返回结构化报告
+        if (typeof report.total_assets !== "number" || typeof report.covered_assets !== "number") {
+            hardFail("RELEASE_ISSUE_COVERAGE_REPORT_INVALID", "问题六十二覆盖审计报告结构不完整", ["src/engine/standard_asset_coverage.ts"], "problem-62", "审计报告缺少必须字段", "修复 auditStandardAssetCoverage 返回结构");
+        }
+        // 不得传空 Set/空 Map 通过覆盖检查 — 必须使用真实数据
+        if (report.total_assets > 0 && report.covered_assets === report.total_assets && consumablePaths.size === 0) {
+            hardFail("RELEASE_ISSUE_COVERAGE_EMPTY_REGISTRY_PASS", "问题六十二空注册表不应全部覆盖", ["src/engine/standard_asset_coverage.ts"], "problem-62", "空注册表时所有资产必须 uncovered", "修复覆盖检查使用真实注册表");
+        }
+    }
+    catch (error) {
+        hardFail("RELEASE_ISSUE_COVERAGE_LOAD_FAILED", `无法执行问题六十二覆盖审计行为复验: ${error?.message ?? error}`, ["src/engine/standard_asset_coverage.ts"], "problem-62", "模块不可执行", "修复构建或导出");
     }
     try {
         const workshop = await import(path.join(rootDir, "dist", "engine", "architecture_decision_workshop.js"));
         const designPack = await import(path.join(rootDir, "dist", "engine", "design_artifact_pack.js"));
-        const draft = workshop.createArchitectureDecisionWorkshop("release-batch6", "new_system");
+        const draft = workshop.createArchitectureDecisionWorkshop("release-issue", "new_system");
         if (workshop.evaluateArchitectureDecisionWorkshop(draft).allowed) {
-            hardFail("BATCH6_BEHAVIOR_FALSE_PASS", "问题六十一未确认六域的草稿错误放行", ["src/engine/architecture_decision_workshop.ts"], "problem-61", "必须有负向行为证据", "修复研讨生成门");
+            hardFail("RELEASE_ISSUE_BEHAVIOR_FALSE_PASS", "问题六十一未确认六域的草稿错误放行", ["src/engine/architecture_decision_workshop.ts"], "problem-61", "必须有负向行为证据", "修复研讨生成门");
         }
-        const missingPackResult = designPack.verifyDesignArtifactPack(rootDir, designPack.createDesignArtifactPack("release-batch6"));
+        const missingPackResult = designPack.verifyDesignArtifactPack(rootDir, designPack.createDesignArtifactPack("release-issue"));
         if (missingPackResult.passed) {
-            hardFail("BATCH6_BEHAVIOR_FALSE_PASS", "问题六十二缺少用户项目设计产物时错误放行", ["src/engine/design_artifact_pack.ts"], "problem-62", "必须读取真实资产并阻断缺失", "修复设计产物复验门");
+            hardFail("RELEASE_ISSUE_BEHAVIOR_FALSE_PASS", "问题六十二缺少用户项目设计产物时错误放行", ["src/engine/design_artifact_pack.ts"], "problem-62", "必须读取真实资产并阻断缺失", "修复设计产物复验门");
         }
     }
     catch (error) {
-        hardFail("BATCH6_MODULE_LOAD_FAILED", `无法执行 Batch6 行为复验: ${error?.message ?? error}`, ["src/engine/architecture_decision_workshop.ts", "src/engine/design_artifact_pack.ts"], "Batch6", "模块不可执行", "修复构建或导出");
+        hardFail("RELEASE_ISSUE_MODULE_LOAD_FAILED", `无法执行 发布问题行为复验: ${error?.message ?? error}`, ["src/engine/architecture_decision_workshop.ts", "src/engine/design_artifact_pack.ts"], "发布问题", "模块不可执行", "修复构建或导出");
+    }
+    if (!workflowText.includes("wf-architecture-workshop-first") || !workflowText.includes("wf-design-artifact-pack")) {
+        hardFail("RELEASE_ISSUE_USER_INJECTION_MISSING", "用户项目工作流模板未注入 发布问题硬协议", ["src/adapters/shared/workflow_template.ts"], "problem-61/problem-62", "运行时有门但用户不可预期会造成体验断裂", "向 workflow template 注入硬规则");
+    }
+    // workflow_template @sf-hard-rule 机制 ID 必须能解析到权威机制注册条目且资产文件存在
+    try {
+        const { validateWorkflowRuleSources } = await import("../adapters/shared/workflow_template.js");
+        const wfValidation = validateWorkflowRuleSources(rootDir);
+        if (!wfValidation.valid) {
+            if (wfValidation.missing_mechanisms.length > 0) {
+                hardFail("RELEASE_ISSUE_WF_RULE_MISSING_MECHANISM", `工作流模板引用了未注册的机制: ${wfValidation.missing_mechanisms.join(", ")}`, ["src/adapters/shared/workflow_template.ts"], "发布问题", "硬编码规则与权威机制注册表漂移", "在 dual_layer_mechanism_registry 中注册缺失机制或修正 workflow_template 引用");
+            }
+            if (wfValidation.missing_assets.length > 0) {
+                hardFail("RELEASE_ISSUE_WF_RULE_MISSING_ASSET", `工作流模板规则的权威资产文件缺失: ${wfValidation.missing_assets.join(", ")}`, ["src/adapters/shared/workflow_template.ts"], "发布问题", "权威规则资产文件不存在", "恢复缺失的模板文件或修正注册表路径");
+            }
+            if (wfValidation.checksum_mismatch) {
+                hardFail("RELEASE_ISSUE_WF_RULE_CONTENT_DRIFT", `工作流模板权威规则内容校验和不匹配: 嵌入=${wfValidation.embedded_checksum}, 实际=${wfValidation.computed_checksum}`, ["src/adapters/shared/workflow_template.ts"], "发布问题", "权威规则资产内容已变化但工作流模板未同步", "运行 updateEmbeddedChecksum 或重新生成工作流模板");
+            }
+        }
+    }
+    catch (error) {
+        hardFail("RELEASE_ISSUE_WF_RULE_VALIDATION_FAILED", `工作流规则来源校验失败: ${error?.message ?? error}`, ["src/adapters/shared/workflow_template.ts"], "发布问题", "校验函数不可执行", "修复 validateWorkflowRuleSources 导出");
+    }
+    // ══ 问题六十三: 标准资产契约 ══
+    const sacText = safeRead(path.join(rootDir, "src", "engine", "standard_asset_contract.ts")) ?? "";
+    if (!sacText.includes("matchTemplateContract") || !sacText.includes("verifyOutputAgainstContract") || !sacText.includes("createRepairReverifyDirective")) {
+        hardFail("RELEASE_ISSUE_CONTRACT_MISSING", "问题六十三缺少模板契约匹配、产物验证或修复重验函数", ["src/engine/standard_asset_contract.ts"], "problem-63", "缺少核心函数不能实现契约验证", "实现 matchTemplateContract / verifyOutputAgainstContract / createRepairReverifyDirective");
+    }
+    // sf_verify 必须按文件逐一匹配契约（不得使用 changed_files[0] 的契约校验全部文件）
+    if (!toolsText.includes("lazyStandardAssetContract") || !toolsText.includes("SF-CONTRACT-0003") || !toolsText.includes("repair_reverify_directive")) {
+        hardFail("RELEASE_ISSUE_CONTRACT_MAINLINE_MISSING", "问题六十三未接入 sf_verify 模板契约验证和 sf_deliver 修复重验阻断", ["src/adapters/claude_code/tools.ts"], "problem-63", "仅有契约定义不能阻断交付", "在 sf_verify 消费模板契约验证、sf_deliver 消费修复重验阻断");
+    }
+    // 必须检查 per-file 匹配（不得 changed_files[0] 统一匹配）
+    if (toolsText.includes("file_path: args.changed_files?.[0]") && !toolsText.includes("file_path: changedFile")) {
+        hardFail("RELEASE_ISSUE_CONTRACT_SINGLE_FILE_MATCH", "问题六十三 sf_verify 仍使用 changed_files[0] 单一匹配", ["src/adapters/claude_code/tools.ts"], "problem-63", "一个契约不能校验所有文件", "改为按文件逐一匹配 matchTemplateContract");
+    }
+    // 草稿必须阻断（不得 continue 跳过）
+    if (toolsText.includes("SF-CONTRACT-DRAFT") === false) {
+        hardFail("RELEASE_ISSUE_CONTRACT_DRAFT_SKIP", "问题六十三草稿文件未阻断下游消费", ["src/adapters/claude_code/tools.ts"], "problem-63", "草稿不得静默跳过", "草稿必须写入 blocked 状态并阻断");
+    }
+    try {
+        const sac = await import(path.join(rootDir, "dist", "engine", "standard_asset_contract.js"));
+        if (sac.matchTemplateContract({ file_path: "docs/architecture/01-架构设计文档.md" }) === null) {
+            hardFail("RELEASE_ISSUE_CONTRACT_MATCH_FAILURE", "问题六十三模板匹配失败：架构设计文档路径应匹配模板契约", ["src/engine/standard_asset_contract.ts"], "problem-63", "精确路径应匹配 P0 模板", "修复 matchTemplateContract 路径匹配逻辑");
+        }
+    }
+    catch (error) {
+        hardFail("RELEASE_ISSUE_CONTRACT_LOAD_FAILED", `无法执行问题六十三行为复验: ${error?.message ?? error}`, ["src/engine/standard_asset_contract.ts"], "problem-63", "模块不可执行", "修复构建或导出");
+    }
+    // ══ 问题六十四: 模板资产可见性 ══
+    const visText = safeRead(path.join(rootDir, "src", "engine", "template_asset_visibility.ts")) ?? "";
+    if (!visText.includes("isInherentlyInternal") || !visText.includes("inferVisibilityFromPath") || !visText.includes("filterSyncAssets")) {
+        hardFail("RELEASE_ISSUE_VISIBILITY_MISSING", "问题六十四缺少内部资产识别、可见性推断或同步过滤函数", ["src/engine/template_asset_visibility.ts"], "problem-64", "缺少核心函数不能实现可见性门禁", "实现 isInherentlyInternal / inferVisibilityFromPath / filterSyncAssets");
+    }
+    const syncText = safeRead(path.join(rootDir, "src", "engine", "template_init_sync.ts")) ?? "";
+    if (!cliText.includes("getContractDecision") && !syncText.includes("getContractDecision")) {
+        hardFail("RELEASE_ISSUE_VISIBILITY_SYNC_MISSING", "问题六十四 copyKnowledgeTemplates 未接入可见性门禁", ["src/engine/template_init_sync.ts"], "problem-64", "init/sync 不加门禁会泄漏内部资产到用户项目", "在 template_init_sync 中消费可见性门禁");
+    }
+    // copyKnowledgeTemplates 不得使用 subDirs 硬编码列表
+    if (cliText.includes("const subDirs = [")) {
+        hardFail("RELEASE_ISSUE_VISIBILITY_SUBDIRS_HARDCODE", "问题六十四 copyKnowledgeTemplates 仍使用 subDirs 硬编码列表", ["src/bin/soloforge.ts"], "problem-64", "硬编码 subDirs 无法覆盖新增目录", "改为递归发现并统一走可见性门禁");
+    }
+    // scaffolder 不得使用 process.cwd() 作为内置路径 fallback
+    const scaffolderText = safeRead(path.join(rootDir, "src", "engine", "scaffolder.ts")) ?? "";
+    if (scaffolderText.includes("process.cwd()")) {
+        hardFail("RELEASE_ISSUE_SCAFFOLDER_CWD_FALLBACK", "问题六十四 scaffolder 仍使用 process.cwd() 作为内置路径", ["src/engine/scaffolder.ts"], "problem-64", "process.cwd() 在 npm 安装场景解析错误", "改为 import.meta.dirname 解析包内路径");
+    }
+    try {
+        const vis = await import(path.join(rootDir, "dist", "engine", "template_asset_visibility.js"));
+        // 内部资产必须被识别
+        if (!vis.isInherentlyInternal("templates/knowledge/rules/演进回归规则.md")) {
+            hardFail("RELEASE_ISSUE_VISIBILITY_INTERNAL_MISS", "问题六十四内部资产识别失败：演进回归规则应被识别为内部资产", ["src/engine/template_asset_visibility.ts"], "problem-64", "denylist 不生效", "修复 isInherentlyInternal 逻辑");
+        }
+        // 用户可见资产不应被识别为内部
+        if (vis.isInherentlyInternal("templates/knowledge/acceptance_templates/架构设计模版.md")) {
+            hardFail("RELEASE_ISSUE_VISIBILITY_USER_MISS", "问题六十四用户项目资产误判为内部资产", ["src/engine/template_asset_visibility.ts"], "problem-64", "用户可见资产不应被过滤", "修复 isInherentlyInternal 逻辑");
+        }
+    }
+    catch (error) {
+        hardFail("RELEASE_ISSUE_VISIBILITY_LOAD_FAILED", `无法执行问题六十四行为复验: ${error?.message ?? error}`, ["src/engine/template_asset_visibility.ts"], "problem-64", "模块不可执行", "修复构建或导出");
+    }
+    // ══ 发布问题返修新增门禁 ══
+    // 问题六十一: sf_expand 不得使用不存在的 args.intent
+    {
+        const expandFnMatch = toolsText.match(/\/\/ 问题六十一[\s\S]*?matchDecisionPacks\(\{[^}]*\}\)/);
+        if (expandFnMatch && expandFnMatch[0].includes("args.intent")) {
+            hardFail("RELEASE_ISSUE_DECISION_ARGS_INTENT", "问题六十一 sf_expand 使用不存在的 args.intent 调用 matchDecisionPacks", ["src/adapters/claude_code/tools.ts"], "problem-61", "ExpandSchema 无 intent 字段，args.intent 永远 undefined", "改用 ctx.intent / ctx.classification / ctx.route_decision");
+        }
+    }
+    // 问题六十二: standard_asset_coverage 不得以注册存在替代复验路径
+    {
+        const sacCovText = safeRead(path.join(rootDir, "src", "engine", "standard_asset_coverage.ts")) ?? "";
+        if (sacCovText.includes("hasRevalidation = isRegistered") || sacCovText.includes("has_revalidation_path: isRegistered")) {
+            hardFail("RELEASE_ISSUE_COVERAGE_FAKE_REVALIDATION", "问题六十二 hasRevalidation=isRegistered 将注册等同于复验路径", ["src/engine/standard_asset_coverage.ts"], "problem-62", "注册存在不等于有复验入口", "必须从真实消费链路验证复验路径");
+        }
+        // 覆盖审计不得从 ASSET_MANIFEST 创建空 consumerMap
+        if (cliText.includes("ASSET_MANIFEST") && cliText.includes("[] as string[]") && cliText.includes("consumerMap")) {
+            hardFail("RELEASE_ISSUE_COVERAGE_EMPTY_CONSUMER", "问题六十二 audit-template-visibility 从 ASSET_MANIFEST 创建空 consumerMap", ["src/bin/soloforge.ts"], "problem-62", "空 consumerMap 导致所有资产 missing_consumer=0 假通过", "从权威合同获取真实消费者");
+        }
+        // 覆盖报告中有 uncovered/missing_consumer 时必须 hard_fail
+        // 消费者证据从逐资产运行时观察结果获取，不从合同声明字段复制
+        try {
+            const cov = await import(path.join(rootDir, "dist", "engine", "standard_asset_coverage.js"));
+            const car = await import(path.join(rootDir, "dist", "engine", "consumable_asset_registry.js"));
+            const contractReg = await import(path.join(rootDir, "dist", "engine", "template_asset_contract_registry.js"));
+            const obsMod = await import(path.join(rootDir, "dist", "engine", "observed_consumption.js"));
+            const registeredAssets = car.listBuiltinConsumableAssets();
+            const contracts = contractReg.listTemplateAssetContracts();
+            const consumablePaths = new Set(registeredAssets.map((a) => a.path));
+            const ownerMap = new Map(contracts.map((c) => [c.path, c.owner_mechanism_id]));
+            // 运行真实 scenario 生成消费 trace，然后构建消费者映射
+            const obsReport = await obsMod.observeAllConsumption(rootDir);
+            const consumerMap = new Map();
+            for (const obs of obsReport.observations) {
+                const consumers = consumerMap.get(obs.asset_path) ?? [];
+                // entry_point 即为真实消费入口
+                if (obs.entry_point && !consumers.includes(obs.entry_point)) {
+                    consumers.push(obs.entry_point);
+                }
+                consumerMap.set(obs.asset_path, consumers);
+            }
+            // 补充复验入口标识（与消费者证据不同维度，复验入口是审计/验证角色标识）
+            for (const c of contracts) {
+                const consumers = consumerMap.get(c.path) ?? [];
+                if (c.validation_entrypoint && !consumers.includes(c.validation_entrypoint)) {
+                    consumers.push(c.validation_entrypoint);
+                }
+                consumerMap.set(c.path, consumers);
+            }
+            const visibilityMap = new Map(contracts.map((c) => [c.path, c.asset_visibility ?? "unknown"]));
+            const report = cov.auditStandardAssetCoverage(rootDir, consumablePaths, ownerMap, consumerMap, visibilityMap);
+            if (report.uncovered_assets > 0) {
+                hardFail("RELEASE_ISSUE_COVERAGE_UNCOVERED", `问题六十二覆盖审计发现 ${report.uncovered_assets} 个未覆盖资产`, ["src/engine/standard_asset_coverage.ts", "src/engine/template_asset_contract_registry.ts"], "problem-62", "未覆盖资产不得通过发布门禁", "为每个资产建立真实消费证据");
+            }
+            if (report.missing_consumer > 0) {
+                hardFail("RELEASE_ISSUE_COVERAGE_MISSING_CONSUMER", `问题六十二覆盖审计发现 ${report.missing_consumer} 个资产缺少主链路消费者`, ["src/engine/standard_asset_coverage.ts", "src/engine/template_asset_contract_registry.ts"], "problem-62", "无消费者证据不得通过发布门禁", "为每个资产建立真实主链路消费者");
+            }
+            if (report.missing_revalidation > 0) {
+                hardFail("RELEASE_ISSUE_COVERAGE_MISSING_REVALIDATION", `问题六十二覆盖审计发现 ${report.missing_revalidation} 个资产缺少复验入口`, ["src/engine/standard_asset_coverage.ts", "src/engine/template_asset_contract_registry.ts"], "problem-62", "无复验入口不得通过发布门禁", "为每个资产建立真实复验入口");
+            }
+        }
+        catch (error) {
+            // template_asset_contract_registry 尚不存在 — 这是预期失败
+            hardFail("RELEASE_ISSUE_CONTRACT_REGISTRY_MISSING", `问题六十三权威合同注册表不存在: ${error?.message ?? error}`, ["src/engine/template_asset_contract_registry.ts"], "problem-63", "214 资产必须有权威合同", "创建 template_asset_contract_registry.ts");
+        }
+    }
+    // 问题六十三: templates 总数 = 权威合同覆盖数
+    {
+        const contractRegText = safeRead(path.join(rootDir, "src", "engine", "template_asset_contract_registry.ts")) ?? "";
+        if (!contractRegText.includes("TemplateAssetContract") || !contractRegText.includes("listTemplateAssetContracts")) {
+            hardFail("RELEASE_ISSUE_CONTRACT_REGISTRY_MISSING", "问题六十三缺少权威合同注册表（TemplateAssetContract / listTemplateAssetContracts）", ["src/engine/template_asset_contract_registry.ts"], "problem-63", "214 资产必须有单一权威元数据体系", "创建 template_asset_contract_registry.ts");
+        }
+    }
+    // 问题六十四: 可见性不得使用 denylist 猜测
+    {
+        const visText2 = safeRead(path.join(rootDir, "src", "engine", "template_asset_visibility.ts")) ?? "";
+        if (visText2.includes("INTERNAL_ASSET_PATTERNS")) {
+            hardFail("RELEASE_ISSUE_VISIBILITY_DENYLIST", "问题六十四 template_asset_visibility.ts 仍使用 INTERNAL_ASSET_PATTERNS denylist", ["src/engine/template_asset_visibility.ts"], "problem-64", "denylist 猜测不是权威分类", "改用权威合同注册表的 asset_visibility 字段");
+        }
+    }
+    // 问题六十四: 必须存在并执行真实技术栈受限资产，禁止以跳过或内存假资产代替。
+    {
+        const { buildTemplateAssetContracts } = await import("./template_asset_contract_registry.js");
+        const restrictedScaffolds = buildTemplateAssetContracts(rootDir).filter((contract) => contract.consume_category === "scaffold_only" && contract.applicable_tech_stack.length > 0);
+        if (restrictedScaffolds.length === 0) {
+            hardFail("RELEASE_ISSUE_TECH_STACK_ASSET_MISSING", "问题六十四不存在真实 applicable_tech_stack 脚手架资产", ["src/engine/explicit_asset_registry.ts"], "problem-64", "没有真实受限资产不能证明技术栈隔离", "为内置脚手架声明权威 applicable_tech_stack 并走 sf_scaffold 验证");
+        }
+        const scenarioTestText = safeRead(path.join(rootDir, "tests", "engine", "release_issue_scenario_matrix.test.ts")) ?? "";
+        const failClosedTestText = safeRead(path.join(rootDir, "tests", "engine", "contract_fail_closed.test.ts")) ?? "";
+        if (/it\.skip\([\s\S]{0,80}技术栈|test-java-rule/.test(`${scenarioTestText}\n${failClosedTestText}`)) {
+            hardFail("RELEASE_ISSUE_TECH_STACK_FAKE_TEST", "问题六十四仍以跳过测试或内存假资产代替真实技术栈复验", ["tests/engine/release_issue_scenario_matrix.test.ts", "tests/engine/contract_fail_closed.test.ts"], "problem-64", "假资产/skip 不证明用户实际链路", "仅使用 explicit_asset_registry 已登记资产执行真实 scaffold 场景");
+        }
+    }
+    // sf_accept 必须为需要显式授权的验收入口，且处理器不得直接篡改产物状态。
+    {
+        const contractText = safeRead(path.join(rootDir, "src", "engine", "tool_invocation_contract_registry.ts")) ?? "";
+        const acceptStart = toolsText.indexOf('registerSafeTool(\n    "sf_accept"');
+        const deliverStart = toolsText.indexOf('registerSafeTool(\n    "sf_deliver"', acceptStart + 1);
+        const acceptBody = toolsText.substring(acceptStart, deliverStart > 0 ? deliverStart : toolsText.length);
+        const contractStrict = /tool_name:\s*"sf_accept"[\s\S]{0,120}category:\s*"strict_controlled"[\s\S]{0,120}requires_authorization:\s*true/.test(contractText);
+        const confirmsEvidence = acceptBody.includes("confirmation_ref") && acceptBody.includes("confirmed_by") && acceptBody.includes("updateArtifactStatus");
+        const directStatusWrite = /artifact_output\.status\s*=\s*"accepted"/.test(acceptBody);
+        if (!contractStrict || !confirmsEvidence || directStatusWrite) {
+            hardFail("RELEASE_ISSUE_ACCEPTANCE_SELF_ATTESTATION", "sf_accept 仍可缺少显式确认或绕过 artifact 生命周期", ["src/adapters/claude_code/tools.ts", "src/engine/tool_invocation_contract_registry.ts"], "problem-63", "自动生成的验收证据不得放行正式产物", "要求显式确认引用并只通过 updateArtifactStatus 接受产物");
+        }
+    }
+    // 问题五十九: 新增 CLI 命令不得使用 console.log
+    {
+        const auditFnStart = cliText.indexOf("async function cmdAuditTemplateVisibility");
+        const nextFnStart = cliText.indexOf("\nasync function ", auditFnStart + 1);
+        const fnBody = cliText.substring(auditFnStart, nextFnStart > 0 ? nextFnStart : cliText.length);
+        if (fnBody.includes("console.log")) {
+            hardFail("RELEASE_ISSUE_LOGGER_VIOLATION", "问题五十九 cmdAuditTemplateVisibility 使用 console.log 违反日志治理", ["src/bin/soloforge.ts"], "problem-59", "新增代码必须使用统一 logger", "替换 console.log 为 userInfo/userJson");
+        }
+    }
+    // 问题六十二/六十三: 逐资产运行时消费证据 — 不得接受"consumer file exists"或"export name exists"作为真实消费证明
+    {
+        const { observeAllConsumption } = await import("./observed_consumption.js");
+        const report = await observeAllConsumption(rootDir);
+        if (report.fail > 0) {
+            hardFail("RELEASE_ISSUE_CONSUMPTION_EVIDENCE_FAIL", `问题六十二逐资产消费证据验证失败(${report.fail} failures): ${report.failures.join("; ")}`, ["src/engine/observed_consumption.ts", "src/engine/template_asset_contract_registry.ts"], "problem-62", "逐资产运行时消费证据不完整", "检查 observeAllConsumption 中每个资产的观察结果");
+        }
+        if (report.total < 215) {
+            hardFail("RELEASE_ISSUE_CONSUMPTION_EVIDENCE_INCOMPLETE", `问题六十二消费证据仅覆盖 ${report.total} 个资产，预期至少 215`, ["src/engine/observed_consumption.ts"], "problem-62", "消费证据覆盖不全", "确保所有注册资产都有消费观察记录");
+        }
+        // trace 必须来自真实入口（init/sync_templates），不得仅来自 contract_gate 兜底
+        const traceCounts = report.trace_counts;
+        if ((traceCounts.init ?? 0) === 0 && (traceCounts.sync_templates ?? 0) === 0) {
+            hardFail("RELEASE_ISSUE_CONSUMPTION_EVIDENCE_NO_REAL_TRACE", "问题六十二消费证据无真实入口 trace（init/sync_templates 均为 0）", ["src/engine/observed_consumption.ts"], "problem-62", "必须运行真实入口 scenario 产生 trace", "检查 observeAllConsumption 中的 scenario runner");
+        }
+        // 硬检查: mainline trace 的 declared_consumer 必须与合同 mainline_consumer 精确匹配
+        for (const obs of report.observations) {
+            if (obs.consume_category === "mainline" && obs.validation_result === "fail" && obs.failure_reason?.includes("无精确消费 trace")) {
+                hardFail("RELEASE_ISSUE_MAINLINE_TRACE_MISMATCH", `mainline 资产消费 trace 不匹配: ${obs.failure_reason}`, ["src/engine/observed_consumption.ts", obs.asset_path], "problem-62", "mainline trace declared_consumer 必须与合同 mainline_consumer 精确对应", "确保生产函数记录 declared_consumer");
+            }
+        }
+    }
+    // 负向测试: scaffold_only 资产必须有 scaffold trace，删除 scaffold scenario 后必须 fail
+    {
+        const { buildTemplateAssetContracts } = await import("./template_asset_contract_registry.js");
+        const { getConsumptionTraces, clearConsumptionTraces, recordConsumptionTrace } = await import("./consumption_trace_store.js");
+        clearConsumptionTraces();
+        // 只运行 init+sync（不运行 scaffold），scaffold_only 资产应无合法 trace
+        const { copyKnowledgeToProject, copyPatternsToGlobal } = await import("./template_init_sync.js");
+        const tmpNegDir = fs.mkdtempSync(path.join(os.tmpdir(), "soloforge-neg-"));
+        try {
+            await copyKnowledgeToProject(rootDir, tmpNegDir);
+            const globalDir = path.join(tmpNegDir, ".soloforge", "patterns");
+            await copyPatternsToGlobal(rootDir, globalDir);
+        }
+        finally {
+            fs.rmSync(tmpNegDir, { recursive: true, force: true });
+        }
+        // 收集 scaffold_only 合同，验证它们都没有 scaffold trace
+        const contracts = buildTemplateAssetContracts(rootDir);
+        const scaffoldContracts = contracts.filter(c => c.consume_category === "scaffold_only");
+        const traces = getConsumptionTraces();
+        const scaffoldTracedPaths = new Set(traces.filter(t => t.consumer === "scaffold").map(t => t.asset_path));
+        const scaffoldWithTrace = scaffoldContracts.filter(c => scaffoldTracedPaths.has(c.path));
+        if (scaffoldWithTrace.length > 0) {
+            hardFail("RELEASE_ISSUE_NEGATIVE_SCAFFOLD_LEAK", `负向测试失败: 未运行 scaffold scenario 但 ${scaffoldWithTrace.length} 个 scaffold_only 资产有 scaffold trace`, ["src/engine/observed_consumption.ts"], "problem-62", "scaffold trace 不应从其他 scenario 泄露", "检查 scaffold scenario 是否独立");
+        }
+        clearConsumptionTraces();
+    }
+    // 问题六十四: copyKnowledgeTemplates 必须对无合同资产 fail-closed
+    {
+        const copyFnSource = syncText || cliText;
+        const copyFnStart = copyFnSource.indexOf("async function copyKnowledge") !== -1
+            ? copyFnSource.indexOf("async function copyKnowledge")
+            : copyFnSource.indexOf("export async function copyKnowledgeToProject");
+        const copyFnEnd = copyFnSource.indexOf("\nasync function ", copyFnStart + 1);
+        const copyFnBody = copyFnSource.substring(copyFnStart, copyFnEnd > 0 ? copyFnEnd : copyFnSource.length);
+        // 必须有 "skipped_no_contract" 或 "unregistered" — 证明无合同时会跳过
+        if (!copyFnBody.includes("skipped_no_contract") && !copyFnBody.includes("unregistered")) {
+            hardFail("RELEASE_ISSUE_COPY_NO_CONTRACT_FAIL_OPEN", "问题六十四 copyKnowledgeTemplates 未对无合同资产 fail-closed", ["src/engine/template_init_sync.ts"], "problem-64", "无合同资产不应被复制", "添加 skipped_no_contract 计数并在无合同时 continue");
+        }
     }
-    _info("  Batch6 架构决策与设计产物真实消费复验完成");
 }
 // ── 主入口 ──
 export async function runReleaseReadinessGate(rootDir) {
@@ -1637,10 +2165,10 @@ export async function runReleaseReadinessGate(rootDir) {
     beginPhase("依赖漏洞扫描");
     checkDependencyAudit(rootDir, hardFail, _info);
     endPhase("依赖漏洞扫描");
-    // 15: Batch6 新增真实用户路径
-    beginPhase("Batch6 架构决策与设计产物真实消费");
-    await checkBatch6DesignPath(rootDir, hardFail, _info);
-    endPhase("Batch6 架构决策与设计产物真实消费");
+    // 15: 发布问题全局合同（问题六十一至六十四）
+    beginPhase("发布问题全局合同");
+    await checkReleaseIssueDesignPath(rootDir, hardFail, _info);
+    endPhase("发布问题全局合同");
     // 恢复 console.error 和日志器
     console.error = origConsoleError;
     resetLogger();