universal-dev-standards 5.11.0 → 5.13.2

package/bundled/ai/standards/acceptance-criteria-traceability.ai.yaml

@@ -61,11 +61,17 @@ standard:
 
       - status: not_implemented
         symbol: "🚫"
-        definition: AC has no corresponding implementation (feature code does not exist)
+        definition: AC has no corresponding implementation or test verification (feature code or test body does not exist)
         criteria: |
-          No business logic in src/ corresponds to this AC.
-          Distinct from uncovered: uncovered = code exists but no test; not_implemented = code does not exist.
-          Typical signals: throw NotImplementedException(), empty stub body, FEATURE_STUB: marker.
+          No business logic in src/ corresponds to this AC, OR the only test mapped
+          to this AC is an it.todo() placeholder (test body not implemented).
+          Distinct from uncovered: uncovered = code exists but test was forgotten;
+          not_implemented = explicitly marked as pending implementation.
+          Typical signals:
+            - throw NotImplementedException(), empty stub body, FEATURE_STUB: marker
+            - it.todo("AC-XXX: ...") — test slot reserved but verification not written
+          XSPEC-220: it.todo() tests map to not_implemented, NOT to uncovered.
+          Rationale: it.todo() is a deliberate placeholder, not an oversight.
         decision_tree: |
           Q1: Does the corresponding code exist in src/?
             No → not_implemented

package/bundled/ai/standards/deployment-standards.ai.yaml

@@ -12,11 +12,14 @@ standard:
     - "Automate build, test, deploy, and rollback"
 
   meta:
-    version: "1.1.0"
-    updated: "2026-05-13"
+    version: "1.2.0"
+    updated: "2026-05-26"
     source: core/deployment-standards.md
     description: >
       Safe deployment strategies, feature flags, rollback, environment parity, and DORA metrics.
+      v1.2.0: Added Defensive Deployment Ordering — required extract-verify-then-delete sequence,
+      PowerShell + bash verify snippets, failure mode mapping, cross-link to packaging-standards
+      Archive Format Integrity (XSPEC-231 / closes issue #110).
       v1.1.0: Added environment stratification responsibility matrix and stub server CI/CD
       lifecycle rules (XSPEC-204).
 
@@ -230,6 +233,51 @@ stub_server_cicd_rules:
     (a) fully testable in UAT via real service or Level 2 stub server, OR
     (b) explicitly documented as PRD-smoke-only with a smoke test plan.
 
+defensive_ordering:
+  scope: "destructive-update deploy patterns (stop → swap → start) common to Windows IIS, SystemD-managed services, and similar in-place replacement workflows."
+  forbidden_ordering: |
+    1. Stop service
+    2. Extract new package         ← may silently no-op on format mismatch
+    3. Delete old install          ← runs unconditionally — destroys live install
+    4. Copy new install            ← throws (source doesn't exist)
+    5. Start service               ← cannot start (binaries gone)
+  required_ordering: |
+    1. Stop service
+    2. Extract new package → staging area  (NOT directly over live install)
+    3. ✅ VERIFY staging area contains expected artifacts
+       ↑ if verification fails: abort, do NOT touch the live install
+    4. Backup live install                 (or earlier — both is fine)
+    5. Delete old install (preserving logs / runtime data)
+    6. Copy new install from staging
+    7. Restore preserved configs
+    8. Start service
+    9. Sanity check (HTTP probe / health endpoint)
+  verify_step_3:
+    required: true
+    skip_allowed: false
+    minimum: "Test-Path / [ -f ... ] against at least one well-known file from the new package."
+    preferred: "Hash-check a manifest of expected files."
+  rules:
+    - id: extract-to-staging-not-live
+      requirement: "Step 2 MUST extract to a staging area separate from the live install path."
+      priority: required
+    - id: verify-before-destructive
+      requirement: "Step 3 MUST verify staging contents before any destructive step touches the live install. Failure MUST abort with live install untouched."
+      priority: required
+    - id: backup-required
+      requirement: "A backup of the live install MUST exist before step 5 (delete). Can be taken earlier."
+      priority: required
+    - id: preserve-runtime-data
+      requirement: "Step 5 MUST exclude logs and runtime data from deletion."
+      priority: required
+  failure_modes_addressed:
+    - wrong_format_archive: "Step 3 verify fails — live install untouched"
+    - partial_extract: "Step 3 verify fails — live install untouched"
+    - archive_root_changed: "Step 3 verify fails — live install untouched"
+    - permission_denied_extract: "Step 3 verify fails — live install untouched"
+  upstream_prevention: "Producer-side prevention via packaging-standards Archive Format Integrity. Both layers form defense-in-depth — neither alone is sufficient."
+  failure_mode_reference: "PROD incident 2026-05-24: Expand-Archive silent no-op on tar-renamed-to-.zip + unconditional Remove-Item destroyed live install. ~3 minutes downtime. Step 3 verify would have aborted before destruction."
+
 physical_spec:
   type: custom_script
   validator:

package/bundled/ai/standards/full-coverage-testing.ai.yaml

@@ -75,13 +75,20 @@ standard:
       instruction: |
         FORBIDDEN: Tautology assertions that always pass regardless of behavior.
         These add false coverage without verifying anything.
+        AI SKELETON RULE (XSPEC-220): When generating unimplemented test skeletons,
+        use it.todo("AC-XXX: Given ... When ... Then ..."). Any it() callback whose
+        body contains only tautology assertions is an [ANTI-FAKE-001] violation,
+        regardless of whether the skeleton was generated by a human or an AI agent.
       priority: required
       forbidden_patterns:
         - "expect(true).toBe(true)"
         - "expect(false).toBe(false)"
         - "expect(result).toBeDefined()  // without specific value"
         - "expect(result).not.toBeNull()  // without specific value"
-      required_instead: "expect(result).toBe(<specific expected value>)"
+        - "it('...', () => { expect(true).toBe(true) })  // AI-generated skeleton"
+      required_instead: |
+        Real assertion: expect(result).toBe(<specific expected value>)
+        Unimplemented skeleton: it.todo("AC-XXX: Given ... When ... Then ...")
 
     - id: no-mock-business-logic
       trigger: deciding what to mock

package/bundled/ai/standards/license-compliance.ai.yaml

@@ -1,18 +1,102 @@
 # License Compliance Standards - AI Optimized
-# Source: XSPEC-066 Wave 3 Compliance Pack
+# Sources:
+#   v1.0.0 — XSPEC-066 Wave 3 Compliance Pack (general OSS practices)
+#   v2.0.0 — XSPEC-193 §7.1 (AI-specific rules for AI-Generated Code)
+#   v2.1.0 — XSPEC-193 Phase 2 (ClearlyDefined API + AST PII + EmbeddingProvider + ASPEC-001)
 
 id: license-compliance
-title: License Compliance Standards
-version: "1.0.0"
+title: License Compliance Standards for AI-Generated Code
+version: "2.1.0"
 status: Active
-tags: [compliance, licensing, open-source, legal, supply-chain]
+tags: [compliance, licensing, open-source, legal, supply-chain, ai-generated, eu-ai-act, sbom, pii, clearly-defined, ast-pii, embedding]
+created: 2026-04-30
+updated: 2026-05-16
+
+agent_ref: ASPEC-001   # License Compliance Agent spec (XSPEC-205 format)
+
+references:
+  - XSPEC-066   # v1.0.0 baseline - Wave 3 Compliance Pack
+  - XSPEC-193   # v2.0.0 + v2.1.0 AI-specific rules - VibeOps License Compliance Agent
+  - DEC-041     # EU AI Act compliance
+  - DEC-062     # Harness Engineering 2026 adoption
+  - DEC-063     # VibeOps legal & compliance strategy
+  - DEC-064     # Customer IP isolation (cache salt)
+  - XSPEC-189   # Telemetry Schema v2 (event types referenced below)
+  - ASPEC-001   # License Compliance Agent SPEC (XSPEC-205 §REQ-2 format)
+
 summary: |
-  Defines how teams identify, track, and manage open-source and third-party
-  software licenses throughout the software development lifecycle. Covers
-  license classification (permissive vs. copyleft), prohibited licenses,
-  SBOM generation, license scanning in CI/CD, and remediation processes
-  for license violations. Designed to prevent legal exposure from
-  incompatible license combinations and ensure supply-chain transparency.
+  Comprehensive license compliance for AI-augmented development.
+
+  Tier 1 (REQ-001~006) — General OSS practices: license classification,
+  CI scanning, SBOM generation, attribution, violation remediation, and
+  technology adoption review. Applies to every project regardless of AI use.
+
+  Tier 2 (LC-001~009) — AI-specific rules: SPDX-first, independent evaluator,
+  evidence-based decisions, blocklist/allowlist/greylist enforcement, SBOM
+  required on every PR, PII pattern detection, copyright similarity check,
+  EU AI Act Article 50 transparency markers, and customer policy sovereignty.
+
+  Tier 2 is binding on AI Agents that produce code (VibeOps Generator Agent
+  and equivalents). Designed to prevent legal exposure from incompatible
+  license combinations, ensure supply-chain transparency, and satisfy
+  EU AI Act Article 50 obligations.
+
+  v2.1.0 enhancements (XSPEC-193 Phase 2, 2026-05-16):
+  - LC-001 now backed by ClearlyDefined API (confidence ≥ 0.95 when CD available)
+  - LC-007 PII detection upgraded with tree-sitter AST semantic context
+  - LC-006 copyright similarity upgraded with EmbeddingProvider strategy
+    (onnx-minilm / ollama-bge-m3 / jaccard fallback)
+
+scope:
+  applies_to:
+    - AI-generated code (Generator Agent output)
+    - Dependency manifests (package.json / requirements.txt / go.mod / Cargo.toml / etc.)
+    - Open-source code snippet references and copy-paste
+  excludes:
+    - Internal-only tooling scripts with no external distribution (SBOM still recommended)
+    - Fully hand-written, non-AI-generated code (SBOM still recommended)
+
+principles:
+  - id: P-1
+    name: SPDX First
+    description: |
+      All license identifiers MUST use SPDX standard IDs (https://spdx.org/licenses/).
+      Vague descriptions like "MIT-like" or "BSD-style" are prohibited. If no
+      SPDX match can be found, the Agent MUST escalate to a human rather than
+      guess.
+
+  - id: P-2
+    name: Independent Evaluator
+    description: |
+      The License Compliance Agent MUST use a model class different from the
+      code Generator Agent. This avoids Generator/Evaluator error correlation
+      and preserves review independence (DEC-062 H6).
+
+  - id: P-3
+    name: Evidence-Based Decision
+    description: |
+      Every block or review-required decision MUST carry traceable evidence:
+      SPDX ID lookup source, similarity score, comparison repo URL, etc.
+      Verdicts without evidence are prohibited.
+
+  - id: P-4
+    name: Transparency by Default
+    description: |
+      AI-generated output MUST carry a transparency marker per EU AI Act
+      Article 50. Marker removal requires explicit human action; an AI Agent
+      MAY NOT decide to remove markers autonomously.
+
+  - id: P-5
+    name: Customer Sovereignty
+    description: |
+      Customers MAY customize license policy within their accepted liability
+      scope, but MAY NOT bypass platform-floor limits set in the VibeOps
+      EULA §9. Overrides MUST be telemetered with justification.
+
+# ─────────────────────────────────────────────────────────────
+# Tier 1 — General OSS Compliance Practices (v1.0.0 baseline)
+# Applies to every project regardless of AI use.
+# ─────────────────────────────────────────────────────────────
 
 requirements:
   - id: REQ-001
@@ -104,3 +188,288 @@ requirements:
       - "ADR-042 notes: 'Library X uses Apache 2.0 — approved tier, no legal review needed'"
       - "ADR-043 notes: 'Library Y uses LGPL-3.0 — review-required, legal approved 2026-03-10'"
       - "Technology radar entry includes license classification for each evaluated tool"
+
+# ─────────────────────────────────────────────────────────────
+# Tier 2 — AI-Specific Rules (v2.0.0, XSPEC-193 §7.1)
+# Binding on AI Agents that produce code.
+# ─────────────────────────────────────────────────────────────
+
+rules:
+  - id: LC-001
+    name: SPDX ID Lookup Required
+    severity: blocking
+    description: |
+      Every dependency license MUST be resolved to a SPDX standard ID
+      before any list comparison.
+
+      v2.1.0: Primary source is ClearlyDefined API (confidence ≥ 0.95 for
+      well-known packages). Falls back to SPDX database (confidence ≤ 0.8)
+      or package metadata heuristics. Requests are token-bucket-rate-limited
+      (10 req/s, burst 20) and cached with 24h TTL + DEC-064 client_salt
+      isolation. offline=true bypasses external calls entirely.
+    checks:
+      - "license_lookup() result must have non-null spdx_id"
+      - "If confidence < 0.7, escalate_to_human"
+      - "Free-text license fields from package metadata MUST NOT be used directly"
+      - "ClearlyDefined API: GET /definitions/{type}/{provider}/{namespace}/{name}/{revision}"
+      - "On 5xx: exponential backoff × 3 (200ms/1s/3s); on 429: batch fallback immediately"
+      - "Cache key = sha256(client_salt + ':' + purl) — DEC-064 isolation guaranteed"
+
+  - id: LC-002
+    name: Blocklist Auto-Block
+    severity: blocking
+    description: |
+      SPDX IDs on the Blocklist MUST trigger block_pr automatically. No
+      exception channel inside the platform (customer override layer may
+      remove items, but the override is logged via telemetry).
+    blocklist:
+      # Strong-copyleft (viral)
+      - GPL-2.0
+      - GPL-2.0-only
+      - GPL-2.0-or-later
+      - GPL-3.0
+      - GPL-3.0-only
+      - GPL-3.0-or-later
+      - AGPL-1.0
+      - AGPL-3.0
+      - AGPL-3.0-only
+      - AGPL-3.0-or-later
+      # Source-Available (non-OSS, commercially restrictive)
+      - SSPL-1.0
+      - Commons-Clause              # Not a formal SPDX ID; treated as non-OSS
+      - BUSL-1.1
+      - BUSL-1.0
+      - Confluent-Community-License
+      - Elastic-License-2.0
+    checks:
+      - "license_blocklist_check() returns decision='block' → call block_pr() immediately"
+      - "block_pr() reason field is mandatory in form: '{pkg}@{version} uses {spdx_id}'"
+
+  - id: LC-003
+    name: Allowlist Auto-Approve
+    severity: informational
+    description: |
+      SPDX IDs on the Allowlist MUST be auto-approved, recorded in SBOM
+      without triggering review.
+    allowlist:
+      - MIT
+      - MIT-0
+      - BSD-2-Clause
+      - BSD-3-Clause
+      - BSD-3-Clause-Clear
+      - Apache-2.0
+      - ISC
+      - 0BSD
+      - CC0-1.0
+      - Unlicense
+      - Zlib
+      - WTFPL
+      - CC-BY-4.0          # Documentation only
+      - CC-BY-SA-4.0       # Documentation only
+      - Python-2.0         # PSF-specific
+
+  - id: LC-004
+    name: Greylist Human Review
+    severity: review_required
+    description: |
+      SPDX IDs on the Greylist enter the review queue. A human judges
+      whether the static/dynamic-linking model triggers copyleft contagion.
+    greylist:
+      - LGPL-2.1
+      - LGPL-2.1-only
+      - LGPL-2.1-or-later
+      - LGPL-3.0
+      - LGPL-3.0-only
+      - LGPL-3.0-or-later
+      - MPL-2.0
+      - EPL-1.0
+      - EPL-2.0
+      - CDDL-1.0
+      - CDDL-1.1
+      - GPL-Classpath-exception-2.0  # OpenJDK
+    review_guidance:
+      - "Determine static-link vs dynamic-link"
+      - "Determine whether the package is on the production path or only a dev/test dependency"
+      - "LGPL dynamic-link is generally safe; static-link requires legal sign-off"
+
+  - id: LC-005
+    name: SBOM Mandatory Generation
+    severity: blocking
+    description: |
+      Every dependency-list change or PR merge MUST regenerate the SBOM in
+      CycloneDX 1.5 or SPDX 2.3 format. SHA-256 hash of the SBOM file MUST
+      be recorded.
+    checks:
+      - "SBOM file passes the corresponding schema validation (CycloneDX XML/JSON schema)"
+      - "Every component in the SBOM has an SPDX license expression"
+      - "SBOM path: `{project_root}/sbom.cdx.json` (or `.spdx.json`)"
+
+  - id: LC-006
+    name: Copyright Similarity Threshold
+    severity: blocking
+    description: |
+      AI-generated code with embedding similarity ≥ 0.85 to a known
+      open-source repo MUST be inspected. If the source repo is on the
+      blocklist (GPL/AGPL), the PR MUST be blocked.
+
+      v2.1.0: EmbeddingProvider strategy (XSPEC-193 Phase 2):
+        - provider='onnx-minilm': local ONNX inference (all-MiniLM-L6-v2)
+        - provider='ollama-bge-m3': Ollama local API (bge-m3, localhost:11434)
+        - provider='jaccard' (default): Jaccard token similarity (Phase 1)
+      Known snippet index is per-customer (DEC-064 client_salt isolated).
+      External search is opt-in (enableExternalSearch=false by default).
+    checks:
+      - "overall_similarity >= 0.85 AND source_license in blocklist → block_pr"
+      - "overall_similarity >= 0.70 AND source_license in greylist → review"
+      - "overall_similarity >= 0.85 AND source_license in allowlist → record info event, do not block"
+      - "ONNX/Ollama unavailable → graceful fallback to Jaccard (no exception)"
+      - "snippet index build: buildSnippetIndex(snippets, provider) per-customer"
+    evidence_required:
+      - "source_repo URL"
+      - "source_license SPDX ID"
+      - "similarity score (4 decimal places)"
+      - "matched_section (first 5 lines of the snippet)"
+      - "embedding_provider used (for audit trail)"
+
+  - id: LC-007
+    name: PII Pattern Detection
+    severity: review_required
+    description: |
+      When AI-generated code contains a personal-data handling pattern,
+      issue a warning with a remediation hint. severity="critical" patterns
+      MUST escalate to human review.
+
+      v2.1.0: AST-enhanced detection via tree-sitter (XSPEC-193 Phase 2):
+        - Language support: TypeScript, JavaScript, Python
+        - AST context classification:
+            hardcoded_value → severity upgraded to critical
+            comment         → severity downgraded to info
+            schema_field    → ast_context='schema_field'
+        - Pragma support: // pii:ignore on same line suppresses finding
+        - tree-sitter unavailable → graceful fallback to regex (no exception)
+        - LLM assist: stub (enableLLMAssist=false default, Phase 3 integration)
+        - PIIPattern.confidence and PIIPattern.ast_context are new optional fields
+    pii_types:
+      critical:
+        - ssn               # Social security number
+        - credit_card       # Credit-card number
+        - biometric         # Biometric identifiers
+        - health_record     # Health records (HIPAA / Taiwan PDPA §6 special category)
+      warning:
+        - email
+        - phone
+        - id_number         # National ID
+        - date_of_birth
+        - address
+    detection_strategy:
+      - "regex: field-name patterns (email, phone_number, ssn, credit_card_number, ...)"
+      - "ast: tree-sitter semantic context (hardcoded_value / comment / schema_field)"
+      - "llm_assist: ambiguous contexts (confidence threshold 0.8, Phase 3)"
+
+  - id: LC-008
+    name: EU AI Act Transparency Marker
+    severity: blocking
+    description: |
+      Every AI-generated source file MUST carry a transparency marker at
+      output time, per EU AI Act Article 50 (Limited-Risk transparency
+      obligation).
+    marker_format:
+      source_code: |
+        // AI-generated: VibeOps v{version} on {date}
+        // AI Generation Disclosure: Per EU AI Act Article 50.
+        // Modifications by humans should remove this notice.
+      markdown: |
+        ---
+        > AI Generation Disclosure: This content was AI-generated by VibeOps
+        > v{version} on {date}. Per EU AI Act Article 50.
+      json_yaml: |
+        _ai_generated: "VibeOps v{version} on {date} — EU AI Act Article 50"
+    checks:
+      - "Marker MUST be in the file header (source code) or metadata block (JSON/YAML)"
+      - "Marker removal requires the transparency_marker tool's explicit remove operation plus human confirmation"
+      - "When eu_ai_act_classifier() returns high_risk, additionally include a human_oversight statement"
+
+  - id: LC-009
+    name: Customer Policy Ceiling
+    severity: informational
+    description: |
+      Customers MAY adjust lists via ~/.vibeops/license-policy.yaml, but
+      adjustments MUST be telemetered (human_override_block event) and MUST
+      NOT modify the EULA §9 liability-allocation clause at the platform
+      layer.
+    checks:
+      - "If allowlist_add contains blocklist members, record a warning telemetry"
+      - "greylist_review: 'auto-allow' requires an extra telemetry tag customer_risk_accepted=true"
+      - "If the customer config schema validation fails, fall back to platform default policy"
+
+# ─────────────────────────────────────────────────────────────
+# Tool integration (XSPEC-193 §2, §3)
+# ─────────────────────────────────────────────────────────────
+
+tooling_integration:
+  description: |
+    Maps to the 10 tools defined in XSPEC-193 §2. Tool call order is fixed
+    to keep prompts cache-friendly under the DEC-064 cache-salt strategy.
+  tool_sequence:
+    1: dependency_reader            # Read dependency manifest
+    2: license_lookup               # SPDX lookup
+    3: license_blocklist_check      # Tier check
+    4: sbom_generator               # SBOM generation (LC-005)
+    5: pii_pattern_detector         # PII detection (LC-007)
+    6: copyright_similarity_check   # Copyright similarity (LC-006)
+    7: eu_ai_act_classifier         # EU AI Act risk classification
+    8: transparency_marker          # Transparency marker (LC-008)
+    9: block_pr                     # Sole flow-interrupting authority
+    10: suggest_alternative         # Alternative package suggestion (XSPEC-193 §4.5)
+    11: escalate_to_human           # Fallback when automation cannot decide
+
+# ─────────────────────────────────────────────────────────────
+# Telemetry (DEC-066 / XSPEC-189 v2 envelope)
+# ─────────────────────────────────────────────────────────────
+
+telemetry:
+  required_events:
+    - license_compliance_result    # Final result of each review
+    - block_pr                     # Block event detail
+    - license_lookup_failure       # SPDX lookup failure (drives alternative-table updates)
+    - copyright_similarity_high    # High-similarity warning
+    - eu_ai_act_classification     # Classification distribution
+    - human_override_block         # Human override of a block (requires reason)
+  envelope_reference: XSPEC-189    # Telemetry Schema v2 envelope
+  event_type: quality
+  event_subtype_examples:
+    - license_compliance_result    # LC rule outcomes
+    - gate_pass / gate_fail        # When License Compliance acts as a gate
+
+# ─────────────────────────────────────────────────────────────
+# Adoption guidance
+# ─────────────────────────────────────────────────────────────
+
+adoption_guidance:
+  uds_install_path: ai/standards/license-compliance.ai.yaml
+  vibeops_config_path: src/agents/license-compliance/rules.yaml
+  customer_config_path: ~/.vibeops/license-policy.yaml
+  notes:
+    - "v2.1.0 adds ClearlyDefined API integration, AST PII analysis, and EmbeddingProvider strategy. Requires VibeOps ≥ v1.6.0 (commit c44a4bf)."
+    - "v2.0.0 Tier 2 rules are Active for AI-augmented projects. Legal sign-off on the blocklist remains pending; treat the blocklist as authoritative-pending-review."
+    - "LGPL greylist decisions should consult legal counsel."
+    - "Alternative-package table (XSPEC-193 §4.5) is updated quarterly, driven by license_lookup_failure telemetry."
+    - "When this standard is consumed by VibeOps, the License Compliance Agent enforces every LC rule listed above. Other adopters MAY choose to enforce LC rules via CI alone (Tier 1 REQ-002 path)."
+
+# ─────────────────────────────────────────────────────────────
+# Compatibility note
+# ─────────────────────────────────────────────────────────────
+
+compatibility:
+  v1_to_v2: |
+    v1.0.0 REQ-001~006 are unchanged and remain authoritative for general
+    OSS practice. v2.0.0 adds Tier 2 LC-001~009 as a strict superset for
+    AI-augmented projects. A project that adopted v1.0.0 remains compliant;
+    AI-augmented projects MUST additionally enforce Tier 2.
+  v2_to_v2_1: |
+    v2.1.0 is a backward-compatible superset of v2.0.0. New features
+    (ClearlyDefined API, AST PII, EmbeddingProvider) are opt-in via
+    ComplianceAgentConfig. All existing LC-001~009 rules are unchanged.
+    PIIPattern gains optional fields (confidence, ast_context); existing
+    code that reads PIIPattern is unaffected.
+    Minimum runtime: Node.js 22 + VibeOps v1.6.0.

package/bundled/ai/standards/logging.ai.yaml

@@ -3,10 +3,10 @@
 
 id: logging
 meta:
-  version: "1.2.0"
-  updated: "2026-03-18"
+  version: "1.3.0"
+  updated: "2026-05-26"
   source: core/logging-standards.md
-  description: Logging levels, structured logging, and best practices
+  description: Logging levels, structured logging, file rotation policy, and best practices
 
 log_levels:
   ordered:
@@ -119,6 +119,43 @@ rules:
       Correlate all three via trace_id/span_id
     priority: recommended
 
+  - id: rotation-dual-trigger
+    trigger: configuring file-based log sink
+    instruction: |
+      File-based log sinks MUST set both rotation triggers:
+        1. Time-based: rollingInterval=Day (or equivalent)
+        2. Size-based: fileSizeLimitBytes explicit AND rollOnFileSizeLimit=true
+      Default size caps are hostile in production — Serilog silently drops at 1 GB
+      if rollOnFileSizeLimit is left at default false; log4j / Winston / Python
+      RotatingFileHandler likewise drop or grow unbounded without explicit config.
+      Recommended starting value: fileSizeLimitBytes=104857600 (100 MB),
+      retainedFileCountLimit >= N*7 where N = max expected rolls per day.
+    priority: required
+
+  - id: rotation-ops-sop
+    trigger: log file size approaching cap
+    instruction: |
+      If a log file size reaches >= 90% of fileSizeLimitBytes at expected end-of-day,
+      INVESTIGATE the cause (noisy retry loop, unbounded debug logging, stack-trace
+      flood) BEFORE raising the cap. Raising the cap masks the noise problem.
+    priority: required
+
+rotation_policy:
+  must_set_both:
+    time_based: rollingInterval=Day (or equivalent)
+    size_based:
+      fileSizeLimitBytes: explicit (100 MB recommended)
+      rollOnFileSizeLimit: true
+  hostile_defaults:
+    serilog: silently stops at 1 GB if rollOnFileSizeLimit=false
+    log4j: drops if no SizeBasedTriggeringPolicy
+    python_rotatingfilehandler: grows unbounded if maxBytes unset
+    winston: drops if maxSize unset
+  recommended:
+    fileSizeLimitBytes: 104857600
+    retainedFileCountLimit_formula: "N * 7 (N = max rolls/day)"
+  ops_sop: investigate noise root cause at >= 90% size before raising cap
+
 quick_reference:
   level_selection:
     columns: [Question, Level]

package/bundled/ai/standards/packaging-standards.ai.yaml

@@ -12,8 +12,8 @@ standard:
     - "Pipeline-integrated: packaging runs between Review and Deploy in the adoption-layer pipeline"
 
   meta:
-    version: "1.0.0"
-    updated: "2026-04-15"
+    version: "1.1.0"
+    updated: "2026-05-26"
     source: core/packaging-standards.md
 
   principles:
@@ -135,6 +135,29 @@ recipe_selection_guide:
               yes: windows-installer
               no: custom-recipe-required
 
+archive_format_integrity:
+  rules:
+    - id: real_format_matches_extension
+      requirement: "A .zip file MUST be a real ZIP archive (PKZip magic PK\\x03\\x04). A renamed POSIX tar with .zip extension is forbidden."
+      priority: required
+    - id: verify_before_publish
+      requirement: "Packaging step MUST verify the produced archive's real format before declaring success."
+      priority: required
+      verification_examples:
+        zip_python: "python -c \"import zipfile; zipfile.ZipFile('out.zip').namelist()\""
+        zip_unix: "file out.zip  # expect 'Zip archive data', NOT 'POSIX tar archive'"
+        targz_unix: "tar -tzf out.tar.gz >/dev/null"
+    - id: windows_recipe_compliance
+      requirement: "On Windows, use PowerShell Compress-Archive or .NET ZipFile::CreateFromDirectory. Do NOT use git-bash 'tar -a -cf x.zip' — the auto-extension flag produces a POSIX tar archive."
+      priority: required
+      do_use:
+        - "Compress-Archive -Path 'publish\\*' -DestinationPath 'dist\\patch.zip' -Force"
+        - "[System.IO.Compression.ZipFile]::CreateFromDirectory(...)"
+      do_not_use:
+        - "tar -a -cf x.zip ...  # produces POSIX tar with .zip extension on Windows tar ports"
+  consumer_side_defense: "Producers cannot guarantee verification downstream. Deploy scripts MUST verify archive integrity before any destructive action — see deployment-standards Defensive Deployment Ordering."
+  failure_mode_reference: "PROD incident 2026-05-24: tar-renamed-to-.zip + Expand-Archive silent no-op + unconditional Remove-Item destroyed live install. ~3 minutes downtime."
+
 physical_spec:
   type: custom_script
   validator: