ssot-contracts 0.2.20.dev1__tar.gz → 0.2.21.dev1__tar.gz

{ssot_contracts-0.2.20.dev1 → ssot_contracts-0.2.21.dev1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ssot-contracts
-Version: 0.2.20.dev1
+Version: 0.2.21.dev1
 Summary: Canonical schemas, templates, manifests, and generated Python contract artifacts for SSOT.
 Author-email: Jacob Stewart <jacob@swarmauri.com>
 License-Expression: Apache-2.0

{ssot_contracts-0.2.20.dev1 → ssot_contracts-0.2.21.dev1}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "ssot-contracts"
-version = "0.2.20.dev1"
+version = "0.2.21.dev1"
 description = "Canonical schemas, templates, manifests, and generated Python contract artifacts for SSOT."
 readme = "README.md"
 requires-python = ">=3.10,<3.15"

ssot_contracts-0.2.21.dev1/src/ssot_contracts/templates/adr/ADR-0601-features-are-targetable-units.yaml

@@ -0,0 +1,23 @@
+schema_version: "0.7.0"
+kind: "adr"
+id: "adr:0601"
+number: 601
+slug: "features-are-targetable-units"
+title: "Features are the targetable units"
+status: "draft"
+origin: "ssot-origin"
+decision_date: null
+tags: []
+summary: "Features are the only targetable implementation units. There is no separate `targets[]` section."
+supersedes: []
+superseded_by: []
+status_notes: []
+references: []
+body: |-
+  Features are the only targetable implementation units. There is no separate `targets[]` section.
+  
+  Because features are the targetable units, the default authoring path for new feature rows shall align with proof requirements. New `feature create` operations are expected to scaffold minimally valid proof-graph closure by default unless the operator explicitly disables that behavior.
+  
+  Feature inventory naming MAY use umbrella/leaf conventions when a repository needs grouped readability, but that convention is not a runtime dependency model. `feature.requires` is reserved for prerequisite features that must independently pass before the dependent feature can pass.
+  
+  Profiles remain the preferred grouped evaluation surface. Operators should not overload umbrella feature names to represent certification or bundle evaluation when a profile is the correct modeled unit.

{ssot_contracts-0.2.20.dev1 → ssot_contracts-0.2.21.dev1}/src/ssot_contracts/templates/adr/ADR-0627-feature-parent-links-are-inventory-composition.yaml

@@ -1,4 +1,4 @@
-schema_version: "0.6.0"
+schema_version: "0.7.0"
 kind: "adr"
 id: "adr:0627"
 number: 627
@@ -13,9 +13,9 @@ supersedes: []
 superseded_by: []
 status_notes:
   -
-    status: "accepted"
-    note: "Accepted as the modeling correction for umbrella and leaf feature inventories."
     at: "2026-05-19T22:26:32Z"
+    note: "Accepted as the modeling correction for umbrella and leaf feature inventories."
+    status: "accepted"
 references: []
 body: |-
   Decision: feature parent/leaf links are first-class inventory composition links, not readiness gates.
@@ -24,4 +24,6 @@ body: |-
   
   This decision preserves feature.requires as a passing prerequisite edge. Parent/leaf links organize the feature inventory and graph views only; they do not affect feature pass/fail, status synchronization, claim closure, profile evaluation, boundary freeze, certification, promotion, or publication.
   
+  Default proof-graph scaffolding during `feature create` does not change the meaning of parent links. It only changes the default authoring path. When an operator is creating an inventory-only umbrella parent, disabling the default scaffold is an explicit operator choice or repo-local policy choice; it is not implied automatically by the existence of `parent_feature_ids`.
+  
   Migration must add parent_feature_ids as an empty list to existing feature rows without inferring hierarchy from ids and without rewriting requires.

ssot_contracts-0.2.21.dev1/src/ssot_contracts/templates/adr/ADR-0628-ssot-mcp-cli-surface-delegation.yaml

@@ -0,0 +1,60 @@
+schema_version: "0.7.0"
+kind: "adr"
+id: "adr:0628"
+number: 628
+slug: "ssot-mcp-cli-surface-delegation"
+title: "SSOT MCP and CLI surfaces stay in parity"
+status: "draft"
+origin: "ssot-origin"
+decision_date: null
+tags: []
+summary: "Codex workers and other MCP clients need the same governed operational surface that exists in the `ssot-registry` CLI. A generic delegated CLI runner is useful, but parity is weaker if MCP clients cannot address the live CLI paths as first-class MCP tools."
+supersedes: []
+superseded_by: []
+status_notes:
+  -
+    at: "2026-05-20T16:21:19Z"
+    note: "Created to govern safe SSOT CLI delegation through ssot-mcp."
+    status: "draft"
+  -
+    status: "draft"
+    note: "Updated to require explicit CLI/MCP parity, mirrored MCP command-path tools, and drift enforcement."
+    at: "2026-05-22T00:44:55Z"
+references: []
+body: |-
+  ## Context
+  
+  Codex workers and other MCP clients need the same governed operational surface that exists in the `ssot-registry` CLI. A generic delegated CLI runner is useful, but parity is weaker if MCP clients cannot address the live CLI paths as first-class MCP tools.
+  
+  Workers must not hand-edit `.ssot/registry.json`, so MCP needs a safe compatibility layer that preserves the CLI surface while remaining transport-safe for help, version, and invalid-argument flows.
+  
+  ## Decision
+  
+  `ssot-mcp` SHALL maintain parity with the live `ssot-registry` CLI surface.
+  
+  That parity includes two layers:
+  
+  - discovery of the live CLI parser surface
+  - execution of that surface through MCP
+  
+  The MCP server SHALL continue to expose a generic delegated CLI execution tool, and it SHALL also expose mirrored MCP tools for the live CLI command paths so the MCP surface is not limited to a single catch-all runner.
+  
+  The discovery surface SHALL report:
+  
+  - global flags
+  - top-level commands
+  - subcommand paths
+  - flags by command path
+  - exact MCP tool names mapped to CLI paths
+  
+  Help, version, and invalid-argument parser exits SHALL be contained and returned as normal MCP tool results. They must not close the MCP transport.
+  
+  Dedicated structured MCP tools remain preferred for domain-native worker-control and registry CRUD operations, but CLI/MCP parity is a required compatibility guarantee rather than a best-effort fallback.
+  
+  ## Consequences
+  
+  MCP clients can invoke the governed CLI surface without shelling out and without hand-editing registry files.
+  
+  CLI evolution becomes an MCP contract concern: when the parser surface changes, mirrored MCP tool coverage and parity tests must change with it.
+  
+  The generic delegated runner remains useful, but parity is enforced by discovery, mirrored tool registration, and drift-detection tests rather than by convention alone.

ssot_contracts-0.2.21.dev1/src/ssot_contracts/templates/adr/ADR-0634-proof-graph-canonical-assurance-unit.yaml

@@ -0,0 +1,30 @@
+schema_version: "0.7.0"
+kind: "adr"
+id: "adr:0634"
+number: 634
+slug: "proof-graph-canonical-assurance-unit"
+title: "Proof Graph Is The Canonical Assurance Unit"
+status: "draft"
+origin: "ssot-origin"
+decision_date: null
+tags: []
+summary: "Summary"
+supersedes: []
+superseded_by: []
+status_notes:
+  -
+    status: "draft"
+    note: "Created to govern proof-graph-first assurance semantics after downstream MCP and certification closure work."
+    at: "2026-05-21T05:59:13Z"
+references: []
+body: |-
+  Summary
+  The governed assurance unit is a linked proof graph rather than any single row.
+  
+  Decision
+  A certifiable SSOT assertion shall be represented as a connected graph containing the target feature, tiered claims, verifying tests, supporting evidence, and any higher-tier certification context needed by guards.
+  
+  Implications
+  Operators may continue to edit rows individually, but registry truth, tier gates, and certification closure shall be evaluated against the connected graph.
+  Row-complete but graph-incomplete states shall not be treated as certified or honestly fully featured.
+  Future CLI and MCP surfaces shall prefer graph-valid materialization over ad hoc row creation that leaves partial invalid states.

ssot_contracts-0.2.21.dev1/src/ssot_contracts/templates/adr/ADR-0635-proof-graph-materialization-and-certification-closure.yaml

@@ -0,0 +1,33 @@
+schema_version: "0.7.0"
+kind: "adr"
+id: "adr:0635"
+number: 635
+slug: "proof-graph-materialization-and-certification-closure"
+title: "Proof Graph Materialization And Certification Closure"
+status: "draft"
+origin: "ssot-origin"
+decision_date: null
+tags: []
+summary: "Summary"
+supersedes: []
+superseded_by: []
+status_notes:
+  -
+    at: "2026-05-21T05:59:14Z"
+    note: "Created to govern operator materialization and higher-tier proof-graph closure flows."
+    status: "draft"
+references: []
+body: |-
+  Summary
+  Proof graphs shall be materializable and closable through supported operator workflows.
+  
+  Decision
+  The SSOT CLI and MCP surfaces shall support atomic or fail-closed materialization of a minimally valid proof graph and a repeatable closure workflow for higher-tier evidence, boundary context, release certification, and certification feedback propagation.
+  
+  A minimally valid create-time scaffold shall not collapse all scaffolded claim tiers onto one placeholder test row when multiple claim tiers are scaffolded. When a feature scaffold creates T0 and T1 claims, the scaffold shall create separate support tests for the T0 claim and the T1 claim. The same rule extends upward for higher scaffolded tiers.
+  
+  Implications
+  A user shall not need hidden row-order knowledge to author or close a valid proof graph.
+  T2 and T3 closure metadata, including robustness dimensions, source evidence links, and release context, shall be first-class operator inputs.
+  Release certification outcomes that satisfy claim-tier gates shall be reattachable to linked proof evidence without direct registry edits.
+  Default scaffold materialization shall preserve tier distinction in the test rows it creates, even when those scaffold tests remain placeholder tests rather than authored unit or integration semantics.

ssot_contracts-0.2.21.dev1/src/ssot_contracts/templates/adr/ADR-0636-feature-create-defaults-to-proof-graph-scaffolding.yaml

@@ -0,0 +1,33 @@
+schema_version: "0.7.0"
+kind: "adr"
+id: "adr:0636"
+number: 636
+slug: "feature-create-defaults-to-proof-graph-scaffolding"
+title: "Feature create defaults to proof-graph scaffolding"
+status: "draft"
+origin: "ssot-origin"
+decision_date: null
+tags: []
+summary: "Decision: `feature create` shall default to proof-graph scaffolding for new feature rows unless the operator explicitly disables that behavior."
+supersedes: []
+superseded_by: []
+status_notes:
+  -
+    at: "2026-05-24T10:51:51Z"
+    note: "Created to govern scaffold-first feature creation defaults and explicit opt-out behavior."
+    status: "draft"
+references: []
+body: |-
+  Decision: `feature create` shall default to proof-graph scaffolding for new feature rows unless the operator explicitly disables that behavior.
+  
+  `ssot-registry` already treats features as the targetable units and fail-closes when targeted or implemented features do not carry linked proof-chain closure. In practice, downstream operators repeatedly discover `feature create` before they discover the scaffold flows, then either hit validation failure or attach new work to an unrelated existing feature that already has claim and test closure. That behavior preserves validation but weakens traceability and encourages feature overloading.
+  
+  The default authoring path therefore shall align with the proof model instead of fighting it.
+  
+  When an operator creates a feature row through `feature create`, the command shall behave as though proof-graph scaffolding were requested unless an explicit CLI override or repo-local config setting disables it. The default scaffold shall create or link the minimally valid proof graph needed for a new governed feature row in the same transaction.
+  
+  When the scaffolded proof graph includes more than one claim tier, scaffold support shall remain tier-separated. At minimum, a scaffolded T0 claim shall receive its own scaffold test row and a scaffolded T1 claim shall receive its own scaffold test row. The scaffold is not required to label those tests as unit or integration tests, but it shall not collapse distinct scaffolded claim tiers onto one shared placeholder test row.
+  
+  This default does not change the meaning of `parent_feature_ids`, `feature.requires`, profiles, or claim tiers. It changes only the default creation behavior for feature rows so the first successful path matches the governed model.
+  
+  Inventory-only umbrella parents remain valid, but they are now an explicit opt-out case. Operators who are creating a non-targeted composition row may disable the default scaffold through CLI override or command-scoped repo-local config. The explicit opt-out keeps the fail-closed assurance model intact while making the common downstream path succeed by default.

{ssot_contracts-0.2.20.dev1 → ssot_contracts-0.2.21.dev1}/src/ssot_contracts/templates/adr/manifest.json

@@ -24,7 +24,7 @@
     "title": "Features are the targetable units",
     "filename": "ADR-0601-features-are-targetable-units.yaml",
     "target_path": ".ssot/adr/ADR-0601-features-are-targetable-units.yaml",
-    "sha256": "dcdc25c25b8b957c0913efbb056ba1d0456b3f94111df8976e433d85dc8270b6",
+    "sha256": "68c5ec6b68a2ae0c8b2523ac388bded26b3865843ffbb27d120f696573a67e11",
     "origin": "ssot-origin",
     "reservation_owner": "ssot-origin",
     "immutable": true,
@@ -474,7 +474,7 @@
     "title": "Feature parent links are inventory composition",
     "filename": "ADR-0627-feature-parent-links-are-inventory-composition.yaml",
     "target_path": ".ssot/adr/ADR-0627-feature-parent-links-are-inventory-composition.yaml",
-    "sha256": "4a2e2987a5221e4718526ce9dc036bbd0fb43dbfb4a51b16eec04bb41b040462",
+    "sha256": "f737baf8e7ef3131d02c9bd74cf698894438e7136dcb77a488c40a9b9c138eda",
     "origin": "ssot-origin",
     "reservation_owner": "ssot-origin",
     "immutable": true,
@@ -495,10 +495,10 @@
     "id": "adr:0628",
     "number": 628,
     "slug": "ssot-mcp-cli-surface-delegation",
-    "title": "SSOT MCP delegates the complete CLI surface safely",
+    "title": "SSOT MCP and CLI surfaces stay in parity",
     "filename": "ADR-0628-ssot-mcp-cli-surface-delegation.yaml",
     "target_path": ".ssot/adr/ADR-0628-ssot-mcp-cli-surface-delegation.yaml",
-    "sha256": "a3ca30d0bd5e9685d4cf6c07ace4ea1b83f0f3970cd67d32178e14e7b46243e7",
+    "sha256": "6c1146e7081ff8a97c246311fef9239e3dad4c49492034f338e33b2b901c62e0",
     "origin": "ssot-origin",
     "reservation_owner": "ssot-origin",
     "immutable": true,
@@ -512,6 +512,11 @@
         "at": "2026-05-20T16:21:19Z",
         "note": "Created to govern safe SSOT CLI delegation through ssot-mcp.",
         "status": "draft"
+      },
+      {
+        "at": "2026-05-22T00:44:55Z",
+        "note": "Updated to require explicit CLI/MCP parity, mirrored MCP command-path tools, and drift enforcement.",
+        "status": "draft"
       }
     ]
   },
@@ -628,5 +633,77 @@
     "supersedes": [],
     "superseded_by": [],
     "status_notes": []
+  },
+  {
+    "id": "adr:0634",
+    "number": 634,
+    "slug": "proof-graph-canonical-assurance-unit",
+    "title": "Proof Graph Is The Canonical Assurance Unit",
+    "filename": "ADR-0634-proof-graph-canonical-assurance-unit.yaml",
+    "target_path": ".ssot/adr/ADR-0634-proof-graph-canonical-assurance-unit.yaml",
+    "sha256": "d79f4e08ac8fe11b736e737c822d973fd55b8de9dd3f87aad71a8c5ff71bd669",
+    "origin": "ssot-origin",
+    "reservation_owner": "ssot-origin",
+    "immutable": true,
+    "minimum_schema_version": "0.7.0",
+    "introduced_in": "0.2.20",
+    "status": "draft",
+    "supersedes": [],
+    "superseded_by": [],
+    "status_notes": [
+      {
+        "at": "2026-05-21T05:59:13Z",
+        "note": "Created to govern proof-graph-first assurance semantics after downstream MCP and certification closure work.",
+        "status": "draft"
+      }
+    ]
+  },
+  {
+    "id": "adr:0635",
+    "number": 635,
+    "slug": "proof-graph-materialization-and-certification-closure",
+    "title": "Proof Graph Materialization And Certification Closure",
+    "filename": "ADR-0635-proof-graph-materialization-and-certification-closure.yaml",
+    "target_path": ".ssot/adr/ADR-0635-proof-graph-materialization-and-certification-closure.yaml",
+    "sha256": "d228b642bc6c3c84e293c821c480099b5256e62a7048c73830a62d34c36e8012",
+    "origin": "ssot-origin",
+    "reservation_owner": "ssot-origin",
+    "immutable": true,
+    "minimum_schema_version": "0.7.0",
+    "introduced_in": "0.2.20",
+    "status": "draft",
+    "supersedes": [],
+    "superseded_by": [],
+    "status_notes": [
+      {
+        "at": "2026-05-21T05:59:14Z",
+        "note": "Created to govern operator materialization and higher-tier proof-graph closure flows.",
+        "status": "draft"
+      }
+    ]
+  },
+  {
+    "id": "adr:0636",
+    "number": 636,
+    "slug": "feature-create-defaults-to-proof-graph-scaffolding",
+    "title": "Feature create defaults to proof-graph scaffolding",
+    "filename": "ADR-0636-feature-create-defaults-to-proof-graph-scaffolding.yaml",
+    "target_path": ".ssot/adr/ADR-0636-feature-create-defaults-to-proof-graph-scaffolding.yaml",
+    "sha256": "81b2744237e8f72d62cabc1ebf695c7fe2d39dd639d1e65d192c8668293d72bf",
+    "origin": "ssot-origin",
+    "reservation_owner": "ssot-origin",
+    "immutable": true,
+    "minimum_schema_version": "0.7.0",
+    "introduced_in": "0.2.20",
+    "status": "draft",
+    "supersedes": [],
+    "superseded_by": [],
+    "status_notes": [
+      {
+        "at": "2026-05-24T10:51:51Z",
+        "note": "Created to govern scaffold-first feature creation defaults and explicit opt-out behavior.",
+        "status": "draft"
+      }
+    ]
   }
 ]

{ssot_contracts-0.2.20.dev1 → ssot_contracts-0.2.21.dev1}/src/ssot_contracts/templates/specs/SPEC-0627-feature-parent-link-contract.yaml

@@ -1,4 +1,4 @@
-schema_version: "0.6.0"
+schema_version: "0.7.0"
 kind: "spec"
 id: "spc:0627"
 number: 627
@@ -13,9 +13,9 @@ supersedes: []
 superseded_by: []
 status_notes:
   -
-    status: "accepted"
-    note: "Accepted with ADR-0627 to separate inventory composition from prerequisite gating."
     at: "2026-05-19T22:26:45Z"
+    note: "Accepted with ADR-0627 to separate inventory composition from prerequisite gating."
+    status: "accepted"
 references: []
 body: |-
   ## Feature Row Contract
@@ -31,6 +31,8 @@ body: |-
   Validation and migration SHALL deduplicate and sort parent_feature_ids for deterministic output. Normal validation SHALL reject malformed values.
   
   Status synchronization, feature implementation evaluation, profile evaluation, boundary freeze, release certification, promotion, and publication SHALL ignore parent_feature_ids unless a later accepted ADR and SPEC define an explicit aggregate policy.
+  
+  Default proof-graph scaffolding for `feature create` SHALL NOT treat parent links as readiness edges and SHALL NOT infer that a row is non-targeted merely because it references or is referenced by `parent_feature_ids`. Disabling create-time scaffold for inventory-only umbrella rows is an explicit command or config choice.
 spec_kind: "normative"
 adr_ids:
   - "adr:0627"

{ssot_contracts-0.2.20.dev1 → ssot_contracts-0.2.21.dev1}/src/ssot_contracts/templates/specs/SPEC-0628-feature-parent-cli-contract.yaml

@@ -1,4 +1,4 @@
-schema_version: "0.6.0"
+schema_version: "0.7.0"
 kind: "spec"
 id: "spc:0628"
 number: 628
@@ -13,9 +13,9 @@ supersedes: []
 superseded_by: []
 status_notes:
   -
-    status: "accepted"
-    note: "Accepted with ADR-0627 to define bulk parent and child command behavior."
     at: "2026-05-19T22:26:59Z"
+    note: "Accepted with ADR-0627 to define bulk parent and child command behavior."
+    status: "accepted"
 references: []
 body: |-
   ## CLI Contract
@@ -34,6 +34,8 @@ body: |-
   Every bulk mutation SHALL resolve all referenced ids, apply changes in memory, deduplicate and sort parent ids, check missing references, self-parenting, and cycles, validate the full registry, and save once. If any row fails validation, the operation SHALL fail atomically without partial writes.
   
   CLI help and examples SHALL state that parent links are inventory composition only and SHALL NOT be used as a substitute for feature.requires prerequisite gates.
+  
+  CLI help and examples for `feature create` SHALL also state that proof-graph scaffolding is enabled by default, and that inventory-only umbrella creation is an explicit opt-out workflow via CLI override or repo-local config.
 spec_kind: "normative"
 adr_ids:
   - "adr:0627"

ssot_contracts-0.2.21.dev1/src/ssot_contracts/templates/specs/SPEC-0629-ssot-mcp-cli-surface-contract.yaml

@@ -0,0 +1,96 @@
+schema_version: "0.7.0"
+kind: "spec"
+id: "spc:0629"
+number: 629
+slug: "ssot-mcp-cli-surface-contract"
+title: "SSOT MCP and CLI surface parity contract"
+status: "draft"
+origin: "ssot-origin"
+decision_date: null
+tags: []
+summary: "Define the SSOT MCP contract for keeping the live `ssot-registry` CLI surface and the SSOT MCP tool surface in parity."
+supersedes: []
+superseded_by: []
+status_notes:
+  -
+    at: "2026-05-20T16:21:38Z"
+    note: "Created to define full SSOT CLI delegation through ssot-mcp."
+    status: "draft"
+  -
+    status: "draft"
+    note: "Updated to require discoverable mirrored MCP CLI-path tools and parity drift enforcement."
+    at: "2026-05-22T00:45:11Z"
+references: []
+body: |-
+  ## Purpose
+  
+  Define the SSOT MCP contract for keeping the live `ssot-registry` CLI surface and the SSOT MCP tool surface in parity.
+  
+  ## Required MCP Tools
+  
+  `get_ssot_cli_surface` SHALL return:
+  
+  - `passed`
+  - `global_flags`
+  - `top_level_commands`
+  - `subcommand_paths`
+  - `flags_by_path`
+  - `root_tool_name`
+  - `tool_name_by_path`
+  
+  `run_ssot_cli` SHALL accept argv tokens after `ssot-registry` and SHALL support:
+  
+  - global flags
+  - top-level commands
+  - command flags
+  - subcommands
+  - subcommand flags
+  - help requests
+  - version requests
+  - invalid-argument requests
+  
+  ## Mirrored CLI Path Tools
+  
+  `ssot-mcp` SHALL register a root CLI MCP tool and mirrored MCP tools for the live CLI command paths.
+  
+  The root tool SHALL support full delegated argv execution.
+  
+  Each mirrored path tool SHALL:
+  
+  - map to exactly one live CLI command path
+  - accept root/global flags separately from path-local flags and positional arguments
+  - execute through the same safe in-process CLI delegation path
+  
+  ## Execution Result Contract
+  
+  Mirrored CLI path tools and `run_ssot_cli` SHALL return a structured result with:
+  
+  - `passed`
+  - `exit_code`
+  - `args`
+  - `output`
+  - `stdout`
+  - `stderr`
+  
+  If stdout is JSON, `output` SHOULD contain the parsed JSON payload. If stdout is not JSON, `output` MAY contain the raw stdout text.
+  
+  ## Parser Exit Containment
+  
+  The MCP server SHALL catch CLI parser exits, including argparse `SystemExit`, and return them as normal tool results. Help, version, and invalid-argument flows SHALL NOT close the MCP transport.
+  
+  ## Repository Resolution
+  
+  When `ssot-mcp` is pinned to a repository, delegated CLI execution SHALL run against the pinned repository unless an explicit different repo is rejected by policy. In explicit repo-per-call mode, non-metadata CLI operations SHALL require a repo argument. Metadata-only operations such as help, version, and CLI surface discovery MAY run without a repo.
+  
+  ## Drift Detection
+  
+  Parity SHALL be enforced by tests that compare the live CLI parser surface with the exposed MCP discovery and mirrored MCP tool registration.
+  
+  If a live CLI command path or flag is added, removed, or renamed, MCP parity tests SHALL fail until the MCP surface is updated to match.
+  
+  ## Mutation Notification
+  
+  Successful delegated CLI operations that can mutate registry state SHOULD emit a `registry_updated` event so workers can refresh context.
+spec_kind: "operational"
+adr_ids:
+  - "adr:0628"

ssot_contracts-0.2.21.dev1/src/ssot_contracts/templates/specs/SPEC-0633-targeted-scaffold-repair-contract.yaml

@@ -0,0 +1,32 @@
+schema_version: "0.7.0"
+kind: "spec"
+id: "spc:0633"
+number: 633
+slug: "targeted-scaffold-repair-contract"
+title: "Targeted scaffold repair contract"
+status: "draft"
+origin: "ssot-origin"
+decision_date: null
+tags: []
+summary: "This specification defines targeted scaffold repair. `scaffold_target_claim_wiring` SHALL compare baseline validation failures against post-repair validation failures. The repair MAY persist when no new validation failures are introduced, even if baseline validation remains dirty. Responses SHALL expose `validation_clean`, `baseline_validation`, `validation`, and `new_validation_failures`."
+supersedes: []
+superseded_by: []
+status_notes:
+  -
+    at: "2026-05-20T17:45:22Z"
+    note: "Created to govern SSOT MCP scoped repair and worker maturation behavior."
+    status: "draft"
+references: []
+body: |-
+  This specification defines targeted scaffold repair. `scaffold_target_claim_wiring` SHALL compare baseline validation failures against post-repair validation failures. The repair MAY persist when no new validation failures are introduced, even if baseline validation remains dirty. Responses SHALL expose `validation_clean`, `baseline_validation`, `validation`, and `new_validation_failures`.
+  
+  The same scaffold semantics SHALL remain compatible with create-time proof-graph materialization. Repair-time scaffold and create-time scaffold may be reached through different command surfaces, but they SHALL produce proof-graph closure that obeys the same validation and no-new-failures discipline.
+  
+  When scaffold materialization produces multiple claim tiers for one feature, it SHALL materialize separate scaffold test rows for each scaffolded claim tier. A scaffolded T0 claim SHALL link to a T0 scaffold test row, and a scaffolded T1 claim SHALL link to a distinct T1 scaffold test row. The same tier-separated rule extends to higher scaffolded tiers.
+  
+  These scaffold tests MAY remain placeholder tests and do not need to declare authored runtime semantics such as unit versus integration. However, scaffold responses and persisted rows SHALL preserve tier distinction directly in the created `test_ids` and test paths. Shared scaffold evidence MAY still aggregate across the scaffolded claim tiers as long as claim-to-test support remains tier-separated.
+spec_kind: "operational"
+adr_ids:
+  - "adr:0632"
+  - "adr:0635"
+  - "adr:0636"

ssot_contracts-0.2.21.dev1/src/ssot_contracts/templates/specs/SPEC-0636-proof-graph-assurance-contract.yaml

@@ -0,0 +1,38 @@
+schema_version: "0.7.0"
+kind: "spec"
+id: "spc:0636"
+number: 636
+slug: "proof-graph-assurance-contract"
+title: "Proof Graph Assurance Contract"
+status: "draft"
+origin: "ssot-origin"
+decision_date: null
+tags: []
+summary: "Scope"
+supersedes: []
+superseded_by: []
+status_notes:
+  -
+    status: "draft"
+    note: "Created to define the connected proof-graph contract and tier semantics."
+    at: "2026-05-21T05:59:16Z"
+references: []
+body: |-
+  Scope
+  This SPEC defines the proof-graph contract for SSOT assurance closure.
+  
+  Required nodes
+  A valid proof graph contains at minimum a feature, one or more claims, one or more tests, and one or more evidence rows linked transitively and reciprocally according to registry rules.
+  
+  Tier semantics
+  T1 requires passing linked tests and passed evidence at or above T1.
+  T2 additionally requires declared robustness dimensions and explicit source T1 evidence lineage.
+  T3 additionally requires release context, boundary context, and a passing certification guard result that can be read from linked evidence context.
+  
+  Operator expectations
+  Graph-valid materialization shall create a minimally valid linked subgraph in one supported transaction.
+  Graph evaluation shall fail closed when required nodes, links, artifacts, or tier metadata are missing.
+spec_kind: "normative"
+adr_ids:
+  - "adr:0634"
+  - "adr:0635"

ssot_contracts-0.2.21.dev1/src/ssot_contracts/templates/specs/SPEC-0637-proof-graph-materialization-and-certification-flow.yaml

@@ -0,0 +1,35 @@
+schema_version: "0.7.0"
+kind: "spec"
+id: "spc:0637"
+number: 637
+slug: "proof-graph-materialization-and-certification-flow"
+title: "Proof Graph Materialization And Certification Flow"
+status: "draft"
+origin: "ssot-origin"
+decision_date: null
+tags: []
+summary: "Scope"
+supersedes: []
+superseded_by: []
+status_notes:
+  -
+    status: "draft"
+    note: "Created to define supported CLI and MCP proof-graph operator flows."
+    at: "2026-05-21T05:59:17Z"
+references: []
+body: |-
+  Scope
+  This SPEC defines the operator flow for proof-graph materialization and certification closure.
+  
+  Materialization flow
+  A supported command shall be able to create a target feature together with linked claims, tests, and evidence scaffolding without deadlocking on immediate validation.
+  
+  Closure flow
+  A supported command shall be able to materialize T1 source evidence, enrich higher-tier evidence metadata, create or select scoped boundary and release context, certify the release, and persist certification feedback back into linked proof evidence.
+  
+  Idempotency and failure behavior
+  Repeated runs shall converge without duplicate graph members.
+  Failures shall leave the registry in a graph-valid or explicitly incomplete state with actionable reasons rather than silent partial closure.
+spec_kind: "operational"
+adr_ids:
+  - "adr:0635"

ssot_contracts-0.2.21.dev1/src/ssot_contracts/templates/specs/SPEC-0638-feature-create-default-proof-scaffold-contract.yaml

@@ -0,0 +1,44 @@
+schema_version: "0.7.0"
+kind: "spec"
+id: "spc:0638"
+number: 638
+slug: "feature-create-default-proof-scaffold-contract"
+title: "Feature create default proof scaffold contract"
+status: "draft"
+origin: "ssot-origin"
+decision_date: null
+tags: []
+summary: "`feature create` SHALL default to proof-graph scaffolding for new feature rows unless an explicit CLI override or effective repo-local config disables that behavior."
+supersedes: []
+superseded_by: []
+status_notes:
+  -
+    at: "2026-05-24T10:52:03Z"
+    note: "Created to govern default proof-graph scaffolding during feature creation."
+    status: "draft"
+references: []
+body: |-
+  ## Contract
+  
+  `feature create` SHALL default to proof-graph scaffolding for new feature rows unless an explicit CLI override or effective repo-local config disables that behavior.
+  
+  The default scaffold SHALL create or link the minimally valid claim, test, and evidence graph required for a governed feature row in the same transaction as feature creation. The command SHALL validate and save atomically.
+  
+  CLI precedence SHALL be:
+  1. explicit `--auto-scaffold-proof-graph` or `--no-auto-scaffold-proof-graph`
+  2. command-scoped repo-local config for feature creation
+  3. global repo-local config
+  4. built-in default
+  
+  The built-in default SHALL be scaffold enabled.
+  
+  The command SHALL expose an auditable result that makes clear when proof-graph scaffolding occurred, what ids were created or linked, and what files were materialized.
+  
+  Repositories MAY disable the default through repo-local config for narrow workflows such as inventory-only umbrella-parent creation, but such policy does not change the canonical meaning of features, parent links, profiles, claims, tests, or evidence.
+  
+  Repeated scaffolded creation attempts against an unchanged target SHALL be idempotent or fail cleanly without duplicating stable rows.
+spec_kind: "operational"
+adr_ids:
+  - "adr:0601"
+  - "adr:0627"
+  - "adr:0636"