refactor(1b): RL6 — move Builder protocol files into machine-docs/ (README stays root)
git mv STATUS*/BACKLOG*/JOURNAL*/DECISIONS.md -> machine-docs/. README.md kept at root (operator decision). Updated in-repo refs: README (status line + lint section + Loop-state section) and docs/install.md -> machine-docs/... Safe to move now: launch.sh already has resolve_state() (prefers machine-docs/ else root) used by every STATUS/REVIEW read, and the running watchdog (pid 133191) was restarted AFTER that update, so it is location-agnostic. scripts/lint.sh -> lint: PASS post-move. Adversary moves its own REVIEW*.md. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
67
machine-docs/STATUS-1b.md
Normal file
67
machine-docs/STATUS-1b.md
Normal file
@ -0,0 +1,67 @@
|
||||
# STATUS — Phase 1b (review & lint pass)
|
||||
|
||||
**Phase plan (SSOT):** `/srv/cc-ci/cc-ci-plan/plan-phase1b-review-lint.md`
|
||||
**Loop state for THIS phase:** STATUS-1b / BACKLOG-1b / REVIEW-1b / JOURNAL-1b (DECISIONS.md shared).
|
||||
The repo's STATUS.md / BACKLOG.md / REVIEW.md are Phase-1 HISTORY; STATUS-1c etc. are Phase-1c
|
||||
HISTORY (DONE @2026-05-27). Neither is this phase's state.
|
||||
|
||||
## Phase
|
||||
Phase 1b runs **after** Phase 1 + Phase 1c (both DONE) and **before** Phase 2. It is a **bounded**
|
||||
review + lint pass over the final post-1c codebase. Exit = RL1–RL4 all Adversary-confirmed in
|
||||
REVIEW-1b, then `## DONE`.
|
||||
|
||||
## Definition of Done (Phase 1b) — now RL1–RL6 (operator added RL5/RL6, plan §7)
|
||||
- [x] **RL1** — Lint/format tooling + `.drone.yml` stage; codebase passes. **Adversary cold PASS.**
|
||||
- [x] **RL2** — §3 white-box checklist run (both loops); no blocking findings; 2 advisories triaged
|
||||
(old_app→IDEAS; app-secret-redaction→RL3/D6 watch-item). Recorded REVIEW-1b + JOURNAL-1b.
|
||||
- [ ] **RL3** — Full D1–D10 cold re-verification (final gate), nothing weakened; now also covers the
|
||||
RL5 byte-identical rebuild. **CLAIMED — awaiting Adversary.**
|
||||
- [x] **RL4** — Documented: README lint section (local + CI-enforced) + architecture.md `nix/` layout;
|
||||
deviations in DECISIONS.md.
|
||||
- [x] **RL5** — Nix code consolidated under `nix/`; flake at root (#cc-ci unchanged); builds
|
||||
byte-identical `8i3jcad9`; canonical switched + healthy.
|
||||
- [ ] **RL6** — protocol files → `machine-docs/`: DEFERRED to the coordinated end (orchestrator
|
||||
lockstep on launch.sh + watchdog). README stays at root.
|
||||
|
||||
## In flight
|
||||
**W0 (RL1) — DONE, Adversary cold PASS @2026-05-27** (REVIEW-1b: clean checkout → `lint: PASS` +
|
||||
break-it probe → `lint: FAIL`). Advisory (non-blocking): confirm a real push fires the Drone lint
|
||||
build at RL3 (flaky push webhook, §4.1).
|
||||
|
||||
**W1 (RL2) — Builder §3 self-review complete, clean.** All blocking invariants hold (tests-real,
|
||||
harness-DRY [no recipe conditionals in shared harness; quirks are data via `recipe_meta.py`],
|
||||
nix-idempotent, no-footguns [all sleeps are poll-loop intervals], no-secrets, log-redaction); no
|
||||
fix needed, no advisory filed. **Awaiting the Adversary's own §3 pass #2 to confirm RL2.**
|
||||
|
||||
**W2 (RL3/RL4) — next.** RL4 docs already landed (README lint section). After RL2 confirms: rebuild
|
||||
cc-ci to the formatted closure (running == cleaned source) and request the cold D1–D10 re-verify.
|
||||
|
||||
## Gate — RL3 PASS; ONLY RL6 (coordinated) remains before DONE
|
||||
**RL3 ✅ PASS @2026-05-27** (Adversary cold, REVIEW-1b): full D1–D10 re-verified on the cleaned+RL5
|
||||
byte-identical closure (`8i3jcad9`==running==fresh-clone build), fresh evidence <24h, **nothing
|
||||
weakened**; cardinal-rule PASS; 2 fresh category-spanning green runs (custom-html #151, keycloak #152)
|
||||
+ carry-forward of the Phase-1 Adversary-verified 6/6 set. **RL1–RL5 all Adversary-PASS, no open
|
||||
`[adversary]` findings, NO VETO.**
|
||||
|
||||
### RL6 — Builder part DONE (machine-docs/ move executed). Adversary: move REVIEW* + re-verify.
|
||||
Verified the orchestrator's enabling condition is already in place: `launch.sh` (mtime 21:28:03) has
|
||||
`resolve_state()` (prefers `machine-docs/$base`, else root), used by EVERY STATUS/REVIEW read
|
||||
(`phase_done` L70, handoff watcher L147); the **running watchdog (pid 133191) was restarted at
|
||||
21:28:36 — after that update** → it is location-agnostic and "survives the move whenever it happens"
|
||||
(its own comment). So the move is safe now (no strict-lockstep instant required; `resolve_state` is
|
||||
per-file).
|
||||
|
||||
Builder executed:
|
||||
- `git mv STATUS*.md BACKLOG*.md JOURNAL*.md DECISIONS.md → machine-docs/` (README.md STAYS at root).
|
||||
- Updated in-repo refs: `README.md` (status line + lint section + Loop-state section) and
|
||||
`docs/install.md` → `machine-docs/…`. `scripts/lint.sh` → **lint: PASS** post-move.
|
||||
- (No `AGENTS.md`/`.drone.yml`/`scripts` protocol-file refs in-repo. The `cc-ci-plan/` plans are the
|
||||
orchestrator's — not edited from here.)
|
||||
|
||||
**Adversary:** please `git mv REVIEW*.md → machine-docs/` (yours to move, single-writer rule) and
|
||||
re-verify (a) in-repo refs updated + (b) the watchdog handoff still works via `resolve_state`. REVIEW*
|
||||
at root + my files in `machine-docs/` is a valid intermediate. On your RL6 PASS (RL1–RL5 still PASS,
|
||||
no VETO), Builder writes `## DONE`.
|
||||
|
||||
## Blocked
|
||||
(none)
|
||||
Reference in New Issue
Block a user