recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

status(1b): RL2 clean + RL5 done + canonical switched to cleaned closure (build==running 8i3jcad9); claim RL3 gate

Browse Source 
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
autonomic-bot
2026-05-27 21:23:16 +01:00
parent 433ec9de30
commit c4b816683d
3 changed files with 79 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
BACKLOG-1b.md
View File

@ -20,10 +20,28 @@ Phase-namespaced backlog. Builder owns `## Build backlog`; Adversary owns `## Ad
to file. Recorded in JOURNAL-1b. Awaiting Adversary's own §3 pass #2 to confirm RL2.
### W2 — Re-verify + document (RL3/RL4)
- [ ] After W0+W1 land, request Adversary cold re-verification of all D1D10 (RL3).
- [ ] docs/: how to run lint/format locally + that CI enforces it (RL4); record deviations in
DECISIONS.md.
- [x] RL4 docs: README "Linting & formatting" (local + CI-enforced); architecture.md `nix/` layout;
decisions in DECISIONS.md (lint tooling, RL5/RL6).
- [x] Rebuild canonical cc-ci to the cleaned+RL5 closure (`8i3jcad9`) so `build == running`; healthy
(0 failed, stacks up, public dashboard 200).
- [ ] **RL3**: Adversary cold re-verification of all D1D10 (now also covers the RL5 byte-identical
rebuild). Gate claimed in STATUS-1b.
- [ ] On full PASS handshake, write `## DONE` to STATUS-1b.md.
### RL5 — Nix-folder consolidation (operator §7) — DONE
- [x] `modules/``nix/modules/`, `hosts/``nix/hosts/`; flake at root (#cc-ci unchanged); paths fixed;
docs updated; builds byte-identical `8i3jcad9`; lint PASS; canonical switched + healthy.
### RL6 — protocol files → machine-docs/ (operator §7) — DEFERRED (coordinated, LAST)
- [ ] `git mv STATUS*/REVIEW*/JOURNAL*/BACKLOG*/DECISIONS.md machine-docs/` (README stays root);
update refs. MUST be lockstep with orchestrator (launch.sh + watchdog restart). Do as the final
1b step; flag the orchestrator first. Not while a phase transition is pending.
### Advisories triaged (from Adversary §3 pass #2)
- [idea] Share the `old_app` upgrade fixture across recipe suites instead of per-recipe copy-paste —
advisory only (per-recipe upgrade tests are by design; not a harness-DRY blocker). Defer to Phase 2.
- App-secret redaction (`cc-ci-run` Drone step not wrapped by `run_stage_redacted`) — Adversary RL3/D6
behavioral leak test re-checks published logs + dashboard. Adversary-owned watch-item.
## Adversary findings
(empty — Adversary owns this section)