30 lines
1.5 KiB
Markdown
30 lines
1.5 KiB
Markdown
# BACKLOG — Phase 1b (review & lint pass)
|
||
|
||
Phase-namespaced backlog. Builder owns `## Build backlog`; Adversary owns `## Adversary findings`.
|
||
|
||
## Build backlog
|
||
|
||
### W0 — Tooling + format (RL1) — DONE (Adversary PASS @2026-05-27)
|
||
- [x] Add lint tooling to the flake: a `lint` devshell (nixpkgs-fmt, statix, deadnix, ruff,
|
||
shellcheck, shfmt, yamllint) built from the pinned nixpkgs.
|
||
- [x] Add a `lint` entrypoint script (`scripts/lint.sh`) with check + `--fix` modes; tool configs
|
||
(ruff, yamllint, etc.).
|
||
- [x] Auto-format the codebase (nix + python + shell).
|
||
- [x] Fix remaining lint findings (statix/deadnix/ruff-lint/shellcheck) without weakening any test.
|
||
- [x] Wire a `lint` stage into `.drone.yml` (push event); verified green from a clean checkout
|
||
(Adversary cold PASS + break-it probe).
|
||
|
||
### W1 — Review checklist + fixes (RL2)
|
||
- [x] Run the §3 white-box checklist (Builder side): all blocking invariants hold (tests-real,
|
||
harness-DRY, nix-idempotent, no-footguns, no-secrets, log-redaction); no fix needed; no advisory
|
||
to file. Recorded in JOURNAL-1b. Awaiting Adversary's own §3 pass #2 to confirm RL2.
|
||
|
||
### W2 — Re-verify + document (RL3/RL4)
|
||
- [ ] After W0+W1 land, request Adversary cold re-verification of all D1–D10 (RL3).
|
||
- [ ] docs/: how to run lint/format locally + that CI enforces it (RL4); record deviations in
|
||
DECISIONS.md.
|
||
- [ ] On full PASS handshake, write `## DONE` to STATUS-1b.md.
|
||
|
||
## Adversary findings
|
||
(empty — Adversary owns this section)
|