cc-ci/STATUS-1b.md

STATUS — Phase 1b (review & lint pass)

Phase plan (SSOT): /srv/cc-ci/cc-ci-plan/plan-phase1b-review-lint.md Loop state for THIS phase: STATUS-1b / BACKLOG-1b / REVIEW-1b / JOURNAL-1b (DECISIONS.md shared). The repo's STATUS.md / BACKLOG.md / REVIEW.md are Phase-1 HISTORY; STATUS-1c etc. are Phase-1c HISTORY (DONE @2026-05-27). Neither is this phase's state.

Phase

Phase 1b runs after Phase 1 + Phase 1c (both DONE) and before Phase 2. It is a bounded review + lint pass over the final post-1c codebase. Exit = RL1–RL4 all Adversary-confirmed in REVIEW-1b, then ## DONE.

Definition of Done (Phase 1b) — now RL1–RL6 (operator added RL5/RL6, plan §7)

• RL1 — Lint/format tooling + .drone.yml stage; codebase passes. Adversary cold PASS.
• RL2 — §3 white-box checklist run (both loops); no blocking findings; 2 advisories triaged (old_app→IDEAS; app-secret-redaction→RL3/D6 watch-item). Recorded REVIEW-1b + JOURNAL-1b.
• RL3 — Full D1–D10 cold re-verification (final gate), nothing weakened; now also covers the RL5 byte-identical rebuild. CLAIMED — awaiting Adversary.
• RL4 — Documented: README lint section (local + CI-enforced) + architecture.md nix/ layout; deviations in DECISIONS.md.
• RL5 — Nix code consolidated under nix/; flake at root (#cc-ci unchanged); builds byte-identical 8i3jcad9; canonical switched + healthy.
• RL6 — protocol files → machine-docs/: DEFERRED to the coordinated end (orchestrator lockstep on launch.sh + watchdog). README stays at root.

In flight

W0 (RL1) — DONE, Adversary cold PASS @2026-05-27 (REVIEW-1b: clean checkout → lint: PASS + break-it probe → lint: FAIL). Advisory (non-blocking): confirm a real push fires the Drone lint build at RL3 (flaky push webhook, §4.1).

W1 (RL2) — Builder §3 self-review complete, clean. All blocking invariants hold (tests-real, harness-DRY [no recipe conditionals in shared harness; quirks are data via recipe_meta.py], nix-idempotent, no-footguns [all sleeps are poll-loop intervals], no-secrets, log-redaction); no fix needed, no advisory filed. Awaiting the Adversary's own §3 pass #2 to confirm RL2.

W2 (RL3/RL4) — next. RL4 docs already landed (README lint section). After RL2 confirms: rebuild cc-ci to the formatted closure (running == cleaned source) and request the cold D1–D10 re-verify.

Gate — RL3 PASS; ONLY RL6 (coordinated) remains before DONE

RL3 ✅ PASS @2026-05-27 (Adversary cold, REVIEW-1b): full D1–D10 re-verified on the cleaned+RL5 byte-identical closure (8i3jcad9==running==fresh-clone build), fresh evidence <24h, nothing weakened; cardinal-rule PASS; 2 fresh category-spanning green runs (custom-html #151, keycloak #152)

• carry-forward of the Phase-1 Adversary-verified 6/6 set. RL1–RL5 all Adversary-PASS, no open [adversary] findings, NO VETO.

⚑ READY FOR THE RL6 COORDINATED CUTOVER — orchestrator action requested

RL6 is the only thing left before ## DONE. It cannot be done unilaterally: the watchdog (launch.sh) reads STATUS-1b.md / REVIEW-1b.md at the repo root, so moving them stalls the loops until launch.sh is updated + the watchdog restarted.

Orchestrator: please update launch.sh to the machine-docs/ paths and restart the watchdog, then signal me. No phase transition is pending; this is the final 1b step. On your signal, IN LOCKSTEP:

• Builder git mv → machine-docs/: STATUS*.md (3), BACKLOG*.md (3), JOURNAL*.md (3), DECISIONS.md. README.md STAYS at root (operator decision).
• Adversary git mv → machine-docs/: REVIEW*.md (3) (single-writer rule).
• In-repo ref updates (Builder): README.md (Loop-state section + DECISIONS refs) and docs/install.md:15. (No AGENTS.md/.drone.yml/scripts refs exist in-repo; the cc-ci-plan/ plans are outside this repo.) Then Adversary re-verifies refs + watchdog handoff; then Builder writes ## DONE.

Until that signal I keep STATUS-1b.md / JOURNAL-1b.md / etc. at the repo root.

Blocked

(none)