diff --git a/AFFIRMATION.adoc b/AFFIRMATION.adoc new file mode 100644 index 00000000..9a9f15ac --- /dev/null +++ b/AFFIRMATION.adoc @@ -0,0 +1,66 @@ +// SPDX-License-Identifier: MPL-2.0 +// SPDX-FileCopyrightText: 2026 Jonathan D.A. Jewell (hyperpolymath) +// +// NOTE: The hyperpolymath `standards` repo defines the canonical AFFIRMATION +// format; it was not reachable from this authoring session's scope, so this +// document follows A2ML / RSR conventions and should be reconciled against +// `standards` if the schema differs. += AFFIRMATION — hypatia +:affirmed-at: 2026-06-19T21:45Z +:affirmed-by: Claude (Opus 4.8) on behalf of Jonathan D.A. Jewell (hyperpolymath) + +As of *{affirmed-at}*, this repository affirms the following about its current +state and commitments. Companion detail: +`docs/status/estate-musts-intends-wishes-2026-06-19.md`. + +== We affirm (current normative state — MUST) + +* *Guix-only builds.* Nix is retired estate-wide (owner ruling 2026-06-05); + `guix.scm` / guix channels are the sole reproducible-build manifests. No + `flake.nix` remains; all references reconciled. +* *The formal-proof corpus verifies and is CI-gated* across Idris 2 (v0.7.0), + Lean 4 (v4.30.0) and TLA+ — zero escape hatches + (`believe_me` / `sorry` / `postulate` / `assert_total` / `admit` / + `native_decide`). One obligation remains open — neural-convergence + (PageRank + ESN) — blocked only on Mathlib network access; the handover is + at `docs/proofs/HANDOVER-neural-convergence.md`. +* *The hexadeca-connector wire contract cannot silently drift.* The Zig enum, + the Idris2 ABI and the Rust client are pinned to one golden source + (`ffi/connectors.json`) by `test/hexadeca_contract_test.exs` under + `mix test`. +* *Workflow hygiene.* Every runner job declares `timeout-minutes`; the + `workflow_audit` rule no longer false-positives reusable-workflow + (`uses:`) jobs. +* *SPDX `MPL-2.0` headers* on source files; SHA-pinned GitHub Actions; + HTTPS-only; no hardcoded secrets. + +== We intend (planned — INTEND) + +* Deploy *verisim-api* (the VeriSimDB Rust core) to unlock native + graph/vector/temporal modalities and let the hexadeca transport bodies be + fleshed out on demand. +* Ensure merged rule fixes reach *live* self-scans — the deployed scanner + currently lags `main` (issue #484). +* Triage the code-scanning alert backlog (#470, #369); deliver M13 SARIF, + M14 live GraphQL endpoint, M15 bearer-auth + persistent watcher. +* Carry the *merge-orchestration runtime*: the decision layer here, signed + `attest` verbs in gitbot-fleet, the pool actuator in `.git-private-farm`. + +== We wish (aspirational — WISH) + +* An Nx/EXLA neural backend if reservoir sizes outgrow pure Elixir. +* Cross-organisation federation with VCL drift policies. +* Bring the GitHub wikis to bleeding-edge (#482) and complete the + doc/contractile currency + rot sweep (#483). + +== Held (under coordinated realignment — not affirmed here) + +The `6a2` `STATE` / `META` / `ANCHOR` files and the `trust` / `intend` +contractiles + `bot_directives` are under the active merge-orchestration +realignment and are deliberately not re-attested in this document. + +== Provenance + +Affirmation authored {affirmed-at} by {affirmed-by}. The canonical +AFFIRMATION format lives in `hyperpolymath/standards`; reconcile this file +against it when that repo is in scope. diff --git a/docs/status/estate-musts-intends-wishes-2026-06-19.md b/docs/status/estate-musts-intends-wishes-2026-06-19.md new file mode 100644 index 00000000..4a6319e0 --- /dev/null +++ b/docs/status/estate-musts-intends-wishes-2026-06-19.md @@ -0,0 +1,68 @@ + + + +# Estate status — musts / intends / wishes + +**Snapshot:** 2026-06-19 (UTC) · authored by Claude (Opus 4.8) + +Framing: **must** = normative/blocking (hypatia's own rules are the estate norm) · **intend** = planned/in-flight · **wish** = aspirational. `READINESS.md` formally grades 6 bots (assessed 2026-04-04); the other 5 rows are from issues + the 2026-06 session and marked _(inferred)_. + +## Where we are + +Core three bots + coordinator are Grade B/Beta and operating estate-wide (1635 dispatches, 99% success). The 2026-06 session cleared the estate's Nix→Guix, CI-timeout, workflow_audit-FP and hexadeca-contract musts. The big live workstream is the merge-orchestration runtime (parallel session, now merged in hypatia). Remaining musts are mostly blocked on the owner. + +## hypatia — the normative anchor + +| MUST | INTEND | WISH | +|---|---|---| +| self-scan must run current rules — deployed scanner lags `main` (#484) · close `record_outcome` loop · neural-convergence proofs (#486, BLOCKED: Mathlib net) | deploy verisim-api · code-scanning backlog triage (#470/#369) · M13 SARIF / M14 GraphQL / M15 auth | Nx/EXLA backend · cross-org VCL federation · flesh out bebop/capnproto bodies on demand | +| ✅ this session: hexadeca contract drift-guarded (#510) + documented (#511); workflow_audit FPs fixed (#462); Guix-only; CI timeouts | | | + +## gitbot-fleet — whole + +| MUST | INTEND | WISH | +|---|---|---| +| triage 6 Dependabot alerts 1H/1M/4L (#278) · close `record_outcome` loop · dispatch PAT ✅ | consume Hypatia route/blast-radius metadata (#264) · LicensePolicy never-auto-execute (#253) · bots gain signed `attest` verbs | 29 `expect_in_hot_path` hygiene (#255) · SafeDOM standing recipe (#214) · promote C-grade bots to B | +| ✅ this session: Nix removed (#260/#262); findings-submissions documented; Bustfile (#261) | | | + +## each gitbot + +| Bot | Grade | MUST | INTEND | WISH | +|---|---|---|---|---| +| rhodibot (git ops) | B | keep 9/9 dispatch flows green | signed `attest` verb | — | +| echidnabot (quality/proofs) | B | — | consume typed `VerifyOutcome` (#245) | SDK packaging surface | +| sustainabot (eco/econ) | B | fix broken Cargo path dep on missing `bots/panic-attacker` (#246) | SafeDOM recipe (#214) · add `guix.scm` | — | +| glambot (aesthetic) | C | promote C→B (calibration) | apply suggestions systematically | richer visual analyzers | +| seambot (seams) | C | promote C→B | cross-repo seam data | — | +| finishingbot (completion) | C | promote C→B (calibration) | — | — | +| gsbot (Discord, Rust/SPARK) _(inf)_ | — | no Python ✅; Bronze RSR | add `guix.scm` | SPARK-verify `domain.rs` | +| cipherbot _(inf)_ | — | clear secret-FP in `analyzers/infra.rs` + `expect` hygiene (#207/#255) | — | — | +| accessibilitybot _(inf)_ | — | `expect_in_hot_path` hygiene (#255) | — | — | +| panicbot _(inf)_ | — | reach-classification correctness | consume patch-bridge registry (#358) | — | +| the-hotchocolabot _(inf)_ | — | it's a stub — needs real impl or status clarity | build out | — | + +## .git-private-farm — itself + +| MUST | INTEND | WISH | +|---|---|---| +| clear the GitHub Actions billing wall (blocks actuator) · receiver workflow for sha-bump propagation (#67) | pool-driven privileged merge actuator (P0–P3 + mass-squash) · guarded Hypatia fanout: canary/dedupe/kill-switch (#74) | auto-remediate mirror drift (#75) | +| ✅ this session: Nix removed (#71/#73); README dedup + k9 self-validating + Dust/Bust (#72) | | | + +## Common across the estate + +| Scope | MUST | INTEND | WISH | +|---|---|---|---| +| All 3 | Guix-only ✅ · SPDX headers · resolve held 6a2 STATE/META/ANCHOR + root-vs-`6a2/` layout (UNRESOLVED) | merge-orchestration runtime tier (hypatia=decision · fleet=attest · farm=actuator) + `.machine_readable` runtime tier · bot_directives redesign | wikis → bleeding-edge (#482) · README/EXPLAINME + contractile currency (#483) | +| ≥2 | `record_outcome` loop (hypatia+fleet) · dependency/CVE triage (fleet #278, hypatia #330) | doc-currency pass (#483) | rot/unused sweep (#483) | + +## Blocked on the owner + +- Deploy verisim-api (unblocks native modalities + connector bodies). +- Widen Mathlib allowlist or run local → proofs #486. +- Clear .git-private-farm Actions billing → farm actuator. +- Add `standards` + `rsr-template` to a session's scope → divergence audit #485. +- Delete 2 stale hypatia branches (`test/ci-codeql-hypatia`, `feat/sha-bump-propagation-rule-418`) → clears GS007. + +## Tracked issues + +hypatia #482 (wikis), #483 (doc/contractile/rot currency), #484 (scanner re-release), #485 (divergence, needs-owner), #486 (proofs, needs-network) · gitbot-fleet #278 (Dependabot triage).