From ce1492956eebbad9ad65f5e40fce0852b4e0e2ec Mon Sep 17 00:00:00 2001 From: "Jonathan D.A. Jewell" <6759885+hyperpolymath@users.noreply.github.com> Date: Fri, 19 Jun 2026 22:41:20 +0100 Subject: [PATCH 1/3] docs: estate musts/intends/wishes snapshot + AFFIRMATION.adoc (2026-06-18) Stores the per-entity must/intend/wish status detail (hypatia, gitbot-fleet whole + each bot, .git-private-farm, and cross-estate commonalities) at docs/status/estate-musts-intends-wishes-2026-06-18.md, and adds a timestamped AFFIRMATION.adoc following A2ML/RSR conventions (to be reconciled against the standards repo's canonical format when in scope). Leaves held 6a2 STATE/META/ANCHOR untouched. https://claude.ai/code/session_016R5WsMHtpnD8bmrkjFNFmg --- AFFIRMATION.adoc | 66 ++++++++++++++++++ .../estate-musts-intends-wishes-2026-06-18.md | 68 +++++++++++++++++++ 2 files changed, 134 insertions(+) create mode 100644 AFFIRMATION.adoc create mode 100644 docs/status/estate-musts-intends-wishes-2026-06-18.md diff --git a/AFFIRMATION.adoc b/AFFIRMATION.adoc new file mode 100644 index 00000000..7a4e616c --- /dev/null +++ b/AFFIRMATION.adoc @@ -0,0 +1,66 @@ +// SPDX-License-Identifier: MPL-2.0 +// SPDX-FileCopyrightText: 2026 Jonathan D.A. Jewell (hyperpolymath) +// +// NOTE: The hyperpolymath `standards` repo defines the canonical AFFIRMATION +// format; it was not reachable from this authoring session's scope, so this +// document follows A2ML / RSR conventions and should be reconciled against +// `standards` if the schema differs. += AFFIRMATION — hypatia +:affirmed-at: 2026-06-18T18:00Z +:affirmed-by: Claude (Opus 4.8) on behalf of Jonathan D.A. Jewell (hyperpolymath) + +As of *{affirmed-at}*, this repository affirms the following about its current +state and commitments. Companion detail: +`docs/status/estate-musts-intends-wishes-2026-06-18.md`. + +== We affirm (current normative state — MUST) + +* *Guix-only builds.* Nix is retired estate-wide (owner ruling 2026-06-05); + `guix.scm` / guix channels are the sole reproducible-build manifests. No + `flake.nix` remains; all references reconciled. +* *The formal-proof corpus verifies and is CI-gated* across Idris 2 (v0.7.0), + Lean 4 (v4.30.0) and TLA+ — zero escape hatches + (`believe_me` / `sorry` / `postulate` / `assert_total` / `admit` / + `native_decide`). One obligation remains open — neural-convergence + (PageRank + ESN) — blocked only on Mathlib network access; the handover is + at `docs/proofs/HANDOVER-neural-convergence.md`. +* *The hexadeca-connector wire contract cannot silently drift.* The Zig enum, + the Idris2 ABI and the Rust client are pinned to one golden source + (`ffi/connectors.json`) by `test/hexadeca_contract_test.exs` under + `mix test`. +* *Workflow hygiene.* Every runner job declares `timeout-minutes`; the + `workflow_audit` rule no longer false-positives reusable-workflow + (`uses:`) jobs. +* *SPDX `MPL-2.0` headers* on source files; SHA-pinned GitHub Actions; + HTTPS-only; no hardcoded secrets. + +== We intend (planned — INTEND) + +* Deploy *verisim-api* (the VeriSimDB Rust core) to unlock native + graph/vector/temporal modalities and let the hexadeca transport bodies be + fleshed out on demand. +* Ensure merged rule fixes reach *live* self-scans — the deployed scanner + currently lags `main` (issue #484). +* Triage the code-scanning alert backlog (#470, #369); deliver M13 SARIF, + M14 live GraphQL endpoint, M15 bearer-auth + persistent watcher. +* Carry the *merge-orchestration runtime*: the decision layer here, signed + `attest` verbs in gitbot-fleet, the pool actuator in `.git-private-farm`. + +== We wish (aspirational — WISH) + +* An Nx/EXLA neural backend if reservoir sizes outgrow pure Elixir. +* Cross-organisation federation with VCL drift policies. +* Bring the GitHub wikis to bleeding-edge (#482) and complete the + doc/contractile currency + rot sweep (#483). + +== Held (under coordinated realignment — not affirmed here) + +The `6a2` `STATE` / `META` / `ANCHOR` files and the `trust` / `intend` +contractiles + `bot_directives` are under the active merge-orchestration +realignment and are deliberately not re-attested in this document. + +== Provenance + +Affirmation authored {affirmed-at} by {affirmed-by}. The canonical +AFFIRMATION format lives in `hyperpolymath/standards`; reconcile this file +against it when that repo is in scope. diff --git a/docs/status/estate-musts-intends-wishes-2026-06-18.md b/docs/status/estate-musts-intends-wishes-2026-06-18.md new file mode 100644 index 00000000..8e111123 --- /dev/null +++ b/docs/status/estate-musts-intends-wishes-2026-06-18.md @@ -0,0 +1,68 @@ + + + +# Estate status — musts / intends / wishes + +**Snapshot:** 2026-06-18 (UTC) · authored by Claude (Opus 4.8) + +Framing: **must** = normative/blocking (hypatia's own rules are the estate norm) · **intend** = planned/in-flight · **wish** = aspirational. `READINESS.md` formally grades 6 bots (assessed 2026-04-04); the other 5 rows are from issues + the 2026-06 session and marked _(inferred)_. + +## Where we are + +Core three bots + coordinator are Grade B/Beta and operating estate-wide (1635 dispatches, 99% success). The 2026-06 session cleared the estate's Nix→Guix, CI-timeout, workflow_audit-FP and hexadeca-contract musts. The big live workstream is the merge-orchestration runtime (parallel session, now merged in hypatia). Remaining musts are mostly blocked on the owner. + +## hypatia — the normative anchor + +| MUST | INTEND | WISH | +|---|---|---| +| self-scan must run current rules — deployed scanner lags `main` (#484) · close `record_outcome` loop · neural-convergence proofs (#486, BLOCKED: Mathlib net) | deploy verisim-api · code-scanning backlog triage (#470/#369) · M13 SARIF / M14 GraphQL / M15 auth | Nx/EXLA backend · cross-org VCL federation · flesh out bebop/capnproto bodies on demand | +| ✅ this session: hexadeca contract drift-guarded (#510) + documented (#511); workflow_audit FPs fixed (#462); Guix-only; CI timeouts | | | + +## gitbot-fleet — whole + +| MUST | INTEND | WISH | +|---|---|---| +| triage 6 Dependabot alerts 1H/1M/4L (#278) · close `record_outcome` loop · dispatch PAT ✅ | consume Hypatia route/blast-radius metadata (#264) · LicensePolicy never-auto-execute (#253) · bots gain signed `attest` verbs | 29 `expect_in_hot_path` hygiene (#255) · SafeDOM standing recipe (#214) · promote C-grade bots to B | +| ✅ this session: Nix removed (#260/#262); findings-submissions documented; Bustfile (#261) | | | + +## each gitbot + +| Bot | Grade | MUST | INTEND | WISH | +|---|---|---|---|---| +| rhodibot (git ops) | B | keep 9/9 dispatch flows green | signed `attest` verb | — | +| echidnabot (quality/proofs) | B | — | consume typed `VerifyOutcome` (#245) | SDK packaging surface | +| sustainabot (eco/econ) | B | fix broken Cargo path dep on missing `bots/panic-attacker` (#246) | SafeDOM recipe (#214) · add `guix.scm` | — | +| glambot (aesthetic) | C | promote C→B (calibration) | apply suggestions systematically | richer visual analyzers | +| seambot (seams) | C | promote C→B | cross-repo seam data | — | +| finishingbot (completion) | C | promote C→B (calibration) | — | — | +| gsbot (Discord, Rust/SPARK) _(inf)_ | — | no Python ✅; Bronze RSR | add `guix.scm` | SPARK-verify `domain.rs` | +| cipherbot _(inf)_ | — | clear secret-FP in `analyzers/infra.rs` + `expect` hygiene (#207/#255) | — | — | +| accessibilitybot _(inf)_ | — | `expect_in_hot_path` hygiene (#255) | — | — | +| panicbot _(inf)_ | — | reach-classification correctness | consume patch-bridge registry (#358) | — | +| the-hotchocolabot _(inf)_ | — | it's a stub — needs real impl or status clarity | build out | — | + +## .git-private-farm — itself + +| MUST | INTEND | WISH | +|---|---|---| +| clear the GitHub Actions billing wall (blocks actuator) · receiver workflow for sha-bump propagation (#67) | pool-driven privileged merge actuator (P0–P3 + mass-squash) · guarded Hypatia fanout: canary/dedupe/kill-switch (#74) | auto-remediate mirror drift (#75) | +| ✅ this session: Nix removed (#71/#73); README dedup + k9 self-validating + Dust/Bust (#72) | | | + +## Common across the estate + +| Scope | MUST | INTEND | WISH | +|---|---|---|---| +| All 3 | Guix-only ✅ · SPDX headers · resolve held 6a2 STATE/META/ANCHOR + root-vs-`6a2/` layout (UNRESOLVED) | merge-orchestration runtime tier (hypatia=decision · fleet=attest · farm=actuator) + `.machine_readable` runtime tier · bot_directives redesign | wikis → bleeding-edge (#482) · README/EXPLAINME + contractile currency (#483) | +| ≥2 | `record_outcome` loop (hypatia+fleet) · dependency/CVE triage (fleet #278, hypatia #330) | doc-currency pass (#483) | rot/unused sweep (#483) | + +## Blocked on the owner + +- Deploy verisim-api (unblocks native modalities + connector bodies). +- Widen Mathlib allowlist or run local → proofs #486. +- Clear .git-private-farm Actions billing → farm actuator. +- Add `standards` + `rsr-template` to a session's scope → divergence audit #485. +- Delete 2 stale hypatia branches (`test/ci-codeql-hypatia`, `feat/sha-bump-propagation-rule-418`) → clears GS007. + +## Tracked issues + +hypatia #482 (wikis), #483 (doc/contractile/rot currency), #484 (scanner re-release), #485 (divergence, needs-owner), #486 (proofs, needs-network) · gitbot-fleet #278 (Dependabot triage). From b2f3a86d623cda1388d70ab9ab0e5c6376918d4d Mon Sep 17 00:00:00 2001 From: "Jonathan D.A. Jewell" <6759885+hyperpolymath@users.noreply.github.com> Date: Fri, 19 Jun 2026 22:44:45 +0100 Subject: [PATCH 2/3] docs: correct snapshot/affirmation date to 2026-06-19 (was 06-18) The authoring session's wall-clock is 2026-06-19; corrects AFFIRMATION.adoc :affirmed-at: and the status-doc snapshot date, and renames the status doc to match. (The 2026-06-18-named file is removed in a follow-up.) https://claude.ai/code/session_016R5WsMHtpnD8bmrkjFNFmg --- AFFIRMATION.adoc | 4 +- .../estate-musts-intends-wishes-2026-06-19.md | 68 +++++++++++++++++++ 2 files changed, 70 insertions(+), 2 deletions(-) create mode 100644 docs/status/estate-musts-intends-wishes-2026-06-19.md diff --git a/AFFIRMATION.adoc b/AFFIRMATION.adoc index 7a4e616c..9a9f15ac 100644 --- a/AFFIRMATION.adoc +++ b/AFFIRMATION.adoc @@ -6,12 +6,12 @@ // document follows A2ML / RSR conventions and should be reconciled against // `standards` if the schema differs. = AFFIRMATION — hypatia -:affirmed-at: 2026-06-18T18:00Z +:affirmed-at: 2026-06-19T21:45Z :affirmed-by: Claude (Opus 4.8) on behalf of Jonathan D.A. Jewell (hyperpolymath) As of *{affirmed-at}*, this repository affirms the following about its current state and commitments. Companion detail: -`docs/status/estate-musts-intends-wishes-2026-06-18.md`. +`docs/status/estate-musts-intends-wishes-2026-06-19.md`. == We affirm (current normative state — MUST) diff --git a/docs/status/estate-musts-intends-wishes-2026-06-19.md b/docs/status/estate-musts-intends-wishes-2026-06-19.md new file mode 100644 index 00000000..4a6319e0 --- /dev/null +++ b/docs/status/estate-musts-intends-wishes-2026-06-19.md @@ -0,0 +1,68 @@ + + + +# Estate status — musts / intends / wishes + +**Snapshot:** 2026-06-19 (UTC) · authored by Claude (Opus 4.8) + +Framing: **must** = normative/blocking (hypatia's own rules are the estate norm) · **intend** = planned/in-flight · **wish** = aspirational. `READINESS.md` formally grades 6 bots (assessed 2026-04-04); the other 5 rows are from issues + the 2026-06 session and marked _(inferred)_. + +## Where we are + +Core three bots + coordinator are Grade B/Beta and operating estate-wide (1635 dispatches, 99% success). The 2026-06 session cleared the estate's Nix→Guix, CI-timeout, workflow_audit-FP and hexadeca-contract musts. The big live workstream is the merge-orchestration runtime (parallel session, now merged in hypatia). Remaining musts are mostly blocked on the owner. + +## hypatia — the normative anchor + +| MUST | INTEND | WISH | +|---|---|---| +| self-scan must run current rules — deployed scanner lags `main` (#484) · close `record_outcome` loop · neural-convergence proofs (#486, BLOCKED: Mathlib net) | deploy verisim-api · code-scanning backlog triage (#470/#369) · M13 SARIF / M14 GraphQL / M15 auth | Nx/EXLA backend · cross-org VCL federation · flesh out bebop/capnproto bodies on demand | +| ✅ this session: hexadeca contract drift-guarded (#510) + documented (#511); workflow_audit FPs fixed (#462); Guix-only; CI timeouts | | | + +## gitbot-fleet — whole + +| MUST | INTEND | WISH | +|---|---|---| +| triage 6 Dependabot alerts 1H/1M/4L (#278) · close `record_outcome` loop · dispatch PAT ✅ | consume Hypatia route/blast-radius metadata (#264) · LicensePolicy never-auto-execute (#253) · bots gain signed `attest` verbs | 29 `expect_in_hot_path` hygiene (#255) · SafeDOM standing recipe (#214) · promote C-grade bots to B | +| ✅ this session: Nix removed (#260/#262); findings-submissions documented; Bustfile (#261) | | | + +## each gitbot + +| Bot | Grade | MUST | INTEND | WISH | +|---|---|---|---|---| +| rhodibot (git ops) | B | keep 9/9 dispatch flows green | signed `attest` verb | — | +| echidnabot (quality/proofs) | B | — | consume typed `VerifyOutcome` (#245) | SDK packaging surface | +| sustainabot (eco/econ) | B | fix broken Cargo path dep on missing `bots/panic-attacker` (#246) | SafeDOM recipe (#214) · add `guix.scm` | — | +| glambot (aesthetic) | C | promote C→B (calibration) | apply suggestions systematically | richer visual analyzers | +| seambot (seams) | C | promote C→B | cross-repo seam data | — | +| finishingbot (completion) | C | promote C→B (calibration) | — | — | +| gsbot (Discord, Rust/SPARK) _(inf)_ | — | no Python ✅; Bronze RSR | add `guix.scm` | SPARK-verify `domain.rs` | +| cipherbot _(inf)_ | — | clear secret-FP in `analyzers/infra.rs` + `expect` hygiene (#207/#255) | — | — | +| accessibilitybot _(inf)_ | — | `expect_in_hot_path` hygiene (#255) | — | — | +| panicbot _(inf)_ | — | reach-classification correctness | consume patch-bridge registry (#358) | — | +| the-hotchocolabot _(inf)_ | — | it's a stub — needs real impl or status clarity | build out | — | + +## .git-private-farm — itself + +| MUST | INTEND | WISH | +|---|---|---| +| clear the GitHub Actions billing wall (blocks actuator) · receiver workflow for sha-bump propagation (#67) | pool-driven privileged merge actuator (P0–P3 + mass-squash) · guarded Hypatia fanout: canary/dedupe/kill-switch (#74) | auto-remediate mirror drift (#75) | +| ✅ this session: Nix removed (#71/#73); README dedup + k9 self-validating + Dust/Bust (#72) | | | + +## Common across the estate + +| Scope | MUST | INTEND | WISH | +|---|---|---|---| +| All 3 | Guix-only ✅ · SPDX headers · resolve held 6a2 STATE/META/ANCHOR + root-vs-`6a2/` layout (UNRESOLVED) | merge-orchestration runtime tier (hypatia=decision · fleet=attest · farm=actuator) + `.machine_readable` runtime tier · bot_directives redesign | wikis → bleeding-edge (#482) · README/EXPLAINME + contractile currency (#483) | +| ≥2 | `record_outcome` loop (hypatia+fleet) · dependency/CVE triage (fleet #278, hypatia #330) | doc-currency pass (#483) | rot/unused sweep (#483) | + +## Blocked on the owner + +- Deploy verisim-api (unblocks native modalities + connector bodies). +- Widen Mathlib allowlist or run local → proofs #486. +- Clear .git-private-farm Actions billing → farm actuator. +- Add `standards` + `rsr-template` to a session's scope → divergence audit #485. +- Delete 2 stale hypatia branches (`test/ci-codeql-hypatia`, `feat/sha-bump-propagation-rule-418`) → clears GS007. + +## Tracked issues + +hypatia #482 (wikis), #483 (doc/contractile/rot currency), #484 (scanner re-release), #485 (divergence, needs-owner), #486 (proofs, needs-network) · gitbot-fleet #278 (Dependabot triage). From 6c44e9bd5e05c2b518b895d9540b5e04e56d29df Mon Sep 17 00:00:00 2001 From: "Jonathan D.A. Jewell" <6759885+hyperpolymath@users.noreply.github.com> Date: Fri, 19 Jun 2026 22:45:15 +0100 Subject: [PATCH 3/3] docs: remove 06-18-dated status file (renamed to 2026-06-19) https://claude.ai/code/session_016R5WsMHtpnD8bmrkjFNFmg --- .../estate-musts-intends-wishes-2026-06-18.md | 68 ------------------- 1 file changed, 68 deletions(-) delete mode 100644 docs/status/estate-musts-intends-wishes-2026-06-18.md diff --git a/docs/status/estate-musts-intends-wishes-2026-06-18.md b/docs/status/estate-musts-intends-wishes-2026-06-18.md deleted file mode 100644 index 8e111123..00000000 --- a/docs/status/estate-musts-intends-wishes-2026-06-18.md +++ /dev/null @@ -1,68 +0,0 @@ - - - -# Estate status — musts / intends / wishes - -**Snapshot:** 2026-06-18 (UTC) · authored by Claude (Opus 4.8) - -Framing: **must** = normative/blocking (hypatia's own rules are the estate norm) · **intend** = planned/in-flight · **wish** = aspirational. `READINESS.md` formally grades 6 bots (assessed 2026-04-04); the other 5 rows are from issues + the 2026-06 session and marked _(inferred)_. - -## Where we are - -Core three bots + coordinator are Grade B/Beta and operating estate-wide (1635 dispatches, 99% success). The 2026-06 session cleared the estate's Nix→Guix, CI-timeout, workflow_audit-FP and hexadeca-contract musts. The big live workstream is the merge-orchestration runtime (parallel session, now merged in hypatia). Remaining musts are mostly blocked on the owner. - -## hypatia — the normative anchor - -| MUST | INTEND | WISH | -|---|---|---| -| self-scan must run current rules — deployed scanner lags `main` (#484) · close `record_outcome` loop · neural-convergence proofs (#486, BLOCKED: Mathlib net) | deploy verisim-api · code-scanning backlog triage (#470/#369) · M13 SARIF / M14 GraphQL / M15 auth | Nx/EXLA backend · cross-org VCL federation · flesh out bebop/capnproto bodies on demand | -| ✅ this session: hexadeca contract drift-guarded (#510) + documented (#511); workflow_audit FPs fixed (#462); Guix-only; CI timeouts | | | - -## gitbot-fleet — whole - -| MUST | INTEND | WISH | -|---|---|---| -| triage 6 Dependabot alerts 1H/1M/4L (#278) · close `record_outcome` loop · dispatch PAT ✅ | consume Hypatia route/blast-radius metadata (#264) · LicensePolicy never-auto-execute (#253) · bots gain signed `attest` verbs | 29 `expect_in_hot_path` hygiene (#255) · SafeDOM standing recipe (#214) · promote C-grade bots to B | -| ✅ this session: Nix removed (#260/#262); findings-submissions documented; Bustfile (#261) | | | - -## each gitbot - -| Bot | Grade | MUST | INTEND | WISH | -|---|---|---|---|---| -| rhodibot (git ops) | B | keep 9/9 dispatch flows green | signed `attest` verb | — | -| echidnabot (quality/proofs) | B | — | consume typed `VerifyOutcome` (#245) | SDK packaging surface | -| sustainabot (eco/econ) | B | fix broken Cargo path dep on missing `bots/panic-attacker` (#246) | SafeDOM recipe (#214) · add `guix.scm` | — | -| glambot (aesthetic) | C | promote C→B (calibration) | apply suggestions systematically | richer visual analyzers | -| seambot (seams) | C | promote C→B | cross-repo seam data | — | -| finishingbot (completion) | C | promote C→B (calibration) | — | — | -| gsbot (Discord, Rust/SPARK) _(inf)_ | — | no Python ✅; Bronze RSR | add `guix.scm` | SPARK-verify `domain.rs` | -| cipherbot _(inf)_ | — | clear secret-FP in `analyzers/infra.rs` + `expect` hygiene (#207/#255) | — | — | -| accessibilitybot _(inf)_ | — | `expect_in_hot_path` hygiene (#255) | — | — | -| panicbot _(inf)_ | — | reach-classification correctness | consume patch-bridge registry (#358) | — | -| the-hotchocolabot _(inf)_ | — | it's a stub — needs real impl or status clarity | build out | — | - -## .git-private-farm — itself - -| MUST | INTEND | WISH | -|---|---|---| -| clear the GitHub Actions billing wall (blocks actuator) · receiver workflow for sha-bump propagation (#67) | pool-driven privileged merge actuator (P0–P3 + mass-squash) · guarded Hypatia fanout: canary/dedupe/kill-switch (#74) | auto-remediate mirror drift (#75) | -| ✅ this session: Nix removed (#71/#73); README dedup + k9 self-validating + Dust/Bust (#72) | | | - -## Common across the estate - -| Scope | MUST | INTEND | WISH | -|---|---|---|---| -| All 3 | Guix-only ✅ · SPDX headers · resolve held 6a2 STATE/META/ANCHOR + root-vs-`6a2/` layout (UNRESOLVED) | merge-orchestration runtime tier (hypatia=decision · fleet=attest · farm=actuator) + `.machine_readable` runtime tier · bot_directives redesign | wikis → bleeding-edge (#482) · README/EXPLAINME + contractile currency (#483) | -| ≥2 | `record_outcome` loop (hypatia+fleet) · dependency/CVE triage (fleet #278, hypatia #330) | doc-currency pass (#483) | rot/unused sweep (#483) | - -## Blocked on the owner - -- Deploy verisim-api (unblocks native modalities + connector bodies). -- Widen Mathlib allowlist or run local → proofs #486. -- Clear .git-private-farm Actions billing → farm actuator. -- Add `standards` + `rsr-template` to a session's scope → divergence audit #485. -- Delete 2 stale hypatia branches (`test/ci-codeql-hypatia`, `feat/sha-bump-propagation-rule-418`) → clears GS007. - -## Tracked issues - -hypatia #482 (wikis), #483 (doc/contractile/rot currency), #484 (scanner re-release), #485 (divergence, needs-owner), #486 (proofs, needs-network) · gitbot-fleet #278 (Dependabot triage).