docs: estate musts/intends/wishes snapshot + AFFIRMATION.adoc

AFFIRMATION.adoc

@@ -0,0 +1,66 @@
+// SPDX-License-Identifier: MPL-2.0
+// SPDX-FileCopyrightText: 2026 Jonathan D.A. Jewell (hyperpolymath) <j.d.a.jewell@open.ac.uk>
+//
+// NOTE: The hyperpolymath `standards` repo defines the canonical AFFIRMATION
+// format; it was not reachable from this authoring session's scope, so this
+// document follows A2ML / RSR conventions and should be reconciled against
+// `standards` if the schema differs.
+= AFFIRMATION — hypatia
+:affirmed-at: 2026-06-19T21:45Z
+:affirmed-by: Claude (Opus 4.8) on behalf of Jonathan D.A. Jewell (hyperpolymath)
+
+As of *{affirmed-at}*, this repository affirms the following about its current
+state and commitments. Companion detail:
+`docs/status/estate-musts-intends-wishes-2026-06-19.md`.
+
+== We affirm (current normative state — MUST)
+
+* *Guix-only builds.* Nix is retired estate-wide (owner ruling 2026-06-05);
+  `guix.scm` / guix channels are the sole reproducible-build manifests. No
+  `flake.nix` remains; all references reconciled.
+* *The formal-proof corpus verifies and is CI-gated* across Idris 2 (v0.7.0),
+  Lean 4 (v4.30.0) and TLA+ — zero escape hatches
+  (`believe_me` / `sorry` / `postulate` / `assert_total` / `admit` /
+  `native_decide`). One obligation remains open — neural-convergence
+  (PageRank + ESN) — blocked only on Mathlib network access; the handover is
+  at `docs/proofs/HANDOVER-neural-convergence.md`.
+* *The hexadeca-connector wire contract cannot silently drift.* The Zig enum,
+  the Idris2 ABI and the Rust client are pinned to one golden source
+  (`ffi/connectors.json`) by `test/hexadeca_contract_test.exs` under
+  `mix test`.
+* *Workflow hygiene.* Every runner job declares `timeout-minutes`; the
+  `workflow_audit` rule no longer false-positives reusable-workflow
+  (`uses:`) jobs.
+* *SPDX `MPL-2.0` headers* on source files; SHA-pinned GitHub Actions;
+  HTTPS-only; no hardcoded secrets.
+
+== We intend (planned — INTEND)
+
+* Deploy *verisim-api* (the VeriSimDB Rust core) to unlock native
+  graph/vector/temporal modalities and let the hexadeca transport bodies be
+  fleshed out on demand.
+* Ensure merged rule fixes reach *live* self-scans — the deployed scanner
+  currently lags `main` (issue #484).
+* Triage the code-scanning alert backlog (#470, #369); deliver M13 SARIF,
+  M14 live GraphQL endpoint, M15 bearer-auth + persistent watcher.
+* Carry the *merge-orchestration runtime*: the decision layer here, signed
+  `attest` verbs in gitbot-fleet, the pool actuator in `.git-private-farm`.
+
+== We wish (aspirational — WISH)
+
+* An Nx/EXLA neural backend if reservoir sizes outgrow pure Elixir.
+* Cross-organisation federation with VCL drift policies.
+* Bring the GitHub wikis to bleeding-edge (#482) and complete the
+  doc/contractile currency + rot sweep (#483).
+
+== Held (under coordinated realignment — not affirmed here)
+
+The `6a2` `STATE` / `META` / `ANCHOR` files and the `trust` / `intend`
+contractiles + `bot_directives` are under the active merge-orchestration
+realignment and are deliberately not re-attested in this document.
+
+== Provenance
+
+Affirmation authored {affirmed-at} by {affirmed-by}. The canonical
+AFFIRMATION format lives in `hyperpolymath/standards`; reconcile this file
+against it when that repo is in scope.

docs/status/estate-musts-intends-wishes-2026-06-19.md

@@ -0,0 +1,68 @@
+<!-- SPDX-License-Identifier: MPL-2.0 -->
+<!-- SPDX-FileCopyrightText: 2026 Jonathan D.A. Jewell (hyperpolymath) -->
+
+# Estate status — musts / intends / wishes
+
+**Snapshot:** 2026-06-19 (UTC) · authored by Claude (Opus 4.8)
+
+Framing: **must** = normative/blocking (hypatia's own rules are the estate norm) · **intend** = planned/in-flight · **wish** = aspirational. `READINESS.md` formally grades 6 bots (assessed 2026-04-04); the other 5 rows are from issues + the 2026-06 session and marked _(inferred)_.
+
+## Where we are
+
+Core three bots + coordinator are Grade B/Beta and operating estate-wide (1635 dispatches, 99% success). The 2026-06 session cleared the estate's Nix→Guix, CI-timeout, workflow_audit-FP and hexadeca-contract musts. The big live workstream is the merge-orchestration runtime (parallel session, now merged in hypatia). Remaining musts are mostly blocked on the owner.
+
+## hypatia — the normative anchor
+
+| MUST | INTEND | WISH |
+|---|---|---|
+| self-scan must run current rules — deployed scanner lags `main` (#484) · close `record_outcome` loop · neural-convergence proofs (#486, BLOCKED: Mathlib net) | deploy verisim-api · code-scanning backlog triage (#470/#369) · M13 SARIF / M14 GraphQL / M15 auth | Nx/EXLA backend · cross-org VCL federation · flesh out bebop/capnproto bodies on demand |
+| ✅ this session: hexadeca contract drift-guarded (#510) + documented (#511); workflow_audit FPs fixed (#462); Guix-only; CI timeouts | | |
+
+## gitbot-fleet — whole
+
+| MUST | INTEND | WISH |
+|---|---|---|
+| triage 6 Dependabot alerts 1H/1M/4L (#278) · close `record_outcome` loop · dispatch PAT ✅ | consume Hypatia route/blast-radius metadata (#264) · LicensePolicy never-auto-execute (#253) · bots gain signed `attest` verbs | 29 `expect_in_hot_path` hygiene (#255) · SafeDOM standing recipe (#214) · promote C-grade bots to B |
+| ✅ this session: Nix removed (#260/#262); findings-submissions documented; Bustfile (#261) | | |
+
+## each gitbot
+
+| Bot | Grade | MUST | INTEND | WISH |
+|---|---|---|---|---|
+| rhodibot (git ops) | B | keep 9/9 dispatch flows green | signed `attest` verb | — |
+| echidnabot (quality/proofs) | B | — | consume typed `VerifyOutcome` (#245) | SDK packaging surface |
+| sustainabot (eco/econ) | B | fix broken Cargo path dep on missing `bots/panic-attacker` (#246) | SafeDOM recipe (#214) · add `guix.scm` | — |
+| glambot (aesthetic) | C | promote C→B (calibration) | apply suggestions systematically | richer visual analyzers |
+| seambot (seams) | C | promote C→B | cross-repo seam data | — |
+| finishingbot (completion) | C | promote C→B (calibration) | — | — |
+| gsbot (Discord, Rust/SPARK) _(inf)_ | — | no Python ✅; Bronze RSR | add `guix.scm` | SPARK-verify `domain.rs` |
+| cipherbot _(inf)_ | — | clear secret-FP in `analyzers/infra.rs` + `expect` hygiene (#207/#255) | — | — |
+| accessibilitybot _(inf)_ | — | `expect_in_hot_path` hygiene (#255) | — | — |
+| panicbot _(inf)_ | — | reach-classification correctness | consume patch-bridge registry (#358) | — |
+| the-hotchocolabot _(inf)_ | — | it's a stub — needs real impl or status clarity | build out | — |
+
+## .git-private-farm — itself
+
+| MUST | INTEND | WISH |
+|---|---|---|
+| clear the GitHub Actions billing wall (blocks actuator) · receiver workflow for sha-bump propagation (#67) | pool-driven privileged merge actuator (P0–P3 + mass-squash) · guarded Hypatia fanout: canary/dedupe/kill-switch (#74) | auto-remediate mirror drift (#75) |
+| ✅ this session: Nix removed (#71/#73); README dedup + k9 self-validating + Dust/Bust (#72) | | |
+
+## Common across the estate
+
+| Scope | MUST | INTEND | WISH |
+|---|---|---|---|
+| All 3 | Guix-only ✅ · SPDX headers · resolve held 6a2 STATE/META/ANCHOR + root-vs-`6a2/` layout (UNRESOLVED) | merge-orchestration runtime tier (hypatia=decision · fleet=attest · farm=actuator) + `.machine_readable` runtime tier · bot_directives redesign | wikis → bleeding-edge (#482) · README/EXPLAINME + contractile currency (#483) |
+| ≥2 | `record_outcome` loop (hypatia+fleet) · dependency/CVE triage (fleet #278, hypatia #330) | doc-currency pass (#483) | rot/unused sweep (#483) |
+
+## Blocked on the owner
+
+- Deploy verisim-api (unblocks native modalities + connector bodies).
+- Widen Mathlib allowlist or run local → proofs #486.
+- Clear .git-private-farm Actions billing → farm actuator.
+- Add `standards` + `rsr-template` to a session's scope → divergence audit #485.
+- Delete 2 stale hypatia branches (`test/ci-codeql-hypatia`, `feat/sha-bump-propagation-rule-418`) → clears GS007.
+
+## Tracked issues
+
+hypatia #482 (wikis), #483 (doc/contractile/rot currency), #484 (scanner re-release), #485 (divergence, needs-owner), #486 (proofs, needs-network) · gitbot-fleet #278 (Dependabot triage).