docs(krl): ground KRL identity + 5-role stack per canonical spec#35
Merged
Conversation
KRL is QuandleDB's canonical resolution DSL: a database-facing language
whose domain is knot/tangle identity, equivalence, transformation, and
disambiguation. Database-facing but not merely a query language; the two
anti-framings ('a database language' = SQL-for-knots; 'surface DSL over
Tangle' = QuandleDB incidental) are called out explicitly.
Architecture position now enumerates 5 roles, each with the question it
answers: KRL (resolution DSL) -> TangleIR (lowered IR) -> Tangle (compute
substrate) -> QuandleDB (persistence + invariant/equivalence DB) +
Skein.jl (backend library).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_017TXizM5c1Yd9HWf7Y15YH2
🔍 Hypatia Security ScanFindings: 38 issues detected
View findings[
{
"reason": "Issue in scorecard-enforcer.yml",
"type": "scorecard_publish_with_run_step",
"file": "scorecard-enforcer.yml",
"action": "split_scorecard_publish_job",
"rule_module": "workflow_audit",
"severity": "high"
},
{
"reason": "Issue in instant-sync.yml",
"type": "secret_action_without_presence_gate",
"file": "instant-sync.yml",
"action": "peter-evans/repository-dispatch",
"rule_module": "workflow_audit",
"severity": "high"
},
{
"reason": "Issue in scorecard.yml",
"type": "scorecard_wrapper_missing_job_permissions",
"file": "scorecard.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "high"
},
{
"reason": "Download-and-execute pattern (curl|wget pipe to shell) -- verify integrity before execution (3 occurrences, CWE-494)",
"type": "shell_download_then_run",
"file": "/home/runner/work/krl/krl/setup.sh",
"action": "flag",
"rule_module": "code_safety",
"severity": "high"
},
{
"line": 24,
"reason": "Secret found: Generic API key",
"type": "secret_detected",
"file": "/home/runner/work/krl/krl/.envrc",
"action": "revoke_rotate_and_purge",
"rule_module": "security_errors",
"severity": "critical"
},
{
"reason": "Nominal-only SAST in krl: codeql.yml language matrix contains no language present in the repo and lacks `actions`, so CodeQL records zero results on every commit. Remediation: set the CodeQL matrix to `language: actions`.",
"type": "StaticAnalysis",
"file": "/home/runner/work/krl/krl",
"action": "auto_fix",
"rule_module": "scorecard",
"severity": "medium",
"remediation": "Add CodeQL or equivalent SAST workflow.",
"scorecard_check": "SAST"
},
{
"reason": "1 workflow(s) with tag-pinned (not SHA-pinned) actions in krl",
"type": "DependencyPinning",
"file": "/home/runner/work/krl/krl",
"action": "auto_fix",
"rule_module": "scorecard",
"severity": "medium",
"remediation": "Pin GitHub Actions and Docker base images by SHA hash.",
"scorecard_check": "Pinned-Dependencies"
},
{
"reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.",
"type": "GS007",
"file": ".",
"action": "delete_remote_branches",
"rule_module": "git_state",
"severity": "medium"
},
{
"reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 6 day(s) old",
"type": "CSA001",
"file": "spec/grammar-overview.md",
"action": "review",
"rule_module": "code_scanning_alerts",
"severity": "medium"
},
{
"reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 6 day(s) old",
"type": "CSA001",
"file": "docs/practice/AI-CONVENTIONS.adoc",
"action": "review",
"rule_module": "code_scanning_alerts",
"severity": "medium"
}
]Powered by Hypatia Neurosymbolic CI/CD Intelligence |
hyperpolymath
added a commit
to hyperpolymath/Skein.jl
that referenced
this pull request
Jun 19, 2026
…engine (#20) ## What Reconciles Skein.jl's grounded role across **all** its canonical role statements (ECOSYSTEM, ANCHOR, CLAUDE.md, README, STATE, META, 0-AI-MANIFEST, ROADMAP) to the agreed KRL stack spec. **Before:** "Skein = persistence + semantic-indexing layer (layer 4); serves KRL's *Retrieve leg*; QuandleDB = the Resolve layer." **After:** - **Skein.jl = the computational / backend engine** of the KRL stack — computes / transforms / normalizes / evaluates invariants and equivalence checks, with an *embedded* SQLite store. - **QuandleDB = the database application that wraps Skein** — the canonical persistence + invariant/equivalence face. - The **four KRL operations are operations** run against the QuandleDB+Skein *substrate*; **no op maps 1:1 to a component** (so Skein is explicitly *not* "the Retrieve leg" — that was an op↔component category error). - Adds the **Retrieve clause**: Retrieve recovers *resolution-relevant artefacts* (presentations, invariants, witnesses, equivalence classes, prior resolutions, explanations, provenance), **not** arbitrary querying. Generic store access is a legitimate *engine-layer* affordance. KRL is a resolution DSL, *not merely* a query language. ## Why Part of the estate-wide doc-grounding pass agreed directly with the maintainer. This framing keeps the docs honest about shipped code (Skein really does persist via SQLite — so its store stays real, but its *stack role* is the engine) while matching the canonical stack. The withdrawn knot-graph-edge-layer (schema v5) guardrail is retained unchanged. Cross-refs `krl docs/decisions/0002-query-language-deferred.adoc` (companion PR hyperpolymath/krl#35). ## Scope Docs + machine-readable only. No `src/` or test changes; the 1089-test baseline is untouched. 🤖 Generated with [Claude Code](https://claude.com/claude-code) --- _Generated by [Claude Code](https://claude.ai/code/session_017TXizM5c1Yd9HWf7Y15YH2)_ --------- Co-authored-by: Claude <noreply@anthropic.com>
2 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Grounds
README.adocto the canonical KRL spec:Why
First commit in a doc-grounding pass that aligns the whole estate to one canonical statement of the KRL stack, agreed directly with the maintainer. Downstream repos (Skein.jl, quandledb, tangle) will be aligned to this same framing in their own PRs.
Scope
Docs only —
README.adoc. No spec/code/proof changes.🤖 Generated with Claude Code
Generated by Claude Code