Record Hermes consumed approval evidence

2026-06-01 08:08:17 -04:00
parent fbc3a08099
commit 314579f91c
5 changed files with 310 additions and 0 deletions
@@ -69,6 +69,9 @@ REQUIRED_FILES = [
    ".sot/03-PROTOCOLS/CTO-GOVERNED-EXECUTION-EVIDENCE-PRD.md",
    ".sot/03-PROTOCOLS/CTO-GOVERNED-EXECUTION-EVIDENCE-ISSUES.md",
    ".sot/03-PROTOCOLS/CTO-GOVERNED-EXECUTION-EVIDENCE-CLOSEOUT.md",
+    ".sot/03-PROTOCOLS/CTO-HERMES-CONSUMED-APPROVAL-EVIDENCE-PRD.md",
+    ".sot/03-PROTOCOLS/CTO-HERMES-CONSUMED-APPROVAL-EVIDENCE-ISSUES.md",
+    ".sot/03-PROTOCOLS/CTO-HERMES-CONSUMED-APPROVAL-EVIDENCE-CLOSEOUT.md",
    ".sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-PRD.md",
    ".sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-ISSUES.md",
    ".sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-APPROVAL-PACKET.md",
@@ -348,6 +351,35 @@ REQUIRED_GOVERNED_EXECUTION_EVIDENCE_PHRASES = [
    "This closeout does not authorize another Case run.",
 ]

+REQUIRED_HERMES_CONSUMED_APPROVAL_EVIDENCE_PHRASES = [
+    "Local planning SOT only. Not a Core Protocol. Not active Core authority.",
+    "Hermes consumed approval evidence",
+    "CTO-WORK-072",
+    "CTO-WORK-073",
+    "6f694b4 feat(plugin): surface consumed CTO approval evidence",
+    "/api/cto/control-summary",
+    "governed_execution",
+    "approval_consumed",
+    "consumed_by_pass_evidence",
+    "execution_allowed: false",
+    "approval_granted: true",
+    "approval_required: true",
+    "Stage 5 pass replay path",
+    "Stage 5 proof replay path",
+    "cto_control_panel.js",
+    "routes/cto_control_summary.py",
+    "python3 -m pytest tests/ -q",
+    "108 passed",
+    "python3 scripts/ast-connection-map.py --check",
+    "CONNECTION-MAP.md is fresh",
+    "Case runtime default active: false",
+    "target repository mutation: false",
+    "upstream `hermes-webui` edited: false",
+    "upstream `hermes-agent` edited: false",
+    "Do not activate Case as default backend.",
+    "This closeout does not authorize another Case run.",
+]
+
 REQUIRED_HERMES_REAL_REFRESH_CONTROL_REPLAY_EVIDENCE_PHRASES = [
    "Local planning SOT only. Not a Core Protocol. Not active Core authority.",
    "CTO-WORK-057",
@@ -1571,6 +1603,43 @@ def main() -> int:
            if phrase not in text:
                errors.append(f"missing_governed_execution_evidence_closeout_phrase:{phrase}")

+    hermes_consumed_approval_prd = ROOT / ".sot/03-PROTOCOLS/CTO-HERMES-CONSUMED-APPROVAL-EVIDENCE-PRD.md"
+    if hermes_consumed_approval_prd.is_file():
+        text = hermes_consumed_approval_prd.read_text(encoding="utf-8")
+        if "core_promotion_status: not-promoted" not in text:
+            errors.append("hermes_consumed_approval_prd_missing_not_promoted_frontmatter")
+        for phrase in REQUIRED_HERMES_CONSUMED_APPROVAL_EVIDENCE_PHRASES:
+            checked.append(f"hermes_consumed_approval_prd_phrase:{phrase}")
+            if phrase not in text:
+                errors.append(f"missing_hermes_consumed_approval_prd_phrase:{phrase}")
+
+    hermes_consumed_approval_issues = ROOT / ".sot/03-PROTOCOLS/CTO-HERMES-CONSUMED-APPROVAL-EVIDENCE-ISSUES.md"
+    if hermes_consumed_approval_issues.is_file():
+        text = hermes_consumed_approval_issues.read_text(encoding="utf-8")
+        if "core_promotion_status: not-promoted" not in text:
+            errors.append("hermes_consumed_approval_issues_missing_not_promoted_frontmatter")
+        for phrase in REQUIRED_HERMES_CONSUMED_APPROVAL_EVIDENCE_PHRASES:
+            checked.append(f"hermes_consumed_approval_issue_phrase:{phrase}")
+            if phrase not in text:
+                errors.append(f"missing_hermes_consumed_approval_issue_phrase:{phrase}")
+
+    hermes_consumed_approval_closeout = ROOT / ".sot/03-PROTOCOLS/CTO-HERMES-CONSUMED-APPROVAL-EVIDENCE-CLOSEOUT.md"
+    if hermes_consumed_approval_closeout.is_file():
+        text = hermes_consumed_approval_closeout.read_text(encoding="utf-8")
+        if "core_promotion_status: not-promoted" not in text:
+            errors.append("hermes_consumed_approval_closeout_missing_not_promoted_frontmatter")
+        for phrase in [
+            "status: validated",
+            "schema_version: `0.2.0`",
+            "plugin-only change: true",
+            "Harness-backed summary data remains the source of truth.",
+            "Hermes visualizes control state; CTO and Harness remain the gates.",
+            *REQUIRED_HERMES_CONSUMED_APPROVAL_EVIDENCE_PHRASES,
+        ]:
+            checked.append(f"hermes_consumed_approval_closeout_phrase:{phrase}")
+            if phrase not in text:
+                errors.append(f"missing_hermes_consumed_approval_closeout_phrase:{phrase}")
+
    hermes_real_refresh_control_replay_evidence = ROOT / ".sot/03-PROTOCOLS/CTO-HERMES-REAL-REFRESH-CONTROL-REPLAY-EVIDENCE.md"
    if hermes_real_refresh_control_replay_evidence.is_file():
        text = hermes_real_refresh_control_replay_evidence.read_text(encoding="utf-8")
@@ -2193,6 +2262,8 @@ def main() -> int:
            "CTO-WORK-069": "validated",
            "CTO-WORK-070": "validated",
            "CTO-WORK-071": "validated",
+            "CTO-WORK-072": "validated",
+            "CTO-WORK-073": "validated",
        }
        for issue_id, expected in expected_statuses.items():
            checked.append(f"workboard_status:{issue_id}:{expected}")