From d9edf8a715dfa6821e0bf80995c205e37b0bbf32 Mon Sep 17 00:00:00 2001 From: Svrnty Date: Sun, 31 May 2026 22:13:52 -0400 Subject: [PATCH] Select Qwen local as CTO provider policy --- .../CTO-CASE-LOCAL-PROVIDER-ROUTE-ISSUES.md | 8 ++- .../CTO-CASE-LOCAL-PROVIDER-ROUTE-PRD.md | 4 +- ...TO-CASE-MODEL-PROVIDER-ADMISSION-ISSUES.md | 2 +- ...TO-CASE-PROVIDER-DECISION-PACKET-ISSUES.md | 34 +++++----- .../CTO-CASE-PROVIDER-DECISION-PACKET-PRD.md | 16 +++-- .../CTO-CASE-PROVIDER-DECISION-RECORD.md | 34 ++++++---- WORKBOARD.yaml | 2 +- tools/validate_cto_child.py | 64 +++++++++---------- 8 files changed, 90 insertions(+), 74 deletions(-) diff --git a/.sot/03-PROTOCOLS/CTO-CASE-LOCAL-PROVIDER-ROUTE-ISSUES.md b/.sot/03-PROTOCOLS/CTO-CASE-LOCAL-PROVIDER-ROUTE-ISSUES.md index 4178b79..225d3f5 100644 --- a/.sot/03-PROTOCOLS/CTO-CASE-LOCAL-PROVIDER-ROUTE-ISSUES.md +++ b/.sot/03-PROTOCOLS/CTO-CASE-LOCAL-PROVIDER-ROUTE-ISSUES.md @@ -35,7 +35,7 @@ Acceptance: Status: blocked. -Build or supply one Case-compatible local provider adapter path only after the decision record selects `local_provider_required`. +Build or supply one Case-compatible local provider adapter path after the decision record selects `local_provider_required`. Acceptance: @@ -54,3 +54,9 @@ Blocked by: - `CTO-WORK-020` decision record selecting `local_provider_required`. - A Case-compatible local provider adapter implementation or supplied local provider endpoint. + +Current unblock: + +- Decision record now selects `local_provider_required`. +- Harness route blocks before `case_process_started` unless `CTO_HARNESS_CASE_LOCAL_BASE_URL` is supplied. +- Remaining blocker is supplied local provider endpoint/config plus real Stage 2 pass evidence. diff --git a/.sot/03-PROTOCOLS/CTO-CASE-LOCAL-PROVIDER-ROUTE-PRD.md b/.sot/03-PROTOCOLS/CTO-CASE-LOCAL-PROVIDER-ROUTE-PRD.md index 9e452cf..d887e13 100644 --- a/.sot/03-PROTOCOLS/CTO-CASE-LOCAL-PROVIDER-ROUTE-PRD.md +++ b/.sot/03-PROTOCOLS/CTO-CASE-LOCAL-PROVIDER-ROUTE-PRD.md @@ -15,7 +15,7 @@ Local planning SOT only. Not a Core Protocol. Not active Core authority. ## Problem Statement -`CTO-WORK-020` remains blocked until a provider policy decision exists. If the decision is `local_provider_required`, Cortex CTO needs a narrow route for a Case-compatible local model provider before real Case Stage 2 can run without external provider approval. +`CTO-WORK-020` remains blocked until the selected local Qwen provider path produces real Case Stage 2 pass evidence. The decision is now `local_provider_required`, so Cortex CTO needs the narrow Case-compatible local model provider route to remain explicit and fail-closed. ## Solution @@ -74,4 +74,4 @@ Define a child-local Case-compatible local provider adapter route. This route do ## Success Definition -If JP chooses `local_provider_required`, the next implementation route is explicit: build or supply one Case-compatible local provider adapter path, then use `CTO-WORK-020` to admit the exact provider/model pair before any real Case Stage 2 retry. +JP chose `local_provider_required`. The next implementation route is explicit: supply the local provider config for `qwen-local` / `qwen3.6-35b-a3b`, then use `CTO-WORK-020` and the Harness Evidence Interface before any real Case Stage 2 claim. diff --git a/.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION-ISSUES.md b/.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION-ISSUES.md index c699b8f..b67134d 100644 --- a/.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION-ISSUES.md +++ b/.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION-ISSUES.md @@ -106,7 +106,7 @@ Acceptance: - Admission JSON has `admission_timestamp`. - Admission JSON has `review_trigger`. - Admission JSON contains no secret keys or secret values. -- Fallback to `vllm` / `qwen3.6-35b-a3b` remains explicit decision-record context and must be represented in runtime evidence before it may count as a Case provider/model path. +- Fallback to `openai-codex` / `gpt-5.5` remains explicit decision-record context and must be represented in runtime evidence before it may count as a Case provider/model path. - `CTO-WORK-020` remains blocked until real Case Stage 2 produces a Harness Evidence Interface pass report using this admission file. - Real Case Stage 2 command must set `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` to this admission JSON path. diff --git a/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-PACKET-ISSUES.md b/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-PACKET-ISSUES.md index 1797a41..b2cd981 100644 --- a/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-PACKET-ISSUES.md +++ b/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-PACKET-ISSUES.md @@ -21,7 +21,7 @@ Register the compact decision packet for resolving the `CTO-WORK-020` provider p Acceptance: -- States `not_decided` is current safe state. +- States `local_provider_required` is current selected state. - Lists only `external_provider_approved` and `local_provider_required` as active branches. - Says it does not approve or admit any provider/model. - Says it is not Stage 2 pass evidence. @@ -31,7 +31,7 @@ Acceptance: - Keeps `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` as execution admission gate. - Requires exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before admission. - Requires no secrets in SOT, task file, argv, report, trace, backend logs, generated config, or commits. -- States `CTO-WORK-022` stays blocked unless `decision_status=local_provider_required`. +- States `CTO-WORK-022` stays blocked until explicit local provider config and real Case Stage 2 pass evidence exist. - States real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist. - States no Target Repository path may be inspected or copied. @@ -51,12 +51,12 @@ Acceptance: - If `local_provider_required`, the record sets provider class `local_case_compatible` and keeps exact provider/model empty until a local provider/model is supplied and admitted. - No secret value is written to SOT, task file, argv, report, trace, backend logs, generated config, or commit. - `CTO-WORK-020` remains blocked until admitted provider/model and real Stage 2 pass report exist. -- `CTO-WORK-022` remains blocked unless `decision_status=local_provider_required`. +- `CTO-WORK-022` remains blocked until explicit local provider config and real Case Stage 2 pass evidence exist. - Real Case Stage 2 remains blocked unless `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` exists and matches `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL`. Resolved by: -- `CTO-CASE-PROVIDER-DECISION-RECORD.md` selecting `external_provider_approved`. +- `CTO-CASE-PROVIDER-DECISION-RECORD.md` selecting `local_provider_required`. - Real Case Stage 2 remains blocked by `CTO-WORK-020` admission JSON and Harness Evidence Interface proof. ## CTO-WORK-025 - Initial Not-Decided Provider Decision Record @@ -83,25 +83,25 @@ Acceptance: - Record keeps `CTO-WORK-022` blocked unless `decision_status=local_provider_required`. - Record keeps real Case Stage 2 blocked until admitted provider/model and Harness Evidence Interface pass report exist. -## CTO-WORK-026 - OpenAI Codex Primary Provider Decision +## CTO-WORK-026 - Qwen Local Primary Provider Decision Status: validated. -Record JP approval of the external provider decision branch for the current Hermes model stack. +Record JP approval of the local Qwen primary provider decision branch for the current Hermes model stack. Acceptance: -- Decision record has `decision_status`: `external_provider_approved`. -- Decision record has `provider_class`: `external_openai_codex`. -- Decision record has `provider`: `openai-codex`. -- Decision record has `model`: `gpt-5.5`. -- Decision record has `fallback_provider`: `vllm`. -- Decision record has `fallback_model`: `qwen3.6-35b-a3b`. -- Decision record has `credential_source_class`: `hermes-openai-codex-oauth-and-local-vllm-config`; no secret value. -- Decision record has `allowed_network_class`: `codex-oauth-hosted-model-plus-local-vllm-fallback`. +- Decision record has `decision_status`: `local_provider_required`. +- Decision record has `provider_class`: `local_case_compatible`. +- Decision record has `provider`: `qwen-local`. +- Decision record has `model`: `qwen3.6-35b-a3b`. +- Decision record has `fallback_provider`: `openai-codex`. +- Decision record has `fallback_model`: `gpt-5.5`. +- Decision record has `credential_source_class`: `pi-models-json-local-provider-no-secret-plus-codex-oauth-fallback`; no secret value. +- Decision record has `allowed_network_class`: `local-tailscale-vllm-spark1-plus-codex-oauth-fallback`. - Decision record references Hermes model policy and local Hermes config as evidence sources without copying secrets. - Record says it is not provider/model admission and is not Stage 2 pass evidence. -- Record says `CTO-WORK-024` is resolved by selecting `external_provider_approved`. +- Record says `CTO-WORK-024` is resolved by selecting `local_provider_required`. - Record keeps `CTO-WORK-020` blocked until admission JSON and real Stage 2 pass evidence exist. -- Record keeps `CTO-WORK-022` blocked because `decision_status=external_provider_approved`, not `local_provider_required`. -- Record requires fallback to `vllm` with `qwen3.6-35b-a3b` to be explicit in admission evidence before it may count as a Case provider/model path. +- Record keeps `CTO-WORK-022` blocked until explicit local provider config and real Case Stage 2 pass evidence exist. +- Record requires fallback to `openai-codex` with `gpt-5.5` to be explicit in admission evidence before it may count as a Case provider/model path. diff --git a/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-PACKET-PRD.md b/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-PACKET-PRD.md index c495f5a..1fcd024 100644 --- a/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-PACKET-PRD.md +++ b/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-PACKET-PRD.md @@ -25,14 +25,14 @@ Create a child-local decision packet that makes the `CTO-WORK-020` choice explic - Summarize the current `CTO-WORK-020` blocker. - Present only two active decision branches: `external_provider_approved` and `local_provider_required`. -- Preserve `not_decided` as the current safe state. +- Preserve `local_provider_required` as the current selected state. - Require a structured decision record using only `not_decided`, `external_provider_approved`, or `local_provider_required`. - Require exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before any admission. - Reference existing evidence paths and commits; do not copy runtime evidence into the packet. - Require no secret value in SOT, task file, argv, report, trace, backend logs, generated config, or commit. - Keep `CTO-WORK-020` as the admission authority. - Keep the `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` admission JSON gate as execution authority. -- Keep `CTO-WORK-022` blocked unless `decision_status=local_provider_required`. +- Keep `CTO-WORK-022` blocked until explicit local provider config is supplied and real Case Stage 2 pass evidence exists. - Keep real Case Stage 2 blocked unless a provider/model is admitted and a pass report exists through the Harness Evidence Interface. - State that no Target Repository path may be inspected or copied. @@ -82,8 +82,8 @@ Required decision fields: - `decision_status`: `local_provider_required`. - `provider_class`: `local_case_compatible`. -- `provider`: empty until a local provider is supplied and admitted. -- `model`: empty until a local model is supplied and admitted. +- `provider`: exact local provider string. +- `model`: exact local model string. - `approval_source`: JP approval reference or governed Core route reference. - `credential_source_class`: local credential or no-secret class only. - `allowed_network_class`: local-only or explicitly bounded network class. @@ -94,13 +94,15 @@ Required decision fields: Consequences: - `CTO-WORK-022` becomes the next implementation candidate. +- `qwen-local` with model `qwen3.6-35b-a3b` may be recorded as the primary approved local provider only when the approval source, credential source class, allowed network class, review trigger, and admission JSON are recorded. +- `openai-codex` with model `gpt-5.5` may be recorded as fallback only when fallback use is represented in admission evidence and does not hide provider/model switching. - No external fallback to `anthropic` or `claude-sonnet-4-6` is allowed. - Missing local adapter config blocks before `case_process_started`. - Admission JSON mismatch blocks before `case_process_started`. ## Acceptance Criteria -- Packet states `not_decided` is current safe state. +- Packet states `local_provider_required` is current selected state. - Packet lists only `external_provider_approved` and `local_provider_required` as active branches. - Packet says it does not approve or admit any provider/model. - Packet says it is not Stage 2 pass evidence. @@ -111,7 +113,7 @@ Consequences: - Packet requires exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before admission. - Packet permits provider class `external_openai_codex` only as a decision branch, not as admission or Stage 2 proof. - Packet requires no secrets in SOT, task file, argv, report, trace, backend logs, generated config, or commits. -- Packet states `CTO-WORK-022` stays blocked unless `decision_status=local_provider_required`. +- Packet states `CTO-WORK-022` stays blocked until explicit local provider config and real Case Stage 2 pass evidence exist. - Packet states real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist. - Packet states no Target Repository path may be inspected or copied. @@ -130,4 +132,4 @@ Consequences: ## Success Definition -The `CTO-WORK-020` human-only blocker is represented as one precise decision packet: no provider/model is approved, no execution is authorized, and the next valid implementation path is unambiguous once JP chooses external provider approval or local provider requirement. +The `CTO-WORK-020` human-only blocker is represented as one precise decision packet: local Qwen is the selected provider policy, no execution is authorized without admission plus Harness Evidence Interface proof, and fallback use remains explicit. diff --git a/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-RECORD.md b/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-RECORD.md index 647c5e6..2cc5307 100644 --- a/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-RECORD.md +++ b/.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-RECORD.md @@ -15,26 +15,26 @@ Local planning SOT only. Not a Core Protocol. Not active Core authority. ## Current Decision State -- `decision_status`: `external_provider_approved`. -- `provider_class`: `external_openai_codex`. -- `provider`: `openai-codex`. -- `model`: `gpt-5.5`. -- `fallback_provider`: `vllm`. -- `fallback_model`: `qwen3.6-35b-a3b`. +- `decision_status`: `local_provider_required`. +- `provider_class`: `local_case_compatible`. +- `provider`: `qwen-local`. +- `model`: `qwen3.6-35b-a3b`. +- `fallback_provider`: `openai-codex`. +- `fallback_model`: `gpt-5.5`. - `approval_source`: JP chat approval on 2026-05-31. -- `credential_source_class`: `hermes-openai-codex-oauth-and-local-vllm-config`; no secret value. -- `allowed_network_class`: `codex-oauth-hosted-model-plus-local-vllm-fallback`. +- `credential_source_class`: `pi-models-json-local-provider-no-secret-plus-codex-oauth-fallback`; no secret value. +- `allowed_network_class`: `local-tailscale-vllm-spark1-plus-codex-oauth-fallback`. - `review_trigger`: before real Case Stage 2 admission JSON is written, before any credential source change, and before any default/fallback model change. - `evidence_sources`: `CTO-CASE-MODEL-PROVIDER-ADMISSION-ISSUES.md`, `CTO-CASE-PROVIDER-DECISION-PACKET-PRD.md`, `CTO-CASE-PROVIDER-DECISION-PACKET-ISSUES.md`, `/home/svrnty/workspaces/hermes/scripts/apply-hermes-model-policy.py`, `/home/svrnty/.hermes/config.yaml`. - `effect`: `CTO-WORK-020 remains blocked until admitted provider/model and real Stage 2 pass report exist`. ## Meaning -`external_provider_approved` means JP approved the provider decision branch for the existing Hermes model stack: `openai-codex` with model `gpt-5.5` as primary, and `vllm` with model `qwen3.6-35b-a3b` as fallback. +`local_provider_required` means JP approved the provider decision branch for the existing Hermes model stack: `qwen-local` with model `qwen3.6-35b-a3b` as primary, and `openai-codex` with model `gpt-5.5` as fallback. This record is not provider/model admission and is not Stage 2 pass evidence. It does not authorize Case to run until the `CTO-WORK-020` admission JSON exists and the Harness Evidence Interface proves real Stage 2. -`CTO-WORK-024` is resolved by this record selecting `external_provider_approved`. +`CTO-WORK-024` is resolved by this record selecting `local_provider_required`. ## Decision History @@ -45,7 +45,7 @@ Previous state: Future changes: -- Only JP or a governed Core route may change this record away from `external_provider_approved`. +- Only JP or a governed Core route may change this record away from `local_provider_required`. - Allowed future values remain `external_provider_approved` or `local_provider_required`. Any future state must include exact non-secret fields required by `CTO-WORK-020`: provider/model when applicable, approval source, credential source class, allowed network class, review trigger, and evidence expectations. @@ -56,9 +56,9 @@ Any future state must include exact non-secret fields required by `CTO-WORK-020` - No Target Repository path may be inspected or copied. - `CTO-WORK-020` remains provider/model admission authority. - `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` remains execution admission gate. -- `CTO-WORK-022` remains blocked because `decision_status=external_provider_approved`, not `local_provider_required`. +- `CTO-WORK-022` remains blocked until explicit local provider config is supplied and real Case Stage 2 pass evidence exists. - Real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist. -- Fallback to `vllm` with `qwen3.6-35b-a3b` must be explicit in admission evidence before it may count as a Case provider/model path. +- Fallback to `openai-codex` with `gpt-5.5` must be explicit in admission evidence before it may count as a Case provider/model path. - Existing evidence paths and commits are referenced only; runtime evidence is not copied into this record. ## Runtime Compatibility Finding - 2026-06-01 @@ -70,3 +70,11 @@ Any future state must include exact non-secret fields required by `CTO-WORK-020` - The non-secret admission JSON for that local Case path is `.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION.qwen-local-qwen3.6-35b-a3b.json`. - This finding does not change Hermes primary model policy. - This finding does not mark `CTO-WORK-020`, `CTO-WORK-016`, or Stage 2 as validated. + +## Provider Policy Update - 2026-06-01 + +- JP selected `qwen-local` / `qwen3.6-35b-a3b` on Spark as the default Case provider path. +- JP kept `openai-codex` / `gpt-5.5` as fallback only. +- The fallback remains blocked by the known OpenAI Codex auth bridge gap unless a non-vendor bridge is proven. +- The local Qwen path remains blocked before Case process start unless `CTO_HARNESS_CASE_LOCAL_BASE_URL` is explicitly supplied. +- This update changes provider policy only. It does not mark real Case Stage 2 as passed. diff --git a/WORKBOARD.yaml b/WORKBOARD.yaml index b1f3215..a2cda01 100644 --- a/WORKBOARD.yaml +++ b/WORKBOARD.yaml @@ -126,7 +126,7 @@ items: source: .sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-RECORD.md owner: "" - id: CTO-WORK-026 - title: OpenAI Codex Primary Provider Decision + title: Qwen Local Primary Provider Decision status: validated source: .sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-RECORD.md owner: "" diff --git a/tools/validate_cto_child.py b/tools/validate_cto_child.py index b1130db..f7a0ee1 100644 --- a/tools/validate_cto_child.py +++ b/tools/validate_cto_child.py @@ -468,7 +468,7 @@ REQUIRED_MODEL_PROVIDER_ADMISSION_ISSUE_PHRASES = [ "Admission JSON has `allowed_network_class`: `codex-oauth-hosted-model-plus-local-vllm-fallback`.", "Admission JSON has `approval_source`: `JP chat approval on 2026-05-31`.", "Admission JSON contains no secret keys or secret values.", - "Fallback to `vllm` / `qwen3.6-35b-a3b` remains explicit decision-record context and must be represented in runtime evidence before it may count as a Case provider/model path.", + "Fallback to `openai-codex` / `gpt-5.5` remains explicit decision-record context and must be represented in runtime evidence before it may count as a Case provider/model path.", "`CTO-WORK-020` remains blocked until real Case Stage 2 produces a Harness Evidence Interface pass report using this admission file.", "Real Case Stage 2 command must set `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` to this admission JSON path.", ] @@ -493,7 +493,7 @@ REQUIRED_QWEN_LOCAL_ADMISSION_JSON = { REQUIRED_LOCAL_PROVIDER_ROUTE_PRD_PHRASES = [ "Local planning SOT only. Not a Core Protocol. Not active Core authority.", - "`CTO-WORK-020` remains blocked until a provider policy decision exists.", + "`CTO-WORK-020` remains blocked until the selected local Qwen provider path produces real Case Stage 2 pass evidence.", "`decision_status=local_provider_required`", "local_case_compatible", "CTO-WORK-020` admission JSON gate as authority", @@ -548,7 +548,7 @@ REQUIRED_PROVIDER_DECISION_PACKET_PRD_PHRASES = [ "`CTO-WORK-020` is blocked by a provider policy decision.", "`external_provider_approved`", "`local_provider_required`", - "`not_decided` as the current safe state", + "`local_provider_required` as the current selected state", "does not approve a provider/model", "does not approve or admit any provider/model", "is not Stage 2 pass evidence", @@ -558,7 +558,7 @@ REQUIRED_PROVIDER_DECISION_PACKET_PRD_PHRASES = [ "CTO_HARNESS_CASE_MODEL_ADMISSION_FILE", "exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations", "no secret value in SOT, task file, argv, report, trace, backend logs, generated config, or commit", - "`CTO-WORK-022` blocked unless `decision_status=local_provider_required`", + "`CTO-WORK-022` blocked until explicit local provider config is supplied and real Case Stage 2 pass evidence exists", "real Case Stage 2 blocked unless a provider/model is admitted and a pass report exists through the Harness Evidence Interface", "no Target Repository path may be inspected or copied", "`provider_class`: `external_anthropic`", @@ -581,7 +581,7 @@ REQUIRED_PROVIDER_DECISION_PACKET_ISSUE_IDS = [ REQUIRED_PROVIDER_DECISION_PACKET_ISSUE_PHRASES = [ "Status: validated.", - "`not_decided` is current safe state", + "`local_provider_required` is current selected state", "`external_provider_approved`", "`local_provider_required`", "does not approve or admit any provider/model", @@ -592,14 +592,14 @@ REQUIRED_PROVIDER_DECISION_PACKET_ISSUE_PHRASES = [ "Keeps `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` as execution admission gate.", "Requires exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before admission.", "Requires no secrets in SOT, task file, argv, report, trace, backend logs, generated config, or commits.", - "States `CTO-WORK-022` stays blocked unless `decision_status=local_provider_required`.", + "States `CTO-WORK-022` stays blocked until explicit local provider config and real Case Stage 2 pass evidence exist.", "States real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.", "States no Target Repository path may be inspected or copied.", "Decision record selects exactly one branch: `external_provider_approved` or `local_provider_required`.", "Decision record is structured and uses only `not_decided`, `external_provider_approved`, or `local_provider_required`.", "Decision record references existing evidence paths and commits instead of copying runtime evidence.", "`CTO-WORK-020` remains blocked until admitted provider/model and real Stage 2 pass report exist.", - "`CTO-WORK-022` remains blocked unless `decision_status=local_provider_required`.", + "`CTO-WORK-022` remains blocked until explicit local provider config and real Case Stage 2 pass evidence exist.", "Real Case Stage 2 remains blocked unless `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` exists and matches `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL`.", "Decision record has `decision_status`: `not_decided`.", "Provider class, provider, model, approval source, credential source class, allowed network class, and review trigger remain empty while blocked.", @@ -614,52 +614,52 @@ REQUIRED_PROVIDER_DECISION_PACKET_ISSUE_PHRASES = [ "Record keeps `CTO-WORK-022` blocked unless `decision_status=local_provider_required`.", "Record keeps real Case Stage 2 blocked until admitted provider/model and Harness Evidence Interface pass report exist.", "Status: validated.", - "Record JP approval of the external provider decision branch for the current Hermes model stack.", - "Decision record has `decision_status`: `external_provider_approved`.", - "Decision record has `provider_class`: `external_openai_codex`.", - "Decision record has `provider`: `openai-codex`.", - "Decision record has `model`: `gpt-5.5`.", - "Decision record has `fallback_provider`: `vllm`.", - "Decision record has `fallback_model`: `qwen3.6-35b-a3b`.", - "Decision record has `credential_source_class`: `hermes-openai-codex-oauth-and-local-vllm-config`; no secret value.", - "Decision record has `allowed_network_class`: `codex-oauth-hosted-model-plus-local-vllm-fallback`.", + "Record JP approval of the local Qwen primary provider decision branch for the current Hermes model stack.", + "Decision record has `decision_status`: `local_provider_required`.", + "Decision record has `provider_class`: `local_case_compatible`.", + "Decision record has `provider`: `qwen-local`.", + "Decision record has `model`: `qwen3.6-35b-a3b`.", + "Decision record has `fallback_provider`: `openai-codex`.", + "Decision record has `fallback_model`: `gpt-5.5`.", + "Decision record has `credential_source_class`: `pi-models-json-local-provider-no-secret-plus-codex-oauth-fallback`; no secret value.", + "Decision record has `allowed_network_class`: `local-tailscale-vllm-spark1-plus-codex-oauth-fallback`.", "Decision record references Hermes model policy and local Hermes config as evidence sources without copying secrets.", - "Record says `CTO-WORK-024` is resolved by selecting `external_provider_approved`.", + "Record says `CTO-WORK-024` is resolved by selecting `local_provider_required`.", "Record keeps `CTO-WORK-020` blocked until admission JSON and real Stage 2 pass evidence exist.", - "Record keeps `CTO-WORK-022` blocked because `decision_status=external_provider_approved`, not `local_provider_required`.", - "Record requires fallback to `vllm` with `qwen3.6-35b-a3b` to be explicit in admission evidence before it may count as a Case provider/model path.", + "Record keeps `CTO-WORK-022` blocked until explicit local provider config and real Case Stage 2 pass evidence exist.", + "Record requires fallback to `openai-codex` with `gpt-5.5` to be explicit in admission evidence before it may count as a Case provider/model path.", ] REQUIRED_PROVIDER_DECISION_RECORD_PHRASES = [ "Local planning SOT only. Not a Core Protocol. Not active Core authority.", - "`decision_status`: `external_provider_approved`.", - "`provider_class`: `external_openai_codex`.", - "`provider`: `openai-codex`.", - "`model`: `gpt-5.5`.", - "`fallback_provider`: `vllm`.", - "`fallback_model`: `qwen3.6-35b-a3b`.", + "`decision_status`: `local_provider_required`.", + "`provider_class`: `local_case_compatible`.", + "`provider`: `qwen-local`.", + "`model`: `qwen3.6-35b-a3b`.", + "`fallback_provider`: `openai-codex`.", + "`fallback_model`: `gpt-5.5`.", "`approval_source`: JP chat approval on 2026-05-31.", - "`credential_source_class`: `hermes-openai-codex-oauth-and-local-vllm-config`; no secret value.", - "`allowed_network_class`: `codex-oauth-hosted-model-plus-local-vllm-fallback`.", + "`credential_source_class`: `pi-models-json-local-provider-no-secret-plus-codex-oauth-fallback`; no secret value.", + "`allowed_network_class`: `local-tailscale-vllm-spark1-plus-codex-oauth-fallback`.", "`review_trigger`: before real Case Stage 2 admission JSON is written, before any credential source change, and before any default/fallback model change.", "/home/svrnty/workspaces/hermes/scripts/apply-hermes-model-policy.py", "/home/svrnty/.hermes/config.yaml", "`effect`: `CTO-WORK-020 remains blocked until admitted provider/model and real Stage 2 pass report exist`.", - "`external_provider_approved` means JP approved the provider decision branch for the existing Hermes model stack: `openai-codex` with model `gpt-5.5` as primary, and `vllm` with model `qwen3.6-35b-a3b` as fallback.", + "`local_provider_required` means JP approved the provider decision branch for the existing Hermes model stack: `qwen-local` with model `qwen3.6-35b-a3b` as primary, and `openai-codex` with model `gpt-5.5` as fallback.", "This record is not provider/model admission and is not Stage 2 pass evidence.", - "`CTO-WORK-024` is resolved by this record selecting `external_provider_approved`.", + "`CTO-WORK-024` is resolved by this record selecting `local_provider_required`.", "Previous state:", "`decision_status`: `not_decided`.", "`not_decided` means no provider/model may run.", - "Only JP or a governed Core route may change this record away from `external_provider_approved`.", + "Only JP or a governed Core route may change this record away from `local_provider_required`.", "Allowed future values remain `external_provider_approved` or `local_provider_required`.", "No secret value may appear in SOT, task file, argv, report, trace, backend logs, generated config, or commit.", "No Target Repository path may be inspected or copied.", "`CTO-WORK-020` remains provider/model admission authority.", "`CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` remains execution admission gate.", - "`CTO-WORK-022` remains blocked because `decision_status=external_provider_approved`, not `local_provider_required`.", + "`CTO-WORK-022` remains blocked until explicit local provider config is supplied and real Case Stage 2 pass evidence exists.", "Real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.", - "Fallback to `vllm` with `qwen3.6-35b-a3b` must be explicit in admission evidence before it may count as a Case provider/model path.", + "Fallback to `openai-codex` with `gpt-5.5` must be explicit in admission evidence before it may count as a Case provider/model path.", "Existing evidence paths and commits are referenced only; runtime evidence is not copied into this record.", ]