hermes/cto
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46b7296cb2
cto/.sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-APPROVAL-PACKET.md
Svrnty e2cd0d059c Add first real workflow approval packet
2026-06-01 06:33:51 -04:00

3.4 KiB
Raw Blame History

name tier status owner source created last_reviewed lifecycle_classification core_promotion_status description
cto-first-real-governed-workflow-approval-packet local validated jp .sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-ISSUES.md 2026-06-01 2026-06-01 planning not-promoted Child-local approval packet for the first real governed CTO workflow execution.

CTO First Real Governed Workflow Approval Packet

Local planning SOT only. Not a Core Protocol. Not active Core authority.

Status

Status: validated as an approval packet only.

This packet does not authorize execution. CTO-WORK-049 remains candidate until JP approves the exact Target Repository and task contract.

Proposed Target Repository

  • Target Repository: /home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox
  • Admission source: .sot/03-PROTOCOLS/CTO-CASE-STAGE5-TARGET-REPOSITORY-ADMISSION.json
  • Admission status: admitted
  • Repository owner: jp
  • Risk classification: low_risk_noncritical
  • Current observed state: clean main branch before approval packet creation

Proposed Task Contract

Task: align src/strings.py slugify behavior with the already-proven root strings.py implementation and add coverage for repeated and outer whitespace.

Allowed paths:

  • src/strings.py
  • test_strings.py

Forbidden actions:

  • push
  • merge
  • deploy
  • close
  • pr_open
  • issue_close
  • public_publication
  • credential_change
  • vendor_source_mutation
  • cortex_core_mutation

Forbidden paths:

  • .env
  • .env.*
  • secrets/
  • credentials/
  • deploy/
  • infra/
  • .github/workflows/
  • .git/

Success criteria:

  • src/strings.py uses whitespace-splitting slug behavior equivalent to root strings.py.
  • test_strings.py includes coverage for repeated spaces and outer spaces through the src.strings implementation.
  • Target repository ends clean after Harness post-processing.
  • Harness Evidence Interface artifacts exist.
  • Hermes Control Surface can expose replay paths after execution.
  • Runtime default activation remains false.

Validation command:

python3 -m pytest -q

Rollback expectation:

  • Revert the single target commit created by the Harness if JP rejects the operator outcome.
  • Do not push, merge, deploy, publish, or open a PR.

Required Approval

Before execution, JP must approve this exact sentence:

I approve CTO-WORK-049 against /home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox for the src/strings.py slugify alignment task.

Without that exact approval, execution remains blocked.

Execution Gate

Execution must use only the CTO Harness Case seam with:

  • CTO_HARNESS_ALLOW_CASE=1
  • CTO_HARNESS_CASE_STAGE=5
  • CTO_HARNESS_CASE_STAGE5_TARGET_ADMISSION_FILE pointing to the admitted Target Repository record
  • CTO_HARNESS_CASE_STAGE5_OPERATOR_OUTCOME recorded after verification

Case must not choose target, scope, authority, approval, success criteria, or default status.

Evidence Required After Execution

  • report.json
  • report.md
  • events.normalized.jsonl
  • trace.jsonl
  • patch.diff
  • test.log
  • backend logs
  • artifact digests
  • freshness proof
  • stage5 owned repo proof
  • Hermes Control Surface summary path

Non-Authority Notice

This approval packet is child-local planning. It does not promote CTO artifacts into Core, does not activate Case as default backend, and does not authorize mutation before JP approval.