hermes/cto
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
51977d36cd
cto/.sot/03-PROTOCOLS/CTO-CASE-STAGE5-OWNED-NONCRITICAL-REPO-ISSUES.md
Svrnty 51977d36cd Add Case Stage 5 owned repo planning
2026-05-31 23:43:50 -04:00

5.0 KiB
Raw Blame History

name tier status owner source created last_reviewed lifecycle_classification core_promotion_status description
cto-case-stage5-owned-noncritical-repo-issues local draft jp .sot/03-PROTOCOLS/CTO-CASE-STAGE5-OWNED-NONCRITICAL-REPO-PRD.md 2026-06-01 2026-06-01 planning not-promoted Child-local issue sequence for Stage 5 Case owned noncritical repository proof.

CTO Case Stage 5 Owned Noncritical Repository Issues

Local planning SOT only. Not a Core Protocol. Not active Core authority.

Issue Sequence

CTO-WORK-037 - Stage 5 Owned Noncritical Repo PRD

Type: AFK

Status: validated.

Blocked by: CTO-WORK-036

User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.

What to build: Define the Stage 5 owned noncritical repository proof before implementation starts.

Acceptance criteria:

  • PRD states Stage 5 allowed mutation scope is explicitly owned low-risk repository only.
  • PRD requires Stage 4 validation before Stage 5.
  • PRD requires CTO_HARNESS_ALLOW_CASE=1 and CTO_HARNESS_CASE_STAGE=5.
  • PRD requires Target Repository ownership proof and noncritical classification.
  • PRD requires approval requested/granted/denied events before mutation.
  • PRD requires allowed paths and forbidden actions before mutation.
  • PRD separates operator acceptance or rejection from test pass.
  • PRD forbids push, merge, deploy, close, PR open, issue close, public publication, critical repository mutation, unowned repository mutation, Case source mutation, vendor source mutation, Hermes WebUI mutation, and Cortex Core mutation.
  • PRD requires full Harness Evidence Interface artifacts.
  • PRD requires approval-denied, unowned-repository, critical-repository, disallowed-file, dirty-starting-tree, dirty-ending-tree, failed-tests, timeout, provider-unavailable, and missing-operator-outcome failure fixtures.
  • Local CTO validator checks Stage 5 PRD and issue artifact.

Allowed files: CTO child workspace planning docs and local validator only.

Validator: python3 tools/validate_cto_child.py

Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.

CTO-WORK-038 - Stage 5 Harness Owned Noncritical Repo Route

Type: HITL

Status: blocked.

Blocked by: CTO-WORK-037 and explicit JP selection or approval of an owned low-risk noncritical Target Repository.

User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.

What to build: In /home/svrnty/workspaces/hermes/cto/harness, implement the Stage 5 owned noncritical repository route behind the existing case engine seam.

Acceptance criteria:

  • case remains disabled by default.
  • CTO_HARNESS_ALLOW_CASE=1 remains required.
  • CTO_HARNESS_CASE_STAGE=5 is required before owned noncritical repository execution.
  • Missing Stage 5 gate emits blocked evidence and does not run Case.
  • Target Repository admission proof records owner, path, noncritical classification, allowed paths, forbidden actions, and approval source.
  • Unowned or critical repository admission blocks before mutation.
  • Approval denied blocks before mutation.
  • Approval granted is recorded before mutation.
  • Case mutates only allowed paths inside the admitted Target Repository.
  • No push, merge, deploy, close, PR open, issue close, or public publication occurs by default.
  • Operator acceptance or rejection is recorded after verification.
  • Required artifacts include Target Repository admission proof, approval proof, allowed-path proof, forbidden-action proof, operator outcome, report.json, report.md, events.normalized.jsonl, trace.jsonl, patch.diff, test.log, backend logs, artifact digests, and freshness proof.
  • Failure fixtures fail closed for approval denied, unowned repository, critical repository, disallowed file, dirty starting tree, dirty ending tree, failed tests, timeout, provider unavailable, and missing operator outcome.
  • Fake remains the default validation lane and broad health remains green after focused Stage 5 validation.

Allowed files: Hermes CTO harness engine, owned noncritical repo fixture admission records, focused Stage 5 validator, harness docs, and tests. WebUI, Core, Case source, vendor source, unowned repositories, critical repositories, production repositories, and external developer repositories are forbidden.

Validator: python3 harness/runner/validate-case-stage5.py --harness-root harness --json, then harness/evals/health.sh --json.

Done evidence: Stage 5 pass report, failure fixture reports, Target Repository admission proof, approval proof, allowed-path proof, forbidden-action proof, operator outcome, artifact digests, clean worktree, commit.

Granularity Check

This is intentionally two slices: one planning route and one executable harness route. Stage 5 is not over-granular because it is the first proof involving an admitted owned repository and must separate repository ownership, approval, allowed paths, verification, and operator outcome before default candidacy.