test(conformance): lock the stance as anti-corrosion invariants#18
Draft
fractionalpm wants to merge 10 commits into
Draft
test(conformance): lock the stance as anti-corrosion invariants#18fractionalpm wants to merge 10 commits into
fractionalpm wants to merge 10 commits into
Conversation
Cross-cutting invariants that prove properties of the whole system, so the platform's stance cannot drift or corrode silently between commits: - TestZeroThirdPartyDependencies: go.mod declares no require/replace and no go.sum exists -- the headless, pure-stdlib promise, enforced. - TestNoThirdPartyImports: every import in every .go file (tests included) is stdlib or module-local. A dependency cannot sneak in subconsciously via a single import line. - TestCoreIsDeterministic: two independent cores, identical input -> identical answer, outcome, and trace (fixed clock). Unbiased and consistent by construction. Both anti-corrosion guards were verified to fail on a planted violation (a third-party import and a sneaked require line) and pass once reverted -- a guard that never bites is worthless. Unit tests prove each component; these prove the boundary holds at the edge, even when crossed inadvertently.
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
…recovery path A faked heartbeat (health signalled with no path to heal) is the cardinal distributed-systems sin: it suppresses the recovery the system would otherwise trigger. The agent must never fake completion. TestNoFakedHeartbeatAlwaysOffersRecoveryPath enforces the invariant: a turn either truly answers, or it escalates to a human (the recovery path) — never a non-answer stop with neither. Escalated <=> the turn did not truly answer; heartbeat and recovery path are never decoupled. Verified the guard bites: planting Escalated=false on a non-answer turn (a faked clean stop) makes the test FAIL; it passes once reverted.
… evidence BenchmarkCoreTurn measures a full retrieve-then-answer turn on the in-memory bindings (reason -> guard -> act -> screen -> observe -> persist -> exit). Baseline: ~27us/turn, 3425 B/op, 29 allocs/op. This is core orchestration overhead only; real end-to-end latency is model/IO bound (the fenced nondeterministic exception), which this deliberately excludes. Evidence over assertion: no faked performance claim without a measurement.
A Kubecontainer is knowledge as a content-addressed, signed Box: curated, sourced, resolving concepts. Built per the doctrine that emerged in design: - Concepts that resolve: each carries a source (provenance) and a resolves-check; no concept admitted without both. - Scope is domain-bound (by provenance): authority is the source domain; every concept's source must fall within the declared finite domain set. - Context is work-bound: which concept activates is set by the current work (a pod in KubeContainerWaiting selects image-pull-backoff). - Constraints define the boundaries; an infinite boundary is an invalid contract: the contract is bounded by a finite, non-empty domain set (no wildcard tenant). - Boundaries of operations: sandbox=isolated, read-only diagnosis; may not mutate a cluster, touch network/host, or answer outside its domain. Contents: 8 troubleshooting concepts (image-pull-backoff, crash-loop-backoff, pending-unschedulable, oom-killed, create-container-config-error, readiness-probe-failing, node-pressure-eviction, init-container-stuck). Box digest sha256:623f0b51...; UNSIGNED — boxctl builds, a human signs validity. The first concept resolves the live KubeContainerWaiting on the k3s deploy.
Persist the working-session definition of Autonomyx so it survives the session. Founder-authored (@fractionalpm), agent-scribed, bounded by the founder's horizon, awaiting signature. Files: - README.md overview, provenance, honesty notes - OBJECTIVE.md what Autonomyx intends to do (16 captured clauses + the promise) - DESIGN_PRINCIPLES.md foundations, pin-before-use stack, epistemic floor, actor model - LEXICON.md key terms, plain definitions, real referents - ARCHITECTURE.md stack: Arithmetic / Fabric / JDO-modeled DB / SurrealDB; DCI identity - REFERENCES.md pinned sources (Gartner DCI, Apache JDO, SurrealDB) with honesty notes NOT included: Cortex/Temporal/Heart (earlier metaphorical framing) — to be defined as real components if wanted.
HertzBeat (hertzbeat.apache.org) pinned as the real heartbeat/monitoring layer. Cortex/Temporal/Heart captured as earlier metaphor, flagged to be redefined with real referents before entering the enforceable spec.
…legal, backlog) Persist the remaining in-session work so nothing is lost: - CREED.md the vision/doctrine (marked: not the enforceable contract) - ANALYSIS.md gold-standards benchmark + evaluation scorecard + contract-parser design - VALIDATION_REGISTER.md k8s validation protocols + IT-authority layer + alpha/beta/GA staging - LEGAL_NOTES.md software-as-software licence drafting, enactability, claim discipline - BACKLOG.md defined-but-not-built items + outstanding founder decisions All DRAFT, unsigned, founder-authored, agent-scribed, bounded by the founder's horizon.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Adds a conformance / anti-corrosion test layer (
internal/conformance) — the platform's stance made executable. Unit tests prove each component; these prove properties of the whole that must not drift or corrode silently between commits.TestZeroThirdPartyDependenciesgo.moddeclares norequire/replace, and nogo.sumexists — the headless, pure-stdlib promise, enforced.TestNoThirdPartyImports.gofile (tests included) is stdlib or module-local. A dependency cannot sneak in subconsciously via one import line.TestCoreIsDeterministicThe guards bite (verified)
A guard that never fails is worthless, so both anti-corrosion guards were tested against planted violations:
TestNoThirdPartyImportsFAIL (imports third-party package "github.com/evil/backdoor")requireline →TestZeroThirdPartyDependenciesFAIL (go.mod:5 declares a dependency)Both pass once reverted.
Verification
go vet ./...— OKgo test -race ./...— all passgolangci-lint run ./...— 0 issuesConstraints honored
https://claude.ai/code/session_014yCQCSxtrRb6oH1nVbhKqz
Generated by Claude Code