Skip to content

docs(architecture): manifesto §02 non-functional requirements (Layer 2)#146

Merged
Yambr merged 2 commits into
next/v1from
feat/manifesto-02-nfrs-draft
May 24, 2026
Merged

docs(architecture): manifesto §02 non-functional requirements (Layer 2)#146
Yambr merged 2 commits into
next/v1from
feat/manifesto-02-nfrs-draft

Conversation

@Yambr

@Yambr Yambr commented May 24, 2026

Copy link
Copy Markdown
Collaborator

Description retired during the initial-public-release history consolidation. The canonical content lives in docs/architecture/ at the current tip.

@coderabbitai

coderabbitai Bot commented May 24, 2026

Copy link
Copy Markdown

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 31a9ff1f-e00b-463b-bdf1-fd767a390763

📥 Commits

Reviewing files that changed from the base of the PR and between 1d40541 and 27377ca.

📒 Files selected for processing (1)
  • scripts/docs-lint/gitignored-ref-detector.sh

Walkthrough

This PR adds a draft non-functional requirements manifesto (docs/architecture/manifesto/02-nfrs.md), a Bash linter that detects documentation references to gitignored paths (scripts/docs-lint/gitignored-ref-detector.sh), and updates .gitignore to exclude draft/translation and local review buffer markdown files.

Changes

NFR Manifesto and Quality Assurance

Layer / File(s) Summary
Core NFR manifesto: nine domains with measurable targets
docs/architecture/manifesto/02-nfrs.md
The draft manifesto establishes trust-boundary planes, a token TTL taxonomy, and nine quality domains (Functional Suitability, Performance, Interaction, Reliability, Security, Maintainability, Flexibility/Portability, Compliance, Cost) with scenario rows, measurable targets, verification methods, anti-pattern mappings, long-form scenario candidates, and open questions.
Documentation reference linter for detecting gitignored paths
scripts/docs-lint/gitignored-ref-detector.sh
New Bash script scans Markdown files under docs/architecture/ and docs/future-architecture/, extracts filesystem-like references from markdown links, backticks, and extension-filtered bare tokens, normalizes and filters them, and uses git check-ignore to fail when docs reference gitignored paths.
Gitignore configuration for drafts and translations
.gitignore
Added patterns to exclude Russian/disposable readability copies (*-ru.md, *-ru-tmp.md), the specific manifesto translation docs/architecture/manifesto/02-nfrs-ru.md, and local review buffer files under docs/future-architecture/research/.

🎯 2 (Simple) | ⏱️ ~12 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly identifies the main change: adding a non-functional requirements manifesto document (Layer 2) to the architecture documentation.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/manifesto-02-nfrs-draft

Comment @coderabbitai help to get the list of available commands and usage tips.

@Yambr Yambr changed the base branch from main to next/v1 May 24, 2026 16:34

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 19

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/architecture/manifesto/02-nfrs.md`:
- Around line 1-2: The SPDX header in the top-of-file comment is using
"FSL-1.1-Apache-2.0" but must follow repo policy; update the two HTML comment
lines so the first reads "<!-- SPDX-License-Identifier: BUSL-1.1 -->" and keep
the second as "<!-- Copyright (c) 2025 Open Computer Use Contributors -->"
(i.e., replace the existing SPDX identifier string used in the file header).

In `@docs/future-architecture/research/CONTRADICTION-CHECK-manifesto-02-v2.md`:
- Around line 1-2: The new research file CONTRADICTION-CHECK-manifesto-02-v2.md
is missing the required SPDX and copyright header; add an HTML-comment SPDX
license identifier and a copyright comment at the very top of the file (e.g., an
HTML comment stating the BUSL-1.1 SPDX identifier and a copyright line for 2025
Open Computer Use Contributors) so the file conforms to the
docs/future-architecture/research header policy.

In `@docs/future-architecture/research/CONTRADICTION-CHECK-manifesto-02.md`:
- Around line 1-2: Replace the incorrect SPDX HTML comment and copyright at the
top: change the existing "<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->"
comment to "<!-- SPDX-License-Identifier: BUSL-1.1 -->" and update the following
copyright comment to match the repo policy format (e.g. "<!-- Copyright (c) 2025
Open Computer Use Contributors -->"); locate these comments at the top of
CONTRADICTION-CHECK-manifesto-02.md and make the substitution so the file uses
the BUSL-1.1 SPDX header and the required copyright line.

In `@docs/future-architecture/research/CROSS-REVIEW-manifesto-02.md`:
- Around line 1-2: The file's SPDX/Copyright HTML comment header uses the wrong
tag `FSL-1.1-Apache-2.0`; update the top HTML comment to the mandated BUSL
string and copyright: replace `<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0
-->` with `<!-- SPDX-License-Identifier: BUSL-1.1 -->` and ensure the following
copyright comment is `<!-- Copyright (c) 2025 Open Computer Use Contributors
-->` so the file header matches the project policy.

In `@docs/future-architecture/research/nfr-anthropic-benchmark.md`:
- Around line 1-2: Replace the incorrect SPDX identifier string
"FSL-1.1-Apache-2.0" in the file header with the required "BUSL-1.1";
specifically update the SPDX header comment at the top of the file (the line
containing the SPDX-License-Identifier) to use BUSL-1.1 and leave the existing
copyright line ("Copyright (c) 2025 Open Computer Use Contributors") intact so
the header matches the repo's required format.

In `@docs/future-architecture/research/nfr-competitor-broad-sweep.md`:
- Around line 1-2: Update the SPDX license header in the file by replacing the
existing SPDX identifier value "FSL-1.1-Apache-2.0" with the required "BUSL-1.1"
while keeping the existing copyright line unchanged; locate the top-of-file SPDX
comment (the line containing "SPDX-License-Identifier:") and change only the
identifier token to "BUSL-1.1".

In `@docs/future-architecture/research/nfr-deep-mine.md`:
- Around line 1-2: Replace the existing SPDX header comment block with the
repository-required BUSL header: change the SPDX identifier from
"FSL-1.1-Apache-2.0" to "BUSL-1.1" and ensure the two leading comment lines
match the required form "# SPDX-License-Identifier: BUSL-1.1" and "# Copyright
(c) 2025 Open Computer Use Contributors" at the top of the file (replace the
current comment-style lines in the header).

In `@docs/future-architecture/research/nfr-domain.md`:
- Around line 1-2: Replace the incorrect SPDX header in the Markdown file:
change the existing SPDX identifier string "SPDX-License-Identifier:
FSL-1.1-Apache-2.0" to the required "SPDX-License-Identifier: BUSL-1.1" and
ensure the accompanying copyright line matches the project convention by using
the same comment-style header (e.g., prepend with "#" and set "Copyright (c)
2025 Open Computer Use Contributors"); update the top-of-file comment block so
the file begins with "# SPDX-License-Identifier: BUSL-1.1" and "# Copyright (c)
2025 Open Computer Use Contributors".

In `@docs/future-architecture/research/nfr-format-advisor.md`:
- Around line 1-2: The file header uses the wrong SPDX identifier; update the
SPDX line by replacing "FSL-1.1-Apache-2.0" with "BUSL-1.1" so the top comments
read the repository-required SPDX header and keep the existing copyright line
("Copyright (c) 2025 Open Computer Use Contributors"); ensure the header uses
the exact required token "# SPDX-License-Identifier: BUSL-1.1".

In `@docs/future-architecture/research/nfr-pattern-map.md`:
- Around line 1-2: Replace the SPDX header value in the new file from
"FSL-1.1-Apache-2.0" to the repository-required "BUSL-1.1" and ensure the top of
the file includes the matching copyright line; specifically update the existing
header comment (the two initial comment lines) so the first line reads "#
SPDX-License-Identifier: BUSL-1.1" and the second line remains or is set to "#
Copyright (c) 2025 Open Computer Use Contributors".

In `@docs/future-architecture/research/nfr-plan-mine.md`:
- Around line 1-2: Update the SPDX header at the top of the file to use the
repository-required license ID by replacing "SPDX-License-Identifier:
FSL-1.1-Apache-2.0" with "SPDX-License-Identifier: BUSL-1.1" while keeping the
existing copyright line "Copyright (c) 2025 Open Computer Use Contributors"
intact.

In `@docs/future-architecture/research/nfr-regulator-citations.md`:
- Around line 1-6: Add the mandatory license header above the YAML front matter
in this new Markdown file: insert the SPDX license identifier and the copyright
notice specified by the guidelines before the opening '---' so the file begins
with the required header lines (SPDX and Copyright for 2025 Open Computer Use
Contributors) followed by the existing front matter in
nfr-regulator-citations.md.

In `@docs/future-architecture/research/nfr-user-locked-in-bullets.md`:
- Around line 1-2: This file is missing the required license header: add an SPDX
and copyright header block at the very top of the document (above the existing
title line "# §02 NFRs — user-locked-in bullets") that states the SPDX license
identifier BUSL-1.1 and the copyright attribution to "Open Computer Use
Contributors" for 2025 using Markdown comment/line style appropriate for the
file so the header is the first lines in the file.

In `@docs/future-architecture/research/PLAN-CHECK-manifesto-02.md`:
- Around line 1-2: Replace the incorrect SPDX header string in the file by
changing the current SPDX identifier token "FSL-1.1-Apache-2.0" to the required
"BUSL-1.1" so the top-of-file header matches the repository new-file
requirement; ensure the existing copyright line "Copyright (c) 2025 Open
Computer Use Contributors" remains unchanged and the resulting header reads the
SPDX identifier followed by that copyright.

In `@docs/future-architecture/research/REVIEW-manifesto-02.md`:
- Around line 1-2: Replace the existing SPDX header comment "<!--
SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->" with the repo-required BUSL
identifier "<!-- SPDX-License-Identifier: BUSL-1.1 -->" and ensure the following
copyright comment reads exactly "Copyright (c) 2025 Open Computer Use
Contributors" (both wrapped as HTML comments like <!-- ... -->) so the top of
docs/future-architecture/research/REVIEW-manifesto-02.md matches the repo rule.

In `@docs/future-architecture/research/REVIEW-pr-02-v2.md`:
- Around line 1-2: Update the SPDX header in this new file: replace the current
SPDX identifier comment with the required BUSL-1.1 header format used for source
files—i.e., add a line "# SPDX-License-Identifier: BUSL-1.1" and ensure the
following copyright line reads "# Copyright (c) 2025 Open Computer Use
Contributors" so the file header matches the repository policy.

In `@docs/future-architecture/research/REVIEW-pr-02-v3.md`:
- Around line 1-2: Replace the current SPDX header/comment ("<!--
SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->") with the required repo header
lines exactly: "# SPDX-License-Identifier: BUSL-1.1" and "# Copyright (c) 2025
Open Computer Use Contributors" at the top of the file so the new source file
follows the coding guideline.

In `@docs/future-architecture/research/SUMMARY-manifesto-02.md`:
- Around line 1-2: Replace the existing SPDX HTML comment header in
SUMMARY-manifesto-02.md with the repo-required new-file license marker: change
the first two lines from the HTML comments (<!-- SPDX-License-Identifier:
FSL-1.1-Apache-2.0 --> and <!-- Copyright (c) 2025 Open Computer Use
Contributors -->) to the BUSL marker and copyright using hash-prefixed lines: "#
SPDX-License-Identifier: BUSL-1.1" and "# Copyright (c) 2025 Open Computer Use
Contributors", ensuring the SPDX identifier exactly matches BUSL-1.1.

In `@scripts/docs-lint/gitignored-ref-detector.sh`:
- Around line 2-3: Replace the current SPDX header in the script (the top two
comment lines containing "SPDX-License-Identifier: FSL-1.1-Apache-2.0" and the
copyright line) with the mandated BUSL header: update the SPDX identifier to
"BUSL-1.1" and keep the existing copyright line "Copyright (c) 2025 Open
Computer Use Contributors" so the file begins with "# SPDX-License-Identifier:
BUSL-1.1" followed by "# Copyright (c) 2025 Open Computer Use Contributors".
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 390cf2a9-54bf-4b5f-936f-f5e3bda8e168

📥 Commits

Reviewing files that changed from the base of the PR and between 763dcb4 and 10ad81a.

📒 Files selected for processing (20)
  • .gitignore
  • docs/architecture/manifesto/02-nfrs.md
  • docs/future-architecture/research/CONTRADICTION-CHECK-manifesto-02-v2.md
  • docs/future-architecture/research/CONTRADICTION-CHECK-manifesto-02.md
  • docs/future-architecture/research/CROSS-REVIEW-manifesto-02.md
  • docs/future-architecture/research/PLAN-CHECK-manifesto-02.md
  • docs/future-architecture/research/REVIEW-manifesto-02.md
  • docs/future-architecture/research/REVIEW-pr-02-v2.md
  • docs/future-architecture/research/REVIEW-pr-02-v3.md
  • docs/future-architecture/research/SUMMARY-manifesto-02.md
  • docs/future-architecture/research/nfr-anthropic-benchmark.md
  • docs/future-architecture/research/nfr-competitor-broad-sweep.md
  • docs/future-architecture/research/nfr-deep-mine.md
  • docs/future-architecture/research/nfr-domain.md
  • docs/future-architecture/research/nfr-format-advisor.md
  • docs/future-architecture/research/nfr-pattern-map.md
  • docs/future-architecture/research/nfr-plan-mine.md
  • docs/future-architecture/research/nfr-regulator-citations.md
  • docs/future-architecture/research/nfr-user-locked-in-bullets.md
  • scripts/docs-lint/gitignored-ref-detector.sh

Comment on lines +1 to +2
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Header license identifier conflicts with repository policy for new files.

This should be BUSL-1.1 per the repo rule.

Suggested fix
-<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
+<!-- SPDX-License-Identifier: BUSL-1.1 -->
 <!-- Copyright (c) 2025 Open Computer Use Contributors -->

As per coding guidelines: “All other new source files MUST include SPDX license header: # SPDX-License-Identifier: BUSL-1.1 with # Copyright (c) 2025 Open Computer Use Contributors”.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->
<!-- SPDX-License-Identifier: BUSL-1.1 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/architecture/manifesto/02-nfrs.md` around lines 1 - 2, The SPDX header
in the top-of-file comment is using "FSL-1.1-Apache-2.0" but must follow repo
policy; update the two HTML comment lines so the first reads "<!--
SPDX-License-Identifier: BUSL-1.1 -->" and keep the second as "<!-- Copyright
(c) 2025 Open Computer Use Contributors -->" (i.e., replace the existing SPDX
identifier string used in the file header).

Comment on lines +1 to +2
# Contradiction sweep v2 — `manifesto/02-nfrs.md`

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Add the required SPDX/copyright header at the top of this new research file.

This file is missing the mandatory BUSL SPDX header and copyright line.

As per coding guidelines "**/*: All other new source files MUST include SPDX license header: # SPDX-License-Identifier: BUSL-1.1 with # Copyright (c) 2025 Open Computer Use Contributors". Based on learnings "Markdown files under docs/future-architecture/research/ ... should include an SPDX license identifier at the top using an HTML comment, e.g. <!-- SPDX-License-Identifier: BUSL-1.1 -->."

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/future-architecture/research/CONTRADICTION-CHECK-manifesto-02-v2.md`
around lines 1 - 2, The new research file CONTRADICTION-CHECK-manifesto-02-v2.md
is missing the required SPDX and copyright header; add an HTML-comment SPDX
license identifier and a copyright comment at the very top of the file (e.g., an
HTML comment stating the BUSL-1.1 SPDX identifier and a copyright line for 2025
Open Computer Use Contributors) so the file conforms to the
docs/future-architecture/research header policy.

Comment on lines +1 to +2
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

SPDX identifier is incorrect for this repository policy.

Please replace FSL-1.1-Apache-2.0 with the required BUSL SPDX header/copyright format for new research docs.

As per coding guidelines "**/*: All other new source files MUST include SPDX license header: # SPDX-License-Identifier: BUSL-1.1 with # Copyright (c) 2025 Open Computer Use Contributors". Based on learnings "Markdown files under docs/future-architecture/research/ ... should include an SPDX license identifier at the top using an HTML comment, e.g. <!-- SPDX-License-Identifier: BUSL-1.1 -->."

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/future-architecture/research/CONTRADICTION-CHECK-manifesto-02.md` around
lines 1 - 2, Replace the incorrect SPDX HTML comment and copyright at the top:
change the existing "<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->"
comment to "<!-- SPDX-License-Identifier: BUSL-1.1 -->" and update the following
copyright comment to match the repo policy format (e.g. "<!-- Copyright (c) 2025
Open Computer Use Contributors -->"); locate these comments at the top of
CONTRADICTION-CHECK-manifesto-02.md and make the substitution so the file uses
the BUSL-1.1 SPDX header and the required copyright line.

Comment on lines +1 to +2
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Header license tag should match the mandated BUSL SPDX value.

This new research file currently declares FSL-1.1-Apache-2.0; please align it to the required BUSL SPDX/copyright header.

As per coding guidelines "**/*: All other new source files MUST include SPDX license header: # SPDX-License-Identifier: BUSL-1.1 with # Copyright (c) 2025 Open Computer Use Contributors". Based on learnings "Markdown files under docs/future-architecture/research/ ... should include an SPDX license identifier at the top using an HTML comment, e.g. <!-- SPDX-License-Identifier: BUSL-1.1 -->."

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/future-architecture/research/CROSS-REVIEW-manifesto-02.md` around lines
1 - 2, The file's SPDX/Copyright HTML comment header uses the wrong tag
`FSL-1.1-Apache-2.0`; update the top HTML comment to the mandated BUSL string
and copyright: replace `<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->`
with `<!-- SPDX-License-Identifier: BUSL-1.1 -->` and ensure the following
copyright comment is `<!-- Copyright (c) 2025 Open Computer Use Contributors
-->` so the file header matches the project policy.

Comment on lines +1 to +2
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Replace SPDX value with the required one for this repo.

The file header uses FSL-1.1-Apache-2.0, but policy requires BUSL-1.1 on new source files.

Proposed fix
-<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
+<!-- SPDX-License-Identifier: BUSL-1.1 -->
 <!-- Copyright (c) 2025 Open Computer Use Contributors -->

As per coding guidelines "**/*: All other new source files MUST include SPDX license header: # SPDX-License-Identifier: BUSL-1.1 with # Copyright (c) 2025 Open Computer Use Contributors".

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->
<!-- SPDX-License-Identifier: BUSL-1.1 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/future-architecture/research/nfr-anthropic-benchmark.md` around lines 1
- 2, Replace the incorrect SPDX identifier string "FSL-1.1-Apache-2.0" in the
file header with the required "BUSL-1.1"; specifically update the SPDX header
comment at the top of the file (the line containing the SPDX-License-Identifier)
to use BUSL-1.1 and leave the existing copyright line ("Copyright (c) 2025 Open
Computer Use Contributors") intact so the header matches the repo's required
format.

Comment on lines +1 to +2
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Use the repository-required SPDX header for research docs.

This new file uses FSL-1.1-Apache-2.0, but the repo rule for these docs expects BUSL-style SPDX/copyright headers. Please switch this header to the required BUSL form.

As per coding guidelines "**/*: All other new source files MUST include SPDX license header: # SPDX-License-Identifier: BUSL-1.1 with # Copyright (c) 2025 Open Computer Use Contributors". Based on learnings "Markdown files under docs/future-architecture/research/ ... should include an SPDX license identifier at the top using an HTML comment, e.g. <!-- SPDX-License-Identifier: BUSL-1.1 -->."

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/future-architecture/research/REVIEW-manifesto-02.md` around lines 1 - 2,
Replace the existing SPDX header comment "<!-- SPDX-License-Identifier:
FSL-1.1-Apache-2.0 -->" with the repo-required BUSL identifier "<!--
SPDX-License-Identifier: BUSL-1.1 -->" and ensure the following copyright
comment reads exactly "Copyright (c) 2025 Open Computer Use Contributors" (both
wrapped as HTML comments like <!-- ... -->) so the top of
docs/future-architecture/research/REVIEW-manifesto-02.md matches the repo rule.

Comment on lines +1 to +2
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Repository SPDX policy mismatch in new file header.

For this new file, the SPDX identifier should be BUSL-1.1.

Suggested fix
-<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
+<!-- SPDX-License-Identifier: BUSL-1.1 -->
 <!-- Copyright (c) 2025 Open Computer Use Contributors -->

As per coding guidelines: “All other new source files MUST include SPDX license header: # SPDX-License-Identifier: BUSL-1.1 with # Copyright (c) 2025 Open Computer Use Contributors”.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->
<!-- SPDX-License-Identifier: BUSL-1.1 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/future-architecture/research/REVIEW-pr-02-v2.md` around lines 1 - 2,
Update the SPDX header in this new file: replace the current SPDX identifier
comment with the required BUSL-1.1 header format used for source files—i.e., add
a line "# SPDX-License-Identifier: BUSL-1.1" and ensure the following copyright
line reads "# Copyright (c) 2025 Open Computer Use Contributors" so the file
header matches the repository policy.

Comment on lines +1 to +2
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

SPDX line in this new file should use BUSL-1.1 per repo rule.

Current value is not aligned with the coding guideline for new source files.

Suggested fix
-<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
+<!-- SPDX-License-Identifier: BUSL-1.1 -->
 <!-- Copyright (c) 2025 Open Computer Use Contributors -->

As per coding guidelines: “All other new source files MUST include SPDX license header: # SPDX-License-Identifier: BUSL-1.1 with # Copyright (c) 2025 Open Computer Use Contributors”.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->
<!-- SPDX-License-Identifier: BUSL-1.1 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/future-architecture/research/REVIEW-pr-02-v3.md` around lines 1 - 2,
Replace the current SPDX header/comment ("<!-- SPDX-License-Identifier:
FSL-1.1-Apache-2.0 -->") with the required repo header lines exactly: "#
SPDX-License-Identifier: BUSL-1.1" and "# Copyright (c) 2025 Open Computer Use
Contributors" at the top of the file so the new source file follows the coding
guideline.

Comment on lines +1 to +2
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Please align SPDX header with the repo’s required new-file license marker.

This new document should use BUSL-1.1 in the SPDX line.

Suggested fix
-<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
+<!-- SPDX-License-Identifier: BUSL-1.1 -->
 <!-- Copyright (c) 2025 Open Computer Use Contributors -->

As per coding guidelines: “All other new source files MUST include SPDX license header: # SPDX-License-Identifier: BUSL-1.1 with # Copyright (c) 2025 Open Computer Use Contributors”.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->
<!-- SPDX-License-Identifier: BUSL-1.1 -->
<!-- Copyright (c) 2025 Open Computer Use Contributors -->
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/future-architecture/research/SUMMARY-manifesto-02.md` around lines 1 -
2, Replace the existing SPDX HTML comment header in SUMMARY-manifesto-02.md with
the repo-required new-file license marker: change the first two lines from the
HTML comments (<!-- SPDX-License-Identifier: FSL-1.1-Apache-2.0 --> and <!--
Copyright (c) 2025 Open Computer Use Contributors -->) to the BUSL marker and
copyright using hash-prefixed lines: "# SPDX-License-Identifier: BUSL-1.1" and
"# Copyright (c) 2025 Open Computer Use Contributors", ensuring the SPDX
identifier exactly matches BUSL-1.1.

Comment on lines +2 to +3
# SPDX-License-Identifier: FSL-1.1-Apache-2.0
# Copyright (c) 2025 Open Computer Use Contributors

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Script header license is out of policy.

Please update the SPDX/copyright header to the mandated BUSL format for new source files.

Proposed fix
-# SPDX-License-Identifier: FSL-1.1-Apache-2.0
+# SPDX-License-Identifier: BUSL-1.1
 # Copyright (c) 2025 Open Computer Use Contributors

As per coding guidelines "**/*: All other new source files MUST include SPDX license header: # SPDX-License-Identifier: BUSL-1.1 with # Copyright (c) 2025 Open Computer Use Contributors."

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
# SPDX-License-Identifier: FSL-1.1-Apache-2.0
# Copyright (c) 2025 Open Computer Use Contributors
# SPDX-License-Identifier: BUSL-1.1
# Copyright (c) 2025 Open Computer Use Contributors
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/docs-lint/gitignored-ref-detector.sh` around lines 2 - 3, Replace the
current SPDX header in the script (the top two comment lines containing
"SPDX-License-Identifier: FSL-1.1-Apache-2.0" and the copyright line) with the
mandated BUSL header: update the SPDX identifier to "BUSL-1.1" and keep the
existing copyright line "Copyright (c) 2025 Open Computer Use Contributors" so
the file begins with "# SPDX-License-Identifier: BUSL-1.1" followed by "#
Copyright (c) 2025 Open Computer Use Contributors".

§02 catalogues 142 NFR rows across 9 ISO/IEC 25010:2023 categories with
hybrid Compliance + Cost sections. Each row carries a measurable target,
verification, and source — no aspirational prose.

Three trust planes locked in:
- inbound: Ed25519 JWT on WebSocket bound to container_name
- data access: scoped JWT through credential broker bound to filesystem_id
- egress: network-bound, single path through MITM-proxy

Tier-aware design preserves one-click solo install:
- default tier: Apache-2.0 + TCP + single docker-compose up
- bank tier: HSM-signed Merkle audit, FIPS image variant, mTLS substrate

Standing rules respected:
- zero refs to sandboxd/, process_api_re, "reverse-engineered",
  "Anthropic-observed", or sysbox (security-policy)
- 259 lines (under the 400-line MANIFESTO/sub-doc cap)
- gitignored-ref-detector passes on §02

Adds support tooling:
- scripts/docs-lint/gitignored-ref-detector.sh — fails CI when any doc
  under docs/architecture/ or docs/future-architecture/ cites a path that
  is in .gitignore (reader from a clean clone sees a dead link)
- .gitignore — translations (*-ru.md) marked disposable

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@Yambr Yambr force-pushed the feat/manifesto-02-nfrs-draft branch from 10ad81a to 1d40541 Compare May 24, 2026 16:46

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

♻️ Duplicate comments (2)
docs/architecture/manifesto/02-nfrs.md (1)

1-2: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

SPDX identifier is still out of policy for new files.

Please replace FSL-1.1-Apache-2.0 with BUSL-1.1 in the file header.

As per coding guidelines “All other new source files MUST include SPDX license header: # SPDX-License-Identifier: BUSL-1.1 with # Copyright (c) 2025 Open Computer Use Contributors”.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/architecture/manifesto/02-nfrs.md` around lines 1 - 2, The SPDX header
is using the wrong identifier; update the top comment to use BUSL-1.1 instead of
FSL-1.1-Apache-2.0 by replacing the SPDX line (the line containing
"SPDX-License-Identifier: FSL-1.1-Apache-2.0") with "SPDX-License-Identifier:
BUSL-1.1" while keeping the existing copyright line ("Copyright (c) 2025 Open
Computer Use Contributors") intact.
scripts/docs-lint/gitignored-ref-detector.sh (1)

2-3: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Script SPDX header is still out of policy.

Update the SPDX identifier to BUSL-1.1.

As per coding guidelines “All other new source files MUST include SPDX license header: # SPDX-License-Identifier: BUSL-1.1 with # Copyright (c) 2025 Open Computer Use Contributors”.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/docs-lint/gitignored-ref-detector.sh` around lines 2 - 3, Replace the
current SPDX header line "# SPDX-License-Identifier: FSL-1.1-Apache-2.0" with
the required identifier "# SPDX-License-Identifier: BUSL-1.1" (keep the existing
"# Copyright (c) 2025 Open Computer Use Contributors" line intact) so the
top-of-file header in gitignored-ref-detector.sh conforms to the project's SPDX
policy.
🧹 Nitpick comments (1)
scripts/docs-lint/gitignored-ref-detector.sh (1)

18-23: ⚡ Quick win

Commented exceptions don’t match implemented behavior.

The header says docs/ paths are exempt, but no such filter exists. Please either implement that exception or update the comment block to reflect real behavior.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/docs-lint/gitignored-ref-detector.sh` around lines 18 - 23, The
comment claims paths under `docs/` are exempt but the implemented exception
checks don't include that; update the script by either adding the `docs/`
allowlist rule to the existing exception logic (the same place that handles
`.planning/` and URL checks) so paths starting with `docs/` are skipped, or edit
the header comment to remove the `docs/` exemption so it matches actual
behavior; ensure you change the exception handling block that processes file
path patterns (the allowlist/exception check) and keep the other heuristics (URL
and inline code-span) unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@scripts/docs-lint/gitignored-ref-detector.sh`:
- Around line 61-64: The current normalization of variable clean (from path)
naively strips leading ./ and ../ which breaks resolution against the document
location; instead, resolve relative refs against the document directory: if path
is relative (starts with ./ or ../) compute clean by joining dirname "$doc" and
the original path then canonicalizing/normalizing it (e.g., via realpath -m or a
portable readlink/python os.path.normpath fallback) before continuing to strip
URLs or absolute non-repo paths; update the code around the clean= assignments
to perform this join+normalize using the variables path and doc (and preserve
existing URL/absolute checks).

---

Duplicate comments:
In `@docs/architecture/manifesto/02-nfrs.md`:
- Around line 1-2: The SPDX header is using the wrong identifier; update the top
comment to use BUSL-1.1 instead of FSL-1.1-Apache-2.0 by replacing the SPDX line
(the line containing "SPDX-License-Identifier: FSL-1.1-Apache-2.0") with
"SPDX-License-Identifier: BUSL-1.1" while keeping the existing copyright line
("Copyright (c) 2025 Open Computer Use Contributors") intact.

In `@scripts/docs-lint/gitignored-ref-detector.sh`:
- Around line 2-3: Replace the current SPDX header line "#
SPDX-License-Identifier: FSL-1.1-Apache-2.0" with the required identifier "#
SPDX-License-Identifier: BUSL-1.1" (keep the existing "# Copyright (c) 2025 Open
Computer Use Contributors" line intact) so the top-of-file header in
gitignored-ref-detector.sh conforms to the project's SPDX policy.

---

Nitpick comments:
In `@scripts/docs-lint/gitignored-ref-detector.sh`:
- Around line 18-23: The comment claims paths under `docs/` are exempt but the
implemented exception checks don't include that; update the script by either
adding the `docs/` allowlist rule to the existing exception logic (the same
place that handles `.planning/` and URL checks) so paths starting with `docs/`
are skipped, or edit the header comment to remove the `docs/` exemption so it
matches actual behavior; ensure you change the exception handling block that
processes file path patterns (the allowlist/exception check) and keep the other
heuristics (URL and inline code-span) unchanged.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 1665ae68-ccd8-4d8d-9d8e-4481a2187433

📥 Commits

Reviewing files that changed from the base of the PR and between 10ad81a and 1d40541.

📒 Files selected for processing (3)
  • .gitignore
  • docs/architecture/manifesto/02-nfrs.md
  • scripts/docs-lint/gitignored-ref-detector.sh
✅ Files skipped from review due to trivial changes (1)
  • .gitignore

Comment on lines +61 to +64
clean=$(echo "$path" | sed -E 's/[:#].*$//')
# strip leading ./ or ../
clean=$(echo "$clean" | sed -E 's|^\./||; s|^(\.\./)+||')
# skip URLs and absolute non-repo paths

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Relative-path normalization breaks reference resolution.

Removing leading ..//./ without resolving against $(dirname "$doc") can check the wrong path and miss gitignored refs.

Proposed fix
-      # strip leading ./ or ../
-      clean=$(echo "$clean" | sed -E 's|^\./||; s|^(\.\./)+||')
+      # Resolve doc-relative refs to repo-relative paths.
+      if [[ "$clean" != /* ]]; then
+        doc_dir="$(dirname "$doc")"
+        clean="$(realpath -m --relative-to="$ROOT" "$doc_dir/$clean")"
+      else
+        clean="${clean#/}"
+      fi
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
clean=$(echo "$path" | sed -E 's/[:#].*$//')
# strip leading ./ or ../
clean=$(echo "$clean" | sed -E 's|^\./||; s|^(\.\./)+||')
# skip URLs and absolute non-repo paths
clean=$(echo "$path" | sed -E 's/[:#].*$//')
# Resolve doc-relative refs to repo-relative paths.
if [[ "$clean" != /* ]]; then
doc_dir="$(dirname "$doc")"
clean="$(realpath -m --relative-to="$ROOT" "$doc_dir/$clean")"
else
clean="${clean#/}"
fi
# skip URLs and absolute non-repo paths
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/docs-lint/gitignored-ref-detector.sh` around lines 61 - 64, The
current normalization of variable clean (from path) naively strips leading ./
and ../ which breaks resolution against the document location; instead, resolve
relative refs against the document directory: if path is relative (starts with
./ or ../) compute clean by joining dirname "$doc" and the original path then
canonicalizing/normalizing it (e.g., via realpath -m or a portable
readlink/python os.path.normpath fallback) before continuing to strip URLs or
absolute non-repo paths; update the code around the clean= assignments to
perform this join+normalize using the variables path and doc (and preserve
existing URL/absolute checks).

… match implementation

CodeRabbit caught that the "Allowed exceptions" header listed four cases
(`.planning/`, URLs, `docs/`, code-span heuristic) but the script body
only implemented two (URLs + absolute non-repo paths + a system-path
heuristic). Rewrites the comment block to describe what is actually
filtered out vs what is intentionally left to `git check-ignore`.

No behaviour change. Honest documentation only.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@Yambr Yambr merged commit c822bb2 into next/v1 May 24, 2026
17 checks passed
@Yambr Yambr deleted the feat/manifesto-02-nfrs-draft branch May 24, 2026 16:56
Yambr added a commit that referenced this pull request May 27, 2026
Layer 4 of the next/v1 manifesto stack, following §01 audience-and-buyer
(PR #143), §02 NFRs (PR #146), and §02 trust-boundaries (PR #147). One
canonical Mermaid + one ≤80-line doc, per the plan's "intentionally
minimal" framing.

Scope:
- 03-c4-context.md (54 lines) — purpose / inside-the-box / diagram
  reference / external actor table with required-vs-optional column /
  scope-out / open questions.
- diagrams/c4-context.mmd (44 lines) — flowchart LR + project palette
  (red/amber/green/blue), same engine as 02-trust-boundaries.mmd.
  Convention: solid = required, dashed = optional configuration.

Five research agents (competitor format sweep, legacy mine, OCU value
articulation, OCU-vs-Wide-Moat boundary, diagram-format advisor)
synthesised in docs/future-architecture/research/SUMMARY-layer4.md.
Key agreed decisions:

- OCU is the central box; Wide-Moat is mentioned once as the opinionated
  bundle that ships OCU + peers (n8n, Open WebUI) as one curated stack
  but is not required for OCU to be useful.
- Siblings are an open class: any MCP-speaking peer is a first-class
  integration; REST is a fallback. n8n and Open WebUI are examples in
  the bundle, not the definition of "sibling."
- The §02 §3 actor table stays the single source of truth — Layer 4
  cross-references it instead of duplicating, then adds an "optionality"
  column the actor table did not need at Layer 3.
- LLM upstream is NOT a separate actor on Layer 4 — it is one of the
  MCP-speaking peers (model-neutral by construction). Customer object
  store is not an actor either — §02 line 45 already classifies it as
  an outbound endpoint behind the egress policy, not a contract-bearing
  actor. No backport to §02 §3 needed.
- Preamble framing (Why OCU): practitioner-first value-creation
  ("build automations once, delegate, scale across a team without
  leaving the safety boundary"), with model-neutrality via MCP as the
  integration property. Not TPRM-first, not moat-intersection.

Diagram engine: plain Mermaid flowchart with the project palette
verbatim from 02-trust-boundaries.mmd. Rejected alternatives:
Mermaid C4Context (upstream-experimental, palette divergence),
C4-PlantUML (no GitHub-native render).

Open question §6 #1 (Wide-Moat bundling status for n8n + Open WebUI on
next/v1) tracked at #154. The integration shape is locked here; the
packaging decision is not Layer 4's job.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Yambr added a commit that referenced this pull request May 27, 2026
Layer 4 of the next/v1 manifesto stack, following §01 audience-and-buyer
(PR #143), §02 NFRs (PR #146), and §02 trust-boundaries (PR #147). One
canonical Mermaid + one ≤80-line doc, per the plan's "intentionally
minimal" framing.

Scope:
- 03-c4-context.md (54 lines) — purpose / inside-the-box / diagram
  reference / external actor table with required-vs-optional column /
  scope-out / open questions.
- diagrams/c4-context.mmd (44 lines) — flowchart LR + project palette
  (red/amber/green/blue), same engine as 02-trust-boundaries.mmd.
  Convention: solid = required, dashed = optional configuration.

Five research agents (competitor format sweep, legacy mine, OCU value
articulation, OCU-vs-Wide-Moat boundary, diagram-format advisor)
synthesised in docs/future-architecture/research/SUMMARY-layer4.md.
Key agreed decisions:

- OCU is the central box; Wide-Moat is mentioned once as the opinionated
  bundle that ships OCU + peers (n8n, Open WebUI) as one curated stack
  but is not required for OCU to be useful.
- Siblings are an open class: any MCP-speaking peer is a first-class
  integration; REST is a fallback. n8n and Open WebUI are examples in
  the bundle, not the definition of "sibling."
- The §02 §3 actor table stays the single source of truth — Layer 4
  cross-references it instead of duplicating, then adds an "optionality"
  column the actor table did not need at Layer 3.
- LLM upstream is NOT a separate actor on Layer 4 — it is one of the
  MCP-speaking peers (model-neutral by construction). Customer object
  store is not an actor either — §02 line 45 already classifies it as
  an outbound endpoint behind the egress policy, not a contract-bearing
  actor. No backport to §02 §3 needed.
- Preamble framing (Why OCU): practitioner-first value-creation
  ("build automations once, delegate, scale across a team without
  leaving the safety boundary"), with model-neutrality via MCP as the
  integration property. Not TPRM-first, not moat-intersection.

Diagram engine: plain Mermaid flowchart with the project palette
verbatim from 02-trust-boundaries.mmd. Rejected alternatives:
Mermaid C4Context (upstream-experimental, palette divergence),
C4-PlantUML (no GitHub-native render).

Open question §6 #1 (Wide-Moat bundling status for n8n + Open WebUI on
next/v1) tracked at #154. The integration shape is locked here; the
packaging decision is not Layer 4's job.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Yambr added a commit that referenced this pull request May 29, 2026
Layer 4 of the next/v1 manifesto stack, following §01 audience-and-buyer
(PR #143), §02 NFRs (PR #146), and §02 trust-boundaries (PR #147). One
canonical Mermaid + one ≤80-line doc, per the plan's "intentionally
minimal" framing.

Scope:
- 03-c4-context.md (54 lines) — purpose / inside-the-box / diagram
  reference / external actor table with required-vs-optional column /
  scope-out / open questions.
- diagrams/c4-context.mmd (44 lines) — flowchart LR + project palette
  (red/amber/green/blue), same engine as 02-trust-boundaries.mmd.
  Convention: solid = required, dashed = optional configuration.

Five research agents (competitor format sweep, legacy mine, OCU value
articulation, OCU-vs-Wide-Moat boundary, diagram-format advisor)
synthesised in docs/future-architecture/research/SUMMARY-layer4.md.
Key agreed decisions:

- OCU is the central box; Wide-Moat is mentioned once as the opinionated
  bundle that ships OCU + peers (n8n, Open WebUI) as one curated stack
  but is not required for OCU to be useful.
- Siblings are an open class: any MCP-speaking peer is a first-class
  integration; REST is a fallback. n8n and Open WebUI are examples in
  the bundle, not the definition of "sibling."
- The §02 §3 actor table stays the single source of truth — Layer 4
  cross-references it instead of duplicating, then adds an "optionality"
  column the actor table did not need at Layer 3.
- LLM upstream is NOT a separate actor on Layer 4 — it is one of the
  MCP-speaking peers (model-neutral by construction). Customer object
  store is not an actor either — §02 line 45 already classifies it as
  an outbound endpoint behind the egress policy, not a contract-bearing
  actor. No backport to §02 §3 needed.
- Preamble framing (Why OCU): practitioner-first value-creation
  ("build automations once, delegate, scale across a team without
  leaving the safety boundary"), with model-neutrality via MCP as the
  integration property. Not TPRM-first, not moat-intersection.

Diagram engine: plain Mermaid flowchart with the project palette
verbatim from 02-trust-boundaries.mmd. Rejected alternatives:
Mermaid C4Context (upstream-experimental, palette divergence),
C4-PlantUML (no GitHub-native render).

Open question §6 #1 (Wide-Moat bundling status for n8n + Open WebUI on
next/v1) tracked at #154. The integration shape is locked here; the
packaging decision is not Layer 4's job.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Yambr added a commit that referenced this pull request May 29, 2026
* docs(architecture): manifesto Layer 4 — C4 Context (draft)

Layer 4 of the next/v1 manifesto stack, following §01 audience-and-buyer
(PR #143), §02 NFRs (PR #146), and §02 trust-boundaries (PR #147). One
canonical Mermaid + one ≤80-line doc, per the plan's "intentionally
minimal" framing.

Scope:
- 03-c4-context.md (54 lines) — purpose / inside-the-box / diagram
  reference / external actor table with required-vs-optional column /
  scope-out / open questions.
- diagrams/c4-context.mmd (44 lines) — flowchart LR + project palette
  (red/amber/green/blue), same engine as 02-trust-boundaries.mmd.
  Convention: solid = required, dashed = optional configuration.

Five research agents (competitor format sweep, legacy mine, OCU value
articulation, OCU-vs-Wide-Moat boundary, diagram-format advisor)
synthesised in docs/future-architecture/research/SUMMARY-layer4.md.
Key agreed decisions:

- OCU is the central box; Wide-Moat is mentioned once as the opinionated
  bundle that ships OCU + peers (n8n, Open WebUI) as one curated stack
  but is not required for OCU to be useful.
- Siblings are an open class: any MCP-speaking peer is a first-class
  integration; REST is a fallback. n8n and Open WebUI are examples in
  the bundle, not the definition of "sibling."
- The §02 §3 actor table stays the single source of truth — Layer 4
  cross-references it instead of duplicating, then adds an "optionality"
  column the actor table did not need at Layer 3.
- LLM upstream is NOT a separate actor on Layer 4 — it is one of the
  MCP-speaking peers (model-neutral by construction). Customer object
  store is not an actor either — §02 line 45 already classifies it as
  an outbound endpoint behind the egress policy, not a contract-bearing
  actor. No backport to §02 §3 needed.
- Preamble framing (Why OCU): practitioner-first value-creation
  ("build automations once, delegate, scale across a team without
  leaving the safety boundary"), with model-neutrality via MCP as the
  integration property. Not TPRM-first, not moat-intersection.

Diagram engine: plain Mermaid flowchart with the project palette
verbatim from 02-trust-boundaries.mmd. Rejected alternatives:
Mermaid C4Context (upstream-experimental, palette divergence),
C4-PlantUML (no GitHub-native render).

Open question §6 #1 (Wide-Moat bundling status for n8n + Open WebUI on
next/v1) tracked at #154. The integration shape is locked here; the
packaging decision is not Layer 4's job.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* docs(architecture): apply Layer 4 review batch (13 fixes from 4 reviewers)

Four reviewers (gsd-code-reviewer, gsd-plan-checker, cross-architectural
coherence, competitor comparison) converged on one load-bearing defect
plus 12 follow-ups. Verdict matrix: 2 Error / 4 Warning / 7 Info.

Errors (block merge):

1. LLM upstream as inbound MCP peer — three reviewers caught it.
   §02 trust-boundaries:45 explicitly classifies LLM upstream as an
   outbound endpoint behind the egress policy ("not actors against our
   contracts"), and 02-trust-boundaries.mmd:13 draws it as a separate
   outbound node. Listing it inside the inbound PEER node label put two
   opposing semantics on the same name. Fix: drop "LLM upstream" from
   the PEER node label and from the §4 actor-row example list. The
   §41 paragraph remains the canonical mention.

2. AI-guardrail anchor pointed at §02 §6 (Data classification taxonomy);
   the ownership statement lives in §02 §2 zone 4 / §7. Repointed to
   §2 zone 4 so the link lands where the claim actually lives.

Warnings:

3. SIEM edge was solid in c4-context.mmd:35, but SIEM is :::extOpt
   (dashed-border optional). Layer 4's own header convention says
   "solid border = required; dashed border = optional configuration".
   The Layer 3 diagram already draws it dashed. Fixed.

4. "Layer 6" forward references in three places (doc §2 / §3 + diagram
   BOX node). Layer 6 does not exist as an artifact. Reworded to
   "Internal decomposition is out of scope at this layer" + dropped
   the pointer line from the diagram BOX node.

5. BOX node carried three lines of internal description that duplicated
   §1 prose. Collapsed to a single role-line
   "Open Computer Use / in-perimeter agent-execution platform".

6. §1 first sentence opened with value-prop voice ("users build
   automations once, delegate them to agents..."). Replaced with a
   scope declaration; the practitioner framing remains in §01
   audience-and-buyer where it belongs.

Info / polish:

7. Palette claim in §3 named all four colors (red / amber / green /
   blue) but the diagram only uses red + green. Weakened claim to
   "red-untrusted / green-trusted convention; amber and blue from the
   trust-boundary diagram do not apply at the Context level".

8. Added solo-install callout in §3: "the solid / dashed split makes
   the one-click solo-install path visible at a glance".

9. SIEM Role cell rephrased to "OCSF v1.x event bridge consumed by the
   customer's SIEM" for voice consistency with other customer-* rows.

10. Dropped repetitive `02-trust-boundaries.md §3` link from each actor
    row (the preamble already pins the actor table to §02 §3). Renamed
    column to "NFR anchor"; em-dash where no NFR anchor exists.

11. Operator edge in diagram now labelled `PAM-JIT SAML attr / NFR-COMP-29`
    matching 02-trust-boundaries.mmd:47.

12. PEER edge label simplified to `MCP authz spec / audience-validated`
    matching the Layer 3 wording.

13. Added compliance pointer after the actor table: "Regulator citations
    and measurable targets for each row land in manifesto/02-nfrs.md".

14. Added footnote tracing master-plan `agent user` → folded behind
    `MCP-speaking peer` (humans drive OCU only through an MCP-speaking
    peer; direct human-to-OCU UI is a v1 non-goal).

Length 58 lines (≤80 budget). Banned vocab grep clean.
ai-slop-detector OK. No new ASCII diagrams.

Glossary additions (MCP-speaking peer, REST fallback, Wide-Moat
opinionated bundle) and a few cross-doc reconciliations (NFR-FLEX-14 vs
REST fallback wording, Layer 3 SOAR edge dashed-vs-solid) deliberately
deferred to a follow-up PR — not Layer 4 scope.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* docs(architecture): layer 4 v2-review batch (W-01 + 3 polish)

W-01 — IdP optionality row: rewrite to two-clause form mirroring SIEM
("optional on minimal shelf (local auth fallback) — required on
full-capability shelf"); resolves doc/diagram mismatch where doc said
"required on full shelf" but .mmd drew IDP dashed.

I-01 — Trim .mmd palette comment: list only colors actually used at
Context level (red, green); amber/blue carve-out already explained in
§3 prose.

I-03 — Bind "regulated-enterprise" term once in §1 (CLAUDE.md default
audience term) so a cold reader knows what flavor of customer
"customer's existing IdP" means.

I-05 — Drop "Master-plan agent user" phrasing (term not defined
anywhere in architecture tree); rewrite as plain "humans drive OCU only
through an MCP-speaking peer" sentence.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* docs(architecture): layer 4 review batch — reconcile operator-auth + dashed-border convention

Follow-up to W-01, which fixed the IdP row's optionality but left two
internal contradictions the prior fix surfaced.

R-01 — Operator-auth path on the minimal shelf. The Operator row was
required everywhere via a "SAML-asserted attribute", but W-01 made the
IdP optional on the minimal shelf — leaving the required operator with no
SAML issuer, and the implied "local auth fallback" forbidden by
NFR-FLEX-03 (no in-house user table). Give the Operator row the two-clause
form: host-rooted local credential on the minimal shelf, short-lived
SAML-asserted attribute on the full shelf. Drop the undefined "local auth
fallback" phrase from the IdP row; the operator-credential story now lives
on the row that owns it.

R-02 — Dashed-border convention vs IdP. The §3 convention read "every
dashed-border actor is opt-in for the full-capability shelf", but IdP is
dashed yet required on the full shelf. Rebind the convention to the real
axis: solid = present on the minimal shelf; dashed = not on the minimal
shelf by default. Per-actor optionality stays in the §4 table. IdP and
SOAR edges switched to dashed to match their dashed nodes; OPER edge label
de-SAML'd to match the dual-credential row.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant