Conversation
…3 blockers + standing lifecycle-truth rule Post-PR-22B hygiene per approved plan. One tight commit, no code changes. CHANGELOG.md — new [Unreleased] section: - summary of PR-22A + PR-22B structural repair - data-integrity note on the lifecycle-bridge authority-mapping bug: pre-PR-22B `observePlan`/`mapAuthority` switches silently hit default arms because of UPPERCASE-vs-lowercase comparison. Between v1.98 and the merge of PR-22B (#482), any lifecycle-telemetry consumer saw `PreserveAuthority`/`AuthorityNone` regardless of real decision. Kernel behavior + install_state + update-history unaffected — only the lifecycle bridge's external reporting surface. Forensic interpretation of pre-PR-22B lifecycle output should treat the authority decision as "unknown," not "preserve." internal/installer/uninstall/contract.md — two new sections: 1. Standing lifecycle-truth rule: codifies the merge-discipline constraint — no new lifecycle code may bypass the shared authority predicate, history gate, or dry-run contract. Enumerates the five concrete requirements that every new lifecycle PR must respect, and points at the CI gates that should catch bypass attempts. 2. Pre-PR-23 blockers: explicit table of the six follow-up PRs that must land before PR-23 (uninstall mutation) can start: (1) prior-authority record hardening (2) external-firewall detection unification (3) kernel/service snapshot CI gate (4) exec-trace CI gate (5) auto-elevate shim removal gate (6) payload integrity minimum checks Plus the Phase 3 gating rule: verification audit after items 1-6 land, with three focused questions, no exploratory scope. No code changes. No behavior changes. Institutional-memory commit. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Contributor
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Scanned FilesNone |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Post-PR-22B hygiene per approved plan. One tight commit, no code changes.
CHANGELOG.md — new `[Unreleased]` section
`internal/installer/uninstall/contract.md` — two new sections
1. Standing lifecycle-truth rule
Codifies the merge-discipline constraint approved at PR-22B merge:
Enumerates the five concrete requirements every new lifecycle PR must respect, and points at the CI gates that should catch bypass attempts.
2. Pre-PR-23 blockers
Explicit table of the six follow-up PRs that must land before PR-23 (uninstall mutation) can start:
Plus the Phase 3 gating rule: verification audit after items 1–6 land, with three focused questions, no exploratory scope.
Non-goals
Institutional-memory commit only.
Test plan
🤖 Generated with Claude Code