|
| 1 | +# IX-HapticSight Release Checklist |
| 2 | + |
| 3 | +This checklist defines the minimum release gate for the upgraded IX-HapticSight repository. |
| 4 | + |
| 5 | +Its purpose is to prevent the repo from drifting into a polished-looking but weakly supported release. |
| 6 | +A release should only move forward when the repository can answer, in a disciplined way: |
| 7 | + |
| 8 | +- what changed |
| 9 | +- what was tested |
| 10 | +- what evidence exists |
| 11 | +- what claims are still intentionally limited |
| 12 | +- whether the docs, code, and benchmark artifacts still agree |
| 13 | + |
| 14 | +This checklist is written for repository releases, not for certification or deployment approval. |
| 15 | + |
| 16 | +--- |
| 17 | + |
| 18 | +## 1. Scope of This Checklist |
| 19 | + |
| 20 | +This checklist applies to repository releases such as: |
| 21 | + |
| 22 | +- tagged milestone releases |
| 23 | +- pre-release candidates |
| 24 | +- major architecture release cuts |
| 25 | +- benchmark/evidence updates that materially change repo claims |
| 26 | + |
| 27 | +It does **not** imply: |
| 28 | +- production approval |
| 29 | +- regulatory acceptance |
| 30 | +- deployment readiness |
| 31 | +- HIL evidence sufficiency |
| 32 | +- human-subjects approval |
| 33 | +- medical or therapeutic suitability |
| 34 | + |
| 35 | +Those are outside the current scope of this repo. |
| 36 | + |
| 37 | +--- |
| 38 | + |
| 39 | +## 2. Release Philosophy |
| 40 | + |
| 41 | +A release should be blocked if any of the following are true: |
| 42 | + |
| 43 | +- docs say one thing and code says another |
| 44 | +- benchmarks are stale relative to runtime behavior |
| 45 | +- the event/replay story is broken |
| 46 | +- safety-related claims got stronger without stronger evidence |
| 47 | +- important paths are untested |
| 48 | +- author/license/repo identity details are inconsistent |
| 49 | +- the README overstates maturity |
| 50 | + |
| 51 | +The release standard is not: |
| 52 | +“it seems fine.” |
| 53 | + |
| 54 | +The release standard is: |
| 55 | +- consistent |
| 56 | +- testable |
| 57 | +- traceable |
| 58 | +- bounded |
| 59 | +- honest |
| 60 | + |
| 61 | +--- |
| 62 | + |
| 63 | +## 3. Repository Identity Checks |
| 64 | + |
| 65 | +Before release: |
| 66 | + |
| 67 | +- [ ] Repository name, project name, and core terminology are internally consistent. |
| 68 | +- [ ] Author attribution is correct everywhere. |
| 69 | +- [ ] License file and license references match the intended release posture. |
| 70 | +- [ ] There are no stale author-name remnants or conflicting ownership strings. |
| 71 | +- [ ] The project description does not drift into broader claims than the repo supports. |
| 72 | + |
| 73 | +--- |
| 74 | + |
| 75 | +## 4. README and Docs Harmony Checks |
| 76 | + |
| 77 | +Before release: |
| 78 | + |
| 79 | +- [ ] README matches the current repository structure. |
| 80 | +- [ ] README does not claim certification, production readiness, or validated physical deployment unless evidence truly exists. |
| 81 | +- [ ] README non-claims match `ROADMAP.md`, `docs/governance/safety_case.md`, and related governance docs. |
| 82 | +- [ ] `docs/index.md` accurately points to the current documentation tree. |
| 83 | +- [ ] Benchmark docs match the current implemented benchmark modules. |
| 84 | +- [ ] HIL docs are framed as planning/evidence-prep where appropriate, not as already-achieved proof if that proof does not yet exist. |
| 85 | +- [ ] Safety docs still match current runtime and logging behavior. |
| 86 | + |
| 87 | +--- |
| 88 | + |
| 89 | +## 5. Core Code Health Checks |
| 90 | + |
| 91 | +Before release: |
| 92 | + |
| 93 | +- [ ] The protocol core under `src/ohip/` remains importable. |
| 94 | +- [ ] Runtime modules under `src/ohip_runtime/` remain importable. |
| 95 | +- [ ] Logging/replay modules under `src/ohip_logging/` remain importable. |
| 96 | +- [ ] Interface modules under `src/ohip_interfaces/` remain importable. |
| 97 | +- [ ] Benchmark modules under `src/ohip_bench/` remain importable. |
| 98 | +- [ ] No new circular-import breakage has been introduced. |
| 99 | +- [ ] No release file references modules or data shapes that no longer exist. |
| 100 | + |
| 101 | +--- |
| 102 | + |
| 103 | +## 6. Test Gate |
| 104 | + |
| 105 | +Before release: |
| 106 | + |
| 107 | +- [ ] All current unit tests pass locally. |
| 108 | +- [ ] Runtime-state tests pass. |
| 109 | +- [ ] Runtime-coordinator tests pass. |
| 110 | +- [ ] Session-store tests pass. |
| 111 | +- [ ] Runtime-config tests pass. |
| 112 | +- [ ] Event/logging/replay tests pass. |
| 113 | +- [ ] Interface-layer tests pass. |
| 114 | +- [ ] Execution-adapter tests pass. |
| 115 | +- [ ] Runtime-service tests pass. |
| 116 | +- [ ] Benchmark model/runner/reporting/catalog tests pass. |
| 117 | + |
| 118 | +Recommended release command set: |
| 119 | +- `pytest -q` |
| 120 | +- quickstart smoke |
| 121 | +- benchmark catalog smoke |
| 122 | + |
| 123 | +If a release is knowingly shipping with failing tests, that should be called out explicitly in release notes. |
| 124 | + |
| 125 | +--- |
| 126 | + |
| 127 | +## 7. Structured Logging and Replay Gate |
| 128 | + |
| 129 | +Before release: |
| 130 | + |
| 131 | +- [ ] Structured event creation still works. |
| 132 | +- [ ] JSONL event writing and reading still work. |
| 133 | +- [ ] Replay loading and slicing still work. |
| 134 | +- [ ] Event kinds documented in `docs/replay/event_log_schema.md` still exist in code. |
| 135 | +- [ ] Replay and benchmark docs do not describe capabilities that are missing in code. |
| 136 | +- [ ] Event ordering assumptions remain deterministic enough for current benchmark/replay use. |
| 137 | + |
| 138 | +This is a core credibility gate for the repo. |
| 139 | + |
| 140 | +--- |
| 141 | + |
| 142 | +## 8. Benchmark Gate |
| 143 | + |
| 144 | +Before release: |
| 145 | + |
| 146 | +- [ ] Built-in scenario catalog still loads. |
| 147 | +- [ ] Consent-path scenarios still behave as expected. |
| 148 | +- [ ] Safety-red scenario still behaves as expected. |
| 149 | +- [ ] Benchmark runner still produces structured results. |
| 150 | +- [ ] Benchmark reporting still summarizes correctly. |
| 151 | +- [ ] Benchmark docs still match the actual current catalog and metrics. |
| 152 | +- [ ] Any benchmark drift is either fixed or called out explicitly in release notes. |
| 153 | + |
| 154 | +A release should not quietly ship with benchmark semantics that have changed without explanation. |
| 155 | + |
| 156 | +--- |
| 157 | + |
| 158 | +## 9. Safety and Governance Gate |
| 159 | + |
| 160 | +Before release: |
| 161 | + |
| 162 | +- [ ] `docs/safety/invariants.md` still reflects current runtime architecture. |
| 163 | +- [ ] `docs/safety/requirements_traceability.md` is not obviously stale relative to major repo behavior. |
| 164 | +- [ ] `docs/safety/fault_handling.md` still matches current runtime fault concepts. |
| 165 | +- [ ] `docs/safety/retreat_semantics.md` still matches current stated behavior. |
| 166 | +- [ ] Privacy and threat-model docs still fit the current logging/replay/runtime direction. |
| 167 | +- [ ] The safety-case doc still accurately describes the maturity level of the repo. |
| 168 | +- [ ] Standards crosswalk language remains conservative and accurate. |
| 169 | + |
| 170 | +If the governance layer becomes stale, the repo starts losing trust fast. |
| 171 | + |
| 172 | +--- |
| 173 | + |
| 174 | +## 10. CI Gate |
| 175 | + |
| 176 | +Before release: |
| 177 | + |
| 178 | +- [ ] GitHub Actions workflow file is present and valid. |
| 179 | +- [ ] Matrix test job reflects supported Python versions. |
| 180 | +- [ ] Dependency install path is current. |
| 181 | +- [ ] Quickstart smoke step is still valid. |
| 182 | +- [ ] Benchmark catalog smoke step is still valid. |
| 183 | + |
| 184 | +A release should not claim test automation while the workflow is obviously broken. |
| 185 | + |
| 186 | +--- |
| 187 | + |
| 188 | +## 11. Evidence-Honesty Gate |
| 189 | + |
| 190 | +Before release, verify the repo is not overstating evidence. |
| 191 | + |
| 192 | +### Allowed release posture examples |
| 193 | +- reference implementation |
| 194 | +- runtime-oriented architecture |
| 195 | +- structured benchmark support |
| 196 | +- replay-capable event trail |
| 197 | +- HIL-prep documentation |
| 198 | +- bounded concept-stage safety architecture |
| 199 | + |
| 200 | +### Release-blocking overstatements |
| 201 | +- “validated physical safety” without real measured evidence |
| 202 | +- “production ready” without real operational evidence |
| 203 | +- “collaborative robot compliant” without true support |
| 204 | +- “privacy-safe by design” in a way that suggests full legal sufficiency |
| 205 | +- “hardware-proven” without actual physical artifact support |
| 206 | + |
| 207 | +If the wording gets ahead of the evidence, stop the release and fix the wording. |
| 208 | + |
| 209 | +--- |
| 210 | + |
| 211 | +## 12. Release Notes Gate |
| 212 | + |
| 213 | +Before release: |
| 214 | + |
| 215 | +- [ ] Changelog is updated. |
| 216 | +- [ ] Release notes state what changed in code, docs, benchmarks, or interfaces. |
| 217 | +- [ ] Release notes state what evidence was added, if any. |
| 218 | +- [ ] Release notes preserve non-claims where needed. |
| 219 | +- [ ] Any known limitations are still visible. |
| 220 | + |
| 221 | +Good release notes reduce confusion. |
| 222 | +Weak release notes create re-review work later. |
| 223 | + |
| 224 | +--- |
| 225 | + |
| 226 | +## 13. Recommended Release Summary Format |
| 227 | + |
| 228 | +A good release summary should include: |
| 229 | + |
| 230 | +1. **What this release is** |
| 231 | + - example: runtime-and-benchmark architecture milestone |
| 232 | + |
| 233 | +2. **What materially changed** |
| 234 | + - runtime service |
| 235 | + - structured logging |
| 236 | + - replay |
| 237 | + - interface abstractions |
| 238 | + - benchmark runner |
| 239 | + - safety/governance docs |
| 240 | + |
| 241 | +3. **What evidence exists now** |
| 242 | + - unit tests |
| 243 | + - replayable event trails |
| 244 | + - built-in deterministic scenarios |
| 245 | + |
| 246 | +4. **What still does not exist** |
| 247 | + - HIL data |
| 248 | + - real hardware validation |
| 249 | + - deployment approval |
| 250 | + |
| 251 | +This is the tone the final README should inherit. |
| 252 | + |
| 253 | +--- |
| 254 | + |
| 255 | +## 14. Release-Blocking Conditions |
| 256 | + |
| 257 | +Do **not** cut a release if any of these are true: |
| 258 | + |
| 259 | +- tests are failing in core paths without explicit release-note disclosure |
| 260 | +- README overstates maturity |
| 261 | +- docs materially contradict code |
| 262 | +- benchmark runner or catalog is broken |
| 263 | +- event/replay path is broken |
| 264 | +- author/license identity is inconsistent |
| 265 | +- core import paths are broken |
| 266 | +- release notes are missing for material changes |
| 267 | + |
| 268 | +--- |
| 269 | + |
| 270 | +## 15. Final Release Gate Question |
| 271 | + |
| 272 | +Before cutting the release, ask: |
| 273 | + |
| 274 | +> If a serious reviewer opened this repo cold, would the docs, code, tests, and benchmark story tell the same bounded and honest story? |
| 275 | +
|
| 276 | +If the answer is no, do not release yet. |
| 277 | + |
| 278 | +--- |
| 279 | + |
| 280 | +## 16. Final Rule |
| 281 | + |
| 282 | +The release should make the repository easier to trust, not merely nicer to look at. |
| 283 | + |
| 284 | +If polish increases faster than evidence, the release is not ready. |
0 commit comments