Skip to content

M6_RELEASE_CANDIDATE_VALIDATION.md

Latest commit

 

History

History
145 lines (115 loc) · 5.54 KB

M6_RELEASE_CANDIDATE_VALIDATION.md

File metadata and controls

145 lines (115 loc) · 5.54 KB

M6 Release-Candidate Validation

Status: current private release candidate validated; final publication pending

Date: 2026-06-07

Candidate Content

  • Revision: c7855e07c40df5220df446d81e5639c5ecc55aa5
  • Tree: e89eb71dc952ab1bc077c67c8a74f0c516f966ec
  • Product version: 0.0.1
  • Graph schema version: 1.0.0
  • Repository visibility during validation: private
  • Tags during validation: none
  • Branch: main
  • Remote ref: origin/main matched the candidate revision
  • Operator: Codex

The current candidate was validated from the maintainer worktree and from a fresh private GitHub clone outside the repository. Raw local clone paths and command logs are intentionally not recorded in maintained documentation.

This candidate includes the README sister-skill alignment pass, the agent-mediated pre-public rehearsal record, and the final pre-public GitHub/API readiness pass.

This record validates the candidate content revision above. The commit that updates this evidence record necessarily follows the validated candidate revision and should not be confused with a self-referential release-candidate proof. If maintainers choose a later content commit as the tag target, exact-candidate validation must be refreshed for that later content.

Environment

  • Primary OS: Windows with PowerShell
  • Primary runtime: Node.js v24.15.0, npm 11.6.2
  • Linux quick-check OS: WSL2 Ubuntu
  • Linux runtime: Node.js v24.16.0, npm 11.13.0
  • Tool/install scope: checked-in Claude Code and Codex installers, user and project scopes through the maintained installer matrix
  • Target shape: exact repository checkout plus disposable copied-package and fixture repositories

Automated Evidence

  • npm run check: passed from the working tree and fresh GitHub clone
  • npm run check:evals: passed from the working tree and WSL2 quick check
  • npm run check:public: passed from the working tree and fresh GitHub clone
  • npm run check:public:history: passed from the working tree and fresh GitHub clone; also passed in WSL2 quick check
  • npm run check:public:contracts: passed from the working tree and fresh GitHub clone
  • npm audit --audit-level=high: passed with zero vulnerabilities
  • CLI help for scan, render, and visualize: passed from both contexts
  • copied-package integrity check: passed through npm run check and WSL2 quick check
  • installer matrix: passed through npm run check
  • generated-map interaction smoke check: passed through npm run check
  • git diff --check: passed in the working tree
  • publishable commit identity audit: only the intended Shaelz noreply identity was present

Clean-Context Evidence

The fresh private GitHub clone matched the candidate exactly:

  • Revision: c7855e07c40df5220df446d81e5639c5ecc55aa5
  • Tree: e89eb71dc952ab1bc077c67c8a74f0c516f966ec
  • Branch: main
  • Worktree after checks: clean

Fresh-clone checks:

  • npm run check: passed
  • npm run check:public: passed
  • npm run check:public:history: passed
  • npm run check:public:contracts: passed
  • npm audit --audit-level=high: passed with zero vulnerabilities
  • CLI help for scan, render, and visualize: passed

Linux Quick Check

The WSL2 quick check used the current exact candidate checkout with Linux-native Node:

  • npm run check:public: passed
  • npm run check:public:history: passed
  • npm run check:package: passed
  • npm run check:evals: passed

The Windows fresh GitHub clone remains the authoritative clean-clone evidence for this refreshed record.

The pre-public rehearsal, public release checklist, and GitHub exposure audit are included in this exact candidate content.

Live-Fire And Visual Evidence

M5 live-fire and visual evidence still applies to this candidate. Additional medium/large pressure evidence is recorded in MEDIUM_LARGE_PRESSURE_VALIDATION.md; it validated a dispatch-sized local target, large-map guidance, graph readability, references mode, mobile layout, and copyable agent briefing behavior after the renderer polish work.

GitHub Surface Evidence

  • Repository remains private
  • Remote branch set: only main
  • Tags: none
  • Releases/assets: none
  • Issues/PRs: none
  • Actions runs/artifacts/caches: none
  • Deployments/environments: none
  • Hooks/deploy keys: none
  • Actions secrets/variables: none
  • Forks: none
  • Description, topics, Projects, merge options, and delete-branch behavior: private-safe sibling settings applied
  • Public-only security/ruleset/immutable-release features: deferred until visibility and release timing make them safe

Limitations And Decision

Known limitations:

  • macOS remains explicitly unverified.
  • Agent-mediated cold-user rehearsal is recorded in M6_PRE_PUBLIC_REHEARSAL.md; an additional external human-through-agent validation pass remains optional for maintainer acceptance.
  • Manual GitHub UI-only checks, such as social preview and package views that are unavailable to the current token, remain.
  • Public-only security, ruleset, private-vulnerability-reporting, and immutable release settings remain deferred until visibility and release timing make them safe.
  • No v1.0.0 tag or release has been created.
  • If any later content commit is selected for tagging, this exact-candidate validation must be refreshed for that content.

Release decision:

The validated candidate content is deterministic-check ready for the remaining human and publication gates. Agent-mediated cold-user rehearsal is complete, and the candidate is ready for final publication preparation, but it is not yet public-release ready because manual/public-only GitHub actions and final maintainer acceptance remain.