hindermath
diff --git a/‎.github/copilot-instructions.md‎
Lines changed: 11 additions & 2 deletions b/‎.github/copilot-instructions.md‎
Lines changed: 11 additions & 2 deletions
diff --git a/‎.specify/memory/constitution.md‎
Lines changed: 100 additions & 5 deletions b/‎.specify/memory/constitution.md‎
Lines changed: 100 additions & 5 deletions
diff --git a/‎.specify/templates/a11y-checklist-template.md‎
Lines changed: 58 additions & 0 deletions b/‎.specify/templates/a11y-checklist-template.md‎
Lines changed: 58 additions & 0 deletions
diff --git a/‎.specify/templates/a11y-evidence-template.md‎
Lines changed: 64 additions & 0 deletions b/‎.specify/templates/a11y-evidence-template.md‎
Lines changed: 64 additions & 0 deletions
diff --git a/‎.specify/templates/agent-parity-checklist-template.md‎
Lines changed: 52 additions & 0 deletions b/‎.specify/templates/agent-parity-checklist-template.md‎
Lines changed: 52 additions & 0 deletions
@@ -238,9 +238,18 @@ Diese Regeln gelten für alle Repositories in diesem Workspace. Projektspezifisc
 
 *Every Level-2 project MUST maintain security documents based on templates in `.specify/templates/`: threat model (STRIDE+CAPEC), S-ADRs, arc42 Section 8 security concepts, security checklist, dependency audit, security quality scenarios (SHOULD), ASVS verification (web/API MUST), supply-chain evidence (release-capable MUST), Zero Trust applicability note (distributed systems SHOULD), and SAMM assessment (long-lived projects SHOULD). Project-specific instances live in `docs/security/`; S-ADRs in `docs/security/adr/`. See `constitution.md`, Principles XII–XVIII for authoritative requirements.*
 
+## Allgemeine Architekturdokumentation / General Architecture Documentation
+
+- Bei architekturrelevanten Änderungen MUSS iSAQB/arc42-Evidenz geprüft werden: Architekturziele, Kontextsicht, Bausteinsicht, Laufzeitsicht, Deployment-Sicht, Qualitätszenarien, ADRs, Architekturrisiken und technische Schulden.
+- Standardpfad: `docs/architecture/`; ADRs als einzelne Dateien in `docs/architecture/adr/`.
+- Verwende die installierten Templates `architecture-vision-template.md`, `context-view-template.md`, `building-block-view-template.md`, `runtime-view-template.md`, `deployment-view-template.md`, `quality-scenarios-template.md`, `architecture-decision-template.md` und `architecture-risks-template.md`, sofern anwendbar.
+- Nichtanwendbarkeit immer als `N/A` mit kurzer Begründung dokumentieren; keine stillschweigende Auslassung.
+
+*Architecture-relevant changes MUST check iSAQB/arc42 evidence: architecture goals, context view, building-block view, runtime view, deployment view, quality scenarios, ADRs, architecture risks, and technical debt. Default path: `docs/architecture/`; ADRs live in `docs/architecture/adr/`. Use the installed architecture templates where applicable. Record non-applicability as `N/A` with justification rather than omitting it silently.*
+
 ## Sicherheitsstandards & Anwendbarkeit / Security Standards & Applicability
 
-- Vor jeder Level-2-Aufgabe die anwendbaren Sicherheitsstandards aus `constitution.md`, Prinzipien XIV-XVIII bestimmen und explizit benennen.
+- Vor jeder Level-2-Aufgabe die anwendbaren Sicherheitsstandards aus `constitution.md`, Prinzipien XIV-XX bestimmen und explizit benennen.
 - `NIST SSDF` und `CWE Top 25` gelten immer für Level-2-Arbeit.
 - `OWASP ASVS` gilt für Web-, API-, HTTP- und authentifizierte Dienste; der gewählte ASVS-Level muss benannt werden.
 - `SBOM` gilt für releasefähige oder verteilbare Artefakte; `VEX`, wenn bekannte Schwachstellen in ausgelieferten oder geprüften Komponenten bewertet werden müssen.
@@ -249,7 +258,7 @@ Diese Regeln gelten für alle Repositories in diesem Workspace. Projektspezifisc
 - `OWASP Cheat Sheet Series`, `OWASP Proactive Controls` und bei öffentlichen OSS-Repositories oder kritischen Abhängigkeiten `OpenSSF Scorecard` sind als ergänzende Referenzen zu berücksichtigen.
 - Nichtanwendbarkeit immer als `N/A` mit kurzer Begründung dokumentieren; keine stillschweigende Auslassung.
 
-*At the start of every Level-2 task, determine and name the applicable security standards from `constitution.md`, Principles XIV-XVIII. `NIST SSDF` and `CWE Top 25` always apply. `OWASP ASVS` applies to web/API/HTTP/auth-bearing services; `SBOM` applies to releasable or distributable artefacts; `VEX` applies when known vulnerabilities in shipped/evaluated components need a disposition statement. `SLSA` is the target model for CI/CD and published artefacts; `Zero Trust` must be explicitly evaluated for distributed, service-based, cloud, or remotely managed systems. `CAPEC`, `OWASP SAMM`, `OWASP Cheat Sheet Series`, `OWASP Proactive Controls`, and `OpenSSF Scorecard` are supporting references where relevant. Record non-applicability as `N/A` with justification rather than omitting it silently.*
+*At the start of every Level-2 task, determine and name the applicable security standards from `constitution.md`, Principles XIV-XX. `NIST SSDF` and `CWE Top 25` always apply. `OWASP ASVS` applies to web/API/HTTP/auth-bearing services; `SBOM` applies to releasable or distributable artefacts; `VEX` applies when known vulnerabilities in shipped/evaluated components need a disposition statement. `SLSA` is the target model for CI/CD and published artefacts; `Zero Trust` must be explicitly evaluated for distributed, service-based, cloud, or remotely managed systems. `CAPEC`, `OWASP SAMM`, `OWASP Cheat Sheet Series`, `OWASP Proactive Controls`, and `OpenSSF Scorecard` are supporting references where relevant. Record non-applicability as `N/A` with justification rather than omitting it silently.*
 ## Agentischer Security-Workflow / Agentic Security Workflow
 
 - In `spec.md`, `plan.md` und `tasks.md` die anwendbaren Standards samt Evidenzpfad festhalten.
 
@@ -1,16 +1,38 @@
 <!--
 Sync Impact Report
-Version change: 1.11.0 -> 1.12.0
+Version change: 1.12.0 -> 1.13.0
 Modified principles:
-- None (purely additive)
+- II. Cross-Platform Parity & Documentation (evidence templates and Bash/PowerShell discipline clarified)
+- VII. Programmierung #include<everyone> — Inclusion & Accessibility By Default (preset evidence paths, German orthography, and code-fence tagging clarified)
+- IX. Four-Agent Guidance Parity & Template Synchronization (generic preset surface model and checklist evidence clarified)
+- XIV. Secure Development Standards & Applicability Matrix (CRA applicability and general architecture evidence included)
 Added sections:
-- None
+- XX. General Software Architecture Governance (iSAQB/arc42)
 Removed sections:
 - None
 Templates requiring updates:
 - ✅ .specify/templates/plan-template.md
 - ✅ .specify/templates/spec-template.md
 - ✅ .specify/templates/tasks-template.md
+- ✅ .specify/templates/a11y-checklist-template.md
+- ✅ .specify/templates/a11y-evidence-template.md
+- ✅ .specify/templates/bilingual-content-check-template.md
+- ✅ .specify/templates/cli-a11y-review-template.md
+- ✅ .specify/templates/agent-parity-checklist-template.md
+- ✅ .specify/templates/man-page-template.md
+- ✅ .specify/templates/powershell-help-template.md
+- ✅ .specify/templates/script-parity-checklist-template.md
+- ✅ .specify/templates/architecture-vision-template.md
+- ✅ .specify/templates/context-view-template.md
+- ✅ .specify/templates/building-block-view-template.md
+- ✅ .specify/templates/runtime-view-template.md
+- ✅ .specify/templates/deployment-view-template.md
+- ✅ .specify/templates/quality-scenarios-template.md
+- ✅ .specify/templates/architecture-decision-template.md
+- ✅ .specify/templates/architecture-risks-template.md
+- ✅ .specify/templates/cra-applicability-template.md
+- ✅ .specify/templates/msl-applicability-template.md
+- ✅ .specify/templates/secure-coding-language-rules-template.md
 - ✅ .specify/templates/asvs-verification-template.md
 - ✅ .specify/templates/supply-chain-evidence-template.md
 - ✅ .specify/templates/zero-trust-applicability-template.md
@@ -26,7 +48,7 @@ Follow-up TODOs:
 - None
 -->
 
-# Constitution v1.12.0
+# Constitution v1.13.0
 
 # home-baseline Constitution
 
@@ -94,6 +116,19 @@ A new script is not considered complete until:
 
 All files MUST be committed together in the same commit.
 
+Additional script-shaped tooling evidence:
+- Script parity checklists SHOULD use `script-parity-checklist-template.md`.
+- Bash man-page skeletons SHOULD use `man-page-template.md` and live under
+  `docs/man/`.
+- PowerShell help skeletons SHOULD use `powershell-help-template.md`.
+- Bash scripts SHOULD use `set -euo pipefail` unless the script documents a
+  compatibility reason. PowerShell scripts MUST use
+  `Set-StrictMode -Version Latest`.
+- Bash scripts MUST NOT rely on Bash 4+ features unless the project documents
+  that requirement, because macOS still ships Bash 3.2 by default.
+- PowerShell scripts MUST handle an empty `$env:HOME` on Windows by falling
+  back to `$env:USERPROFILE` where a home directory is needed.
+
 **Rationale**: The workspace is used on macOS and Windows. Bash-only or PowerShell-only scripts create a second-class experience. Professional documentation ensures maintainability and ease of use across platforms.
 
 ### III. Bootstrap Automation
@@ -212,6 +247,16 @@ Mandatory rules:
 - User-facing artefacts MUST remain usable with keyboard-only interaction, screen readers, Braille displays, and text browsers.
 - Text-first fallbacks MUST be preferred for status reporting, diagrams, and operational guidance.
 - Accessibility review is part of completion, not post-processing.
+- German learner-facing text MUST keep full orthographic correctness, including
+  umlauts (`ä`, `ö`, `ü`, `Ä`, `Ö`, `Ü`) and `ß`; ASCII fallbacks such as
+  `fuer` or `loeschen` are not acceptable in user-facing prose unless a file
+  format or legacy interface cannot encode Unicode.
+- Every Markdown code block in user-facing documentation MUST carry a language
+  tag such as `bash`, `powershell`, `csharp`, or `text`.
+- Accessibility evidence SHOULD live in `docs/accessibility/` and use the
+  installed templates `a11y-checklist-template.md`,
+  `bilingual-content-check-template.md`, `cli-a11y-review-template.md`, and
+  `a11y-evidence-template.md` where applicable.
 
 **Rationale**: Inclusive delivery improves quality for everyone, reduces retrofit work, and makes the repositories usable in real assistive-technology workflows from the start.
 
@@ -241,6 +286,12 @@ Mandatory rules:
 - Any intentional deviation MUST be documented explicitly in the same change.
 - The corresponding project templates and `.specify/memory/constitution.md` MUST be updated in the same change whenever a shared principle changes.
 - Runtime guidance references in governance text MUST name all four maintained agent surfaces.
+- Projects MAY declare additional maintained agent surfaces, such as
+  `.cursorrules`, `.windsurfrules`, `JUNIE.md`, `.github/agents/*`, or
+  repository-specific prompt/rule files. Once declared, those surfaces become
+  part of the same parity requirement.
+- Changes touching shared agent guidance SHOULD complete an
+  `agent-parity-checklist-template.md` record or equivalent review note.
 
 **Rationale**: Divergent agent instructions create silent process drift. Atomic parity keeps different AI tools aligned and makes future project bootstraps inherit the same governance baseline.
 
@@ -505,6 +556,8 @@ MUST use this matrix to determine which standards apply.
 | NIST Zero Trust (SP 800-207) | Project-type-dependent | Distributed, service-based, cloud, remote-managed, or multi-device systems | Explicit applicability decision with controls or justified N/A |
 | OWASP Cheat Sheet Series / Proactive Controls | SHOULD | All developer-facing projects | Use as day-to-day implementation guidance below the constitution |
 | OpenSSF Scorecard | Project-type-dependent | Public OSS repositories or high-impact external dependencies | Review repository/dependency security posture before adoption or release |
+| EU Cyber Resilience Act (CRA) applicability | MUST | All projects; full controls for CRA-scoped products with digital elements | Record applicability or `N/A`; CRA-scoped projects maintain vulnerability handling, SBOM, and conformity evidence |
+| iSAQB/arc42 general architecture | SHOULD | Architecturally significant changes or long-lived Level-2 systems | Record architecture goals, context, views, decisions, quality scenarios, risks, or justified `N/A` |
 
 Mandatory rules:
 - Every Level-2 feature specification, plan, task list, PR, and release note
@@ -524,6 +577,11 @@ Mandatory rules:
 - Level-1 workspaces SHOULD also prefer `docs/security/` for security-governance
   evidence. If a workspace uses another governance document or directory, the
   chosen location MUST be stated in its local security index.
+- General architecture evidence SHOULD live in `docs/architecture/`, with ADRs
+  in `docs/architecture/adr/`, whenever a feature materially affects system
+  structure, interfaces, deployment, quality attributes, or maintainability.
+- CRA applicability evidence SHOULD use `cra-applicability-template.md` or an
+  equivalent note in `docs/security/` or release governance documentation.
 
 **Rationale**: Secure-development standards are often partially remembered and
 selectively applied. A binding applicability matrix keeps teams, agents, and
@@ -722,6 +780,43 @@ software placed on the EU market. Recording CRA applicability and aligning
 practices proactively reduces legal and reputational risk and builds on the
 security work already required by Principles XII–XVIII.
 
+### XX. General Software Architecture Governance (iSAQB/arc42)
+
+Software architecture MUST be treated as an explicit design artefact whenever
+changes affect structure, interfaces, quality attributes, runtime behaviour,
+deployment, or long-term maintainability. Implementation work without visible
+architecture reasoning creates hidden coupling and unreviewed technical debt.
+
+Mandatory rules:
+- Architecturally significant decisions MUST be documented as Architecture
+  Decision Records (ADRs). Security-specific decisions remain S-ADRs under
+  Principle XIII.
+- Architecture work SHOULD follow lightweight iSAQB/CPSA-F method discipline
+  and arc42-compatible documentation where it supports review, maintenance,
+  onboarding, or later change decisions.
+- Quality attributes MUST be expressed as concrete scenarios, not only as
+  generic words such as `fast`, `maintainable`, or `scalable`.
+- System context, external interfaces, building blocks, runtime behaviour, and
+  deployment constraints MUST be documented when they materially affect the
+  design.
+- Architecture risks and technical debt MUST be recorded with owner, impact,
+  mitigation, and review trigger.
+- General architecture evidence SHOULD live in `docs/architecture/`; ADRs
+  SHOULD live in `docs/architecture/adr/`.
+- Evidence SHOULD use the installed templates:
+  `architecture-vision-template.md`, `context-view-template.md`,
+  `building-block-view-template.md`, `runtime-view-template.md`,
+  `deployment-view-template.md`, `quality-scenarios-template.md`,
+  `architecture-decision-template.md`, and
+  `architecture-risks-template.md`.
+- `N/A` decisions MUST include a short rationale. Silent omission is not
+  allowed for architecturally significant work.
+
+**Rationale**: Secure architecture covers threat resistance, but long-lived
+software also needs clear general architecture reasoning. iSAQB/CPSA-F and
+arc42 provide a lightweight vocabulary for documenting structure, quality,
+risks, and decisions without turning every feature into a large design phase.
+
 ## Level-2 Project Environment Registry / Level-2-Projektumgebungsregister
 
 This registry consolidates the constitution-relevant Level-2 project facts
@@ -812,7 +907,7 @@ allowed path.
 `.github/copilot-instructions.md` for per-agent operational guidance. This
 constitution is the authoritative policy layer above all agent-specific files.
 
-**Version**: 1.12.0 | **Ratified**: 2026-03-31 | **Last Amended**: 2026-04-24
+**Version**: 1.13.0 | **Ratified**: 2026-03-31 | **Last Amended**: 2026-05-05
 
 <!-- EN: constitution.md placeholder
 [DE-Zusammenfassung: constitution.md beschreibt die Prinzipien und Standards für alle home-baseline Workspaces.]
 
@@ -0,0 +1,58 @@
+# Accessibility Checklist (WCAG 2.2 Level AA)
+
+## Scope
+
+- Feature:
+- Reviewer:
+- Date:
+- Affected artefacts (CLI, documentation, HTML, UI, generated templates):
+
+## Perceivable
+
+- Text alternatives provided for non-decorative images and diagrams
+  (1.1.1):
+- Information and relationships conveyed by structure are programmatically
+  determinable (1.3.1):
+- No information is conveyed by colour alone (1.4.1):
+- Contrast meets `4.5:1` for normal text and `3:1` for large text
+  (1.4.3):
+- Text remains readable at 200 % zoom without loss of content (1.4.4):
+
+## Operable
+
+- All functionality is keyboard accessible (2.1.1):
+- No keyboard trap (2.1.2):
+- Focus order is logical (2.4.3):
+- Focus indicator is visible (2.4.7) and not obscured (2.4.11 — WCAG 2.2):
+- Page or section title is descriptive (2.4.2):
+- Heading order is logical and not skipped (2.4.6):
+- Targets have sufficient size where applicable (2.5.8 — WCAG 2.2):
+
+## Understandable
+
+- Language of page and parts is identified where the platform supports it
+  (3.1.1 / 3.1.2):
+- Consistent navigation and identification (3.2.3 / 3.2.4):
+- Input errors are identified and described in text (3.3.1 / 3.3.3):
+- Help mechanisms remain consistent across the artefact (3.2.6 — WCAG
+  2.2):
+
+## Robust
+
+- Markup is well-formed; code blocks have explicit language tags
+  (4.1.1):
+- Names, roles, and states are programmatically available where the
+  platform supports it (4.1.2):
+- Status messages are conveyed without forcing focus (4.1.3):
+
+## Cross-References
+
+- Bilingual content check entry:
+- CLI accessibility review entry (if terminal-facing):
+- Accessibility evidence record:
+
+## Follow-Up
+
+- Open findings:
+- Required fixes and owners:
+- Re-review trigger:
@@ -0,0 +1,64 @@
+# Accessibility Evidence
+
+## Scope
+
+- Feature or document:
+- Reviewer:
+- Date:
+- Released version(s) covered:
+
+## Artefacts Reviewed
+
+- CLI:
+- Documentation:
+- HTML or UI:
+- Generated templates:
+- Error messages and logs:
+- Changelog and release notes:
+
+## Evidence by Pillar
+
+### WCAG 2.2 Level AA
+
+- Perceivable checks applied (1.x):
+- Operable checks applied (2.x):
+- Understandable checks applied (3.x):
+- Robust checks applied (4.x):
+- Tooling used (axe, Lighthouse, manual screen-reader pass, …):
+
+### Keyboard, Screen Reader, Braille
+
+- Keyboard-only walkthrough completed:
+- Screen reader walkthrough (which: VoiceOver / NVDA / Orca):
+- Braille display checked:
+
+### Text-Mode and CLI
+
+- Plain ASCII output verified:
+- `NO_COLOR=1` / `TERM=dumb` verified:
+- ASCII box-drawing tables checked for equal row width:
+
+### Bilingual Delivery
+
+- DE first, EN second confirmed:
+- Bilingual `DE / EN` headings (or `*.EN.md` companion) verified:
+- German orthography verified (umlauts and `ß`, no ASCII fallbacks):
+- CEFR-B2 readability pass completed:
+
+### Code Blocks and Diagrams
+
+- All code blocks carry a language tag:
+- ASCII diagrams have DE-first / EN-second explanations:
+- Meaningful images have alt text:
+
+## Cross-References
+
+- Accessibility checklist entry:
+- Bilingual content check entry:
+- CLI accessibility review entry:
+
+## Follow-Up
+
+- Open issues:
+- Required fixes and owners:
+- Re-review trigger (date, release, scope change):
@@ -0,0 +1,52 @@
+# Agent Parity Checklist
+
+## Scope
+
+- Change description:
+- Reviewer:
+- Date:
+- Pull request / commit reference:
+
+## Maintained Agent Surfaces
+
+List every maintained surface for this project. For each surface,
+confirm whether the shared rule landed.
+
+| Surface | Updated? | Location of the change | Notes |
+|---------|----------|------------------------|-------|
+| Primary agent guidance (name/path): | | | |
+| Additional agent guidance (name/path): | | | |
+| Additional agent guidance (name/path): | | | |
+| Additional agent guidance (name/path): | | | |
+| Project-specific guidance (name/path): | | | |
+| Project-specific guidance (name/path): | | | |
+
+## Companion Locations
+
+| Location | Updated? | Notes |
+|----------|----------|-------|
+| `.specify/memory/constitution.md` (or local equivalent) | | |
+| `.specify/templates/spec-template.md` | | |
+| `.specify/templates/plan-template.md` | | |
+| `.specify/templates/tasks-template.md` | | |
+| Agent guidance addendum template (if maintained) | | |
+| Other template (name): | | |
+
+## Intentional Deviations
+
+| Surface | What deviates | Why | Expected lifetime |
+|---------|---------------|-----|-------------------|
+| | | | |
+
+## Verification
+
+- Diffs across all surfaces compared side-by-side:
+- Bilingual delivery preserved (DE first, EN second) where applicable:
+- Wording consistent (no contradictory directives):
+- Cross-references valid (paths, anchor links, file names):
+
+## Follow-Up
+
+- Open gaps:
+- Required follow-up commits:
+- Re-verification trigger: