diff --git a/.github/scripts/test_app_answer_release_release_prep.py b/.github/scripts/test_app_answer_release_release_prep.py index 30f1704..b5ec370 100644 --- a/.github/scripts/test_app_answer_release_release_prep.py +++ b/.github/scripts/test_app_answer_release_release_prep.py @@ -24,9 +24,7 @@ README = ROOT / "README.md" CHANGELOG = ROOT / "CHANGELOG.md" MAKEFILE = ROOT / "Makefile" -PYTHON_INIT = ROOT / "python/ethos_pdf/__init__.py" NPM_PACKAGE = ROOT / "packages/npm/ethos-pdf/package.json" -CARGO_TOML = ROOT / "Cargo.toml" SOURCE_SHORT = "d386568" SOURCE_COMMIT = "d386568ef680f36f4a395543b21d34d2b17baccb" @@ -150,9 +148,22 @@ def test_product_boundary_and_non_approvals_remain_explicit(self) -> None: for private in PRIVATE_PATH_MARKERS: self.assertNotIn(private, raw) - def test_current_public_install_surfaces_are_not_bumped(self) -> None: - self.assertIn('version = "0.2.0"', read(CARGO_TOML)) - self.assertIn('__version__ = "0.2.0"', read(PYTHON_INIT)) + def test_prep_packet_does_not_itself_perform_release_actions(self) -> None: + record = normalized(RECORD) + + for required in [ + "This prep record does not approve a version bump.", + "This prep record does not create a release-candidate branch.", + "This prep record does not approve `cargo publish`.", + "This prep record does not approve PyPI upload.", + "This prep record does not approve `npm publish`.", + "This prep record does not upload CLI artifacts.", + "This prep record does not approve installable `0.3.0` public wording.", + "This prep record does not approve DocuShell integration.", + ]: + self.assertIn(required, record) + + def test_current_public_install_surfaces_remain_on_published_baseline(self) -> None: self.assertIn('"version": "0.2.1"', read(NPM_PACKAGE)) self.assertIn("cargo add ethos-doc-core@0.2.0", read(README)) self.assertIn("python3 -m pip install ethos-pdf==0.2.0", read(README)) diff --git a/.github/scripts/test_python_public_api_policy.py b/.github/scripts/test_python_public_api_policy.py index 3d3e833..7611c35 100644 --- a/.github/scripts/test_python_public_api_policy.py +++ b/.github/scripts/test_python_public_api_policy.py @@ -40,10 +40,12 @@ "ParseTimeoutError", "PdfiumNotFoundError", "anchor", + "app_answer_release_decision", "crop_element", "parse_pdf_json", "parse_pdf_markdown", "parse_pdf_text", + "proof_summary", "verify", ) diff --git a/.github/scripts/test_v0_3_0_release_approval_decision.py b/.github/scripts/test_v0_3_0_release_approval_decision.py new file mode 100644 index 0000000..a181357 --- /dev/null +++ b/.github/scripts/test_v0_3_0_release_approval_decision.py @@ -0,0 +1,163 @@ +#!/usr/bin/env python3 +# +# Copyright 2026 The Ethos maintainers +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# + +from __future__ import annotations + +import re +import unittest +from pathlib import Path + +from makefile_guard import target_block +from validation_record_source import assert_record_source_binding + + +ROOT = Path(__file__).resolve().parents[2] +RECORD = ROOT / "docs/validation/v0-3-0-release-approval-decision-validation-2026-07-01.md" +REQUEST = ROOT / "docs/validation/app-answer-release-contract-release-prep-validation-2026-07-01.md" +VALIDATION_README = ROOT / "docs/validation/README.md" +EXECUTION_STATUS = ROOT / "docs/execution-status.md" +PUBLIC_RELEASE_CHECKLIST = ROOT / "docs/public-release-checklist.md" +MAKEFILE = ROOT / "Makefile" + +SOURCE_SHORT = "57e3821" +SOURCE_COMMIT = "57e3821b63b119ee6ca8e52322ddde2fb05dde66" +SOURCE_TREE = "7fd3dd7bcd4d8b503483a06752fdc5e5cb587695" +REQUEST_SOURCE_COMMIT = "d386568ef680f36f4a395543b21d34d2b17baccb" +REQUEST_SOURCE_TREE = "5891ab9c1e2fb4a9094d3d52c59ec57630aa871f" +VERSION = "0.3.0" +CRATES = ("ethos-doc-core", "ethos-verify", "ethos-pdf") +PRIVATE_PATH_MARKERS = ( + "/" + "Users/", + "/" + "private/tmp", + "/" + "private/var", + "/" + "var/folders", + "saumil" + "diwaker", + "Desktop/" + "Stuff", + "project/repo/" + "ethos", +) + + +def read(path: Path) -> str: + return path.read_text(encoding="utf-8") + + +def normalized(path: Path) -> str: + return re.sub(r"\s+", " ", read(path)) + + +class V030ReleaseApprovalDecisionTests(unittest.TestCase): + def test_decision_record_is_source_bound_and_indexed(self) -> None: + raw = read(RECORD) + record = normalized(RECORD) + + assert_record_source_binding( + self, + root=ROOT, + raw_record=raw, + normalized_record=record, + validated_head=SOURCE_SHORT, + source_label="v0.3.0 release approval decision", + source_commit=SOURCE_COMMIT, + source_tree=SOURCE_TREE, + ) + + for path in (VALIDATION_README, EXECUTION_STATUS, PUBLIC_RELEASE_CHECKLIST): + text = normalized(path) + self.assertIn(RECORD.name, text, str(path)) + self.assertIn("v0.3.0 release approval decision", text.lower(), str(path)) + self.assertIn("remain blocked", text, str(path)) + + def test_decision_accepts_exact_app_answer_release_prep_packet(self) -> None: + record = normalized(RECORD) + + self.assertIn(REQUEST.name, record) + self.assertIn( + "Decision: accept the exact app-answer-release contract release-prep packet for `0.3.0` " + "release-candidate source activation.", + record, + ) + self.assertIn( + f"Approval request source commit accepted by this decision: `{REQUEST_SOURCE_COMMIT}`", + record, + ) + self.assertIn( + f"Approval request source tree accepted by this decision: `{REQUEST_SOURCE_TREE}`", + record, + ) + self.assertIn("continue on `dev/v0-3-approval-packet`", record) + + def test_decision_accepts_exact_scope_without_publication(self) -> None: + raw = read(RECORD) + record = normalized(RECORD) + lower = record.lower() + + self.assertIn(f"Exact target version accepted by this decision: `{VERSION}`", record) + for crate in CRATES: + self.assertIn(f"`{crate} = {VERSION}`", record) + self.assertIn("VerificationReport::proof_summary()", record) + self.assertIn("derive_app_answer_release_decision(...)", record) + self.assertIn("`ethos-pdf==0.3.0`", record) + self.assertIn("keep npm out of scope by default", record) + self.assertIn("`@docushell/ethos-pdf@0.2.1` remains the current public CLI binary", record) + self.assertIn("does not approve a Node API, Node SDK, N-API binding, WASM package", record) + self.assertIn("keep GitHub Release CLI artifact publication out of scope by default", record) + self.assertIn("release tag `v0.3.0` and package tags remain blocked", record) + + for forbidden in ( + "cargo publish approved", + "crates are published", + "pypi upload approved", + "npm publish approved", + "github release approved", + "tag creation approved", + "installable `0.3.0` public wording approved", + "ethos verified the complete answer", + ): + self.assertNotIn(forbidden, lower) + for private in PRIVATE_PATH_MARKERS: + self.assertNotIn(private, raw) + + def test_approved_candidate_work_is_source_metadata_only(self) -> None: + record = normalized(RECORD) + + for expected in ( + "bump Rust workspace/package dependency versions from `0.2.0` to `0.3.0`", + "bump Python metadata and `ethos_pdf.__version__` from `0.2.0` to `0.3.0`", + "leave npm `@docushell/ethos-pdf` metadata at `0.2.1`", + "add `docs/v0-3-0-release-prep.md`", + "keep public install commands on the current published `0.2.0` Rust/Python and `0.2.1` npm surfaces", + ): + self.assertIn(expected, record) + self.assertIn("This decision record does not run `cargo publish`.", record) + self.assertIn("This decision record does not approve installable `0.3.0` public wording.", record) + self.assertIn("This decision record does not approve DocuShell integration.", record) + + def test_product_boundary_is_citation_grounding_not_answer_verification(self) -> None: + record = normalized(RECORD) + + self.assertIn("Ethos owns citation grounding and derived proof summaries.", record) + self.assertIn("Applications own question relevance labels.", record) + self.assertIn("Applications own source-fact, synthesis, and unsupported-claim labels.", record) + self.assertIn("Applications own final, review, and blocked answer-release policy.", record) + self.assertIn("Ethos verified citation grounding.", record) + self.assertIn("Answer relevance: direct, partial, or off-topic.", record) + + def test_v0_3_release_prep_runs_decision_guard_before_activation_guard(self) -> None: + makefile = read(MAKEFILE) + decision_guard = "$(PYTHON) .github/scripts/test_v0_3_0_release_approval_decision.py" + activation_guard = "$(PYTHON) .github/scripts/test_v0_3_0_version_activation.py" + claims = "$(PYTHON) .github/scripts/claims_gate.py" + block = target_block("v0-3-release-prep") + + self.assertIn(decision_guard, block) + self.assertEqual(1, makefile.count(decision_guard)) + self.assertLess(block.index(decision_guard), block.index(activation_guard)) + self.assertLess(block.index(activation_guard), block.index(claims)) + + +if __name__ == "__main__": + unittest.main() diff --git a/.github/scripts/test_v0_3_0_version_activation.py b/.github/scripts/test_v0_3_0_version_activation.py new file mode 100644 index 0000000..8645a0c --- /dev/null +++ b/.github/scripts/test_v0_3_0_version_activation.py @@ -0,0 +1,193 @@ +#!/usr/bin/env python3 +# +# Copyright 2026 The Ethos maintainers +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# + +from __future__ import annotations + +import json +import re +import unittest +from pathlib import Path + +from makefile_guard import target_block +from validation_record_source import assert_record_source_binding + + +ROOT = Path(__file__).resolve().parents[2] +RECORD = ROOT / "docs/validation/v0-3-0-version-activation-validation-2026-07-01.md" +VALIDATION_README = ROOT / "docs/validation/README.md" +EXECUTION_STATUS = ROOT / "docs/execution-status.md" +PUBLIC_RELEASE_CHECKLIST = ROOT / "docs/public-release-checklist.md" +MAKEFILE = ROOT / "Makefile" +README = ROOT / "README.md" +CLAIMS = ROOT / "docs/public-boundary-claims.json" +INSTALL_WORDING_SURFACES = ( + ROOT / "README.md", + ROOT / "python/README.md", + ROOT / "python/QUICKSTART.md", + ROOT / "packages/npm/ethos-pdf/README.md", + ROOT / "packages/npm/ethos-pdf/QUICKSTART.md", + ROOT / "crates/ethos-core/README.md", + ROOT / "crates/ethos-verify/README.md", + ROOT / "crates/ethos-pdf/README.md", + ROOT / "adapters/grounding/opendataloader-json/README.md", +) +CARGO = ROOT / "Cargo.toml" +CARGO_LOCK = ROOT / "Cargo.lock" +CLI_CARGO = ROOT / "crates/ethos-cli/Cargo.toml" +PYPROJECT = ROOT / "pyproject.toml" +PYTHON_INIT = ROOT / "python/ethos_pdf/__init__.py" +NPM_PACKAGE = ROOT / "packages/npm/ethos-pdf/package.json" + +SOURCE_SHORT = "57e3821" +SOURCE_COMMIT = "57e3821b63b119ee6ca8e52322ddde2fb05dde66" +SOURCE_TREE = "7fd3dd7bcd4d8b503483a06752fdc5e5cb587695" +VERSION = "0.3.0" +RUST_PYTHON_PUBLIC_BASELINE = "0.2.0" +NPM_PUBLIC_BASELINE = "0.2.1" +RELEASE_CANDIDATE_SENTENCE = ( + "v0.3.0 source versions are activated for app-answer-release contract validation." +) +FORBIDDEN_INSTALL_WORDING = ( + "cargo add ethos-doc-core@0.3.0", + "cargo add ethos-verify@0.3.0", + "cargo add ethos-pdf@0.3.0", + "python3 -m pip install ethos-pdf==0.3.0", + "npm install -g @docushell/ethos-pdf@0.3.0", +) +PRIVATE_PATH_MARKERS = ( + "/" + "Users/", + "/" + "private/tmp", + "/" + "private/var", + "/" + "var/folders", + "saumil" + "diwaker", + "Desktop/" + "Stuff", + "project/repo/" + "ethos", +) + + +def read(path: Path) -> str: + return path.read_text(encoding="utf-8") + + +def normalized(path: Path) -> str: + return re.sub(r"\s+", " ", read(path)) + + +class V030VersionActivationTests(unittest.TestCase): + def test_record_is_source_bound_and_indexed(self) -> None: + raw = read(RECORD) + record = normalized(RECORD) + + assert_record_source_binding( + self, + root=ROOT, + raw_record=raw, + normalized_record=record, + validated_head=SOURCE_SHORT, + source_label="v0.3.0 version activation", + source_commit=SOURCE_COMMIT, + source_tree=SOURCE_TREE, + ) + + for path in (VALIDATION_README, EXECUTION_STATUS, PUBLIC_RELEASE_CHECKLIST): + text = normalized(path) + self.assertIn(RECORD.name, text, str(path)) + self.assertIn("v0.3.0 version activation", text.lower(), str(path)) + self.assertIn("remain blocked", text, str(path)) + + def test_rust_and_python_versions_are_activated_without_npm_bump(self) -> None: + cargo = read(CARGO) + cli = read(CLI_CARGO) + lock = read(CARGO_LOCK) + npm = json.loads(read(NPM_PACKAGE)) + + self.assertIn(f'version = "{VERSION}"', cargo) + self.assertIn(f'ethos-core = {{ package = "ethos-doc-core", path = "crates/ethos-core", version = "{VERSION}"', cargo) + self.assertIn(f'ethos-layout = {{ path = "crates/ethos-layout", version = "{VERSION}" }}', cargo) + self.assertIn(f'ethos-tables = {{ path = "crates/ethos-tables", version = "{VERSION}" }}', cargo) + self.assertIn(f'ethos-pdf = {{ path = "../ethos-pdf", version = "{VERSION}" }}', cli) + self.assertIn(f'ethos-verify = {{ path = "../ethos-verify", version = "{VERSION}" }}', cli) + self.assertIn( + f'ethos-grounding-opendataloader-json = {{ path = "../../adapters/grounding/opendataloader-json", version = "{VERSION}" }}', + cli, + ) + self.assertGreaterEqual(lock.count(f'version = "{VERSION}"'), 7) + self.assertIn(f'version = "{VERSION}"', read(PYPROJECT)) + self.assertIn(f'__version__ = "{VERSION}"', read(PYTHON_INIT)) + self.assertEqual(NPM_PUBLIC_BASELINE, npm["version"]) + + def test_public_install_commands_remain_on_current_published_baseline(self) -> None: + readme = read(README) + claims = json.loads(read(CLAIMS))["surfaces"]["readme"]["claims"] + joined_claims = "\n".join(claims) + + for expected in ( + f"cargo add ethos-doc-core@{RUST_PYTHON_PUBLIC_BASELINE}", + f"cargo add ethos-verify@{RUST_PYTHON_PUBLIC_BASELINE}", + f"cargo add ethos-pdf@{RUST_PYTHON_PUBLIC_BASELINE}", + f"python3 -m pip install ethos-pdf=={RUST_PYTHON_PUBLIC_BASELINE}", + f"npm install -g @docushell/ethos-pdf@{NPM_PUBLIC_BASELINE}", + ): + self.assertIn(expected, readme) + self.assertIn(expected, joined_claims) + + for forbidden in FORBIDDEN_INSTALL_WORDING: + self.assertNotIn(forbidden, readme) + self.assertNotIn(forbidden, joined_claims) + for path in INSTALL_WORDING_SURFACES: + self.assertNotIn(forbidden, read(path), str(path)) + + def test_activation_record_declares_release_candidate_wording_only(self) -> None: + record = normalized(RECORD) + + self.assertIn(RELEASE_CANDIDATE_SENTENCE, record) + self.assertIn("No `0.3.0` registry install wording is approved", record) + self.assertIn("npm remains at `0.2.1`", record) + self.assertIn("not a Node API or Node SDK", record) + + def test_boundaries_remain_closed(self) -> None: + raw = read(RECORD) + record = normalized(RECORD) + + for phrase in ( + "does not approve a release", + "does not approve a tag", + "does not approve package publish", + "does not approve npm publish", + "does not approve PyPI publish", + "does not approve crates.io publish", + "does not approve a GitHub Release artifact", + "does not approve public installation wording for `0.3.0`", + "does not approve npm CLI alignment", + "does not approve hosted surfaces", + "does not approve production positioning", + "does not approve Windows packaged artifacts", + "does not approve bundled project-maintained PDFium builds", + "does not approve public benchmark claims", + "does not approve `ethos-doc`", + "does not approve `ethos-rag`", + "does not approve DocuShell integration", + ): + self.assertIn(phrase, record) + for private in PRIVATE_PATH_MARKERS: + self.assertNotIn(private, raw) + + def test_v0_3_release_prep_runs_activation_guard_after_decision_guard(self) -> None: + makefile = read(MAKEFILE) + decision_guard = "$(PYTHON) .github/scripts/test_v0_3_0_release_approval_decision.py" + activation_guard = "$(PYTHON) .github/scripts/test_v0_3_0_version_activation.py" + claims = "$(PYTHON) .github/scripts/claims_gate.py" + block = target_block("v0-3-release-prep") + + self.assertIn(activation_guard, block) + self.assertEqual(1, makefile.count(activation_guard)) + self.assertLess(block.index(decision_guard), block.index(activation_guard)) + self.assertLess(block.index(activation_guard), block.index(claims)) + + +if __name__ == "__main__": + unittest.main() diff --git a/CHANGELOG.md b/CHANGELOG.md index 9a31be7..dfb1969 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,15 @@ ## Unreleased +- boundary-exception: activate v0.3.0 release-candidate source versions for Rust workspace and + Python package metadata while keeping npm at `0.2.1` and keeping `cargo publish`, PyPI upload, + npm publish, GitHub Release artifact publication, release/package tags, installable `0.3.0` + wording, hosted, production, Windows, bundled PDFium, benchmark, `ethos-doc`, `ethos-rag`, and + DocuShell integration blocked. +- boundary-exception: record decider approval for v0.3.0 app-answer-release release-candidate + source activation while keeping package publication, artifact publication, tag creation, npm + alignment, installable `0.3.0` wording, hosted, production, Windows, bundled PDFium, benchmark, + `ethos-doc`, `ethos-rag`, and DocuShell integration blocked pending separate evidence records. - boundary-exception: record app-answer-release contract release-prep packet for decider review while keeping version bump, package publication, tag creation, artifact publication, installable `0.3.0` wording, npm publication, hosted, production, Windows, bundled PDFium, diff --git a/Cargo.lock b/Cargo.lock index f574da7..e6bd618 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -193,7 +193,7 @@ dependencies = [ [[package]] name = "ethos-cli" -version = "0.2.0" +version = "0.3.0" dependencies = [ "clap", "ethos-doc-core", @@ -210,7 +210,7 @@ dependencies = [ [[package]] name = "ethos-doc-core" -version = "0.2.0" +version = "0.3.0" dependencies = [ "proptest", "serde", @@ -221,7 +221,7 @@ dependencies = [ [[package]] name = "ethos-grounding-opendataloader-json" -version = "0.2.0" +version = "0.3.0" dependencies = [ "ethos-doc-core", "serde", @@ -230,14 +230,14 @@ dependencies = [ [[package]] name = "ethos-layout" -version = "0.2.0" +version = "0.3.0" dependencies = [ "ethos-doc-core", ] [[package]] name = "ethos-pdf" -version = "0.2.0" +version = "0.3.0" dependencies = [ "ethos-doc-core", "serde", @@ -246,14 +246,14 @@ dependencies = [ [[package]] name = "ethos-tables" -version = "0.2.0" +version = "0.3.0" dependencies = [ "ethos-doc-core", ] [[package]] name = "ethos-verify" -version = "0.2.0" +version = "0.3.0" dependencies = [ "ethos-doc-core", "serde", diff --git a/Cargo.toml b/Cargo.toml index f33353d..14777f0 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,7 +15,7 @@ members = [ ] [workspace.package] -version = "0.2.0" +version = "0.3.0" edition = "2021" rust-version = "1.87" license = "Apache-2.0" @@ -36,9 +36,9 @@ tempfile = "3" proptest = "1" # internal -ethos-core = { package = "ethos-doc-core", path = "crates/ethos-core", version = "0.2.0", default-features = false } -ethos-layout = { path = "crates/ethos-layout", version = "0.2.0" } -ethos-tables = { path = "crates/ethos-tables", version = "0.2.0" } +ethos-core = { package = "ethos-doc-core", path = "crates/ethos-core", version = "0.3.0", default-features = false } +ethos-layout = { path = "crates/ethos-layout", version = "0.3.0" } +ethos-tables = { path = "crates/ethos-tables", version = "0.3.0" } [profile.release] # Footprint discipline for the G2 gate (≤ 30 MB installed): strip + LTO + size-lean codegen. diff --git a/Makefile b/Makefile index 356638d..b1e89e6 100644 --- a/Makefile +++ b/Makefile @@ -13,7 +13,7 @@ COMPARE_RENDERED_CROPS_LEFT ?= $(VERIFY_RENDERED_CROPS_OUT)/run1 COMPARE_RENDERED_CROPS_RIGHT ?= $(VERIFY_RENDERED_CROPS_OUT)/run2 LAYOUT_EVALUATOR_OUT ?= $(ROOT)/target/layout-evaluator-alpha -.PHONY: verify-alpha verify-alpha-tree rag-chunk-alpha security-report-alpha evidence-anchor-v1-contract milestone-d-verify-citations-contract milestone-d-crop-element-contract milestone-d-sandbox-subprocess-contract milestone-d-internal-contracts milestone-e-prep release-candidate-prep v0-2-release-prep light-check package-publication-dry-run-smoke verify-rendered-crops compare-rendered-crops layout-evaluator-alpha python-surface-test milestone-b-internal-checks milestone-c-internal-checks release-hygiene release-advisory third-party-license-manifest release-notice-draft +.PHONY: verify-alpha verify-alpha-tree rag-chunk-alpha security-report-alpha evidence-anchor-v1-contract milestone-d-verify-citations-contract milestone-d-crop-element-contract milestone-d-sandbox-subprocess-contract milestone-d-internal-contracts milestone-e-prep release-candidate-prep v0-2-release-prep v0-3-release-prep light-check package-publication-dry-run-smoke verify-rendered-crops compare-rendered-crops layout-evaluator-alpha python-surface-test milestone-b-internal-checks milestone-c-internal-checks release-hygiene release-advisory third-party-license-manifest release-notice-draft .PHONY: milestone-d-capability-downgrade-contract .PHONY: milestone-d-opendataloader-adapter-shape-contract .PHONY: milestone-d-grounding-source-contract @@ -83,6 +83,19 @@ app-answer-release-release-prep: $(PYTHON) .github/scripts/test_ci_workflow.py git diff --check +v0-3-release-prep: + cargo test --locked --workspace + $(MAKE) app-answer-release-contract PYTHON=$(PYTHON) + $(PYTHON) .github/scripts/test_python_public_api_policy.py + $(PYTHON) .github/scripts/test_app_answer_release_release_prep.py + $(PYTHON) .github/scripts/test_v0_3_0_release_approval_decision.py + $(PYTHON) .github/scripts/test_v0_3_0_version_activation.py + $(PYTHON) .github/scripts/test_validation_record_source.py + $(PYTHON) .github/scripts/test_public_surface_posture.py + $(PYTHON) .github/scripts/claims_gate.py + $(PYTHON) .github/scripts/public_boundary_claims_gate.py + git diff --check + milestone-d-verify-citations-contract: cargo test --locked -p ethos-cli --test verify $(PYTHON) schemas/validate_examples.py diff --git a/crates/ethos-cli/Cargo.toml b/crates/ethos-cli/Cargo.toml index 301ea48..f5de23a 100644 --- a/crates/ethos-cli/Cargo.toml +++ b/crates/ethos-cli/Cargo.toml @@ -17,9 +17,9 @@ path = "src/main.rs" ethos-core = { workspace = true, features = ["full", "crop-element"] } ethos-layout = { workspace = true } ethos-tables = { workspace = true } -ethos-pdf = { path = "../ethos-pdf", version = "0.2.0" } -ethos-verify = { path = "../ethos-verify", version = "0.2.0" } -ethos-grounding-opendataloader-json = { path = "../../adapters/grounding/opendataloader-json", version = "0.2.0" } +ethos-pdf = { path = "../ethos-pdf", version = "0.3.0" } +ethos-verify = { path = "../ethos-verify", version = "0.3.0" } +ethos-grounding-opendataloader-json = { path = "../../adapters/grounding/opendataloader-json", version = "0.3.0" } clap = { workspace = true } serde = { workspace = true } serde_json = { workspace = true } diff --git a/docs/execution-status.md b/docs/execution-status.md index 00e1cd1..4463060 100644 --- a/docs/execution-status.md +++ b/docs/execution-status.md @@ -1,16 +1,34 @@ # Ethos Execution Status -Date: 2026-06-25 +Date: 2026-07-01 Owner: product / decider -Status: v0.2.0 public beta/evaluation surfaces are live for the GitHub source repository; Rust library crates `ethos-doc-core`, `ethos-verify`, and `ethos-pdf` at `0.2.0`; the Python `ethos-pdf` wheel at `0.2.0`; npm `@docushell/ethos-pdf@0.2.1`; and GitHub Release `v0.2.0` macOS arm64/Linux x64 CLI artifacts. npm `@docushell/ethos-pdf@0.2.0` is deprecated because it shipped stale CLI binaries that reported `ethos 0.1.2`; use `0.2.1`. PDFium-backed commands use caller-provided PDFium through `ETHOS_PDFIUM_LIBRARY_PATH`. Hosted surfaces, production positioning, Windows packaged artifacts, bundled project-maintained PDFium builds, public benchmark reports, public benchmark claims, speed, footprint, parser-quality, table-quality, `ethos-doc`, and `ethos-rag` remain blocked. +Status: v0.2.0 public beta/evaluation surfaces are live for the GitHub source repository; Rust library crates `ethos-doc-core`, `ethos-verify`, and `ethos-pdf` at `0.2.0`; the Python `ethos-pdf` wheel at `0.2.0`; npm `@docushell/ethos-pdf@0.2.1`; and GitHub Release `v0.2.0` macOS arm64/Linux x64 CLI artifacts. npm `@docushell/ethos-pdf@0.2.0` is deprecated because it shipped stale CLI binaries that reported `ethos 0.1.2`; use `0.2.1`. v0.3.0 release-candidate source metadata is active in the repository for app-answer-release validation only; no public `0.3.0` install wording, publication, artifact, tag, npm alignment, or DocuShell integration is approved. PDFium-backed commands use caller-provided PDFium through `ETHOS_PDFIUM_LIBRARY_PATH`. Hosted surfaces, production positioning, Windows packaged artifacts, bundled project-maintained PDFium builds, public benchmark reports, public benchmark claims, speed, footprint, parser-quality, table-quality, `ethos-doc`, and `ethos-rag` remain blocked. + +v0.3.0 release approval decision is recorded in +`docs/validation/v0-3-0-release-approval-decision-validation-2026-07-01.md`. It accepts the exact +app-answer-release contract release-prep packet and authorizes source activation on +`dev/v0-3-approval-packet` for Rust and Python metadata only. Package publication, tag creation, +artifact publication, npm alignment, installable `0.3.0` wording, hosted surfaces, production +positioning, Windows packaged artifacts, bundled project-maintained PDFium builds, public +benchmark claims, `ethos-doc`, `ethos-rag`, and DocuShell integration remain blocked until +separate evidence records and operator decisions pass. + +v0.3.0 version activation is recorded in +`docs/validation/v0-3-0-version-activation-validation-2026-07-01.md`. Rust workspace/package +metadata, internal path-dependency pins, `Cargo.lock`, Python package metadata, and +`ethos_pdf.__version__` now point to `0.3.0` for app-answer-release candidate validation. npm +remains at `0.2.1`, and public install commands remain on the current published `0.2.0` +Rust/Python and `0.2.1` npm surfaces until publication, registry/artifact availability, smoke +evidence, and wording closeout records pass. App-answer-release contract release prep is recorded in `docs/validation/app-answer-release-contract-release-prep-validation-2026-07-01.md` for decider review only. It binds the merged app-release source surfaces, proposes `0.3.0` for review, and -keeps version bump, package publication, tag creation, artifact publication, installable `0.3.0` -wording, npm publication, hosted surfaces, production positioning, Windows packaged artifacts, -bundled project-maintained PDFium builds, public benchmark claims, `ethos-doc`, `ethos-rag`, and -DocuShell integration blocked pending explicit approval and later evidence records. +feeds the later v0.3.0 approval and activation records. Package publication, tag creation, +artifact publication, installable `0.3.0` wording, npm publication, hosted surfaces, production +positioning, Windows packaged artifacts, bundled project-maintained PDFium builds, public +benchmark claims, `ethos-doc`, `ethos-rag`, and DocuShell integration remain blocked pending later +evidence records. Historical baseline before v0.2.0 closeout: Public beta evaluation was approved for the GitHub source repository; the three bounded Rust library crates `ethos-doc-core`, `ethos-verify`, and `ethos-pdf` at `0.1.2`; the Python `ethos-pdf` wheel at `0.1.2`; the npm `@docushell/ethos-pdf` CLI package at `0.1.2`; and the GitHub Release `v0.1.2` macOS arm64 and Linux x64 CLI artifacts. Internal Milestone D source-only closeout remains complete, with Milestone E prep source-only closeout recorded for the internal prep boundary. Week 0 governance is accepted, WS-ENGINE Phase 1 has a real narrow PDFium path, WS-VERIFY-ALPHA has real deterministic evidence checks over native Ethos JSON and pinned OpenDataLoader output, WS-HARNESS has fail-closed readiness scaffolding, the Gate Zero corpus/hardware manifest and direct competitor lock are frozen/signed, ADR-0005 records an accepted `PROCEED` decision for internal Milestone B continuation, ADR-0006 closes package identifier/trademark validation, ADR-0007 locks the product direction, and patch `0.1.1` plus patch `0.1.2` publication/install wording closeouts are recorded for the approved evaluation surfaces. The exact historical public sentence approved for source, Rust crate, Python wheel, npm package, macOS arm64 CLI artifact, and Linux x64 CLI artifact evaluation surfaces was: "Ethos is a deterministic document evidence layer for source-grounded verification and citation checking across native Ethos JSON and supported foreign parser outputs. The current beta includes the GitHub source repository, Rust library crates `ethos-doc-core`, `ethos-verify`, and `ethos-pdf` at `0.1.2`, the Python `ethos-pdf` wheel at `0.1.2`, the npm `@docushell/ethos-pdf@0.1.2` package, and GitHub Release `v0.1.2` macOS arm64/Linux x64 CLI artifacts. PDFium-backed commands use caller-provided PDFium through `ETHOS_PDFIUM_LIBRARY_PATH`." Milestone C has a source-tree internal artifact-validation closeout for the RAG chunk and security-report trust-loop checks. Milestone D has a source-tree internal source-only closeout recorded in `docs/validation/milestone-d-final-closeout-validation-2026-06-19.md`; the narrow `verify_citations` v1 contract in `docs/milestone-d-verify-citations-contract.md` remains carried by the existing `ethos verify` path and fixture-backed validation. The D `crop_element` v1 contract in `docs/milestone-d-crop-element-contract.md` is carried by the source-bound `ethos crop_element` CLI command plus existing `ethos verify --crop-dir` evidence artifacts; `ethos-core::crop_element` validates request identity, resolves one native document element, and emits descriptor/rendered crop metadata for that source-only contract when caller-provided source PDF bytes are bound. The `sandbox_subprocess` v1 contract in `docs/milestone-d-sandbox-subprocess-contract.md` classifies existing PDF worker-process timeout, memory-limit, stable-error, and diagnostics-gated stderr behavior without adding hardened sandbox rules. The first Milestone E prep boundary is recorded in `docs/milestone-e-prep-scope.md`, the internal fixture-candidate inventory is recorded in `docs/milestone-e-fixture-candidates.json`, internal fixture-promotion criteria are recorded in `docs/milestone-e-fixture-promotion-criteria.json`, the internal trust-loop walkthrough plan is recorded in `docs/milestone-e-internal-trust-loop-walkthrough.json`, the internal trust-loop use protocol is recorded in `docs/milestone-e-internal-trust-loop-use-protocol.json`, the internal trust-loop rehearsal/evidence matrix is recorded in `docs/milestone-e-internal-trust-loop-rehearsal-evidence-matrix.json`, and the internal trust-loop blocker ledger is recorded in `docs/milestone-e-internal-trust-loop-blocker-ledger.json`; these E prep JSON artifacts are schema-validated by `schemas/validate_examples.py` and only identify tracked trust-loop fixture candidates, internal promotion criteria, internal walkthrough sequencing, source-checkout rules for internal use, internal evidence-lane rehearsal planning, blocked-output alignment, evidence-lane alignment, diagnostic-boundary alignment, promotion-status alignment at `not_promoted_beyond_internal_fixture_planning`, source-status alignment at `source-only-pre-alpha-internal-milestone-e-prep`, applies-to binding alignment across current E source artifacts, required-before alignment for current readiness gates including `make milestone-e-prep remains green`, validation-record source-head alignment for each `Validated source HEAD before this record` line, and explicit blocker tracking that does not resolve or soften blockers. The Milestone E prep source-only closeout is recorded in `docs/validation/milestone-e-final-closeout-validation-2026-06-20.md` and does not resolve or soften blockers outside the approved public beta evaluation surfaces. Hosted surfaces, production positioning, Windows packaged artifacts, bundled project-maintained PDFium builds, `ethos-doc`, `ethos-rag`, public benchmark reports, public benchmark claims, and all speed/footprint/parser-quality/table-quality/production claims remain blocked. The controlled-run handoff remains `docs/gate-zero-evidence-runbook.md`; the accepted decision record is `docs/decisions/ADR-0005-gate-zero-decision.md`. diff --git a/docs/public-release-checklist.md b/docs/public-release-checklist.md index bed968d..a2221b3 100644 --- a/docs/public-release-checklist.md +++ b/docs/public-release-checklist.md @@ -12,17 +12,34 @@ macOS arm64 and Linux x64 CLI artifacts. npm `@docushell/ethos-pdf@0.2.0` is dep it shipped stale CLI binaries that reported `ethos 0.1.2`; use `0.2.1`. Hosted surfaces, production positioning, Windows packaged artifacts, bundled project-maintained PDFium builds, public benchmark reports, public benchmark claims, speed, footprint, parser-quality, table-quality, -`ethos-doc`, and `ethos-rag` remain blocked. +`ethos-doc`, and `ethos-rag` remain blocked. v0.3.0 release-candidate source metadata is active in +the repository for app-answer-release validation only; no public `0.3.0` install wording, +publication, artifact, tag, npm alignment, or DocuShell integration is approved. + +v0.3.0 release approval decision is recorded in +`docs/validation/v0-3-0-release-approval-decision-validation-2026-07-01.md`. It accepts the exact +app-answer-release contract prep packet and authorizes release-candidate source activation on +`dev/v0-3-approval-packet` for Rust and Python metadata only. It does not approve package +publication, tag creation, artifact publication, npm alignment, installable `0.3.0` wording, +hosted surfaces, production positioning, Windows packaged artifacts, bundled project-maintained +PDFium builds, public benchmark claims, `ethos-doc`, `ethos-rag`, or DocuShell integration. + +v0.3.0 version activation is recorded in +`docs/validation/v0-3-0-version-activation-validation-2026-07-01.md`. It moves Rust workspace +metadata, Rust internal path-dependency pins, `Cargo.lock`, Python package metadata, and +`ethos_pdf.__version__` to `0.3.0` for app-answer-release candidate validation only. npm remains at +`0.2.1`, and public install commands remain on the current published `0.2.0` Rust/Python and +`0.2.1` npm surfaces until separate publication, smoke, and wording closeout records pass. App-answer-release contract release prep is recorded in `docs/validation/app-answer-release-contract-release-prep-validation-2026-07-01.md` for decider review only. It proposes `0.3.0` for review, lists the merged contract/schema/helper/demo surfaces, -and requests Rust, Python, npm, CLI artifact, and tag decisions. It does not approve version bump, -package publication, tag creation, artifact publication, installable `0.3.0` wording, npm -publication, hosted surfaces, production positioning, Windows packaged artifacts, bundled -project-maintained PDFium builds, public benchmark reports, public benchmark claims, `ethos-doc`, -`ethos-rag`, or DocuShell integration. Those actions remain blocked pending explicit approval and -later evidence records. +and requests Rust, Python, npm, CLI artifact, and tag decisions. The later v0.3.0 approval and +activation records supersede only the source-version blocker; package publication, tag creation, +artifact publication, installable `0.3.0` wording, npm publication, hosted surfaces, production +positioning, Windows packaged artifacts, bundled project-maintained PDFium builds, public +benchmark reports, public benchmark claims, `ethos-doc`, `ethos-rag`, and DocuShell integration +remain blocked pending later evidence records. v0.2.0 release approval request is recorded in `docs/validation/v0-2-0-release-approval-request-validation-2026-06-25.md` for decider review diff --git a/docs/v0-3-0-release-prep.md b/docs/v0-3-0-release-prep.md new file mode 100644 index 0000000..703a52f --- /dev/null +++ b/docs/v0-3-0-release-prep.md @@ -0,0 +1,120 @@ +# Ethos v0.3.0 Release Preparation + +Status: release-candidate source activation record. This document does not approve `cargo +publish`, PyPI upload, `npm publish`, GitHub Release creation, package tags, release tags, CLI +artifact publication, DocuShell integration, or public `0.3.0` installability wording. + +Canonical preparation sentence: + +> v0.3.0 source versions are activated for app-answer-release contract validation. + +The release promise being prepared is narrow: + +> Ethos verifies citation grounding and derives proof summaries. Applications decide question +> relevance, source-fact versus synthesis labels, unsupported-claim labels, and final/review/blocked +> answer release policy. + +## Included Preparation Scope + +- Rust `ethos-doc-core` app-answer-release helpers: + `VerificationReport::proof_summary()` and `derive_app_answer_release_decision(...)`. +- Rust `ethos-verify` and `ethos-pdf` as the existing lockstep public Rust crate set for the + source candidate. +- Python `ethos-pdf==0.3.0` metadata for `proof_summary(...)` and + `app_answer_release_decision(...)`. +- App-answer-release schema and example artifacts. +- Runnable app-answer-release demo showing final, review, and blocked release decisions. +- Release-candidate docs and validation guards for the contract boundary. + +## Explicit Non-Scope + +- LLM judging; +- DocuShell UI work; +- semantic answer verification by Ethos; +- parser-quality claims; +- broad answer correctness claims; +- Node API, Node SDK, N-API, or WASM bindings; +- npm CLI alignment release; +- hosted service; +- production/SaaS claims; +- public benchmark or performance claims; +- project-managed bundled PDFium; +- Windows packaged binaries; +- public GA for `ethos-doc` or `ethos-rag`. + +## Release Sequence + +### 1. Accept The Contract Prep Packet + +The accepted prep packet is +`docs/validation/app-answer-release-contract-release-prep-validation-2026-07-01.md`. It binds the +merged contract, schema, Rust helper, Python helper, docs, demo, and guard commands. + +### 2. Activate Source Metadata + +The `v0.3.0` source activation changes only release-candidate source metadata: + +- bump Rust workspace/package dependency versions from `0.2.0` to `0.3.0`; +- bump Python metadata and `ethos_pdf.__version__` from `0.2.0` to `0.3.0`; +- leave npm `@docushell/ethos-pdf` at the current public CLI package baseline `0.2.1`; +- keep public install commands on the current published `0.2.0` Rust/Python and `0.2.1` npm + surfaces; +- add source-bound approval and activation validation records. + +### 3. Run The Source Gate + +Run: + +```bash +make v0-3-release-prep PYTHON=python3 +``` + +The target runs the workspace Rust test suite, app-answer-release contract guard, Python public +surface checks, 0.3.0 approval and activation guards, public posture checks, claims gates, and +diff hygiene. + +### 4. Gather Package Evidence Before Any Publication Decision + +Before any public package or artifact decision, record exact evidence for the surfaces that are in +scope: + +- Rust crate package/dry-run evidence for `ethos-doc-core`, `ethos-verify`, and `ethos-pdf` at + `0.3.0`. +- Python wheel build/install/helper smoke evidence for `ethos-pdf==0.3.0`. +- CLI artifact evidence only if the release scope later includes CLI artifacts. +- npm package evidence only if a later decision explicitly includes npm CLI alignment. + +### 5. Flip Public Install Wording Only After Closeout + +Only after registry/artifact availability and smoke closeout records pass, update public install +wording to `0.3.0` and rerun: + +```bash +python3 .github/scripts/claims_gate.py +python3 .github/scripts/public_boundary_claims_gate.py +``` + +## Product Boundary + +Ethos does not certify a complete answer. The app-answer-release contract proves a narrower path: + +```text +Ethos proof summary ++ app-labeled claims ++ question relevance ++ synthesis/source-fact labels += final / review / blocked answer-release decision +``` + +Safe product wording remains: + +```text +Ethos verified citation grounding. +Answer relevance: direct, partial, or off-topic. +``` + +## DocuShell Integration Boundary + +DocuShell should integrate against this demo pattern only after a release closeout or an explicit +source-dependency decision. The integration should keep retrieval citations, raw model output, +verified claims, app labels, and the final answer-release decision separate. diff --git a/docs/validation/README.md b/docs/validation/README.md index 5d7bc47..06c950b 100644 --- a/docs/validation/README.md +++ b/docs/validation/README.md @@ -10,13 +10,31 @@ in `docs/public-release-checklist.md`. Records: +v0.3.0 release approval decision is recorded in +`v0-3-0-release-approval-decision-validation-2026-07-01.md`. It accepts the exact +app-answer-release contract release-prep packet and authorizes source activation on +`dev/v0-3-approval-packet` for the `0.3.0` Rust workspace and Python package metadata only. +Package publication, tag creation, artifact publication, npm alignment, installable `0.3.0` +wording, hosted surfaces, production positioning, Windows packaged artifacts, bundled +project-maintained PDFium builds, `ethos-doc`, `ethos-rag`, public benchmark claims, and +DocuShell integration remain blocked until separate evidence records and operator decisions pass. + +v0.3.0 version activation is recorded in +`v0-3-0-version-activation-validation-2026-07-01.md`. It moves Rust workspace/package metadata, +internal path-dependency pins, `Cargo.lock`, Python metadata, and `ethos_pdf.__version__` to +`0.3.0` for app-answer-release candidate validation only. npm remains at `0.2.1`; public install +commands remain on the current published `0.2.0` Rust/Python and `0.2.1` npm surfaces. Package +publication, tag creation, artifact publication, npm alignment, installable `0.3.0` wording, and +DocuShell integration remain blocked. + App-answer-release contract release prep is recorded in `app-answer-release-contract-release-prep-validation-2026-07-01.md` for decider review only. It binds the merged source commit and tree, proposed `0.3.0` target version for review, app-release source surfaces, package-surface decisions, product boundary wording, non-approvals, retained -blockers, and guard commands. Version bump, package publication, tag creation, artifact -publication, installable `0.3.0` wording, npm publication, and DocuShell integration remain -blocked pending explicit approval and later evidence records. +blockers, and guard commands. The later v0.3.0 approval and activation records supersede only the +source-version blocker; package publication, tag creation, artifact publication, installable +`0.3.0` wording, npm publication, and DocuShell integration remain blocked pending later evidence +records. v0.2.0 publication closeout is recorded in `v0-2-0-publication-closeout-validation-2026-06-25.md`. It records crates.io publication for diff --git a/docs/validation/v0-3-0-release-approval-decision-validation-2026-07-01.md b/docs/validation/v0-3-0-release-approval-decision-validation-2026-07-01.md new file mode 100644 index 0000000..529773b --- /dev/null +++ b/docs/validation/v0-3-0-release-approval-decision-validation-2026-07-01.md @@ -0,0 +1,184 @@ +# v0.3.0 Release Approval Decision Validation - 2026-07-01 + +Validated source HEAD before this record: `57e3821`. + +v0.3.0 release approval decision source commit: +`57e3821b63b119ee6ca8e52322ddde2fb05dde66`. + +v0.3.0 release approval decision source tree: +`7fd3dd7bcd4d8b503483a06752fdc5e5cb587695`. + +Status: **v0.3.0 release approval decision recorded; release-candidate source activation may +begin on `dev/v0-3-approval-packet`; package publication, tag creation, artifact publication, +npm alignment, installable wording, and DocuShell integration remain blocked** + +This record accepts the exact app-answer-release contract release-prep packet after decider +instruction on 2026-07-01 to prepare `0.3.0` and start release-candidate work. It authorizes +release-candidate source metadata activation on `dev/v0-3-approval-packet` only. It does not run +`cargo publish`, publish any crate, upload to PyPI, run `npm publish`, create a GitHub Release, +upload CLI artifacts, create release tags, create package tags, change installable public wording, +approve hosted surfaces, approve production positioning, approve Windows packaged artifacts, +approve bundled project-maintained PDFium builds, approve `ethos-doc`, approve `ethos-rag`, +approve public benchmark reports or claims, or approve DocuShell integration. + +## Subject + +- Repository: `docushell/ethos` +- Lane: v0.3.0 app-answer-release release-candidate approval decision +- Approval owner: `docushell-admin` +- Approval request record: + `docs/validation/app-answer-release-contract-release-prep-validation-2026-07-01.md` +- Approval request source commit accepted by this decision: + `d386568ef680f36f4a395543b21d34d2b17baccb` +- Approval request source tree accepted by this decision: + `5891ab9c1e2fb4a9094d3d52c59ec57630aa871f` +- Approval decision source commit: + `57e3821b63b119ee6ca8e52322ddde2fb05dde66` +- Approval decision source tree: + `7fd3dd7bcd4d8b503483a06752fdc5e5cb587695` + +## Exact Decision Fields + +- Decision: accept the exact app-answer-release contract release-prep packet for `0.3.0` + release-candidate source activation. +- Approver: `docushell-admin` acting as decider. +- Operator: `docushell-admin`. +- Closeout owner: `docushell-admin`. +- Date: 2026-07-01. +- Branch decision: continue on `dev/v0-3-approval-packet` as the release-candidate source + activation branch. +- Exact target version accepted by this decision: `0.3.0`. +- Exact Rust crate set accepted by this decision: + - `ethos-doc-core = 0.3.0`; + - `ethos-verify = 0.3.0`; + - `ethos-pdf = 0.3.0`. +- Exact Rust app-release decision accepted by this decision: ship + `VerificationReport::proof_summary()` and `derive_app_answer_release_decision(...)` through the + `ethos-doc-core` `verify-types` feature as the deterministic reference path for the public Rust + helper. +- Exact Python decision accepted by this decision: activate Python source metadata for + `ethos-pdf==0.3.0` so the package can carry `proof_summary(...)` and + `app_answer_release_decision(...)`. The package name remains historical; this decision does not + add a parser-quality claim, a hosted API, or a pure-Python document parser. +- Exact npm decision accepted by this decision: keep npm out of scope by default. + `@docushell/ethos-pdf@0.2.1` remains the current public CLI binary distribution package. This + decision does not approve a Node API, Node SDK, N-API binding, WASM package, npm metadata bump, + npm vendor refresh, or `npm publish`. +- Exact CLI artifact decision accepted by this decision: keep GitHub Release CLI artifact + publication out of scope by default. A full lockstep CLI artifact release requires a later + explicit decision and artifact evidence. +- Exact tag decision accepted by this decision: release tag `v0.3.0` and package tags remain + blocked until separate publication/smoke evidence and closeout records pass. + +## Approved Release-Candidate Work + +After this decision record is recorded, release-candidate work may begin on +`dev/v0-3-approval-packet` with only these changes: + +- bump Rust workspace/package dependency versions from `0.2.0` to `0.3.0`; +- bump Python metadata and `ethos_pdf.__version__` from `0.2.0` to `0.3.0`; +- leave npm `@docushell/ethos-pdf` metadata at `0.2.1`; +- add `docs/v0-3-0-release-prep.md`; +- finalize `CHANGELOG.md` release-candidate entries; +- update validation indexes for approval and source activation records; +- keep public install commands on the current published `0.2.0` Rust/Python and `0.2.1` npm + surfaces. + +## Product Boundary + +The accepted app-answer-release lane keeps these ownership lines: + +- Ethos owns citation grounding and derived proof summaries. +- Applications own question relevance labels. +- Applications own source-fact, synthesis, and unsupported-claim labels. +- Applications own final, review, and blocked answer-release policy. + +Safe product wording remains: + +```text +Ethos verified citation grounding. +Answer relevance: direct, partial, or off-topic. +``` + +This decision does not approve complete-answer verification wording. + +## Required Checks Before Publication Decisions + +The release-candidate tree must pass: + +```sh +make v0-3-release-prep PYTHON=python3 +``` + +Rust package dry-runs, Python wheel evidence, CLI artifact evidence, npm artifact evidence, release +tag creation, package tag creation, and public install wording each require separate records before +any operator publication action. + +## Non-Actions + +- This decision record does not run `cargo publish`. +- This decision record does not publish any crate. +- This decision record does not upload to PyPI. +- This decision record does not publish any Python distribution. +- This decision record does not run `npm publish`. +- This decision record does not publish any npm package. +- This decision record does not create a GitHub Release. +- This decision record does not upload CLI artifacts. +- This decision record does not create a release tag. +- This decision record does not create package tags. +- This decision record does not approve installable `0.3.0` public wording. +- This decision record does not approve a Node API, Node SDK, N-API binding, or WASM package. +- This decision record does not approve hosted surfaces. +- This decision record does not approve production positioning. +- This decision record does not approve Windows packaged artifacts. +- This decision record does not approve bundled project-maintained PDFium builds. +- This decision record does not approve public benchmark reports. +- This decision record does not approve public benchmark claims. +- This decision record does not approve `ethos-doc`. +- This decision record does not approve `ethos-rag`. +- This decision record does not approve DocuShell integration. + +## Retained Blockers + +- `cargo publish` remains blocked until release-candidate dry-runs pass and a separate operator + publication decision is recorded. +- PyPI upload remains blocked until deterministic wheel evidence and a separate operator + publication decision pass. +- npm metadata bump, npm vendor refresh, and `npm publish` remain blocked until a separate npm + scope decision and package evidence pass. +- GitHub Release `v0.3.0` CLI artifact publication remains blocked until a separate CLI/artifact + scope decision, artifact evidence, and operator decision pass. +- Release tag and package tag creation remain blocked until explicit closeout evidence passes. +- Installable `0.3.0` public wording remains blocked until registry/artifact availability and + smoke closeout records pass. +- Hosted surfaces remain blocked. +- Production positioning remains blocked. +- Public benchmark reports remain blocked. +- Public benchmark claims remain blocked. +- Windows packaged artifacts remain blocked. +- Bundled project-maintained PDFium builds remain blocked. +- `ethos-doc` remains blocked. +- `ethos-rag` remains blocked. +- DocuShell integration remains blocked until `0.3.0` closeout or an explicit source-dependency + decision is recorded. + +## Commands + +```sh +python3 .github/scripts/test_v0_3_0_release_approval_decision.py +python3 .github/scripts/test_app_answer_release_release_prep.py +python3 .github/scripts/claims_gate.py +python3 .github/scripts/public_boundary_claims_gate.py +make v0-3-release-prep PYTHON=python3 +git diff --check +``` + +## Result + +```text +v0.3.0 release approval decision recorded +Release-candidate source activation may begin on dev/v0-3-approval-packet for Rust and Python +source metadata only +Package publication, tag creation, artifact publication, npm alignment, installable wording, and +DocuShell integration remain blocked pending separate evidence records and operator decisions +``` diff --git a/docs/validation/v0-3-0-version-activation-validation-2026-07-01.md b/docs/validation/v0-3-0-version-activation-validation-2026-07-01.md new file mode 100644 index 0000000..b50d05a --- /dev/null +++ b/docs/validation/v0-3-0-version-activation-validation-2026-07-01.md @@ -0,0 +1,90 @@ +# v0.3.0 Version Activation Validation - 2026-07-01 + +Validated source HEAD before this record: `57e3821`. + +v0.3.0 version activation source commit: +`57e3821b63b119ee6ca8e52322ddde2fb05dde66`. + +v0.3.0 version activation source tree: +`7fd3dd7bcd4d8b503483a06752fdc5e5cb587695`. + +Status: **v0.3.0 release-candidate source versions activated; package publication, tag creation, +artifact publication, npm alignment, installable wording, and DocuShell integration remain +blocked** + +This record activates source/package metadata for the approved `v0.3.0` app-answer-release +release-candidate lane after +`docs/validation/v0-3-0-release-approval-decision-validation-2026-07-01.md` accepted source +activation on `dev/v0-3-approval-packet`. + +## Activated Source Versions + +Rust and Python source/package metadata move to `0.3.0`: + +- Rust workspace package version and internal Rust path-dependency version pins. +- `Cargo.lock` workspace package entries. +- Python `pyproject.toml` metadata. +- Python `ethos_pdf.__version__`. + +npm remains at `0.2.1`. The npm package is still a CLI binary distribution package, not a Node API +or Node SDK, and no npm CLI alignment release is approved by this record. + +## Release-Candidate Wording + +Version-pinned public install commands remain on the current published `0.2.0` Rust/Python and +`0.2.1` npm evaluation surfaces until publication, registry/artifact availability, smoke evidence, +and wording closeout records pass. + +The allowed v0.3.0 wording is release-candidate wording only: + +> v0.3.0 source versions are activated for app-answer-release contract validation. + +No `0.3.0` registry install wording is approved until publication, registry availability, artifact +availability, and clean smoke tests are recorded. + +## Boundary + +This record does not approve a release, does not approve a tag, does not approve package publish, +does not approve npm publish, does not approve PyPI publish, does not approve crates.io publish, +does not approve a GitHub Release artifact, does not approve public installation wording for +`0.3.0`, does not approve npm CLI alignment, does not approve a Node API, Node SDK, N-API binding, +or WASM package, does not approve hosted surfaces, does not approve production positioning, does +not approve Windows packaged artifacts, does not approve bundled project-maintained PDFium builds, +does not approve public benchmark reports, does not approve public benchmark claims, does not +approve speed, footprint, parser-quality, table-quality, or production claims, does not approve +`ethos-doc`, does not approve `ethos-rag`, and does not approve DocuShell integration. + +## Required Before Any Public 0.3.0 Install Wording + +- Build and smoke exact `0.3.0` source/package candidates from the version-activated source commit. +- Record exact Rust crate package artifacts and dependency ordering for `0.3.0`. +- Record exact Python wheel artifacts and helper smoke evidence for `ethos-pdf==0.3.0`. +- Record CLI artifact evidence only if a later decision includes CLI artifacts. +- Record npm evidence only if a later decision explicitly includes npm CLI alignment. +- Re-run public posture, claims, license/NOTICE, private-path, and source-binding checks after any + public-facing install wording changes. +- Record manual operator evidence for any credentialed publish or GitHub Release action. + +## Validation Commands + +```sh +cargo test --locked --workspace +make app-answer-release-contract PYTHON=python3 +python3 .github/scripts/test_v0_3_0_version_activation.py +python3 .github/scripts/test_v0_3_0_release_approval_decision.py +python3 .github/scripts/test_app_answer_release_release_prep.py +python3 .github/scripts/test_public_surface_posture.py +python3 .github/scripts/claims_gate.py +python3 .github/scripts/public_boundary_claims_gate.py +make v0-3-release-prep PYTHON=python3 +git diff --check +``` + +## Result + +```text +v0.3.0 release-candidate source versions activated +Rust and Python metadata now point to 0.3.0 for app-answer-release candidate validation +npm remains at 0.2.1 and public install commands remain on the current published baseline until +separate publication, smoke, and closeout records pass +``` diff --git a/pyproject.toml b/pyproject.toml index 408c17d..8fa6788 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta" [project] name = "ethos-pdf" -version = "0.2.0" +version = "0.3.0" description = "Python wrapper for the Ethos document evidence CLI." readme = "python/README.md" requires-python = ">=3.8" diff --git a/python/ethos_pdf/__init__.py b/python/ethos_pdf/__init__.py index fcfea07..a8d5614 100644 --- a/python/ethos_pdf/__init__.py +++ b/python/ethos_pdf/__init__.py @@ -37,7 +37,7 @@ verify, ) -__version__ = "0.2.0" +__version__ = "0.3.0" __all__ = [ "EthosCli",