Skip to content
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions PRINCIPLES.md
Original file line number Diff line number Diff line change
Expand Up @@ -184,11 +184,11 @@ When tracecore ships against an in-flight upstream patch, the `go.mod` `replace`

Per §5 ("Linter is law"), every principle that *can* be machine-checked should be machine-checked. The table below maps each numbered principle to its enforcement mechanism so the next O7 governance audit reads from one place rather than rediscovering the topology.

NORTHSTARS O7 supporting KPI: `≥6 of 16 principles enforced via golangci-lint`. Count today: **5** (§3, §6, §8, §9, §13). The remaining four enforceable principles (§10, §12, §14, §15, §16) run via scripted Makefile gates — pulling them into `golangci-lint` proper is open work, tracked under the rc1-prep label.
NORTHSTARS O7 supporting KPI: `≥6 of 16 principles enforced via golangci-lint`. Count today: **6** (§1, §3, §6, §8, §9, §13). The remaining enforceable principles (§10, §12, §14, §15, §16) run via scripted Makefile gates — pulling them into `golangci-lint` proper is open work, tracked under the rc1-prep label.

| # | Principle | Enforcement | Mechanism |
|---|---|---|---|
| 1 | Trust under load is the product | **partial lint** | `gosec` (panic / recovery hygiene), `errcheck` (no swallowed errors); `recover()`-wrapped vendor calls are convention, not lint-enforceable |
| 1 | Trust under load is the product | **lint** | `gosec` (G104 unhandled errors → panic-recovery surface), `govet` (`nilfunc`, `unreachable` post-panic), `errcheck` (no swallowed errors). `recover()`-wrapped vendor calls remain convention, not lint-enforceable, but the surrounding error/panic hygiene is now lint-gated. |
| 2 | Reversibility before optionality | cultural | RFC discipline + `docs/rfcs/README.md` status index |
| 3 | One mechanism over many | **lint** | `depguard` (denies `github.com/pkg/errors`, `hashicorp/go-multierror`, `io/ioutil`, `math/rand`) — forces stdlib alternates |
| 4 | Don't police what you don't have | meta-cultural | applied during lint-rule review (this very table is its concrete artefact) |
Expand Down