Skip to content
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions scratchpad/dev.md
Original file line number Diff line number Diff line change
Expand Up @@ -2977,6 +2977,7 @@ These files are loaded automatically by compatible AI tools (e.g., GitHub Copilo
---

**Document History**:
- v9.19 (2026-06-27): Maintenance tone scan — `scratchpad/` clean (0 tone issues; the strong-marketing scan — `powerful`/`seamless`/`effortless`/`blazing`/`cutting-edge`/etc. — and the subjective-intensifier scan — `leverage`/`comprehensive`/`extensive`/`robust`/`sophisticated`/`elegant`/`deep dive`/etc. — returned no source-text matches, the only directory hits being inside this file's own Document History, which records prior fixes). Re-scanned the `specs/` directory and found it clean of strong-marketing and vague "simply/easy-to-use" language; the only intensifier matches there are the two deliberately-retained normative items in `security-architecture-spec-validation.md` — the IS-04..IS-09 MUST clause "comprehensive input sanitization" (line 84) and its paired ✅ VERIFIED status echoing that wording (line 149) — which carry normative meaning and are reserved for a spec owner (unchanged since v9.16). Also left untouched, as before: the "Production-ready security" conformance-level name in the RFC-2119 taxonomy (`security-architecture-spec.md` line 144, `-summary.md` line 22); and `replace-label-spec.md` line 383's "simply adds", which is normative prose meaning "merely adds", not marketing. No tone issues introduced since v9.18. Coverage: 63 scratchpad spec files + 10 specs files = 73 files (one more specs `.md` than v9.18's 9, all clean; the `specs/forecast-compliance-fixtures/README.md` fixture is excluded as non-spec content).
- v9.18 (2026-06-20): Maintenance tone scan — `scratchpad/` clean (0 tone issues across all 63 spec files; the strong-marketing scan and the subjective-intensifier scan — `leverage`/`comprehensive`/`robust`/`seamless`/`extensive`/`sophisticated`/`elegant`/`powerful`/etc. — returned no source-text matches, the only directory hits being `no magic` negations in `mdflow.md`/`mdflow-comparison.md` and this file's own Document History, which records prior fixes). Re-scanned the `specs/` directory and fixed 1 non-normative tone issue: `security-architecture-spec.md` (1 fix: example heading "#### Example 6: Comprehensive Sanitization"→"#### Example 6: Combined Threat Sanitization" line 1411 — the five sibling example headings (1–5) each name the specific single threat they demonstrate (`@Mention Neutralization`, `Bot Trigger Protection`, `XML/HTML Tag Conversion`, `URL Filtering and Validation`, `ANSI Escape Code Removal`); Example 6's distinguishing feature is that its input combines all of those threat types at once, so "Combined Threat" is both more specific than the subjective "Comprehensive" and consistent with the sibling naming pattern). Deliberately left untouched in `specs/` (unchanged from v9.16/v9.17): "Production-ready security" (`security-architecture-spec.md` line 144, `-summary.md` line 22) is a defined conformance-level name in the RFC-2119 taxonomy; and the two "comprehensive ... sanitization" occurrences in `security-architecture-spec-validation.md` — the IS-04..IS-09 normative MUST clause (line 84) and its paired ✅ VERIFIED status (line 149, which echoes the requirement's wording) — carry normative meaning and should be revised only by a spec owner. No new spec files since v9.17 (the only commit touching `scratchpad/`/`specs/` since then, `e1d2f30`, was an unrelated docs change). Coverage: 63 scratchpad spec files + 9 specs files = 72 files (the `specs/forecast-compliance-fixtures/README.md` fixture is excluded as non-spec content).
- v9.17 (2026-06-13): Maintenance tone scan — `scratchpad/` clean (0 tone issues across all 63 spec files; the only marketing-term matches in the directory are inside this file's own Document History, which records prior fixes, and legitimate technical usage such as code identifiers, comments, and engine names like `id: "simple"`). Re-scanned the `specs/` directory and fixed 2 non-normative tone issues that the v9.16 specs pass missed: `security-architecture-spec.md` (1 fix: "Included comprehensive appendices with examples and best practices"→"Included appendices with examples and best practices" line 1909 — a revision-summary bullet, parallel to the v9.16 `security-architecture-spec-summary.md` "8 comprehensive appendices"→"8 appendices" fix); `security-architecture-spec-validation.md` (1 fix: "provides an accurate and comprehensive formalization ... that can be confidently used for"→"provides an accurate formalization ... that can be used for" line 539 — an editorial assessment conclusion; removed the subjective "comprehensive" and the hedge "confidently" while keeping the verifiable "accurate" claim, which the preceding "All major security claims are verifiable" list supports). Deliberately left untouched in `specs/` (unchanged from v9.16): "Production-ready security" (`security-architecture-spec.md` line 144, `-summary.md` line 22) is a defined conformance-level name in the RFC-2119 taxonomy; and "comprehensive input sanitization" inside the IS-04..IS-09 MUST requirements (`security-architecture-spec-validation.md` lines 84, 149) carries normative meaning and should be revised only by a spec owner. Cache-memory at `/tmp/gh-aw/cache-memory/` was not accessible from the analysis sandbox this run; historical context was reconstructed from this Document History instead. Coverage: 63 scratchpad spec files + 9 specs files = 72 files (the `specs/forecast-compliance-fixtures/README.md` fixture is excluded as non-spec content).
- v9.16 (2026-06-06): Maintenance tone scan — `scratchpad/` clean (0 tone issues across all 64 files; the only marketing-term matches in the directory are inside this file's own Document History, which records prior fixes and is not itself a violation). Expanded the scan to the `specs/` directory (9 files) for the first time this cycle and fixed 2 non-normative tone issues: `aw-harness.md` (1 fix: "Leverages Node 24 features"→"Uses Node 24 features" line 198 — trailing descriptive note on a TypeScript→ES2024 MUST clause; matches the v9.14 "leverage"→"use" pattern); `security-architecture-spec-summary.md` (1 fix: "8 comprehensive appendices"→"8 appendices" line 61 — the count is the concrete metric, matching the v6.1 "Comprehensive"→removed pattern). Deliberately left untouched in `specs/`: "Production-ready security" (`security-architecture-spec.md` line 144, `-summary.md` line 22) is a defined conformance-level name in the spec's RFC-2119 taxonomy, not prose; and "comprehensive input sanitization" inside the IS-04..IS-09 MUST requirements (`security-architecture-spec-validation.md` lines 84, 149) carries normative meaning (it scopes the required coverage) and should be revised only by a spec owner. These are flagged for human review rather than auto-edited. Coverage: 64 scratchpad files + 9 specs files = 73 files.
Expand Down
Loading