PHASE 01 BRANCH EXTRACTS ================================================================================ DOC: master_architecture_index | Master Architecture Index ================================================================================ GENERIC_RENDER (no custom branch found) ================================================================================ DOC: panel_manifest | Panel Manifest ================================================================================ if (doc.id === "panel_manifest" && state.categoryId === "overview_scope") { const renderPendingCard = (title) => ` `; const renderBucketCard = (bucket) => `
${escapeHtml(bucket.title)}
${ bucket.items.length ? `` : `
No items declared.
` }
`; const renderStructuredCard = (title, buckets) => `
${buckets.map(renderBucketCard).join("")}
`; const overviewHtml = `

Overview

${escapeHtml("Panel Manifest defines the machine-readable entry manifest for the Devon panel and documentation surface. It exists to provide a deterministic panel bootstrap surface, bind the entry layer to canonical ownership without redefining it, and keep panel initialization aligned with the sovereign architecture. It fits in Phase 01 under Overview & Scope as the entry manifest and machine-readable panel entry point. Downstream, it matters because it reduces bootstrap ambiguity, supports predictable panel boot order, and helps keep Documentation Hub, Panel, and canon aligned from the entry layer onward. It is support-level machine-readable authority for panel entry, depends on master_architecture_index, and must not override the master’s sovereignty.")}

`; const prerequisitesBuckets = [ { title: "Definition and canonical role", items: [ "Panel Manifest prerequisites define the minimum mandatory structural, operational, documentary and validation conditions that must exist before the Panel can initialize, read, organize and render system state from real evidence.", "The Panel does not interpret architecture, does not create local truth, does not calculate sovereign meaning and does not infer missing context.", "Its role is limited to consuming valid contracts, reading observable artifacts and projecting visually what the Devon environment has already produced, registered and synchronized.", "Because of that, any missing, inconsistent or invalid prerequisite compromises interface trust directly and invalidates Panel reliability by definition.", "The existence of prerequisites is not conceptual. Every prerequisite must be materially observable, structurally bounded and subordinate to canonical authority." ] }, { title: "Fundamental principle", items: [ "The Panel operates exclusively from observable evidence, valid contracts and correct structural linkage to the sovereign architecture.", "The operating rule is binary: if it exists, is integral and is functional, it is valid.", "If it does not exist, it is nonexistent.", "If it exists but does not function, it is invalid.", "There are no intermediate states, approximations or assumptions in Panel bootstrap legitimacy." ] }, { title: "Architectural role of prerequisites", items: [ "Panel Manifest prerequisites are not optional dependencies. They are the structural base that makes the Panel legitimate as a canonical reading surface.", "They sustain the integrity of the Documentation Hub as projected documentary plane.", "They sustain the coherence between Master Architecture Index and panel-readable contracts.", "They sustain the truthfulness of the data shown in the UI.", "They sustain synchronization between Devon and Waresite.", "They sustain system auditability and deterministic interface bootstrap.", "Without valid prerequisites, the Panel may still exist visually, but it cannot be treated as a trustworthy surface." ] }, { title: "Layered prerequisite structure", items: [ "Architecture layer: master registration, scope framing, deployment order and structural contracts must already exist so Panel Manifest has origin, fit and bounded role.", "Delivery layer: collection and publication mechanisms must already exist so the Panel receives current structured data instead of stale assumptions.", "Runtime layer: real host, container, status, progress and snapshot artifacts must already exist because the Panel has no truth of its own.", "Integration layer: export, synchronization and transfer from Devon to Waresite must already work so the Panel reflects real operational state.", "Interface layer: the Panel itself must remain limited to reading, interpreting contracts and rendering, never compensating for missing data with local logic.", "Trust layer: validation and integrity controls must already exist so the Panel only consumes data that is structurally compliant and operationally trustworthy." ] }, { title: "Canonical operating rules", items: [ "The architecture base must exist and remain integral.", "Panel Manifest must be registered and correctly positioned inside Phase 01 overview_scope.", "Runtime must be collected and published continuously.", "Data must be valid and structurally well-formed.", "Integration between Devon and Waresite must remain active.", "The interface must consume only real data.", "Validation must confirm integrity and conformity.", "The Panel must remain subordinate to canonical authority and must never redefine architectural meaning locally." ] }, { title: "Failure conditions", items: [ "Absence of the sovereign architectural registration source invalidates Panel bootstrap legitimacy.", "Loss of the entry manifest or loss of its structural identity invalidates deterministic interface startup.", "Missing runtime data invalidates any visual projection.", "Present but structurally invalid data invalidates the interface just as much as absent data.", "Synchronization failure between Devon and Waresite breaks reality reflection.", "Interface output without proven source origin is invalid.", "Divergence between contract and execution is invalid.", "Any local Panel-side interpretation of meaning that should come from published artifacts violates the system law." ] }, { title: "Nature of prerequisites", items: [ "Panel Manifest prerequisites are not an implementation checklist. They are an existence contract.", "Each item is a condition that must be provable continuously for the interface to remain legitimate as a reading surface.", "The system does not ask whether something should exist.", "It verifies whether it exists now, is integral now and remains bound to the correct authority now." ] }, { title: "Expected result and exit rule", items: [ "When all prerequisites are valid, the Panel has a clear structural entry point and deterministic bootstrap behavior.", "There is no gap between what the interface shows and what Devon has actually published.", "System reading begins from a stable and legible manifest rather than scattered assumptions.", "Audit of bootstrap and UI projection becomes trivial because the entry layer is bounded and observable.", "Panel Manifest prerequisites are complete only when entry identity, architectural linkage, evidence dependency and trust boundaries are materially valid.", "If the manifest entry layer remains ambiguous, no downstream Panel artifact may be treated as ready.", "Prerequisite completion for Panel Manifest must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const configurationBuckets = [ { title: "Definition and configuration role", items: [ "Panel Manifest configuration defines how the panel entry manifest must be structurally arranged so the interface can bootstrap from a deterministic and machine-readable entry surface.", "Configuration here means canonical arrangement, binding and operational shape, not cosmetic UI preference.", "Its role is to ensure that the Panel Manifest remains stable as entry support for panel-side reading, tree resolution, content projection and contract alignment.", "A configured Panel Manifest must remain structurally predictable across architecture, contract and source views." ] }, { title: "Document identity configuration", items: [ "Panel Manifest must keep a fixed document id, label, path, phase and layer identity.", "Its registration under overview_scope must remain stable in hub_index.json.", "Its type must remain machine-readable and coherent with its role as panel entry support artifact.", "Configuration is invalid if the same document resolves under conflicting identities across the UI." ] }, { title: "Canonical binding configuration", items: [ "The manifest must remain subordinate to master_architecture_index sovereignty.", "Its configuration must preserve explicit linkage to project scope and deployment order.", "Sovereign/support separation must remain visible in how the manifest is described and consumed.", "The manifest may configure panel entry behavior, but it may not redefine architectural authority." ] }, { title: "Tree and selection configuration", items: [ "Panel Manifest must be configured to appear in the correct category and order inside the architecture tree.", "Its selection path must resolve deterministically when clicked from the left navigation.", "Its architecture route, contract route and source route must all point to the same underlying document identity.", "Configuration is incomplete if UI selection can drift into another document payload." ] }, { title: "Bootstrap configuration", items: [ "The manifest must be configured as the panel entry surface for downstream panel-side reading.", "Its structure must be stable enough to seed tree logic, navigation logic and content mapping without ambiguity.", "Downstream panel contracts must be able to inherit entry context from the manifest.", "The bootstrap configuration must eliminate dependence on scattered assumptions or implicit ordering." ] }, { title: "Rendering configuration", items: [ "Panel Manifest must be configured to render through the structured category scaffold in architecture mode.", "Its card layout must remain compatible with the same category model used across the documentation plane.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its configuration is invalid if the selected manifest renders another document payload." ] }, { title: "Source and contract configuration", items: [ "Source view must expose the real underlying document for Panel Manifest.", "Contract view must describe the same registered artifact seen in architecture mode.", "Architecture, contract and source views must stay configuration-consistent.", "Any route divergence between those three views invalidates configuration integrity." ] }, { title: "Dependency and sync configuration", items: [ "The manifest must remain configured in a way that downstream panel tree, navigation spec, content index and blueprint can consume consistently.", "Its configuration must align with the Devon-to-Waresite projection model.", "It must not depend on hidden local UI state to remain readable.", "Configuration must remain stable across reload, re-selection and mode switching." ] }, { title: "Misconfiguration conditions", items: [ "If the manifest appears in the tree but resolves to the wrong architecture payload, configuration is invalid.", "If the manifest has a valid source but inconsistent contract projection, configuration is invalid.", "If the manifest depends on fallback behavior to render architecture, configuration is incomplete.", "If the manifest loses canonical linkage while remaining selectable in the UI, configuration is invalid." ] }, { title: "Configuration exit rule", items: [ "Panel Manifest configuration is complete only when document identity, canonical binding, tree placement, selection routing, rendering behavior and cross-view consistency are materially stable.", "No downstream panel artifact may be treated as configuration-ready if the Panel Manifest entry layer still depends on ambiguous routing or unstable identity.", "Configuration completion for Panel Manifest must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const observableEvidenceBuckets = [ { title: "Definition and evidence role", items: [ "Panel Manifest observable evidence defines the set of materially inspectable signals that prove the manifest exists, is correctly registered, is routed to the correct payload and is being rendered from the correct document identity.", "Observable evidence here is not conceptual confidence. It is concrete evidence that can be inspected in file registration, UI selection behavior, mode switching and rendered output.", "Its role is to prove that the Panel Manifest is not only declared in architecture, but materially reachable and operationally projected in the Documentation Hub.", "If a condition cannot be observed, it cannot be claimed as valid evidence for Panel Manifest." ] }, { title: "Document existence evidence", items: [ "Panel Manifest must exist as a real registered document in the documentation system.", "Its document id must be observable as panel_manifest.", "Its label, path, phase and layer identity must be materially present in the registered document set.", "Evidence fails if the manifest is referenced in logic but not materially registered as a document." ] }, { title: "Hub registration evidence", items: [ "Panel Manifest must be observable inside hub_index.json under overview_scope.", "Its placement in the category docs list must be materially visible.", "Its registration must be stable enough to survive reload and re-render.", "Evidence fails if the manifest is only implied by code and not present in hub registration." ] }, { title: "Tree visibility evidence", items: [ "Panel Manifest must appear in the left architecture tree under Overview & Scope.", "Its label must be visibly selectable from the UI.", "A user click on Panel Manifest must be observable as a stable document selection event.", "Evidence fails if the tree shows the label but selection resolves to another artifact." ] }, { title: "Render-path evidence", items: [ "Architecture mode must visibly render Panel Manifest-specific cards and text rather than inherited content from Master Architecture Index.", "Contract mode must visibly describe the same Panel Manifest artifact.", "Source mode must visibly expose the real underlying source for Panel Manifest.", "Evidence fails if any mode shows fallback content, wrong payload or cross-document contamination." ] }, { title: "Identity consistency evidence", items: [ "The same Panel Manifest identity must be observable across architecture, contract and source views.", "The selected document must not silently switch to Master Architecture Index or another sibling artifact.", "Route stability must remain observable during mode changes and reselection.", "Evidence fails if the UI presents one label while the payload belongs to another document." ] }, { title: "Content integrity evidence", items: [ "The visible text under Panel Manifest must correspond to Panel Manifest context and not to another category or document.", "Overview, Prerequisites, Installation, Configuration and downstream cards must remain context-consistent with panel entry manifest behavior.", "Observable evidence must show that rendered text changes when Panel Manifest-specific content is updated in code.", "Evidence fails if the UI continues to show stale or inherited content after document-specific updates." ] }, { title: "Operational evidence of deterministic bootstrap", items: [ "Panel Manifest must be observably usable as an entry support artifact for panel-side reading.", "Its presence must support deterministic tree resolution, content projection and contract alignment.", "The manifest must remain observably stable as a panel entry surface under reload and reselection.", "Evidence fails if bootstrap stability depends on hidden cache, ambiguous routing or lucky UI state." ] }, { title: "Failure evidence", items: [ "A wrong payload rendered under Panel Manifest is observable failure.", "Fallback summary rendered instead of the custom architecture payload is observable failure.", "Missing source while architecture or contract still appears valid is observable failure.", "Mismatch between tree label and rendered content is observable failure." ] }, { title: "Observable evidence exit rule", items: [ "Observable evidence for Panel Manifest is complete only when document existence, hub registration, tree visibility, payload identity, render-path integrity and cross-view consistency are all materially inspectable.", "No downstream panel artifact may be treated as trustworthy if Panel Manifest evidence is still indirect, inferred or fallback-driven.", "Observable evidence completion for Panel Manifest must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const completionPromotionBuckets = [ { title: "Definition and promotion role", items: [ "Panel Manifest completion and promotion define when the manifest entry layer can be treated as structurally complete and eligible to unlock downstream panel-facing artifacts.", "Completion here does not mean the document merely exists. It means the manifest is materially present, correctly routed, canonically bound, render-stable and cross-view consistent.", "Promotion here means the entry layer is trusted enough to support downstream panel tree, navigation, content projection and contract consumption without ambiguity.", "A promoted Panel Manifest must already operate as a deterministic panel entry surface." ] }, { title: "Completion criteria", items: [ "Panel Manifest must be registered as a real document under overview_scope.", "Its tree placement, selection behavior and render path must be materially stable.", "Its architecture, contract and source modes must remain aligned to the same document identity.", "Its content must be context-correct and free from inherited payload contamination.", "Its support-level role must remain subordinate to master_architecture_index sovereignty." ] }, { title: "Promotion gates", items: [ "No promotion is valid if Panel Manifest still depends on fallback-driven architecture rendering.", "No promotion is valid if UI selection can still resolve to the wrong payload.", "No promotion is valid if cross-view identity remains unverified.", "No promotion is valid if canonical linkage to overview roots is still ambiguous.", "Promotion is valid only when entry identity, render integrity and evidence integrity are all materially confirmed." ] }, { title: "Downstream unlocks", items: [ "A complete Panel Manifest unlocks deterministic panel bootstrap.", "It unlocks trustworthy consumption by panel tree, navigation spec, content index and blueprint-side reading.", "It unlocks consistent interpretation of the panel entry layer across Documentation Hub and Operator Panel surfaces.", "It unlocks safer downstream validation because the entry artifact is no longer ambiguous." ] }, { title: "Non-promotable states", items: [ "A manifest that is selectable but not identity-stable is not promotable.", "A manifest that renders through the wrong payload is not promotable.", "A manifest that only appears structurally complete through cached UI behavior is not promotable.", "A manifest that loses canonical support-role boundaries is not promotable.", "A manifest that cannot keep architecture, contract and source views aligned is not promotable." ] }, { title: "Promotion evidence requirements", items: [ "Promotion must be supported by observable UI behavior, stable routing and correct rendered content.", "Promotion must be backed by hub registration, tree visibility and cross-view identity consistency.", "Promotion must be proven from the served surface and not from assumed code intent.", "Every completion or promotion claim must be evidenced by what the system actually resolves and renders." ] }, { title: "Completion and promotion exit rule", items: [ "Panel Manifest completion and promotion are complete only when the entry artifact is materially present, canonically bound, tree-stable, payload-correct and trustworthy across architecture, contract and source views.", "No downstream panel artifact may be promoted as reliable if Panel Manifest still operates under ambiguous routing, fallback behavior or unverified identity.", "Completion and promotion for Panel Manifest must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const leftHtml = [ renderStructuredCard("Prerequisites", prerequisitesBuckets), renderStructuredCard("Configuration", configurationBuckets), renderStructuredCard("Observable Evidence", observableEvidenceBuckets), renderStructuredCard("Completion & Promotion", completionPromotionBuckets) ].join(""); const installationBuckets = [ { title: "Definition and installation role", items: [ "Panel Manifest installation defines the set of material conditions required for the Panel entry manifest to exist, be readable, be structurally usable and participate in deterministic panel bootstrap.", "Installation here does not mean generic server setup. It means making the Panel Manifest materially present as a machine-readable entry artifact inside the Devon documentation and panel surface.", "The manifest must be installed as part of the panel-facing documentary layer, not as sovereign architecture and not as isolated UI text.", "Its installation role is to establish a stable entry surface that downstream panel tree, navigation, content mapping and contract reading can consume safely." ] }, { title: "Document materialization requirements", items: [ "Panel Manifest must exist as a real document bound to Phase 01 overview_scope.", "Its file identity, path, phase, layer and document id must be materially registered in the hub structure.", "The manifest must be readable through the documentation surface and discoverable from the architecture tree.", "The document must be positioned as panel entry support and must not appear detached from the canonical overview structure." ] }, { title: "Canonical binding installation", items: [ "master_architecture_index must already exist as sovereign architectural root before Panel Manifest installation is considered valid.", "Panel Manifest must be structurally linked to master_architecture_index, project scope and deployment order rather than installed as a free-floating UI artifact.", "Its installation must preserve sovereign/support separation.", "The manifest must inherit meaning from the canonical root and must never redefine architectural truth locally." ] }, { title: "Hub and tree installation", items: [ "Panel Manifest must be registered inside hub_index.json under overview_scope.", "It must appear in the left architecture tree with correct label, type and category placement.", "Its selection must resolve to the correct document identity in the render flow.", "Its architecture view, contract view and source view must remain bound to the same document identity." ] }, { title: "Panel bootstrap installation", items: [ "The manifest must be installable as a deterministic entry point for panel bootstrap.", "Downstream panel-side reading must be able to start from this manifest without ambiguity.", "The manifest must support initial binding for panel tree, navigation, content index and blueprint-side reading.", "No downstream panel bootstrap should depend on scattered assumptions once the manifest is installed." ] }, { title: "Rendering and UI installation", items: [ "Panel Manifest must render through the same architecture scaffold used by the category model.", "Its structured cards must remain readable in architecture mode.", "Its content must be projectable into the Documentation Hub without collapsing into the fallback summary view.", "Its rendering path must remain deterministic when selected from the UI." ] }, { title: "Source and contract installation", items: [ "The manifest must support contract projection as a machine-readable panel entry document.", "Its source view must reflect the real underlying source rather than a synthetic local substitute.", "Its contract view must remain consistent with the same document registration seen in architecture mode.", "The installation is invalid if architecture, contract and source routes diverge in identity." ] }, { title: "Dependency installation gates", items: [ "Canonical registration must exist before Panel Manifest installation can be trusted.", "Hub registration must exist before UI selection can be trusted.", "UI selection integrity must exist before architecture rendering can be trusted.", "Document identity stability must exist before downstream panel contracts can be trusted." ] }, { title: "Failure-sensitive installation conditions", items: [ "If the manifest exists in code but is not reachable in the tree, installation is incomplete.", "If the manifest is reachable in the tree but resolves to the wrong payload, installation is invalid.", "If the manifest renders only through fallback summary, installation is incomplete.", "If the manifest loses canonical linkage, installation is invalid even if the UI still renders." ] }, { title: "Installation exit rule", items: [ "Panel Manifest installation is complete only when the document is materially present, canonically bound, tree-selectable, architecturally renderable and identity-stable across architecture, contract and source views.", "No downstream panel artifact may be treated as installation-ready if the Panel Manifest entry layer is still ambiguous or fallback-driven.", "Installation completion for Panel Manifest must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const validationBuckets = [ { title: "Definition and validation role", items: [ "Panel Manifest validation defines the evidence-based checks required to confirm that the manifest is structurally correct, canonically bound and operationally trustworthy as the panel entry surface.", "Validation here does not judge visual preference. It verifies identity integrity, route integrity, source integrity and cross-view consistency.", "Its role is to prove that the selected Panel Manifest is the real registered artifact and not a fallback, alias or displaced payload.", "A valid Panel Manifest must remain verifiable across architecture, contract and source modes." ] }, { title: "Identity validation", items: [ "The document selected in the tree must resolve to panel_manifest and not to another overview_scope artifact.", "Its document id, label, path, phase and layer must remain stable during selection and rendering.", "The same artifact must be observed across architecture view, contract view and source view.", "Validation fails if the UI selection path resolves to a mismatched document identity." ] }, { title: "Canonical linkage validation", items: [ "Panel Manifest must remain subordinate to master_architecture_index sovereignty.", "Its role as support-level panel entry artifact must remain explicit.", "Its linkage to project scope and deployment order must remain materially traceable.", "Validation fails if the manifest appears structurally detached from the canonical overview roots." ] }, { title: "Render-path validation", items: [ "Architecture mode must render the custom Panel Manifest architecture payload, not an unrelated structured category payload.", "Contract mode must describe the same registered Panel Manifest artifact.", "Source mode must expose the real underlying source of Panel Manifest.", "Validation fails if any mode falls back to the wrong document or if architecture mode depends on the wrong sourceMeta branch." ] }, { title: "Tree and selection validation", items: [ "Panel Manifest must appear in the correct category position inside the architecture tree.", "A click on Panel Manifest must keep the selected document stable across re-render.", "Mode switching must not silently redirect the user to Master Architecture Index or another sibling document.", "Validation fails if tree selection is visually correct but operationally resolves to another payload." ] }, { title: "Content integrity validation", items: [ "The architecture cards shown under Panel Manifest must correspond to Panel Manifest content and not inherited text from another document.", "Overview, Prerequisites, Installation, Configuration and downstream cards must remain context-consistent with Panel Manifest.", "The manifest must not render stale content cached from a previous selection.", "Validation fails if the visible text belongs to another document context." ] }, { title: "Cross-view consistency validation", items: [ "Architecture, contract and source views must describe the same artifact from different angles.", "No view may invent identity, dependency or role that is absent from the registered document.", "Cross-view consistency must remain stable after reload, reselection and mode switching.", "Validation fails if one view is correct but another diverges in identity or meaning." ] }, { title: "Fallback and error-state validation", items: [ "The Panel Manifest architecture route must not depend on fallback summary unless there is a real source-load failure.", "If source loading fails, the error state must still preserve the correct document identity.", "A rendered fallback must never masquerade as successful validation.", "Validation fails if the UI looks stable but the underlying route is fallback-driven or source-broken." ] }, { title: "Evidence requirements", items: [ "Validation must be grounded in observable UI behavior and observable document routing.", "Validation must be supported by file existence, tree registration, route stability and mode consistency.", "No validation claim may be based on inference, expectation or visual guess alone.", "Every PASS condition must be backed by real evidence from the served surface or underlying registered artifact." ] }, { title: "Validation exit rule", items: [ "Panel Manifest validation is complete only when identity, linkage, tree routing, render path, source exposure and cross-view consistency are all materially confirmed.", "No downstream panel artifact may be treated as trustworthy if Panel Manifest validation still depends on ambiguous selection or unverified routing.", "Validation completion for Panel Manifest must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const failureModesBuckets = [ { title: "Definition and recovery role", items: [ "Panel Manifest failure modes and recovery define the invalid states that break the manifest as a trustworthy panel entry surface and the recovery actions required to restore deterministic panel bootstrap.", "Failure here is not limited to crash. It includes wrong document routing, fallback contamination, identity drift, stale payload reuse and cross-view inconsistency.", "Recovery exists to restore the correct manifest identity, canonical linkage and render path without inventing local truth.", "A recovered state is valid only when the manifest returns to evidence-based stability across architecture, contract and source views." ] }, { title: "Identity failure modes", items: [ "Panel Manifest may appear selected in the tree while another document payload is actually rendered.", "The manifest may resolve with the wrong document id, wrong path or wrong architectural context.", "A stale selection state may visually preserve the label while operationally switching to another artifact.", "Recovery requires proving the selected payload is again bound to panel_manifest and not to any sibling document." ] }, { title: "Render-path failure modes", items: [ "Architecture mode may fall back to a summary or to an inherited structured payload that does not belong to Panel Manifest.", "The UI may render content from Master Architecture Index or another overview_scope artifact while Panel Manifest remains selected.", "Source-load failure may silently degrade into a misleading render path.", "Recovery requires restoring the direct architecture path so the custom Panel Manifest payload is the one actually rendered." ] }, { title: "Canonical linkage failure modes", items: [ "Panel Manifest may remain visible while losing its subordinate linkage to master_architecture_index.", "The manifest may drift from project scope or deployment order anchoring.", "Support-level role may become blurred and appear as if the manifest were redefining architectural authority.", "Recovery requires re-establishing sovereign/support separation and re-binding the manifest to the canonical overview roots." ] }, { title: "Tree and selection failure modes", items: [ "The tree may show Panel Manifest in the right place while click resolution points to the wrong payload.", "Mode switching may silently redirect the user away from Panel Manifest.", "Reload or reselection may destabilize the active document identity.", "Recovery requires restoring deterministic selection so tree label, selected doc and rendered payload all converge." ] }, { title: "Cross-view failure modes", items: [ "Architecture, contract and source views may diverge in identity or meaning.", "Contract view may describe one artifact while architecture mode renders another.", "Source view may expose a different backing document than the one used by architecture mode.", "Recovery requires re-aligning all three modes to the same registered Panel Manifest artifact." ] }, { title: "Content contamination failure modes", items: [ "Panel Manifest may display inherited content from another document after updates or reselection.", "Cached or previously loaded text may survive and contaminate the visible architecture cards.", "Panel-specific cards may show valid structure but invalid content origin.", "Recovery requires flushing the contaminated render path and confirming that visible text now belongs to Panel Manifest context only." ] }, { title: "Recovery actions", items: [ "Re-select Panel Manifest from the tree and confirm the selected document remains stable across mode switches.", "Force the direct architecture render path when manifest-specific architecture content must bypass inherited structured payload selection.", "Verify that hub registration, tree selection and rendered payload identity still point to panel_manifest.", "Re-check architecture, contract and source views until all three describe the same artifact.", "Treat any fallback-driven or cross-document state as invalid until evidence proves recovery is complete." ] }, { title: "Recovery evidence requirements", items: [ "Recovery is valid only when the manifest is again materially reachable, correctly selected and rendered from the correct payload.", "The recovered state must be observable in UI behavior and not merely assumed from code edits.", "The visible cards must show Panel Manifest-specific content after recovery.", "Architecture, contract and source routes must all confirm the same restored identity." ] }, { title: "Failure modes and recovery exit rule", items: [ "Panel Manifest failure and recovery handling is complete only when all known invalid routing, identity, fallback and cross-view divergence states are detectable and recoverable through evidence-based actions.", "No downstream panel artifact may be treated as trustworthy if Panel Manifest recovery still depends on unverified assumptions.", "Failure and recovery completion for Panel Manifest must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const rightHtml = [ renderStructuredCard("Installation", installationBuckets), renderStructuredCard("Validation", validationBuckets), renderStructuredCard("Failure Modes & Recovery", failureModesBuckets) ].join(""); return { kind: "html", content: overviewHtml + `
${leftHtml}
${rightHtml}
` }; } const structured = renderStructuredCategoryView(doc, sourceMeta); if (structured) { return { kind: "html", content: structured }; } return { kind: "html", content: renderArchitectureSummaryView(doc, sourceMeta) }; } function renderDocContent(payload){ if (payload && payload.kind === "html") { setStructuredMode(true, payload.content); docViewer.textContent = ""; return; } setStructuredMode(false, ""); docViewer.textContent = payload && payload.content ? payload.content : ""; } function renderContractView(doc, sourceMeta){ const contractObj = { label: doc.label, path: doc.path, phase: doc.phase, layer: doc.layer, source_kind: sourceMeta.kind, source_summary: sourceMeta.summary, depends_on: doc.depends_on, used_by: doc.used_by }; if (sourceMeta.kind === "json") { contractObj.detected_keys = sourceMeta.extra.keys; } else { contractObj.detected_headings = sourceMeta.extra.headings; } return JSON.stringify(contractObj, null, 2); } async function renderDocViewer(){ const category = getCategory(state.categoryId); const doc = getDoc(state.categoryId, state.docId); const phase = getPhase(state.phaseId); if (!category || !doc || !phase) return; docViewer.textContent = "Loading canon source..."; try { const sourceMeta = await loadDocSource(doc); setHero(doc, phase, category, sourceMeta); buildDocMap(doc, sourceMeta); buildRelationMap(doc, category, sourceMeta); if (state.mode === "architecture") { let architecturePayload = null; const forceDirectArchitectureRender = ( state.categoryId === "overview_scope" && ( doc.id === "panel_manifest" || doc.id === "project_scope" || doc.id === "deployment_order" || doc.id === "sandbox_environment" || doc.id === "server_registry" || doc.id === "project_progress_canonical" || doc.id === "project_progress_model" ) ) || ( state.categoryId === "architecture_engineering_core" && ( doc.id === "cas" || doc.id === "cgs" ) ); if (!forceDirectArchitectureRender) { try { const architectureDoc = resolveArchitectureDoc(doc); if (architectureDoc && architectureDoc.id !== doc.id) { const architectureMeta = await loadDocSource(architectureDoc); const structured = renderStructuredCategoryView(doc, architectureMeta); if (structured) { architecturePayload = { kind: "html", content: structured }; } } } catch (architectureErr) { } } if (!architecturePayload) { architecturePayload = renderArchitectureView(doc, sourceMeta); } renderDocContent(architecturePayload); return; } if (state.mode === "contract") { setStructuredMode(false, ""); docViewer.textContent = renderContractView(doc, sourceMeta); return; } setStructuredMode(false, ""); docViewer.textContent = sourceMeta.sourceText; } catch (err) { const fallbackMeta = { kind: doc.type, summary: "Failed to load source.", extra: { keys: [], headings: [], preview: [] } }; setStructuredMode(false, ""); setHero(doc, phase, category, fallbackMeta); buildDocMap(doc, fallbackMeta); buildRelationMap(doc, category, fallbackMeta); if (state.mode === "architecture") { renderDocContent(renderArchitectureView(doc, fallbackMeta)); return; } docViewer.textContent = "Failed to load source\n\n" + String(err); } } function bindModes(){ btnViewArchitecture.onclick = () => { state.mode = "architecture"; renderDocViewer(); }; btnViewContract.onclick = () => { state.mode = "contract"; renderDocViewer(); }; btnViewSource.onclick = () => { state.mode = "source"; renderDocViewer(); }; } function init(){ state.phaseId = HUB.phases[0].id; state.categoryId = HUB.categories[0].id; state.docId = HUB.categories[0].docs[0].id; bindModes(); render(); } function render(){ buildTree(); buildPhases(); buildMetrics(); buildPhaseMap(); renderDocViewer(); } (async () => { try { await loadHub(); init(); } catch (e) { console.error("BOOT_FAIL", e); document.body.innerHTML = "
Failed to load HUB
"; } })(); ================================================================================ DOC: project_scope | Project Scope Canonical ================================================================================ if (doc.id === "project_scope" && state.categoryId === "overview_scope") { const renderPendingCard = (title) => ` `; const renderBucketCard = (bucket) => `
${escapeHtml(bucket.title)}
${ bucket.items.length ? `` : `
No items declared.
` }
`; const renderStructuredCard = (title, buckets) => `
${buckets.map(renderBucketCard).join("")}
`; const overviewHtml = `

Overview

${escapeHtml("Project Scope Canonical defines the formal framing boundary of the Devon project under Phase 01 Overview & Scope. It exists to declare, without ambiguity, what the project is, why it exists, what domains, layers and workstreams belong inside it, what remains outside it, which authority artifact governs those boundaries and what downstream phases become legitimate only after scope is materially bounded. Its function is to stop the project from being interpreted through scattered files, UI behavior, runtime artifacts or local assumptions. It is not sovereign architecture; it is the canonical scope-framing authority subordinate to master_architecture_index. Once valid, it becomes the reference that Documentation Hub, Operator Panel and downstream categories must use to judge project relevance, inclusion legitimacy, dependency fit and promotion readiness across the Devon system.")}

`; const prerequisitesBuckets = [ { title: "Definition and canonical role", items: [ "Project Scope Canonical prerequisites define the minimum conditions that must exist before the project can be treated as formally framed, bounded and governable.", "The role of prerequisites here is to establish the project boundary artifact that answers what the project is, why it exists, what it includes, what it excludes and what it unlocks downstream.", "Project Scope Canonical is not sovereign architecture. It is the canonical framing authority for project scope under Overview & Scope.", "Without valid prerequisites, every downstream phase, document and UI projection risks operating on ambiguous scope." ] }, { title: "Fundamental principle", items: [ "Project scope must be explicit, bounded and authority-linked before downstream work can be treated as legitimate.", "The scope cannot be inferred from UI behavior, runtime state or scattered documents.", "If a project boundary is not materially declared, it is not valid scope.", "If scope exists but conflicts with architecture, it is invalid.", "If scope is incomplete or ambiguous, downstream dependency claims are invalid." ] }, { title: "Architectural framing prerequisites", items: [ "master_architecture_index must already exist as sovereign architectural root.", "Phase 01 overview_scope framing must already exist.", "Project Scope Canonical must be positioned as the project-boundary authority inside that overview layer.", "Its role must remain subordinate to sovereign architecture while authoritative for project framing.", "Deployment order and category structure must already exist enough to contextualize project scope." ] }, { title: "Project-boundary prerequisites", items: [ "The document must explicitly define what the project includes.", "The document must explicitly define what the project excludes.", "The document must explicitly define why the project exists and what problem space it governs.", "The document must explicitly define what major domains, layers or workstreams belong to the project.", "The document must explicitly define what downstream materialization depends on valid scope." ] }, { title: "Authority prerequisites", items: [ "Project Scope Canonical must have clear authority ownership as the scope-framing artifact.", "Its authority must not be mixed with master sovereignty, runtime publication or UI-local interpretation.", "The document must state what other artifacts it depends on and what artifacts depend on it.", "Scope framing must remain canonically readable by Documentation Hub and Panel without reinterpretation." ] }, { title: "Dependency prerequisites", items: [ "Downstream categories must only be treated as legitimate if they fit inside declared project scope.", "No phase may be framed as required if its inclusion is not supported by project scope.", "No panel-facing or runtime-facing projection should outrun scope definition.", "Project scope must exist before downstream architecture can be trusted as project-relevant rather than merely system-adjacent." ] }, { title: "Document integrity prerequisites", items: [ "Project Scope Canonical must exist as a real registered document in overview_scope.", "Its document id, label, path, phase and layer must remain stable.", "Its tree presence must resolve to the correct scope artifact.", "Architecture, contract and source routes must remain aligned to the same Project Scope Canonical identity." ] }, { title: "Failure-prevention prerequisites", items: [ "The project must not be framed from assumptions spread across multiple documents.", "The scope must not depend on implicit knowledge held only in code or UI structure.", "The scope must not collapse into vague mission statements without inclusion and exclusion boundaries.", "The scope must not drift from the canonical overview structure." ] }, { title: "Expected result", items: [ "When prerequisites are valid, Project Scope Canonical becomes a trustworthy framing artifact for the whole project.", "Downstream phases can be assessed against explicit project boundaries.", "Documentation Hub and Panel can project project framing without inventing meaning.", "Architecture, delivery, runtime and UI layers can be judged for relevance against a declared project scope." ] }, { title: "Prerequisites exit rule", items: [ "Project Scope Canonical prerequisites are complete only when project identity, project purpose, inclusion boundaries, exclusion boundaries, authority ownership and dependency relevance are materially explicit.", "No downstream category, phase or panel-facing artifact may be treated as scope-legitimate if project framing is still ambiguous.", "Prerequisite completion for Project Scope Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const configurationBuckets = [ { title: "Definition and configuration role", items: [ "Project Scope Canonical configuration defines how the scope-framing artifact must be structurally arranged so project boundaries remain explicit, stable and consumable across Documentation Hub, Operator Panel and downstream categories.", "Configuration here means canonical arrangement, authority binding, scope-shaping logic and cross-view consistency, not cosmetic UI preference.", "Its role is to keep Project Scope Canonical stable as the formal framing surface for project inclusion, exclusion, relevance and downstream legitimacy.", "A configured Project Scope Canonical must remain structurally predictable across architecture, contract and source views." ] }, { title: "Document identity configuration", items: [ "Project Scope Canonical must keep a fixed document id, label, path, phase and layer identity.", "Its registration under overview_scope must remain stable in hub_index.json.", "Its document type must remain coherent with its role as the project-boundary authority artifact.", "Configuration is invalid if the same scope artifact resolves under conflicting identities across the UI." ] }, { title: "Canonical binding configuration", items: [ "The scope artifact must remain subordinate to master_architecture_index sovereignty.", "Its configuration must preserve explicit linkage to project identity, project purpose and deployment order framing.", "Its authority must remain limited to project framing and must not redefine sovereign architecture.", "Sovereign/support separation must remain visible in how Project Scope Canonical is described and consumed." ] }, { title: "Boundary configuration", items: [ "Project inclusion boundaries must be explicitly configured rather than implied.", "Project exclusion boundaries must be explicitly configured rather than assumed.", "Major domains, layers and workstreams that belong inside the project must be structurally declared.", "Configuration is incomplete if scope framing still depends on scattered documents or informal interpretation." ] }, { title: "Dependency configuration", items: [ "Project Scope Canonical must be configured to state what downstream phases become legitimate only after scope is materially bounded.", "It must support dependency relevance judgment for downstream categories and artifacts.", "It must provide enough structure for in-scope versus out-of-scope evaluation.", "The dependency configuration must eliminate ambiguous project relevance claims." ] }, { title: "Tree and selection configuration", items: [ "Project Scope Canonical must be configured to appear in the correct category and order inside the architecture tree.", "Its selection path must resolve deterministically when clicked from the left navigation.", "Its architecture, contract and source routes must all point to the same underlying document identity.", "Configuration is invalid if UI selection can drift into another overview_scope payload." ] }, { title: "Rendering configuration", items: [ "Project Scope Canonical must be configured to render through the structured category scaffold in architecture mode.", "Its card layout must remain compatible with the same category model used across the documentation plane.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its configuration is invalid if the selected scope artifact renders another document payload." ] }, { title: "Source and contract configuration", items: [ "Source view must expose the real underlying document for Project Scope Canonical.", "Contract view must describe the same registered scope artifact seen in architecture mode.", "Architecture, contract and source views must stay configuration-consistent.", "Any route divergence between those three views invalidates configuration integrity." ] }, { title: "Misconfiguration conditions", items: [ "If the scope artifact appears in the tree but resolves to the wrong architecture payload, configuration is invalid.", "If the scope artifact has a valid source but inconsistent contract projection, configuration is invalid.", "If the scope artifact depends on fallback behavior to render architecture, configuration is incomplete.", "If the scope artifact loses canonical linkage while remaining selectable in the UI, configuration is invalid." ] }, { title: "Configuration exit rule", items: [ "Project Scope Canonical configuration is complete only when document identity, canonical binding, scope boundaries, dependency framing, tree placement, selection routing, rendering behavior and cross-view consistency are materially stable.", "No downstream category, dependency claim or promotion claim may be treated as configuration-ready if Project Scope Canonical still depends on ambiguous routing or unstable identity.", "Configuration completion for Project Scope Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const observableEvidenceBuckets = [ { title: "Definition and evidence role", items: [ "Project Scope Canonical observable evidence defines the materially inspectable signals that prove the scope-framing artifact exists, is correctly registered, is routed to the correct payload and is being rendered from the correct document identity.", "Observable evidence here is not conceptual confidence. It is concrete evidence that can be inspected in file registration, UI selection behavior, mode switching, route stability and rendered scope output.", "Its role is to prove that the project boundary artifact is not only declared in architecture, but materially reachable and operationally projected in the Documentation Hub.", "If a condition cannot be observed, it cannot be claimed as valid evidence for Project Scope Canonical." ] }, { title: "Document existence evidence", items: [ "Project Scope Canonical must exist as a real registered document in the documentation system.", "Its document id must be observable as project_scope.", "Its label, path, phase and layer identity must be materially present in the registered document set.", "Evidence fails if the scope artifact is referenced in logic but not materially registered as a document." ] }, { title: "Hub registration evidence", items: [ "Project Scope Canonical must be observable inside hub_index.json under overview_scope.", "Its placement in the category docs list must be materially visible.", "Its registration must be stable enough to survive reload and re-render.", "Evidence fails if the scope artifact is only implied by code and not present in hub registration." ] }, { title: "Tree visibility evidence", items: [ "Project Scope Canonical must appear in the left architecture tree under Overview & Scope.", "Its label must be visibly selectable from the UI.", "A user click on Project Scope Canonical must be observable as a stable document selection event.", "Evidence fails if the tree shows the label but selection resolves to another artifact." ] }, { title: "Render-path evidence", items: [ "Architecture mode must visibly render Project Scope Canonical-specific cards and text rather than inherited content from Master Architecture Index, Panel Manifest or another overview_scope document.", "Contract mode must visibly describe the same Project Scope Canonical artifact.", "Source mode must visibly expose the real underlying source for Project Scope Canonical.", "Evidence fails if any mode shows fallback content, wrong payload or cross-document contamination." ] }, { title: "Identity consistency evidence", items: [ "The same Project Scope Canonical identity must be observable across architecture, contract and source views.", "The selected document must not silently switch to Master Architecture Index, Panel Manifest or another sibling artifact.", "Route stability must remain observable during mode changes and reselection.", "Evidence fails if the UI presents one label while the payload belongs to another document." ] }, { title: "Scope-boundary evidence", items: [ "The rendered scope cards must visibly state what the project includes.", "The rendered scope cards must visibly state what the project excludes.", "The rendered scope cards must visibly state why the project exists and what downstream legitimacy depends on bounded scope.", "Evidence fails if project framing still depends on implied context rather than visible scope boundaries." ] }, { title: "Content integrity evidence", items: [ "The visible text under Project Scope Canonical must correspond to Project Scope Canonical context and not to another category or document.", "Overview, Prerequisites, Installation, Configuration, Validation and downstream cards must remain context-consistent with project framing behavior.", "Observable evidence must show that rendered text changes when Project Scope Canonical-specific content is updated in code.", "Evidence fails if the UI continues to show stale or inherited content after document-specific updates." ] }, { title: "Operational evidence of scope legitimacy", items: [ "Project Scope Canonical must be observably usable as the framing artifact for in-scope versus out-of-scope judgment.", "Its presence must support deterministic project-boundary reading for downstream categories and phases.", "The scope artifact must remain observably stable under reload, reselection and mode switching.", "Evidence fails if scope legitimacy depends on hidden cache, ambiguous routing or lucky UI state." ] }, { title: "Observable evidence exit rule", items: [ "Observable evidence for Project Scope Canonical is complete only when document existence, hub registration, tree visibility, payload identity, scope-boundary visibility, render-path integrity and cross-view consistency are all materially inspectable.", "No downstream category, dependency claim or promotion claim may be treated as trustworthy if Project Scope Canonical evidence is still indirect, inferred or fallback-driven.", "Observable evidence completion for Project Scope Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const completionPromotionBuckets = [ { title: "Definition and promotion role", items: [ "Project Scope Canonical completion and promotion define when the project-framing artifact can be treated as structurally complete and trusted enough to unlock downstream categories, dependency judgments and promotion decisions.", "Completion here does not mean the document merely exists. It means project framing is materially present, identity-stable, canonically bound, boundary-explicit and operationally consumable.", "Promotion here means the scope artifact is trusted enough to serve as the reference for in-scope versus out-of-scope judgment across downstream documentation and panel-facing projection.", "A promoted Project Scope Canonical must already function as the stable project-boundary authority under Overview & Scope." ] }, { title: "Completion criteria", items: [ "Project Scope Canonical must be registered as a real document under overview_scope.", "Its tree placement, selection behavior and render path must be materially stable.", "Its architecture, contract and source modes must remain aligned to the same document identity.", "Its content must be context-correct and free from inherited payload contamination.", "Its role as project-framing authority must remain subordinate to master_architecture_index sovereignty." ] }, { title: "Boundary completion criteria", items: [ "The document must materially define what the project includes.", "The document must materially define what the project excludes.", "The document must materially define why the project exists and what domains and workstreams belong to it.", "The document must materially support downstream relevance judgment and scope-based legitimacy.", "No major project-boundary decision may remain dependent on scattered interpretation once completion is claimed." ] }, { title: "Promotion gates", items: [ "No promotion is valid if Project Scope Canonical still depends on fallback-driven architecture rendering.", "No promotion is valid if UI selection can still resolve to the wrong payload.", "No promotion is valid if project inclusion and exclusion boundaries remain ambiguous.", "No promotion is valid if cross-view identity remains unverified.", "Promotion is valid only when scope identity, framing integrity and evidence integrity are all materially confirmed." ] }, { title: "Downstream unlocks", items: [ "A complete Project Scope Canonical unlocks trustworthy in-scope versus out-of-scope evaluation for downstream categories.", "It unlocks safer dependency relevance judgment for downstream phases and artifacts.", "It unlocks consistent project framing across Documentation Hub and Operator Panel surfaces.", "It unlocks more reliable promotion decisions because downstream materialization can now be tested against an explicit project boundary." ] }, { title: "Non-promotable states", items: [ "A scope artifact that is selectable but not identity-stable is not promotable.", "A scope artifact that renders through the wrong payload is not promotable.", "A scope artifact that looks coherent but still leaves project boundaries ambiguous is not promotable.", "A scope artifact that loses canonical framing linkage is not promotable.", "A scope artifact that cannot keep architecture, contract and source views aligned is not promotable." ] }, { title: "Promotion evidence requirements", items: [ "Promotion must be supported by observable UI behavior, stable routing and correct rendered scope content.", "Promotion must be backed by hub registration, tree visibility, boundary clarity and cross-view identity consistency.", "Promotion must be proven from the served surface and not from assumed code intent.", "Every completion or promotion claim must be evidenced by what the system actually resolves, renders and keeps stable." ] }, { title: "Completion and promotion exit rule", items: [ "Project Scope Canonical completion and promotion are complete only when the scope artifact is materially present, canonically bound, tree-stable, payload-correct, boundary-explicit and trustworthy across architecture, contract and source views.", "No downstream category, dependency claim or promotion decision may be treated as reliable if Project Scope Canonical still operates under ambiguous routing, fallback behavior, unstable identity or incomplete scope framing.", "Completion and promotion for Project Scope Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const leftHtml = [ renderStructuredCard("Prerequisites", prerequisitesBuckets), renderStructuredCard("Configuration", configurationBuckets), renderStructuredCard("Observable Evidence", observableEvidenceBuckets), renderStructuredCard("Completion & Promotion", completionPromotionBuckets) ].join(""); const installationBuckets = [ { title: "Definition and installation role", items: [ "Project Scope Canonical installation defines the material conditions required for the scope-framing artifact to exist as a real, registered and consumable project-boundary document inside Overview & Scope.", "Installation here does not mean generic host setup. It means installing the canonical scope artifact into the documentation system so project framing becomes materially present, selectable and readable.", "Its installation role is to establish a stable scope authority surface that downstream categories, Documentation Hub and Operator Panel can consume without ambiguity.", "A valid installation makes project framing observable as a real document and not as scattered interpretation." ] }, { title: "Document materialization requirements", items: [ "Project Scope Canonical must exist as a real document registered under overview_scope.", "Its document id, label, path, phase and layer identity must be materially installed in the document set.", "The document must be readable through the Documentation Hub and discoverable from the architecture tree.", "The scope artifact must be installed as the project-boundary authority and not as detached descriptive text." ] }, { title: "Canonical binding installation", items: [ "master_architecture_index must already exist as sovereign architectural root before Project Scope Canonical installation can be treated as valid.", "Project Scope Canonical must be installed as subordinate framing authority, not as sovereign architecture.", "Its installation must preserve explicit linkage to overview framing, project identity and downstream dependency legitimacy.", "The scope artifact must inherit meaning from the canonical architecture root and must never redefine architecture locally." ] }, { title: "Hub and tree installation", items: [ "Project Scope Canonical must be registered inside hub_index.json under overview_scope.", "It must appear in the left architecture tree with correct label, type and placement.", "Its selection path must resolve to the correct scope artifact when clicked in the UI.", "Its architecture, contract and source routes must remain bound to the same registered scope identity." ] }, { title: "Project-framing installation", items: [ "The installed scope artifact must explicitly support project inclusion boundaries.", "The installed scope artifact must explicitly support project exclusion boundaries.", "The installed scope artifact must support project purpose framing and downstream relevance judgment.", "The installation is incomplete if project boundary meaning still depends on scattered files or UI-local interpretation." ] }, { title: "Rendering installation", items: [ "Project Scope Canonical must render through the same structured category scaffold used for category-level architecture views.", "Its installed cards must remain readable and context-correct in architecture mode.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its installation is invalid if the selected scope artifact renders another document payload." ] }, { title: "Source and contract installation", items: [ "Source view must expose the real underlying source for Project Scope Canonical.", "Contract view must describe the same registered scope artifact seen in architecture mode.", "Architecture, contract and source routes must remain installation-consistent.", "Installation is invalid if those routes diverge in identity, meaning or underlying artifact." ] }, { title: "Dependency installation gates", items: [ "Architectural sovereignty must exist before scope installation can be trusted.", "Hub registration must exist before UI selection can be trusted.", "Scope identity stability must exist before downstream scope-based dependency claims can be trusted.", "Project framing must be installed before downstream categories can be judged as in-scope or out-of-scope." ] }, { title: "Failure-sensitive installation conditions", items: [ "If the scope artifact exists in code but is not reachable in the tree, installation is incomplete.", "If the scope artifact is reachable in the tree but resolves to the wrong payload, installation is invalid.", "If the scope artifact renders only through fallback summary, installation is incomplete.", "If the scope artifact loses canonical linkage while still appearing selectable, installation is invalid." ] }, { title: "Installation exit rule", items: [ "Project Scope Canonical installation is complete only when the document is materially present, canonically bound, tree-selectable, architecturally renderable and identity-stable across architecture, contract and source views.", "No downstream category, dependency claim or promotion claim may be treated as installation-ready if Project Scope Canonical still operates through ambiguous routing or fallback-driven projection.", "Installation completion for Project Scope Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const validationBuckets = [ { title: "Definition and validation role", items: [ "Project Scope Canonical validation defines the evidence-based checks required to confirm that the scope artifact is structurally correct, canonically bound and trustworthy as the formal project-framing authority.", "Validation here does not judge wording preference. It verifies scope identity, boundary clarity, canonical linkage, route integrity and cross-view consistency.", "Its role is to prove that the selected Project Scope Canonical is the real registered scope artifact and not a fallback, alias, inherited payload or ambiguous framing substitute.", "A valid Project Scope Canonical must remain verifiable across architecture, contract and source views." ] }, { title: "Identity validation", items: [ "The document selected in the tree must resolve to project_scope and not to another overview_scope artifact.", "Its document id, label, path, phase and layer must remain stable during selection and rendering.", "The same artifact must be observed across architecture view, contract view and source view.", "Validation fails if the UI selection path resolves to a mismatched document identity." ] }, { title: "Canonical linkage validation", items: [ "Project Scope Canonical must remain subordinate to master_architecture_index sovereignty.", "Its role as the project-framing authority artifact must remain explicit.", "Its linkage to project identity, project purpose and deployment order framing must remain materially traceable.", "Validation fails if the scope artifact appears structurally detached from the canonical overview roots." ] }, { title: "Scope-boundary validation", items: [ "Project inclusion boundaries must be explicitly visible and non-ambiguous.", "Project exclusion boundaries must be explicitly visible and non-ambiguous.", "The document must make it materially clear what belongs inside the project and what remains outside it.", "Validation fails if project framing still depends on implied context, scattered files or interpretive reading." ] }, { title: "Dependency validation", items: [ "The scope artifact must visibly support downstream relevance judgment.", "It must be materially clear what downstream phases, categories or work domains become legitimate only after scope is bounded.", "No dependency relevance claim may depend on vague mission framing alone.", "Validation fails if downstream inclusion logic cannot be traced back to explicit project scope." ] }, { title: "Render-path validation", items: [ "Architecture mode must render the custom Project Scope Canonical architecture payload, not an inherited structured payload from another overview_scope document.", "Contract mode must describe the same registered Project Scope Canonical artifact.", "Source mode must expose the real underlying source of Project Scope Canonical.", "Validation fails if any mode falls back to the wrong document or if architecture mode depends on the wrong sourceMeta branch." ] }, { title: "Tree and selection validation", items: [ "Project Scope Canonical must appear in the correct category position inside the architecture tree.", "A click on Project Scope Canonical must keep the selected document stable across re-render.", "Mode switching must not silently redirect the user to Master Architecture Index, Panel Manifest or another sibling document.", "Validation fails if tree selection is visually correct but operationally resolves to another payload." ] }, { title: "Content integrity validation", items: [ "The architecture cards shown under Project Scope Canonical must correspond to Project Scope Canonical content and not inherited text from another document.", "Overview, Prerequisites, Installation, Configuration and downstream cards must remain context-consistent with project framing behavior.", "The scope artifact must not render stale content cached from a previous selection.", "Validation fails if the visible text belongs to another document context." ] }, { title: "Evidence requirements", items: [ "Validation must be grounded in observable UI behavior, observable document routing and observable scope framing output.", "Validation must be supported by file existence, tree registration, route stability, boundary visibility and mode consistency.", "No validation claim may be based on inference, expectation or visual guess alone.", "Every PASS condition must be backed by real evidence from the served surface or underlying registered artifact." ] }, { title: "Validation exit rule", items: [ "Project Scope Canonical validation is complete only when identity, linkage, boundary clarity, dependency framing, tree routing, render path, source exposure and cross-view consistency are all materially confirmed.", "No downstream category, dependency claim or promotion claim may be treated as trustworthy if Project Scope Canonical validation still depends on ambiguous selection, unverified scope boundaries or unstable routing.", "Validation completion for Project Scope Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const failureModesBuckets = [ { title: "Definition and recovery role", items: [ "Project Scope Canonical failure modes and recovery define the invalid states that break the scope artifact as a trustworthy project-framing authority and the recovery actions required to restore boundary legitimacy.", "Failure here is not limited to missing file or broken render. It includes ambiguous scope boundaries, identity drift, wrong payload routing, inherited content contamination and loss of canonical framing role.", "Recovery exists to restore Project Scope Canonical as the real project-boundary artifact that downstream categories, Documentation Hub and Operator Panel can trust.", "A recovered state is valid only when scope identity, boundary clarity, canonical linkage and rendered content integrity are materially restored." ] }, { title: "Identity failure modes", items: [ "Project Scope Canonical may appear selected in the tree while another overview_scope payload is actually rendered.", "The scope artifact may resolve with wrong document id, wrong path or wrong architectural role.", "A stale UI state may preserve the correct label while operationally switching to a sibling artifact.", "Recovery requires proving the rendered payload is again bound to project_scope and not to master_architecture_index, panel_manifest or any other overview_scope document." ] }, { title: "Boundary failure modes", items: [ "Declared project inclusion and exclusion boundaries may become incomplete, ambiguous or contradictory.", "The scope artifact may fail to state what belongs inside the project, what remains outside it and what downstream work depends on bounded scope.", "A partially framed scope may still look coherent in UI while remaining operationally invalid as a project-boundary artifact.", "Recovery requires restoring explicit and non-ambiguous scope boundaries." ] }, { title: "Canonical linkage failure modes", items: [ "Project Scope Canonical may lose its subordinate linkage to master_architecture_index and begin to behave as if it were sovereign architecture.", "The scope artifact may drift away from deployment order, overview framing or downstream relevance logic.", "The document may remain visible while no longer functioning as the canonical project-boundary registry.", "Recovery requires re-establishing sovereign/support hierarchy and re-binding Project Scope Canonical to the overview roots." ] }, { title: "Tree and selection failure modes", items: [ "The tree may show Project Scope Canonical in the right place while click resolution points to another document.", "Mode switching may silently redirect the user away from the scope artifact.", "Reload or reselection may destabilize the active scope identity.", "Recovery requires restoring deterministic selection so tree label, selected doc and rendered payload converge again." ] }, { title: "Cross-view failure modes", items: [ "Architecture, contract and source views may diverge in identity or meaning.", "Contract view may describe one scope artifact while architecture renders another payload.", "Source mode may expose a different backing artifact than the one used in architecture mode.", "Recovery requires re-aligning all views to the same registered Project Scope Canonical artifact." ] }, { title: "Content contamination failure modes", items: [ "Project Scope Canonical may display inherited content from another overview_scope document after reload, reselection or mode change.", "Cached or previously loaded content may survive and contaminate the visible scope cards.", "Scope-specific cards may preserve structure but lose content-origin integrity.", "Recovery requires flushing the contaminated render path and confirming that visible text now belongs only to Project Scope Canonical." ] }, { title: "Recovery actions", items: [ "Re-select Project Scope Canonical from the tree and confirm the selected document remains stable across architecture, contract and source modes.", "Verify that hub registration, tree identity and rendered payload all still point to project_scope.", "Re-check that inclusion boundaries, exclusion boundaries and downstream relevance framing are again visible in the rendered cards.", "Treat any fallback-driven, cross-document or ambiguity-preserving state as invalid until evidence proves recovery is complete." ] }, { title: "Recovery evidence requirements", items: [ "Recovery is valid only when Project Scope Canonical is materially reachable, correctly selected and rendered from the correct payload.", "The recovered state must be observable in UI behavior and not merely assumed from code edits.", "The visible cards must show Project Scope Canonical-specific content after recovery.", "Architecture, contract and source modes must all confirm the same restored identity and scope framing." ] }, { title: "Failure modes and recovery exit rule", items: [ "Project Scope Canonical failure and recovery handling is complete only when invalid routing, scope ambiguity, identity drift, fallback behavior and cross-view divergence states are all detectable and recoverable through evidence-based actions.", "No downstream category, dependency claim or promotion claim may be treated as trustworthy if Project Scope Canonical recovery still depends on unverified assumptions.", "Failure and recovery completion for Project Scope Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const rightHtml = [ renderStructuredCard("Installation", installationBuckets), renderStructuredCard("Validation", validationBuckets), renderStructuredCard("Failure Modes & Recovery", failureModesBuckets) ].join(""); return { kind: "html", content: overviewHtml + `
${leftHtml}
${rightHtml}
` }; } ================================================================================ DOC: deployment_order | Deployment Order Canonical ================================================================================ if (doc.id === "deployment_order" && state.categoryId === "overview_scope") { const renderPendingCard = (title) => ` `; const renderBucketCard = (bucket) => `
${escapeHtml(bucket.title)}
${ bucket.items.length ? `` : `
No items declared.
` }
`; const renderStructuredCard = (title, buckets) => `
${buckets.map(renderBucketCard).join("")}
`; const overviewHtml = `

Overview

${escapeHtml("Deployment Order Canonical defines the formal execution sequence that governs how Devon must be materialized from upstream foundations to downstream runtime, projection and operational surfaces. It exists to remove ambiguity about what must come first, what depends on what, which layers unlock the next layer and when a downstream artifact becomes legitimate to install, configure, validate or promote. It is not sovereign architecture; it is the canonical ordering authority subordinate to master_architecture_index and tightly coupled to project scope. Once valid, it becomes the sequencing reference that Documentation Hub, Operator Panel and downstream categories must use to judge readiness, dependency fit, rollout order and promotion legitimacy across the Devon system.")}

`; const prerequisitesBuckets = [ { title: "Definition and canonical role", items: [ "Deployment Order Canonical prerequisites define the minimum conditions that must exist before execution sequencing can be treated as formally valid, materially bounded and safe to use as rollout authority.", "The role of prerequisites here is to establish the ordering artifact that answers what must come first, what depends on what, what unlocks the next layer and which downstream actions are illegitimate if attempted too early.", "Deployment Order Canonical is not sovereign architecture. It is the canonical ordering authority under Overview & Scope, subordinate to master_architecture_index and tightly coupled to project scope.", "Without valid prerequisites, every downstream installation, configuration, validation and promotion decision risks executing in the wrong order." ] }, { title: "Fundamental principle", items: [ "Execution order must be explicit, dependency-aware and authority-linked before downstream rollout can be treated as legitimate.", "Order cannot be inferred from UI behavior, implementation convenience or scattered operational habits.", "If sequencing is not materially declared, it is not valid deployment order.", "If order exists but conflicts with architectural dependency logic, it is invalid.", "If ordering gates are incomplete or ambiguous, downstream readiness claims are invalid." ] }, { title: "Architectural sequencing prerequisites", items: [ "master_architecture_index must already exist as sovereign architectural root.", "Project Scope Canonical must already exist to define what the project actually includes before rollout order can be judged.", "Deployment Order Canonical must be positioned as the sequencing authority inside Phase 01 overview_scope.", "Its role must remain subordinate to sovereign architecture while authoritative for rollout order and dependency progression.", "Category structure and major dependency groupings must already exist enough to contextualize execution order." ] }, { title: "Dependency prerequisites", items: [ "The document must explicitly define what upstream layers must exist before downstream layers can begin.", "The document must explicitly define which foundations unlock architecture, delivery, runtime, trust, memory and monitoring progression.", "The document must explicitly define when a downstream artifact is premature, blocked or illegitimate.", "The document must explicitly define ordering gates between setup, projection, runtime publication and UI trust surfaces." ] }, { title: "Authority prerequisites", items: [ "Deployment Order Canonical must have clear authority ownership as the sequencing artifact.", "Its authority must not be mixed with sovereign architecture, runtime status or UI-local behavior.", "The document must state what other artifacts it depends on and what downstream materialization depends on valid order.", "Execution sequencing must remain canonically readable by Documentation Hub and Panel without reinterpretation." ] }, { title: "Legitimacy prerequisites", items: [ "No downstream category may be treated as rollout-legitimate if its position in the sequence is not explicitly declared.", "No phase may be treated as ready if upstream ordering gates remain unresolved.", "No panel-facing or runtime-facing promotion should outrun declared deployment order.", "Deployment order must exist before downstream architecture can be treated as operationally actionable rather than merely documented." ] }, { title: "Document integrity prerequisites", items: [ "Deployment Order Canonical must exist as a real registered document in overview_scope.", "Its document id, label, path, phase and layer must remain stable.", "Its tree presence must resolve to the correct ordering artifact.", "Architecture, contract and source routes must remain aligned to the same Deployment Order Canonical identity." ] }, { title: "Failure-prevention prerequisites", items: [ "The system must not rely on implicit rollout knowledge spread across multiple documents or chats.", "Execution order must not depend on operator memory or UI-local assumptions.", "The order artifact must not collapse into vague phase labeling without hard dependency meaning.", "The ordering model must not drift from the canonical overview structure." ] }, { title: "Expected result", items: [ "When prerequisites are valid, Deployment Order Canonical becomes a trustworthy sequencing artifact for the whole project.", "Downstream phases can be assessed against explicit rollout gates and dependency progression.", "Documentation Hub and Panel can project rollout order without inventing sequencing logic.", "Architecture, delivery, runtime and UI layers can be judged for readiness against a declared canonical order." ] }, { title: "Prerequisites exit rule", items: [ "Deployment Order Canonical prerequisites are complete only when sequencing identity, dependency progression, upstream gating, authority ownership and downstream legitimacy conditions are materially explicit.", "No downstream category, rollout action or promotion claim may be treated as order-legitimate if execution sequencing is still ambiguous.", "Prerequisite completion for Deployment Order Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const configurationBuckets = [ { title: "Definition and configuration role", items: [ "Deployment Order Canonical configuration defines how the sequencing artifact must be structurally arranged so execution order remains explicit, stable and consumable across Documentation Hub, Operator Panel and downstream categories.", "Configuration here means canonical arrangement, dependency ordering logic, authority binding and cross-view consistency, not cosmetic UI preference.", "Its role is to keep Deployment Order Canonical stable as the formal sequencing surface for rollout gates, upstream-before-downstream progression and promotion legitimacy.", "A configured Deployment Order Canonical must remain structurally predictable across architecture, contract and source views." ] }, { title: "Document identity configuration", items: [ "Deployment Order Canonical must keep a fixed document id, label, path, phase and layer identity.", "Its registration under overview_scope must remain stable in hub_index.json.", "Its document type must remain coherent with its role as the ordering authority artifact.", "Configuration is invalid if the same sequencing artifact resolves under conflicting identities across the UI." ] }, { title: "Canonical binding configuration", items: [ "The ordering artifact must remain subordinate to master_architecture_index sovereignty.", "Its configuration must preserve explicit linkage to project scope, project framing and upstream dependency logic.", "Its authority must remain limited to execution ordering and must not redefine sovereign architecture.", "Sovereign/support separation must remain visible in how Deployment Order Canonical is described and consumed." ] }, { title: "Sequencing configuration", items: [ "Upstream-before-downstream execution gates must be explicitly configured rather than implied.", "Dependency progression across architecture, delivery, runtime, trust, memory and monitoring surfaces must be structurally declared.", "The ordering artifact must explicitly define what unlocks the next layer and what remains blocked until prerequisites are met.", "Configuration is incomplete if rollout sequencing still depends on scattered notes, operator memory or interpretive UI behavior." ] }, { title: "Dependency configuration", items: [ "Deployment Order Canonical must be configured to state what downstream phases become legitimate only after upstream gates are satisfied.", "It must support readiness judgment based on declared sequence rather than convenience-based execution.", "It must provide enough structure for blocked, unlocked and premature rollout states.", "The dependency configuration must eliminate ambiguous execution-order claims." ] }, { title: "Tree and selection configuration", items: [ "Deployment Order Canonical must be configured to appear in the correct category and order inside the architecture tree.", "Its selection path must resolve deterministically when clicked from the left navigation.", "Its architecture, contract and source routes must all point to the same underlying document identity.", "Configuration is invalid if UI selection can drift into another overview_scope payload." ] }, { title: "Rendering configuration", items: [ "Deployment Order Canonical must be configured to render through the structured category scaffold in architecture mode.", "Its card layout must remain compatible with the same category model used across the documentation plane.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its configuration is invalid if the selected ordering artifact renders another document payload." ] }, { title: "Source and contract configuration", items: [ "Source view must expose the real underlying document for Deployment Order Canonical.", "Contract view must describe the same registered ordering artifact seen in architecture mode.", "Architecture, contract and source views must stay configuration-consistent.", "Any route divergence between those three views invalidates configuration integrity." ] }, { title: "Misconfiguration conditions", items: [ "If the ordering artifact appears in the tree but resolves to the wrong architecture payload, configuration is invalid.", "If the ordering artifact has a valid source but inconsistent contract projection, configuration is invalid.", "If the ordering artifact depends on fallback behavior to render architecture, configuration is incomplete.", "If the ordering artifact loses canonical linkage while remaining selectable in the UI, configuration is invalid." ] }, { title: "Configuration exit rule", items: [ "Deployment Order Canonical configuration is complete only when document identity, canonical binding, sequencing logic, dependency framing, tree placement, selection routing, rendering behavior and cross-view consistency are materially stable.", "No downstream rollout action, dependency claim or promotion claim may be treated as configuration-ready if Deployment Order Canonical still depends on ambiguous routing or unstable identity.", "Configuration completion for Deployment Order Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const observableEvidenceBuckets = [ { title: "Definition and evidence role", items: [ "Deployment Order Canonical observable evidence defines the materially inspectable signals that prove the sequencing artifact exists, is correctly registered, is routed to the correct payload and is being rendered from the correct document identity.", "Observable evidence here is not conceptual confidence. It is concrete evidence that can be inspected in file registration, UI selection behavior, mode switching, route stability and rendered sequencing output.", "Its role is to prove that the rollout-order artifact is not only declared in architecture, but materially reachable and operationally projected in the Documentation Hub.", "If a condition cannot be observed, it cannot be claimed as valid evidence for Deployment Order Canonical." ] }, { title: "Document existence evidence", items: [ "Deployment Order Canonical must exist as a real registered document in the documentation system.", "Its document id must be observable as deployment_order.", "Its label, path, phase and layer identity must be materially present in the registered document set.", "Evidence fails if the ordering artifact is referenced in logic but not materially registered as a document." ] }, { title: "Hub registration evidence", items: [ "Deployment Order Canonical must be observable inside hub_index.json under overview_scope.", "Its placement in the category docs list must be materially visible.", "Its registration must be stable enough to survive reload and re-render.", "Evidence fails if the ordering artifact is only implied by code and not present in hub registration." ] }, { title: "Tree visibility evidence", items: [ "Deployment Order Canonical must appear in the left architecture tree under Overview & Scope.", "Its label must be visibly selectable from the UI.", "A user click on Deployment Order Canonical must be observable as a stable document selection event.", "Evidence fails if the tree shows the label but selection resolves to another artifact." ] }, { title: "Render-path evidence", items: [ "Architecture mode must visibly render Deployment Order Canonical-specific cards and text rather than inherited content from Master Architecture Index, Project Scope Canonical, Panel Manifest or another overview_scope document.", "Contract mode must visibly describe the same Deployment Order Canonical artifact.", "Source mode must visibly expose the real underlying source for Deployment Order Canonical.", "Evidence fails if any mode shows fallback content, wrong payload or cross-document contamination." ] }, { title: "Identity consistency evidence", items: [ "The same Deployment Order Canonical identity must be observable across architecture, contract and source views.", "The selected document must not silently switch to Master Architecture Index, Project Scope Canonical, Panel Manifest or another sibling artifact.", "Route stability must remain observable during mode changes and reselection.", "Evidence fails if the UI presents one label while the payload belongs to another document." ] }, { title: "Sequencing evidence", items: [ "The rendered ordering cards must visibly state what comes first, what depends on what and what unlocks the next layer.", "The rendered ordering cards must visibly support upstream-before-downstream execution logic.", "The rendered ordering cards must visibly distinguish blocked, unlocked and premature rollout states.", "Evidence fails if execution sequencing still depends on implied context rather than visible order logic." ] }, { title: "Content integrity evidence", items: [ "The visible text under Deployment Order Canonical must correspond to sequencing context and not to another category or document.", "Overview, Prerequisites, Installation, Configuration, Validation and downstream cards must remain context-consistent with rollout-order behavior.", "Observable evidence must show that rendered text changes when Deployment Order Canonical-specific content is updated in code.", "Evidence fails if the UI continues to show stale or inherited content after document-specific updates." ] }, { title: "Operational evidence of sequencing legitimacy", items: [ "Deployment Order Canonical must be observably usable as the ordering artifact for rollout and dependency progression.", "Its presence must support deterministic readiness judgment for downstream categories and phases.", "The ordering artifact must remain observably stable under reload, reselection and mode switching.", "Evidence fails if rollout legitimacy depends on hidden cache, ambiguous routing or lucky UI state." ] }, { title: "Observable evidence exit rule", items: [ "Observable evidence for Deployment Order Canonical is complete only when document existence, hub registration, tree visibility, payload identity, sequencing visibility, render-path integrity and cross-view consistency are all materially inspectable.", "No downstream rollout action, dependency claim or promotion claim may be treated as trustworthy if Deployment Order Canonical evidence is still indirect, inferred or fallback-driven.", "Observable evidence completion for Deployment Order Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const completionPromotionBuckets = [ { title: "Definition and promotion role", items: [ "Deployment Order Canonical completion and promotion define when the sequencing artifact can be treated as structurally complete and trusted enough to unlock downstream rollout, dependency judgment and promotion decisions.", "Completion here does not mean the document merely exists. It means sequencing is materially present, identity-stable, canonically bound, dependency-explicit and operationally consumable.", "Promotion here means the ordering artifact is trusted enough to serve as the reference for what may start now, what must wait and what becomes legitimate only after upstream gates are satisfied.", "A promoted Deployment Order Canonical must already function as the stable rollout-order authority under Overview & Scope." ] }, { title: "Completion criteria", items: [ "Deployment Order Canonical must be registered as a real document under overview_scope.", "Its tree placement, selection behavior and render path must be materially stable.", "Its architecture, contract and source modes must remain aligned to the same document identity.", "Its content must be context-correct and free from inherited payload contamination.", "Its role as ordering authority must remain subordinate to master_architecture_index sovereignty." ] }, { title: "Sequencing completion criteria", items: [ "The document must materially define what comes first in the rollout sequence.", "The document must materially define what depends on what.", "The document must materially define what unlocks the next layer and what remains blocked until prerequisites are met.", "The document must materially support upstream-before-downstream progression across major project layers.", "No major rollout decision may remain dependent on scattered interpretation once completion is claimed." ] }, { title: "Promotion gates", items: [ "No promotion is valid if Deployment Order Canonical still depends on fallback-driven architecture rendering.", "No promotion is valid if UI selection can still resolve to the wrong payload.", "No promotion is valid if dependency progression and sequencing gates remain ambiguous.", "No promotion is valid if cross-view identity remains unverified.", "Promotion is valid only when sequencing identity, rollout integrity and evidence integrity are all materially confirmed." ] }, { title: "Downstream unlocks", items: [ "A complete Deployment Order Canonical unlocks trustworthy readiness judgment for downstream categories and phases.", "It unlocks safer rollout gating for installation, configuration, validation and promotion decisions.", "It unlocks consistent sequencing projection across Documentation Hub and Operator Panel surfaces.", "It unlocks more reliable promotion decisions because downstream materialization can now be tested against an explicit canonical order." ] }, { title: "Non-promotable states", items: [ "An ordering artifact that is selectable but not identity-stable is not promotable.", "An ordering artifact that renders through the wrong payload is not promotable.", "An ordering artifact that looks coherent but still leaves sequencing ambiguous is not promotable.", "An ordering artifact that loses canonical linkage is not promotable.", "An ordering artifact that cannot keep architecture, contract and source views aligned is not promotable." ] }, { title: "Promotion evidence requirements", items: [ "Promotion must be supported by observable UI behavior, stable routing and correct rendered sequencing content.", "Promotion must be backed by hub registration, tree visibility, dependency-order clarity and cross-view identity consistency.", "Promotion must be proven from the served surface and not from assumed code intent.", "Every completion or promotion claim must be evidenced by what the system actually resolves, renders and keeps stable." ] }, { title: "Completion and promotion exit rule", items: [ "Deployment Order Canonical completion and promotion are complete only when the ordering artifact is materially present, canonically bound, tree-stable, payload-correct, dependency-explicit and trustworthy across architecture, contract and source views.", "No downstream rollout action, dependency claim or promotion decision may be treated as reliable if Deployment Order Canonical still operates under ambiguous routing, fallback behavior, unstable identity or incomplete sequencing logic.", "Completion and promotion for Deployment Order Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const leftHtml = [ renderStructuredCard("Prerequisites", prerequisitesBuckets), renderStructuredCard("Configuration", configurationBuckets), renderStructuredCard("Observable Evidence", observableEvidenceBuckets), renderStructuredCard("Completion & Promotion", completionPromotionBuckets) ].join(""); const installationBuckets = [ { title: "Definition and installation role", items: [ "Deployment Order Canonical installation defines the material conditions required for the sequencing artifact to exist as a real, registered and consumable rollout-order authority inside Overview & Scope.", "Installation here does not mean generic host setup. It means installing the canonical ordering artifact into the documentation system so execution sequence becomes materially present, selectable and readable.", "Its installation role is to establish a stable order-of-execution surface that downstream categories, Documentation Hub and Operator Panel can consume without ambiguity.", "A valid installation makes deployment sequencing observable as a real document and not as scattered procedural habit." ] }, { title: "Document materialization requirements", items: [ "Deployment Order Canonical must exist as a real document registered under overview_scope.", "Its document id, label, path, phase and layer identity must be materially installed in the document set.", "The document must be readable through the Documentation Hub and discoverable from the architecture tree.", "The ordering artifact must be installed as the execution-sequencing authority and not as detached descriptive text." ] }, { title: "Canonical binding installation", items: [ "master_architecture_index must already exist as sovereign architectural root before Deployment Order Canonical installation can be treated as valid.", "Project Scope Canonical must already exist before rollout order can be trusted as project-relevant rather than abstract sequencing.", "Deployment Order Canonical must be installed as subordinate ordering authority, not as sovereign architecture.", "The ordering artifact must inherit meaning from the canonical architecture root and project framing, and must never redefine architecture locally." ] }, { title: "Hub and tree installation", items: [ "Deployment Order Canonical must be registered inside hub_index.json under overview_scope.", "It must appear in the left architecture tree with correct label, type and placement.", "Its selection path must resolve to the correct ordering artifact when clicked in the UI.", "Its architecture, contract and source routes must remain bound to the same registered sequencing identity." ] }, { title: "Sequencing installation", items: [ "The installed ordering artifact must explicitly support upstream-before-downstream execution gates.", "The installed ordering artifact must explicitly support dependency progression across architecture, delivery, runtime, trust, memory and monitoring surfaces.", "The installed ordering artifact must support downstream readiness judgment based on declared sequence rather than operator habit.", "Installation is incomplete if execution order still depends on scattered notes, implicit knowledge or UI-local assumptions." ] }, { title: "Rendering installation", items: [ "Deployment Order Canonical must render through the same structured category scaffold used for category-level architecture views.", "Its installed cards must remain readable and context-correct in architecture mode.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its installation is invalid if the selected ordering artifact renders another document payload." ] }, { title: "Source and contract installation", items: [ "Source view must expose the real underlying source for Deployment Order Canonical.", "Contract view must describe the same registered ordering artifact seen in architecture mode.", "Architecture, contract and source routes must remain installation-consistent.", "Installation is invalid if those routes diverge in identity, meaning or underlying artifact." ] }, { title: "Dependency installation gates", items: [ "Architectural sovereignty must exist before sequencing installation can be trusted.", "Project framing must exist before rollout order can be judged as project-legitimate.", "Hub registration must exist before UI selection can be trusted.", "Sequencing identity stability must exist before downstream rollout, validation or promotion claims can be trusted." ] }, { title: "Failure-sensitive installation conditions", items: [ "If the ordering artifact exists in code but is not reachable in the tree, installation is incomplete.", "If the ordering artifact is reachable in the tree but resolves to the wrong payload, installation is invalid.", "If the ordering artifact renders only through fallback summary, installation is incomplete.", "If the ordering artifact loses canonical linkage while still appearing selectable, installation is invalid." ] }, { title: "Installation exit rule", items: [ "Deployment Order Canonical installation is complete only when the document is materially present, canonically bound, tree-selectable, architecturally renderable and identity-stable across architecture, contract and source views.", "No downstream rollout action, dependency claim or promotion claim may be treated as installation-ready if Deployment Order Canonical still operates through ambiguous routing or fallback-driven projection.", "Installation completion for Deployment Order Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const validationBuckets = [ { title: "Definition and validation role", items: [ "Deployment Order Canonical validation defines the evidence-based checks required to confirm that the sequencing artifact is structurally correct, canonically bound and trustworthy as the formal rollout-order authority.", "Validation here does not judge wording preference. It verifies sequencing identity, dependency order clarity, canonical linkage, route integrity and cross-view consistency.", "Its role is to prove that the selected Deployment Order Canonical is the real registered ordering artifact and not a fallback, alias, inherited payload or ambiguous sequencing substitute.", "A valid Deployment Order Canonical must remain verifiable across architecture, contract and source views." ] }, { title: "Identity validation", items: [ "The document selected in the tree must resolve to deployment_order and not to another overview_scope artifact.", "Its document id, label, path, phase and layer must remain stable during selection and rendering.", "The same artifact must be observed across architecture view, contract view and source view.", "Validation fails if the UI selection path resolves to a mismatched document identity." ] }, { title: "Canonical linkage validation", items: [ "Deployment Order Canonical must remain subordinate to master_architecture_index sovereignty.", "Its role as the rollout-order authority artifact must remain explicit.", "Its linkage to project scope, project framing and upstream dependency logic must remain materially traceable.", "Validation fails if the ordering artifact appears structurally detached from the canonical overview roots." ] }, { title: "Sequencing validation", items: [ "Upstream-before-downstream execution gates must be explicitly visible and non-ambiguous.", "Dependency progression across architecture, delivery, runtime, trust, memory and monitoring surfaces must be materially clear.", "The document must make it observable what unlocks the next layer and what remains blocked until prerequisites are met.", "Validation fails if sequencing still depends on implied context, scattered notes or operator habit." ] }, { title: "Dependency validation", items: [ "The ordering artifact must visibly support downstream readiness judgment.", "It must be materially clear which downstream phases, categories or rollout actions become legitimate only after upstream gates are satisfied.", "No execution-order claim may depend on vague phase labeling alone.", "Validation fails if rollout legitimacy cannot be traced back to explicit sequence logic." ] }, { title: "Render-path validation", items: [ "Architecture mode must render the custom Deployment Order Canonical architecture payload, not an inherited structured payload from another overview_scope document.", "Contract mode must describe the same registered Deployment Order Canonical artifact.", "Source mode must expose the real underlying source of Deployment Order Canonical.", "Validation fails if any mode falls back to the wrong document or if architecture mode depends on the wrong sourceMeta branch." ] }, { title: "Tree and selection validation", items: [ "Deployment Order Canonical must appear in the correct category position inside the architecture tree.", "A click on Deployment Order Canonical must keep the selected document stable across re-render.", "Mode switching must not silently redirect the user to Master Architecture Index, Project Scope Canonical, Panel Manifest or another sibling document.", "Validation fails if tree selection is visually correct but operationally resolves to another payload." ] }, { title: "Content integrity validation", items: [ "The architecture cards shown under Deployment Order Canonical must correspond to Deployment Order Canonical content and not inherited text from another document.", "Overview, Prerequisites, Installation, Configuration and downstream cards must remain context-consistent with sequencing behavior.", "The ordering artifact must not render stale content cached from a previous selection.", "Validation fails if the visible text belongs to another document context." ] }, { title: "Evidence requirements", items: [ "Validation must be grounded in observable UI behavior, observable document routing and observable sequencing output.", "Validation must be supported by file existence, tree registration, route stability, dependency-order visibility and mode consistency.", "No validation claim may be based on inference, expectation or visual guess alone.", "Every PASS condition must be backed by real evidence from the served surface or underlying registered artifact." ] }, { title: "Validation exit rule", items: [ "Deployment Order Canonical validation is complete only when identity, linkage, sequencing clarity, dependency progression, tree routing, render path, source exposure and cross-view consistency are all materially confirmed.", "No downstream rollout action, dependency claim or promotion claim may be treated as trustworthy if Deployment Order Canonical validation still depends on ambiguous selection, unverified sequencing or unstable routing.", "Validation completion for Deployment Order Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const failureModesBuckets = [ { title: "Definition and recovery role", items: [ "Deployment Order Canonical failure modes and recovery define the invalid states that break the sequencing artifact as a trustworthy rollout-order authority and the recovery actions required to restore execution-order legitimacy.", "Failure here is not limited to missing file or broken render. It includes ambiguous sequencing, wrong dependency progression, identity drift, wrong payload routing, inherited content contamination and loss of canonical ordering role.", "Recovery exists to restore Deployment Order Canonical as the real ordering artifact that downstream categories, Documentation Hub and Operator Panel can trust for rollout progression.", "A recovered state is valid only when sequencing identity, dependency order clarity, canonical linkage and rendered content integrity are materially restored." ] }, { title: "Identity failure modes", items: [ "Deployment Order Canonical may appear selected in the tree while another overview_scope payload is actually rendered.", "The ordering artifact may resolve with wrong document id, wrong path or wrong architectural role.", "A stale UI state may preserve the correct label while operationally switching to a sibling artifact.", "Recovery requires proving the rendered payload is again bound to deployment_order and not to master_architecture_index, project_scope, panel_manifest or any other overview_scope document." ] }, { title: "Sequencing failure modes", items: [ "Declared upstream-before-downstream order may become incomplete, ambiguous or contradictory.", "The ordering artifact may fail to state what must come first, what depends on what and what unlocks the next layer.", "A partially framed sequence may still look coherent in UI while remaining operationally invalid as rollout authority.", "Recovery requires restoring explicit and non-ambiguous execution order." ] }, { title: "Canonical linkage failure modes", items: [ "Deployment Order Canonical may lose its subordinate linkage to master_architecture_index and begin to behave as if it were sovereign architecture.", "The ordering artifact may drift away from project scope, overview framing or dependency gating logic.", "The document may remain visible while no longer functioning as the canonical rollout-order registry.", "Recovery requires re-establishing sovereign/support hierarchy and re-binding Deployment Order Canonical to the overview roots." ] }, { title: "Tree and selection failure modes", items: [ "The tree may show Deployment Order Canonical in the right place while click resolution points to another document.", "Mode switching may silently redirect the user away from the ordering artifact.", "Reload or reselection may destabilize the active ordering identity.", "Recovery requires restoring deterministic selection so tree label, selected doc and rendered payload converge again." ] }, { title: "Cross-view failure modes", items: [ "Architecture, contract and source views may diverge in identity or meaning.", "Contract view may describe one ordering artifact while architecture renders another payload.", "Source mode may expose a different backing artifact than the one used in architecture mode.", "Recovery requires re-aligning all views to the same registered Deployment Order Canonical artifact." ] }, { title: "Content contamination failure modes", items: [ "Deployment Order Canonical may display inherited content from another overview_scope document after reload, reselection or mode change.", "Cached or previously loaded content may survive and contaminate the visible sequencing cards.", "Order-specific cards may preserve structure but lose content-origin integrity.", "Recovery requires flushing the contaminated render path and confirming that visible text now belongs only to Deployment Order Canonical." ] }, { title: "Recovery actions", items: [ "Re-select Deployment Order Canonical from the tree and confirm the selected document remains stable across architecture, contract and source modes.", "Verify that hub registration, tree identity and rendered payload all still point to deployment_order.", "Re-check that upstream gating, dependency progression and downstream unlock logic are again visible in the rendered cards.", "Treat any fallback-driven, cross-document or ambiguity-preserving state as invalid until evidence proves recovery is complete." ] }, { title: "Recovery evidence requirements", items: [ "Recovery is valid only when Deployment Order Canonical is materially reachable, correctly selected and rendered from the correct payload.", "The recovered state must be observable in UI behavior and not merely assumed from code edits.", "The visible cards must show Deployment Order Canonical-specific content after recovery.", "Architecture, contract and source modes must all confirm the same restored identity and sequencing logic." ] }, { title: "Failure modes and recovery exit rule", items: [ "Deployment Order Canonical failure and recovery handling is complete only when invalid routing, sequencing ambiguity, identity drift, fallback behavior and cross-view divergence states are all detectable and recoverable through evidence-based actions.", "No downstream rollout action, dependency claim or promotion claim may be treated as trustworthy if Deployment Order Canonical recovery still depends on unverified assumptions.", "Failure and recovery completion for Deployment Order Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const rightHtml = [ renderStructuredCard("Installation", installationBuckets), renderStructuredCard("Validation", validationBuckets), renderStructuredCard("Failure Modes & Recovery", failureModesBuckets) ].join(""); return { kind: "html", content: overviewHtml + `
${leftHtml}
${rightHtml}
` }; } ================================================================================ DOC: sandbox_environment | Sandbox Environment Canonical ================================================================================ if (doc.id === "sandbox_environment" && state.categoryId === "overview_scope") { const renderPendingCard = (title) => ` `; const renderBucketCard = (bucket) => `
${escapeHtml(bucket.title)}
${ bucket.items.length ? `` : `
No items declared.
` }
`; const renderStructuredCard = (title, buckets) => `
${buckets.map(renderBucketCard).join("")}
`; const overviewHtml = `

Overview

${escapeHtml("Sandbox Environment Canonical defines the formal controlled environment boundary where Devon can be assembled, exercised, validated and evolved without contaminating sovereign production-facing truth. It exists to declare what the sandbox is for, what it may contain, what it may simulate, what it may not override, how it supports experimentation, how it relates to canonical architecture and when outputs from sandbox activity become legitimate to promote into trusted project surfaces. It is not sovereign runtime truth; it is the canonical environmental framing authority for safe experimentation, subordinate to master_architecture_index, project scope and deployment order. Once valid, it becomes the reference that Documentation Hub, Operator Panel and downstream categories must use to judge experimental legitimacy, environmental isolation, readiness for validation and promotion boundaries across the Devon system.")}

`; const prerequisitesBuckets = [ { title: "Definition and canonical role", items: [ "Sandbox Environment Canonical prerequisites define the minimum conditions that must exist before the sandbox can be treated as a legitimate controlled environment for Devon experimentation, validation and safe evolution.", "The role of prerequisites here is to establish the environmental boundary artifact that answers what the sandbox is for, what it may contain, what it may simulate, what it must isolate and what it may never override.", "Sandbox Environment Canonical is not sovereign runtime truth. It is the canonical environmental framing authority for safe experimentation under Overview & Scope, subordinate to master_architecture_index, project scope and deployment order.", "Without valid prerequisites, every downstream experiment, validation run, sandbox projection and promotion claim risks contaminating trusted project surfaces." ] }, { title: "Fundamental principle", items: [ "A sandbox environment must be explicit, bounded, isolated and authority-linked before experimentation can be treated as legitimate.", "The sandbox cannot be inferred from ad hoc execution, temporary files or scattered operational habit.", "If environmental boundaries are not materially declared, it is not a valid sandbox.", "If the sandbox exists but can override trusted truth without control, it is invalid.", "If sandbox purpose, containment or promotion boundaries are ambiguous, downstream validation claims are invalid." ] }, { title: "Architectural framing prerequisites", items: [ "master_architecture_index must already exist as sovereign architectural root.", "Project Scope Canonical must already exist to define whether sandbox activity is project-relevant.", "Deployment Order Canonical must already exist to determine when sandbox outputs may become legitimately promotable.", "Sandbox Environment Canonical must be positioned as the controlled-environment authority inside Phase 01 overview_scope.", "Its role must remain subordinate to sovereign architecture while authoritative for safe experimental containment." ] }, { title: "Environmental boundary prerequisites", items: [ "The document must explicitly define what the sandbox may contain.", "The document must explicitly define what the sandbox may simulate.", "The document must explicitly define what the sandbox must isolate from trusted or production-facing surfaces.", "The document must explicitly define what sandbox activity may never override directly.", "The document must explicitly define what conditions must be met before sandbox outputs become promotable." ] }, { title: "Authority prerequisites", items: [ "Sandbox Environment Canonical must have clear authority ownership as the environmental framing artifact.", "Its authority must not be mixed with sovereign architecture, trusted runtime truth or UI-local interpretation.", "The document must state what other artifacts it depends on and what downstream experimentation or promotion decisions depend on it.", "Sandbox framing must remain canonically readable by Documentation Hub and Panel without reinterpretation." ] }, { title: "Isolation and legitimacy prerequisites", items: [ "The sandbox must be clearly separated from trusted project truth surfaces.", "No experimental output may be treated as trusted merely because it exists in the environment.", "No panel-facing, runtime-facing or promotion-facing projection should outrun declared sandbox legitimacy rules.", "Sandbox boundaries must exist before downstream experimentation can be treated as safe rather than contaminating." ] }, { title: "Document integrity prerequisites", items: [ "Sandbox Environment Canonical must exist as a real registered document in overview_scope.", "Its document id, label, path, phase and layer must remain stable.", "Its tree presence must resolve to the correct sandbox artifact.", "Architecture, contract and source routes must remain aligned to the same Sandbox Environment Canonical identity." ] }, { title: "Failure-prevention prerequisites", items: [ "The sandbox must not be framed from assumptions spread across chats, scripts or temporary operational notes.", "The environment must not depend on implicit operator memory to define what is safe, isolated or promotable.", "The sandbox artifact must not collapse into vague statements about testing without explicit containment and promotion rules.", "The sandbox model must not drift from the canonical overview structure." ] }, { title: "Expected result", items: [ "When prerequisites are valid, Sandbox Environment Canonical becomes a trustworthy environmental framing artifact for controlled experimentation.", "Downstream experiments can be assessed against explicit containment and promotion boundaries.", "Documentation Hub and Panel can project sandbox framing without inventing environmental meaning.", "Validation, isolation and promotion decisions can be judged against a declared canonical sandbox model." ] }, { title: "Prerequisites exit rule", items: [ "Sandbox Environment Canonical prerequisites are complete only when environmental purpose, containment boundaries, isolation rules, authority ownership and promotion conditions are materially explicit.", "No downstream experiment, validation result or promotion claim may be treated as sandbox-legitimate if environmental framing is still ambiguous.", "Prerequisite completion for Sandbox Environment Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const configurationBuckets = [ { title: "Definition and configuration role", items: [ "Sandbox Environment Canonical configuration defines how the environmental-framing artifact must be structurally arranged so experimental boundaries remain explicit, stable and consumable across Documentation Hub, Operator Panel and downstream categories.", "Configuration here means canonical arrangement, containment logic, authority binding and cross-view consistency, not cosmetic UI preference.", "Its role is to keep Sandbox Environment Canonical stable as the formal environmental surface for safe experimentation, isolation, validation readiness and promotion boundaries.", "A configured Sandbox Environment Canonical must remain structurally predictable across architecture, contract and source views." ] }, { title: "Document identity configuration", items: [ "Sandbox Environment Canonical must keep a fixed document id, label, path, phase and layer identity.", "Its registration under overview_scope must remain stable in hub_index.json.", "Its document type must remain coherent with its role as the environmental-authority artifact.", "Configuration is invalid if the same sandbox artifact resolves under conflicting identities across the UI." ] }, { title: "Canonical binding configuration", items: [ "The sandbox artifact must remain subordinate to master_architecture_index sovereignty.", "Its configuration must preserve explicit linkage to project scope and deployment order.", "Its authority must remain limited to environmental framing and must not redefine sovereign architecture or trusted runtime truth.", "Sovereign/support separation must remain visible in how Sandbox Environment Canonical is described and consumed." ] }, { title: "Containment configuration", items: [ "Containment boundaries must be explicitly configured rather than implied.", "Simulation boundaries must be explicitly configured rather than assumed.", "Isolation from trusted or production-facing truth surfaces must be structurally declared.", "Promotion conditions for sandbox outputs must be explicitly configured.", "Configuration is incomplete if sandbox legitimacy still depends on scattered notes, operator memory or interpretive UI behavior." ] }, { title: "Dependency configuration", items: [ "Sandbox Environment Canonical must be configured to state what downstream experiments, validations or outputs become legitimate only under declared sandbox conditions.", "It must support readiness judgment based on containment and promotion rules rather than convenience-based execution.", "It must provide enough structure for isolated, promotable and non-promotable sandbox states.", "The dependency configuration must eliminate ambiguous environmental-legitimacy claims." ] }, { title: "Tree and selection configuration", items: [ "Sandbox Environment Canonical must be configured to appear in the correct category and order inside the architecture tree.", "Its selection path must resolve deterministically when clicked from the left navigation.", "Its architecture, contract and source routes must all point to the same underlying document identity.", "Configuration is invalid if UI selection can drift into another overview_scope payload." ] }, { title: "Rendering configuration", items: [ "Sandbox Environment Canonical must be configured to render through the structured category scaffold in architecture mode.", "Its card layout must remain compatible with the same category model used across the documentation plane.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its configuration is invalid if the selected sandbox artifact renders another document payload." ] }, { title: "Source and contract configuration", items: [ "Source view must expose the real underlying document for Sandbox Environment Canonical.", "Contract view must describe the same registered sandbox artifact seen in architecture mode.", "Architecture, contract and source views must stay configuration-consistent.", "Any route divergence between those three views invalidates configuration integrity." ] }, { title: "Misconfiguration conditions", items: [ "If the sandbox artifact appears in the tree but resolves to the wrong architecture payload, configuration is invalid.", "If the sandbox artifact has a valid source but inconsistent contract projection, configuration is invalid.", "If the sandbox artifact depends on fallback behavior to render architecture, configuration is incomplete.", "If the sandbox artifact loses canonical linkage while remaining selectable in the UI, configuration is invalid." ] }, { title: "Configuration exit rule", items: [ "Sandbox Environment Canonical configuration is complete only when document identity, canonical binding, containment logic, dependency framing, tree placement, selection routing, rendering behavior and cross-view consistency are materially stable.", "No downstream experiment, validation result or promotion claim may be treated as configuration-ready if Sandbox Environment Canonical still depends on ambiguous routing or unstable identity.", "Configuration completion for Sandbox Environment Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const observableEvidenceBuckets = [ { title: "Definition and evidence role", items: [ "Sandbox Environment Canonical observable evidence defines the materially inspectable signals that prove the environmental-framing artifact exists, is correctly registered, is routed to the correct payload and is being rendered from the correct document identity.", "Observable evidence here is not conceptual confidence. It is concrete evidence that can be inspected in file registration, UI selection behavior, mode switching, route stability and rendered environmental output.", "Its role is to prove that the controlled-environment artifact is not only declared in architecture, but materially reachable and operationally projected in the Documentation Hub.", "If a condition cannot be observed, it cannot be claimed as valid evidence for Sandbox Environment Canonical." ] }, { title: "Document existence evidence", items: [ "Sandbox Environment Canonical must exist as a real registered document in the documentation system.", "Its document id must be observable as sandbox_environment.", "Its label, path, phase and layer identity must be materially present in the registered document set.", "Evidence fails if the sandbox artifact is referenced in logic but not materially registered as a document." ] }, { title: "Hub registration evidence", items: [ "Sandbox Environment Canonical must be observable inside hub_index.json under overview_scope.", "Its placement in the category docs list must be materially visible.", "Its registration must be stable enough to survive reload and re-render.", "Evidence fails if the sandbox artifact is only implied by code and not present in hub registration." ] }, { title: "Tree visibility evidence", items: [ "Sandbox Environment Canonical must appear in the left architecture tree under Overview & Scope.", "Its label must be visibly selectable from the UI.", "A user click on Sandbox Environment Canonical must be observable as a stable document selection event.", "Evidence fails if the tree shows the label but selection resolves to another artifact." ] }, { title: "Render-path evidence", items: [ "Architecture mode must visibly render Sandbox Environment Canonical-specific cards and text rather than inherited content from Master Architecture Index, Project Scope Canonical, Deployment Order Canonical, Panel Manifest or another overview_scope document.", "Contract mode must visibly describe the same Sandbox Environment Canonical artifact.", "Source mode must visibly expose the real underlying source for Sandbox Environment Canonical.", "Evidence fails if any mode shows fallback content, wrong payload or cross-document contamination." ] }, { title: "Identity consistency evidence", items: [ "The same Sandbox Environment Canonical identity must be observable across architecture, contract and source views.", "The selected document must not silently switch to Master Architecture Index, Project Scope Canonical, Deployment Order Canonical, Panel Manifest or another sibling artifact.", "Route stability must remain observable during mode changes and reselection.", "Evidence fails if the UI presents one label while the payload belongs to another document." ] }, { title: "Containment evidence", items: [ "The rendered sandbox cards must visibly state what the environment may contain.", "The rendered sandbox cards must visibly state what the environment may simulate.", "The rendered sandbox cards must visibly state what must remain isolated from trusted or production-facing truth surfaces.", "The rendered sandbox cards must visibly state what conditions govern promotion out of sandbox activity.", "Evidence fails if environmental legitimacy still depends on implied context rather than visible containment and promotion rules." ] }, { title: "Content integrity evidence", items: [ "The visible text under Sandbox Environment Canonical must correspond to sandbox-environment context and not to another category or document.", "Overview, Prerequisites, Installation, Configuration, Validation and downstream cards must remain context-consistent with controlled-environment behavior.", "Observable evidence must show that rendered text changes when Sandbox Environment Canonical-specific content is updated in code.", "Evidence fails if the UI continues to show stale or inherited content after document-specific updates." ] }, { title: "Operational evidence of environmental legitimacy", items: [ "Sandbox Environment Canonical must be observably usable as the environmental artifact for safe experimentation, isolation and promotion judgment.", "Its presence must support deterministic readiness judgment for sandboxed experiments and outputs.", "The sandbox artifact must remain observably stable under reload, reselection and mode switching.", "Evidence fails if environmental legitimacy depends on hidden cache, ambiguous routing or lucky UI state." ] }, { title: "Observable evidence exit rule", items: [ "Observable evidence for Sandbox Environment Canonical is complete only when document existence, hub registration, tree visibility, payload identity, containment visibility, render-path integrity and cross-view consistency are all materially inspectable.", "No downstream experiment, validation result or promotion claim may be treated as trustworthy if Sandbox Environment Canonical evidence is still indirect, inferred or fallback-driven.", "Observable evidence completion for Sandbox Environment Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const completionPromotionBuckets = [ { title: "Definition and promotion role", items: [ "Sandbox Environment Canonical completion and promotion define when the environmental-framing artifact can be treated as structurally complete and trusted enough to govern downstream experimentation, validation and promotion decisions.", "Completion here does not mean the document merely exists. It means environmental framing is materially present, identity-stable, canonically bound, containment-explicit and operationally consumable.", "Promotion here means the sandbox artifact is trusted enough to serve as the reference for what may stay isolated, what may be validated and what may become eligible for promotion into trusted project surfaces.", "A promoted Sandbox Environment Canonical must already function as the stable controlled-environment authority under Overview & Scope." ] }, { title: "Completion criteria", items: [ "Sandbox Environment Canonical must be registered as a real document under overview_scope.", "Its tree placement, selection behavior and render path must be materially stable.", "Its architecture, contract and source modes must remain aligned to the same document identity.", "Its content must be context-correct and free from inherited payload contamination.", "Its role as environmental authority must remain subordinate to master_architecture_index sovereignty." ] }, { title: "Containment completion criteria", items: [ "The document must materially define what the sandbox may contain.", "The document must materially define what the sandbox may simulate.", "The document must materially define what must remain isolated from trusted or production-facing truth surfaces.", "The document must materially define what conditions govern promotion out of sandbox activity.", "No major environmental-legitimacy decision may remain dependent on scattered interpretation once completion is claimed." ] }, { title: "Promotion gates", items: [ "No promotion is valid if Sandbox Environment Canonical still depends on fallback-driven architecture rendering.", "No promotion is valid if UI selection can still resolve to the wrong payload.", "No promotion is valid if containment, isolation and promotion conditions remain ambiguous.", "No promotion is valid if cross-view identity remains unverified.", "Promotion is valid only when environmental identity, containment integrity and evidence integrity are all materially confirmed." ] }, { title: "Downstream unlocks", items: [ "A complete Sandbox Environment Canonical unlocks trustworthy readiness judgment for downstream experimentation and validation activity.", "It unlocks safer containment gating for what may remain isolated versus what may be considered for promotion.", "It unlocks consistent environmental framing across Documentation Hub and Operator Panel surfaces.", "It unlocks more reliable promotion decisions because sandbox outputs can now be tested against an explicit canonical environment model." ] }, { title: "Non-promotable states", items: [ "A sandbox artifact that is selectable but not identity-stable is not promotable.", "A sandbox artifact that renders through the wrong payload is not promotable.", "A sandbox artifact that looks coherent but still leaves containment or promotion rules ambiguous is not promotable.", "A sandbox artifact that loses canonical linkage is not promotable.", "A sandbox artifact that cannot keep architecture, contract and source views aligned is not promotable." ] }, { title: "Promotion evidence requirements", items: [ "Promotion must be supported by observable UI behavior, stable routing and correct rendered environmental content.", "Promotion must be backed by hub registration, tree visibility, containment clarity and cross-view identity consistency.", "Promotion must be proven from the served surface and not from assumed code intent.", "Every completion or promotion claim must be evidenced by what the system actually resolves, renders and keeps stable." ] }, { title: "Completion and promotion exit rule", items: [ "Sandbox Environment Canonical completion and promotion are complete only when the sandbox artifact is materially present, canonically bound, tree-stable, payload-correct, containment-explicit and trustworthy across architecture, contract and source views.", "No downstream experiment, validation result or promotion decision may be treated as reliable if Sandbox Environment Canonical still operates under ambiguous routing, fallback behavior, unstable identity or incomplete environmental framing.", "Completion and promotion for Sandbox Environment Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const leftHtml = [ renderStructuredCard("Prerequisites", prerequisitesBuckets), renderStructuredCard("Configuration", configurationBuckets), renderStructuredCard("Observable Evidence", observableEvidenceBuckets), renderStructuredCard("Completion & Promotion", completionPromotionBuckets) ].join(""); const installationBuckets = [ { title: "Definition and installation role", items: [ "Sandbox Environment Canonical installation defines the material conditions required for the environmental-framing artifact to exist as a real, registered and consumable controlled-environment authority inside Overview & Scope.", "Installation here does not mean generic host setup. It means installing the canonical sandbox-boundary artifact into the documentation system so environmental containment becomes materially present, selectable and readable.", "Its installation role is to establish a stable controlled-environment surface that downstream categories, Documentation Hub and Operator Panel can consume without ambiguity.", "A valid installation makes sandbox legitimacy observable as a real document and not as scattered operational habit." ] }, { title: "Document materialization requirements", items: [ "Sandbox Environment Canonical must exist as a real document registered under overview_scope.", "Its document id, label, path, phase and layer identity must be materially installed in the document set.", "The document must be readable through the Documentation Hub and discoverable from the architecture tree.", "The sandbox artifact must be installed as the controlled-environment authority and not as detached descriptive text." ] }, { title: "Canonical binding installation", items: [ "master_architecture_index must already exist as sovereign architectural root before Sandbox Environment Canonical installation can be treated as valid.", "Project Scope Canonical must already exist before sandbox boundaries can be judged as project-relevant.", "Deployment Order Canonical must already exist before sandbox outputs can be judged as promotable in the right sequence.", "Sandbox Environment Canonical must be installed as subordinate environmental authority, not as sovereign architecture.", "The sandbox artifact must inherit meaning from the canonical architecture root, project framing and rollout order, and must never redefine them locally." ] }, { title: "Hub and tree installation", items: [ "Sandbox Environment Canonical must be registered inside hub_index.json under overview_scope.", "It must appear in the left architecture tree with correct label, type and placement.", "Its selection path must resolve to the correct sandbox artifact when clicked in the UI.", "Its architecture, contract and source routes must remain bound to the same registered environmental identity." ] }, { title: "Environmental installation", items: [ "The installed sandbox artifact must explicitly support containment boundaries.", "The installed sandbox artifact must explicitly support simulation boundaries.", "The installed sandbox artifact must explicitly support isolation from trusted or production-facing truth surfaces.", "The installed sandbox artifact must explicitly support promotion conditions for outputs that may later become trusted.", "Installation is incomplete if sandbox legitimacy still depends on scattered notes, implicit operator memory or UI-local assumptions." ] }, { title: "Rendering installation", items: [ "Sandbox Environment Canonical must render through the same structured category scaffold used for category-level architecture views.", "Its installed cards must remain readable and context-correct in architecture mode.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its installation is invalid if the selected sandbox artifact renders another document payload." ] }, { title: "Source and contract installation", items: [ "Source view must expose the real underlying source for Sandbox Environment Canonical.", "Contract view must describe the same registered sandbox artifact seen in architecture mode.", "Architecture, contract and source routes must remain installation-consistent.", "Installation is invalid if those routes diverge in identity, meaning or underlying artifact." ] }, { title: "Dependency installation gates", items: [ "Architectural sovereignty must exist before environmental installation can be trusted.", "Project framing must exist before sandbox boundaries can be judged as project-legitimate.", "Deployment order must exist before sandbox promotion conditions can be judged as sequence-legitimate.", "Hub registration must exist before UI selection can be trusted.", "Environmental identity stability must exist before downstream experimentation, validation or promotion claims can be trusted." ] }, { title: "Failure-sensitive installation conditions", items: [ "If the sandbox artifact exists in code but is not reachable in the tree, installation is incomplete.", "If the sandbox artifact is reachable in the tree but resolves to the wrong payload, installation is invalid.", "If the sandbox artifact renders only through fallback summary, installation is incomplete.", "If the sandbox artifact loses canonical linkage while still appearing selectable, installation is invalid." ] }, { title: "Installation exit rule", items: [ "Sandbox Environment Canonical installation is complete only when the document is materially present, canonically bound, tree-selectable, architecturally renderable and identity-stable across architecture, contract and source views.", "No downstream experiment, validation result or promotion claim may be treated as installation-ready if Sandbox Environment Canonical still operates through ambiguous routing or fallback-driven projection.", "Installation completion for Sandbox Environment Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const validationBuckets = [ { title: "Definition and validation role", items: [ "Sandbox Environment Canonical validation defines the evidence-based checks required to confirm that the environmental-framing artifact is structurally correct, canonically bound and trustworthy as the formal controlled-environment authority.", "Validation here does not judge wording preference. It verifies sandbox identity, containment clarity, canonical linkage, route integrity and cross-view consistency.", "Its role is to prove that the selected Sandbox Environment Canonical is the real registered environmental artifact and not a fallback, alias, inherited payload or ambiguous testing substitute.", "A valid Sandbox Environment Canonical must remain verifiable across architecture, contract and source views." ] }, { title: "Identity validation", items: [ "The document selected in the tree must resolve to sandbox_environment and not to another overview_scope artifact.", "Its document id, label, path, phase and layer must remain stable during selection and rendering.", "The same artifact must be observed across architecture view, contract view and source view.", "Validation fails if the UI selection path resolves to a mismatched document identity." ] }, { title: "Canonical linkage validation", items: [ "Sandbox Environment Canonical must remain subordinate to master_architecture_index sovereignty.", "Its role as the controlled-environment authority artifact must remain explicit.", "Its linkage to project scope, deployment order and environmental promotion boundaries must remain materially traceable.", "Validation fails if the sandbox artifact appears structurally detached from the canonical overview roots." ] }, { title: "Containment validation", items: [ "Containment boundaries must be explicitly visible and non-ambiguous.", "Simulation boundaries must be explicitly visible and non-ambiguous.", "Isolation from trusted or production-facing truth surfaces must be materially clear.", "Promotion conditions for sandbox outputs must be materially clear.", "Validation fails if environmental legitimacy still depends on implied context, scattered notes or operator habit." ] }, { title: "Dependency validation", items: [ "The sandbox artifact must visibly support downstream readiness judgment for experimentation, validation and promotion.", "It must be materially clear which outputs remain isolated, which are promotable and which are illegitimate to trust.", "No sandbox-legitimacy claim may depend on vague testing language alone.", "Validation fails if environmental legitimacy cannot be traced back to explicit containment and promotion rules." ] }, { title: "Render-path validation", items: [ "Architecture mode must render the custom Sandbox Environment Canonical architecture payload, not an inherited structured payload from another overview_scope document.", "Contract mode must describe the same registered Sandbox Environment Canonical artifact.", "Source mode must expose the real underlying source of Sandbox Environment Canonical.", "Validation fails if any mode falls back to the wrong document or if architecture mode depends on the wrong sourceMeta branch." ] }, { title: "Tree and selection validation", items: [ "Sandbox Environment Canonical must appear in the correct category position inside the architecture tree.", "A click on Sandbox Environment Canonical must keep the selected document stable across re-render.", "Mode switching must not silently redirect the user to Master Architecture Index, Project Scope Canonical, Deployment Order Canonical, Panel Manifest or another sibling document.", "Validation fails if tree selection is visually correct but operationally resolves to another payload." ] }, { title: "Content integrity validation", items: [ "The architecture cards shown under Sandbox Environment Canonical must correspond to sandbox-environment content and not inherited text from another document.", "Overview, Prerequisites, Installation, Configuration and downstream cards must remain context-consistent with controlled-environment behavior.", "The sandbox artifact must not render stale content cached from a previous selection.", "Validation fails if the visible text belongs to another document context." ] }, { title: "Evidence requirements", items: [ "Validation must be grounded in observable UI behavior, observable document routing and observable environmental framing output.", "Validation must be supported by file existence, tree registration, route stability, containment visibility and mode consistency.", "No validation claim may be based on inference, expectation or visual guess alone.", "Every PASS condition must be backed by real evidence from the served surface or underlying registered artifact." ] }, { title: "Validation exit rule", items: [ "Sandbox Environment Canonical validation is complete only when identity, linkage, containment clarity, dependency framing, tree routing, render path, source exposure and cross-view consistency are all materially confirmed.", "No downstream experiment, validation result or promotion claim may be treated as trustworthy if Sandbox Environment Canonical validation still depends on ambiguous selection, unverified containment rules or unstable routing.", "Validation completion for Sandbox Environment Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const failureModesBuckets = [ { title: "Definition and recovery role", items: [ "Sandbox Environment Canonical failure modes and recovery define the invalid states that break the environmental-framing artifact as a trustworthy controlled-environment authority and the recovery actions required to restore environmental legitimacy.", "Failure here is not limited to missing file or broken render. It includes ambiguous containment, broken isolation, wrong payload routing, identity drift, inherited content contamination and loss of canonical environmental role.", "Recovery exists to restore Sandbox Environment Canonical as the real sandbox-boundary artifact that downstream categories, Documentation Hub and Operator Panel can trust for safe experimentation and promotion judgment.", "A recovered state is valid only when sandbox identity, containment clarity, canonical linkage and rendered content integrity are materially restored." ] }, { title: "Identity failure modes", items: [ "Sandbox Environment Canonical may appear selected in the tree while another overview_scope payload is actually rendered.", "The sandbox artifact may resolve with wrong document id, wrong path or wrong architectural role.", "A stale UI state may preserve the correct label while operationally switching to a sibling artifact.", "Recovery requires proving the rendered payload is again bound to sandbox_environment and not to master_architecture_index, project_scope, deployment_order, panel_manifest or any other overview_scope document." ] }, { title: "Containment failure modes", items: [ "Declared sandbox containment boundaries may become incomplete, ambiguous or contradictory.", "The sandbox artifact may fail to state what the environment may contain, what it may simulate and what it must isolate from trusted truth surfaces.", "A partially framed sandbox may still look coherent in UI while remaining operationally invalid as environmental authority.", "Recovery requires restoring explicit and non-ambiguous containment, isolation and promotion boundaries." ] }, { title: "Canonical linkage failure modes", items: [ "Sandbox Environment Canonical may lose its subordinate linkage to master_architecture_index and begin to behave as if it were sovereign architecture or trusted runtime truth.", "The sandbox artifact may drift away from project scope, deployment order or environmental promotion logic.", "The document may remain visible while no longer functioning as the canonical controlled-environment registry.", "Recovery requires re-establishing sovereign/support hierarchy and re-binding Sandbox Environment Canonical to the overview roots." ] }, { title: "Tree and selection failure modes", items: [ "The tree may show Sandbox Environment Canonical in the right place while click resolution points to another document.", "Mode switching may silently redirect the user away from the sandbox artifact.", "Reload or reselection may destabilize the active sandbox identity.", "Recovery requires restoring deterministic selection so tree label, selected doc and rendered payload converge again." ] }, { title: "Cross-view failure modes", items: [ "Architecture, contract and source views may diverge in identity or meaning.", "Contract view may describe one sandbox artifact while architecture renders another payload.", "Source mode may expose a different backing artifact than the one used in architecture mode.", "Recovery requires re-aligning all views to the same registered Sandbox Environment Canonical artifact." ] }, { title: "Content contamination failure modes", items: [ "Sandbox Environment Canonical may display inherited content from another overview_scope document after reload, reselection or mode change.", "Cached or previously loaded content may survive and contaminate the visible sandbox cards.", "Environment-specific cards may preserve structure but lose content-origin integrity.", "Recovery requires flushing the contaminated render path and confirming that visible text now belongs only to Sandbox Environment Canonical." ] }, { title: "Recovery actions", items: [ "Re-select Sandbox Environment Canonical from the tree and confirm the selected document remains stable across architecture, contract and source modes.", "Verify that hub registration, tree identity and rendered payload all still point to sandbox_environment.", "Re-check that containment boundaries, isolation rules and promotion conditions are again visible in the rendered cards.", "Treat any fallback-driven, cross-document or ambiguity-preserving state as invalid until evidence proves recovery is complete." ] }, { title: "Recovery evidence requirements", items: [ "Recovery is valid only when Sandbox Environment Canonical is materially reachable, correctly selected and rendered from the correct payload.", "The recovered state must be observable in UI behavior and not merely assumed from code edits.", "The visible cards must show Sandbox Environment Canonical-specific content after recovery.", "Architecture, contract and source modes must all confirm the same restored identity and environmental framing." ] }, { title: "Failure modes and recovery exit rule", items: [ "Sandbox Environment Canonical failure and recovery handling is complete only when invalid routing, containment ambiguity, identity drift, fallback behavior and cross-view divergence states are all detectable and recoverable through evidence-based actions.", "No downstream experiment, validation result or promotion claim may be treated as trustworthy if Sandbox Environment Canonical recovery still depends on unverified assumptions.", "Failure and recovery completion for Sandbox Environment Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const rightHtml = [ renderStructuredCard("Installation", installationBuckets), renderStructuredCard("Validation", validationBuckets), renderStructuredCard("Failure Modes & Recovery", failureModesBuckets) ].join(""); return { kind: "html", content: overviewHtml + `
${leftHtml}
${rightHtml}
` }; } ================================================================================ DOC: server_registry | Server Registry Canonical ================================================================================ if (doc.id === "server_registry" && state.categoryId === "overview_scope") { const renderPendingCard = (title) => ` `; const renderBucketCard = (bucket) => `
${escapeHtml(bucket.title)}
${ bucket.items.length ? `` : `
No items declared.
` }
`; const renderStructuredCard = (title, buckets) => `
${buckets.map(renderBucketCard).join("")}
`; const overviewHtml = `

Overview

${escapeHtml("Server Registry Canonical defines the formal registry of the server surfaces, identities and host-level anchors that Devon depends on under Phase 01 Overview & Scope. It exists to declare what server entities are recognized, how they are identified, which host context is authoritative, how server-facing references remain stable across the project and what downstream runtime, delivery, monitoring and panel-facing layers may legitimately depend on that registry. It is not sovereign architecture and it is not runtime status by itself; it is the canonical server-registration authority subordinate to master_architecture_index, project scope and deployment order. Once valid, it becomes the reference that Documentation Hub, Operator Panel and downstream categories must use to judge server identity, registry legitimacy, host relevance and dependency fit across the Devon system.")}

`; const prerequisitesBuckets = [ { title: "Definition and canonical role", items: [ "Server Registry Canonical prerequisites define the minimum conditions that must exist before server entities can be treated as formally registered, referenceable and trustworthy across the Devon system.", "The role of prerequisites here is to establish the registry artifact that answers what server surfaces are recognized, how they are identified, which host context is authoritative and what downstream layers may legitimately depend on those references.", "Server Registry Canonical is not sovereign architecture and it is not runtime status by itself. It is the canonical server-registration authority under Overview & Scope, subordinate to master_architecture_index, project scope and deployment order.", "Without valid prerequisites, every downstream runtime, delivery, monitoring and panel-facing dependency that assumes stable server identity risks operating on ambiguous host references." ] }, { title: "Fundamental principle", items: [ "Server identity and registry boundaries must be explicit, stable and authority-linked before host-level dependencies can be treated as legitimate.", "The server registry cannot be inferred from ad hoc environment use, runtime snapshots or scattered operational notes.", "If a server entity is not materially declared in the registry, it is not valid registry truth.", "If registry identity exists but conflicts with architecture or host-level reality, it is invalid.", "If registry boundaries, authority or dependency fit are ambiguous, downstream server-facing claims are invalid." ] }, { title: "Architectural framing prerequisites", items: [ "master_architecture_index must already exist as sovereign architectural root.", "Project Scope Canonical must already exist to determine whether a server reference is project-relevant.", "Deployment Order Canonical must already exist to determine when server-dependent layers become legitimately actionable.", "Server Registry Canonical must be positioned as the server-registration authority inside Phase 01 overview_scope.", "Its role must remain subordinate to sovereign architecture while authoritative for stable server reference and host identity framing." ] }, { title: "Registry-boundary prerequisites", items: [ "The document must explicitly define what server entities or host surfaces are recognized by the project.", "The document must explicitly define how those server entities are identified and distinguished.", "The document must explicitly define which host context is authoritative for downstream references.", "The document must explicitly define how server references remain stable across runtime, delivery, monitoring and UI-facing layers.", "The document must explicitly define what downstream materialization depends on valid server registration." ] }, { title: "Authority prerequisites", items: [ "Server Registry Canonical must have clear authority ownership as the server-registration artifact.", "Its authority must not be mixed with sovereign architecture, runtime truth, monitoring output or UI-local interpretation.", "The document must state what other artifacts it depends on and what downstream artifacts depend on stable server registry.", "Server registration must remain canonically readable by Documentation Hub and Panel without reinterpretation." ] }, { title: "Dependency prerequisites", items: [ "Downstream runtime, delivery, monitoring and panel-facing layers must only be treated as host-legitimate if they fit inside declared server registry.", "No server-facing dependency claim may be treated as valid if its server reference is not supported by registry truth.", "No environment-facing or host-facing projection should outrun server registry definition.", "Server registry must exist before downstream host relevance can be trusted as project-legitimate rather than merely assumed." ] }, { title: "Document integrity prerequisites", items: [ "Server Registry Canonical must exist as a real registered document in overview_scope.", "Its document id, label, path, phase and layer must remain stable.", "Its tree presence must resolve to the correct server-registry artifact.", "Architecture, contract and source routes must remain aligned to the same Server Registry Canonical identity." ] }, { title: "Failure-prevention prerequisites", items: [ "The server registry must not be framed from assumptions spread across chats, scripts or temporary operational notes.", "The registry must not depend on implicit operator memory to define which server identity is authoritative.", "The registry artifact must not collapse into vague infrastructure prose without explicit host reference logic.", "The server-registration model must not drift from the canonical overview structure." ] }, { title: "Expected result", items: [ "When prerequisites are valid, Server Registry Canonical becomes a trustworthy registry artifact for server identity and host-level reference.", "Downstream layers can be assessed against explicit registered server boundaries.", "Documentation Hub and Panel can project server registry without inventing host meaning.", "Runtime, delivery, monitoring and UI layers can be judged for dependency fit against a declared canonical server registry." ] }, { title: "Prerequisites exit rule", items: [ "Server Registry Canonical prerequisites are complete only when server identity, registry boundaries, host authority, authority ownership and dependency relevance are materially explicit.", "No downstream runtime, delivery, monitoring or panel-facing artifact may be treated as registry-legitimate if server framing is still ambiguous.", "Prerequisite completion for Server Registry Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const configurationBuckets = [ { title: "Definition and configuration role", items: [ "Server Registry Canonical configuration defines how the server-registration artifact must be structurally arranged so host identity remains explicit, stable and consumable across Documentation Hub, Operator Panel and downstream categories.", "Configuration here means canonical arrangement, host-reference logic, authority binding and cross-view consistency, not cosmetic UI preference.", "Its role is to keep Server Registry Canonical stable as the formal server-reference surface for runtime, delivery, monitoring and panel-facing dependency fit.", "A configured Server Registry Canonical must remain structurally predictable across architecture, contract and source views." ] }, { title: "Document identity configuration", items: [ "Server Registry Canonical must keep a fixed document id, label, path, phase and layer identity.", "Its registration under overview_scope must remain stable in hub_index.json.", "Its document type must remain coherent with its role as the server-registration authority artifact.", "Configuration is invalid if the same server-registry artifact resolves under conflicting identities across the UI." ] }, { title: "Canonical binding configuration", items: [ "The server-registry artifact must remain subordinate to master_architecture_index sovereignty.", "Its configuration must preserve explicit linkage to project scope and deployment order.", "Its authority must remain limited to server registration and must not redefine sovereign architecture or runtime truth.", "Sovereign/support separation must remain visible in how Server Registry Canonical is described and consumed." ] }, { title: "Registry configuration", items: [ "Recognized server entities and host surfaces must be explicitly configured rather than implied.", "Stable server identification rules must be explicitly configured rather than assumed.", "Authoritative host context for downstream references must be structurally declared.", "Dependency fit for runtime, delivery, monitoring and panel-facing layers must be explicitly configured.", "Configuration is incomplete if host legitimacy still depends on scattered notes, operator memory or interpretive UI behavior." ] }, { title: "Dependency configuration", items: [ "Server Registry Canonical must be configured to state what downstream layers become legitimate only when server references are canonically registered.", "It must support readiness judgment based on declared host identity rather than convenience-based execution.", "It must provide enough structure for valid, ambiguous and illegitimate server-reference states.", "The dependency configuration must eliminate ambiguous host-legitimacy claims." ] }, { title: "Tree and selection configuration", items: [ "Server Registry Canonical must be configured to appear in the correct category and order inside the architecture tree.", "Its selection path must resolve deterministically when clicked from the left navigation.", "Its architecture, contract and source routes must all point to the same underlying document identity.", "Configuration is invalid if UI selection can drift into another overview_scope payload." ] }, { title: "Rendering configuration", items: [ "Server Registry Canonical must be configured to render through the structured category scaffold in architecture mode.", "Its card layout must remain compatible with the same category model used across the documentation plane.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its configuration is invalid if the selected server-registry artifact renders another document payload." ] }, { title: "Source and contract configuration", items: [ "Source view must expose the real underlying document for Server Registry Canonical.", "Contract view must describe the same registered server-registry artifact seen in architecture mode.", "Architecture, contract and source views must stay configuration-consistent.", "Any route divergence between those three views invalidates configuration integrity." ] }, { title: "Misconfiguration conditions", items: [ "If the server-registry artifact appears in the tree but resolves to the wrong architecture payload, configuration is invalid.", "If the server-registry artifact has a valid source but inconsistent contract projection, configuration is invalid.", "If the server-registry artifact depends on fallback behavior to render architecture, configuration is incomplete.", "If the server-registry artifact loses canonical linkage while remaining selectable in the UI, configuration is invalid." ] }, { title: "Configuration exit rule", items: [ "Server Registry Canonical configuration is complete only when document identity, canonical binding, host-reference logic, dependency framing, tree placement, selection routing, rendering behavior and cross-view consistency are materially stable.", "No downstream runtime, delivery, monitoring or panel-facing dependency claim may be treated as configuration-ready if Server Registry Canonical still depends on ambiguous routing or unstable identity.", "Configuration completion for Server Registry Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const observableEvidenceBuckets = [ { title: "Definition and evidence role", items: [ "Server Registry Canonical observable evidence defines the materially inspectable signals that prove the server-registration artifact exists, is correctly registered, is routed to the correct payload and is being rendered from the correct document identity.", "Observable evidence here is not conceptual confidence. It is concrete evidence that can be inspected in file registration, UI selection behavior, mode switching, route stability and rendered host-reference output.", "Its role is to prove that the server-registry artifact is not only declared in architecture, but materially reachable and operationally projected in the Documentation Hub.", "If a condition cannot be observed, it cannot be claimed as valid evidence for Server Registry Canonical." ] }, { title: "Document existence evidence", items: [ "Server Registry Canonical must exist as a real registered document in the documentation system.", "Its document id must be observable as server_registry.", "Its label, path, phase and layer identity must be materially present in the registered document set.", "Evidence fails if the server-registry artifact is referenced in logic but not materially registered as a document." ] }, { title: "Hub registration evidence", items: [ "Server Registry Canonical must be observable inside hub_index.json under overview_scope.", "Its placement in the category docs list must be materially visible.", "Its registration must be stable enough to survive reload and re-render.", "Evidence fails if the server-registry artifact is only implied by code and not present in hub registration." ] }, { title: "Tree visibility evidence", items: [ "Server Registry Canonical must appear in the left architecture tree under Overview & Scope.", "Its label must be visibly selectable from the UI.", "A user click on Server Registry Canonical must be observable as a stable document selection event.", "Evidence fails if the tree shows the label but selection resolves to another artifact." ] }, { title: "Render-path evidence", items: [ "Architecture mode must visibly render Server Registry Canonical-specific cards and text rather than inherited content from Master Architecture Index, Project Scope Canonical, Deployment Order Canonical, Sandbox Environment Canonical, Panel Manifest or another overview_scope document.", "Contract mode must visibly describe the same Server Registry Canonical artifact.", "Source mode must visibly expose the real underlying source for Server Registry Canonical.", "Evidence fails if any mode shows fallback content, wrong payload or cross-document contamination." ] }, { title: "Identity consistency evidence", items: [ "The same Server Registry Canonical identity must be observable across architecture, contract and source views.", "The selected document must not silently switch to Master Architecture Index, Project Scope Canonical, Deployment Order Canonical, Sandbox Environment Canonical, Panel Manifest or another sibling artifact.", "Route stability must remain observable during mode changes and reselection.", "Evidence fails if the UI presents one label while the payload belongs to another document." ] }, { title: "Registry evidence", items: [ "The rendered server-registry cards must visibly state what server entities or host surfaces are recognized.", "The rendered server-registry cards must visibly state how those entities are identified and distinguished.", "The rendered server-registry cards must visibly state which host context is authoritative for downstream references.", "The rendered server-registry cards must visibly support dependency fit for runtime, delivery, monitoring and panel-facing layers.", "Evidence fails if host legitimacy still depends on implied context rather than visible registry truth." ] }, { title: "Content integrity evidence", items: [ "The visible text under Server Registry Canonical must correspond to server-registry context and not to another category or document.", "Overview, Prerequisites, Installation, Configuration, Validation and downstream cards must remain context-consistent with host-reference behavior.", "Observable evidence must show that rendered text changes when Server Registry Canonical-specific content is updated in code.", "Evidence fails if the UI continues to show stale or inherited content after document-specific updates." ] }, { title: "Operational evidence of registry legitimacy", items: [ "Server Registry Canonical must be observably usable as the host-reference artifact for runtime, delivery, monitoring and panel-facing dependency judgment.", "Its presence must support deterministic readiness judgment for downstream server-dependent layers.", "The server-registry artifact must remain observably stable under reload, reselection and mode switching.", "Evidence fails if host legitimacy depends on hidden cache, ambiguous routing or lucky UI state." ] }, { title: "Observable evidence exit rule", items: [ "Observable evidence for Server Registry Canonical is complete only when document existence, hub registration, tree visibility, payload identity, registry visibility, render-path integrity and cross-view consistency are all materially inspectable.", "No downstream runtime, delivery, monitoring or panel-facing dependency claim may be treated as trustworthy if Server Registry Canonical evidence is still indirect, inferred or fallback-driven.", "Observable evidence completion for Server Registry Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const completionPromotionBuckets = [ { title: "Definition and promotion role", items: [ "Server Registry Canonical completion and promotion define when the server-registration artifact can be treated as structurally complete and trusted enough to unlock downstream host-facing dependency judgment and promotion decisions.", "Completion here does not mean the document merely exists. It means server identity is materially present, identity-stable, canonically bound, host-reference explicit and operationally consumable.", "Promotion here means the registry artifact is trusted enough to serve as the reference for what host context is legitimate for runtime, delivery, monitoring and panel-facing dependence.", "A promoted Server Registry Canonical must already function as the stable server-reference authority under Overview & Scope." ] }, { title: "Completion criteria", items: [ "Server Registry Canonical must be registered as a real document under overview_scope.", "Its tree placement, selection behavior and render path must be materially stable.", "Its architecture, contract and source modes must remain aligned to the same document identity.", "Its content must be context-correct and free from inherited payload contamination.", "Its role as server-registration authority must remain subordinate to master_architecture_index sovereignty." ] }, { title: "Registry completion criteria", items: [ "The document must materially define what server entities or host surfaces are recognized.", "The document must materially define how those entities are identified and distinguished.", "The document must materially define which host context is authoritative for downstream references.", "The document must materially support dependency fit for runtime, delivery, monitoring and panel-facing layers.", "No major host-legitimacy decision may remain dependent on scattered interpretation once completion is claimed." ] }, { title: "Promotion gates", items: [ "No promotion is valid if Server Registry Canonical still depends on fallback-driven architecture rendering.", "No promotion is valid if UI selection can still resolve to the wrong payload.", "No promotion is valid if host-reference rules and registry boundaries remain ambiguous.", "No promotion is valid if cross-view identity remains unverified.", "Promotion is valid only when server identity, registry integrity and evidence integrity are all materially confirmed." ] }, { title: "Downstream unlocks", items: [ "A complete Server Registry Canonical unlocks trustworthy readiness judgment for downstream runtime, delivery, monitoring and panel-facing layers.", "It unlocks safer host-reference gating for dependency fit and environment legitimacy.", "It unlocks consistent server registry projection across Documentation Hub and Operator Panel surfaces.", "It unlocks more reliable promotion decisions because downstream host-facing materialization can now be tested against an explicit canonical server registry." ] }, { title: "Non-promotable states", items: [ "A server-registry artifact that is selectable but not identity-stable is not promotable.", "A server-registry artifact that renders through the wrong payload is not promotable.", "A server-registry artifact that looks coherent but still leaves host-reference rules ambiguous is not promotable.", "A server-registry artifact that loses canonical linkage is not promotable.", "A server-registry artifact that cannot keep architecture, contract and source views aligned is not promotable." ] }, { title: "Promotion evidence requirements", items: [ "Promotion must be supported by observable UI behavior, stable routing and correct rendered registry content.", "Promotion must be backed by hub registration, tree visibility, registry clarity and cross-view identity consistency.", "Promotion must be proven from the served surface and not from assumed code intent.", "Every completion or promotion claim must be evidenced by what the system actually resolves, renders and keeps stable." ] }, { title: "Completion and promotion exit rule", items: [ "Server Registry Canonical completion and promotion are complete only when the registry artifact is materially present, canonically bound, tree-stable, payload-correct, host-reference explicit and trustworthy across architecture, contract and source views.", "No downstream runtime, delivery, monitoring or panel-facing dependency claim may be treated as reliable if Server Registry Canonical still operates under ambiguous routing, fallback behavior, unstable identity or incomplete registry framing.", "Completion and promotion for Server Registry Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const leftHtml = [ renderStructuredCard("Prerequisites", prerequisitesBuckets), renderStructuredCard("Configuration", configurationBuckets), renderStructuredCard("Observable Evidence", observableEvidenceBuckets), renderStructuredCard("Completion & Promotion", completionPromotionBuckets) ].join(""); const installationBuckets = [ { title: "Definition and installation role", items: [ "Server Registry Canonical installation defines the material conditions required for the server-registration artifact to exist as a real, registered and consumable host-reference authority inside Overview & Scope.", "Installation here does not mean generic host setup. It means installing the canonical server-registry artifact into the documentation system so server identity becomes materially present, selectable and readable.", "Its installation role is to establish a stable server-reference surface that downstream categories, Documentation Hub and Operator Panel can consume without ambiguity.", "A valid installation makes server registry observable as a real document and not as scattered host assumptions." ] }, { title: "Document materialization requirements", items: [ "Server Registry Canonical must exist as a real document registered under overview_scope.", "Its document id, label, path, phase and layer identity must be materially installed in the document set.", "The document must be readable through the Documentation Hub and discoverable from the architecture tree.", "The registry artifact must be installed as the server-reference authority and not as detached descriptive text." ] }, { title: "Canonical binding installation", items: [ "master_architecture_index must already exist as sovereign architectural root before Server Registry Canonical installation can be treated as valid.", "Project Scope Canonical must already exist before server references can be judged as project-relevant.", "Deployment Order Canonical must already exist before server-dependent progression can be judged as sequence-legitimate.", "Server Registry Canonical must be installed as subordinate registry authority, not as sovereign architecture or runtime truth.", "The registry artifact must inherit meaning from the canonical architecture root, project framing and rollout order, and must never redefine them locally." ] }, { title: "Hub and tree installation", items: [ "Server Registry Canonical must be registered inside hub_index.json under overview_scope.", "It must appear in the left architecture tree with correct label, type and placement.", "Its selection path must resolve to the correct server-registry artifact when clicked in the UI.", "Its architecture, contract and source routes must remain bound to the same registered server-registry identity." ] }, { title: "Registry installation", items: [ "The installed server-registry artifact must explicitly support recognized server entities and host surfaces.", "The installed server-registry artifact must explicitly support stable server identification rules.", "The installed server-registry artifact must explicitly support authoritative host context for downstream references.", "The installed server-registry artifact must explicitly support dependency fit for runtime, delivery, monitoring and panel-facing layers.", "Installation is incomplete if host legitimacy still depends on scattered notes, implicit operator memory or UI-local assumptions." ] }, { title: "Rendering installation", items: [ "Server Registry Canonical must render through the same structured category scaffold used for category-level architecture views.", "Its installed cards must remain readable and context-correct in architecture mode.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its installation is invalid if the selected server-registry artifact renders another document payload." ] }, { title: "Source and contract installation", items: [ "Source view must expose the real underlying source for Server Registry Canonical.", "Contract view must describe the same registered server-registry artifact seen in architecture mode.", "Architecture, contract and source routes must remain installation-consistent.", "Installation is invalid if those routes diverge in identity, meaning or underlying artifact." ] }, { title: "Dependency installation gates", items: [ "Architectural sovereignty must exist before registry installation can be trusted.", "Project framing must exist before server references can be judged as project-legitimate.", "Deployment order must exist before server-dependent readiness can be judged as sequence-legitimate.", "Hub registration must exist before UI selection can be trusted.", "Registry identity stability must exist before downstream runtime, delivery, monitoring or panel-facing dependency claims can be trusted." ] }, { title: "Failure-sensitive installation conditions", items: [ "If the server-registry artifact exists in code but is not reachable in the tree, installation is incomplete.", "If the server-registry artifact is reachable in the tree but resolves to the wrong payload, installation is invalid.", "If the server-registry artifact renders only through fallback summary, installation is incomplete.", "If the server-registry artifact loses canonical linkage while still appearing selectable, installation is invalid." ] }, { title: "Installation exit rule", items: [ "Server Registry Canonical installation is complete only when the document is materially present, canonically bound, tree-selectable, architecturally renderable and identity-stable across architecture, contract and source views.", "No downstream runtime, delivery, monitoring or panel-facing dependency claim may be treated as installation-ready if Server Registry Canonical still operates through ambiguous routing or fallback-driven projection.", "Installation completion for Server Registry Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const validationBuckets = [ { title: "Definition and validation role", items: [ "Server Registry Canonical validation defines the evidence-based checks required to confirm that the server-registration artifact is structurally correct, canonically bound and trustworthy as the formal host-reference authority.", "Validation here does not judge wording preference. It verifies registry identity, host-reference clarity, canonical linkage, route integrity and cross-view consistency.", "Its role is to prove that the selected Server Registry Canonical is the real registered server artifact and not a fallback, alias, inherited payload or ambiguous host-reference substitute.", "A valid Server Registry Canonical must remain verifiable across architecture, contract and source views." ] }, { title: "Identity validation", items: [ "The document selected in the tree must resolve to server_registry and not to another overview_scope artifact.", "Its document id, label, path, phase and layer must remain stable during selection and rendering.", "The same artifact must be observed across architecture view, contract view and source view.", "Validation fails if the UI selection path resolves to a mismatched document identity." ] }, { title: "Canonical linkage validation", items: [ "Server Registry Canonical must remain subordinate to master_architecture_index sovereignty.", "Its role as the server-registration authority artifact must remain explicit.", "Its linkage to project scope, deployment order and downstream host-facing dependency fit must remain materially traceable.", "Validation fails if the server-registry artifact appears structurally detached from the canonical overview roots." ] }, { title: "Registry validation", items: [ "Recognized server entities and host surfaces must be explicitly visible and non-ambiguous.", "Stable identification rules for those entities must be materially clear.", "Authoritative host context for downstream references must be materially clear.", "Validation fails if host legitimacy still depends on implied context, scattered notes or operator habit." ] }, { title: "Dependency validation", items: [ "The registry artifact must visibly support downstream readiness judgment for runtime, delivery, monitoring and panel-facing layers.", "It must be materially clear which server references are legitimate, which are ambiguous and which are invalid.", "No host-legitimacy claim may depend on vague infrastructure prose alone.", "Validation fails if downstream dependency fit cannot be traced back to explicit server-registry truth." ] }, { title: "Render-path validation", items: [ "Architecture mode must render the custom Server Registry Canonical architecture payload, not an inherited structured payload from another overview_scope document.", "Contract mode must describe the same registered Server Registry Canonical artifact.", "Source mode must expose the real underlying source of Server Registry Canonical.", "Validation fails if any mode falls back to the wrong document or if architecture mode depends on the wrong sourceMeta branch." ] }, { title: "Tree and selection validation", items: [ "Server Registry Canonical must appear in the correct category position inside the architecture tree.", "A click on Server Registry Canonical must keep the selected document stable across re-render.", "Mode switching must not silently redirect the user to Master Architecture Index, Project Scope Canonical, Deployment Order Canonical, Sandbox Environment Canonical, Panel Manifest or another sibling document.", "Validation fails if tree selection is visually correct but operationally resolves to another payload." ] }, { title: "Content integrity validation", items: [ "The architecture cards shown under Server Registry Canonical must correspond to server-registry content and not inherited text from another document.", "Overview, Prerequisites, Installation, Configuration and downstream cards must remain context-consistent with host-reference behavior.", "The server-registry artifact must not render stale content cached from a previous selection.", "Validation fails if the visible text belongs to another document context." ] }, { title: "Evidence requirements", items: [ "Validation must be grounded in observable UI behavior, observable document routing and observable host-reference output.", "Validation must be supported by file existence, tree registration, route stability, registry visibility and mode consistency.", "No validation claim may be based on inference, expectation or visual guess alone.", "Every PASS condition must be backed by real evidence from the served surface or underlying registered artifact." ] }, { title: "Validation exit rule", items: [ "Server Registry Canonical validation is complete only when identity, linkage, registry clarity, dependency fit, tree routing, render path, source exposure and cross-view consistency are all materially confirmed.", "No downstream runtime, delivery, monitoring or panel-facing dependency claim may be treated as trustworthy if Server Registry Canonical validation still depends on ambiguous selection, unverified server references or unstable routing.", "Validation completion for Server Registry Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const failureModesBuckets = [ { title: "Definition and recovery role", items: [ "Server Registry Canonical failure modes and recovery define the invalid states that break the server-registration artifact as a trustworthy host-reference authority and the recovery actions required to restore registry legitimacy.", "Failure here is not limited to missing file or broken render. It includes ambiguous server identity, wrong host reference logic, wrong payload routing, identity drift, inherited content contamination and loss of canonical registry role.", "Recovery exists to restore Server Registry Canonical as the real server-reference artifact that downstream runtime, delivery, monitoring and panel-facing layers can trust.", "A recovered state is valid only when registry identity, host-reference clarity, canonical linkage and rendered content integrity are materially restored." ] }, { title: "Identity failure modes", items: [ "Server Registry Canonical may appear selected in the tree while another overview_scope payload is actually rendered.", "The server-registry artifact may resolve with wrong document id, wrong path or wrong architectural role.", "A stale UI state may preserve the correct label while operationally switching to a sibling artifact.", "Recovery requires proving the rendered payload is again bound to server_registry and not to master_architecture_index, project_scope, deployment_order, sandbox_environment, panel_manifest or any other overview_scope document." ] }, { title: "Registry failure modes", items: [ "Declared server entities, host surfaces or authoritative references may become incomplete, ambiguous or contradictory.", "The server-registry artifact may fail to state what host context is authoritative and how server identities are distinguished.", "A partially framed registry may still look coherent in UI while remaining operationally invalid as host-reference authority.", "Recovery requires restoring explicit and non-ambiguous server identity, host authority and downstream reference rules." ] }, { title: "Canonical linkage failure modes", items: [ "Server Registry Canonical may lose its subordinate linkage to master_architecture_index and begin to behave as if it were sovereign architecture, runtime truth or monitoring truth.", "The server-registry artifact may drift away from project scope, deployment order or downstream host-facing dependency logic.", "The document may remain visible while no longer functioning as the canonical server-reference registry.", "Recovery requires re-establishing sovereign/support hierarchy and re-binding Server Registry Canonical to the overview roots." ] }, { title: "Tree and selection failure modes", items: [ "The tree may show Server Registry Canonical in the right place while click resolution points to another document.", "Mode switching may silently redirect the user away from the server-registry artifact.", "Reload or reselection may destabilize the active registry identity.", "Recovery requires restoring deterministic selection so tree label, selected doc and rendered payload converge again." ] }, { title: "Cross-view failure modes", items: [ "Architecture, contract and source views may diverge in identity or meaning.", "Contract view may describe one server-registry artifact while architecture renders another payload.", "Source mode may expose a different backing artifact than the one used in architecture mode.", "Recovery requires re-aligning all views to the same registered Server Registry Canonical artifact." ] }, { title: "Content contamination failure modes", items: [ "Server Registry Canonical may display inherited content from another overview_scope document after reload, reselection or mode change.", "Cached or previously loaded content may survive and contaminate the visible server-registry cards.", "Registry-specific cards may preserve structure but lose content-origin integrity.", "Recovery requires flushing the contaminated render path and confirming that visible text now belongs only to Server Registry Canonical." ] }, { title: "Recovery actions", items: [ "Re-select Server Registry Canonical from the tree and confirm the selected document remains stable across architecture, contract and source modes.", "Verify that hub registration, tree identity and rendered payload all still point to server_registry.", "Re-check that recognized server entities, authoritative host context and downstream dependency fit are again visible in the rendered cards.", "Treat any fallback-driven, cross-document or ambiguity-preserving state as invalid until evidence proves recovery is complete." ] }, { title: "Recovery evidence requirements", items: [ "Recovery is valid only when Server Registry Canonical is materially reachable, correctly selected and rendered from the correct payload.", "The recovered state must be observable in UI behavior and not merely assumed from code edits.", "The visible cards must show Server Registry Canonical-specific content after recovery.", "Architecture, contract and source modes must all confirm the same restored identity and registry framing." ] }, { title: "Failure modes and recovery exit rule", items: [ "Server Registry Canonical failure and recovery handling is complete only when invalid routing, registry ambiguity, identity drift, fallback behavior and cross-view divergence states are all detectable and recoverable through evidence-based actions.", "No downstream runtime, delivery, monitoring or panel-facing dependency claim may be treated as trustworthy if Server Registry Canonical recovery still depends on unverified assumptions.", "Failure and recovery completion for Server Registry Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const rightHtml = [ renderStructuredCard("Installation", installationBuckets), renderStructuredCard("Validation", validationBuckets), renderStructuredCard("Failure Modes & Recovery", failureModesBuckets) ].join(""); return { kind: "html", content: overviewHtml + `
${leftHtml}
${rightHtml}
` }; } ================================================================================ DOC: project_progress_canonical | Project Progress Canonical ================================================================================ if (doc.id === "project_progress_canonical" && state.categoryId === "overview_scope") { const renderPendingCard = (title) => ` `; const renderBucketCard = (bucket) => `
${escapeHtml(bucket.title)}
${ bucket.items.length ? `` : `
No items declared.
` }
`; const renderStructuredCard = (title, buckets) => `
${buckets.map(renderBucketCard).join("")}
`; const overviewHtml = `

Overview

${escapeHtml("Project Progress Canonical defines the formal progress-tracking authority for Devon under Phase 01 Overview & Scope. It exists to declare how project advancement is measured, what counts as real progress, which signals are merely activity without completion value, how progress must remain tied to canonical evidence and when downstream categories, phases or operational surfaces may be treated as genuinely advanced. It is not sovereign architecture and it is not runtime telemetry by itself; it is the canonical progress-framing authority subordinate to master_architecture_index, project scope, deployment order and evidence-bearing project surfaces. Once valid, it becomes the reference that Documentation Hub, Operator Panel and downstream categories must use to judge completion state, maturity progression, evidence-backed advancement and promotion readiness across the Devon system.")}

`; const prerequisitesBuckets = [ { title: "Definition and canonical role", items: [ "Project Progress Canonical prerequisites define the minimum conditions that must exist before project advancement can be treated as formally measured, evidence-bound and trustworthy across the Devon system.", "The role of prerequisites here is to establish the progress artifact that answers what counts as real advancement, what remains mere activity, how maturity is judged and what downstream surfaces may legitimately depend on claimed progress.", "Project Progress Canonical is not sovereign architecture and it is not runtime telemetry by itself. It is the canonical progress-framing authority under Overview & Scope, subordinate to master_architecture_index, project scope, deployment order and evidence-bearing project surfaces.", "Without valid prerequisites, every downstream completion claim, maturity signal, operational dashboard and promotion decision risks operating on cosmetic or inferred progress." ] }, { title: "Fundamental principle", items: [ "Project progress must be explicit, evidence-linked and authority-bound before advancement claims can be treated as legitimate.", "Progress cannot be inferred from effort, activity volume, chat history, UI motion or unvalidated runtime noise.", "If progress is not materially declared and supported by evidence, it is not valid progress.", "If progress exists but conflicts with canonical scope, deployment order or observable evidence, it is invalid.", "If maturity, completion or advancement criteria are ambiguous, downstream progress claims are invalid." ] }, { title: "Architectural framing prerequisites", items: [ "master_architecture_index must already exist as sovereign architectural root.", "Project Scope Canonical must already exist to determine what progress is project-relevant.", "Deployment Order Canonical must already exist to determine what advancement sequence is legitimate.", "Evidence-bearing project surfaces must already exist enough to support non-inferred progress judgment.", "Project Progress Canonical must be positioned as the progress-framing authority inside Phase 01 overview_scope." ] }, { title: "Progress-definition prerequisites", items: [ "The document must explicitly define what counts as real project progress.", "The document must explicitly define what does not count as progress even if activity exists.", "The document must explicitly define how completion state, maturity progression and advancement legitimacy are judged.", "The document must explicitly define what evidence types are required before progress can be claimed.", "The document must explicitly define what downstream materialization depends on valid progress framing." ] }, { title: "Authority prerequisites", items: [ "Project Progress Canonical must have clear authority ownership as the progress-framing artifact.", "Its authority must not be mixed with sovereign architecture, raw runtime status, ad hoc reporting or UI-local interpretation.", "The document must state what other artifacts it depends on and what downstream artifacts depend on trustworthy progress evaluation.", "Progress framing must remain canonically readable by Documentation Hub and Panel without reinterpretation." ] }, { title: "Dependency prerequisites", items: [ "Downstream completion, maturity and promotion claims must only be treated as legitimate if they fit inside declared project progress logic.", "No category, phase or operational surface may be treated as advanced if its progress claim is unsupported by canonical evidence rules.", "No panel-facing or runtime-facing progress projection should outrun declared progress framing.", "Project progress must exist before downstream advancement claims can be trusted as project-legitimate rather than merely optimistic." ] }, { title: "Document integrity prerequisites", items: [ "Project Progress Canonical must exist as a real registered document in overview_scope.", "Its document id, label, path, phase and layer must remain stable.", "Its tree presence must resolve to the correct progress artifact.", "Architecture, contract and source routes must remain aligned to the same Project Progress Canonical identity." ] }, { title: "Failure-prevention prerequisites", items: [ "The project must not measure progress from assumptions spread across chats, scripts or temporary operational notes.", "Progress legitimacy must not depend on implicit operator feeling or UI-local perception of movement.", "The progress artifact must not collapse into vague status language without explicit evidence and completion meaning.", "The progress model must not drift from the canonical overview structure." ] }, { title: "Expected result", items: [ "When prerequisites are valid, Project Progress Canonical becomes a trustworthy artifact for advancement, maturity and completion judgment across the whole project.", "Downstream categories and phases can be assessed against explicit evidence-backed progress rules.", "Documentation Hub and Panel can project progress without inventing advancement meaning.", "Completion, maturity and promotion decisions can be judged against a declared canonical progress model." ] }, { title: "Prerequisites exit rule", items: [ "Project Progress Canonical prerequisites are complete only when progress identity, progress meaning, evidence requirements, authority ownership and dependency relevance are materially explicit.", "No downstream completion, maturity or promotion claim may be treated as progress-legitimate if progress framing is still ambiguous.", "Prerequisite completion for Project Progress Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const configurationBuckets = [ { title: "Definition and configuration role", items: [ "Project Progress Canonical configuration defines how the progress-framing artifact must be structurally arranged so advancement logic remains explicit, stable and consumable across Documentation Hub, Operator Panel and downstream categories.", "Configuration here means canonical arrangement, progress-judgment logic, authority binding and cross-view consistency, not cosmetic UI preference.", "Its role is to keep Project Progress Canonical stable as the formal progress-reference surface for completion state, maturity progression and promotion legitimacy.", "A configured Project Progress Canonical must remain structurally predictable across architecture, contract and source views." ] }, { title: "Document identity configuration", items: [ "Project Progress Canonical must keep a fixed document id, label, path, phase and layer identity.", "Its registration under overview_scope must remain stable in hub_index.json.", "Its document type must remain coherent with its role as the progress-framing authority artifact.", "Configuration is invalid if the same progress artifact resolves under conflicting identities across the UI." ] }, { title: "Canonical binding configuration", items: [ "The progress artifact must remain subordinate to master_architecture_index sovereignty.", "Its configuration must preserve explicit linkage to project scope and deployment order.", "Its authority must remain limited to project progress framing and must not redefine sovereign architecture or raw runtime truth.", "Sovereign/support separation must remain visible in how Project Progress Canonical is described and consumed." ] }, { title: "Progress logic configuration", items: [ "What counts as real project advancement must be explicitly configured rather than implied.", "What does not count as progress even when activity exists must be explicitly configured rather than assumed.", "Evidence-backed maturity and completion logic must be structurally declared.", "Promotion readiness conditions must be explicitly configured.", "Configuration is incomplete if progress legitimacy still depends on scattered notes, operator memory or interpretive UI behavior." ] }, { title: "Dependency configuration", items: [ "Project Progress Canonical must be configured to state what downstream completion, maturity and promotion claims become legitimate only under declared evidence-bearing progress conditions.", "It must support readiness judgment based on explicit advancement logic rather than convenience-based optimism.", "It must provide enough structure for real progress, mere activity, incomplete maturity and promotable completion states.", "The dependency configuration must eliminate ambiguous advancement-legitimacy claims." ] }, { title: "Tree and selection configuration", items: [ "Project Progress Canonical must be configured to appear in the correct category and order inside the architecture tree.", "Its selection path must resolve deterministically when clicked from the left navigation.", "Its architecture, contract and source routes must all point to the same underlying document identity.", "Configuration is invalid if UI selection can drift into another overview_scope payload." ] }, { title: "Rendering configuration", items: [ "Project Progress Canonical must be configured to render through the structured category scaffold in architecture mode.", "Its card layout must remain compatible with the same category model used across the documentation plane.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its configuration is invalid if the selected progress artifact renders another document payload." ] }, { title: "Source and contract configuration", items: [ "Source view must expose the real underlying document for Project Progress Canonical.", "Contract view must describe the same registered progress artifact seen in architecture mode.", "Architecture, contract and source views must stay configuration-consistent.", "Any route divergence between those three views invalidates configuration integrity." ] }, { title: "Misconfiguration conditions", items: [ "If the progress artifact appears in the tree but resolves to the wrong architecture payload, configuration is invalid.", "If the progress artifact has a valid source but inconsistent contract projection, configuration is invalid.", "If the progress artifact depends on fallback behavior to render architecture, configuration is incomplete.", "If the progress artifact loses canonical linkage while remaining selectable in the UI, configuration is invalid." ] }, { title: "Configuration exit rule", items: [ "Project Progress Canonical configuration is complete only when document identity, canonical binding, progress logic, dependency framing, tree placement, selection routing, rendering behavior and cross-view consistency are materially stable.", "No downstream completion, maturity or promotion claim may be treated as configuration-ready if Project Progress Canonical still depends on ambiguous routing or unstable identity.", "Configuration completion for Project Progress Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const observableEvidenceBuckets = [ { title: "Definition and evidence role", items: [ "Project Progress Canonical observable evidence defines the materially inspectable signals that prove the progress-framing artifact exists, is correctly registered, is routed to the correct payload and is being rendered from the correct document identity.", "Observable evidence here is not conceptual confidence. It is concrete evidence that can be inspected in file registration, UI selection behavior, mode switching, route stability and rendered progress output.", "Its role is to prove that the progress artifact is not only declared in architecture, but materially reachable and operationally projected in the Documentation Hub.", "If a condition cannot be observed, it cannot be claimed as valid evidence for Project Progress Canonical." ] }, { title: "Document existence evidence", items: [ "Project Progress Canonical must exist as a real registered document in the documentation system.", "Its document id must be observable as project_progress_canonical.", "Its label, path, phase and layer identity must be materially present in the registered document set.", "Evidence fails if the progress artifact is referenced in logic but not materially registered as a document." ] }, { title: "Hub registration evidence", items: [ "Project Progress Canonical must be observable inside hub_index.json under overview_scope.", "Its placement in the category docs list must be materially visible.", "Its registration must be stable enough to survive reload and re-render.", "Evidence fails if the progress artifact is only implied by code and not present in hub registration." ] }, { title: "Tree visibility evidence", items: [ "Project Progress Canonical must appear in the left architecture tree under Overview & Scope.", "Its label must be visibly selectable from the UI.", "A user click on Project Progress Canonical must be observable as a stable document selection event.", "Evidence fails if the tree shows the label but selection resolves to another artifact." ] }, { title: "Render-path evidence", items: [ "Architecture mode must visibly render Project Progress Canonical-specific cards and text rather than inherited content from Master Architecture Index, Project Scope Canonical, Deployment Order Canonical, Sandbox Environment Canonical, Server Registry Canonical, Panel Manifest or another overview_scope document.", "Contract mode must visibly describe the same Project Progress Canonical artifact.", "Source mode must visibly expose the real underlying source for Project Progress Canonical.", "Evidence fails if any mode shows fallback content, wrong payload or cross-document contamination." ] }, { title: "Identity consistency evidence", items: [ "The same Project Progress Canonical identity must be observable across architecture, contract and source views.", "The selected document must not silently switch to Master Architecture Index, Project Scope Canonical, Deployment Order Canonical, Sandbox Environment Canonical, Server Registry Canonical, Panel Manifest or another sibling artifact.", "Route stability must remain observable during mode changes and reselection.", "Evidence fails if the UI presents one label while the payload belongs to another document." ] }, { title: "Progress evidence", items: [ "The rendered progress cards must visibly state what counts as real progress.", "The rendered progress cards must visibly state what does not count as progress even if activity exists.", "The rendered progress cards must visibly support evidence-backed maturity and completion logic.", "The rendered progress cards must visibly state what conditions govern promotion based on progress.", "Evidence fails if progress legitimacy still depends on implied context rather than visible progress rules." ] }, { title: "Content integrity evidence", items: [ "The visible text under Project Progress Canonical must correspond to project-progress context and not to another category or document.", "Overview, Prerequisites, Installation, Configuration, Validation and downstream cards must remain context-consistent with advancement behavior.", "Observable evidence must show that rendered text changes when Project Progress Canonical-specific content is updated in code.", "Evidence fails if the UI continues to show stale or inherited content after document-specific updates." ] }, { title: "Operational evidence of progress legitimacy", items: [ "Project Progress Canonical must be observably usable as the advancement artifact for completion, maturity and promotion judgment.", "Its presence must support deterministic readiness judgment for downstream phases and categories.", "The progress artifact must remain observably stable under reload, reselection and mode switching.", "Evidence fails if progress legitimacy depends on hidden cache, ambiguous routing or lucky UI state." ] }, { title: "Observable evidence exit rule", items: [ "Observable evidence for Project Progress Canonical is complete only when document existence, hub registration, tree visibility, payload identity, progress-rule visibility, render-path integrity and cross-view consistency are all materially inspectable.", "No downstream completion, maturity or promotion claim may be treated as trustworthy if Project Progress Canonical evidence is still indirect, inferred or fallback-driven.", "Observable evidence completion for Project Progress Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const completionPromotionBuckets = [ { title: "Definition and promotion role", items: [ "Project Progress Canonical completion and promotion define when the progress-framing artifact can be treated as structurally complete and trusted enough to unlock downstream completion, maturity and promotion decisions.", "Completion here does not mean the document merely exists. It means progress logic is materially present, identity-stable, canonically bound, evidence-explicit and operationally consumable.", "Promotion here means the progress artifact is trusted enough to serve as the reference for what counts as real advancement, what remains incomplete and what becomes legitimately promotable.", "A promoted Project Progress Canonical must already function as the stable advancement authority under Overview & Scope." ] }, { title: "Completion criteria", items: [ "Project Progress Canonical must be registered as a real document under overview_scope.", "Its tree placement, selection behavior and render path must be materially stable.", "Its architecture, contract and source modes must remain aligned to the same document identity.", "Its content must be context-correct and free from inherited payload contamination.", "Its role as progress-framing authority must remain subordinate to master_architecture_index sovereignty." ] }, { title: "Progress completion criteria", items: [ "The document must materially define what counts as real project progress.", "The document must materially define what does not count as progress even if activity exists.", "The document must materially define evidence-backed completion and maturity logic.", "The document must materially define what progress conditions govern promotion readiness.", "No major advancement decision may remain dependent on scattered interpretation once completion is claimed." ] }, { title: "Promotion gates", items: [ "No promotion is valid if Project Progress Canonical still depends on fallback-driven architecture rendering.", "No promotion is valid if UI selection can still resolve to the wrong payload.", "No promotion is valid if progress rules, maturity logic or completion criteria remain ambiguous.", "No promotion is valid if cross-view identity remains unverified.", "Promotion is valid only when progress identity, advancement integrity and evidence integrity are all materially confirmed." ] }, { title: "Downstream unlocks", items: [ "A complete Project Progress Canonical unlocks trustworthy readiness judgment for downstream categories and phases.", "It unlocks safer completion and maturity gating for promotion decisions.", "It unlocks consistent progress projection across Documentation Hub and Operator Panel surfaces.", "It unlocks more reliable promotion decisions because downstream advancement can now be tested against an explicit canonical progress model." ] }, { title: "Non-promotable states", items: [ "A progress artifact that is selectable but not identity-stable is not promotable.", "A progress artifact that renders through the wrong payload is not promotable.", "A progress artifact that looks coherent but still leaves progress rules ambiguous is not promotable.", "A progress artifact that loses canonical linkage is not promotable.", "A progress artifact that cannot keep architecture, contract and source views aligned is not promotable." ] }, { title: "Promotion evidence requirements", items: [ "Promotion must be supported by observable UI behavior, stable routing and correct rendered progress content.", "Promotion must be backed by hub registration, tree visibility, progress clarity and cross-view identity consistency.", "Promotion must be proven from the served surface and not from assumed code intent.", "Every completion or promotion claim must be evidenced by what the system actually resolves, renders and keeps stable." ] }, { title: "Completion and promotion exit rule", items: [ "Project Progress Canonical completion and promotion are complete only when the progress artifact is materially present, canonically bound, tree-stable, payload-correct, evidence-explicit and trustworthy across architecture, contract and source views.", "No downstream completion, maturity or promotion decision may be treated as reliable if Project Progress Canonical still operates under ambiguous routing, fallback behavior, unstable identity or incomplete progress framing.", "Completion and promotion for Project Progress Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const leftHtml = [ renderStructuredCard("Prerequisites", prerequisitesBuckets), renderStructuredCard("Configuration", configurationBuckets), renderStructuredCard("Observable Evidence", observableEvidenceBuckets), renderStructuredCard("Completion & Promotion", completionPromotionBuckets) ].join(""); const installationBuckets = [ { title: "Definition and installation role", items: [ "Project Progress Canonical installation defines the material conditions required for the progress-framing artifact to exist as a real, registered and consumable advancement authority inside Overview & Scope.", "Installation here does not mean generic host setup. It means installing the canonical progress artifact into the documentation system so progress logic becomes materially present, selectable and readable.", "Its installation role is to establish a stable progress-reference surface that downstream categories, Documentation Hub and Operator Panel can consume without ambiguity.", "A valid installation makes project progress observable as a real document and not as scattered status language." ] }, { title: "Document materialization requirements", items: [ "Project Progress Canonical must exist as a real document registered under overview_scope.", "Its document id, label, path, phase and layer identity must be materially installed in the document set.", "The document must be readable through the Documentation Hub and discoverable from the architecture tree.", "The progress artifact must be installed as the advancement authority and not as detached descriptive text." ] }, { title: "Canonical binding installation", items: [ "master_architecture_index must already exist as sovereign architectural root before Project Progress Canonical installation can be treated as valid.", "Project Scope Canonical must already exist before progress can be judged as project-relevant.", "Deployment Order Canonical must already exist before progress sequence and maturity can be judged as rollout-legitimate.", "Project Progress Canonical must be installed as subordinate progress authority, not as sovereign architecture or raw runtime status.", "The progress artifact must inherit meaning from the canonical architecture root, project framing and rollout order, and must never redefine them locally." ] }, { title: "Hub and tree installation", items: [ "Project Progress Canonical must be registered inside hub_index.json under overview_scope.", "It must appear in the left architecture tree with correct label, type and placement.", "Its selection path must resolve to the correct progress artifact when clicked in the UI.", "Its architecture, contract and source routes must remain bound to the same registered progress identity." ] }, { title: "Progress installation", items: [ "The installed progress artifact must explicitly support what counts as real advancement.", "The installed progress artifact must explicitly support what does not count as progress even when activity exists.", "The installed progress artifact must explicitly support evidence-backed maturity and completion logic.", "The installed progress artifact must explicitly support downstream promotion readiness judgment.", "Installation is incomplete if progress legitimacy still depends on scattered notes, implicit operator memory or UI-local assumptions." ] }, { title: "Rendering installation", items: [ "Project Progress Canonical must render through the same structured category scaffold used for category-level architecture views.", "Its installed cards must remain readable and context-correct in architecture mode.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its installation is invalid if the selected progress artifact renders another document payload." ] }, { title: "Source and contract installation", items: [ "Source view must expose the real underlying source for Project Progress Canonical.", "Contract view must describe the same registered progress artifact seen in architecture mode.", "Architecture, contract and source routes must remain installation-consistent.", "Installation is invalid if those routes diverge in identity, meaning or underlying artifact." ] }, { title: "Dependency installation gates", items: [ "Architectural sovereignty must exist before progress installation can be trusted.", "Project framing must exist before advancement can be judged as project-legitimate.", "Deployment order must exist before maturity and progression can be judged as sequence-legitimate.", "Hub registration must exist before UI selection can be trusted.", "Progress identity stability must exist before downstream completion, maturity or promotion claims can be trusted." ] }, { title: "Failure-sensitive installation conditions", items: [ "If the progress artifact exists in code but is not reachable in the tree, installation is incomplete.", "If the progress artifact is reachable in the tree but resolves to the wrong payload, installation is invalid.", "If the progress artifact renders only through fallback summary, installation is incomplete.", "If the progress artifact loses canonical linkage while still appearing selectable, installation is invalid." ] }, { title: "Installation exit rule", items: [ "Project Progress Canonical installation is complete only when the document is materially present, canonically bound, tree-selectable, architecturally renderable and identity-stable across architecture, contract and source views.", "No downstream completion, maturity or promotion claim may be treated as installation-ready if Project Progress Canonical still operates through ambiguous routing or fallback-driven projection.", "Installation completion for Project Progress Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const validationBuckets = [ { title: "Definition and validation role", items: [ "Project Progress Canonical validation defines the evidence-based checks required to confirm that the progress-framing artifact is structurally correct, canonically bound and trustworthy as the formal advancement authority.", "Validation here does not judge wording preference. It verifies progress identity, advancement logic clarity, canonical linkage, route integrity and cross-view consistency.", "Its role is to prove that the selected Project Progress Canonical is the real registered progress artifact and not a fallback, alias, inherited payload or ambiguous status substitute.", "A valid Project Progress Canonical must remain verifiable across architecture, contract and source views." ] }, { title: "Identity validation", items: [ "The document selected in the tree must resolve to project_progress_canonical and not to another overview_scope artifact.", "Its document id, label, path, phase and layer must remain stable during selection and rendering.", "The same artifact must be observed across architecture view, contract view and source view.", "Validation fails if the UI selection path resolves to a mismatched document identity." ] }, { title: "Canonical linkage validation", items: [ "Project Progress Canonical must remain subordinate to master_architecture_index sovereignty.", "Its role as the progress-framing authority artifact must remain explicit.", "Its linkage to project scope, deployment order and evidence-bearing project surfaces must remain materially traceable.", "Validation fails if the progress artifact appears structurally detached from the canonical overview roots." ] }, { title: "Progress logic validation", items: [ "What counts as real progress must be explicitly visible and non-ambiguous.", "What does not count as progress even when activity exists must be explicitly visible and non-ambiguous.", "Evidence-backed completion and maturity logic must be materially clear.", "Promotion readiness conditions based on progress must be materially clear.", "Validation fails if advancement legitimacy still depends on implied context, scattered notes or operator habit." ] }, { title: "Dependency validation", items: [ "The progress artifact must visibly support downstream readiness judgment for completion, maturity and promotion.", "It must be materially clear which states count as real progress, which are only activity and which are still incomplete.", "No progress-legitimacy claim may depend on vague status language alone.", "Validation fails if advancement legitimacy cannot be traced back to explicit evidence and canonical progress rules." ] }, { title: "Render-path validation", items: [ "Architecture mode must render the custom Project Progress Canonical architecture payload, not an inherited structured payload from another overview_scope document.", "Contract mode must describe the same registered Project Progress Canonical artifact.", "Source mode must expose the real underlying source of Project Progress Canonical.", "Validation fails if any mode falls back to the wrong document or if architecture mode depends on the wrong sourceMeta branch." ] }, { title: "Tree and selection validation", items: [ "Project Progress Canonical must appear in the correct category position inside the architecture tree.", "A click on Project Progress Canonical must keep the selected document stable across re-render.", "Mode switching must not silently redirect the user to Master Architecture Index, Project Scope Canonical, Deployment Order Canonical, Sandbox Environment Canonical, Server Registry Canonical, Panel Manifest or another sibling document.", "Validation fails if tree selection is visually correct but operationally resolves to another payload." ] }, { title: "Content integrity validation", items: [ "The architecture cards shown under Project Progress Canonical must correspond to project-progress content and not inherited text from another document.", "Overview, Prerequisites, Installation, Configuration and downstream cards must remain context-consistent with advancement behavior.", "The progress artifact must not render stale content cached from a previous selection.", "Validation fails if the visible text belongs to another document context." ] }, { title: "Evidence requirements", items: [ "Validation must be grounded in observable UI behavior, observable document routing and observable progress-framing output.", "Validation must be supported by file existence, tree registration, route stability, progress-rule visibility and mode consistency.", "No validation claim may be based on inference, expectation or visual guess alone.", "Every PASS condition must be backed by real evidence from the served surface or underlying registered artifact." ] }, { title: "Validation exit rule", items: [ "Project Progress Canonical validation is complete only when identity, linkage, progress clarity, dependency framing, tree routing, render path, source exposure and cross-view consistency are all materially confirmed.", "No downstream completion, maturity or promotion claim may be treated as trustworthy if Project Progress Canonical validation still depends on ambiguous selection, unverified progress rules or unstable routing.", "Validation completion for Project Progress Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const failureModesBuckets = [ { title: "Definition and recovery role", items: [ "Project Progress Canonical failure modes and recovery define the invalid states that break the progress-framing artifact as a trustworthy advancement authority and the recovery actions required to restore progress legitimacy.", "Failure here is not limited to missing file or broken render. It includes ambiguous progress rules, wrong completion logic, wrong payload routing, identity drift, inherited content contamination and loss of canonical progress role.", "Recovery exists to restore Project Progress Canonical as the real progress-reference artifact that downstream completion, maturity and promotion decisions can trust.", "A recovered state is valid only when progress identity, advancement clarity, canonical linkage and rendered content integrity are materially restored." ] }, { title: "Identity failure modes", items: [ "Project Progress Canonical may appear selected in the tree while another overview_scope payload is actually rendered.", "The progress artifact may resolve with wrong document id, wrong path or wrong architectural role.", "A stale UI state may preserve the correct label while operationally switching to a sibling artifact.", "Recovery requires proving the rendered payload is again bound to project_progress_canonical and not to master_architecture_index, project_scope, deployment_order, sandbox_environment, server_registry, panel_manifest or any other overview_scope document." ] }, { title: "Progress-logic failure modes", items: [ "Declared progress rules may become incomplete, ambiguous or contradictory.", "The progress artifact may fail to distinguish real advancement from mere activity.", "Completion and maturity logic may appear coherent in UI while remaining operationally invalid as progress authority.", "Recovery requires restoring explicit and non-ambiguous progress meaning, evidence logic and promotion relevance." ] }, { title: "Canonical linkage failure modes", items: [ "Project Progress Canonical may lose its subordinate linkage to master_architecture_index and begin to behave as if it were sovereign architecture, runtime truth or arbitrary reporting truth.", "The progress artifact may drift away from project scope, deployment order or evidence-bearing project surfaces.", "The document may remain visible while no longer functioning as the canonical advancement registry.", "Recovery requires re-establishing sovereign/support hierarchy and re-binding Project Progress Canonical to the overview roots." ] }, { title: "Tree and selection failure modes", items: [ "The tree may show Project Progress Canonical in the right place while click resolution points to another document.", "Mode switching may silently redirect the user away from the progress artifact.", "Reload or reselection may destabilize the active progress identity.", "Recovery requires restoring deterministic selection so tree label, selected doc and rendered payload converge again." ] }, { title: "Cross-view failure modes", items: [ "Architecture, contract and source views may diverge in identity or meaning.", "Contract view may describe one progress artifact while architecture renders another payload.", "Source mode may expose a different backing artifact than the one used in architecture mode.", "Recovery requires re-aligning all views to the same registered Project Progress Canonical artifact." ] }, { title: "Content contamination failure modes", items: [ "Project Progress Canonical may display inherited content from another overview_scope document after reload, reselection or mode change.", "Cached or previously loaded content may survive and contaminate the visible progress cards.", "Progress-specific cards may preserve structure but lose content-origin integrity.", "Recovery requires flushing the contaminated render path and confirming that visible text now belongs only to Project Progress Canonical." ] }, { title: "Recovery actions", items: [ "Re-select Project Progress Canonical from the tree and confirm the selected document remains stable across architecture, contract and source modes.", "Verify that hub registration, tree identity and rendered payload all still point to project_progress_canonical.", "Re-check that progress rules, completion logic, maturity logic and promotion conditions are again visible in the rendered cards.", "Treat any fallback-driven, cross-document or ambiguity-preserving state as invalid until evidence proves recovery is complete." ] }, { title: "Recovery evidence requirements", items: [ "Recovery is valid only when Project Progress Canonical is materially reachable, correctly selected and rendered from the correct payload.", "The recovered state must be observable in UI behavior and not merely assumed from code edits.", "The visible cards must show Project Progress Canonical-specific content after recovery.", "Architecture, contract and source modes must all confirm the same restored identity and progress framing." ] }, { title: "Failure modes and recovery exit rule", items: [ "Project Progress Canonical failure and recovery handling is complete only when invalid routing, progress ambiguity, identity drift, fallback behavior and cross-view divergence states are all detectable and recoverable through evidence-based actions.", "No downstream completion, maturity or promotion claim may be treated as trustworthy if Project Progress Canonical recovery still depends on unverified assumptions.", "Failure and recovery completion for Project Progress Canonical must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const rightHtml = [ renderStructuredCard("Installation", installationBuckets), renderStructuredCard("Validation", validationBuckets), renderStructuredCard("Failure Modes & Recovery", failureModesBuckets) ].join(""); return { kind: "html", content: overviewHtml + `
${leftHtml}
${rightHtml}
` }; } ================================================================================ DOC: project_progress_model | Project Progress Model ================================================================================ if (doc.id === "project_progress_model" && state.categoryId === "overview_scope") { const renderPendingCard = (title) => ` `; const renderBucketCard = (bucket) => `
${escapeHtml(bucket.title)}
${ bucket.items.length ? `` : `
No items declared.
` }
`; const renderStructuredCard = (title, buckets) => `
${buckets.map(renderBucketCard).join("")}
`; const overviewHtml = `

Overview

${escapeHtml("Project Progress Model defines the formal calculation model that converts canonical evidence, completion logic and maturity rules into interpretable project advancement states under Phase 01 Overview & Scope. It exists to declare how progress is modeled, how completion weight and maturity signals are interpreted, how raw activity is prevented from masquerading as advancement, how evidence-bearing states become measurable and how downstream panels, metrics and promotion surfaces may legitimately consume progress calculations. It is not sovereign architecture and it is not the same thing as Project Progress Canonical; Project Progress Canonical frames what counts as progress, while Project Progress Model defines how that progress is structurally modeled and computed. It remains subordinate to master_architecture_index, project scope, deployment order and Project Progress Canonical. Once valid, it becomes the reference that Documentation Hub, Operator Panel and downstream categories must use to judge modeled advancement, progress computation legitimacy and evidence-backed maturity transitions across the Devon system.")}

`; const prerequisitesBuckets = [ { title: "Definition and canonical role", items: [ "Project Progress Model prerequisites define the minimum conditions that must exist before project advancement can be computed through a valid and trustworthy model rather than inferred from raw activity or cosmetic status.", "The role of prerequisites here is to establish the modeling artifact that answers how progress is calculated, how completion weight is interpreted, how maturity signals are structured and how evidence-bearing states become measurable advancement.", "Project Progress Model is not sovereign architecture and it is not the same thing as Project Progress Canonical. Project Progress Canonical defines what counts as progress, while Project Progress Model defines how that progress is structurally modeled and computed.", "Without valid prerequisites, every downstream metric, progress calculation, maturity state and promotion decision risks operating on invalid or misleading advancement logic." ] }, { title: "Fundamental principle", items: [ "Modeled progress must be explicit, evidence-linked and authority-bound before computed advancement can be treated as legitimate.", "The model cannot be inferred from UI behavior, runtime noise, status prose or arbitrary weighting assumptions.", "If a computation rule is not materially declared, it is not valid progress modeling.", "If the model exists but conflicts with Project Progress Canonical, project scope, deployment order or evidence-bearing states, it is invalid.", "If progress weights, maturity thresholds or completion logic are ambiguous, downstream modeled-progress claims are invalid." ] }, { title: "Architectural framing prerequisites", items: [ "master_architecture_index must already exist as sovereign architectural root.", "Project Scope Canonical must already exist to determine what modeled progress is project-relevant.", "Deployment Order Canonical must already exist to determine whether computed advancement follows legitimate rollout sequence.", "Project Progress Canonical must already exist to define what counts as real progress before it can be modeled.", "Project Progress Model must be positioned as the progress-computation authority inside Phase 01 overview_scope." ] }, { title: "Model-definition prerequisites", items: [ "The document must explicitly define how progress is computed rather than merely described.", "The document must explicitly define how completion weight, maturity state or advancement thresholds are interpreted.", "The document must explicitly define how evidence-bearing signals become measurable progress states.", "The document must explicitly define how raw activity is prevented from masquerading as advancement.", "The document must explicitly define what downstream metrics, dashboards or promotion decisions depend on valid progress modeling." ] }, { title: "Authority prerequisites", items: [ "Project Progress Model must have clear authority ownership as the progress-computation artifact.", "Its authority must not be mixed with sovereign architecture, raw runtime status, cosmetic reporting or UI-local interpretation.", "The document must state what other artifacts it depends on and what downstream artifacts depend on trustworthy progress computation.", "Progress modeling must remain canonically readable by Documentation Hub and Panel without reinterpretation." ] }, { title: "Dependency prerequisites", items: [ "Downstream completion, maturity and promotion claims must only be treated as model-legitimate if they fit inside declared progress computation logic.", "No dashboard, metric or panel-facing progress surface may be treated as valid if its computed state is unsupported by canonical modeling rules.", "No modeled progress projection should outrun declared evidence and completion framing.", "Project Progress Model must exist before downstream advancement calculations can be trusted as project-legitimate rather than merely presentational." ] }, { title: "Document integrity prerequisites", items: [ "Project Progress Model must exist as a real registered document in overview_scope.", "Its document id, label, path, phase and layer must remain stable.", "Its tree presence must resolve to the correct progress-model artifact.", "Architecture, contract and source routes must remain aligned to the same Project Progress Model identity." ] }, { title: "Failure-prevention prerequisites", items: [ "The project must not compute progress from assumptions spread across chats, scripts or temporary operator notes.", "Progress modeling must not depend on implicit feeling, subjective interpretation or UI-local convenience.", "The progress-model artifact must not collapse into vague status language without explicit computation logic.", "The progress model must not drift from the canonical overview structure or from Project Progress Canonical." ] }, { title: "Expected result", items: [ "When prerequisites are valid, Project Progress Model becomes a trustworthy artifact for computed advancement, maturity and completion judgment across the whole project.", "Downstream categories, metrics and panels can be assessed against explicit evidence-backed computation rules.", "Documentation Hub and Panel can project modeled progress without inventing advancement logic.", "Completion, maturity and promotion decisions can be judged against a declared canonical progress model." ] }, { title: "Prerequisites exit rule", items: [ "Project Progress Model prerequisites are complete only when model identity, computation meaning, evidence requirements, authority ownership and dependency relevance are materially explicit.", "No downstream completion, maturity, metric or promotion claim may be treated as model-legitimate if progress computation framing is still ambiguous.", "Prerequisite completion for Project Progress Model must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const configurationBuckets = [ { title: "Definition and configuration role", items: [ "Project Progress Model configuration defines how the progress-computation artifact must be structurally arranged so advancement modeling remains explicit, stable and consumable across Documentation Hub, Operator Panel and downstream categories.", "Configuration here means canonical arrangement, computation logic, weighting logic, authority binding and cross-view consistency, not cosmetic UI preference.", "Its role is to keep Project Progress Model stable as the formal modeling surface for completion state, maturity progression and promotion legitimacy.", "A configured Project Progress Model must remain structurally predictable across architecture, contract and source views." ] }, { title: "Document identity configuration", items: [ "Project Progress Model must keep a fixed document id, label, path, phase and layer identity.", "Its registration under overview_scope must remain stable in hub_index.json.", "Its document type must remain coherent with its role as the progress-computation authority artifact.", "Configuration is invalid if the same progress-model artifact resolves under conflicting identities across the UI." ] }, { title: "Canonical binding configuration", items: [ "The progress-model artifact must remain subordinate to master_architecture_index sovereignty.", "Its configuration must preserve explicit linkage to project scope, deployment order and Project Progress Canonical.", "Its authority must remain limited to progress modeling and must not redefine sovereign architecture, raw runtime truth or progress semantics already owned by Project Progress Canonical.", "Sovereign/support separation must remain visible in how Project Progress Model is described and consumed." ] }, { title: "Computation configuration", items: [ "How progress is computed must be explicitly configured rather than implied.", "Completion weight, maturity state and advancement thresholds must be explicitly configured rather than assumed.", "How evidence-bearing signals become measurable progress states must be structurally declared.", "How raw activity is prevented from masquerading as advancement must be explicitly configured.", "Configuration is incomplete if progress computation still depends on scattered notes, operator memory or interpretive UI behavior." ] }, { title: "Dependency configuration", items: [ "Project Progress Model must be configured to state what downstream completion, maturity, metric and promotion claims become legitimate only under declared computation rules.", "It must support readiness judgment based on explicit modeled advancement logic rather than convenience-based optimism.", "It must provide enough structure for measurable progress, raw activity, incomplete maturity and promotable completion states.", "The dependency configuration must eliminate ambiguous modeled-progress claims." ] }, { title: "Tree and selection configuration", items: [ "Project Progress Model must be configured to appear in the correct category and order inside the architecture tree.", "Its selection path must resolve deterministically when clicked from the left navigation.", "Its architecture, contract and source routes must all point to the same underlying document identity.", "Configuration is invalid if UI selection can drift into another overview_scope payload." ] }, { title: "Rendering configuration", items: [ "Project Progress Model must be configured to render through the structured category scaffold in architecture mode.", "Its card layout must remain compatible with the same category model used across the documentation plane.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its configuration is invalid if the selected progress-model artifact renders another document payload." ] }, { title: "Source and contract configuration", items: [ "Source view must expose the real underlying document for Project Progress Model.", "Contract view must describe the same registered progress-model artifact seen in architecture mode.", "Architecture, contract and source views must stay configuration-consistent.", "Any route divergence between those three views invalidates configuration integrity." ] }, { title: "Misconfiguration conditions", items: [ "If the progress-model artifact appears in the tree but resolves to the wrong architecture payload, configuration is invalid.", "If the progress-model artifact has a valid source but inconsistent contract projection, configuration is invalid.", "If the progress-model artifact depends on fallback behavior to render architecture, configuration is incomplete.", "If the progress-model artifact loses canonical linkage while remaining selectable in the UI, configuration is invalid." ] }, { title: "Configuration exit rule", items: [ "Project Progress Model configuration is complete only when document identity, canonical binding, computation logic, dependency framing, tree placement, selection routing, rendering behavior and cross-view consistency are materially stable.", "No downstream completion, maturity, metric or promotion claim may be treated as configuration-ready if Project Progress Model still depends on ambiguous routing or unstable identity.", "Configuration completion for Project Progress Model must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const observableEvidenceBuckets = [ { title: "Definition and evidence role", items: [ "Project Progress Model observable evidence defines the materially inspectable signals that prove the progress-computation artifact exists, is correctly registered, is routed to the correct payload and is being rendered from the correct document identity.", "Observable evidence here is not conceptual confidence. It is concrete evidence that can be inspected in file registration, UI selection behavior, mode switching, route stability and rendered computation output.", "Its role is to prove that the progress-model artifact is not only declared in architecture, but materially reachable and operationally projected in the Documentation Hub.", "If a condition cannot be observed, it cannot be claimed as valid evidence for Project Progress Model." ] }, { title: "Document existence evidence", items: [ "Project Progress Model must exist as a real registered document in the documentation system.", "Its document id must be observable as project_progress_model.", "Its label, path, phase and layer identity must be materially present in the registered document set.", "Evidence fails if the progress-model artifact is referenced in logic but not materially registered as a document." ] }, { title: "Hub registration evidence", items: [ "Project Progress Model must be observable inside hub_index.json under overview_scope.", "Its placement in the category docs list must be materially visible.", "Its registration must be stable enough to survive reload and re-render.", "Evidence fails if the progress-model artifact is only implied by code and not present in hub registration." ] }, { title: "Tree visibility evidence", items: [ "Project Progress Model must appear in the left architecture tree under Overview & Scope.", "Its label must be visibly selectable from the UI.", "A user click on Project Progress Model must be observable as a stable document selection event.", "Evidence fails if the tree shows the label but selection resolves to another artifact." ] }, { title: "Render-path evidence", items: [ "Architecture mode must visibly render Project Progress Model-specific cards and text rather than inherited content from Master Architecture Index, Project Scope Canonical, Deployment Order Canonical, Sandbox Environment Canonical, Server Registry Canonical, Project Progress Canonical, Panel Manifest or another overview_scope document.", "Contract mode must visibly describe the same Project Progress Model artifact.", "Source mode must visibly expose the real underlying source for Project Progress Model.", "Evidence fails if any mode shows fallback content, wrong payload or cross-document contamination." ] }, { title: "Identity consistency evidence", items: [ "The same Project Progress Model identity must be observable across architecture, contract and source views.", "The selected document must not silently switch to Master Architecture Index, Project Scope Canonical, Deployment Order Canonical, Sandbox Environment Canonical, Server Registry Canonical, Project Progress Canonical, Panel Manifest or another sibling artifact.", "Route stability must remain observable during mode changes and reselection.", "Evidence fails if the UI presents one label while the payload belongs to another document." ] }, { title: "Computation evidence", items: [ "The rendered progress-model cards must visibly state how progress is computed.", "The rendered progress-model cards must visibly state how completion weight, maturity state and advancement thresholds are interpreted.", "The rendered progress-model cards must visibly state how evidence-bearing signals become measurable progress states.", "The rendered progress-model cards must visibly state how raw activity is prevented from masquerading as advancement.", "Evidence fails if modeled advancement still depends on implied context rather than visible computation rules." ] }, { title: "Content integrity evidence", items: [ "The visible text under Project Progress Model must correspond to progress-model context and not to another category or document.", "Overview, Prerequisites, Installation, Configuration, Validation and downstream cards must remain context-consistent with computation behavior.", "Observable evidence must show that rendered text changes when Project Progress Model-specific content is updated in code.", "Evidence fails if the UI continues to show stale or inherited content after document-specific updates." ] }, { title: "Operational evidence of model legitimacy", items: [ "Project Progress Model must be observably usable as the computation artifact for completion, maturity, metrics and promotion judgment.", "Its presence must support deterministic readiness judgment for downstream advancement surfaces.", "The progress-model artifact must remain observably stable under reload, reselection and mode switching.", "Evidence fails if modeled progress legitimacy depends on hidden cache, ambiguous routing or lucky UI state." ] }, { title: "Observable evidence exit rule", items: [ "Observable evidence for Project Progress Model is complete only when document existence, hub registration, tree visibility, payload identity, computation-rule visibility, render-path integrity and cross-view consistency are all materially inspectable.", "No downstream completion, maturity, metric or promotion claim may be treated as trustworthy if Project Progress Model evidence is still indirect, inferred or fallback-driven.", "Observable evidence completion for Project Progress Model must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const completionPromotionBuckets = [ { title: "Definition and promotion role", items: [ "Project Progress Model completion and promotion define when the progress-computation artifact can be treated as structurally complete and trusted enough to unlock downstream completion, maturity, metric and promotion decisions.", "Completion here does not mean the document merely exists. It means computation logic is materially present, identity-stable, canonically bound, evidence-explicit and operationally consumable.", "Promotion here means the progress-model artifact is trusted enough to serve as the reference for how measured advancement states become usable in downstream interpretation and decision surfaces.", "A promoted Project Progress Model must already function as the stable advancement-modeling authority under Overview & Scope." ] }, { title: "Completion criteria", items: [ "Project Progress Model must be registered as a real document under overview_scope.", "Its tree placement, selection behavior and render path must be materially stable.", "Its architecture, contract and source modes must remain aligned to the same document identity.", "Its content must be context-correct and free from inherited payload contamination.", "Its role as progress-computation authority must remain subordinate to master_architecture_index sovereignty." ] }, { title: "Model completion criteria", items: [ "The document must materially define how progress is computed.", "The document must materially define completion weight, maturity thresholds and advancement transitions.", "The document must materially define how evidence-bearing signals become measurable project progress states.", "The document must materially define how raw activity is prevented from being treated as advancement without rule support.", "No major modeled-advancement decision may remain dependent on scattered interpretation once completion is claimed." ] }, { title: "Promotion gates", items: [ "No promotion is valid if Project Progress Model still depends on fallback-driven architecture rendering.", "No promotion is valid if UI selection can still resolve to the wrong payload.", "No promotion is valid if computation rules, weighting logic or maturity thresholds remain ambiguous.", "No promotion is valid if cross-view identity remains unverified.", "Promotion is valid only when model identity, computation integrity and evidence integrity are all materially confirmed." ] }, { title: "Downstream unlocks", items: [ "A complete Project Progress Model unlocks trustworthy readiness judgment for downstream completion, maturity, metrics and promotion surfaces.", "It unlocks safer interpretation of modeled advancement across Documentation Hub and Operator Panel.", "It unlocks more reliable promotion decisions because downstream measured progress can now be tested against an explicit canonical computation model.", "It unlocks consistent separation between real progress semantics and computed progress interpretation." ] }, { title: "Non-promotable states", items: [ "A progress-model artifact that is selectable but not identity-stable is not promotable.", "A progress-model artifact that renders through the wrong payload is not promotable.", "A progress-model artifact that looks coherent but still leaves computation rules ambiguous is not promotable.", "A progress-model artifact that loses canonical linkage is not promotable.", "A progress-model artifact that cannot keep architecture, contract and source views aligned is not promotable." ] }, { title: "Promotion evidence requirements", items: [ "Promotion must be supported by observable UI behavior, stable routing and correct rendered computation content.", "Promotion must be backed by hub registration, tree visibility, model clarity and cross-view identity consistency.", "Promotion must be proven from the served surface and not from assumed code intent.", "Every completion or promotion claim must be evidenced by what the system actually resolves, renders and keeps stable." ] }, { title: "Completion and promotion exit rule", items: [ "Project Progress Model completion and promotion are complete only when the model artifact is materially present, canonically bound, tree-stable, payload-correct, evidence-explicit and trustworthy across architecture, contract and source views.", "No downstream completion, maturity, metric or promotion decision may be treated as reliable if Project Progress Model still operates under ambiguous routing, fallback behavior, unstable identity or incomplete computation framing.", "Completion and promotion for Project Progress Model must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const leftHtml = [ renderStructuredCard("Prerequisites", prerequisitesBuckets), renderStructuredCard("Configuration", configurationBuckets), renderStructuredCard("Observable Evidence", observableEvidenceBuckets), renderStructuredCard("Completion & Promotion", completionPromotionBuckets) ].join(""); const installationBuckets = [ { title: "Definition and installation role", items: [ "Project Progress Model installation defines the material conditions required for the progress-computation artifact to exist as a real, registered and consumable modeling authority inside Overview & Scope.", "Installation here does not mean generic host setup. It means installing the canonical progress-model artifact into the documentation system so computation logic becomes materially present, selectable and readable.", "Its installation role is to establish a stable progress-computation surface that downstream categories, Documentation Hub and Operator Panel can consume without ambiguity.", "A valid installation makes modeled progress observable as a real document and not as scattered metric assumptions." ] }, { title: "Document materialization requirements", items: [ "Project Progress Model must exist as a real document registered under overview_scope.", "Its document id, label, path, phase and layer identity must be materially installed in the document set.", "The document must be readable through the Documentation Hub and discoverable from the architecture tree.", "The progress-model artifact must be installed as the computation authority and not as detached descriptive text." ] }, { title: "Canonical binding installation", items: [ "master_architecture_index must already exist as sovereign architectural root before Project Progress Model installation can be treated as valid.", "Project Scope Canonical must already exist before modeled progress can be judged as project-relevant.", "Deployment Order Canonical must already exist before modeled advancement can be judged as sequence-legitimate.", "Project Progress Canonical must already exist before progress computation can be judged as semantically valid.", "Project Progress Model must be installed as subordinate progress-computation authority, not as sovereign architecture or raw runtime status." ] }, { title: "Hub and tree installation", items: [ "Project Progress Model must be registered inside hub_index.json under overview_scope.", "It must appear in the left architecture tree with correct label, type and placement.", "Its selection path must resolve to the correct progress-model artifact when clicked in the UI.", "Its architecture, contract and source routes must remain bound to the same registered progress-model identity." ] }, { title: "Computation installation", items: [ "The installed progress-model artifact must explicitly support how progress is computed.", "The installed progress-model artifact must explicitly support completion weight, maturity state and advancement thresholds.", "The installed progress-model artifact must explicitly support how evidence-bearing signals become measurable progress states.", "The installed progress-model artifact must explicitly support how raw activity is prevented from masquerading as advancement.", "Installation is incomplete if progress computation still depends on scattered notes, implicit operator memory or UI-local assumptions." ] }, { title: "Rendering installation", items: [ "Project Progress Model must render through the same structured category scaffold used for category-level architecture views.", "Its installed cards must remain readable and context-correct in architecture mode.", "Its architecture rendering must not collapse into fallback summary unless source loading genuinely fails.", "Its installation is invalid if the selected progress-model artifact renders another document payload." ] }, { title: "Source and contract installation", items: [ "Source view must expose the real underlying source for Project Progress Model.", "Contract view must describe the same registered progress-model artifact seen in architecture mode.", "Architecture, contract and source routes must remain installation-consistent.", "Installation is invalid if those routes diverge in identity, meaning or underlying artifact." ] }, { title: "Dependency installation gates", items: [ "Architectural sovereignty must exist before progress-model installation can be trusted.", "Project framing must exist before modeled advancement can be judged as project-legitimate.", "Deployment order must exist before computed maturity progression can be judged as sequence-legitimate.", "Project Progress Canonical must exist before computation rules can be judged as semantically valid.", "Hub registration must exist before UI selection can be trusted." ] }, { title: "Failure-sensitive installation conditions", items: [ "If the progress-model artifact exists in code but is not reachable in the tree, installation is incomplete.", "If the progress-model artifact is reachable in the tree but resolves to the wrong payload, installation is invalid.", "If the progress-model artifact renders only through fallback summary, installation is incomplete.", "If the progress-model artifact loses canonical linkage while still appearing selectable, installation is invalid." ] }, { title: "Installation exit rule", items: [ "Project Progress Model installation is complete only when the document is materially present, canonically bound, tree-selectable, architecturally renderable and identity-stable across architecture, contract and source views.", "No downstream completion, maturity, metric or promotion claim may be treated as installation-ready if Project Progress Model still operates through ambiguous routing or fallback-driven projection.", "Installation completion for Project Progress Model must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const validationBuckets = [ { title: "Definition and validation role", items: [ "Project Progress Model validation defines the evidence-based checks required to confirm that the progress-computation artifact is structurally correct, canonically bound and trustworthy as the formal modeling authority for advancement states.", "Validation here does not judge wording preference. It verifies model identity, computation clarity, canonical linkage, route integrity and cross-view consistency.", "Its role is to prove that the selected Project Progress Model is the real registered computation artifact and not a fallback, alias, inherited payload or ambiguous metric substitute.", "A valid Project Progress Model must remain verifiable across architecture, contract and source views." ] }, { title: "Identity validation", items: [ "The document selected in the tree must resolve to project_progress_model and not to another overview_scope artifact.", "Its document id, label, path, phase and layer must remain stable during selection and rendering.", "The same artifact must be observed across architecture view, contract view and source view.", "Validation fails if the UI selection path resolves to a mismatched document identity." ] }, { title: "Canonical linkage validation", items: [ "Project Progress Model must remain subordinate to master_architecture_index sovereignty.", "Its role as the progress-computation authority artifact must remain explicit.", "Its linkage to Project Progress Canonical, project scope, deployment order and evidence-bearing project surfaces must remain materially traceable.", "Validation fails if the progress-model artifact appears structurally detached from the canonical overview roots." ] }, { title: "Computation validation", items: [ "How progress is computed must be explicitly visible and non-ambiguous.", "Completion weight, maturity state and advancement thresholds must be materially clear.", "The model must visibly state how evidence-bearing signals become measurable progress states.", "The model must visibly prevent raw activity from being treated as advancement without rule support.", "Validation fails if modeled advancement still depends on implied context, scattered notes or operator habit." ] }, { title: "Dependency validation", items: [ "The progress-model artifact must visibly support downstream readiness judgment for completion, maturity, metrics and promotion.", "It must be materially clear which modeled states count as real advancement, which remain incomplete and which are non-promotable.", "No modeled-progress claim may depend on vague status language or arbitrary weighting alone.", "Validation fails if modeled advancement legitimacy cannot be traced back to explicit computation and evidence rules." ] }, { title: "Render-path validation", items: [ "Architecture mode must render the custom Project Progress Model architecture payload, not an inherited structured payload from another overview_scope document.", "Contract mode must describe the same registered Project Progress Model artifact.", "Source mode must expose the real underlying source of Project Progress Model.", "Validation fails if any mode falls back to the wrong document or if architecture mode depends on the wrong sourceMeta branch." ] }, { title: "Tree and selection validation", items: [ "Project Progress Model must appear in the correct category position inside the architecture tree.", "A click on Project Progress Model must keep the selected document stable across re-render.", "Mode switching must not silently redirect the user to Master Architecture Index, Project Scope Canonical, Deployment Order Canonical, Sandbox Environment Canonical, Server Registry Canonical, Project Progress Canonical, Panel Manifest or another sibling document.", "Validation fails if tree selection is visually correct but operationally resolves to another payload." ] }, { title: "Content integrity validation", items: [ "The architecture cards shown under Project Progress Model must correspond to progress-model content and not inherited text from another document.", "Overview, Prerequisites, Installation, Configuration and downstream cards must remain context-consistent with computation behavior.", "The progress-model artifact must not render stale content cached from a previous selection.", "Validation fails if the visible text belongs to another document context." ] }, { title: "Evidence requirements", items: [ "Validation must be grounded in observable UI behavior, observable document routing and observable progress-model output.", "Validation must be supported by file existence, tree registration, route stability, computation-rule visibility and mode consistency.", "No validation claim may be based on inference, expectation or visual guess alone.", "Every PASS condition must be backed by real evidence from the served surface or underlying registered artifact." ] }, { title: "Validation exit rule", items: [ "Project Progress Model validation is complete only when identity, linkage, computation clarity, dependency framing, tree routing, render path, source exposure and cross-view consistency are all materially confirmed.", "No downstream completion, maturity, metric or promotion claim may be treated as trustworthy if Project Progress Model validation still depends on ambiguous selection, unverified computation rules or unstable routing.", "Validation completion for Project Progress Model must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const failureModesBuckets = [ { title: "Definition and recovery role", items: [ "Project Progress Model failure modes and recovery define the invalid states that break the progress-computation artifact as a trustworthy advancement-modeling authority and the recovery actions required to restore modeled-progress legitimacy.", "Failure here is not limited to missing file or broken render. It includes ambiguous computation rules, wrong weighting logic, wrong payload routing, identity drift, inherited content contamination and loss of canonical modeling role.", "Recovery exists to restore Project Progress Model as the real computation artifact that downstream completion, maturity, metrics and promotion decisions can trust.", "A recovered state is valid only when model identity, computation clarity, canonical linkage and rendered content integrity are materially restored." ] }, { title: "Identity failure modes", items: [ "Project Progress Model may appear selected in the tree while another overview_scope payload is actually rendered.", "The progress-model artifact may resolve with wrong document id, wrong path or wrong architectural role.", "A stale UI state may preserve the correct label while operationally switching to a sibling artifact.", "Recovery requires proving the rendered payload is again bound to project_progress_model and not to master_architecture_index, project_scope, deployment_order, sandbox_environment, server_registry, project_progress_canonical, panel_manifest or any other overview_scope document." ] }, { title: "Computation failure modes", items: [ "Declared progress-calculation rules may become incomplete, ambiguous or contradictory.", "The progress-model artifact may fail to distinguish real advancement from weighted noise, raw activity or cosmetic motion.", "Completion weight, maturity thresholds or advancement transitions may look coherent in UI while remaining operationally invalid as modeling logic.", "Recovery requires restoring explicit and non-ambiguous computation meaning, weighting logic, evidence transformation and promotion relevance." ] }, { title: "Canonical linkage failure modes", items: [ "Project Progress Model may lose its subordinate linkage to master_architecture_index and begin to behave as if it were sovereign architecture, runtime truth or arbitrary reporting truth.", "The progress-model artifact may drift away from Project Progress Canonical, project scope, deployment order or evidence-bearing project surfaces.", "The document may remain visible while no longer functioning as the canonical advancement-model registry.", "Recovery requires re-establishing sovereign/support hierarchy and re-binding Project Progress Model to the overview roots." ] }, { title: "Tree and selection failure modes", items: [ "The tree may show Project Progress Model in the right place while click resolution points to another document.", "Mode switching may silently redirect the user away from the progress-model artifact.", "Reload or reselection may destabilize the active progress-model identity.", "Recovery requires restoring deterministic selection so tree label, selected doc and rendered payload converge again." ] }, { title: "Cross-view failure modes", items: [ "Architecture, contract and source views may diverge in identity or meaning.", "Contract view may describe one progress-model artifact while architecture renders another payload.", "Source mode may expose a different backing artifact than the one used in architecture mode.", "Recovery requires re-aligning all views to the same registered Project Progress Model artifact." ] }, { title: "Content contamination failure modes", items: [ "Project Progress Model may display inherited content from another overview_scope document after reload, reselection or mode change.", "Cached or previously loaded content may survive and contaminate the visible progress-model cards.", "Model-specific cards may preserve structure but lose content-origin integrity.", "Recovery requires flushing the contaminated render path and confirming that visible text now belongs only to Project Progress Model." ] }, { title: "Recovery actions", items: [ "Re-select Project Progress Model from the tree and confirm the selected document remains stable across architecture, contract and source modes.", "Verify that hub registration, tree identity and rendered payload all still point to project_progress_model.", "Re-check that computation rules, weighting logic, maturity logic and promotion conditions are again visible in the rendered cards.", "Treat any fallback-driven, cross-document or ambiguity-preserving state as invalid until evidence proves recovery is complete." ] }, { title: "Recovery evidence requirements", items: [ "Recovery is valid only when Project Progress Model is materially reachable, correctly selected and rendered from the correct payload.", "The recovered state must be observable in UI behavior and not merely assumed from code edits.", "The visible cards must show Project Progress Model-specific content after recovery.", "Architecture, contract and source modes must all confirm the same restored identity and modeling logic." ] }, { title: "Failure modes and recovery exit rule", items: [ "Project Progress Model failure and recovery handling is complete only when invalid routing, computation ambiguity, identity drift, fallback behavior and cross-view divergence states are all detectable and recoverable through evidence-based actions.", "No downstream completion, maturity, metric or promotion claim may be treated as trustworthy if Project Progress Model recovery still depends on unverified assumptions.", "Failure and recovery completion for Project Progress Model must remain evidence-based and subordinate to master_architecture_index sovereignty." ] } ]; const rightHtml = [ renderStructuredCard("Installation", installationBuckets), renderStructuredCard("Validation", validationBuckets), renderStructuredCard("Failure Modes & Recovery", failureModesBuckets) ].join(""); return { kind: "html", content: overviewHtml + `
${leftHtml}
${rightHtml}
` }; }