Glossary
Short definitions for the terms used across this playbook.
Glossary
Short definitions for the terms used across this playbook.
| Term | Definition |
|---|---|
| ADR | Architecture Decision Record. Numbered, append-only doc capturing one decision. Source of truth for codebase structure. |
| RFC | Request for Comment. ADR-with-review-window, used for changes to public contracts. Promotes to ADR on acceptance. |
| Boundary | Anywhere bytes enter the process from outside the trust boundary: HTTP, IPC, JSON-RPC, file IO, env, message bus. |
| Contract | A schema (typically Zod / Pydantic / Protobuf) that defines the shape crossing a boundary. |
| Contract package | The dependency-free package that owns all shared schemas + the error model. |
| Stable code | A string error code (\<NS\>_\<REASON\>, all caps) that clients pattern-match on. Append-only. |
| AppError | The single base error class. Every other error subclasses it. |
| Routing table | The AGENTS.md mapping from "I want to change X" to "edit package Y". |
| PR-intent manifest | YAML block in PR description: adds:, changes:, removes:, tests:, docs:. Verified by a gate. |
| removes-list | The removes: entries in the manifest. Removing another author's exported symbol requires one. |
| Sub-unit | One discrete, shippable change. One sub-unit per session. |
| Phased PR | A long initiative shipped as a chain of phase PRs, each merged with --merge --admin. |
| Verify-first | Confirm state (issue open, branch fresh, file path real) before acting. |
| Tombstone | Status block prepended to a retired doc indicating it is no longer active. Body kept for trail. |
| Completeness contract | Per-screen rule that no TODO/disabled tab/empty body ships. |
| Hermetic test | In-process test that reproduces a bug without external services. Preferred over E2E for repro/lock. |
| Property-based test | A test that asserts a law over generated inputs (round-trip, idempotence, injectivity…) and shrinks failures to a minimal counterexample. |
| Fuzzing | Throwing hostile / malformed bytes at a parser or crypto boundary; the bar is a typed error, never a crash or silent accept. |
| Adversarial bug-hunt | Find → refute → reproduce loop: orthogonal lens finders, independent skeptics that try to refute each candidate, a failing repro to confirm. |
| Intent test | A test that codifies current behavior as deliberate. Its presence means a "bug" is actually intended — check for one before "fixing". |
| Fail-loud default | A mandatory dependency whose unwired default throws instead of silently no-op'ing, so missing production wiring fails fast rather than shipping green. |
| Verification ledger | A done-report that separates automated-verified (a check ran + passed) from claimed (believed, not run) and lists known-not-done. |
| Merkle malleability | Tree builds where duplicating a lone node lets two different input sets share one root (CVE-2012-2459). Fixed by domain separation (RFC 6962) + promoting lone nodes. |
| Quality gates | Fast structural checks (file size, no any, named exports, intl, tokens). Run pre-commit + CI. |
| Sanity | Cross-cutting periodic audit. Generates a report; CI fails on regressions. |
| Shrink-only baseline | Gate config: existing offenders are baselined, new violations fail. Baseline can only shrink. |
| Break-glass | Time-boxed admin role elevation with signed audit trail. |
| Consent (in security) | Scoped, time-boxed user approval for a specific action. Distinct from role elevation. |
| Egress allowlist | Default-deny outbound network policy; only allowlisted destinations resolve. |
| Sealer | The key that encrypts secrets at rest. Rotatable. |
| Audit ledger | Append-only signed log of privileged operations. Verifiable via batch signature / Merkle anchor. |
| DSAR | Data Subject Access Request. GDPR-style export / delete request. |
| Legal hold | Flag that suspends retention for a subject under investigation. |
| Whitelabel / OEM | Per-tenant brand kit + plan presets that swap product name, logo, palette at build / runtime. |
| MEMORY pattern | One-fact-per-file persistent agent memory with an index file (MEMORY.md). |
| OKF (Open Knowledge Format) | Open standard (Google Cloud, v0.1) for agent-readable knowledge: a directory of markdown files + YAML frontmatter, type the only required field, index.md + markdown-link graph. Vendor-neutral, no SDK. |
| Sub-agent | Scoped specialist agent delegated for a fan-out task. |
| Slash command | Palette-invoked workflow body. |
| Goal mode | Stop hook with a condition; agent works until the condition holds. |