Skip to content

[spdd] Daily spec work plan - 2026-07-10 #44797

Description

@github-actions

Summary

Daily SPDD spec work plan for 2026-07-10. Five specification files were reviewed in this rotation: intent-attribution-agent-governance.md (v2.0.0, Partially Implemented), otel-observability-spec.md (v0.4.0, Working Draft), replace-label-compliance/README.md, replace-label-spec.md (v1.0.0, Candidate Recommendation), and safe-output-outcome-evaluation.md (v1.0.0, Working Draft).

Key gaps found: (1) replace_label outcome evaluator is still not-started — only a evalGenericSticky fallback exists. (2) Multiple outcome evaluators are partial or not-started in JS and need dedicated evaluation logic. (3) intent-attribution-agent-governance.md is "Partially Implemented" with no compliance fixture directory. (4) OTel spec §17 conformance tests reference implementation areas but no fixture files exist. (5) Replace-label compliance fixtures cover only RL-001 and RL-003; RL-002 and error-handling paths are uncovered.


Priority Work Queue

P0 — Critical gaps

  • Replace evalGenericSticky fallback for replace_label with a dedicated evalReplaceLabel evaluator in pkg/cli/outcome_eval.go

P1 — Spec/implementation drift

  • Add JS evaluator for close_issue / close_pull_request in actions/setup/js/evaluate_outcomes.cjs
  • Add JS evaluator for add_labels in actions/setup/js/evaluate_outcomes.cjs
  • Implement dedicated evalCloseDiscussion / evalCreateDiscussion evaluators in Go

P2 — Spec hygiene and coverage

  • Add compliance fixtures for RL-002 (allowlist enforcement edge cases) in specs/replace-label-compliance/
  • Add compliance fixture directory for intent-attribution spec in specs/intent-attribution-compliance/
  • Tighten OTel spec §17 conformance test list in specs/otel-observability-spec.md

SPDD Checklist

  • [Generate / replace_label evaluator] Create evalReplaceLabel in pkg/cli/outcome_eval.go — done condition: replace_label rows no longer use evalGenericSticky; unit test verifies label-retention acceptance path
  • [Sync / outcome-eval spec] Update specs/safe-output-outcome-evaluation.md implementation table: change replace_label from not-started to partial after Go evaluator is added
  • [Generate / JS close evaluators] Add dedicated close-issue and close-PR evaluator paths in actions/setup/js/evaluate_outcomes.cjs — done condition: close_issue and close_pull_request no longer use generic fallback in JS runtime
  • [Analysis / replace-label fixtures] Add fixture rl-002-allowlist-enforcement.yaml in specs/replace-label-compliance/ covering RL-002 — done condition: fixture registered in compliance README table and referenced from spec §9
  • [Reasons Canvas / intent-attribution] Add ### Safeguards and ### Sync Notes sections to specs/intent-attribution-agent-governance.md — done condition: spec explicitly describes fail behavior when governance policy resolution fails and how to detect drift with .github/objective-mapping.json
  • [Analysis / intent-attribution compliance] Create specs/intent-attribution-compliance/README.md with at minimum 3 fixture scenarios: explicit-intent wins, ambiguous-root → ambiguous, fail-closed for unlinked PR — done condition: README references spec norms by section
  • [Sync / otel-spec conformance] Expand §17 Compliance Testing in specs/otel-observability-spec.md with at least 3 concrete test cases mapping to specific span attribute requirements (§10) — done condition: each test case names an attribute, expected value, and verification method
  • [Generate / add_labels JS evaluator] Add dedicated evalAddLabels path in actions/setup/js/evaluate_outcomes.cjs to match Go evalAddLabels — done condition: JS no longer falls back to generic for add_labels

Per-Spec Findings

replace-label-spec.md (v1.0.0, Candidate Recommendation)

REASONS Canvas gaps:

  • Requirements: RL-001–RL-003 well-defined. Error-handling section (§7) lacks normative RL codes, making compliance testing unanchored.
  • Entities: Config and message schemas are complete.
  • Approach: §5 processing model is detailed.
  • Operations: §6 REST interface is specific.
  • Norms: SHOULD requirements lack RL codes.
  • Safeguards: §8 security section exists; cross-repo token isolation lacks a normative code.

Key risks: No RL code for max enforcement — untestable as a compliance fixture. Label-set race on concurrent writes acknowledged but no normative mitigation.

safe-output-outcome-evaluation.md (v1.0.0, Working Draft)

REASONS Canvas gaps:

  • Requirements: Norms 1–4 (API error handling) are good. Missing: normative requirement on evaluation retry back-off interval.
  • Operations: replace_label has no dedicated evaluator subsection (unlike create_pull_request which has §1).
  • Safeguards: No section on what to do when the evaluator itself errors.

Key risks: 7 output types are not-started — no acceptance signal is ever emitted for replace_label, update_project, update_release, link_sub_issue, autofix_code_scanning_alert, create_code_scanning_alert, hide_comment.

intent-attribution-agent-governance.md (v2.0.0, Partially Implemented)

REASONS Canvas gaps:

  • Entities: ExplicitIntent, ObjectiveMapping, attribution record defined in prose but no formal schema.
  • Structure: Missing explicit §§ for Data Model, Processing Model, and Sync Notes.
  • Operations: No normative requirement for how policy is persisted or looked up at runtime.
  • Safeguards: Missing. What happens when .github/objective-mapping.json is malformed or absent?
otel-observability-spec.md (v0.4.0, Working Draft)

REASONS Canvas gaps:

  • Requirements: §17 Compliance Testing is thin — no concrete test cases mapped to specific attribute requirements.
  • Operations: Export behavior (§6) needs rate-limit and retry norms.
  • Norms: Normative vs. informative boundary not consistently flagged across §§10–12.
replace-label-compliance/README.md
  • Covers: RL-001 (glob semantics), RL-003 (blocklist ordering).
  • Missing: RL-002 (allowlist enforcement), §7 error paths (rate-limit retry, 422 label-not-found), cross-repo targeting restriction negative test.

Sync Follow-ups

  1. After adding evalReplaceLabel in Go → update specs/safe-output-outcome-evaluation.md status column to partial.
  2. After adding JS close evaluators → update close_issue and close_pull_request status to implemented in the spec table.
  3. After adding RL-002 fixture → register in specs/replace-label-compliance/README.md table and reference from specs/replace-label-spec.md §9.
  4. Governance-policy schema from intent-attribution-agent-governance.md should be cross-referenced from OTel spec §13 (Outcome Evaluation) so intent context flows into OTel spans.

Context

Files reviewed (rotation batch 2, indices 5–9 of 13):

  • specs/intent-attribution-agent-governance.md
  • specs/otel-observability-spec.md
  • specs/replace-label-compliance/README.md
  • specs/replace-label-spec.md
  • specs/safe-output-outcome-evaluation.md

Rotation state: last_index=24; next run starts at index 10 (security-architecture-spec-summary, security-architecture-spec-validation, security-architecture-spec).

References:

Generated by 📋 Daily SPDD Spec Planner · 42.9 AIC · ⌖ 8.76 AIC · ⊞ 4.8K ·

  • expires on Jul 13, 2026, 8:43 AM UTC-08:00

Metadata

Metadata

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions