docs: refresh publication readiness gate

docs/releases/2.0.0-rc.1/preview-pack-manifest.md

@@ -15,7 +15,7 @@ surfaces, or posting announcements.
 | `docs/architecture/cross-harness.md` | Shared substrate model for Claude Code, Codex, OpenCode, Cursor, Gemini, Hermes, and terminal-only use | Names portability boundaries and does not claim unsupported native parity |
 | `docs/architecture/harness-adapter-compliance.md` | Adapter matrix and scorecard | Verified by `npm run harness:adapters -- --check` |
 | `docs/architecture/observability-readiness.md` | Local operator-readiness gate | Verified by `npm run observability:ready` |
-| `docs/architecture/progress-sync-contract.md` | GitHub, Linear, handoff, roadmap, and work-item sync boundary | Checked by `node scripts/platform-audit.js --format json --allow-untracked docs/drafts/` |
+| `docs/architecture/progress-sync-contract.md` | GitHub, Linear, handoff, roadmap, and work-item sync boundary | Checked by `node scripts/platform-audit.js --json` |
 | `scripts/preview-pack-smoke.js` | Deterministic preview-pack smoke gate | Verified by `npm run preview-pack:smoke` |
 | `docs/releases/2.0.0-rc.1/release-notes.md` | GitHub release copy source | Must be refreshed with final live release/package/plugin URLs before publication |
 | `docs/releases/2.0.0-rc.1/quickstart.md` | Clone-to-first-workflow path | Covers clone, install, verify, first skill, and harness switch |
@@ -24,7 +24,7 @@ surfaces, or posting announcements.
 | `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-15.md` | Current May 15 queue, roadmap, security, supply-chain watch, no-lifecycle CI install hardening, AgentShield #86 evidence-pack provenance, ECC Tools billing-gate, Actions cache purge, and `ecc2` test evidence through PR #1941 | Must be superseded by a final clean-checkout evidence file before real publication |
 | `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-16.md` | Current May 16/17 queue cleanup, recsys skill merge, GateGuard triage, PR #1947 supply-chain protection, AgentShield #87 plugin-cache confidence evidence, AgentShield #88 evidence-pack inspect/readback, AgentShield #89 evidence-pack fleet routing, AgentShield #90 fleet review items, AgentShield #91 policy export, AgentShield #92 policy promotion, ECC-Tools #76 fleet-summary consumption, ECC-Tools #77 hosted finding evidence paths, ECC-Tools #78 harness policy-route linking, dashboard refresh, and combined Node/Rust/release-surface gate evidence through the May 16 mirror | Must still be repeated from a strict clean checkout before real publication |
 | `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-17.md` | May 17 queue-zero state, Japanese localization merge, Dependabot TypeScript and Node type merges, post-merge ja-JP lint repair, Mini Shai-Hulud/TanStack protection recheck, npm audit/signature checks, legacy and Linear progress routing, deterministic preview-pack smoke, operator dashboard refresh, Linear sync, and GitHub CI evidence for `27dc2918` | Superseded by the May 18 evidence snapshot; repeat from a strict clean checkout before real publication |
-| `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-18.md` | Current May 18 queue-zero state, #1970/#1971/#1972 merge batch, current-head Mini Shai-Hulud/TanStack protection recheck, no-lifecycle install, npm audit/signature checks, AgentShield project `.claude` scan, work-items sync, Linear sync, operator dashboard refresh, and Supply-Chain Watch success for `3b7e0ba3` | Current strongest readiness snapshot; must still be repeated from a strict clean checkout before real publication |
+| `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-18.md` | Current May 18 queue-zero state, #1970/#1971/#1972 merge batch, #1978 review/closure, current-head Mini Shai-Hulud/TanStack protection recheck, no-lifecycle install, npm audit/signature checks, AgentShield `840952a` enterprise/IOC evidence mirror, work-items sync, Linear sync, operator dashboard refresh, and current-head CI/security scan success for `99e01ded` | Current strongest readiness snapshot; must still be repeated from a strict clean checkout before real publication |
 | `docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-17.md` | Previous prompt-to-artifact operator dashboard | Superseded by the May 18 generated dashboard |
 | `docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-18.md` | Current prompt-to-artifact operator dashboard | Shows PR/issue/discussion/platform/supply-chain gates current and publication, plugin, billing, AgentShield, ECC Tools, legacy, and Linear productization gaps still open |
 | `docs/releases/2.0.0-rc.1/release-url-ledger-2026-05-18.md` | Live URL and approval-gated URL ledger for release copy | Must be regenerated from the final release commit before public announcements |
@@ -73,7 +73,7 @@ Run these from the exact release commit before publication:
 
 ```bash
 git status --short --branch
-node scripts/platform-audit.js --format json --allow-untracked docs/drafts/
+node scripts/platform-audit.js --json
 npm run preview-pack:smoke
 npm run harness:adapters -- --check
 npm run harness:audit -- --format json

docs/releases/2.0.0-rc.1/publication-readiness.md

@@ -39,10 +39,11 @@ routing, deterministic preview-pack smoke gate, and current operator dashboard
 refresh, see
 [`publication-evidence-2026-05-17.md`](publication-evidence-2026-05-17.md).
 For the May 18 current-head queue, workflow-security/metrics/uncloud merge
-batch, Mini Shai-Hulud/TanStack local and home protection recheck, npm
+batch, PR #1978 review/closure, Mini Shai-Hulud/TanStack local and home
-no-lifecycle install/audit/signature gates, AgentShield project scan,
+protection recheck, npm no-lifecycle install/audit/signature gates,
+AgentShield project scan, AgentShield `840952a` enterprise/IOC evidence mirror,
 work-items sync, Linear progress comments, operator dashboard refresh, and
-current-head Supply-Chain Watch, see
+current-head CI/security scan success for `99e01ded`, see
 [`publication-evidence-2026-05-18.md`](publication-evidence-2026-05-18.md).
 For the operator-facing prompt-to-artifact readiness dashboard from the same
 May 16 pass, see
@@ -91,22 +92,22 @@ Record the exact commit SHA and command output before any publication action:
 
 | Evidence | Command | Required result | Recorded output |
 | --- | --- | --- | --- |
-| Clean release branch | `git status --short --branch` | On intended release commit; no unrelated files | Pending final strict clean-checkout release pass; `publication-evidence-2026-05-17.md` records current `main` with unrelated untracked `docs/drafts/` |
+| Clean release branch | `git status --short --branch` | On intended release commit; no unrelated files | `99e01ded`: `## main...origin/main`; repeat from the exact final publication commit before release |
-| Preview-pack smoke | `npm run preview-pack:smoke` | Preview pack artifacts, Hermes boundary, final verification command list, and publication blockers pass | `publication-evidence-2026-05-17.md`: ready yes, digest `dfb1ed014607`, 5 passed, 0 failed; repeat in a final strict clean-checkout release pass |
+| Preview-pack smoke | `npm run preview-pack:smoke` | Preview pack artifacts, Hermes boundary, final verification command list, and publication blockers pass | `publication-evidence-2026-05-18.md`: ready yes, digest `0ed831dbd0cf`, 5 passed, 0 failed; repeat in the final strict clean-checkout release pass |
-| Harness audit | `npm run harness:audit -- --format json` | 70/70 passing | `publication-evidence-2026-05-17.md`: 70/70 |
+| Harness audit | `npm run harness:audit -- --format json` | 70/70 passing | `99e01ded`: 70/70, 0 top actions |
-| Adapter scorecard | `npm run harness:adapters -- --check` | PASS | `publication-evidence-2026-05-16.md`: PASS, 11 adapters |
+| Adapter scorecard | `npm run harness:adapters -- --check` | PASS | `99e01ded`: PASS, 11 adapters |
-| Observability readiness | `npm run observability:ready` | 21/21 passing | `publication-evidence-2026-05-17.md`: 21/21, ready yes |
+| Observability readiness | `npm run observability:ready` | 21/21 passing | `publication-evidence-2026-05-18.md`: 21/21, ready yes |
-| Release safety gate | `npm run observability:ready -- --format json` | Release Safety category passing with publication readiness, supply-chain, workflow security, package surface, and release-surface evidence | `publication-evidence-2026-05-13-post-hardening.md`: Release Safety 3/3 |
+| Release safety gate | `npm run observability:ready -- --format json` | Release Safety category passing with publication readiness, supply-chain, workflow security, package surface, and release-surface evidence | May 18 evidence keeps release safety passing; repeat the JSON gate from the exact final release commit |
-| Supply-chain verification | `npm audit --json`; `npm audit signatures`; `cd ecc2 && cargo audit -q`; Dependabot alerts; GitGuardian Security Checks | 0 vulnerabilities/alerts, registry signatures verified, GitGuardian clean | `publication-evidence-2026-05-18.md`: npm registry signatures and attestations verified, 0 high-or-higher npm vulnerabilities, repo/home IOC scans clean, current-head Supply-Chain Watch passed |
+| Supply-chain verification | `npm audit --json`; `npm audit signatures`; `cd ecc2 && cargo audit -q`; Dependabot alerts; GitGuardian Security Checks | 0 vulnerabilities/alerts, registry signatures verified, GitGuardian clean | `publication-evidence-2026-05-18.md` plus CI `26040120071`: npm registry signatures and attestations verified, 0 high-or-higher npm vulnerabilities, repo/home IOC scans clean, supply-chain IOC scan passed |
-| Root suite | `node tests/run-all.js` | 0 failures | `publication-evidence-2026-05-17.md`: `npm test` passed 2487/2487, 0 failed |
+| Root suite | `node tests/run-all.js` | 0 failures | `99e01ded`: local `node tests/run-all.js` passed 2512/2512; CI `26040120071` passed the full OS/runtime/package-manager matrix |
-| Markdown lint | `npx markdownlint-cli '**/*.md' --ignore node_modules` | 0 failures | `publication-evidence-2026-05-17.md`: passed after ja-JP autonomous-loop anchor repair |
+| Markdown lint | `npx markdownlint-cli '**/*.md' --ignore node_modules` | 0 failures | CI `26040120071`: markdownlint passed on current head; rerun after any release-copy edits |
 | Package surface | `node tests/scripts/npm-publish-surface.test.js` | 0 failures; no Python bytecode in npm tarball | `2/2` passed in May 12 evidence pass |
-| Release surface | `node tests/docs/ecc2-release-surface.test.js` | 0 failures | `publication-evidence-2026-05-16.md`: 20/20 passed |
+| Release surface | `node tests/docs/ecc2-release-surface.test.js` | 0 failures | `99e01ded`: 21/21 passed |
 | Optional Rust surface | `cd ecc2 && cargo test` | 0 failures or explicit deferral | `publication-evidence-2026-05-16.md`: 462/462 passed, existing warnings only |
-| Queue baseline | `gh pr list` / `gh issue list` across trunk, AgentShield, JARVIS, ECC Tools, and ECC website | Under 20 open PRs and under 20 open issues | `publication-evidence-2026-05-17.md`: platform audit ready, 0 open PRs and 0 open issues across checked repos |
+| Queue baseline | `node scripts/platform-audit.js --json` across trunk, AgentShield, JARVIS, ECC Tools, and ECC website | Under 20 open PRs and under 20 open issues | `99e01ded`: platform audit ready, 0 open PRs, 0 open issues, 0 conflicting PRs, and 0 blocking dirty files |
-| Discussion baseline | `node scripts/discussion-audit.js --json` | No unmanaged active discussion queue and no answerable Q&A missing an accepted answer | `publication-evidence-2026-05-15.md`: 58 trunk discussions, 0 without maintainer touch; other tracked repos disabled or 0 |
+| Discussion baseline | `node scripts/platform-audit.js --json` and `node scripts/discussion-audit.js --json` | No unmanaged active discussion queue and no answerable Q&A missing an accepted answer | `99e01ded`: platform audit sampled 58 trunk discussions, 0 needing maintainer touch, 0 answerable discussions missing accepted answer |
-| Linear roadmap | Linear project and issue readback | Detailed roadmap exists with release, security, AgentShield, ECC Tools, legacy, and observability lanes | `publication-evidence-2026-05-15.md`: project and 16 issue lanes recorded |
+| Linear roadmap | Linear project and issue readback | Detailed roadmap exists with release, security, AgentShield, ECC Tools, legacy, and observability lanes | May 18 Linear comments include ITO-57 `f1c896d9-dd27-4ba2-b5a8-60afe5125c22`; earlier evidence records the project and 16 issue lanes |
-| Operator readiness dashboard | `npm run operator:dashboard -- --json --allow-untracked docs/drafts/` | Current queue state mapped to macro-goal deliverables and incomplete gaps | `publication-evidence-2026-05-18.md`: generated from `3b7e0ba3`, platform ready true, dashboard ready true, 0 open PRs, 0 open issues, 0 discussion gaps; regenerated May 18 dashboard now also tracks the URL ledger |
+| Operator readiness dashboard | `npm run operator:dashboard -- --json` | Current queue state mapped to macro-goal deliverables and incomplete gaps | `99e01ded`: generated May 18 dashboard is committed, platform audit ready true, 0 open PRs, 0 open issues, 0 discussion gaps, and publication gates still approval-gated |
 | Release URL ledger | `docs/releases/2.0.0-rc.1/release-url-ledger-2026-05-18.md` plus placeholder-marker scan | Live links and approval-gated links are separated before announcement copy is posted | Ledger records public repo/docs/CI/supply-chain/npm/OpenAI Codex documentation URLs and blocks GitHub release/npm/plugin/billing/social URLs until approval-gated checks pass |
 | Release name and plugin publication checklist | `docs/releases/2.0.0-rc.1/release-name-plugin-publication-checklist-2026-05-18.md` | Name/package/plugin values are frozen, final-release commands are listed, and Claude/Codex publication paths cite current official docs | Checklist keeps `Everything Claude Code / ECC`, `ecc-universal`, and plugin slug `ecc` for rc.1; no rename, npm publish, plugin tag, official listing, billing claim, or announcement before final evidence |
 

scripts/preview-pack-smoke.js

@@ -40,7 +40,7 @@ const REQUIRED_ARTIFACTS = [
 
 const REQUIRED_VERIFICATION_COMMANDS = [
   'git status --short --branch',
-  'node scripts/platform-audit.js --format json --allow-untracked docs/drafts/',
+  'node scripts/platform-audit.js --json',
   'npm run preview-pack:smoke',
   'npm run harness:adapters -- --check',
   'npm run harness:audit -- --format json',

tests/docs/ecc2-release-surface.test.js

@@ -293,7 +293,8 @@ test('publication readiness checklist gates public release actions on evidence',
   assert.ok(source.includes('release-name-plugin-publication-checklist-2026-05-18.md'));
   assert.ok(source.includes('Release name and plugin publication checklist'));
   assert.ok(may15Evidence.includes('| Trunk discussions | GraphQL discussion count and maintainer-touch sweep | 58 total discussions;'));
-  assert.ok(source.includes('58 trunk discussions, 0 without maintainer touch'));
+  assert.ok(source.includes('platform audit sampled 58 trunk discussions'));
+  assert.ok(source.includes('0 needing maintainer touch'));
   assert.ok(may15Evidence.includes('env -u GITHUB_TOKEN'));
   assert.ok(may15Evidence.includes('ITO-44'));
   assert.ok(may15Evidence.includes('0 open PRs, 0 open issues'));