RC19 Findings Register
Use this as the canonical issue ledger for the RC19 full-system audit.
| ID | Severity | Tier | File | Symbol/Area | Impact | Evidence | Owner | Status | Fix PR/Commit | Decision |
|---|---|---|---|---|---|---|---|---|---|---|
| RC19-001 | P1 | B | README.md | MCP tool count | public capability claims drift from implementation | README.md:17, docs/index.md:34, docs/reference/architecture.md:170, docs/vnext/README.md:73 | docs | fixed | local | fix |
| RC19-002 | P1 | B | docs/reference/cli.md | group commands | operator-facing command examples include unsupported forms | docs/reference/cli.md:49, parser src/cccc/cli.py:2662 | docs | fixed | local | fix |
| RC19-003 | P1 | B | docs/reference/architecture.md | blob storage path | attachment storage path mismatch can cause broken operational guidance | docs/reference/architecture.md:140, runtime note src/cccc/resources/cccc-help.md:112 | docs | fixed | local | fix |
| RC19-004 | P1 | B | docs/standards/CCCC_DAEMON_IPC_V1.md | version examples | stale protocol examples weaken SDK/client contract confidence | docs/standards/CCCC_DAEMON_IPC_V1.md:65, docs/standards/CCCC_DAEMON_IPC_V1.md:1137 | docs | fixed | local | fix |
| RC19-005 | P2 | A | .github/workflows/ci.yml | quality gate | build-only green can miss runtime regressions | .github/workflows/ci.yml:30 | releng | fixed | local | fix |
| RC19-006 | P2 | A | .github/workflows/release.yml | publish gate | publish path lacks full regression gate before upload | .github/workflows/release.yml:87 | releng | fixed | local | fix |
| RC19-007 | P1 | B | docs/vnext/RELEASE.md | release examples | release guidance still pinned to rc16 examples | docs/vnext/RELEASE.md:28, docs/vnext/RELEASE.md:43 | docs | fixed | local | fix |
| RC19-008 | P2 | B | docs/vnext/STATUS.md | status board | stale status can misdirect release decisions | docs/vnext/STATUS.md:1 | docs | fixed | local | fix |
| RC19-009 | P2 | B | repository root | governance assets | missing CHANGELOG/SECURITY/support policy reduces release readiness | CHANGELOG.md:1, SECURITY.md:1, SUPPORT.md:1 | docs | fixed | local | fix |
| RC19-010 | P1 | B | README.zh-CN.md README.ja.md | multilingual parity | multilingual docs repeat stale version/tool-count claims | README.zh-CN.md:17, README.ja.md:17 | docs | fixed | local | fix |
| RC19-011 | P2 | A | src/cccc/contracts/v1/automation.py src/cccc/ports/mcp/server.py | state surface parity | automation action allows group_state=stopped, but MCP group-state schema advertised only active/idle/paused | src/cccc/ports/mcp/server.py:784, src/cccc/ports/mcp/server.py:1823, tests/test_mcp_group_set_state_stopped.py:1 | mcp-surface | fixed | local | fix |
| RC19-012 | P1 | A | src/cccc/ports/mcp/server.py | actor identity alias parity | cccc_automation_manage schema exposes actor_id, but resolver only accepted by, causing valid schema calls to fail | src/cccc/ports/mcp/server.py:130, tests/test_mcp_automation_manage_actor_id_alias.py:1 | mcp-surface | fixed | local | fix |
| RC19-013 | P2 | B | src/cccc/ports/im/bridge.py src/cccc/ports/im/commands.py docs/guide/im-bridge/slack.md docs/guide/im-bridge/discord.md | IM implicit-send parity | IM bridge supports routed plain text as implicit send, but subscribe/help/docs still instructed users that plain chat is ignored on some platforms | src/cccc/ports/im/bridge.py:422, src/cccc/ports/im/commands.py:188, docs/guide/im-bridge/slack.md:161, docs/guide/im-bridge/discord.md:148 | im-bridge | fixed | local | fix |
| RC19-014 | P1 | A | docs/standards/CCCC_DAEMON_IPC_V1.md | daemon IPC op coverage | implementation exposed 5 ops without standards entries (debug_snapshot, debug_tail_logs, debug_clear_logs, group_automation_reset_baseline, registry_reconcile) | src/cccc/daemon/server.py:1910, src/cccc/daemon/server.py:2088, src/cccc/daemon/server.py:2129, src/cccc/daemon/server.py:2776, src/cccc/daemon/server.py:2970, tests/test_daemon_ipc_docs_parity.py:1 | core-platform | fixed | local | fix |
| RC19-015 | P2 | A | src/cccc/kernel/permissions.py | permission type-surface parity | require_group_permission(..., action="group.settings_update") is used by daemon, but GroupAction literal omitted this value, weakening type-level parity and review signal | src/cccc/daemon/server.py:2334, src/cccc/daemon/server.py:2431, src/cccc/daemon/server.py:2793, src/cccc/kernel/permissions.py:19, tests/test_permissions_group_settings_update.py:1 | core-platform | fixed | local | fix |
| RC19-016 | P2 | A | src/cccc/kernel/permissions.py src/cccc/daemon/server.py | permission guardrail coverage | action literals for require_group_permission / require_actor_permission had no automated parity guard, allowing future silent drift between daemon usage and permission typing | src/cccc/daemon/server.py:2267, src/cccc/daemon/server.py:3344, tests/test_permissions_action_parity.py:1 | core-platform | fixed | local | fix |
| RC19-017 | P2 | B | docs/reference/architecture.md docs/vnext/RELEASE.md | release/docs truth consistency | architecture page had mixed blob path terminology (state/ledger/blobs vs state/blobs) and release install example pinned to stale rc18 literal | docs/reference/architecture.md:43, docs/reference/architecture.md:140, docs/vnext/RELEASE.md:51, tests/test_docs_blob_path_consistency.py:1 | docs | fixed | local | fix |
| RC19-018 | P1 | A | src/cccc/contracts/v1/event.py | contract model coverage | daemon emitted standard group.* events that were missing from _KIND_TO_MODEL (group.set_state, group.settings_update, group.automation_update), reducing contract-level validation for core writes | src/cccc/contracts/v1/event.py:14, src/cccc/contracts/v1/event.py:174, src/cccc/daemon/server.py:2403, src/cccc/daemon/server.py:2456, src/cccc/daemon/server.py:3274, tests/test_event_kind_model_parity.py:1 | core-platform | fixed | local | fix |
| RC19-019 | P2 | B | docs/reference/architecture.md | MCP surface narrative drift | architecture doc still presented legacy MCP grouping and omitted active capability families (automation/terminal/debug), creating operator-level expectation drift | docs/reference/architecture.md:168, src/cccc/ports/mcp/server.py:1633, tests/test_docs_mcp_architecture_surface.py:1 | docs | fixed | local | fix |
| RC19-020 | P2 | A | src/cccc/contracts/v1/event.py | event contract guardrail | no automated internal parity check between EventKind literals and _KIND_TO_MODEL, allowing contract drift during incremental edits | src/cccc/contracts/v1/event.py:14, src/cccc/contracts/v1/event.py:174, tests/test_event_contract_internal_parity.py:1 | core-platform | fixed | local | fix |
| RC19-021 | P2 | A | src/cccc/daemon/server.py | automation error ergonomics | strict canonical-only automation payload is correct, but legacy payload failures returned opaque pydantic errors that caused repeated operator/agent misuse | src/cccc/daemon/server.py:732, src/cccc/daemon/server.py:2441, src/cccc/daemon/server.py:2657, tests/test_automation_manage_legacy_shape.py:1 | core-platform | fixed | local | fix |
| RC19-022 | P2 | A | src/cccc/daemon/streaming.py | stream resume robustness | when since_event_id aged out of tail history, resume returned empty even with since_ts; this could drop recoverable events after reconnect | src/cccc/daemon/streaming.py:253, src/cccc/daemon/streaming.py:263, tests/test_events_stream_resume_filtering.py:140 | core-platform | fixed | local | fix |
| RC19-023 | P2 | A | src/cccc/daemon/delivery.py | delivery config robustness | invalid/negative delivery.min_interval_seconds could raise during flush path and silently stall PTY delivery retries due outer swallow; now parser is resilient and clamps to safe values | src/cccc/daemon/delivery.py:60, src/cccc/daemon/delivery.py:768, tests/test_delivery_throttle.py:47 | core-platform | fixed | local | fix |
| RC19-024 | P2 | A | src/cccc/kernel/settings.py | global default mutability | get_runtime_pool() returned shared DEFAULT_RUNTIME_POOL objects when settings were absent; caller mutation could pollute defaults process-wide | src/cccc/kernel/settings.py:283, src/cccc/kernel/settings.py:45, tests/test_runtime_pool_defaults_immutable.py:1 | core-platform | fixed | local | fix |
| RC19-025 | P2 | A | src/cccc/kernel/settings.py | runtime_pool dirty-config tolerance | malformed priority/scenarios fields could propagate unsafe types into runtime selection path; parser now sanitizes with deterministic fallback | src/cccc/kernel/settings.py:34, src/cccc/kernel/settings.py:310, tests/test_runtime_pool_defaults_immutable.py:31 | core-platform | fixed | local | fix |
| RC19-026 | P2 | A | src/cccc/kernel/registry.py | registry doc normalization | malformed registry.json structures could leave groups/defaults effectively non-writable; load path now normalizes root and map types before use | src/cccc/kernel/registry.py:31, src/cccc/kernel/registry.py:47, tests/test_registry_doc_normalization.py:1 | core-platform | fixed | local | fix |
| RC19-027 | P2 | A | src/cccc/kernel/group_template.py | template export/preview robustness | direct int(...)/bool(...) conversion on group settings could mis-handle dirty values (\"false\" -> True) or raise; parser now uses tolerant numeric coercion and canonical bool coercion | src/cccc/kernel/group_template.py:19, src/cccc/kernel/group_template.py:86, src/cccc/kernel/group_template.py:200, tests/test_group_template_dirty_settings_tolerance.py:1 | core-platform | fixed | local | fix |
| RC19-028 | P2 | A | src/cccc/kernel/actors.py | actor-id rule consistency | documented actor-id rule forbids leading underscore, but validator allowed it via regex; validation now enforces first-char rule explicitly | src/cccc/kernel/actors.py:38, src/cccc/kernel/actors.py:17, tests/test_actor_id_validation.py:1 | core-platform | fixed | local | fix |
| RC19-029 | P2 | A | src/cccc/daemon/ops/context_ops.py | context sync atomicity | context_sync batch could partially persist presence updates before later op failure, violating single-batch atomicity expected by operators/agents | src/cccc/daemon/ops/context_ops.py:184, src/cccc/daemon/ops/context_ops.py:486, tests/test_context_sync_atomicity.py:1 | core-platform | fixed | local | fix |
| RC19-030 | P2 | A | src/cccc/ports/mcp/server.py | MCP boolean coercion parity | MCP dispatcher used bool(...) for several flags, making "false" truthy and causing behavior drift in agent workflows (dry_run, include_archived, requires_ack, strip_ansi) | src/cccc/ports/mcp/server.py:2332, src/cccc/ports/mcp/server.py:2339, src/cccc/ports/mcp/server.py:2391, src/cccc/ports/mcp/server.py:2529, src/cccc/ports/mcp/server.py:2550, tests/test_mcp_tool_bool_coercion.py:1 | mcp-surface | fixed | local | fix |
| RC19-031 | P2 | A | src/cccc/daemon_main.py | daemon start safety | ccccd start could spawn a duplicate daemon when pid-file process was alive but IPC ping failed, creating operational contention risk | src/cccc/daemon_main.py:45, src/cccc/daemon_main.py:54, tests/test_daemon_main_start_safety.py:1 | core-platform | fixed | local | fix |
| RC19-032 | P2 | A | src/cccc/kernel/context.py | context dirty-data resilience | context/task/presence loaders previously failed whole-document parse on single malformed entry; now parse per-item with safe status/int coercion to preserve usable state | src/cccc/kernel/context.py:181, src/cccc/kernel/context.py:314, src/cccc/kernel/context.py:547, tests/test_context_storage_dirty_tolerance.py:1 | core-platform | fixed | local | fix |
| RC19-033 | P2 | A | src/cccc/ports/web/app.py | web settings API resilience | settings endpoint used direct int(...) casts on group config fields; dirty values could crash API and break Settings UX. now uses safe int coercion with bounded fallbacks | src/cccc/ports/web/app.py:123, src/cccc/ports/web/app.py:1315, tests/test_web_group_settings_dirty_tolerance.py:1 | web-ux | fixed | local | fix |
| RC19-034 | P2 | A | src/cccc/ports/web/streams.py | SSE tailer lifecycle hygiene | shared SSE tailers were not removed from global registry after idle shutdown, allowing dead entries to accumulate in long-running web processes | src/cccc/ports/web/streams.py:234, src/cccc/ports/web/streams.py:252, tests/test_web_streams_tailer_cleanup.py:1 | web-ux | fixed | local | fix |
| RC19-035 | P2 | A | web/src/hooks/useGlobalEvents.ts | global events fallback resilience | after switching to polling fallback (SSE errors), hook never retried SSE, causing permanent polling mode and weaker real-time consistency | web/src/hooks/useGlobalEvents.ts:31, web/src/hooks/useGlobalEvents.ts:39, web/src/hooks/useGlobalEvents.ts:49, web/src/hooks/useGlobalEvents.ts:64 | web-ux | fixed | local | fix |
| RC19-036 | P2 | A | src/cccc/kernel/messaging.py src/cccc/kernel/system_prompt.py src/cccc/daemon/server.py | actor enabled-flag coercion parity | several actor-enabled checks still used bool(...); dirty values like "false" were treated as enabled, causing recipient routing, foreman inference, system prompt team summary, and auto-wake decisions to drift from operator intent | src/cccc/kernel/messaging.py:30, src/cccc/kernel/system_prompt.py:32, src/cccc/daemon/server.py:1818, tests/test_enabled_flag_coercion.py:42, tests/test_enabled_flag_coercion.py:94 | core-platform | fixed | local | fix |
| RC19-037 | P2 | A | src/cccc/ports/im/subscribers.py | IM subscriber state resilience | a single malformed thread_id (e.g. "oops") or boolean string in im_subscribers.json could make load logic misparse or drop practical routing intent; parser now safely coerces bool/int values per entry | src/cccc/ports/im/subscribers.py:14, src/cccc/ports/im/subscribers.py:56, tests/test_im_subscribers_tolerance.py:8 | im-bridge | fixed | local | fix |
| RC19-038 | P2 | A | src/cccc/cli.py | CLI env flag semantics | CCCC_WEB_RELOAD="false" was interpreted as enabled due raw bool(...) conversion; this could unexpectedly force reload mode and change startup behavior | src/cccc/cli.py:170, src/cccc/cli.py:457, tests/test_cli_env_bool_parsing.py:6 | core-platform | fixed | local | fix |
| RC19-039 | P2 | A | src/cccc/daemon/server.py | daemon settings response resilience | group_settings_update response assembly used direct int(...) casts and could fail when unrelated dirty values existed in group config, even though update patch itself was valid; response now uses safe coercion/clamping | src/cccc/daemon/server.py:103, src/cccc/daemon/server.py:2425, tests/test_daemon_group_settings_dirty_tolerance.py:8 | core-platform | fixed | local | fix |
| RC19-040 | P2 | A | src/cccc/kernel/active.py | active pointer dirty-data resilience | load_active() returned raw JSON as-is; non-dict payloads could propagate and break callers expecting mapping semantics. loader now normalizes and self-heals persisted shape | src/cccc/kernel/active.py:14, src/cccc/kernel/active.py:18, tests/test_active_doc_normalization.py:8 | core-platform | fixed | local | fix |
| RC19-041 | P2 | A | src/cccc/kernel/blobs.py | blob path resolution hardening | attachment path root check used string-prefix comparison and was path-separator fragile; now uses Path.relative_to() after resolve for platform-safe containment validation | src/cccc/kernel/blobs.py:93, src/cccc/kernel/blobs.py:100, tests/test_blob_path_resolution.py:8 | core-platform | fixed | local | fix |
| RC19-042 | P2 | A | src/cccc/daemon/automation.py | automation running-state coercion | automation group_state action path used raw bool(group.doc["running"]); dirty string values like "false" could suppress required group_start. running-state now uses canonical coercion; idle-notify tail lines are also safely clamped. | src/cccc/daemon/automation.py:1258, src/cccc/daemon/automation.py:1033, tests/test_automation_rules_constraints.py:75 | core-platform | fixed | local | fix |
| RC19-043 | P2 | A | src/cccc/ports/mcp/server.py | MCP group-list running parity | MCP group_list used raw bool(...) for running, so dirty "false" values could be exposed to agents as running groups. now uses canonical bool coercion. | src/cccc/ports/mcp/server.py:692, tests/test_mcp_tool_bool_coercion.py:6 | mcp-surface | fixed | local | fix |
| RC19-044 | P2 | A | src/cccc/daemon/ops/template_ops.py | template settings bool coercion | template import/replace settings path used raw bool(...) on delivery/terminal toggles; string-bool inputs could drift. replace path now coerces bool canonically before persistence. | src/cccc/daemon/ops/template_ops.py:228, src/cccc/daemon/ops/template_ops.py:234, tests/test_group_template_auto_mark_on_delivery.py:95 | core-platform | fixed | local | fix |
| RC19-045 | P2 | A | src/cccc/ports/mcp/server.py | MCP file-send path containment hardening | MCP file_send active-scope guard used string-prefix checks and was separator/platform fragile; now uses Path.relative_to() containment semantics. | src/cccc/ports/mcp/server.py:582, tests/test_mcp_tool_bool_coercion.py:43 | mcp-surface | fixed | local | fix |
| RC19-046 | P2 | A | src/cccc/ports/mcp/server.py | MCP sanitized state coercion | MCP agent-facing group_info/actor_list returned raw running/enabled; dirty string values could be surfaced as truthy. sanitized output now canonically coerces booleans. | src/cccc/ports/mcp/server.py:626, src/cccc/ports/mcp/server.py:648, tests/test_mcp_tool_bool_coercion.py:7, tests/test_mcp_tool_bool_coercion.py:20 | mcp-surface | fixed | local | fix |
| RC19-047 | P2 | A | src/cccc/contracts/v1/actor.py | GroupState contract parity | GroupState literal omitted stopped despite runtime/CLI/MCP supporting stop-state workflows; contract now includes stopped to remove type-surface drift. | src/cccc/contracts/v1/actor.py:34, tests/test_actor_group_state_contract.py:6 | core-platform | fixed | local | fix |
| RC19-048 | P2 | A | src/cccc/ports/mcp/server.py | MCP helper bool coercion parity | MCP helper functions (message_send/message_reply/file_send) previously used raw bool(reply_required) and could mis-handle string inputs when called directly; now canonical coercion is used end-to-end. | src/cccc/ports/mcp/server.py:460, src/cccc/ports/mcp/server.py:519, src/cccc/ports/mcp/server.py:614, tests/test_mcp_tool_bool_coercion.py:103, tests/test_mcp_tool_bool_coercion.py:124 | mcp-surface | fixed | local | fix |
| RC19-049 | P2 | A | src/cccc/runners/pty.py | PTY attach selector registration robustness | non-writer clients with empty backlog could be registered with events=0, causing selector registration failure and silent attach drops; attach path now always registers READ and adds WRITE only when needed. | src/cccc/runners/pty.py:476, tests/test_pty_attach_selector_events.py:27 | core-platform | fixed | local | fix |
| RC19-050 | P2 | A | .github/workflows/ci.yml .github/workflows/release.yml web/package.json | web type-safety release gate | web pipeline only ran vite build, which transpiles without strict TS checking; type errors in AutomationTab passed build and could ship. release gates now include web lint + web typecheck. | web/src/components/modals/settings/AutomationTab.tsx:464, .github/workflows/ci.yml:26, .github/workflows/release.yml:31, web/package.json:11 | web-ux | fixed | local | fix |
| RC19-051 | P2 | A | web/src/components/SettingsModal.tsx web/src/components/modals/RecipientsModal.tsx | modal backdrop close semantics | backdrop used onClick close; drag-select starting in modal and ending on backdrop could accidentally close dialogs and discard in-progress edits. close trigger now moves to backdrop onPointerDown for consistent mouse/touch behavior. | web/src/components/SettingsModal.tsx:793, web/src/components/modals/RecipientsModal.tsx:31 | web-ux | fixed | local | fix |
| RC19-052 | P2 | B | tests/test_group_automation_baseline.py | baseline automation regression guard | no regression test guarded the intended baseline semantics (new groups seed standup baseline, but user-cleared rules/snippets stay cleared). added targeted test to prevent future drift. | tests/test_group_automation_baseline.py:1, src/cccc/kernel/group.py:29, src/cccc/daemon/server.py:679 | qa | fixed | local | fix |
| RC19-053 | P2 | A | web/src/stores/useGroupStore.ts web/src/components/AppModals.tsx | group selection coherence after external/templated conflicts | web group refresh kept stale selectedGroupId when selected group disappeared (or list became empty), leaving stale caches visible; template-create conflict path could select an existing group before sidebar metadata refresh. refresh now self-heals selection/cache and conflict branch refreshes groups first. | web/src/stores/useGroupStore.ts:286, web/src/components/AppModals.tsx:392 | web-ux | fixed | local | fix |
| RC19-054 | P2 | A | web/src/components/SearchModal.tsx web/src/components/ContextModal.tsx | modal backdrop close safety parity | these modals still used backdrop onClick close, so drag-select ending on backdrop could dismiss modal unexpectedly and interrupt edits. backdrop close now uses onPointerDown target-check semantics consistently (including Context nested notify modal). | web/src/components/SearchModal.tsx:181, web/src/components/ContextModal.tsx:387, web/src/components/ContextModal.tsx:1666 | web-ux | fixed | local | fix |
| RC19-055 | P2 | A | web/src/utils/groupStatus.ts | group status precedence coherence | status pill could show paused/idle semantics even when runtime was not running, creating operational confusion on completed groups. status resolution now always prioritizes running=false as STOP. | web/src/utils/groupStatus.ts:3, web/src/utils/groupStatus.ts:30 | web-ux | fixed | local | fix |
| RC19-056 | P2 | A | web/src/components/modals/settings/GuidanceTab.tsx | guidance editor modal close safety parity | expanded guidance editor modal still used backdrop onMouseDown close. aligned to onPointerDown semantics for consistent mouse/touch behavior and reduced accidental dismiss while selecting text. | web/src/components/modals/settings/GuidanceTab.tsx:215 | web-ux | fixed | local | fix |
| RC19-057 | P2 | A | web/src/components/layout/GroupSidebar.tsx web/src/components/layout/MobileMenuSheet.tsx | mobile navigation backdrop close safety parity | mobile sidebar/menu backdrops used onClick close and could dismiss on unintended click synthesis during pointer interactions. aligned to onPointerDown target-check semantics for consistent touch/mouse behavior. | web/src/components/layout/GroupSidebar.tsx:267, web/src/components/layout/MobileMenuSheet.tsx:62 | web-ux | fixed | local | fix |
| RC19-058 | P2 | A | web/src/services/api.ts | auth-required callback resilience | API client only triggered auth-required callback from parsed JSON error payloads; HTTP 401 with non-JSON/empty bodies could skip re-auth prompt. apiJson and apiForm now trigger callback on raw resp.status === 401 as well. | web/src/services/api.ts:120, web/src/services/api.ts:160 | web-ux | fixed | local | fix |
| RC19-059 | P2 | B | docs/reference/features.md | automation docs parity drift | feature documentation still described automation as retained built-ins only and omitted active rule-engine semantics (trigger kinds, action constraints, one-time completion behavior, MCP manage surface), creating product expectation drift. | docs/reference/features.md:153 | docs | fixed | local | fix |
| RC19-060 | P2 | B | docs/sdk/CLIENT_SDK.md | sdk draft state example drift | SDK draft API snippet documented group_set_state as `active | idle | pausedonly, while current user-facing state surface includesstopped`; example now updated to avoid copy-paste drift. | docs/sdk/CLIENT_SDK.md:69 | docs | fixed |
| RC19-061 | P2 | B | docs/guide/web-ui.md | web guide automation parity drift | user guide still documented automation as a few timeout knobs only and omitted current rules/actions/policy model, causing setup confusion for new users. automation section now reflects rule triggers, one-time semantics, and built-in policy controls. | docs/guide/web-ui.md:119 | docs | fixed | local | fix |
| RC19-062 | P2 | B | docs/guide/getting-started/index.md docs/guide/faq.md | onboarding docs freshness drift | guide/faq still pinned RC install examples and old source repo URL, and FAQ mentioned outdated MCP tool-count wording. onboarding docs now use non-stale install patterns and current source URL, with tool-surface wording made version-agnostic. | docs/guide/getting-started/index.md:57, docs/guide/faq.md:10 | docs | fixed | local | fix |
| RC19-063 | P2 | B | docs/vnext/ARCHITECTURE.md docs/vnext/FEATURES.md docs/vnext/README.md | legacy-doc misguidance risk | vNext docs are historical snapshots but lacked explicit stale-risk warnings; they also contained obvious drift points (blob path/tool-count wording). added clear "historical snapshot" guardrails and corrected the most misleading stale examples. | docs/vnext/ARCHITECTURE.md:6, docs/vnext/FEATURES.md:3, docs/vnext/README.md:6 | docs | fixed | local | fix |
| RC19-064 | P2 | B | README.md README.zh-CN.md | external product narrative gap | top-level readmes were technically accurate but too thin on product positioning/value narrative and adoption guidance, weakening release readiness for external users. readmes were rewritten to product-level framing (value proposition, fit/non-fit, quick adoption path, architecture intent). | README.md:1, README.zh-CN.md:1 | docs | fixed | local | fix |
| RC19-065 | P2 | B | docs/guide/use-cases.md docs/guide/operations.md docs/reference/positioning.md docs/.vitepress/config.ts | docs information architecture gap | docs lacked scenario-driven onboarding and operator runbooks, and navigation did not map cleanly to user intent. added new pages (use cases, operations runbook, positioning) and wired navigation for role-oriented discovery. | docs/guide/use-cases.md:1, docs/guide/operations.md:1, docs/reference/positioning.md:1, docs/.vitepress/config.ts:35 | docs | fixed | local | fix |
Status Definitions
open: discovered, not yet startedin_progress: owner workingfixed: patch merged and validatedaccepted_risk: consciously deferred with rationale and expiry
Decision Rules
P0cannot beaccepted_riskfor rc19.- Every
accepted_riskrow must include expiry criteria.