v0.2.3 Verification Gate Matrix¶
This document defines the release gate for M0 / v0.2.3 - Verification Gate Stabilization.
Release Goal¶
v0.2.3 is a stabilization release. It should not expand product claims. It should make the current ZapTrace foundation safer, auditable, and easier to review.
Gate Policy¶
| Result | Meaning | Release Impact |
|---|---|---|
| PASS | Check completed and met threshold | Does not block |
| FAIL | Check completed and violated threshold | Blocks release |
| SKIP-APPROVED | Check could not run for an accepted reason and the reason is recorded | Does not block if explicitly approved |
| SKIP-UNAPPROVED | Check was skipped without an approved reason/evidence record | Blocks release |
| WARN | Check produced non-blocking findings | Does not block, but must be visible in release notes |
Required Gates¶
| Gate | Command / Evidence Source | Expected Evidence | Blocking Rule | Owner Area |
|---|---|---|---|---|
| Unit and integration tests | uv run pytest -q |
pytest output and CI job URL | Any failing non-skipped test blocks | CI |
| Lint | uv run ruff check . |
CI job URL | Any lint error blocks | CI |
| Format | uv run ruff format --check . |
CI job URL | Any format drift blocks | CI |
| Typecheck | uv run pyright |
CI job URL | Any new type error blocks | CI |
| Package metadata | uv build or release workflow build job |
wheel/sdist artifact | Build failure blocks | Release |
| Export regression corpus | uv run pytest tests/test_export_regression.py -q |
golden diff report | Any unapproved artifact diff blocks | Verification |
| KiCad Oracle evidence | scripts/ci_kicad_oracle.py or workflow artifact |
ERC/DRC JSON or explicit skip record | Failure or unapproved skip blocks | Verification |
| Proof-pack validation | proof-pack workflow and zaptrace proof validate where applicable |
manifest, artifact hashes, check records | Invalid manifest or missing evidence blocks | Verification |
| Fab-profile DFM smoke | DFM tests and proof-pack DFM record | profile name, constraints checked, violations | Critical DFM violation blocks; missing external evidence must be explicit | Manufacturing |
| MCP/REST safety smoke | targeted tests for session isolation, request limits, transaction tools | test output and security findings | Critical failure blocks | Security |
| Documentation status sync | grep/status reconciliation script or manual checklist | README/ROADMAP/CHANGELOG/audit consistency checklist | Version/status mismatch blocks | Governance |
Approved Skip Reasons¶
External-tool checks may be skipped only with a clear reason and evidence record:
tool-unavailable: required binary such askicad-cliis not installed on the runner.platform-unsupported: the check is not supported on the current OS/runner.fixture-unavailable: required hardware/EDA fixture is intentionally absent for this release.non-release-run: the workflow is a lightweight PR run rather than a release gate.
The skip record must include:
- check name
- reason code
- runner/platform
- command attempted or probe used
- timestamp
- release approver or policy reference
Blocker Criteria¶
A release is blocked when any of the following is true:
- A required PASS/FAIL gate fails.
- A required evidence artifact is missing.
- An external-tool check is silently skipped.
- Documentation claims a capability that is not implemented or is still experimental.
- A proof-pack or manufacturing artifact implies fabrication approval.
- A security finding affects MCP/REST exposed execution, session isolation, path traversal, or unauthorized write capability.
Release Checklist¶
- [ ] All required gates PASS or SKIP-APPROVED.
- [ ] Proof-pack evidence includes artifact hashes and explicit limitations.
- [ ] KiCad Oracle evidence is attached or explicitly skipped with approved reason.
- [ ] README, ROADMAP, CHANGELOG, and current-state audit agree on version and status.
- [ ] Release notes list non-claims and human-review requirements.
- [ ] GitHub milestone contains no open P0 blockers.
- [ ] Closed historical issues with stronger claims are marked
status:needs-auditor have follow-up issues.
Non-Claims for v0.2.3¶
v0.2.3 must not claim:
- fabrication-ready output
- fully autonomous production signoff
- manufacturer approval
- complete SPICE/SI/PI/RF validation
- no-human-review PCB generation