0%

Section 07: Lifecycle Gates (Completion + Abandonment, Symmetric)

Goal: Make subsumption REVERSIBLE in practice — completion verifies claims; abandonment cleanly retracts them. Without these gates, subsumption is an unverifiable assertion; with them, every claim has a falsifier.

Success Criteria: see frontmatter.

Implementation Sketch

The two gates are two facets of one principle: plan-state-change events that invalidate the plan’s claim over a bug must un-subsume that bug.

TriggerGateAction
Plan flipping status: in-progress → completeCompletion verificationRun each subsumed bug’s failing test; un-subsume any that still fail; allow plan completion regardless
Plan flipping status: <any> → abandonedAbandonment handlerUn-subsume every claimed bug; clear plan’s subsumes:; HISTORY entries on both sides
Plan stuck in in-progress (no flip)(no gate)Subsumption claims persist; /review-plan staleness validator (§03) catches drift

The symmetry is structural: completion-and-abandonment are the only two terminal plan states. A plan that merges with another (rename / scope_hash change) triggers Phase 0 reentry per routing.md §1 — the rename rule resolves subsumption claims as part of the reentry rather than via this gate.

Implementation Items

  • §07.1 Add Subsumption Verification step to scripts/plan-complete.py. Step runs BEFORE the existing status: complete flip. Reads plan’s subsumes: from frontmatter; for each entry, dispatches to §07.2 + §07.3 logic.
  • §07.1 Mirror the step into /review-plan close-gate (if /review-plan triggers plan completion separately from plan-complete.py). Verify which close-gate path actually fires in practice; consolidate if both exist.
  • §07.2 Implement bug-failing-test discovery. Each bug’s 00-overview.md per /fix-bug Phase 3 TDD discipline points at a failing-test path (Rust spec test, .ori spec test, FileCheck-asserted test, etc.). Read the path from bug’s frontmatter or §03 of bug-plan; if absent, mark the claim’s verification status as unverifiable: missing-test-reference (NOT failure; reviewer notification).
  • §07.3 Implement test-execution. Dispatch to project’s standard test harness (./test-all.sh filtered to the test path, OR cargo test -p <crate> <test-name>, OR ori test tests/spec/<path> per the test type). Apply MANDATORY 150s timeout per global rule. Test PASS → claim verified (HISTORY entry citing pass timestamp). Test FAIL → un-subsume branch.
  • §07.3 Un-subsume branch: write subsumed_by: null on bug’s 00-overview.md; flip bug’s status: subsumed → open; remove bug-id from plan’s subsumes:; HISTORY entries on both sides (“YYYY-MM-DD — Subsumption verification failed at plan-completion gate. Test <path> still fails. Bug un-subsumed; surfaces in /continue-roadmap + /fix-next-bug queue.”).
  • §07.4 Implement abandonment handler. Triggered when plan’s status: transitions to abandoned (detected by state.sh refresh or /review-plan). Iterate over plan’s subsumes: (which may already be partially-cleared if pre-abandonment); for each remaining bug-id, run un-subsume branch (same as §07.3 fail-path) but WITHOUT running the test (abandonment is unconditional revert).
  • §07.4 Idempotency: re-running abandonment handler on already-abandoned-and-cleaned plan reads empty subsumes:, exits immediately with no HISTORY entries.
  • §07.5 Cross-cut §04 verification: write a test that asserts un-subsumed bugs immediately appear in /continue-roadmap Step 1.5 + /fix-next-bug Step 2 queues. The §04 filter only excludes status: subsumed; un-subsumed (now status: open) bugs ARE queue members. Failure here is a §04 regression, not a §07 bug — but the matrix coverage lives here since this is where un-subsumption originates.
  • §07.6 Rate-limiting: ensure verification runs once per close-gate invocation, not per state.sh refresh cycle. Verification cost can be substantial (test execution per claim); cache results in .claude/state/known-state.json per state-discipline.md §6 if needed.

Test Strategy

Test matrix:

DimensionCases
Plan state at gatein-progress (verification runs before complete-flip), complete (gate skipped — already past), abandoned (abandonment handler runs)
Subsumption claim outcometest passes (claim verified, no un-subsumption), test fails (un-subsumption branch), test missing (unverifiable annotation, no flip)
Bug count per plan0 claims (no-op), 1 claim, N claims (mixed pass/fail outcomes)
Idempotencyfirst completion (full verification), re-run (no-op since plan already complete), abandonment after partial verification (clean remaining claims)
Queue-visibility cross-cutbug subsumed (filtered per §04) → un-subsumed (visible per §04 fast-path)

Semantic pins:

  • Positive: plan flipping in-progress → complete with subsumes: [BUG-A, BUG-B], BUG-A’s test passes + BUG-B’s test fails → BUG-A stays subsumed (verified), BUG-B un-subsumes (surfaces in queue), plan completes with subsumes: [BUG-A]. Reverting the gate causes BOTH to stay subsumed regardless of test state.
  • Negative: plan flipping in-progress → abandoned → all subsumes: claims un-subsume regardless of test state (abandonment is unconditional revert). Test that abandonment does NOT silently leave claims behind.
  • Test-execution-budget: gate respects MANDATORY 150s timeout per CLAUDE.md §MANDATORY TEST TIMEOUTS — hangs in subsumption verification are bugs to fix, not exceptions to grant.

Intelligence Reconnaissance

(2026-05-09) Section modifies scripts/plan-complete.py (Python — graph-indexed), .claude/skills/review-plan/SKILL.md (skill body), scripts/state.sh (Bash — graph-indexed). Pre-implementation queries reserved per compose-intel-summary.md Step D — at implementation time, callers plan-complete --repo ori, callees plan-complete --repo ori, file-symbols scripts/plan-complete.py --repo ori MUST run to map blast-radius before adding the verification step. Per CLAUDE.md §MANDATORY TEST TIMEOUTS the verification step’s test-execution honors the 150s timeout discipline; this is a hard gate, not advisory. Recording recon-deferred until implementation; cross-references verified by direct Read: scripts/plan-complete.py (existing close-gate pattern), state-discipline.md §6 (cache-discipline verified for verification-result caching).

Cross-References

  • §01 — routing rule’s REVERSIBILITY invariant this section enforces.
  • §04 — queue-filter that depends on status: subsumed; un-subsumption restores queue visibility.
  • §05 — schema fields read/written by lifecycle handlers.
  • scripts/plan-complete.py — host of completion gate.
  • /review-plan SKILL.md — alternative close-gate consumer.
  • scripts/state.sh — state-cache refresh that detects abandonment status flips.
  • CLAUDE.md §MANDATORY TEST TIMEOUTS — verification step honors the 150s timeout discipline.

07.1

Author Subsumption Verification step in plan-complete.py (or close-gate equivalent)

  • (placeholder — replace with concrete work that closes subsection 07.1)

07.2

Implement bug-failing-test discovery (read bug 00-overview.md test references)

  • (placeholder — replace with concrete work that closes subsection 07.2)

07.3

Implement test-execution + un-subsume-on-fail branch

  • (placeholder — replace with concrete work that closes subsection 07.3)

07.4

Implement abandonment handler triggered on status: abandoned flip

  • (placeholder — replace with concrete work that closes subsection 07.4)

07.5

Verify queue-visibility restoration after un-subsumption (cross-cuts §04)

  • (placeholder — replace with concrete work that closes subsection 07.5)

07.6

Idempotency + rate-limiting tests

  • (placeholder — replace with concrete work that closes subsection 07.6)

07.R

Third Party Review Findings

  • (placeholder — replace with concrete work that closes subsection 07.R)

07.N

Completion Checklist

  • (placeholder — replace with concrete work that closes subsection 07.N)