RFC 003 — Component Policies Hierarchy

Draft

RFC 003 — Component Policies Hierarchy

*tatus:*DRAFT — formalizes a three-level policy scope hierarchy (global → category → component) with explicit non-conflict guarantees, an inheritance contract, a 9-detector conflict audit, and a 6-trigger enforcement mesh. Filed in response to the question "should the Koder Stack have component-specific policies in addition to global ones?" (20260502 chat session).

1. Summary

The Koder Stack today has two policy levels:

  • *lobal policies*at `metadocsstack/policies

policies/*kmd file is in the staged diff. Bypass via KODERPOLICYBYPASS=1` (logged for audit).

5.2 CI gate (PR-level, blocking)

CI workflow fires the same audit. Closes the bypass loophole — even if local hook was skipped, CI rejects the merge.

5.3 Inverse-graph trigger (on global edit)

Most valuable trigger. When any policy higher in the DAG is edited, the audit walks all descendants extends:ing it and revalidates each against the new parent. Catches:

  • Orphan tightening: parent removed a rule that descendants tightened.
  • Newly-introduced contradictions: parent added a rule the descendant

    silently contradicts.

  • Threshold direction flips: parent inverted the direction of a value.

This trigger is the answer to "what if global changes break component silently?" — it doesn't.

5.4 AIsession preWrite trigger (preventive)

CLAUDE.md gatilho table adds:

Action Spec to read first
Editar `metadocsstack/policies

Source: ../home/koder/dev/koder/meta/docs/stack/rfcs/policies-RFC-003-component-policies-hierarchy.kmd