Skip to main content

Script Governance

This page is the canonical governance reference for all scripts in this repository. It defines the three-tier taxonomy, JSDoc header standard, enforcement tiers, and the process for adding a new script. The full script inventory lives in the auto-generated catalog: Scripts Catalog.

Taxonomy — the three-tier model

Every script in operations/scripts/ is placed at a path following this structure:
This hierarchy is enforced — a script placed in the wrong folder will fail classification validation.

Layer 1 — Type

What the script does. Key distinctions:
  • If the script only readsaudit or validator (validator exits non-zero on failure; audit just reports)
  • If the script only creates new filesgenerator
  • If the script edits existing filesremediator
  • If the script runs other scriptsdispatch
  • A script that does NOT spawn other scripts is NOT a dispatch

Layer 2 — Concern

What domain the script operates on. The same four concerns appear under every type folder.

Layer 3 — Niche

The specific sub-concern within the domain. Examples: quality, veracity, structure, copy, grammar, catalogs, compliance, pr, codex, repair, style, scaffold, llm. Full niche reference: see script-framework.md section 2.

Classification decision tree

For concern:

JSDoc Header Standard

Every script MUST include a JSDoc header block as the first block comment in the file (or hash-comment equivalent for .sh and .py files). The pre-commit hook and CI validate header presence and tag format.

Required tags (enforced by --strict)

The required minimum validated by --strict is tags 1–10. @policy is expected but not blocked on by default.

@mode values

@pipeline format

Single-line flow declaration using arrow notation:
Examples:

Example header — JavaScript

Example header — shell / Python (hash-comment style)

Removed tags — MUST NOT appear

These tags were used in earlier versions and must not appear in new scripts:

Enforcement Tiers

Scripts are assigned to one of three tiers. Tier assignment belongs in @pipeline.

File Structure Standard

Every script MUST follow this section order:

REPO_ROOT pattern

__dirname-relative paths are acceptable only for reaching sibling files or shared libraries within the scripts tree (e.g., require('../../../../lib/docs-index-utils')).

How to Write a New Script

1

Classify it first

Use the decision tree above to determine type, concern, and niche. Place the file at operations/scripts/<type>/<concern>/<niche>/<script-name>.js.
2

Write the JSDoc header

Copy the example header above. Fill all 11 tags. Do not leave placeholder values. Run node operations/scripts/validators/governance/compliance/review-governance-repair-checklist.js --staged to validate.
3

Follow the file structure

Shebang → JSDoc header → 'use strict' → imports → constants/config at top → helpers → main() → export/execute.
4

Use process.cwd() for REPO_ROOT

Never traverse up with __dirname to reach the repo root. Use process.cwd() or a shared getRepoRoot() utility.
5

Support --dry-run if the script writes files

Any script that writes or modifies files SHOULD support --dry-run to show what would change without making changes.
6

Assign an enforcement tier

Set @pipeline to indicate where the script runs. Hard gates go in pre-commit or required CI; soft gates in non-required CI; self-heals in cron.
7

Add to the registry

Run node operations/scripts/generators/governance/catalogs/generate-script-registry.js to update tools/config/registry/script-registry.json. The catalog is regenerated automatically from the registry.

Source of Truth

Last modified on May 22, 2026