2

[RAprogramm]

Closes #2.

Phase 0 foundation for rustmanifest: cargo workspace, hardened CI, signed reproducible releases, locked JSON Schemas, governance and security documents, and full SPDX REUSE 3.x compliance under MIT.

What lands

Workspace (#2 chore add cargo workspace with schemas and strict lints)

• Root Cargo.toml with resolver = "3", shared [workspace.lints] at deny for clippy::all/pedantic/nursery/cargo and rust hardening lints. No workspace-level allow overrides.
• rust-toolchain.toml pinned to 1.95.0; MSRV policy stable-3.
• 8 stub crates under crates/:
  • rustmanifest-schema — canonical Rust types and JSON Schemas (Rule, Finding, Config, MethodologyResource) with schema_for! exporter binary; golden schemas committed under schemas/ and gated by drift check in CI.
  • rustmanifest-rules-core, rustmanifest-engine, rustmanifest-config, rustmanifest-report, rustmanifest-mcp, rustmanifest-lsp, rustmanifest-cli — skeletons with public trait surface and version constants only.
• deny.toml denying yanked, multiple-versions, unknown registries; license allowlist.
• release-plz.toml for independent per-crate SemVer publishing.

CI (#2 ci add lint test release pipeline with signing and reuse)

• ci.yml — fmt nightly, clippy -D warnings, test matrix (ubuntu x86_64/aarch64, macos-15, windows-2022), MSRV check, cargo-audit, cargo-deny, REUSE lint, schema drift gate, cargo-llvm-cov coverage artifact, MCP conformance scaffold.
• release.yml — tag-triggered multi-arch builds (5 targets), CycloneDX SBOM, sigstore keyless cosign signing, SLSA build provenance via actions/attest-build-provenance@v2, GitHub Release with all artifacts.
• release-plz.yml — main-branch automation for crates.io publishing.

Governance and security (#2 docs add governance security threat model and templates)

• SECURITY.md — private vuln disclosure via GH Security Advisories, 30-day default embargo, supported-version policy.
• docs/THREAT_MODEL.md — 6 initial threats (sandbox escape, prompt injection through methodology resources, token theft, supply-chain compromise, resource exhaustion, determinism bypass) with mitigations; trust boundary diagram; review cadence.
• docs/GOVERNANCE.md — maintainer set, per-crate SemVer table, RFC process, deprecation policy, severity governance, release cadence.
• docs/RFCS/0000-template.md — RFC template.
• .github/CODEOWNERS, issue templates (bug, feature, rule-proposal, config disabling blanks), PR template with explicit checklists.

License and SPDX REUSE 3.x (#2 chore adopt mit license with spdx reuse compliance)

• MIT only (no Apache, no dual).
• LICENSES/MIT.txt as the canonical license location (REUSE-compliant).
• REUSE.toml covering markdown, JSON schemas, GitHub config, pre-existing config files, and Cargo.lock.
• Every new source file carries inline SPDX-FileCopyrightText + SPDX-License-Identifier headers.
• reuse lint reports 75/75 files compliant with REUSE 3.3.

Locked decisions

• Crate prefix: rustmanifest; URI scheme: rustmanifest://
• MSRV: 1.95 (stable-3 policy)
• Org: github.com/RAprogramm
• Action name (later phase): RAprogramm/rustmanifest-action@v1
• Server response language: English only
• License: MIT with SPDX REUSE 3.x
• Copyright: 2026 RAprogramm <andrey.rozanov.vl@gmail.com>

Local verification

cargo +nightly fmt --all -- --check          # clean
cargo clippy --workspace --all-targets --all-features -- -D warnings  # clean
cargo test --workspace                        # 0/0 pass (stubs)
cargo build --workspace --release             # all 8 crates
cargo run --bin rustmanifest-schema-export -- --out crates/rustmanifest-schema/schemas
git diff --exit-code crates/rustmanifest-schema/schemas   # no drift
reuse lint                                    # 75/75 compliant

Out of scope

All analysis logic (tier 1/2/3), MCP server implementation, OAuth/HTTP transport, sampling, GitHub Action, LSP server, rule definitions parsed from markdown. These land in Phases 1–5 as outlined in the issue.

Notes for reviewers

• cargo-vet is intentionally not in CI for Phase 0 (bootstrap would require seeding exemptions; deferred to Phase 1 with a proper baseline).
• Coverage gate is artifact-only (no threshold). Ramp to 80% lands with Phase 1 analyzers.
• mcp-conformance job is a placeholder so the slot in the CI graph is wired today; body lands with Phase 2.