Scope
Implement BearBrowser consumption of the merged SocioProphet/prophet-platform ADR-035 transparent fault attribution contracts.
Canonical upstream dependency:
SocioProphet/prophet-platform squash commit 86b0fbc203b595fb7ef103ee06f845211ea46378- ADR:
adr/ADR-035-transparent-fault-attribution-and-embedded-engine-policy.md
- Contracts:
FaultEnvelope, EngineManifest, BoundaryTransition, RolloutReceipt, DiagnosticRedactionPolicy
Design intent
BearBrowser must make built-in and extension-backed engines visible. "No extensions installed" is not enough. Built-in renderers, service workers, PDF/document renderers, automation bridges, diagnostics reporters, storage services, network profilers, and AI/agent helpers must be inspectable.
Acceptance criteria
- Add BearBrowser
EngineManifest examples for browser shell, renderer, extension host, PDF/document renderer, media decoder, network service, diagnostics reporter, storage service, automation bridge, and agent browser runtime.
- Add
BoundaryTransition emission points or stubs for renderer spawn, network open, file open, credential request, automation bridge use, diagnostic export, and policy gate transitions.
- Add
FaultEnvelope fixture for renderer crash/guard-fault cases.
- Add a design doc or UX stub for a "Why is this engine running?" component inspector.
- Inspector design must show: engine manifest ref, process identity, sandbox profile, network state, storage partition, last visible user action, and evidence refs.
- Default shareable diagnostics must use
DiagnosticRedactionPolicy and redact stable identifiers.
Non-goals
Do not fork or patch the upstream LibreWolf mirror for this. SourceOS product behavior belongs in BearBrowser overlays and product surfaces, not in the clean upstream mirror.
Scope
Implement BearBrowser consumption of the merged
SocioProphet/prophet-platformADR-035 transparent fault attribution contracts.Canonical upstream dependency:
SocioProphet/prophet-platformsquash commit86b0fbc203b595fb7ef103ee06f845211ea46378adr/ADR-035-transparent-fault-attribution-and-embedded-engine-policy.mdFaultEnvelope,EngineManifest,BoundaryTransition,RolloutReceipt,DiagnosticRedactionPolicyDesign intent
BearBrowser must make built-in and extension-backed engines visible. "No extensions installed" is not enough. Built-in renderers, service workers, PDF/document renderers, automation bridges, diagnostics reporters, storage services, network profilers, and AI/agent helpers must be inspectable.
Acceptance criteria
EngineManifestexamples for browser shell, renderer, extension host, PDF/document renderer, media decoder, network service, diagnostics reporter, storage service, automation bridge, and agent browser runtime.BoundaryTransitionemission points or stubs for renderer spawn, network open, file open, credential request, automation bridge use, diagnostic export, and policy gate transitions.FaultEnvelopefixture for renderer crash/guard-fault cases.DiagnosticRedactionPolicyand redact stable identifiers.Non-goals
Do not fork or patch the upstream LibreWolf mirror for this. SourceOS product behavior belongs in BearBrowser overlays and product surfaces, not in the clean upstream mirror.