hyperpolymath · hyperpolymath · May 25, 2026 · May 25, 2026 · May 25, 2026
diff --git a/.claude/CLAUDE.md b/.claude/CLAUDE.md
@@ -19,14 +19,14 @@ The following files in `.machine_readable/` contain structured project metadata:
 
 | Language/Tool | Use Case | Notes |
 |---------------|----------|-------|
-| **ReScript** | Primary application code | Compiles to JS, type-safe |
+| **AffineScript** | Primary application code | Compiles to JS/WASM, linear/affine type system |
 | **Deno** | Runtime & package management | Replaces Node/npm/bun |
 | **Rust** | Performance-critical, systems, WASM | Preferred for CLI tools |
 | **Tauri 2.0+** | Mobile apps (iOS/Android) | Rust backend + web UI |
 | **Dioxus** | Mobile apps (native UI) | Pure Rust, React-like |
 | **Gleam** | Backend services | Runs on BEAM or compiles to JS |
 | **Bash/POSIX Shell** | Scripts, automation | Keep minimal |
-| **JavaScript** | Only where ReScript cannot | MCP protocol glue, Deno APIs |
+| **JavaScript** | Only where AffineScript cannot, or as per-language reference (examples/) | Avoid for new code unless integrating an external JS API |
 | **Nickel** | Configuration language | For complex configs |
 | **Guile Scheme** | State/meta files | STATE.scm, META.scm, ECOSYSTEM.scm |
 | **Julia** | Batch scripts, data processing | Per RSR |
@@ -37,35 +37,38 @@ The following files in `.machine_readable/` contain structured project metadata:
 
 | Banned | Replacement |
 |--------|-------------|
-| TypeScript | ReScript |
+| TypeScript | AffineScript |
+| ReScript | AffineScript |
 | Node.js | Deno |
 | npm | Deno |
 | Bun | Deno |
 | pnpm/yarn | Deno |
 | Go | Rust |
-| Python | Julia/Rust/ReScript |
+| Python | Julia/Rust/AffineScript |
 | Java/Kotlin | Rust/Tauri/Dioxus |
 | Swift | Tauri/Dioxus |
 | React Native | Tauri/Dioxus |
 | Flutter/Dart | Tauri/Dioxus |
+| PMPL-1.0 / PMPL-1.0-or-later | MPL-2.0 |
 
 ### Mobile Development
 
 **No exceptions for Kotlin/Swift** - use Rust-first approach:
 
-1. **Tauri 2.0+** - Web UI (ReScript) + Rust backend, MIT/Apache-2.0
+1. **Tauri 2.0+** - Web UI (AffineScript) + Rust backend, MIT/Apache-2.0
 2. **Dioxus** - Pure Rust native UI, MIT/Apache-2.0
 
 Both are FOSS with independent governance (no Big Tech).
 
 ### Enforcement Rules
 
-1. **No new TypeScript files** - Convert existing TS to ReScript
+1. **No new TypeScript or ReScript files** - Use AffineScript; meaningfully migrate existing TS/JS to AffineScript when touched (per-language `examples/` references may stay)
 2. **No package.json for runtime deps** - Use deno.json imports
 3. **No node_modules in production** - Deno caches deps automatically
 4. **No Go code** - Use Rust instead
-5. **No Python anywhere** - Use Julia for data/batch, Rust for systems, ReScript for apps
+5. **No Python anywhere** - Use Julia for data/batch, Rust for systems, AffineScript for apps
 6. **No Kotlin/Swift for mobile** - Use Tauri 2.0+ or Dioxus
+7. **License**: MPL-2.0 only — never PMPL-1.0 / PMPL-1.0-or-later / MPL-2.0-or-later
 
 ### Package Management
 

diff --git a/.clusterfuzzlite/Dockerfile b/.clusterfuzzlite/Dockerfile
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 FROM gcr.io/oss-fuzz-base/base-builder-rust@sha256:73c1d5648db54100639339d411a5d192cbc8bf413ee91e843a07cf6f0e319dc7
 
 COPY . $SRC/absolute-zero

diff --git a/.clusterfuzzlite/build.sh b/.clusterfuzzlite/build.sh
@@ -1,7 +1,11 @@
 #!/bin/bash -eu
-# SPDX-License-Identifier: PMPL-1.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 cd "$SRC"/absolute-zero
 cargo +nightly fuzz build
+# cargo-fuzz writes binaries to `fuzz/target/<triple>/release/<target>`
+# (the fuzz crate's own target dir), not to the workspace root. The
+# previous `./target/...` path was a vestige of an earlier layout where
+# fuzz/ depended on the parent crate's `[lib]` (since removed).
 for target in $(cargo +nightly fuzz list); do
-    cp ./target/x86_64-unknown-linux-gnu/release/$target $OUT/
+    cp fuzz/target/x86_64-unknown-linux-gnu/release/$target $OUT/
 done
diff --git a/.clusterfuzzlite/project.yaml b/.clusterfuzzlite/project.yaml
@@ -1,2 +1,2 @@
-# SPDX-License-Identifier: MPL-2.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 language: rust
diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: MPL-2.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 # Funding platforms for hyperpolymath projects
 # See: https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository
 

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: MPL-2.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 version: 2
 updates:
   - package-ecosystem: "cargo"

diff --git a/.github/workflows/cflite_batch.yml b/.github/workflows/cflite_batch.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: MPL-2.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 name: ClusterFuzzLite batch fuzzing
 on:
   schedule:

diff --git a/.github/workflows/cflite_pr.yml b/.github/workflows/cflite_pr.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: MPL-2.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 name: ClusterFuzzLite PR fuzzing
 on:
   pull_request:

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: MPL-2.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 name: CodeQL Security Analysis
 
 on:

diff --git a/.github/workflows/governance.yml b/.github/workflows/governance.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 # governance.yml — single wrapper calling the shared estate governance bundle
 # in hyperpolymath/standards instead of carrying per-repo copies.
 #

diff --git a/.github/workflows/hypatia-scan.yml b/.github/workflows/hypatia-scan.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 # Hypatia Neurosymbolic CI/CD Security Scan
 name: Hypatia Security Scan
 

diff --git a/.github/workflows/jekyll-gh-pages.yml b/.github/workflows/jekyll-gh-pages.yml
diff --git a/.github/workflows/language-policy.yml b/.github/workflows/language-policy.yml
@@ -1,6 +1,10 @@
-# SPDX-License-Identifier: MPL-2.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 name: Language Policy Enforcement
 on: [push, pull_request]
+
+permissions:
+  contents: read
+
 jobs:
   check:
     runs-on: ubuntu-latest
@@ -11,7 +15,7 @@
           # Block new Python files (except SaltStack)
           NEW_PY=$(git diff --name-only --diff-filter=A HEAD~1 2>/dev/null | grep -E '\.py$' | grep -v 'salt' || true)
           if [ -n "$NEW_PY" ]; then
-            echo "❌ New Python files detected. Use Rust or ReScript instead."
+            echo "❌ New Python files detected. Use Rust or AffineScript instead."
             echo "$NEW_PY"
             exit 1
           fi

diff --git a/.github/workflows/mirror.yml b/.github/workflows/mirror.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: MPL-2.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 # SPDX-FileCopyrightText: 2025 Jonathan D.A. Jewell
 name: Mirror to Git Forges
 

diff --git a/.github/workflows/publish-container.yml b/.github/workflows/publish-container.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: MPL-2.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 name: Publish Container
 
 on:

diff --git a/.github/workflows/rescript-deno-ci.yml b/.github/workflows/rescript-deno-ci.yml
diff --git a/.github/workflows/rust-ci.yml b/.github/workflows/rust-ci.yml
@@ -1,6 +1,10 @@
-# SPDX-License-Identifier: MPL-2.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 name: Rust CI
 on: [push, pull_request]
+
+permissions:
+  contents: read
+
 env:
   CARGO_TERM_COLOR: always
   RUSTFLAGS: -Dwarnings

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: MPL-2.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 name: OSSF Scorecard
 on:
   push:

diff --git a/.github/workflows/secret-scanner.yml b/.github/workflows/secret-scanner.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: MPL-2.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 # Prevention workflow - scans for hardcoded secrets before they reach main
 name: Secret Scanner
 

diff --git a/.gitignore b/.gitignore
@@ -81,3 +81,6 @@ htmlcov/
 # Crash recovery artifacts
 ai-cli-crash-capture/
 proofs/lean4/.lake/
+
+# Rust build outputs in subdirectories (e.g. fuzz/target/)
+**/target/
diff --git a/.hypatia-ignore b/.hypatia-ignore
@@ -0,0 +1,16 @@
+# Hypatia rule exemptions for absolute-zero.
+#
+# Format: `<rule_id>:<file_path_relative_to_repo_root>` (one per line).
+# Comments (lines starting with #) and blank lines are ignored.
+#
+# Adding an entry requires a stated rationale below the line so the
+# exemption survives review and audit.
+
+# Per-language CNO reference example. `examples/<lang>/` is a 30-language
+# showcase comparing how each language expresses "do absolutely nothing"
+# — the Go-specific runtime characteristics (goroutine scheduler init,
+# GC startup, runtime.GOMAXPROCS) are the point of the example. Mirrors
+# the rationale for keeping `examples/javascript/nop.js` (also a
+# per-language reference). The repo language policy still bans new Go
+# code; this is reference material, not implementation.
+cicd_rules/banned_language_file:examples/go/nop.go
diff --git a/.machine_readable/6a2/AGENTIC.a2ml b/.machine_readable/6a2/AGENTIC.a2ml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 # Copyright (c) 2026 Jonathan D.A. Jewell (hyperpolymath) <j.d.a.jewell@open.ac.uk>
 #
 # AGENTIC.a2ml — AI agent constraints and capabilities for absolute-zero
@@ -22,7 +22,7 @@ can-create-files = true
 # - Never commit secrets or credentials
 # - Never use banned languages: TypeScript, Python (except SaltStack), Go, Node.js, Bun, npm
 # - Never place checkpoint files outside .machine_readable/
-# - Never use AGPL-3.0 license (use PMPL-1.0-or-later)
+# - Never use AGPL-3.0 license (use MPL-2.0)
 # - Never run the full test suite without user approval (mathlib build is expensive)
 
 [proof-safety]

diff --git a/.machine_readable/6a2/ECOSYSTEM.a2ml b/.machine_readable/6a2/ECOSYSTEM.a2ml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 # Copyright (c) 2026 Jonathan D.A. Jewell (hyperpolymath) <j.d.a.jewell@open.ac.uk>
 #
 # ECOSYSTEM.a2ml — Absolute Zero ecosystem position

diff --git a/.machine_readable/6a2/META.a2ml b/.machine_readable/6a2/META.a2ml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 # Copyright (c) 2026 Jonathan D.A. Jewell (hyperpolymath) <j.d.a.jewell@open.ac.uk>
 #
 # META.a2ml — Absolute Zero meta-level information
@@ -9,7 +9,7 @@ version = "1.0.0"
 last-updated = "2026-05-20"
 
 [project-info]
-license = "PMPL-1.0-or-later"
+license = "MPL-2.0"
 author = "Jonathan D.A. Jewell (hyperpolymath)"
 
 [architecture-decisions]

diff --git a/.machine_readable/6a2/NEUROSYM.a2ml b/.machine_readable/6a2/NEUROSYM.a2ml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 # Copyright (c) 2026 Jonathan D.A. Jewell (hyperpolymath) <j.d.a.jewell@open.ac.uk>
 #
 # NEUROSYM.a2ml — Neurosymbolic integration metadata for absolute-zero

diff --git a/.machine_readable/6a2/PLAYBOOK.a2ml b/.machine_readable/6a2/PLAYBOOK.a2ml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 # Copyright (c) 2026 Jonathan D.A. Jewell (hyperpolymath) <j.d.a.jewell@open.ac.uk>
 #
 # PLAYBOOK.a2ml — Operational playbook for absolute-zero

diff --git a/.machine_readable/6a2/STATE.a2ml b/.machine_readable/6a2/STATE.a2ml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 # Copyright (c) 2026 Jonathan D.A. Jewell (hyperpolymath) <j.d.a.jewell@open.ac.uk>
 #
 # STATE.a2ml — Absolute Zero project state

diff --git a/.machine_readable/AGENTIC.scm b/.machine_readable/AGENTIC.scm
@@ -1,4 +1,4 @@
-;; SPDX-License-Identifier: PMPL-1.0-or-later
+;; SPDX-License-Identifier: MPL-2.0
 ;; AGENTIC.scm - AI agent interaction patterns for absolute-zero
 
 (define agentic-config

diff --git a/.machine_readable/ECOSYSTEM.scm b/.machine_readable/ECOSYSTEM.scm
@@ -1,4 +1,4 @@
-;; SPDX-License-Identifier: PMPL-1.0-or-later
+;; SPDX-License-Identifier: MPL-2.0
 ;; ECOSYSTEM.scm - Ecosystem position for absolute-zero
 ;; Media-Type: application/vnd.ecosystem+scm
 

diff --git a/.machine_readable/META.scm b/.machine_readable/META.scm
@@ -1,4 +1,4 @@
-;; SPDX-License-Identifier: PMPL-1.0-or-later
+;; SPDX-License-Identifier: MPL-2.0
 ;; META.scm - Meta-level information for absolute-zero
 ;; Media-Type: application/meta+scheme
 

diff --git a/.machine_readable/NEUROSYM.scm b/.machine_readable/NEUROSYM.scm
@@ -1,4 +1,4 @@
-;; SPDX-License-Identifier: PMPL-1.0-or-later
+;; SPDX-License-Identifier: MPL-2.0
 ;; NEUROSYM.scm - Neurosymbolic integration config for absolute-zero
 
 (define neurosym-config

diff --git a/.machine_readable/PLAYBOOK.scm b/.machine_readable/PLAYBOOK.scm
@@ -1,4 +1,4 @@
-;; SPDX-License-Identifier: PMPL-1.0-or-later
+;; SPDX-License-Identifier: MPL-2.0
 ;; PLAYBOOK.scm - Operational runbook for absolute-zero
 
 (define playbook

diff --git a/.machine_readable/contractiles/bust/Bustfile.a2ml b/.machine_readable/contractiles/bust/Bustfile.a2ml
@@ -1,5 +1,5 @@
 // Bustfile.a2ml — meta-repo bust contractile (breakage / rollback)
-// SPDX-License-Identifier: PMPL-1.0-or-later
+// SPDX-License-Identifier: MPL-2.0
 
 Bust {
     name: "absolute-zero"

diff --git a/.machine_readable/contractiles/bust/bust.ncl b/.machine_readable/contractiles/bust/bust.ncl
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0-or-later
+# SPDX-License-Identifier: MPL-2.0
 # Bust — error-handling / failure-recovery runner
 #
 # Pairs with: Bustfile.a2ml (same directory)