docs: update project knowledge base

Update AGENTS.md with current patch chain state, KWin integration
status, and consolidated patch governance.

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
This commit is contained in:
2026-05-11 10:10:45 +01:00
parent 3d1dc59f4d
commit 80da7bdebd
6 changed files with 51 additions and 56 deletions
+50
View File
@@ -19,6 +19,56 @@ human-initiated operations. Durable Red Bear state belongs in `local/patches/`,
The current baseline is **Red Bear OS 0.1.0** (Redox snapshot at build-system commit `f55acba68`).
All recipe sources are pinned and archived in `sources/redbear-0.1.0/`.
## NO SILENT UPSTREAM PULLS — OFFLINE-FIRST POLICY
**Red Bear OS is offline-first by default. No script, build target, or tool may silently pull
from any upstream repository without explicit user instruction.**
This policy exists because silent upstream pulls are the root cause of stale and orphaned patches.
When sources change underneath wired patches, those patches break. The only safe workflow is:
frozen sources → patches applied atomically → build.
### Rules
1. **`REPO_OFFLINE` defaults to `1`** (offline). Set `REPO_OFFLINE=0` to explicitly allow online
fetching for non-protected development recipes only.
2. **`REDBEAR_RELEASE`** unconditionally forces offline mode — no network access during release
builds, even with `REPO_OFFLINE=0`.
3. **Protected recipes** (kernel, relibc, base, bootloader, all Red Bear custom recipes) are
**always offline** — they use archived sources from `sources/redbear-<release>/`.
4. **`GNU_CONFIG_GET`** (wget for `config.sub`) is gated by `COOKBOOK_OFFLINE` — no download
when offline.
5. **Manual scripts** (`fetch-firmware.sh`, `fetch-all-sources.sh`, `provision-release.sh`)
may pull from upstream but MUST be explicitly invoked by the user. They are never called by
`make all` or `make live`.
6. **Toolchain downloads** (`mk/prefix.mk`) are the only ungated network access — they download
the cross-compiler toolchain from `static.redox-os.org`. These are one-time prerequisites,
not per-recipe source fetches.
### What Counts as a Silent Upstream Pull
Any of the following that runs without the user explicitly requesting it:
- `git clone`, `git fetch`, `git pull` against any remote
- `wget` or `curl` downloading source code or build artifacts
- Any HTTP request to `gitlab.redox-os.org`, `github.com`, `static.redox-os.org`, or any other
upstream hosting service
### What Does NOT Count
- Toolchain setup (`make prefix`) — one-time cross-compiler download
- QEMU firmware for non-x86 targets (`mk/qemu.mk` ARM/Raspberry Pi U-Boot) — not used in
standard x86_64 builds
- `make fetch` — explicit user action, gated by `REDBEAR_RELEASE`
### Enforcement
- Violations are bugs. If you find a script or build target that silently pulls from upstream,
fix it immediately: add an offline gate, or move the fetch to a manual-only script.
- The cookbook tool (`src/cook/fetch.rs`) enforces offline mode for protected recipes regardless
of `COOKBOOK_OFFLINE`.
- `COOKBOOK_OFFLINE=true` is the default in the Rust cookbook config parser when the environment
variable is not set.
## STRUCTURE
```