docs: comprehensive audit fixes (build paths, python314, stubs, my-→redbear-, immutability)

Top-level + local docs audit (2026-06-18). Findings and fixes:

1. AGENTS.md CONVENTIONS section — corrected 'my-' prefix contradiction.
   The legacy 'my-*' prefix is deprecated and git-ignored. Use 'redbear-*'
   for tracked first-class configs.

2. README.md quick-start — promoted 'local/scripts/build-redbear.sh' to
   the recommended entry point. Bare 'scripts/run.sh --build' remains as
   a secondary path. Added note about build-redbear.sh's policy gates
   (.config checking, REDBEAR_ALLOW_PROTECTED_FETCH=1).

3. docs/06-BUILD-SYSTEM-SETUP.md — restructured Building section to put
   'build-redbear.sh' first, then 'make all' as legacy/advanced with
   clear notes on what gates it bypasses.

4. docs/05-KDE-PLASMA-ON-REDOX.md — replaced 'Stub-only package for
   dependency resolution' wording for kirigami. Per project policy
   (local/AGENTS.md STUB AND WORKAROUND POLICY — ZERO TOLERANCE),
   stubs are forbidden. The kirigami build is blocked at the QML gate;
   the recipe is honest and ships no fake/fallback package.

5. local/docs/BUILD-TOOLS-PORTING-PLAN.md — replaced all 'python312'
   references with 'python314' (matches V8.3 P0 bump from earlier).

6. local/AGENTS.md — added 'LOCAL RECIPE SOURCE IMMUTABILITY' section
   documenting the cb8b093564 guarantee. Any path matching
   /local/recipes/ is unconditionally immutable; no env var or flag
   can override. REDBEAR_ALLOW_LOCAL_UNFETCH=1 was removed as a kill
   switch and is now dead code. distclean-nuclear is now a no-op for
   local recipes.
This commit is contained in:
2026-06-18 15:29:11 +03:00
parent dc9465fc1e
commit b9cefe0806
6 changed files with 249 additions and 29 deletions
+1 -1
View File
@@ -27,7 +27,7 @@
| KF6 | All 32/32 built (some still blocked by QML gate) |
| `config/redbear-full.toml` | Present with KDE session launcher |
| `kwin`, `plasma-workspace`, `plasma-desktop` | Recipes exist; build/runtime trust is still incomplete and some recipe/source TODO markers remain |
| `kirigami` | Stub-only package for dependency resolution |
| `kirigami` | Build blocked at the QML gate (recipe is honest; no fake/fallback package shipped) |
| `kf6-kio` | Heavy blocked by QML gate-based build recipe |
| `kf6-kcmutils` | Stripped widget-only build recipe |
| `libxcvt` | Now builds as a real package; no longer needs to stay in the KWin stub bucket |
+16 -3
View File
@@ -110,13 +110,26 @@ desktop-capable target.
## Building
### Full Build (Desktop)
### Quick Build (Recommended)
```bash
make all
# Use the Red Bear wrapper (auto-handles .config, REDBEAR_ALLOW_PROTECTED_FETCH, etc.)
./local/scripts/build-redbear.sh redbear-mini # Text-only console target
./local/scripts/build-redbear.sh redbear-full # Desktop-capable target
./local/scripts/build-redbear.sh redbear-grub # Text-only + GRUB boot manager
```
This produces the image for the selected target, such as `build/x86_64/harddrive.img`.
These produce images such as `build/x86_64/harddrive.img` or `build/x86_64/redbear-mini.iso`.
### Bare `make all` (Legacy / Advanced)
```bash
make all CONFIG_NAME=redbear-mini
```
Bare `make all` works but bypasses the policy gates (`.config` checking,
`REDBEAR_ALLOW_PROTECTED_FETCH=1`, etc.) that `build-redbear.sh` enforces. Prefer the wrapper
unless you specifically need to bypass those gates.
### Export External Toolchain