egallmann · egallmann · May 30, 2026 · May 29, 2026 · May 30, 2026 · May 30, 2026
diff --git a/.github/workflows/ip-guard.yml b/.github/workflows/ip-guard.yml
@@ -51,7 +51,7 @@ jobs:
           # architecture sub-type prefixes (PC-nnnn, PS-nnnn, etc.).
           # Exclude known product/architecture identifiers via lookahead:
           SAFE='ADR-|INV-|CAP-|DEC-|REL-|COMP-|CONST-|SYS-|SHA-|ISO-'
-          SAFE+='|BOUND-|SYSBOUND-|IFACE-|GAP-|CTR-'
+          SAFE+='|BOUND-|SYSBOUND-|IFACE-|GAP-|CTR-|IMPL-'
           PAT_JIRA="\b(?!${SAFE})[A-Z]{3,}-[0-9]{3,}\b"
           if git grep -nP "$PAT_JIRA" -- "${GLOBAL_EXCLUDES[@]}" ; then
             fail "$PAT_JIRA"

diff --git a/.gitignore b/.gitignore
@@ -14,6 +14,7 @@ build/
 # Proof artifacts and generated reports (do not commit)
 lifecycle-proof/
 reports/
+benchmark-results/
 
 # Runtime state (regenerated by RECON)
 # .ste/state/ - Only track README.md (ignore all other files)

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,8 +7,102 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Fixed
+
+- Transient EPERM/EACCES/EBUSY failures on Windows during atomic file
+  rename in RECON population. `atomicWriteFile` now retries up to 3 times
+  with exponential backoff + jitter (50ms base). Prevents silently missing
+  slices caused by AV scanners, IDE indexers, or concurrent RECON passes
+  racing on directory metadata.
+
+- Ad-hoc temp+rename patterns in `cross-repo-edges.ts` (deterministic
+  `.tmp` suffix, collision-prone) and `repo-sentinel.ts` (pid-based temp)
+  replaced with `atomicWriteFile`, gaining retry behavior and random
+  collision-resistant temp names.
+
+- MCP server startup hang caused by O(N x DFS) topology analysis algorithm.
+  Replaced per-node recursive DFS with single-pass BFS layering (Kahn's
+  algorithm) completing in O(N+E). The 5000-node synthetic graph test
+  completes under 100ms.
+
+- Redundant graph loading on MCP startup: `initialize()` and `reloadContext()`
+  each called `loadAidocGraph` twice (once via `initRssContext`, once for
+  topology analysis). Both now reuse the already-loaded `rssContext.graph`,
+  halving cold-start I/O.
+
+- Self-analysis branch in `initialize()` suffered the same redundant load;
+  now reuses `selfContext.graph` directly.
+
+- Stale `graph-metrics.json` accepted without validation. Added a node-count
+  delta check: metrics are recomputed when cached `totalComponents` diverges
+  from `graph.size` by more than 10%.
+
+- Sequential YAML file reads in `loadAidocGraph` replaced with bounded-
+  concurrency parallel reads using `ioLimiter` (16 concurrent). At N=5000,
+  reduces sequential ~50s I/O to ~2s.
+
+### Changed
+
+- ADR-PC-0001 amended: added implementation decisions IMPL-0001 (BFS
+  layering), IMPL-0002 (single graph load), IMPL-0003 (staleness check);
+  added INV-0026 (O(N+E) startup bound); closed GAP-0001 (implicit
+  performance gap).
+
+- ADR-PS-0001 amended: added `startup_latency` operational requirement
+  mandating O(N+E) startup operations and sub-10s cold-start at N=5000.
+
+- Manifest, architecture index, and rendered docs regenerated via
+  adr-architecture-kit.
+
 ### Added
 
+- Full infrastructure domain emission: workspace graph slices now emit all
+  RECON-extracted CFN resources as nodes, replacing the previous 8-type
+  backend-biased allowlist. Supports backend services, frontend SPAs, and
+  MFE monorepos equally.
+
+- 16 new workspace graph node types: Stack, Distribution, WebACL, Certificate,
+  DNSRecord, APIGateway, SecurityGroup, Secret, DBCluster, DBProxy, LogGroup,
+  Alarm, DeliveryStream, EventRule, Role, and InfraResource (catch-all fallback).
+
+- Shared `cfn-type-mapping` module (`src/workspace/cfn-type-mapping.ts`):
+  single source of truth for CFN-to-graph-type mapping used by both
+  slice-emitter and resource-resolver, preventing mapping drift.
+
+- Stack nodes emitted from infrastructure/template slices with `contains`
+  edges to child resources, surfacing nested stack topology in the graph.
+
+- InfraResource fallback: unmapped AWS::* types are emitted as InfraResource
+  nodes with `cfn_type` preserved in attributes for downstream classification.
+
+- Generic name resolution via `NODE_NAME_KEYS`: display names resolved from
+  type-specific CFN property keys with `logicalId` as last-resort fallback.
+  No resource is dropped due to null name.
+
+- `contains` verb added to ratified edge vocabulary for structural
+  containment relationships (stack-contains-resource, stack-contains-stack).
+
+- Auxiliary node suppression at L0-L2 projections: Role, SecurityGroup,
+  LogGroup, Alarm, Certificate, and DNSRecord nodes are compressed at
+  overview resolutions while remaining visible at L3-L4.
+
+- Unit tests for full infrastructure domain emission including frontend
+  resource types, InfraResource fallback, auxiliary marking, and logicalId
+  name resolution.
+
+### Changed
+
+- ADR-L-0016 amended: CONST-0010 expanded with 16 new ratified node types,
+  CONST-0011 expanded with `contains` verb, INV-0019 added for emission
+  completeness invariant.
+
+- ADR-PC-0007 amended: CFN type completeness expectations documented,
+  GAP-0001 (Serverless::StateMachine) closed, intrinsic handling boundaries
+  defined.
+
+- ADR-PC-0008 amended: resource-to-node emission policy defined (all
+  extracted resources become nodes), SDK-to-graph-type mapping expanded.
+
 - `ste setup` CLI command: one-command workspace onboarding that detects
   workspace type (multi-repo vs single-repo), scaffolds `workspace.yaml` or
   `ste.config.json`, creates workspace-level `.cursor/mcp.json` with correct

diff --git a/adrs/entities/registry.yaml b/adrs/entities/registry.yaml
@@ -118,6 +118,18 @@ entities:
       depends_on: []
       implements: []
       realizes: []
+  - entity_id: CAP-0020
+    entity_type: capability
+    name: Source-aware CEM and MVC assembly
+    introduced_by: ADR-L-0020
+    lifecycle_stage: proposed
+    source_path: adrs/logical/ADR-L-0020-source-locators-cem-mvc.yaml
+    source_artifact_type: logical_adr
+    related_adrs: []
+    relationships:
+      depends_on: []
+      implements: []
+      realizes: []
   - entity_id: COMP-0001
     entity_type: component
     name: MCP Server and Tool Registry
@@ -510,6 +522,22 @@ entities:
       realizes:
         - INV-0022
         - INV-0023
+  - entity_id: DEC-0022
+    entity_type: decision
+    name: Use source locators as foundational infrastructure for CEM and MVC
+    introduced_by: ADR-L-0020
+    lifecycle_stage: proposed
+    source_path: adrs/logical/ADR-L-0020-source-locators-cem-mvc.yaml
+    source_artifact_type: logical_adr
+    related_adrs: []
+    relationships:
+      depends_on: []
+      implements:
+        - CAP-0020
+      realizes:
+        - INV-0027
+        - INV-0028
+        - INV-0029
   - entity_id: INV-0001
     entity_type: invariant
     name: INV-0001
@@ -798,3 +826,39 @@ entities:
       depends_on: []
       implements: []
       realizes: []
+  - entity_id: INV-0027
+    entity_type: invariant
+    name: INV-0027
+    introduced_by: ADR-L-0020
+    lifecycle_stage: proposed
+    source_path: adrs/logical/ADR-L-0020-source-locators-cem-mvc.yaml
+    source_artifact_type: logical_adr
+    related_adrs: []
+    relationships:
+      depends_on: []
+      implements: []
+      realizes: []
+  - entity_id: INV-0028
+    entity_type: invariant
+    name: INV-0028
+    introduced_by: ADR-L-0020
+    lifecycle_stage: proposed
+    source_path: adrs/logical/ADR-L-0020-source-locators-cem-mvc.yaml
+    source_artifact_type: logical_adr
+    related_adrs: []
+    relationships:
+      depends_on: []
+      implements: []
+      realizes: []
+  - entity_id: INV-0029
+    entity_type: invariant
+    name: INV-0029
+    introduced_by: ADR-L-0020
+    lifecycle_stage: proposed
+    source_path: adrs/logical/ADR-L-0020-source-locators-cem-mvc.yaml
+    source_artifact_type: logical_adr
+    related_adrs: []
+    relationships:
+      depends_on: []
+      implements: []
+      realizes: []
diff --git a/adrs/index/architecture-index.yaml b/adrs/index/architecture-index.yaml
@@ -1,7 +1,7 @@
 schema_version: '1.1'
 type: architecture_index
 architecture_namespace: ste-runtime
-generated_at: '2026-05-27T00:52:37Z'
+generated_at: '2026-05-27T05:44:06Z'
 generator: adr-architecture-index
 entity_registry_path: adrs/index/entity-registry.yaml
 relationship_registry_path: adrs/index/relationship-registry.yaml
@@ -16,7 +16,7 @@ validation_summary:
   warnings: 0
   unresolved_entries: 0
 source_coverage:
-  logical_adrs: 18
+  logical_adrs: 19
   physical_adrs: 5
   physical_system_adrs: 2
   physical_component_adrs: 11

diff --git a/adrs/index/capability-registry.yaml b/adrs/index/capability-registry.yaml
@@ -451,3 +451,61 @@ entities:
       extraction_phase: extract_capability
       classification: explicit
       generator: adr-architecture-index
+  - id: CAP-0020
+    entity_type: capability
+    name: Source-aware CEM and MVC assembly
+    summary: >-
+      Resolve workspace graph entities to authoritative source artifacts through stable URI locators, assemble CEM
+      bundles with provenance and validation state, derive bounded MVC bundles, and validate MVC bundles against thei
+    lifecycle_stage: proposed
+    canonical_source:
+      source_type: logical_adr
+      source_ref: ADR-L-0020#CAP-0020
+      artifact_path: adrs/logical/ADR-L-0020-source-locators-cem-mvc.yaml
+    source_refs: []
+    metadata:
+      adr_id: ADR-L-0020
+      domains:
+        - workspace
+        - graph
+        - cem
+        - mvc
+        - provenance
+      implemented_by_components:
+        - COMP-0011
+        - COMP-0010
+      enabled_by_decisions:
+        - DEC-0022
+    relationships:
+      declared_in:
+        - ADR-L-0020
+      declares: []
+      references: []
+      referenced_by: []
+      related_to: []
+      enforces: []
+      enforced_by: []
+      enabled_by:
+        - DEC-0022
+      enables: []
+      governs: []
+      governed_by: []
+      implemented_by:
+        - COMP-0010
+        - COMP-0011
+      implements: []
+      embodied_in: []
+      embodies: []
+      supersedes: []
+      superseded_by: []
+      refines: []
+      refined_by: []
+    completeness:
+      status: complete
+      missing_fields: []
+    provenance:
+      source_type: logical_adr
+      source_ref: ADR-L-0020#CAP-0020
+      extraction_phase: extract_capability
+      classification: explicit
+      generator: adr-architecture-index
diff --git a/adrs/index/component-registry.yaml b/adrs/index/component-registry.yaml
@@ -533,6 +533,7 @@ entities:
       implements:
         - CAP-0018
         - CAP-0019
+        - CAP-0020
       embodied_in:
         - SYS-0001
       embodies: []
@@ -590,6 +591,7 @@ entities:
       implements:
         - CAP-0018
         - CAP-0019
+        - CAP-0020
       embodied_in:
         - SYS-0001
       embodies: []

diff --git a/adrs/index/decision-registry.yaml b/adrs/index/decision-registry.yaml
@@ -1006,3 +1006,61 @@ entities:
       extraction_phase: extract_decision
       classification: explicit
       generator: adr-architecture-index
+  - id: DEC-0022
+    entity_type: decision
+    name: Use source locators as foundational infrastructure for CEM and MVC
+    summary: >-
+      Entity URI resolution is necessary but not sufficient for IDE and conversation-engine reasoning. ste-runtime must
+      assemble a correctness-first CEM bundle, derive a bounded MVC projection, and validate the MVC against the
+    lifecycle_stage: proposed
+    canonical_source:
+      source_type: logical_adr
+      source_ref: ADR-L-0020#DEC-0022
+      artifact_path: adrs/logical/ADR-L-0020-source-locators-cem-mvc.yaml
+    source_refs: []
+    metadata:
+      adr_id: ADR-L-0020
+      related_invariants:
+        - INV-0027
+        - INV-0028
+        - INV-0029
+      enforces_invariants: []
+      enables_capabilities:
+        - CAP-0020
+      governs_components: []
+      supersedes: []
+      refines: []
+    relationships:
+      declared_in:
+        - ADR-L-0020
+      declares: []
+      references: []
+      referenced_by: []
+      related_to: []
+      enforces:
+        - INV-0027
+        - INV-0028
+        - INV-0029
+      enforced_by: []
+      enabled_by: []
+      enables:
+        - CAP-0020
+      governs: []
+      governed_by: []
+      implemented_by: []
+      implements: []
+      embodied_in: []
+      embodies: []
+      supersedes: []
+      superseded_by: []
+      refines: []
+      refined_by: []
+    completeness:
+      status: complete
+      missing_fields: []
+    provenance:
+      source_type: logical_adr
+      source_ref: ADR-L-0020#DEC-0022
+      extraction_phase: extract_decision
+      classification: explicit
+      generator: adr-architecture-index