Add FM lifecycle metadata, comprehensive mitigation table, and audit-of-audits governance

[Copilot]

Base120's audit infrastructure lacked explicit FM mitigation tracking and lifecycle governance. This created ambiguity about which failure modes are mitigated in-repo vs. delegated to consumers, and no formal process for maintaining audit documents as the codebase evolves.

Changes

AUDIT_INDEX.md (+229 lines)

FM Mitigation Table

• 30 failure modes mapped to mitigation status: ✅ Mitigated (13/43%), ⚠️ Partial (11/37%), 🔄 Delegated (6/20%)
• Evidence column links directly to implementing code, tests, and docs
• Delegation rationale documented for each FM

Audit-of-Audits

• 7 mandatory triggers: new FM, schema change, registry mod, CI update, policy change, version bump
• 5-step synchronization process with document dependency graph
• Audit quality metrics: staleness < 90 days, 100% FM coverage, cross-reference accuracy

registries/fm.json (restructured)

Added lifecycle metadata to all 30 FMs:

{
  "id": "FM1",
  "name": "Specification Ambiguity",
  "lifecycle_state": "stable",
  "introduced_in": "v1.0.0",
  "deprecated_in": null,
  "removed_in": null,
  "deprecation_reason": null
}

All FMs marked stable in v1.0.0. Note: fm.json is not loaded by validators—purely documentation.

GOVERNANCE.md (+155 lines)

Invariant 2 Expansion

• Lifecycle states: Draft → Review → Stable → Deprecated → Removed
• State transition requirements table (evidence, approvals, process per transition)
• Example: Stable → Deprecated requires migration guide, 2+ reviewers, major version bump

Change Taxonomy Integration

• FM lifecycle changes mapped to change classes (Editorial/FM/Breaking)
• CI validation sequence: parse registry diff → validate transitions → map to change class → set required checks
• Invalid transition blocking: e.g., Stable → Removed without Deprecated state blocked at CI

v1.0.x Compatibility

Metadata additions are forward-compatible enhancements. No semantic changes:

• All 42 tests pass unchanged
• Deterministic validation preserved (byte-for-byte corpus outputs identical)
• Registry modifications clarified: semantic changes prohibited, metadata additions permitted

Technical Notes

FM lifecycle metadata enables v1.1.0+ governance automation (classifier workflows, evidence validation). All FMs remain frozen at "stable" in v1.0.x per specification contract.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Expand Failure Mode Mapping, Add Audit-of-Audits, and Formalize FM Lifecycles</issue_title>
<issue_description>Augment AUDIT_INDEX.md and supporting audits as follows:

• Explicitly table which failure modes (FMs) are mitigated in-repo vs those delegated to downstreams
• Add an 'audit of audits' section: when/why major audits (AUDIT_INDEX, DAY2_AUDIT, FM catalog) must be revisited, triggers (new FM, schema change, CI/audit infra update, etc.), and the process for keeping these synchronized
• Define FM lifecycle governance: draft → validated → deprecated, with each FM’s current state and required evidence for transitions

Outcome: AUDIT_INDEX and audit artifacts are self-referential, procedural, and offer strong invariants for Base120 as infrastructure.</issue_description>

<agent_instructions>Implement in phases:

Phase 1: Expand AUDIT_INDEX.md

• Create comprehensive FM mitigation table showing:
  • Which FMs are mitigated in-repo (with links to code/tests)
  • Which FMs are delegated to downstream consumers
  • Mitigation coverage status and rationale
• Add "Audit-of-Audits" section:
  • When/why AUDIT_INDEX, DAY2_AUDIT, and FM catalog must be revisited
  • Triggers: new FM, schema change, CI infrastructure update, policy change
  • Process for keeping audits synchronized

Phase 2: Formalize FM Lifecycle Governance

• Define FM states: draft → validated → deprecated
• Document required evidence for each transition
• Add FM state tracking mechanism (metadata in FM definitions)
• Update existing FMs with lifecycle state annotations

Phase 3: Integration with Governance

• Link FM lifecycle to change taxonomy from PR Formalize governance as CI-enforced contract with automated classification and invariant validation #26
• Ensure FM state changes trigger appropriate governance workflows
• Add CI checks to validate FM state consistency

Reference existing audit documents and governance patterns from PR #26.</agent_instructions>

Comments on the Issue (you are @copilot in this section)

• Fixes Expand Failure Mode Mapping, Add Audit-of-Audits, and Formalize FM Lifecycles #21

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[github-actions]

🔍 Governance Classification

Change Class: fm (Impact Level: 5)

Description: Changes to core validation logic, registries, or failure mode mappings

Evidence Requirements

• ✅ Full test suite passes
• ✅ Mathematical soundness proof
• ✅ Impact analysis on all corpus cases
• ✅ Audit update with rationale
• ⚠️ v1.0.x: Registry changes PROHIBITED

Review Requirements

• Minimum Reviewers: 2 external + CODEOWNER approval
• Audit Update Required: ✅ Yes

Next Steps

1. ✅ Ensure audit update in GOVERNANCE.md or CHANGELOG
2. ✅ Provide impact analysis in PR description
3. ✅ Wait for required approvals (2 + CODEOWNER)
4. ✅ Address any CI check failures

---

📚 See GOVERNANCE.md for detailed requirements.