Current session state.
Unique session identifier.
Schema version — always "v1" for this generation.
Current FlowGuard phase.
Workspace binding (OpenCode session <-> git worktree).
Ticket/task evidence from /ticket.
Architecture Decision Record from /architecture.
Plan record with version history from /plan.
Self-review loop state (PLAN phase, digest-stop).
Validation check results (VALIDATION phase, N checks in one phase).
Implementation evidence from /implement.
Implementation review iteration result (IMPL_REVIEW phase, digest-stop).
OptionalimplReviewFindings?: Readonly<Independent review findings for /implement (parallel, NOT mixed with ImplEvidence).
OptionalreviewAssurance?: Readonly<P35 strict independent-review obligations and invocation evidence.
Human review decision at PLAN_REVIEW, EVIDENCE_REVIEW, or ARCH_REVIEW.
Absolute path to the generated review report file (REVIEW phase, P8b).
Next auto-generated ADR sequence number for /architecture.
Active profile information — resolved at hydrate time. Contains the profile ID, name, and LLM rule content. The ruleContent is the stack-specific guidance text injected into tool responses when commands reference "profile rules". phaseRuleContent maps Phase values to additional phase-specific text that is appended to ruleContent when the session is in that phase. Null only if no profile was resolved (should not happen — baseline is always available).
Active validation checks for this session. Open string set — profile registry validates at runtime. Base: [test_quality, rollback_safety]. Extended per profile.
Immutable policy snapshot — frozen at session creation. Records which FlowGuard rules governed this session. The hash provides non-repudiation for auditors.
Identity of the session initiator (author). Set once at hydrate time, never mutated. Used for regulated approval four-eyes enforcement: initiatedBy !== reviewDecision.decidedBy (approve path).
P30: For regulated sessions, this MUST be a known actor identity, not the technical session ID. Use initiatedByIdentity for full provenance.
OptionalinitiatedByIdentity?: Readonly<Structured initiator identity for regulated approval (P30). Persists actor identity at session creation for four-eyes proof. Required for regulated mode.
OptionalactorInfo?: Readonly<Resolved actor identity at hydrate time (P27). Best-effort operator identity — NOT an authentication claim. Absent when no actor identity was resolved; null is not a valid state value.
OptionaldiscoveryDigest?: string | nullSHA-256 digest of the DiscoveryResult at session creation time. Used for drift detection: if the workspace discovery changes, this digest will no longer match the current discovery.json. Null for sessions created before Phase 5 (discovery system).
OptionaldiscoverySummary?: Lightweight discovery summary for quick consumption by Plan/Review/Implement. NOT the full DiscoveryResult — just the most useful fields. Null for sessions created before Phase 5 (discovery system).
OptionaldetectedStack?: Compact detected stack evidence for surfacing in flowguard_status.
Derived evidence — NOT SSOT. The authoritative stack data lives in DiscoveryResult.stack. This is a compact projection of all detected stack items (versioned and unversioned), sorted deterministically by category then id.
Null when no items were detected or for pre-discovery sessions.
OptionalverificationCandidates?: {Advisory verification command candidates derived from stack + manifest evidence.
Derived evidence — NOT SSOT. These candidates are planning hints only and MUST NOT be treated as executed checks.
Last transition (from → to via event). Null before first transition.
Error state. Non-null triggers ERROR event in guard evaluation.
Session creation timestamp (set once by init()).
OptionalarchiveStatus?: "pending" | "verified" | "failed" | "created" | nullArchive lifecycle status for completed sessions.
Only set for regulated clean completions (EVIDENCE_REVIEW → APPROVE → COMPLETE). Non-regulated sessions and aborted sessions do not set this field.
pending — archive creation in progresscreated — archive created, verification pendingverified — archive created and verification passedfailed — archive creation or verification failedInvariant: phase === 'COMPLETE' && policySnapshot.mode === 'regulated' && !error && archiveStatus !== 'verified' = NOT a clean regulated completion.
Added in P26 — .optional() for backward compatibility (no schema version bump).
Optionalpolicy: { requireHumanGates?: boolean }Optional policy for mode-aware behavior. If omitted, defaults to requireHumanGates: true (safe default).
Evaluate the current state to determine what happens next.
Algorithm:
This function is the HEART of the FlowGuard machine. Every phase transition flows through here.