john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
tractatus/docs/PLURALISM_CHECKLIST.md
TheFlow a4db3e62ec
Some checks are pending
CI / Run Tests (push) Waiting to run
Details
CI / Lint Code (push) Waiting to run
Details
CI / CSP Compliance Check (push) Waiting to run
Details
chore(vendor-policy): sweep project-self GitHub URLs to Codeberg (partial) 
Addresses the documentation-layer gap after Phase A/B moved the git REMOTE from
GitHub to Codeberg but left ~100 project-self GitHub URLs embedded in markdown,
HTML, JS, and Python files. The remote-layer migration was generalised as
"GitHub is gone from the codebase" without verifying the content layer.

22 files swept in this commit. 27 additional files hold pre-existing inst_016/017/018
or inst_084 debt that would transfer on touch (hook whole-file scan). Those
await a companion hygiene-first commit before their GitHub->Codeberg flip
can land cleanly.

Sweep scope this commit:
  - README.md, SECURITY.md
  - 3 For-Claude-Web bundle files (GitHub URLs noted as "separate concern" in
    today's earlier licence-swap commits)
  - docs/markdown/deployment-guide.md
  - docs/AUTOMATED_SYNC_SETUP, PLURALISM_CHECKLIST, github/AGENT_LIGHTNING_README
  - docs/business-intelligence/governance-bi-tools
  - docs/outreach/EXECUTIVE-BRIEF-BI-GOVERNANCE (+ v2)
  - docs/research/ARCHITECTURAL-SAFEGUARDS-*
  - email-templates/README.md, base-template.html
  - 3 scripts/seed-*-blog-post.js (blog-seeding scripts)
  - scripts/upload-document.js
  - SESSION_HANDOFF_2025-10-23_FRAMEWORK_ANALYSIS.md
  - SECURITY_INCIDENT_POST_MORTEM_2025-10-21.md

Pattern swaps (longest-first):
  github.com/AgenticGovernance/tractatus-framework/issues -> codeberg.org/mysovereignty/tractatus-framework/issues
  github.com/AgenticGovernance/tractatus-framework/discussions -> .../issues (Codeberg has no discussions feature)
  github.com/AgenticGovernance/tractatus-framework.git -> codeberg.org/mysovereignty/tractatus-framework.git
  github.com/AgenticGovernance/tractatus-framework -> codeberg.org/mysovereignty/tractatus-framework
  git@github.com:AgenticGovernance/... -> git@codeberg.org:mysovereignty/...
  github.com/AgenticGovernance/tractatus (old org/repo path) -> codeberg.org/mysovereignty/tractatus-framework
  AgenticGovernance/tractatus-framework (bare) -> mysovereignty/tractatus-framework

Hook validator update (scripts/hook-validators/validate-credentials.js):
  PROTECTED_VALUES.github_org:  'AgenticGovernance'  -> 'mysovereignty'
  PROTECTED_VALUES.license:     'Apache License 2.0' -> EUPL-1.2 long form
  URL detection regex:          /github\.com\/.../   -> /codeberg\.org\/.../
  Placeholder checks + error messages updated to reflect Codeberg as
  authoritative post-migration host. Key names (e.g. `github_org`) retained
  for backward compatibility with validate-file-edit.js.

Held back from this commit (27 files total, documented reasons):

  11 historical session handoffs / closedown docs / incident reports
    (2025-10 through 2026-02) — modifying them rewrites the record to contain
    URLs that did not exist at the time of writing, AND ownership of their
    pre-existing inst_084 exposures transfers on touch.

  8 live-content docs with pre-existing inst_084 debt (port/API-endpoint/
    file-path exposures): docs/markdown/case-studies.md, technical-architecture,
    introduction-to-the-tractatus-framework, implementation-guide-v1.1,
    docs/plans/integrated-implementation-roadmap-2025, docs/governance/*,
    docs/ANTHROPIC_*, docs/GOVERNANCE_SERVICE_*, docs/RESEARCH_DOCUMENTATION_*,
    deployment-quickstart/*.

  8 live-content docs with pre-existing inst_016/017/018 debt:
    CHANGELOG.md, CONTRIBUTING.md, docs/LAUNCH_ANNOUNCEMENT, LAUNCH_CHECKLIST,
    PHASE_4_REPOSITORY_ANALYSIS, PHASE_6_SUMMARY, docs/plans/research-enhancement-
    roadmap-2025, docs/case-studies/pre-publication-audit-oct-2025.

  Also NOT in this commit (separate concerns):
  - scripts/add-inst-084-github-url-protection.js (detection-rule logic needs
    framework-level decision on post-migration semantics).
  - .claude/* (framework state).
  - docs/PRODUCTION_DOCUMENTS_EXPORT.json (DB dump).
  - package-lock.json (npm sponsor URLs, third-party).
  - .git/config embedded credentials (requires out-of-band rotation on both
    remote hosts + auth-strategy decision; user-action task).

Context: today's EUPL-1.2 sweep closed the licence-text-content layer
(5c386d0d / 6d49bfbf / ab0a6af4 / 4c1a26e8). This commit starts closing the
matching vendor-URL-content layer. Next: hygiene-first pass on the 16
live-content docs held back, then a second URL-flip pass on them.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-20 10:53:13 +12:00

296 lines
8.8 KiB
Markdown
Raw Blame History

# Pluralism Code Review Checklist (inst_081)
**Purpose**: Enforce pluralistic values in code and decision-making
**Foundational Principle**: Different communities hold different, equally legitimate values frameworks
---
## 🚫 AI MUST NOT
### 1. Impose Unified Moral Framework
- [ ] Does the code/feature assume a single "correct" moral position?
- [ ] Are value judgments presented as objective facts?
- [ ] Are cultural frameworks ranked or prioritized without human input?
**Red Flags**:
- Hard-coded moral rules that apply universally
- UI/UX that assumes Western liberal values
- Default settings that favor one cultural perspective
- Error messages that moralize user choices
**Example Violation**:
```javascript
// ❌ BAD: Assumes individualist framework
const DEFAULT_PRIVACY = 'private'; // Forces individualist default
// ✅ GOOD: Allows community to choose
const DEFAULT_PRIVACY = getUserCommunityPreference('privacy_default');
```
---
### 2. Auto-Resolve Value Conflicts
- [ ] Does the code automatically resolve conflicts between competing values?
- [ ] Are trade-offs decided without human deliberation?
- [ ] Are value-laden decisions hidden in default behavior?
**Red Flags**:
- Algorithms that prioritize one value over another without configuration
- Conflict resolution that doesn't surface the value tension
- "Smart" features that make value judgments
**Example Violation**:
```javascript
// ❌ BAD: Auto-resolves privacy vs. community transparency
function shareData(data) {
if (data.sensitivity < 5) {
return publiclyShare(data); // Assumes transparency > privacy
}
}
// ✅ GOOD: Presents conflict to human
function shareData(data) {
if (hasValueConflict(data)) {
return PluralisticDeliberationOrchestrator.presentConflict({
values: ['privacy', 'transparency'],
context: data,
requireHumanInput: true
});
}
}
```
---
### 3. Rank Competing Values
- [ ] Does the code create hierarchies of values?
- [ ] Are some cultural frameworks treated as more important?
- [ ] Is there a "right" answer built into the logic?
**Red Flags**:
- Weighted scoring systems for values
- Priority queues based on moral importance
- Hardcoded precedence rules
**Example Violation**:
```javascript
// ❌ BAD: Ranks values without human input
const VALUE_WEIGHTS = {
individual_autonomy: 1.0,
community_harmony: 0.7, // Implicitly "less important"
indigenous_sovereignty: 0.5
};
```
---
### 4. Treat One Framework as Superior
- [ ] Is Western liberalism the default framework?
- [ ] Are indigenous frameworks treated as "special cases"?
- [ ] Are non-Western perspectives "add-ons"?
**Red Flags**:
- "Default" behavior that assumes Western norms
- Indigenous frameworks in `if (special_case)` blocks
- Comments like "// Handle edge case: indigenous data"
- CARE principles as optional extensions
**Example Violation**:
```javascript
// ❌ BAD: Indigenous frameworks as exceptions
function processData(data) {
// Standard processing (assumes Western framework)
const result = standardProcess(data);
// Special handling for indigenous data
if (data.isIndigenous) {
return applyCAREPrinciples(result);
}
return result;
}
// ✅ GOOD: All frameworks are foundational
function processData(data) {
const framework = identifyCulturalFramework(data);
const processor = getFrameworkProcessor(framework); // All equal
return processor.process(data);
}
```
---
## ✅ AI MUST
### 1. Present Value Conflicts to Humans
- [ ] Are value conflicts surfaced visibly in the UI/logs?
- [ ] Is human deliberation required before resolution?
- [ ] Are the competing values clearly explained?
**Implementation**:
```javascript
// Use PluralisticDeliberationOrchestrator for value conflicts
const conflict = {
values: ['data_sovereignty', 'research_openness'],
context: 'Publishing indigenous health research',
stakeholders: ['indigenous_community', 'researchers'],
requireHumanInput: true
};
await PluralisticDeliberationOrchestrator.handleConflict(conflict);
```
---
### 2. Respect Indigenous Frameworks as Foundational
- [ ] Are CARE principles (Collective Benefit, Authority to Control, Responsibility, Ethics) integrated at the architecture level?
- [ ] Is Te Tiriti honored in data governance decisions?
- [ ] Are indigenous frameworks core, not supplementary?
**Checklist**:
- [ ] Indigenous data sovereignty is a first-class feature, not an add-on
- [ ] CARE principles are checked **before** FAIR principles, not after
- [ ] Community authority is required, not optional
- [ ] Indigenous frameworks have equal representation in design docs
**Example**:
```javascript
// ✅ GOOD: CARE as foundational architecture
class DataGovernanceService {
async validateDataUse(data, useCase) {
// Step 1: Check CARE principles (foundational)
const careCompliant = await this.validateCARE(data, useCase);
if (!careCompliant.passes) {
return careCompliant; // STOP if CARE violated
}
// Step 2: Check FAIR principles (supplementary)
const fairCompliant = await this.validateFAIR(data, useCase);
return fairCompliant;
}
}
```
---
### 3. Acknowledge Multiple Valid Perspectives
- [ ] Does the code/documentation acknowledge that multiple perspectives exist?
- [ ] Are different viewpoints presented without ranking?
- [ ] Is user choice preserved?
**Documentation Standard**:
```markdown
## Privacy vs. Transparency
This feature involves a trade-off between individual privacy and community transparency.
**Individual Privacy Perspective**:
- Users have right to control their data
- Default: data is private unless explicitly shared
**Community Transparency Perspective**:
- Community has right to know member activities
- Default: data is shared within community
**Our Approach**:
We do not resolve this tension. Communities must choose their own balance
through democratic governance processes. See PluralisticDeliberationOrchestrator
for conflict resolution workflows.
```
---
### 4. Use PluralisticDeliberationOrchestrator for Conflicts
- [ ] Is PDO invoked when value conflicts are detected?
- [ ] Are conflicts logged for audit trail?
- [ ] Is human input required for resolution?
**Required Triggers**:
- Data governance decisions
- Privacy vs. transparency trade-offs
- Individual vs. collective rights
- Indigenous data sovereignty questions
- Cross-cultural feature design
**Code Example**:
```javascript
const { PluralisticDeliberationOrchestrator } = require('./services');
// Detect value conflict
if (involvesValueConflict(decision)) {
const result = await PluralisticDeliberationOrchestrator.deliberate({
decision: decision.description,
conflictingValues: decision.values,
stakeholders: decision.affectedCommunities,
context: decision.context,
requireConsensus: false, // Legitimate disagreement OK
documentRationale: true
});
// Log the outcome
await logDeliberation(result);
}
```
---
## 🧪 Testing Checklist
### Before Merging Code
- [ ] Run value conflict tests: `npm run test:pluralism`
- [ ] Check for hardcoded moral assumptions
- [ ] Verify PluralisticDeliberationOrchestrator integration
- [ ] Review for Western bias in defaults
- [ ] Confirm indigenous frameworks are foundational, not supplementary
- [ ] Check that value trade-offs are surfaced, not hidden
### Review Questions
1. **Whose values are embedded in this code?**
2. **What happens if a community has different values?**
3. **Are we imposing a framework or enabling choice?**
4. **Would this work for indigenous communities? Collectivist cultures? Different legal systems?**
5. **Is there a "right answer" built in that shouldn't be?**
---
## 📋 Pull Request Template Addition
```markdown
## Pluralism Check (inst_081)
- [ ] No unified moral framework imposed
- [ ] Value conflicts presented to humans (not auto-resolved)
- [ ] Competing values are not ranked
- [ ] No cultural framework treated as superior
- [ ] Indigenous frameworks are foundational, not supplementary
- [ ] PluralisticDeliberationOrchestrator used for value conflicts
- [ ] Multiple valid perspectives acknowledged
**Value Conflicts Identified**: [List any value conflicts this PR introduces]
**Deliberation Approach**: [How are conflicts surfaced/resolved?]
```
---
## 🎯 Values Alignment
This checklist enforces:
- **Community Principle**: "No paywalls or vendor lock-in" (inst_080)
- **Indigenous Data Sovereignty**: CARE principles are foundational (inst_004)
- **Pluralistic Deliberation**: Multiple legitimate frameworks coexist (inst_081)
- **Te Tiriti Framework**: Honored in data governance (inst_006)
---
## 📚 References
- `src/services/PluralisticDeliberationOrchestrator.service.js`
- `public/values.html` - Core philosophy
- `docs/governance/CARE_PRINCIPLES.md`
- `docs/governance/TE_TIRITI_FRAMEWORK.md`
---
**Last Updated**: 2025-10-25
**Maintained By**: Tractatus Governance Team
**License**: Apache 2.0 (https://codeberg.org/mysovereignty/tractatus-framework)
Reference in a new issue View git blame Copy permalink