IDE Freeze Command Sheets

Status: Internal freeze runbook Owner: BionicLoop engineering Last updated: 2026-04-07 12:32 EDT

Purpose

Provide the actual freeze-run command sheets for the current IDE evidence set:

• STP-ALG-001
• STP-AUTO-001
• TV-SEC-001

These command sheets are intended to remove interpretation at freeze time.

They assume:

• the freeze candidate SHA has already been chosen
• the receiving-team scope/disposition calls in IDE_Receiving_Team_Freeze_Disposition_Memo.md are complete
• the executor is running from /Users/jcostik/BionicLoop

Common Preflight

Run this once before any of the individual command sheets:

cd /Users/jcostik/BionicLoop

git status --short
git rev-parse HEAD
git branch --show-current

xcodebuild -version
sw_vers

Expected outcome:

• worktree is clean except for any explicitly accepted non-package files
• the executor records the exact freeze SHA before generating evidence

If the worktree is not controlled, stop before claiming formal evidence.

1. STP-ALG-001 Command Sheet

Primary references:

• STP-ALG-001.md
• STR-ALG-001/README.md
• STR-README-Template.md

Recommended run label:

• 2026-04-XX-ide-freeze-alg-baseline

Commands:

cd /Users/jcostik/BionicLoop

export RUN_LABEL="2026-04-XX-ide-freeze-alg-baseline"
export STR_DIR="/Users/jcostik/BionicLoop/Docs/Quality/Evidence/Formal/STR-ALG-001/$RUN_LABEL"

mkdir -p "$STR_DIR"

{
  echo "execution_date=$(date '+%Y-%m-%d %H:%M:%S %Z')"
  echo "baseline_sha=$(git rev-parse HEAD)"
  echo "branch=$(git branch --show-current)"
  echo
  xcodebuild -version
  echo
  sw_vers
} > "$STR_DIR/environment.txt"

printf '%s\n' \
  'Scripts/run_algo2015_verification.sh all "$STR_DIR" --seed 20260218 --suites coverage,inputfields,core-reqs,differential,tool-verification,static-analysis' \
  > "$STR_DIR/commands.txt"

Scripts/run_algo2015_verification.sh all "$STR_DIR" \
  --seed 20260218 \
  --suites coverage,inputfields,core-reqs,differential,tool-verification,static-analysis

cp /Users/jcostik/BionicLoop/Docs/Quality/Evidence/Formal/STR-README-Template.md "$STR_DIR/README.md"

cat <<'EOF' > "$STR_DIR/results-summary.txt"
Decision: fill after review
Covered rows: TV-ALG-001..011
Notes:
- fill with pass/fail/deviation summary
- reference evaluation-summary.json and manifest.json
EOF

Scripts/run_algo2015_verification.sh package "$STR_DIR"

Expected artifacts already produced by the algorithm runner:

• run-context.json
• evaluation-summary.json
• manifest.json
• artifacts.sha256
• suite outputs under suites/

Freeze note:

• if the algorithm run fails, do not substitute working-lane evidence
• if the run passes but reviewer narrative files were added afterward, rerun the package stage as shown above so integrity artifacts match the final STR folder contents

2. STP-AUTO-001 Command Sheet

Primary references:

• STP-AUTO-001.md
• STR-AUTO-001/README.md
• STR-README-Template.md

Recommended run label:

• 2026-04-XX-ide-freeze-auto-baseline

Commands:

cd /Users/jcostik/BionicLoop

export RUN_LABEL="2026-04-XX-ide-freeze-auto-baseline"
export STR_DIR="/Users/jcostik/BionicLoop/Docs/Quality/Evidence/Formal/STR-AUTO-001/$RUN_LABEL"

mkdir -p "$STR_DIR"

{
  echo "execution_date=$(date '+%Y-%m-%d %H:%M:%S %Z')"
  echo "baseline_sha=$(git rev-parse HEAD)"
  echo "branch=$(git branch --show-current)"
  echo
  xcodebuild -version
  echo
  sw_vers
} > "$STR_DIR/environment.txt"

cat <<'EOF' > "$STR_DIR/commands.txt"
xcodebuild -scheme BionicLoop -project BionicLoop.xcodeproj -destination 'platform=iOS Simulator,name=iPhone 17' -parallel-testing-enabled NO -resultBundlePath "$STR_DIR/BionicLoopTests.xcresult" -only-testing:BionicLoopTests test
xcodebuild -scheme BionicLoop -project BionicLoop.xcodeproj -destination 'platform=iOS Simulator,name=iPhone 17' -parallel-testing-enabled NO -resultBundlePath "$STR_DIR/BionicLoopUITests.xcresult" -only-testing:BionicLoopUITests test
EOF

xcodebuild -scheme BionicLoop \
  -project BionicLoop.xcodeproj \
  -destination 'platform=iOS Simulator,name=iPhone 17' \
  -parallel-testing-enabled NO \
  -resultBundlePath "$STR_DIR/BionicLoopTests.xcresult" \
  -only-testing:BionicLoopTests test \
  2>&1 | tee "$STR_DIR/bioniclooptests-console.txt"

xcodebuild -scheme BionicLoop \
  -project BionicLoop.xcodeproj \
  -destination 'platform=iOS Simulator,name=iPhone 17' \
  -parallel-testing-enabled NO \
  -resultBundlePath "$STR_DIR/BionicLoopUITests.xcresult" \
  -only-testing:BionicLoopUITests test \
  2>&1 | tee "$STR_DIR/bionicloopuitests-console.txt"

cp /Users/jcostik/BionicLoop/Docs/Quality/Evidence/Formal/STR-README-Template.md "$STR_DIR/README.md"

cat <<'EOF' > "$STR_DIR/results-summary.txt"
Decision: fill after review
Covered rows: STP-AUTO-001 claimed automated/local scope
Notes:
- document whether UI automation remained in scope at freeze
- record any blocked simulator/xctrunner behavior as deviation, not pass
EOF

(
  cd "$STR_DIR"
  find . -type f ! -name checksums.txt | sort | while read -r relpath; do
    shasum -a 256 "$relpath"
  done
) > "$STR_DIR/checksums.txt"

Freeze note:

• if BionicLoopUITests were explicitly deferred by the receiving team, do not run the UI command above; instead record that defer in results-summary.txt
• if simulator/xctrunner instability blocks execution, record the failure or deviation explicitly; build-for-testing is not a substitute for a formal passing test run

3. TV-SEC-001 Command Sheet

Primary references:

• Cybersecurity_TV_SEC_001_Freeze_Execution_Checklist.md
• STR-SEC-001/README.md
• STR-README-Template.md

Recommended run label:

• 2026-04-XX-ide-freeze-tv-sec-001

Commands:

cd /Users/jcostik/BionicLoop

export RUN_LABEL="2026-04-XX-ide-freeze-tv-sec-001"
export STR_DIR="/Users/jcostik/BionicLoop/Docs/Quality/Evidence/Formal/STR-SEC-001/$RUN_LABEL"

mkdir -p "$STR_DIR"

{
  echo "execution_date=$(date '+%Y-%m-%d %H:%M:%S %Z')"
  echo "baseline_sha=$(git rev-parse HEAD)"
  echo "branch=$(git branch --show-current)"
  echo
  xcodebuild -version
  echo
  sw_vers
} > "$STR_DIR/environment.txt"

cat <<'EOF' > "$STR_DIR/commands.txt"
xcodebuild -scheme BionicLoop -project BionicLoop.xcodeproj -destination 'platform=iOS Simulator,name=iPhone 17' -parallel-testing-enabled NO -resultBundlePath "$STR_DIR/TV-SEC-001.xcresult" -only-testing:BionicLoopTests/LoopTelemetryStoreTests/testCSVExportIncludesAlgorithmInputOutputHeadersAndRowValues test
rg -n "BionicLoop_StepTelemetry.csv|write\\(to: exportURL, atomically: true, encoding: \\.utf8\\)" BionicLoop/Runtime/LoopTelemetryStore.swift
plutil -p BionicLoop/Resources/Info.plist
rg -n "completeFileProtection|NSFileProtection|setAttributes\\(|\\.protectionKey|FileAttributeKey.protectionKey|attributesOfItem|setxattr" BionicLoop/Runtime BionicLoop/Resources BionicLoop -g '*.swift' -g '*.plist'
EOF

xcodebuild -scheme BionicLoop \
  -project BionicLoop.xcodeproj \
  -destination 'platform=iOS Simulator,name=iPhone 17' \
  -parallel-testing-enabled NO \
  -resultBundlePath "$STR_DIR/TV-SEC-001.xcresult" \
  -only-testing:BionicLoopTests/LoopTelemetryStoreTests/testCSVExportIncludesAlgorithmInputOutputHeadersAndRowValues test \
  2>&1 | tee "$STR_DIR/tv-sec-001-console.txt"

rg -n "BionicLoop_StepTelemetry.csv|write\\(to: exportURL, atomically: true, encoding: \\.utf8\\)" \
  BionicLoop/Runtime/LoopTelemetryStore.swift \
  > "$STR_DIR/export-path-observations.txt"

plutil -p BionicLoop/Resources/Info.plist \
  | rg "UIFileSharingEnabled|LSSupportsOpeningDocumentsInPlace" \
  > "$STR_DIR/info-plist-observations.txt"

if ! rg -n "completeFileProtection|NSFileProtection|setAttributes\\(|\\.protectionKey|FileAttributeKey.protectionKey|attributesOfItem|setxattr" \
  BionicLoop/Runtime BionicLoop/Resources BionicLoop \
  -g '*.swift' -g '*.plist' \
  > "$STR_DIR/file-protection-observations.txt"; then
  printf 'No explicit file-protection attribute handling found in repo search at frozen SHA %s\n' "$(git rev-parse HEAD)" \
    > "$STR_DIR/file-protection-observations.txt"
fi

cp /Users/jcostik/BionicLoop/Docs/Quality/Evidence/Formal/STR-README-Template.md "$STR_DIR/README.md"

cat <<'EOF' > "$STR_DIR/results-summary.txt"
Decision: fill after review
Covered row: TV-SEC-001
Notes:
- state whether the frozen baseline matches the documented investigational posture
- state whether file-sharing/open-in-place keys remain enabled
- state whether any explicit file-protection handling was found
EOF

(
  cd "$STR_DIR"
  find . -type f ! -name checksums.txt | sort | while read -r relpath; do
    shasum -a 256 "$relpath"
  done
) > "$STR_DIR/checksums.txt"

Freeze note:

• this run proves whether the frozen implementation matches the documented local export/file-handling baseline
• it does not decide whether that posture is acceptable for the IDE baseline; that decision belongs in IDE_Receiving_Team_Freeze_Disposition_Memo.md

Completion Rule

After these runs complete:

1. fill the STR README files from the template
2. update TraceabilityMatrix.md
3. update IDE_RTM_Audit_Summary.md
4. update IDE_Submission_Readiness_Report.md
5. record the receiving-team scope and acceptability decisions in IDE_Receiving_Team_Freeze_Disposition_Memo.md