Glossary

Definitions of key terms and concepts used throughout the documentation.

A

ADR (Architectural Decision Record)

A document capturing an important architectural decision, including context, decision, and consequences. See Decision Records.

Artifact

A file or output generated by the build process (e.g., binaries, libraries, containers). Commands: get artifacts, show artifacts.

B

BDD (Behavior-Driven Development)

A development approach using executable specifications written in natural language (Gherkin). See Specifications.

Build Pipeline

An automated sequence of steps that compile, test, and package code. Commands: pipeline run, pipeline status.

C

CalVer (Calendar Versioning)

A versioning scheme based on dates (e.g., module-name/2024.01.15). Used for module releases. See Versioning.

CI/CD (Continuous Integration/Continuous Deployment)

Automated practices for integrating code changes and deploying to production. See Continuous Delivery.

Compliance-Velocity Paradox

The traditional trade-off where increasing compliance requirements slow down delivery velocity. Everything as Code resolves this by automating compliance as part of the delivery flow. See The Compliance-Velocity Paradox.

Contract

A YAML file defining module metadata, dependencies, and configuration. Validated against JSON schemas. See Contracts.

Cynefin Framework

A sense-making framework that helps categorize problems into domains (Clear, Complicated, Complex, Chaotic) to determine appropriate response strategies. Used to understand why compliance can be automated. See Understanding Through Cynefin.

D

DAST (Dynamic Application Security Testing)

Security testing that analyzes running applications to find vulnerabilities through simulated attacks. Command: scan zap.

Dependency Graph

A representation of module dependencies showing which modules depend on others. Commands: get dependencies, show dependencies.

Diataxis

A documentation framework organizing content into tutorials, how-to guides, technical reference, and explanation. See DR-004.

DORA Metrics

Four key metrics for measuring software delivery performance: Deployment Frequency, Lead Time for Changes, Time to Restore Service, and Change Failure Rate. See Measuring and Improving Flow.

E

EAC (Everything as Code)

The principle that all aspects of software development should be defined as code: configuration, architecture, specifications, tests, and infrastructure. See Everything as Code.

Execution Order

The sequence in which modules should be built or tested based on their dependencies. Command: get execution order.

Extension

A Docker-based plugin for the R2R CLI that provides additional commands. EAC is delivered as the ext-eac:latest extension.

G

Gherkin

A business-readable, domain-specific language for describing software behavior. Uses Given-When-Then syntax in .feature files.

M

MCP (Model Context Protocol)

A protocol enabling LLMs to use EAC commands as tools.

Module

A self-contained unit of code with its own contract, dependencies, and lifecycle. Can be a library, service, command-line tool, or test suite. See Modules.

Module Type

A classification of modules (e.g., go-library, go-service, go-commands). Determines build, test, and deployment behavior.

Moniker

A unique identifier for a module (e.g., src-auth, eac-commands). Used throughout commands to reference modules.

Mono-Repository

A repository containing multiple related modules managed together. See DR-001.

O

OSCAL (Open Security Controls Assessment Language)

A standardized format for security documentation and compliance artifacts. Commands: create risk-profile, create risk-assess.

P

Pipeline

An orchestrated sequence of build, test, and deployment steps. See Pipeline Commands.

R

R2R (Ready to Release)

An enterprise CLI framework for containerized workflow execution. EAC is delivered as an R2R extension. See R2R and EAC.

Release Gate

A checkpoint in the release process requiring validation before proceeding. See Quality Gates.

S

SAST (Static Application Security Testing)

Analysis of source code for security vulnerabilities without executing it. Command: scan sast.

SBOM (Software Bill of Materials)

A complete inventory of components in a software product. Command: scan sbom.

SemVer (Semantic Versioning)

A versioning scheme using MAJOR.MINOR.PATCH (e.g., 1.2.3). See Versioning.

Specification

A Gherkin .feature file describing software behavior in Given-When-Then format. See Specifications.

Suite

A named collection of tests grouped by purpose and test level. Standard suites: unit (L0-L1), integration (L2), acceptance (L3), production-verification (L4). Commands: test suite, show suite. See Test Suites.

T

TDD (Test-Driven Development)

A development practice of writing tests before implementation code. See Three-Layer Approach.

Template

A reusable document structure with placeholder variables for generating documentation. See Templates Commands.

Trunk-Based Development

A branching strategy where developers work on short-lived branches off a single main branch. See DR-002.

U

Unit of Flow

The smallest deployable unit that delivers value independently. See Unit of Flow.

V

Validation

The process of checking contracts, dependencies, specifications, and code against defined rules. See Validate Commands.

Value Stream Mapping

A lean management technique for visualizing the flow of work from request to delivery, identifying waste and bottlenecks. See Measuring and Improving Flow.

W

Worktree

A Git feature allowing multiple working directories from the same repository, each on a different branch. Commands: work create, work merge.

Workspace

An EAC term for a git worktree used for feature development. Enables parallel development on multiple features. See Work Commands.

Command Terminology

Command Categories

Category	Description
create	AI-powered generation of commits, specs, designs, PRs
get	JSON output for automation and scripting
show	Human-readable output for interactive use
validate	Contract and dependency validation
work	Workspace management (git worktrees)
test	Testing and test suite management
build	Module building
pipeline	CI/CD orchestration
release	Release management and versioning
scan	Security scanning (SAST, secrets, vulnerabilities)
serve	Local development servers
templates	Template management
update	Update operations

Command Patterns

Pattern	Example	Description
get vs show	`get modules` / `show modules`	JSON vs human-readable output
Noun-based	`modules`, `dependencies`, `files`	Information retrieval
Action-based	`create`, `update`, `validate`	Operations and transformations
Compound	`changed-modules-ci`	Specialized variants

File and Directory Terms

Repository Structure

Term	Description
`/go`	Source code for all Go modules
`/out`	Build artifacts and intermediate files
`/specs`	Gherkin feature files (specifications)
`/docs`	Documentation (MkDocs site)
`/.r2r`	R2R CLI configuration and contracts
`/.github`	GitHub workflows and CI configuration
`/contracts`	Module contract definitions (YAML)

File Types

Extension	Description
`.feature`	Gherkin specification file
`_test.go`	Go unit test file
`contract.yml`	Module contract definition
`.nav.yml`	MkDocs navigation structure
`CHANGELOG.md`	Module or repository changelog
`workspace.dsl`	Structurizr architecture diagram

Acronyms Quick Reference

Acronym	Full Form	Category
ADR	Architectural Decision Record	Documentation
BDD	Behavior-Driven Development	Testing
CalVer	Calendar Versioning	Release
CI/CD	Continuous Integration/Continuous Deployment	DevOps
DAST	Dynamic Application Security Testing	Security
DORA	DevOps Research and Assessment	Metrics
EAC	Everything as Code	Philosophy
MCP	Model Context Protocol	Integration
OSCAL	Open Security Controls Assessment Language	Compliance
R2R	Ready to Release	Framework
SAST	Static Application Security Testing	Security
SBOM	Software Bill of Materials	Security
SemVer	Semantic Versioning	Release
TDD	Test-Driven Development	Testing
VSM	Value Stream Mapping	Process