Shared Contracts · Knowledge Base

The main source of avoidable complexity was duplicated truth.

The fix is simple:

If two sibling files carry the same contract, drift has already started.

Landing pages, manuals, and workers may extend the same visual system, but they must not fork it casually.

The reusable contract now lives in shared UI primitives:

That is the only reliable way to keep typography, spacing, colors, SVGs, and framing identical across surfaces.

Several earlier problems came from fixing generated files instead of the real source that produces them.

The stable rule is:

The code became cleaner only after splitting by runtime surface:

That split is leaner than one giant file because each surface can import the contracts it actually uses.

Security headers must be shared from one contract, not repeated across build scripts and workers.

At the same time, permissions should stay narrow:

pin external browser scripts with the real runtime primitive, which is SRI in the HTML tag
let CSP allow the trusted origin instead of pretending the CSP hash is the execution pin
derive font CSP origins from the same source as font preconnect links
keep SVG asset CSP stricter than page CSP
fail unknown routes with 404

Several real bugs came from validating one case but not its sibling:

relative asset links were checked while absolute asset links were trusted
registry SVGs received sandbox CSP while copied SVGs did not
generated page contracts were validated more strictly than hardcoded root contracts

That is now a named bug class in the platform.

On this page