Early alpha. Not production-ready. No package publication or broad PHP compatibility claim.

Artifact evidence · FE-05 + FE-09B · NexusScholar.FullText

Full Text

Verified admission from Screening, local intake or rights-aware recorded retrieval, exact raw-byte evidence, explicit extraction attempts, and append-only human full-text decisions.

Purpose and authority boundary

NexusScholar.FullText owns input, acquisition, artifact validation, recorded retrieval evidence, extraction attempts, canonical codecs, and verified replay. NexusScholar.Screening.FullText is the outward bridge that admits a current FE-04 include and owns full-text human conduct. Infrastructure may read local files or record exact retrieval bytes; paths and URLs never become evidence identity.

Scientific boundary: extraction is derived evidence. An extraction failure or unsupported parser is not a study-exclusion reason and cannot be smuggled into a final decision as generic evidence.

End-to-end authority pipeline

verified FE-04 include handoff
  → VerifiedFullTextAdmission
  → local source attempt + acquisition record
  → exact retained bytes + FullTextArtifactEvidence
  → extraction attempt
       UTF-8 text: deterministic
       safe XML text: deterministic
       PDF parsing: unsupported
  → FullTextScreeningConductJournal
  → terminal verified handoff

The same bytes received through two paths share raw-byte identity but keep distinct acquisition provenance. Changed bytes at the same path are a different artifact. Raw and extracted representations always have separate digests.

Recorded retrieval is verification, not a downloader

FE-09B adds FullTextRecordedRetrievalEvidence, FullTextRecordedRetrievalPolicy, and FullTextRetrievalVerifier. A caller supplies the exact retained response bytes plus source, access route, explicit rights status/reference, redirect chain, status, media type, encoding, byte length, digest, completeness, and UTC timestamps. The verifier can convert only admitted evidence into the existing acquisition/artifact chain.

recorded response evidence + exact retained bytes
  → HTTPS and admitted-host redirect verification
  → explicit open-access / licensed / public-domain check
  → completeness + identity encoding + size + digest check
  → existing FullTextAcquisitionRecord + FullTextArtifactEvidence
  → verified chain

any failed check
  → typed retrieval failure evidence
  → no artifact and no Screening verdict

There is no HTTP client in this gate. It verifies caller-retained evidence deterministically and preserves failed retrieval as audit evidence.

Key types and services

  • FullTextInput identifies the candidate and accepted source decision. The authoritative FE-05 path is derived by VerifiedFullTextAdmission, not the historical string-only factory.
  • FullTextSourceAttempt and FullTextAcquisitionRecord preserve human/import actor, time, source reference/type, availability/access notes, and explicit legal-status nonclaim.
  • FullTextArtifactEvidence binds artifact kind, media type, size, raw digest, acquisition, and source input. FullTextArtifactValidator checks signatures/encoding/size and exact bytes.
  • FullTextExtractionAttempt binds source artifact, extractor id/version, configuration digest, status, representation, output digest, warnings, and controlled failure.
  • FullTextDeterministicExtractor supports UTF-8 text and safe XML projection; PDF intake can be valid while extraction remains unsupported.
  • FullTextRehydrator and FullTextExtractionRehydrator return verified wrappers only after exact authority and byte checks.
  • FullTextRecordedRetrievalEvidence and FullTextRetrievalVerifier bind recorded network/access facts to the exact bytes before artifact conversion.
  • FullTextScreeningConductPolicy, journal, decisions, invalidations, and handoff mirror FE-04’s append-only human-review rules while binding exact admission/artifact/extraction authority.

Source: FullText and Screening.FullText. Contracts: ADR 0014, dependency correction in ADR 0022, durable authority in ADR 0032, and recorded retrieval in ADR 0042.

Extraction status is evidence, not verdict

  • success: a complete derived representation and digest are available.
  • partial: output exists, warnings are mandatory, and limitations remain visible.
  • failure: no successful content; controlled category and summary explain the attempt.
  • unsupported: the admitted extractor does not implement that artifact/representation.

Only the exact extraction attempt bound by policy may support a decision. Failed/unsupported attempts cannot support exclusion directly or indirectly. The reviewer can always bind the exact raw artifact.

Canonical identity and conduct

Raw artifacts use raw-artifact-bytes. Admission, acquisition, artifact evidence, extraction attempt, conduct policy/header/decision/invalidation/handoff use versioned canonical-record schemas. Strict codecs require exact canonical bytes and verified source records. Conduct decisions bind Protocol, criteria, admission, raw artifact, optional exact extraction, actor, rationale, verdict, reason, evidence, ordinal, and prior digest.

Independent review, correction, conflict generation, adjudication, invalidation, and handoff use the same no-overwrite principles as title/abstract Screening. Full-text exclusions require a stage-specific policy reason.

Failure and refusal behavior

The local source boundary still rejects HTTP/HTTPS, UNC/network sources, provider SDKs, path traversal/reparse risk, and byte-limit violations. The separate recorded retrieval verifier rejects non-HTTPS or unadmitted redirect hosts, IP literals, credential-shaped references, unadmitted rights, unknown routes, encoded/incomplete/oversized bodies, and length or digest drift. Artifact validation rejects digest/size/signature/media mismatch, empty text, unsafe XML, wrong scope, and invalid source chain. Conduct rejects automation, unauthorized actors, stale authority, extraction-failure evidence, unresolved conflict, and premature handoff.

Tests, extension points, and nonclaims

FullTextTests, admission and canonical-codec tests, and Full Text retrieval tests cover bytes, paths, extraction states, admission, rights, redirect policy, completeness, size, digest drift, conversion, and tamper. Gate closure is in FE-09B evidence.

A deterministic PDF parser or OCR engine requires a versioned dependency, parser contract, fixtures, and ADR. Current code makes no live downloader, PDF parsing, OCR, scraping, paywall bypass, shadow-library, legal-certification, redistribution, provider-parity, cloud, database, API, or production claim.