"""ORCH-100 (FND/F1b): sidecar-watchdog — the monitoring brain in a separate container.

This package is the *brain* half of the domain-0 observability pair. F1a
(ORCH-099, ``src/metrics.py``) exposes a lightweight read-only ``GET /metrics``
envelope — raw signal only. F1b (this package) is the stateful observer that
reads that envelope, augments it with host / container / dependency probes, runs
every signal through a generalised pure decision function (modelled 1:1 on
``src/disk_watchdog.py::decide_action``) with per-signal in-memory
dedup / throttle / recovery, and emits alerts over its OWN independent Telegram
channel.

Hard invariants (ADR-001, ``docs/work-items/ORCH-100/06-adr/``):
  * The observer is separated from the observed: the runtime is a separate
    container (``orchestrator-watchdog``). A hang/crash of the orchestrator makes
    the sidecar *louder* (``orchestrator_down``), never silent.
  * Strictly read-only to the observed system: ``docker.sock`` is GET-only (and
    mounted ``:ro``), no DB writes, no disk writes, no process control
    (start/stop/restart/exec) — self-hosting-safe on the shared prod host.
  * never-raise on three levels (per-source / per-tick / per-send) + a
    ``WATCHDOG_ENABLED`` kill-switch.
  * NO import from ``src/**`` — the sidecar must survive a refactor/crash of the
    orchestrator process (C-1).

The highest known ``/metrics`` schema_version this build understands. A higher
value from the orchestrator is tolerated (warning, read the compatible subset),
never a crash (D9).
"""

KNOWN_SCHEMA_VERSION = 1

__all__ = ["KNOWN_SCHEMA_VERSION"]