nwave-ai/nw-authoritative-sources

Authoritative Sources

Domain Authority Database

Supplements general reputation tiers in source-verification with domain-specific authorities.

Software Architecture

| Source | Authority | Notes | |--------|-----------|-------| | martinfowler.com | Primary | Patterns, refactoring, enterprise architecture | | c2.com/wiki | Historical | Original wiki; pattern language origins | | microservices.io | Domain-specific | Chris Richardson's microservices patterns | | architecturenotes.co | Curated | ADRs and trade-off analysis | | infoq.com | Industry reporting | Conference talks, practitioner reports | | thoughtworks.com/radar | Trend tracking | Technology Radar adoption lifecycle |

Cloud Platforms

| Source | Authority | Notes | |--------|-----------|-------| | docs.aws.amazon.com | Official | AWS, well-architected framework | | cloud.google.com/docs | Official | GCP services and practices | | learn.microsoft.com | Official | Azure, .NET, Microsoft ecosystem | | kubernetes.io/docs | Official | Container orchestration | | docs.docker.com | Official | Container runtime |

Security

| Source | Authority | Notes | |--------|-----------|-------| | owasp.org | Standards body | Web app security, top-10 | | nist.gov | Government | NIST CSF, SP 800 series | | cve.mitre.org | Vuln database | CVE identifiers | | nvd.nist.gov | Vuln database | NVD with scoring | | csrc.nist.gov | Crypto standards | FIPS, module validation | | cisa.gov | Government advisory | Security advisories |

Standards Bodies

| Source | Authority | Notes | |--------|-----------|-------| | ietf.org / datatracker.ietf.org | Protocol standards | RFCs: networking, HTTP, TLS, DNS | | w3.org | Web standards | HTML, CSS, WCAG, web APIs | | iso.org | International | Quality, security, process frameworks | | ecma-international.org | Language standards | ECMAScript spec | | unicode.org | Character standards | Unicode encoding |

Programming Languages and Frameworks

| Source | Authority | Notes | |--------|-----------|-------| | docs.python.org | Official | Python, stdlib, PEPs | | go.dev/doc | Official | Go language, stdlib | | typescriptlang.org | Official | TypeScript handbook | | rust-lang.org/learn | Official | Rust book, reference | | developer.mozilla.org (MDN) | Canonical web ref | JS, HTML, CSS, Web APIs | | docs.oracle.com/javase | Official | Java spec, API docs |

Data and Databases

| Source | Authority | Notes | |--------|-----------|-------| | postgresql.org/docs | Official | PostgreSQL | | dev.mysql.com/doc | Official | MySQL | | redis.io/docs | Official | Redis | | mongodb.com/docs | Official | MongoDB | | cassandra.apache.org/doc | Official | Cassandra |

DevOps and SRE

| Source | Authority | Notes | |--------|-----------|-------| | sre.google | Industry | Google SRE books | | 12factor.net | Methodology | Twelve-factor app | | dora.dev | Research | DORA metrics | | openpolicyagent.org | Policy-as-code | OPA docs |

Domain-Specific Search Strategies

Architecture Topics

1. Canonical authors: {topic} site:martinfowler.com or site:microservices.io
2. Conference talks: {topic} QCon OR StrangeLoop OR GOTO conference
3. Books/papers: {topic} book OR paper architecture
4. Adoption status: {topic} site:thoughtworks.com/radar
5. Local docs: Grep in docs/research/ and nWave/skills/

Security Topics

1. Vuln databases: {topic} site:cve.mitre.org or site:nvd.nist.gov
2. Advisories: {topic} site:cisa.gov or site:owasp.org
3. NIST frameworks: {topic} site:nist.gov
4. Vendor advisories if product-specific
5. Prioritize last 6 months

Framework and Library Topics

1. Official docs (see database above)
2. Release notes/changelogs for version-specific info
3. Migration guides: {framework} migration guide {version}
4. GitHub issues/discussions for known problems
5. Stack Overflow: {topic} site:stackoverflow.com

Methodology and Process Topics

1. Original author/publication
2. Case studies: {methodology} case study OR experience report
3. Critiques: {methodology} criticism OR alternative OR comparison
4. Academic: {topic} site:arxiv.org or Google Scholar
5. Practitioner adaptations vs original definitions

Source Freshness Rules

| Category | Max Age | Rationale | |----------|---------|-----------| | Security vulnerabilities | 6 months | Rapid threat evolution | | Framework versions | 1 year | API/practice changes | | Cloud service docs | 1 year | Frequent deprecation/launch | | API references | 1 year | Breaking changes common | | Architecture patterns | Evergreen | Core patterns stable | | Methodology references | Evergreen | Foundational works stable | | Language specs | Evergreen per version | Per-version permanent | | Research papers | 3 years | Check for follow-up work | | Industry trend reports | 1 year | Cite current edition only |

Handling Outdated Sources

1. Check if newer version exists
2. Stable concept: cite with "[Published {year}; concept remains current]"
3. Time-sensitive: find current source or document age limitation in Knowledge Gaps
4. Never cite outdated security advisories as current threat intelligence