Aaron 2026-04-25 standing meta-rule above Otto-281:

> "we never want to use random seed pins to cheat by not
> fully testing if you understand what I mean."
> "the general rule is dont use DST and determinism to
> avoid edge cases handling."
> "tests are all deterministic but the real world isn't,
> our tests are trying to test all the edge cases of the
> real world but in a deterministic way not reduce scope
> by eliminating edge cases of the real world in our tests
> with determinism. that will lead to more robust tests."

The principle: determinism is the WAY to test chaos
reproducibly (so bugs replay), NOT the REASON to skip
chaos. The real world is non-deterministic — tests should
deterministically exercise every flavor of chaos the
algorithm will encounter in production.

The discriminator question for any "make it deterministic"
fix: does it INVOKE the algorithm's actual contract
(legitimate — algorithm has documented input invariants
you're satisfying) or SHRINK the test's coverage of what
the algorithm is supposed to handle (cheat)?

Same input space via deterministic primitive = fine
(invoke contract). Narrower input space because broader
revealed problems = cheat.

Empirical verification this session: PR #482 HLL fuzz fix
is LEGITIMATE per discriminator. HLL theorem requires
uniform 64-bit hashes; HashCode.Combine violated contract;
XxHash3 satisfies contract; same n values FsCheck
generates are still tested. 500-trial × 5-offset sweep
shows max error 1.96% vs 4% bound — contract-satisfied
means bound holds.

Composes with Otto-281 (fix the determinism — Otto-285 is
the meta-rule above), Otto-272 (DST as substrate), Otto-264
(rule of balance — paired coverage verification), Otto-282
(comment WHY discriminator), Otto-248 (never ignore flakes
— flakes ARE the contract-violation signal).

CLAUDE.md candidate; deferred to maintainer discretion per
Otto-283.

Memory-reference lint verified: 497/497 refs resolve.

…484)

GitHub's release-asset CDN occasionally returns 502 / 5xx
errors. Most recent observed: 2026-04-25 ~13:52 UTC, hit
PR #481 (CodeQL csharp install) + PR #482 (markdownlint
install via mise:elan). Both PRs were unrelated to the
network — pure environmental flake.

Per Otto-285 (don't use determinism to avoid edge-case
handling — when we can't control real-world chaos, react to
it algorithmically), the install script's curl call now
includes:

- `--retry 5` attempts
- `--retry-delay 2` (initial; curl exponential-backs to
  2/4/8/16/32 s)
- `--retry-all-errors` (so 4xx/5xx errors retry too —
  curl's default only retries connect / dns / 408 / 429 /
  5xx-with-Retry-After header)

`-fsSL` semantics preserved — if all 5 attempts hit the
same transient, the final exit code still fails, so we
don't silently swallow persistent CDN outages.

Aaron 2026-04-25 affirmation: "that is the right answer we
cant control that part of the real world environment we
have to react to it, good call."

Verified: `bash -n` syntax check passes.

Composes with Otto-285 (DST is not edge-case avoidance) +
Otto-281 (fix determinism not the comment) + Otto-264 (rule
of balance — every CI flake we hit gets a counterweight
fix).