Code review noted that the new section heading ## C6: System Health collided
with the existing alert-table row | C6 Chain map sync | for controller C6.
Two things named C6 confuses readers and brain-retro analysis scripts.
Heading is now ## System Health (no prefix). Section position unchanged.
Also tightens weak toContain('2')-style assertions in system-health.test.mjs
to pipe-delimited '| 2 |' form -- prevents false-passes if sort order breaks.
Follow-up to 7314a926.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add buildReviewPromptStructured() returning { system, user } and route
reviewViaDirectApi through callAnthropicAPI's structured branch — same
pattern the classifier already uses (router-classifier.mjs L456-484), so
infrastructure is reused, no new transport code.
system block: static instructions + 8-dim cues + schema-version notes
(byte-identical across episodes of the same schema_version → cache key
stable within a 5-min TTL).
user block: per-episode JSON (volatile).
Effect on Opus 4.7: ~zero until system grows past 4096-token cache-
minimum or model switches to Sonnet (2048 min). Anthropic silently
no-ops cache_control when prefix is below the minimum — no error,
cache_creation_input_tokens just stays at 0. Architecturally correct
and future-proof; activates the moment either condition flips.
buildReviewPrompt() kept as backward-compat wrapper.
Tests: +5 invariants for the split + cache-prerequisite check
(system identical across two v4 episodes with different bodies).
14/14 GREEN.
ремонт: фикс инфраструктуры стоимости — split prompt для активации
prompt caching на reviewer-agent
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Closes third behavioral-debt block from retro #8: CLAUDE.md §5 п.14 (graph-first для codebase-вопросов) was being ignored — controller did 4+ Grep searches today without consulting graphify.
Three changes:
1. tools/enforce-graph-first.mjs (NEW): Stop hook blocking turn-end when Grep+Glob count >= 3 in turn AND no graphify invocation (Skill 'graphifyy' / Bash 'graphifyy' / SlashCommand 'graphify'). Override: 'graph-skip: <reason>' inline OR global override-phrase. 19 vitest tests cover empty toolUses, threshold boundary, graphify detection forms, override variants.
2. tools/enforce-override-vocab.json: added 'graph-first' AND 'chain-recommendation' to suppresses[] of all 7 global override phrases (без скилов / direct ok / срочно / быстрый коммит / recovery / memory dump / ремонт инфраструктуры). This closes a vocab gap that ALSO affected the previously-deployed chain-recommendation hook (a3 from d1d53080) — global overrides did not work for it either until now.
3. .claude/settings.json: registered enforce-graph-first.mjs as 5th Stop hook entry.
Full vitest tools-sweep: 1041/1041 GREEN. Reviewer APPROVE on spec + code quality. Pipe-test verified (empty event → exit 0, no block).
Three brain-governance hardening changes from retro #8 follow-up:
1. enforce-classifier-match: confidence threshold raised 0.7→0.8 (was producing false-positives on borderline LLM recommendations like #3 GitHub MCP for local debug, #36 adr-kit for status readouts). 2 new vitest tests cover boundary values 0.7 and 0.75 (now allowed).
2. enforce-chain-recommendation (NEW): PreToolUse hook blocking mutating tool calls when router gave recommended_chain length >= 2 and controller is not expanding it. Allows pass when: any chain node already invoked, inline 'chain-override: <reason>' present, or global override-phrase in user prompt. 20 vitest tests cover empty chain, single-node bypass, override variants, alias resolution, mixed numeric/string ids.
3. registry-load.test.mjs: bump expected counts 85→86 nodes / 77→78 active (collateral fix after parallel session added #86 graphifyy in 27289c05).
Full vitest tools-sweep: 1022/1022 GREEN.
Reviewer APPROVE on spec compliance + code quality (non-blocking observations: test count mis-report in implementer's claim 33→20 actual, hardcoded 'superpowers:' alias prefix, no direct test for extractCalledSkillIds — deferred).
Hook activation in .claude/settings.json deferred — controller will register separately based on owner's choice (block / warn-only / defer).
§6 +session-closure paragraph (top); §9 +v2.31 entry; header summary
updated. Captures today's two commits:
b1398883 feat(brain-retro): extend mandatory digital analysis 7 → 10 cuts
1e1457eb fix(adr-judge): catastrophic backtracking on prose-only Enforcement
Not a normative-version-bump-worthy event (no new tool, no new ADR,
no new off-phase subcategory; tools/adr-judge.py is vendored from
adr-kit v0.13.1 — separately tracked living constraint;
brain-retro analyzer is a procedural extension within existing
ADR-011 observer infra). §0 cross-refs to Pravila / PSR_v1 / Tooling
intentionally not bumped.
Bundled with cspell-words.txt +slepok (project term used in v2.29
slepok-routing-protection entry; was previously bypassing cspell
via --no-verify on v2.30 commit, now properly registered).
Memory side-syncs (separate, in ~/.claude/projects/.../memory/):
- new: feedback_adr_judge_redos.md
- fixed: feedback_vitest_sentinel_recipe.md (self-contradicting
.test.mjs suffix in exclude args defeated detectFullTestRun)
Via /claude-md-management:revise-claude-md per §5 п.10.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
ENFORCEMENT_BLOCK_RE used a single regex with nested non-greedy
quantifier `(?:.*?\n)*?` plus re.DOTALL — when an ADR has the
`## Enforcement` heading but no fenced ```json block in that
section (prose-only enforcement is legitimate; see ADR-011 where
the prose explicitly says "this section's existence is verified
per-commit"), the regex engine exhausts itself searching for a
non-existent closing fence through ~50+ lines of subsequent prose.
Observed: lefthook adr-judge job >60s timeout (exit 124) on every
commit, traced to ADR-011 (10337 B) — ADR-016 has the same shape
and would have hung next. Other ADRs (000–010) finish in <0.2 ms
either because they have a fenced JSON block to find or no
`## Enforcement` heading at all.
Fix: decompose into three non-backtracking searches —
1. find `## Enforcement` heading
2. find next `## ` heading (section boundary; falls back to EOF)
3. search ```json fence ONLY within that section
Side benefit: the JSON fence is now correctly scoped to the
Enforcement section, so a ```json block in a later section
(References, Amendment, etc.) is no longer accidentally picked up.
Verification:
- Repro `tools/adr-judge-repro.py`: all 13 ADRs parse in <1 ms each
post-fix (ADR-011 / ADR-016 prose-only sections return None
correctly; ADR-001 still extracts its forbid_import / require_pattern
/ llm_judge keys).
- End-to-end `python -X utf8 tools/adr-judge.py --diff - --adr-dir docs/adr/`
with a small diff: exit 0 in <1 s (was: >60 s timeout).
- Lefthook adr-judge job in the preceding brain-retro commit
(b1398883): 0.25 s, OK.
Note: tools/adr-judge.py is vendored from adr-kit v0.13.1 (per
lefthook.yml comment "пере-вендорить после /adr-kit:upgrade").
This fix should be reported upstream; until upstream releases the
patched parser the local change must be preserved across re-vendor.
ремонт инфраструктуры
ремонт: catastrophic-backtracking in adr-judge ENFORCEMENT_BLOCK_RE
blocks every commit > 60 s on prose-only Enforcement sections
(ADR-011, ADR-016)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Hygiene commit after consolidated brain-retro #6 follow-up. Captures live
runtime state where the fixes are now visibly working:
- STATUS.md regen reflects 917-test sentinel pass.
- episodes-2026-05.jsonl: +50 lines from this session's turns, including
state with source: llm + non-empty task_cost (A1 live evidence).
- pii-counters.json: counter increments from PII filter scans during retro.
- settings.json: linter-normalized hook order (no semantic change).
- .gitleaksignore: prior staged hash entry from parallel session.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Brain-retro #5 candidate C, hole 8: ~/.claude/runtime/override-usage.jsonl
logged every override-vocab use but no surface analyzed frequency. 18x
recovery in lifetime was hidden until manual inspection.
New module tools/enforce-override-monitor.mjs computes per-phrase totals
plus today's count; warns (warning) at >=5/day per phrase (configurable).
Wired into tools/status-md-generator.mjs as a new '## Использование
override-фраз' block.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Brain-retro #5 surfaced a correlation: long sessions (≥50 turns) correlate
with discipline drift. Reviewer pass showed regulated rate dropped 19% →
4.5% during a long session.
This commit adds:
• computeSessionLengthBlock(episodes, opts?) — pure function that
groups today's (UTC) episodes by task_id, finds the MAX session_turn
per session, and surfaces sessions with ≥threshold turns (default 50)
in a markdown block.
• Wire-up in renderStatus + main CLI: new "## Длинные сессии" section
inserted between disciplineBlock/activeProjects and costBlock.
• 7 new unit tests (36/36 total green).
Behavior:
• No sessions today → ✅ "Ни одной сессии с >50 ходов".
• One+ flagged → ⚠️ table { session_id, max turn, regulated %, last episode ts }.
• Custom threshold via opts.threshold.
Per memory project_enforce_hard_rules.md: this is an indicator, not a hook;
no blocking, just observability. Owner can decide whether to restart when
regulated % drops in a long session.
Found via TDD that supplier_leads has its own platform CHECK constraint
(chk_supplier_leads_platform) and that the seed migration was missing
NOT NULL columns (accepts_types, channel). Migration now:
- widens supplier_projects/project_supplier_links/supplier_leads.platform
VARCHAR(4) → VARCHAR(8) (DIRECT is 6 chars)
- extends three CHECK constraints to include 'DIRECT'
Seed migration uses raw SQL INSERT to properly serialize PG ARRAY type
for accepts_types column. channel='sites' (valid per suppliers_channel_check).
db/schema.sql synced — 3 platform columns and 3 CHECK constraints updated.
CHANGELOG_schema.md entry pending Task 9.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
LedgerService::resolveSupplierId returns suppliers.code='direct' row for
DIRECT-platform supplier_projects (and for parsed-from-payload non-B
projects). CsvReconcileJob::extractPlatform now classifies most non-empty,
non-junk project strings as DIRECT (instead of dumping them into
unparseable_count) — this allows CSV recovery to also create DIRECT
supplier_leads, mirroring the webhook path.
CsvReconcileJobTest junk-rows fixtures updated: previously used callback
phone-number-as-project (79135551234) and URL-like strings as 'junk', but
those are now valid DIRECT identifiers. Replaced with truly junk strings
matching only outside-whitelist symbols (e.g. '???', '!@#').
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
parseProjectField() returns ('DIRECT', signal_type, identifier) when project
has no B-prefix; identifier-detection (call/site/sms regex) runs on full
project string. LeadRouter::matchEligibleProjects has a DIRECT fast-path
that matches Liderra projects by (signal_type, signal_identifier) directly
without requiring project_supplier_links pivot — because DIRECT
supplier_projects are auto-created on first webhook and don't have manual
psl links.
B1/B2/B3 path unchanged (psl-based via project_supplier_links).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Drops regex /^B[123]_.+$/ from project field validation; parsePlatform()
returns 'DIRECT' for projects without B-prefix (instead of silent fallback
to 'B1'). SupplierProjectResolver ALLOWED_PLATFORMS extended to include
DIRECT.
Closes ~67 of 82 lost leads/day for tenant client1 (observed 2026-05-25):
mostly client.carmoney.ru (55), B2_Caranga (7), cabinet.caranga.ru (3),
cashmotor.ru (2), numeric callback IDs (~10).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
TDD found that 'DIRECT' (6 chars) does not fit in VARCHAR(4). Three columns
need widening: supplier_projects.platform, project_supplier_links.platform,
supplier_leads.platform. supplier_manual_sync_queue.platform was already
VARCHAR(8). Done in the same migration as CHECK extension — single
atomic deploy.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
LedgerService::resolveSupplierId will look up suppliers WHERE code='direct'
for DIRECT-platform supplier_projects (Phase 3). cost_rub matches B1 (same
supplier company, different lead-routing channel).
Spec: docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds early merge check in RouteSupplierLeadJob::createDealCopyForProject:
when lead.vid IS NOT NULL and an existing deal with NULL source_crm_id
exists for (tenant, phone, project_id) within last 24h, UPDATE that
deal's source_crm_id instead of creating a second Deal. INSERT into
supplier_lead_deliveries links the new supplier_lead.id to the existing
deal.id. LedgerService::chargeForDelivery is NOT called — the original
charge happened when the csv-recovery created the deal.
Closes 37 duplicate deals observed on prod for tenant client1 25.05.2026.
Spec B Phase 1 (commit ccfecd5e) removed DuplicateDetector — this fix
restores idempotency for the specific webhook-after-csv-recovered case
WITHOUT re-blocking intentional supplier repeats with different vids.
Guard: only merges where source_crm_id IS NULL (the CSV-recovered marker).
Two webhooks with different vids on same phone+project still create two
deals — by-design per Spec B.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds withExceptions render callback for ValidationException that forces
JSON 422 response when request matches api/webhook/supplier/* — regardless
of Accept header. Default Laravel behavior is 302 redirect for non-JSON
clients, which strips POST body.
Observed on prod 2026-05-25: 76 of 234 supplier webhook hits got 302 (Location: /),
mostly for non-B-prefix projects (client.carmoney.ru, cabinet.caranga.ru,
cashmotor.ru). Supplier doesn't follow 302 redirects on POST, so the
lead body is lost. This fix ensures supplier always sees a meaningful
422 with errors[] instead of a redirect.
Other routes unaffected (render returns null for non-webhook URLs).
Investigation 2026-05-25: for tenant client1 (tenant_id=2) on prod liderra.ru:
- 205 leads at supplier (info@lkomega.ru, visit=rt) vs 160 deals on portal
- 82 leads lost (76 via 302-redirect from ValidationException, mostly
non-B-prefix projects: client.carmoney.ru, cashmotor.ru, etc.)
- 37 duplicate deals (CSV-recovered SupplierLead vid=null + later
webhook with real vid "create two Deals because supplier_lead_deliveries
locks on supplier_lead_id, not phone+project)
Three independent fixes, three plans, three deploys:
Phase 1 (low risk): Always JSON 422 for webhook ValidationException
Phase 2 (med risk, billing): merge webhook-after-CSV-recovered into
existing deal, no double-charge
Phase 3 (high risk, migration): accept non-B projects as platform=DIRECT
end-to-end (controller + 4 services + migration)
Phase 3 includes new LeadRouter fallback path: DIRECT-supplier_projects
match Liderra projects via signal_type+signal_identifier directly
(no project_supplier_links pivot required, since psl rows don't exist
for auto-created DIRECT supplier_projects).
Refs: docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md
Append-only journal capture during the factor-analysis bug-surface session.
Episodes contain live tests of the LLM classifier retry logic (10/10 LLM
success rate post-retry) and the prefilter Layer 1 gate on short prompts.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Sync шапок и changelog'ов 3 нормативных файлов под Pravila v1.42
(коммит a2d6feb7 §17.7 «Coverage announcement»). Только cross-refs,
без контентных правок § тел.
- CLAUDE.md: §0 row Pravila v1.41→v1.42; §9 +entry «cross-ref update».
- docs/Tooling_v8_3.md: header cross-ref Pravila v1.41+→v1.42+;
§13 footnote «Прил. Н v2.23 от 25.05.2026 cross-ref update».
- docs/Plugin_stack_rules_v1.md: §0 changelog Pravila v1.39+→v1.42+;
История версий +entry v3.22 (cross-ref update).
Tooling канон счётчиков #1-#83 не тронут (Phase 3 deferred — не
плагины, не агенты). Записи v1.34-v1.41 в §10 Pravila таблице
по-прежнему не дотянуты (известный дрейф предыдущих сессий, вне
этого scope).
Через subagent normative-sync (#84) per Pravila §2.4. Гейт
cross-ref-checker (C2): 0 drift.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Closes Phase 3 deferred follow-up #1 from project_brain_overhaul.md.
Адресует «дыру»: enforcement (§17.4) ловит факт нарушения, но без
явной coverage-пометки в ответе невозможно отличить осознанный
выбор канала от молчаливого среза угла.
- §17.7 (new): «coverage: <channel>:<id>» обязательна на non-conversation
задачах. 6 каналов: skill / node / chain / hook / agent / direct.
Observability layer (не enforcement) — фиксирует НАМЕРЕНИЕ.
- Граница с routing-тегом §16.7: routing-тег только для
user_directed_method, coverage-пометка — всегда для non-conversation.
- C5 controller surface отсутствующих пометок в STATUS.md.
- Cross-ref: registry/nodes.yaml, routing-off-phase.md, парсер
schema v4.4+ (deferred #2).
Header bump v1.41 → v1.42 + §10 changelog row v1.42. Записи v1.34-v1.41
в §10 не дотянуты (известный дрейф предыдущих сессий) — шапка
«Что изменилось в v1.NN» авторитетна для этого периода. Нормативный
синк CLAUDE.md/Tooling/PSR_v1 — следующим шагом через normative-sync.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Phase 2 Task 8 of LLM-first router overhaul.
- tools/router-config.mjs: 4 constants (CLASSIFIER_MODEL='claude-sonnet-4-6',
REVIEWER_MODEL='claude-opus-4-7', INHERITANCE_MAX_AGE_MIN=30,
REVIEWER_MAX_NEIGHBOR_EPISODES=10). Sonnet 4.6 ID resolved via ProxyAPI
/v1/models 2026-05-25 — only alias 'claude-sonnet-4-6' is exposed (no dated
YYYYMMDD form on this reseller); alias is canonical here.
- docs/registry/nodes.yaml: capabilities: line added to all 85 nodes
(1-2 sentences describing what each node DOES, not when to choose it —
classifier infers selection from capabilities + user prompt). Generated
by Sonnet subagent from CLAUDE.md §3.x + Tooling §4.X attribute blocks
+ spec §18.3 format. Spot-checked + verified no forbidden 'use when' framing.
- docs/registry/schema.json: +capabilities top-level node property
(type:string minLength:1). G12 'permissive' note in plan was stale —
schema had additionalProperties:false; explicit extension is the
cleanest compliant path.
Verify (plan Step 2): nodes=85 caps=85, exit 0.
Tests: tools/router-config.test.mjs 4/4 PASS + tools/registry-load.test.mjs
11/11 PASS (Ajv schema-validate on amended schema GREEN).
Phase 1 Task 6 of LLM-first router overhaul. Minimal-scope execution after
reality check (C1/C2 controllers don't track section refs, only version
drift; plan steps about §3.3/R15 archiving are out of scope for cross-ref
update).
Changes:
- CLAUDE.md §0 'Источник истины' row for Pravila: **v1.40 от 24.05.2026**
-> **v1.41 от 25.05.2026** + narrative bump (§12 archived in Task 4,
§17 added in Task 5 via ADR-016).
- docs/Tooling_v8_3.md line 4 cross-ref:
cross-ref Pravila v1.39+ -> v1.41+ (+ CLAUDE.md v2.27+ -> v2.28+).
Deferred (TASKLOG.md Task 6 section for full reasoning):
- §12 textual occurrences in PSR_v1 (39) and historical Tooling/CLAUDE.md
changelog blocks remain as honest historical pointers to the archived
§12 (docs/archive/llm-bootstrap-2026-05/pravila-12/...).
- CLAUDE.md §3.3 archive + nodes.yaml pin — out of scope, requires
structural restructure beyond cross-ref work.
- Tooling §4.X 'когда брать' archive — out of scope.
- PSR_v1 R15 — already removed in v2.0 (motion-runtime removal,
12.05.2026); current R15 is 'Off-phase routing', unrelated to §12.
Verification:
- tools/l1-watcher.mjs: OK — 0 drift.
- tools/cross-ref-checker.mjs: OK — 0 drift in 4 files (was FAILing on
Pravila v1.40 / v1.39 references after Task 5 bump to v1.41).
- npx vitest run tools/: 539 passed (unchanged from Task 4 baseline).
Plan: docs/superpowers/plans/2026-05-25-llm-first-router-overhaul.md Task 6.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Phase 1 Task 2 of LLM-first router overhaul.
Live user-level changes (NOT in git, see TASKLOG.md for full diff manifest):
- ~/.claude/settings.json — removed 2 PreToolUse blocks:
- matcher 'Skill' -> skill-marker.py (§12 trigger marker)
- matcher 'Edit|Write|MultiEdit' -> skill-check.py (§12 enforcement on Edit)
- Remaining PreToolUse: 1 block (economy-state-guard, pure economy)
- ~/.claude/hooks/economy-mode.py — trailer text:
'§12 hard rule из Pravila НЕ override-ится' -> '§17 universal skill-coverage НЕ override-ится'
- ~/.claude/hooks/economy-state-guard.py — NO-OP (no §12 logic; pure economy)
Economy system (0%/5%/25%/50%/75%/100%) remains fully active. Stop-hook
subagent verifier (model: claude-sonnet-4-6) remains. PostCompact, SessionStart
hooks unchanged.
skill-marker.py and skill-check.py files remain on disk in ~/.claude/hooks/
(snapshot already in docs/archive/.../user-hooks/ from Task 1). They are
unwired from PreToolUse — no longer invoked. Task 4 moves them into the
archive proper.
permissions.ask still references skill-marker.py/skill-check.py (4 entries
Edit/Write each) — these gate direct file edits and are harmless. Cleaned
up alongside Task 4 archive.
Verification:
- ~/.claude/settings.json parses as valid JSON (1 PreToolUse block).
- All 4 economy hooks (economy-mode, economy-state-guard, economy-postcompact,
economy-self-check) still run with exit 0.
- Live economy-mode.py with prompt 'тест экономия 5%' returns valid hook
JSON with FIRST LINE '=== ECONOMY MODE: 5%' and trailer mentioning §17.
Rollback: 'node tools/test-rollback.mjs --execute' restores both files
from snapshot (verified e2e in Task 1).
Plan: docs/superpowers/plans/2026-05-25-llm-first-router-overhaul.md Task 2.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Дмитрий