portal

Author SHA1 Message Date

Author	SHA1	Message	Date
Дмитрий	2a2ded7a53	refactor(brain): C1 L1-watcher — drop broken reverse drift check Removes the `missingInSettings` reverse check ("plugin documented in Tooling but disabled in settings.json"). It was broken by design: Tooling Прил. Н lists tools by human/group name ("Frontend Design plugin", "Trail of Bits Skills") while settings.json keys are machine IDs (`name@marketplace`) — the two namespaces never compare. The `/#\d+\s+([\w-]+(?:@[\w-]+)?)/` scan also captured the first plain word after "#NN" ("#1 PostgreSQL MCP" → "PostgreSQL"), so every run emitted ~190 lines of WARN noise. ADR-011 §6.1 specifies only the settings→Tooling direction (the L1 pattern "plugin enabled without Tooling formalization"). That is the FAIL path and is unchanged. detectDrift now returns `{ missingInTooling }` only. CLI output is a clean single line on success. Closes the cosmetic issue flagged in `bffdaa9`. TDD: reverse-check test replaced with `not.toHaveProperty ('missingInSettings')`; 12/12 GREEN. Smoke: node tools/l1-watcher.mjs -> exit 0, "OK — 0 drift" (no WARN block). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-19 07:36:21 +03:00
Дмитрий	bffdaa9f57	feat(brain): C1 L1-watcher alias mechanism — strict-ready Closes the 9 pre-existing name@source drifts that prevented strict mode: settings.json lists each marketplace plugin by machine name (e.g. "frontend-design@claude-plugins-official"), while Tooling Прил. Н describes them under a human/group name (e.g. "Frontend Design plugin", "Trail of Bits Skills" — single row #39 for 8 sub-plugins). Mechanism: - tools/.l1-watcher-aliases.txt — settings_name=tooling_substring map. - detectDrift(settings, tooling, aliases): direct match first, then alias-substring fallback. Settings name considered formalized if Tooling text includes either the name itself or aliases[name]. - parseAliases(raw) exported — line-based KV parser with #-comments and split-on-first-= semantics (values may contain "="). TDD: 6 new tests (3 detectDrift + 4 parseAliases). 12/12 GREEN. Smoke: node tools/l1-watcher.mjs -> exit 0, "OK — 0 drift". Known cosmetic baseline issue (pre-existing, not introduced here): the missingInSettings WARN list is noisy — regex /#\d+\s+([\w-]+(?:@[\w-]+)?)/g captures the first \w+ after "#NN" even when it is a plain word (e.g. "#1 PostgreSQL MCP" -> "PostgreSQL"), producing ~190 WARN entries. WARN is non-blocking, so strict mode flip in Phase 3 is unaffected; a follow-up filter on names containing "@" would silence this without behavioural change. Refs: ADR-011 brain governance §6.1 (C1 L1-watcher detector for the "plugin in settings.json without Tooling formalization" L1 pattern). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-19 07:12:05 +03:00
Дмитрий	4382de3a79	feat(controller): C1 l1-watcher — settings.json ↔ Tooling drift detector Pure regex/JSON, 0 LLM calls. 4 Vitest tests GREEN. Per ADR-011 + spec §6.1. Smoke run surfaces REAL drift (DONE_WITH_CONCERNS — plan B5 said «that's a real signal, document, don't fix here»): 9 plugins in ~/.claude/settings.json enabledPlugins NOT formalized by exact «name@source» string in Tooling Прил. Н: - frontend-design@claude-plugins-official (informally as #30 «Frontend Design plugin») - 8× ToB plugins @trailofbits (differential-review, audit-context- building, supply-chain-risk-auditor, insecure-defaults, sharp- edges, static-analysis, variant-analysis, agentic-actions-auditor) informally as #39 «Trail of Bits Skills» This is naming-vocabulary mismatch (Tooling uses human-readable names; settings.json uses machine names). Not architectural drift. Resolution options for follow-up: - Add machine names as «external_id» attribute to Tooling Прил. Н rows. - Add tools/.l1-watcher-aliases.txt with accepted machine→human map. Until resolved: C1 will FAIL on lefthook (C5 wiring) — addressed in C5 by adding alias mechanism OR temporarily downgrade to WARN. Also fixed CLI guard bug in observer-stop-hook.mjs (B3) and l1-watcher — old guard `import.meta.url === \`file://\${argv[1]}\`` did not match on Windows (file:/// triple-slash vs file:// double-slash + relative argv[1]). New guard: argv[1].endsWith('/<filename>.mjs'). Weekly GH Actions cron (Mon 09:00 MSK) opens issue on drift. Vitest config extended to ../tools/.test.mjs with exclude for ruflo- and subagent-prompt-prefix tests (pre-existing, not part of brain governance). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-19 06:31:18 +03:00

Дмитрий

2a2ded7a53

refactor(brain): C1 L1-watcher — drop broken reverse drift check

Removes the `missingInSettings` reverse check ("plugin documented in
Tooling but disabled in settings.json"). It was broken by design:
Tooling Прил. Н lists tools by human/group name ("Frontend Design
plugin", "Trail of Bits Skills") while settings.json keys are machine
IDs (`name@marketplace`) — the two namespaces never compare. The
`/#\d+\s+([\w-]+(?:@[\w-]+)?)/` scan also captured the first plain word
after "#NN" ("#1 PostgreSQL MCP" → "PostgreSQL"), so every run emitted
~190 lines of WARN noise.

ADR-011 §6.1 specifies only the settings→Tooling direction (the L1
pattern "plugin enabled without Tooling formalization"). That is the
FAIL path and is unchanged. detectDrift now returns `{ missingInTooling }`
only. CLI output is a clean single line on success.

Closes the cosmetic issue flagged in bffdaa9.

TDD: reverse-check test replaced with `not.toHaveProperty
('missingInSettings')`; 12/12 GREEN. Smoke: node tools/l1-watcher.mjs
-> exit 0, "OK — 0 drift" (no WARN block).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-19 07:36:21 +03:00

Дмитрий

bffdaa9f57

feat(brain): C1 L1-watcher alias mechanism — strict-ready

Closes the 9 pre-existing name@source drifts that prevented strict mode:
settings.json lists each marketplace plugin by machine name (e.g.
"frontend-design@claude-plugins-official"), while Tooling Прил. Н
describes them under a human/group name (e.g. "Frontend Design plugin",
"Trail of Bits Skills" — single row #39 for 8 sub-plugins).

Mechanism:
- tools/.l1-watcher-aliases.txt — settings_name=tooling_substring map.
- detectDrift(settings, tooling, aliases): direct match first, then
  alias-substring fallback. Settings name considered formalized if
  Tooling text includes either the name itself or aliases[name].
- parseAliases(raw) exported — line-based KV parser with #-comments
  and split-on-first-= semantics (values may contain "=").

TDD: 6 new tests (3 detectDrift + 4 parseAliases). 12/12 GREEN.
Smoke: node tools/l1-watcher.mjs -> exit 0, "OK — 0 drift".

Known cosmetic baseline issue (pre-existing, not introduced here):
the missingInSettings WARN list is noisy — regex
/#\d+\s+([\w-]+(?:@[\w-]+)?)/g captures the first \w+ after "#NN"
even when it is a plain word (e.g. "#1 PostgreSQL MCP" -> "PostgreSQL"),
producing ~190 WARN entries. WARN is non-blocking, so strict mode flip
in Phase 3 is unaffected; a follow-up filter on names containing "@"
would silence this without behavioural change.

Refs: ADR-011 brain governance §6.1 (C1 L1-watcher detector for the
"plugin in settings.json without Tooling formalization" L1 pattern).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-19 07:12:05 +03:00

Дмитрий

4382de3a79

feat(controller): C1 l1-watcher — settings.json ↔ Tooling drift detector

Pure regex/JSON, 0 LLM calls. 4 Vitest tests GREEN. Per ADR-011 + spec §6.1.

Smoke run surfaces REAL drift (DONE_WITH_CONCERNS — plan B5 said «that's
a real signal, document, don't fix here»): 9 plugins in
~/.claude/settings.json enabledPlugins NOT formalized by exact
«name@source» string in Tooling Прил. Н:
- frontend-design@claude-plugins-official (informally as #30
  «Frontend Design plugin»)
- 8× ToB plugins @trailofbits (differential-review, audit-context-
  building, supply-chain-risk-auditor, insecure-defaults, sharp-
  edges, static-analysis, variant-analysis, agentic-actions-auditor)
  informally as #39 «Trail of Bits Skills»

This is naming-vocabulary mismatch (Tooling uses human-readable
names; settings.json uses machine names). Not architectural drift.
Resolution options for follow-up:
- Add machine names as «external_id» attribute to Tooling Прил. Н rows.
- Add tools/.l1-watcher-aliases.txt with accepted machine→human map.

Until resolved: C1 will FAIL on lefthook (C5 wiring) — addressed in
C5 by adding alias mechanism OR temporarily downgrade to WARN.

Also fixed CLI guard bug in observer-stop-hook.mjs (B3) and l1-watcher
— old guard `import.meta.url === \`file://\${argv[1]}\`` did not match
on Windows (file:/// triple-slash vs file:// double-slash + relative
argv[1]). New guard: argv[1].endsWith('/<filename>.mjs').

Weekly GH Actions cron (Mon 09:00 MSK) opens issue on drift.

Vitest config extended to ../tools/*.test.mjs with exclude for ruflo-*
and subagent-prompt-prefix tests (pre-existing, not part of brain
governance).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-19 06:31:18 +03:00

3 Commits