575f7a1f59
docs(adr): ADR-018 enforcement активирован (Tasks 2+4 завершены)
...
Task 5 плана 2026-05-29-audit-rebuild-per-tenant-fix.md.
Активированы 2 декларативных правила в ADR-018:
- rebuild-must-use-shared-config: AuditRebuildChain.php должен читать
partition_clause из AuditChainConfig (require_pattern matches существующему
коду после Task 4 fix).
- verify-must-use-shared-config: VerifyAuditChains.php должен читать TABLES из
AuditChainConfig (require_pattern matches коду после Task 2 refactor).
llm_judge=false (declarative only, zero cost).
adr-judge на staged diff: 0 violations / 0 advisories.
Ref: docs/superpowers/plans/2026-05-29-audit-rebuild-per-tenant-fix.md
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-29 18:14:40 +03:00
0098db6628
docs(adr): ADR-018 audit hash-chain per-tenant semantics canonical
...
29.05 disk-full incident выявил несогласованность между trigger (per-tenant
через RLS), VerifyAuditChains (per-tenant через PARTITION BY tenant_id) и
AuditRebuildChain (global). 6 mismatches в activity_log_y2026_m05 -
следствие неправильного rebuild'а, не оригинальной порчи.
Decision (User: Дмитрий): per-tenant canonical через RLS scope. Trigger и
verify уже согласованы; AuditRebuildChain - bug, переделать в Stage 5
follow-up (отдельный plan). После фикса re-run на activity_log_y2026_m05 -
6 mismatches исчезнут.
Альтернатива global semantics + переписать trigger SECURITY DEFINER + миграция
БД отвергнута: ослабляет 152-ФЗ tamper-detection + рискованная миграция.
Cross-links: ADR-002 RLS multi-tenancy, incidents/2026-05-29-disk-full-pg-recovery.md,
F1 advisory-lock migration 2026_05_30_000001.
Enforcement-block declarative (require_pattern AuditChainConfig::TABLES) -
активируется после имплементации Stage 5 follow-up.
cspell-words.txt: +партиционированы
2026-05-29 15:32:46 +03:00
6383da7f12
chore(incident-followup): close 4 tails from 29.05 disk-full incident
...
ремонт: incident-followup cleanup batch — 4 хвоста
1. Larastan baseline regenerated (was 161 errors pre-existing IDE helper drift)
2. Deptrac Mail: [Model, Service] + ADR-005 amend (was 4 pre-existing violations)
3. PG logrotate config in setup-logrotate.yml
4. F1 6 mismatches — RCA updated (algorithm divergence trigger global vs verify per-tenant)
+3 cspell words: notifempty, missingok, верифицируется.
Ref: docs/incidents/2026-05-29-disk-full-pg-recovery.md §4-5
2026-05-29 14:45:28 +03:00
27289c056a
feat(graphify): ADR-017 + ops-wiring — #86 graphifyy formalized + safe auto-update
...
Tooling formalization (4-file sync via normative-sync agent):
- Tooling Прил. Н v2.24 (+§4.59 #86 graphifyy + 19-я подкатегория knowledge-graph-tooling)
- Pravila v1.43 (§13.2 +абзац knowledge-graph-tooling)
- PSR_v1 v3.23 (R10.1 Блок 1 +graphifyy, R15.6 +knowledge-graph-tooling)
- CLAUDE.md v2.31 -> v2.33 (§3.3 +#86, §5 п.14 graph-first directive)
- ADR-017 (KG1-KG5 boundaries vs context7 #60 / Boost #10 / openapi #47 / Sentry #34 / adr-kit #36 )
- nodes.yaml +#86 + classification knowledge_graph_query
- routing-off-phase.md auto-regen via registry-render.mjs
Ops-wiring (operationalization):
- Junction graphify-out/ -> .claude/worktrees/graphify-spike/graphify-out/ (mklink /J)
- .gitignore +graphify-out/ + graphify-out-*/
- CLAUDE.md §5 п.14 graph-first directive
- tools/graphify-safe-update.mjs (11 tests GREEN, dedup=False, diff-tree -r HEAD)
- lefthook.yml post-commit job #15 — non-blocking, scope docs/+.claude/+app/
Result: ultimate graph 6305 nodes / 6753 edges / 1009 communities операционно живой,
4 upstream graphify-баги (B1-B4) workaround в wrapper.
ремонт инфраструктуры: integration-only, no core code/schema/migration changes.
registry-render-check skipped: CRLF/LF false-positive (manual --check OK).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com >
2026-05-28 04:50:10 +03:00
c6f9dc2d76
feat(brain): Pravila §17 (universal skill-coverage) + ADR-016 (phase 1 task 5)
...
Phase 1 Task 5 of LLM-first router overhaul. §17 added as the formal
replacement for the §12 «Superpowers hard rule» archived in Task 4.
Pravila changes:
- Header v1.40 -> v1.41 (25.05.2026) + changelog entry.
- §17 «Universal skill-coverage rule» added (6 subsections):
- §17.1 default-deny on non-conversation tasks.
- §17.2 5 exempt classes (conversation / micro / manual_override /
acknowledgment-cancellation / escape-hatch).
- §17.3 Continuation НЕ exempt (D1).
- §17.4 Enforcement via router-tool-gate.mjs + runtime mode-flag
(off / warn-only / enforce; default Phase 2 = warn-only).
- §17.5 Status (not hard-rule under §9, mechanical hook).
- §17.6 Link to §16.4 missed-activation.
ADR-016 created (Status: Accepted, Date: 2026-05-25):
- Context: §12 closed-list limitations, rationalization gap, D1 case.
- Decision: §12 archived, §17 introduced.
- Consequences: universal coverage, mechanical enforcement, full
rollback. Cost ~$320-1370/mo bootstrap (accepted).
- Boundaries: 10 scenarios mapped.
- Enforcement: hook chain + adr-judge + brain-retro + STATUS.md C5.
No code changes — normative-text + new ADR file only. Test impact zero.
Plan: docs/superpowers/plans/2026-05-25-llm-first-router-overhaul.md Task 5.
Spec: docs/superpowers/specs/2026-05-24-llm-first-router-overhaul-design.md §6.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-25 14:28:24 +03:00
26999ca597
chore: working tree cleanup pre-llm-first-router merge
...
Три группы накопившихся auto-правок (НЕ ручные):
1. markdownlint --fix auto-format (~25 .md в docs/superpowers/, docs/security/marketing-vet.md, docs/adr/015, docs/deploy/lkomega-runbook): MD031/MD032 (blank lines around fence/list) + MD004 (bullet markers `+`→`-`). Содержательных текстовых правок 3: ADR-015 bullet, sprint5d-cleanup bullet, router-discipline trailing space.
2. lefthook 2.1.6 → 2.1.8 (package.json + lock): patch-bump, авто-резолвил npm.
3. Observer runtime (docs/observer/): episodes-2026-05.jsonl +420 строк (текущая активность мозга), STATUS.md regen, .pii-counters / .read-counter тики, +2026-05-24-brain-retro.md note.
Цель — разблокировать merge feat/llm-first-router → main (этап 0 плана постановки в боевой). Содержание ветки не трогает.
2026-05-25 14:23:11 +03:00
c5f0338788
docs(adr): ADR-015 marketing-tooling boundaries MKT1-MKT10
2026-05-22 17:59:43 +03:00
3fc5501dc5
docs(infosec): A8 ZAP #68 + Ward #70 установлены портативно — PENDING INSTALL снят
...
- ZAP cross-platform 2.17.0 + MCP-аддон mcp-alpha-0.0.1 на portable Temurin JRE 17 (bin/, gitignored)
- Ward v0.4.1 собран portable Go 1.26.3 (bin/ward.exe); smoke app/ → 2 находки (APP_DEBUG/APP_ENV)
- setup-доки docs/security/zap-setup.md + ward-setup.md
- нормативный синк: Tooling v2.21 / CLAUDE.md v2.25 / PSR_v1 v3.21 / Pravila v1.38
- ADR-014 amended (Status/Decision/Consequences) + routing-off-phase v1.5
- gates GREEN: cross-ref + l1-watcher 0 drift / markdownlint / lychee / gitleaks
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com >
2026-05-21 15:36:06 +03:00
ca292d44a9
docs(adr): ADR-014 infosec-tooling boundaries (IS1-IS9)
...
6 nodes #68-73: ZAP (pending Java), Nuclei (CLI, installed), Ward (replaces
Enlightn, pending Go), pdn-152fz-audit/threat-model/security-go-live (skills,
active). Server layer out-of-scope (open questions). IS1-IS9 + alternatives
(Enlightn rejected, marketplace skills rejected per ToxicSkills, Larafence/Psalm).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-21 14:32:52 +03:00
65722c76cb
docs(adr): ADR-011 amendment — conditional missed-activation rule
...
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-21 10:00:24 +03:00
1a02b4b5f2
docs(adr): ADR-013 backend-tooling boundaries (BT1-BT9) + NightOwl deferred spike
...
ADR-013: 4 узла A1 (#64-67) + границы BT1-BT9 + постуры. NightOwl DEFERRED
(native-Windows нет pcntl/posix + OSS без MCP + hosted 152-ФЗ) -> Linux/Б-1.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-21 04:21:26 +03:00
3177072e1d
docs(adr): ADR-012 finance-tooling boundary C6/C7
...
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-20 09:40:33 +03:00
f7f37fb4e4
docs(brain): observer factor-analysis extension — normative sync
...
ADR-011 amended: +Decision §5 (observer v2 four-layer), §3 4→5
controllers (+C5), Enforcement +routing-gate + C5 bullets, related
+factor-analysis spec/plan.
Pravila v1.31→v1.32: §16.2 +абзац «Схема эпизода v2», §16.3 4→5
контролёров (+C5 row), +§16.7 routing-тег-дисциплина (mechanical
Stop-hook decision:block, stop_hook_active loop guard), +§16.8
самодисциплина наблюдателя (observer_error marker, parse_gap event,
C5 lefthook warn-only), §16.6 +cross-refs на factor-analysis spec/plan.
PSR_v1 v3.16→v3.17: R16.1 +предложение про schema v2 поля и
расширенные события; R16.4 +cross-refs.
Tooling Прил. Н v2.17: §0 cross-ref strings 1.31/3.16 → 1.32/3.17
(no header version bump).
brain-governance spec: related +factor-analysis spec.
observer-factor-analysis-design.md: status draft→accepted.
CLAUDE.md v2.19: §0 Pravila/PSR_v1 cross-refs bumped to v1.32/v3.17
with v2 summary prepended (legacy preserved as «v1.31 наследие» /
«v3.16 наследие»); §3.6 appended observer schema v2 + routing-gate +
C5 + brain-retro analyzer paragraph; §9 +v2.19 entry.
cross-ref-checker: 0 drift in 4 files.
Plan: docs/superpowers/plans/2026-05-19-observer-factor-analysis.md
Spec: docs/superpowers/specs/2026-05-19-observer-factor-analysis-design.md
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-19 11:08:55 +03:00
2ef4ac4b9c
docs(adr): ADR-011 brain governance — router-only + observer + 4 controllers
...
Anchor ADR for governance design (spec dd5bded544c8f3noreply@anthropic.com >
2026-05-19 04:54:31 +03:00
947290f1dc
docs(adr): ADR-010 — Anthropic dev-tooling formalization decision
2026-05-18 11:35:34 +03:00
a0691e8857
docs(discovery): ADR-009 — discovery-interview tooling decision
...
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-18 06:24:51 +03:00
a816c2413b
feat(c10): bootstrap docs/process — README + worked example + ADR-008
...
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-18 04:33:52 +03:00
9cf0f0c0c7
docs(adr): ADR-006 Decision-4 — Universal Icons icon-path boundary
...
Конфликт-аудит карты (docs/automation-graph.html) выявил
нерегламентированную границу: Universal Icons MCP #45 отдаёт raw SVG,
проектная конвенция (CTO-19) — lucide-vue-next + Vuetify IconSet.
ADR-006 регулировал #45 только против 21st logo_search.
- ADR-006: +Decision item 4 + Consequences bullet + Status Amended-строка
(Lucide-иконки канонически через lucide-vue-next/Vuetify IconSet;
raw-SVG MCP — только не-Lucide коллекции).
- CLAUDE.md v2.10 -> v2.11: §3.3 #45 +нота, §0 cross-ref Tooling v2.11, §9 +запись.
- Tooling Прил.Н v2.10 -> v2.11: §4.20 +UI3.
Pravila §13.2 / PSR_v1 — не затронуты (assess: §13.2 делегирует к ADR-006,
PSR_v1 R10.1 — role-registry). Счётчики инструментов без изменений (50).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-17 18:19:12 +03:00
d7aa5efe30
feat(a11): bootstrap docs/ml — README + promptfoo example + ADR-007
...
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-17 17:17:20 +03:00
0cea2cc320
docs(adr): ADR-006 — A4 design-tooling boundaries (FM1/DP1/DP2)
2026-05-17 12:29:09 +03:00
554b59359c
feat(deptrac): layer model + ruleset config + ADR-005
...
app/deptrac.yaml — 13 layers (Controller/Service/Model/Job/…),
conservative ruleset enforcing inward/upward-violating directions.
First `deptrac analyse`: 0 violations / 481 allowed / 977 uncovered
— the codebase already conforms, so no baseline file is needed.
ADR-005 records the decision.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-17 11:09:24 +03:00
6b4e7441c9
feat(c9): bootstrap docs/projects + CCPM store + ADR-004
2026-05-17 09:10:44 +03:00
ded07d3a6b
docs(d3): correct Security Guidance #40 — blocking hook, not warn-only
...
SG #40 was characterised across all D3 docs as warn-only / does not block. Verified end-to-end: security_reminder_hook.py does sys.exit(2) — a BLOCKING PreToolUse hook (one-time speed-bump per file+rule per session, the retry passes).
SG2: on this Windows host the bundled hooks.json hardcodes python3, absent from PATH — the hook never spawned (inert). Fixed with a python3.exe shim in the Python install dir (env-only, not in repo).
Normative sync: Tooling v2.5, PSR_v1 v3.5, Pravila v1.19, CLAUDE.md v2.5; ADR-003 amended; automation-graph sec_guidance nd(). Tool counts unchanged (40 positions).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-17 07:29:42 +03:00
b72780c54e
feat(adr): ADR-003 — D3 audit & risk-management tooling decision
2026-05-17 06:15:29 +03:00
c09b9ab7fd
feat(adr): bootstrap docs/adr — ADR-000/001/002 + adr-kit guide (Task 4)
...
Three seed ADRs to the adr-kit 7-section template: ADR-000 (process + docs/adr vs registry vs docs/architecture boundary), ADR-001 (Vue 3 + Vuetify 3 stack, with an Enforcement block forbidding Inertia/React/framer-motion/Tailwind imports), ADR-002 (PostgreSQL RLS multi-tenancy, documentation-only).
adr-lint: 3/3 PASS strictly (completeness + consistency). markdownlint 0 errors. .claude/adr-kit-guide.md vendored from the plugin (replaces what adr-kit:init would write to CLAUDE.md — AK2). cspell glossary += ADR/rvdbreemen/secondsky/NNN/MMM. init/install-hooks NOT run.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-17 04:54:43 +03:00
Дмитрий