Closes brain-retro #9 candidate 10 + self-retrospect 28.05: 16 reviewer-
Opus marks of "should have delegated to coder-agent". Controller (Opus)
was doing repetitive mechanical work itself, burning big-context budget
on tasks suited for fresh subagent.
PATTERN 8 trains classifier to recognize mechanical/repetitive signals
(N odnotipnyh, massovaya pravka, po shablonu) and recommend coder-agent
#19 via Task tool delegation.
Closes brain-retro #9 candidate 8: 8 reviewer-Opus marks of "should
have used Sentry first". Self-retrospect 28.05: "симптом с боевого →
гадать по коду вместо Sentry".
PATTERN 7 forces classifier to put Sentry MCP (#34) FIRST in
recommended_chain when prompt indicates production-runtime origin
(boevoj, klient soobschil, v logah, etc).
NB: Sentry MCP is currently pending B-1 deployment per Tooling section
4.8, but pattern is added so classifier produces correct recommendation
once instance is live.
Closes brain-retro #9 candidate 1: classifier recognized bugfix via
PATTERN 4 (→ systematic-debugging) but didn't extend to chain with
Pest #18 for test-first regression coverage.
Real-world driver: adr-judge.py catastrophic backtracking fix (commit
1e1457eb) — should have gone through TDD via Pest, not direct edit.
Reviewer Section A in retro #9 flagged this.
PATTERN 6 extends PATTERN 4 with explicit chain recommendation when
fix touches live code (regex/parser/hook/race/perf).
Workflow run 26564332893 failed at 14s — most likely npm ci hit Histoire/Vite
peerDep conflict (quirk #74 in feedback_environment.md). --legacy-peer-deps
mirrors local install pattern. Also bumped to Node 22 (Node 20 actions deprecated).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Wires tools/enforce-override-limit.mjs into PreToolUse for mutating tools
matcher Edit|Write|MultiEdit|NotebookEdit|Bash|Task|Agent.
Activates the hard-limit logic from previous commit. From now: 6th use
of same override-phrase per day will block mutating tools until bypass
or new day.
Code-review noted that any uncaught exception in main() would propagate
as a non-zero exit, potentially blocking the user. Plan required fail-
open discipline; sibling hooks (enforce-chain-recommendation) use the
same try/catch wrapper pattern.
Follow-up to 0a52b3d8.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Code review noted that the new section heading ## C6: System Health collided
with the existing alert-table row | C6 Chain map sync | for controller C6.
Two things named C6 confuses readers and brain-retro analysis scripts.
Heading is now ## System Health (no prefix). Section position unchanged.
Also tightens weak toContain('2')-style assertions in system-health.test.mjs
to pipe-delimited '| 2 |' form -- prevents false-passes if sort order breaks.
Follow-up to 7314a926.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add buildReviewPromptStructured() returning { system, user } and route
reviewViaDirectApi through callAnthropicAPI's structured branch — same
pattern the classifier already uses (router-classifier.mjs L456-484), so
infrastructure is reused, no new transport code.
system block: static instructions + 8-dim cues + schema-version notes
(byte-identical across episodes of the same schema_version → cache key
stable within a 5-min TTL).
user block: per-episode JSON (volatile).
Effect on Opus 4.7: ~zero until system grows past 4096-token cache-
minimum or model switches to Sonnet (2048 min). Anthropic silently
no-ops cache_control when prefix is below the minimum — no error,
cache_creation_input_tokens just stays at 0. Architecturally correct
and future-proof; activates the moment either condition flips.
buildReviewPrompt() kept as backward-compat wrapper.
Tests: +5 invariants for the split + cache-prerequisite check
(system identical across two v4 episodes with different bodies).
14/14 GREEN.
ремонт: фикс инфраструктуры стоимости — split prompt для активации
prompt caching на reviewer-agent
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Closes third behavioral-debt block from retro #8: CLAUDE.md §5 п.14 (graph-first для codebase-вопросов) was being ignored — controller did 4+ Grep searches today without consulting graphify.
Three changes:
1. tools/enforce-graph-first.mjs (NEW): Stop hook blocking turn-end when Grep+Glob count >= 3 in turn AND no graphify invocation (Skill 'graphifyy' / Bash 'graphifyy' / SlashCommand 'graphify'). Override: 'graph-skip: <reason>' inline OR global override-phrase. 19 vitest tests cover empty toolUses, threshold boundary, graphify detection forms, override variants.
2. tools/enforce-override-vocab.json: added 'graph-first' AND 'chain-recommendation' to suppresses[] of all 7 global override phrases (без скилов / direct ok / срочно / быстрый коммит / recovery / memory dump / ремонт инфраструктуры). This closes a vocab gap that ALSO affected the previously-deployed chain-recommendation hook (a3 from d1d53080) — global overrides did not work for it either until now.
3. .claude/settings.json: registered enforce-graph-first.mjs as 5th Stop hook entry.
Full vitest tools-sweep: 1041/1041 GREEN. Reviewer APPROVE on spec + code quality. Pipe-test verified (empty event → exit 0, no block).
Three brain-governance hardening changes from retro #8 follow-up:
1. enforce-classifier-match: confidence threshold raised 0.7→0.8 (was producing false-positives on borderline LLM recommendations like #3 GitHub MCP for local debug, #36 adr-kit for status readouts). 2 new vitest tests cover boundary values 0.7 and 0.75 (now allowed).
2. enforce-chain-recommendation (NEW): PreToolUse hook blocking mutating tool calls when router gave recommended_chain length >= 2 and controller is not expanding it. Allows pass when: any chain node already invoked, inline 'chain-override: <reason>' present, or global override-phrase in user prompt. 20 vitest tests cover empty chain, single-node bypass, override variants, alias resolution, mixed numeric/string ids.
3. registry-load.test.mjs: bump expected counts 85→86 nodes / 77→78 active (collateral fix after parallel session added #86 graphifyy in 27289c05).
Full vitest tools-sweep: 1022/1022 GREEN.
Reviewer APPROVE on spec compliance + code quality (non-blocking observations: test count mis-report in implementer's claim 33→20 actual, hardcoded 'superpowers:' alias prefix, no direct test for extractCalledSkillIds — deferred).
Hook activation in .claude/settings.json deferred — controller will register separately based on owner's choice (block / warn-only / defer).
§6 +session-closure paragraph (top); §9 +v2.31 entry; header summary
updated. Captures today's two commits:
b1398883 feat(brain-retro): extend mandatory digital analysis 7 → 10 cuts
1e1457eb fix(adr-judge): catastrophic backtracking on prose-only Enforcement
Not a normative-version-bump-worthy event (no new tool, no new ADR,
no new off-phase subcategory; tools/adr-judge.py is vendored from
adr-kit v0.13.1 — separately tracked living constraint;
brain-retro analyzer is a procedural extension within existing
ADR-011 observer infra). §0 cross-refs to Pravila / PSR_v1 / Tooling
intentionally not bumped.
Bundled with cspell-words.txt +slepok (project term used in v2.29
slepok-routing-protection entry; was previously bypassing cspell
via --no-verify on v2.30 commit, now properly registered).
Memory side-syncs (separate, in ~/.claude/projects/.../memory/):
- new: feedback_adr_judge_redos.md
- fixed: feedback_vitest_sentinel_recipe.md (self-contradicting
.test.mjs suffix in exclude args defeated detectFullTestRun)
Via /claude-md-management:revise-claude-md per §5 п.10.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
ENFORCEMENT_BLOCK_RE used a single regex with nested non-greedy
quantifier `(?:.*?\n)*?` plus re.DOTALL — when an ADR has the
`## Enforcement` heading but no fenced ```json block in that
section (prose-only enforcement is legitimate; see ADR-011 where
the prose explicitly says "this section's existence is verified
per-commit"), the regex engine exhausts itself searching for a
non-existent closing fence through ~50+ lines of subsequent prose.
Observed: lefthook adr-judge job >60s timeout (exit 124) on every
commit, traced to ADR-011 (10337 B) — ADR-016 has the same shape
and would have hung next. Other ADRs (000–010) finish in <0.2 ms
either because they have a fenced JSON block to find or no
`## Enforcement` heading at all.
Fix: decompose into three non-backtracking searches —
1. find `## Enforcement` heading
2. find next `## ` heading (section boundary; falls back to EOF)
3. search ```json fence ONLY within that section
Side benefit: the JSON fence is now correctly scoped to the
Enforcement section, so a ```json block in a later section
(References, Amendment, etc.) is no longer accidentally picked up.
Verification:
- Repro `tools/adr-judge-repro.py`: all 13 ADRs parse in <1 ms each
post-fix (ADR-011 / ADR-016 prose-only sections return None
correctly; ADR-001 still extracts its forbid_import / require_pattern
/ llm_judge keys).
- End-to-end `python -X utf8 tools/adr-judge.py --diff - --adr-dir docs/adr/`
with a small diff: exit 0 in <1 s (was: >60 s timeout).
- Lefthook adr-judge job in the preceding brain-retro commit
(b1398883): 0.25 s, OK.
Note: tools/adr-judge.py is vendored from adr-kit v0.13.1 (per
lefthook.yml comment "пере-вендорить после /adr-kit:upgrade").
This fix should be reported upstream; until upstream releases the
patched parser the local change must be preserved across re-vendor.
ремонт инфраструктуры
ремонт: catastrophic-backtracking in adr-judge ENFORCEMENT_BLOCK_RE
blocks every commit > 60 s on prose-only Enforcement sections
(ADR-011, ADR-016)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Hygiene commit after consolidated brain-retro #6 follow-up. Captures live
runtime state where the fixes are now visibly working:
- STATUS.md regen reflects 917-test sentinel pass.
- episodes-2026-05.jsonl: +50 lines from this session's turns, including
state with source: llm + non-empty task_cost (A1 live evidence).
- pii-counters.json: counter increments from PII filter scans during retro.
- settings.json: linter-normalized hook order (no semantic change).
- .gitleaksignore: prior staged hash entry from parallel session.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Brain-retro #5 candidate C, hole 8: ~/.claude/runtime/override-usage.jsonl
logged every override-vocab use but no surface analyzed frequency. 18x
recovery in lifetime was hidden until manual inspection.
New module tools/enforce-override-monitor.mjs computes per-phrase totals
plus today's count; warns (warning) at >=5/day per phrase (configurable).
Wired into tools/status-md-generator.mjs as a new '## Использование
override-фраз' block.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Brain-retro #5 surfaced a correlation: long sessions (≥50 turns) correlate
with discipline drift. Reviewer pass showed regulated rate dropped 19% →
4.5% during a long session.
This commit adds:
• computeSessionLengthBlock(episodes, opts?) — pure function that
groups today's (UTC) episodes by task_id, finds the MAX session_turn
per session, and surfaces sessions with ≥threshold turns (default 50)
in a markdown block.
• Wire-up in renderStatus + main CLI: new "## Длинные сессии" section
inserted between disciplineBlock/activeProjects and costBlock.
• 7 new unit tests (36/36 total green).
Behavior:
• No sessions today → ✅ "Ни одной сессии с >50 ходов".
• One+ flagged → ⚠️ table { session_id, max turn, regulated %, last episode ts }.
• Custom threshold via opts.threshold.
Per memory project_enforce_hard_rules.md: this is an indicator, not a hook;
no blocking, just observability. Owner can decide whether to restart when
regulated % drops in a long session.
Found via TDD that supplier_leads has its own platform CHECK constraint
(chk_supplier_leads_platform) and that the seed migration was missing
NOT NULL columns (accepts_types, channel). Migration now:
- widens supplier_projects/project_supplier_links/supplier_leads.platform
VARCHAR(4) → VARCHAR(8) (DIRECT is 6 chars)
- extends three CHECK constraints to include 'DIRECT'
Seed migration uses raw SQL INSERT to properly serialize PG ARRAY type
for accepts_types column. channel='sites' (valid per suppliers_channel_check).
db/schema.sql synced — 3 platform columns and 3 CHECK constraints updated.
CHANGELOG_schema.md entry pending Task 9.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
LedgerService::resolveSupplierId returns suppliers.code='direct' row for
DIRECT-platform supplier_projects (and for parsed-from-payload non-B
projects). CsvReconcileJob::extractPlatform now classifies most non-empty,
non-junk project strings as DIRECT (instead of dumping them into
unparseable_count) — this allows CSV recovery to also create DIRECT
supplier_leads, mirroring the webhook path.
CsvReconcileJobTest junk-rows fixtures updated: previously used callback
phone-number-as-project (79135551234) and URL-like strings as 'junk', but
those are now valid DIRECT identifiers. Replaced with truly junk strings
matching only outside-whitelist symbols (e.g. '???', '!@#').
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
parseProjectField() returns ('DIRECT', signal_type, identifier) when project
has no B-prefix; identifier-detection (call/site/sms regex) runs on full
project string. LeadRouter::matchEligibleProjects has a DIRECT fast-path
that matches Liderra projects by (signal_type, signal_identifier) directly
without requiring project_supplier_links pivot — because DIRECT
supplier_projects are auto-created on first webhook and don't have manual
psl links.
B1/B2/B3 path unchanged (psl-based via project_supplier_links).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Drops regex /^B[123]_.+$/ from project field validation; parsePlatform()
returns 'DIRECT' for projects without B-prefix (instead of silent fallback
to 'B1'). SupplierProjectResolver ALLOWED_PLATFORMS extended to include
DIRECT.
Closes ~67 of 82 lost leads/day for tenant client1 (observed 2026-05-25):
mostly client.carmoney.ru (55), B2_Caranga (7), cabinet.caranga.ru (3),
cashmotor.ru (2), numeric callback IDs (~10).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
TDD found that 'DIRECT' (6 chars) does not fit in VARCHAR(4). Three columns
need widening: supplier_projects.platform, project_supplier_links.platform,
supplier_leads.platform. supplier_manual_sync_queue.platform was already
VARCHAR(8). Done in the same migration as CHECK extension — single
atomic deploy.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
LedgerService::resolveSupplierId will look up suppliers WHERE code='direct'
for DIRECT-platform supplier_projects (Phase 3). cost_rub matches B1 (same
supplier company, different lead-routing channel).
Spec: docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds early merge check in RouteSupplierLeadJob::createDealCopyForProject:
when lead.vid IS NOT NULL and an existing deal with NULL source_crm_id
exists for (tenant, phone, project_id) within last 24h, UPDATE that
deal's source_crm_id instead of creating a second Deal. INSERT into
supplier_lead_deliveries links the new supplier_lead.id to the existing
deal.id. LedgerService::chargeForDelivery is NOT called — the original
charge happened when the csv-recovery created the deal.
Closes 37 duplicate deals observed on prod for tenant client1 25.05.2026.
Spec B Phase 1 (commit ccfecd5e) removed DuplicateDetector — this fix
restores idempotency for the specific webhook-after-csv-recovered case
WITHOUT re-blocking intentional supplier repeats with different vids.
Guard: only merges where source_crm_id IS NULL (the CSV-recovered marker).
Two webhooks with different vids on same phone+project still create two
deals — by-design per Spec B.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds withExceptions render callback for ValidationException that forces
JSON 422 response when request matches api/webhook/supplier/* — regardless
of Accept header. Default Laravel behavior is 302 redirect for non-JSON
clients, which strips POST body.
Observed on prod 2026-05-25: 76 of 234 supplier webhook hits got 302 (Location: /),
mostly for non-B-prefix projects (client.carmoney.ru, cabinet.caranga.ru,
cashmotor.ru). Supplier doesn't follow 302 redirects on POST, so the
lead body is lost. This fix ensures supplier always sees a meaningful
422 with errors[] instead of a redirect.
Other routes unaffected (render returns null for non-webhook URLs).
Investigation 2026-05-25: for tenant client1 (tenant_id=2) on prod liderra.ru:
- 205 leads at supplier (info@lkomega.ru, visit=rt) vs 160 deals on portal
- 82 leads lost (76 via 302-redirect from ValidationException, mostly
non-B-prefix projects: client.carmoney.ru, cashmotor.ru, etc.)
- 37 duplicate deals (CSV-recovered SupplierLead vid=null + later
webhook with real vid "create two Deals because supplier_lead_deliveries
locks on supplier_lead_id, not phone+project)
Three independent fixes, three plans, three deploys:
Phase 1 (low risk): Always JSON 422 for webhook ValidationException
Phase 2 (med risk, billing): merge webhook-after-CSV-recovered into
existing deal, no double-charge
Phase 3 (high risk, migration): accept non-B projects as platform=DIRECT
end-to-end (controller + 4 services + migration)
Phase 3 includes new LeadRouter fallback path: DIRECT-supplier_projects
match Liderra projects via signal_type+signal_identifier directly
(no project_supplier_links pivot required, since psl rows don't exist
for auto-created DIRECT supplier_projects).
Refs: docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md
Append-only journal capture during the factor-analysis bug-surface session.
Episodes contain live tests of the LLM classifier retry logic (10/10 LLM
success rate post-retry) and the prefilter Layer 1 gate on short prompts.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Sync шапок и changelog'ов 3 нормативных файлов под Pravila v1.42
(коммит a2d6feb7 §17.7 «Coverage announcement»). Только cross-refs,
без контентных правок § тел.
- CLAUDE.md: §0 row Pravila v1.41→v1.42; §9 +entry «cross-ref update».
- docs/Tooling_v8_3.md: header cross-ref Pravila v1.41+→v1.42+;
§13 footnote «Прил. Н v2.23 от 25.05.2026 cross-ref update».
- docs/Plugin_stack_rules_v1.md: §0 changelog Pravila v1.39+→v1.42+;
История версий +entry v3.22 (cross-ref update).
Tooling канон счётчиков #1-#83 не тронут (Phase 3 deferred — не
плагины, не агенты). Записи v1.34-v1.41 в §10 Pravila таблице
по-прежнему не дотянуты (известный дрейф предыдущих сессий, вне
этого scope).
Через subagent normative-sync (#84) per Pravila §2.4. Гейт
cross-ref-checker (C2): 0 drift.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>