4 Commits

Author	SHA1	Message	Date
root	de8fb10f52	phase-42: truth/ repo-root dir + TOML rule loader ... Phase 42 PRD (docs/CONTROL_PLANE_PRD.md:144): "truth/ dir at repo root — rule files, versioned in git." Didn't exist. Landing both the dir + its loader. New files: truth/ README.md — documents file format, rule shape, composition model (file rules are additive on top of in-code default_ truth_store), explicit non-goals (no hot reload, no inheritance) staffing.fill.toml — 2 staffing.fill rules: endorsed-count-matches-target, city-required (both Reject via FieldEmpty) staffing.any.toml — 1 staffing.any rule: no-destructive-sql-in-context via FieldContainsAny (parallel to the queryd SQL gate we already ship) crates/truth/src/loader.rs — load_from_dir(store, dir) — 5 tests: happy path, duplicate-ID rejection within files, duplicate-ID rejection against in-code rules, non-toml files skipped, missing-dir error. Alphabetical file order for reproducible error messages. crates/truth/src/lib.rs — new pub fn all_rule_ids() helper on TruthStore so the loader can detect collisions without breaching the private `rules` field. crates/truth/Cargo.toml — adds `toml` workspace dep. Composition model: file rules are ADDITIVE on top of what default_truth_store() registers in code. Operators can tune thresholds/needles/descriptions at the file layer without a code deploy. Schema changes (new RuleCondition variants) still need a code bump. Integration hook (not in this commit, flagged for follow-up): main.rs should call loader::load_from_dir(&mut store, "truth/") after default_truth_store() so file-backed rules take effect on gateway boot. Deliberately separate: this commit lands the machinery; wiring it on happens when the team is ready to own the rule file lifecycle. Total: 37 truth tests green (was 32). Workspace warnings still 0. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-24 13:44:23 -05:00
root	049a4b69fb	truth: split staffing + devops into dedicated modules (Phase 42 PRD) ... Phase 42 PRD (docs/CONTROL_PLANE_PRD.md:137) specified: - crates/truth/src/staffing.rs — staffing rule shapes - crates/truth/src/devops.rs — scaffold for DevOps long-horizon PHASES.md marked Phase 42 done, but the rule sets lived inline in default_truth_store() in lib.rs. Worked, but doesn't match the PRD's module separation — and that separation matters when the long-horizon phase fleshes out devops rules: "Keeps the dispatcher signature stable so no refactor needed later." Fix: extract staffing_rules() into staffing.rs (5 rules, unchanged behavior) + create devops.rs with an empty scaffold. default_truth_store becomes a one-line composition: devops::devops_rules(staffing::staffing_rules(TruthStore::new())) 4 new tests in the submodules cover: - staffing_rules registers expected count (regression guard) - blacklisted worker fails the client-not-blacklisted rule - missing deadline fires Reject via FieldEmpty condition - devops scaffold is a no-op for now Total truth tests: 28 → 32. Workspace warnings still at 0. Still open from Phase 42 (flagged, not in this commit): - `truth/` dir at repo root for file-backed rule loading (TOML/YAML). Rules are in-code today; loader work is a separate feature. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-24 13:25:54 -05:00
root	9cc0ceb894	P42-002: wire truth gate into queryd /sql + /paged SQL paths ... The scrum master flagged crates/queryd/src/service.rs across iters 3-5 with the same finding: "raw SQL forwarded to DataFusion without schema or policy gate; violates PRD §42-002 truth enforcement." Confidence 79-95%, gradient tier auto/dry_run. Applier couldn't touch it — the fix is larger than 6 lines and crosses crate boundaries. Hand-fix lands the missing enforcement point: - truth: new RuleCondition::FieldContainsAny { field, needles } with case-insensitive substring matching. 4 new unit tests cover the positive, negative, missing-field, and empty-needles paths. - truth: sql_query_guard_store() helper returns a baseline store that rejects destructive verbs (DROP/TRUNCATE/DELETE FROM) and empty SQL. - queryd: QueryState grows an Arc<TruthStore>; default router() loads sql_query_guard_store; new router_with_truth(engine, store) lets tests inject a custom store. - queryd: sql_policy_check() runs truth.evaluate("sql_query", ctx) before hitting DataFusion. Reject/Block actions on matched conditions short-circuit to HTTP 403 with the rule's message. Both /sql and /paged gated. - queryd: 7 new tests cover block/allow/case-insensitive/false- positive scenarios. "SELECT deleted_at FROM t" must NOT be rejected (substring match is narrow: "delete from", not "delete"). Total: 28 truth tests green (was 24), 7 new queryd policy tests green. Workspace baseline warnings unchanged at 11. This is a signal-driven fix the mechanical pipeline couldn't produce but the scrum master kept asking for. Closes one of four LOOPING files. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-24 04:38:52 -05:00
root	21fd3b9c61	Scrum-driven fixes: P5-001 auth wired, P42-001 truth evaluator, P9-001 journal on ingest ... Apply the highest-confidence findings from the Phase 0→42 forensic sweep after four scrum-master iterations under the adversarial prompt. Each fix is independently validated by a later scrum iteration scoring the same file higher under the same bar. Code changes ──────────── P5-001 — crates/gateway/src/auth.rs + main.rs api_key_auth was marked #[allow(dead_code)] and never wrapped around the router, so `[auth] enabled=true` logged a green message and enforced nothing. Now wired via from_fn_with_state, with constant-time header compare and /health exempted for LB probes. P42-001 — crates/truth/src/lib.rs TruthStore::check() ignored RuleCondition entirely — signature looked like enforcement, body returned every action unconditionally. Added evaluate(task_class, ctx) that actually walks FieldEquals / FieldEmpty / FieldGreater / Always against a serde_json::Value via dot-path lookup. check() kept for back-compat. Tests 14 → 24 (10 new exercising real pass/fail semantics). serde_json moved to [dependencies]. P9-001 (partial) — crates/ingestd/src/service.rs Added Optional<Journal> to IngestState + a journal.record_ingest() call on /ingest/file success. Gateway wires it with `journal.clone()` before the /journal nest consumes the original. First-ever internal mutation journal event verified live (total_events_created 0→1 after probe). Iter-4 scrum scored these files higher under same prompt: ingestd/src/service.rs 3 → 6 (P9-001 visible) truth/src/lib.rs 3 → 4 (P42-001 visible) gateway/src/auth.rs 3 → 4 (P5-001 visible) gateway/src/execution_loop 4 → 6 (indirect) storaged/src/federation 3 → 4 (indirect) Infrastructure additions ──────────────────────── * tests/real-world/scrum_master_pipeline.ts - cloud-first ladder: kimi-k2:1t → deepseek-v3.1:671b → mistral-large-3:675b → gpt-oss:120b → devstral-2:123b → qwen3.5:397b (deep final thinker) - LH_SCRUM_FORENSIC env: injects SCRUM_FORENSIC_PROMPT.md as adversarial preamble - LH_SCRUM_PROPOSAL env: per-iter fix-wave doc override - Confidence extraction (markdown + JSON), schema v4 KB rows with: verdict, critical_failures_count, verified_components_count, missing_components_count, output_format, gradient_tier - Model trust profile written per file-accept to data/_kb/model_trust.jsonl - Fire-and-forget POST to observer /event so by_source.scrum appears in /stats * mcp-server/observer.ts — unchanged in shape, confirmed receiving scrum events * ui/ — new Visual Control Plane on :3950 - Bun.serve with /data/{services,reviews,metrics,trust,overrides,findings,file,refactor_signals,search,logs/:svc,scrum_log} - Views: MAP (D3 graph, 5 overlays) / TRACE (per-file iter timeline) / TRAJECTORY (refactor signals + reverse index search) / METRICS (explainers with SOURCE + GOOD lines) / KB (card grid with tooltips) / CONSOLE (per-service journalctl tail, tabs for gateway/sidecar/observer/mcp/ctx7/auditor/langfuse) - tryFetch always attempts JSON.parse (fix for observer returning JSON without content-type) - renderNodeContext primitive-vs-object guard (fix for gateway /health string) * docs/SCRUM_FIX_WAVE.md — iter-specific scope directing the scrum * docs/SCRUM_FORENSIC_PROMPT.md — adversarial audit prompt (verdict/critical/verified schema) * docs/SCRUM_LOOP_NOTES.md — iteration observations + fix-next-loop queue * docs/SYSTEM_EVOLUTION_LAYERS.md — Layers 1-10 roadmap (trust profiling, execution DNA, drift sentinel, etc) Measurements across iterations ────────────────────────────── iter 1 (soft prompt, gpt-oss:120b): mean score 5.00/10 iter 3 (forensic, kimi-k2:1t): mean score 3.56/10 (−1.44 — bar raised) iter 4 (same bar, post fixes): mean score 4.00/10 (+0.44 — fixes landed) Score movement iter3→iter4: ↑5 ↓1 =12 21/21 first-attempt accept by kimi-k2:1t in iter 4 20/21 emitted forensic JSON (richer signal than markdown) 16 verified_components captured (proof-of-life, new metric) Permission Gradient distribution: 0 auto · 16 dry_run · 4 sim · 1 block Observer loop: by_source {scrum: 21, langfuse: 1985, phase24_audit: 1} v1/usage: 224 requests, 477K tokens, all tracked Signal classes per file (iter 3 → iter 4): CONVERGING: 1 (ingestd/service.rs — fix clearly landed) LOOPING: 4 (catalogd/registry, main, queryd/service, vectord/index_registry) ORBITING: 1 (truth — novel findings surfacing as surface ones fix) PLATEAU: 9 (scores flat with high confidence — diminishing returns) MIXED: 6 Loop thesis status ────────────────── A file's score rises only when the scrum confirms a real fix landed. No false positives yet across 3 iterations. Fixes applied to 3 files all raised their independent scores under the same adversarial prompt. Loop is measurable, not hand-wavy. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-24 02:25:43 -05:00