keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
122 commits 3 branches 11 tags 12 MiB
Commit graph

122 commits

This branch
This branch
All branches
Author SHA1 Message Date
Parfii-bot
44e5c764b4 Merge branch 'feat/v0.12-sleep-on-it' — v0.12.0 incubation layer with priority-scaled budgets 2026-04-22 02:30:45 +08:00
Parfii-bot
3cead09520 feat(integration): Phase A incubation wired into trigger + install + README 2026-04-22 02:30:04 +08:00
Parfii-bot
3d928b41db feat(skills): /sleep-on-it 6-phase wizard + kei-sleep-queue CRUD + incubation prompt 
Priority-scaled time budgets (quick/standard/deep/marathon/weekly),
marathon-mode for hard derivations (skips Phase B REM for one task),
checkpointing every N minutes via partial commits.
 2026-04-22 02:30:04 +08:00
Parfii-bot
c6c572dcf4 Merge branch 'feat/v0.11-sleep-sync' — v0.11.0 cloud REM sync for public users 2026-04-22 01:34:51 +08:00
Parfii-bot
aa77043477 feat(integration): --with-sleep-sync flag + README Cloud REM sync section 2026-04-22 01:34:42 +08:00
Parfii-bot
8e9c05272f feat(skills): /sleep-setup 5-phase wizard (click + 1 free-text URL) 2026-04-22 01:34:42 +08:00
Parfii-bot
7db2328b68 feat(hooks): session-end-dump calls kei-sleep-sync after ingest 2026-04-22 01:34:42 +08:00
Parfii-bot
9450ef0b95 feat(primitives): kei-sleep-setup wizard + kei-sleep-sync helper + trigger template 2026-04-22 01:34:42 +08:00
Parfii-bot
48b1a8cdcf Merge branch 'feat/v0.10-genesis-scan' — kei-memory + genesis-scan v0.10.0 reconciled 2026-04-22 01:04:32 +08:00
Parfii-bot
b9b95c3fb1 Merge branch 'feat/v0.10-session-self-audit' — kei-memory + RULE 0.14 + /self-audit + 3 trigger hooks 2026-04-22 01:02:11 +08:00
Parfii-bot
c436eb105d feat(integration): register genesis-scan in MANIFEST core+full + README + install.sh sizing 2026-04-22 01:01:56 +08:00
Parfii-bot
b18727b257 feat(hooks): git-pre-commit-genesis — template for repo symlink into .git/hooks/pre-commit 2026-04-22 01:01:56 +08:00
Parfii-bot
10bc799d26 feat(primitives): genesis-scan Rust — sensitive IP leak detector (CI/pre-commit) 
26 forbidden patterns synced with ~/.claude/hooks/genesis-leak-guard.sh.
7 exempt scopes (KeiLab/theory/ml-keilab chatlogs/keinet-cfc-eigen/keinet-gpu-wgpu).
CLI: --path, --staged, --stdin, --format=human|json|github-actions, --exit-on-hit.
Self-reference resolved via EXEMPT_SUBSTRINGS + tempfile fixtures with runtime-assembled strings.
7/7 tests pass.
 2026-04-22 01:01:56 +08:00
Parfii-bot
edeca916db feat(integration): wire kei-memory into MANIFEST + settings-snippet + README for v0.10 2026-04-22 00:50:04 +08:00
Parfii-bot
139d2f0325 feat(skills): /self-audit 5-phase triage pipeline 2026-04-22 00:50:04 +08:00
Parfii-bot
994c310fc4 feat(hooks): 3 self-audit triggers — stop/milestone/error-spike 2026-04-22 00:50:04 +08:00
Parfii-bot
040e189b80 feat(primitives): kei-memory Rust crate — offline session analyzer (Genesis-clean) 2026-04-22 00:50:04 +08:00
Parfii-bot
75bceaf3a6 Merge branch 'feat/v0.9.1-interactive-menu' — interactive installer menu 2026-04-21 23:11:58 +08:00
Parfii-bot
b1ce0609ee feat(install): interactive menu (whiptail/dialog/plain) + confirm screen + --yes/--no-execute 
- TUI via whiptail (preferred) or dialog; plain-text fallback with zero deps
- Install Plan confirm screen: primitives, soft-deps status (✓/✗), estimates
- Skip menu on --profile/--add/--remove/--list or non-TTY (CI-safe)
- --yes skips confirm; --no-execute dry-run
- install.sh 844 → 1195 LOC, 10 new functions all <30 LOC
- README +8 LOC Interactive install section
 2026-04-21 23:11:58 +08:00
Parfii-bot
9bcbf069d5 Merge branch 'feat/v0.9-modular-install' — modular installer + MANIFEST.toml (BREAKING: default is minimal, was full) 2026-04-21 23:00:32 +08:00
Parfii-bot
c5078f8918 docs(readme): install profiles table + migration note for v0.9.0 2026-04-21 23:00:32 +08:00
Parfii-bot
67d6f5a15a feat(install): modular profiles + --add/--remove/--list incremental install 
Default changed: ./install.sh now installs minimal (no primitives) — ~5s,
~2 MB. Old full behavior available via --profile=full.

Profiles: minimal / core / frontend / ops / dev / full.
Incremental: --add=name[,name] / --remove=name / --list.
Rust workspace scoped per install — only selected crates built.
 2026-04-21 23:00:32 +08:00
Parfii-bot
d75d782902 feat(primitives): MANIFEST.toml — SSoT for 21 primitives + 6 profiles 2026-04-21 23:00:32 +08:00
Parfii-bot
2796df2bf3 Merge branch 'integration/v0.8.0-globals' — README/install/settings/compose-solution refresh for v0.8.0 surface 2026-04-21 21:33:33 +08:00
Parfii-bot
7bffcdf037 docs(compose-solution): prior-art grep paths + phase-5 cross-refs for 10 pipelines + 21 primitives 2026-04-21 21:33:11 +08:00
Parfii-bot
7acacc8fb7 feat(install): copy _primitives/ + build Rust workspace; register agent-fork-logger + site-wysiwyd hooks 2026-04-21 21:33:11 +08:00
Parfii-bot
1b382b7fca feat(hooks): site-wysiwyd-check PostToolUse(Edit|Write) drift advisory 2026-04-21 21:33:11 +08:00
Parfii-bot
7b89aba305 docs(readme): v0.8.0 — 73 blocks / 34 skills / 21 primitives / 6 hooks / 11 bridges + pipelines section 2026-04-21 21:33:11 +08:00
Parfii-bot
c89352c87c Merge branch 'feat/frontend-v040' — 4 stacks + 3 Rust + 5 shell + 17 skills + /site-create (partial) 
Cargo.lock regenerated after 8-crate workspace merge.
 2026-04-21 21:17:19 +08:00
Parfii-bot
19850e1a45 Merge branch 'feat/v0.5-vm-security' — 7 blocks + 3 shell + 2 Rust + /vm-provision 
Workspace Cargo.toml reconciled: all 8 crates (kei-ledger, kei-migrate, kei-changelog, ssh-check, firewall-diff, mock-render, visual-diff, tokens-sync) as members.
 2026-04-21 21:15:49 +08:00
Parfii-bot
e5d565a11e Merge branch 'feat/v0.7-docs' — 5 blocks + kei-docs-scaffold + kei-changelog Rust + /docs-scaffold 2026-04-21 21:15:05 +08:00
Parfii-bot
f205a12348 Merge branch 'feat/v0.6-database' — 5 blocks + kei-migrate Rust + /schema-design 2026-04-21 21:14:50 +08:00
Parfii-bot
62e28450bc Merge branch 'feat/rule-0.12-agent-git-model' — kei-ledger Rust + hook + /new-project 2026-04-21 21:13:40 +08:00
Parfii-bot
0081bc8f46 Merge branch 'feat/v0.7-auth-iam' — 4 blocks + /auth-setup 2026-04-21 21:11:39 +08:00
Parfii-bot
6d382ee939 Merge branch 'feat/v0.7-api-design' — 4 blocks + /api-design 2026-04-21 21:11:17 +08:00
Parfii-bot
5d61866618 Merge branch 'feat/v0.6-cicd' — 4 blocks + kei-ci-lint + /ci-scaffold 2026-04-21 21:11:17 +08:00
Parfii-bot
40d11e7dac Merge branch 'feat/v0.7-testing-matrix' — 4 blocks + /test-matrix 2026-04-21 21:11:17 +08:00
Parfii-bot
7825e458b0 Merge branch 'feat/v0.6-observability' — 3 blocks + 2 primitives + /observability-setup 2026-04-21 21:11:17 +08:00
Parfii-bot
5d5362db3e feat(skills): /site-create pipeline (phases 0-4 — phases 5-6 deferred) 2026-04-21 21:08:14 +08:00
Parfii-bot
fd81aae515 feat(skills): port 17 generic frontend skills from ~/.claude/skills/ (a11y-audit, design-system, figma-to-code, form-builder, frontend-design, landing-page, motion-design, perf-audit, responsive-audit, scroll-animation, seo-audit, site-builder, site-teardown, ui-component, web-assets, web-deploy, web-effects) 2026-04-21 21:08:14 +08:00
Parfii-bot
8c60085862 feat(primitives): 5 shell primitives — design-scrape, live-preview, figma-tokens, frontend-inspect, screenshot-decode 2026-04-21 21:07:45 +08:00
Parfii-bot
ebf841c7d9 feat(primitives): 3 Rust cubes — mock-render, visual-diff, tokens-sync 2026-04-21 21:07:45 +08:00
Parfii-bot
c94646dd3c feat(blocks): stack-astro/react-vite/sveltekit/tailwind 2026-04-21 21:07:45 +08:00
Parfii-bot
2ba5754948 chore: gitignore _primitives/_rust/target 2026-04-21 21:07:45 +08:00
Parfii-bot
63b6b07c06 feat(skills): /docs-scaffold 5-phase pipeline 2026-04-21 21:01:28 +08:00
Parfii-bot
be20f5ba46 feat(primitives): kei-docs-scaffold shell + kei-changelog Rust 2026-04-21 21:01:28 +08:00
Parfii-bot
97d3fcb6ba feat(blocks): 5 documentation blocks — claude-md/decisions/runbook/readme/diagrams 2026-04-21 21:01:28 +08:00
Parfii-bot
eee5eecc20 feat(skills): /vm-provision 6-phase pipeline 
Hub-and-spoke skill:
- SKILL.md (index) + phase-1-select-provider, phase-2-plan,
  phase-3-provision, phase-4-harden, phase-5-verify, phase-6-handoff.

Pipeline: select provider → Plan Mode doc → provision (hetzner/vultr
primitives, SSH first-contact TOFU) → harden-base.sh over SSH →
ssh-check + firewall-diff HARD GATE → artefact ledger + optional
/web-deploy handoff.

Invariants:
- ≥ 6 AskUserQuestion calls (Phase 1×2, 2×1, 3×1, 4×1, 5×1).
- Hard gate: Phase 6 refuses to run unless ssh-check AND firewall-diff
  both exit 0. "Ignore and proceed" is BLOCKED by design.
- RULE 0.8 (secrets ENV-ref only), RULE 0.4 (cite provider specifics),
  RULE 0.5 (plan.md written to <run-dir>/plan.md before provisioning),
  RULE -1 (every failure branch returns 2-3 constructive paths).

Defensive-only — no scanning tools, no CVE probes, no third-party
attack-surface analysis. Every phase file ≤ 200 LOC per Constructor
Pattern.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-21 21:00:14 +08:00
Parfii-bot
521659bbfb feat(primitives): 2 Rust verification cubes 
- ssh-check — parse sshd_config + drop-ins, merge last-wins, lint against
  hardened baseline (pw-auth=no, root=prohibit-password, maxauthtries≤3,
  AllowUsers whitelist, no CBC ciphers, ETM MACs, no ssh-rsa host key).
  4 modules: main (clap CLI) + parse + rules + check. Tests: 9 pass
  (hardened baseline, password-auth-yes-fails, cbc-cipher-fails,
  allow-users-not-in-whitelist-fails, missing-required-fails, etc.).

- firewall-diff — diff intent YAML against `ufw status numbered` output.
  Defensive-only (never runs ufw). Stdin or --status-file input. Parses
  (v6) families, normalises "Anywhere"→"any". Exit 2 on any missing/
  extra rule. 4 modules: main + intent + ufw + diff. Tests: 8 pass
  (load-minimal-intent, exact-match-clean, missing-rule-surfaced,
  extra-live-rule-surfaced, inactive-ufw-fails, integration).

Workspace: clap 4 + serde + serde_yaml + serde_json. release opt-level=z,
LTO, strip. Constructor Pattern: largest file check.rs 213 LOC (93 non-
test); every function under 30 LOC.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-21 21:00:01 +08:00
Parfii-bot
969e24c6c4 feat(primitives): 3 shell provisioning + hardening 
- provision-hetzner.sh — idempotent hcloud wrapper; create/destroy/status/list
  * HCLOUD_TOKEN from ~/.claude/secrets/.env (RULE 0.8)
- provision-vultr.sh — idempotent vultr-cli wrapper; Vultr resolves IP async
  * VULTR_API_KEY from ~/.claude/secrets/.env (RULE 0.8)
- harden-base.sh — Debian/Ubuntu baseline; apt → ssh → ufw → fail2ban →
  auditd → unattended-upgrades; idempotent; ports generic patterns from
  vortex/control/setup/setup.sh:13-53 (no Xray/sing-box/WG steps)

All three reject unsupported platforms early; harden-base.sh never
auto-reboots (surfaces needrestart hints only).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-21 20:59:38 +08:00