keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
218 commits 3 branches 11 tags 12 MiB
Commit graph

17 commits

Author SHA1 Message Date
Parfii-bot
4ccb1548a2 Merge refactor/v0.22-kei-store-async-backend — AsyncBackend trait + shared runtime 2026-04-22 21:06:50 +08:00
Parfii-bot
bc7e099697 refactor(v0.22): kei-store AsyncBackend trait + shared tokio runtime (Track B) 
Extracts an AsyncBackend trait in kei-store so future GCS/Azure/Bunny
backends implement 5 async fns, not re-invent the sync-over-tokio
bridge. Closes architect P1 + P2 findings.

NEW src/async_backend.rs (189 LOC):
  - trait AsyncBackend with get/put/list/list_recursive/delete/exists
  - AsyncBackendStore<B: AsyncBackend> — generic MemoryStore impl
    (sync-over-async via shared runtime)
  - shared_runtime() -> &'static Runtime via OnceLock
    (multi-thread, 2 workers, enable_io+enable_time)
  - path helpers (validate_rel, short_hash, is_manifest_key) moved
    here as single source of truth

NEW src/s3_cloud/backend.rs (120 LOC):
  - S3AsyncBackend impl of AsyncBackend — 5 async fns using the
    existing aws-sdk-s3::Client

MODIFIED src/s3_cloud/mod.rs (200 → 43 LOC):
  pub type S3CloudStore = AsyncBackendStore<S3AsyncBackend>;
  Thin re-export + inherent new(cfg) constructor.
  Doc-header documents the extension seam: 'adding GCS = impl 5 async fns'.

MODIFIED src/s3_cloud/keys.rs (66 → 40 LOC): compat shim — re-exports
  validate_rel / short_hash / is_manifest_key from async_backend.
  Old call-sites + 4 unit tests unchanged.

Deps: async-trait = 0.1 added under s3 feature; tokio now has
  rt-multi-thread feature too.

FIXES N=2 Store footgun: prior impl created a current_thread Runtime
  per instance — 2 instances in one process = 2 runtimes, block_on
  panic if caller is on another runtime. Shared multi-thread runtime
  via OnceLock means N instances all share 2 workers.

REAL VERIFICATION (agent-pasted):
  cargo check -p kei-store: clean
  cargo check -p kei-store --features s3: clean
  cargo test -p kei-store --release: 10+9+0 = 19 passed
  cargo test -p kei-store --features s3 --release: 38+9+6 = 53 passed
    (+7 vs baseline 46)

Tests added (7):
  async_backend::tests::shared_runtime_is_singleton
  async_backend::tests::validate_rel_rejects_absolute
  async_backend::tests::validate_rel_rejects_parent
  async_backend::tests::short_hash_deterministic
  async_backend::tests::is_manifest_key_matches_format
  s3_cloud::tests::async_backend_shared_runtime_handles_two_store_instances
  s3_cloud::tests::async_backend_runtime_is_multi_thread

Public API preserved: S3CloudStore::new / .branch / .current_branch /
  .key / .backend_name. Factory + integration tests untouched.

Pre-existing: list_inner 38 LOC (moved verbatim from mod.rs, not
  refactored per Core Rule 3).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-22 21:06:50 +08:00
Parfii-bot
5993f32146 feat(v0.22): FS warn + battle-test matrix + USB docs platform split (Track C) 
1. Filesystem type detection (architect P2 finding)
   _primitives/_rust/keisei/src/fs_type.rs (NEW, 103 LOC)
     - statfs(2)-based detection on unix (libc = '0.2' under
       [target.'cfg(unix)'.dependencies])
     - Recognizes exfat / msdos (FAT32) via f_fstypename on macOS,
       via f_type magic numbers on Linux (0x4d44, 0x2011bab0)
     - Windows stub returns Unknown (GetVolumeInformationW TBD)
     - warn_on_unsafe_fs(root) emits stderr warning on ExFat/Fat32
   brain.rs::load calls warn_on_unsafe_fs after canonicalize+symlink
     checks. Warning NOT fatal — user can opt into single-client use.

2. Battle-test matrix (architect P3 finding)
   tests/battle/Dockerfile.install-test-alpine (NEW)
     - alpine:3.19 + apk rust/cargo/pandoc
     - Exposes musl-vs-glibc issues in aws-sdk-s3, rusqlite, git2
   tests/battle/Dockerfile.install-test-debian (NEW)
     - debian:12 + rustup stable + pandoc
     - Default server distro, different apt structure from Ubuntu
   tests/battle/README.md rewritten — 3-distro matrix with run script

3. USB-BRAIN-GUIDE platform split
   docs/USB-BRAIN-GUIDE.md — restructured as TOC + platform-agnostic
     preamble + exFAT warning + cross-platform troubleshooting
   docs/USB-BRAIN-GUIDE-macos.md (NEW, 97 LOC) — Gatekeeper, diskutil,
     /Volumes, xattr -d com.apple.quarantine
   docs/USB-BRAIN-GUIDE-linux.md (NEW, 98 LOC) — /media/$USER,
     umount, ext4 recommended, systemd-udev auto-mount note
   docs/USB-BRAIN-GUIDE-windows.md (NEW, 115 LOC) — PowerShell
     Dismount-Volume, NTFS, FS-advisory Unknown caveat

REAL VERIFICATION (paste from agent):
  cargo check -p keisei: Finished (clean)
  cargo test -p keisei --release: 32 passed 0 failed (30 existing + 2 new)
  docker buildx outline: both new Dockerfiles parse

Constructor Pattern:
  fs_type.rs 103 LOC, brain.rs 198 LOC (at limit 200, held the line)
  All fns <30 LOC. Each USB guide sub-doc 97-115 LOC.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-22 20:56:42 +08:00
Parfii-bot
e5cd0d6790 feat(v0.21): kei-store real S3 backend behind opt-in 's3' feature flag 
Promotes S3 from MVP stub to functional via aws-sdk-s3. Default builds
unchanged (zero new deps). Feature flag ensures users who don't need
S3 don't pay the ~5MB binary / C-toolchain cost.

Cargo.toml: new [features] s3 = [...] gating 4 optional deps:
  aws-sdk-s3 = 1.130.0
  aws-config = 1.8.16 (with behavior-version-latest)
  tokio = 1.52.1 (current-thread runtime, no multi-threaded bloat)
  bytes = 1 (S3 body passthrough)

s3_cloud/ module (4 files, Constructor Pattern):
  mod.rs (190 LOC) — S3CloudStore + MemoryStore trait impl
  client.rs (81 LOC) — aws-config builder, KEI_STORE_S3_ENDPOINT
    override for R2 / Wasabi / MinIO / any S3-compat
  keys.rs (60 LOC) — path-traversal guard + DJB2 hash helper
  tests.rs (63 LOC) — builder + prefix + key-guard unit tests

Factory routing (factory.rs):
  with 's3' feature + bucket URL → S3CloudStore (real network)
  without 's3' feature → S3Store stub (existing MVP, preserved)

Security posture:
  - Branch-prefix isolation rejects  traversal at keys.rs layer
  - aws-config default credential chain (env → ~/.aws → IMDS);
    no bespoke credential handling
  - rustls, not OpenSSL (matches existing crate tree)

Tests: 22 existing + 11 new (4 keys + 3 client + 5 mod + 5 smoke)
  cargo test -p kei-store (default features): 9 passed
  cargo test -p kei-store --features s3: 22 + 9 + 5 = 36 passed
  cargo clippy -p kei-store --features s3: clean

Real stdout verified for all verify criteria. No fabrication.

MANIFEST.toml [primitive.kei-store] deps updated to reflect feature
opt-in model.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-22 17:59:11 +08:00
Parfii-bot
d32ca0bc28 fix(v0.19): audit hardening — 3 security HIGH + 3 critic HIGH + 2 critic MEDIUM 
Closes consolidated findings from wave-audit (critic + security + architect):

SECURITY HIGH:
  H1 path escape — Brain::load rejects absolute mcp_server paths +
    any containing '..'; canonicalize + starts_with(root) assertion;
    new Error::PathEscape variant.
  H2 brain name validation + clobber refuse — regex ^[a-z][a-z0-9_-]{0,63}$
    enforced at Brain::load; adapters refuse to overwrite existing
    mcpServers[name] with NameConflict (unless same content).
  H3 symlink reject at canonicalize — std::fs::symlink_metadata()
    called before canonicalize; Error::BrainIsSymlink with resolved
    target path; prevents USB → $HOME pivot.

CRITIC HIGH:
  #1 rusqlite dep deleted (zero uses in src/, pulls C toolchain).
  #3 BrainPaths memory/artifacts/manifests now Option<String>
    (only mcp_server required; schema no longer lies about contract).

CRITIC MEDIUM:
  #1 _primitives/_rust/keisei/src/paths.rs (new, 23 LOC) — SSoT for
    $KEISEI_HOME/$HOME resolver; config.rs and claude_code.rs
    delegate instead of duplicating 7-line block.
  #2 canonicalize error preserves io::Error via new Error::BrainLoad
    { path, source } with #[source] attribute.
  #5 fsx::write_atomic_json rewrite via tempfile::NamedTempFile
    + persist — Windows-safe, cross-fs-fallback handling.

New module split (Constructor Pattern): brain.rs (104 → 122) now a
thin orchestrator over brain_validate.rs (108 LOC) which owns
symlink-reject / canonicalize-root / read-manifest / validate-schema
/ validate-name / check-relative-in-root / canonicalize-in-root.

Deps: regex = { workspace = true }, tempfile = "3" (runtime).
Workspace-level regex = "1.10" added.
MANIFEST.toml [primitive.keisei] deps updated.

Tests: 11 pre-existing + 5 adversarial:
  - manifest_with_absolute_mcp_server_rejected — proves /usr/bin/python3
    CANNOT land in settings.json (PathEscape + marker absent asserts)
  - manifest_with_parent_traversal_rejected — ../../etc/passwd rejected
  - manifest_with_invalid_name_rejected — 'claude-ide!' rejected
  - brain_path_is_symlink_rejected — USB → $HOME pivot blocked
  - attach_refuses_to_clobber_existing_mcp_entry — NameConflict on diff

All 16 pass.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-22 16:36:11 +08:00
Parfii-bot
e6cab72587 feat(v0.19): multi-client adapters + detach/mount/list-adapters + schema v2 
Extends keisei CLI from single-client (v0.18) to multi-client exobrain:
new subcommands detach/mount/list-adapters, 3 new adapters (Cursor,
Continue, Zed), schema v2 for ~/.claude/keisei-attached.toml with
[[attachments]] array (v1 backward-compat via untagged serde).

New subcommands:
  detach — iterate marker attachments, call adapter.detach() on each,
    then delete marker. Real strip of mcpServers entry per adapter.
  mount <brain> — auto-attach to ALL detected clients in one call.
  list-adapters — tabular status (name / detected / config path).

New adapters (each <130 LOC mirrors claude_code.rs pattern):
  adapters/cursor.rs — .cursor/mcp.json project-local, fallback
    ~/.cursor/mcp.json global.
  adapters/continue_adapter.rs — ~/.continue/config.json with
    experimental.modelContextProtocolServers key.
  adapters/zed.rs — ~/.config/zed/settings.json (Linux) or
    ~/Library/Application Support/Zed/settings.json (macOS) with
    context_servers key. Zed schema marked [UNVERIFIED] pending docs.

Schema v2 (~/.claude/keisei-attached.toml):
  [[attachments]]
  client_type = "claude-code"
  config_path = "/Users/.../.claude/settings.json"
  [[attachments]]
  client_type = "cursor"
  config_path = "/Users/.../proj/.cursor/mcp.json"

v1 marker migration: untagged serde accepts legacy client_type=string,
upgrades to single-entry attachments[] on next write.

Tests: 5 (v0.18) + 6 new = 11 integration tests, all pass:
  - attach_then_status_happy_path
  - attach_missing_manifest_errors
  - attach_unsupported_schema_errors
  - status_without_attach_is_clean
  - attach_writes_marker_with_expected_fields
  - mount_with_claude_code_only_detected (new)
  - mount_with_no_client_detected (new)
  - detach_round_trip (new)
  - detach_preserves_other_mcp_servers (new)
  - list_adapters_prints_expected_rows (new)
  - schema_v1_to_v2_migration (new)

Known issues (defer to follow-up commit):
  - CRITIC HIGH#1: rusqlite declared but unused
  - CRITIC HIGH#3: BrainPaths fields required but only mcp_server used
  - SECURITY H1/H2/H3: brain path/name not validated before writing
    into client config — will be addressed before tagging v0.19.0

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-22 16:04:45 +08:00
Parfii-bot
59725ae021 Merge branch 'feat/v0.15-artifact-handoff' — kei-artifact typed handoff pipeline 
# Conflicts:
#	_primitives/MANIFEST.toml
 2026-04-22 14:15:17 +08:00
Parfii-bot
24c584ee50 fix: remove genesis-scan from public kit (internal tool, Bundle-only) 
Per user decision: publishing the sensitive IP pattern blocklist via public
scanner is leak of the blocklist itself (attack surface). genesis-scan
remains in PROJECT-E (private); user-global
~/.claude/hooks/genesis-leak-guard.sh (runtime hook) separate.

Deleted:
- _primitives/_rust/genesis-scan/ (whole crate, 5 files)
- hooks/git-pre-commit-genesis.sh (scanner companion)

Modified:
- workspace Cargo.toml -1 member (24→23)
- MANIFEST.toml — removed [primitive.genesis-scan] + core/full profile refs
- .github/workflows/ci.yml — removed genesis-scan job
- README.md — 7 count/description edits (24→23 rust, 10→9 hooks, 37→36 full)
- install.sh — 5 edits (--help + menus)
- mcp-server tool-registry.ts + test — scanner removed from MCP surface
- kei-sleep-queue.sh — removed scan_prompt() pre-submit hook
- 2 sleep-on-it skill phases — removed genesis-scan references

Tests: 160 Rust (was 167, -7 genesis-scan tests as expected), 24 assembler unchanged.
 2026-04-22 14:11:22 +08:00
Parfii-bot
537589e6a7 feat(primitives): kei-artifact typed handoff pipeline (BMAD-style doc passthrough) 
- kei-artifact Rust crate (25th): schema registry + artifact store + SHA-256 id + chain walker
- 5 schemas (JSON Schema 2020-12 strict): spec / plan / patch / review / research
- Manifest extension: optional produces_artifact + expects_artifact per handoff (non-breaking)
- Validator extension: KNOWN_ARTIFACT_SCHEMAS whitelist check + 4 new tests
- 3 kei-* manifests updated with typed handoff (architect→code-implementer→critic chain)
- compose-solution phase-5 cross-ref to kei-artifact

Tests: 189 Rust workspace (was 167, +22 artifact tests) + 24 assembler (was 20, +4 validator tests)
 2026-04-22 14:10:08 +08:00
Parfii-bot
adc007b7b0 feat(primitives): 10 Rust crates extracted from LBM (Genesis-scrubbed) 
- kei-router — keyword-dispatch meta-tool (CfC ML fallback removed)
- kei-sage — Obsidian-style knowledge graph, FTS5 + BFS + PageRank
- kei-task — task DAG with deps, milestones, dependency-chain queries
- kei-chat-store — Claude conversation session persistence + FTS search
- kei-crossdomain — typed-edge store + BFS cross-domain glue
- kei-search-core — 3-wave deep research with microcent budget cap
- kei-content-store — asset + prompt + campaign registry
- kei-social-store — people + interactions CRM (lite)
- kei-curator — edge-decay graph hygiene utility
- kei-auth — multi-tenant session tokens (replaces single-bearer)

Genesis-scan pre-import pass: skipped pkg/mxl1/*, pkg/inference/*, pkg/trainer/*,
pkg/nc01/*, internal/ml/* (all Genesis/CfC adjacent, sensitive IP).
Security: skipped tools_threat/radio/protocol/med/mlreg (offensive/banned).
Domain verticals skipped: hr/legal/infra/ops/api/osint/edu/geo/hw/finance.

New 'mcp' profile in MANIFEST.toml bundles all 10 for MCP server deployment.

Workspace now 24 crates, cargo check --workspace clean, 94 workspace tests pass.
 2026-04-22 12:48:56 +08:00
Parfii-bot
19ee220e0a feat(primitives): 4 Rust crates for deep-sleep — conflict-scan, refactor-engine, graph-check, store 
- kei-conflict-scan: rules/hooks/blocks/orphans/CP detection (6 tests)
- kei-refactor-engine: plan-mode + advisory patch format, zero-conflict guarantee (5 tests)
- kei-graph-check: wikilinks/handoffs/block-refs validator (4 tests)
- kei-store: trait + 5 backends (filesystem/github/forgejo/gitea prod, s3 stub) (8 tests)

1916 LOC Rust total; all files <200 LOC; 23/23 tests pass.
 2026-04-22 08:28:22 +08:00
Parfii-bot
48b1a8cdcf Merge branch 'feat/v0.10-genesis-scan' — kei-memory + genesis-scan v0.10.0 reconciled 2026-04-22 01:04:32 +08:00
Parfii-bot
10bc799d26 feat(primitives): genesis-scan Rust — sensitive IP leak detector (CI/pre-commit) 
26 forbidden patterns synced with ~/.claude/hooks/genesis-leak-guard.sh.
7 exempt scopes (KeiLab/theory/ml-keilab chatlogs/keinet-cfc-eigen/keinet-gpu-wgpu).
CLI: --path, --staged, --stdin, --format=human|json|github-actions, --exit-on-hit.
Self-reference resolved via EXEMPT_SUBSTRINGS + tempfile fixtures with runtime-assembled strings.
7/7 tests pass.
 2026-04-22 01:01:56 +08:00
Parfii-bot
040e189b80 feat(primitives): kei-memory Rust crate — offline session analyzer (Genesis-clean) 2026-04-22 00:50:04 +08:00
Parfii-bot
c89352c87c Merge branch 'feat/frontend-v040' — 4 stacks + 3 Rust + 5 shell + 17 skills + /site-create (partial) 
Cargo.lock regenerated after 8-crate workspace merge.
 2026-04-21 21:17:19 +08:00
Parfii-bot
ebf841c7d9 feat(primitives): 3 Rust cubes — mock-render, visual-diff, tokens-sync 2026-04-21 21:07:45 +08:00
Parfii-bot
521659bbfb feat(primitives): 2 Rust verification cubes 
- ssh-check — parse sshd_config + drop-ins, merge last-wins, lint against
  hardened baseline (pw-auth=no, root=prohibit-password, maxauthtries≤3,
  AllowUsers whitelist, no CBC ciphers, ETM MACs, no ssh-rsa host key).
  4 modules: main (clap CLI) + parse + rules + check. Tests: 9 pass
  (hardened baseline, password-auth-yes-fails, cbc-cipher-fails,
  allow-users-not-in-whitelist-fails, missing-required-fails, etc.).

- firewall-diff — diff intent YAML against `ufw status numbered` output.
  Defensive-only (never runs ufw). Stdin or --status-file input. Parses
  (v6) families, normalises "Anywhere"→"any". Exit 2 on any missing/
  extra rule. 4 modules: main + intent + ufw + diff. Tests: 8 pass
  (load-minimal-intent, exact-match-clean, missing-rule-surfaced,
  extra-live-rule-surfaced, inactive-ufw-fails, integration).

Workspace: clap 4 + serde + serde_yaml + serde_json. release opt-level=z,
LTO, strip. Constructor Pattern: largest file check.rs 213 LOC (93 non-
test); every function under 30 LOC.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-21 21:00:01 +08:00