Constructor Pattern fix replacing v0.47-v0.48 patch series. The "is the
user interactive?" logic was previously duplicated across 15+ places:
bootstrap.sh x4 ([ -t 0 ] gates on profile/onboard/launch/etc)
install.sh x1 (PATH wiring decision)
install/lib-hooks.sh (activate-hooks prompt)
install/lib-plan.sh (auto-confirm gate)
install/lib-menu.sh (skip-menu gate)
install/lib-wizard.sh (sleep-wizard gate)
install/lib-onboarding.sh x2 (onboarding_should_run + preflight retry)
install/lib-preflight.sh (install-tool prompt)
Every duplicated check was a chance to get curl|bash semantics wrong.
v0.47 used `[ -t 1 ]` (broke under tee'd stdout). v0.48 used `[ -t 0 ]`
(broke under curl pipe stdin). Each fix was a patch on top of the same
architectural defect: scattered truth.
ARCHITECTURAL FIX (Rule Zero — 1 cube = 1 responsibility):
scripts/kei-prompt.sh (NEW, ~110 LOC, public API):
kei_is_interactive → 0 if user is at a terminal, 1 if headless
kei_prompt Q [DEFAULT] → answer or default to stdout
kei_prompt_yn Q [Y|N] → exit 0=yes, 1=no, with [Y/n] hint
kei_prompt_secret Q → no-echo input (tokens, keys)
Truth signal: /dev/tty accessibility, with [ -t 0 ] as second-choice
fallback. KEI_NONINTERACTIVE=1 for CI override. Same contract as the
inline rules — now in ONE place.
bootstrap.sh + install.sh: source the cube at the top, with self-
contained inline fallback (mirrors the kei_is_interactive contract
only) so they remain self-bootable even if scripts/ is missing.
All 15+ inline gates replaced with `kei_is_interactive` calls.
All 3 `read -r -p` prompts in installer cubes replaced with
`kei_prompt` / `kei_prompt_yn`.
Existing copy_pet_scripts() in lib-scaffold.sh installs scripts/*.sh
into ~/.claude/scripts/ automatically — no install logic change needed.
WHAT THIS PREVENTS:
- Next time someone writes a prompt in installer code, the only path
is `kei_prompt`. They CANNOT accidentally type `[ -t 0 ]` because
there is no `[ -t 0 ]` to copy-paste anymore (except inside the
cube itself).
- The v2 tty-interactivity-gate-guard.sh hook (added 2026-05-27)
becomes a regression net rather than the first line of defence.
- Two real install incidents this month (May 2026, 7 prompts each)
do not happen a third time.
VERIFIED:
- Syntax check passes on all 9 modified files + new cube.
- Primitive functions smoke-tested across 8 cases: headless,
KEI_NONINTERACTIVE override, default fallback, yn convenience,
re-source guard, /dev/tty available, /dev/tty open() fails.
- 2 remaining [ -t 0 ] in tree: BOTH inside kei_is_interactive
fallback in bootstrap.sh + install.sh (single-source contract,
not patches).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
INCIDENT: user installed via curl|bash and reported "kei did not auto-launch".
Root cause: under curl|bash, stdin is the pipe from curl. Every interactive
gate `[ -t 0 ]` returned FALSE, silently skipping FIVE places:
install/lib-i18n.sh language picker
install/lib-preflight.sh preflight checks
install/lib-hooks.sh hook activation prompt
install/lib-wizard.sh sleep wizard
install.sh:270 PATH wiring
bootstrap.sh kei-onboard primary CLI picker
bootstrap.sh launch prompt "запустить kei сейчас?"
Per rules/tty-interactivity-gate.md the rule is "gate on stdin, never stdout"
— and we did. But under curl|bash BOTH are non-tty. /dev/tty is the only
reliable signal that the user is interactive.
FIX: in bootstrap.sh, ONCE, before invoking install.sh:
if [ -r /dev/tty ] && [ -w /dev/tty ]; then
exec </dev/tty
fi
This redirects bootstrap.sh's OWN stdin to /dev/tty. Every child process
inherits it via fork — install.sh, lib-*.sh, kei-onboard.sh, kei-pick.sh,
kei-mcp-wire.sh — and their `[ -t 0 ]` gates now correctly report true.
Headless / CI / nohup (no /dev/tty) → skipped, gates stay false, no prompts.
Simplified the v0.47 onboarding + launch-prompt blocks: they no longer
need have_tty() or explicit </dev/tty redirects on read — the global
reattach handles it cascadally.
Smoke-tested 2 of 3 paths (curl|bash via `echo "" | bash script.sh` ✓;
plain bash needs real TTY which Claude Code sandbox doesn't provide;
headless needs setsid which is Linux-only). Logic verified.
Version bump v0.47 → v0.48 because behaviour materially changes for every
curl|bash user (5 prompts now fire that were silently skipped).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
User feedback: "if there's a lot of requests, we'll make a native Windows
version". Soften the "not on the roadmap" framing in both README Platforms
section and bootstrap.sh's bare-Windows guidance.
- README: rephrase to "demand-driven. WSL gives 100% coverage today with
0 code duplication. If you want a native .ps1 port, open / 👍 an issue.
Once demand is real, we'll build it."
- bootstrap.sh: same softening — point users to the issues tracker so
Windows-native demand becomes visible. WSL still recommended as the
no-wait path that works today.
No version bump (docs-only, behaviour unchanged for all OS paths).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Two related changes to make Windows users hit a useful message instead of
"unsupported OS: MINGW64_NT-10.0...; exit 1":
1. bootstrap.sh — WSL2 detection + Git Bash guidance:
- If uname=Linux + /proc/version contains "Microsoft" or "WSL" → mark
as WSL2, log it, continue as Linux. Full substrate works.
- If uname matches MINGW*/MSYS*/CYGWIN* (Git Bash on bare Windows) →
print step-by-step WSL2 setup guide:
* PowerShell admin: wsl --install -d Ubuntu
* Reboot, launch Ubuntu, re-run bootstrap.sh inside it
+ MCP-only fallback mention (kei-mcp-server-windows-x64.exe in releases).
+ Best-effort: copy "wsl --install -d Ubuntu" to Windows clipboard
via clip.exe (Git Bash has it), so user can paste into PowerShell.
- Anything else → friendly "supported: Darwin / Linux / WSL2" message.
2. install.sh — same 3-way OS guard added at top, before any lib-*.sh
sourcing. Catches users who skip bootstrap.sh and run ./install.sh
directly on Git Bash; gives them the same WSL guidance.
Smoke-tested all 5 OS branches (Darwin / Linux / WSL2 / MINGW64 / Haiku):
each takes the right path. Zero behavioural change on macOS / Linux.
This complements the v0.47 README Platforms section — UX side of the
honest answer "Windows works via WSL2; native PowerShell port not on
roadmap".
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1. Splash (bin/kei) — благородная насыщенная жёлто-бронзовая drop-shadow
on the KEISEI ASCII art:
- New CS color: \033[1;38;5;130m (noble saturated bronze-gold).
- Shadow block printed FIRST (6 lines, offset +2 cols right).
- \e[7A cursor-up returns to start; blue art overwrites where they overlap.
- Visible shadow: right-edge 2-col tail on blue rows 2-6 + full
shadow row 6 standalone (offset down-right).
- TTY-gated: no terminal → no shadow, no colors (existing fallback).
2. bootstrap.sh — post-install launch prompt:
"Запустить kei сейчас? [Y/n]" at the very end, after all install +
onboarding + next-steps text. Default Y on Enter.
- Stdin-TTY gate only (rule: tty-interactivity-gate.md — `-t 1` would
falsely skip under curl|bash because the bootstrap log tees stdout).
- Reads from /dev/tty explicitly so curl|bash piped install still works.
- KEI_NO_AUTORUN=1 env opt-out for CI / scripts.
3. README — Platforms section: honest Windows status.
- macOS + Linux: fully supported.
- Windows: substrate is Bash-only; WSL2 recommended path; MCP-server
binary (.exe) ships in releases for MCP-only mode; native PowerShell
port NOT on roadmap (WSL gives 100% coverage with 0 code duplication).
4. v0.47 version bumps: plugin.json + bin/kei splash + README counts header.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Old intro talked about 'MCP bridges generate context for Cursor/Continue/...'
which was outdated and missed everything shipped in v0.40–v0.45:
- 5 LLM CLIs unified (Claude / Grok / Gemini / Copilot / Kimi)
- Sub-agents on any backend via spawn_agent MCP tool
- 3-tier policy enforcement (TIER 1/2/3)
- Three-phase sleep (A/B/C)
- Native token streaming pass-through
Also removed [REAL: shell-cmd] hygiene markers from user-facing text
(those belong in author tooling, not the README).
Author & collaboration section emptied to a TODO comment so the user
can write their own annotation (per their explicit request).
Pre-public Phase 1. Remove personal/IP traces that should not ship in a
general-purpose kit; keep only intended author attribution.
- no-github-push.sh + hooks-and-blocks.md + ci-scaffold: drop "KeiTech
unfiled patent IP / trade secrets / priority date" wording; reword as a
generic opt-in guard for keeping code on a private remote.
- check-error-patterns.sh: remove author-local absolute path from the
tombstone comment.
- graph-export-watcher.sh: default viz dir to ~/.local/share/kei/graph-viz
(was a personal project path).
- agent manifests (cost-guardian, modal-runner, infra/ml/code-implementer)
+ ci.yml: strip private memory references and dated personal incidents;
keep the generic cost/ops lessons. Snapshots regenerated; golden 3/3.
Kept intentionally: author attribution (NOTICE / README / Cargo / plugin).
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Thin skill over the kei-message jsonl mailbox: /msg reads inbox, /msg @name text sends (identity = cwd basename), /msg all broadcasts, /msg list|who. send now accepts leading @name. Mirror of keigit 7b453aac.
Mirror of keigit 3aff0029. lib-hooks.sh apostrophe-in-jq closed the bash single-quote and broke every install (fixed). cortex-ui removed from profiles+menu; forgejo/zoekt source lib-launchd; portable kei-message id (BSD date fallback); non-TTY default minimal; install stamps .kei-profile; README hook count 54; web-install warns before discarding local edits in the managed clone.
Any Claude Code session can message any other (not just Agent-Teams teammates),
no tmux. Append-only jsonl bus + UserPromptSubmit hook pulling unread per turn.
kei-message.sh (send/inbox/list, address by cwd-basename or "all"),
mailbox-inject.sh (cursor dedup, first-turn baseline, no self-echo), bin/kei
`message` dispatch, lib-scaffold copies all scripts/*.sh, snippet wires the hook.
Bypass KEI_MAILBOX_BYPASS=1. Verified by 2-session simulation.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
SessionStart first-run hook now injects an ordered post-install checklist Claude
walks the user through: (1) /onboard projects → per-project agents,
(2) /sleep-setup → nightly REM (recommend local-only), (3) /cortex-setup (only
if cortex daemon installed). Confirm + run each, skippable. Fires once.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1. SessionStart hook first-run-onboard.sh: on first Claude Code session after
install, nudges user/Claude to run `/onboard ~/Projects/*` (scan stack +
create a project-specialist agent per project; delegates to /new-agent).
Fires once (marker), then silent. Wired in settings-snippet under SessionStart.
2. lib-summary next-steps: lead with /onboard ~/Projects/*, then /new-agent.
3. lib-hooks merge: normalize null/absent matcher → "" (Claude Code /doctor
rejects null; pre-kit hooks often lack a matcher field).
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
KEISEI ASCII logo (голубой) at install start; [install] prefix тёмно-жёлтый
(38;5;178); primitive names + language codes голубой (38;5;39); language names
тёмно-жёлтый. lib-log COLOR now enables under curl|bash (detect terminal via
[ -t 1 ] || /dev/tty — web-install tees stdout so -t 1 was false → colors off).
Color detection, not an interactivity gate. Verified piped-under-pty.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
PATH-wiring (~/.claude/bin, home of the `kei` entry-point) was gated on
`[ -t 0 ] && [ -t 1 ]`; curl|bash tees stdout so -t 1 is false → pathway skipped
→ `kei: command not found`. Same tee/-t1 trap as onboarding (this one in the
top-level install.sh). Eradicated across tree: install.sh, lib-menu.sh,
lib-wizard.sh all gate on [ -t 0 ]. Verified piped-under-pty.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Splash was cyan; rebrand to blue/yellow: sky-blue (38;5;39) logo + dim-blue
separators, gold (38;5;220) brand line + field values. Version v0.16→v0.38.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1. CRASH on word input (e.g. "claude") at any menu: $((ans-1)) under set -u →
"unbound variable" → install died. Added _onb_read_choice validation (all 4 menus).
2. Claude Code default: added claude-code subscription provider (kei-registries
submodule c559065→b904993), subscription default transport, claude-code default
provider — Enter,Enter,Enter → Claude Code, no API key.
3. install died at line 178 for no-key providers (claude-code/codex/local):
onboarding_run ended on a false `&&` → returned 1 → set -e. Added `return 0`.
Plus en+ru explanations and auto-select single-option steps. Verified piped-under-pty.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
curl|bash reads this script byte-by-byte from the pipe; a bare `exec < /dev/tty`
then made bash read the NEXT line (the bootstrap exec) from the keyboard →
infinite hang after "delegating", bootstrap never started. Fix: merge the
redirect into the bootstrap exec (one command). Verified piped-under-pty:
buggy=HANG, fixed=full install completes.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
web-install.sh tees stdout to a logfile, so -t 1 is false even in an interactive
curl|bash; the /dev/tty fix reattached only stdin. Wizard gates required BOTH
-t 0 and -t 1, so onboarding (language select) and bootstrap's profile wizard
were silently skipped on the primary install path. Prompts go to stderr and read
from stdin — interactive stdin is the only real requirement.
Gates: bootstrap.sh, lib-onboarding.sh (×2), lib-preflight.sh, lib-hooks.sh.
Non-interactive (CI / </dev/null) still skips — verified.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
E2E (curl install.keisei.app | bash, no controlling terminal) died at
`exec < /dev/tty` — "No such device or address". `[ -r /dev/tty ]` stat's
the path readable but the device can't be opened without a controlling
terminal (CI/cron/ssh non-interactive) — the documented `| bash -s -- --yes`
CI path. Now probes a real open via `{ : < /dev/tty; }` and reattaches only
on success; else proceeds non-interactively. Verified RC=0 end-to-end.
Root causes found by reproducing a clean install from keigit:
1. PROFILE_PRIMS resolved only inside check_prereqs → unbound for
--no-execute (plan showed 0 prims for every profile) and silently
empty for --skip-prereqs. Now resolved unconditionally in install.sh
before any reader (SSoT).
2. Every profile (even minimal, advertised "no Rust compile") fell back
to a 5-15 min `cargo build --workspace` because no prebuilt release
binaries exist. Auto-set KEI_SKIP_RUST for profiles with no rust
primitives → minimal installs in ~18s (assembler only). cargo stays a
hard prereq because the agent assembler always compiles.
3. The assembler aborted the WHOLE install on any single bad manifest
(set -e). generate_agents is now tolerant: bad manifests print FAIL
but hooks/skills/settings still land. Commit-time validate stays strict.
4. Data bugs that broke the assembler:
- duplicate [taxonomy] table in _roles/{auditor,merger}.toml
- fal-ai-runner handoff → keimd-expert (not shipped in kit)
- infra-implementer-cicd forbidden_domain literal `${{ secrets.NAME }}`
collided with assembler ${{ }} placeholder detection
5. Metadata: KeiSei84 (nonexistent GitHub org) → KeiSeiLab/KeiSeiKit-1.0
across plugin manifests, bootstrap, README, docs, Cargo/npm metadata.
.claude-plugin/{plugin,marketplace}.json 0.16.0 → 0.38.0. SECURITY.md
supported version 0.14.x → 0.38.x.
feat: ship KeiSei tamagotchi statusline into the kit
- scripts/keisei-pet{,-update}.sh (portable, state under ~/.claude/pet/)
- install copies them to ~/.claude/scripts/
- settings-snippet adds statusLine (set-if-absent, never clobbers an
existing one) + 4 pet-update hooks (prompt/rust_write/github_block/sleep)
Verified: clean minimal install RC=0, zero FAIL, 38 agents + 52 hooks +
68 skills, settings valid, statusLine wired, pet renders, idempotent re-run.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
gx10 fail при первой установке (фото юзера 2026-05-18):
jq: error: Could not open file /home/keisei/.claude/settings.json
[error] jq-merge produced invalid output; ... unchanged
[error] install failed at line 126; rolled back
Root cause:
backup_file() (install/lib-backup.sh:56) делал `mv target backup`,
затем activate_hooks() → _jq_merge_hooks() пыталась читать оригинал
target'а через jq — но оригинал уже унесён mv'ом, открыть нечего.
jq fail → rollback всей установки.
Fix: cp -a вместо mv (как уже сделано в backup_path() для директорий).
Атомарный безопасный бэкап; оригинал остаётся для jq, потом
_jq_merge_hooks атомарно переписывает его mv tmp → target.
