Pre-public Phase 1. Remove personal/IP traces that should not ship in a
general-purpose kit; keep only intended author attribution.
- no-github-push.sh + hooks-and-blocks.md + ci-scaffold: drop "KeiTech
unfiled patent IP / trade secrets / priority date" wording; reword as a
generic opt-in guard for keeping code on a private remote.
- check-error-patterns.sh: remove author-local absolute path from the
tombstone comment.
- graph-export-watcher.sh: default viz dir to ~/.local/share/kei/graph-viz
(was a personal project path).
- agent manifests (cost-guardian, modal-runner, infra/ml/code-implementer)
+ ci.yml: strip private memory references and dated personal incidents;
keep the generic cost/ops lessons. Snapshots regenerated; golden 3/3.
Kept intentionally: author attribution (NOTICE / README / Cargo / plugin).
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Thin skill over the kei-message jsonl mailbox: /msg reads inbox, /msg @name text sends (identity = cwd basename), /msg all broadcasts, /msg list|who. send now accepts leading @name. Mirror of keigit 7b453aac.
Mirror of keigit 3aff0029. lib-hooks.sh apostrophe-in-jq closed the bash single-quote and broke every install (fixed). cortex-ui removed from profiles+menu; forgejo/zoekt source lib-launchd; portable kei-message id (BSD date fallback); non-TTY default minimal; install stamps .kei-profile; README hook count 54; web-install warns before discarding local edits in the managed clone.
Any Claude Code session can message any other (not just Agent-Teams teammates),
no tmux. Append-only jsonl bus + UserPromptSubmit hook pulling unread per turn.
kei-message.sh (send/inbox/list, address by cwd-basename or "all"),
mailbox-inject.sh (cursor dedup, first-turn baseline, no self-echo), bin/kei
`message` dispatch, lib-scaffold copies all scripts/*.sh, snippet wires the hook.
Bypass KEI_MAILBOX_BYPASS=1. Verified by 2-session simulation.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
SessionStart first-run hook now injects an ordered post-install checklist Claude
walks the user through: (1) /onboard projects → per-project agents,
(2) /sleep-setup → nightly REM (recommend local-only), (3) /cortex-setup (only
if cortex daemon installed). Confirm + run each, skippable. Fires once.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1. SessionStart hook first-run-onboard.sh: on first Claude Code session after
install, nudges user/Claude to run `/onboard ~/Projects/*` (scan stack +
create a project-specialist agent per project; delegates to /new-agent).
Fires once (marker), then silent. Wired in settings-snippet under SessionStart.
2. lib-summary next-steps: lead with /onboard ~/Projects/*, then /new-agent.
3. lib-hooks merge: normalize null/absent matcher → "" (Claude Code /doctor
rejects null; pre-kit hooks often lack a matcher field).
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
KEISEI ASCII logo (голубой) at install start; [install] prefix тёмно-жёлтый
(38;5;178); primitive names + language codes голубой (38;5;39); language names
тёмно-жёлтый. lib-log COLOR now enables under curl|bash (detect terminal via
[ -t 1 ] || /dev/tty — web-install tees stdout so -t 1 was false → colors off).
Color detection, not an interactivity gate. Verified piped-under-pty.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
PATH-wiring (~/.claude/bin, home of the `kei` entry-point) was gated on
`[ -t 0 ] && [ -t 1 ]`; curl|bash tees stdout so -t 1 is false → pathway skipped
→ `kei: command not found`. Same tee/-t1 trap as onboarding (this one in the
top-level install.sh). Eradicated across tree: install.sh, lib-menu.sh,
lib-wizard.sh all gate on [ -t 0 ]. Verified piped-under-pty.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Splash was cyan; rebrand to blue/yellow: sky-blue (38;5;39) logo + dim-blue
separators, gold (38;5;220) brand line + field values. Version v0.16→v0.38.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1. CRASH on word input (e.g. "claude") at any menu: $((ans-1)) under set -u →
"unbound variable" → install died. Added _onb_read_choice validation (all 4 menus).
2. Claude Code default: added claude-code subscription provider (kei-registries
submodule c559065→b904993), subscription default transport, claude-code default
provider — Enter,Enter,Enter → Claude Code, no API key.
3. install died at line 178 for no-key providers (claude-code/codex/local):
onboarding_run ended on a false `&&` → returned 1 → set -e. Added `return 0`.
Plus en+ru explanations and auto-select single-option steps. Verified piped-under-pty.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
curl|bash reads this script byte-by-byte from the pipe; a bare `exec < /dev/tty`
then made bash read the NEXT line (the bootstrap exec) from the keyboard →
infinite hang after "delegating", bootstrap never started. Fix: merge the
redirect into the bootstrap exec (one command). Verified piped-under-pty:
buggy=HANG, fixed=full install completes.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
web-install.sh tees stdout to a logfile, so -t 1 is false even in an interactive
curl|bash; the /dev/tty fix reattached only stdin. Wizard gates required BOTH
-t 0 and -t 1, so onboarding (language select) and bootstrap's profile wizard
were silently skipped on the primary install path. Prompts go to stderr and read
from stdin — interactive stdin is the only real requirement.
Gates: bootstrap.sh, lib-onboarding.sh (×2), lib-preflight.sh, lib-hooks.sh.
Non-interactive (CI / </dev/null) still skips — verified.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
E2E (curl install.keisei.app | bash, no controlling terminal) died at
`exec < /dev/tty` — "No such device or address". `[ -r /dev/tty ]` stat's
the path readable but the device can't be opened without a controlling
terminal (CI/cron/ssh non-interactive) — the documented `| bash -s -- --yes`
CI path. Now probes a real open via `{ : < /dev/tty; }` and reattaches only
on success; else proceeds non-interactively. Verified RC=0 end-to-end.
Root causes found by reproducing a clean install from keigit:
1. PROFILE_PRIMS resolved only inside check_prereqs → unbound for
--no-execute (plan showed 0 prims for every profile) and silently
empty for --skip-prereqs. Now resolved unconditionally in install.sh
before any reader (SSoT).
2. Every profile (even minimal, advertised "no Rust compile") fell back
to a 5-15 min `cargo build --workspace` because no prebuilt release
binaries exist. Auto-set KEI_SKIP_RUST for profiles with no rust
primitives → minimal installs in ~18s (assembler only). cargo stays a
hard prereq because the agent assembler always compiles.
3. The assembler aborted the WHOLE install on any single bad manifest
(set -e). generate_agents is now tolerant: bad manifests print FAIL
but hooks/skills/settings still land. Commit-time validate stays strict.
4. Data bugs that broke the assembler:
- duplicate [taxonomy] table in _roles/{auditor,merger}.toml
- fal-ai-runner handoff → keimd-expert (not shipped in kit)
- infra-implementer-cicd forbidden_domain literal `${{ secrets.NAME }}`
collided with assembler ${{ }} placeholder detection
5. Metadata: KeiSei84 (nonexistent GitHub org) → KeiSeiLab/KeiSeiKit-1.0
across plugin manifests, bootstrap, README, docs, Cargo/npm metadata.
.claude-plugin/{plugin,marketplace}.json 0.16.0 → 0.38.0. SECURITY.md
supported version 0.14.x → 0.38.x.
feat: ship KeiSei tamagotchi statusline into the kit
- scripts/keisei-pet{,-update}.sh (portable, state under ~/.claude/pet/)
- install copies them to ~/.claude/scripts/
- settings-snippet adds statusLine (set-if-absent, never clobbers an
existing one) + 4 pet-update hooks (prompt/rust_write/github_block/sleep)
Verified: clean minimal install RC=0, zero FAIL, 38 agents + 52 hooks +
68 skills, settings valid, statusLine wired, pet renders, idempotent re-run.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
gx10 fail при первой установке (фото юзера 2026-05-18):
jq: error: Could not open file /home/keisei/.claude/settings.json
[error] jq-merge produced invalid output; ... unchanged
[error] install failed at line 126; rolled back
Root cause:
backup_file() (install/lib-backup.sh:56) делал `mv target backup`,
затем activate_hooks() → _jq_merge_hooks() пыталась читать оригинал
target'а через jq — но оригинал уже унесён mv'ом, открыть нечего.
jq fail → rollback всей установки.
Fix: cp -a вместо mv (как уже сделано в backup_path() для директорий).
Атомарный безопасный бэкап; оригинал остаётся для jq, потом
_jq_merge_hooks атомарно переписывает его mv tmp → target.
CI run 26014515768 — `x86_64-apple-darwin` упал на webauthn-attestation-ca
→ openssl-sys 0.9.115: pkg-config не настроен для cross-compile
(macos-latest = arm64, target = x86_64).
Фикс: добавлен прямой dep `openssl-sys = { version = "0.9", features =
["vendored"] }` в kei-auth-webauthn — компилит openssl из исходников,
не требует системного. Транзитивно достаточно одного объявления feature
во всём workspace (Cargo unifies features).
CI v0.38.0 mcp-server билды все 5 упали на `bun install --frozen-lockfile`
с «lockfile had changes, but lockfile is frozen». В lockfile отставали:
- @keisei/mcp-server 0.14.0 → 0.14.6
- ajv 8.18.0 → 8.20.0
- express-rate-limit 8.3.2 → 8.4.1
- hono 4.12.14 → 4.12.16
Пересоздан `rm bun.lock && bun install` под bun 1.3.14 (тот же что в CI).
audit-2026-05-18 (соседняя сессия на gx10, 3 бага из 5 подтверждены):
#1 [HIGH] cortex profile сломан — kei-cortex depends on kei-router
path-dep'ом, а kei-router → kei-model. kei-model не было в
profile list, cargo build падал с «failed to read kei-model/
Cargo.toml». Добавил kei-model в cortex profile.
#3 [HIGH] cortex-ui отсутствует в репо — был в profile list, но
исходника нет ни в _primitives/_rust/, ни в _ts_packages/.
Удалил из profile.
#4 [MEDIUM] web-install.sh теряет /dev/tty — exec | tee + curl|bash
делают stdin pipe, wizard'у read нечего читать, onboarding падает
на первом prompt. Переподключаю stdin к /dev/tty перед exec
bootstrap.sh, если /dev/tty доступен.
#2 (linux-arm64 prebuild) — tag v0.38.0 не запушен на github, CI
release.yml не сработал. Требует RULE 0.1 triple-confirm.
#5 (non-TTY default = minimal) — уже корректно, install.sh:141
`PROFILE="${PROFILE:-minimal}"` + lib-menu.sh skip on non-TTY.
Авто-сгенерирован из _blocks/*.md по категориям префикса:
API / AUTH / CI / DB / DEPLOY / DOCS / DOMAIN / MODE / OBS /
PATH / RULE / SCRAPER / SECURITY / STACK / TEST + прочие.
Каждая запись: `name` — первая H1-строка файла.
Использование в _manifests/<agent>.toml:
blocks = ["baseline", "rule-pre-dev-gate", "api-anthropic", ...]
Assembler читает блоки из _blocks/, склеивает в финальный
_generated/<agent>.md. Новый блок = просто .md в _blocks/.
Регенерация INDEX.md — TODO build-index.sh скрипт (сейчас
сгенерирован вручную bash циклом).
