keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
160 commits 3 branches 11 tags 12 MiB
Commit graph

160 commits

This branch
This branch
All branches
Author SHA1 Message Date
Parfii-bot
e6c79e2495 Merge feat/v0.16-plugin-format — Anthropic plugin + own marketplace 2026-04-22 15:13:05 +08:00
Parfii-bot
3e792d169d Merge feat/v0.16-changelog-gen — Keep-a-Changelog + release workflow 2026-04-22 15:13:05 +08:00
Parfii-bot
1c633f0616 Merge feat/v0.16-install-split — install.sh cube refactor 2026-04-22 15:13:05 +08:00
Parfii-bot
95cacc5ffd Merge fix/v0.15.1-critical — RED-1 CVE hotfix 2026-04-22 15:12:57 +08:00
Parfii-bot
164c521936 feat(v0.16): Anthropic plugin format + own marketplace 
Makes KeiSeiKit installable both as classic kit AND as an
Anthropic Claude Code plugin.

.claude-plugin/plugin.json — plugin manifest (name, version,
description, author OBJECT per schema, repository, license)
.claude-plugin/marketplace.json — own marketplace declaration
(owner OBJECT per schema, plugins[].source OBJECT)
.claude-plugin/mcp-template.json — template for .mcp.json (actual
.mcp.json write is blocked by hook; user copies template manually)
PLUGIN.md — dual-install docs (plugin vs classic)
hooks/hooks.json — uses ${CLAUDE_PLUGIN_ROOT} (per Anthropic
schema, NOT ${PLUGIN_ROOT}); wraps hooks under top-level
"hooks": {...} key

Schema corrections caught during agent validation:
  - marketplace.json owner MUST be object (not string)
  - hooks.json requires "hooks": {...} top-level wrapper
  - env var is ${CLAUDE_PLUGIN_ROOT} not ${PLUGIN_ROOT}

Companion edits in install-split bundle: install/lib-args.sh
gains an 8-line plugin-first banner in print_help() directing
users toward the plugin install path as recommended default.

Dual-install strategy: users can pick
  - `claude plugin marketplace add <url>` then install — latest
    and iteration-friendly (this PR enables it)
  - classic ./install.sh — legacy kit path, full 37-primitive
    control

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-22 15:10:15 +08:00
Parfii-bot
d97afb63ec feat(v0.16): CHANGELOG + tag-driven release workflow 
Keep-a-Changelog format. 12 sections: [Unreleased] + 11 real
releases v0.8.0..v0.15.0, every bullet with real git SHA pulled
via git log --no-merges. 150 LOC.

.github/workflows/release.yml — 3 jobs, triggered on tag push:
  build-release: 4-platform matrix
    - x86_64-unknown-linux-gnu
    - aarch64-unknown-linux-gnu (continue-on-error)
    - x86_64-apple-darwin
    - aarch64-apple-darwin
    Builds entire _primitives/_rust workspace, emits tar.gz +
    sha256 per target via portable executable-discovery loop.
  release: downloads artifacts, runs local
    kei-changelog --from <prev-tag> --to <tag>, publishes via
    softprops/action-gh-release@v2.
  npm-publish: graceful skip when NPM_TOKEN secret absent
    (steps.have_token.outputs.present gate + || warning wrap
    so one failing package doesn't kill the job).

Companion install support: install/lib-rust.sh gains
have_prebuilt_binaries() + KEI_SKIP_RUST_BUILD=1 guard (shipped
as part of install-split bundle). Users can download tarball
instead of compiling Rust from source.

release.yml validated via yaml.safe_load: 3 jobs parse cleanly,
matrix expands 4-wide, jobs = [build-release, release, npm-publish].

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-22 15:10:00 +08:00
Parfii-bot
03d1dc7362 refactor(v0.16): split install.sh monolith (1238 LOC) into 17 cubes 
Constructor Pattern (RULE ZERO). Zero behaviour change, zero flag
drift — all original CLI flags preserved verbatim.

Before: install.sh — 1238 LOC monolith
After:  install.sh — 138 LOC dispatcher (sources libs in order)
        install/lib-*.sh — 16 cubes, max 183 LOC (lib-menu)

Cubes:
  lib-log       21 LOC — logging primitives
  lib-backup    63 LOC — rollback trap + BACKUP_PAIRS
  lib-profile  115 LOC — MANIFEST.toml profile resolution
  lib-args      92 LOC — CLI parsing + --help heredoc
  lib-menu     183 LOC — whiptail/dialog/plain-text interactive picker
  lib-plan     150 LOC — dry-run --no-execute output
  lib-prereqs   91 LOC — hard + soft dependency checks
  lib-primitives 131 LOC — primitive copy + MANIFEST drive
  lib-rust     114 LOC — cargo workspace build + pre-built support
  lib-scaffold 144 LOC — agent/skill/block scaffolding
  lib-bridges   31 LOC — project-bridge install
  lib-hooks    104 LOC — settings.json jq merge
  lib-agents    77 LOC — assembled agent output
  lib-skills    23 LOC — skill copy
  lib-wizard    20 LOC — sleep-setup wizard invocation
  lib-summary   59 LOC — post-install summary

Invariants preserved:
  - macOS bash 3.2 compat (no associative arrays, no [[ ]], no ${,,})
  - rollback trap wired via setup_backup_trap early in dispatcher
  - jq-merge behaviour verbatim in lib-hooks
  - scoped Cargo.toml regeneration in lib-rust

Function LOC limits: largest non-heredoc fn 22 LOC (check_soft_prereqs).
Three functions kept >30 LOC because heredoc-dominated (print_help,
print_summary, profile_members); splitting would fragment logical unit.

62 unique function names across cubes, zero duplicates (grep-verified).

bash -n passes on all 17 files. Runtime smoke test deferred to user's
shell (bash-readonly sandbox constraint).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-22 15:09:35 +08:00
Parfii-bot
f77c1b7fdc fix(v0.15.1): RED-1 CVE + typed-handoff + schema minItems 
Security hotfix — v0.15.1 Wave 1 fixes from 4-parallel audit.

RED-1 (CVE): KEI_DISABLED_HOOKS tokenized match — was `*all*`
substring-glob (trivially bypassable via "install", "wall-clock", etc.),
now exact-token split on comma/space. Patched in all 9 hooks:
no-hand-edit-agents, assemble-agents, assemble-validate, tomd-preread,
agent-fork-logger, site-wysiwyd-check, error-spike-detector,
milestone-commit-hook, session-end-dump.

RED-2 (observability): minimal profile whitelist now includes
agent-fork-logger and session-end-dump (ledger + trace paths) so
observability is not silently lost on minimal installs.

HIGH: review.json schema minItems:1 on findings — rejects empty
reviews; new Rust test review_schema_rejects_empty_findings.

HIGH: typed-handoff wire-up — produces_artifact declared at top
level on 5 manifests (kei-security-auditor, kei-validator,
kei-architect, kei-code-implementer, kei-critic); duplicate
per-handoff declarations removed.

MED: kei-artifact validate.rs gains warn_unsupported_keywords —
non-fatal stderr warning when schema uses keywords outside the
hand-rolled 2020-12 subset.

LOW: CI Node matrix dropped 18, now ['20','22'].

Doc drift: skills/hooks-control/SKILL.md reflects tokenized-match
semantics and updated minimal-profile hook list.

Tests: 191 Rust workspace + 30 assembler (both pass). RED-1
reproducer 10/10 (4 former-CVE vectors blocked, 5 legit vectors
accepted, empty passes).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-22 15:08:51 +08:00
Parfii-bot
b62b219500 Merge branch 'feat/v0.15-cognitive-modes' — 5 cognitive mode blocks 2026-04-22 14:15:17 +08:00
Parfii-bot
59725ae021 Merge branch 'feat/v0.15-artifact-handoff' — kei-artifact typed handoff pipeline 
# Conflicts:
#	_primitives/MANIFEST.toml
 2026-04-22 14:15:17 +08:00
Parfii-bot
34ace50183 Merge branch 'feat/v0.14.2-hook-runtime' — runtime hook controls (KEI_DISABLED_HOOKS + profiles) 
# Conflicts:
#	hooks/git-pre-commit-genesis.sh
 2026-04-22 14:14:26 +08:00
Parfii-bot
ad8747f22c Merge branch 'fix/v0.14.2-remove-genesis-scan-public' — genesis-scan internal-only 2026-04-22 14:12:54 +08:00
Parfii-bot
24c584ee50 fix: remove genesis-scan from public kit (internal tool, Bundle-only) 
Per user decision: publishing the sensitive IP pattern blocklist via public
scanner is leak of the blocklist itself (attack surface). genesis-scan
remains in PROJECT-E (private); user-global
~/.claude/hooks/genesis-leak-guard.sh (runtime hook) separate.

Deleted:
- _primitives/_rust/genesis-scan/ (whole crate, 5 files)
- hooks/git-pre-commit-genesis.sh (scanner companion)

Modified:
- workspace Cargo.toml -1 member (24→23)
- MANIFEST.toml — removed [primitive.genesis-scan] + core/full profile refs
- .github/workflows/ci.yml — removed genesis-scan job
- README.md — 7 count/description edits (24→23 rust, 10→9 hooks, 37→36 full)
- install.sh — 5 edits (--help + menus)
- mcp-server tool-registry.ts + test — scanner removed from MCP surface
- kei-sleep-queue.sh — removed scan_prompt() pre-submit hook
- 2 sleep-on-it skill phases — removed genesis-scan references

Tests: 160 Rust (was 167, -7 genesis-scan tests as expected), 24 assembler unchanged.
 2026-04-22 14:11:22 +08:00
Parfii-bot
537589e6a7 feat(primitives): kei-artifact typed handoff pipeline (BMAD-style doc passthrough) 
- kei-artifact Rust crate (25th): schema registry + artifact store + SHA-256 id + chain walker
- 5 schemas (JSON Schema 2020-12 strict): spec / plan / patch / review / research
- Manifest extension: optional produces_artifact + expects_artifact per handoff (non-breaking)
- Validator extension: KNOWN_ARTIFACT_SCHEMAS whitelist check + 4 new tests
- 3 kei-* manifests updated with typed handoff (architect→code-implementer→critic chain)
- compose-solution phase-5 cross-ref to kei-artifact

Tests: 189 Rust workspace (was 167, +22 artifact tests) + 24 assembler (was 20, +4 validator tests)
 2026-04-22 14:10:08 +08:00
Parfii-bot
da0f2cb42b feat(hooks): runtime controls via KEI_DISABLED_HOOKS + KEI_HOOK_PROFILE (v0.14.2) 
10 hooks get 21-line guard block: env-var short-circuit, 4 profiles (full/advisory-off/minimal/off), per-hook disable.

Safety-critical preserved in 'minimal': no-hand-edit-agents, assemble-validate, git-pre-commit-genesis.
Advisory off list: recurrence-suggest, citation-verify, error-spike-detector, milestone-commit-hook.

skills/hooks-control/SKILL.md — click-only toggle emitting shell export commands.
README +27 LOC 'Runtime hook controls' section with examples.
 2026-04-22 13:51:48 +08:00
Parfii-bot
d50c5a56ae feat(blocks): 5 cognitive mode blocks + 2 manifest wirings 
- mode-skeptic (17 LOC) — doubt everything, E1/E2 grade evidence
- mode-devils-advocate (16) — steel-man the opposite
- mode-minimalist (18) — what is unnecessary?
- mode-maximalist (19) — 10x thinking for broad scope
- mode-first-principles (21) — derive from invariants

kei-critic += skeptic + devils-advocate
kei-architect += first-principles

Docs: _blocks/README.md + README.md paragraph under Behavioral blocks
 2026-04-22 13:49:57 +08:00
Parfii-bot
4b0185a3d1 Merge branch 'fix/v0.14.1-audit-blockers' — v0.14.1 audit fixes + CI 
Wave 1+2 audit: 3 RELEASE BLOCKERS + 3 HIGH + 2 MED + newly-surfaced CI gap all fixed.

Verified:
- Rust workspace tests: 167 (up from 154; +13 new path-traversal + backend-guard + patch-format tests)
- Assembler tests: 20/20 unchanged
- install.sh syntax clean
- GitHub Actions CI covers: rust-assembler, rust-primitives, ts-packages (Node 18/20/22), install-dry-run, shell-lint, genesis-scan — all matrix Ubuntu+macOS
 2026-04-22 13:36:59 +08:00
Parfii-bot
a25796df76 docs(readme + install): reconcile all count drift (F4 RELEASE BLOCKER) 
Disk reality:
- blocks: 73, manifests: 12, skills: 38 (was 34/35), hooks: 10 (was 6/9)
- shell primitives: 16 (13 opt-in + 3 always-copied)
- bridges: 11, rust crates: 24 (was 8/9/14), MANIFEST full profile: 37

Updated: README.md lines 31, 70, 94, 111, 119-125, 254, 307 and install.sh --help + whiptail.
 2026-04-22 13:36:17 +08:00
Parfii-bot
81462a03ef chore(rust): misc schema/main refactor in 8 crates (assorted CP splits) 
kei-chat-store, kei-content-store, kei-crossdomain, kei-curator, kei-router, kei-sage, kei-search-core, kei-social-store, kei-task — small schema + main refactors for test pass parity (167 Rust tests, 20 assembler).
 2026-04-22 13:36:17 +08:00
Parfii-bot
37c8e857d7 refactor(mock-render): split main.rs 227 LOC into 4 cubes (F5a Constructor Pattern) 
main.rs 227→55 + cli_args.rs + cmd_screenshot.rs + cmd_lock.rs + cmd_verify.rs (each <100 LOC).
 2026-04-22 13:36:17 +08:00
Parfii-bot
ff10f76469 fix(kei-auth): remove --key CLI flag (F12 HIGH — /proc/cmdline leak) 
KEI_AUTH_KEY env only. On missing env, explicit error with openssl rand suggestion + RULE 0.8 SSoT pointer.
 2026-04-22 13:36:17 +08:00
Parfii-bot
363352e7bf fix(kei-refactor-engine): retract 'git apply-ready' claim (F1 RELEASE BLOCKER) 
Output renamed plan-autoresolve.md; header changed to '# AUTO-RESOLVABLE items' (no fake --- a/ /+++ b/ wrapper).
Added test autoresolve_output_is_not_claimed_as_diff.
Template updated: user manually applies, not via git apply.
 2026-04-22 13:36:17 +08:00
Parfii-bot
ef95bf2a7c fix(kei-store): path-traversal guard (F2 RELEASE BLOCKER) + S3 stub gate (F7) + GitHub RULE 0.1 guard (F8) 
F2: filesystem.rs + s3.rs 'fn full' now Result<PathBuf>, rejects absolute + ParentDir components. 7 new unit tests.
F7: factory.rs rejects 'backend=s3' without KEI_STORE_ALLOW_S3_STUB=1; backend_name() = 's3-local-stub'.
F8: github.rs push() blocks github.com unless KEI_STORE_ALLOW_GITHUB_PUSH=1 (RULE 0.1).
 2026-04-22 13:36:17 +08:00
Parfii-bot
fbd8adf9cf feat(ci): GitHub Actions workflows + .claude/worktrees gitignore 
- 6 CI jobs: rust-assembler, rust-primitives, ts-packages, install-dry-run, shell-lint, genesis-scan
- matrix: Ubuntu+macOS × rust-stable × Node 18/20/22
- closes 'no CI' -10% audit deduction
 2026-04-22 13:36:17 +08:00
Parfii-bot
a3769ebbb6 refactor(rust-core): Constructor-Pattern splits in kei-router + kei-auth 
- kei-router: extract kw_tables.rs from keywords.rs (keep <200 LOC)
- kei-auth: extract new_payload + encode_token helpers
 2026-04-22 12:57:12 +08:00
Parfii-bot
319295860f Merge branch 'feat/v0.14-lbm-ts-adapters' — 6 TS packages (MCP server + 5 adapters) 2026-04-22 12:51:28 +08:00
Parfii-bot
adc007b7b0 feat(primitives): 10 Rust crates extracted from LBM (Genesis-scrubbed) 
- kei-router — keyword-dispatch meta-tool (CfC ML fallback removed)
- kei-sage — Obsidian-style knowledge graph, FTS5 + BFS + PageRank
- kei-task — task DAG with deps, milestones, dependency-chain queries
- kei-chat-store — Claude conversation session persistence + FTS search
- kei-crossdomain — typed-edge store + BFS cross-domain glue
- kei-search-core — 3-wave deep research with microcent budget cap
- kei-content-store — asset + prompt + campaign registry
- kei-social-store — people + interactions CRM (lite)
- kei-curator — edge-decay graph hygiene utility
- kei-auth — multi-tenant session tokens (replaces single-bearer)

Genesis-scan pre-import pass: skipped pkg/mxl1/*, pkg/inference/*, pkg/trainer/*,
pkg/nc01/*, internal/ml/* (all Genesis/CfC adjacent, sensitive IP).
Security: skipped tools_threat/radio/protocol/med/mlreg (offensive/banned).
Domain verticals skipped: hr/legal/infra/ops/api/osint/edu/geo/hw/finance.

New 'mcp' profile in MANIFEST.toml bundles all 10 for MCP server deployment.

Workspace now 24 crates, cargo check --workspace clean, 94 workspace tests pass.
 2026-04-22 12:48:56 +08:00
Parfii-bot
c21943e40b feat(ts-packages): 6 TS packages — MCP server + 5 external-API adapters 
Total 1465 LOC + 616 test LOC, 78/78 tests pass.
- @keisei/mcp-server (25 tests) — Rust-CLI bridge via execa, stdio+HTTP, HMAC auth, kei() meta-tool
- @keisei/telegram-adapter (16 tests) — grammy Bot, 7 tools
- @keisei/recall-adapter (8 tests) — Zoom via Recall.ai, 5 tools
- @keisei/grok-adapter (6 tests) — xAI OpenAI-compatible, 2 tools
- @keisei/gmail-adapter (11 tests) — googleapis OAuth2, 6 tools (new — LBM gap)
- @keisei/youtube-adapter (12 tests) — YouTube Data API v3, 5 tools (new — LBM gap)

RULE 0.2 exception #4 (TS for MCP/API layer documented in _ts_packages/README.md).
RULE 0.8 — env vars only (TELEGRAM_BOT_TOKEN, XAI_API_KEY, GMAIL_*, YOUTUBE_API_KEY).
Strict TypeScript: strict + exactOptionalPropertyTypes + noUncheckedIndexedAccess.
Genesis-scan clean (0 hits).
 2026-04-22 12:45:19 +08:00
Parfii-bot
cab78d68f7 Merge branch 'feat/v0.13-deep-sleep' — NREM deep-sleep pipeline + store trait (5 backends) 2026-04-22 08:50:09 +08:00
Parfii-bot
33cd9a489b Merge branch 'feat/v0.13-onboard' — /onboard auto-project-analyze skill 2026-04-22 08:50:09 +08:00
Parfii-bot
88a59f017f feat(integration): deep-sleep wired into MANIFEST + sleep-setup Phase 3b + README 2026-04-22 08:28:22 +08:00
Parfii-bot
19ee220e0a feat(primitives): 4 Rust crates for deep-sleep — conflict-scan, refactor-engine, graph-check, store 
- kei-conflict-scan: rules/hooks/blocks/orphans/CP detection (6 tests)
- kei-refactor-engine: plan-mode + advisory patch format, zero-conflict guarantee (5 tests)
- kei-graph-check: wikilinks/handoffs/block-refs validator (4 tests)
- kei-store: trait + 5 backends (filesystem/github/forgejo/gitea prod, s3 stub) (8 tests)

1916 LOC Rust total; all files <200 LOC; 23/23 tests pass.
 2026-04-22 08:28:22 +08:00
Parfii-bot
293e96af5d feat(skills): /onboard auto-project-analyze with 3-mode apply (full-auto/step-by-step/full-manual) 2026-04-22 04:22:20 +08:00
Parfii-bot
9ca7c4e148 docs(readme): add 'Why Rust, not Python' paragraph in author note 2026-04-22 04:14:52 +08:00
Parfii-bot
c2fdaf8c4c docs(readme): clarify 'my sample, not claim of originality' in author note 2026-04-22 03:03:56 +08:00
Parfii-bot
5fb152a758 docs(readme): add 'double sorry' disclaimer in author note 2026-04-22 03:02:11 +08:00
Parfii-bot
deda7848c6 docs(readme): move 'From the author' to opening, expand with transformer-error context 2026-04-22 02:58:05 +08:00
Parfii-bot
5c177d0f9b docs(readme): add 'From the author' note 2026-04-22 02:44:09 +08:00
Parfii-bot
44e5c764b4 Merge branch 'feat/v0.12-sleep-on-it' — v0.12.0 incubation layer with priority-scaled budgets 2026-04-22 02:30:45 +08:00
Parfii-bot
3cead09520 feat(integration): Phase A incubation wired into trigger + install + README 2026-04-22 02:30:04 +08:00
Parfii-bot
3d928b41db feat(skills): /sleep-on-it 6-phase wizard + kei-sleep-queue CRUD + incubation prompt 
Priority-scaled time budgets (quick/standard/deep/marathon/weekly),
marathon-mode for hard derivations (skips Phase B REM for one task),
checkpointing every N minutes via partial commits.
 2026-04-22 02:30:04 +08:00
Parfii-bot
c6c572dcf4 Merge branch 'feat/v0.11-sleep-sync' — v0.11.0 cloud REM sync for public users 2026-04-22 01:34:51 +08:00
Parfii-bot
aa77043477 feat(integration): --with-sleep-sync flag + README Cloud REM sync section 2026-04-22 01:34:42 +08:00
Parfii-bot
8e9c05272f feat(skills): /sleep-setup 5-phase wizard (click + 1 free-text URL) 2026-04-22 01:34:42 +08:00
Parfii-bot
7db2328b68 feat(hooks): session-end-dump calls kei-sleep-sync after ingest 2026-04-22 01:34:42 +08:00
Parfii-bot
9450ef0b95 feat(primitives): kei-sleep-setup wizard + kei-sleep-sync helper + trigger template 2026-04-22 01:34:42 +08:00
Parfii-bot
48b1a8cdcf Merge branch 'feat/v0.10-genesis-scan' — kei-memory + genesis-scan v0.10.0 reconciled 2026-04-22 01:04:32 +08:00
Parfii-bot
b9b95c3fb1 Merge branch 'feat/v0.10-session-self-audit' — kei-memory + RULE 0.14 + /self-audit + 3 trigger hooks 2026-04-22 01:02:11 +08:00
Parfii-bot
c436eb105d feat(integration): register genesis-scan in MANIFEST core+full + README + install.sh sizing 2026-04-22 01:01:56 +08:00
Parfii-bot
b18727b257 feat(hooks): git-pre-commit-genesis — template for repo symlink into .git/hooks/pre-commit 2026-04-22 01:01:56 +08:00