KeiSeiKit-1.0

keisei/KeiSeiKit-1.0

Fork 0

Commit graph

Author	SHA1	Message	Date
Parfii-bot	f9bfcc23b7	fix(agent-runtime/b1): PatternGate hardening — RwLock, Result, UTF-8, explicit deny H1 lock contention: Mutex<HashMap> → RwLock<HashMap>. Hot path cheap read-lock, write-lock only on first compile per pattern. H2 panic removed: compile_checked() returns Result<Regex, regex::Error>; all call sites propagate as GateDecision::Deny{reason:"misconfigured regex..."}. No .expect()/.unwrap() on compile anywhere. H3 dead branch: AllowIfMatch + TaskWhitelist/TaskDenylist combo was silently NotApplicable (allow-everything). Now explicit Deny with "misconfigured" + "AllowIfMatch" in reason. Fail-closed. S4 UTF-8 panic: &s[..60] byte-slice → s.chars().take(60). Cyrillic/ emoji safe. 60-char budget by code point. L2 render chain: String::replace chain → single-pass render_template() that scans {token} markers once. Substituted text cannot bleed into later tokens. Tests: 70/70 (was 66, +4). pattern_gate_smoke 10 → 14. Follow-up (out of file-boundary scope): per-pattern Lazy<Regex> variant would eliminate the RwLock entirely but requires editing sibling gate consts. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 05:27:59 +08:00
Parfii-bot	360a20a942	feat(convergence/p2): PatternGate + CommandVerify unified traits Layer C + D. 6 gate modules + 3 verify modules → 1 generic struct per family + const declarations. Data-driven, not module-per-capability. New: - src/gates/pattern_gate.rs (192 LOC) — PatternGate struct with GateMode::{DenyIfMatch, AllowIfMatch}, static regex compilation via once_cell, bypass env support, Capability trait impl - src/verifies/command_verify.rs (142 LOC) — CommandVerify struct with WorkDir::{WorkspaceRoot, CrateDir, MainRepoSub}, subprocess exec + exit-code check, extra_env support, Capability trait impl Converted (const declarations, ~15-27 LOC each): - gates/policy_no_git_ops.rs (49→22) - gates/safety_no_dep_bump.rs (35→19) - gates/scope_files_whitelist.rs (37→16) - gates/scope_files_denylist.rs (35→16) - gates/tools_bash_allowlist.rs (58→27) - verifies/quality_cargo_check_green.rs (41→18) - verifies/quality_tests_green.rs (75→80, folded common shape) - verifies/safety_no_dep_bump.rs (39→47) Kept separate (different shape, not PatternGate/CommandVerify): - gates/tools_deny_tools.rs (tool-name match, not pattern) - verifies/quality_constructor_pattern.rs (LOC walker) - verifies/output/report_format.rs + severity_grade.rs (text parsers) - verifies/scope_files_{whitelist,denylist}.rs (diff-walkers) Registry.rs preserves alias table + deprecation warnings + all_names(). Tests: 57/57 green (was 41, +16: 10 pattern_gate_smoke + 6 command_verify_smoke). LOC net: 5 gates 214→100 (-53%), shared PatternGate+CommandVerify 334 LOC absorb duplication. Amortization breaks even around 3-4 new gates added later. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 04:46:47 +08:00

Author

SHA1

Message

Date

Parfii-bot

f9bfcc23b7

fix(agent-runtime/b1): PatternGate hardening — RwLock, Result, UTF-8, explicit deny

H1 lock contention: Mutex<HashMap> → RwLock<HashMap>. Hot path cheap
read-lock, write-lock only on first compile per pattern.

H2 panic removed: compile_checked() returns Result<Regex, regex::Error>;
all call sites propagate as GateDecision::Deny{reason:"misconfigured
regex..."}. No .expect()/.unwrap() on compile anywhere.

H3 dead branch: AllowIfMatch + TaskWhitelist/TaskDenylist combo was
silently NotApplicable (allow-everything). Now explicit Deny with
"misconfigured" + "AllowIfMatch" in reason. Fail-closed.

S4 UTF-8 panic: &s[..60] byte-slice → s.chars().take(60). Cyrillic/
emoji safe. 60-char budget by code point.

L2 render chain: String::replace chain → single-pass render_template()
that scans {token} markers once. Substituted text cannot bleed into
later tokens.

Tests: 70/70 (was 66, +4). pattern_gate_smoke 10 → 14.
Follow-up (out of file-boundary scope): per-pattern Lazy<Regex> variant
would eliminate the RwLock entirely but requires editing sibling gate
consts.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-23 05:27:59 +08:00

Parfii-bot

360a20a942

feat(convergence/p2): PatternGate + CommandVerify unified traits

Layer C + D. 6 gate modules + 3 verify modules → 1 generic struct per
family + const declarations. Data-driven, not module-per-capability.

New:
- src/gates/pattern_gate.rs (192 LOC) — PatternGate struct with
  GateMode::{DenyIfMatch, AllowIfMatch}, static regex compilation via
  once_cell, bypass env support, Capability trait impl
- src/verifies/command_verify.rs (142 LOC) — CommandVerify struct with
  WorkDir::{WorkspaceRoot, CrateDir, MainRepoSub}, subprocess exec +
  exit-code check, extra_env support, Capability trait impl

Converted (const declarations, ~15-27 LOC each):
- gates/policy_no_git_ops.rs (49→22)
- gates/safety_no_dep_bump.rs (35→19)
- gates/scope_files_whitelist.rs (37→16)
- gates/scope_files_denylist.rs (35→16)
- gates/tools_bash_allowlist.rs (58→27)
- verifies/quality_cargo_check_green.rs (41→18)
- verifies/quality_tests_green.rs (75→80, folded common shape)
- verifies/safety_no_dep_bump.rs (39→47)

Kept separate (different shape, not PatternGate/CommandVerify):
- gates/tools_deny_tools.rs (tool-name match, not pattern)
- verifies/quality_constructor_pattern.rs (LOC walker)
- verifies/output/report_format.rs + severity_grade.rs (text parsers)
- verifies/scope_files_{whitelist,denylist}.rs (diff-walkers)

Registry.rs preserves alias table + deprecation warnings + all_names().

Tests: 57/57 green (was 41, +16: 10 pattern_gate_smoke + 6 command_verify_smoke).

LOC net: 5 gates 214→100 (-53%), shared PatternGate+CommandVerify 334
LOC absorb duplication. Amortization breaks even around 3-4 new gates
added later.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-23 04:46:47 +08:00

2 commits