keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
KeiSeiKit-1.0/_primitives/_rust/Cargo.toml
Parfii-bot 3759fb0f64 fix(audit-batch): CI green + RULE 0.4/0.16/0.18 honesty pass 
12-agent audit (2 waves Opus+Sonnet, 6 slices each) flagged 3 HIGH-tier
issues that BOTH waves agreed on, plus 5 doc-honesty findings. This
batch fixes the lot.

== CI green (was failing on main 94a7d68) ==

- _primitives/_rust/Cargo.toml — workspace tokio gains `io-std` feature
  (needed by kei-mcp/src/main.rs which calls tokio::io::{stdin,stdout})
- _primitives/_rust/kei-mcp/Cargo.toml — dev-deps tokio gains `test-util`
  feature (needed by tests/tools_call_timeout.rs for tokio::time::advance
  and Builder::start_paused). Both verified locally:
  `cargo check -p kei-mcp` ✓
  `cargo test --no-run -p kei-mcp` ✓ (3 test binaries link)
  [REAL: ran 2026-05-03 in this session]

== HIGH-tier audit fixes (consensus across waves) ==

1. SQLi escape in agent-outcome-backfill.sh:110
   - 4 of 12 agents flagged: TOOL_USE_ID was JSON-derived and
     interpolated raw into SQL. Allowlist on $SHIPPED protected today
     but a future case-statement removal opened the surface.
   - Fix: tiny `_sql_esc` helper that doubles single-quotes (SQL-99
     standard escape), applied to SHIPPED + TOOL_USE_ID. STUBS already
     integer-validated.

2. PRAGMA user_version=9 in install/sql/outcome-only-schema.sql
   - W1 outcome-only critic flagged: the SQL fallback installed a
     v9-equivalent flat schema but left user_version=0. A LATER
     `kei-ledger init` (e.g. when user upgrades to full kit) would
     re-run migrations v1-v9 and ALTER TABLE ADD COLUMN duplicate-error
     mid-migration → broken DB.
   - Fix: set PRAGMA user_version=9 before COMMIT so the binary's
     migration runner sees current ≥ target and short-circuits.

3. backup_file mv→cp + uninstall macOS-portable awk
   - W1+W2 outcome-only flagged: lib-backup.sh uses `mv` which DELETES
     the target before _jq_merge_hooks runs; `|| true` swallowed the
     subsequent jq read-error → silent settings.json loss.
   - Fix in lib-profile-outcome-only.sh: `cp -p` aside, drop `|| true`,
     return 1 on merge failure (trap restores).
   - PROFILE-OUTCOME-ONLY.md uninstall used GNU sed `,+1` extension
     which BSD sed (macOS) does not support — uninstall silently
     no-op'd on macOS, leaving orphan CLAUDE.md text.
   - Fix: replace with portable `awk` recipe; also added `rm -f` for
     the agent-toolstats.jsonl sidecar (privacy completeness).

== Doc honesty pass (RULE 0.18 numerics + RULE 0.4 citations) ==

4. README.md count drift — verified all values against filesystem:
   * 102→105 Rust crates (Cargo.toml workspace `members` count)
   * 67→68 skills (`ls skills/ | wc -l`)
   * 35→38 hooks (`grep -c '"command":' settings-snippet.json`)
   * 37→38 agent manifests (`ls _manifests/*.toml | wc -l`)
   * 82→85 substrate blocks (`find _blocks/ -name '*.md' | wc -l`)
   * 18 capability atoms VERIFIED via `find _capabilities/ -name '*.md'`
     (encyclopedia §3 row count of 17 is in a separate file and is a
     known internal display issue, not changed in this commit)
   * 495→565 active DNAs (per docs/DNA-INDEX.md header 2026-05-03)
   Each value now carries a `[REAL: <command>]` style trailer per
   RULE 0.18.

5. README.md DNA "80-char identity" → "≥33-char variable-length"
   - W1+W2 reviewer-pass flagged FALSE: docs/DNA-FORMAT.md SSoT says
     minimum 33 chars; 80 was nowhere in code or spec
   - Fix in README.md:36 + docs/PHILOSOPHY.md:39 + docs/DNA-INDEX.md:1352

6. README.md "Eleven install profiles (... Cursor / Continue / Zed /
   Aider / Docker / Nix)" — Cursor/Continue/Zed/Aider/Docker/Nix were
   never install profiles, they were bridge targets
   - Fix: list 12 actual profiles from _primitives/MANIFEST.toml,
     mention bridges as separate concept

7. .claude-plugin/plugin.json license MIT → Apache-2.0
   - W2-Sonnet reviewer flagged: LICENSE file is Apache-2.0 (since
     2026-04-30 per NOTICE), but plugin.json still declared MIT —
     plugin marketplace would show wrong license

8. docs/ARCHITECTURE.md:318 placeholder URL `https://example.invalid/...`
   - W2-Sonnet reviewer flagged: dead link in published docs
   - Fix: remove the bad href, describe ssl-rule-file as per-user
     install outside the public repo

9. skills/sleep-on-it/SKILL.md Wagner et al. 2004 citation
   - W1+W2 reviewer flagged RULE 0.4 violation: citation without
     verification marker
   - Fix: added [VERIFIED: doi:10.1038/nature02223] + clarification
     that the original paper showed slow-wave-sleep (not strictly REM)
     insight gain — our metaphor is a loose mapping

10. encyclopedia/substrate-overview.md §5 fabricated TS deps
    - W1-Opus doc-consistency flagged RULE 0.4.b violation: 5 of 6
      package rows had INVENTED dependency strings
      (`recall-ai-sdk ^1.0.0`, `nodemailer-mock ^2.0.0`,
       `telegram-typings ^4.10.0`, etc — none exist in the actual
      package.json files)
    - Fix: regenerated table from real `package.json` reads via
      `node -p "require(...).dependencies"` for each of the 6 packages
    - Fix: also corrected version drift (5 packages all 0.14.0 now)

Verification:
- Outcome-only end-to-end install against fake $HOME succeeds:
  hooks installed, ledger schema at user_version=9, settings.json
  created cleanly, all 5 documented files present
  [REAL: ran 2026-05-03 in this session]
- `cargo check -p kei-mcp` + `cargo test --no-run -p kei-mcp` clean

Audit findings NOT yet addressed (deferred to next batch):
- README:65 git clone github URL — repo is private; reviewer flagged
  external strangers cannot clone; will resolve via Quick Start rewrite
- npm.pkg.github.com / @keisei84 leftover sweep — both waves verified
  ZERO refs, no fix needed
- safeEqual timing leak in TS server (W2 sec MEDIUM)
- HTTP server bind 0.0.0.0 (W2 sec MEDIUM)
- Unbounded request body (W2 ci MEDIUM)
- --dry-run silent ignored on non-outcome profiles (W1+W2 MEDIUM)
- Doc-link missing for MEMORY/DNA/LEDGER format specs from README

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-03 19:09:59 +08:00

240 lines
9.7 KiB
TOML
Raw Blame History

[workspace]
resolver = "2"
members = [
"kei-ledger",
"kei-migrate",
"kei-changelog",
"ssh-check",
"firewall-diff",
"mock-render",
"visual-diff",
"tokens-sync",
"kei-memory",
"kei-conflict-scan",
"kei-refactor-engine",
"kei-graph-check",
"kei-store",
# v0.14 LBM port — 10 new MCP-core primitives
"kei-router",
"kei-sage",
"kei-task",
"kei-chat-store",
"kei-crossdomain",
"kei-search-core",
"kei-content-store",
"kei-social-store",
"kei-curator",
"kei-auth",
# v0.15 artifact handoff pipeline
"kei-artifact",
# v0.18 exobrain CLI
"keisei",
# v1 substrate — local web wizard for scaffolding atoms (Stream A)
"kei-forge",
# v1 substrate — atom invocation runtime + schema linter (Stream D)
"kei-runtime",
# Hosted Sleep substrate — 12 traits + DNA + plugin registry (impls in sibling crates)
"kei-runtime-core",
# Hosted Sleep Wave 2 — bare-metal SSH ComputeProvider impl
"kei-compute-baremetal",
# v1 substrate — shared atom discovery + frontmatter + safe path (Stream E)
"kei-atom-discovery",
# agent substrate v1 — phase 3 runtime (Capability trait + registry + compose/spawn/verify)
"kei-agent-runtime",
# agent substrate v1 — phase 3 hook-protocol CLI adapter
"kei-capability",
# v0.24 unification — unified VPS provisioner (supersedes provision-{hetzner,vultr}.sh)
"kei-provision",
# Convergence Layer A — schema-driven verb-template engine for SQLite-CRUD stores
"kei-entity-store",
# v1 substrate — atom DAG pipe runtime (topo-sort + JSON piping between atoms)
"kei-pipe",
# v1 substrate — deterministic result cache for pure (query/transform) atoms
"kei-cache",
# agent substrate v1 — automation envelope: prepare + ledger fork + verify
"kei-spawn",
# agent substrate v1 — reconstruct spawn from DNA (ledger row + task.toml + recompose)
"kei-replay",
# v0.29 Wave 13 — structural JSON diff primitive (RFC 6902 subset add/remove/replace)
"kei-diff",
# v0.29 Wave 13 — durable task scheduler (cron / at / interval) metadata primitive
"kei-scheduler",
# v0.29 Wave 13 — filesystem watcher primitive (thin notify wrapper, sync API)
"kei-watch",
# v0.30 Wave 14 — bio-inspired pruning (retire idle agents)
"kei-prune",
# v0.30 Wave 14 — federated marketplace discovery stub
"kei-discover",
# v0.30 Wave 14 — taxonomy graph + lineage stdout visualizer
"kei-brain-view",
# v0.30 Wave 14 — whole-brain tar.zst export/import
"kei-hibernate",
# v0.30 Wave 14 — ed25519 creator attestation
"kei-ledger-sign",
# v0.31 Wave 15 — managed git worktree + ledger lifecycle (fork/collect/gc/rescue)
"kei-fork",
# v0.34 Wave 17 — SSoT for DNA format + shared substrate types
"kei-shared",
# v0.32 Wave 15 — read-only DNA adjacency/cluster/precedent over kei-ledger
"kei-dna-index",
# Pet UI v1 — persona manifest parse/validate + Ed25519 identity + overlay renderer
"kei-pet",
# v0.37 Wave 20 — local HTTP daemon (axum) exposing cortex state for web UI at keisei.app
# v0.39 Wave 25 — longitudinal user-frustration matrix (regex + byte n-gram firmware classifier)
"frustration-matrix",
# Wave 54 — per-user online learning loop on top of frustration-matrix (sleep Phase 0 + install bootstrap)
"kei-frustration-loop",
# Wave 26.5 — universal external skill-format importer (OpenClaw/Cline/Cursor/Claude/Kimi)
"kei-skill-importer",
# Wave 45 — dev-hub bundle (project dashboard data sources)
"kei-projects-index",
"kei-projects-watcher",
# Wave 46 — Google Drive → Forgejo one-shot importer (folder classifier)
"kei-gdrive-import",
# Wave 48 — content protection SSoT (regex matrix scanner / substituter)
"kei-leak-matrix",
# Wave 51 — research output → action pipeline (parses MASTER-REPORT.md, emits kei-spawn task.toml)
"kei-decision",
# Wave 52 — UNIVERSAL decomposition layer: 5 MD-format parsers (research/audit/sleep/architecture/new-project)
"kei-decompose",
# A1.1 — foreign project ingestion runtime (clone → walk → identify modules → stage for downstream atomars)
"kei-import-project",
# Wave 53 — UNIVERSAL block identity registry (primitive/skill/rule/hook/atom DNA in SQLite)
"kei-registry",
# Wave 55 — UNIVERSAL model registry + selector (verified pricing 2026-04-28)
"kei-model",
# P1.2 daytona
"kei-backend-daytona",
# P0.2 trajectory export
"kei-export-trajectories",
# Phase 3.1 — Hermes/agentskills.io SKILL.md format primitives
"kei-skills",
# P4.1 gateway — multi-platform messaging unified (Telegram/Discord/Slack/CLI/WhatsApp/Signal/Generic)
"kei-gateway",
# P4.2 scheduler — Hermes-equivalent cron/at/interval with JSON persistence
# NOTE: distinct from existing `kei-scheduler` (SQLite metadata DB). See
# `kei-cron-scheduler/Cargo.toml` for the rationale on coexistence.
"kei-cron-scheduler",
# Wave 56 — Mac hardware/OS/tooling detector (foundation for local LLM stack: ollama/llamacpp/mlx)
"kei-machine-probe",
# Wave 57 — Ollama HTTP adapter (localhost:11434, streaming, 5 subcommands)
"kei-llm-ollama",
# Wave 58 — llama.cpp shell-out adapter (no FFI, llama-cli/llama-server, 5 subcommands)
"kei-llm-llamacpp",
# Wave 59 — Apple MLX adapter (mlx_lm shell-out, macOS Apple Silicon only, hard platform gate)
"kei-llm-mlx",
# Hosted Sleep Wave 4 — MLX LlmBackend bridge (Apple Silicon only)
"kei-llm-bridge-mlx",
# Hosted Sleep Wave 2 — Vultr ComputeProvider impl
"kei-compute-vultr",
# Hosted Sleep Wave 2 — Linode ComputeProvider impl
"kei-compute-linode",
# Wave 60 — UNIVERSAL local-LLM backend selector (glues W55+W56+W57+W58+W59 → picks Mlx/LlamaCpp/Ollama)
"kei-llm-router",
# Hosted Sleep Wave 1 — systemd ServiceManager impl
"kei-svc-systemd",
# RULE 0.17 — atomar time-logger (Wave 10)
"kei-tlog",
# Per-LLM-call token + cost observability store (cortex token tracker, Phase D sleep-report)
"kei-token-tracker",
# Cross-window agent heartbeat (auto: redis | sqlite)
"kei-ping",
# Hosted Sleep Wave 2 — DigitalOcean ComputeProvider impl (Wave 5 redo)
"kei-compute-digitalocean",
# Hosted Sleep Wave 5 — git providers (Gitea/Forgejo/GitLab/Bitbucket)
"kei-git-gitea",
"kei-git-forgejo",
"kei-git-gitlab",
"kei-git-bitbucket",
# Hosted Sleep Wave 6 — memory backends (sled/redis/postgres/sqlite)
"kei-memory-sled",
"kei-memory-redis",
"kei-memory-postgres",
"kei-memory-sqlite",
# Wave 7 — Google OAuth 2.0 + OIDC AuthProvider
"kei-auth-google",
# Wave 7 — Apple Sign-In AuthProvider
"kei-auth-apple",
# Wave 7 — Magic-Link email AuthProvider (HMAC-signed token, stateless)
"kei-auth-magiclink",
# Wave 7 — WebAuthn passkey AuthProvider
"kei-auth-webauthn",
# Wave 8 — Telegram Bot API NotifyChannel (sendMessage with HTML parse_mode + severity emoji)
"kei-notify-telegram",
# Wave 8 — Discord webhook NotifyChannel
"kei-notify-discord",
# Wave 8 — Slack incoming-webhook NotifyChannel
"kei-notify-slack",
# Wave 8 — SMS via Twilio Programmable Messaging
"kei-notify-sms",
# Wave 9 — VPN/network backends
"kei-net-wireguard",
"kei-net-openvpn",
"kei-net-ipsec",
# Cortex stack — local AI runtime (daemon + TUI + MCP server)
"kei-cortex",
"kei-tty",
"kei-mcp",
# SQL ↔ TypeScript schema drift detector
"kei-db-contract",
# Live runtime-graph exporter (registry + ledger → D3 space fragment)
"kei-graph-export",
# Live agent-events.jsonl tail → WebSocket stream (kei-graph-stream daemon)
"kei-graph-stream",
]
[workspace.package]
edition = "2021"
rust-version = "1.77"
authors = ["Denis Parfionovich <parfionovich@keilab.io>"]
license = "Apache-2.0"
repository = "https://github.com/KeiSei84/KeiSeiKit-1.0"
homepage = "https://github.com/KeiSei84/KeiSeiKit-1.0"
[workspace.dependencies]
clap = { version = "4", features = ["derive"] }
serde = { version = "1", features = ["derive"] }
serde_json = "1"
serde_yaml = "0.9"
serde_yaml_ng = "0.10"
sha2 = "0.10"
image = { version = "0.25", default-features = false, features = ["png"] }
regex = "1.10"
rusqlite = { version = "0.31", features = ["bundled"] }
chrono = { version = "0.4", default-features = false, features = ["clock"] }
anyhow = "1"
thiserror = "1"
tempfile = "3"
toml = "0.8"
flate2 = "1"
walkdir = "2"
pretty_assertions = "1"
# Shared async + HTTP deps (Waves 31/32/33/35/36 etc — kei-tty / kei-router / etc)
tokio = { version = "1", features = ["rt-multi-thread", "macros", "signal", "net", "time", "process", "fs", "io-util", "io-std", "sync"] }
tokio-stream = "0.1"
futures = "0.3"
reqwest = { version = "0.12", features = ["json", "stream", "multipart", "rustls-tls"], default-features = false }
bytes = "1"
async-trait = "0.1"
wiremock = "0.6"
# Wave 38a — daemon integration deps (PTY for /term WS endpoint, tungstenite for axum WS)
portable-pty = "0.8"
tokio-tungstenite = "0.29"
# Wave 44a — tool-sandbox hardening (shell tokenization, URL parsing, bounded LRU)
shell-words = "1"
url = "2"
lru = "0.12"
# Wave 44b — atomic O_NOFOLLOW openat for symlink-safe writes (tool_apply.rs)
nix = { version = "0.29", default-features = false, features = ["fs"] }
# A2.1 — kei-import-project trait pattern matcher (syn AST parsing)
syn = { version = "2", features = ["full"] }
# Fix 2: hoisted from member crates for SSoT
dashmap = "6"
tower = { version = "0.5", features = ["limit", "buffer", "util"] }
notify = "8"
[profile.release]
opt-level = "z"
lto = true
strip = true
codegen-units = 1
Reference in a new issue View git blame Copy permalink