F-III mechanized, pre-commit firewall hook, skills consume the engine (v0.17.1)#2
Merged
Merged
Conversation
…ume the engine (v0.17.1) - experiments/ parsing + pre-registration audit (EXP-* findings); F-III enforcement UNGUARDED -> AUDITED (audit-derived field; firewall verified clean across the edit). Self-audit now 0 findings. - `constitution hooks install`: worktree-safe pre-commit running audit + firewall; capability-checks the PATH CLI (a 0.16.x global would otherwise have blocked every commit with "Unknown command" — caught live). - audit-structure 1.4.0 + compile-prompt 1.2.0 start from `constitution audit --json` / `constitution compile` packs; manual protocols as fallback. - 19/19 vitest (experiments + hooks suites; \Z-anchor regression test). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
- .github/workflows/publish.yml: build + test + version-sync gate (cli/package.json == CONSTITUTION.md header), publish to GitHub Packages via GITHUB_TOKEN only when the version is new, then smoke-test the published tarball by scaffolding + auditing a fresh consumer. - cli/AGENTS.md: bump-without-publish + one-version-number statutes upgraded prompt-only -> CI (GATED). - Gate/view logic validated locally against the real registry. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What changed
Overhaul session 2, building on the merged v0.17.0 engine (PR #1) and your accepted lock — now at v0.17.2:
experiments/(pertemplates/experiment.md) and audits pre-registration deterministically:EXP-*error findings for a RUNNING+ experiment with empty/placeholder Hypothesis/Metric/Decision-rule, a missing/invalid/futurepre-registereddate, or an illegal status. F-III'senforcementaccordingly flipsUNGUARDED → AUDITED— the one audit-derived field edit in the law plane, andconstitution firewallstayed clean across it (proof the lock hashes ratified substance only). The self-audit now reports 0 findings.constitution hooks install— worktree-safe pre-commit hook running audit + firewall at commit time. It capability-checks the PATH CLI first: your global is still 0.16.12, and without that check the hook would have blocked every commit with "Unknown command: audit" (caught live, verified by executing the hook both ways). It skips with a loud message until your global is ≥ 0.17.0.audit-structure 1.4.0starts fromconstitution audit --jsonas ground truth for the deterministic checks;compile-prompt 1.2.0starts fromconstitution compilepacks. Manual discovery protocols kept as the no-CLI fallback..github/workflows/publish.yml: every push to main builds, tests, gates on version sync (cli/package.json==CONSTITUTION.mdheader), publishes to GitHub Packages via the built-inGITHUB_TOKENonly if the version is new, then smoke-tests the published tarball by scaffolding + auditing a fresh consumer. Twocli/AGENTS.mdstatutes upgradedprompt-only → CI. Gate and already-published-guard logic validated locally against the real registry; the workflow's first live run is this PR's merge — watch that Actions run.\Z-anchor regex regression caught in review).cli/package.json → 0.17.2synced byconstitution doctor.For the reviewer
[0.17.1]/[0.17.2]are agent-authored, pending your review; the only ratified-adjacent edit is F-III'senforcementfield, which the constitution defines as set-by-audit (below the firewall). Firewall + audit both run clean on this branch.BUILDLOG.md§ Session 2 (+ publish-on-merge addendum).🤖 Generated with Claude Code