Skip to content

AGENTS.md

Latest commit

 

History

History
176 lines (131 loc) · 18.1 KB

AGENTS.md

File metadata and controls

176 lines (131 loc) · 18.1 KB

AGENTS

Notable Findings (Plan Closure: gilfoyle-refactor-20260328)

  • Wave 1 is fully complete (2026-03-28): data contracts, DI container, and dependency mapping are all done.
  • DI baseline is intentionally lightweight and hand-crafted in src/prism/scanner_core/di.py to keep wiring explicit and testable.
  • Typed contract definitions are centralized under src/prism/scanner_data/contracts.py; contract-first sequencing reduced downstream extraction risk.
  • Dependency analysis artifact is documented at docs/plan/gilfoyle-refactor-20260328/dependency-graph.yaml and should be used for import-risk checks before scanner-core changes.

Notable Findings (Plan Closure: scanner-migration-wave2-20260329)

  • Wave 2 closure is complete (2026-03-29): tasks w2_c_1, w2_c_2, w2_c_1_b, w2_c_4, w2_c_3, w2_c_5, and w2_c_6 are closed.
  • Closure sequencing mattered: output/reporting and contracts seams were stabilized before compatibility wrapper lifecycle actions.
  • Validation gate for closure requires all three layers green together: full pytest, lint (ruff + black --check), and mypy typecheck.

Notable Findings (Plan Closure: scanner-migration-wave3-20260329)

  • Wave 3 mixed-bundle closure is complete (2026-03-29): tasks w3_b_01 through w3_b_07 are closed.
  • src/prism/scanner_submodules/render_reports.py now intentionally retains only high-risk compatibility wrappers (build_scanner_report_markdown, render_runbook, render_runbook_csv) with deprecation warnings.
  • Low/medium compatibility helpers were retired from render_reports and low-risk helper wrappers were retired from scan_output_emission; retained scan-output and scan-request wrappers remain explicit deprecation redirects to canonical modules.
  • User confirmed there are no external consumers of scanner_submodules compatibility wrappers, enabling accelerated wrapper retirement sequencing.
  • External-consumer validation for scanner_submodules wrappers is now an explicit unblocker for accelerated retirement decisions.
  • Closure evidence standard remained unchanged and passed together: focused seam checks, full pytest, lint (ruff + black --check), and mypy typecheck.

Notable Findings (Plan Closure: scanner-migration-wave4-20260329)

  • Wave 4 closure is complete (2026-03-29): remaining retirement tasks for scanner_submodules compatibility wrappers were closed in one accelerated wave.
  • User-confirmed absence of external consumers was used as the acceleration gate, allowing coordinated retirement of the remaining wrapper seams.
  • Scanner runtime fallback paths to compatibility wrappers were removed; scanner execution now resolves through canonical modules for runtime behavior.
  • Closure gate remained strict and passed together: full pytest, lint (ruff + black --check), and mypy typecheck.

Notable Findings (Plan Closure: legacy-ansible-role-doc-retire-20260329)

  • Plan closure is complete (2026-03-29): tasks lar_01 through lar_07 are closed.
  • Legacy section-config fallback was retired; .prism.yml is the only supported section config filename and .ansible_role_doc.yml is no longer supported.
  • Legacy runtime compatibility path handling now emits explicit public guidance contracts (LEGACY_SECTION_CONFIG_UNSUPPORTED, LEGACY_RUNTIME_PATH_UNAVAILABLE) instead of fallback behavior.
  • Closure evidence passed as a unified gate: deterministic legacy scan enforcement plus full pytest, lint (ruff + black --check), and mypy typecheck.

Notable Findings (Plan Closure: scanner-readme-input-parser-extract-20260329)

  • README input parser extraction wave is complete (2026-03-29): tasks srip_01 through srip_04 are closed.
  • Canonical README input parser logic now lives in src/prism/scanner_readme/input_parser.py, with scanner.py retained as a delegation seam.
  • Closure gate passed together: full pytest, lint (ruff + black --check), and mypy typecheck.

Notable Findings (Plan Closure: scanner-godfile-decomposition-wave5-20260329)

  • Wave 5 decomposition closure is complete (2026-03-29): scanner decomposition tasks were closed in the approved sequence and validated at closure.
  • scanner.py reduction target was achieved from 3079 lines to 2603 lines (15.46%), meeting the closure threshold.
  • Compatibility wrappers were moved out of the scanner runtime path into dedicated scanner_compat seams to keep canonical execution flow explicit.
  • Closure gates passed together as a single evidence bundle: full pytest, lint (ruff + black --check), and mypy typecheck.

Notable Findings (Plan Closure: scanner-godfile-decomposition-wave6-20260329)

  • Wave 6 decomposition closure is complete (2026-03-29): closure included a deterministic wrapper-usage audit gate as a required completion check.
  • scanner.py was reduced from 2603 lines to 2303 lines (11.53%) during wave 6 closure.
  • Closure gates passed together as one bundle: full pytest, lint (ruff + black --check), and mypy typecheck.

Notable Findings (Plan Closure: scanner-godfile-decomposition-wave7-20260329)

  • Wave 7 decomposition closure is complete (2026-03-29): closure included a deterministic wrapper-usage audit gate with zero hits.
  • scanner.py was reduced from 2310 lines to 2035 lines (11.90%) during wave 7 closure.
  • Closure gates passed together as one bundle: full pytest, lint (ruff + black --check), and mypy typecheck.

Notable Findings (Plan Closure: scanner-godfile-decomposition-wave8-20260329)

  • Wave 8 closure validated a seam-first policy with scanner-size tracked as non-blocking telemetry rather than a closure gate.
  • Closure gates were green together at completion: full pytest, lint (ruff + black --check), and mypy typecheck.
  • Key technical outcome: the scanner_core reverse bridge to scanner.py was removed, eliminating that compatibility seam from canonical runtime flow.

Notable Findings (Plan Closure: scanner-godfile-decomposition-wave9-fasttrack-20260329)

  • Wave 9 fast-track closure is complete (2026-03-29): large-batch seam migrations with rollback-boundary checks and one final full closure gate passed together.
  • Seam-first blocking criteria remained the closure contract, and scanner-size stayed non-blocking telemetry for decision-making continuity.
  • Current telemetry from wave 9 artifacts records scanner.py at 1856 lines.

Notable Findings (Plan Closure: prism-architecture-review-top50-20260401)

  • Plan closure is complete (2026-04-03): docs/plan/prism-architecture-review-top50-20260401/plan.yaml is the canonical authority for the A01-A50 risk register.
  • Follow-up slices for this plan ID are execution/history artifacts that defer to the canonical register and do not replace it.
  • Closure evidence is a unified validation bundle that must be green together: full pytest, ruff check src, black --check src, and tox -e typecheck.
  • Follow-up finalization slice docs/plan/prism-architecture-review-top50-20260401/plan_f.yaml is complete (2026-04-03): CLI/API package split finalization now records explicit seam registers for api.py, cli.py, and repo_services.py.
  • Canonical CLI ownership now lives under src/prism/cli_app/, and cli.py now binds directly to that package instead of top-level CLI helper wrapper modules.
  • Canonical repo helper ownership now lives under src/prism/repo_layer/; repo_services.py remains the only top-level repo facade for API/CLI orchestration.
  • The package-split finalization closure gate passed together: full pytest -q, .venv/bin/python -m ruff check src/prism, .venv/bin/python -m black --check src/prism, and .venv/bin/python -m tox -e typecheck.

Notable Findings (Plan Closure: fsrc-like-for-like-completion-20260411)

  • Phase 0 gate semantics are split by blocker class: required blockers must be resolved before implementation, while deferred blockers remain explicitly tracked and non-blocking for start.
  • Wave 2 established a strict serialization boundary across W2-T01/W2-T02: source-lane contract shaping and fsrc-lane parity were treated as one boundary seam to prevent drift.
  • Final closure bundle expectation is one green evidence set, passed together: full pytest -q, parity bundle pytest -q src/prism/tests/test_fsrc_scanner_parity.py fsrc/src/prism/tests, smoke bundle .venv/bin/python -m tox -r -e smoke-src-lane,smoke-fsrc-lane, lint (ruff check src/prism fsrc/src + black --check src/prism fsrc/src), and .venv/bin/python -m tox -e typecheck.

Notable Findings (Plan Closure: fsrc-plugin-centralization-waveA-20260412)

  • Wave-A closure is complete (2026-04-12): tasks W1-T01, W2-T01, W2-T02, W3-T01, and W4-T01 are closed in the canonical plan.
  • Closure evidence is recorded as one unified gate bundle and passed together: focused fsrc suites (test_fsrc_comment_doc_plugin_resolution.py, test_fsrc_api_cli_entrypoints.py, test_fsrc_plugin_kernel_extension_parity.py), parity suite (src/prism/tests/test_fsrc_scanner_parity.py + fsrc/src/prism/tests), smoke bundle (tox -r -e smoke-src-lane,smoke-fsrc-lane), lint (ruff check src/prism fsrc/src + black --check src/prism fsrc/src), typecheck (tox -e typecheck), and full pytest -q.

Notable Findings (Plan Closure: fsrc-plugin-hardwiring-audit-autopilot-20260412)

  • Hardwiring audit/autopilot closure is complete (2026-04-12): W1-W3 plus remediation are completed and validated as one closure stream.
  • Runtime DI seam coverage now includes both task annotation parsing and task-line detection plugin resolution paths.
  • Scanner-context policy enforcement now defines the strict/non-strict behavior boundary for dynamic includes and YAML-like annotation handling.
  • Registry loader cache identity now keys by both module and class, preventing cross-plugin collision on shared class names.
  • Closure gate evidence passed together as one bundle: pytest -q, smoke lanes (tox -r -e smoke-src-lane,smoke-fsrc-lane), ruff check src/prism fsrc/src, black --check src/prism fsrc/src, and tox -e typecheck.

Notable Findings (Plan Closure: adhoc-fsrc-plugin-seams-20260412)

  • Adhoc seam-promotion closure is complete (2026-04-12): YAML parsing/loading and Jinja analysis were elevated to first-class plugin domains in fsrc.
  • Architecture seams are now explicit across protocol, registry, resolver, and bootstrap layers for both YAML and Jinja, replacing hidden generic/direct resolution paths.
  • Runtime callsites in scanner_extract/scanner_core/scanner_io now consume dedicated YAML and Jinja resolver seams.
  • Validation evidence reported green for focused fsrc suite, parity bundle, ruff check fsrc/src, black --check fsrc/src, and tox -r -e smoke-fsrc-lane.

Notable Findings (Plan Closure: pure-execution-core-plugin-architecture-20260413)

  • NCK1 closure is complete (2026-04-18): the active non-collection execution core-kernel slice is closed.
  • Landed architecture state is now explicit: scanner_core owns non-collection request authority, scanner_kernel owns the route/preflight/runtime carrier contract, and api.py plus api_layer/non_collection.py remain thin compatibility boundaries.
  • SCB1 closure is complete (2026-04-18): ScannerContext payload-shape parity remains strict except for the single fsrc-only metadata extension scan_policy_blocker_facts.
  • SCB1 preserves the boundary established by the slice: scanner_context emits typed blocker facts only, and scanner_kernel translates them into strict failures or non-strict warnings across kernel-routed and legacy fallback paths.
  • MP1 closure is complete (2026-04-18): marker-prefix ownership on the scanner_core hot path now stays ingress-owned, with scan_request projecting comment_doc_marker_prefix and task_extract_adapters consuming only explicit caller input or that canonical top-level key plus the default fallback.
  • Core pure-execution design is now effectively delivered after NCK1 + SCB1 + MP1; remaining variable_discovery and prepared-policy follow-ups are residual debt and no longer design blockers.
  • Closure evidence passed together as one bundle: pytest -q, parity bundle pytest -q src/prism/tests/test_fsrc_scanner_parity.py fsrc/src/prism/tests, smoke lanes tox -r -e smoke-src-lane,smoke-fsrc-lane, ruff check src/prism fsrc/src, black --check src/prism fsrc/src, and tox -e typecheck.

Notable Findings (Plan Closure: ansible-plugin-remediation-wave-20260418)

  • Plan closure audit complete (2026-04-19): tasks APR1-T01 through APR6-T01 audited; APR6-T01 is the final closure task.
  • scanner_core is now pure execution-orchestration only; Ansible-specific logic lives in scanner_plugins.ansible; IGNORED_IDENTIFIERS in variable_pipeline.py is frozenset() (fully evicted).
  • VariableDiscovery and FeatureDetector are generic delegation wrappers; Ansible implementations are owned by AnsibleVariableDiscoveryPlugin and AnsibleFeatureDetectionPlugin in scanner_plugins.ansible; DI default wiring in di.py names these concrete types as the current default, which is expected DI factory wiring, not owned Ansible logic.
  • Fail-closed enforcement: all _get_*_policy(di) functions in scanner_core and scanner_extract raise ValueError without prepared_policy_bundle; no silent fallbacks to late-resolver paths exist outside the single documented retained seam in variable_extractor.py.
  • CSR-008 (VariableDiscovery re-export from api.py) retired in APR5-T01; 17 registered seams remain active (CSR-001 through CSR-007, CSR-009 through CSR-018) with complete records.
  • Platform expansion readiness gate: PASS — all closure checks green after black fsrc/src/prism formatting applied (2026-04-19).
  • Closure evidence: fsrc pytest 247 passed (PASS), parity 7 passed (PASS), ruff check PASS, black --check PASS. Gate confirmed PASS.
  • Kubernetes and Terraform expansion is unblocked at the gate level; no Kubernetes/Terraform scan plugins currently implemented — expansion planning can now proceed.

Notable Findings (Plan Closure: platform-agnostic-remediation-20260419)

  • Plan closure is complete (2026-04-19): all 7 tasks (PAR-W1-T01 through PAR-W4-T01) closed across 4 waves.
  • Constraint: src/ lane frozen throughout execution; all changes targeted fsrc/src/ only. 6 parity tests skip-marked with PAR-20260419.
  • DI factory defaults are now registry-driven: factory_variable_discovery_plugin() and factory_feature_detection_plugin() in di.py resolve through PluginRegistry instead of hardcoded Ansible imports. Zero Ansible imports remain in scanner_core.
  • Marker-prefix ownership moved to ingress: comment_doc_marker_prefix is now projected into PreparedPolicyBundle by ensure_prepared_policy_bundle() and consumed from the bundle by task_extract_adapters.
  • Variable extractor shim retired: resolve_variable_extractor_policy_plugin() fallback removed from variable_extractor.py; fail-closed prepared_policy_bundle consumption now matches all other extractor modules.
  • 6 compatibility seams retired (CSR-005, CSR-006, CSR-007, CSR-016, CSR-017, CSR-018); 11 active seams remain (CSR-001 through CSR-004, CSR-009 through CSR-015).
  • Expansion readiness gate: 7/7 criteria PASS — zero Ansible in scanner_core, registry-driven DI, 11/11 policy getters fail-closed, parity accounted, seam reduction achieved, K8s/Terraform slots reserved, multi-platform protocols in place.
  • Closure evidence: pytest 1441 passed / 7 skipped, ruff PASS, black PASS.

Notable Findings (Plan Closure: gf2-full-remediation-20260419)

  • GF2 full remediation closure is complete (2026-04-19): 8 of 9 tasks closed across 5 waves; 1 task (GF2-W4-T03, proxy singleton remediation) deferred.
  • Constraint: src/ lane frozen throughout execution; all changes targeted fsrc/src/ only.
  • DI platform selection fully decoupled: di.py resolves platform key from scan_options → policy_context → registry default; zero hardcoded "ansible" strings remain in scanner_core or scanner_extract.
  • Extraction layer platform-decoupled: Ansible module names moved from extract_defaults.py to scanner_plugins/ansible; collection namespace filtering is now policy-injectable via PreparedPolicyBundle.
  • Shared DI helper: _scan_options_from_di() consolidated from 7 duplicate definitions into single scanner_core/di_helpers.py.
  • Marker-prefix resolution simplified to bundle-only fail-closed: _resolve_marker_prefix() raises ValueError on missing data, no DEFAULT_DOC_MARKER_PREFIX fallback.
  • Blocker fact assembly extracted: _build_scan_policy_blocker_facts() moved from ScannerContext to scanner_core/blocker_fact_evaluator.py; ScannerContext delegates.
  • VariableRowBuilder fallback stub removed: di.py uses direct import, no try/except fallback.
  • Deprecated marker alias handling sunset: _DEPRECATED_MARKER_ALIAS_CODE and alias normalization logic removed from scan_request.py.
  • Deferred: GF2-W4-T03 (proxy singleton remediation) — 18+ consumer call sites; only blocks concurrent multi-platform scanning.
  • Closure evidence: pytest 1441 passed / 7 skipped, ruff PASS, black PASS, 8/8 audit criteria PASS.

Notable Findings (Plan Closure: fsrc-to-src-promotion-20260422)

  • fsrc→src migration is complete (2026-04-22): fsrc/src/prism/ promoted to canonical src/prism/; fsrc/ directory removed; _src_retired/ (old src lane) permanently deleted.
  • Single unified codebase: no dual-lane burden; plugin-registry-driven DI is the only architecture.
  • src/prism_next/ (empty stub) was deleted; no legacy stubs remain.
  • All 38 test_fsrc_*.py files updated: parents[4]parents[3]; all PROJECT_ROOT / "fsrc" / "src" path constants updated to PROJECT_ROOT / "src".
  • tox.ini updated: all fsrc/src references replaced with src/; smoke/lint/typecheck envs point at canonical src lane.
  • scripts/cli_demo_matrix.py updated: paths and DEFAULT_LANE updated to single src lane.
  • docs/PRD.yaml rewritten to v6.0.0 (prism-unified-src-plugin-architecture-20260422): reflects single src/, plugin-registry DI, pure scanner_core, multi-platform expansion readiness.
  • Plan 20260421-mg-fsrc-parity closed: superseded by promotion.
  • Plan architecture-extensibility-review-20260421 A01 (dual-lane critical finding) marked resolved.
  • Closure evidence: pytest 506 passed / 6 skipped, demo gate 0 failed / 8 artifacts.

Agent Skills

No skills installed yet. Use "Agent Skills Ninja: Search Skills" to install skills.