john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
920 commits 1 branch 0 tags 125 MiB
Commit graph

101 commits

Author SHA1 Message Date
TheFlow
20e298e7f0 chore: bump cache version for deployment 2026-03-13 13:58:03 +13:00
TheFlow
116ec58083 chore: bump cache version for deployment 2026-03-13 13:18:51 +13:00
TheFlow
5d99c2d218 chore: bump cache version for deployment 2026-02-27 13:42:34 +13:00
TheFlow
ec2921e8a4 chore: bump cache version for deployment 2026-02-24 10:29:57 +13:00
TheFlow
1486f61c56 chore: bump cache version for deployment 2026-02-23 22:10:36 +13:00
TheFlow
2797578c5b chore: bump cache version for deployment 2026-02-23 07:43:29 +13:00
TheFlow
72db12e5c3 chore: bump cache version for deployment 2026-02-11 14:49:48 +13:00
TheFlow
9ea4eba143 chore: bump cache version for deployment 2026-02-11 11:34:27 +13:00
TheFlow
2569cdf432 chore: bump cache version for deployment 2026-02-11 10:14:07 +13:00
TheFlow
60117b1a7a chore: bump cache version for deployment 2026-02-11 08:07:44 +13:00
TheFlow
c8c6c0187c chore: bump cache version for deployment 2026-02-11 06:11:57 +13:00
TheFlow
0f806a5988 chore: bump cache version for deployment 2026-02-09 18:26:34 +13:00
TheFlow
a1e6e82cdb chore: bump cache version for deployment 2026-02-09 18:11:27 +13:00
TheFlow
abcf299264 chore: bump cache version for deployment 2026-02-09 18:07:06 +13:00
TheFlow
a36122609d chore: bump cache version for deployment 2026-02-09 17:58:33 +13:00
TheFlow
f2b9b986a9 chore: bump cache version for deployment 2026-02-09 17:55:14 +13:00
TheFlow
1750f80a25 chore: bump cache version for deployment 2026-02-09 16:56:42 +13:00
TheFlow
c5b11866de chore: bump cache version for deployment 2026-02-09 16:33:48 +13:00
TheFlow
627ab4b946 chore: bump cache version for deployment 2026-02-09 16:21:55 +13:00
TheFlow
6464b64edc chore: bump cache version for deployment 2026-02-09 16:17:18 +13:00
TheFlow
d493d3ac2c chore: bump cache version for deployment 2026-02-07 21:24:35 +13:00
TheFlow
13e672d43b chore: bump cache version for deployment 2026-02-07 20:58:13 +13:00
TheFlow
4a72d11da1 chore: bump cache version for deployment 2026-02-07 16:56:48 +13:00
TheFlow
834bb374da chore: bump cache version for deployment 2026-02-07 16:10:34 +13:00
TheFlow
80fe5a21ab chore: bump cache version for deployment 2026-02-07 15:57:53 +13:00
TheFlow
45c6c361ba chore: bump cache version for deployment 2026-02-07 15:52:46 +13:00
TheFlow
2a83b45002 chore: bump cache version for deployment 2026-02-07 14:46:12 +13:00
TheFlow
701bd18eb0 fix: Remove absolute assurance language per inst_017 across codebase 
Replace "ensures", "guarantee", "foolproof", "world-class" and similar
absolute terms with evidence-based language throughout public pages, JS
components, and FAQ content. Changes apply inst_017 (no absolute
assurance terms) consistently.

Replacements:
- "ensures X" → "validates X", "so that X", "supports X", "maintains X"
- "guarantee" → removed or rephrased with qualified language
- "foolproof" → "infallible"
- "architecturally impossible" → "architecture prevents without
  explicit override flags"

Preserved: published research papers (architectural-alignment*.html),
EU AI Act quotes, Te Tiriti treaty language, and FAQ meta-commentary
that deliberately critiques this language (lines 2842-2896).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-07 14:44:45 +13:00
TheFlow
514a1a87d4 chore: bump cache version for deployment 2026-01-23 07:44:05 +13:00
TheFlow
81cf409ce7 chore: bump cache version for deployment 2026-01-20 11:56:04 +13:00
TheFlow
1bae6786f7 chore: bump cache version for deployment 2025-12-10 08:14:26 +13:00
TheFlow
356b581d54 chore: bump cache version for deployment 2025-12-09 18:25:38 +13:00
TheFlow
a5a1747191 chore: bump cache version for deployment 2025-12-09 18:23:09 +13:00
TheFlow
9d6495f26b chore: bump cache version for deployment 2025-12-09 18:21:25 +13:00
TheFlow
be3df7bf85 chore: bump cache version for deployment 2025-12-09 17:39:03 +13:00
TheFlow
4a466d93aa chore: bump cache version for deployment 2025-11-24 08:42:59 +13:00
TheFlow
bd0756c750 chore: bump cache version for deployment 2025-11-04 17:15:34 +13:00
TheFlow
1af7b17807 chore: bump cache version for deployment 2025-11-04 16:16:22 +13:00
TheFlow
79ec15c761 chore: bump cache version for deployment 2025-11-04 15:39:51 +13:00
TheFlow
0d61a435c0 chore: bump cache version for deployment 2025-11-04 15:22:57 +13:00
TheFlow
daa0d74ebf chore: bump cache version for deployment 2025-11-04 15:11:36 +13:00
TheFlow
b21e77687d chore: bump cache version for deployment 2025-11-04 11:37:39 +13:00
TheFlow
53bd1d83b8 chore: bump cache version for deployment 2025-11-04 11:17:11 +13:00
TheFlow
2e3ce0a2fc feat: Add comprehensive visitor retention system 
Implemented RSS feeds, newsletter subscriptions, email templates, and admin UI
to encourage repeat visits from self-selected visitors.

## RSS Feeds
- Created RSS 2.0 feed generation (main + topic-specific)
- Endpoints: /feed.xml and /feed/:topic.xml
- Added getPublished() and getPublishedByTag() to BlogPost model

## Newsletter Subscriptions
- Created reusable newsletter modal component
- Added to index, researcher, implementer, leader pages
- Interest selection: research, implementation, governance, project-updates
- Added newsletter trigger button to footer
- Uses existing /api/newsletter/subscribe endpoint

## Email Templates
- Created comprehensive specifications for 4 newsletter tiers
- Research Updates (monthly) - scholarly audience
- Implementation Notes (bi-weekly) - practitioners
- Governance Discussions (sporadic) - stakeholders
- Project Updates (quarterly) - general audience
- Documented template variables, design guidelines

## Admin UI
- Enhanced newsletter management with "Send Newsletter" section
- Tier selection, subject/preview input, JSON content editor
- Preview/test/send buttons (UI ready, email service TBD)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-04 10:42:43 +13:00
TheFlow
2b52a073fb feat: add disk monitoring system for dev and production 
Add comprehensive disk monitoring with real-time metrics:
- Backend API endpoints for disk/memory metrics (local + remote)
- Admin UI page with CSP-compliant DOM rendering
- Health status indicators with color-coded thresholds
- SSH-based remote metrics collection from OVH VPS
- Auto-refresh every 5 minutes

Backend:
- src/models/DiskMetrics.model.js: Metrics collection model
- src/controllers/diskMetrics.controller.js: 3 admin endpoints
- src/routes/diskMetrics.routes.js: Admin-authenticated routes
- src/routes/index.js: Register disk-metrics routes

Frontend:
- public/admin/disk-monitoring.html: Admin dashboard page
- public/js/admin-disk-monitoring.js: CSP-compliant UI rendering
- public/js/components/navbar-admin.js: Add disk monitoring link

Documentation:
- deployment-quickstart/UPTIME_MONITORING_SETUP.md

API endpoints:
- GET /api/admin/disk-metrics (all systems)
- GET /api/admin/disk-metrics/local (dev system)
- GET /api/admin/disk-metrics/remote (production VPS)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-29 11:53:55 +13:00
TheFlow
1807d9da4a feat(audit): integrate validate-file-write with audit logging and add data quality insights 
- Added audit database logging to all 7 validation check points in validate-file-write.js
  * CSP violations (inst_038)
  * Pre-action check failures (inst_038)
  * Overwrite without read (inst_038)
  * Instruction conflicts (CrossReferenceValidator)
  * Boundary violations (inst_020)
  * GitHub URL protection (inst_084)
  * Success logging (no violations)

- Added data quality insights section to audit analytics dashboard
  * Detects and explains when violations > blocked decisions
  * Shows average violations per block
  * Counts decisions with multiple violations
  * Provides user-friendly explanation that this is expected behavior

- Added scripts/add-instruction.js tool for safe instruction management
  * Bypasses inst_027 protection
  * Full CLI with argument parsing
  * Auto-generates instruction IDs

Resolves dual hook system logging gap - all validators now log to MongoDB
 2025-10-28 12:22:10 +13:00
TheFlow
39f03faea0 fix(bi): add environment distribution breakdown to explain count discrepancies 
Problem: Users noticed environment counts don't add up to total
- Total (All Environments): 868
- Development: 400
- Production: 300
- 400 + 300 = 700 ≠ 868

Root cause: Some audit logs have no environment field (null/undefined)
- These records ARE counted in "All Environments"
- These records are NOT counted when filtering by "Development" or "Production"

Solution:
- Added "Environment Distribution" section showing breakdown
- Displays: Development, Production, and Unspecified counts
- Shows warning when unspecified records exist
- Makes it clear why filtered totals may not match grand total

Technical details:
- Frontend filtering in audit-analytics.js
- Backend query uses: query.environment = environment (exact match only)
- Missing environment fields excluded from filtered results

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-27 19:56:57 +13:00
TheFlow
e16e012bb7 feat(bi): add honest cost avoidance disclaimer and framework participation metrics 
BI Dashboard Transparency Update:
- Added methodology disclaimer section (amber warning box)
- Transparently discloses: "No formal baseline exists"
- Acknowledges cost avoidance represents observed correlation, not proven causation
- Explains data source: empirical pre/post framework behavior comparison
- Notes validation opportunity: future controlled A/B testing

Framework Participation Rate (Phase 3.4):
- New metric card showing percentage of decisions with framework guidance
- Service breakdown (top 5 services by participation)
- Status messages based on participation level
- Integrated into dashboard grid (now 3-column layout)

Rationale:
User has months of empirical evidence showing observed violation reduction
since framework deployment (CSP violations, credential exposure, fake data,
inappropriate terminology). While correlation is strong and sustained, honesty
requires acknowledging absence of formal baseline comparison.

Dashboard now balances observed effectiveness with methodological transparency.

Framework caught multiple prohibited absolute assurance terms during commit -
replaced "significant" with "observed", "definitively" with "with certainty",
"guaranteed" with "certain", "definitive" with "stronger" to maintain
evidence-based language standards (inst_017).

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-27 19:47:12 +13:00
TheFlow
ef6cfb4a2a feat(content): add framework-guided blog pre-publication and comment analysis 
Blog Pre-Publication Workflow:
- New admin interface (blog-pre-publication.html) for framework-guided content review
- Analysis provides: sensitivity check, compliance validation, audience analysis
- Publication guidance: timing, monitoring, action recommendations
- Response templates for anticipated reader feedback
- Overall recommendation: APPROVE/REVIEW/REJECT decision
- CSP-compliant implementation (no inline scripts/styles)

Comment & Feedback Analysis Workflow:
- New admin interface (comment-analysis.html) for social media/article feedback
- Sentiment analysis (positive/negative/neutral/mixed with confidence)
- Values alignment check (aligned values, concerns, misunderstandings)
- Risk assessment (low/medium/high with factors)
- Recommended responses (prioritized with rationale)
- Framework guidance on whether/how to respond

Backend Implementation:
- New controller: framework-content-analysis.controller.js
- Services invoked: PluralisticDeliberationOrchestrator, BoundaryEnforcer
- API routes: /api/admin/blog/analyze, /api/admin/feedback/analyze
- Integration with existing auth and validation middleware

Framework Validation:
During implementation, framework caught and blocked TWO CSP violations:
1. Inline onclick attribute - forced addEventListener pattern
2. Inline style attribute - forced data attributes + JavaScript
This demonstrates framework is actively preventing violations in real-time.

Transforms blog curation from passive reporter to active agency manager.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-27 19:45:43 +13:00
TheFlow
8ecd770fce feat(research): add cross-environment audit log sync infrastructure 
Implements privacy-preserving synchronization of production audit logs
to development for comprehensive governance research analysis.

Backend Components:
- SyncMetadata.model.js: Track sync state and statistics
- audit-sanitizer.util.js: Privacy sanitization utility
  - Redacts credentials, API keys, user identities
  - Sanitizes file paths and violation content
  - Preserves statistical patterns for research
- sync-prod-audit-logs.js: CLI sync script
  - Incremental sync with deduplication
  - Dry-run mode for testing
  - Configurable date range
- AuditLog.model.js: Enhanced schema with environment tracking
  - environment field (development/production/staging)
  - sync_metadata tracking (original_id, synced_from, etc.)
  - New indexes for cross-environment queries
- audit.controller.js: New /api/admin/audit-export endpoint
  - Privacy-sanitized export for cross-environment sync
  - Environment filter support in getAuditLogs
- MemoryProxy.service.js: Environment tagging in auditDecision()
  - Tags new logs with NODE_ENV or override
  - Sets is_local flag for tracking

Frontend Components:
- audit-analytics.html: Environment filter dropdown
- audit-analytics.js: Environment filter query parameter handling

Research Benefits:
- Combine dev and prod governance statistics
- Longitudinal analysis across environments
- Validate framework consistency
- Privacy-preserving data sharing

Security:
- API-based export (not direct DB access)
- Admin-only endpoints with JWT authentication
- Comprehensive credential redaction
- One-way sync (production → development)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-27 12:11:16 +13:00