tractatus

john/tractatus

Fork 0

Commit graph

Author	SHA1	Message	Date
TheFlow	2298d36bed	fix(submissions): restructure Economist package and fix article display - Create Economist SubmissionTracking package correctly: * mainArticle = full blog post content * coverLetter = 216-word SIR— letter * Links to blog post via blogPostId - Archive 'Letter to The Economist' from blog posts (it's the cover letter) - Fix date display on article cards (use published_at) - Target publication already displaying via blue badge Database changes: - Make blogPostId optional in SubmissionTracking model - Economist package ID: 68fa85ae49d4900e7f2ecd83 - Le Monde package ID: 68fa2abd2e6acd5691932150 Next: Enhanced modal with tabs, validation, export 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-24 08:47:42 +13:00
TheFlow	43fa6cca61	SECURITY: Remove all internal/confidential files from public repository CRITICAL SECURITY FIX: Removed 226 internal and sensitive files from git tracking to protect the public tractatus-framework repository from exposing confidential development information, server details, and internal strategies. SCOPE: This cleanup separates the INTERNAL repository (tractatus) from the PUBLIC repository (tractatus-framework on GitHub). REMOVED DIRECTORIES (entire): - .claude/ (framework session state, metrics, archives) - governance/ (internal operational governance) - For Claude Web/ (internal development specs) - scripts/hook-validators/ (internal enforcement) - scripts/framework-components/ (internal components) - docs/planning/, docs/testing/, docs/outreach/ - docs/stripe-analysis/, docs/economist-analysis/ - docs/framework-incidents/, docs/deployment-logs/ - docs/analysis-archive-2025-10/ REMOVED ROOT FILES: - CLAUDE_.md, ClaudeWeb.md (internal development) - PITCH-.md (internal pitch documents) - PHASE-.md, MEETING_NOTES.md (internal planning) - SESSION.md, OPTIMAL_NEXT_SESSION.md (session handoffs) - ARCHIVE_SUMMARY.md, CLOSEDOWN. (session archives) - EXECUTIVE_BRIEF.md (internal briefs) - Tractatus-Website-Complete-Specification.md (internal specs) - UI_TRANSFORMATION_PROJECT_PLAN.md, SITE_IMPROVEMENT_PRIORITIES.md - SCHEDULED_TASKS.md, TRACTATUS_BRAND_SYSTEM.md - .stripe-ids.json, .rsyncignore (sensitive/deployment) - deployment-output.txt, migration-output.txt (logs) - ECONOMIST_LETTER.docx, PERPLEXITY_USER_PROMPT.txt (correspondence) REMOVED SCRIPTS: - scripts/deploy-.sh (contain server IPs) - scripts/session-init.js, scripts/check-session-pressure.js - scripts/analyze-violations.js - scripts/hook-validators/.js (5 files) - scripts/framework-components/.js REMOVED DOCS (96 files): - docs/SESSION.md, docs/session-handoff-.md - docs/DEPLOYMENT.md, docs/MULTI_PROJECT.md - docs/DOCUMENT_AUDIT.md, docs/DOCUMENT_.md - docs/BLOG-POST-OUTLINES.md - docs/PHASE-.md, docs/STRIPE_.md, docs/KOHA.md - docs/SECURITY_AUDIT.md, docs/FRAMEWORK_FAILURE.md - docs/BENCHMARK.md, docs/IMPLEMENTATION_PROGRESS.md - docs/BOOTSTRAPPING.md, docs/GOVERNANCE-RULE-LIBRARY.md - docs/SIMULATION.md, docs/API_MEMORY.md ADDED PROTECTIONS: 1. Comprehensive .gitignore (172 lines) - Blocks all internal directories - Blocks all internal file patterns - Prevents accidental commits 2. PUBLIC_REPO_CHECKLIST.md - Security verification checklist - Weekly maintenance procedures - Clear guidelines for public vs internal REMAINING PUBLIC FILES: 6,435 - src/: 85 (open source services) - tests/: 35 (unit/integration tests) - public/: 178 (website frontend) - scripts/: 111 (public utilities) - docs/: 107 (public documentation) - root: 13 (README, LICENSE, package.json, configs) VERIFICATION: ✓ No server IPs ✓ No SSH keys or credentials ✓ No payment system secrets ✓ No internal planning documents ✓ No session handoffs or development logs ✓ No deployment scripts with production details RESULT: Public tractatus-framework repository now contains ONLY: - Open source code - Public documentation - Implementation guides - Apache 2.0 licensed content Internal tractatus repository (local) retains ALL files for development. 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-21 18:50:16 +13:00
TheFlow	1fe50500f0	feat(framework): implement Phase 1 proactive content scanning CREATED: - scripts/framework-components/ProhibitedTermsScanner.js (420 lines) • Scans codebase for inst_016/017/018 violations • Pattern detection for guarantee language, fabricated stats, unverified claims • Auto-fix capability with context awareness • CLI interface: --details, --fix, --staged flags - tests/unit/ProhibitedTermsScanner.test.js (39 tests, all passing) • Pattern detection tests (inst_017, inst_018) • Context awareness tests • Auto-fix functionality tests • Edge case handling MODIFIED: - scripts/session-init.js • Added Section 7: Scanning for Prohibited Terms • Renumbered subsequent sections (CSP → 8, Dev Env → 9, Continuous → 10) • Scans on every session start, reports violations - scripts/hook-validators/validate-file-write.js • Added missing checkPreActionCheckRecency() function (fixes hook crash) - package.json/package-lock.json • Added glob@11.0.3 dependency RESULTS: • Scanner operational: 39/39 tests passing • Session integration: Runs automatically on session start • Current scan: Found 364 violations (188 inst_017, 120 inst_018, 56 inst_016) • Violations need user review (many in historical docs, specifications) IMPACT: • Framework now PROACTIVE instead of reactive • Violations detected at session start (not weeks later) • Auto-fix available for simple cases • Closes critical detection gap identified in framework assessment NEXT STEPS (user decision): • Review 364 violations (many false positives in historical docs) • Optionally: Implement pre-commit hook • Phase 2: Context-aware rule surfacing • Phase 3: Active metacognitive assistance 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-21 17:37:51 +13:00

Author

SHA1

Message

Date

TheFlow

2298d36bed

fix(submissions): restructure Economist package and fix article display

- Create Economist SubmissionTracking package correctly:
  * mainArticle = full blog post content
  * coverLetter = 216-word SIR— letter
  * Links to blog post via blogPostId
- Archive 'Letter to The Economist' from blog posts (it's the cover letter)
- Fix date display on article cards (use published_at)
- Target publication already displaying via blue badge

Database changes:
- Make blogPostId optional in SubmissionTracking model
- Economist package ID: 68fa85ae49d4900e7f2ecd83
- Le Monde package ID: 68fa2abd2e6acd5691932150

Next: Enhanced modal with tabs, validation, export

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-10-24 08:47:42 +13:00

TheFlow

43fa6cca61

SECURITY: Remove all internal/confidential files from public repository

CRITICAL SECURITY FIX:
Removed 226 internal and sensitive files from git tracking to protect
the public tractatus-framework repository from exposing confidential
development information, server details, and internal strategies.

SCOPE:
This cleanup separates the INTERNAL repository (tractatus) from the
PUBLIC repository (tractatus-framework on GitHub).

REMOVED DIRECTORIES (entire):
- .claude/ (framework session state, metrics, archives)
- governance/ (internal operational governance)
- For Claude Web/ (internal development specs)
- scripts/hook-validators/ (internal enforcement)
- scripts/framework-components/ (internal components)
- docs/planning/, docs/testing/, docs/outreach/
- docs/stripe-analysis/, docs/economist-analysis/
- docs/framework-incidents/, docs/deployment-logs/
- docs/analysis-archive-2025-10/

REMOVED ROOT FILES:
- CLAUDE_*.md, ClaudeWeb*.md (internal development)
- PITCH-*.md (internal pitch documents)
- PHASE-*.md, MEETING_NOTES*.md (internal planning)
- SESSION*.md, OPTIMAL_NEXT_SESSION*.md (session handoffs)
- ARCHIVE_SUMMARY*.md, CLOSEDOWN*.* (session archives)
- EXECUTIVE_BRIEF*.md (internal briefs)
- Tractatus-Website-Complete-Specification*.md (internal specs)
- UI_TRANSFORMATION_PROJECT_PLAN.md, SITE_IMPROVEMENT_PRIORITIES.md
- SCHEDULED_TASKS.md, TRACTATUS_BRAND_SYSTEM.md
- .stripe-ids.json, .rsyncignore (sensitive/deployment)
- deployment-output.txt, migration-output.txt (logs)
- ECONOMIST_LETTER*.docx, PERPLEXITY_USER_PROMPT.txt (correspondence)

REMOVED SCRIPTS:
- scripts/deploy-*.sh (contain server IPs)
- scripts/session-init.js, scripts/check-session-pressure.js
- scripts/analyze-violations.js
- scripts/hook-validators/*.js (5 files)
- scripts/framework-components/*.js

REMOVED DOCS (96 files):
- docs/SESSION*.md, docs/session-handoff-*.md
- docs/DEPLOYMENT*.md, docs/MULTI_PROJECT*.md
- docs/DOCUMENT_AUDIT*.md, docs/DOCUMENT_*.md
- docs/BLOG-POST-OUTLINES.md
- docs/PHASE-*.md, docs/STRIPE_*.md, docs/KOHA*.md
- docs/SECURITY_AUDIT*.md, docs/FRAMEWORK_FAILURE*.md
- docs/BENCHMARK*.md, docs/IMPLEMENTATION_PROGRESS*.md
- docs/BOOTSTRAPPING*.md, docs/GOVERNANCE-RULE-LIBRARY.md
- docs/SIMULATION*.md, docs/API_MEMORY*.md

ADDED PROTECTIONS:
1. Comprehensive .gitignore (172 lines)
   - Blocks all internal directories
   - Blocks all internal file patterns
   - Prevents accidental commits

2. PUBLIC_REPO_CHECKLIST.md
   - Security verification checklist
   - Weekly maintenance procedures
   - Clear guidelines for public vs internal

REMAINING PUBLIC FILES: 6,435
- src/: 85 (open source services)
- tests/: 35 (unit/integration tests)
- public/: 178 (website frontend)
- scripts/: 111 (public utilities)
- docs/: 107 (public documentation)
- root: 13 (README, LICENSE, package.json, configs)

VERIFICATION:
✓ No server IPs
✓ No SSH keys or credentials
✓ No payment system secrets
✓ No internal planning documents
✓ No session handoffs or development logs
✓ No deployment scripts with production details

RESULT:
Public tractatus-framework repository now contains ONLY:
- Open source code
- Public documentation
- Implementation guides
- Apache 2.0 licensed content

Internal tractatus repository (local) retains ALL files for development.

🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>

2025-10-21 18:50:16 +13:00

TheFlow

1fe50500f0

feat(framework): implement Phase 1 proactive content scanning

CREATED:
- scripts/framework-components/ProhibitedTermsScanner.js (420 lines)
  • Scans codebase for inst_016/017/018 violations
  • Pattern detection for guarantee language, fabricated stats, unverified claims
  • Auto-fix capability with context awareness
  • CLI interface: --details, --fix, --staged flags

- tests/unit/ProhibitedTermsScanner.test.js (39 tests, all passing)
  • Pattern detection tests (inst_017, inst_018)
  • Context awareness tests
  • Auto-fix functionality tests
  • Edge case handling

MODIFIED:
- scripts/session-init.js
  • Added Section 7: Scanning for Prohibited Terms
  • Renumbered subsequent sections (CSP → 8, Dev Env → 9, Continuous → 10)
  • Scans on every session start, reports violations

- scripts/hook-validators/validate-file-write.js
  • Added missing checkPreActionCheckRecency() function (fixes hook crash)

- package.json/package-lock.json
  • Added glob@11.0.3 dependency

RESULTS:
• Scanner operational: 39/39 tests passing
• Session integration: Runs automatically on session start
• Current scan: Found 364 violations (188 inst_017, 120 inst_018, 56 inst_016)
• Violations need user review (many in historical docs, specifications)

IMPACT:
• Framework now PROACTIVE instead of reactive
• Violations detected at session start (not weeks later)
• Auto-fix available for simple cases
• Closes critical detection gap identified in framework assessment

NEXT STEPS (user decision):
• Review 364 violations (many false positives in historical docs)
• Optionally: Implement pre-commit hook
• Phase 2: Context-aware rule surfacing
• Phase 3: Active metacognitive assistance

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-10-21 17:37:51 +13:00

3 commits