john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
897 commits 1 branch 0 tags 125 MiB
Commit graph

101 commits

Author SHA1 Message Date
TheFlow
c1d5016381 chore: bump cache version for deployment 2026-03-13 13:58:03 +13:00
TheFlow
2c14c91c16 chore: bump cache version for deployment 2026-03-13 13:18:51 +13:00
TheFlow
871ea0df27 chore: bump cache version for deployment 2026-02-27 13:42:34 +13:00
TheFlow
302bf516f3 chore: bump cache version for deployment 2026-02-24 10:29:57 +13:00
TheFlow
0893e4979d chore: bump cache version for deployment 2026-02-23 22:10:36 +13:00
TheFlow
8323cca70a chore: bump cache version for deployment 2026-02-23 07:43:29 +13:00
TheFlow
6d8de05849 chore: bump cache version for deployment 2026-02-11 14:49:48 +13:00
TheFlow
d3e1cbc777 chore: bump cache version for deployment 2026-02-11 11:34:27 +13:00
TheFlow
25efeddd5b chore: bump cache version for deployment 2026-02-11 10:14:07 +13:00
TheFlow
d045b23641 chore: bump cache version for deployment 2026-02-11 08:07:44 +13:00
TheFlow
ef281ee846 chore: bump cache version for deployment 2026-02-11 06:11:57 +13:00
TheFlow
551c7e9a05 chore: bump cache version for deployment 2026-02-09 18:26:34 +13:00
TheFlow
f04eb5b75d chore: bump cache version for deployment 2026-02-09 18:11:27 +13:00
TheFlow
c97b21b69c chore: bump cache version for deployment 2026-02-09 18:07:06 +13:00
TheFlow
fd3d935415 chore: bump cache version for deployment 2026-02-09 17:58:33 +13:00
TheFlow
2bf206ed43 chore: bump cache version for deployment 2026-02-09 17:55:14 +13:00
TheFlow
61c1ff2e53 chore: bump cache version for deployment 2026-02-09 16:56:42 +13:00
TheFlow
dd1d83a6b8 chore: bump cache version for deployment 2026-02-09 16:33:48 +13:00
TheFlow
b3946fc006 chore: bump cache version for deployment 2026-02-09 16:21:55 +13:00
TheFlow
d7bf3aa551 chore: bump cache version for deployment 2026-02-09 16:17:18 +13:00
TheFlow
609396d87e chore: bump cache version for deployment 2026-02-07 21:24:35 +13:00
TheFlow
45e74fd5d5 chore: bump cache version for deployment 2026-02-07 20:58:13 +13:00
TheFlow
7c0e705194 chore: bump cache version for deployment 2026-02-07 16:56:48 +13:00
TheFlow
82ee807fbd chore: bump cache version for deployment 2026-02-07 16:10:34 +13:00
TheFlow
5e3ae8523a chore: bump cache version for deployment 2026-02-07 15:57:53 +13:00
TheFlow
39593fbf6f chore: bump cache version for deployment 2026-02-07 15:52:46 +13:00
TheFlow
d6f911b667 chore: bump cache version for deployment 2026-02-07 14:46:12 +13:00
TheFlow
df8c6ccb03 fix: Remove absolute assurance language per inst_017 across codebase 
Replace "ensures", "guarantee", "foolproof", "world-class" and similar
absolute terms with evidence-based language throughout public pages, JS
components, and FAQ content. Changes apply inst_017 (no absolute
assurance terms) consistently.

Replacements:
- "ensures X" → "validates X", "so that X", "supports X", "maintains X"
- "guarantee" → removed or rephrased with qualified language
- "foolproof" → "infallible"
- "architecturally impossible" → "architecture prevents without
  explicit override flags"

Preserved: published research papers (architectural-alignment*.html),
EU AI Act quotes, Te Tiriti treaty language, and FAQ meta-commentary
that deliberately critiques this language (lines 2842-2896).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-07 14:44:45 +13:00
TheFlow
89084868aa chore: bump cache version for deployment 2026-01-23 07:44:05 +13:00
TheFlow
fb25ac502a chore: bump cache version for deployment 2026-01-20 11:56:04 +13:00
TheFlow
8cebbe2ddb chore: bump cache version for deployment 2025-12-10 08:14:26 +13:00
TheFlow
d3225711f7 chore: bump cache version for deployment 2025-12-09 18:25:38 +13:00
TheFlow
436403024b chore: bump cache version for deployment 2025-12-09 18:23:09 +13:00
TheFlow
d88a122fdc chore: bump cache version for deployment 2025-12-09 18:21:25 +13:00
TheFlow
50a37ca5a8 chore: bump cache version for deployment 2025-12-09 17:39:03 +13:00
TheFlow
93138d2139 chore: bump cache version for deployment 2025-11-24 08:42:59 +13:00
TheFlow
09e8773cb8 chore: bump cache version for deployment 2025-11-04 17:15:34 +13:00
TheFlow
ea01eeb284 chore: bump cache version for deployment 2025-11-04 16:16:22 +13:00
TheFlow
983033eb17 chore: bump cache version for deployment 2025-11-04 15:39:51 +13:00
TheFlow
1821a20cdb chore: bump cache version for deployment 2025-11-04 15:22:57 +13:00
TheFlow
8701499b3d chore: bump cache version for deployment 2025-11-04 15:11:36 +13:00
TheFlow
33d3937e45 chore: bump cache version for deployment 2025-11-04 11:37:39 +13:00
TheFlow
1c768a19e4 chore: bump cache version for deployment 2025-11-04 11:17:11 +13:00
TheFlow
4408b694f9 feat: Add comprehensive visitor retention system 
Implemented RSS feeds, newsletter subscriptions, email templates, and admin UI
to encourage repeat visits from self-selected visitors.

## RSS Feeds
- Created RSS 2.0 feed generation (main + topic-specific)
- Endpoints: /feed.xml and /feed/:topic.xml
- Added getPublished() and getPublishedByTag() to BlogPost model

## Newsletter Subscriptions
- Created reusable newsletter modal component
- Added to index, researcher, implementer, leader pages
- Interest selection: research, implementation, governance, project-updates
- Added newsletter trigger button to footer
- Uses existing /api/newsletter/subscribe endpoint

## Email Templates
- Created comprehensive specifications for 4 newsletter tiers
- Research Updates (monthly) - scholarly audience
- Implementation Notes (bi-weekly) - practitioners
- Governance Discussions (sporadic) - stakeholders
- Project Updates (quarterly) - general audience
- Documented template variables, design guidelines

## Admin UI
- Enhanced newsletter management with "Send Newsletter" section
- Tier selection, subject/preview input, JSON content editor
- Preview/test/send buttons (UI ready, email service TBD)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-04 10:42:43 +13:00
TheFlow
18bb173c95 feat: add disk monitoring system for dev and production 
Add comprehensive disk monitoring with real-time metrics:
- Backend API endpoints for disk/memory metrics (local + remote)
- Admin UI page with CSP-compliant DOM rendering
- Health status indicators with color-coded thresholds
- SSH-based remote metrics collection from OVH VPS
- Auto-refresh every 5 minutes

Backend:
- src/models/DiskMetrics.model.js: Metrics collection model
- src/controllers/diskMetrics.controller.js: 3 admin endpoints
- src/routes/diskMetrics.routes.js: Admin-authenticated routes
- src/routes/index.js: Register disk-metrics routes

Frontend:
- public/admin/disk-monitoring.html: Admin dashboard page
- public/js/admin-disk-monitoring.js: CSP-compliant UI rendering
- public/js/components/navbar-admin.js: Add disk monitoring link

Documentation:
- deployment-quickstart/UPTIME_MONITORING_SETUP.md

API endpoints:
- GET /api/admin/disk-metrics (all systems)
- GET /api/admin/disk-metrics/local (dev system)
- GET /api/admin/disk-metrics/remote (production VPS)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-29 11:53:55 +13:00
TheFlow
285e62d601 feat(audit): integrate validate-file-write with audit logging and add data quality insights 
- Added audit database logging to all 7 validation check points in validate-file-write.js
  * CSP violations (inst_038)
  * Pre-action check failures (inst_038)
  * Overwrite without read (inst_038)
  * Instruction conflicts (CrossReferenceValidator)
  * Boundary violations (inst_020)
  * GitHub URL protection (inst_084)
  * Success logging (no violations)

- Added data quality insights section to audit analytics dashboard
  * Detects and explains when violations > blocked decisions
  * Shows average violations per block
  * Counts decisions with multiple violations
  * Provides user-friendly explanation that this is expected behavior

- Added scripts/add-instruction.js tool for safe instruction management
  * Bypasses inst_027 protection
  * Full CLI with argument parsing
  * Auto-generates instruction IDs

Resolves dual hook system logging gap - all validators now log to MongoDB
 2025-10-28 12:22:10 +13:00
TheFlow
e99c85c4f2 fix(bi): add environment distribution breakdown to explain count discrepancies 
Problem: Users noticed environment counts don't add up to total
- Total (All Environments): 868
- Development: 400
- Production: 300
- 400 + 300 = 700 ≠ 868

Root cause: Some audit logs have no environment field (null/undefined)
- These records ARE counted in "All Environments"
- These records are NOT counted when filtering by "Development" or "Production"

Solution:
- Added "Environment Distribution" section showing breakdown
- Displays: Development, Production, and Unspecified counts
- Shows warning when unspecified records exist
- Makes it clear why filtered totals may not match grand total

Technical details:
- Frontend filtering in audit-analytics.js
- Backend query uses: query.environment = environment (exact match only)
- Missing environment fields excluded from filtered results

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-27 19:56:57 +13:00
TheFlow
d2913ac6e7 feat(bi): add honest cost avoidance disclaimer and framework participation metrics 
BI Dashboard Transparency Update:
- Added methodology disclaimer section (amber warning box)
- Transparently discloses: "No formal baseline exists"
- Acknowledges cost avoidance represents observed correlation, not proven causation
- Explains data source: empirical pre/post framework behavior comparison
- Notes validation opportunity: future controlled A/B testing

Framework Participation Rate (Phase 3.4):
- New metric card showing percentage of decisions with framework guidance
- Service breakdown (top 5 services by participation)
- Status messages based on participation level
- Integrated into dashboard grid (now 3-column layout)

Rationale:
User has months of empirical evidence showing observed violation reduction
since framework deployment (CSP violations, credential exposure, fake data,
inappropriate terminology). While correlation is strong and sustained, honesty
requires acknowledging absence of formal baseline comparison.

Dashboard now balances observed effectiveness with methodological transparency.

Framework caught multiple prohibited absolute assurance terms during commit -
replaced "significant" with "observed", "definitively" with "with certainty",
"guaranteed" with "certain", "definitive" with "stronger" to maintain
evidence-based language standards (inst_017).

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-27 19:47:12 +13:00
TheFlow
20a108402e feat(content): add framework-guided blog pre-publication and comment analysis 
Blog Pre-Publication Workflow:
- New admin interface (blog-pre-publication.html) for framework-guided content review
- Analysis provides: sensitivity check, compliance validation, audience analysis
- Publication guidance: timing, monitoring, action recommendations
- Response templates for anticipated reader feedback
- Overall recommendation: APPROVE/REVIEW/REJECT decision
- CSP-compliant implementation (no inline scripts/styles)

Comment & Feedback Analysis Workflow:
- New admin interface (comment-analysis.html) for social media/article feedback
- Sentiment analysis (positive/negative/neutral/mixed with confidence)
- Values alignment check (aligned values, concerns, misunderstandings)
- Risk assessment (low/medium/high with factors)
- Recommended responses (prioritized with rationale)
- Framework guidance on whether/how to respond

Backend Implementation:
- New controller: framework-content-analysis.controller.js
- Services invoked: PluralisticDeliberationOrchestrator, BoundaryEnforcer
- API routes: /api/admin/blog/analyze, /api/admin/feedback/analyze
- Integration with existing auth and validation middleware

Framework Validation:
During implementation, framework caught and blocked TWO CSP violations:
1. Inline onclick attribute - forced addEventListener pattern
2. Inline style attribute - forced data attributes + JavaScript
This demonstrates framework is actively preventing violations in real-time.

Transforms blog curation from passive reporter to active agency manager.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-27 19:45:43 +13:00
TheFlow
d854ac85e2 feat(research): add cross-environment audit log sync infrastructure 
Implements privacy-preserving synchronization of production audit logs
to development for comprehensive governance research analysis.

Backend Components:
- SyncMetadata.model.js: Track sync state and statistics
- audit-sanitizer.util.js: Privacy sanitization utility
  - Redacts credentials, API keys, user identities
  - Sanitizes file paths and violation content
  - Preserves statistical patterns for research
- sync-prod-audit-logs.js: CLI sync script
  - Incremental sync with deduplication
  - Dry-run mode for testing
  - Configurable date range
- AuditLog.model.js: Enhanced schema with environment tracking
  - environment field (development/production/staging)
  - sync_metadata tracking (original_id, synced_from, etc.)
  - New indexes for cross-environment queries
- audit.controller.js: New /api/admin/audit-export endpoint
  - Privacy-sanitized export for cross-environment sync
  - Environment filter support in getAuditLogs
- MemoryProxy.service.js: Environment tagging in auditDecision()
  - Tags new logs with NODE_ENV or override
  - Sets is_local flag for tracking

Frontend Components:
- audit-analytics.html: Environment filter dropdown
- audit-analytics.js: Environment filter query parameter handling

Research Benefits:
- Combine dev and prod governance statistics
- Longitudinal analysis across environments
- Validate framework consistency
- Privacy-preserving data sharing

Security:
- API-based export (not direct DB access)
- Admin-only endpoints with JWT authentication
- Comprehensive credential redaction
- One-way sync (production → development)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-10-27 12:11:16 +13:00