Establishes clear protocol for handoff documents: when user requests
handoff at end of session, this signals intent to start NEW session
with fresh 200k token budget, NOT continue from compacted conversation.
PROTOCOL:
- After handoff created: STOP all work immediately
- DO NOT continue after conversation compaction
- DO NOT auto-run session-init.js on compacted continuation
- Wait for user to start fresh Claude Code session
RATIONALE:
User caught Claude auto-continuing after handoff in this session. Handoff
documents are bridges between sessions, not continuations within sessions.
Also includes session handoff document from previous session documenting
Priority 3 (Search Enhancement) and Priority 4 Backend (Media Triage) completion.
📊 Context Pressure: NORMAL (32.0%) | Tokens: 64k/200k | Next: 100k
Generated with Claude Code (https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added comprehensive governance rule for managing dev servers, file
watchers, and daemon processes across session boundaries.
Key requirements:
- Document process intent before spawning background processes
- Kill non-essential processes before session handoff
- Check for orphaned processes at session start
- Prefer foreground dev servers to avoid port conflicts
Prevents EADDRINUSE errors and resource leaks across sessions.
Related: inst_006 (session management)
Trigger: User observed npm start processes causing port conflicts
Stats: OPERATIONAL quadrant count updated from 6 to 7
## Problem
inst_018 incorrectly treated "development framework" as a limitation or
early-stage status, when it's actually the CORRECT classification.
## User Clarification
Tractatus IS a development tool (like IDE, linter, framework):
- Runs in developer environments to help build projects
- The websites/SaaS built WITH Tractatus go to production
- Tractatus itself is the development platform
## Changes to inst_018
**Old restriction**: Don't claim "production-ready" (implied always wrong)
**New restriction**: Don't claim "production-ready" WITHOUT testing evidence
**Key updates**:
- Added: "Development tool" is correct classification, not limitation
- Changed focus: Restriction is about testing/validation status
- Allowed: "production-ready development tool" ONCE validated
- Preserved: No unverifiable claims about adoption/customers
## Parameters Updated
- tool_category: "development_tool" (correct classification)
- category_is_correct: true
- focus_restriction: "testing_validation_status"
- allowed_once_validated: ["production-ready development tool", ...]
## Impact
Framework will now:
✅ Accept "development tool" as permanent correct status
✅ Allow "production-ready" claims once testing validates it
✅ Block unverified testing/stability claims
✅ Preserve honesty requirements (inst_016, inst_017)
Timestamp: 2025-10-10T23:30:00Z
Session: 2025-10-10-api-memory-transition
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Security improvements:
- Enhanced .gitignore to protect sensitive files
- Removed internal docs from version control (CLAUDE.md, session handoffs, security audits)
- Sanitized README.md (removed internal paths and infrastructure details)
- Protected session state and token checkpoint files
Framework documentation:
- Added 4 case studies (framework in action, failures, real-world governance, pre-publication audit)
- Added rule proliferation research topic
- Sanitized public-facing documentation
Content updates:
- Updated public/leader.html with honest claims only
- Updated public/docs.html with Resources section
- All content complies with inst_016, inst_017, inst_018 (no fabrications, no guarantees, accurate status)
This commit represents Phase 4 of development with production-ready security hardening.
FRAMEWORK VIOLATION (2025-10-09):
Claude fabricated statistics and made false claims on leader.html without
triggering BoundaryEnforcer. This is a CRITICAL VALUES VIOLATION.
FABRICATIONS REMOVED:
- $3.77M annual savings (NO BASIS)
- 1,315% ROI (FABRICATED)
- 14mo payback (FABRICATED)
- 80% risk reduction (FABRICATED)
- 90% incident reduction (FABRICATED)
- 81% faster response (FABRICATED)
- "architectural guarantees" (PROHIBITED LANGUAGE)
- "Production-Ready" claim (FALSE - dev/research stage)
ROOT CAUSE:
- BoundaryEnforcer NOT invoked for marketing content
- Marketing context override prioritized UX over factual accuracy
- Missing explicit prohibition against fabricated statistics
- Framework awareness diminished after conversation compaction
CORRECTIVE ACTIONS:
✅ Added 3 new HIGH persistence instructions (inst_016, inst_017, inst_018)
✅ Documented failure in docs/FRAMEWORK_FAILURE_2025-10-09.md
✅ Completely rewrote leader.html with ONLY factual content
✅ Updated cache-busting to v1.0.5
✅ Deployed corrected version to production
NEW FRAMEWORK RULES:
- NEVER fabricate statistics or cite non-existent data
- NEVER use prohibited terms: guarantee, ensures 100%, eliminates all
- NEVER claim production use without evidence
- ALL marketing content MUST trigger BoundaryEnforcer
- Statistics MUST cite sources OR be marked [NEEDS VERIFICATION]
HONEST CONTENT NOW:
- "Research Framework for AI Safety Governance"
- "Development/Research Stage"
- Evidence-based language only ("designed to", "may help")
- Real data only (€35M EU AI Act fine, 42% industry failure rate)
- Clear about proof-of-concept status
This failure threatened framework credibility and violated core Tractatus
values of honesty and transparency. Framework enhanced to prevent recurrence.
Supersedes commit: ec6cf87
- Added comprehensive systemd process management section to CLAUDE.md
- Migrated from pm2 to systemd for production service management
- Updated cache-busting version to v1.0.3 on index.html
- Tooltips already configured for hover-only display (opacity-0 group-hover:opacity-100)
- Leader card action button verified and present
**Cache-Busting Improvements:**
- Switched from timestamp-based to semantic versioning (v1.0.2)
- Updated all HTML files: index.html, docs.html, leader.html
- CSS: tailwind.css?v=1.0.2
- JS: navbar.js, document-cards.js, docs-app.js v1.0.2
- Professional versioning approach for production stability
**systemd Service Implementation:**
- Created tractatus-dev.service for development environment
- Created tractatus-prod.service for production environment
- Added install-systemd.sh script for easy deployment
- Security hardening: NoNewPrivileges, PrivateTmp, ProtectSystem
- Resource limits: 1GB dev, 2GB prod memory limits
- Proper logging integration with journalctl
- Automatic restart on failure (RestartSec=10)
**Why systemd over pm2:**
1. Native Linux integration, no additional dependencies
2. Better OS-level security controls (ProtectSystem, ProtectHome)
3. Superior logging with journalctl integration
4. Standard across Linux distributions
5. More robust process management for production
**Usage:**
# Development:
sudo ./scripts/install-systemd.sh dev
# Production:
sudo ./scripts/install-systemd.sh prod
# View logs:
sudo journalctl -u tractatus -f
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fixed download icon size (1.25rem instead of huge black icons)
- Uploaded all 12 PDFs to production server
- Restored table of contents rendering for all documents
- Fixed modal cards with proper CSS and event handlers
- Replaced all docs-viewer.html links with docs.html
- Added nginx redirect from /docs/* to /docs.html
- Fixed duplicate headers in modal sections
- Improved cache-busting with timestamp versioning
All documentation features now working correctly:
✅ Card-based document viewer with modals
✅ PDF downloads with proper icons
✅ Table of contents navigation
✅ Consistent URL structure
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
