tractatus

john/tractatus

Fork 0

Commit graph

Author SHA1 Message Date

Author	SHA1	Message	Date
TheFlow	d600f6ed83	chore(license): Phase B — relicense source files from Apache 2.0 to EUPL-1.2 Some checks are pending CI / Run Tests (push) Waiting to run Details CI / Lint Code (push) Waiting to run Details CI / CSP Compliance Check (push) Waiting to run Details Phase B of PLAN_LICENSE_STANDARDISATION_EUPL12_20260419. Follows Phase A (`c85f310f`, `4ddc54a0`) which flipped the LICENSE file + README; this commit propagates EUPL-1.2 through source-file headers. 21 files touched across 4 distinct Apache-reference variants: - V1 (14 files) — full Apache header block (JS /* ... /): 2 routes + 1 controller + 7 services + 2 models + 3 utils. Replaced with equivalent EUPL-1.2 block pointing at EC canonical URL. - V2 (2 files) — inline JSDoc license line (Copyright Tractatus Project): src/routes/calendar.routes.js + src/models/ScheduledTask.model.js. Replaced with EUPL-1.2 v. 1.2 equivalent. - V3 (4 files) — Python docstring 'License: Apache 2.0': all 4 al-integration Python files. Replaced with 'License: EUPL-1.2'. - V4 (1 file) — al-integration/README.md bare 'Apache 2.0' under '## License' heading. Replaced with 'EUPL-1.2'. Verification: - grep -r "Apache License\|Apache 2.0\|apache.org/licenses" src/ al-integration/ returns zero matches (modulo venv). - Unit tests: 524/524 pass (npm run test:unit). - Integration test failures (177) are DB-connection infrastructure, pre-existing, unrelated to this header-only change. Sole author basis: TheFlow, 930+ commits, unilateral relicensing (same as Phase A). Replacement infrastructure also committed: scripts/relicense-apache-to-eupl.js (auto-detecting variant replacement, idempotent, --dry-run mode). Reusable for Phase C (community-repo sweep) if pattern structure aligns. Out-of-scope Apache mentions still in the repo (next pass, NOT Phase B): - SESSION_HANDOFF_ENFORCEMENT_COMPLETE.md (root doc) - CLAUDE_Tractatus_Maintenance_Guide.md (root doc) - For Claude Web/tractatus-claude-web-complete/* (docs snapshot subdirectory) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-19 20:32:09 +12:00
TheFlow	d854ac85e2	feat(research): add cross-environment audit log sync infrastructure Implements privacy-preserving synchronization of production audit logs to development for comprehensive governance research analysis. Backend Components: - SyncMetadata.model.js: Track sync state and statistics - audit-sanitizer.util.js: Privacy sanitization utility - Redacts credentials, API keys, user identities - Sanitizes file paths and violation content - Preserves statistical patterns for research - sync-prod-audit-logs.js: CLI sync script - Incremental sync with deduplication - Dry-run mode for testing - Configurable date range - AuditLog.model.js: Enhanced schema with environment tracking - environment field (development/production/staging) - sync_metadata tracking (original_id, synced_from, etc.) - New indexes for cross-environment queries - audit.controller.js: New /api/admin/audit-export endpoint - Privacy-sanitized export for cross-environment sync - Environment filter support in getAuditLogs - MemoryProxy.service.js: Environment tagging in auditDecision() - Tags new logs with NODE_ENV or override - Sets is_local flag for tracking Frontend Components: - audit-analytics.html: Environment filter dropdown - audit-analytics.js: Environment filter query parameter handling Research Benefits: - Combine dev and prod governance statistics - Longitudinal analysis across environments - Validate framework consistency - Privacy-preserving data sharing Security: - API-based export (not direct DB access) - Admin-only endpoints with JWT authentication - Comprehensive credential redaction - One-way sync (production → development) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-27 12:11:16 +13:00

TheFlow

d600f6ed83

chore(license): Phase B — relicense source files from Apache 2.0 to EUPL-1.2

CI / Run Tests (push) Waiting to run

Details

CI / Lint Code (push) Waiting to run

Details

CI / CSP Compliance Check (push) Waiting to run

Details

Phase B of PLAN_LICENSE_STANDARDISATION_EUPL12_20260419. Follows Phase A
(c85f310f, 4ddc54a0) which flipped the LICENSE file + README; this commit
propagates EUPL-1.2 through source-file headers.

21 files touched across 4 distinct Apache-reference variants:

- V1 (14 files) — full Apache header block (JS /* ... */): 2 routes + 1
  controller + 7 services + 2 models + 3 utils. Replaced with equivalent
  EUPL-1.2 block pointing at EC canonical URL.
- V2 (2 files) — inline JSDoc license line (Copyright Tractatus Project):
  src/routes/calendar.routes.js + src/models/ScheduledTask.model.js.
  Replaced with EUPL-1.2 v. 1.2 equivalent.
- V3 (4 files) — Python docstring 'License: Apache 2.0': all 4 al-integration
  Python files. Replaced with 'License: EUPL-1.2'.
- V4 (1 file) — al-integration/README.md bare 'Apache 2.0' under '## License'
  heading. Replaced with 'EUPL-1.2'.

Verification:
- grep -r "Apache License|Apache 2.0|apache.org/licenses" src/ al-integration/
  returns zero matches (modulo venv).
- Unit tests: 524/524 pass (npm run test:unit).
- Integration test failures (177) are DB-connection infrastructure, pre-existing,
  unrelated to this header-only change.

Sole author basis: TheFlow, 930+ commits, unilateral relicensing (same as Phase A).

Replacement infrastructure also committed: scripts/relicense-apache-to-eupl.js
(auto-detecting variant replacement, idempotent, --dry-run mode). Reusable for
Phase C (community-repo sweep) if pattern structure aligns.

Out-of-scope Apache mentions still in the repo (next pass, NOT Phase B):
- SESSION_HANDOFF_ENFORCEMENT_COMPLETE.md (root doc)
- CLAUDE_Tractatus_Maintenance_Guide.md (root doc)
- For Claude Web/tractatus-claude-web-complete/** (docs snapshot subdirectory)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-19 20:32:09 +12:00

TheFlow

d854ac85e2

feat(research): add cross-environment audit log sync infrastructure

Implements privacy-preserving synchronization of production audit logs
to development for comprehensive governance research analysis.

Backend Components:
- SyncMetadata.model.js: Track sync state and statistics
- audit-sanitizer.util.js: Privacy sanitization utility
  - Redacts credentials, API keys, user identities
  - Sanitizes file paths and violation content
  - Preserves statistical patterns for research
- sync-prod-audit-logs.js: CLI sync script
  - Incremental sync with deduplication
  - Dry-run mode for testing
  - Configurable date range
- AuditLog.model.js: Enhanced schema with environment tracking
  - environment field (development/production/staging)
  - sync_metadata tracking (original_id, synced_from, etc.)
  - New indexes for cross-environment queries
- audit.controller.js: New /api/admin/audit-export endpoint
  - Privacy-sanitized export for cross-environment sync
  - Environment filter support in getAuditLogs
- MemoryProxy.service.js: Environment tagging in auditDecision()
  - Tags new logs with NODE_ENV or override
  - Sets is_local flag for tracking

Frontend Components:
- audit-analytics.html: Environment filter dropdown
- audit-analytics.js: Environment filter query parameter handling

Research Benefits:
- Combine dev and prod governance statistics
- Longitudinal analysis across environments
- Validate framework consistency
- Privacy-preserving data sharing

Security:
- API-based export (not direct DB access)
- Admin-only endpoints with JWT authentication
- Comprehensive credential redaction
- One-way sync (production → development)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-10-27 12:11:16 +13:00

2 commits