d95dc4663c
**Cache-Busting Improvements:** - Switched from timestamp-based to semantic versioning (v1.0.2) - Updated all HTML files: index.html, docs.html, leader.html - CSS: tailwind.css?v=1.0.2 - JS: navbar.js, document-cards.js, docs-app.js v1.0.2 - Professional versioning approach for production stability **systemd Service Implementation:** - Created tractatus-dev.service for development environment - Created tractatus-prod.service for production environment - Added install-systemd.sh script for easy deployment - Security hardening: NoNewPrivileges, PrivateTmp, ProtectSystem - Resource limits: 1GB dev, 2GB prod memory limits - Proper logging integration with journalctl - Automatic restart on failure (RestartSec=10) **Why systemd over pm2:** 1. Native Linux integration, no additional dependencies 2. Better OS-level security controls (ProtectSystem, ProtectHome) 3. Superior logging with journalctl integration 4. Standard across Linux distributions 5. More robust process management for production **Usage:** # Development: sudo ./scripts/install-systemd.sh dev # Production: sudo ./scripts/install-systemd.sh prod # View logs: sudo journalctl -u tractatus -f 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
5.1 KiB
Tractatus - Active Session Governance (Claude Code)
Project: Tractatus Website | Database: tractatus_dev (port 27017) | App Port: 9000 Status: Phase 1 Development | Separate from: family-history, sydigital
⚠️ MANDATORY SESSION START PROTOCOL
IMMEDIATELY upon session start, run ONE command:
node scripts/session-init.js
⚠️ CRITICAL: Also run this IMMEDIATELY after continuing from a compacted conversation!
This automated script will:
- ✅ Detect new session vs. continued session
- ✅ Initialize session state and reset token checkpoints
- ✅ Load instruction history (shows active HIGH/MEDIUM/LOW counts)
- ✅ Run baseline pressure check (ContextPressureMonitor)
- ✅ Verify all 5 framework components operational
- ✅ Report framework status to user
Manual fallback (if script fails):
node scripts/check-session-pressure.js --tokens 0/200000 --messages 0- Read
.claude/instruction-history.jsonfor active instructions
🔒 FIVE MANDATORY FRAMEWORK COMPONENTS (ALWAYS ACTIVE)
These MUST be used continuously throughout EVERY session. No exceptions.
1. ContextPressureMonitor (Every 25% tokens = 50k)
- When: Session start, 50k, 100k, 150k tokens, complex operations, errors
- Command:
node scripts/check-session-pressure.js --tokens <current>/<budget> --messages <count> - Update:
.claude/session-state.jsonand.claude/token-checkpoints.json
2. InstructionPersistenceClassifier (All explicit directives)
- When: User gives explicit instruction (ports, configs, requirements, constraints)
- Action: Classify quadrant (STR/OPS/TAC/SYS/STO), persistence level, temporal scope
- Store: Append to
.claude/instruction-history.json
3. CrossReferenceValidator (Before major changes)
- When: Database changes, config modifications, file edits, architecture decisions
- Action: Check
.claude/instruction-history.jsonfor conflicts - Block: If conflicts with HIGH persistence instructions
4. BoundaryEnforcer (Before values decisions)
- When: Privacy decisions, ethical trade-offs, user agency, mission changes
- Action: Verify decision doesn't cross into values territory
- Block: All values decisions require human approval
5. MetacognitiveVerifier (Complex operations only)
- When: Operations with >3 files, >5 steps, architecture changes, security implementations
- Action: Verify alignment, coherence, completeness, safety, alternatives
- Report: Confidence score + alternatives before proceeding
🚨 FRAMEWORK FADE DETECTION & RECOVERY
Framework fade = Components not being used. This is CRITICAL FAILURE.
Signs of fade:
- No pressure check in 50k tokens
- No instruction classification when directive given
- No boundary check before values decision
- No validator check before major change
Immediate action when fade detected:
- STOP all work
- Run:
node scripts/recover-framework.js - Report to user: Framework lapsed, recovery initiated
- Resume: Only after recovery complete
Automated monitoring: npm run dev now runs framework-watchdog.js in background
📋 PRE-ACTION CHECK (Required before major actions)
Before ANY of these, run: node scripts/pre-action-check.js <action-type> [file-path] <description>
Action types: file-edit, database, architecture, config, security, values, complex
File path (optional): When editing HTML/JS files, include file path for automated CSP validation
- Example:
node scripts/pre-action-check.js file-edit public/docs.html "Update navigation"
Exit codes:
- 0 = PASS (proceed)
- 1 = FAIL (blocked, address issues)
- 2 = ERROR (system failure)
🔒 Automated CSP Validation (inst_008 enforcement):
- Automatically validates HTML/JS files for Content Security Policy violations
- Detects: inline event handlers (
onclick=), inline styles (style=""), inline scripts,javascript:URLs - Blocks action if violations found - prevents CSP violations from reaching production
- This automated check catches violations that manual review might miss
📚 DETAILED REFERENCE DOCUMENTS
- CLAUDE_Tractatus_Maintenance_Guide.md: Full governance framework, conventions, directory structure
- docs/claude-code-framework-enforcement.md: Complete technical documentation
- .claude/instruction-history.json: Persistent instruction database
- .claude/session-state.json: Current session framework activity
- .claude/token-checkpoints.json: Token milestone tracking
🎯 QUICK REFERENCE
MongoDB: Port 27017, database tractatus_dev
Application: Node.js/Express, port 9000
Tech Stack: Vanilla JS, Tailwind CSS, MongoDB, Express
No shared code: Separate from family-history and sydigital
Human approval required: Architectural changes, DB schema, security, values content
Quality standard: World-class, no shortcuts, no fake data
Last Updated: 2025-10-09 (Added automated CSP validation to pre-action-check.js) For full details: See CLAUDE_Tractatus_Maintenance_Guide.md