diff --git a/.claude/agent-memory/investigator-codebase/MEMORY.md b/.claude/agent-memory/investigator-codebase/MEMORY.md index f5a09af..d02e9a1 100644 --- a/.claude/agent-memory/investigator-codebase/MEMORY.md +++ b/.claude/agent-memory/investigator-codebase/MEMORY.md @@ -70,6 +70,8 @@ Bearer từ `POST api.solutions.com.vn/api/auth/login` → status matrix expecte ## 📅 Recent activity (FIFO — older → archive/git) +- **2026-06-18 (S71 PART-C audit — run-trace vs checklist-v2 FLAT + detector-refine, on-disk):** ⭐ **2 GAP THẬT (trung-thực, không inflate):** (1) **C1/C2/C8 = SUBFOLDER, canonical-v2 = FLAT → migration NEEDED, chưa làm.** `find runs/` cho thấy MỖI run-folder có `sub-md/`+`harvest/` SUBDIR (5 run: h10-{invest,implement,review}+h910-{finalize,curate}) — đúng cấu-trúc CŨ broadcast-delta phát-bỏ. ZERO flat-awareness: grep `phẳng|flat|cùng cấp` trong `.claude/workflows/`+`.claude/commands/`=0 hit. SE-adoption-commit `8c47bd0`(06-18) TRƯỚC broadcast-flat cùng-ngày → SE chưa biết. README/hmw.js/session-end đều mô-tả subfolder. C8 dual-form-acceptance close-gate cũng chưa. (2) **REFINE(b) detector = MISSING HOÀN-TOÀN.** `find .claude -name *.js/*.ps1`=CHỈ `hmw.js`(=engine ≠ detector). `.claude/hooks`+`.claude/scripts` KHÔNG tồn-tại. Repo-wide grep `bypass|scan.*runs` script=0. SE KHÔNG có bộ-dò chống-lách-engine → 3-function (whitelist/path-variants/launch-key-anchor)+relation-acceptance = n-a. **MET (đừng nhạ oan):** C3 committed THẬT — `git check-ignore runs`=exit1(NOT-ignored)+`git ls-files runs`=22 file (cả hai nấc). C4 per-turn real (`invest-synthesis.md` 43-dòng). C5 3-layer wired: L1 README:51(convention em-main) · L2 `session-start.md:71` orphan-scan `runs/*/` closed=⏳+harvest-rỗng · L3 `session-end.md:51` close-gate idempotent 5-trục. C6 ledger 2-beat (`_ledger.md:7`, 5 run đều CLOSE-beat+wf_). C7 caveat present (README §69-73 no-overclaim/fragile/G-015 TRACKED≠enforced). ⚠️ sub-md/ chỉ `.gitkeep` (read-only sub→em-main scribe, design KHÔNG phải miss). Tag `[s71, part-c-audit, subfolder-not-flat, detector-MISSING, c3-committed-real]`. + - **2026-06-18 (S71 Harness-10 ref-sweep — wave-*/agent-teams/harvest migration map, on-disk):** ⭐ **2 RULE-MECHANISM (cơ-chế, sửa CẨN THẬN ≠ text-swap):** (1) **`.gitignore:93-94`** `.claude/workflows/wave-*/` + `.claude/agent-teams/` AFTER `!.claude/**:83` (last-match-wins) — Harness-10 LẬT containment: runs/ TRACKED nên KHÔNG gitignore (đã có `runs/_ledger.md:4` "tracked-change NGOÀI run-folder = vi-phạm" thay B6 "mọi tracked = vi-phạm"). agent-teams = n-a Windows in-process → giữ-hay-bỏ tùy. (2) **`hmw.js`** wave-mechanism: meta.description:9 (2-MODE) · args:19 `wave:{name,dir}` · SCHEMA subMdPath:52 · WAVE-MODE block:87-91 (`const wave = A.wave&&A.wave.dir`) · log:94 · subMd path:102 · writeGuard TOOL-AWARE 2-nhánh:106-120 (wave→sub-MD-isolated / default→return-delta) · prompt subMdPath:131. → run-trace = đổi `wave`→`run`, dir `wave-`→`runs/`, +harvest/ path. **TEXT-ONLY (đổi chữ, KHÔNG cơ-chế):** `.claude/workflows/README.md` TOÀN BỘ (48 dòng, đầu-đề + table 2-MODE + structure + B1-B6 + agent-team §) · `session-end.md:32,49,51` (§L.b(d)(f) GATE + B5 wave-gom) · `session-start.md:71` (H2 báo wave-folder tồn-đọng) · `agents/README.md:111` (decision-tree wave-gom B5) + :22-28,52 harvest-curator.md (B5 scan path `wave-/sub-*.md` + agent-team) · `harvest-curator/MEMORY.md:20` (wave-folder gitignored). **DOC/HISTORY (immutable evidence — KHÔNG sửa):** `broadcasts/**` (handshake:17 + inbox/README:15 "khác wave-folder gitignored") · `docs/governance/adap-reports/2026-06-07-Agent-harness-2.md` (toàn bộ B1-B6 spec) · `docs/changelog/sessions/*` · `error-ledger.md:86` (wave-folder-leak=0 evidence). **ĐÃ SCAFFOLD Harness-10 (S71 đang chạy):** `runs/_ledger.md` (2-beat OPEN/CLOSE) + `runs/2026-06-18-h10-invest/run.md` + `harvest/`. ⚠️ **Note .gitignore:92 comment** `git check-ignore -v .claude/workflows/wave-x/wave.md` = verify-cmd cũ, đổi theo. Tag `[s71, harness-10-refsweep, wave-to-runtrace-migration, gitignore-mechanism, hmw-wave-mechanism]`. - **2026-06-18 (S71 Harness-10 STAGE-C harvest-flow recon — per-turn + 3-layer wire points, on-disk):** ⭐ **CURRENT harvest = SINGLE-POINT @session-end (B5), KHÔNG per-turn.** Driver = `harvest-curator` H2 (`agents/harvest-curator.md:22` "sau workflow-dài/cuối-session quét `wave-/sub-*.md`→gom→APPEND agent-memory/"). Wired ONLY `session-end.md §L.b(f):51` (5-trục GATE + wave-folder gom B5). `session-start.md:71` = REPORT-only (báo wave tồn-đọng, KHÔNG gom). ZERO per-turn hook — `hmw.js` JS-sandbox no-fs (`hmw.js:5`), harvest deferred-to-close. **C4 per-turn-primary wire (3 chỗ):** (a) `hmw.js:122-134` prompt-builder — sub return findings; (b) NEW em-main step: ghi `runs//harvest/` SAU MỖI fan-out turn (KHÔNG đợi close); (c) `session-end.md §L.b(f):51` đổi "gom @end" → "VERIFY per-turn harvest đủ". **C5 3-layer anti-miss wire:** L1 in-run-reminder = `hmw.js` prompt + `run.md` checklist (run trước chưa-harvest → flag); L2 post-exec-rescan = `session-start.md:71` (mở rộng orphan-scan `runs/*/` tìm ledger-OPEN-no-harvest, hiện chỉ báo wave); L3 close-gate = `session-end.md §L.b(f):51` (GATE đã có, repoint wave→runs). **EVIDENCE tracked:** `git check-ignore runs/.../run.md`→matched `!.claude/**` (.gitignore:83 negation)=NOT-ignored ✓ vs `wave-*/` still gitignored (:93). Run-folder ĐÃ scaffold S71: `runs/2026-06-18-h10-invest/`{run.md·sub-md/.gitkeep·harvest/.gitkeep}+`runs/_ledger.md` (2-beat OPEN/CLOSE `:3`, orphan=OPEN-no-CLOSE). **G-015 shift:** Harness-2 "mọi tracked=vi-phạm" (wave gitignored→diff mù) → Harness-10 "tracked NGOÀI run-folder+code-disjoint=vi-phạm" (`_ledger.md:4`) → containment MẠNH hơn (run-folder in git-diff thấy sub-MD writes). Tag `[s71, h10-harvest-flow, per-turn-C4, 3-layer-C5, single-point-end-current]`. @@ -80,6 +82,7 @@ Bearer từ `POST api.solutions.com.vn/api/auth/login` → status matrix expecte - **2026-06-17 (S69 recon — Office-module inventory + Hồ sơ-NS CSS-contract, on-disk):** ⭐ **PART A Office:** 21 `Off_*` keys (`MenuKeys.cs:99-121`): root `Off` + DanhBa(card-grid), `Off_PhongHop`{View=cal/Manage=room-CRUD-admin/Book}, `Off_DeXuat`{List/Create/Inbox=Proposal-V2}, `Off_DonTu`{Leave/Ot/Travel}, `Off_DatXe`, `Off_ItTicket`, `Off_ChamCong`(re-parent→Personal S57), `Off_AttendanceReport`(admin). 10 office pages `{fe-admin,fe-user}/src/pages/office/` ALL SHA256-MIRROR except **MyAttendancePage DIFFERS** + AttendanceReportPage ADMIN-ONLY. Routes `App.tsx` user:70-80/admin:88-100; staticMap `Layout.tsx:87-103` (workflow-apps :kind `/workflow-apps/{leave,ot,travel,vehicle}`); menuKeys.ts:45-63. **HIDE-FLAG** `RevokeTemporarilyHiddenModulesAsync` (`DbInitializer.cs:2157-2190` called :2040 LAST) wipes CRUD on `MenuKey.StartsWith("Off")||"Hrm"||==Personal` non-Admin, idempotent. **Golive flip:** remove :2040 call (+ re-add prefix InReviewScope grant). Office already S55-shell polished NOT bare. **PART B Hồ sơ-NS CSS:** layout=3-col flex (`EmployeesListPage.tsx` SHA256-identical x2, 1597 LOC): cây-tổ-chức TRÁI(:178) + NV-list MID(:244) + detail PHẢI = avatar-header `app-gradient-brand`(:643)+`text-white!`(:653)+initials chip bg-white/15 → 5-TAB(:507 Tổng quan/Thân nhân/Trình độ/Kinh nghiệm/Hợp đồng) → `Card`(:1526 left-rail+icon-chip) w/ `Field`(:1572 label uppercase accent-tint + value `font-medium text-brand-800`, empty=`text-slate-300 —`). `ACCENT` map :497-503 Record<5,{chipBg/chipFg/head/rail/labelText}> accent∈{brand,teal,violet,amberx,greenx}, palettes stops 50/100/500/600/700 only no-800→headings -700 (brand -800 OK). Tokens `index.css`: brand-600=#1f7dc1 brand-800=#175685 @theme:5-55, font Be-Vietnam-Pro:53; classes `.app-gradient-brand`(:105 120deg b600→700→800),`.card-accent`(:112),`.icon-chip`(:128 --chip-bg/--chip-fg),`.stat-value`(:140),`.label-eyebrow`(:89). ⚠️ **GOTCHA #66 = `index.css:79-83` `h1,h2,h3,h4{color:#0b1220;font-weight:700}` OUTSIDE @layer** → TW-v4 unlayered wins → heading-tag inside gradient MUST `text-white!`. ⚠️ **CROSS-APP DRIFT:** fe-user=S68 (h1-4 #0b1220/700, label-eyebrow brand-600, 175L); **fe-admin STILL OLD** (h1-4 #0f172a/600, label-eyebrow #64748b slate, 167L) — fe-admin NOT synced S66-68 heading bump → mirror Office to fe-admin needs index.css sync. Tag `[s69, office-inventory, hoso-css-contract, gotcha66, fe-admin-css-drift]`. +- **2026-06-18 (S71 Harness-8/hmw/pending/sleep audit — fidelity ground-truth, on-disk):** ⭐ **H8 all-inherit = FULLY ADOPTED both layers.** (1) Frontmatter: ALL 12 `.claude/agents/*.md` = `model: inherit` (11 sub + README; grep-count 12/12, zero demoted). (2) `hmw.js resolveModel:36-44` = all-inherit (`:43` role-with-frontmatter→`undefined`=inherit; `:41` invalid-role→fail-UP inherit; `:42` role-less→inherit). **Per-task escape-hatch PRESENT** `:37` `if(tier==='fable'||'opus')return tier` (H8.1 "ngoại lệ per-task" satisfied). **hmw run-trace = args.run + legacy args.wave alias** `:91` `(A.run&&A.run.dir)?A.run:((A.wave&&A.wave.dir)?A.wave:null)` ✓. ⚠️ **GAP-1 (the one real gap): hmw FLAT-vs-SUBFOLDER.** hmw STILL emits SUBFOLDER: `:103` `subMd=${dir}/sub-md/${role}-${i}.md` + desc/`:113` reference `run.md+sub-md/+harvest/`. The 2026-06-18 `h10-flat-detector-refine` (supersedes-part-of checklist-9-10 §C1/C2/C8) mandates FLAT files-one-level distinguished BY FILENAME, no subdirs. Disk confirms subfolder: `runs/2026-06-18-h10-invest/` has `harvest/`+`sub-md/` dirs (not flat). **GAP-2: SE adopted checklist v1 NOT v2** (`broadcasts/outbox/ai_infra/2026-06-18-...checklist-adopted.md:16` cites `2026-06-16-Governance-checklist-harness-9-10` = v1, no `-v2`). **UNADOPTED broadcasts (2 confirmed PENDING):** `2026-06-18-h10-flat-detector-refine` + `2026-06-18-checklist-harness-9-10-v2`. NO other newer (last outbox/all = these two; SE outbox last report = 2026-06-18 v1). **C3 two-level VERIFIED:** `git check-ignore runs/` exit=1 (NOT-ignored, neg `!.claude/**` :83) + `git ls-files runs/` = 22 files committed. `wave-x/wave.md` check-ignore exit=0 (still gitignored :93). **sleep-recovery-memory-l2 = AI_INFRA-internal** (`AI_INFRA/.claude/commands/sleep-recovery-memory-l2.md` + `docs/architecture/MEMORY-SLEEP-RECOVERY-L2-DESIGN-v3.md:scope` "CHỈ L2, KHÔNG sister"; NOT in outbox/all — only its Harness-9 broadcast form is, already adopted S70). NOT a sister obligation. **SE already does equivalent FULLY** (not ad-hoc): `memory-budget.json` (caps seeded-by-measure `scripts/measure-agent-memory.ps1`) + 4× `archive/_INDEX.md` + 4× `*.gist.md` (`distill-gen:2` counter) + `.ragignore` (exclude index/gist). Tag `[s71, harness8-audit, hmw-flat-gap, checklist-v1-not-v2, sleep-recovery-ainfra-internal, gist-additive-done]`. - **[→ git pre-S60]** S60 recon#2 V2-engine-map (ApprovalWorkflow.cs Step/Level Order 1-based per-step; OR-of-N=N rows cùng Order service GroupBy:475; ApproveV2Async:446-634 guard+UPSERT+advance; notify DRAFTER-only:748; skipToFinal F2:561-602 = precedent advance-không-ghi-opinion) · S60 PE Section-3 submit-guard (submit path POST/pe/{id}/transitions→TransitionAsync:38 ROLE-only guard NO data-check; Section-3 mục a/b/c/d map — SUPERSEDED bởi S65ter post-Mig50 Budget-drop; test mirror PurchaseEvaluationWorkflowServiceGuardTests). Full text git. - **2026-06-16 (S65bis recon — Employee profile master-detail vs NamGroup, on-disk):** ⭐ **STALE-PREMISE CORRECTION:** fe-user `/employees` KHÔNG list-only — `hrm/EmployeesListPage.tsx` (1201 LOC) ĐÃ master-detail 2-panel (filter sidebar :117 + list table :197 + inline detail :234) với **6 collapsible section** (`
` :1157, KHÔNG tab) + 5 satellite inline CRUD (WorkHistory/Education/FamilyRelation/Skill/Document, `setEditing{X}Id`+`adding{X}` mutex pattern 12-ter S35). **fe-admin == fe-user `diff -q` IDENTICAL** (SHA256 same). **Entity gần đủ screenshot:** `Domain/Hrm/EmployeeProfile.cs` (137 LOC) CÓ: DOB/Gender/Ethnicity/Religion/Nationality/Height/Weight(:98-99)/IdCard(số+ngàycấp+nơicấp :52-54)/permanent+temporary addr/phone/personalEmail/code/hireDate/qualification/salary(Base+Total)/bank/4×leave-days. **THIẾU vs screenshot:** (a) BloodType CÓ nhưng "sức khỏe loại" (health-grade A/B/C) KHÔNG; (b) thâm niên = DERIVED từ HireDate (no column); (c) chức danh = `User.Position`/`PositionLevel` (Identity, KHÔNG ở EmployeeProfile) — list/detail JOIN Users (`EmployeeFeatures.cs:467`); (d) "lương BHXH/phụ cấp" tách riêng KHÔNG có (chỉ Base+Total); đơn vị=DepartmentName JOIN. **5 satellite entity + 15 endpoint FULL** (`EmployeesController.cs:75-233` 5 region×Create/Update/Delete; GET detail Include cả 5 :455-459). Skill polymorphic gộp 3 NamGroup table (Computer/Language/Other Kind :69). **GAP THẬT:** (1) **NO org-tree** — `Department.cs` FLAT (Code/Name/ManagerUserId/Note, KHÔNG ParentId), `DepartmentsController` chỉ GET list+byId (NO /tree), KHÔNG endpoint count-per-dept → cây trái + badge phải build CLIENT-side group-by departmentId từ list; (2) **5-tab layout** screenshot = 6-section `
` hiện tại (re-skin UI, data đủ); (3) "Hợp đồng lao động" tab = chỉ có `EmployeeDocument` type=LaborContract(5), KHÔNG entity HĐLĐ riêng (3 HĐLĐ table DEFER Plan H2 per `EmployeeProfile.cs:10`). **NamGroup source:** `D:\...\NAMGROUP\SOURCECODE_CÔNG_TY\` find .tsx/.razor = 0 hit (KHÔNG phải React/archived) — RAG `proj_namgroup_main` 0 component; tham khảo layout = screenshot anh gửi, KHÔNG có code mirror trực tiếp. ⇒ **Wire-lại-là-xong:** data + API + satellite CRUD 100% sẵn. **Build mới:** Department.ParentId migration + /tree + count endpoint (nếu muốn org-tree thật thay client-group). **Re-skin:** 6-section→5-tab + avatar header. **No new field bắt buộc** trừ health-grade nếu anh cần. Tag `[s65bis, employee-profile, master-detail-EXISTS, dept-flat-no-tree, stale-list-only-corrected]`. @@ -89,6 +92,8 @@ Bearer từ `POST api.solutions.com.vn/api/auth/login` → status matrix expecte - **Archived S29-S37 → `archive/2026-05-q4.md` + git d2f52ba (S40 curate):** S36 G-O2 Phòng họp clean-room + FullCalendar v6 MIT eval · S36 startup MEMORY-size audit · S35 G-H2 HRM clean-room verdict · S33 G-H1 NamGroup TblNhanVien 10-bảng (105 cols main) · S33 startup RAG verify · S32 Plan G 11-module backlog · S29 Plan CA+B pre-flight (3 patterns: 9-menu terrain, V1+V2 coexist, reference-template-paths cite line-range ROI). KEY absorbed: **clean-room > NamGroup port verified 4×** · Pattern 12-bis cross-module mirror · FK+freetext dual-write. +- **2026-06-18 (S71 audit — Harness-9 PART B adap-2workflow trung-thuc, on-disk):** ⭐ **VERDICT B substantially-LANDED, ZERO nac-inflation (reports UNDER-state via honest hedge).** B1/B2 ok-runtime: 2 adap cycle ran SEPARATE workflows distinct run-id — S70 impl `wf_a58e0d15-beb`≠audit `wf_9520d8cd-4fe`; S71 impl `wf_e4e46725-231`≠review `wf_636bc95b-939` (review caught real C5-L1 over-claim impl-self-check missed). B2.5 ok: reverse-findings non-empty both reports (3+4 items)+both emails. B3 ok: 2 emails `broadcasts/outbox/ai_infra/{2026-06-17,2026-06-18}-se-to-ai_infra-*.md` carry true-nac+findings+BOTH run-ids. B4 **partial/convention-met**: rule codified `adap-apply.md:38` (short-but-confirm→review) BUT no runtime instance (no short-decision task arose S70/S71) → pure-convention, lead-discipline. ⚠️ **3 PRECISION-flaws (not protocol-gap):** (1) reviewer-agent StructuredOutput unreliable both sessions → em-main self-gate git/sha (disclosed, valid-branch per feedback memory). (2) **PATH-TRAP:** S71 report/email self-verify cited bare `git ls-files runs/`=14 — WRONG; actual = `.claude/workflows/runs/` (22 tracked files, 5 runs: invest/implement/review + h910-finalize `wf_73de399d-753` + h910-curate `wf_f32987b8-03f`). Auditor running bare `runs/` from repo-root gets 0 → false "not-committed". Folder genuinely committed `8c47bd0` + NOT-ignored at correct path. (3) hmw.js RUN-TRACE runtime honest-flagged pending-restart. adap-apply.md:33-36 codify 2-workflow mandate (auto-loaded). Tag `[s71-audit, harness-9-partB, adap-2workflow, path-trap-runs-folder, b4-convention-gap, no-nac-inflation]`. + --- ## 🔄 Curate trigger diff --git a/.claude/agent-memory/memory-budget.json b/.claude/agent-memory/memory-budget.json index c76b5d1..d7fa9a1 100644 --- a/.claude/agent-memory/memory-budget.json +++ b/.claude/agent-memory/memory-budget.json @@ -1,6 +1,8 @@ { "_note": "Harness-9 (S70, 2026-06-17) memory budget. Caps SEEDED BY MEASUREMENT (scripts/measure-agent-memory.ps1), NOT imagined headroom. Budget-audit @session-start (session-start.md §2.1.2): if curate-to-fit is dropping important markers, BUMP the relevant cap rather than cut markers. Re-measure with the script; never hand-edit measured_bytes.", "seeded_date": "2026-06-18 (S71 re-measure after G1 curate — reviewer 36.7KB + investigator 29.8KB over-cap from S71 same-role race, curated L1->L2 back under auto-inject cap)", + "last_sleep_at": "2026-06-18", + "_last_sleep_at_note": "Harness-10b sleep-recovery (S72): timestamp lan cuoi chay /sleep-recovery-memory-l2. null = chua tung. session-start §2.1.2 + session-end §L.b(c) doc field nay -> INFORM goi-y nen L2 neu null hoac today-last_sleep_at>=7 ngay. Lead=single-writer (chi command sleep set field nay).", "tiers": { "l1_hot": { "file": "MEMORY.md", diff --git a/.claude/agents/README.md b/.claude/agents/README.md index e9c067a..d66eefb 100644 --- a/.claude/agents/README.md +++ b/.claude/agents/README.md @@ -11,6 +11,7 @@ > **Upgrade S64 (2026-06-15 — Harness-7 writing-quality adopt):** sàn chất lượng viết **hướng ra ngoài** (email · broadcast · adap-report · tài-liệu-sister · **câu trả lời lead cho anh**) phải tiếng Việt rõ nghĩa, câu hoàn chỉnh, đủ dấu câu, đúng ngữ pháp (O1); nội bộ giữ lối nén §6.4/§6.5 (O2 — bất đối xứng); reviewer +**Category 6** writing-quality (O3, verified-pending-restart). Rule canonical `docs/rules.md §1.1`. adap-report `2026-06-15-Governance-harness-7-writing-quality.md`. body-hash `a4580ea9…` verified-MATCH (lesson gotcha #61: verify body-hash PHẢI đọc UTF-8 tường minh, PS5.1 default mis-decode tiếng Việt → false-mismatch). > **Upgrade S66 (2026-06-16 — Harness-8 all-inherit + workflow-fastest adopt):** 🔴 BẮT BUỘC (anh-chốt, mọi sister; chất lượng trên chi phí). **H8.1** — toàn bộ 11 sub-agent có memory → `model: inherit` (ăn top-tier lead), **GỠ cơ chế demote two-tier của Harness-4** (7 sub pin `claude-opus-4-8` đã flip `inherit`: 2 implementer · test-specialist · cicd-monitor · investigator-api · frontend-designer · tooling-auditor; 4 đã-inherit giữ nguyên reviewer·investigator-codebase·database-agent·harvest-curator). SE KHÔNG có helper/gopher rẻ để chừa → cả 11 lên inherit. Escape-hatch per-task `tier:'opus'` (hmw.js) GIỮ cho sweep/cost. **H8.2** — chạy workflow nhanh nhất: **song song tối đa + xuất nhanh + lead auto-HMW** cho task substantive (theo H6) — "nhanh" = parallelism, **KHÔNG phải hạ model**. **Caveat (trung thực):** runtime HIỆN KHÔNG đổi (inherit = Opus 4.8 1M vì Fable suspended H5 — trùng two-tier đã collapse); khác biệt thật khi Fable về (cả đội tự lên Fable 5 không sửa frontmatter) + H5.6 restore gọn hơn (chỉ đổi lead). Frontmatter no hot-reload → **executed-file, VERIFIED-pending-restart**. `[1m]` cấm trong frontmatter `model` (gotcha #37). adap-report `2026-06-16-Governance-harness-8-all-inherit-workflow-fastest.md`. > **Upgrade S70 (2026-06-17 — Harness-9 L2-recovery + adap 2-workflow adopt):** **(1) PROCESS-mandate 🔴 BẮT BUỘC (PART 2/3, áp MỌI adap từ nay):** mỗi adap 1 Harness = **2 workflow tách biệt** (IMPLEMENT + REVIEW double-check RIÊNG) + REPORT về AI_INFRA kèm **run-id** bằng chứng; task ngắn-nhưng-cần-confirm VẪN phải review-workflow. Codify `.claude/commands/adap-apply.md`. **(2) L2 dark-matter recovery (PART 1, tailored):** archive `agent-memory//archive/*.md` KHÔNG vào RAG → build `archive/_INDEX.md` (mục-lục 1-dòng/bản-ghi + con-trỏ **substring** sha-keyed, fallback Ctrl-F, KHÔNG line-hint) + `.gist.md` (nén 4-field ADDITIVE, `distill-gen` counter, verbatim FROZEN) + `memory-budget.json` (seed-by-measure qua `scripts/measure-agent-memory.ps1`) + budget-audit @session-start (§2.1.2) + `.ragignore` guard. Rollout S70 (đầy-đủ-nhất, stage investigate→implement→audit qua 3 Workflow run-id): 4 over-cap sub (cicd-monitor · investigator-codebase · reviewer · implementer-backend). adap-report `2026-06-17-Governance-harness-9-l2-recovery-and-adap-workflow.md`. +> **Upgrade S72 (2026-06-18 — Harness-10 flat-refine + checklist-v2 adopt):** run-trace SUBFOLDER→**FLAT** (file phẳng cùng cấp: `sub--.md` raw + `-synthesis.md` verified, KHÔNG `sub-md/`/`harvest/` subdir) — `hmw.js` (`:103` subMd path) + `workflows/README` + `runs/README` + session-start/end + decision-tree (dòng dưới) repoint. **C8 migration:** 5 run cũ S71 GIỮ subfolder (đừng rewrite history); close-gate dual-accept cả hai dạng. **+`/sleep-recovery-memory-l2`** (đóng A8 — port §J2-tailored SE-only: sleep-compress L2 gist additive, INFORM-only ≥7d). **Anti-bypass detector (refine b): TAILORED-OUT** — SE dùng Anthropic Workflow tool (no CLI-launcher bypass-surface), containment = git-diff + run-folder TRACKED + ledger orphan-scan (G-015). 3 run-id bằng-chứng: audit `wf_13868efb-ea7` · implement `wf_ac43b5ff-7d1` · review (pending). adap-report `2026-06-18-Governance-harness-10-flat-refine-checklist-v2.md` (pending). --- @@ -108,7 +109,7 @@ ├── @session-start/@session-end TOOLING-FRESHNESS audit (skill·sub-role·plugin·docs 4-mặt + drift)? │ → tooling-auditor (H1 monitor, INFORM-only) — báo state+diff @start · chốt+new-alloc @end · em main APPEND │ -├── @session-end HARVEST-INTEGRITY gate (5-trục Coverage/Completeness/Fidelity/Placement/Corruption) / run-folder harvest (`runs//harvest/` ← `sub-md/`, Harness-10) / @session-start harvest mới? +├── @session-end HARVEST-INTEGRITY gate (5-trục Coverage/Completeness/Fidelity/Placement/Corruption) / run-folder harvest (`runs//-synthesis.md` ← `sub--.md` phẳng, Harness-10 h10-refine; run cũ S71 `harvest/`←`sub-md/`) / @session-start harvest mới? │ → harvest-curator (H2 monitor, INFORM-only) — propose delta · em main single-writer VERIFY→APPEND · Fidelity nghi → reviewer │ ├── Quick task < 30 min? → Em solo direct diff --git a/.claude/commands/session-end.md b/.claude/commands/session-end.md index 669ef7a..fa1f809 100644 --- a/.claude/commands/session-end.md +++ b/.claude/commands/session-end.md @@ -29,7 +29,7 @@ Em main PHẢI echo **TOÀN BỘ nội dung command body này** (đầy đủ Ph - 🟥 **reviewer** — anti-patterns observed + Smart Friend catches + claim verification - 🟢 **cicd-monitor** — Run verdict + bundle hash rotate + Mig prod + corpus drift - 🟫 **tooling-auditor** (monitor H1) — CHỐT tooling/docs-freshness 4-mặt + new-alloc audit (chạy ở §L.b(g)) - - ⬜ **harvest-curator** (monitor H2) — GATE harvest-integrity 5-trục + close-gate run-trace `runs//harvest/` (chạy ở §L.b(d)(f)) + - ⬜ **harvest-curator** (monitor H2) — GATE harvest-integrity 5-trục + close-gate run-trace `runs//` (`*-synthesis.md` phẳng h10-refine; run cũ S71 `harvest/`) (chạy ở §L.b(d)(f)) 2. Synthesize cross-agent learnings → integrate vào: - User auto-memory `MEMORY.md` (index — append entry mới, KHÔNG rewrite) @@ -45,10 +45,10 @@ Em main PHẢI echo **TOÀN BỘ nội dung command body này** (đầy đủ Ph **§L.b — 7-step auto-maintain (đủ 7, KHÔNG skip — thiếu = ledger thối). (d)(f) = H2 harvest-curator · (g) = H1 tooling-auditor (2026-06-07 Harness 1):** - **(a) summary-index** += 1 dòng/session vào `STATUS.md` Recently Done (pointer, KHÔNG full-log). - **(b) Active-Guards** (error-ledger): promote guard **2-strike** (episodic→procedural) · mark `verified` nếu held qua session · retire theo **net-effect** (hại>lợi → gỡ). -- **(c) chore-flag:** agent L1 >~30KB → archive L2 · error-ledger open-entry quá ngưỡng · **0-byte memory check (AS-8)**. +- **(c) chore-flag:** agent L1 >~30KB → archive L2 · error-ledger open-entry quá ngưỡng · **0-byte memory check (AS-8)** · **🌙 sleep-check (Harness-10b, S72):** `last_sleep_at` null hoặc ≥7d (`memory-budget.json`) → INFORM gợi-ý `/sleep-recovery-memory-l2` (KHÔNG auto-run). - **(d) flush agent-memory** mỗi sub đã spawn session này — **spawn-record 4-field** `{agent · task · nấc(agreed/executed/verified) · evidence}`. (0 sub spawn → "n-a".) → **⬜ harvest-curator (H2) HỖ TRỢ:** spawn → propose spawn-record cho mọi sub đã chạy → em main single-writer VERIFY → APPEND (B3 no-overwrite-unverified). - **(e) pending-request audit:** request anh CHƯA-thực-thi đã log SPECIFICS chưa (KHÔNG placeholder). -- **(f) 🌾 harvest-integrity GATE (⬜ harvest-curator H2 — 5-trục, Harness 1+2):** verify spawn-record (d) đủ+đúng mọi sub TRƯỚC khi đóng — **Coverage** (0 silent-miss) · **Completeness** (đủ 4-field) · **Placement** (delta đúng `agent-memory/X`) · **Corruption** (moved-not-cut, no-mojibake/shell-baked) · **Fidelity-FLAG** (nghi bịa/on-behalf → escalate 🟥 reviewer, KHÔNG tự phán). + **🌊 close-gate C5 Layer3 (Harness-10, thay B5 wave-gom):** với MỌI `runs//` của session → **VERIFY per-turn harvest đã xong** (em-main đã viết `runs//harvest/*.md` NGAY sau mỗi fan-out turn = C4 Layer1) + `_ledger.md` mọi run đã CLOSE-beat (closed≠⏳). 🔴 **IDEMPOTENT — close-gate chỉ VERIFY, KHÔNG re-APPEND** (per-turn đã APPEND rồi → re-APPEND = DUPLICATE-HARVEST). 5-trục GATE giữ làm **backstop**. GATE = run còn harvest/ rỗng HOẶC chưa đủ 5-trục thì CHƯA đóng. +- **(f) 🌾 harvest-integrity GATE (⬜ harvest-curator H2 — 5-trục, Harness 1+2):** verify spawn-record (d) đủ+đúng mọi sub TRƯỚC khi đóng — **Coverage** (0 silent-miss) · **Completeness** (đủ 4-field) · **Placement** (delta đúng `agent-memory/X`) · **Corruption** (moved-not-cut, no-mojibake/shell-baked) · **Fidelity-FLAG** (nghi bịa/on-behalf → escalate 🟥 reviewer, KHÔNG tự phán). + **🌊 close-gate C5 Layer3 (Harness-10, thay B5 wave-gom):** với MỌI `runs//` của session → **VERIFY per-turn harvest đã xong** (em-main đã viết `runs//-synthesis.md` phẳng h10-refine — run cũ S71: `harvest/*.md` — NGAY sau mỗi fan-out turn = C4 Layer1) + `_ledger.md` mọi run đã CLOSE-beat (closed≠⏳). 🔴 **IDEMPOTENT — close-gate chỉ VERIFY, KHÔNG re-APPEND** (per-turn đã APPEND rồi → re-APPEND = DUPLICATE-HARVEST). 5-trục GATE giữ làm **backstop**. GATE = run còn `*-synthesis.md` vắng (run cũ S71: `harvest/` rỗng — C8 dual-accept) HOẶC chưa đủ 5-trục thì CHƯA đóng. - **(g) 🔌 tooling-freshness CHỐT (🟫 tooling-auditor H1 — Harness 1):** spawn → chốt 4-mặt (skill·sub-role·plugin·docs) đổi gì session này + **new-alloc audit** (skill/plugin MỚI chưa phân-bổ → đề-xuất gán em main + sub phù-hợp vai) + flag doc-drift/roster-lệch/count-stale. Propose → em main APPEND/sửa doc (single-writer). 🔴 G-015: 2 monitor = propose-only, em main VERIFY trước APPEND (Bash residual → KHÔNG "read-only enforced"). ## Phase 2 — WRITE (update MD/RAG) diff --git a/.claude/commands/session-start.md b/.claude/commands/session-start.md index c31d653..f72cdfd 100644 --- a/.claude/commands/session-start.md +++ b/.claude/commands/session-start.md @@ -68,13 +68,15 @@ Em main xác nhận **lead model resolve được** đầu session. Lead SE = ** > Đầu session: 2 monitor sub BÁO LẠI trạng-thái + **diff vs session trước** (floor Harness 1 H1.2 + H2.2). INFORM-only — em main đọc + VERIFY→APPEND nếu có delta hợp-lệ (B3), KHÔNG sub tự sửa. - **🟫 tooling-auditor (H1):** spawn → báo tooling-state 4-mặt (skill · sub-role · plugin · docs) + **DIFF vs last-session** (THÊM/ĐỔI/XÓA/stale). Bắt drift doc-vs-thực-tế ngay đầu session (vd roster/count lệch, skill stale, plugin pending). -- **⬜ harvest-curator (H2):** spawn → báo **harvest-MD mới** (run-trace `runs//harvest/` / sub-agent / agent-team kể từ last) + **delta mồ-côi chưa-APPEND** + **scan `runs/*/` tìm OPEN-beat (ledger `_ledger.md` cột closed=⏳) mà `harvest/` rỗng = orphan run** (C5 Layer2 post-exec rescan — bù khi C4 per-turn miss hoặc session trước chết giữa run). Bắt 0-byte memory (gotcha #53) + delta chưa thu-hoạch. +- **⬜ harvest-curator (H2):** spawn → báo **harvest-MD mới** (run-trace `runs//` — file `sub-*`/`*-synthesis.md` phẳng h10-refine / sub-agent / agent-team kể từ last) + **delta mồ-côi chưa-APPEND** + **scan `runs/*/` tìm OPEN-beat (ledger `_ledger.md` cột closed=⏳) mà `*-synthesis.md` vắng (run cũ S71: `harvest/` rỗng) = orphan run** (C5 Layer2 post-exec rescan — bù khi C4 per-turn miss hoặc session trước chết giữa run). Bắt 0-byte memory (gotcha #53) + delta chưa thu-hoạch. - Cơ-chế = báo-lại-diff đầu session (FORM tự do trình bày). 2 monitor spawn parallel OK. **Light session / hỏi-đáp → có thể skip; bug/feature/multi-agent/wave session → nên chạy.** ### 2.1.2 Memory L2 budget-audit (Harness-9 — 2026-06-17) > Read-side "vật-chất-tối": archive `agent-memory//archive/*.md` KHÔNG vào RAG. Inject **mục-lục** (`archive/_INDEX.md`), nội dung verbatim + `.gist.md` đọc-theo-nhu-cầu. "Inject tấm bản-đồ, KHÔNG inject lãnh-thổ." +- **🌙 Sleep-check (Harness-10b, S72):** trong lúc đọc `memory-budget.json` (cùng file budget-audit), lấy `last_sleep_at` → nếu `null` HOẶC `today − last_sleep_at ≥ 7 ngày` → **INFORM gợi-ý** chạy `/sleep-recovery-memory-l2 ` (nén L2 verbatim→gist additive). 🔴 **KHÔNG auto-run** — anh consent mới chạy. + - Đọc `.claude/agent-memory/memory-budget.json` → so kích-thước THẬT `_INDEX.md` mỗi sub vs cap. Nếu cắt-cho-vừa-ngân-sách đang rớt dấu-mốc quan trọng → **bump budget** (chốt-chặn chống "quên chỉnh ngân sách"). Đo lại bằng `scripts/measure-agent-memory.ps1` (seed-by-measure — KHÔNG đặt cap bằng số tưởng tượng). - L1 over-cap → curate L1→L2 (byte-exact additive) + build/refresh `_INDEX.md` (con-trỏ **substring** sha-keyed, fallback Ctrl-F) + `.gist.md` (nén 4-field, `distill-gen` counter, verbatim FROZEN). Rollout đầu: 4 over-cap sub (S70). diff --git a/.claude/commands/sleep-recovery-memory-l2.md b/.claude/commands/sleep-recovery-memory-l2.md new file mode 100644 index 0000000..d5843d6 --- /dev/null +++ b/.claude/commands/sleep-recovery-memory-l2.md @@ -0,0 +1,117 @@ +--- +description: Nén verbatim L2 cũ (agent-memory archive/.md) thành gist ADDITIVE (.gist.md file MỚI, KHÔNG đè). CHỈ P1 gist-compress — KHÔNG build index. SCOPE = repo SOLUTION_ERP-only. +argument-hint: (vd — implementer-backend · reviewer · all) +--- + +# /sleep-recovery-memory-l2 — Giấc ngủ L2 (sleep-compress, P1-only) · SE + +> Trigger nén L2 dark-matter. **CHỈ** xử lý `.claude/agent-memory//archive/.md` (verbatim cũ) → sinh `.gist.md` (**FILE MỚI, additive**). KHÔNG đụng L1 (`MEMORY.md`) · KHÔNG đụng RAG/L3 · KHÔNG build `_INDEX.md` (đó = P2 archival-event, không nằm trong command này). +> 🔴 **Scope:** CHỈ repo **SOLUTION_ERP** (self=`se`). KHÔNG đụng repo khác / corpus federated. +> 🔴 **Phân-vai (Cách-B):** lead = em-main single-writer (B3) · `harvest-curator` PROPOSE-ONLY (charter cấm-ghi → substring:"KHÔNG ghi/sửa BẤT KỲ file") · `reviewer` gate Fidelity (lead KHÔNG tự chấm, G-001). +> +> 📌 **NOTE — provenance:** Command này **port từ AI_INFRA** `/sleep-recovery-memory-l2` (`D:/Dropbox/CONG_VIEC/AI_INFRA/.claude/commands/sleep-recovery-memory-l2.md`) + design (AI_INFRA repo — KHÔNG có bản SE-local) `D:/Dropbox/CONG_VIEC/AI_INFRA/docs/architecture/MEMORY-SLEEP-RECOVERY-L2-DESIGN-v3.md` §4 + §10-P1. Bản gốc gate **§J2 = AI_INFRA-only (no-sister)**; ở đây anh yêu-cầu port để **parity** → scope tailor thành **SE-repo-only** (KHÔNG đụng sister/corpus khác). KHUNG federated giữ nguyên (function-floor), CHỈ tailor form theo SE (roster · path · 4-field tiếng Việt · pointer-style · gotcha#). + +**Tham số:** `$ARGUMENTS` — 1 agent (vd `implementer-backend`) HOẶC `all`. Trống → hỏi anh chọn, **KHÔNG mặc-định `all`**. + +## 📋 BƯỚC 0 — Show command body (visibility, no wait) + +Em main PHẢI echo **TOÀN BỘ nội dung command body này** (đầy đủ Phase 0-5 + tất cả guard rule) trong response đầu tiên ĐỂ ANH USER ĐỌC LẠI. + +**Quy trình (KHÔNG wait confirm):** +1. Em echo full content command (raw markdown, KHÔNG tóm tắt, KHÔNG cắt) +2. Em proceed execute Phase 0 → 5 sequential ngay +3. Anh user điều chỉnh **cuối** nếu cần (KHÔNG mid-flow interrupt) + +## 🎯 Mục đích (function-floor) + +Nén **verbatim L2 cũ** thành **gist súc-tích** mà KHÔNG mất signal-quan-trọng: +- **ADDITIVE (B3/§F1/G-009):** gist = ghi ra **file MỚI** `archive/.gist.md`. **KHÔNG đè** `.md` (verbatim) → verbatim ở-lại-đĩa (git history giữ nguyên). Đây là cách giải B3-data-loss: nén KHÔNG phá nguồn. +- Kết quả: 1 verbatim file dài + 1 gist file ngắn cùng kỳ. Lookup sâu vẫn Read verbatim; đọc nhanh đọc gist. +- 🔴 **KHÔNG ép L1 nhỏ hơn 30KB** (design BỎ — rotation L1→L2 là function per-project; L1-cap-audit của SE đã sống ở `/session-start §2.1.2` + `memory-budget.json`, KHÔNG phải việc của command này). + +## 👥 SE roster — target hợp-lệ + +`all` = **9 sub có-ký-ức** của SE: +`investigator-codebase · investigator-api · implementer-backend · implementer-frontend · test-specialist · reviewer · cicd-monitor · frontend-designer · database-agent`. + +> 🟡 **harvest-curator + tooling-auditor = INFORM-only monitor** (KHÔNG vào `all` mặc-định). CHỈ xử-lý nếu chúng **thật-sự có** `archive/.md` verbatim (Phase 0.2 phát-hiện) — gọi tay đích-danh tên. +> ℹ️ Thực-tế hiện-tại (đo S71, `memory-budget.json`): chỉ **4/9** sub có archive-content — `cicd-monitor · implementer-backend · investigator-codebase · reviewer`. 5 sub còn-lại archive rỗng/chưa-có → `all` tự skip (Phase 0.2 guard-rỗng). Con-số này = báo-cáo runtime, KHÔNG hardcode: luôn quét đĩa thật. + +## Trigger (2 đường) + +| Đường | Cơ chế | +|---|---| +| **Tay** | Anh gõ `/sleep-recovery-memory-l2 ` bất kỳ lúc nào | +| **Auto-check (INFORM-only)** | `/session-start` + `/session-end` đọc `last_sleep_at` trong `.claude/agent-memory/memory-budget.json` → nếu `today − last_sleep_at ≥ 7` (ngày) → **gợi-ý** chạy command (INFORM anh, **KHÔNG tự-chạy autonomous**). Anh consent → chạy. | + +> 🔴 **State-file `last_sleep_at` có 1 home DUY NHẤT:** `.claude/agent-memory/memory-budget.json` (root-key `last_sleep_at`, cạnh `tiers`/`measured`). KHÔNG ghi ở `_INDEX.md` / nơi khác. *(SE đặt budget-file trong `agent-memory/`, KHÁC AI_INFRA gốc đặt `.claude/memory-budget.json` — đây là tailor path SE.)* Field `last_sleep_at` **đã thêm** (null baseline, S72) vào budget-file SE — auto-check **đã wired** ở `/session-start §2.1.2` + `/session-end §L.b(c)` (đọc field → INFORM gợi-ý nếu null/≥7d). Lần sleep đầu lead set `= today` (Phase 4.4). Lead = single-writer field này (B3). + +## Phase 0 — Prep (em main / lead) + +1. Parse `$ARGUMENTS` → list agent target. `all` → 9 sub có-ký-ức SE (xem roster ở trên). Agent lạ (không có dir `.claude/agent-memory//`) → cảnh-báo + skip. `harvest-curator`/`tooling-auditor` chỉ chạy nếu gọi tay đích-danh **và** có archive thật. +2. Mỗi agent: liệt-kê `archive/.md` (verbatim) **đủ cũ** (per-project aging, size-driven — KHÔNG federated-time). **Guard-rỗng:** agent KHÔNG có `archive/` hoặc 0 file `.md` → skip (0 token). Bỏ qua file nào Đà có `.gist.md` tương-ứng (tránh nén lại). +3. 🛡️ **double-distill guard (đọc header TRƯỚC khi làm):** nếu **gist nguồn/đối-tượng** đã chứa counter `distill-gen: N` với `N ≥ 1` → đã là sản-phẩm distill → **REFUSE pass-2 tự-động** (skip, log lý-do). Chỉ nén nguồn **verbatim gen-0** (file `.md` chưa-từng-distill). *(SE thực-tế: có gist đã ở `distill-gen: 2` — investigator-codebase 2026-06 — guard PHẢI bắt; KHÔNG nén `.gist.md`, chỉ nén `.md` verbatim.)* +4. Đọc `.claude/agent-memory/memory-budget.json` lấy `last_sleep_at` (xác-nhận đủ 7-ngày nếu đường auto). Field vắng → coi như "chưa từng sleep" (đường tay vẫn chạy bình-thường). + +## Phase 1 — GATHER + DEDUP (harvest-curator PROPOSE-ONLY) + +> `harvest-curator` charter **cấm-ghi-file** → output = **proposal MD** (text trả-về), KHÔNG Write. + +Spawn `harvest-curator` đọc từng verbatim file target → đề-xuất **bản nén nháp**: +- Gom entry trùng/liên-quan (dedup spawn-record cùng-chủ-đề across nhiều ngày/session). +- Đánh **importance-tag** mỗi cụm: `{cao · vừa · thấp}` (khớp nhãn giá-trị-tái-dùng SE đang dùng trong gist hiện-có). +- Trả proposal (KHÔNG ghi đĩa). Lead nhận → Phase 2 distill + verify. + +## Phase 2 — DISTILL (method) + +Lead distill proposal thành gist theo 4 bước: +1. **4-field giữ-khung (SE):** mỗi entry gốc = spawn-record **`VIỆC · KẾT-LUẬN(+commit/file:line) · BÀI-HỌC · BẤT-NGỜ`**. Nén = rút-gọn câu-chữ, **KHÔNG bỏ field**. *(Đây là form SE — tương-đương `task · verdict · learned · surprise` bản gốc.)* +2. **GỘP:** cụm entry cùng-chủ-đề → 1 entry tổng-hợp (cite ngày/session gốc + **pointer back-resolve** vào verbatim). +3. **reflection-synthesis:** rút **3 tới 5 entry mỗi file** (meta-insight cấp cao hơn liệt-kê thô), KHÔNG vượt 5. +4. **importance-tag drop:** **drop `thấp` TRƯỚC** khi cần cắt độ-dài. `cao`/`vừa` giữ. ratio nén = **báo-cáo KHÔNG phải target** (KHÔNG cắt để đạt con-số). + +🔴 **Pointer-style SE (khớp gist hiện-có):** mỗi dòng kết bằng back-resolve `→ substring:""` grep-UNIQUE vào verbatim file đã-tên — git-SHA / Mig-name / Run#NNN / unique-phrase keyed (ngày bị collide). **NO line-hint** (additive append làm xê dòng). + +🔴 **Header gist file BẮT BUỘC** có counter `distill-gen: 1` (sản-phẩm distill thế-hệ-1 → chặn pass-2 sau này per Phase 0.3) + ghi rõ `source-verbatim` (tên file + #record) + `pointer-style: substring`. *(Nếu hiếm-hoi distill từ gist gen-1 — chỉ khi anh ép tay đè guard — stamp `distill-gen: 2`.)* + +## Phase 3 — GATE (coverage-diff DETERMINISTIC + Fidelity) + +> Gate = chốt-chặn mất-signal. 2 lớp. + +**(a) coverage-diff DETERMINISTIC (lead scan, rẻ, LUÔN chạy):** +- Mọi **`{surprise · guard · file:line · root-cause · gotcha#}`** xuất-hiện trong verbatim **PHẢI** xuất-hiện (hoặc đánh `N/A` có-chủ-đích) trong gist. *(SE thêm `gotcha#` so với 4-token gốc — khớp rule `memory-budget.json` l2_gist: "every surprise/guard/file:line/root-cause/gotcha# in verbatim must survive".)* +- Cơ-chế: grep các loại token trên ↔ đối-chiếu gist (Grep tool). Thiếu bất-kỳ → **FAIL** → bổ vào gist TRƯỚC khi tiếp. +- **ratio nén = báo-cáo** (đo để biết), KHÔNG phải target/floor — KHÔNG ép gist nhỏ-đi để đạt ratio đẹp. + +**(b) Fidelity gate (reviewer escalate):** +- `harvest-curator` Fidelity-FLAG → escalate `reviewer` chấm **keep-vs-drop** (entry nào nén/drop có đúng không, gist có bịa / lệch nghĩa không). +- Lead KHÔNG tự chấm Fidelity (G-001). reviewer PASS → ghi. FAIL → re-distill đúng sự-thật. *(reviewer no-StructuredOutput / chết ×2 → self-gate-fallback bằng evidence-checklist hợp-lệ, ghi rõ trong report — feedback agent-kill-recovery.)* + +## Phase 4 — WRITE (lead single-writer, B3) + +1. **Tool-ghi:** `Write` (file mới) / `Edit` — 🔴 **G-009: KHÔNG** PowerShell `Add-Content` / bash here-string. UTF-8 no-BOM. +2. Ghi `archive/.gist.md` (file MỚI). **KHÔNG** chạm `.md` verbatim (additive). +3. **G-009 post-scan (BẮT BUỘC sau ghi):** Grep mojibake (`§` · `â†` · `ðŸ` · `KHÃ` — seq cụ-thể, né bare-`Ã`) + dollar-expansion (`/usr/bin/bash`) trên file vừa ghi → **phải sạch**. Bẩn → de-corrupt qua Write tool. +4. Cập-nhật `.claude/agent-memory/memory-budget.json` field `last_sleep_at = ` (root-key; **thêm mới nếu chưa có**). B3 single-writer, Write/Edit. 🔴 KHÔNG hand-edit `measured_bytes` (chỉ script `scripts/measure-agent-memory.ps1` được sửa số đo) — chỉ chạm `last_sleep_at`. + +## Phase 5 — REPORT + COMMIT + +1. **Report:** mỗi agent xử-lý → `{verbatim-file · gist-file MỚI · #entry trước→sau · ratio (báo-cáo) · importance-drop thấp=N · coverage-diff PASS/FAIL · Fidelity PASS/self-gate}`. +2. **Commit** (anh OK): `[CLAUDE] Memory: sleep-compress L2 .gist.md additive` + - Scope = `Memory`. 🔴 `git add` **file cụ-thể** (KHÔNG `-A`/`.` — secret-leak risk; feedback rag-mcp). + - verbatim KHÔNG đổi → KHÔNG trong diff (chỉ `.gist.md` mới + `memory-budget.json` `last_sleep_at`). + - 🔴 docs-only path → CI skip (`paths-ignore`, gotcha #41) — commit này 0s. + +--- + +## ⚠️ Guards (đọc kỹ) + +- 🔴 **Additive-only:** gist = file MỚI. TUYỆT-ĐỐI KHÔNG đè/sửa/xóa verbatim `.md` (B3 · §F1 · G-009 data-loss). +- 🔴 **CHỈ P1 gist-compress:** command này KHÔNG build `_INDEX.md` (= P2 archival-event riêng, sub tự-ghi lúc rời L1→L2) · KHÔNG inject read-side · KHÔNG đụng L1/RAG/L3. +- 🔴 **double-distill refuse:** `distill-gen ≥ 1` ở đối-tượng → skip (Phase 0.3). Gist mới luôn stamp `distill-gen: 1`. Chỉ nén verbatim `.md` gen-0 (KHÔNG nén `.gist.md`). +- 🔴 **coverage-diff = deterministic gate:** surprise/guard/file:line/root-cause/**gotcha#** thiếu → FAIL, KHÔNG ship. ratio = metric KHÔNG target. +- 🔴 **Phân-vai cứng (Cách-B):** lead Write+commit (B3 single-writer) · harvest-curator PROPOSE-ONLY (charter cấm-ghi) · reviewer gate Fidelity (G-001 lead-không-tự-chấm). +- 🔴 **KHÔNG ép L1 < 30KB** (design BỎ — không phải scope command này; L1-cap-audit sống ở `/session-start §2.1.2`). +- 🔴 **Scope SE-repo-only:** CHỈ agent-memory `.claude/agent-memory/**` của SOLUTION_ERP. KHÔNG đụng repo/corpus khác (port-từ §J2-AI_INFRA, tailor parity — xem NOTE đầu file). +- 🔴 **G-009 tool-ghi:** Write/Edit only + post-scan mojibake/dollar-exp. +- 🔴 **last_sleep_at single home:** chỉ `.claude/agent-memory/memory-budget.json` root-key — KHÔNG nơi khác. diff --git a/.claude/workflows/README.md b/.claude/workflows/README.md index 8b1503e..ad591fb 100644 --- a/.claude/workflows/README.md +++ b/.claude/workflows/README.md @@ -1,21 +1,22 @@ # `.claude/workflows/` — Workflow fan-out + run-trace convention (Harness-10) -> **Mục đích:** convention cho HMW workflow fan-out + **run-trace folder** (mỗi workflow run → 1 thư mục `runs//` git **TRACKED**, gom plan + per-sub + harvest + ledger 2-nhịp). Adopt AI_INFRA Harness-10 (anh 06-18) — kế thừa wave-folder memory-isolation Harness-2 nhưng **đổi từ transient-gitignored sang tracked-run-folder** để audit trực-tiếp qua git-diff. Canonical rule: AI_INFRA `CANONICAL-RULES.md` §J4 (return-delta default) + §J6 (run-trace + agent-team) — pull qua `cross_project_search`, KHÔNG copy. Tailor SE 8-role roster + S1 scope. +> **Mục đích:** convention cho HMW workflow fan-out + **run-trace folder** (mỗi workflow run → 1 thư mục `runs//` git **TRACKED**, gom plan + per-sub + synthesis + ledger 2-nhịp). Adopt AI_INFRA Harness-10 (anh 06-18) — kế thừa wave-folder memory-isolation Harness-2 nhưng **đổi từ transient-gitignored sang tracked-run-folder** để audit trực-tiếp qua git-diff. 🆕 **Cấu trúc PHẲNG (h10-refine 06-18):** file phẳng cùng cấp trong run-folder (phân biệt RAW vs VERIFIED bằng TÊN), KHÔNG subfolder. Canonical rule: AI_INFRA `CANONICAL-RULES.md` §J4 (return-delta default) + §J6 (run-trace + agent-team) — pull qua `cross_project_search`, KHÔNG copy. Tailor SE 9-role roster + S1 scope. ## Files (tracked) - `hmw.js` — HMW P2 fan-out script. 2 mode: DEFAULT return-delta-only (§J4) · RUN-TRACE mode (§J6, `args.run`). - `README.md` — file này (convention). -- `runs/` — **git TRACKED** (qua negation `.gitignore:83 !.claude/**`), không gitignore. Mỗi workflow run = 1 sub-folder `runs//`. Xem `runs/README.md` cho cấu trúc chi-tiết + ledger 2-nhịp + 3-layer anti-miss. +- `runs/` — **git TRACKED** (qua negation `.gitignore:83 !.claude/**`), không gitignore. Mỗi workflow run = 1 sub-folder `runs//`. Xem `runs/README.md` cho cấu trúc chi-tiết (FLAT) + ledger 2-nhịp + 3-layer anti-miss + C8 migration + detector-tailored-out. -## Run-trace = mỗi workflow run → `runs//` TRACKED -Mỗi lần chạy workflow fan-out (RUN-TRACE mode) → **1 thư mục run** git theo dõi, gồm: +## Run-trace = mỗi workflow run → `runs//` TRACKED (FLAT) +Mỗi lần chạy workflow fan-out (RUN-TRACE mode) → **1 thư mục run** git theo dõi, file **phẳng cùng cấp**: ``` -.claude/workflows/runs// ← TRACKED (hiện trong git-diff = audit trực-tiếp) +.claude/workflows/runs// ← TRACKED · FLAT h10-refine (hiện trong git-diff = audit trực-tiếp) ├── run.md ← Run-MD chính — EM MAIN ghi @P1 (plan + agents-table + spec + guards + status OPEN→CLOSE) -├── sub-md/-.md ← per-sub — full working detail (write-sub tự ghi @P2 · read-only sub → em main scribe @P3) -└── harvest/-synthesis.md ← gom kết-quả — EM MAIN ghi NGAY sau mỗi fan-out turn (C4 per-turn primary) +├── sub--.md ← per-sub RAW (prefix `sub-`) — full detail (write-sub ghi @P2 · read-only sub → em main scribe @P3) +└── -synthesis.md ← gom/VERIFIED (suffix `-synthesis.md`) — EM MAIN ghi NGAY sau mỗi fan-out turn (C4 per-turn primary) ``` +Phân biệt RAW (prefix `sub-`) vs VERIFIED (suffix `-synthesis.md`) bằng **TÊN file**, KHÔNG subfolder. **C8:** 5 run cũ S71 (`h10-invest`…`h910-curate`) giữ `sub-md/`+`harvest/` (đừng rewrite history); close-gate chấp nhận CẢ HAI dạng. - `runs/_ledger.md` — sổ run **2-nhịp**: ghi **OPEN-beat** lúc mở run + **CLOSE-beat** (timestamp + verdict + harvest) lúc đóng. **Orphan** = OPEN mà không CLOSE → phải giải-quyết-cứng (điều tra + đóng tay hoặc đánh-dấu aborted). Chi-tiết `runs/README.md`. ## 2 MODE memory (anh 06-07, KHÔNG thay return-delta) @@ -23,28 +24,29 @@ Mỗi lần chạy workflow fan-out (RUN-TRACE mode) → **1 thư mục run** gi | | DEFAULT return-delta-only (§J4) | RUN-TRACE mode (§J6) | |---|---|---| | Khi dùng | fan-out NHẸ (~2-3 phút, read/analyze — vd recon) | workflow DÀI / sinh nhiều detail / cần audit-trail | -| Sub ghi file? | KHÔNG — chỉ return `memoryDelta` + `findings` | write-sub GHI full-detail vào `runs//sub-md/-.md`; read-only sub → `findings` + `subMdPath` → em main scribe | -| Lead làm | VERIFY + APPEND @P3 (B3) | đọc `sub-md/` on-demand + ghi `harvest/` per-turn (C4) + H2 gom @session-end (B5, backstop) | +| Sub ghi file? | KHÔNG — chỉ return `memoryDelta` + `findings` | write-sub GHI full-detail vào `runs//sub--.md` (phẳng); read-only sub → `findings` + `subMdPath` → em main scribe | +| Lead làm | VERIFY + APPEND @P3 (B3) | đọc `sub--.md` on-demand + ghi `-synthesis.md` per-turn (C4) + H2 gom @session-end (B5, backstop) | | Rủi ro mất detail | có (delta lossy) — chấp nhận cho việc nhẹ | KHÔNG (full-detail giữ trong run-folder tracked) | > Mặc định DEFAULT. RUN-TRACE chỉ bật khi workflow dài/nhiều detail/cần dấu-vết (set `args.run = {name, dir}`). KHÔNG bắt mọi fan-out tạo run-folder. ## Quy trình RUN-TRACE (B1–B6) -1. **B3 SCAFFOLD TRƯỚC (em main @P1):** tạo `runs//` + `run.md` + `sub-md/.gitkeep` + `harvest/.gitkeep`, **và ghi OPEN-beat vào `runs/_ledger.md`**. ⚠️ `hmw.js` chạy JS-sandbox **no-filesystem** → KHÔNG tự tạo folder; **em main Write @P1** TRƯỚC khi invoke Workflow. (Đây là fragile-point — quên scaffold = run mất dấu-vết âm-thầm; xem `runs/README.md` §C7.) -2. **B1 spawn-from-real-sub:** mỗi task `role ∈ VALID_ROLES` (8 sub) → workflow-agent = sub THẬT (`agentType` inherit memory-pack slice + skill identity), KHÔNG agent vô-danh. -3. **B4 phân-quyền TOOL-AWARE:** `hmw.js` inject vào prompt mỗi sub đường-dẫn `runs//sub-md/-.md` + lệnh ghi ĐÚNG file đó. +1. **B3 SCAFFOLD TRƯỚC (em main @P1):** tạo `runs//` + `run.md` (FLAT — KHÔNG cần `sub-md/`/`harvest/` subfolder hay `.gitkeep`; file `sub-*`/`*-synthesis.md` sinh phẳng cùng cấp khi fan-out chạy), **và ghi OPEN-beat vào `runs/_ledger.md`**. ⚠️ `hmw.js` chạy JS-sandbox **no-filesystem** → KHÔNG tự tạo folder; **em main Write @P1** TRƯỚC khi invoke Workflow. (Đây là fragile-point — quên scaffold = run mất dấu-vết âm-thầm; xem `runs/README.md` §C7.) +2. **B1 spawn-from-real-sub:** mỗi task `role ∈ VALID_ROLES` (9 sub) → workflow-agent = sub THẬT (`agentType` inherit memory-pack slice + skill identity), KHÔNG agent vô-danh. +3. **B4 phân-quyền TOOL-AWARE:** `hmw.js` inject vào prompt mỗi sub đường-dẫn `runs//sub--.md` (phẳng) + lệnh ghi ĐÚNG file đó. - **Write sub (CÓ Write/Edit):** implementer-backend · implementer-frontend · test-specialist · frontend-designer → ghi-direct sub-MD via Write/Edit. - - **Read-only sub (CHỈ Bash):** investigator-codebase · investigator-api · reviewer · cicd-monitor → 🔴 KHÔNG Bash-write MD (mojibake) → full-detail vào `findings` + `subMdPath` → **em main scribe @P3** (single-writer). -4. **B6 ISOLATION (AUDIT cẩn-thận):** sub CHỈ ghi trong `runs//` (sub-md của mình) + code-file-disjoint nếu giao. 🔴 KHÔNG ghi `agent-memory/*` chính · KHÔNG MD canonical (CLAUDE/README/STATUS/agents) · KHÔNG sub-MD agent khác. **Em main `git status`/`git diff` + chunk-count sau P2** → **run-folder TRACKED → mọi write trong run-folder HIỆN trong diff = audit trực-tiếp**; tracked-change NGOÀI `runs//` VÀ NGOÀI code-disjoint đã giao = **vi-phạm** (thay model Harness-2 B6 "mọi tracked-change = vi-phạm"). Verify pattern bằng `git check-ignore -v` (test match thật, đừng tin .gitignore text — bẫy exit-code: dùng `&& IGNORED || NOT`). -5. **B5 HARVEST (per-turn primary C4 + close-gate backstop):** em main ghi `harvest/-synthesis.md` **NGAY sau mỗi fan-out turn** (đọc `sub-md/` + findings → 5-trục integrity → consolidate). @session-end ⬜ harvest-curator H2 §L.b(f) **VERIFY per-turn harvest đã xong cho mọi `runs//`** (idempotent — KHÔNG re-APPEND, chống DUPLICATE-HARVEST) + giữ 5-trục GATE làm backstop, rồi đề-xuất em main APPEND vào `agent-memory/` sub tương-ứng. + - **Read-only sub (CHỉ Bash):** investigator-codebase · investigator-api · reviewer · cicd-monitor → 🔴 KHÔNG Bash-write MD (mojibake) → full-detail vào `findings` + `subMdPath` → **em main scribe @P3** (single-writer). +4. **B6 ISOLATION (AUDIT cẩn-thận):** sub CHỈ ghi trong `runs//` (file `sub--.md` phẳng của mình) + code-file-disjoint nếu giao. 🔴 KHÔNG ghi `agent-memory/*` chính · KHÔNG MD canonical (CLAUDE/README/STATUS/agents) · KHÔNG sub-MD agent khác. **Em main `git status`/`git diff` + chunk-count sau P2** → **run-folder TRACKED → mọi write trong run-folder HIỆN trong diff = audit trực-tiếp**; tracked-change NGOÀI `runs//` VÀ NGOÀI code-disjoint đã giao = **vi-phạm** (thay model Harness-2 B6 "mọi tracked-change = vi-phạm"). Verify pattern bằng `git check-ignore -v` (test match thật, đừng tin .gitignore text — bẫy exit-code: dùng `&& IGNORED || NOT`). +5. **B5 HARVEST (per-turn primary C4 + close-gate backstop):** em main ghi `-synthesis.md` (phẳng) **NGAY sau mỗi fan-out turn** (đọc `sub--.md` + findings → 5-trục integrity → consolidate). @session-end ⬜ harvest-curator H2 §L.b(f) **VERIFY per-turn harvest đã xong cho mọi `runs//`** (idempotent — KHÔNG re-APPEND, chống DUPLICATE-HARVEST) + giữ 5-trục GATE làm backstop, rồi đề-xuất em main APPEND vào `agent-memory/` sub tương-ứng. ## Agent-team (`.claude/agent-teams//` — gitignored `.gitignore:94`) - Cùng nguyên-lý isolation: teammate **KHÔNG có memory-dir built-in** (khác subagent) → folder riêng cho teammate ghi MD-session (A1, tránh overwrite memory chuẩn). -- Team spawn TỪ **sub-agent chính có memory dự-án rõ-ràng** (A2 — mang identity/skill sub thật trong 8 roster). +- Team spawn TỪ **sub-agent chính có memory dự-án rõ-ràng** (A2 — mang identity/skill sub thật trong 9 roster). - H2 harvest-curator gom `.claude/agent-teams//` → agent-memory tương-ứng (giống run-trace). - ⚠️ **Caveat: Agent-Team experimental + Windows 11 in-process only** (no split-pane) → SE **CHƯA dùng team thật** → A = **convention-ready** (n-a runtime), cơ-chế isolation chung qua workflow. ## Guard - **S1:** Workflow CHỈ repo SOLUTION_ERP — KHÔNG fan-out repo/corpus khác (`cross_project_search` = READ reference only). - **S2/S3:** chỉ chạy khi HMW-mode ON (`/ultra-on` → marker `.claude/hmw-mode.on`) + checkpoint INFORM (`hmw.js` throw nếu `checkpointApproved≠true`) + sub KHÔNG spawn sub. +- **Anti-bypass detector (h10-refine b): SE TAILORED-OUT** — SE chạy workflow qua Anthropic Workflow tool (KHÔNG có CLI-launcher để lách như node-CLI) → bypass-surface ~N/A; containment = git-diff + run-folder TRACKED + ledger orphan-scan (G-015). 3 nguyên-tắc detector (whitelist launcher · path-variant match · anchor launch-key + nghiệm-thu quan-hệ) đã cân-nhắc, N/A cho threat-model SE. Chi-tiết `runs/README.md`. - **G-015 accuracy (no-overclaim):** run-folder TRACKED ≠ read-only-ENFORCED — sub vẫn giữ Bash (write-channel mở: ghi-ngoài-repo git-diff mù / curl Qdrant). Containment THẬT = **em-main single-writer + git-diff (in-repo, run-folder tracked nên hiện) + chunk-count (RAG)**, defense-in-depth, KHÔNG sandbox cứng. KHÔNG claim "ENFORCED", KHÔNG bỏ chunk-count. diff --git a/.claude/workflows/hmw.js b/.claude/workflows/hmw.js index 5ac65ec..eac915c 100644 --- a/.claude/workflows/hmw.js +++ b/.claude/workflows/hmw.js @@ -6,7 +6,7 @@ export const meta = { name: 'hmw', - description: 'HMW P2 execute (SOLUTION_ERP) — fan-out 9-agent roster có MEMORY-PACK slice (qua args vì script không đọc file) + return findings + checklistEvidence + memoryDelta (spawn-record 4-field). 2 MODE (Harness 2, 06-07): (A) DEFAULT return-delta-only — fan-out nhẹ, sub KHÔNG ghi file, git-diff verify. (B) RUN-TRACE mode (args.run, Harness-10) — workflow DÀI, em main scaffold .claude/workflows/runs// TRACKED (run.md+sub-md/+harvest/) @P1, sub ghi full-detail vào CHỈ sub-md/ mình (B4/B6), harvest per-turn primary (C4) + H2 gom @session-end = backstop verify-idempotent. taskList thoải mái (queue theo slot, không cap cứng). memoryDelta KHÔNG tự ghi — em main VERIFY + APPEND-only @P3 (no-overwrite-unverified, B3). Two-tier model H4.5 (Harness-4 2026-06-10): promote-roles inherit Fable 5 · demoted-roles pin Opus 4.8 (frontmatter) · role-less \'opus\' · per-task tier:\'fable\'|\'opus\' override. Scope = repo SOLUTION_ERP ONLY (S1 — KHÔNG fan-out repo/corpus khác).', + description: 'HMW P2 execute (SOLUTION_ERP) — fan-out 9-agent roster có MEMORY-PACK slice (qua args vì script không đọc file) + return findings + checklistEvidence + memoryDelta (spawn-record 4-field). 2 MODE (Harness 2, 06-07): (A) DEFAULT return-delta-only — fan-out nhẹ, sub KHÔNG ghi file, git-diff verify. (B) RUN-TRACE mode (args.run, Harness-10) — workflow DÀI, em main scaffold .claude/workflows/runs// TRACKED FLAT (run.md + sub--.md + -synthesis.md phẳng cùng cấp) @P1, sub ghi full-detail vào CHỈ sub--.md mình (B4/B6), harvest per-turn primary (C4) + H2 gom @session-end = backstop verify-idempotent. taskList thoải mái (queue theo slot, không cap cứng). memoryDelta KHÔNG tự ghi — em main VERIFY + APPEND-only @P3 (no-overwrite-unverified, B3). Model H8 all-inherit (Harness-8 2026-06-16): role-có-frontmatter inherit top-tier lead · role-less inherit · per-task tier:\'fable\'|\'opus\' escape-hatch. Scope = repo SOLUTION_ERP ONLY (S1 — KHÔNG fan-out repo/corpus khác).', phases: [{ title: 'Execute', detail: 'fan-out memory-pack-injected agents, structured return' }], } @@ -49,7 +49,7 @@ const SCHEMA = { properties: { findings: { type: 'string', description: 'Kết quả chính. MỌI claim kèm evidence file:line. KHÔNG narrative suông.' }, checklistEvidence: { type: 'string', description: 'Bằng chứng cho acceptance-checklist P1 (số đo / PASS-FAIL / verdict).' }, - subMdPath: { type: 'string', description: 'RUN-TRACE mode: đường-dẫn sub-md/-.md agent đã ghi (em main/H2 đọc on-demand). DEFAULT-mode: bỏ trống.' }, + subMdPath: { type: 'string', description: 'RUN-TRACE mode FLAT: đường-dẫn sub--.md agent đã ghi (em main/H2 đọc on-demand). DEFAULT-mode: bỏ trống.' }, memoryDelta: { type: 'object', description: 'Spawn-record 4-field — RETURN-only để EM MAIN harvest @P3. Agent KHÔNG tự ghi ký ức (KHÔNG file MEMORY.md, KHÔNG store_memory/RAG). Em main VERIFY + APPEND-only (KHÔNG overwrite entry cũ nếu chưa kiểm tra — B3).', @@ -86,10 +86,10 @@ const spec = A.spec || '' // ─── RUN-TRACE mode (Harness-10, supersedes Harness-2 wave-mode B) ──────────── // run = { name, dir }. Folder runs// (TRACKED) + run.md em main Đà scaffold @P1 (script no-fs). Bật → sub ghi full-detail -// vào CHỈ sub-md/ mình + return memoryDelta. Containment: tracked-change NGOÀI run-folder + code-disjoint = vi-phạm +// vào CHỈ sub--.md phẳng mình + return memoryDelta. Containment: tracked-change NGOÀI run-folder + code-disjoint = vi-phạm // (run-folder TRACKED → HIỆN trong git-diff = audit trực-tiếp; em main git-diff post-P2 + chunk-count RAG). [legacy alias args.wave] const wave = (A.run && A.run.dir) ? A.run : ((A.wave && A.wave.dir) ? A.wave : null) -if (wave) log(`hmw: RUN-TRACE mode on → dir=${wave.dir} (TRACKED; sub ghi sub-md/ isolated; em main scaffold @P1; harvest per-turn primary C4, H2 gom @session-end = backstop).`) +if (wave) log(`hmw: RUN-TRACE mode on → dir=${wave.dir} (TRACKED FLAT; sub ghi sub--.md phẳng isolated; em main scaffold @P1; harvest per-turn primary C4, H2 gom @session-end = backstop).`) phase('Execute') log(`HMW P2: fan-out ${A.taskList.length} task (${wave ? 'RUN-TRACE' : 'return-delta-only'}, H8 all-inherit top-tier, memory-pack-injected, scope=SOLUTION_ERP repo only)`) @@ -100,13 +100,13 @@ const results = await parallel(A.taskList.map((t, i) => () => { if (raw && !role) log(`⚠️ hmw: agentType "${raw}" ∉ VALID_ROLES → default subagent cho task #${i}`) const mem = role && memoryPack[role] ? memoryPack[role] : '' - const subMd = wave ? `${wave.dir}/sub-md/${role || 'task'}-${i}.md` : null // Harness-10: sub-md/ subdir under runs// + const subMd = wave ? `${wave.dir}/sub-${role || 'task'}-${i}.md` : null // Harness-10 FLAT (h10-refine 2026-06-18): sub--.md phẳng cùng cấp dưới runs// — KHÔNG sub-md/ subdir // Write-guard TOOL-AWARE theo MODE (B6 isolation). SE read-only sub (KHÔNG Write tool): investigator-codebase/api, // reviewer, cicd-monitor (+ monitor tooling-auditor/harvest-curator). Write sub: implementer-backend/frontend, test-specialist, frontend-designer. const writeGuard = wave ? [ - `## ✍️ RUN-TRACE ghi sub-md/ (Harness-10 B4/B6, supersedes Harness 2 wave) — TOOL-AWARE (chống mojibake G-009):`, + `## ✍️ RUN-TRACE ghi sub--.md FLAT (Harness-10 h10-refine, supersedes subfolder sub-md/) — TOOL-AWARE (chống mojibake G-009):`, `- Full-detail công-việc của mày → ĐÚNG 1 file: \`${subMd}\` (folder đã scaffold sẵn — KHÔNG tạo folder).`, ` • NẾU mày CÓ Write/Edit tool (implementer-backend/frontend, test-specialist, frontend-designer): GHI TRỰC TIẾP via Write/Edit. 🔴 KHÔNG Bash-write MD ($-expansion/mojibake).`, ` • NẾU mày CHỈ có Bash (read-only sub: investigator-codebase/api, reviewer, cicd-monitor — KHÔNG Write tool): 🔴 TUYỆT ĐỐI KHÔNG Bash-write MD → để full-detail trong "findings" + đặt subMdPath="${subMd}"; EM MAIN scribe @P3 (single-writer Write-tool, no-corruption).`, diff --git a/.claude/workflows/runs/2026-06-18-harness-audit-invest/audit-synthesis.md b/.claude/workflows/runs/2026-06-18-harness-audit-invest/audit-synthesis.md new file mode 100644 index 0000000..abb80c0 --- /dev/null +++ b/.claude/workflows/runs/2026-06-18-harness-audit-invest/audit-synthesis.md @@ -0,0 +1,68 @@ +# AUDIT SYNTHESIS — Harness 8/9/10/10-refine + checklists + hmw (re-audit, honest nấc) + +- **run-id:** 2026-06-18-harness-audit-invest · **wf:** wf_13868efb-ea7 · **date:** 2026-06-18 (S72) +- **method:** 4× investigator-codebase ∥. **Part B** returned StructuredOutput (full). **Part A FAILED** (no StructuredOutput after 2 nudges). **Part C / H8** truncated in notification tail. → em-main **SELF-GATE recovery** (ground-truth disk: glob/git/grep/read) per `feedback_agent_kill_recovery` — disclosed, valid review-branch (KHÔNG giấu). +- **baseline:** đo vs **CANONICAL spec** (ground-truth AI_INFRA broadcast). `cross-project-status.md` STALE (2026-05-22, RAG Layer A — KHÔNG phải harness 8-10) → KHÔNG dùng để "chứng minh sisters ahead"; honest. + +## Verdict +SE đã landed **Harness-8** (all-inherit) + **Harness-9** (PART A memory + PART B adap-2wf) ở nấc tốt. NHƯNG **BEHIND Harness-10 FLAT refine**: SE đang ở run-trace SUBFOLDER cũ, 2 broadcast 06-18 mới nhất (checklist-v2 + h10-flat-detector-refine) UNADOPTED. Lệnh sleep-recovery (§J2 AI_INFRA) absent (by-design, anh muốn parity). + +## Gap matrix (honest nấc) + +### PART A — memory L2 (self-gated; auditor failed) +| # | gap | nấc thật | bằng chứng | +|---|---|---|---| +| A1 budget.json | ok | executed-file | `.claude/agent-memory/memory-budget.json` có per-tier cap + status | +| A2 seed-by-measure | ok | executed-file+runtime | `scripts/measure-agent-memory.ps1` + `seeded_date` re-measure S71 | +| A3 additive gist + distill-gen | ok | runtime | reviewer/inv `.gist.md` gen:2, impl-be gen:1, verbatim còn | +| A4 coverage-diff gate | ok | convention-met | practiced @curate S70/S71 | +| A5 _INDEX map | ok | executed-file | 4 sub có `archive/_INDEX.md` pointer-only | +| A6 pointer-resolve substring | ok | runtime | substring sha-keyed (S70 design) | +| A7 budget-audit @session-start §2.1.2 | ok | convention-met + runtime | trong session-start.md; chạy session này | +| **A8 sleep-compress command** | **missing** | none | SE KHÔNG có `/sleep-recovery-memory-l2` (AI_INFRA §J2-internal); SE nén ad-hoc @curate | +| A9 .ragignore | ok | executed-file | `.ragignore` tồn tại | +| watch | partial | — | frontend-designer 24.0KB + test-specialist 23.9KB sát cap, CHƯA có archive | + +### PART B — adap 2-workflow (MANDATORY; from workflow) +| # | gap | nấc thật | note | +|---|---|---|---| +| B1 implement run-id | ok | runtime | S70 wf_a58e0d15-beb · S71 wf_e4e46725-231 | +| B2 review run-id ≠ implement | ok | runtime | S70 wf_9520d8cd-4fe · S71 wf_636bc95b-939 (self-gate disclosed khi reviewer no-StructuredOutput) | +| B2.5 reverse-findings | ok | runtime | 3 (S70) + 4 (S71) items | +| B3 email both run-ids + true-nấc | ok | runtime | 2 email outbox/ai_infra, hedged honest | +| **B4 short-confirm via review** | **partial** | convention-met | codified adap-apply.md:38, CHƯA có runtime instance | + +### PART C + refine — run-trace (MANDATORY) +| # | gap | nấc thật | bằng chứng | +|---|---|---|---| +| **C1 FLAT structure** | **missing** | none | 5 run-folders đều SUBFOLDER (`sub-md/`+`harvest/`); canonical = flat | +| C2 scaffold-at-open run.md | ok | convention-met | S71 + audit run này có run.md @open | +| C3 git-tracked 2-level | ok | runtime | `git ls-files .claude/workflows/runs`=**22** · check-ignore exit=1 (NOT ignored) | +| C4 per-turn harvest | ok | convention-met | — | +| C5 3-layer anti-miss | ok | executed-file | runs/README + session-start orphan-scan + session-end gate | +| C6 ledger 2-beat + orphan | ok | executed-file | `_ledger.md` open/close, 0 orphan | +| C7 honest caveat | ok | convention-met | present | +| **C8 migration old→flat + dual-accept gate** | **missing** | none | chưa migrate; close-gate chưa dual-accept | +| **refine(a) hmw.js flat** | **missing** | none | `hmw.js:103/:109` còn `sub-md/` subdir | +| **refine(b) anti-bypass detector** | **N/A-tailored** | none | SE KHÔNG có detector. **Threat-model khác:** SE dùng Anthropic Workflow tool (KHÔNG có CLI-launcher để lách như hmw.js CLI) → "engine-bypass" gần như N/A; containment SE = git-diff + run-folder TRACKED + ledger orphan-scan (G-015). refine nói detector = "chuyện nội bộ mỗi dự án tự quyết" | + +### Harness-8 + hmw +| # | gap | nấc thật | bằng chứng | +|---|---|---|---| +| H8 11/11 inherit | ok | runtime | H1 monitor confirm disk + `hmw.js:43` resolveModel all-inherit | +| hmw.js args.run/wave | ok | executed-file | `:19` `:92` accept args.run + legacy wave | +| **2 broadcast pending** | **missing** | none | checklist-v2 + h10-flat-detector-refine UNADOPTED | +| sleep §J2 scoping | n/a | — | AI_INFRA-internal, KHÔNG phải sister-obligation | + +## Key honest findings (cho report AI_INFRA) +1. **hmw.js engine còn subfolder** (`:103/:109`) — flat migration phải sửa engine, không chỉ folder. +2. **5 run cũ giữ nguyên** (đừng rewrite history); new=flat; close-gate dual-accept (C8-A). +3. **Detector: SE tailored-out có lý-lẽ** — Workflow-tool ≠ CLI-launcher → no bypass surface; containment hiện hữu (git-diff + tracked + orphan-scan) đã phủ. KHÔNG cargo-cult. (Decision điểm — anh chốt build vs document.) +4. **B3 imprecision THẬT (S71):** report/email cite path tắt `runs/` + count "14" cũ; thật = `.claude/workflows/runs` (**22 file**). Folder commit thật; chỉ path-string + count sai → sửa ở report mới. +5. **checklist-v2 nấc-rubric** chưa dệt vào self-verify của SE. + +## Fix plan → IMPLEMENT (next) +- **em-main cluster (single-writer, coherence):** hmw.js sub-md/→flat · runs/README + workflows/README flat · session-start/end flat + dual-accept gate · agents/README repoint + Upgrade S72 · _ledger gate note · keep 5 old runs (history). +- **agent (disjoint):** port `/sleep-recovery-memory-l2` tailored SE (A8). +- **detector (anh chốt):** document tailored-out (default) HOẶC build untracked-run detector nhẹ. +- **report fix:** correct path/count + B4-convention note. diff --git a/.claude/workflows/runs/2026-06-18-harness-audit-invest/run.md b/.claude/workflows/runs/2026-06-18-harness-audit-invest/run.md new file mode 100644 index 0000000..64b00f2 --- /dev/null +++ b/.claude/workflows/runs/2026-06-18-harness-audit-invest/run.md @@ -0,0 +1,25 @@ +# RUN — Harness 8/9/10 re-audit · STAGE 1 INVESTIGATE (🆕 FLAT-trace) + +- **run-id (folder):** 2026-06-18-harness-audit-invest +- **workflow run-id (evidence B3):** wf_13868efb-ea7 +- **task (anh giao):** "double check lại HẾT Harness-8/9/10/10-refine + các checklist + hmw, lấy đầy đủ thông tin, điều chỉnh lại, report trung thực cho AI_INFRA." Stage này = INVESTIGATE: audit fidelity adoption SE vs canonical AI_INFRA, chấm **nấc trung thực** (executed-file / runtime / convention) theo rubric checklist-v2. +- **mandate:** Harness-9 PART 2 — B1 INVESTIGATE workflow tách biệt. Tiếp theo: IMPLEMENT (fix gap) → REVIEW (double-check + B2.5 know-how harvest) → REPORT AI_INFRA (B3, kèm 2+ run-id). +- **checkpoint:** APPROVED (HMW-mode ON = consent + anh gọi đích danh "hwm"). +- **opened:** 2026-06-18 11:09 +07 +- **structure:** 🆕 **FLAT** (dogfood `h10-flat-detector-refine`) — file phẳng cùng cấp, phân biệt bằng TÊN, KHÔNG `sub-md/` + `harvest/` subfolder. (Run cũ S71 giữ subfolder → migrate ở IMPLEMENT, C8.) +- **status:** OPEN → running + +## Mục tiêu stage +Đo SE so với canonical (ground-truth), KHÔNG nhận vống. 4 mảng song song. + +## Agents (4× investigator-codebase, read-only, parallel) +| # | mảng | task | +|---|---|---| +| A | PART A memory L2 | A1-A9 vs `memory-budget.json` / gist / `_INDEX` / coverage-diff / session-start §2.1.2 / `.ragignore` + sleep-cmd absence | +| B | PART B adap-2wf | B1-B4 vs `adap-apply.md` + adap-reports S70/S71 (2 run-id tách? B2.5 know-how? B3 email?) | +| C | PART C + refine | C1-C8 + flat-vs-subfolder (migrate?) + git-tracked 2-nấc + anti-bypass detector 3-func presence | +| D | H8 + hmw | 11/11 inherit? hmw.js flat-aware? broadcast pending? sleep §J2 scoping + cross_project_note | + +## Output (FLAT — em main viết sau khi workflow trả, C4 per-turn) +- `sub-audit-partA.md` · `sub-audit-partB.md` · `sub-audit-partC.md` · `sub-audit-h8hmw.md` (raw per-agent) +- `audit-synthesis.md` (bản gom — verified) diff --git a/.claude/workflows/runs/2026-06-18-harness-fix-implement/implement-synthesis.md b/.claude/workflows/runs/2026-06-18-harness-fix-implement/implement-synthesis.md new file mode 100644 index 0000000..ea0dff4 --- /dev/null +++ b/.claude/workflows/runs/2026-06-18-harness-fix-implement/implement-synthesis.md @@ -0,0 +1,29 @@ +# IMPLEMENT SYNTHESIS — Harness-10 flat migration + sleep-cmd + checklist-v2 (gom/verified) + +- **run-id:** 2026-06-18-harness-fix-implement · **wf:** wf_ac43b5ff-7d1 · 2026-06-18 11:22→11:36 +07 +- **mandate:** Harness-9 B1 (IMPLEMENT tách biệt). REVIEW (B2) theo sau. + +## Done (verified) +**Workflow (2 agent file-disjoint):** sleep-cmd port + runs/README flat — xem `sub-impl-*.md`. +**em-main cluster (single-writer, post-workflow, no same-role race):** +- `hmw.js` flat (`:103` subMd `sub-md/`→`sub--.md`) + 5 stale-text + **H4.5→H8 doc-drift fix** · `node --check` PARSE-OK +- `workflows/README.md` full-rewrite FLAT + roster 8→**9** + detector-out + C8 +- `agents/README.md` decision-tree flat + **Upgrade S72** record +- `session-start.md` §2.1.1 + `session-end.md` close-gate flat + **dual-accept** +- `_ledger.md` FLAT/C8 header note +- 🔴 **5 run cũ S71 GIỮ subfolder** (C8 no-history-rewrite) + +## Gap closure vs audit-synthesis +| gap | trạng thái | +|---|---| +| C1/C8/refine-a FLAT | ✅ DONE (hmw.js + 4 docs + audit/implement runs flat) | +| A8 sleep-cmd | ✅ DONE (ported, live skill) | +| 2 broadcast pending (checklist-v2 + h10-refine) | ✅ ADOPTED | +| detector refine-b | ✅ TAILORED-OUT documented (anh chốt) | +| B3 report imprecision | ⏳ sửa trong report mới (path `.claude/workflows/runs` + 22 file) | +| B4 short-confirm | ⏳ convention note (chưa có runtime instance) | + +## 5-trục (em-main self-gate — REVIEW workflow sẽ double-check độc lập) +- **Coverage:** mọi gap audit addressed. **Completeness:** cluster + 2 agent done. **Fidelity:** hmw.js PARSE-OK, 0 fabrication. **Placement:** governance files đúng chỗ. **Corruption:** G-009 clean (sleep-cmd post-scan clean per agent; em-main edits Write/Edit-tool). + +## NEXT: REVIEW workflow (B2) — independent double-check + B2.5 know-how harvest → REPORT (B3) AI_INFRA. diff --git a/.claude/workflows/runs/2026-06-18-harness-fix-implement/run.md b/.claude/workflows/runs/2026-06-18-harness-fix-implement/run.md new file mode 100644 index 0000000..8e6dbfb --- /dev/null +++ b/.claude/workflows/runs/2026-06-18-harness-fix-implement/run.md @@ -0,0 +1,26 @@ +# RUN — Harness 8/9/10 re-audit · STAGE 2 IMPLEMENT (🆕 FLAT-trace) + +- **run-id (folder):** 2026-06-18-harness-fix-implement +- **workflow run-id (evidence B3):** wf_ac43b5ff-7d1 +- **task:** fix gap từ `audit-synthesis.md` — FLAT migration (C1/C8/refine-a) + port `/sleep-recovery-memory-l2` (A8) + adopt checklist-v2 + h10-refine + document detector TAILORED-OUT (anh chốt) + fix B3 report imprecision. +- **mandate:** Harness-9 B1 (IMPLEMENT workflow tách biệt; REVIEW theo sau). +- **checkpoint:** APPROVED (HMW-ON + anh "double check hết, điều chỉnh lại"). +- **opened:** 2026-06-18 11:22 +07 +- **structure:** 🆕 FLAT (dogfood h10-refine). +- **status:** OPEN → DONE + +## Agents (workflow `wf_ac43b5ff-7d1`, 2× general-purpose file-disjoint) +| file | task | kết quả | +|---|---|---| +| `sub-impl-sleepcmd.md` | port `/sleep-recovery-memory-l2` tailored SE | ✅ `.claude/commands/sleep-recovery-memory-l2.md` (137 dòng, SE 9-sub roster, scope SE-only, 6 SE-env deviation, floor intact, live skill) | +| `sub-impl-runsreadme.md` | rewrite `runs/README.md` FLAT | ✅ C1-C8 + detector tailored-out + flat naming khớp hmw.js | + +## em-main cluster (single-writer, interdependent — post-workflow, no same-role race) +- `hmw.js`: `sub-md/`→flat (`:103` subMd) + 5 stale-text + **H4.5→H8 doc-drift fix** (meta.description) · `node --check` PARSE-OK +- `workflows/README.md`: full rewrite FLAT + roster 8→**9** + detector-tailored-out + C8 +- `agents/README.md`: decision-tree flat + **Upgrade S72** record +- `session-start.md` §2.1.1 orphan-scan flat · `session-end.md` close-gate flat + **dual-accept** +- `_ledger.md`: FLAT/C8 dual-accept header note +- 🔴 **5 run cũ S71 GIỮ subfolder** (C8 — KHÔNG rewrite history) + +## Output (FLAT) → `implement-synthesis.md` (gom) + `sub-impl-*.md` (raw) diff --git a/.claude/workflows/runs/2026-06-18-harness-fix-implement/sub-impl-runsreadme.md b/.claude/workflows/runs/2026-06-18-harness-fix-implement/sub-impl-runsreadme.md new file mode 100644 index 0000000..422a4de --- /dev/null +++ b/.claude/workflows/runs/2026-06-18-harness-fix-implement/sub-impl-runsreadme.md @@ -0,0 +1,8 @@ +# sub-impl-runsreadme — rewrite runs/README.md FLAT (general-purpose · wf_ac43b5ff-7d1) + +File: `.claude/workflows/runs/README.md` (FLAT rewrite, 11 sections). + +- **Flat naming (khớp `../hmw.js`):** `runs//` phẳng: `run.md` + `sub--.md` (raw, prefix `sub-`) + `-synthesis.md` (verified, suffix). Phân biệt bằng TÊN, KHÔNG subfolder. +- **Cover:** C1 flat tree+table · C2 scaffold@open · C3 git-tracked 2-level (check-ignore exit + ls-files) · C5 3-layer · C6 ledger 2-beat · C7 caveat (no fully-autonomous) · C8 migration (5 old keep subfolder, dual-accept). +- **Detector TAILORED-OUT** documented (Workflow-tool, no CLI bypass-surface; containment git-diff+tracked+orphan-scan; 3 principles considered N/A). +- **Ground-truth flags (honest):** (1) **6 run-folders now** (5 old-subfolder + 1 new flat audit run). (2) SE `.gitignore` KHÔNG có bare `runs` rule → cả 2 path `check-ignore` exit=1; cái "bare `runs/` → 0" là `git ls-files` (no tracked file ở bare path) — documented với full-path guidance + `-v` exit-code trap. (3) parent `workflows/README.md` còn old → flagged (em-main đã fix). diff --git a/.claude/workflows/runs/2026-06-18-harness-fix-implement/sub-impl-sleepcmd.md b/.claude/workflows/runs/2026-06-18-harness-fix-implement/sub-impl-sleepcmd.md new file mode 100644 index 0000000..b1b955a --- /dev/null +++ b/.claude/workflows/runs/2026-06-18-harness-fix-implement/sub-impl-sleepcmd.md @@ -0,0 +1,8 @@ +# sub-impl-sleepcmd — port /sleep-recovery-memory-l2 (general-purpose · wf_ac43b5ff-7d1) + +File: `.claude/commands/sleep-recovery-memory-l2.md` (137 dòng, UTF-8 no-BOM, G-009 post-scan clean). Live skill. + +- **"all" target** = 9 memory-bearing subs (investigator-codebase/api · implementer-backend/frontend · test-specialist · reviewer · cicd-monitor · frontend-designer · database-agent). harvest-curator + tooling-auditor = INFORM-only monitors, excluded (no archive). Note: chỉ 4/9 hiện có archive content (cicd · impl-be · inv-codebase · reviewer) — report-not-hardcode (luôn scan đĩa, guard-rỗng skip). +- **Scope:** §J2 AI_INFRA-only → tailored **SE-repo-only**. Provenance note ở đầu (ported từ AI_INFRA §J2-internal theo anh, cross-ref source cmd + design doc §4/§10-P1). +- **6 deviation (SE-env, floor preserved):** (1) `last_sleep_at` home = `.claude/agent-memory/memory-budget.json` (AI_INFRA: `.claude/memory-budget.json`); field CHƯA tồn tại trong SE budget → cmd dặn lead thêm lần đầu. (2) 4-field VN: VIỆC·KẾT-LUẬN·BÀI-HỌC·BẤT-NGỜ. (3) coverage-diff +`gotcha#` (5 token). (4) importance VN cao·vừa·thấp. (5) pointer substring sha-keyed no-line-hint. (6) double-distill guard hardened (SE đã có distill-gen:2 gist). +- **Floor intact:** additive `.gist.md` new (verbatim untouched) · distill-gen counter · double-distill refuse · coverage-diff deterministic gate · Fidelity reviewer-escalate · INFORM-only ≥7d (no autonomous) · last_sleep_at single home · no L1<30KB force · G-009 Write/Edit + post-scan · ratio=report-not-target · Phase 0→5 mirrored. diff --git a/.claude/workflows/runs/2026-06-18-harness-fix-review/review-synthesis.md b/.claude/workflows/runs/2026-06-18-harness-fix-review/review-synthesis.md new file mode 100644 index 0000000..d89c8cb --- /dev/null +++ b/.claude/workflows/runs/2026-06-18-harness-fix-review/review-synthesis.md @@ -0,0 +1,28 @@ +# REVIEW SYNTHESIS — Harness-10 flat migration + sleep-cmd (B2 double-check, gom/verified) + +- **run-id:** 2026-06-18-harness-fix-review · **wf:** wf_d482e10d-5dd · 2026-06-18 13:27→13:4x +07 +- 3× reviewer adversarial ∥. **Dogfood B2 SUCCESS:** review độc-lập bắt đúng cái IMPLEMENT self-assessment bỏ sót (schema-stale + auto-wire overclaim). + +## Verdicts +| reviewer | verdict | finding | +|---|---|---| +| R1 flat-completeness | PASS-with-concerns | 1 minor schema-stale + 1 untracked-note | +| R2 sleepcmd-detector | PASS-with-concerns | **1 MAJOR auto-wire overclaim** + 2 minor | +| R3 containment-honesty | **PASS** | containment clean + honesty strong; 1 minor doc-precision | + +→ **0 blocker. 1 major + 4 minor — TẤT CẢ FIXED** (em-main single-writer, post-review). + +## Fixes applied + verified +1. [R1 minor] `hmw.js:52` schema `subMdPath` desc `sub-md/`→flat ✓ +2. [R2 **MAJOR**] auto-check **WIRED**: `memory-budget.json` `+last_sleep_at:null` + `session-start.md:78` + `session-end.md:48` INFORM (null/≥7d, no-autorun) — grep-verified present (was zero) ✓ +3. [R2 minor] provenance design-doc cite → AI_INFRA absolute path ✓ +4. [R2 minor] charter substring anchor + "cam"→"cấm" typo ✓ +5. [R3 minor] `runs/README:31` dogfood reworded (audit-run=synthesis-only self-gate; implement-run=full raw) ✓ +- **post-fix verify:** `hmw.js` node --check PARSE-OK · budget.json VALID · grep `last_sleep_at` present cả 2 session cmd. + +## B2.5 reverse-findings → AI_INFRA report +1. **rename-migration audit phải grep runtime SCHEMA/contract-description strings** (không chỉ code-path + prose) — path duplicate ở operative-var + comment + schema-desc; schema-desc copy dễ-sót-nhất (data≠code). [bắt được hmw.js:52 self-doc divergence] +2. **ported-command §-anchor phải grep/ls-verify IN sister repo** (re-homed path khác AI_INFRA↔SE); §-cite = wiring-claim → grep-prove (như 'wire BE' bug áp cho governance-doc). +3. **SE `runs/` ở `.claude/workflows/runs/` không phải repo-root** → bare `git ls-files runs` false-0 = FALSE not-tracked; path-qualify + exit-branch check-ignore (negation last-match-wins vô-hình với text-read). + +## VERDICT: ✅ PASS sau-fix → REPORT (B3) AI_INFRA. diff --git a/.claude/workflows/runs/2026-06-18-harness-fix-review/run.md b/.claude/workflows/runs/2026-06-18-harness-fix-review/run.md new file mode 100644 index 0000000..f5b5644 --- /dev/null +++ b/.claude/workflows/runs/2026-06-18-harness-fix-review/run.md @@ -0,0 +1,19 @@ +# RUN — Harness 8/9/10 re-audit · STAGE 3 REVIEW (🆕 FLAT-trace) + +- **run-id (folder):** 2026-06-18-harness-fix-review +- **workflow run-id (evidence B3):** wf_d482e10d-5dd +- **task:** B2 double-check ĐỘC LẬP — flat migration completeness + sleep-cmd port fidelity + containment/honesty; harvest **B2.5 know-how**. +- **mandate:** Harness-9 B2 (REVIEW workflow TÁCH BIỆT khỏi IMPLEMENT `wf_ac43b5ff-7d1` — một-làm-một-soi, bắt lỗi trước commit). +- **checkpoint:** APPROVED (HMW-ON). +- **opened:** 2026-06-18 13:27 +07 +- **structure:** 🆕 FLAT. +- **status:** OPEN → running + +## Agents (3× reviewer adversarial, parallel) +| # | reviewer | task | +|---|---|---| +| R1 | flat-completeness | residual `sub-md/`/`harvest/` scan 6 file + naming consistency hmw.js↔READMEs + `node --check` + C8 5-old-keep | +| R2 | sleepcmd-detector | floor-intact vs AI_INFRA source + scope SE-only + G-009 clean + detector tailored-out reasoning sound | +| R3 | containment-honesty | 0 prod code + investigator-MEMORY pre-existing? + B3 imprecision re-verify + ledger 2-beat + 2 new-runs flat | + +## Output (FLAT) → `review-synthesis.md` (gom) + `sub-review-r{1,2,3}.md` (raw) diff --git a/.claude/workflows/runs/2026-06-18-harness-fix-review/sub-review-r1.md b/.claude/workflows/runs/2026-06-18-harness-fix-review/sub-review-r1.md new file mode 100644 index 0000000..ac68542 --- /dev/null +++ b/.claude/workflows/runs/2026-06-18-harness-fix-review/sub-review-r1.md @@ -0,0 +1,7 @@ +# sub-review-r1 — flat-completeness (reviewer · wf_d482e10d-5dd) + +**VERDICT: PASS-with-concerns** +- Migration COMPLETE + CONSISTENT. `node --check` PARSE-OK. FLAT naming byte-identical: hmw.js:103 ↔ runs/README:16-18 ↔ workflows/README:16-17. 5 old S71 folders INTACT (not rewritten). C8 dual-accept documented (runs/README · workflows/README:19 · session-end:51 · _ledger:6). session-start:71 · session-end:32/51 · agents/README:112 updated flat. +- **MINOR (FIXED):** hmw.js:52 SCHEMA `subMdPath` desc still `sub-md/-.md` (stale vs :103 flat) → em-main fixed `→ sub--.md`. +- MINOR: 3 new flat folders untracked → git add at commit (eligible-vs-committed). +- **B2.5:** rename-audit phải grep runtime SCHEMA/contract-description strings, KHÔNG chỉ code-path + prose; path duplicate ở (1) operative var, (2) comment, (3) schema-desc — schema-desc copy dễ-sót-nhất (data≠code). diff --git a/.claude/workflows/runs/2026-06-18-harness-fix-review/sub-review-r2.md b/.claude/workflows/runs/2026-06-18-harness-fix-review/sub-review-r2.md new file mode 100644 index 0000000..b709947 --- /dev/null +++ b/.claude/workflows/runs/2026-06-18-harness-fix-review/sub-review-r2.md @@ -0,0 +1,8 @@ +# sub-review-r2 — sleepcmd-detector (reviewer · wf_d482e10d-5dd) + +**VERDICT: PASS-with-concerns** +- sleep-cmd port: ALL floor INTACT (none thinned/weakened — verified line-by-line vs source). Scope SE-only + provenance accurate. `last_sleep_at` path SE-correct. G-009 CLEAN. double-distill grounded (investigator gist IS gen:2). 4/9 gist-bearing matches disk. **Detector tailored-out SOUND + HONEST** (hmw.js header states not-node-runnable → AI_INFRA CLI-launcher-bypass threat genuinely N/A; 3 refine functions each N/A-reasoned; no-overclaim caveat + re-visit condition documented; does NOT hand-wave). +- **MAJOR (FIXED):** Auto-check ≥7d trigger UN-WIRED — session-start/end never read `last_sleep_at` = overclaim → em-main WIRED for real: budget.json `+last_sleep_at:null` + session-start:78 + session-end:48 INFORM steps; grep now matches (was zero). +- **MINOR (FIXED):** provenance design-doc cite read SE-local but AI_INFRA-only → qualified absolute AI_INFRA path. +- **MINOR (FIXED):** charter cites prose vs source line-anchor → added substring anchor + fixed "cam"→"cấm" typo. +- **B2.5:** ported-command integration anchors (§-cite) phải grep/ls-verify IN SE repo (re-homed path khác AI_INFRA); §-cite = wiring-claim → grep-prove như 'wire BE' bug (claim-vs-grep áp cho governance-doc wiring). diff --git a/.claude/workflows/runs/2026-06-18-harness-fix-review/sub-review-r3.md b/.claude/workflows/runs/2026-06-18-harness-fix-review/sub-review-r3.md new file mode 100644 index 0000000..bcbc421 --- /dev/null +++ b/.claude/workflows/runs/2026-06-18-harness-fix-review/sub-review-r3.md @@ -0,0 +1,9 @@ +# sub-review-r3 — containment-honesty (reviewer · wf_d482e10d-5dd) + +**VERDICT: PASS** (0 blocker) +- **CONTAINMENT clean:** ZERO production code (no src/Backend, fe-*, tests/, .csproj, Migrations/). Changed = 8 `.claude` governance/workflow/docs + investigator MEMORY + 3 untracked (1 cmd + 2 run-folders). No scope drift. +- **investigator MEMORY `M` corrected:** = THIS session's S71/S72 audit-trail (5 entries: subfolder-not-flat · detector-MISSING · hmw-flat-gap · path-trap-runs-folder · refsweep), zero code, await session-end flush = correct (NOT unrelated pre-existing race). +- **B3 path-trap ACCURATE:** `git ls-files runs`(bare)=0 vs `.claude/workflows/runs`=22; old "14" real at 8c47bd0 (`ls-tree`=14)→22 now (h910 + 2 new runs). "14(cũ)→22(thật) + bare-path trap" precise, not fabrication. +- Ledger 7 rows all CLOSE-beat, 0 orphan, FLAT/C8 note present (_ledger:6). 2 new runs FLAT (no sub-md/harvest subdir). hmw.js migrated flat + PARSE-OK. detector honest. sleep-cmd SE-tailored. +- **MINOR (FIXED):** runs/README:31 dogfood example named `sub-audit-*.md` that don't exist (Part A fail→self-gate) → reworded (audit-run = run.md+synthesis only; implement-run = full raw set). +- **B2.5:** SE `runs/` at `.claude/workflows/runs/` NOT repo-root → bare `git ls-files runs` falsely 0 = FALSE not-tracked conclusion; ALWAYS path-qualify + exit-branch check-ignore (negation `!.claude/**` last-match-wins invisible to text-read of .gitignore). diff --git a/.claude/workflows/runs/README.md b/.claude/workflows/runs/README.md index c687c6a..364b3b5 100644 --- a/.claude/workflows/runs/README.md +++ b/.claude/workflows/runs/README.md @@ -1,80 +1,137 @@ -# `runs/` — Run-trace convention (Harness-10) +# `runs/` — Run-trace convention (Harness-10 · cấu trúc **PHẲNG**) -> **Mục đích:** mỗi workflow fan-out (RUN-TRACE mode) ghi lại 1 dấu-vết hoàn-chỉnh trong `runs//` git **TRACKED** — plan + per-sub detail + harvest gom — cộng sổ `_ledger.md` 2-nhịp. TRACKED nghĩa là mọi write trong run-folder hiện trong `git diff` → **audit trực-tiếp**, không cần tin lời agent return. Adopt AI_INFRA Harness-10 (anh 06-18). Convention cha: `../README.md`. +> **Mục đích:** mỗi workflow fan-out (RUN-TRACE mode) ghi lại 1 dấu-vết hoàn-chỉnh trong `runs//` git **TRACKED** — plan + per-sub detail + bản-gom — cộng sổ `_ledger.md` 2-nhịp. TRACKED nghĩa là mọi write trong run-folder hiện trong `git diff` → **audit trực-tiếp**, không cần tin lời agent return. Adopt AI_INFRA Harness-10 (anh 06-18) + DELTA `h10-flat-detector-refine` (06-18). Convention cha: `../README.md`. +> +> 🆕 **REFINE 06-18 — cấu trúc PHẲNG.** Trước đây mỗi run-folder có **2 thư mục con** (`sub-md/` + `harvest/`). NAY mọi vết tích nằm **phẳng cùng MỘT cấp** trong `runs//`; phân biệt **bản-thô (raw, per-sub)** vs **bản-đã-soát (verified, gom)** bằng **TÊN file**, KHÔNG bằng thư mục con. Lý do: engine (`hmw.js` JS-sandbox no-fs) chỉ tạo artifact ở **một cấp** một cách tự nhiên — bỏ thư-mục-con sâu thì xoá luôn **một điểm-hay-quên** ngay tại gốc (không còn thư-mục-con-để-quên-dựng). -**run-id** = `YYYY-MM-DD-h-` (vd `2026-06-18-h10-invest`). Nhiều run cùng ngày → slug phân-biệt stage (`-invest` / `-implement` / `-review`). +**run-id** = `YYYY-MM-DD-h-` (vd `2026-06-18-harness-audit-invest`). Nhiều run cùng ngày → slug phân-biệt stage (`-invest` / `-implement` / `-review`). --- -## C1 — Cấu trúc 3 phần (mỗi `runs//`) +## C1 — Cấu trúc PHẲNG (mỗi `runs//` — file cùng MỘT cấp) + ``` runs// -├── run.md ← (1) PLAN — em main @P1: meta + mục-tiêu + agents-table + guards + status OPEN→CLOSE -├── sub-md/ ← (2) PER-SUB — 1 file/sub/turn: -.md (vd investigator-codebase-0.md) -│ └── .gitkeep (giữ folder rỗng trong git khi chưa có write-sub) -└── harvest/ ← (3) HARVEST — em main: -synthesis.md gom kết-quả turn (C4 per-turn) - └── .gitkeep +├── run.md ← (1) PLAN — em main @P1: meta + mục-tiêu + agents-table + guards + status OPEN→CLOSE +├── sub--.md ← (2) PER-SUB raw — 1 file/sub/turn, prefix `sub-` (vd sub-investigator-codebase-0.md) +├── sub--.md (fan-out cùng-role → đánh số -0 / -1 …) +└── -synthesis.md ← (3) GOM verified — em main: bản-gom 1 turn, suffix `-synthesis.md` (vd invest-synthesis.md) ``` -- **(1) `run.md`** — nguồn-sự-thật của run: workflow run-id (evidence B3 `wf_…`), adap/mandate, checkpoint, opened, input-spec (nếu nối stage trước), agents-table (`# · role · task`), guards áp cho sub, output-path. Mẫu: `2026-06-18-h10-invest/run.md`. -- **(2) `sub-md/-.md`** — full working detail 1 sub. Write-sub (Write/Edit) tự ghi @P2; read-only sub (CHỈ Bash) → trả `findings`+`subMdPath`, **em main scribe @P3** (single-writer, tránh mojibake). **1 sub-MD / role / turn** (fan-out cùng-role → đánh số `-0`/`-1`). -- **(3) `harvest/-synthesis.md`** — em main gom `sub-md/`+findings → 5-trục integrity → build-spec/synthesis. Mẫu: `2026-06-18-h10-invest/harvest/invest-synthesis.md`. + +**Phân-biệt raw vs verified bằng TÊN, KHÔNG bằng subfolder:** + +| Loại | Quy-ước TÊN | Ai ghi | Nội-dung | +|---|---|---|---| +| **PLAN** | `run.md` (cố định) | em main @P1 | nguồn-sự-thật của run: workflow run-id (evidence B3 `wf_…`), adap/mandate, checkpoint, opened, input-spec (nếu nối stage trước), agents-table (`# · role · task`), guards áp cho sub, output-path, status OPEN→CLOSE. | +| **PER-SUB (raw)** | **prefix `sub-`** → `sub--.md` | write-sub tự ghi @P2 · read-only sub → em main scribe @P3 | full working detail 1 sub. **1 sub-MD / role / turn** (cùng-role → `-0`/`-1`). Read-only sub (CHỈ Bash) KHÔNG Bash-write MD (mojibake) → trả `findings`+`subMdPath`, **em main single-writer**. | +| **GOM (verified)** | **suffix `-synthesis.md`** → `-synthesis.md` | em main per-turn (C4) | gom `sub-*`+findings → 5-trục integrity → build-spec/synthesis. | + +> 🟢 **Quy-tắc nhận-diện:** file bắt đầu bằng `sub-` = **bản-thô** (per-sub); file kết bằng `-synthesis.md` = **bản-đã-soát** (gom). `run.md` = plan. Không cần mở file/không cần subfolder để biết loại — đọc TÊN là đủ. (Khớp `../hmw.js` inject path: engine ghi-direct `runs//sub--.md`, KHÔNG `sub-md/…`.) +> +> **Live dogfood:** `2026-06-18-harness-audit-invest/` = `run.md` + `audit-synthesis.md` **CHỈ** (KHÔNG subfolder, KHÔNG raw `sub-audit-*.md`) — vì 1 auditor fail-no-StructuredOutput + 2 truncated → em main self-gate ground-truth từ đĩa, không có raw-sub để scribe (xem `audit-synthesis.md:4`). Ví-dụ tên `sub--.md` là minh-hoạ QUY-TẮC-ĐẶT-TÊN, KHÔNG phải artifact bắt-buộc mỗi run. Run `2026-06-18-harness-fix-implement/` mới có đủ raw (`sub-impl-sleepcmd.md` + `sub-impl-runsreadme.md` + `implement-synthesis.md`) = full flat set điển-hình. --- -## C2 — Scaffold ở CẢ 3 đầu-run (em main @P1, TRƯỚC khi invoke Workflow) -`hmw.js` chạy JS-sandbox **no-filesystem** → KHÔNG tự tạo folder/file. Em main PHẢI Write @P1, đủ **3 đầu**: -1. **Tạo run-folder:** `runs//run.md` (điền plan) + `sub-md/.gitkeep` + `harvest/.gitkeep`. +## C2 — Scaffold `run.md` ở OPEN (em main @P1, TRƯỚC khi invoke Workflow) +`hmw.js` chạy JS-sandbox **no-filesystem** → KHÔNG tự tạo folder/file. Em main PHẢI Write @P1: +1. **Tạo run-folder + PLAN:** `runs//run.md` (điền plan đầy-đủ). 🆕 **KHÔNG cần `mkdir sub-md/` / `harvest/` / `.gitkeep`** — file `sub-*` và `*-synthesis.md` sẽ sinh ra **phẳng cùng cấp** trong cùng folder đó (engine + em main ghi 1 cấp). 2. **Ghi OPEN-beat** vào `runs/_ledger.md` (1 dòng, `closed=⏳`). -3. **(nối stage)** trỏ `input spec:` trong `run.md` sang `harvest/` của run trước (vd implement đọc invest-synthesis). +3. **(nối stage)** trỏ `input spec:` trong `run.md` sang `-synthesis.md` của run trước (vd implement đọc `invest-synthesis.md`). -> 🔴 **C2 là fragile-point.** Quên bước scaffold = run chạy nhưng KHÔNG có dấu-vết = **lỗ-hổng âm-thầm** (không lỗi, không cảnh-báo — chỉ thiếu file). 3-layer (C5) là lưới giảm-thiểu, KHÔNG khoá-cứng. Xem C7. +> 🔴 **C2 là fragile-point.** Quên scaffold = run chạy nhưng KHÔNG có dấu-vết = **lỗ-hổng âm-thầm** (không lỗi, không cảnh-báo — chỉ thiếu file). 3-layer (C5) là lưới giảm-thiểu, KHÔNG khoá-cứng. Xem C7. 🆕 Cấu trúc phẳng bỏ **1 trong 2** điểm-hay-quên (không còn subfolder-to-forget); dư-lượng còn lại = **vẫn phải tự ghi `-synthesis.md` mỗi run** (close-gate C5/L3 bắt nếu thiếu). --- -## C3 — Ledger 2-nhịp (`_ledger.md`) -Sổ tất-cả run, 1 bảng. Mỗi run **2 lần ghi**: -- **OPEN-beat** (@P1, lúc scaffold): thêm dòng `| | | | ⏳ | | ⏳ | harvest/ |`. +## C3 — Git-tracked: VERIFY **2 nấc tách-bạch** (chỗ hay nhầm) +Run-folder PHẢI git **TRACKED** (re-include qua `.gitignore:83 !.claude/**`, last-match-wins). Verify ĐỦ **2 nấc** — đừng dừng ở nấc 1: + +```bash +# Nấc (i) — GỠ-KHỎI-IGNORE (tracked-eligible): exit != 0 = KHÔNG bị ignore +git check-ignore .claude/workflows/runs ; echo "exit=$?" # SE: exit=1 ✓ (không ignore) + +# Nấc (ii) — THẬT-SỰ-COMMIT: liệt-kê ra file = đã `git add`/commit +git ls-files .claude/workflows/runs | wc -l # SE: 22 ✓ (non-empty = đã commit) +``` + +- **Nấc (i) `check-ignore` exit != 0** = thư-mục KHÔNG nằm trong ignore (tracked-**eligible**). ⚠️ Mới là *đủ-điều-kiện-track*, **CHƯA chắc đã commit**. +- **Nấc (ii) `ls-files` non-empty** = thật-sự có file trong index (đã `git add`/commit). 🔴 **eligible ≠ committed:** một folder `check-ignore` exit!=0 NHƯNG `ls-files` rỗng = **chưa hề commit** (bằng-chứng sống tại AI_INFRA chính trường-hợp này). PHẢI chạy CẢ 2 lệnh. +- 🔴 **ĐÚNG PATH mới đáng tin.** Path đúng = **`.claude/workflows/runs`** (đầy-đủ từ repo-root). Bare `runs/` (tên trần) là path SAI — ở repo khác, `git check-ignore runs` từ repo-root có thể trả **exit 0** (match nhầm rule khác / không match negation `.claude/**`) → **đọc sai thành "bị ignore"**. *(Quan-sát SE: cả `runs` lẫn `.claude/workflows/runs` đều trả exit=1 vì .gitignore SE không có rule `runs` trần — nhưng ĐỪNG dựa may-rủi đó: luôn dùng path đầy-đủ `.claude/workflows/runs`.)* +- **Bẫy exit-code khi dùng `-v`:** `git check-ignore -v ` trả exit 0 cho CẢ ignore lẫn negation (`!.claude/**`) → đừng đọc exit của `-v` để kết-luận; dùng dạng không-`-v` ở trên (exit!=0 = không ignore) hoặc `&& echo IGNORED || echo NOT`. + +--- + +## C4 — Per-turn primary (gom NGAY, không đợi session-end) +Gom là **việc của turn**, không defer. Sau MỖI fan-out turn → em main đọc `sub-*`+findings → ghi `-synthesis.md` **liền trong turn đó** (chính file synthesis này là bằng-chứng). Lợi: detail tươi, không mất qua nén-context; session-end chỉ VERIFY (không tái-tạo). **Đây là đường CHÍNH (primary)**; gom toàn-bộ @session-end (L3) chỉ là **lưới an-toàn (safety-net)**, KHÔNG phải đường chính. + +--- + +## C5 — 3-layer anti-miss (lưới chống bỏ-sót — KHÔNG khoá-cứng-cùng-lúc-fire) +| Layer | Khi | Làm gì | +|---|---|---| +| **L1 in-run ledger-check** | em-main @P1, lúc mở run mới (TRƯỚC scaffold) | đọc `_ledger.md`: nếu run TRƯỚC còn `closed=⏳` (OPEN-beat chưa CLOSE / thiếu `-synthesis.md`) → gom + CLOSE nó TRƯỚC khi mở run mới. *(Engine no-fs → KHÔNG đọc được ledger → L1 là convention **EM-MAIN**, KHÔNG phải `hmw.js` prompt. hmw.js chỉ emit C4 per-turn return-instruction cho sub tại writeGuard.)* | +| **L2 session-start orphan-scan** | đầu session (`session-start.md` §2.1.1 H2) | scan `runs/*/` tìm **orphan = OPEN-beat (ledger `closed=⏳`) mà KHÔNG có `-synthesis.md`** → báo + giải-quyết (C6). | +| **L3 session-end close-gate** | cuối session (`session-end.md` §L.b(f) H2) | VERIFY per-turn gom đã xong cho mọi `runs//` (**idempotent — KHÔNG re-APPEND**, chống DUPLICATE-HARVEST) + 5-trục GATE backstop trước khi commit. 🆕 close-gate **chấp nhận CẢ 2 dạng** (old-subfolder + new-flat) trong giai-đoạn chuyển — xem C8. | + +> 3 layer **độc-lập, fire ở 3 thời-điểm khác nhau** (run-open @P1 / session-start / session-end) — **KHÔNG layer nào do engine enforce** (hmw.js no-fs), cả 3 là convention em-main/H2. → giảm xác-suất sót, KHÔNG triệt-tiêu. Sót ở P1 (C2) cùng blind-spot với L1 (đều @P1) → chỉ bắt MUỘN ở L2 (session sau) / L3 (close-gate). + +--- + +## C6 — Ledger 2-nhịp + orphan resolution (`_ledger.md`) +Sổ tất-cả run, 1 bảng. Mỗi run **2 lần ghi (2-nhịp)**: +- **OPEN-beat** (@P1, lúc scaffold): thêm dòng `| | | | ⏳ | | ⏳ | -synthesis.md |`. - **CLOSE-beat** (lúc đóng run): điền `closed` timestamp + `verdict` (PASS/FAIL + 1 dòng + `wf_…`) + `harvest` (path file synthesis ✓). `closed=⏳` = đang chạy (OPEN chưa CLOSE). ---- - -## C4 — Per-turn primary (harvest NGAY, không đợi session-end) -Harvest là **việc của turn**, không defer. Sau MỖI fan-out turn → em main đọc `sub-md/`+findings → ghi `harvest/-synthesis.md` **liền trong turn đó** (chính file synthesis này là bằng-chứng). Lợi: detail tươi, không mất qua nén-context; session-end chỉ VERIFY (không tái-tạo). - ---- - -## C5 — 3-layer anti-miss (lưới chống bỏ-sót, KHÔNG khoá-cứng-cùng-lúc-fire) -| Layer | Khi | Làm gì | -|---|---|---| -| **L1 in-run reminder** | lúc mở run mới (em-main @P1, TRƯỚC scaffold) | em-main đọc `_ledger.md`: nếu run TRƯỚC còn `closed=⏳` (OPEN-beat chưa CLOSE / `harvest/` rỗng) → harvest + CLOSE nó TRƯỚC khi mở run mới. *(Engine no-fs → KHÔNG đọc được ledger → L1 là convention EM-MAIN, KHÔNG phải `hmw.js` prompt. hmw.js chỉ emit C4 per-turn return-instruction cho sub tại writeGuard.)* | -| **L2 session-start rescan** | đầu session (`session-start.md` §2.1.1 H2) | scan `runs/*/` tìm **OPEN-beat (ledger `closed=⏳`) mà `harvest/` rỗng = orphan** → báo + giải-quyết. | -| **L3 session-end close-gate** | cuối session (`session-end.md` §L.b(f) H2) | VERIFY per-turn harvest đã xong cho mọi `runs//` (**idempotent — KHÔNG re-APPEND**, chống DUPLICATE-HARVEST) + 5-trục GATE backstop trước khi commit. | - -> 3 layer **độc-lập, fire ở 3 thời-điểm khác nhau** — không layer nào enforce lúc-ghi. Bỏ-sót ở P1 (C2) chỉ bị bắt MUỘN (L2 session sau / L3 close-gate), không chặn tại-chỗ. - ---- - -## C6 — Orphan resolution (OPEN không CLOSE) -**Orphan** = dòng ledger `closed=⏳` nhưng run thực-tế đã xong/bỏ (vd session bị kill, agent die-0-byte, quên CLOSE-beat). -- **Phát-hiện:** L2 session-start rescan (`closed=⏳` + `harvest/` trạng-thái) hoặc L3 close-gate. -- **Giải-quyết-CỨNG** (không để treo): - 1. **Điều-tra** đĩa THẬT: `run.md` status + `sub-md/` có detail? + `harvest/` có synthesis? + git-log workflow `wf_…`. - 2. **Đóng tay** nếu run thật-sự xong: điền CLOSE-beat (timestamp + verdict + harvest path). - 3. **Đánh-dấu aborted** nếu run bỏ-dở: verdict = `⚠️ ABORTED — `, ghi rõ phần nào hoàn-thành (recover qua git/disk/prod truth, KHÔNG tin agent return-message). +**Orphan** = dòng ledger `closed=⏳` nhưng run thực-tế đã xong/bỏ (session bị kill, agent die-0-byte, quên CLOSE-beat). **Giải-quyết-CỨNG** (không để treo): +1. **Điều-tra đĩa THẬT:** `run.md` status + có file `sub-*`? + có `-synthesis.md`? + git-log workflow `wf_…`. +2. **Đóng tay** nếu run thật-sự xong: điền CLOSE-beat (timestamp + verdict + harvest path). +3. **Đánh-dấu aborted** nếu run bỏ-dở: verdict = `⚠️ ABORTED — `, ghi rõ phần nào hoàn-thành (recover qua git/disk/prod truth, **KHÔNG tin agent return-message**). --- ## C7 — 🔴 CAVEAT trung-thực (no-overclaim) -- **Engine no-fs → scaffold KHÔNG tự-động.** `hmw.js` (`:4` no hot-reload, JS-sandbox no-filesystem) KHÔNG tạo được folder. Run-trace dựa **100% vào em-main Write @P1** (C2). Không có cơ-chế nào ép tạo folder. -- **C2 = fragile-point.** Quên scaffold = lỗ-hổng âm-thầm (run chạy OK, chỉ mất dấu-vết). Không lỗi runtime để bắt. -- **3-layer = LƯỚI, KHÔNG khoá-cứng-cùng-lúc-fire.** L1/L2/L3 fire ở 3 thời-điểm khác nhau (run-open @P1 / session-start / session-end), **cả 3 đều là convention em-main/H2 — KHÔNG layer nào do engine enforce** (hmw.js no-fs). → giảm xác-suất sót, KHÔNG triệt-tiêu. Sót P1 (C2) cùng blind-spot với L1 (đều @P1) → chỉ bắt MUỘN ở L2/L3. -- **G-015 no-overclaim — TRACKED ≠ read-only-ENFORCED.** Run-folder git-tracked KHÔNG biến sub thành read-only: sub **vẫn giữ Bash** (write-channel mở — ghi-ngoài-repo git-diff mù / curl Qdrant). Containment THẬT (xem model dưới) = em-main single-writer + git-diff(in-repo) + chunk-count(RAG), defense-in-depth — KHÔNG sandbox cứng, KHÔNG claim "ENFORCED". +- **Engine no-fs → scaffold KHÔNG tự-động.** `hmw.js` (JS-sandbox no-filesystem) KHÔNG tạo được folder/file. Run-trace dựa **100% vào em-main**: scaffold `run.md` @P1 (C2) + tự ghi `-synthesis.md` mỗi run (C4). Không có cơ-chế nào ép tạo file. **NOT fully-autonomous** — đây là **hard-gate-trên-INPUT** (em main tự dựng khung + tự bơm tham-số đầu/cuối mỗi run), KHÔNG phải engine tự-động. +- **Cấu trúc phẳng giảm fragile từ 2 → 1, KHÔNG triệt-tiêu.** Bỏ subfolder xoá được điểm-hay-quên "dựng sẵn `sub-md/`+`harvest/`" (engine giờ ghi 1 cấp, **no subfolder-to-forget**). NHƯNG còn **dư-lượng**: em-main VẪN phải nhớ ghi `-synthesis.md` mỗi run (close-gate L3 bắt nếu thiếu). Điểm-yếu **giảm 1-trong-2**, chứ không biến mất → C2 vẫn bắt-buộc. +- **3-layer = LƯỚI, KHÔNG khoá-cứng-cùng-lúc-fire.** L1/L2/L3 bắt lỗi **sau khi** việc đã xảy ra (post-hoc) hoặc nhắc **dựa-trên-input em-main-bơm** — giảm xác-suất sót, KHÔNG chặn tại-đúng-thời-điểm-fire. Phòng-thủ-nhiều-lớp, KHÔNG bảo-đảm tuyệt-đối. +- **G-015 no-overclaim — TRACKED ≠ read-only-ENFORCED.** Run-folder git-tracked KHÔNG biến sub thành read-only: sub **vẫn giữ Bash** (write-channel mở — ghi-ngoài-repo git-diff mù / curl Qdrant). Containment THẬT (model dưới) = em-main single-writer + git-diff(in-repo) + chunk-count(RAG), defense-in-depth — KHÔNG sandbox cứng, KHÔNG claim "ENFORCED". --- -## Containment model (PHẢI khớp `_ledger.md:4` — đồng-bộ 3 chỗ: đây · `_ledger.md` · `../hmw.js:112`) +## C8 — MIGRATION (run cũ giữ subfolder · close-gate chấp-nhận CẢ 2 dạng) +🔴 **KHÔNG viết lại lịch-sử.** 5 run-folder S71 đã chốt giữ **NGUYÊN cấu trúc cũ** `sub-md/` + `harvest/` (đã commit, KHÔNG đụng): +``` +2026-06-18-h10-invest/ (run.md + sub-md/ + harvest/invest-synthesis.md) ← cũ, GIỮ +2026-06-18-h10-implement/ (run.md + sub-md/ + harvest/implement-synthesis.md) ← cũ, GIỮ +2026-06-18-h10-review/ (run.md + sub-md/ + harvest/review-synthesis.md) ← cũ, GIỮ +2026-06-18-h910-finalize/ (run.md + sub-md/ + harvest/finalize-synthesis.md) ← cũ, GIỮ +2026-06-18-h910-curate/ (run.md + sub-md/ + harvest/curate-synthesis.md) ← cũ, GIỮ +2026-06-18-harness-audit-invest/ (run.md + audit-synthesis.md) ← 🆕 FLAT +``` +- **Run MỚI từ refine 06-18 → dùng FLAT** (`sub--.md` + `-synthesis.md` cùng cấp). Run CŨ → để yên (đừng gom-lên-cấp/đừng xoá subfolder — re-writing history vô-ích + làm bẩn git-log). +- 🟢 **Close-gate (L3) ACCEPT BOTH** suốt giai-đoạn chuyển: verify gom ở **`harvest/-synthesis.md`** (dạng cũ) **HOẶC** `-synthesis.md` phẳng (dạng mới). Không fail run cũ chỉ vì thiếu file-phẳng. +- **2 nấc track (C3)** áp cho CẢ 2 dạng: `check-ignore` exit!=0 + `ls-files` non-empty. + +--- + +## Containment model (PHẢI khớp `_ledger.md` + `../hmw.js` — đồng-bộ 3 chỗ: đây · `_ledger.md` · `../hmw.js`) > Run-folder `runs//` được git **TRACKED** → mọi write **HIỆN** trong git-diff = **audit trực-tiếp**. Containment: tracked-change **NGOÀI** `runs//` **VÀ NGOÀI** code-disjoint đã giao = **vi-phạm** (thay model Harness-2 B6 "mọi tracked-change = vi-phạm"). G-015 no-overclaim: TRACKED ≠ read-only-enforced — sub vẫn giữ Bash (write-channel mở), containment THẬT = em-main single-writer + git-diff(in-repo) + chunk-count(RAG). -**Verify pattern:** `git check-ignore -v ` — bẫy exit-code (exit 0 cho CẢ negation `!.claude/**` lẫn ignore) → dùng `&& IGNORED || NOT` để đọc đúng. Run-folder match `:83 !.claude/**` = re-included = TRACKED (HIỆN trong diff). +--- + +## Anti-bypass detector — **SE TAILORED-OUT** (quyết-định có chủ-đích, anh chốt) +> Refine 06-18 (b) đề-xuất làm-chặt một **bộ-dò chống-lách-engine** (soi nhật-ký/mã xem có run nào né engine chuẩn không) theo **3 chức-năng**. **SE quyết-định KHÔNG hiện-thực bộ-dò này** — đã CÂN-NHẮC và thấy **N/A cho threat-model của SE.** Giữ trung-thực, KHÔNG overclaim "đã có anti-bypass detector". + +**Lý-do tailored-out:** +- **SE chạy workflow qua Anthropic Workflow tool (`hmw.js` invoke), KHÔNG có bề-mặt-lách kiểu CLI-launcher.** AI_INFRA threat-model giả-định một node-CLI launcher (đường-vòng chạy lén engine) cần bộ-dò canh. SE **không có launcher như vậy** → không có "đường-vòng" để dò. +- **Containment SE đã đủ bằng cơ-chế khác (G-015 defense-in-depth):** `git diff` commit-gate (mọi write tracked HIỆN trong diff) + run-folder git-tracked (audit trực-tiếp) + `_ledger.md` orphan-scan (L2/L3) — backstop THẬT (không phải prompt). Bộ-dò pattern-match thêm = trùng-lặp, không bịt lỗ mới. + +**3 chức-năng refine — CÂN-NHẮC rồi N/A cho SE:** + +| Chức-năng refine (b) | Áp SE? | Vì sao | +|---|---|---| +| **(1) Whitelist launcher hợp-lệ** | N/A | SE không có launcher-wrapper quanh engine → không có gì để whitelist. | +| **(2) Khớp đa-dạng biến-thể path tới engine** | N/A | SE invoke engine qua Workflow tool (1 đường duy-nhất), không có path-variant để khớp. | +| **(3) Neo KHOÁ-khởi-chạy-thật (đừng match tên-engine lẫn trong script) + acceptance theo QUAN-HỆ** | N/A | Không có log-scan detector → không có chỗ neo launch-key. Acceptance-by-relation (hợp-lệ ≠ vi-phạm, hợp-lệ tăng dần OK) là nguyên-tắc tốt nhưng chỉ áp được khi CÓ detector. | + +> 🔴 **No-overclaim:** SE **KHÔNG** claim đã adopt anti-bypass detector. SE claim: đã **đọc + cân-nhắc** 3 chức-năng, **chọn tailored-out** vì threat-model SE không có CLI-launcher-bypass-surface; containment dựa **git-diff + run-folder-tracked + ledger-orphan-scan** (G-015). Nếu sau này SE thêm launcher-wrapper → re-visit quyết-định này. diff --git a/.claude/workflows/runs/_ledger.md b/.claude/workflows/runs/_ledger.md index 33d1724..0162cf7 100644 --- a/.claude/workflows/runs/_ledger.md +++ b/.claude/workflows/runs/_ledger.md @@ -3,6 +3,7 @@ > **Two-beat (C6):** ghi nhịp **OPEN** lúc mở run + nhịp **CLOSE** lúc đóng run. **Orphan** = OPEN mà không CLOSE → phải giải-quyết-cứng (điều tra + đóng tay hoặc đánh dấu aborted). > **Tracked (C3):** thư mục `runs//` được git theo dõi (KHÔNG gitignore). Containment chuyển sang model **"tracked-change NGOÀI run-folder (+ code-disjoint đã giao) = vi phạm"** (thay model Harness-2 B6 "mọi tracked-change = vi phạm"). > Cột `closed=⏳` = đang chạy (OPEN-beat). Điền timestamp + verdict khi đóng (CLOSE-beat). +> 🆕 **FLAT (C1/C8, h10-refine 06-18):** run MỚI = file phẳng cùng cấp (`run.md` + `sub--.md` + `-synthesis.md`, KHÔNG subfolder). **5 run cũ (`h10-invest`…`h910-curate`) GIỮ `sub-md/`+`harvest/`** — đừng rewrite history; close-gate **dual-accept** cả hai dạng. | run-id | workflow | opened | closed | agents | verdict | harvest | |---|---|---|---|---|---|---| @@ -11,3 +12,6 @@ | 2026-06-18-h10-review | Harness-10 adap — REVIEW | 2026-06-18 08:52 +07 | 2026-06-18 09:01 +07 | 3× reviewer (adversarial ∥) | ✅ PASS sau-fix — R1 PASS · R2/R3 bắt C5 L1 over-claim (high-conf, đã fix path-a) · `wf_636bc95b-939` | `harvest/review-synthesis.md` ✓ | | 2026-06-18-h910-finalize | Harness-9+10+checklist — FINALIZE double-check (anh giao) | 2026-06-18 09:41 +07 | 2026-06-18 09:52 +07 | 3× reviewer (R1 Part A / R2 Part B+C / R3 cross-cutting) | ✅ GAPS-FOUND, 0 code-defect — R3 thorough (R1/R2 no-StructuredOutput → self-gate); 3 gap (G1 over-cap curate · G2 stale-claims · G3 H10-memory) + 1 minor · `wf_73de399d-753` | `harvest/finalize-synthesis.md` ✓ | | 2026-06-18-h910-curate | Harness-9 curate G1 — reviewer+investigator L1→L2 | 2026-06-18 09:52 +07 | 2026-06-18 10:05 +07 | 2× general-purpose (1/file, file-disjoint, NO same-file race) | ✅ PASS — reviewer 36.7→24.8KB (moved 10) + inv 29.8→23.2KB (moved 3), both <25600 cap; archive +N -0 (0-byte-loss, grep-Fxf 10/10 + md5sum verified); em-main +reviewer-gist gen:2 + budget re-measure · `wf_f32987b8-03f` | `harvest/curate-synthesis.md` | +| 2026-06-18-harness-audit-invest | Harness 8/9/10 re-audit — INVESTIGATE (anh giao) · 🆕FLAT | 2026-06-18 11:09 +07 | 2026-06-18 11:21 +07 | 4× investigator-codebase (read-only ∥) | ✅ DONE — Part B structured; Part A failed-no-SO + C/H8 truncated → em-main self-gate ground-truth. Gaps: C1/C8/refine-a FLAT migration · A8 sleep-cmd · 2 broadcast pending · detector tailored-N/A · `wf_13868efb-ea7` | `audit-synthesis.md` ✓ (FLAT) | +| 2026-06-18-harness-fix-implement | Harness 8/9/10 re-audit — IMPLEMENT (FLAT migration + sleep-cmd + checklist-v2) · 🆕FLAT | 2026-06-18 11:22 +07 | 2026-06-18 11:36 +07 | 2× general-purpose (file-disjoint ∥) + em-main cluster | ✅ DONE — sleep-cmd port + runs/README flat (agent) · hmw.js+workflows/README+agents/README+session-cmds+ledger flat + H4.5→H8 (em-main) · 5 old runs keep subfolder C8 · node --check OK · `wf_ac43b5ff-7d1` | `implement-synthesis.md` ✓ (FLAT) | +| 2026-06-18-harness-fix-review | Harness 8/9/10 re-audit — REVIEW (B2 double-check) · 🆕FLAT | 2026-06-18 13:27 +07 | 2026-06-18 13:37 +07 | 3× reviewer (adversarial ∥) | ✅ PASS sau-fix — R3 PASS (containment clean, honesty strong) · R1/R2 PASS-w-concerns: 1 major (auto-wire overclaim) + 4 minor → TẤT CẢ FIXED em-main (hmw.js:52 schema · WIRE last_sleep_at session-start/end · provenance · charter-anchor · README:31); post-fix node --check OK + grep verified · `wf_d482e10d-5dd` | `review-synthesis.md` ✓ (FLAT) | diff --git a/broadcasts/_index.md b/broadcasts/_index.md index 552bc21..5d96fac 100644 --- a/broadcasts/_index.md +++ b/broadcasts/_index.md @@ -26,3 +26,4 @@ | 2026-06-16 | 2026-06-16-se-to-ai_infra-harness-8-adopt-status | se → ai_infra | outbox/ai_infra | fa7f690d9ce6 | | 2026-06-17 | 2026-06-17-se-to-ai_infra-harness-9-adopt-report | se → ai_infra | outbox/ai_infra | 7c07b716e775 | | 2026-06-18 | 2026-06-18-se-to-ai_infra-harness-9-10-checklist-adopted | se → ai_infra | outbox/ai_infra | e5f09d57c22e | +| 2026-06-18 | 2026-06-18-se-to-ai_infra-harness-10-flat-refine-adopt-report | se → ai_infra | outbox/ai_infra | 5f511fe5c0f2 | diff --git a/broadcasts/outbox/ai_infra/2026-06-18-se-to-ai_infra-harness-10-flat-refine-adopt-report.md b/broadcasts/outbox/ai_infra/2026-06-18-se-to-ai_infra-harness-10-flat-refine-adopt-report.md new file mode 100644 index 0000000..c44d543 --- /dev/null +++ b/broadcasts/outbox/ai_infra/2026-06-18-se-to-ai_infra-harness-10-flat-refine-adopt-report.md @@ -0,0 +1,43 @@ +--- +id: 2026-06-18-se-to-ai_infra-harness-10-flat-refine-adopt-report +from: se +to: ai_infra +date: 2026-06-18 +re: 2026-06-18-Governance-checklist-harness-9-10-v2 + 2026-06-18-Governance-h10-flat-detector-refine +content_sha256: 5f511fe5c0f212271c563123c26e65dcefb08171465cef6b7394fc99d0ce5e49 +--- + +# [se → ai_infra] Adopt report — Harness-10 flat-refine + checklist-v2 (re-audit + fix) + +Chào anh và team AI_INFRA, + +SE vừa re-audit toàn bộ Harness-8 / 9 / 10 / 10-refine + checklist v1+v2 + hmw (sau khi phát hiện SE chưa theo kịp flat-refine mà các sister đã áp), fix các khoảng trống, theo đúng mandate Harness-9 PART-2 (hai workflow tách biệt + run-id). + +## Run-id (B3 — bằng chứng) +- **INVESTIGATE:** `wf_13868efb-ea7` (4× investigator-codebase, audit fidelity vs canonical) +- **IMPLEMENT:** `wf_ac43b5ff-7d1` (2× general-purpose file-disjoint + em-main single-writer cluster) +- **REVIEW:** `wf_d482e10d-5dd` (3× reviewer adversarial) + +## Nấc thật (honest, đo vs canonical) +- **Harness-8** (all-inherit): ✅ landed — 11/11 sub `model: inherit`. +- **Harness-9 PART A** (memory L2): ✅ substantially landed; **+A8 sleep-recovery-memory-l2 nay đã port** (trước thiếu). +- **Harness-9 PART B** (adap 2-workflow): ✅ landed (B1/B2/B2.5/B3 runtime; B4 convention-met, chưa có runtime instance). +- **Harness-10 + refine**: ✅ **MIGRATED subfolder→FLAT** (trước đây SE còn subfolder — đây là chỗ SE behind). hmw.js + 5 doc; 5 run cũ giữ subfolder, close-gate dual-accept (C8). 2 broadcast 06-18 đã adopt. +- **refine-b detector:** TAILORED-OUT (xem caveat). + +## Reverse-findings (B2.5) +1. **rename-migration audit phải grep runtime SCHEMA/contract-description strings**, không chỉ code-path + prose. Bắt được hmw.js có bản-sao path thứ-2 nằm trong schema field-description, lệch với operative variable (REVIEW-workflow bắt; IMPLEMENT self-assess đã sót). Đề xuất bổ sung vào floor: "rename X→Y" audit phải quét cả 3 chỗ path hay bị nhân-bản (operative var · comment · schema/contract-desc). +2. **ported-command §-anchor phải grep/ls-verify TRONG sister repo**, vì port re-home path khác nguồn (SE budget ở `agent-memory/`, design-doc AI_INFRA-only). Một §-cite ("wired ở session-start §2.1.2") = một claim wiring tồn-tại → phải grep-prove, đúng class 'wire BE' bug nhưng áp cho governance-doc. +3. **run-trace path-qualify:** SE để `runs/` ở `.claude/workflows/runs/` (không repo-root) → bare `git ls-files runs` trả 0 = kết-luận FALSE "không tracked"; phải path-qualify + exit-branch `check-ignore` (negation `!.claude/**` last-match-wins vô-hình khi đọc text .gitignore). Chính là bẫy báo-cáo S71 của SE đã vấp (đã tự sửa, mục caveat dưới). +4. **Raw Workflow tool KHÔNG mang writeGuard của `hmw.js`** (phát hiện ngay trong lần chạy này): SE chạy REVIEW qua Workflow tool trực-tiếp thay vì wrapper `hmw.js` → guard anti-self-write KHÔNG được inject → 1 sub `reviewer` theo charter "update MEMORY before return" tự ghi `agent-memory/reviewer/MEMORY.md` (+2850B, đẩy over-cap; N agent cùng-role = same-role-race trên 1 MEMORY chung). Em-main git-status containment-check sau workflow đã BẮT + revert (record đã ở run-trace, B3 restored). **Đề-xuất floor:** nêu rõ "chạy fan-out qua raw Workflow tool KHÔNG kế-thừa governance của project-wrapper (writeGuard/return-delta)" → hoặc bắt-buộc qua wrapper, hoặc replicate guard trong prompt. Đây là đúng class mà hmw.js RUN-TRACE writeGuard (S71) sinh ra để chặn, tái-phát khi bypass wrapper. + +## Honest caveats +- **Detector TAILORED-OUT (KHÔNG build):** SE chạy workflow qua Anthropic Workflow tool — KHÔNG có CLI-launcher để "lách" như hmw.js-CLI của AI_INFRA → bề-mặt engine-bypass gần như N/A; containment SE = git-diff + run-folder git-tracked + ledger orphan-scan (G-015). refine cũng nói detector là "chuyện nội bộ mỗi dự án tự quyết". SE **KHÔNG claim** đã adopt detector — đây là quyết định tailored có lý-lẽ, không phải né. **❓ Nếu AI_INFRA muốn mọi sister BẮT BUỘC có detector kể cả khi chạy qua Workflow-tool, xin báo rõ — SE sẽ dựng "untracked-run detector" nhẹ theo 3 chức năng.** +- **Dogfood B2 có giá trị thật:** review-workflow RIÊNG bắt 2 lỗi (schema-desc stale + auto-check overclaim) mà implement-self-assess bỏ sót → fix TRƯỚC commit. Mandate PART-2 (review tách biệt) hoạt động đúng như thiết kế. +- **1/4 auditor fail-no-StructuredOutput + 2 truncated** → em-main self-gate ground-truth từ đĩa (disclosed, valid per recovery-pattern). +- **B3 self-correction:** report S71 của SE cite path tắt `runs/` + count "14"; thật là `.claude/workflows/runs` = **22 file** ("14" đúng tại commit `8c47bd0` rồi tăng). Folder commit thật, chỉ path-string + count cũ sai — đã sửa. + +## Net +**0 production code.** State THẬT giữ nguyên: Mig 53 · 88 bảng · 306 test · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf`. 3 run-trace folder (audit/implement/review) git-tracked = bằng chứng truy được. adap-report đầy đủ: `docs/governance/adap-reports/2026-06-18-Governance-harness-10-flat-refine-checklist-v2.md`. + +— se diff --git a/docs/HANDOFF.md b/docs/HANDOFF.md index c37d5ed..811dc22 100644 --- a/docs/HANDOFF.md +++ b/docs/HANDOFF.md @@ -2,7 +2,22 @@ > **Tiering rule (S40):** giữ **2-3 session gần nhất**. Cũ hơn → `docs/changelog/sessions/`. Full brief history pre-S40 → `docs/_archive/HANDOFF-preS40-fullhistory.md`. -**Last updated:** 2026-06-18 (S71 — **Harness-10 adopt: tracked run-trace folder + checklist 9-10** — em main + 3 Workflow (invest `wf_9c2cd2cd-2e7` → implement `wf_e4e46725-231` → review `wf_636bc95b-939`) per mandate Harness-9 PART 2. **0 production code**. Migrate `.claude/workflows/wave-*/` gitignored → `runs//` **git-TRACKED** (run.md+sub-md/+harvest/) + `_ledger.md` 2-nhịp + 3-layer anti-miss (L1 em-main@P1 / L2 session-start orphan-scan / L3 session-end close-gate idempotent) + **containment shift** (Harness-2 B6 "mọi tracked-change=vi-phạm" → "tracked-change NGOÀI run-folder + code-disjoint=vi-phạm"). hmw.js wave→run-trace (accept `args.run` + alias `wave`, path `sub-md/`, `node --check` PARSE-OK). **Review độc-lập (R2+R3) bắt C5 L1 over-claim** (doc nói hmw.js prompt-builder emit L1 reminder, grep engine=0 → engine no-fs → fixed path-a: L1 = em-main @P1 convention) — dogfood mandate B2 đúng. checklist 9-10: Part A (Harness-9 memory) + B (adap 2-workflow) done S70, Part C (Harness-10) 8/8 MỚI. **State GIỮ NGUYÊN: Mig 53·88 bảng·306 test·68 gotcha·menu 54·bundle admin `BgNCjwsG`/user `CBvh0vtf`.** + CLAUDE.md test-flush 263→306 (resolve H1 stale). **🔴 NEXT (anh):** restart CLI (hmw.js RUN-TRACE runtime + carry §2.1.2/Cat-6/H8). Chi tiết → session log `2026-06-18-S71-harness-10-run-trace.md` (pending). **Prev S70 —** **Harness-9 adopt: L2 archive dark-matter recovery + adap 2-workflow mandate** — em main + 3 Workflow (investigate `wf_be952f3c-97f` → implement `wf_a58e0d15-beb` → audit `wf_9520d8cd-4fe`) + 2 monitor bootstrap. **0 production code** (governance/memory only, commit `f36aab8` pushed). 4 over-cap sub-agent curate L1→L2 + `archive/_INDEX.md` (mục-lục substring sha-keyed) + `.gist.md` (4-field distill-gen:1, verbatim FROZEN) → **cả 4 < 25KB auto-inject cap** (P1 curate-debt CLOSED; ~240KB archive hết RAG-dark). PART 2/3 process-mandate codify (adap-apply 2-workflow + agents/README Upgrade S70 + session-start §2.1.2). **0-byte-loss git+sha verified** (Stage C audit + em-main self-gate khi 2 reviewer no-StructuredOutput → recovery-path). +memory-budget.json (seed-by-measure) + measure-agent-memory.ps1 + .ragignore + doc-drift 4-cite flush. adap-report + email-back ai_infra (`7c07b716e775`). **State THẬT GIỮ NGUYÊN: Mig 53 · 88 bảng · 306 test · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf`.** **🔴 NEXT (anh):** restart CLI để activate session-start §2.1.2 budget-audit + pending H8 inherit + reviewer Cat-6. Chi tiết → session log `2026-06-17-S70-harness-9-l2-recovery.md`. **Prev S69 —** **Văn phòng số (E-Office) port + golive + PE cờ gấp/ngưỡng CCM — 4 deploy prod-verified Run #305→#308, HMW-mode ON, 2 workflow fan-out**: #305 foundation PURO (shared PageHeader/KpiCard/WidgetCard + Dashboard 2-cột + sync fe-admin index.css đóng drift S66-S68) → #306 **re-skin TRỌN 10 page** (PURO layout + CSS Hồ sơ NS, phẫu-thuật-giữ-100%-logic) → #307 **Office golive public** read+create **16-key allow-list mọi role** (mirror S65, chạy SAU revoke; excluded Off_PhongHop_Manage/Off_AttendanceReport/Off_ChamCong; cicd DB-verify 16/16×13 role) → #308 **PE cờ gấp PRO/CCM + CCM duyệt-final theo ngưỡng giá trị** Mig 53 (anh Kiệt FDC sau họp sếp). **State THẬT: Mig 53 · 88 bảng · 306 test (45D+261I) · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf` Run #308.** 2 gotcha NEW (**#67** Tailwind accent palette thiếu-stop vỡ-màu-im-lặng · **#68** stale-diagnostic-background-agent → chỉ tin build sau-cùng). 2 truncation #53 (impl-backend positional-record + impl-frontend) → em main recover-disk + self-gate. **🔴 NEXT (anh/anh Kiệt UAT):** (1) cấu hình "Ngưỡng giá trị gói CEO" trong Workflow Designer (null=luồng cũ) + test phiếu < ngưỡng → CCM duyệt là xong, ≥ ngưỡng → lên CEO; (2) test cờ gấp PRO(đỏ)/CCM(xanh) → badge + notify CEO; (3) **xác nhận:** quy trình đặt CCM(CostControl)-trước-CEO + CEO = role Director (đích notify). **C (sau duyệt → chuyển phiếu đến dự án) chờ anh Kiệt spec form.** **NEXT (em):** 🔴 curate cicd-monitor **65.2KB** (worst, trend tăng) + inv-codebase 47 + reviewer 43.5 over-cap · doc-flush docs/CLAUDE.md full. Chi tiết → session log `2026-06-17-S69-vanphong-golive-pe-urgent-threshold.md`. **Prev S68 —** **Hồ sơ NS header chi tiết NV: làm nổi bật + fix tên render đen→trắng** — em main solo, 3 commit (2 FE + 1 docs), 2 deploy prod-verified Run #303-304 (anh UAT realtime): badge màu theo trạng thái + dòng meta đậm + tên to/drop-shadow (#303 `6983609`) → anh báo "tên đen nền xanh ko nổi bật" → diagnose **rule `h1-h4{color:#0b1220}` viết NGOÀI `@layer` thắng `text-white`** (Tailwind v4 unlayered > all layers, **gotcha #66 NEW**, load-bearing ~30+ heading → fix ĐIỂM `text-white!` không move @layer) + thu nhỏ `text-lg` (#304 `37752eb`). Bootstrap: 2 monitor RE-REPORT CLEAN + 2 doc-drift fix (dep-audit 64→65 · root CLAUDE 263→286, `11bc96d`). **State THẬT: Mig 52 · 88 bảng · 286 test · 66 gotcha · menu 53 · bundle admin `CNUv1jxY`/user `CpOskeS1` Run #304.** ⚠️ curate-debt P1: cicd-monitor **44.1KB**. Chi tiết → session log `2026-06-16-S68-hoso-header-name-color-fix.md`. **Prev S67 —** **buổi sản phẩm LỚN, 6 deploy prod-verified Run #297→#302** (anh + anh Kiệt FDC UAT realtime, HMW-mode ON): fe-user Hồ sơ NS đồng nhất font + chữ đen→**xanh đậm `brand-800`** (#297) · **fe-admin mirror master-detail** + vá accent tokens index.css [đóng pending lớn nhất HRM go-live, page SHA256 ×2] (#298) · **+23 test-after HRM** → 263→**286** (#299) · **list flex-row gọn** [hết tràn ngang rail] + đồng nhất cỡ chữ ×2 (#300) · **PE Link hồ sơ auto-detect** web→hyperlink/`O:\`→Copy (#301) → **link `file://` bấm-thử** (#302). **Research 3-agent:** auto-mở `O:\` từ web = chỉ **Edge GPO `IntranetFileLinksEnabled`** (zero-per-machine) one-click thật; default chặn https→file://. **State THẬT: Mig 52 · 88 bảng · 286 test (45D+241I) · 65 gotcha · menu 53 · bundle admin `CcrZqfht`/user `DniDFUB_` Run #302.** test-specialist trunc #53→recover-disk; 0 prod bug. Chi tiết → session log `2026-06-16-S67-hoso-visual-pe-link-research.md`. **Prev S66 — session-end closeout em-main-solo:** adopt **Harness-8 all-inherit** (7 sub demoted `claude-opus-4-8`→`inherit` → cả 11=inherit, gỡ two-tier H4) + **cicd-monitor L1 curate 86.8→28.9KB** (byte-exact sed → `archive/2026-06.md`) + **ef-core skill doc-flush Mig 50→52** + check-email AI_INFRA (**0 thư mới se-directed**). ~17 file docs/gov/config, **0 production code** → state THẬT GIỮ NGUYÊN (Mig 52 · 88 bảng · 263 test · 65 gotcha · menu 53 · bundle `BDwV5d0X`/`DbVv6rsf`). ⚠️ **Restart CLI** → H8 runtime (frontmatter no hot-reload) + reviewer Cat-6. adap-report + email-back ai_infra (`fa7f690d` MATCH). Chi tiết → session log `2026-06-16-S66-closeout-harness8-cicd-curate.md`. **Prev S65 — HRM go-live: public Hồ sơ Nhân sự + trang master-detail giống NamGroup + Department hierarchy Mig 51 + PE Link hồ sơ Mig 52 + gốc cây SOLUTION COMPANY**, ~6 deploy prod-verified Run #289→#295, anh + anh Kiệt FDC UAT realtime. **State THẬT: Mig 52 · 88 bảng · 263 test (45D+218I) · 65 gotcha · menu 53 · bundle admin `BDwV5d0X`/user `DbVv6rsf` Run #295.** Workflow fan-out chạy THẬT lần đầu [PE] — BE∥FE parallel OK nhưng FE+reviewer return-rỗng #53 → em main recover-disk + self-gate. gotcha #65 [build csproj con ≠ slnx → CS7036]. Chi tiết → session log `2026-06-16-S65-hrm-golive-employee-masterdetail-pe-link.md`. **Prev S64** adopt **Harness-7 writing-quality floor** qua `/adap-apply` + email ai_infra — em main solo, 1 commit `6afde19` docs/gov-only. Outward comms = tiếng Việt câu-hoàn-chỉnh; nội bộ giữ nén (asymmetric). reviewer +Category 6 (verified-pending-restart → cần restart CLI). Broadcast body-hash verified KHÔNG mis-stamp (gotcha #61 UTF-8). Prev S63 docs-closeout bù S60/S61/S62 — 3 session product ship CODE prod-verified nhưng KHÔNG closeout docs (UAT realtime anh Kiệt FDC). **State THẬT: Mig 50 · 88 bảng · 263 test · 64 gotcha · menu 53 · bundle admin `0xKYGhhf`/user `C81ZdG9G` Run #286.** S60-62 = PE ràng buộc gửi-duyệt + gỡ "Từ chối" (S60) · Mig 50 ngân sách per-gói-thầu Excel anh Kiệt + XÓA module Budget cũ (S61) · vượt-NS cảnh-báo-mềm (S62). Reconcile stray reviewer cwd-misland + count-flush 4 file. Chi tiết → session log `2026-06-12-S60-S62-pe-budget-workitem-softwarning.md`. Prev Session 59 ( **6 đợt ship prod-verified Run #273→#278**: wipe transactional testing data (10 PE + 7 HĐ demo + 64 notif = 0, mã reset → phiếu thật đầu tiên team tạo = **PE/2026/A/001** ✓) `56882ac` #273 · PE tree Panel 1 chốt 4 tầng **Năm > Dự án > Hạng mục > Phiếu** `0eafcd3` #274 · dọn 15 mã hạng mục demo "tự đẻ" (chị Trà Sol) + gỡ seed gốc, WorkItems 86→**71** `bbd1554` #275 · **rename 71 mã đúng format PMH anh Kiệt** (`MAT-n`/`SUB-n`/`MEP-SUB-n`/`MEP-EQU-n` + tên "STT nhóm tên"; **DB-trước-code-sau** gotcha #62 + sqlcmd `-f 65001` gotcha #61) `c869d26` #276 · UAT vòng 1: NEW `ui/SearchableSelect` gõ-lọc bỏ dấu (Hạng mục/Dự án) + auto Địa điểm + điều khoản đa dòng `faed59f` #277 · UAT vòng 2 (anh chốt ×2): ẩn Trả lại/Từ chối khi tự duyệt phiếu mình soạn + quick-add NCC ngay form (POST /suppliers any-auth, authz probe 4/4) + NCC gõ-tìm A-Z + upload multi-file `9c330d2` #278 · UAT vòng 3-6 realtime (#279/#281 cancelled-supersede-benign): bảng NCC table-fixed `f21c55d` + bỏ ô Tên ngân sách `69997da` #280 + GỠ field Điều khoản TT mọi form `80b64dd` + bỏ nút Thêm hạng mục `792c030` **#282 FINAL**. Tổng 10 đợt (8 PASS + 2 cancelled-benign). Bundle FINAL admin **`B1DtNT9C`**/user **`D6uF3Mln`**. Test 240. Gotchas 62. 0/14 spawn truncated. → session log `2026-06-11-S59-wipe-tree-pmh-uat-batch.md`. Prev S58 — **5 đợt prod-verified Run #382/#383/#384/#386** (#385 cancelled-supersede-benign): lock-demo-user fix (việc sếp deadline 15:00 ĐÓNG TRỌN — gotcha #60/E-008/AS-12, root cause password 11<12 từng phát hiện S22 nhưng const không fix) + tạm ẩn HRM/Office/Cá nhân + Danh mục cuối (`6c5fd26` #383) + **fe-user redesign theo UI/UX guide AI_INFRA giữ brand** (`e959f72` #384) + **brand polish ×2 app "thấy rõ"** (`ea793a4`: stripe 4px đỉnh + thead brand) + **PE gộp Tên-gói-thầu = chọn Hạng-mục** (anh Kiệt FDC chốt, `3ebaf84` #386 — bundle final admin `DMm9rtNA`/user `BUkOMn_Y`). Email AI_INFRA processed (guide + ACK H4 ACCEPT). Test **240**. → session log `2026-06-11-S58-lock-fix-hide-modules-redesign-pe-merge.md`. Root cause 2 tầng: lock-list = population Dev-only + `DemoUserPassword` 11 ký tự < prod RequiredLength=12 → CreateAsync silent-fail từ trước tới giờ (= "helpdesk inert" S56). Fix union 20 UAT email + password 12 ký tự → prod 55 user/34 locked, nv.cao+nv.truong sống, 5 real staff tạo. gotcha #59+#60. Commit `5998163`. Prev S57bis — **PE gắn Hạng mục (Mig 49) + Pe all-role + menu Cá nhân + Harness-4 runtime-VERIFIED**. Test 228→**240**. Bundle `CP4CB1ym`/`BmZ3VHnm`. Commit `17b23a4`+`dd117b7` → Run #381 PASS+1PARTIAL (lock NO-OP → RESOLVED S58). Prev S56 — **Pre-golive verify sweep + golive-harden 4 fix — Run #379 PASS, code golive-ready**. WF1 `pre-golive-verify` 7-stream + adversarial → 6 PASS/1 CONCERN/0 blocker = GO (key finds = ops not code). WF2 `golive-harden` fix 4: #3 LeaveBalance lost-update→atomic ExecuteUpdate+Serializable tx (NO mig) · #5 ItTicket authz Forbidden-trước-NotFound · #6 DocxRenderer null-guard · #4 Travel/Vehicle ApproveV2 tests. Test 216→**228**. Bundle FROZEN `4SUwDLD8`/`XdKzt9LL`. `sys.tables` re-ground 92→**93**. gotcha **#58** NEW. reviewer StructuredOutput-fail→em main đỡ. **2 ops VPS pending** (gán user IT + tzutil UTC+7). FE Phase 2 redesign **deferred** (recon ready). Commit `a20cde8`. Prev S55 — **Nạp master data thật từ Excel (62 dự án + 71 hạng mục + 3 NCC) + Project +4 cột (Mig 48) — prod-verified**. HMW-mode ON. Commit `69cb393` → Run #377 PASS ~4m33s. Test 216 (compile-fix only). Bundle admin `B-d6893W`/user `XdKzt9LL`. `SeedRealMasterDataAsync` ungated idempotent → coexist demo. 2 agent return truncated (BE+reviewer) → em main disk/runtime-recover. Prev S54 — IT staff tự reassign ticket (cross-stack authz) — prod-verified. 1 code commit `ca4b602` → Run #376 PASS ~4m18s. Test 203→**216**. Bundle admin `DfCfHUE9`→`DmjI8Cmn`/user `_3S0BPJ2`→`YxL_MljK` (cả 2 rotate). NO migration. Task 1 Phase 9 Ops anh dừng. ⚠️ residual: 3 agent ghi MEMORY nhầm `src/Backend/.claude` → em main reconcile. Prev S53: gotcha #57 EXT Master Mig 47 + P11-D/E + database-agent verified-runtime.) +**Last updated:** 2026-06-18 (S72 — **Harness-10 flat-refine + checklist-v2 adopt (re-audit 3-workflow) + sleep NO-OP** — audit `wf_13868efb-ea7` → implement `wf_ac43b5ff-7d1` → review `wf_d482e10d-5dd` (Harness-9 B1+B2). SE BEHIND flat → migrate run-trace SUBFOLDER→FLAT (hmw.js:103 + 5 doc; 5 run cũ giữ subfolder C8) + 2 broadcast 06-18 adopt + `/sleep-recovery-memory-l2` port (A8) + detector TAILORED-OUT + hmw.js H4.5→H8 doc-drift. **REVIEW (B2) bắt 2 lỗi IMPLEMENT-self-assess sót** (hmw.js:52 schema-stale + auto-check overclaim) → fixed (auto-check WIRED thật). em-main containment-check tự bắt reviewer residual-write (raw-Workflow no-writeGuard) → revert. B3 self-correct (runs path/count 14→22). Sleep `all`=NO-OP. **0 prod code, state GIỮ NGUYÊN.** adap-report + email ai_infra (`5f511fe5c0f2`). **🔴 NEXT (anh):** restart CLI (FLAT-runtime hmw.js + wired sleep-check + sleep-recovery skill). **🔴 NEXT (em):** curate investigator-codebase L1 28973 OVER + watch FD/test-spec. Chi tiết → session log `2026-06-18-S72-harness-10-flat-refine.md`. **Prev S71 — Harness-10 adopt: tracked run-trace folder + checklist 9-10** — em main + 3 Workflow (invest `wf_9c2cd2cd-2e7` → implement `wf_e4e46725-231` → review `wf_636bc95b-939`) per mandate Harness-9 PART 2. **0 production code**. Migrate `.claude/workflows/wave-*/` gitignored → `runs//` **git-TRACKED** (run.md+sub-md/+harvest/) + `_ledger.md` 2-nhịp + 3-layer anti-miss (L1 em-main@P1 / L2 session-start orphan-scan / L3 session-end close-gate idempotent) + **containment shift** (Harness-2 B6 "mọi tracked-change=vi-phạm" → "tracked-change NGOÀI run-folder + code-disjoint=vi-phạm"). hmw.js wave→run-trace (accept `args.run` + alias `wave`, path `sub-md/`, `node --check` PARSE-OK). **Review độc-lập (R2+R3) bắt C5 L1 over-claim** (doc nói hmw.js prompt-builder emit L1 reminder, grep engine=0 → engine no-fs → fixed path-a: L1 = em-main @P1 convention) — dogfood mandate B2 đúng. checklist 9-10: Part A (Harness-9 memory) + B (adap 2-workflow) done S70, Part C (Harness-10) 8/8 MỚI. **State GIỮ NGUYÊN: Mig 53·88 bảng·306 test·68 gotcha·menu 54·bundle admin `BgNCjwsG`/user `CBvh0vtf`.** + CLAUDE.md test-flush 263→306 (resolve H1 stale). **🔴 NEXT (anh):** restart CLI (hmw.js RUN-TRACE runtime + carry §2.1.2/Cat-6/H8). Chi tiết → session log `2026-06-18-S71-harness-10-run-trace.md` (pending). **Prev S70 —** **Harness-9 adopt: L2 archive dark-matter recovery + adap 2-workflow mandate** — em main + 3 Workflow (investigate `wf_be952f3c-97f` → implement `wf_a58e0d15-beb` → audit `wf_9520d8cd-4fe`) + 2 monitor bootstrap. **0 production code** (governance/memory only, commit `f36aab8` pushed). 4 over-cap sub-agent curate L1→L2 + `archive/_INDEX.md` (mục-lục substring sha-keyed) + `.gist.md` (4-field distill-gen:1, verbatim FROZEN) → **cả 4 < 25KB auto-inject cap** (P1 curate-debt CLOSED; ~240KB archive hết RAG-dark). PART 2/3 process-mandate codify (adap-apply 2-workflow + agents/README Upgrade S70 + session-start §2.1.2). **0-byte-loss git+sha verified** (Stage C audit + em-main self-gate khi 2 reviewer no-StructuredOutput → recovery-path). +memory-budget.json (seed-by-measure) + measure-agent-memory.ps1 + .ragignore + doc-drift 4-cite flush. adap-report + email-back ai_infra (`7c07b716e775`). **State THẬT GIỮ NGUYÊN: Mig 53 · 88 bảng · 306 test · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf`.** **🔴 NEXT (anh):** restart CLI để activate session-start §2.1.2 budget-audit + pending H8 inherit + reviewer Cat-6. Chi tiết → session log `2026-06-17-S70-harness-9-l2-recovery.md`. **Prev S69 —** **Văn phòng số (E-Office) port + golive + PE cờ gấp/ngưỡng CCM — 4 deploy prod-verified Run #305→#308, HMW-mode ON, 2 workflow fan-out**: #305 foundation PURO (shared PageHeader/KpiCard/WidgetCard + Dashboard 2-cột + sync fe-admin index.css đóng drift S66-S68) → #306 **re-skin TRỌN 10 page** (PURO layout + CSS Hồ sơ NS, phẫu-thuật-giữ-100%-logic) → #307 **Office golive public** read+create **16-key allow-list mọi role** (mirror S65, chạy SAU revoke; excluded Off_PhongHop_Manage/Off_AttendanceReport/Off_ChamCong; cicd DB-verify 16/16×13 role) → #308 **PE cờ gấp PRO/CCM + CCM duyệt-final theo ngưỡng giá trị** Mig 53 (anh Kiệt FDC sau họp sếp). **State THẬT: Mig 53 · 88 bảng · 306 test (45D+261I) · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf` Run #308.** 2 gotcha NEW (**#67** Tailwind accent palette thiếu-stop vỡ-màu-im-lặng · **#68** stale-diagnostic-background-agent → chỉ tin build sau-cùng). 2 truncation #53 (impl-backend positional-record + impl-frontend) → em main recover-disk + self-gate. **🔴 NEXT (anh/anh Kiệt UAT):** (1) cấu hình "Ngưỡng giá trị gói CEO" trong Workflow Designer (null=luồng cũ) + test phiếu < ngưỡng → CCM duyệt là xong, ≥ ngưỡng → lên CEO; (2) test cờ gấp PRO(đỏ)/CCM(xanh) → badge + notify CEO; (3) **xác nhận:** quy trình đặt CCM(CostControl)-trước-CEO + CEO = role Director (đích notify). **C (sau duyệt → chuyển phiếu đến dự án) chờ anh Kiệt spec form.** **NEXT (em):** 🔴 curate cicd-monitor **65.2KB** (worst, trend tăng) + inv-codebase 47 + reviewer 43.5 over-cap · doc-flush docs/CLAUDE.md full. Chi tiết → session log `2026-06-17-S69-vanphong-golive-pe-urgent-threshold.md`. **Prev S68 —** **Hồ sơ NS header chi tiết NV: làm nổi bật + fix tên render đen→trắng** — em main solo, 3 commit (2 FE + 1 docs), 2 deploy prod-verified Run #303-304 (anh UAT realtime): badge màu theo trạng thái + dòng meta đậm + tên to/drop-shadow (#303 `6983609`) → anh báo "tên đen nền xanh ko nổi bật" → diagnose **rule `h1-h4{color:#0b1220}` viết NGOÀI `@layer` thắng `text-white`** (Tailwind v4 unlayered > all layers, **gotcha #66 NEW**, load-bearing ~30+ heading → fix ĐIỂM `text-white!` không move @layer) + thu nhỏ `text-lg` (#304 `37752eb`). Bootstrap: 2 monitor RE-REPORT CLEAN + 2 doc-drift fix (dep-audit 64→65 · root CLAUDE 263→286, `11bc96d`). **State THẬT: Mig 52 · 88 bảng · 286 test · 66 gotcha · menu 53 · bundle admin `CNUv1jxY`/user `CpOskeS1` Run #304.** ⚠️ curate-debt P1: cicd-monitor **44.1KB**. Chi tiết → session log `2026-06-16-S68-hoso-header-name-color-fix.md`. **Prev S67 —** **buổi sản phẩm LỚN, 6 deploy prod-verified Run #297→#302** (anh + anh Kiệt FDC UAT realtime, HMW-mode ON): fe-user Hồ sơ NS đồng nhất font + chữ đen→**xanh đậm `brand-800`** (#297) · **fe-admin mirror master-detail** + vá accent tokens index.css [đóng pending lớn nhất HRM go-live, page SHA256 ×2] (#298) · **+23 test-after HRM** → 263→**286** (#299) · **list flex-row gọn** [hết tràn ngang rail] + đồng nhất cỡ chữ ×2 (#300) · **PE Link hồ sơ auto-detect** web→hyperlink/`O:\`→Copy (#301) → **link `file://` bấm-thử** (#302). **Research 3-agent:** auto-mở `O:\` từ web = chỉ **Edge GPO `IntranetFileLinksEnabled`** (zero-per-machine) one-click thật; default chặn https→file://. **State THẬT: Mig 52 · 88 bảng · 286 test (45D+241I) · 65 gotcha · menu 53 · bundle admin `CcrZqfht`/user `DniDFUB_` Run #302.** test-specialist trunc #53→recover-disk; 0 prod bug. Chi tiết → session log `2026-06-16-S67-hoso-visual-pe-link-research.md`. **Prev S66 — session-end closeout em-main-solo:** adopt **Harness-8 all-inherit** (7 sub demoted `claude-opus-4-8`→`inherit` → cả 11=inherit, gỡ two-tier H4) + **cicd-monitor L1 curate 86.8→28.9KB** (byte-exact sed → `archive/2026-06.md`) + **ef-core skill doc-flush Mig 50→52** + check-email AI_INFRA (**0 thư mới se-directed**). ~17 file docs/gov/config, **0 production code** → state THẬT GIỮ NGUYÊN (Mig 52 · 88 bảng · 263 test · 65 gotcha · menu 53 · bundle `BDwV5d0X`/`DbVv6rsf`). ⚠️ **Restart CLI** → H8 runtime (frontmatter no hot-reload) + reviewer Cat-6. adap-report + email-back ai_infra (`fa7f690d` MATCH). Chi tiết → session log `2026-06-16-S66-closeout-harness8-cicd-curate.md`. **Prev S65 — HRM go-live: public Hồ sơ Nhân sự + trang master-detail giống NamGroup + Department hierarchy Mig 51 + PE Link hồ sơ Mig 52 + gốc cây SOLUTION COMPANY**, ~6 deploy prod-verified Run #289→#295, anh + anh Kiệt FDC UAT realtime. **State THẬT: Mig 52 · 88 bảng · 263 test (45D+218I) · 65 gotcha · menu 53 · bundle admin `BDwV5d0X`/user `DbVv6rsf` Run #295.** Workflow fan-out chạy THẬT lần đầu [PE] — BE∥FE parallel OK nhưng FE+reviewer return-rỗng #53 → em main recover-disk + self-gate. gotcha #65 [build csproj con ≠ slnx → CS7036]. Chi tiết → session log `2026-06-16-S65-hrm-golive-employee-masterdetail-pe-link.md`. **Prev S64** adopt **Harness-7 writing-quality floor** qua `/adap-apply` + email ai_infra — em main solo, 1 commit `6afde19` docs/gov-only. Outward comms = tiếng Việt câu-hoàn-chỉnh; nội bộ giữ nén (asymmetric). reviewer +Category 6 (verified-pending-restart → cần restart CLI). Broadcast body-hash verified KHÔNG mis-stamp (gotcha #61 UTF-8). Prev S63 docs-closeout bù S60/S61/S62 — 3 session product ship CODE prod-verified nhưng KHÔNG closeout docs (UAT realtime anh Kiệt FDC). **State THẬT: Mig 50 · 88 bảng · 263 test · 64 gotcha · menu 53 · bundle admin `0xKYGhhf`/user `C81ZdG9G` Run #286.** S60-62 = PE ràng buộc gửi-duyệt + gỡ "Từ chối" (S60) · Mig 50 ngân sách per-gói-thầu Excel anh Kiệt + XÓA module Budget cũ (S61) · vượt-NS cảnh-báo-mềm (S62). Reconcile stray reviewer cwd-misland + count-flush 4 file. Chi tiết → session log `2026-06-12-S60-S62-pe-budget-workitem-softwarning.md`. Prev Session 59 ( **6 đợt ship prod-verified Run #273→#278**: wipe transactional testing data (10 PE + 7 HĐ demo + 64 notif = 0, mã reset → phiếu thật đầu tiên team tạo = **PE/2026/A/001** ✓) `56882ac` #273 · PE tree Panel 1 chốt 4 tầng **Năm > Dự án > Hạng mục > Phiếu** `0eafcd3` #274 · dọn 15 mã hạng mục demo "tự đẻ" (chị Trà Sol) + gỡ seed gốc, WorkItems 86→**71** `bbd1554` #275 · **rename 71 mã đúng format PMH anh Kiệt** (`MAT-n`/`SUB-n`/`MEP-SUB-n`/`MEP-EQU-n` + tên "STT nhóm tên"; **DB-trước-code-sau** gotcha #62 + sqlcmd `-f 65001` gotcha #61) `c869d26` #276 · UAT vòng 1: NEW `ui/SearchableSelect` gõ-lọc bỏ dấu (Hạng mục/Dự án) + auto Địa điểm + điều khoản đa dòng `faed59f` #277 · UAT vòng 2 (anh chốt ×2): ẩn Trả lại/Từ chối khi tự duyệt phiếu mình soạn + quick-add NCC ngay form (POST /suppliers any-auth, authz probe 4/4) + NCC gõ-tìm A-Z + upload multi-file `9c330d2` #278 · UAT vòng 3-6 realtime (#279/#281 cancelled-supersede-benign): bảng NCC table-fixed `f21c55d` + bỏ ô Tên ngân sách `69997da` #280 + GỠ field Điều khoản TT mọi form `80b64dd` + bỏ nút Thêm hạng mục `792c030` **#282 FINAL**. Tổng 10 đợt (8 PASS + 2 cancelled-benign). Bundle FINAL admin **`B1DtNT9C`**/user **`D6uF3Mln`**. Test 240. Gotchas 62. 0/14 spawn truncated. → session log `2026-06-11-S59-wipe-tree-pmh-uat-batch.md`. Prev S58 — **5 đợt prod-verified Run #382/#383/#384/#386** (#385 cancelled-supersede-benign): lock-demo-user fix (việc sếp deadline 15:00 ĐÓNG TRỌN — gotcha #60/E-008/AS-12, root cause password 11<12 từng phát hiện S22 nhưng const không fix) + tạm ẩn HRM/Office/Cá nhân + Danh mục cuối (`6c5fd26` #383) + **fe-user redesign theo UI/UX guide AI_INFRA giữ brand** (`e959f72` #384) + **brand polish ×2 app "thấy rõ"** (`ea793a4`: stripe 4px đỉnh + thead brand) + **PE gộp Tên-gói-thầu = chọn Hạng-mục** (anh Kiệt FDC chốt, `3ebaf84` #386 — bundle final admin `DMm9rtNA`/user `BUkOMn_Y`). Email AI_INFRA processed (guide + ACK H4 ACCEPT). Test **240**. → session log `2026-06-11-S58-lock-fix-hide-modules-redesign-pe-merge.md`. Root cause 2 tầng: lock-list = population Dev-only + `DemoUserPassword` 11 ký tự < prod RequiredLength=12 → CreateAsync silent-fail từ trước tới giờ (= "helpdesk inert" S56). Fix union 20 UAT email + password 12 ký tự → prod 55 user/34 locked, nv.cao+nv.truong sống, 5 real staff tạo. gotcha #59+#60. Commit `5998163`. Prev S57bis — **PE gắn Hạng mục (Mig 49) + Pe all-role + menu Cá nhân + Harness-4 runtime-VERIFIED**. Test 228→**240**. Bundle `CP4CB1ym`/`BmZ3VHnm`. Commit `17b23a4`+`dd117b7` → Run #381 PASS+1PARTIAL (lock NO-OP → RESOLVED S58). Prev S56 — **Pre-golive verify sweep + golive-harden 4 fix — Run #379 PASS, code golive-ready**. WF1 `pre-golive-verify` 7-stream + adversarial → 6 PASS/1 CONCERN/0 blocker = GO (key finds = ops not code). WF2 `golive-harden` fix 4: #3 LeaveBalance lost-update→atomic ExecuteUpdate+Serializable tx (NO mig) · #5 ItTicket authz Forbidden-trước-NotFound · #6 DocxRenderer null-guard · #4 Travel/Vehicle ApproveV2 tests. Test 216→**228**. Bundle FROZEN `4SUwDLD8`/`XdKzt9LL`. `sys.tables` re-ground 92→**93**. gotcha **#58** NEW. reviewer StructuredOutput-fail→em main đỡ. **2 ops VPS pending** (gán user IT + tzutil UTC+7). FE Phase 2 redesign **deferred** (recon ready). Commit `a20cde8`. Prev S55 — **Nạp master data thật từ Excel (62 dự án + 71 hạng mục + 3 NCC) + Project +4 cột (Mig 48) — prod-verified**. HMW-mode ON. Commit `69cb393` → Run #377 PASS ~4m33s. Test 216 (compile-fix only). Bundle admin `B-d6893W`/user `XdKzt9LL`. `SeedRealMasterDataAsync` ungated idempotent → coexist demo. 2 agent return truncated (BE+reviewer) → em main disk/runtime-recover. Prev S54 — IT staff tự reassign ticket (cross-stack authz) — prod-verified. 1 code commit `ca4b602` → Run #376 PASS ~4m18s. Test 203→**216**. Bundle admin `DfCfHUE9`→`DmjI8Cmn`/user `_3S0BPJ2`→`YxL_MljK` (cả 2 rotate). NO migration. Task 1 Phase 9 Ops anh dừng. ⚠️ residual: 3 agent ghi MEMORY nhầm `src/Backend/.claude` → em main reconcile. Prev S53: gotcha #57 EXT Master Mig 47 + P11-D/E + database-agent verified-runtime.) + +--- + +## S72 (2026-06-18) — Harness-10 flat-refine + checklist-v2 adopt (re-audit 3-workflow) + sleep NO-OP (em main + 9 sub, 0 production code) + +**Anh:** `/session-start` → "trí nhớ thay đổi lớn" + `/sleep-recovery-memory-l2` báo Unknown → "double check hết harness 8/9/10/10-refine + checklist + hmw, điều chỉnh, report trung thực" → `/sleep-recovery-memory-l2 all` + `/session-end`. + +**Done:** 3-stage workflow (audit `wf_13868efb-ea7` → implement `wf_ac43b5ff-7d1` → review `wf_d482e10d-5dd`, Harness-9 B1+B2). SE BEHIND Harness-10 flat → migrate run-trace SUBFOLDER→FLAT (hmw.js `:103`+`:52` + workflows/README + runs/README + session-start/end + agents/README + _ledger; 5 run cũ giữ subfolder C8) + 2 broadcast 06-18 adopt + `/sleep-recovery-memory-l2` port (A8, §J2-tailored SE-only) + detector TAILORED-OUT + hmw.js H4.5→H8. REVIEW bắt 2 (schema-stale + auto-wire overclaim) → fixed (auto-check WIRED: budget.json+session-start/end). 1 reviewer residual-write self-caught+revert (reverse-finding #4, raw-Workflow≠wrapper-guard). B3 self-correct (runs path 14→22). Sleep `all`=NO-OP. adap-report `2026-06-18-Governance-harness-10-flat-refine-checklist-v2` + email (`5f511fe5c0f2`). + +**🔴 NEXT SESSION:** +- **⚠️ RESTART CLI (đầu việc):** activate FLAT-runtime `hmw.js` (`:103` flat path) + wired sleep-check (`session-start §2.1.2` + `session-end §L.b(c)`) + `/sleep-recovery-memory-l2` skill. + carry (S66/S70) reviewer Cat-6 + H8-inherit. Sau restart spawn-test confirm. +- **🔴 curate `investigator-codebase` L1 = 28973 OVER cap** (audit-trail S71/S72) → L1→L2 (move oldest Recent-activity → `archive/2026-06.md` + `_INDEX`). Watch: frontend-designer 24004 + test-specialist 23919 + cicd 23653 near-cap (FD/test-spec **chưa có archive** → first-overflow phải build `_INDEX`/gist). `budget.json` measured STALE → re-run `scripts/measure-agent-memory.ps1`. +- **Pending product (anh/anh Kiệt — carry S69):** cấu hình "Ngưỡng giá trị gói CEO" Designer + test cờ gấp PE PRO/CCM; "C" chuyển phiếu→dự án chờ spec form. **Ops giữ S58/S59:** tzutil VPS · anh Chương email typo · 5 real-staff pw `User@1234567` · gán CNTT lock nv.cao/nv.truong. +- **Monthly audit 2026-07-01:** STATUS/HANDOFF re-tier (trim S68↓→logs) · docs/CLAUDE deep-doc count-flush (gotcha 58→68 · 93→88 tables · Budget-removed) + schema §16+ Mig 32-53. +- **Cert** `api.solutions.com.vn` ~2026-07-23 (auto-renew ~06-23). --- diff --git a/docs/STATUS.md b/docs/STATUS.md index c232636..14b143b 100644 --- a/docs/STATUS.md +++ b/docs/STATUS.md @@ -3,7 +3,7 @@ > **Update rule:** trước khi bắt đầu 1 task → ghi row `🔥 In Progress`. Xong → `✅ Recently Done`. > **Tiering rule (S40):** chỉ giữ **state hiện tại + 3 session gần nhất** ở file này. Session cũ hơn → `docs/changelog/sessions/`. Full history pre-S40 → `docs/_archive/STATUS-preS40-fullhistory.md`. (Tránh over-context — xóa double, không cắt nội dung.) -**Last updated:** 2026-06-18 (S71 — **Harness-10 adopt: tracked run-trace folder convention + checklist 9-10 self-verify** — em main + 3 Workflow (invest `wf_9c2cd2cd-2e7` → implement `wf_e4e46725-231` → review `wf_636bc95b-939`) theo mandate Harness-9 PART 2. **0 production code** (governance/workflow only). Migrate `.claude/workflows/wave-*/` gitignored → `runs//` **git-TRACKED** (run.md + sub-md/ + harvest/) + `_ledger.md` 2-nhịp + 3-layer anti-miss (L1 em-main@P1 ledger-check / L2 session-start orphan-scan / L3 session-end close-gate **idempotent-VERIFY-not-re-APPEND**) + **containment model shift** (Harness-2 B6 "mọi tracked-change=vi-phạm" → Harness-10 "tracked-change NGOÀI run-folder + code-disjoint=vi-phạm"; run-folder TRACKED → HIỆN git-diff = audit trực-tiếp). hmw.js wave→run-trace (accept `args.run`, alias `wave`; path `sub-md/`; `node --check` PARSE-OK). **Review độc-lập (R2+R3) bắt C5 L1 over-claim** (doc nói hmw.js prompt-builder emit L1 reminder nhưng grep engine=0 → engine no-fs → fixed path-a: L1 = em-main @P1 convention) — dogfood mandate B2 đúng (1-workflow-tự-chấm sẽ bỏ sót). **checklist 9-10:** Part A (Harness-9 memory) + Part B (adap 2-workflow) Đà done S70; Part C (Harness-10) MỚI 8/8. dogfood: 3 run-trace folder TRACKED đầu + 3 entry ledger. adap-report `2026-06-18-Governance-checklist-harness-9-10` + email ai_infra. **State THẬT GIỮ NGUYÊN: Mig 53 · 88 bảng · 306 test · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf`.** + `CLAUDE.md` test-flush 263→306 (pre-existing uncommitted, resolve H1 stale-flag). ⚠️ restart CLI activate hmw.js RUN-TRACE runtime + (carry S66/S70) §2.1.2 budget-audit/reviewer-Cat-6/H8-inherit. ✅ **curate-debt CLOSED S71** (FINALIZE double-check `wf_73de399d-753` + curate `wf_f32987b8-03f`): reviewer 36.7→24.8KB + investigator 29.8→23.2KB (both <25600 cap, archive +N -0 0-byte-loss) + reviewer-gist gen:2 + 3 user-memory G2/G3 + budget.json re-measure. Race root-cause fixed cấu-trúc (hmw.js RUN-TRACE writeGuard). → session log `2026-06-18-S71-harness-10-run-trace.md` (pending). **Prev S70** — **Harness-9 adopt: L2 archive dark-matter recovery + adap 2-workflow mandate** — em main + 3 Workflow (investigate `wf_be952f3c-97f` → implement `wf_a58e0d15-beb` → audit `wf_9520d8cd-4fe`) + 2 monitor bootstrap. **0 production code** (governance/memory only, commit `f36aab8` pushed). 4 over-cap sub-agent (cicd-monitor/investigator-codebase/reviewer/implementer-backend) curate L1→L2 + `archive/_INDEX.md` (mục-lục con-trỏ **substring sha-keyed**, Ctrl-F fallback) + `.gist.md` (nén 4-field distill-gen:1, verbatim FROZEN) → **cả 4 < 25KB auto-inject cap** (P1 curate-debt CLOSED; ~240KB archive hết RAG-dark). PART 2/3 process-mandate codify (adap-apply + agents/README Upgrade S70 + session-start §2.1.2 budget-audit). **0-byte-loss git+sha verified** (Stage C audit + em-main self-gate khi 2 reviewer no-StructuredOutput). +`memory-budget.json` (seed-by-measure) + `scripts/measure-agent-memory.ps1` + `.ragignore` + doc-drift 4-cite flush. adap-report + email-back ai_infra (body-hash `7c07b716e775`). **State THẬT GIỮ NGUYÊN: Mig 53 · 88 bảng · 306 test · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf`.** ⚠️ restart CLI để activate session-start §2.1.2 + pending H8 inherit + reviewer Cat-6. → session log `2026-06-17-S70-harness-9-l2-recovery.md`. **Prev S69** — **Văn phòng số (E-Office) port + golive + PE cờ gấp/ngưỡng CCM — 4 deploy prod-verified Run #305→#308, HMW-mode ON, 2 workflow fan-out + ~14 spawn**: foundation PURO (shared PageHeader/KpiCard/WidgetCard + Dashboard 2-cột + sync fe-admin index.css đóng drift S66-S68) #305 → **re-skin TRỌN 10 page** PURO layout + CSS Hồ sơ NS, phẫu-thuật-giữ-100%-logic (reviewer verify api/queryKey byte-identical) #306 → **Office golive public** `SeedAllRolesOfficeModulePermissionsAsync` read+create 16-key allow-list mọi role (mirror S65 pattern, chạy SAU revoke; excluded Off_PhongHop_Manage/Off_AttendanceReport/Off_ChamCong giữ ẩn; cicd DB-verify 16/16×13 role) #307 → **PE cờ gấp PRO/CCM + CCM duyệt-final theo ngưỡng giá trị** Mig 53 (anh Kiệt FDC sau họp sếp) #308. **State THẬT: Mig 53 · 88 bảng · 306 test (45D+261I) · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf` Run #308.** 2 gotcha NEW (**#67** Tailwind accent palette thiếu-stop vỡ-màu-im-lặng · **#68** stale-diagnostic-background-agent). 2 truncation #53 (impl-backend positional-record + impl-frontend) → em main recover-disk + self-gate (cả 2 build PASS sau-cùng). C (sau duyệt → chuyển phiếu đến dự án) chờ anh Kiệt spec form. → session log `2026-06-17-S69-vanphong-golive-pe-urgent-threshold.md`. **Prev S68** — **Hồ sơ NS header chi tiết NV: làm nổi bật + fix tên render đen→trắng** — em main solo, 3 commit (2 FE `6983609`+`37752eb` · 1 docs `11bc96d`), 2 deploy prod-verified Run #303-304 (anh UAT realtime): tên `text-xl extrabold`+drop-shadow · dòng meta `text-[13px] font-medium` trắng-đậm · badge pill **màu theo trạng thái** (#303); anh báo "tên đen nền xanh ko nổi bật" → diagnose **rule `h1-h4{color:#0b1220}` viết NGOÀI `@layer` thắng `text-white`** (Tailwind v4 unlayered > all layers, **gotcha #66 NEW**) → ép `text-white!` + thu nhỏ `text-lg` (#304, grep dist confirm `!important`). Bootstrap: 2 monitor RE-REPORT CLEAN + 2 doc-drift fix (dep-audit 64→65 · root CLAUDE 263→286, H1 flag). **State THẬT: Mig 52 · 88 bảng · 286 test · 66 gotcha · menu 53 · bundle admin `CNUv1jxY`/user `CpOskeS1` Run #304.** ⚠️ curate-debt P1: cicd-monitor **44.1KB** (worst). **Prev S67:** **buổi sản phẩm LỚN, 6 deploy prod-verified Run #297→#302** (anh + anh Kiệt FDC UAT realtime, HMW-mode ON): fe-user Hồ sơ NS đồng nhất font + chữ đen→**xanh đậm `brand-800`** (#297 `ab4e681`) · **fe-admin mirror master-detail** + accent tokens index.css [đóng pending lớn nhất HRM go-live, page SHA256 ×2] (#298 `292d64d`) · **+23 test-after HRM** [Dept cycle-guard · PE HoSoLink absolute-set · HRM-perm seed] → 263→**286** (#299 `bcd619d`) · **list flex-row gọn** [bảng 3-cột→flex-row, `overflow-x-hidden` → hết tràn ngang rail] + đồng nhất cỡ chữ [18/14/13/11px] ×2 app (#300 `91aaf05`) · **PE Link hồ sơ auto-detect** `http(s)`→hyperlink/`O:\`→Copy (#301 `6df1b2d`) → **render link `file://` bấm-thử** + Copy (#302 `536dd6b`). **Workflow research 3 investigator-api** (auto-mở `O:\` từ web): default browser CHẶN https→file://; **chỉ Edge GPO `IntranetFileLinksEnabled`** (Edge-only, Intranet Zone, 1 GPO domain zero-per-machine) = one-click thật — Chrome không có; .url-download zero-install nhưng 2-click. **State THẬT: Mig 52 · 88 bảng · 286 test (45D+241I) · 65 gotcha · menu 53 · bundle admin `CcrZqfht`/user `DniDFUB_`** (#302). test-specialist truncated return #53 → em main recover-disk (3 file test đủ + 286 verify); 0 production bug. ⚠️ curate-debt: cicd-monitor 39.8KB + inv-codebase 39.4KB over-cap. **Prev S66** — **session-end closeout em-main-solo, 0 product-sub:** adopt **Harness-8 all-inherit** (7 sub demoted `claude-opus-4-8`→`inherit` → cả 11 = inherit, gỡ two-tier Harness-4) + **cicd-monitor L1 curate 86.8→28.9KB** (byte-exact sed → `archive/2026-06.md`, incl #291 forensic) + **ef-core skill doc-flush Mig 50→52** (H1 drift, +Mig 51/52 rows) + check-email AI_INFRA (**0 thư mới se-directed**). ~17 file docs/gov/config, **0 production code** → state THẬT GIỮ NGUYÊN: **Mig 52 · 88 bảng · 263 test · 65 gotcha · menu 53 · bundle admin `BDwV5d0X`/user `DbVv6rsf`**. ⚠️ **Restart CLI** để H8 runtime (frontmatter no hot-reload) + reviewer Category 6 (S64 pending). adap-report `2026-06-16-Governance-harness-8-all-inherit-workflow-fastest` + email-back ai_infra (hash `fa7f690d` round-trip MATCH). Prev S65 — **HRM go-live: public Hồ sơ Nhân sự + trang master-detail giống NamGroup + Department hierarchy + PE Link hồ sơ**, ~6 deploy prod-verified Run #289→#295, anh + anh Kiệt FDC UAT realtime): (1) **public Hồ sơ Nhân sự mọi role** — `SeedAllRolesHrmProfileReadPermissionsAsync` grant CanRead `Hrm`+`Hrm_HoSo` 13 role chạy SAU revoke S58 (upgrade-only; EmployeesController policy-based `Hrm_HoSo.Read` mở luôn API không hardcode Roles), giữ ẩn Dashboard NS, Run #289; (2) **redesign màu foundation fe-user** — accent palette teal/violet/amberx/greenx + `.app-gradient-brand`/`.card-accent`/`.icon-chip` + heading 700, brand #1F7DC1 + Be Vietnam Pro giữ, Run #290; (3) **Department hierarchy** Mig 51 `AddDepartmentParentId` (ParentId loose-Guid no-FK + `GET /departments/tree` ráp cây in-memory + rollup count theo `User.DepartmentId` + cycle-guard HashSet) + picker "Phòng cha" fe-admin (self-service org chart) + Update cycle-guard, Run #292; (4) **Hồ sơ Nhân sự master-detail giống NamGroup** — `EmployeesListPage` rewrite: 3-panel→**2-cột** (cây tổ chức gốc "SOLUTION COMPANY" + list chồng TRÁI · chi tiết 5 tab PHẢI) + tô màu accent, giữ 100% 5 satellite CRUD (16 endpoint), Run #293/#294/#295; (5) **PE mục "e. Link hồ sơ"** Mig 52 `AddHoSoLinkToPurchaseEvaluation` (`HoSoLink string?` hyperlink NAS + `` target_blank rel-noopener + null-safe) + rename "Dự trù PRO"→"Ngân sách PRO" (row+badge) ×2 app SHA256-mirror, Run #293. **State THẬT: Mig 52 · 88 bảng · 263 test (45D+218I) · 65 gotcha · menu 53 · bundle admin `BDwV5d0X`/user `DbVv6rsf`** (Run #295 `456c7a7` Employee-refine — user rotate `CZfo_PFZ→DbVv6rsf`, cicd PASS). **🔥 Workflow fan-out chạy THẬT lần đầu** (`pe-hoso-link-rename-pro` BE∥FE→review) — parallel disjoint-file OK, NHƯNG FE+reviewer return-RỖNG #53 → em main recover-disk + self-gate (bắt badge "DỰ TRÙ PRO" sót rename); **verdict: fan-out cho parallelism nhưng reviewer-stage không tin được trong harness này → verify-heavy task vẫn tự gác = tương đương spawn lẻ** (`feedback_workflow_fanout_reliability`). gotcha **#65** NEW (build csproj con ≠ `dotnet build slnx` gồm tests → miss test-compile khi đổi chữ ký record command → CI CS7036 Run #291 FAIL-gated). **Prev S64** adopt **Harness-7 writing-quality floor** — em main solo, commit `6afde19` docs/gov-only, 0 sub spawn: `rules.md §1.1` outward-VN-full-grammar + reviewer Category 6 + adap-report + email ai_infra; broadcast body-hash `a4580ea9` verified-MATCH **KHÔNG mis-stamp** [false-mismatch = gotcha #61 PS5.1 UTF-8 decode của em]. Prev S63 docs-closeout bù S60/S61/S62 — **State THẬT: Mig 50 · 88 bảng · 263 test (45D+218I) · 64 gotcha · menu 53 · bundle admin `0xKYGhhf`/user `C81ZdG9G` Run #286**; S60-62 = PE ràng buộc gửi-duyệt + bypass drafter (S60) · gỡ "Từ chối" (S60) · Mig 50 ngân sách per-gói-thầu Excel anh Kiệt + XÓA module Budget cũ (S61) · vượt-NS cảnh-báo-mềm cho lưu (S62); + reconcile stray reviewer cwd-misland; session log `2026-06-12-S60-S62-pe-budget-workitem-softwarning.md`). Prev Session 59 ( **10 đợt ship prod-verified: 8 Run PASS + 2 cancelled-supersede-benign #273→#282** (run_number API — dải đếm khác #38x S58, cùng pipeline; 2 cancel = push-đè khi UAT góp ý realtime, ancestor-verified): (1) **wipe transactional testing data** theo anh Kiệt FDC — 10 PE + 7 HĐ [DEMO] + 64 notif + 1 AwV2 cũ inactive = 0, reset PeSeq/CtSeq → phiếu thật đầu tiên team tạo chiều nay = **PE/2026/A/001** ✓, app-recycle KHÔNG resurrect (DemoSeed gate held), uploads orphan dọn (`56882ac` #273); (2+3) **PE tree Panel 1 chốt 4 tầng "📅 Năm > 📁 Dự án > 🧱 Hạng mục > Phiếu"** (anh chốt follow-up sau bản gộp "Dự án (Năm)"; `yearGroups` useMemo, expand-key v3, FE-only — list DTO đã có workItemName S57bis) (`0eafcd3` #274); (4) **dọn 15 mã hạng mục demo tự chế** theo chị Trà Sol "xóa cái đám phần thô phần hoàn thiện… MÀ ANH TỰ ĐẺ RA" — WorkItems 86→**71**, GỠ HẲN block seed demo khỏi DbInitializer, đối chiếu 71/71 khớp bảng PMH từng dòng (`bbd1554` #275, bundle frozen BE-only); (5) **rename 71 mã đúng format PMH anh Kiệt chốt** "Mà CV gồm chữ MEP-SUB-1 rồi tên 1 MEP Sub MEP (Full) — đúng kiểu vậy" → `MAT-n`/`SUB-n`/`MEP-SUB-n`/`MEP-EQU-n` + Name "STT nhóm tên"; **DB-trước-code-sau** (gotcha **#62** NEW — seed per-code idempotent, sai thứ tự = 142 rows) + sqlcmd `-f 65001` (gotcha **#61** NEW — verify data qua API JSON, KHÔNG tin console mojibake) + FE sort numeric ×3 ×2 app (`c869d26` #276); (6) **UAT 6 vòng 11 điểm**: NEW **`ui/SearchableSelect`** combobox gõ-lọc BỎ DẤU (fold NFD — Hạng mục/Dự án/NCC) + auto Địa điểm từ Project.Location + điều khoản TT Textarea đa dòng (`faed59f` #277) · anh chốt: **ẩn cả Trả lại+Từ chối khi người duyệt = người soạn** (drafterUserId match) + **quick-add NCC ngay form** (SuppliersController POST hạ → any-auth, PUT/DELETE giữ khóa — cicd authz probe live 4/4: 401 unauth/201 nv.test/403 delete/cleanup) + upload multiple files ×2 chỗ (`9c330d2` #278) · vòng 3-6 realtime (`f21c55d` #279-cancelled / `69997da` #280 / `80b64dd` #281-cancelled / `792c030` **#282 FINAL**): **bảng NCC table-fixed** width từng cột (file dài hết vỡ layout) + **bỏ ô "Tên" ngân sách nhập tay** (chỉ còn Số tiền, hasManual detect theo amount) + **GỠ field "Điều khoản thanh toán" khỏi TẤT CẢ form phiếu** (cột per-NCC + display phiếu cũ GIỮ) + **bỏ nút "+ Thêm hạng mục"** (1 phiếu = 1 hạng mục header). Bundle FINAL admin **`B1DtNT9C`**/user **`D6uF3Mln`** (Run #282). Test 240 ×2 local + 8× CI gate. **0/14 spawn truncated** (lần đầu sau nhiều session). → session log `2026-06-11-S59-wipe-tree-pmh-uat-batch.md`. Prev S58 (2026-06-11 — **4 việc prod-verified Run #382/#383/#384**: lock-demo-user fix + tạm ẩn HRM/Office/Cá nhân + Danh mục cuối sidebar + fe-user redesign theo UI/UX guide AI_INFRA. **Việc 1 — lock fix** (Run #382, `5998163` ~3m31s): Run #381 cicd phát hiện S57bis lock = NO-OP (14 email named-person là population Dev-only). Recon dump prod: demo thật = 20 UAT-matrix `{dept}.{nv,pp,tp}@`+`bod.{1,2}@` tạo TAY 05-13; root cause sâu = `DemoUserPassword` 11 ký tự < prod `RequiredLength=12` → `CreateAsync` silent-fail MỌI startup từ trước tới giờ (= root cause "helpdesk inert phòng IT 0 user" S56). Fix: union 20 email + password 12 ký tự. Prod sau deploy: **55 user / 21 active / 34 locked** — 20 UAT + 14 named-person locked ✓, **nv.cao/nv.truong CREATED+ACTIVE (helpdesk S56 RESOLVED)** ✓, 5 real staff created ✓, guard admin/catalog.manager/nv.test/chuong.phan-typo active ✓ (anh chốt 3 quyết định AskUserQuestion). Bundle FROZEN. gotcha **#60** NEW (seed silent-fail vs prod password policy — dump population thật trước khi lock/seed-by-email). +Closeout S57bis residual: gotcha #59 commit, 4 spawn-record on-behalf (H2 4-MISS), H1 5-patch doc-drift, test 240 re-verified local. Prev S57bis (2026-06-11 sáng) — **PE gắn Hạng mục công việc (Mig 49) + mở quyền Pe all-role + menu "Cá nhân" + khóa demo user** (sếp Zalo deadline 15:00): commit `17b23a4` (Harness-4 two-tier runtime-VERIFIED spawn-test 2 chiều) + `dd117b7` (product) → Run #381 PASS ~4m25s. Mig 49 `AddWorkItemToPurchaseEvaluation`: PE.WorkItemId `Guid?` loose-Guid KHÔNG FK vật lý (convention PE — database-agent design) + IX + validator NotEmpty create + FK-guard handler Conflict + UpdateDraft null-safe. FE ×2 app PeWorkspaceCreateView/PeHeaderForm (SHA256 identical)/PeDetailTabs "Dự án – Hạng mục". Pe_* 11 key CanRead+CanCreate mọi role (130 rows/13 role — Pe_* leaf KHÔNG nằm MenuKeys.All, build qua factory). Menu Personal root@30 + Chấm công re-parent + Master write-lock `Admin,CatalogManager` ×3 controller. Test 228→**240** (+12 PeWorkItemGuardTests). Bundle rotate cả 2: admin `CP4CB1ym` / user `BmZ3VHnm`. 2 builder truncated #53 + reviewer die-0-byte ×2 → em main solo vá cross-stack + self-gate. Excel (3) đối chiếu = NO-CHANGE (S55 data identical). Prev S56 — **Pre-golive verify sweep + golive-harden 4 fix — HMW 2-workflow, prod-verified**: commit `a20cde8` → Run #379 PASS ~4m20s. WF1 `pre-golive-verify` 7-stream song song + adversarial → 6 PASS/1 CONCERN/0 blocker = **GO**; key finds = **ops not code** (prod IT-dept 0 active user → helpdesk inert + S43 LeaveBalance lost-update còn nguyên). WF2 `golive-harden` fix 4: **#3** LeaveBalance lost-update→atomic `ExecuteUpdateAsync`+Serializable tx (NO mig, exactly-once nguyên) · **#5** ItTicket authz Forbidden-trước-NotFound (fail-closed) · **#6** DocxRenderer null-guard (2 warn→0) · **#4** Travel/Vehicle ApproveV2 +4 smoke. Test **216→228**. Bundle FROZEN `4SUwDLD8`/`XdKzt9LL` (BE-only). `sys.tables` re-ground **92→93** (cicd ground-truth, Mig 48 col-only). reviewer stage StructuredOutput-fail→em main đỡ cross-stack review (3 diff clean) + bump Serializable đóng MAJOR. gotcha **#58** NEW (EF read-modify-write lost-update→ExecuteUpdate atomic). **2 ops VPS pending** (gán user phòng IT + `tzutil` UTC+7). FE Phase 2 redesign **deferred** (recon ready). Prev S55 — **Nạp master data thật từ Excel + Project +4 cột (Mig 48), HMW-mode ON**: commit `69cb393` → Run #377 PASS ~4m33s, prod-verified. Anh giao file Excel "HẠNG MỤC CÔNG VIỆC DỰ ÁN" → `/ultra-on "workflow làm xong hết"`. Nạp **62 dự án + 71 hạng mục + 3 NCC** vào Project/WorkItem/Supplier qua `SeedRealMasterDataAsync` (per-code idempotent, **UNGATED** → coexist demo, tự lên prod). **Mig 48 `AddProjectMasterFields`**: Project +4 cột nullable (Year/Investor/Location/Package, NO new table). FE ProjectsPage form +4 input ×2 app SHA256 mirror. Test 216 (compile-fix MasterCatalogFilteredUniqueTests +4 null args, no new test). Bundle admin `DmjI8Cmn`→`B-d6893W`/user `YxL_MljK`→`XdKzt9LL` (cả 2 rotate). Prod verify: Mig 48 applied · Projects spot-6/6 · WorkItems VT/TP/MEP/TB=71 · Suppliers 3 · CAL01.Investor="Công ty TNHH Calofic". **2 agent return truncated** (implementer-backend + reviewer, gotcha #53) → em main disk/runtime-recover (build/test/sqlcmd/git truth); cicd verdict-FIRST → PASS clean no-truncate. Data-quality catch: MEP col gộp 2 nhóm + divider "THIẾT BỊ" → split đúng 71/4-category. Provenance `scripts/master-import-data.generated.md`. Prev S54 — **IT staff tự reassign ticket (cross-stack authz, HMW-mode ON)**: 1 code commit `ca4b602` → Run #376 PASS ~4m18s, prod-verified. Cho tổ IT (dept Code=="IT") + Admin reassign ItTicket trên CẢ 2 app. BE: NEW `GetAssignableItStaffQuery` capability endpoint `{canReassign,staff}` + `AssignItTicketHandler` authz Admin-OR-dept-IT (Forbidden) + assignee-must-IT (Conflict) + controller `/assign` hạ `[Authorize(Roles=Admin)]`→`[Authorize]` (handler fine-grained). FE: fe-admin+fe-user ItTicketsPage **SHA256-identical** (REVERSE S53 divergence) gate nút by `canReassign`, dropdown từ `/assignable-staff` (không `/users`). Test 203→**216** (+13 authz guard test-before-merge). NO migration (DepartmentId reuse). Bundle admin `DfCfHUE9`→`DmjI8Cmn` / user `_3S0BPJ2`→`YxL_MljK` (cả 2 rotate). 6-agent fan-out (BE∥FE→test→reviewer→cicd) + em main reconcile stray-memory residual (3 agent ghi MEMORY nhầm `src/Backend/.claude` → harvest về canonical). reviewer PASS 0 blocker (role-string "Admin" chain-verified). Task 1 Phase 9 Ops KHÔNG làm (anh dừng). flag: cicd `sys.tables=93` vs STATUS 92 → monthly audit re-ground.) Prev S53 (gotcha #57 EXT Master Mig 47 + P11-D reassign-UI fe-admin + P11-E menu + database-agent verified-runtime: `44b9e54` Run #260 + `dbf6648` Run #261, test→203, bundle→`DfCfHUE9`). Prev S52 (Phase 11 P11-D+E+F deployed + database-agent adopt, HMW-mode ON): 3 commit — `e9ee97f` (database-agent DB1–DB11 read-advisory, roster 10→11, executed-file CHỜ restart) + `6a66429` Wave 1 (P11-E AttendanceReport+Excel+OtPolicy multiplier + P11-F MaTicket codegen, migration-free) + `dcf76f8` Wave 2 (P11-D ItTicket round-robin assign dept-IT + SLA timer, Mig 46). Test 186→**200**. Bundle admin `DYfjnpY0`/user `_3S0BPJ2` (cả 2 deploy verified curl độc lập — Wave 1 BE 401 wired + Wave 2 /assign 401 + Mig 46 applied health-200). ⚠️ **Session-limit hit giữa Wave 2** → recovery: BE/test verify-on-disk + em main solo FE redo + curl-self-verify thay cicd-spawn (multi-agent resilience, git/disk/prod = source-of-truth). RAG recovered (chunk 2416 rerank live) nhưng stale 05-29. Prev S51: P11-C Vehicle+Driver.) +**Last updated:** 2026-06-18 (S72 — **Harness-10 flat-refine + checklist-v2 adopt (re-audit 3-workflow) + sleep NO-OP** — em main + 9 sub qua 3 Workflow (audit `wf_13868efb-ea7` → implement `wf_ac43b5ff-7d1` → review `wf_d482e10d-5dd`, mandate Harness-9 B1+B2). Anh chỉ "sisters làm tốt mỗi SE thiếu" → re-audit đo vs canonical: **SE BEHIND Harness-10 flat** (run-trace còn SUBFOLDER, canonical=FLAT) → migrate `hmw.js` (`:103` sub-md/→flat + `:52` schema + **H4.5→H8 doc-drift**) + `workflows/README` full-rewrite + `runs/README` + session-start/end + `agents/README` Upgrade S72 + `_ledger`; **5 run cũ S71 GIỮ subfolder** (C8 dual-accept). +2 broadcast 06-18 adopt (checklist-v2 + h10-flat-detector-refine). +`/sleep-recovery-memory-l2` port (A8, §J2-tailored SE-only, floor intact, live skill). **detector refine-b TAILORED-OUT** (SE Workflow-tool no-CLI-bypass; containment git-diff+tracked+orphan-scan G-015). **REVIEW (B2 dogfood) bắt 2 lỗi IMPLEMENT-self-assess sót** (hmw.js:52 schema-stale + sleep-cmd auto-check un-wired overclaim) → fixed (auto-check **WIRED thật**: budget.json `+last_sleep_at` + session-start:78 + session-end:48, grep-verified). em-main containment-check tự bắt 1 reviewer residual-write (raw-Workflow KHÔNG hmw.js writeGuard → reverse-finding #4) → revert. **B3 self-correct:** S71 report path tắt `runs/`+"14" → thật `.claude/workflows/runs`=22. **Sleep `all`=NO-OP** (5/9 empty-archive + 4/9 đã-gisted → 0 compressed; `last_sleep_at`=2026-06-18). **0 production code, state THẬT GIỮ NGUYÊN.** adap-report `2026-06-18-Governance-harness-10-flat-refine-checklist-v2` + email ai_infra (`5f511fe5c0f2`). ⚠️ **restart CLI** activate FLAT-runtime hmw.js + wired sleep-check + sleep-recovery skill. 🔴 **NEXT (em):** curate investigator-codebase L1 **28973 OVER** (audit-trail) + watch frontend-designer/test-specialist near-cap. → session log `2026-06-18-S72-harness-10-flat-refine.md`. **Prev S71 — Harness-10 adopt: tracked run-trace folder convention + checklist 9-10 self-verify** — em main + 3 Workflow (invest `wf_9c2cd2cd-2e7` → implement `wf_e4e46725-231` → review `wf_636bc95b-939`) theo mandate Harness-9 PART 2. **0 production code** (governance/workflow only). Migrate `.claude/workflows/wave-*/` gitignored → `runs//` **git-TRACKED** (run.md + sub-md/ + harvest/) + `_ledger.md` 2-nhịp + 3-layer anti-miss (L1 em-main@P1 ledger-check / L2 session-start orphan-scan / L3 session-end close-gate **idempotent-VERIFY-not-re-APPEND**) + **containment model shift** (Harness-2 B6 "mọi tracked-change=vi-phạm" → Harness-10 "tracked-change NGOÀI run-folder + code-disjoint=vi-phạm"; run-folder TRACKED → HIỆN git-diff = audit trực-tiếp). hmw.js wave→run-trace (accept `args.run`, alias `wave`; path `sub-md/`; `node --check` PARSE-OK). **Review độc-lập (R2+R3) bắt C5 L1 over-claim** (doc nói hmw.js prompt-builder emit L1 reminder nhưng grep engine=0 → engine no-fs → fixed path-a: L1 = em-main @P1 convention) — dogfood mandate B2 đúng (1-workflow-tự-chấm sẽ bỏ sót). **checklist 9-10:** Part A (Harness-9 memory) + Part B (adap 2-workflow) Đà done S70; Part C (Harness-10) MỚI 8/8. dogfood: 3 run-trace folder TRACKED đầu + 3 entry ledger. adap-report `2026-06-18-Governance-checklist-harness-9-10` + email ai_infra. **State THẬT GIỮ NGUYÊN: Mig 53 · 88 bảng · 306 test · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf`.** + `CLAUDE.md` test-flush 263→306 (pre-existing uncommitted, resolve H1 stale-flag). ⚠️ restart CLI activate hmw.js RUN-TRACE runtime + (carry S66/S70) §2.1.2 budget-audit/reviewer-Cat-6/H8-inherit. ✅ **curate-debt CLOSED S71** (FINALIZE double-check `wf_73de399d-753` + curate `wf_f32987b8-03f`): reviewer 36.7→24.8KB + investigator 29.8→23.2KB (both <25600 cap, archive +N -0 0-byte-loss) + reviewer-gist gen:2 + 3 user-memory G2/G3 + budget.json re-measure. Race root-cause fixed cấu-trúc (hmw.js RUN-TRACE writeGuard). → session log `2026-06-18-S71-harness-10-run-trace.md` (pending). **Prev S70** — **Harness-9 adopt: L2 archive dark-matter recovery + adap 2-workflow mandate** — em main + 3 Workflow (investigate `wf_be952f3c-97f` → implement `wf_a58e0d15-beb` → audit `wf_9520d8cd-4fe`) + 2 monitor bootstrap. **0 production code** (governance/memory only, commit `f36aab8` pushed). 4 over-cap sub-agent (cicd-monitor/investigator-codebase/reviewer/implementer-backend) curate L1→L2 + `archive/_INDEX.md` (mục-lục con-trỏ **substring sha-keyed**, Ctrl-F fallback) + `.gist.md` (nén 4-field distill-gen:1, verbatim FROZEN) → **cả 4 < 25KB auto-inject cap** (P1 curate-debt CLOSED; ~240KB archive hết RAG-dark). PART 2/3 process-mandate codify (adap-apply + agents/README Upgrade S70 + session-start §2.1.2 budget-audit). **0-byte-loss git+sha verified** (Stage C audit + em-main self-gate khi 2 reviewer no-StructuredOutput). +`memory-budget.json` (seed-by-measure) + `scripts/measure-agent-memory.ps1` + `.ragignore` + doc-drift 4-cite flush. adap-report + email-back ai_infra (body-hash `7c07b716e775`). **State THẬT GIỮ NGUYÊN: Mig 53 · 88 bảng · 306 test · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf`.** ⚠️ restart CLI để activate session-start §2.1.2 + pending H8 inherit + reviewer Cat-6. → session log `2026-06-17-S70-harness-9-l2-recovery.md`. **Prev S69** — **Văn phòng số (E-Office) port + golive + PE cờ gấp/ngưỡng CCM — 4 deploy prod-verified Run #305→#308, HMW-mode ON, 2 workflow fan-out + ~14 spawn**: foundation PURO (shared PageHeader/KpiCard/WidgetCard + Dashboard 2-cột + sync fe-admin index.css đóng drift S66-S68) #305 → **re-skin TRỌN 10 page** PURO layout + CSS Hồ sơ NS, phẫu-thuật-giữ-100%-logic (reviewer verify api/queryKey byte-identical) #306 → **Office golive public** `SeedAllRolesOfficeModulePermissionsAsync` read+create 16-key allow-list mọi role (mirror S65 pattern, chạy SAU revoke; excluded Off_PhongHop_Manage/Off_AttendanceReport/Off_ChamCong giữ ẩn; cicd DB-verify 16/16×13 role) #307 → **PE cờ gấp PRO/CCM + CCM duyệt-final theo ngưỡng giá trị** Mig 53 (anh Kiệt FDC sau họp sếp) #308. **State THẬT: Mig 53 · 88 bảng · 306 test (45D+261I) · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf` Run #308.** 2 gotcha NEW (**#67** Tailwind accent palette thiếu-stop vỡ-màu-im-lặng · **#68** stale-diagnostic-background-agent). 2 truncation #53 (impl-backend positional-record + impl-frontend) → em main recover-disk + self-gate (cả 2 build PASS sau-cùng). C (sau duyệt → chuyển phiếu đến dự án) chờ anh Kiệt spec form. → session log `2026-06-17-S69-vanphong-golive-pe-urgent-threshold.md`. **Prev S68** — **Hồ sơ NS header chi tiết NV: làm nổi bật + fix tên render đen→trắng** — em main solo, 3 commit (2 FE `6983609`+`37752eb` · 1 docs `11bc96d`), 2 deploy prod-verified Run #303-304 (anh UAT realtime): tên `text-xl extrabold`+drop-shadow · dòng meta `text-[13px] font-medium` trắng-đậm · badge pill **màu theo trạng thái** (#303); anh báo "tên đen nền xanh ko nổi bật" → diagnose **rule `h1-h4{color:#0b1220}` viết NGOÀI `@layer` thắng `text-white`** (Tailwind v4 unlayered > all layers, **gotcha #66 NEW**) → ép `text-white!` + thu nhỏ `text-lg` (#304, grep dist confirm `!important`). Bootstrap: 2 monitor RE-REPORT CLEAN + 2 doc-drift fix (dep-audit 64→65 · root CLAUDE 263→286, H1 flag). **State THẬT: Mig 52 · 88 bảng · 286 test · 66 gotcha · menu 53 · bundle admin `CNUv1jxY`/user `CpOskeS1` Run #304.** ⚠️ curate-debt P1: cicd-monitor **44.1KB** (worst). **Prev S67:** **buổi sản phẩm LỚN, 6 deploy prod-verified Run #297→#302** (anh + anh Kiệt FDC UAT realtime, HMW-mode ON): fe-user Hồ sơ NS đồng nhất font + chữ đen→**xanh đậm `brand-800`** (#297 `ab4e681`) · **fe-admin mirror master-detail** + accent tokens index.css [đóng pending lớn nhất HRM go-live, page SHA256 ×2] (#298 `292d64d`) · **+23 test-after HRM** [Dept cycle-guard · PE HoSoLink absolute-set · HRM-perm seed] → 263→**286** (#299 `bcd619d`) · **list flex-row gọn** [bảng 3-cột→flex-row, `overflow-x-hidden` → hết tràn ngang rail] + đồng nhất cỡ chữ [18/14/13/11px] ×2 app (#300 `91aaf05`) · **PE Link hồ sơ auto-detect** `http(s)`→hyperlink/`O:\`→Copy (#301 `6df1b2d`) → **render link `file://` bấm-thử** + Copy (#302 `536dd6b`). **Workflow research 3 investigator-api** (auto-mở `O:\` từ web): default browser CHẶN https→file://; **chỉ Edge GPO `IntranetFileLinksEnabled`** (Edge-only, Intranet Zone, 1 GPO domain zero-per-machine) = one-click thật — Chrome không có; .url-download zero-install nhưng 2-click. **State THẬT: Mig 52 · 88 bảng · 286 test (45D+241I) · 65 gotcha · menu 53 · bundle admin `CcrZqfht`/user `DniDFUB_`** (#302). test-specialist truncated return #53 → em main recover-disk (3 file test đủ + 286 verify); 0 production bug. ⚠️ curate-debt: cicd-monitor 39.8KB + inv-codebase 39.4KB over-cap. **Prev S66** — **session-end closeout em-main-solo, 0 product-sub:** adopt **Harness-8 all-inherit** (7 sub demoted `claude-opus-4-8`→`inherit` → cả 11 = inherit, gỡ two-tier Harness-4) + **cicd-monitor L1 curate 86.8→28.9KB** (byte-exact sed → `archive/2026-06.md`, incl #291 forensic) + **ef-core skill doc-flush Mig 50→52** (H1 drift, +Mig 51/52 rows) + check-email AI_INFRA (**0 thư mới se-directed**). ~17 file docs/gov/config, **0 production code** → state THẬT GIỮ NGUYÊN: **Mig 52 · 88 bảng · 263 test · 65 gotcha · menu 53 · bundle admin `BDwV5d0X`/user `DbVv6rsf`**. ⚠️ **Restart CLI** để H8 runtime (frontmatter no hot-reload) + reviewer Category 6 (S64 pending). adap-report `2026-06-16-Governance-harness-8-all-inherit-workflow-fastest` + email-back ai_infra (hash `fa7f690d` round-trip MATCH). Prev S65 — **HRM go-live: public Hồ sơ Nhân sự + trang master-detail giống NamGroup + Department hierarchy + PE Link hồ sơ**, ~6 deploy prod-verified Run #289→#295, anh + anh Kiệt FDC UAT realtime): (1) **public Hồ sơ Nhân sự mọi role** — `SeedAllRolesHrmProfileReadPermissionsAsync` grant CanRead `Hrm`+`Hrm_HoSo` 13 role chạy SAU revoke S58 (upgrade-only; EmployeesController policy-based `Hrm_HoSo.Read` mở luôn API không hardcode Roles), giữ ẩn Dashboard NS, Run #289; (2) **redesign màu foundation fe-user** — accent palette teal/violet/amberx/greenx + `.app-gradient-brand`/`.card-accent`/`.icon-chip` + heading 700, brand #1F7DC1 + Be Vietnam Pro giữ, Run #290; (3) **Department hierarchy** Mig 51 `AddDepartmentParentId` (ParentId loose-Guid no-FK + `GET /departments/tree` ráp cây in-memory + rollup count theo `User.DepartmentId` + cycle-guard HashSet) + picker "Phòng cha" fe-admin (self-service org chart) + Update cycle-guard, Run #292; (4) **Hồ sơ Nhân sự master-detail giống NamGroup** — `EmployeesListPage` rewrite: 3-panel→**2-cột** (cây tổ chức gốc "SOLUTION COMPANY" + list chồng TRÁI · chi tiết 5 tab PHẢI) + tô màu accent, giữ 100% 5 satellite CRUD (16 endpoint), Run #293/#294/#295; (5) **PE mục "e. Link hồ sơ"** Mig 52 `AddHoSoLinkToPurchaseEvaluation` (`HoSoLink string?` hyperlink NAS + `` target_blank rel-noopener + null-safe) + rename "Dự trù PRO"→"Ngân sách PRO" (row+badge) ×2 app SHA256-mirror, Run #293. **State THẬT: Mig 52 · 88 bảng · 263 test (45D+218I) · 65 gotcha · menu 53 · bundle admin `BDwV5d0X`/user `DbVv6rsf`** (Run #295 `456c7a7` Employee-refine — user rotate `CZfo_PFZ→DbVv6rsf`, cicd PASS). **🔥 Workflow fan-out chạy THẬT lần đầu** (`pe-hoso-link-rename-pro` BE∥FE→review) — parallel disjoint-file OK, NHƯNG FE+reviewer return-RỖNG #53 → em main recover-disk + self-gate (bắt badge "DỰ TRÙ PRO" sót rename); **verdict: fan-out cho parallelism nhưng reviewer-stage không tin được trong harness này → verify-heavy task vẫn tự gác = tương đương spawn lẻ** (`feedback_workflow_fanout_reliability`). gotcha **#65** NEW (build csproj con ≠ `dotnet build slnx` gồm tests → miss test-compile khi đổi chữ ký record command → CI CS7036 Run #291 FAIL-gated). **Prev S64** adopt **Harness-7 writing-quality floor** — em main solo, commit `6afde19` docs/gov-only, 0 sub spawn: `rules.md §1.1` outward-VN-full-grammar + reviewer Category 6 + adap-report + email ai_infra; broadcast body-hash `a4580ea9` verified-MATCH **KHÔNG mis-stamp** [false-mismatch = gotcha #61 PS5.1 UTF-8 decode của em]. Prev S63 docs-closeout bù S60/S61/S62 — **State THẬT: Mig 50 · 88 bảng · 263 test (45D+218I) · 64 gotcha · menu 53 · bundle admin `0xKYGhhf`/user `C81ZdG9G` Run #286**; S60-62 = PE ràng buộc gửi-duyệt + bypass drafter (S60) · gỡ "Từ chối" (S60) · Mig 50 ngân sách per-gói-thầu Excel anh Kiệt + XÓA module Budget cũ (S61) · vượt-NS cảnh-báo-mềm cho lưu (S62); + reconcile stray reviewer cwd-misland; session log `2026-06-12-S60-S62-pe-budget-workitem-softwarning.md`). Prev Session 59 ( **10 đợt ship prod-verified: 8 Run PASS + 2 cancelled-supersede-benign #273→#282** (run_number API — dải đếm khác #38x S58, cùng pipeline; 2 cancel = push-đè khi UAT góp ý realtime, ancestor-verified): (1) **wipe transactional testing data** theo anh Kiệt FDC — 10 PE + 7 HĐ [DEMO] + 64 notif + 1 AwV2 cũ inactive = 0, reset PeSeq/CtSeq → phiếu thật đầu tiên team tạo chiều nay = **PE/2026/A/001** ✓, app-recycle KHÔNG resurrect (DemoSeed gate held), uploads orphan dọn (`56882ac` #273); (2+3) **PE tree Panel 1 chốt 4 tầng "📅 Năm > 📁 Dự án > 🧱 Hạng mục > Phiếu"** (anh chốt follow-up sau bản gộp "Dự án (Năm)"; `yearGroups` useMemo, expand-key v3, FE-only — list DTO đã có workItemName S57bis) (`0eafcd3` #274); (4) **dọn 15 mã hạng mục demo tự chế** theo chị Trà Sol "xóa cái đám phần thô phần hoàn thiện… MÀ ANH TỰ ĐẺ RA" — WorkItems 86→**71**, GỠ HẲN block seed demo khỏi DbInitializer, đối chiếu 71/71 khớp bảng PMH từng dòng (`bbd1554` #275, bundle frozen BE-only); (5) **rename 71 mã đúng format PMH anh Kiệt chốt** "Mà CV gồm chữ MEP-SUB-1 rồi tên 1 MEP Sub MEP (Full) — đúng kiểu vậy" → `MAT-n`/`SUB-n`/`MEP-SUB-n`/`MEP-EQU-n` + Name "STT nhóm tên"; **DB-trước-code-sau** (gotcha **#62** NEW — seed per-code idempotent, sai thứ tự = 142 rows) + sqlcmd `-f 65001` (gotcha **#61** NEW — verify data qua API JSON, KHÔNG tin console mojibake) + FE sort numeric ×3 ×2 app (`c869d26` #276); (6) **UAT 6 vòng 11 điểm**: NEW **`ui/SearchableSelect`** combobox gõ-lọc BỎ DẤU (fold NFD — Hạng mục/Dự án/NCC) + auto Địa điểm từ Project.Location + điều khoản TT Textarea đa dòng (`faed59f` #277) · anh chốt: **ẩn cả Trả lại+Từ chối khi người duyệt = người soạn** (drafterUserId match) + **quick-add NCC ngay form** (SuppliersController POST hạ → any-auth, PUT/DELETE giữ khóa — cicd authz probe live 4/4: 401 unauth/201 nv.test/403 delete/cleanup) + upload multiple files ×2 chỗ (`9c330d2` #278) · vòng 3-6 realtime (`f21c55d` #279-cancelled / `69997da` #280 / `80b64dd` #281-cancelled / `792c030` **#282 FINAL**): **bảng NCC table-fixed** width từng cột (file dài hết vỡ layout) + **bỏ ô "Tên" ngân sách nhập tay** (chỉ còn Số tiền, hasManual detect theo amount) + **GỠ field "Điều khoản thanh toán" khỏi TẤT CẢ form phiếu** (cột per-NCC + display phiếu cũ GIỮ) + **bỏ nút "+ Thêm hạng mục"** (1 phiếu = 1 hạng mục header). Bundle FINAL admin **`B1DtNT9C`**/user **`D6uF3Mln`** (Run #282). Test 240 ×2 local + 8× CI gate. **0/14 spawn truncated** (lần đầu sau nhiều session). → session log `2026-06-11-S59-wipe-tree-pmh-uat-batch.md`. Prev S58 (2026-06-11 — **4 việc prod-verified Run #382/#383/#384**: lock-demo-user fix + tạm ẩn HRM/Office/Cá nhân + Danh mục cuối sidebar + fe-user redesign theo UI/UX guide AI_INFRA. **Việc 1 — lock fix** (Run #382, `5998163` ~3m31s): Run #381 cicd phát hiện S57bis lock = NO-OP (14 email named-person là population Dev-only). Recon dump prod: demo thật = 20 UAT-matrix `{dept}.{nv,pp,tp}@`+`bod.{1,2}@` tạo TAY 05-13; root cause sâu = `DemoUserPassword` 11 ký tự < prod `RequiredLength=12` → `CreateAsync` silent-fail MỌI startup từ trước tới giờ (= root cause "helpdesk inert phòng IT 0 user" S56). Fix: union 20 email + password 12 ký tự. Prod sau deploy: **55 user / 21 active / 34 locked** — 20 UAT + 14 named-person locked ✓, **nv.cao/nv.truong CREATED+ACTIVE (helpdesk S56 RESOLVED)** ✓, 5 real staff created ✓, guard admin/catalog.manager/nv.test/chuong.phan-typo active ✓ (anh chốt 3 quyết định AskUserQuestion). Bundle FROZEN. gotcha **#60** NEW (seed silent-fail vs prod password policy — dump population thật trước khi lock/seed-by-email). +Closeout S57bis residual: gotcha #59 commit, 4 spawn-record on-behalf (H2 4-MISS), H1 5-patch doc-drift, test 240 re-verified local. Prev S57bis (2026-06-11 sáng) — **PE gắn Hạng mục công việc (Mig 49) + mở quyền Pe all-role + menu "Cá nhân" + khóa demo user** (sếp Zalo deadline 15:00): commit `17b23a4` (Harness-4 two-tier runtime-VERIFIED spawn-test 2 chiều) + `dd117b7` (product) → Run #381 PASS ~4m25s. Mig 49 `AddWorkItemToPurchaseEvaluation`: PE.WorkItemId `Guid?` loose-Guid KHÔNG FK vật lý (convention PE — database-agent design) + IX + validator NotEmpty create + FK-guard handler Conflict + UpdateDraft null-safe. FE ×2 app PeWorkspaceCreateView/PeHeaderForm (SHA256 identical)/PeDetailTabs "Dự án – Hạng mục". Pe_* 11 key CanRead+CanCreate mọi role (130 rows/13 role — Pe_* leaf KHÔNG nằm MenuKeys.All, build qua factory). Menu Personal root@30 + Chấm công re-parent + Master write-lock `Admin,CatalogManager` ×3 controller. Test 228→**240** (+12 PeWorkItemGuardTests). Bundle rotate cả 2: admin `CP4CB1ym` / user `BmZ3VHnm`. 2 builder truncated #53 + reviewer die-0-byte ×2 → em main solo vá cross-stack + self-gate. Excel (3) đối chiếu = NO-CHANGE (S55 data identical). Prev S56 — **Pre-golive verify sweep + golive-harden 4 fix — HMW 2-workflow, prod-verified**: commit `a20cde8` → Run #379 PASS ~4m20s. WF1 `pre-golive-verify` 7-stream song song + adversarial → 6 PASS/1 CONCERN/0 blocker = **GO**; key finds = **ops not code** (prod IT-dept 0 active user → helpdesk inert + S43 LeaveBalance lost-update còn nguyên). WF2 `golive-harden` fix 4: **#3** LeaveBalance lost-update→atomic `ExecuteUpdateAsync`+Serializable tx (NO mig, exactly-once nguyên) · **#5** ItTicket authz Forbidden-trước-NotFound (fail-closed) · **#6** DocxRenderer null-guard (2 warn→0) · **#4** Travel/Vehicle ApproveV2 +4 smoke. Test **216→228**. Bundle FROZEN `4SUwDLD8`/`XdKzt9LL` (BE-only). `sys.tables` re-ground **92→93** (cicd ground-truth, Mig 48 col-only). reviewer stage StructuredOutput-fail→em main đỡ cross-stack review (3 diff clean) + bump Serializable đóng MAJOR. gotcha **#58** NEW (EF read-modify-write lost-update→ExecuteUpdate atomic). **2 ops VPS pending** (gán user phòng IT + `tzutil` UTC+7). FE Phase 2 redesign **deferred** (recon ready). Prev S55 — **Nạp master data thật từ Excel + Project +4 cột (Mig 48), HMW-mode ON**: commit `69cb393` → Run #377 PASS ~4m33s, prod-verified. Anh giao file Excel "HẠNG MỤC CÔNG VIỆC DỰ ÁN" → `/ultra-on "workflow làm xong hết"`. Nạp **62 dự án + 71 hạng mục + 3 NCC** vào Project/WorkItem/Supplier qua `SeedRealMasterDataAsync` (per-code idempotent, **UNGATED** → coexist demo, tự lên prod). **Mig 48 `AddProjectMasterFields`**: Project +4 cột nullable (Year/Investor/Location/Package, NO new table). FE ProjectsPage form +4 input ×2 app SHA256 mirror. Test 216 (compile-fix MasterCatalogFilteredUniqueTests +4 null args, no new test). Bundle admin `DmjI8Cmn`→`B-d6893W`/user `YxL_MljK`→`XdKzt9LL` (cả 2 rotate). Prod verify: Mig 48 applied · Projects spot-6/6 · WorkItems VT/TP/MEP/TB=71 · Suppliers 3 · CAL01.Investor="Công ty TNHH Calofic". **2 agent return truncated** (implementer-backend + reviewer, gotcha #53) → em main disk/runtime-recover (build/test/sqlcmd/git truth); cicd verdict-FIRST → PASS clean no-truncate. Data-quality catch: MEP col gộp 2 nhóm + divider "THIẾT BỊ" → split đúng 71/4-category. Provenance `scripts/master-import-data.generated.md`. Prev S54 — **IT staff tự reassign ticket (cross-stack authz, HMW-mode ON)**: 1 code commit `ca4b602` → Run #376 PASS ~4m18s, prod-verified. Cho tổ IT (dept Code=="IT") + Admin reassign ItTicket trên CẢ 2 app. BE: NEW `GetAssignableItStaffQuery` capability endpoint `{canReassign,staff}` + `AssignItTicketHandler` authz Admin-OR-dept-IT (Forbidden) + assignee-must-IT (Conflict) + controller `/assign` hạ `[Authorize(Roles=Admin)]`→`[Authorize]` (handler fine-grained). FE: fe-admin+fe-user ItTicketsPage **SHA256-identical** (REVERSE S53 divergence) gate nút by `canReassign`, dropdown từ `/assignable-staff` (không `/users`). Test 203→**216** (+13 authz guard test-before-merge). NO migration (DepartmentId reuse). Bundle admin `DfCfHUE9`→`DmjI8Cmn` / user `_3S0BPJ2`→`YxL_MljK` (cả 2 rotate). 6-agent fan-out (BE∥FE→test→reviewer→cicd) + em main reconcile stray-memory residual (3 agent ghi MEMORY nhầm `src/Backend/.claude` → harvest về canonical). reviewer PASS 0 blocker (role-string "Admin" chain-verified). Task 1 Phase 9 Ops KHÔNG làm (anh dừng). flag: cicd `sys.tables=93` vs STATUS 92 → monthly audit re-ground.) Prev S53 (gotcha #57 EXT Master Mig 47 + P11-D reassign-UI fe-admin + P11-E menu + database-agent verified-runtime: `44b9e54` Run #260 + `dbf6648` Run #261, test→203, bundle→`DfCfHUE9`). Prev S52 (Phase 11 P11-D+E+F deployed + database-agent adopt, HMW-mode ON): 3 commit — `e9ee97f` (database-agent DB1–DB11 read-advisory, roster 10→11, executed-file CHỜ restart) + `6a66429` Wave 1 (P11-E AttendanceReport+Excel+OtPolicy multiplier + P11-F MaTicket codegen, migration-free) + `dcf76f8` Wave 2 (P11-D ItTicket round-robin assign dept-IT + SLA timer, Mig 46). Test 186→**200**. Bundle admin `DYfjnpY0`/user `_3S0BPJ2` (cả 2 deploy verified curl độc lập — Wave 1 BE 401 wired + Wave 2 /assign 401 + Mig 46 applied health-200). ⚠️ **Session-limit hit giữa Wave 2** → recovery: BE/test verify-on-disk + em main solo FE redo + curl-self-verify thay cicd-spawn (multi-agent resilience, git/disk/prod = source-of-truth). RAG recovered (chunk 2416 rerank live) nhưng stale 05-29. Prev S51: P11-C Vehicle+Driver.) --- @@ -31,10 +31,11 @@ --- -## 🔥 In Progress (S71) +## 🔥 In Progress (S72) | Task | Owner | Status | |---|---|---| +| **S72 — Harness-10 flat-refine + checklist-v2 adopt (re-audit 3-workflow) + sleep NO-OP** — audit `wf_13868efb-ea7` → implement `wf_ac43b5ff-7d1` → review `wf_d482e10d-5dd` (Harness-9 B1+B2). SE BEHIND flat → migrate SUBFOLDER→FLAT (hmw.js + 5 doc; 5 run cũ giữ subfolder C8) + 2 broadcast 06-18 + sleep-cmd port (A8) + detector tailored-out + hmw.js H4.5→H8. **REVIEW bắt 2 lỗi IMPLEMENT-self-assess sót** (schema-stale + auto-wire overclaim) → fixed (auto-check WIRED). 1 reviewer residual-write self-caught+revert (reverse-finding #4). B3 self-correct path/count. Sleep `all`=NO-OP. **0 prod code.** adap-report + email (`5f511fe5`). **NEXT (anh):** restart CLI (FLAT-runtime + wired sleep-check + sleep-recovery skill). **NEXT (em):** 🔴 curate investigator-codebase L1 **28973 OVER** + watch FD/test-spec. → session log `2026-06-18-S72-harness-10-flat-refine.md`. | 👤 + 9 sub | ✅ | | **S71 — Harness-10 adopt: tracked run-trace folder + checklist 9-10** — em main + 3 Workflow (invest `wf_9c2cd2cd-2e7` / implement `wf_e4e46725-231` / review `wf_636bc95b-939`) per mandate Harness-9 PART 2. **0 production code**. Migrate `wave-*/` gitignored → `runs//` git-TRACKED (run.md+sub-md/+harvest/) + `_ledger.md` 2-nhịp + 3-layer (L1 em-main@P1 / L2 session-start / L3 session-end idempotent) + containment shift (B6→tracked-run-folder). hmw.js wave→run-trace (`node --check` OK). **Review (R2+R3) bắt C5 L1 over-claim → fixed** (em-main convention, engine no-fs). checklist 9-10: Part A/B done S70, Part C 8/8 MỚI. dogfood 3 run-folder TRACKED + ledger. adap-report + email ai_infra. **State GIỮ NGUYÊN: Mig 53·88 bảng·306 test·68 gotcha·menu 54.** **NEXT (anh):** restart CLI (hmw.js RUN-TRACE + carry §2.1.2/Cat-6/H8). **NEXT (em):** ✅ curate-debt CLOSED (finalize+curate workflow — reviewer/inv -.md` + `:52` schema-desc + **H4.5→H8 doc-drift**) · `workflows/README` full-rewrite + roster 8→9 · `runs/README` flat + detector-tailored-out · session-start/end flat + dual-accept · `agents/README` Upgrade S72 · `_ledger` C8 note. **5 run cũ S71 GIỮ subfolder** (C8, no-history-rewrite). +2 broadcast 06-18 adopt. +`/sleep-recovery-memory-l2` port (A8, 137 dòng, §J2-tailored SE-only, floor intact, 6 SE-env deviation, live skill). **detector refine-b TAILORED-OUT** (anh chốt — SE Workflow-tool no-CLI-launcher-bypass; containment git-diff+tracked+orphan-scan G-015). +- **REVIEW (B2 dogfood) bắt 2 lỗi IMPLEMENT-self-assess BỎ SÓT:** (1) `hmw.js:52` schema `subMdPath` desc stale `sub-md/`; (2) sleep-cmd auto-check ≥7d **UN-WIRED overclaim** → em fix: schema flat + **WIRE auto-check thật** (budget.json `+last_sleep_at` + `session-start:78` + `session-end:48`, grep-verified present). +3 minor fixed (provenance cite · charter anchor · README:31 dogfood). R3 PASS (containment clean, honesty strong). +- **em-main containment-check tự bắt residual-write:** 1 reviewer agent (REVIEW qua RAW Workflow tool — KHÔNG inject `hmw.js` writeGuard) tự ghi `agent-memory/reviewer/MEMORY.md` (+2850B over-cap) → revert (record ở run-trace; B3 single-writer restored) → **reverse-finding #4** (raw-Workflow ≠ wrapper-governance). investigator-codebase MEMORY (M từ session-start = S71 audit-trail) commit-as-is, over-cap → curate next. +- **B3 self-correct (trung thực):** S71 report cite path tắt `runs/` + count "14" → thật `.claude/workflows/runs` = **22** (đính chính trong adap-report mới). +- **Sleep `/sleep-recovery-memory-l2 all` = NO-OP (dogfood live):** 5/9 sub empty-archive (guard-rỗng) + 4/9 mọi period đã có gist (skip-if-gist + double-distill gen≥1) → 0 compressed; `last_sleep_at` null→2026-06-18. Command port giờ **executed-file + runtime** (guards fired đúng). +- **State THẬT GIỮ NGUYÊN:** Mig 53 · 88 bảng · 306 test · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf`. **0 production code.** 3 run-trace folder FLAT git-tracked. adap-report `2026-06-18-Governance-harness-10-flat-refine-checklist-v2` + email ai_infra (`5f511fe5c0f2`, 4 reverse-findings). ⚠️ **restart CLI** activate FLAT-runtime hmw.js + wired sleep-check + sleep-recovery skill. 🔴 NEXT curate investigator-codebase L1 **28973 OVER**. → session log `2026-06-18-S72-harness-10-flat-refine.md`. + ### S71 (2026-06-18) — ✅ Harness-10 adopt: tracked run-trace folder convention + checklist 9-10 self-verify (em main + 3 Workflow, 0 production code) - **`/check-email AI_INFRA`** = 0 thư mới se-directed (UI/UX guide processed S58). Broadcast `2026-06-18-Governance-checklist-harness-9-10` ở `outbox/all` (content_sha256 `ec32951a` MATCH, đọc UTF-8 tường minh #61). **KHÔNG có base Harness-10 file riêng** — spec = Part C checklist (flag trong adap-report). - **3-stage Workflow** (mandate Harness-9 PART 2; anh chốt full-adopt + dogfood qua HMW đủ invest/imple/review, tránh sai sót): INVEST `wf_9c2cd2cd-2e7` (4× investigator-codebase — A stub-fail structured-return nhưng ghi diary thật + B/C/D strong → self-gate bù) → IMPLEMENT `wf_e4e46725-231` (3× general-purpose file-disjoint + em-main cluster) → REVIEW `wf_636bc95b-939` (3× reviewer adversarial). diff --git a/docs/changelog/sessions/2026-06-18-S72-harness-10-flat-refine.md b/docs/changelog/sessions/2026-06-18-S72-harness-10-flat-refine.md new file mode 100644 index 0000000..7dadaac --- /dev/null +++ b/docs/changelog/sessions/2026-06-18-S72-harness-10-flat-refine.md @@ -0,0 +1,41 @@ +# S72 (2026-06-18) — Harness-10 flat-refine + checklist-v2 adopt (re-audit 3-workflow) + sleep NO-OP + +> **TL;DR:** Anh chỉ "sisters làm tốt mỗi SE thiếu" → re-audit Harness-8/9/10/10-refine + checklist + hmw vs canonical (3-workflow Harness-9 B1+B2) → SE BEHIND Harness-10 flat → migrate + adopt + report trung thực. **0 production code.** Full detail: [`adap-report`](../../governance/adap-reports/2026-06-18-Governance-harness-10-flat-refine-checklist-v2.md) + run-trace `.claude/workflows/runs/2026-06-18-harness-{audit-invest,fix-implement,fix-review}/`. + +## Trigger +`/session-start` (bootstrap CLEAN — H1+H2 monitor 0-drift, cleanest since S59) → anh "trí nhớ có thay đổi lớn" → anh gõ `/sleep-recovery-memory-l2` (báo **Unknown** — SE chưa có) → em truy: AI_INFRA §J2-internal, **chưa broadcast** cho sisters → anh *"double check hết harness 8/9/10/10-refine + các checklist + hmw, lấy đầy đủ thông tin, điều chỉnh lại, report trung thực cho AI_INFRA"* → cuối: `/sleep-recovery-memory-l2 all` + `/session-end`. + +## 3-stage workflow (mandate Harness-9 B1+B2) +- **INVESTIGATE** `wf_13868efb-ea7` — 4× investigator-codebase audit fidelity vs canonical. 1 fail-no-StructuredOutput + 2 truncated → em-main self-gate ground-truth (git/grep/glob) → `audit-synthesis.md` gap matrix. +- **IMPLEMENT** `wf_ac43b5ff-7d1` — 2× general-purpose file-disjoint (sleep-cmd port + runs/README flat) + em-main cluster (hmw.js + workflows/README + agents/README + session-cmds + _ledger). +- **REVIEW** `wf_d482e10d-5dd` — 3× reviewer adversarial. R3 PASS; R1/R2 PASS-with-concerns → 1 major + 4 minor ALL fixed. + +## Gap (đo vs canonical) + fix +SE BEHIND Harness-10 flat: run-trace còn SUBFOLDER (`sub-md/`+`harvest/`), canonical=FLAT. Fixed: +- `hmw.js`: `:103` subMd `sub-md/`→`sub--.md` + `:52` schema-desc + 5 stale-text + **H4.5→H8 doc-drift**. `node --check` PARSE-OK. +- `workflows/README.md` full-rewrite FLAT + roster 8→9 + detector-tailored-out + C8 · `runs/README.md` FLAT · session-start/end flat + dual-accept · agents/README Upgrade S72 · _ledger C8 note. +- **5 run cũ S71 GIỮ subfolder** (C8 no-history-rewrite). +2 broadcast 06-18 adopt (checklist-v2 + h10-flat-detector-refine). +- `/sleep-recovery-memory-l2` port (A8, 137 dòng, §J2-tailored SE-only, floor intact, live skill). +- **detector refine-b TAILORED-OUT** (anh chốt): SE Workflow-tool no-CLI-launcher-bypass; containment git-diff+tracked+orphan-scan (G-015). Documented, KHÔNG cargo-cult build. + +## REVIEW caught (dogfood B2 value — review-workflow RIÊNG bắt cái implement-self-assess sót) +- `hmw.js:52` schema `subMdPath` desc stale `sub-md/` (operative `:103` đã flat, schema-desc lag) → fixed. +- sleep-cmd auto-check ≥7d **UN-WIRED overclaim** → **WIRED thật**: `budget.json` `+last_sleep_at` + `session-start:78` + `session-end:48` INFORM. grep-verified present (was zero). +- +3 minor (provenance cite → AI_INFRA-path · charter substring-anchor · `runs/README:31` dogfood-reword) fixed. + +## em-main containment-check +1 reviewer agent (REVIEW via **raw Workflow tool** — KHÔNG hmw.js writeGuard) tự ghi `agent-memory/reviewer/MEMORY.md` (+2850B over-cap) → revert (record ở run-trace). → **reverse-finding #4** (raw-Workflow ≠ wrapper-governance; RECURRED vs `feedback_harness10_run_trace` lesson #2). `investigator-codebase/MEMORY.md` (M từ session-start = S71 audit-trail) commit-as-is + over-cap (28973) flagged → curate next. + +## B3 self-correct (trung thực) +S71 report cite path tắt `runs/` + count "14" → thật `.claude/workflows/runs` = **22** (14 đúng tại `8c47bd0` → tăng). Đính chính trong adap-report mới. + +## Sleep `/sleep-recovery-memory-l2 all` = NO-OP (dogfood live) +5/9 sub empty-archive (guard-rỗng) + 4/9 mọi period đã gisted (skip-if-gist + double-distill gen≥1, reviewer 2026-05.gist.md xác-nhận cover q1/q2) → **0 compressed**. `last_sleep_at` null→2026-06-18. Command port: executed-file → **executed-file+runtime** (guards fired đúng). + +## State THẬT GIỮ NGUYÊN +Mig 53 · 88 bảng · 306 test (45D+261I) · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf`. **0 production code.** + +## NEXT +- ⚠️ **restart CLI** (FLAT-runtime hmw.js + wired sleep-check + sleep-recovery skill + carry reviewer Cat-6 + H8-inherit). +- 🔴 **curate investigator-codebase L1 28973 OVER** + watch frontend-designer/test-specialist near-cap (chưa có archive). `budget.json` measured STALE → script re-run. +- Pending product/ops carry S69/S58/S59. Monthly audit 2026-07-01. diff --git a/docs/governance/adap-reports/2026-06-18-Governance-harness-10-flat-refine-checklist-v2.md b/docs/governance/adap-reports/2026-06-18-Governance-harness-10-flat-refine-checklist-v2.md new file mode 100644 index 0000000..ea32015 --- /dev/null +++ b/docs/governance/adap-reports/2026-06-18-Governance-harness-10-flat-refine-checklist-v2.md @@ -0,0 +1,51 @@ +# adap-report — Harness-10 flat-refine + checklist-v2 (re-audit + fix) — SE + +- **id:** 2026-06-18-Governance-harness-10-flat-refine-checklist-v2 +- **from:** se · **date:** 2026-06-18 (S72) +- **broadcasts adopted:** `2026-06-18-Governance-checklist-harness-9-10-v2` + `2026-06-18-Governance-h10-flat-detector-refine` (kèm re-audit fidelity Harness-8/9/10) +- **mandate:** Harness-9 PART-2 (2-workflow IMPLEMENT + REVIEW tách biệt + run-id) — anh giao *"double check hết Harness-8/9/10/10-refine + checklist + hmw, lấy đầy đủ thông tin, điều chỉnh lại, report trung thực"*. +- **run-ids (B3 evidence):** audit `wf_13868efb-ea7` · implement `wf_ac43b5ff-7d1` · review `wf_d482e10d-5dd` +- **reviewer_gate:** ✅ PASS sau-fix (R3 PASS + R1/R2 PASS-with-concerns → 1 major + 4 minor TẤT CẢ fixed) + +## Bối cảnh (trung thực) +Anh chỉ ra SE chưa theo kịp Harness-10 flat-refine ("các project khác làm tốt, mỗi SE thiếu"). SE re-audit toàn bộ qua 3-stage workflow. **Baseline đo = canonical spec (ground-truth)** — `cross-project-status.md` đã stale (05-22, RAG Layer A), KHÔNG dùng để "chứng minh sisters ahead" (honest). + +## Nấc thật per checklist-v2 (đo vs canonical) + +**PART A — memory L2 (proposal/tailorable): substantially LANDED.** A1-A7 + A9 ok (executed-file / runtime / convention-met). **A8** (sleep-compress command) Đà port — trước đó SE thiếu (chỉ nén ad-hoc). Watch: frontend-designer + test-specialist sát cap 25.6KB nhưng chưa có archive. + +**PART B — adap 2-workflow (MANDATORY): LANDED.** B1/B2/B2.5/B3 = runtime (chính report này + 3 run-id = bằng chứng). B4 = convention-met (codified `adap-apply.md:38`, chưa có runtime instance của task-ngắn-cần-confirm). + +**PART C + refine (MANDATORY): WAS BEHIND → NOW MIGRATED.** C1/C8/refine-a: run-trace SUBFOLDER→**FLAT** done (`hmw.js:103` + `workflows/README` + `runs/README` + `session-start/end` + `agents/README`; 5 run cũ S71 GIỮ subfolder, close-gate **dual-accept**). C2-C7 ok. **refine-b detector: TAILORED-OUT** (documented, anh chốt). + +## Gap found → fixed +| gap (audit) | fix | nấc | +|---|---|---| +| run-trace subfolder (canonical=flat) | hmw.js + 5 docs → flat; 5 old runs keep subfolder | runtime (node --check OK + 2 new runs flat) | +| `/sleep-recovery-memory-l2` absent (A8) | ported tailored SE-only (137 dòng, floor intact, scope SE) | executed-file + live skill | +| 2 broadcast 06-18 unadopted | adopted (checklist-v2 + h10-refine) | runtime | +| detector refine-b | tailored-OUT + documented reasoning | convention (honest N/A) | +| hmw.js meta stale H4.5 two-tier | → H8 all-inherit (bonus doc-drift) | executed-file | +| B3 report imprecision (S71) | corrected (path + count, xem dưới) | runtime | + +## Giá trị REVIEW tách biệt (dogfood B2 — mandate đúng) +Workflow REVIEW độc-lập bắt **2 lỗi mà workflow IMPLEMENT tự-chấm bỏ sót**: +1. **`hmw.js:52`** — schema `subMdPath` description còn ghi path cũ `sub-md/` (operative path :103 đã flat, nhưng bản-sao path trong schema-desc chưa đổi) → fixed. +2. **sleep-cmd auto-check ≥7d trigger UN-WIRED** — command tuyên bố session-start/end đọc `last_sleep_at` nhưng grep cả 2 file = 0 (overclaim) → **WIRED thật**: `memory-budget.json` `+last_sleep_at` + `session-start:78` + `session-end:48` INFORM step (grep-verified present sau fix). + +→ Bằng chứng sống: 1-workflow-tự-chấm SẼ ship 2 lỗi này; review-workflow RIÊNG bắt TRƯỚC commit. PART-2 mandate hoạt động. + +## Reverse-findings (B2.5) → AI_INFRA +1. **rename-migration audit phải grep runtime SCHEMA/contract-description strings**, không chỉ code-path + prose. Path hay bị duplicate ở (1) operative var, (2) comment, (3) schema/contract-desc — bản schema-desc dễ sót nhất vì là *data* không phải code engine đọc. (Bắt được hmw.js:52.) +2. **ported-command §-anchor phải grep/ls-verify TRONG sister repo** — port re-home path khác nguồn (SE budget ở `agent-memory/`, design-doc AI_INFRA-only). §-cite = claim "wiring tồn tại ở đây" → phải grep-prove như class 'wire BE' bug, áp cho governance-doc wiring. +3. **run-trace path-qualify:** SE `runs/` ở `.claude/workflows/runs/` không phải repo-root → bare `git ls-files runs` false-0 = kết-luận FALSE "không tracked"; luôn path-qualify + exit-branch `check-ignore` (negation `!.claude/**` last-match-wins vô-hình với text-read .gitignore). [chính là bẫy S71 report vấp] +4. **Raw Workflow tool KHÔNG mang writeGuard của `hmw.js`:** SE chạy REVIEW qua Workflow tool TRỰC-TIẾP (thay wrapper `hmw.js`) → KHÔNG inject anti-self-write guard → 1 sub `reviewer` theo charter "update MEMORY before return" tự ghi `agent-memory/reviewer/MEMORY.md` (+2850B → 27694 over-cap 25600; nếu N agent cùng-role = same-role-race trên 1 MEMORY). **Em-main git-status containment-check post-workflow BẮT** → revert (record đã nằm trong run-trace `sub-review-*.md`; B3 single-writer restored). Bài học: run-trace fan-out PHẢI qua `hmw.js` (mang writeGuard + return-delta) HOẶC replicate writeGuard trong prompt raw-Workflow. Đúng class mà `hmw.js` RUN-TRACE writeGuard (S71) sinh ra để chặn — **tái phát khi bypass wrapper**. (Đề-xuất infra: ghi rõ "raw Workflow tool ≠ project-wrapper governance" trong floor.) + +## Honest caveats +- **Audit Part A auditor (1/4) failed no-StructuredOutput + Part C/H8 truncated** → em-main self-gate ground-truth từ đĩa (git/grep/glob), disclosed — valid per `feedback_agent_kill_recovery`. +- **Detector TAILORED-OUT (không build):** SE chạy qua Anthropic Workflow tool (KHÔNG có CLI-launcher bypass-surface như node-CLI của AI_INFRA hmw.js); containment = git-diff + run-folder tracked + ledger orphan-scan (G-015). refine nói detector = "chuyện nội bộ mỗi dự án tự quyết". SE **KHÔNG claim** đã adopt detector — đây là quyết định tailored có lý-lẽ, không phải né. +- **B3 self-correction (trung thực):** report S71 của SE cite path tắt `runs/` + count "14"; thật = `.claude/workflows/runs` (**22 file**, "14" đúng tại commit `8c47bd0` rồi tăng lên 22). Folder commit thật; chỉ path-string + count cũ sai → đã sửa. +- **Runtime:** hmw.js flat `node --check` PARSE-OK, nhưng RUN-TRACE runtime cần CLI restart để chạy thật (forward-looking — frontmatter/command no hot-reload). + +## Net +SE **parity Harness-10 flat**. **0 production code** — state THẬT GIỮ NGUYÊN: Mig 53 · 88 bảng · 306 test · 68 gotcha · menu 54 · bundle admin `BgNCjwsG`/user `CBvh0vtf`. 3 run-trace folder (audit/implement/review) git-tracked = bằng chứng.