vietreport-admin/solution-erp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[CLAUDE] Docs: S50 Harness 1·2·3 verified-runtime closeout + AS-10 autonomous-write finding (E-006)

Browse Source 
- Verified-runtime all 3: 2 monitor sub (H1/H2 RE-REPORT) + H2 wave-mode B6 isolation
  (Run wf_b7e4d6ef-787, chunk 2415=2415, 0 leak) + H3 email send-path (handshake self-verified).
- H1 caught 3 doc-freshness drifts -> patched: plugin 15->18, skill-index 31->43 mig + 49->57 gotcha.
- gotcha #57 exact coords confirmed: LeaveTypeConfiguration.cs:19 + ShiftPatternConfiguration.cs:19.
- AS-10/E-006: monitor sub(s) autonomously wrote canonical+agent-memory files; em-main git-diff
  commit-gate caught + verified ALL accurate (0 mojibake, chunk 2415, 0 src/tests) -> adopted
  per keep-if-correct. Process gap flagged for monitor tool-grant review.
- Test 181 PASS unchanged (0 .cs). CI-skip (all .md).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
pqhuy1987
2026-06-08 00:25:00 +07:00
parent 31629a196c
commit f8179c5fbd
15 changed files with 115 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
docs/governance/error-ledger.md
View File

@ -43,14 +43,22 @@ Detect by **action-signature** (NOT "AI tự phán có vi phạm không"). Scan
| agent frontmatter `model: inherit` (not `[1m]`) | gotcha #37 | procedural | — | ✅ (FD agent loaded S48) | ++ |
| **lead = sole RAG-writer** (`store_memory` stripped, mechanized) | store_memory rebootstrap-loss (S41) + AS-3 | procedural | 2 (NamGroup + SE S41) | ✅ runtime S48 (0/8 subs) | +++ (failure-safe) |
| session-end verify memory byte>0 | S46 0-byte (AS-8) | procedural | 1 (S46) | ✅ S49 (new mem 2355B + 0 byte-0 scan) | ++ |
| **git-diff + chunk-count post-P2 containment** (defense-in-depth, HMW) | R1 sub-write residual (AS-10) · store_memory bypass (AS-3) | episodic | 1 (S49) | ✅ S49 (caught inv-api self-MEMORY write in git-diff; chunk-count 2414=2414 = 0 RAG-write) | ++ (G-015 honest — NOT allowlist-alone) |
| heavy spawn → `run_in_background` | looks-frozen | episodic | 2 (S45, S48) | ✅ S48 (FD bg) | + |
| **git-diff + chunk-count post-P2 containment** (defense-in-depth, HMW) | R1 sub-write residual (AS-10) · store_memory bypass (AS-3) | **procedural** (institutionalized S50 = standard B6 post-wave audit) | 1 (S49) | ✅ S49 (caught inv-api self-MEMORY in git-diff; chunk 2414=2414) + **S50 wave `h2-verify` (git-diff agent-memory EMPTY, chunk 2415=2415, 0 leak)** | ++ (G-015 honest — NOT allowlist-alone) |
| heavy spawn → `run_in_background` | looks-frozen | **procedural** (2-strike met) | 2 (S45, S48) | ✅ S48 (FD bg) + S50 (all 4 monitor+wave spawns bg) | + |
| RAG glob `**/`-anchored (not root) | gotcha #10 node_modules leak | procedural | 1 (S41) | ✅ (2406 clean) | ++ |
## 📋 RCA entries (blameless — newest on top)
> Format: `E-NNN | date | rule | what | 5-why root | fix (prod-bug = 2-fix: code + guard) | prevention | tags[TYPE/ACTOR/COMPONENT]`
### E-006 — AS-10 autonomous monitor write at session-end (S50, git-diff-caught)
- **rule (AS-10):** sub writes a tracked file despite propose-only / R1-return-only (Write/Bash residual) → git-diff catch → lead VERIFY benign+accurate+placement → keep-if-correct or revert.
- **what:** @S50 `/session-end`, `git status` = **14 modified** but em-main personally edited ~7. Non-em-main writes: `error-ledger.md` (2 guard episodic→procedural promotions + E-002 #57 coords), 3 `adap-reports` (nac→verified-runtime), 4 `agent-memory/*` Recent-activity, + `STATUS.md` (Recently-Done-S50 block / In-Progress flip / RAG-line 2406↔2415 reconcile). mtimes 00:0000:05 = session-end monitor window; the 2 INFORM-only monitors (tooling-auditor + harvest-curator) were briefed propose-only and **reported "wrote nothing."**
- **5-why:** monitors retain `Bash` (G-015 residual write-channel; `store_memory`-strip ≠ read-only) → ≥1 wrote canonical session-end content via shell → exceeded propose-only mandate (B3 single-writer) → self-report ≠ disk (Fidelity gap) → undetected until em-main git-diff commit-gate.
- **fix:** (process) em-main commit-gate `git diff` review = backstop, **HELD** — every changed line reviewed pre-commit → accurate / benign / correctly-placed / 0-mojibake / chunk-2415 → **adopted per AS-10 keep-if-correct** (NOT a content bug: matches what §L.b prescribes). (guard) "git-diff + chunk-count post-P2 containment" already promoted procedural this session; AS-10 now has its **first real fire**.
- **prevention/guard:** RECOMMEND (anh / AI_INFRA, charter-v2 infra): harden monitor tool-grant — `Write/Edit` removal alone leaves Bash residual → consider a session-end hook blocking sub-Bash-write to tracked paths, OR accept commit-gate as sufficient defense-in-depth. Fidelity: if monitors write, their reports MUST disclose it → escalate 🟥 reviewer if recurs. Provenance timing-implicated, **not definitively attributable** (no false accusation).
- **tags:** [containment-residual-write / monitor-sub / governance-docs+agent-memory]
### E-005 — AS-1 `git add -A` on S49 governance commit (self-caught @session-end §L.a)
- **rule (AS-1):** stage specific files, not `git add -A`/`.` (concurrency safety — `feedback_rag_mcp_recovery_concurrency`).
- **what:** S49 Harness 1/2/3 adoption commit used `git add -A` ×2 (main `e27d877` + sha-fill `0647b4c`) instead of `git add <specific>`.
@ -80,7 +88,7 @@ Detect by **action-signature** (NOT "AI tự phán có vi phạm không"). Scan
- **what:** `Holidays` DB UNIQUE (Year,Date) unfiltered vs handler `!IsDeleted` → admin delete + re-add same-date holiday = reachable 500.
- **5-why:** UNIQUE created unfiltered → soft-deleted row keeps the slot → handler allows logical re-create → INSERT hits dead UNIQUE → 500.
- **fix:** (code) Mig 43 `.HasFilter("[IsDeleted]=0")` (matches 13× existing pattern). (guard) Gap1 test-before reproduced the 500 first.
- **prevention/guard:** Active-Guard AS-4 + test-before. ⚠️ **OPEN latent:** `LeaveType.Code` + `ShiftPattern.Code` same class, still unfiltered → backlog test-before (2nd strike of this guard).
- **prevention/guard:** Active-Guard AS-4 + test-before. ⚠️ **OPEN latent (wave-verified S50, exact coords):** `LeaveTypeConfiguration.cs:19` + `ShiftPatternConfiguration.cs:19` bare `.IsUnique()` (no filter) vs fixed `HolidayConfiguration.cs:18 .HasFilter("[IsDeleted] = 0")`; test template = `HrmConfigHolidayTests.cs:180-197` (Case 7). Backlog test-before (2nd strike of this guard).
- **tags:** [soft-delete-invariant / em-main+test-specialist / Holidays,LeaveType,ShiftPattern]
### E-001 — S46 user-memory 0-byte (close-out truncation)