e70c0462d7
- engine-doc canonical docs/governance/harness-11-engine.md (PHẦN A/B/C/D + 3-tier D5/D6/D7 + one-direction-lock D8 + CAVEAT honest) - scripts/governance-detectors.ps1 (C1 broken-pointer + C2/B3 staleness + C3 vocab-fork + C4 self-exclusion + C5 resolve, NO-API DÒ+FLAG-only, runtime-proven, FP-refined 59→27) - scripts/memory-archive-gate.ps1 (PHẦN A: hysteresis 0.85 + keep-floor 5 + 2-strike + A7 NO-API L1-eval) + budget.json archive_gate - B1 ×11 count→canonical-pointer (root CLAUDE.md, ef-core/dep-audit SKILL, skills/README, docs/CLAUDE.md) — drift mig53→55/test306→339/gotcha68→69 RESOLVED + ef-core +Mig 54/55 rows - cadence-wire D1 session-start §2.1.3 + D2 session-end §L.b(c) + agents/README Upgrade S75 - run-trace TRACKED: audit wf_7fdc3bd5-930 / implement wf_c5e5844e-7c1 / review wf_d7ca1ff8-942 (REVIEW PASS, completeness-gate ĐẠT) - check-email AI_INFRA harness-11 (verify whole-file 318ff9f6 + body b2a2fc1c) + adap-report + outbox report (body 7fa1b53a) - 0 production code; state THẬT giữ nguyên (Mig 55 · 88 bảng · 339 test · gotcha 69 · menu 54 · bundle BYF5vIMJ/CB-tiRxd) Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
7.3 KiB
AUDIT SYNTHESIS — Harness-11 adap (2026-06-18-h11-audit · wf_7fdc3bd5-930)
4× investigator-codebase (read-only ∥, no Write tool → findings-in-return, em-main scribe @P3 per writeGuard hmw.js:112). Ground-truth đọc-disk. Nấc trung-thực: executed-file (tĩnh) / runtime (chạy-quan-sát) / mechanized (cổng-máy) vs convention (người tuân-thủ).
Ground-truth canonical (STATUS.md = nguồn-chuẩn state)
mig 55 (last AddCcmNoteToPeWorkItemBudget) · gotcha 69 · test 339 · tables 88.
PHẦN A — hot-mem auto-archive by budget (🟡 TAILORABLE)
| Item | Verdict | Evidence |
|---|---|---|
| A1 session-end byte-gate đo→kích | PARTIAL | measure-agent-memory.ps1:14,32 đo-byte THẬT nhưng KHÔNG call-site auto-run; session-end.md:48 chỉ prose "L1>~30KB→archive". mechanized-MEASURE, KHÔNG mechanized-TRIGGER |
| A2 additive MOVE→archive | PRESENT (runtime) | h910-curate reviewer 36738→24844 (moved 10) "+22 -0 grep-Fxf byte-exact + md5sum"; budget.json:30 "NEVER rewrite, APPEND-only" |
| A3 _INDEX pointer-only append | PRESENT | 3 _INDEX.md on-disk; budget.json:19 pointer substring sha-keyed, NO line-hint |
| A4 hysteresis ~0.85 | GAP | grep 0.85|hysteresis=0; chỉ 2 cap rời (25600/30720), không band |
| A5 keep-floor ≥5 | GAP | grep keep-floor=0; curate "N oldest" theo phán-đoán người |
| A6 2-strike anti-thrash (archive) | GAP | 2-strike duy nhất = Active-Guards (session-end.md:47), KHÔNG cho archive |
| A7 NO-API L1-eval (pointer-resolve+byte-0-loss) | PARTIAL | chạy 1-lần trong h910-curate (grep-Fxf 10/10+md5sum) NHƯNG one-off em-main-driven, KHÔNG standing-gate |
Verdict A: convention-người-đo (mechanized-MEASURE + mechanized-VERIFY nhưng KHÔNG mechanized-TRIGGER). A4/A5/A6 GAP hợp-lệ vì A=🟡. → IMPLEMENT chọn mechanize để A mạnh hơn (optional nhưng giá-trị).
PHẦN B — derived→canonical pointer + freshness (🔴 FUNCTION-FLOOR)
| Item | Verdict | Evidence |
|---|---|---|
| B1 derived TRỎ canonical | GAP | derived COPY hard-code count, 0 pointer. Sites: root CLAUDE.md:53(53mig→55)/:66(306test→339)/:131(88table)/:133(68→69) · docs/CLAUDE.md:70(93bảng pre-Mig50!) · ef-core-migration/SKILL.md:3,19,77,285,294(53mig) · skills/README.md:20,90 · dependency-audit-erp/SKILL.md:153. CLEAN exemplar: PROJECT-MAP.md (0 count-token, 241 dòng) |
| B2 readable (no pointer-soup) | PRESENT | root CLAUDE.md:1-9 readable; stable facts inline đúng |
| B3 freshness-DETECT grep gate | GAP | NO detector (.claude/hooks+.claude/scripts absent; hmw.js no-fs ≠ comparator; grep 0 hit) |
| B4 fix-after-FLAG GATED qua người | PRESENT (mechanized) | em-main single-writer workflows/README:38,39 + agents/README:199 + git-diff commit-gate backstop |
Verdict B: B2+B4 ĐẠT · B1+B3 = function-floor GAP. B4 fix-path đã sẵn → B3 detector output trực-tiếp actionable.
PHẦN C — 3 deterministic-grep detectors (🔴 FUNCTION-FLOOR MANDATE)
| Item | Verdict | Evidence |
|---|---|---|
| C1 broken-pointer detector | GAP | 0 detector-script (find .claude *.ps1/sh=0; CI deploy.yml 0 grep-gate). Chỉ tooling-auditor agent-judgement |
| C2 staleness detector (=B3) | GAP | trùng B3; monthly-drift-audit = agent đọc tay, KHÔNG grep tất-định |
| C3 vocab-fork detector | GAP | 0; vocab-fork SỐNG THẬT chưa ai dò: wave↔run-trace(_ledger:15), Dự trù↔Ngân sách PRO↔PeWorkItemBudget, PRO=Procurement |
| C4 self-line exclusion | N/A | chưa detector → chưa self-exclusion |
| C5 resolve-condition+2-strike | PARTIAL | 2-strike chỉ ở memory-archive convention, KHÔNG ở detector-flag |
Verdict C: detector-script-thật = CHƯA CÓ. Chỉ 2 monitor-agent (tooling-auditor/harvest-curator) LLM-judgement propose-only = convention KHÔNG mechanized. → GAP lớn nhất, IMPLEMENT trọng-tâm. (Lưu ý: runs/README:122 "anti-bypass detector TAILORED-OUT" = threat-model KHÁC, KHÔNG phải C1-C3.)
PHẦN D — orchestration engine (🔴 FUNCTION-FLOOR)
| Item | Verdict | Evidence |
|---|---|---|
| D1 session-start DÒ+BÁO | PRESENT | §2.1.1 monitor RE-REPORT + §2.1.2 budget-audit, INFORM-only |
| D2 session-end archive+gác-cờ | PRESENT | session-end.md:39-52 §L + harvest GATE 5-trục |
| D3 per-turn distill-APPEND | PRESENT (convention) | C4 primary harvest-LIỀN sau P2 |
| D4 threshold→workflow-gate | PRESENT-MẠNH (mechanized) | hmw.js:76-78 checkpoint THROW (anti-accidental 515K) |
| D5 tầng AUTO (semantic-null) | PARTIAL | hành-vi có (archive/_INDEX/gist) NHƯNG chưa nhãn 3-tier |
| D6 tầng DÒ+NÊU-CỜ | PARTIAL | monitor INFORM-only flag, chưa gom thành tier có-tên |
| D7 tầng OWNER-APPROVE | PARTIAL | consent+single-writer ngầm, chưa nhãn 3-tier |
| D8 one-direction lock (canonical→derived) | GAP | grep one-direction|1-chiều=0; khái-niệm H11 mới |
| D9 append-only single-writer (BAR) | PRESENT-MẠNH (mechanized) | store_memory strip runtime S48 0/8 subs; B3 |
| D10 file-tool-write-only | PRESENT (convention) | hmw.js:111 + gotcha #61; CHƯA mechanized-block (Bash residual) |
| D11 archive MOVE-không-XOÁ | PRESENT-MẠNH (mechanized) | byte-0-loss md5sum/grep-Fxf artifact _ledger:14 |
Verdict D: 7/11 PRESENT (D4/D9/D11 mechanized-mạnh) · D5/D6/D7 PARTIAL (3-tier chưa explicit) · D8 GAP. H11 "chuẩn-hoá-lại" = nhãn-hoá cái-đã-có, KHÔNG xây-mới.
🎯 GAP-LIST → IMPLEMENT (completeness-gate B+C+D phải đủ-trọn)
🔴 FUNCTION-FLOOR (bắt-buộc cho ĐẠT):
- PHẦN C — 3 grep detector script (
scripts/governance-detectors.ps1): C1 broken-pointer · C2 staleness (=B3) · C3 vocab-fork · C4 self-line exclusion (0 self-match) · C5 resolve-condition + 2-strike. NO-API (grep+measure only). RUNTIME-prove (chạy + FLAG drift thật + fake-drift test). - PHẦN B — B1 pointer + B3 detector. B3 = C2 (cùng script). B1 = derived count-copy → pointer "→ docs/STATUS.md (canonical)" + FIX drift hiện-tại (gated em-main). Sites: root CLAUDE.md + ef-core SKILL + skills/README + dep-audit SKILL + docs/CLAUDE.md.
- PHẦN D — D5/D6/D7 3-tier explicit + D8 one-direction lock. Codify khối nhãn-hoá (AUTO semantic-null / DÒ+FLAG / OWNER-APPROVE) + luật canonical→derived 1-chiều. → engine-doc + agents/README.
🟡 TAILORABLE (optional-mechanize, làm để A mạnh): 4. PHẦN A — A4/A5/A6 + standing-gate. Add hysteresis(0.85)/keep-floor(≥5)/2-strike params → budget.json + session-end archive-gate script (mechanize A1/A7 thành standing).
Engine consolidation doc: docs/governance/harness-11-engine.md — codify D1-D11 + 3-tier + locks + trỏ detector-script + canonical, để engine có 1 nguồn-chuẩn.
Single-writer split (D9): sub viết SCRIPT (.ps1 non-canonical, testable runtime) · em-main viết governance MD (engine-doc + B1 pointer + cadence-wire + agents/README — vì đụng canonical/luật, B4 gated).
Nấc dogfood trung-thực: A2/A3/D4/D9/D11 = SE đã runtime-mechanized SẴN (H11 = chuẩn-hoá). C1-C3 + B3 = MỚI build (chưa từng có). D5-D8 + B1 = nhãn-hoá/codify cái ngầm-có.