vietreport-admin/solution-erp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ea793a43faf4169b4c1839b73125dbbdddda0519
solution-erp/docs/STATUS.md

56 KiB
Raw Blame History

STATUS — Snapshot hiện tại

Update rule: trước khi bắt đầu 1 task → ghi row 🔥 In Progress. Xong → ✅ Recently Done. Tiering rule (S40): chỉ giữ state hiện tại + 3 session gần nhất ở file này. Session cũ hơn → docs/changelog/sessions/. Full history pre-S40 → docs/_archive/STATUS-preS40-fullhistory.md. (Tránh over-context — xóa double, không cắt nội dung.)

Last updated: 2026-06-11 (Session 58 — 4 việc prod-verified Run #382/#383/#384: lock-demo-user fix + tạm ẩn HRM/Office/Cá nhân + Danh mục cuối sidebar + fe-user redesign theo UI/UX guide AI_INFRA. Việc 1 — lock fix (Run #382, 5998163 ~3m31s): Run #381 cicd phát hiện S57bis lock = NO-OP (14 email named-person là population Dev-only). Recon dump prod: demo thật = 20 UAT-matrix {dept}.{nv,pp,tp}@+bod.{1,2}@ tạo TAY 05-13; root cause sâu = DemoUserPassword 11 ký tự < prod RequiredLength=12CreateAsync silent-fail MỌI startup từ trước tới giờ (= root cause "helpdesk inert phòng IT 0 user" S56). Fix: union 20 email + password 12 ký tự. Prod sau deploy: 55 user / 21 active / 34 locked — 20 UAT + 14 named-person locked ✓, nv.cao/nv.truong CREATED+ACTIVE (helpdesk S56 RESOLVED) ✓, 5 real staff created ✓, guard admin/catalog.manager/nv.test/chuong.phan-typo active ✓ (anh chốt 3 quyết định AskUserQuestion). Bundle FROZEN. gotcha #60 NEW (seed silent-fail vs prod password policy — dump population thật trước khi lock/seed-by-email). +Closeout S57bis residual: gotcha #59 commit, 4 spawn-record on-behalf (H2 4-MISS), H1 5-patch doc-drift, test 240 re-verified local. Prev S57bis (2026-06-11 sáng) — PE gắn Hạng mục công việc (Mig 49) + mở quyền Pe all-role + menu "Cá nhân" + khóa demo user (sếp Zalo deadline 15:00): commit 17b23a4 (Harness-4 two-tier runtime-VERIFIED spawn-test 2 chiều) + dd117b7 (product) → Run #381 PASS ~4m25s. Mig 49 AddWorkItemToPurchaseEvaluation: PE.WorkItemId Guid? loose-Guid KHÔNG FK vật lý (convention PE — database-agent design) + IX + validator NotEmpty create + FK-guard handler Conflict + UpdateDraft null-safe. FE ×2 app PeWorkspaceCreateView/PeHeaderForm (SHA256 identical)/PeDetailTabs "Dự án Hạng mục". Pe_* 11 key CanRead+CanCreate mọi role (130 rows/13 role — Pe_* leaf KHÔNG nằm MenuKeys.All, build qua factory). Menu Personal root@30 + Chấm công re-parent + Master write-lock Admin,CatalogManager ×3 controller. Test 228→240 (+12 PeWorkItemGuardTests). Bundle rotate cả 2: admin CP4CB1ym / user BmZ3VHnm. 2 builder truncated #53 + reviewer die-0-byte ×2 → em main solo vá cross-stack + self-gate. Excel (3) đối chiếu = NO-CHANGE (S55 data identical). Prev S56 — Pre-golive verify sweep + golive-harden 4 fix — HMW 2-workflow, prod-verified: commit a20cde8 → Run #379 PASS ~4m20s. WF1 pre-golive-verify 7-stream song song + adversarial → 6 PASS/1 CONCERN/0 blocker = GO; key finds = ops not code (prod IT-dept 0 active user → helpdesk inert + S43 LeaveBalance lost-update còn nguyên). WF2 golive-harden fix 4: #3 LeaveBalance lost-update→atomic ExecuteUpdateAsync+Serializable tx (NO mig, exactly-once nguyên) · #5 ItTicket authz Forbidden-trước-NotFound (fail-closed) · #6 DocxRenderer null-guard (2 warn→0) · #4 Travel/Vehicle ApproveV2 +4 smoke. Test 216→228. Bundle FROZEN 4SUwDLD8/XdKzt9LL (BE-only). sys.tables re-ground 92→93 (cicd ground-truth, Mig 48 col-only). reviewer stage StructuredOutput-fail→em main đỡ cross-stack review (3 diff clean) + bump Serializable đóng MAJOR. gotcha #58 NEW (EF read-modify-write lost-update→ExecuteUpdate atomic). 2 ops VPS pending (gán user phòng IT + tzutil UTC+7). FE Phase 2 redesign deferred (recon ready). Prev S55 — Nạp master data thật từ Excel + Project +4 cột (Mig 48), HMW-mode ON: commit 69cb393 → Run #377 PASS ~4m33s, prod-verified. Anh giao file Excel "HẠNG MỤC CÔNG VIỆC DỰ ÁN" → /ultra-on "workflow làm xong hết". Nạp 62 dự án + 71 hạng mục + 3 NCC vào Project/WorkItem/Supplier qua SeedRealMasterDataAsync (per-code idempotent, UNGATED → coexist demo, tự lên prod). Mig 48 AddProjectMasterFields: Project +4 cột nullable (Year/Investor/Location/Package, NO new table). FE ProjectsPage form +4 input ×2 app SHA256 mirror. Test 216 (compile-fix MasterCatalogFilteredUniqueTests +4 null args, no new test). Bundle admin DmjI8CmnB-d6893W/user YxL_MljKXdKzt9LL (cả 2 rotate). Prod verify: Mig 48 applied · Projects spot-6/6 · WorkItems VT/TP/MEP/TB=71 · Suppliers 3 · CAL01.Investor="Công ty TNHH Calofic". 2 agent return truncated (implementer-backend + reviewer, gotcha #53) → em main disk/runtime-recover (build/test/sqlcmd/git truth); cicd verdict-FIRST → PASS clean no-truncate. Data-quality catch: MEP col gộp 2 nhóm + divider "THIẾT BỊ" → split đúng 71/4-category. Provenance scripts/master-import-data.generated.md. Prev S54 — IT staff tự reassign ticket (cross-stack authz, HMW-mode ON): 1 code commit ca4b602 → Run #376 PASS ~4m18s, prod-verified. Cho tổ IT (dept Code=="IT") + Admin reassign ItTicket trên CẢ 2 app. BE: NEW GetAssignableItStaffQuery capability endpoint {canReassign,staff} + AssignItTicketHandler authz Admin-OR-dept-IT (Forbidden) + assignee-must-IT (Conflict) + controller /assign hạ [Authorize(Roles=Admin)][Authorize] (handler fine-grained). FE: fe-admin+fe-user ItTicketsPage SHA256-identical (REVERSE S53 divergence) gate nút by canReassign, dropdown từ /assignable-staff (không /users). Test 203→216 (+13 authz guard test-before-merge). NO migration (DepartmentId reuse). Bundle admin DfCfHUE9DmjI8Cmn / user _3S0BPJ2YxL_MljK (cả 2 rotate). 6-agent fan-out (BE∥FE→test→reviewer→cicd) + em main reconcile stray-memory residual (3 agent ghi MEMORY nhầm src/Backend/.claude → harvest về canonical). reviewer PASS 0 blocker (role-string "Admin" chain-verified). Task 1 Phase 9 Ops KHÔNG làm (anh dừng). flag: cicd sys.tables=93 vs STATUS 92 → monthly audit re-ground.) Prev S53 (gotcha #57 EXT Master Mig 47 + P11-D reassign-UI fe-admin + P11-E menu + database-agent verified-runtime: 44b9e54 Run #260 + dbf6648 Run #261, test→203, bundle→DfCfHUE9). Prev S52 (Phase 11 P11-D+E+F deployed + database-agent adopt, HMW-mode ON): 3 commit — e9ee97f (database-agent DB1DB11 read-advisory, roster 10→11, executed-file CHỜ restart) + 6a66429 Wave 1 (P11-E AttendanceReport+Excel+OtPolicy multiplier + P11-F MaTicket codegen, migration-free) + dcf76f8 Wave 2 (P11-D ItTicket round-robin assign dept-IT + SLA timer, Mig 46). Test 186→200. Bundle admin DYfjnpY0/user _3S0BPJ2 (cả 2 deploy verified curl độc lập — Wave 1 BE 401 wired + Wave 2 /assign 401 + Mig 46 applied health-200). ⚠️ Session-limit hit giữa Wave 2 → recovery: BE/test verify-on-disk + em main solo FE redo + curl-self-verify thay cicd-spawn (multi-agent resilience, git/disk/prod = source-of-truth). RAG recovered (chunk 2416 rerank live) nhưng stale 05-29. Prev S51: P11-C Vehicle+Driver.)

🎯 CURRENT STATE (verified S40)

Metric Value Note
Migrations 49 +S57bis Mig 49 AddWorkItemToPurchaseEvaluation (PE.WorkItemId Guid? loose-Guid KHÔNG FK vật lý + IX — AddColumn+CreateIndex, no new table)
SQL tables 93 re-ground S56 (cicd sys.tables ground-truth Run #379 — prior "92" was narrative under-count; Mig 48 col-only added no table)
Master data (prod) real loaded S55 62 Projects + 71 WorkItems (Vật tư16/Thầu phụ30/MEP9/Thiết bị16) + 3 Suppliers thật, coexist demo (ungated idempotent seed). Provenance scripts/master-import-data.generated.md
API endpoints ~253 +1 S54 GET /it-tickets/assignable-staff (capability endpoint); +3 S52 (attendances/report + report/excel + it-tickets/{id}/assign)
FE pages 68 unchanged S54 (ItTicketsPage reassign = in-place 2 app); +1 S52 AttendanceReportPage
Menu keys 57 re-ground S58 (MenuKeys.cs const count); +1 S57bis Personal root ("Cá nhân" order 30 + Chấm công re-parent)
Tests 240 PASS 58 Domain + 182 Infra · 0 fail / 0 skip · +12 S57bis PeWorkItemGuardTests (validator + create-FK-guard + update-null-safe) · +12 S56 golive-harden · +13 S54 authz
Gotchas 60 +2 S58: #59 PS 5.1 git commit -m vỡ tại "-F <file> · #60 Identity seed CreateAsync silent-fail vs prod password policy (population Dev ≠ prod — dump data thật trước lock/seed-by-email)
User memory 20 re-grounded S54 (H1 disk-count — S53 base thật 19 không phải 18); +1 S54 feedback_agent_cwd_relative_memory_misland (sub cd subdir → MEMORY Write stray)
Skills 6 3 domain + 3 ops
Sub-agents 11 two-tier H4 (06-10): em main Fable 5 (1M) Max · 4 promote inherit=Fable 5 (reviewer·investigator-codebase·database-agent·harvest-curator) · 7 demote pin claude-opus-4-8 (runtime-VERIFIED 06-11 — spawn-test 2 chiều S57bis: H1 tooling-auditor self-report claude-opus-4-8[1m] + H2 harvest-curator claude-fable-5[1m]; [1m] 1M-resolve SE tự verify) · effort Max ×2 tier. 9 product/quality + 2 monitor INFORM-only. database-agent verified-runtime S53 (spawn-test PASSED — caught Mig 46-unapplied-local drift)
RAG chunks 2420 re-check S58 (list_projects — alive, rerank 0.504 live). Stale last_indexed 05-29 (S42-S58 via store_memory stopgap; full re-index = AI_INFRA op cần VOYAGE_API_KEY).

Bundle hash live (prod): admin CP4CB1ym (S57bis Run #381) · user CKjwqnGL (S58 Run #384 fe-user redesign — rotate khỏi BmZ3VHnm; CSS CV0H5hnq). Latest deploy Run #384 (e959f72, ~4m30s): fe-user density redesign — asymmetric đúng (admin FROZEN ✓), brand #1F7DC1 + Be Vietnam Pro verified trong HTML+CSS prod, Mig giữ 49. Prior: Run #383 (6c5fd26) revoke hidden-modules + Master order 80, menu-tree đối chứng 2 chiều ✓ · Run #382 (5998163) lock fix — Users 55/21 active/34 locked, helpdesk nv.cao+nv.truong sống · Run #381 (dd117b7) Mig 49 + Pe all-role 130 rows. Phase: Phase 10 COMPLETE · Phase 11 product backlog ĐÓNG TRỌN — P11-A/B/C/D/E/F ALL DONE (deployed prod) · 🚫 Phase 9 Ops blocked (anh main coordinate — S54 chưa khởi động, anh dừng).

⚠️ Count drift fixed S40: endpoints ~223→211, FE pages 53→65, menu keys 85→~53. Tables 84 confirmed correct (DbSet 77 + Identity 7). 3 số "khó fake" (mig/gotcha/git) luôn đúng. Cause: số "incremented mỗi session" over/under-count optimistic — re-ground định kỳ.

🔥 In Progress (S58)

Task Owner Status
(none — S58 lock-demo-user fix DONE prod-verified Run #382: 34 locked / helpdesk nv.cao+nv.truong sống / 5 real staff tạo. Việc sếp Zalo 06-11 deadline 15:00 ĐÓNG TRỌN (S57bis ship + S58 fix NO-OP). Ops S56 (1) gán user IT → RESOLVED S58 (nv.cao/nv.truong active — khóa nốt 2 account này khi anh gán người thật vào CNTT). 🔴 Ops còn — của anh: (1) ssh vietreport-vps "tzutil /g" → confirm SE Asia Standard Time (codegen mã đơn dùng năm giờ-server) · (2) xác nhận anh Chương dùng email nào → dọn chuong.phan@solution.com.vn typo-domain (đang giữ active chủ đích) · (3) báo 5 real staff mới password mặc định + yêu cầu đổi. NEXT (anh pick): FE redesign Phase 2 (recon ready) · Phase 9 Ops (SMTP/backup/creds/UAT) · monthly audit 2026-07-01 (kèm: schema-diagram §16+ Mig 32-49 ERD debt · L1 cap cicd-monitor 32.2KB + investigator-codebase 32.1KB curate · STATUS/HANDOFF re-tier).) 👤

S40 done: Consolidation (d2f52ba) · Curate 4 agent MEMORY >25KB→<8.4KB (78c9de3) · RAG catch-up chunk S37-S40 (rerank 0.867) · AI_INFRA bulletin 2026-05-29 adopt 4/4 (MỤC2 Tiered Memory Policy v1 6f08d1f + MỤC3 /session-start+/session-end slash commands c8ff5e1). Full RAG re-index = AI_INFRA op (cần VOYAGE_API_KEY).

⚙️ NEW slash command (.claude/commands/) — anh main restart CLI để activate (không hot-reload) → session sau gõ /session-start + /session-end thay paste prompt thủ công.

Recently Done (newest on top — 3 session; cũ hơn → session logs)

S58 chiều (2026-06-11) — Tạm ẩn modules + Danh mục cuối (Run #383) + fe-user redesign guide AI_INFRA (Run #384)

  • Ẩn + thu hồi quyền (anh yêu cầu từ screenshot eoffice, commit 6c5fd26 → Run #383 PASS): NEW RevokeTemporarilyHiddenModulesAsync — set 4 cờ CRUD=false mọi role TRỪ Admin trên Hrm* + Off* + Personal (menu tự ẩn 2 app; giữ row flip-lại-nhanh khi golive) + grant seed thu hẹp scope (không re-grant). Menu Master Order 20→80 (Danh mục cuối sidebar). Prod verified: non-Admin CanRead=0 · Admin giữ 29 · Pe 120 · Master 48 · menu-tree đối chứng 2 chiều (nv.test mất 3 nhóm, admin còn). User thường eoffice giờ chỉ thấy: Hộp thư · Quy trình chọn TP-NCC · Danh mục (cuối). ⚠️ Mức che = menu + permission matrix; URL gõ trực tiếp chưa chặn (FE không PermissionGuard per-route — chấp nhận "tạm ẩn", note sẵn khi golive flip lại).
  • /check-email ai_infra: nhận 2026-06-11-ui-ux-design-guide (hash ✓✓ whole-file + body, processed) — UI/UX Design Guide canonical 13 mục (anh-approved, lineage NAMGROUP→BVAAU→AI_INFRA) + FYI lỗi stamp hash email H4-report SE (không tamper — lesson stamp lần send tới) + ACK H4 ACCEPT (SE = sister đầu tiên trọn vòng H4.7 email-back).
  • fe-user redesign (commit e959f72 → Run #384 PASS): 🩷 frontend-designer 14 file (index.css + 6 ui primitives + 6 shell + LoginPage) — density-first theo guide, BRAND GIỮ #1F7DC1 + Be Vietnam Pro + slate. Variant/size keys + props STABLE, RowActions/RowActionButton additive. Build ×2 PASS. Bundle asymmetric đúng: user CKjwqnGL rotate / admin CP4CB1ym frozen; brand verified trong HTML+CSS prod. ⚠️ Designer truncated #53 lần 2 liên tiếp cùng điểm (trước FD2 screenshot) → em main disk-recover + self-gate (lesson: emit file-list verdict TRƯỚC screenshot loop — ghi MEMORY nó).

S58 (2026-06-11) — Fix lock-demo-user prod NO-OP + password-seed root-cause — prod-verified Run #382

  • Commit 5998163 (1 file DbInitializer.cs +28/-5) → Run #382 PASS ~3m31s, prod-verified. Anh: /session-start → bootstrap phát hiện Run #381 PARTIAL (lock NO-OP) + 2 file dirty S57bis → recon → anh chốt 3 quyết định (AskUserQuestion): union+password-fix · giữ chuong.phan-typo · giữ nv.test.
  • Root cause 2 tầng (🟦 recon dump prod + Dev + git pickaxe): (1) lock list 14 email named-person = population Dev-only — demo prod thật = 20 UAT-matrix {dept}.{nv,pp,tp}@+bod.{1,2}@ tạo TAY 05-13 chưa từng trong code; (2) DemoUserPassword 11 ký tự < prod RequiredLength=12CreateAsync silent-fail mọi startup từ trước tới giờ (LogWarning-only) = root cause "helpdesk inert phòng IT 0 user" S56 + 5 real staff thiếu account.
  • Fix: union 20 email (exact-email, KHÔNG pattern — binh.le@ người thật sát scheme demo) + password → User@1234567 12 ký tự. 🟩 cicd Run #382 PASS: prod Users 55/21 active/34 locked · 20 UAT + 14 named-person locked · nv.cao/nv.truong CREATED+ACTIVE (ops S56 "gán user IT" RESOLVED) · 5 real staff created · guard 6/6 active · nv.test login 200 · bundle FROZEN CP4CB1ym/BmZ3VHnm · Mig giữ 49 · 93 tables.
  • Closeout kèm: gotcha #59 (PS5.1 git commit -F) + #60 (seed silent-fail vs password policy) NEW · 4 spawn-record on-behalf APPEND (database-agent/implementer-backend/implementer-frontend/reviewer — H2 4-MISS đóng) · H1 doc-drift 5-patch (ef-core +row Mig 49, skills/README, dep-audit, CLAUDE.md root) · menu keys re-ground 57 · test 240 re-verified local · bundle hash curl-verified.
  • ⚠️ Lessons: test xanh + deploy PASS + health 200 ≠ data tồn tại — seed IdentityResult silent-fail chỉ lộ khi dump population env đích (cicd PASS+PARTIAL + recon = tầng bắt được, CI gate không). Trade-off deadline: ship trước, test-specialist guard test sau (test-after, list-data fix).

S57bis (2026-06-11 sáng) — PE gắn Hạng mục công việc (Mig 49) + Pe all-role + menu "Cá nhân" + Harness-4 runtime-VERIFIED — Run #381 PASS+PARTIAL

  • 2 commit 17b23a4 (governance) + dd117b7 (product, 26 file +7.4K) → Run #381 PASS ~4m25s (Run #380 cancelled superseded — đúng). Sếp Zalo 11:02-11:17 deadline 15:00: mapping master data + phân quyền PE all-user + flow tạo phiếu chọn Dự án→Hạng mục→NCC + clear data cũ. Anh chốt: khóa CHỈ user sample · quyền Xem+Tạo · 1 phiếu 1 hạng mục header-level.
  • Mig 49 AddWorkItemToPurchaseEvaluation (🔵 database-agent design): PE.WorkItemId Guid? loose-Guid KHÔNG FK vật lý (convention PE — ProjectId/SelectedSupplierId đều loose) + IX + validator NotEmpty create-only (DB nullable backward-compat 4 phiếu cũ) + FK-guard AnyAsync(IsActive)→Conflict + UpdateDraft null-safe. WorkItems = catalog GLOBAL → 2 dropdown độc lập, "Dự án (năm) Hạng mục" = chuỗi ghép. 3 projection LEFT-join.
  • FE ×2 app: PeWorkspaceCreateView select "c. Hạng mục " + PeHeaderForm (SHA256 IDENTICAL) + PeDetailTabs subtitle. Pe_ all-role: 11 key CanRead+CanCreate=true 13 role (130 rows, upgrade-only — Pe_* leaf KHÔNG nằm MenuKeys.All, build qua factory; PeWf_*/AwV2 GIỮ Admin). Menu "Cá nhân" Personal root@30 + Chấm công re-parent + HrmConfig→Master + Master write-lock Admin,CatalogManager ×3 controller. LockDemoSampleUsersAsync 14 email (→ NO-OP prod, RESOLVED S58). Excel (3) đối chiếu = NO-CHANGE.
  • Test 228→240 (+12 PeWorkItemGuardTests — finding: NotEmpty() trên Guid? không chặn Guid.Empty → handler guard locked 2 test). Harness-4 runtime-VERIFIED spawn-test 2 chiều (H1 claude-opus-4-8[1m] + H2 claude-fable-5[1m]) + email-back AI_INFRA.
  • ⚠️ Lessons: 2 builder return-truncated #53 (BE trước Mig, FE giữa mirror) + reviewer die-0-byte ×2 (class mới resume-kill) → em main solo vá cross-stack + self-gate evidence-checklist. Session đóng VỘI sau commit → 2 file dirty (gotcha #59 + cicd Run #381 entry) trôi sang S58 harvest. → session log 2026-06-11-S57bis-pe-workitem-perm-golive-prep.md.

S56 (2026-06-09) — Pre-golive verify sweep + golive-harden 4 fix — HMW 2-workflow, prod-verified

  • 2 Workflow fan-out + 1 code commit a20cde8 → Gitea Run #379 PASS ~4m20s, prod-verified. Anh: /session-start → hỏi NAMGROUP UI density-first → "Tiếp Phase 2 redesign" (dismiss scope → defer) → "kiểm tra lại tính năng + master data, sắp golive" + /ultra-on → "fix hết workflow luôn" → /session-end.
  • WF1 pre-golive-verify (7 stream song song → adversarial-per-issue): prod-truth(🟩cicd) · schema(🔵database-agent) · 4× logic(🟦investigator) · authz-curl(🟥reviewer). 6/7 PASS · 1 CONCERN(non-blocker) · 0 blocker · 8 issue (adversarial confirm 6 real, refute 2 false-pos). Verdict GO. Insight: phát hiện đáng giá nhất = ops/data, không phải bug code — prod phòng IT (CNTT) tồn tại nhưng 0 active user → ItTicket auto-assign/reassign/SLA-notify đều inert (chỉ live-curl+sqlcmd thấy, test xanh không bắt). + S43 LeaveBalance lost-update còn nguyên + master-data idempotency PROVEN.
  • WF2 golive-harden (Design→Build→Test→Review∥): #3 LeaveBalance lost-update → database-agent design atomic ExecuteUpdateAsync+Serializable tx (NO migration, exactly-once Status!=DaGuiDuyet:296 nguyên, server-side UPDATE SET UsedDays=UsedDays+n race-free) · #5 ItTicket AssignItTicketHandler authz Forbidden-trước-NotFound (fail-closed, hết existence-oracle) · #6 DocxRenderer null-guard MainDocumentPart+Document (CS8602 2→0) · #4 Travel/Vehicle ApproveV2 +4 smoke test (trước đó 0 coverage).
  • Test 216→228 (+12). Build 0 warn. Bundle FROZEN admin 4SUwDLD8/user XdKzt9LL (BE-only đúng). Mig 48 unchanged. sys.tables re-ground 92→93 (cicd ground-truth — Mig 48 col-only, prior under-count).
  • 🟥 reviewer stage StructuredOutput-FAIL → em main đỡ cross-stack review (đọc 3 production diff = clean). 🔵 database-agent review PASS nêu 1 MAJOR (tx READ COMMITTED vs convention Serializable + rare auto-create-race) → em main bump IsolationLevel.Serializable đóng nốt + align convention. 🟩 cicd Run #379 PASS: test 228 · health 200 ×3 · bundle frozen verified 3× · endpoint 401 (control 404 chứng minh auth thật) · Mig 48 top.
  • ⚠️ Lessons: (1) workflow-agent StructuredOutput-fail = class mới của agent-return-unreliable → em main đỡ qua git-diff/disk truth (extends feedback_agent_kill_recovery). (2) workflow-agent self-write MEMORY (G-015 residual — sub giữ Write dù MODE-A) → em main verify sane + bundle harvest commit. (3) gotcha #58 NEW. (4) HMW full-cycle: verify→fix→review→em-main-đỡ→re-verify→ship→cicd-PASS — adversarial tách-vai bắt lỗ phụ build+test-xanh không thấy.
  • 🔴 NEXT: 2 ops VPS (gán user IT + tzutil) · FE Phase 2 (recon ready) · Phase 9 Ops · monthly audit 2026-07-01. → session log 2026-06-09-S56-pre-golive-verify-harden.md.

S55 cont. (2026-06-09) — Phase 1 FE redesign fe-admin (density-first, giữ brand) — HMW-mode ON, prod-verified

  • Commit 7feb53e → Gitea Run #378 PASS ~4m24s, prod-verified. Anh: /check-email NAMGROUP (nhận bộ quy ước UI density-first) → "thiết kế lại giao diện cho đẹp hơn, tham khảo NAMGROUP, cho designer làm, workflow plan + làm luôn".
  • 🩷 frontend-designer redesign 14 file fe-admin (Phase 1 foundation): index.css density heading-ladder + .label-eyebrow util (drop font-bold) · 6 UI primitive (Button/Input/Label/Select/Textarea/Dialog → text-xs font-semibold, py-1.5 ≤36px, rounded-lg, brand focus-ring) · 6 shell (DataTable sticky-thead+RowActions / Layout brand-rail / TopBar / PageHeader / PhaseBadge / EmptyState) · DashboardPage flagship (KPI cards + brand-50 icon chips + uppercase labels + accent bars).
  • GIỮ brand #1F7DC1 + Be Vietnam Pro (NAMGROUP nói brand=Solution tự quyết → chỉ mượn cấu trúc density). Visual-only, functionality nguyên (Button variant/size keys stable 51 call-sites, props/forwardRef intact).
  • 🟥 reviewer PASS 0 blocker (regression all-preserved, brand-confirmed index.css:3/22/34, exactly 14 file) — 2 minor a11y defer (slate-400 hint nhỏ). 🟩 cicd Run #378: admin bundle B-d6893W4SUwDLD8, user XdKzt9LL UNCHANGED (asymmetric FE-admin-only verify), no mig, health 200.
  • ⚠️ 2 agent truncated (designer + reviewer-#1, gotcha #53) → em main recover disk (build+login-visual+diff-review). Dashboard live-screenshot bị chặn dev auth-rig (API HTTPS vs proxy HTTP + protected route) → xem live qua deploy. Designer rig-gotcha #3 logged. Phase 2 (Suppliers/Projects/Contracts pages) + Phase 3 (mirror fe-user) pending. → session log 2026-06-09-S55-master-data-import.md (redesign §).

S55 (2026-06-09) — Nạp master data thật từ Excel + Project +4 cột (Mig 48) — HMW-mode ON, prod-verified

  • Commit 69cb393 → Gitea Run #377 PASS ~4m33s, prod-verified. Anh: /session-start → giao file Excel "HẠNG MỤC CÔNG VIỆC DỰ ÁN" → "nạp master data vào đi nhé" → /ultra-on "workflow làm xong hết".
  • Nạp 3 nguồn thật (Excel 7-sheet → loadable): 62 Projects (Mã+Năm; ~6 có CĐT/địa điểm/gói thầu) · 71 WorkItems hạng mục (Vật tư16/Thầu phụ30/MEP9/Thiết bị16) · 3 Suppliers (TRUONGGIANG/TANPHU/TGN). WorkItem master ĐÃ tồn tại → no new table cho hạng mục.
  • 🟨 BE: Project.cs +4 prop nullable (Year/Investor/Location/Package) + ProjectConfiguration maxlen 250/500/300 + Mig 48 AddProjectMasterFields (3-file, 4 AddColumn reversible) + ProjectFeatures DTO/Create/Update +4 + SeedRealMasterDataAsync (62+71+3 tuple-loop per-code idempotent, wired UNGATED line 118 sau SeedCatalogsAsync → reaches prod, coexist demo).
  • 🟧 FE: ProjectsPage.tsx form +4 input (Năm/Chủ đầu tư/Địa điểm/Gói thầu) + bonus cột "Chủ đầu tư" + types/master.ts +4 — 2 app SHA256-identical. npm build ×2 PASS.
  • Verify: build 0-err · test 216 PASS (compile-fix MasterCatalogFilteredUniqueTests +4 null args, no new test) · runtime Dev proof (data landed, Investor col works) · cicd Run #377 PASS (Mig 48 applied prod · Projects spot-6/6 · WorkItems 71 · Suppliers 3 · CAL01.Investor exact · bundle admin B-d6893W/user XdKzt9LL · health 200).
  • Decisions (anh chốt): Q1 thêm cột thật+migration (không Note-pack) · Q2 cả 3 → Dev+deploy prod. FLOCK01 collision → per-code skip (demo wins). Prod totals: Projects=70 (62 real+8 demo), WorkItems=86.
  • ⚠️ 2 agent return truncated (implementer-backend + reviewer, gotcha #53) → em main recover qua disk/runtime truth (feedback_agent_kill_recovery); cicd verdict-FIRST → PASS clean. Data-quality catch: MEP col gộp MEP-Sub+THIẾT BỊ divider → split đúng. → session log 2026-06-09-S55-master-data-import.md.

S54 (2026-06-08) — IT staff tự reassign ticket (cross-stack authz, HMW-mode ON) — 1 commit prod-verified

  • Commit ca4b602 → Gitea Run #376 PASS ~4m18s, prod-verified. Anh: /session-start → "2 xong sau đó là 1" (task 2 reassign trước, task 1 Phase 9 Ops sau) → task 2 done, task 1 anh dừng → /session-end.
  • Feature (cho tổ IT tự reassign — KHÔNG chỉ Admin như S53): "IT staff" = User.DepartmentId == Department(Code=="IT").Id (reuse round-robin S52 predicate). Cross-stack, NO migration (DepartmentId reuse), no menu change.
  • 🟨 BE (WorkflowAppsFeatures.cs REGION 5 + ItTicketsController.cs): NEW GetAssignableItStaffQueryAssignableStaffResult{CanReassign,Staff} capability endpoint ([Authorize] any-auth, trả {false,[]} cho người ngoài → 0 silent-403 chống gotcha #44) + AssignItTicketHandler authz Admin-OR-dept-IT (ForbiddenException) + assignee-must-IT (ConflictException) + controller /assign hạ [Authorize(Roles="Admin")][Authorize] (handler enforce fine-grained data-driven).
  • 🟧 FE (2 app): ItTicketsPage.tsx SHA256-identical 4bcaf2f… — REVERSE divergence S53 (cả 2 cùng gate nút by BE-computed canReassign, dropdown từ /assignable-staff thay /users). +2 type AssignableStaff/AssignableStaffResult. npm build ×2 PASS.
  • 🟪 Test (ItTicketReassignAuthzTests.cs): +13 (203→216) test-before-merge SECURITY — GetAssignableItStaff 6 (canReassign matrix + 0-leak empty + inactive-excluded) + AssignItTicket 7 (Forbidden guard-proof by-contrast + Conflict assignee-not-IT + side-effect no-mutation). No prod bug.
  • 🟥 reviewer PASS 0 blocker/0 major/1 minor: điểm chí mạng role-string "Admin" chain-verified real (AppRoles.AdminSeedRoles Role.NameJwtTokenService Claim(ClaimTypes.Role)cu.Roles — decoy "QTV" chỉ ShortName, không vào JWT). Fail-closed verified, defense-in-depth nguyên.
  • 🟩 cicd Run #376: test 216 · bundle admin DfCfHUE9DmjI8Cmn/user _3S0BPJ2YxL_MljK (cả 2 rotate) · smoke health 200 + /assignable-staff 401 + /assign 401(body) · Mig giữ 47. Note: 411-bodyless-PUT = IIS Content-Length pre-[Authorize] (không phải routing miss).
  • ⚠️ Residual caught + fixed (em main single-writer): 3 agent (BE/FE/test) ghi MEMORY nhầm src/Backend/.claude/ (cwd-relative Write khi cd subdir) → em main git-status scan bắt stray + reconcile 2 pattern file về canonical + APPEND S54 delta vào 3 canonical MEMORY (harvest B2/B3). → memory feedback_agent_cwd_relative_memory_misland.
  • 📌 flag monthly audit 2026-07-01: cicd đo sys.tables=93 vs STATUS 92 → RECONCILED S56 (93 authoritative, cicd ground-truth Run #379; Mig 48 col-only added no table — STATUS Current State updated 92→93).
  • → session log 2026-06-08-S54-it-ticket-reassign-cross-stack.md.

S53 (2026-06-08) — gotcha #57 EXT Master (Mig 47) + P11-D reassign-UI + P11-E menu-key — all prod-verified · database-agent verified-runtime (HMW-mode ON, "làm hết" full closeout)

  • 2 code commit deployed prod: 44b9e54 Task B (Mig 47 FilterMasterCatalogUniqueIndexesByIsDeleted — Department/Supplier/Project filtered-unique Code, gotcha #57 EXT) Run #260 · dbf6648 Task C+D Run #261. Test 200→203 (+3 MasterCatalogFilteredUniqueTests RED→GREEN). Bundle admin DYfjnpY0DfCfHUE9 (rotated C+D FE) · user _3S0BPJ2 unchanged.
  • Bootstrap: database-agent verified-runtime (first real spawn since S52 adopt → caught Mig 46 committed-but-unapplied-local drift that 203 SQLite-tests + CI-applied-prod both MISS → bonus closed via Mig 47 deploy applying 46+47 to LocalDB Dev+Design). H1+H2 monitors re-reported (S52 closeout debt cleared; H2 confirmed S52 proxy-append present, 0 orphan).
  • Task B (Mig 47, Run #260): workflow 🟪 test-specialist → 🟨 implementer-backend → 🟥 reviewer (PASS 0 issues). 3 prod indexes filter_definition NULL→([IsDeleted]=(0)) live. gotcha #57 EXT cumulative now 6× (Holiday 43 + 3 HRM 45 + 3 Master 47) — backlog CLOSED. Root cause: app dup-check AnyAsync(Code==req) đi qua HasQueryFilter(!IsDeleted) (bỏ qua soft-deleted) nhưng bare unique index đếm cả → delete+re-add = UNIQUE-500 reachable.
  • Task C+D (dbf6648, Run #261): workflow 🟨 implementer-backend → 🟧 implementer-frontend → 🟥 reviewer (PASS 0 issues). C = ItTicket admin reassign dialog (fe-admin only, intentional mirror-break; reuse PUT /assign + GET /users). D = Off_AttendanceReport menu leaf (order 8, no migration — DbInitializer idempotent seed, admin-perm auto via All[], menu-key byte-identical 5 mirror points). Prod: menu row seeded + admin bundle rotated + smoke 200/401.
  • Doc-drift E: H1 top-5 patched (ef-core skill 43→47, agents/README roster 10→11, CLAUDE.md root 45→47 mig + 186→203 test, docs/CLAUDE.md 56→57 + 91→92 ERD). database-agent adap-report → verified-runtime.
  • ⚠️ cicd-monitor truncated 2× (gotcha #53/#55; C+D verify cut mid-Q3) → recovered via curl-self-verify (Gitea run + bundle hashes public; menu-row from agent's pre-truncation sqlcmd). feedback_agent_kill_recovery reinforced.
  • → session log 2026-06-08-S53-gotcha57-ext-p11-cd-closeout.md.

S52 (2026-06-08) — 🎉 Phase 11 product backlog ĐÓNG TRỌN (P11-D+E+F deployed) + database-agent adopt — HMW-mode ON, session-limit recovery

  • 3 commit deployed prod: e9ee97f (database-agent governance .md, CI-skip) + 6a66429 Wave 1 (P11-E+F code) + dcf76f8 Wave 2 (P11-D, Mig 46). Test 186→191→200. Bundle admin DYfjnpY0/user _3S0BPJ2 (cả 2 rotate; deploy verified curl độc lập — không cicd-spawn do limit).
  • 🔌 database-agent adopt (AI_INFRA broadcast 2026-06-08-Agent-database-codebase-agents): floor DB1DB11 READ-advisory tier (implementer-backend vẫn author file) · skill sql-database-assistant+ef-core-migration · color OMIT (8 standard hết → mirror monitor precedent) · store_memory strip · DB11 RowVersion tie-in vá S43 lost-update gap. codebase-agent SKIP n-a (investigator cover + csharp-lsp Windows no-op). Roster 10→11. Nấc executed-file → 🔴 CHỜ CLI restart verified-runtime. adap-report 5-trường LOCK written.
  • P11-F MaTicket codegen (Wave 1): WorkflowAppCodeGen.GenerateMaDonTuAsync(db,"IT",clock.Now.Year,...) gen-on-Create (kanban no-workflow, khác Leave/OT gen-on-Submit), IT/2026/NNN Serializable atomic. Migration-free.
  • P11-E AttendanceReport (Wave 1): GetAttendanceReportQuery monthly aggregate (day-type weekday/weekend/holiday OT × OtPolicy multiplier, classify in-memory không EF-translate .DayOfWeek) + AttendanceReportExcelExporter (ClosedXML, sync no-DB) + 2 endpoint Admin-only + fe-admin AttendanceReportPage (download authed api.get(blob)). Migration-free. Holiday.Date=DateOnly (agent verify source-of-truth, không tin spec mù).
  • P11-D ItTicket assign+SLA (Wave 2, Mig 46 AddSlaFieldsToItTicket): round-robin least-loaded dept-"IT" (DbInitializer seed dept IT + 2 sample staff nv.cao/nv.truong, ordering sau SeedDemoUsers vì reconcile dept) + SlaDueAt theo Priority (Urgent4/High8/Medium24/Low72h) + ItTicketSlaJob (breach+warning notify, KHÔNG auto-transition — khác Contract) + PUT /assign admin override + FE badge 2-app SHA256 mirror.
  • ⚠️ Session-limit hit giữa Wave 2 (3 agent killed: FE/test/cicd) → recovery (multi-agent resilience proof): Wave 2 BE/test verify-on-disk (build 0-err + 200 test) + em main solo FE redo (gotcha #53-class fallback) + curl-self-verify Wave 1+2 deploy thay cicd-spawn. Lesson: git/disk/prod = source-of-truth, KHÔNG agent return-message.
  • reviewer (Wave 1) PASS — independent re-verify (build/test/tsc) + gotcha #44 role-string "Admin" disarmed (decoy "QTV"=display-code KHÔNG phải role-name). Wave 2 = em main self-review (seed↔query dept-code cross-check PASS, nv.cao/nv.truong tồn tại) do limit pressure.
  • → session log 2026-06-08-S52-phase11-def-close-database-agent.md.

S51 (2026-06-08) — P11-C Vehicle+Driver catalogs (Mig 44) + gotcha #57 ext 3 HRM catalog (Mig 45) — HMW fan-out, deployed prod

  • Commit 30a99aa → Gitea Run #371 PASS ~4m18s, verified prod. HMW-mode ON, 7-agent fan-out: 🟦 recon → 🟨 BE ∥ 🟧 FE (parallel file-disjoint) → 🟪 test-before → 🟥 reviewer → 🟩 cicd. RAG/Qdrant DOWN cả session → ground-truth on-disk (đáng tin hơn stale RAG index 05-29).
  • Mig 44 AddVehicleAndDriverCatalogs — 2 catalog table (Vehicles + Drivers, AuditableEntity), filtered-unique Code day-1 (gotcha #57 từ đầu). Extend HrmConfigs declarative: BE Region 5/6 CRUD (mirror LeaveType) + Controller +2 route-group (8 endpoint, GET public / write Roles=Admin) + MenuKeys +2 +All (auto Admin perm) + DbInitializer idempotent seed 2 veh/2 drv. FE KIND_CONFIG +2 kind ×2 app (SHA256 mirror) + 4-place (types/page/menuKeys/Layout staticMap), :kind-driven (no new App.tsx route). Tables 91→92 (cicd sys.tables ground-truth).
  • Mig 45 FilterHrmCatalogUniqueIndexesByIsDeleted (bundled gotcha #57) — LeaveType + ShiftPattern + OtPolicy bare .IsUnique().HasFilter("[IsDeleted]=0"). OtPolicy BỊ BỎ SÓT khỏi backlog "2 catalog" → em main bắt được khi grep toàn bộ config (= 3 HRM catalog). test-before: +5 HrmConfigFilteredUniqueTests (181→186), RED→GREEN observed.
  • 🟥 reviewer caught 1 MAJOR (pre-commit): Driver FE↔BE required-field mismatch (FE optional vs BE NotEmpty+NOT NULL) — root = inconsistent em-main brief across BE/FE → fixed (FE +required:true). Lesson: parallel fan-out → shared-contract inconsistency chỉ lộ lúc integration; green tests ≠ correct contract.
  • 🟩 cicd Run #371 PASS: test 186 · Mig 44+45 prod · 5 IX_*_Code filtered ([IsDeleted]=(0)) live (3 HRM was NULL) · bundle rotate admin Cg9mvltU/user YgqDvsqr · health 200 · /hrm-configs/{vehicles,drivers} 401 unauth + 200 authed (2 seed each).
  • gotcha #57 EXT (investigator audit complete): Department/Supplier/Project (Master, confirmed-reachable via global query-filter quirk) → worktree session Mig 46 (3 idx). ContractClause/MeetingRoom/EmployeeProfile = SKIP (not reachable). → session log 2026-06-08-S51-p11c-vehicle-driver-gotcha57.md.

S50 (2026-06-07) — S49 Harness 1·2·3 verified-runtime closeout (HMW-mode ON · infra-finish, no product code, CI-skip)

  • /session-start bootstrap → spawned 2 monitor sub (tooling-auditor H1 + harvest-curator H2) RE-REPORT → verified-runtime CONFIRMED (S49 milestone (a) closed). H1 caught 3 doc-freshness drifts → em main patched (plugin 15→18 · skill-index 31→43 mig + 49→57 gotcha · verified-runtime markers). H2 harvest 🟢 clean (0-byte/orphan/corruption=0). Test gate 181 PASS, RAG 2415.
  • (b) H2 wave-mode VERIFIED — wave-run h2-verify (Workflow Run wf_b7e4d6ef-787, 2-agent: investigator-codebase read-only + test-specialist write-direct). B6 isolation HELD: git status = 6-baseline only (0 canonical/agent-memory leak), sub-MDs gitignored, chunk 2415→2415 (0 rogue RAG write). B4 both-paths exercised. Bonus: gotcha #57 confirmed open + exact coords (LeaveTypeConfiguration.cs:19 + ShiftPatternConfiguration.cs:19 vs fixed HolidayConfiguration.cs:18).
  • (c) H3 email send-path VERIFIED/send-email ai_infra handshake → broadcasts/outbox/ai_infra/, body SHA256 c9656c19… self-verified MATCH + _index.md OUTBOUND logged. AI_INFRA /check-email se pull = their step (completes 2-way byte-identical proof).
  • §L.b(d)(f)(g) session-end: H2 GATE PASS 5/5 + B5 wave-gom (2 sub-MD → agent-memory/{investigator-codebase,test-specialist}). H1 freshness CHỐT (3 drifts patched, 0 new-alloc). 4 sub spawn-records all nấc=verified. Rig fact: Bash subs = /usr/bin/bash not PowerShell → POSIX only. → session log 2026-06-07-S50-harness-verified-runtime.md.

S49 (2026-06-07) — 🌐 AI_INFRA Harness 1·2·3 adopt (HMW-mode ON · governance/infra, no product code, CI-skip)

  • HMW-mode BẬT (/ultra-on → marker .claude/hmw-mode.on gitignored) → anh /adap-apply harness 1·2·3. Recon fan-out 4 read-only agent @P2 (3× investigator-codebase H1/H2/H3 gap + 1× investigator-api plugin/skill audit · return-delta · 367K tok · ~4m46s) → em main single-writer WRITE ~25 file. Containment audit post-P2: git-diff = 1 file-write (inv-api self-MEMORY, benign verified) + chunk-count 2414=2414 (0 RAG-write) → defense-in-depth proven (sub giữ Bash/Write — G-015).
  • Harness 1 (Self-observability): roster 8→10 — NEW 2 sub TÁCH BIỆT (anh-mandate) tooling-auditor (H1 tooling/docs-freshness 4-mặt skill·sub-role·plugin·docs) + harvest-curator (H2 harvest-integrity 5-trục), INFORM-only (4 RAG-read, NO store_memory/Write). Wire session-start.md Phase 2.1.1 RE-REPORT + session-end.md §L.b 6→7-step (H2 5-trục GATE + H1 chốt + B5 wave-gom). H3 plugin/skill = gộp-vai doc (0 agent mới — code-modernization/code-reviewer KHÔNG enable).
  • Harness 2 (wave-folder isolation): hmw.js +wave-mode (subMdPath schema + tool-aware writeGuard) · .gitignore +wave-*/+agent-teams/ (B6 VERIFIED git check-ignore) · NEW .claude/workflows/README.md convention. A agent-team = n-a (Windows in-process, convention-ready).
  • Harness 3 (email channel): NEW broadcasts/ (outbox/{6 others+all}/ + inbox/{6 others}/ + _index + inbox/README + 13 .gitkeep, committed not-gitignored) + 2 cmd send/check-email (self=se, 6 others short-id {ai_infra,vipix,dyd,namgroup,ashico,bvaau}) + fix adap-apply.md base-path → outbox/all/ (latent bug đóng luôn).
  • 3 adap-report docs/governance/adap-reports/2026-06-07-Agent-harness-{1,2,3}.md (nấc executed-file/verified-pending + evidence + tailored/skip + G-015 honest-caveat). 🟥 reviewer P4 PASS all 3 — no blocker (genuinely tailored not copy-paste · B6 git-check-ignore verified · SHA256 byte-identical · 1 MINOR pre-existing README diagram drift → fixed). Test 181 unchanged (no .cs). 🔴 NEXT: anh restart CLI → activate 2 sub + 2 cmd + hmw.js wave-mode → spawn-test confirm verified-runtime. → session log 2026-06-07-S49-harness-1-2-3-adopt.md.

S48 (2026-06-02) — adap-* verification closure post-restart + FD2 proof + Gov-v2 error-ledger (governance + 1 a11y fix)

  • CLI restart confirmed done (registry has frontend-designer + adap-* cmds + 8 subs sans store_memory) → S47 "verified-pending" upgraded. /adap-apply all-pending = 0 new (all 3 applied S47); /adap-report all-applied → re-assessed + updated 3 reports honest (§C5/G-015).
  • #1 store_memory strip → VERIFIED-runtime: grep agents tools: = 0 · loaded registry grants 0 store_memory to all 8 subs. NOT "read-only" (subs keep Bash/Write — defense-in-depth caveat holds).
  • #2 frontend-designer → FD2 loop VERIFIED-RAN (🩷 first real spawn, background): full loop on fe-user /login — DS read (Tailwind v4 CSS-first) → Vite dev → Playwright screenshot 375+1440 → viewed PNGs → FD4 rubric all-PASS → 1-line contrast fix → re-shot → build PASS. em main mirrored fix to fe-admin (parity). 2 Vite-dev rig gotchas + Tailwind-v4 fact in FD MEMORY.
  • #3 Gov-v2 delta → CLOSED (executed-file): NEW docs/governance/error-ledger.md (blameless RCA E-001..E-004 + Active-Guards 2-strike index + §L.a AS-1..AS-9 deterministic-detect + 3-ledger triad map) + §L.b 6-step wired session-end.md Phase 1.5 (ran live this session = demo).
  • Code: fe-{admin,user}/src/pages/LoginPage.tsx subtitle text-slate-500→600 (a11y contrast ~7.5:1). Build × 2 PASS 0 TS error. Test 181 unchanged (FE-only, no .cs). Commit 350b2bf🟩 cicd Run #369 PASS (~4m13s · bundle admin DPPTx2Kw/user CjoUEsoV rotated · Mig stays 43 · health 200 ×4). → session log 2026-06-02-S48-adap-verify-fd2-error-ledger.md.

S47 (2026-06-02) — 🔌 AI_INFRA adap-* adoption channel + 3 broadcasts (infra/governance, no product code)

  • Federated adoption channel installed (AI_INFRA relay): 3 slash-commands forked → .claude/commands/adap-{apply,report,request}.md. Read AI_INFRA broadcasts/outbox/ read-only (§J2) → apply own repo → docs/governance/adap-reports/<id>.md (5-field LOCK); AI_INFRA /adap-audit reads cross-repo 2-way. 0 agents spawned (em main solo — governance task).
  • #1 store_memory strip — removed from ALL 8 subs' tools:lead (em main) = sole RAG-writer (failure-safe). 4 RAG-read retained ×8. agents/README.md synced + G-015 note (NOT "read-only" — subs keep Bash/Write). Corroborates SE S41 re-bootstrap-loss lesson.
  • #2 frontend-designer (8th agent, pink) — adopted (user call), forked AI_INFRA canonical FD1FD10 visual-verification floor (Playwright screenshot ≥2 viewport → rubric → fix). Tailored SE stack + use-existing-DS (#1F7DC1/Be Vietnam Pro) + boundary ⟂ implementer-frontend (design/UX vs mechanical-mirror). memory seed + roster doc 7→8.
  • #3 Gov-v2 — already-applied S44 (ae30f8f); delta report flags 1 gap (no formal error-ledger/§L.b checklist — defer).
  • Nấc all executed-file / verified-pending (restart + spawn-test). Test 181 unchanged (no product code). CI-skip (all .md). → session log 2026-06-02-S47-aiinfra-adap-channel.md · memory feedback_aiinfra_adap_channel · restart-batching lesson (front-load .md edits → 1 restart).

S46 (2026-06-01) — 🧹 Memory integrity repair (no code, docs-only)

  • /session-start audit caught 2 user-memory files at 0 bytes (S45 close-out truncation, gotcha #53): MEMORY.md index + feedback_background_spawn_visibility.md. Empty index = S46 bootstrap chạy KHÔNG có memory auto-inject (degrade thầm lặng).
  • Repaired (👤 em main solo): rebuilt MEMORY.md index (14 entries: 8 feedback + 3 project + 2 pattern) · repopulate feedback_background_spawn_visibility từ HANDOFF/STATUS S45 ref (marked reconstructed) · NEW feedback_session_end_memory_write_verify (verify byte>0 sau closeout Write). 0 empty .md remain (verified find -size 0).
  • No production/repo code touched. Memory files ngoài repo (~/.claude/.../memory/) — không git-tracked → repo unchanged từ S45 7fbe05a. Test gate re-confirm 181 PASS (58+123) lúc bootstrap.
  • Residual: STATUS "27 user memory" stale → corrected 14. Recommend thêm verify-byte-count step vào /session-end skill mechanism (AI_INFRA op per charter v2) — auto-catch class lỗi này.

S45 (2026-06-01) — 🧪 HRM test-gap stabilization + Holiday drift fix (Mig 43)

  • 2 commit 051b62b (Tests) + 0c5a014 (Mig 43) → push → Gitea Run #368 PASS, verified prod. "Stabilize before extend": đóng 3 test-gap deferred S35-S38 TRƯỚC khi chồng schema mới.
  • +27 test (154→181): Gap1 Holiday composite UNIQUE (7) · Gap2 EmployeeSatellite FK-invariant+soft-delete+cascade (10) · Gap3 gotcha #44 authz regression HrmConfigs+Employees (10). 🟪 test-specialist viết (return truncated gotcha #53 → 👤 em main verify-on-disk + proxy MEMORY).
  • Mig 43 FilterHolidayUniqueIndexByIsDeleted (👤 em main solo, bug-fix chain): Gap1 test lòi drift — Holiday DB UNIQUE (Year,Date) unfiltered vs handler !IsDeleted → admin xoá+thêm lại ngày lễ cùng date = 500 reachable. Fix .HasFilter("[IsDeleted]=0") (khớp pattern 13× sẵn có). Flip Case 7 assert success. Table vẫn 91 (index-only).
  • 🟩 cicd Run #368 PASS ~4m20s: test gate 181 · Mig 43 applied prod · IX_Holidays_Year_Date filter=([IsDeleted]=(0)) live (was NULL) · FE bundle UNCHANGED Krjvg_3j/6sNStgxa (đúng — BE-only) · health 200 · 0 regression.
  • 🟦 investigator P11-C pre-flight (Vehicle+Driver catalog): chưa có master → extend HrmConfigs +2 kind declarative, Mig 44, giữ VehicleBooking free-text. gotcha #57 caught: LeaveType.Code + ShiftPattern.Code cũng unfiltered (backlog).
  • gotcha #57 NEW (soft-delete UNIQUE phải .HasFilter). Process: foreground spawn = im lặng = "looks frozen" → đẩy background + report-ngay (feedback_background_spawn_visibility).

S44 (2026-06-01) — 🗓️ Monthly drift audit + AI_INFRA bundle 06-01 adoption (docs-only, CI-skip)

  • Cadence audit (cron 2026-06-01) + adopt AI_INFRA bundle 06-01 (federated, team chọn full scope). 🟦 investigator-codebase drift scan (read-only, ground-truth verified) → 👤 em main patch. No code touched → 154 test PASS unchanged.
  • 42 count-drift fixes: CLAUDE.md root + docs/CLAUDE.md + ef-core-migration SKILL + dependency-audit-erp SKILL + schema-diagram + database-guide — 40→42 mig · 84/59/55/47→91 tables · 130/111→154 test · 52/49→56 gotcha.
  • Schema-diagram: migration table extended Mig 17-42 (was stop ở 16) + total 55→91; detailed-§ gap (Mig 27-42 modules) flagged explicit (không silent → deferred backlog). ef-core SKILL migration history extended Mig 27-42.
  • AI_INFRA bundle: §A RAG T1/T2 auto-ack · §B Gov-v2 align (no new layer) · §C hygiene 7/7 agent-mem L1 ≤16KB, "25KB"→"~30KB tiered" wording ×7 · §D #4 self-sustaining adoption-report step → /session-end (skip #1 đã có / #3 helper) · §E report + §F ledger docs/governance/.

S43 (2026-05-30) — 🔄 Phase 11 P11-B: LeaveBalance business logic (trừ phép + số dư)

  • Commit 82d7fcf → Gitea #367 PASS ~4m08s, deployed prod. 7-agent (recon → BE → FE ∥ test → reviewer → cicd), agents Max → 0 bug lọt.
  • Mig 42 AddLeaveBalances (additive): LeaveBalances (User×LeaveType×Year + Entitled/Used/Adjustment, UNIQUE composite + FK LeaveTypes Restrict). 90→91 tables.
  • Trừ phép: hook ApproveLeaveRequestHandler nhánh terminal DaDuyet — exactly-once (guard chặn re-approve), upsert auto-create từ DaysPerYear, UsedDays += NumDays, Year=StartDate.Year. Policy cho phép âm + cảnh báo (anh chốt).
  • FK invariant guard (em Max-review thêm sau test reveal): Create + UpdateDraft validate LeaveTypeId tồn tại → ConflictException (đóng cửa, tránh 500 kẹt đơn lúc deduction FK insert).
  • CQRS LeaveBalanceFeatures.cs: GetMy (self lazy-merge active LeaveType) + GetUser (admin) + Adjust (admin upsert). Embed balance NGƯỜI TẠO vào leave detail (approver xem đúng).
  • FE: WorkflowAppDetailPage ×2 block "Số dư phép" + cảnh báo vượt (kind=leave, SHA256 identical, tích hợp trang đơn nghỉ — không trang riêng).
  • Test: 144→154 (+11 LeaveBalance/guard + repair 2 template terminal FK). Reviewer Max PASS (deduction exactly-once + FK fully closed; 2 minor defer: concurrency lost-update no-RowVersion + stale comment).
  • Verified prod: Mig 42 applied, LeaveBalances UNIQUE+FK ✓, /leave-balances/my 200 → 5 LeaveType lazy-default, bundle rotate.

S42 (2026-05-30) — 🔄 Phase 11 P11-A: wire ApproveV2 + LevelOpinions 4 WorkflowApps module

  • Commit e7b66cd (Gitea #364) + fix 75df04e (#365) → PASS, deployed prod. Cookie-cutter mirror Proposal (Mig 38). 7-agent end-to-end (recon → BE×3 → FE → test → reviewer → cicd). (Run-id "#250" memory truncated ghi sai → Max re-verify reconcile #364/#365.)
  • Mig 41 WireWorkflowAppsApprovalV2 (additive): +4 bảng {Leave,Ot,Travel,Vehicle}LevelOpinions (UNIQUE composite + Cascade/Restrict) + WorkflowAppCodeSequences (shared atomic MaDonTu) + 4 cột RejectedFromStatus + enum TravelRequest=9.
  • BE: 30 handler (LeaveOt + TravelVehicle ApprovalFeatures.cs) — GetById/Update/Submit/Approve(UPSERT+advance)/Reject/Return + verify ApplicableType per module. 8 controller route. Seed 4 WF mẫu (QT-NP/OT/CT/XE-V2-001, AppType 5/6/7/9) — gotcha #51 INFRASTRUCTURE-gated PASS prod.
  • FE: WorkflowAppDetailPage.tsx declarative 4-kind (admin+user SHA256 identical) — workflow status + opinion timeline + Submit/Approve/Reject/Return actions; gỡ banner skeleton + row nav.
  • Test: +11 WorkflowAppApproveV2Tests (130→141) — state machine + UPSERT invariant + guards + forbidden + placeholder + codegen. No prod bug.
  • Verified: Mig 41 applied prod (5 bảng EXIST) · bundle rotate cả 2 app · 4 endpoint live · seed prod · reviewer checklist (no copy-paste bug, [Authorize] OK).
  • ⚠️ Gotcha #53/#55 tái diễn 3× session này (FE + reviewer + cicd-monitor truncate output cuối) — mỗi lần recover qua MEMORY + em main manual verify. Anti-truncation lesson reinforced.
  • 🔬 Max re-review (agents chạy High) phát hiện + fix 2 bug FE picker (chưa commit lúc deploy đầu): (#1) pinWorkflow PUT /{id} partial → 400 validator; (#2) fetch expect array nhưng endpoint trả {types} object → picker rỗng. Fix: thêm endpoint chuyên dụng PUT /{id}/workflow (set workflow only, verify ApplicableType) + sửa fetch mirror PE/Contract data.types.find().history.filter(isUserSelectable). +3 test SetWorkflow (141→144). Bonus phát hiện: ProposalCreatePage (S37) có bug #2 có sẵn → spawn task riêng.
  • 📌 Follow-up minor (non-blocking): known-minor unreachable (Reject/Return actor-check khi CurrentApprovalLevelOrder null) · deploy.yml stale comment "54/17 test" (cosmetic) · test Travel/Vehicle mirror pending (Leave full + Ot smoke có).

S41 (2026-05-29) — RAG corpus cleanup (w/ AI_INFRA)

  • AI_INFRA RAG audit → SE-side prep: .claude/rag.json exclude root-anchored→**/-anchored (defeats gotcha #10: node_modules/**+docs/_archive/** weren't matching nested paths) + retired stale _decision_log "+321%/11,922".
  • store_memory reconcile (anti-data-loss, NAMGROUP lesson): unified at-risk rule = content reproducible từ file {exists ∧ matches corpus glob ∧ not excluded}. 5/5 accounted: 3 broadcasts disk-twinned + 16a6b6db audit-response twin-safe + 0307141b S37-S40 catch-up promoted-to-disk (docs/changelog/sessions/2026-05-29-S37-S40-rag-catchup.md — anchor was virtual, not real STATUS section).
  • AI_INFRA re-bootstrap host-side --config: 3080→2406 (674 junk), node_modules=0 / _archive=0 / manual-marker=0, user-memory 60 chunks (slug fix). SE post-verify PASS (promoted catch-up returns file-indexed real heading, not (manual)). Commits 282cbd0+e8cbbe5 pushed (docs/infra → CI skip).
  • Standing infra backlog (AI_INFRA, non-blocking): bootstrap glob→0 warn · auto_reindex hook fire · search_code corpus gap (src/.cs+fe/.tsx, v0 design) · registry sync.

S40 (2026-05-29) — Init audit + doc consolidation

  • 7-agent smoke verify (🟪 test-specialist + 🟦 investigator-api load OK), RAG re-rank PASS (top 0.8789 Voyage rerank-2.5), 130 test confirm.
  • Doc consolidation: STATUS 170KB→5.7KB + HANDOFF 224KB→3.4KB (archive full → docs/_archive/). Count re-ground (endpoints 211, FE pages 65, menu ~53; tables 84 confirmed). Stale credential admin@solutionerp.localadmin@solutions.com.vn fixed. CLAUDE.md root patch (mig/table/test).
  • Curate 4 agent MEMORY >25KB→<8.4KB (~130KB→41KB, foundation preserved + verbatim git). RAG store_memory S37-S40 catch-up chunk. 2 commit push d2f52ba+78c9de3 (docs-only CI skip).

S39 (2026-05-29) — ⚙️ INFRA: Opus 4.8 1M + Multi-agent 4→7 + budget +50%

  • Pure infra/governance, 1 commit fd0554a (docs CI skip). Model default Opus 4.8 1M. investigator→codebase+api · implementer→backend+frontend · +test-specialist (purple). 5 RAG MCP/agent. 2 gotcha NEW #54 (529 fallback) + #55 (truncation mid-exploration). CLI restart → registry hot-reload (done S40).
  • docs/changelog/sessions/2026-05-29-S36-S39-phase10-complete-7agent.md

S38 (2026-05-28) — 🎊 PHASE 10 COMPLETE 11/11 (SKELETON combo)

  • Mig 39+40 + BE ~1100 LOC + FE 5 file × 2 app + 8 menu. Run #247 PASS 3m25s. G-O4/O5/O6/P1/H3 skeleton. Trade-off DEFER Phase 11: ApproveV2 wire + LevelOpinions per-module + LeaveBalance + CodeGen atomic + Vehicle/Driver catalog + ItTicket auto-assign/SLA.
  • → same session log

🎯 Next up

Phase 11 — Polish/wire skeleton (COMPLETE S52)

  • P11-A wire ApproveV2 + LevelOpinions 4 module — DONE S42 (prod).
  • P11-B LeaveBalance business logic — DONE S43 (Mig 42, prod).
  • P11-C Vehicle+Driver catalog — DONE S51 (Mig 44/45, prod).
  • P11-D ItTicket round-robin assign + SLA timer — DONE S52 (Mig 46, dcf76f8, prod). Dept-IT pool + ItTicketSlaJob no-auto-transition. Follow-up minor: reassign-UI defer (endpoint /assign sẵn).
  • P11-E AttendanceReport + Excel + OtPolicy multiplier — DONE S52 (6a66429, prod). Admin-only, weighted-OT-hours (no salary field → quy-đổi-giờ not pay, MVP). Follow-up: menu-key promote (hiện via button).
  • P11-F CodeGen atomic MaTicket — DONE S52 (6a66429, prod). gen-on-Create IT/2026/NNN.

🔧 Maintenance backlog

  • RAG re-ingest solution_erp S42-S43 content (store_memory stopgap live; full re-index = AI_INFRA op)
  • gotcha #57 LeaveType+ShiftPattern+OtPolicy filtered-unique DONE S51 (Mig 45, 3 HRM catalog — OtPolicy bị bỏ sót khỏi backlog "2 catalog", bắt được via grep + test-before 5 case). EXT (worktree session, Mig 46): Department/Supplier/Project (Master, confirmed-reachable via global query-filter quirk); ContractClause/MeetingRoom/EmployeeProfile = SKIP (audit-verified not-reachable).
  • Skill + doc drift audit cron — 2026-06-01 DONE (S44) — 42 count-drift fixes + AI_INFRA bundle adopt; next 2026-07-01

🚫 Phase 9 Ops (blocked — anh main coordinate)

  • SMTP email outbound · Rotate prod creds · SQL auto-backup (backup-sql.ps1 ready, chờ Task Scheduler register) · UAT 2-3 user 1 tuần

🚨 Blockers / risks

  • ⚠️ Email SMTP chưa có — blocker notification outbound
  • ⚠️ Credentials trong chat — rotate trước go-live thật
  • ⚠️ SQL backup chưa auto — risk data loss (script ready, chờ register)
  • ⚠️ UAT real user chưa chạy — risk edge-case bug
  • ⚠️ Cert api.solutions.com.vn expire ~2026-07-23 (auto-renew ~06-23)

🔑 Credentials + URLs

Prod login: admin@solutions.com.vn / Admin@123456   (⚠️ rotate sau login đầu)
  • API prod https://api.solutions.com.vn (/health/live + /health/ready) · dev http://localhost:5443 (/swagger)
  • Admin FE prod https://admin.solutions.com.vn · dev :8082
  • User FE prod https://eoffice.solutions.com.vn · dev :8080
  • Gitea https://git.baocaogiaoduc.vn/vietreport-admin/solution-erp · SSH ssh vietreport-vps
  • SQL prod .\SQLEXPRESS / SolutionErp · dev (localdb)\MSSQLLocalDB / SolutionErp_Dev

Session history: S0→S39 full detail trong docs/changelog/sessions/ + docs/_archive/STATUS-preS40-fullhistory.md. File này chỉ giữ state hiện tại + 3 session gần nhất.