CultureBotAI
diff --git a/‎justfile‎
Lines changed: 18 additions & 2 deletions b/‎justfile‎
Lines changed: 18 additions & 2 deletions
diff --git a/‎reports/instance_validation_failures.tsv‎
Lines changed: 1 addition & 0 deletions b/‎reports/instance_validation_failures.tsv‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎reports/pipeline_writers_audit.tsv‎
Lines changed: 16 additions & 0 deletions b/‎reports/pipeline_writers_audit.tsv‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎scripts/add_community_ids.py‎
Lines changed: 52 additions & 14 deletions b/‎scripts/add_community_ids.py‎
Lines changed: 52 additions & 14 deletions
diff --git a/‎scripts/apply_pmc_conversions.py‎
Lines changed: 34 additions & 14 deletions b/‎scripts/apply_pmc_conversions.py‎
Lines changed: 34 additions & 14 deletions
diff --git a/‎scripts/audit_writers.py‎
Lines changed: 174 additions & 0 deletions b/‎scripts/audit_writers.py‎
Lines changed: 174 additions & 0 deletions
@@ -23,6 +23,22 @@ validate-all:
         uv run linkml-validate -s src/communitymech/schema/communitymech.yaml "$file"
     done
 
+# Strict in-process validation in *closed* mode (rejects unknown fields).
+# Emits reports/instance_validation_failures.tsv and exits 1 on any ERROR.
+# Catches the same drift class that gave CultureMech 59k silent errors;
+# closed-mode + non-zero exit is what the per-file linkml-validate loop
+# above silently passes today. Use this for the corpus-wide health check.
+validate-strict *args:
+    uv run python scripts/validate_strict.py {{args}}
+
+# Audit every YAML-writing Python module under scripts/ and
+# src/communitymech/ for safeguards (curation_history append,
+# --dry-run/--apply, validates before write, wired into justfile).
+# Writes reports/pipeline_writers_audit.tsv. Useful for tracking
+# adoption of write_validated_community + record_curation_event.
+audit-writers *args:
+    uv run python scripts/audit_writers.py {{args}}
+
 # Validate evidence references in a community file
 validate-references FILE:
     uv run linkml-reference-validator validate data {{FILE}} -s src/communitymech/schema/communitymech.yaml --config conf/reference_validator.yaml
@@ -111,8 +127,8 @@ lint:
     uv run ruff check src/ tests/
     uv run mypy src/
 
-# Full QC (validate + lint + test)
-qc: validate-all validate-terms-all validate-references-all lint test
+# Full QC (validate + strict validate + lint + test)
+qc: validate-all validate-strict validate-terms-all validate-references-all lint test
     @echo "✅ All QC checks passed!"
 
 # Check which community strains are represented in UniProt reference proteomes
 
@@ -0,0 +1 @@
+file	category	detail	path	message
@@ -0,0 +1,16 @@
+path	writes_yaml	appends_curation_history	has_write_safeguard	validates_before_write	wired_into_just
+scripts/add_community_ids.py	yes	yes	yes	yes	no
+scripts/add_evidence_source.py	yes	no	yes	no	no
+scripts/apply_pmc_conversions.py	yes	yes	yes	yes	no
+scripts/apply_strain_designations.py	yes	no	no	no	no
+scripts/apply_taxonomy_corrections.py	yes	no	no	no	no
+scripts/backfill_metals.py	yes	no	yes	no	no
+scripts/enhance_strain_data.py	yes	no	no	no	no
+scripts/fix_network_integrity.py	yes	yes	yes	yes	no
+scripts/fix_reference_formats.py	yes	no	yes	no	no
+scripts/intelligent_snippet_fixer.py	yes	no	no	no	no
+scripts/link_growth_media.py	yes	yes	yes	yes	yes
+src/communitymech/cli.py	yes	no	yes	no	no
+src/communitymech/network/batch_reporter.py	yes	no	no	no	no
+src/communitymech/network/llm_repair.py	yes	yes	yes	yes	no
+src/communitymech/validation/write_validated.py	yes	no	no	yes	no
@@ -1,11 +1,19 @@
 #!/usr/bin/env python
 """Add sequential CommunityMech IDs to all community YAML files."""
 
-import yaml
+import sys
 from pathlib import Path
 
+import yaml
+
+from communitymech.curate.curation_event import record_curation_event
+from communitymech.validation.write_validated import (
+    ValidationFailedError,
+    write_validated_community,
+)
 
-def add_ids_to_communities(communities_dir: Path = Path("kb/communities")):
+
+def add_ids_to_communities(communities_dir: Path = Path("kb/communities"), dry_run: bool = False):
     """Add sequential IDs to all community YAML files."""
     yaml_files = sorted(communities_dir.glob("*.yaml"))
 
@@ -19,26 +27,56 @@ def add_ids_to_communities(communities_dir: Path = Path("kb/communities")):
         with open(yaml_file) as f:
             data = yaml.safe_load(f)
 
-        # Add ID as first field
+        # If a file already has an id, leave it alone — this script is
+        # an id-minter, not a re-assignment tool. Without this guard the
+        # `{"id": ...}; data_with_id.update(data)` sequence below silently
+        # took the source file's existing id while the curation event
+        # still claimed "Assigned id=<new>" — misleading audit trail.
+        if data.get("id"):
+            print(f"  · {yaml_file.name} already has id={data['id']}, skipping")
+            continue
+
+        # Add ID as first field (data has no `id` per the guard above,
+        # so the .update() will not clobber it).
         data_with_id = {"id": community_id}
         data_with_id.update(data)
 
-        # Write back with proper formatting
-        with open(yaml_file, "w") as f:
-            # Use default_flow_style=False for block style
-            yaml.dump(
-                data_with_id,
-                f,
-                default_flow_style=False,
-                sort_keys=False,
-                allow_unicode=True,
-                width=100,
+        # Record curation event before write
+        record_curation_event(
+            data_with_id,
+            curator="add_community_ids",
+            action="ASSIGN_COMMUNITY_ID",
+            changes=f"Assigned id={community_id}",
+        )
+
+        if dry_run:
+            print(f"  (dry-run) would assign {community_id} → {yaml_file.name}")
+            continue
+
+        # Write back via validated writer (replaces direct yaml.dump)
+        try:
+            write_validated_community(data_with_id, yaml_file)
+        except ValidationFailedError as exc:
+            print(
+                f"  ✗ validation failed for {yaml_file.name}: {exc.summary()}",
+                file=sys.stderr,
             )
+            continue
 
         print(f"  ✓ {community_id} → {yaml_file.name}")
 
     print(f"\n✅ Added IDs to {len(yaml_files)} communities")
 
 
 if __name__ == "__main__":
-    add_ids_to_communities()
+    import argparse
+
+    parser = argparse.ArgumentParser(description="Add sequential CommunityMech IDs to YAML files")
+    parser.add_argument(
+        "--dry-run",
+        action="store_true",
+        help="Preview changes without modifying files",
+    )
+    args = parser.parse_args()
+
+    add_ids_to_communities(dry_run=args.dry_run)
@@ -17,12 +17,16 @@
 - PMC4187173 → PMID:25369810
 """
 
-import yaml
-import re
+import sys
 from pathlib import Path
-from typing import Dict, List
-from collections import defaultdict
 
+import yaml
+
+from communitymech.curate.curation_event import record_curation_event
+from communitymech.validation.write_validated import (
+    ValidationFailedError,
+    write_validated_community,
+)
 
 # Known PMC → PMID conversions from special_references_report.txt
 PMC_TO_PMID = {
@@ -38,10 +42,10 @@
 }
 
 
-def apply_pmc_conversions(yaml_path: Path, dry_run: bool = True) -> Dict:
+def apply_pmc_conversions(yaml_path: Path, dry_run: bool = True) -> dict:
     """Apply PMC→PMID conversions to a YAML file"""
 
-    with open(yaml_path, 'r') as f:
+    with open(yaml_path) as f:
         data = yaml.safe_load(f)
 
     changes = []
@@ -120,14 +124,30 @@ def apply_pmc_conversions(yaml_path: Path, dry_run: bool = True) -> Dict:
         backup_path = yaml_path.with_suffix('.yaml.bak_pmc')
         yaml_path.rename(backup_path)
 
-        # Write updated
-        with open(yaml_path, 'w') as f:
-            yaml.dump(data, f,
-                     default_flow_style=False,
-                     sort_keys=False,
-                     allow_unicode=True,
-                     width=120,
-                     indent=2)
+        # Record curation event before writing
+        contexts = sorted({ctx for _, _, ctx in changes})
+        record_curation_event(
+            data,
+            curator="apply_pmc_conversions",
+            action="CONVERT_PMC_TO_PMID",
+            changes=(
+                f"Converted {len(changes)} PMC reference(s) to PMID across "
+                f"{', '.join(contexts) if contexts else 'no'} section(s)"
+            ),
+        )
+
+        # Write updated via validated writer. Restore the backup on
+        # validation failure so the original file isn't left missing
+        # (it's still on disk as backup_path until the write succeeds).
+        try:
+            write_validated_community(data, yaml_path)
+        except ValidationFailedError as exc:
+            backup_path.rename(yaml_path)
+            print(
+                f"  ✗ validation failed for {yaml_path.name}: {exc.summary()} "
+                "(original restored from backup)",
+                file=sys.stderr,
+            )
 
     return {
         'file': yaml_path.name,
 
@@ -0,0 +1,174 @@
+#!/usr/bin/env python3
+"""Audit YAML-writing scripts in CommunityMech.
+
+For every Python module under ``scripts/`` and the central
+``src/communitymech/`` package that writes a YAML (looks for
+``yaml.dump``, ``yaml.safe_dump``, ``write_validated_community``, or a
+``path.write_text(yaml.safe_dump(...))`` flow), record:
+
+- ``appends_curation_history``: does the script append a CurationEvent
+  to ``community['curation_history']``?
+- ``has_write_safeguard``: a ``--dry-run`` opt-out OR ``--apply``/``--write``
+  opt-in flag.
+- ``validates_before_write``: does it route through
+  ``write_validated_community`` or call ``validate_community`` /
+  ``linkml-validate`` first?
+- ``wired_into_just``: is the script invoked from a justfile recipe?
+
+TSV columns: path, writes_yaml, appends_curation_history,
+has_write_safeguard, validates_before_write, wired_into_just.
+
+Output: TSV to stdout (and via ``--out`` to a file).
+
+Ported from CultureMech / MediaIngredientMech / TraitMech.
+"""
+
+from __future__ import annotations
+
+import argparse
+import csv
+import re
+import sys
+from pathlib import Path
+
+SEARCH_DIRS = [
+    Path("scripts"),
+    Path("src/communitymech"),
+]
+
+# Patterns
+_WRITE_TEXT_OF_YAML = re.compile(r"\.write_text\s*\(\s*yaml\.(?:safe_)?dump")
+_CURATION_APPEND = re.compile(
+    r"curation_history.*?(append|\+=|\.insert)"
+    r"|['\"]curator['\"]\s*:"
+    r"|append_curation_event"
+    r"|record_curation_event"
+)
+_WRITE_SAFEGUARD = re.compile(
+    r"--dry[-_]run|dry_run\s*[:=]"
+    r"|--apply\b|args\.apply\b"
+    r"|--write\b|args\.write\b"
+)
+_VALIDATE_BEFORE_WRITE = re.compile(
+    r"linkml[._-]?validate"
+    r"|validate_community\("
+    r"|validator\.validate\("
+    r"|write_validated_community\("
+)
+
+
+def script_paths() -> list[Path]:
+    out: list[Path] = []
+    for d in SEARCH_DIRS:
+        if not d.exists():
+            continue
+        out.extend(sorted(p for p in d.rglob("*.py") if "__pycache__" not in str(p)))
+    return out
+
+
+def looks_like_yaml_writer(text: str) -> bool:
+    if "yaml.safe_dump(" in text or "yaml.dump(" in text:
+        return True
+    if _WRITE_TEXT_OF_YAML.search(text):
+        return True
+    # write_validated_community is the closed-schema-gated wrapper that
+    # callers route through instead of yaml.dump directly.
+    return "write_validated_community(" in text
+
+
+def audit(path: Path, justfile_text: str) -> dict | None:
+    # Suppress self-match: this module's regex source contains
+    # `yaml.safe_dump` etc., so it would otherwise appear in its own output.
+    if path.resolve() == Path(__file__).resolve():
+        return None
+    try:
+        text = path.read_text()
+    except (UnicodeDecodeError, OSError):
+        return None
+    if not looks_like_yaml_writer(text):
+        return None
+    return {
+        "path": str(path),
+        "writes_yaml": "yes",
+        "appends_curation_history": "yes" if _CURATION_APPEND.search(text) else "no",
+        "has_write_safeguard": "yes" if _WRITE_SAFEGUARD.search(text) else "no",
+        "validates_before_write": "yes" if _VALIDATE_BEFORE_WRITE.search(text) else "no",
+        "wired_into_just": "yes" if _is_wired_into_just(path, justfile_text) else "no",
+    }
+
+
+def _is_wired_into_just(path: Path, justfile_text: str) -> bool:
+    """Detect whether a justfile recipe actually invokes this script.
+
+    The earlier substring check (``path.stem in justfile_text``) had false
+    positives — e.g. ``write_validated.py`` matched a justfile comment
+    referencing ``write_validated_community``. Require the filename to
+    appear as an explicit ``python ... <name>.py`` invocation, which is
+    how every justfile recipe actually runs a script.
+    """
+    needle = re.compile(rf"\b{re.escape(path.name)}\b")
+    for line in justfile_text.splitlines():
+        stripped = line.strip()
+        # Ignore comment-only lines so a mention in docs doesn't count.
+        if stripped.startswith("#"):
+            continue
+        if needle.search(stripped):
+            return True
+    return False
+
+
+def main() -> int:
+    ap = argparse.ArgumentParser(description=__doc__)
+    ap.add_argument("--out", type=Path, default=None, help="TSV output path (default stdout)")
+    args = ap.parse_args()
+
+    justfile_path = Path("justfile")
+    justfile_text = justfile_path.read_text() if justfile_path.exists() else ""
+
+    rows: list[dict] = []
+    for p in script_paths():
+        row = audit(p, justfile_text)
+        if row is not None:
+            rows.append(row)
+
+    fields = [
+        "path",
+        "writes_yaml",
+        "appends_curation_history",
+        "has_write_safeguard",
+        "validates_before_write",
+        "wired_into_just",
+    ]
+
+    if args.out:
+        args.out.parent.mkdir(parents=True, exist_ok=True)
+        with args.out.open("w", newline="") as fh:
+            w = csv.DictWriter(fh, fieldnames=fields, delimiter="\t", lineterminator="\n")
+            w.writeheader()
+            for row in rows:
+                w.writerow(row)
+        print(f"Wrote {len(rows)} rows to {args.out}", file=sys.stderr)
+    else:
+        w = csv.DictWriter(sys.stdout, fieldnames=fields, delimiter="\t")
+        w.writeheader()
+        for row in rows:
+            w.writerow(row)
+
+    def count(field: str, val: str) -> int:
+        return sum(1 for r in rows if r[field] == val)
+
+    print("", file=sys.stderr)
+    print(f"=== writers audit summary ({len(rows)} writers) ===", file=sys.stderr)
+    print(f"  appends curation_history:   {count('appends_curation_history', 'yes')} / {len(rows)}",
+          file=sys.stderr)
+    print(f"  has write safeguard:        {count('has_write_safeguard', 'yes')} / {len(rows)}",
+          file=sys.stderr)
+    print(f"  validates before write:     {count('validates_before_write', 'yes')} / {len(rows)}",
+          file=sys.stderr)
+    print(f"  wired into justfile:        {count('wired_into_just', 'yes')} / {len(rows)}",
+          file=sys.stderr)
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main())