Skip to content

Commit dfc2beb

Browse files
authored
Merge pull request #844 from Wikid82/nightly
Weekly: Promote nightly to main (2026-03-16)
2 parents 5d77138 + 34d5cca commit dfc2beb

452 files changed

Lines changed: 15053 additions & 5488 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.dockerignore

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,13 +9,12 @@
99
.git/
1010
.gitignore
1111
.github/
12-
.pre-commit-config.yaml
1312
codecov.yml
1413
.goreleaser.yaml
1514
.sourcery.yml
1615

1716
# -----------------------------------------------------------------------------
18-
# Python (pre-commit, tooling)
17+
# Python (tooling)
1918
# -----------------------------------------------------------------------------
2019
__pycache__/
2120
*.py[cod]

.github/agents/Backend_Dev.agent.md

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ Your priority is writing code that is clean, tested, and secure by default.
4545
- **Step 3 (The Logic)**:
4646
- Implement the handler in `internal/api/handlers`.
4747
- **Step 4 (Lint and Format)**:
48-
- Run `pre-commit run --all-files` to ensure code quality.
48+
- Run `lefthook run pre-commit` to ensure code quality.
4949
- **Step 5 (The Green Light)**:
5050
- Run `go test ./...`.
5151
- **CRITICAL**: If it fails, fix the *Code*, NOT the *Test* (unless the test was wrong about the contract).
@@ -57,8 +57,7 @@ Your priority is writing code that is clean, tested, and secure by default.
5757
- **Conditional GORM Gate**: If task changes include model/database-related
5858
files (`backend/internal/models/**`, GORM query logic, migrations), run
5959
GORM scanner in check mode and treat CRITICAL/HIGH findings as blocking:
60-
- Run: `pre-commit run --hook-stage manual gorm-security-scan --all-files`
61-
OR `./scripts/scan-gorm-security.sh --check`
60+
- Run: `lefthook run pre-commit` (which includes manual gorm-security-scan) OR `./scripts/scan-gorm-security.sh --check`
6261
- Policy: Process-blocking gate even while automation is manual stage
6362
- **Local Patch Coverage Preflight (MANDATORY)**: Run VS Code task `Test: Local Patch Report` or `bash scripts/local-patch-report.sh` before backend coverage runs.
6463
- Ensure artifacts exist: `test-results/local-patch-report.md` and `test-results/local-patch-report.json`.
@@ -69,9 +68,9 @@ Your priority is writing code that is clean, tested, and secure by default.
6968
- **Manual Script**: Execute `/projects/Charon/scripts/go-test-coverage.sh` from the root directory
7069
- **Minimum**: 85% coverage (configured via `CHARON_MIN_COVERAGE` or `CPM_MIN_COVERAGE`)
7170
- **Critical**: If coverage drops below threshold, write additional tests immediately. Do not skip this step.
72-
- **Why**: Coverage tests are in manual stage of pre-commit for performance. You MUST run them via VS Code tasks or scripts before completing your task.
71+
- **Why**: Coverage tests are in manual stage of lefthook for performance. You MUST run them via VS Code tasks or scripts before completing your task.
7372
- Ensure coverage goals are met as well as all tests pass. Just because Tests pass does not mean you are done. Goal Coverage Needs to be met even if the tests to get us there are outside the scope of your task. At this point, your task is to maintain coverage goal and all tests pass because we cannot commit changes if they fail.
74-
- Run `pre-commit run --all-files` as final check (this runs fast hooks only; coverage was verified above).
73+
- Run `lefthook run pre-commit` as final check (this runs fast hooks only; coverage was verified above).
7574
</workflow>
7675

7776
<constraints>

.github/agents/Frontend_Dev.agent.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ You are a SENIOR REACT/TYPESCRIPT ENGINEER with deep expertise in:
4848
- Run tests with `npm test` in `frontend/` directory
4949

5050
4. **Quality Checks**:
51-
- Run `pre-commit run --all-files` to ensure linting and formatting
51+
- Run `lefthook run pre-commit` to ensure linting and formatting
5252
- Ensure accessibility with proper ARIA attributes
5353
</workflow>
5454

.github/agents/Management.agent.md

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -24,12 +24,12 @@ You are "lazy" in the smartest way possible. You never do what a subordinate can
2424
4. **Team Roster**:
2525
- `Planning`: The Architect. (Delegate research & planning here).
2626
- `Supervisor`: The Senior Advisor. (Delegate plan review here).
27-
- `Backend_Dev`: The Engineer. (Delegate Go implementation here).
28-
- `Frontend_Dev`: The Designer. (Delegate React implementation here).
29-
- `QA_Security`: The Auditor. (Delegate verification and testing here).
30-
- `Docs_Writer`: The Scribe. (Delegate docs here).
27+
- `Backend Dev`: The Engineer. (Delegate Go implementation here).
28+
- `Frontend Dev`: The Designer. (Delegate React implementation here).
29+
- `QA Security`: The Auditor. (Delegate verification and testing here).
30+
- `Docs Writer`: The Scribe. (Delegate docs here).
3131
- `DevOps`: The Packager. (Delegate CI/CD and infrastructure here).
32-
- `Playwright_Dev`: The E2E Specialist. (Delegate Playwright test creation and maintenance here).
32+
- `Playwright Dev`: The E2E Specialist. (Delegate Playwright test creation and maintenance here).
3333
5. **Parallel Execution**:
3434
- You may delegate to `runSubagent` multiple times in parallel if tasks are independent. The only exception is `QA_Security`, which must run last as this validates the entire codebase after all changes.
3535
6. **Implementation Choices**:
@@ -43,7 +43,7 @@ You are "lazy" in the smartest way possible. You never do what a subordinate can
4343
- **Identify Goal**: Understand the user's request.
4444
- **STOP**: Do not look at the code. Do not run `list_dir`. No code is to be changed or implemented until there is a fundamentally sound plan of action that has been approved by the user.
4545
- **Action**: Immediately call `Planning` subagent.
46-
- *Prompt*: "Research the necessary files for '{user_request}' and write a comprehensive plan detailing as many specifics as possible to `docs/plans/current_spec.md`. Be an artist with directions and discriptions. Include file names, function names, and component names wherever possible. Break the plan into phases based on the least amount of requests. Include a PR Slicing Strategy section that decides whether to split work into multiple PRs and, when split, defines PR-1/PR-2/PR-3 scope, dependencies, and acceptance criteria. Review and suggest updaetes to `.gitignore`, `codecov.yml`, `.dockerignore`, and `Dockerfile` if necessary. Return only when the plan is complete."
46+
- *Prompt*: "Research the necessary files for '{user_request}' and write a comprehensive plan detailing as many specifics as possible to `docs/plans/current_spec.md`. Be an artist with directions and discriptions. Include file names, function names, and component names wherever possible. Break the plan into phases based on the least amount of requests. Include a Commit Slicing Strategy section that decides whether to split work into multiple PRs and, when split, defines PR-1/PR-2/PR-3 scope, dependencies, and acceptance criteria. Review and suggest updaetes to `.gitignore`, `codecov.yml`, `.dockerignore`, and `Dockerfile` if necessary. Return only when the plan is complete."
4747
- **Task Specifics**:
4848
- If the task is to just run tests or audits, there is no need for a plan. Directly call `QA_Security` to perform the tests and write the report. If issues are found, return to `Planning` for a remediation plan and delegate the fixes to the corresponding subagents.
4949

@@ -59,7 +59,7 @@ You are "lazy" in the smartest way possible. You never do what a subordinate can
5959
- **Ask**: "Plan created. Shall I authorize the construction?"
6060

6161
4. **Phase 4: Execution (Waterfall)**:
62-
- **Single-PR or Multi-PR Decision**: Read the PR Slicing Strategy in `docs/plans/current_spec.md`.
62+
- **Single-PR or Multi-PR Decision**: Read the Commit Slicing Strategy in `docs/plans/current_spec.md`.
6363
- **If single PR**:
6464
- **Backend**: Call `Backend_Dev` with the plan file.
6565
- **Frontend**: Call `Frontend_Dev` with the plan file.
@@ -73,7 +73,7 @@ You are "lazy" in the smartest way possible. You never do what a subordinate can
7373
- **Supervisor**: Call `Supervisor` to review the implementation against the plan. Provide feedback and ensure alignment with best practices.
7474

7575
6. **Phase 6: Audit**:
76-
- **QA**: Call `QA_Security` to meticulously test current implementation as well as regression test. Run all linting, security tasks, and manual pre-commit checks. Write a report to `docs/reports/qa_report.md`. Start back at Phase 1 if issues are found.
76+
- **QA**: Call `QA_Security` to meticulously test current implementation as well as regression test. Run all linting, security tasks, and manual lefthook checks. Write a report to `docs/reports/qa_report.md`. Start back at Phase 1 if issues are found.
7777

7878
7. **Phase 7: Closure**:
7979
- **Docs**: Call `Docs_Writer`.

.github/agents/Planning.agent.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ You are a PRINCIPAL ARCHITECT responsible for technical planning and system desi
4444
- Include acceptance criteria
4545
- Break down into implementable tasks using examples, diagrams, and tables
4646
- Estimate complexity for each component
47-
- Add a **PR Slicing Strategy** section with:
47+
- Add a **Commit Slicing Strategy** section with:
4848
- Decision: single PR or multiple PRs
4949
- Trigger reasons (scope, risk, cross-domain changes, review size)
5050
- Ordered PR slices (`PR-1`, `PR-2`, ...), each with scope, files, dependencies, and validation gates

.github/instructions/ARCHITECTURE.instructions.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -130,7 +130,7 @@ graph TB
130130
| **WebSocket** | gorilla/websocket | Latest | Real-time log streaming |
131131
| **Crypto** | golang.org/x/crypto | Latest | Password hashing, encryption |
132132
| **Metrics** | Prometheus Client | Latest | Application metrics |
133-
| **Notifications** | Shoutrrr | Latest | Multi-platform alerts |
133+
| **Notifications** | Notify | Latest | Multi-platform alerts |
134134
| **Docker Client** | Docker SDK | Latest | Container discovery |
135135
| **Logging** | Logrus + Lumberjack | Latest | Structured logging with rotation |
136136

@@ -1263,8 +1263,8 @@ docker exec charon /app/scripts/restore-backup.sh \
12631263
- Future: Dynamic plugin loading for custom providers
12641264

12651265
2. **Notification Channels:**
1266-
- Shoutrrr provides 40+ channels (Discord, Slack, Email, etc.)
1267-
- Custom channels via Shoutrrr service URLs
1266+
- Notify provides multi-platform channels (Discord, Slack, Gotify, etc.)
1267+
- Provider-based configuration with per-channel feature flags
12681268

12691269
3. **Authentication Providers:**
12701270
- Current: Local database authentication

.github/instructions/copilot-instructions.md

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ Before proposing ANY code change or fix, you must build a mental map of the feat
6767

6868
- **Run**: `cd backend && go run ./cmd/api`.
6969
- **Test**: `go test ./...`.
70-
- **Static Analysis (BLOCKING)**: Fast linters run automatically on every commit via pre-commit hooks.
70+
- **Static Analysis (BLOCKING)**: Fast linters run automatically on every commit via lefthook pre-commit-phase hooks.
7171
- **Staticcheck errors MUST be fixed** - commits are BLOCKED until resolved
7272
- Manual run: `make lint-fast` or VS Code task "Lint: Staticcheck (Fast)"
7373
- Staticcheck-only: `make lint-staticcheck-only`
@@ -79,7 +79,7 @@ Before proposing ANY code change or fix, you must build a mental map of the feat
7979
- **Security**: Sanitize all file paths using `filepath.Clean`. Use `fmt.Errorf("context: %w", err)` for error wrapping.
8080
- **Graceful Shutdown**: Long-running work must respect `server.Run(ctx)`.
8181

82-
### Troubleshooting Pre-Commit Staticcheck Failures
82+
### Troubleshooting Lefthook Staticcheck Failures
8383

8484
**Common Issues:**
8585

@@ -175,7 +175,7 @@ Before marking an implementation task as complete, perform the following in orde
175175
- **Exclusions**: Skip this gate for docs-only (`**/*.md`) or frontend-only (`frontend/**`) changes
176176
- **Run One Of**:
177177
- VS Code task: `Lint: GORM Security Scan`
178-
- Pre-commit: `pre-commit run --hook-stage manual gorm-security-scan --all-files`
178+
- Lefthook: `lefthook run pre-commit` (includes gorm-security-scan)
179179
- Direct: `./scripts/scan-gorm-security.sh --check`
180180
- **Gate Enforcement**: DoD is process-blocking until scanner reports zero
181181
CRITICAL/HIGH findings, even while automation remains in manual stage
@@ -189,15 +189,15 @@ Before marking an implementation task as complete, perform the following in orde
189189
- **Expected Behavior**: Report may warn (non-blocking rollout), but artifact generation is mandatory.
190190

191191
3. **Security Scans** (MANDATORY - Zero Tolerance):
192-
- **CodeQL Go Scan**: Run VS Code task "Security: CodeQL Go Scan (CI-Aligned)" OR `pre-commit run codeql-go-scan --all-files`
192+
- **CodeQL Go Scan**: Run VS Code task "Security: CodeQL Go Scan (CI-Aligned)" OR `lefthook run pre-commit`
193193
- Must use `security-and-quality` suite (CI-aligned)
194194
- **Zero high/critical (error-level) findings allowed**
195195
- Medium/low findings should be documented and triaged
196-
- **CodeQL JS Scan**: Run VS Code task "Security: CodeQL JS Scan (CI-Aligned)" OR `pre-commit run codeql-js-scan --all-files`
196+
- **CodeQL JS Scan**: Run VS Code task "Security: CodeQL JS Scan (CI-Aligned)" OR `lefthook run pre-commit`
197197
- Must use `security-and-quality` suite (CI-aligned)
198198
- **Zero high/critical (error-level) findings allowed**
199199
- Medium/low findings should be documented and triaged
200-
- **Validate Findings**: Run `pre-commit run codeql-check-findings --all-files` to check for HIGH/CRITICAL issues
200+
- **Validate Findings**: Run `lefthook run pre-commit` to check for HIGH/CRITICAL issues
201201
- **Trivy Container Scan**: Run VS Code task "Security: Trivy Scan" for container/dependency vulnerabilities
202202
- **Results Viewing**:
203203
- Primary: VS Code SARIF Viewer extension (`MS-SarifVSCode.sarif-viewer`)
@@ -210,7 +210,7 @@ Before marking an implementation task as complete, perform the following in orde
210210
- Database creation: `--threads=0 --overwrite`
211211
- Analysis: `--sarif-add-baseline-file-info`
212212

213-
4. **Pre-Commit Triage**: Run `pre-commit run --all-files`.
213+
4. **Lefthook Triage**: Run `lefthook run pre-commit`.
214214
- If errors occur, **fix them immediately**.
215215
- If logic errors occur, analyze and propose a fix.
216216
- Do not output code that violates pre-commit standards.

.github/instructions/go.instructions.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -353,7 +353,7 @@ Follow idiomatic Go practices and community standards when writing Go code. Thes
353353
### Development Practices
354354

355355
- Run tests before committing
356-
- Use pre-commit hooks for formatting and linting
356+
- Use lefthook pre-commit-phase hooks for formatting and linting
357357
- Keep commits focused and atomic
358358
- Write meaningful commit messages
359359
- Review diffs before committing

.github/instructions/structure.instructions.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ description: 'Repository structure guidelines to maintain organized file placeme
99

1010
The repository root should contain ONLY:
1111

12-
- Essential config files (`.gitignore`, `.pre-commit-config.yaml`, `Makefile`, etc.)
12+
- Essential config files (`.gitignore`, `Makefile`, etc.)
1313
- Standard project files (`README.md`, `CONTRIBUTING.md`, `LICENSE`, `CHANGELOG.md`)
1414
- Go workspace files (`go.work`, `go.work.sum`)
1515
- VS Code workspace (`Chiron.code-workspace`)

.github/instructions/subagent.instructions.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ runSubagent({
2828
- Parallel: run `QA and Security`, `DevOps` and `Doc Writer` in parallel for CI / QA checks and documentation.
2929
- Return: a JSON summary with `subagent_results`, `overall_status`, and aggregated artifacts.
3030

31-
2.1) Multi-PR Slicing Protocol
31+
2.1) Multi-Commit Slicing Protocol
3232

3333
- If a task is large or high-risk, split into PR slices and execute in order.
3434
- Each slice must have:

0 commit comments

Comments
 (0)