Skip to content

chore(memory): seeder for global dev-prohibition rules into Ralph recall#26

Merged
alfredolopez80 merged 7 commits into
mainfrom
chore/dev-prohibition-recall-seeder
Jun 22, 2026
Merged

chore(memory): seeder for global dev-prohibition rules into Ralph recall#26
alfredolopez80 merged 7 commits into
mainfrom
chore/dev-prohibition-recall-seeder

Conversation

@alfredolopez80

Copy link
Copy Markdown
Owner

Summary

Adds scripts/memory/seed-dev-prohibitions.sh — a one-command, idempotent wrapper that graduates the 4 global development-prohibition rules into the project-scoped Ralph Memory Tree so they surface in recall_v2 (Codex recall).

The 4 rules:

  1. No placeholders in any development (stop & ask if you can't complete).
  2. No fallbacks unless explicitly requested — fail loud / fail fast by default.
  3. No production code added solely to make a test pass.
  4. Unit AND e2e tests must fail loud / fail fast — special force for heavy e2e on local minikube (never skip/mock/pretend success).

What the script does

  1. migrate_rules_to_nodes.py --rules ~/.ralph/procedural/seed-dev-prohibitions.json --apply → creates GREEN nodes (confidence 1.0).
  2. project_memory.py --apply → refreshes the read-only GREEN projection in MEMORY.md.
  3. recall_v2 verification → fails loud if any of the 4 nodes is not surfaced.

The script practices the rules it seeds: set -euo pipefail, umask 077, explicit fail-loud prerequisite checks, no silent fallbacks.

Design notes

  • Idempotent: deterministic node ids update in place, never duplicate (verified: 2nd run = updated: 4, created: 0).
  • Project-scoped by design: recall_v2 hard-rejects foreign project_ids (intentional per-project isolation). Run per-repo where in-repo Codex recall is wanted.
  • Global coverage is separate: all-project enforcement lives in ~/.claude/CLAUDE.md and ~/.claude/rules/proven/*.md (outside this repo). This PR only adds the in-repo recall tooling.

Scope

Only scripts/memory/seed-dev-prohibitions.sh is repo-tracked. The CLAUDE.md directive, proven rule files, the seed JSON, and the Memory Tree nodes all live outside the repo (~/.claude/, ~/.ralph/) and are not part of this PR.

🤖 Generated with Claude Code

… into Ralph recall

Adds scripts/memory/seed-dev-prohibitions.sh — a one-command wrapper that
graduates the 4 global development-prohibition rules into the project-scoped
Ralph Memory Tree (recall_v2 / Codex recall):

  1. no placeholders in any development
  2. no fallbacks unless explicitly requested (fail loud / fail fast)
  3. no production code added solely to make a test pass
  4. unit AND e2e tests must fail loud / fail fast (special force for heavy
     e2e on local minikube: never skip/mock/pretend success)

The wrapper runs migrate_rules_to_nodes.py (GREEN nodes, confidence 1.0) then
project_memory.py to refresh the read-only MEMORY.md projection, and finally
verifies via recall_v2 that all 4 nodes are surfaced — failing loud if any is
missing (it follows the very rules it seeds: fail-fast, no silent fallbacks).

Idempotent: deterministic node ids update in place, never duplicate. The Memory
Tree is project-scoped by design (recall_v2 hard-rejects foreign project_ids),
so run this per-repo where in-repo Codex recall is wanted. Global coverage for
all projects is provided separately by ~/.claude/CLAUDE.md and
~/.claude/rules/proven/*.md (outside this repo).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 15cbb7a6e5

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

fi

echo "==> Migrating dev-prohibition rules into the Ralph Memory Tree ($MODE)"
python3 "$MIGRATE" --rules "$SEED_FILE" "$MODE"

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Create the cache directory before invoking the migrator

On a first run where ~/.ralph/procedural/seed-dev-prohibitions.json exists but ~/.ralph/cache/ has not been created yet, this apply path fails after the nodes are processed: migrate_rules_to_nodes.py writes rejects_path.parent / "migrated-nodes.jsonl" without creating the parent when there are no rejects. The four expected rules are valid, so this common path raises FileNotFoundError instead of completing the one-command seeding; ensure the cache directory exists or pass a rejects path whose parent is created before calling the migrator.

Useful? React with 👍 / 👎.


if [[ "$MODE" == "--apply" ]]; then
echo "==> Refreshing the read-only GREEN projection in MEMORY.md"
python3 "$PROJECT_MEMORY" --apply

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Use the same Ralph home for projection and recall

If the user has configured the dedicated memory-tree location with RALPH_MEMORY_HOME, the migration above writes via TreeStore() into that directory, but this projection command (and the recall verification below) default to RALPH_HOME/~/.ralph instead. In that environment the script successfully creates the nodes in one tree, then projects zero nodes and fails verification from another tree; pass the resolved Ralph memory home consistently to migrate_rules_to_nodes.py, project_memory.py, and recall_v2.py.

Useful? React with 👍 / 👎.

alfredolopez80 and others added 6 commits June 22, 2026 12:50
…ture

The 'Validate hooks structure' gate required every file under .claude/hooks/
to end in .sh, but the repo legitimately ships polyglot hooks
(git-safety-guard.py, audit-secrets.js, context-mode-cache-heal.mjs). This
made the check fail on main and on every PR. Accept .sh/.py/.js/.mjs and
still fail loudly on any unsupported extension.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Replace the legacy ZeroLeaks multi-agent security description (419 lines)
with a narrowed adversarial opposite-analysis skill (102 lines): claim
challenge workflow, assumption testing, counterargument generation,
failure-mode discovery, external advisor routing (Z.ai/MiniMax via the
Ralph MCP router), security mode, output shapes, and evidence-grounded
guardrails. Codex main stays final owner of decisions and edits.
Keeps VERSION frontmatter (bumped 3.0.0 -> 3.1.0) required by the v2.87
skills unification validator.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Address review findings on the rewritten adversarial skill:
- Make it harness-agnostic: replace "Codex main" owner framing with
  "main agent / orchestrator" so a Claude Code-loaded skill no longer
  names a different agent as decision owner.
- Mechanical sensitivity gate: external routing now MUST scan the full
  brief with scripts/memory/sensitive_content.py (classify_text); GREEN
  only, scanner-authoritative, never a self-asserted label (CWE-200).
- Operationalize context minimization with an explicit include/exclude
  allowlist; restrict external-advisor subagents to read-only/no-Bash/
  no-filesystem scope (CWE-269).
- Add MCP-router availability pre-flight, a security trigger keyword, and
  minor wording fixes.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Address review findings on the dev-prohibition seeder:
- Ship the rule definitions in-repo at scripts/memory/seed-data/
  dev-prohibitions.json (the 4 canonical rules, no secrets) and default
  SEED_FILE to it, with SEED_FILE=<path> override. The seeder no longer
  depends on an out-of-repo ~/.ralph file, so it works on a clean clone.
- Reject unknown arguments with FATAL/exit 1 instead of silently
  defaulting to the mutating --apply path; validate args before
  prerequisite checks (fail fast on misuse).
- Stop suppressing recall_v2 stderr so infra failures surface their real
  root cause instead of a misleading "node not surfaced".
- Add tests/memory/test-seed-dev-prohibitions.sh: fail-loud contract
  tests (missing seed -> exit 1, unknown arg -> exit 1, fixture valid).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Nine skills shipped their definition as lowercase skill.md, which is
indistinguishable from SKILL.md on macOS (case-insensitive) but breaks
the 'Validate skills structure' CI step on Linux (case-sensitive), where
the check looks for an exact SKILL.md. Rename all nine to the canonical
SKILL.md so the gate passes on a clean clone.

Affected: attack-mutator, context7-usage, defense-profiler, gemini-cli,
minimax-mcp-usage, tap-explorer, task-visualizer,
vercel-react-best-practices, worktree-pr.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
…le refs

AutoReview (passes 4-5) found two real gaps, both consequences of this PR:
- The new seeder contract test (test-seed-dev-prohibitions.sh) was orphaned:
  pytest only collects test_*.py so CI never ran it. Add a pytest wrapper
  (tests/memory/test_seed_dev_prohibitions.py) that runs the bash contract
  test under `pytest tests/`, failing loudly on any broken contract.
- The 9 skill.md -> SKILL.md renames left two committed tests asserting the
  old lowercase path; update test_v2.25_search_hierarchy.sh and
  test_v2.26_prefix_commands.sh to SKILL.md.
- Gitignore .claude/tasks.json (ephemeral task-tracker state).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@alfredolopez80 alfredolopez80 merged commit 38fa785 into main Jun 22, 2026
3 checks passed
@alfredolopez80 alfredolopez80 deleted the chore/dev-prohibition-recall-seeder branch June 22, 2026 12:27
alfredolopez80 added a commit that referenced this pull request Jun 22, 2026
…regression

fix(skills): restore Aristotle Integration regression from #26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant