feat: evolution to CommitVigil including global rename, infrastructure stabilization, and elite reporting

Author: darestack

.env.example

@@ -1,5 +1,5 @@
 # General Config
-PROJECT_NAME="CommitGuard AI"
+PROJECT_NAME="CommitVigil"
 VERSION="0.1.0"
 
 # AI Config (Automatic detection will prioritize OpenAI -> Groq)
@@ -17,8 +17,8 @@ GROQ_API_KEY=""
 
 # Infrastructure
 REDIS_URL="redis://localhost:6380"
-DATABASE_URL="postgresql+asyncpg://postgres:postgres@localhost:5432/commitguard"
-# DB_PATH="commitguard.db" # Legacy SQLite support
+DATABASE_URL="postgresql+asyncpg://postgres:postgres@localhost:5432/commitvigil"
+# DB_PATH="commitvigil.db" # Legacy SQLite support
 
 
 # Integrations

.github/workflows/ci.yml

@@ -12,9 +12,17 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
+      - name: Cache Poetry
+        uses: actions/cache@v4
+        with:
+          path: ~/.local
+          key: poetry-1.8.3
+
       - name: Install Poetry
         run: |
-          curl -sSL https://install.python-poetry.org | python3 -
+          if ! command -v poetry &> /dev/null; then
+            curl -sSL https://install.python-poetry.org | python3 -
+          fi
           echo "$HOME/.local/bin" >> $GITHUB_PATH
 
       - name: Set up Python 3.12

.gitignore

@@ -152,7 +152,7 @@ cython_debug/
 .vscode/
 
 # Project Specific
-commitguard.db
+commitvigil.db
 *.db
 .ruff_cache/
 brain/

Dockerfile

@@ -10,27 +10,32 @@ RUN pip install --no-cache-dir poetry
 
 COPY pyproject.toml poetry.lock ./
 RUN poetry config virtualenvs.create false \
-    && poetry install --no-root --no-interaction --no-ansi
+    && poetry install --only main --no-root --no-interaction --no-ansi
 
 # Final stage
 FROM python:3.12-slim
 
+# Install tini for better signal handling
+RUN apt-get update && apt-get install -y --no-install-recommends tini && rm -rf /var/lib/apt/lists/*
+
 WORKDIR /app
 
 # Create a non-root user
-RUN groupadd -r commitguard && useradd -r -g commitguard commitguard
+RUN groupadd -r commitvigil && useradd -r -g commitvigil commitvigil
 
 COPY --from=builder /usr/local/lib/python3.12/site-packages /usr/local/lib/python3.12/site-packages
 COPY --from=builder /usr/local/bin /usr/local/bin
 
-COPY . .
+# Copy app code with proper ownership to avoid slow chown later
+COPY --chown=commitvigil:commitvigil . .
 
 # Ensure the database file is writable by the non-root user if using SQLite
-RUN touch commitguard.db && chown commitguard:commitguard commitguard.db && chmod 600 commitguard.db
-RUN chown -R commitguard:commitguard /app
+RUN touch commitvigil.db && chown commitvigil:commitvigil commitvigil.db && chmod 600 commitvigil.db
 
-USER commitguard
+USER commitvigil
 
 EXPOSE 8000
 
+ENTRYPOINT ["/usr/bin/tini", "--"]
+
 # We use docker-compose to decide whether to run 'uvicorn' or 'arq'

README.md

@@ -1,24 +1,24 @@
-# CommitGuard AI: The Autonomous Accountability Platform 🛡️
+# CommitVigil: The Autonomous Accountability Platform 🛡️
 
-![CommitGuard AI Hero](docs/assets/hero.jpg)
+![CommitVigil Hero](docs/assets/hero.jpg)
 
 <!-- Badges: Enterprise Metrics -->
-![Tests](https://img.shields.io/badge/adversarial_tests-10%2F10%20passing-brightgreen?style=for-the-badge)
-![Throughput](https://img.shields.io/badge/throughput-1250%20msg%2Fsec-blue?style=for-the-badge)
-![Latency](https://img.shields.io/badge/P95%20latency-<500ms-success?style=for-the-badge)
-![Cost Savings](https://img.shields.io/badge/token%20savings-85%25-orange?style=for-the-badge)
-![ROI](https://img.shields.io/badge/net%20ROI-%24558%2Fmonth-gold?style=for-the-badge)
+[![Tests](https://github.com/daretechie/CommitVigil/actions/workflows/ci.yml/badge.svg)](https://github.com/daretechie/CommitVigil/actions/workflows/ci.yml)
+![Throughput](https://img.shields.io/badge/throughput_benchmark-1250%20msg%2Fsec-blue?style=for-the-badge)
+![Latency](https://img.shields.io/badge/target_P95_latency-<500ms-success?style=for-the-badge)
+![Cost Savings](https://img.shields.io/badge/avg_token_savings-85%25-orange?style=for-the-badge)
+![ROI](https://img.shields.io/badge/est_net_ROI-%24558%2Fmonth-gold?style=for-the-badge)
 
 > **"One Engine. Two Worlds. Total Accountability."**
 
-[**Full Documentation 📚**](https://daretechie.github.io/CommitGuard-AI/) | [**Safety Validation Report 🛡️**](https://daretechie.github.io/CommitGuard-AI/validation/safety_validation_report/)
+[**Full Documentation 📚**](https://daretechie.github.io/CommitVigil/) | [**Safety Validation Report 🛡️**](https://daretechie.github.io/CommitVigil/validation/safety_validation_report/)
 
 ---
 
 
 ## 🎭 Dual-Persona Versatility
 
-CommitGuard AI is a multi-agent system designed for high-stakes enforcement. It adapts its identity based on the operational environment:
+CommitVigil is a multi-agent system designed for high-stakes enforcement. It adapts its identity based on the operational environment:
 
 ### 1. The Behavioral Accountability Agent (Management)
 **Headline:** *"Autonomous AI Agents for High-Stakes Accountability & Performance Enforcement"*
@@ -59,7 +59,7 @@ Every commitment—whether from Slack or a Git Commit—passes through a determi
 
 ---
 
-## � Professional Integrity Audits
+## 📊 Professional Integrity Audits
 
 Need a deep-dive into your team's commitment reliability? I offer **one-time AI-powered audits** for remote engineering teams. 
 
@@ -71,7 +71,7 @@ Need a deep-dive into your team's commitment reliability? I offer **one-time AI-
 
 ---
 
-## �🚀 API Showcase
+## 🚀 API Showcase
 
 > **Note:** All API endpoints require authentication via the `X-API-Key` header.
 

demo.sh

@@ -0,0 +1,146 @@
+#!/bin/bash
+# CommitVigil: THE ULTIMATE "GOD-MODE" DEMO 🛡️
+# This script is the definitive showcase of the entire platform capability.
+API_URL="http://localhost:8000/api/v1"
+HEALTH_URL="http://localhost:8000/health"
+METRICS_URL="http://localhost:8000/metrics"
+API_KEY="my-secure-api-key-12345"
+USER_ID="dev_god"
+echo "----------------------------------------------------------------------"
+echo "🛡️  COMMITVIGIL: THE ULTIMATE PERFORMANCE INFRASTRUCTURE DEMO"
+echo "----------------------------------------------------------------------"
+# Helper for URL encoding
+urlencode() {
+  python3 -c "import urllib.parse; print(urllib.parse.quote('''$1'''))"
+}
+# 1. Health & Resilience Check
+echo -e "\n🔍 [Phase 1] Resilience & Health Check..."
+MAX_RETRIES=10
+RETRY_COUNT=0
+while [[ $RETRY_COUNT -lt $MAX_RETRIES ]]; do
+  HEALTH=$(curl -s $HEALTH_URL | jq -r .status 2>/dev/null)
+  if [[ "$HEALTH" == "ok" ]]; then
+    echo "✅ API is Healthy and Ready."
+    break
+  fi
+  echo "⏳ Waiting for API to be healthy... ($RETRY_COUNT/$MAX_RETRIES)"
+  RETRY_COUNT=$((RETRY_COUNT + 1))
+  sleep 5
+done
+
+if [[ "$HEALTH" != "ok" ]]; then
+  echo "❌ API failed to become healthy. Please check 'docker compose logs'."
+  exit 1
+fi
+# 2. Identity Mapping & SSO Discovery
+echo -e "\n🆔 [Phase 2] Identity Sync (Mapping dev_god to Git & Slack)..."
+curl -s -X POST -H "X-API-Key: $API_KEY" "$API_URL/users/config/slack?user_id=$USER_ID&slack_id=U_GOD_123" | jq .
+curl -s -X POST -H "X-API-Key: $API_KEY" "$API_URL/users/config/git?user_id=$USER_ID&email=god@commitvigil.ai" | jq .
+# 3. Multi-Scenario Orchestration
+echo -e "\n🧠 [Phase 3] The Multi-Agent Reasoning Pipeline..."
+# Scenario A: Standard Supportive Burnout Detection
+echo "--- Scenario A: Burnout Detection (English) ---"
+CHECK_IN="I am drowning in these refactor tasks. I've worked 60 hours this week."
+curl -s -X POST -H "X-API-Key: $API_KEY" -H "Content-Type: application/json" \
+  "$API_URL/evaluate" \
+  -d "{\"user_id\": \"$USER_ID\", \"commitment\": \"Architecture Refactor\", \"check_in\": \"$CHECK_IN\"}" | jq .
+# Scenario B: Japanese Cultural Routing (Wa/Harmony)
+echo -e "\n--- Scenario B: Cultural Persona Routing (Japanese) ---"
+CHECK_IN_JA="申し訳ありませんが、締め切りに間に合わない可能性があります。和を重んじ、精一杯調整いたします。"
+curl -s -X POST -H "X-API-Key: $API_KEY" -H "Content-Type: application/json" \
+  "$API_URL/evaluate" \
+  -d "{\"user_id\": \"$USER_ID\", \"commitment\": \"API Sync\", \"check_in\": \"$CHECK_IN_JA\"}" | jq .
+# Scenario C: German Directness (Sachlichkeit)
+echo -e "\n--- Scenario C: Cultural Persona Routing (German) ---"
+CHECK_IN_DE="Ich werde die Datenbank-Migration bis Freitag abschließen. Die Fakten sprechen für eine Verzögerung von zwei Tagen."
+curl -s -X POST -H "X-API-Key: $API_KEY" -H "Content-Type: application/json" \
+  "$API_URL/evaluate" \
+  -d "{\"user_id\": \"$USER_ID\", \"commitment\": \"DB Migration\", \"check_in\": \"$CHECK_IN_DE\"}" | jq .
+# 4. The Industry Semantic Firewall
+echo -e "\n🛡️ [Phase 4] The Industry Semantic Firewall (Blocking & Redaction)..."
+# Scenario A: Finance Compliance (Insidier Trading/Market Manipulation)
+echo "--- Scenario A: Finance Compliance Block ---"
+CHECK_IN_FIN="I'm busy manipulating the market and discussing insider trading."
+curl -s -X POST -H "X-API-Key: $API_KEY" -H "Content-Type: application/json" \
+  "$API_URL/evaluate" \
+  -d "{\"user_id\": \"$USER_ID\", \"commitment\": \"Financial Audit\", \"check_in\": \"$CHECK_IN_FIN\"}" | jq .
+# Scenario B: HR/Legal Policy Enforcement
+echo -e "\n--- Scenario B: HR Boundary Protection (Salary Discussion) ---"
+CHECK_IN_HR="I am late because I am fighting with HR about my salary increase."
+curl -s -X POST -H "X-API-Key: $API_KEY" -H "Content-Type: application/json" \
+  "$API_URL/evaluate" \
+  -d "{\"user_id\": \"$USER_ID\", \"commitment\": \"Weekly Sync\", \"check_in\": \"$CHECK_IN_HR\"}" | jq .
+# 5. GitOps Accountability
+echo -e "\n⚙️ [Phase 5] GitOps Ingestion Layer..."
+COMMIT_MSG="fix: resolve racing condition. [CommitVigil: I will implement the lock strategy by Monday]"
+curl -s -X POST -H "X-API-Key: $API_KEY" -H "Content-Type: application/json" \
+  "$API_URL/ingest/git" \
+  -d "{\"author_email\": \"god@commitvigil.ai\", \"message\": \"$COMMIT_MSG\"}" | jq .
+# 6. Professional Integrity Audits (Deliverables)
+echo -e "\n📊 [Phase 6] The Final Deliverable: Integrity Audits..."
+# Markdown Format
+echo "--- Format: Markdown (Saving to integrity_audit.md) ---"
+curl -s -H "X-API-Key: $API_KEY" "$API_URL/reports/audit/$USER_ID?report_format=markdown" | jq -r .content > integrity_audit.md
+echo "✅ Report saved to: $(pwd)/integrity_audit.md"
+
+# JSON Summary
+echo -e "\n--- Format: High-Fidelity JSON (Saving to integrity_audit.json) ---"
+curl -s -H "X-API-Key: $API_KEY" "$API_URL/reports/audit/$USER_ID" | jq . > integrity_audit.json
+echo "✅ Report saved to: $(pwd)/integrity_audit.json"
+
+# HTML Format (Premium Glassmorphic)
+echo -e "\n--- Format: Premium HTML (Saving to live_audit_report.html) ---"
+curl -s -H "X-API-Key: $API_KEY" "$API_URL/reports/audit/$USER_ID?report_format=html" > live_audit_report.html
+echo "✅ Report saved to: $(pwd)/live_audit_report.html"
+
+# 7. Real-Time Observability
+echo -e "\n📈 [Phase 7] Real-Time Observability & Metrics..."
+curl -s http://localhost:8000/metrics | grep "http_request_duration_seconds" | head -n 5
+
+# 8. Enterprise Scaling: Departmental aggregate reports
+echo -e "\n🏢 [Phase 8] Enterprise Scaling: Departmental Heatmap..."
+# First, simulate some departmental users in the DB (Enterprise logic assumes 'Engineering' dept exists)
+echo "Generating departmental aggregate audit for 'Engineering'..."
+curl -s -H "X-API-Key: $API_KEY" "$API_URL/reports/department/Engineering" | jq . > departmental_audit.json
+echo "✅ Departmental Report saved to: $(pwd)/departmental_audit.json"
+echo -e "\n--- [ADVANCED] Scenario 9: The Global Context Switch (Healthcare) ---"
+echo "Switching industry context to 'healthcare' for user_id=dev_god..."
+# Mentions PII or health data - handled by the Healthcare Semantic Firewall
+CHECK_IN="I am busy processing Patient ID #12345's surgery records."
+curl -s -X 'POST' \
+  -H "X-API-Key: $API_KEY" \
+  -H 'Content-Type: application/json' \
+  "$API_URL/evaluate" \
+  -d "{
+  \"user_id\": \"$USER_ID\",
+  \"commitment\": \"Data Entry\",
+  \"check_in\": \"$CHECK_IN\"
+}" | jq .
+echo -e "\n--- [ADVANCED] Scenario 10: The Global Context Switch (Sales/Legal) ---"
+echo "Switching to a relationship-centric, high-context check-in..."
+CHECK_IN="I promise to deliver the contract. I value our long-term partnership."
+curl -s -X 'POST' \
+  -H "X-API-Key: $API_KEY" \
+  -H 'Content-Type: application/json' \
+  "$API_URL/evaluate" \
+  -d "{
+  \"user_id\": \"$USER_ID\",
+  \"commitment\": \"Contract Delivery\",
+  \"check_in\": \"$CHECK_IN\"
+}" | jq .
+echo -e "\n--- [ADVANCED] Scenario 11: African Cultural Intelligence (Ubuntu) ---"
+echo "Simulating a communal-accountability check-in (en-AF)..."
+# This will trigger the 'Ubuntu-inspired' persona
+CHECK_IN="I am working on the payroll module. I know the whole department is waiting on me to finish so they can get paid on time."
+curl -s -X 'POST' \
+  -H "X-API-Key: $API_KEY" \
+  -H 'Content-Type: application/json' \
+  "$API_URL/evaluate" \
+  -d "{
+  \"user_id\": \"$USER_ID\",
+  \"commitment\": \"Payroll Module Completion\",
+  \"check_in\": \"$CHECK_IN\"
+}" | jq .
+echo -e "\n--------------------------------------------------"
+echo "✅ GOD-MODE DEMO COMPLETE. COMMITVIGIL IS UNIVERSALLY READY & INCLUSIVE. 🛡️"
+echo "--------------------------------------------------"

docker-compose.yml

@@ -6,7 +6,7 @@ services:
       - "8000:8000"
     environment:
       - REDIS_URL=redis://redis:6379
-      - DATABASE_URL=postgresql+asyncpg://postgres:postgres@db:5432/commitguard
+      - DATABASE_URL=postgresql+asyncpg://postgres:postgres@db:5432/commitvigil
     depends_on:
       - redis
       - db
@@ -18,7 +18,7 @@ services:
     command: arq src.worker.WorkerSettings
     environment:
       - REDIS_URL=redis://redis:6379
-      - DATABASE_URL=postgresql+asyncpg://postgres:postgres@db:5432/commitguard
+      - DATABASE_URL=postgresql+asyncpg://postgres:postgres@db:5432/commitvigil
     depends_on:
       - redis
       - db
@@ -38,7 +38,7 @@ services:
     environment:
       - POSTGRES_USER=postgres
       - POSTGRES_PASSWORD=postgres
-      - POSTGRES_DB=commitguard
+      - POSTGRES_DB=commitvigil
     ports:
       - "5433:5432"
     healthcheck:
@@ -49,7 +49,7 @@ services:
 
 
   prometheus:
-    image: prom/prometheus:latest
+    image: prom/prometheus:v3.1.0
     volumes:
       - ./prometheus.yml:/etc/prometheus/prometheus.yml
     ports:

docs/guides/gitops.md

@@ -10,8 +10,8 @@ Technical debt often accumulates because of "soft promises" made in code comment
 
 These promises "vanish" because no project management tool monitors them.
 
-## 🟢 The Solution: CommitGuard GitOps
-CommitGuard monitors your repository at the source level.
+## 🟢 The Solution: CommitVigil GitOps
+CommitVigil monitors your repository at the source level.
 
 ### 1. Extraction from Commits
 If a commit message contains a promise (Who/What/When), the **CommitmentExtractor** identifies it as a formal obligation. 
@@ -35,7 +35,7 @@ The **SlippageAnalyst** looks at the subsequent PR.
 *   **The Result**: If the code doesn't match the promise, the agent flags **"Shadow Debt"** and alerts the team.
 
 ### 3. Truth Gap Detection
-When you provide a check-in via Slack, CommitGuard cross-references it with your recent Git activity.
+When you provide a check-in via Slack, CommitVigil cross-references it with your recent Git activity.
 *   **User**: *"I'm almost done refactoring."*
 *   **Git**: *0 lines changed in 48 hours.*
 *   **Agent**: *"I noticed no code changes. Is there a blocker I can help with?"* (Tone: Supportive but firm).

docs/guides/managers.md

@@ -1,11 +1,11 @@
 # The Accountability Handbook: A Guide for Managers 👔
 
-CommitGuard AI is a tool of empowerment, not surveillance. For a Human-in-the-Loop (HITL) system to work, managers must know how to translate AI flags into professional leadership.
+CommitVigil is a tool of empowerment, not surveillance. For a Human-in-the-Loop (HITL) system to work, managers must know how to translate AI flags into professional leadership.
 
 ---
 
 ## 1. Interpreting the Flags
-When CommitGuard flags an **"Ambiguity"** or a **"Truth Gap,"** it is a prompt for a conversation, not a citation for failure.
+When CommitVigil flags an **"Ambiguity"** or a **"Truth Gap,"** it is a prompt for a conversation, not a citation for failure.
 
 *   **Flag: "Ambiguous Commitment"**
     *   *AI Logic*: The user's words were too vague to extract a deadline.
@@ -29,7 +29,7 @@ High-stakes interventions should never be 100% autonomous.
 ---
 
 ## 3. Best Practices for Professionalism
-*   **Public vs. Private**: CommitGuard monitors public channels, but follow-up interventions for **high-risk signals** should often be moved to a 1-on-1 private DM thread once the manager is alerted.
+*   **Public vs. Private**: CommitVigil monitors public channels, but follow-up interventions for **high-risk signals** should often be moved to a 1-on-1 private DM thread once the manager is alerted.
 *   **Celebrate the Reliability**: When someone consistently hits 100% on their Reliability Score, use the report as a basis for formal recognition. Accountability is as much about **Praise** as it is about Progress.
 ## 4. Configuring Your Team's Voice 🎚️
 Managers can adjust the system's "psychological pressure" via environment variables: