Skip to content

Latest commit

 

History

History
34 lines (32 loc) · 9.67 KB

File metadata and controls

34 lines (32 loc) · 9.67 KB

Change Log

Append-only. Format: ## [YYYY-MM-DD] <ingest|revise|lint|gap|contradiction|drift> | <summary>

[2026-07-10] ingest | Initial scaffold: schema, templates, skills, root index, domain stubs

[2026-07-10] ingest | Seed databases domain: indexing (5), query-optimization (5), schema-design (4), transactions (1)

[2026-07-10] ingest | schema-design +3: naming-conventions, foreign-keys-and-referential-actions, column-data-types

[2026-07-10] lint | Blind routing audit (3 independent agents, 6 scenarios): 6/6 routable with friction — protocol circularity, scaffold-domain traps, unresolved decision forks

[2026-07-10] revise | Protocol: load-when is the routing gate (trigger = post-load confirmation + drift log), multi-domain tiebreak by owned artifact, scaffold backtrack rule, sanctioned cross-link hops, Do-table specificity precedence

[2026-07-10] revise | INDEX.md status column (seeded/scaffold); scaffold indexes gained until-seeded cross-pointers; 6 load-when lines realigned to page triggers

[2026-07-10] revise | Pages: conditional-UPDATE promoted to first-class row (isolation), partial-vs-composite fork given deciding conditions (index-selection), CONCURRENTLY edge, uniqueness triggers on partial-index page, currency/NUMERIC guidance, immutability enforcement, soft-delete status/history disambiguation, keyset cap behavior, N+1 composition

[2026-07-10] lint | Haiku validation: 6/6 scenarios solved correctly by claude-haiku agents via routing alone (0 STUCK). One deviation (BIGINT PK via unstated internal-table assumption) fixed and re-validated

[2026-07-10] revise | primary-key-choice: exposure-undecided rule promoted into the main decision table (default UUIDv7, forbid unstated internal classification); v7 generation note added

[2026-07-10] ingest | Seed 6 domains in parallel (39 pages): debugging (7), testing (6), frontend (8), backend (7), infrastructure (6), qa (5, new domain split from testing). All cited URLs live-verified; practice-based claims tagged field-tested

[2026-07-10] revise | INDEX.md: 6 domains flipped to seeded, qa registered, testing/qa boundary stated both ways, security scaffold line gained cross-pointers

[2026-07-10] ingest | Seed final 3 domains + deepen 2 (21 pages): security (6), platforms (5), mobile (5), backend auth/orm/concurrency (3, Planned section retired), frontend auth + infinite-scroll (2). JWT split: choice=security, server=backend, client=frontend. All cited URLs live-verified

[2026-07-10] revise | INDEX.md: security/platforms/mobile flipped to seeded (all 10 domains seeded); backend/frontend route lines extended

[2026-07-10] lint | Haiku validation wave 3: 6/6 scenarios (security authn choice, JWT server, token client, infinite scroll, platforms, mobile) solved via routing alone, 0 STUCK — incl. 3-domain hop security→backend→frontend on the authn scenario

[2026-07-10] ingest | Add plan + implement skills: capable-model planning (decisions in plan, wiki-mapped small-model-sized tasks) and small-model execution contract (no improvisation, BLOCKED over guessing). E2E validated: planner produced a 17-task login plan (8 self-check fixes); haiku executed tasks 01 (DONE, verified) and 03 (correct BLOCKED on unrunnable psql verify — schema itself applied all 4 mapped wiki pages exactly)

[2026-07-10] ingest | 10 field-incident writeups triaged: 5 new pages (distributed-locks, optimistic-vs-pessimistic-locking, scheduled-job-overlap, password-storage [closes the planner-flagged no-wiki gap], async-failure-handling), 3 amendments (isolation: @Transactional-oversell Instead-of + deadlock-retry edge; caching: shared-store eviction hygiene). Skipped: txn-scope/pool-exhaustion (already covered by transaction-boundaries), WAL internals (no actionable case)

[2026-07-10] revise | backend restructured into stack subtrees: 13 pages moved to common/ (ids backend-common-*, all references rewritten), AGENTS.md naming rule extended for one-level subtrees, backend index routes concern-first/stack-second

[2026-07-10] ingest | Stack subtrees seeded (12 pages): java (entity-mapping, persistence-context, spring proxy-pitfalls, threads-and-memory), node (event-loop-blocking, promise-error-handling, runtime-validation, graceful-shutdown), python (gil-and-concurrency-model, runtime-validation, app-servers-and-workers, mutable-state-traps). Source verification caught migrated doc URLs (hibernate, pydantic, gunicorn, uvicorn)

[2026-07-10] ingest | backend/java kotlin category (4 pages): null-safety-interop, coroutines-structured-concurrency, coroutines-dispatchers-and-blocking, frameworks-and-jpa. All cited URLs live-verified; one source dropped for contradicting the claim (Spring Data JDBC vs JPA data-class context), Kotlin 2.2 annotation change version-conditioned

[2026-07-10] ingest | frontend +4: effects-usage (effect=external-sync, routing table for misuses), structure/component-composition (children/slots, variant props, custom-hook rules), async-ui-states (four explicit states, error boundaries vs promise rejections, optimistic rules), performance/bundle-and-assets (code splitting, image CLS/LCP, fonts). 16/16 sources live-verified; spec's unverified spinner threshold replaced with NN/g verified numbers

[2026-07-10] ingest | testing +3: quality/tests-that-cannot-fail (break-the-code red-run rule, never-fails table), async/async-testing (return/await root rule, fake timers, leaked-work teardown), e2e/e2e-stability (selector stability order, web-first assertions, API-layer setup)

[2026-07-10] ingest | debugging +2: signals/reading-error-messages (cascade first-error rule, message anatomy, search strategy), methodology/verify-the-fix (same-repro both-directions, state-pollution elimination, amplified re-runs, regression pinning, investigation cleanup)

[2026-07-10] ingest | infrastructure +3: config/environment-config (one artifact, startup schema validation, drift diffing), containers/resource-limits-and-probes (process-only liveness vs dependency-aware readiness, OOMKill/throttle/QoS), data/backup-and-restore (RPO/RTO first, restore drills, replication is not backup, immutable copy)

[2026-07-10] ingest | qa +3: process/acceptance-criteria (testable binary criteria, GWT, vague-word audit, edge twins), environments/test-environment-parity (written parity inventory, staging clears only matched dimensions), process/post-release-verification (owned verification window, baseline-compared dashboards, pre-agreed rollback thresholds)

[2026-07-10] ingest | platforms +3: environment/timezone-and-locale (TZ/locale as hidden inputs, Turkish-i, DST cron), environment/path-resolution (type-first diagnosis, per-context PATH table), filesystems/permissions-and-exec-bits (git exec bit, docker bind-mount uid, umask)

[2026-07-10] ingest | mobile +3: navigation/deep-links-and-entry-points (cold-process rebuild per entry, verified links, synthesized back stack, auth continuation), permissions/runtime-permissions (in-context requests, outcome table, live status checks), security/sensitive-data-on-device (Keychain/Keystore, leak-surface table: snapshot/clipboard/backup/logs/WebView)

[2026-07-11] gap | Planning realestate-collector (external XML API ingestion) surfaced 4 [no-wiki] decisions with no owning page: (1) idempotent re-ingestion of an external source that has no stable per-row id → "partition replace" (delete-by-natural-scope + insert in one txn) as the ingestion analogue of upsert; (2) never overwrite a partition with an empty fetch result (transient upstream failure vs genuine zero-rows); (3) normalizing a foreign-government XML feed into an English canonical schema (field-name mapping verified against a live response, not from memory); (4) romanization of Korean admin-region names as static seed. Ingest candidate: a backend category like common/ingestion/external-source-sync.md (partition-replace idempotency, empty-result guard, boundary parse of XML→model). Routing itself worked: keyset-pagination, composite-index-column-order, pagination-contract, idempotent-handlers, scheduled-job-overlap, timeouts-and-retries, python/runtime-validation, and schema-design pages all applied cleanly to the covered decisions.

[2026-07-11] ingest | security +1 (new category api-exposure): exposing-an-origin-http-api — code-vs-edge control split for putting an origin HTTP API behind a public tunnel/proxy. Captures the non-obvious 5xx-bypasses-request-middleware gotcha (set security headers in the exception handler too — verify with a forced 500), header-only fail-closed auth, docs/OpenAPI off at the origin by default, sanitized 5xx bodies, and the code(validate/headers/errors)-vs-edge(TLS/HSTS/rate-limit/WAF) boundary. Derived from hardening korea-data-suite for external exposure + independent pentest; sources OWASP Secure Headers, MDN, Starlette middleware, FastAPI docs.

[2026-07-12] ingest | databases +1 (new category sqlite): concurrent-access-for-a-read-api — WAL + busy_timeout for a read-heavy API with a background writer; set journal_mode once (per-connection pragma cost ~0.4ms measured vs 0.04ms busy_timeout), single writer, run the batch writer as a separate process (interpreter-lock isolation), scale reads with worker processes not threads. Derived from load-testing korea-data-suite (measured connect/query/pragma costs, GIL-bound concurrency, separate-sync-process deployment). Sources: SQLite WAL/pragma/FAQ docs.

[2026-07-12] revise | security/secrets-in-code +1 edge case: third-party HTTP client (httpx/requests) logs the full request URL — including a query-param API key — at INFO, so root/DEBUG logging leaks it; keep the client logger above INFO. Found when a standalone sync process set logging.basicConfig(INFO) and httpx wrote the data.go.kr serviceKey to the log file. last_verified bumped to 2026-07-12.