mempalace-code 1.10.2__tar.gz → 1.10.4__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (226) hide show
  1. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/settings.json +13 -8
  2. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/_shared/commit-checkpoint.md +21 -12
  3. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/_shared/task-state.md +3 -3
  4. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/doc-refresh/INSTRUCTIONS.md +4 -4
  5. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/entropy-gc/INSTRUCTIONS.md +4 -4
  6. mempalace_code-1.10.4/.claude/skills/release/SKILL.md +161 -0
  7. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/release-prep/SKILL.md +24 -4
  8. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/task-hardening/INSTRUCTIONS.md +6 -4
  9. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/task-plan/INSTRUCTIONS.md +5 -4
  10. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/verify/INSTRUCTIONS.md +37 -7
  11. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.github/workflows/ci.yml +8 -2
  12. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.gitignore +6 -0
  13. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/CHANGELOG.md +69 -0
  14. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/CLAUDE.md +10 -3
  15. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/CONTRIBUTING.md +1 -1
  16. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/PKG-INFO +3 -3
  17. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/README.md +1 -1
  18. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/docs/BACKLOG-archived.yaml +1 -1
  19. mempalace_code-1.10.4/docs/BACKLOG.yaml +271 -0
  20. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/docs/BACKUP_RESTORE.md +3 -0
  21. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/docs/WHY_THIS_FORK.md +2 -2
  22. mempalace_code-1.10.4/docs/quality/README.md +90 -0
  23. mempalace_code-1.10.4/docs/quality/scorecard.json +189 -0
  24. mempalace_code-1.10.4/docs/quality/scorecard.md +96 -0
  25. mempalace_code-1.10.4/docs/quality/workflow-review-protocol.md +72 -0
  26. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/disk_budget.py +7 -6
  27. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mining/orchestrator.py +12 -0
  28. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mining/scanner.py +43 -8
  29. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/pyproject.toml +7 -38
  30. mempalace_code-1.10.4/pyrightconfig.strict.json +16 -0
  31. mempalace_code-1.10.4/scripts/public_safety_scan.py +249 -0
  32. mempalace_code-1.10.4/scripts/quality_scorecard.py +691 -0
  33. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_miner.py +44 -0
  34. mempalace_code-1.10.4/tests/test_public_safety_scan.py +72 -0
  35. mempalace_code-1.10.4/tests/test_quality_scorecard.py +489 -0
  36. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_type_suppressions.py +28 -3
  37. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/uv.lock +322 -300
  38. mempalace_code-1.10.2/.claude/skills/release/SKILL.md +0 -128
  39. mempalace_code-1.10.2/.verify-state +0 -1
  40. mempalace_code-1.10.2/benchmarks/results_token_delta_wh40k.json +0 -610
  41. mempalace_code-1.10.2/docs/BACKLOG.yaml +0 -55
  42. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/prompts/codex-hardening-review.md +0 -0
  43. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/prompts/codex-plan-review.md +0 -0
  44. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/_shared/mode-classification.md +0 -0
  45. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/bench/SKILL.md +0 -0
  46. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/doc-refresh/SKILL.md +0 -0
  47. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/entropy-gc/SKILL.md +0 -0
  48. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/mine/SKILL.md +0 -0
  49. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/palace-health/SKILL.md +0 -0
  50. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/ship/INSTRUCTIONS.md +0 -0
  51. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/ship/SKILL.md +0 -0
  52. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/start/INSTRUCTIONS.md +0 -0
  53. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/start/SKILL.md +0 -0
  54. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/status/SKILL.md +0 -0
  55. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/task-hardening/SKILL.md +0 -0
  56. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/task-plan/SKILL.md +0 -0
  57. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.claude/skills/verify/SKILL.md +0 -0
  58. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.github/ISSUE_TEMPLATE/bug_report.md +0 -0
  59. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.github/ISSUE_TEMPLATE/feature_request.md +0 -0
  60. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.github/PULL_REQUEST_TEMPLATE.md +0 -0
  61. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.github/workflows/dotnet-bench.yml +0 -0
  62. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.github/workflows/publish.yml +0 -0
  63. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/.pre-commit-config.yaml +0 -0
  64. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/AGENTS.md +0 -0
  65. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/LICENSE +0 -0
  66. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/NOTICE +0 -0
  67. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/assets/mempalace_banner.jpg +0 -0
  68. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/BENCHMARKS.md +0 -0
  69. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/HYBRID_MODE.md +0 -0
  70. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/README.md +0 -0
  71. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/code_retrieval_bench.py +0 -0
  72. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/convomem_bench.py +0 -0
  73. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/data/code_retrieval_queries.json +0 -0
  74. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/dotnet_bench.py +0 -0
  75. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/embed_ab_bench.py +0 -0
  76. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/locomo_bench.py +0 -0
  77. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/longmemeval_bench.py +0 -0
  78. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/membench_bench.py +0 -0
  79. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/results_embed_ab_2026-04-09.json +0 -0
  80. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/results_token_delta_mempalace.json +0 -0
  81. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/benchmarks/token_delta_bench.py +0 -0
  82. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/docs/AGENT_INSTALL.md +0 -0
  83. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/docs/BENCH_TOKEN_DELTA.md +0 -0
  84. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/docs/COMPARISON_GRAPHIFY.md +0 -0
  85. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/docs/HOW_SEARCH_WORKS.md +0 -0
  86. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/docs/LLM_USAGE_RULES.md +0 -0
  87. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/docs/OFFLINE_USAGE.md +0 -0
  88. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/docs/UPSTREAM_HARDENING.md +0 -0
  89. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/docs/refactoring/REFAC-MINER-MODULES/progress.md +0 -0
  90. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/examples/HOOKS_TUTORIAL.md +0 -0
  91. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/examples/basic_mining.py +0 -0
  92. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/examples/convo_import.py +0 -0
  93. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/examples/gemini_cli_setup.md +0 -0
  94. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/examples/mcp_setup.md +0 -0
  95. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/hooks/README.md +0 -0
  96. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/hooks/mempal_precompact_hook.sh +0 -0
  97. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/hooks/mempal_save_hook.sh +0 -0
  98. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace/__init__.py +0 -0
  99. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace/mcp_server.py +0 -0
  100. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/README.md +0 -0
  101. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/__init__.py +0 -0
  102. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/__main__.py +0 -0
  103. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/_chroma_store.py +0 -0
  104. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/_stdio.py +0 -0
  105. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/architecture.py +0 -0
  106. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/backup.py +0 -0
  107. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli.py +0 -0
  108. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/__init__.py +0 -0
  109. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/alias.py +0 -0
  110. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/backup_restore.py +0 -0
  111. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/common.py +0 -0
  112. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/diary.py +0 -0
  113. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/export_import.py +0 -0
  114. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/ingest.py +0 -0
  115. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/maintenance.py +0 -0
  116. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/model.py +0 -0
  117. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/preflight.py +0 -0
  118. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/query.py +0 -0
  119. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/version_check.py +0 -0
  120. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/cli_commands/watch.py +0 -0
  121. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/config.py +0 -0
  122. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/convo_miner.py +0 -0
  123. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/dialect.py +0 -0
  124. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/entity_detector.py +0 -0
  125. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/entity_registry.py +0 -0
  126. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/export.py +0 -0
  127. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/general_extractor.py +0 -0
  128. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/knowledge_graph.py +0 -0
  129. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/language_catalog.py +0 -0
  130. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/layers.py +0 -0
  131. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/__init__.py +0 -0
  132. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/dispatch.py +0 -0
  133. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/protocol_text.py +0 -0
  134. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/registry.py +0 -0
  135. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/runtime.py +0 -0
  136. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/__init__.py +0 -0
  137. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/architecture.py +0 -0
  138. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/diary.py +0 -0
  139. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/graph.py +0 -0
  140. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/kg.py +0 -0
  141. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/read.py +0 -0
  142. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/search.py +0 -0
  143. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/write.py +0 -0
  144. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp_server.py +0 -0
  145. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mcp_tool_profiles.py +0 -0
  146. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/migrate.py +0 -0
  147. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/miner.py +0 -0
  148. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mining/__init__.py +0 -0
  149. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mining/batching.py +0 -0
  150. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mining/chunkers.py +0 -0
  151. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mining/kg_extract.py +0 -0
  152. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mining/languages.py +0 -0
  153. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mining/projects.py +0 -0
  154. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mining/symbols.py +0 -0
  155. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/mirror_preflight.py +0 -0
  156. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/normalize.py +0 -0
  157. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/onboarding.py +0 -0
  158. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/palace_graph.py +0 -0
  159. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/py.typed +0 -0
  160. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/reader.py +0 -0
  161. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/retrieval_rerank.py +0 -0
  162. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/room_detector_local.py +0 -0
  163. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/search_reranker.py +0 -0
  164. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/searcher.py +0 -0
  165. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/spellcheck.py +0 -0
  166. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/split_mega_files.py +0 -0
  167. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/storage.py +0 -0
  168. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/treesitter.py +0 -0
  169. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/version.py +0 -0
  170. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/version_check.py +0 -0
  171. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/mempalace_code/watcher.py +0 -0
  172. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/scripts/bootstrap.sh +0 -0
  173. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/scripts/codex-review.sh +0 -0
  174. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/scripts/migrate_storage_smoke.py +0 -0
  175. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/scripts/nuke_wing.py +0 -0
  176. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/conftest.py +0 -0
  177. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/fixtures/unreasoned_suppression.py +0 -0
  178. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_architecture_extraction.py +0 -0
  179. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_backup.py +0 -0
  180. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_backup_cli.py +0 -0
  181. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_chroma_compat.py +0 -0
  182. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_chroma_import_errors.py +0 -0
  183. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_chunking.py +0 -0
  184. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_cli.py +0 -0
  185. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_cli_command_modules.py +0 -0
  186. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_code_retrieval_bench.py +0 -0
  187. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_config.py +0 -0
  188. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_convo_miner.py +0 -0
  189. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_dialect.py +0 -0
  190. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_disk_budget.py +0 -0
  191. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_dotnet_bench.py +0 -0
  192. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_dotnet_config.py +0 -0
  193. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_e2e.py +0 -0
  194. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_embed_ab_bench.py +0 -0
  195. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_entity_detector.py +0 -0
  196. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_entity_registry.py +0 -0
  197. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_export.py +0 -0
  198. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_general_extractor.py +0 -0
  199. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_kg_extract.py +0 -0
  200. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_knowledge_graph.py +0 -0
  201. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_lang_detect.py +0 -0
  202. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_language_catalog.py +0 -0
  203. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_layers.py +0 -0
  204. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_mcp_registry.py +0 -0
  205. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_mcp_server.py +0 -0
  206. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_mcp_tool_profiles.py +0 -0
  207. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_migrate.py +0 -0
  208. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_migrate_storage_smoke.py +0 -0
  209. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_miner_modules.py +0 -0
  210. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_normalize.py +0 -0
  211. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_offline.py +0 -0
  212. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_packaging_namespace.py +0 -0
  213. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_palace_graph.py +0 -0
  214. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_reader.py +0 -0
  215. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_retrieval_rerank.py +0 -0
  216. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_search_reranker.py +0 -0
  217. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_searcher.py +0 -0
  218. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_split_mega_files.py +0 -0
  219. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_stdio.py +0 -0
  220. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_storage.py +0 -0
  221. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_storage_lance.py +0 -0
  222. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_symbol_extract.py +0 -0
  223. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_treesitter.py +0 -0
  224. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_version_check.py +0 -0
  225. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_version_consistency.py +0 -0
  226. {mempalace_code-1.10.2 → mempalace_code-1.10.4}/tests/test_watcher.py +0 -0
@@ -6,17 +6,17 @@
6
6
  "hooks": [
7
7
  {
8
8
  "type": "command",
9
- "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'git commit'; then echo '[pre-commit] Running verify gate...'; _s=$(mktemp); _u=$(mktemp); git diff --name-only --cached | sort >\"$_s\"; git diff --name-only | sort >\"$_u\"; MIXED=$(comm -12 \"$_s\" \"$_u\"); rm -f \"$_s\" \"$_u\"; if [ -n \"$MIXED\" ]; then echo '[warn] Staged files have unstaged changes (CI will not see them):'; echo \"$MIXED\" | sed 's/^/ /'; echo ''; fi; _tf=$(mktemp); if python -m pytest tests/ -x -q >\"$_tf\" 2>&1; then echo '[ok] pytest passed'; rm -f \"$_tf\"; else echo '[fail] pytest failed:'; tail -40 \"$_tf\"; rm -f \"$_tf\"; exit 1; fi; _tf=$(mktemp); if ruff check mempalace/ tests/ >\"$_tf\" 2>&1; then echo '[ok] ruff check passed'; rm -f \"$_tf\"; else echo '[fail] ruff check failed:'; cat \"$_tf\"; rm -f \"$_tf\"; exit 1; fi; _tf=$(mktemp); if ruff format --check mempalace/ tests/ >\"$_tf\" 2>&1; then echo '[ok] ruff format passed'; rm -f \"$_tf\"; else echo '[fail] ruff format failed:'; cat \"$_tf\"; rm -f \"$_tf\"; exit 1; fi; if git diff --name-only --cached | grep -q 'BACKLOG.yaml'; then if ! backlog validate --file docs/BACKLOG.yaml >/dev/null 2>&1; then echo '[fail] backlog validate failed'; exit 1; else echo '[ok] backlog validate passed'; fi; fi; fi",
9
+ "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'git commit'; then echo '[pre-commit] Running verify gate...'; _s=$(mktemp); _u=$(mktemp); git diff --name-only --cached | sort >\"$_s\"; git diff --name-only | sort >\"$_u\"; MIXED=$(comm -12 \"$_s\" \"$_u\"); rm -f \"$_s\" \"$_u\"; if [ -n \"$MIXED\" ]; then echo '[warn] Staged files have unstaged changes (CI will not see them):'; echo \"$MIXED\" | sed 's/^/ /'; echo ''; fi; _tf=$(mktemp); if python -m pytest tests/ -x -q >\"$_tf\" 2>&1; then echo '[ok] pytest passed'; rm -f \"$_tf\"; else echo '[fail] pytest failed:'; tail -40 \"$_tf\"; rm -f \"$_tf\"; exit 1; fi; _tf=$(mktemp); if ruff check mempalace_code/ tests/ scripts/ >\"$_tf\" 2>&1; then echo '[ok] ruff check passed'; rm -f \"$_tf\"; else echo '[fail] ruff check failed:'; cat \"$_tf\"; rm -f \"$_tf\"; exit 1; fi; _tf=$(mktemp); if ruff format --check mempalace_code/ tests/ scripts/ >\"$_tf\" 2>&1; then echo '[ok] ruff format passed'; rm -f \"$_tf\"; else echo '[fail] ruff format failed:'; cat \"$_tf\"; rm -f \"$_tf\"; exit 1; fi; _tf=$(mktemp); if python -m pyright --pythonpath \"$(python -c 'import sys; print(sys.executable)')\" >\"$_tf\" 2>&1; then echo '[ok] pyright passed'; rm -f \"$_tf\"; else echo '[fail] pyright failed:'; cat \"$_tf\"; rm -f \"$_tf\"; exit 1; fi; if git diff --name-only --cached | grep -q 'BACKLOG.yaml'; then if ! backlog validate --file docs/BACKLOG.yaml >/dev/null 2>&1; then echo '[fail] backlog validate failed'; exit 1; else echo '[ok] backlog validate passed'; fi; fi; fi",
10
10
  "timeout": 300000
11
11
  },
12
12
  {
13
13
  "type": "command",
14
- "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'git commit'; then if git diff --name-only --cached | grep -qE '^mempalace/mcp_server\\.py$' && ! git diff --name-only --cached | grep -qE '^docs/AGENT_INSTALL\\.md$'; then echo '[warn] MCP server changed without AGENT_INSTALL.md update'; fi; fi",
14
+ "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'git commit'; then if git diff --name-only --cached | grep -qE '^mempalace_code/mcp_server\\.py$' && ! git diff --name-only --cached | grep -qE '^docs/AGENT_INSTALL\\.md$'; then echo '[warn] MCP server changed without AGENT_INSTALL.md update'; fi; fi",
15
15
  "timeout": 5000
16
16
  },
17
17
  {
18
18
  "type": "command",
19
- "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'git commit'; then if git diff --name-only --cached | grep -qE '^mempalace/storage\\.py$' && ! git diff --name-only --cached | grep -qE '^docs/STORAGE\\.md$'; then echo '[warn] storage.py changed without STORAGE.md update'; fi; fi",
19
+ "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'git commit'; then if git diff --name-only --cached | grep -qE '^mempalace_code/storage\\.py$' && ! git diff --name-only --cached | grep -qE '^docs/STORAGE\\.md$'; then echo '[warn] storage.py changed without STORAGE.md update'; fi; fi",
20
20
  "timeout": 5000
21
21
  }
22
22
  ]
@@ -38,22 +38,27 @@
38
38
  },
39
39
  {
40
40
  "type": "command",
41
- "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'mempalace/mcp_server\\.py'; then echo '[info] MCP server edited - update docs/AGENT_INSTALL.md if tool signatures changed'; fi",
41
+ "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'pyproject\\.toml|uv\\.lock'; then echo '[info] Dependency metadata edited - run advisory checks, pip-audit, and clean resolver tests before release'; fi",
42
42
  "timeout": 5000
43
43
  },
44
44
  {
45
45
  "type": "command",
46
- "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'mempalace/storage\\.py'; then echo '[info] storage.py edited - run tests: python -m pytest tests/test_storage.py -v'; fi",
46
+ "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'mempalace_code/mcp_server\\.py'; then echo '[info] MCP server edited - update docs/AGENT_INSTALL.md if tool signatures changed'; fi",
47
47
  "timeout": 5000
48
48
  },
49
49
  {
50
50
  "type": "command",
51
- "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'mempalace/miner\\.py'; then echo '[info] miner.py edited - run tests: python -m pytest tests/test_miner.py -v'; fi",
51
+ "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'mempalace_code/storage\\.py'; then echo '[info] storage.py edited - run tests: python -m pytest tests/test_storage.py -v'; fi",
52
52
  "timeout": 5000
53
53
  },
54
54
  {
55
55
  "type": "command",
56
- "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'mempalace/lang_detect\\.py|mempalace/chunker\\.py'; then echo '[info] Language support edited - run: python -m pytest tests/test_lang_detect.py tests/test_chunker.py -v'; fi",
56
+ "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'mempalace_code/miner\\.py|mempalace_code/mining/'; then echo '[info] miner edited - run tests: python -m pytest tests/test_miner.py -v'; fi",
57
+ "timeout": 5000
58
+ },
59
+ {
60
+ "type": "command",
61
+ "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'mempalace_code/lang_detect\\.py|mempalace_code/chunker\\.py'; then echo '[info] Language support edited - run: python -m pytest tests/test_lang_detect.py tests/test_chunker.py -v'; fi",
57
62
  "timeout": 5000
58
63
  }
59
64
  ]
@@ -63,7 +68,7 @@
63
68
  "hooks": [
64
69
  {
65
70
  "type": "command",
66
- "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'mempalace (mine|health|repair|restore)'; then if echo \"$CLAUDE_TOOL_OUTPUT\" 2>/dev/null | grep -qiE 'error|fail|corrupt|missing'; then echo '[alert] Palace operation may have failed - consider running /palace-health'; fi; fi",
71
+ "command": "if echo \"$CLAUDE_TOOL_INPUT\" | grep -qE 'mempalace(-code)? (mine|health|repair|restore)'; then if echo \"$CLAUDE_TOOL_OUTPUT\" 2>/dev/null | grep -qiE 'error|fail|corrupt|missing'; then echo '[alert] Palace operation may have failed - consider running /palace-health'; fi; fi",
67
72
  "timeout": 5000
68
73
  }
69
74
  ]
@@ -3,7 +3,7 @@
3
3
  Shared commit procedure for all skills that commit.
4
4
  Referenced by `/task-plan`, `/task-hardening`, `/ship`, and any future committing skill.
5
5
 
6
- **Purpose:** Prevent missed files, wrong staging, and lost work by cross-referencing the edit log against git state before every commit.
6
+ **Purpose:** Prevent missed files, wrong staging, private artifact leaks, and lost work by cross-referencing the edit log against git state before every commit.
7
7
 
8
8
  ## Procedure
9
9
 
@@ -38,11 +38,22 @@ Compare the two lists. Flag discrepancies:
38
38
 
39
39
  - **Edited but unstaged** (`M` or `?? ` in git status, present in edit log): these MUST be staged or explicitly excluded with a reason.
40
40
  - **Staged but not in edit log** (in git status `M ` or `A ` index column, absent from edit log): warn — this may be another agent's work or a stale change. Verify before committing.
41
- - **Untracked task artifacts** (`?? .tasks/` or `?? .protocols/`): these MUST be staged if they belong to the current task.
41
+ - **Local task artifacts** (`.tasks/`, `.protocols/`, `docs/audits/`): these MUST stay unstaged unless the user explicitly asks to publish a sanitized artifact. Treat them as local evidence by default.
42
42
 
43
43
  If any discrepancy is found, list it explicitly before proceeding. Do not silently skip mismatched files.
44
44
 
45
- ### Step 3: Stage explicitly
45
+ ### Step 3: Run public-safety preflight
46
+
47
+ Before staging, check whether the intended public diff contains secrets, private paths, local artifact directories, or private project names:
48
+
49
+ ```bash
50
+ rg -n "(/Users/|/srv/[^[:space:]'\"`]+|[g]ithub_pat_|[g]hp_|[p]ypi-[A-Za-z0-9_-]{20,}|[s]k-[A-Za-z0-9])" -- $(git ls-files)
51
+ git status --short | grep -E "^.. (\\.tasks/|\\.protocols/|docs/audits/)" && echo "ERROR: local artifacts must not be staged"
52
+ ```
53
+
54
+ False positives such as placeholder tokens or policy text are allowed only after explicit review. Do not publish raw review logs, private benchmark results, local absolute paths, private remotes, or customer/project identifiers.
55
+
56
+ ### Step 4: Stage explicitly
46
57
 
47
58
  Stage ONLY the files that belong to this commit, by name:
48
59
 
@@ -52,15 +63,16 @@ git add <file1> <file2> ...
52
63
 
53
64
  **NEVER** use `git add .` or `git add -A`. If the edit log shows files you did not intend to modify, investigate before staging.
54
65
 
55
- ### Step 4: Review staged diff
66
+ ### Step 5: Review staged diff
56
67
 
57
68
  ```bash
58
69
  git diff --cached --stat
70
+ git diff --cached --name-only | grep -E "^(\\.tasks/|\\.protocols/|docs/audits/)" && echo "ERROR: local artifact staged"
59
71
  ```
60
72
 
61
73
  Verify the staged file count and names match expectations. If a file is unexpectedly large or unexpected, investigate.
62
74
 
63
- ### Step 5: Commit
75
+ ### Step 6: Commit
64
76
 
65
77
  ```bash
66
78
  git commit -m "<message>"
@@ -78,18 +90,15 @@ Scope-risk: <boundary that future changes should be careful about>
78
90
 
79
91
  Queryable later via `git log --grep="Rejected:"` or `git log --grep="Constraint:"`.
80
92
 
81
- ### Step 6: Post-commit verification
93
+ ### Step 7: Post-commit verification
82
94
 
83
95
  ```bash
84
- git status --short | grep -E "^\?\? \.(tasks|protocols)/TASK-" && echo "ERROR: task artifacts left unstaged — amend now" || echo "ok: no orphaned task artifacts"
96
+ git show --name-only --pretty=format: HEAD | grep -E "^(\.tasks/|\.protocols/|docs/audits/)" && echo "ERROR: local artifact committedrevert/amend before pushing" || echo "ok: no local artifacts committed"
85
97
  ```
86
98
 
87
- If task artifacts remain unstaged:
88
- 1. Stage them: `git add .tasks/TASK-<slug>/ .protocols/TASK-<slug>/`
89
- 2. Amend: `git commit --amend --no-edit`
90
- 3. Re-run the check.
99
+ If local artifacts were committed, amend before pushing. Publish only sanitized summaries in tracked docs such as `docs/plans/`, `docs/refactoring/`, `docs/BACKLOG.yaml`, `CHANGELOG.md`, or release notes.
91
100
 
92
- ### Step 7: Clear session state
101
+ ### Step 8: Clear session state
93
102
 
94
103
  ```bash
95
104
  : > /tmp/claude-edits.log
@@ -20,8 +20,8 @@ Structure:
20
20
  "phase": "triage",
21
21
  "started_at": "2026-04-17T14:30:00Z",
22
22
  "modified_files": [
23
- "mempalace/miner.py",
24
- "mempalace/lang_detect.py",
23
+ "mempalace_code/miner.py",
24
+ "mempalace_code/lang_detect.py",
25
25
  "docs/BACKLOG.yaml"
26
26
  ],
27
27
  "decisions": [
@@ -30,7 +30,7 @@ Structure:
30
30
  "F3: benchmark dataset — backlog only (score 1/3)"
31
31
  ],
32
32
  "pending_actions": [
33
- "write round report to docs/audits/",
33
+ "write local-only round report to docs/audits/",
34
34
  "update BACKLOG.yaml",
35
35
  "commit via commit-checkpoint"
36
36
  ]
@@ -28,10 +28,10 @@ For each doc, diff changed source files since last doc commit:
28
28
 
29
29
  | Doc | Diff scope |
30
30
  |-----|-----------|
31
- | BACKUP_RESTORE.md | `mempalace/backup.py`, `mempalace/storage.py` |
32
- | AGENT_INSTALL.md | `mempalace/mcp_server.py`, MCP tools |
33
- | STORAGE.md | `mempalace/storage.py`, schema migrations |
34
- | CLAUDE.md | `.claude/skills/`, `mempalace/*.py` modules |
31
+ | BACKUP_RESTORE.md | `mempalace_code/backup.py`, `mempalace_code/storage.py` |
32
+ | AGENT_INSTALL.md | `mempalace_code/mcp_server.py`, MCP tools |
33
+ | STORAGE.md | `mempalace_code/storage.py`, schema migrations |
34
+ | CLAUDE.md | `.claude/skills/`, `mempalace_code/**/*.py` modules |
35
35
  | README.md | CLI commands, MCP tools, installation |
36
36
 
37
37
  Skip docs where diff is empty or test-only.
@@ -22,7 +22,7 @@ Scan for and fix entropy in the codebase: duplicated helpers, unvalidated bounda
22
22
  - **NEVER** delete code without verifying it's truly unused (check imports, tests)
23
23
  - **NEVER** use `git add .` or `git add -A` — explicit staging only
24
24
  - **ALWAYS** propose a "golden principle" for each recurring issue — prevent, don't just fix
25
- - **Scope argument**: accepts an optional directory argument (e.g., `/entropy-gc mempalace/`). If omitted, scans `mempalace/`, `tests/`
25
+ - **Scope argument**: accepts an optional directory argument (e.g., `/entropy-gc mempalace_code/`). If omitted, scans `mempalace_code/`, `tests/`
26
26
 
27
27
  ## Workflow
28
28
 
@@ -52,7 +52,7 @@ Also check for:
52
52
  Data consumed without validation at system boundaries:
53
53
 
54
54
  ```
55
- Grep: pattern="json\.loads|yaml\.safe_load" glob="*.py" path="mempalace/"
55
+ Grep: pattern="json\.loads|yaml\.safe_load" glob="*.py" path="mempalace_code/"
56
56
  ```
57
57
 
58
58
  **Ignore**: test files, internal module boundaries.
@@ -72,7 +72,7 @@ Cross-reference docs against code reality:
72
72
  Patterns that appear in recent files but violate project conventions:
73
73
 
74
74
  - **Bare except**: `Grep: pattern="except:" glob="*.py"` — should specify exception type
75
- - **Print statements**: `Grep: pattern="print\(" glob="*.py" path="mempalace/"` — should use logging
75
+ - **Print statements**: `Grep: pattern="print\(" glob="*.py" path="mempalace_code/"` — should use logging
76
76
  - **Hardcoded paths**: `Grep: pattern="~/.mempalace|/Users/" glob="*.py"` — should use config
77
77
  - **Raw SQL**: `Grep: pattern="execute\(.*SELECT|INSERT|UPDATE" glob="*.py"` — check for injection risks
78
78
 
@@ -114,7 +114,7 @@ For each finding, classify the action:
114
114
 
115
115
  After user approves fixes:
116
116
  1. Apply changes in small, reviewable chunks
117
- 2. Run verification: `python -m pytest tests/ -x -q && ruff check mempalace/`
117
+ 2. Run verification: `python -m pytest tests/ -x -q -m "not needs_network" && ruff check mempalace_code/ tests/ scripts/`
118
118
  3. Do NOT commit — leave for user to review and commit
119
119
 
120
120
  ### Golden Principles
@@ -0,0 +1,161 @@
1
+ ---
2
+ name: release
3
+ description: Cut and verify a public release through publish remote, hosted CI, PyPI, and GitHub Release status
4
+ disable-model-invocation: false
5
+ ---
6
+
7
+ # Release Workflow
8
+
9
+ Cut a public release. Use after `/release-prep` has synced docs, changelog, and
10
+ version metadata.
11
+
12
+ ## When to Use
13
+
14
+ - Ready to cut a new release
15
+ - User says "release", "publish", "ship", or "bump version"
16
+
17
+ ## Steps
18
+
19
+ ### Step 1: Preflight
20
+
21
+ Run `/verify`. If dependency bounds, lockfiles, workflows, storage, miner, or
22
+ optional extras changed, also run the dependency gate:
23
+
24
+ ```bash
25
+ python -m pytest tests/ -v -m "not needs_network"
26
+ python -m pyright --pythonpath "$(python -c 'import sys; print(sys.executable)')"
27
+ ruff check mempalace_code/ tests/ scripts/
28
+ ruff format --check mempalace_code/ tests/ scripts/
29
+ ```
30
+
31
+ For dependency changes:
32
+
33
+ ```bash
34
+ python -m pip install pip-audit
35
+ pip-audit
36
+ ```
37
+
38
+ Then reproduce the relevant hosted resolver surface in a clean temp venv. At
39
+ minimum for package-bound or lockfile changes:
40
+
41
+ ```bash
42
+ python3.13 -m venv /tmp/mempalace-ci-venv
43
+ /tmp/mempalace-ci-venv/bin/python -m pip install -e ".[dev,treesitter]"
44
+ /tmp/mempalace-ci-venv/bin/python -m pytest tests/ -v -m "not needs_network"
45
+ ```
46
+
47
+ Check current public state:
48
+
49
+ ```bash
50
+ grep -E "^version\s*=" pyproject.toml
51
+ git ls-remote --tags publish 'refs/tags/v*' | tail -10
52
+ python - <<'PY'
53
+ import json, urllib.request
54
+ data = json.load(urllib.request.urlopen("https://pypi.org/pypi/mempalace-code/json"))
55
+ print(data["info"]["version"])
56
+ PY
57
+ ```
58
+
59
+ Do not rely on local tags or private remotes for public release truth.
60
+
61
+ ### Step 2: Confirm Version
62
+
63
+ Use the version prepared by `/release-prep`. If the version is unclear, classify
64
+ the bump:
65
+
66
+ | Change Type | Version Bump |
67
+ |-------------|--------------|
68
+ | Breaking changes (API, CLI, storage format) | Major (X.0.0) |
69
+ | New features (languages, MCP tools) | Minor (0.X.0) |
70
+ | Bug fixes, docs, internal | Patch (0.0.X) |
71
+
72
+ Ask user to confirm version if unclear.
73
+
74
+ ### Step 3: Commit
75
+
76
+ ```bash
77
+ git status --short
78
+ git add pyproject.toml CHANGELOG.md README.md docs/LLM_USAGE_RULES.md uv.lock
79
+ git commit -m "chore: release vX.Y.Z"
80
+ ```
81
+
82
+ Only add files that are part of the release. Never stage private local notes,
83
+ tokens, temp files, or unrelated work.
84
+
85
+ ### Step 4: Tag
86
+
87
+ ```bash
88
+ git tag -a vX.Y.Z -m "Release vX.Y.Z"
89
+ ```
90
+
91
+ ### Step 5: Push to Public Release Remote
92
+
93
+ Ask user before pushing unless they already explicitly asked to publish:
94
+
95
+ ```
96
+ Ready to push release vX.Y.Z to publish?
97
+ - git push publish main
98
+ - git push publish vX.Y.Z
99
+
100
+ Proceed? [y/n]
101
+ ```
102
+
103
+ ```bash
104
+ git push publish main
105
+ git push publish vX.Y.Z
106
+ ```
107
+
108
+ The tag triggers `.github/workflows/publish.yml` and publishes to PyPI through
109
+ trusted publishing. Do not run manual `twine upload` unless the workflow is
110
+ unavailable and the user explicitly approves the fallback.
111
+
112
+ ### Step 6: Verify Hosted Status
113
+
114
+ Check all public surfaces separately:
115
+
116
+ ```bash
117
+ gh run list --repo rergards/mempalace-code --branch main --workflow Tests --limit 5
118
+ gh run list --repo rergards/mempalace-code --workflow "Publish to PyPI" --limit 5
119
+ gh release view vX.Y.Z --repo rergards/mempalace-code
120
+ python - <<'PY'
121
+ import json, urllib.request
122
+ version = "X.Y.Z"
123
+ data = json.load(urllib.request.urlopen("https://pypi.org/pypi/mempalace-code/json"))
124
+ print(data["info"]["version"])
125
+ assert data["info"]["version"] == version
126
+ PY
127
+ ```
128
+
129
+ If the branch Tests run is red, the tag publish succeeded but the release is not
130
+ clean. Fix and publish a follow-up patch before creating or advertising the
131
+ GitHub Release as latest.
132
+
133
+ If PyPI is visible but `gh release view` reports no release, create the GitHub
134
+ Release only after hosted Tests are green:
135
+
136
+ ```bash
137
+ gh release create vX.Y.Z --repo rergards/mempalace-code \
138
+ --title "vX.Y.Z" \
139
+ --notes-file /tmp/mempalace-release-notes.md
140
+ ```
141
+
142
+ Release notes are public: include user-facing changes, package/version advisory
143
+ IDs, and verification boundaries. Do not include private remotes, local paths,
144
+ tokens, hostnames, or incident-only details.
145
+
146
+ ## Output
147
+
148
+ ```
149
+ ## Release vX.Y.Z
150
+
151
+ Version: X.Y.Z
152
+ Tag: vX.Y.Z
153
+ Pushed to publish: [yes/no]
154
+ Hosted Tests: [pass/fail/not-run]
155
+ Publish to PyPI: [pass/fail/not-run]
156
+ PyPI visible: [yes/no]
157
+ GitHub Release: [created/existing/missing]
158
+
159
+ Remaining blockers:
160
+ - [none or exact blocker]
161
+ ```
@@ -49,10 +49,11 @@ Categorize user-facing changes:
49
49
  | Category | Signal |
50
50
  |----------|--------|
51
51
  | New feature | `feat(*)` with description (e.g. `feat(MINE-DART): Dart language support`) |
52
- | New MCP tool | `feat(MCP-*)` or diff touches `mempalace/mcp_server.py` tool registry |
52
+ | New MCP tool | `feat(MCP-*)` or diff touches `mempalace_code/mcp_server.py` tool registry |
53
53
  | Bug fix | `fix(*)` not tagged `auto-fix verify` |
54
54
  | Docs | `docs(*)` |
55
55
  | Breaking | Any commit whose body says "BREAKING" or touches storage format / public API |
56
+ | Dependency change | Diff touches `pyproject.toml` or `uv.lock` |
56
57
 
57
58
  ### Step 3: Detect feature surface changes
58
59
 
@@ -61,21 +62,38 @@ Cross-check the commit log against the code to catch anything the commit message
61
62
  **New languages in the miner** — diff language dispatch tables:
62
63
 
63
64
  ```bash
64
- git diff "$LAST_TAG..HEAD" -- mempalace/miner.py \
65
+ git diff "$LAST_TAG..HEAD" -- mempalace_code/miner.py mempalace_code/mining/ \
65
66
  | grep -E '^\+.*(LANG_|_chunks|parse_|tool_|language.*=.*")'
66
67
  ```
67
68
 
68
69
  **New MCP tools** — compare tool registries:
69
70
 
70
71
  ```bash
71
- git show "$LAST_TAG:mempalace/mcp_server.py" 2>/dev/null \
72
+ git show "$LAST_TAG:mempalace_code/mcp_server.py" 2>/dev/null \
72
73
  | grep -oE '"mempalace_[a-z_]+":' | sort -u > /tmp/mcp_before.txt
73
- grep -oE '"mempalace_[a-z_]+":' mempalace/mcp_server.py | sort -u > /tmp/mcp_after.txt
74
+ grep -oE '"mempalace_[a-z_]+":' mempalace_code/mcp_server.py | sort -u > /tmp/mcp_after.txt
74
75
  diff /tmp/mcp_before.txt /tmp/mcp_after.txt
75
76
  ```
76
77
 
77
78
  **Python version bumps** — scan `pyproject.toml` history for `requires-python` changes.
78
79
 
80
+ **Dependency bounds or lockfile changes** — list direct packages and run advisory
81
+ checks before drafting public notes:
82
+
83
+ ```bash
84
+ git diff "$LAST_TAG..HEAD" -- pyproject.toml uv.lock
85
+ python - <<'PY'
86
+ import tomllib
87
+ data = tomllib.load(open("pyproject.toml", "rb"))
88
+ print("runtime:", data["project"]["dependencies"])
89
+ print("optional:", data["project"].get("optional-dependencies", {}))
90
+ print("dev:", data.get("dependency-groups", {}).get("dev", []))
91
+ PY
92
+ ```
93
+
94
+ Do not raise an optional dependency ceiling into a known affected advisory
95
+ range. Record held upgrades in `docs/BACKLOG.yaml` and `docs/plans/`.
96
+
79
97
  ### Step 4: Check docs for staleness
80
98
 
81
99
  For each item in Step 3, verify it appears in the right docs file.
@@ -86,6 +104,7 @@ For each item in Step 3, verify it appears in the right docs file.
86
104
  | New MCP tool | `README.md` — MCP tool inventory tables (Read / Write / Graph / Diary groups) |
87
105
  | New MCP tool | `docs/LLM_USAGE_RULES.md` — Routing table + any relevant rule section |
88
106
  | Python minimum bump | `README.md` Requirements section + `pyproject.toml` `requires-python` |
107
+ | Dependency bound/security change | `CHANGELOG.md`, `CLAUDE.md`, and any relevant plan/backlog item |
89
108
  | Breaking change | `CHANGELOG.md` under `### Breaking` |
90
109
  | Any feature | `CHANGELOG.md` under the release header for this version |
91
110
 
@@ -179,6 +198,7 @@ Next: run /release to cut the tag and push to publish.
179
198
  - **`git describe --tags --abbrev=0` is wrong for this use case.** It returns the most recent local tag regardless of origin. Upstream tags pulled into the fork (e.g. v3.0.0 from an inherited upstream) will poison the result. Always use `git ls-remote --tags publish`.
180
199
  - **`pyproject.toml` version and the `publish`-remote latest tag should match** after the last release. If `pyproject.toml` is ahead, the previous release was cut but the tag never pushed — investigate before bumping again.
181
200
  - **Do not push to `origin` on release.** Per project feedback: releases go to `publish` only. `/release` handles this; this skill does not push.
201
+ - **Dependency changes need an audit trail.** Before release notes claim a package upgrade is safe, verify current and target versions against OSV or an equivalent advisory source and test a clean hosted-CI-equivalent resolver. Public notes may include advisory IDs and version ranges; private resolver paths and local incident details stay out.
182
202
  - **Skip the per-task changelog headers.** Some autopilot flows write `## YYYY-MM-DD · TASK-SLUG` entries at the top of CHANGELOG as work lands. Before release, consolidate them into a single release header with grouped bullets. Do not leave both forms.
183
203
 
184
204
  ## Output
@@ -70,7 +70,7 @@ If Codex should run for this round:
70
70
  - Score 0/3: dismiss with one-line justification in the round report. Do NOT backlog.
71
71
  - Record the triage decision for each finding in the round report. Format: `Finding | Score | Decision (fix/backlog/dismiss) | Reason`.
72
72
  - Implement only the triaged-in fixes (score >= 2/3). Add regression tests for each.
73
- - Write the canonical round report to `docs/audits/<slug>-round-<n>.md`.
73
+ - Write the canonical local round report to `docs/audits/<slug>-round-<n>.md`.
74
74
 
75
75
  6. Backlog and resolve out-of-scope findings:
76
76
  - For every finding dismissed as pre-existing, out of scope, or deferred: either fix it on the spot if it is truly trivial, or add/update a backlog entry with origin context.
@@ -85,13 +85,15 @@ If Codex should run for this round:
85
85
  - Update `docs/BACKLOG.yaml` with hardening convergence status.
86
86
  - Follow the shared commit checkpoint procedure in `.claude/skills/_shared/commit-checkpoint.md`:
87
87
  - Read edit log, cross-reference git status, stage explicitly, review diff, commit, post-commit verify.
88
- - Expected files to stage: `docs/audits/<slug>-round-<n>.md`, `docs/BACKLOG.yaml`, `.tasks/TASK-<slug>/`, `.protocols/TASK-<slug>/`, and any hardening fix files.
88
+ - Expected public files to stage: `docs/BACKLOG.yaml`, any hardening fix files, tests, changelog entries, and sanitized public plan/docs updates when needed.
89
+ - Expected local-only files to leave unstaged: `docs/audits/<slug>-round-<n>.md`, `.tasks/TASK-<slug>/`, `.protocols/TASK-<slug>/`, raw Codex output, local paths, and private benchmark data.
89
90
  - Commit message format: `chore(<slug>): hardening R<n> — <converged|findings backlogged>`
90
91
 
91
92
  ## Rules
92
93
 
93
- - Canonical round report remains in `docs/audits/`.
94
- - Codex output remains supporting evidence in `.tasks/TASK-<slug>/`.
94
+ - Canonical round report remains local-only in ignored `docs/audits/`.
95
+ - Codex output remains local-only supporting evidence in ignored `.tasks/TASK-<slug>/`.
96
+ - Publish only sanitized summaries: backlog decisions, release notes, plan deltas, tests, and code changes with relative paths and no private context.
95
97
  - Prefer no finding over a weak finding.
96
98
  - If Codex cannot run because auth is missing, report that briefly and continue the hardening round.
97
99
  - Every dismissed or deferred material finding must be either fixed in-round or backlogged. Do not silently drop it.
@@ -41,7 +41,7 @@ If the user did not provide a slug, derive one from the task and state it explic
41
41
  - `Mode: lite; Codex: skipped`
42
42
  - stop
43
43
 
44
- 4. For `standard` or `strict`, create task artifacts:
44
+ 4. For `standard` or `strict`, create local task artifacts:
45
45
 
46
46
  ```bash
47
47
  mkdir -p .tasks/TASK-<slug> .protocols/TASK-<slug>
@@ -81,7 +81,7 @@ If Codex review is required or justified, run:
81
81
 
82
82
  9. **Codex accessibility gate.** If Codex review is required but Codex is inaccessible (auth failure, 401, network error, CLI missing):
83
83
  - **Stop** — do not continue to the summary step or mark the plan as ready.
84
- - **Save progress** — ensure `docs/plans/<slug>.md` and all `.tasks/TASK-<slug>/` artifacts are written to disk.
84
+ - **Save progress** — ensure `docs/plans/<slug>.md` and all local `.tasks/TASK-<slug>/` artifacts are written to disk.
85
85
  - **Update BACKLOG.yaml** — add note that task is blocked on Codex access.
86
86
  - **Commit immediately** — follow the shared commit checkpoint in `.claude/skills/_shared/commit-checkpoint.md`.
87
87
  - **Report** in chat: what was saved, why Codex failed, and that the task is parked.
@@ -93,7 +93,8 @@ If Codex review is required or justified, run:
93
93
 
94
94
  Follow the shared commit checkpoint procedure in `.claude/skills/_shared/commit-checkpoint.md`:
95
95
  - Read edit log, cross-reference git status, stage explicitly, review diff, commit, post-commit verify.
96
- - Expected files to stage: `docs/plans/<slug>.md`, `docs/plans/<slug>-original.md`, `.protocols/TASK-<slug>/`, `.tasks/TASK-<slug>/`.
96
+ - Expected public files to stage: `docs/plans/<slug>.md`, `docs/plans/<slug>-original.md`, `docs/BACKLOG.yaml` if updated, and other sanitized public docs.
97
+ - Expected local-only files to leave unstaged: `.protocols/TASK-<slug>/`, `.tasks/TASK-<slug>/`, raw Codex output, local paths, and private benchmark data.
97
98
  - Commit message format: `docs(plan): <TASK-SLUG> — <mode> plan ready`
98
99
 
99
100
  12. End with a brief plan summary in the chat. Keep it short and execution-oriented. Include:
@@ -108,7 +109,7 @@ If Codex review is required or justified, run:
108
109
  - **Plan scope constraint**: Plans specify product-level acceptance criteria + high-level approach only. Do NOT include granular implementation steps (function names, variable names, line-by-line code changes). Over-specified plans cascade errors when implementation details are wrong — let the implementing agent determine its own path.
109
110
  - Keep `docs/plans/<slug>-original.md` untouched after first write.
110
111
  - Canonical final output remains `docs/plans/<slug>.md`.
111
- - Store supporting artifacts in `.tasks/TASK-<slug>/`.
112
+ - Store supporting artifacts in ignored local `.tasks/TASK-<slug>/`; do not publish raw artifacts unless the user explicitly asks for a sanitized public artifact.
112
113
  - Do not treat Codex comments as truth; validate them against repository evidence.
113
114
  - Do not stop at writing the plan file; always give the user a brief summary of the final execution-ready plan.
114
115
  - If the task clearly qualifies for the fast path after the preflight scan, say so explicitly instead of manufacturing a durable plan just because `/task-plan` was invoked.
@@ -30,10 +30,10 @@ fi
30
30
 
31
31
  Classify the combined file list into these categories (a change can trigger multiple):
32
32
 
33
- - **core**: `mempalace/*.py` (storage, miner, searcher, mcp_server, etc.)
33
+ - **core**: `mempalace_code/**/*.py`, `mempalace/*.py` (storage, miner, searcher, mcp_server, compatibility shims)
34
34
  - **tests**: `tests/*.py`
35
35
  - **docs**: `docs/*.md`, `README.md`, `CLAUDE.md`
36
- - **config**: `pyproject.toml`, `setup.py`, `.claude/`
36
+ - **config**: `pyproject.toml`, `uv.lock`, `setup.py`, `.claude/`, `.github/workflows/`
37
37
 
38
38
  If no changes detected (clean tree, no baseline delta), run all checks — this is a health check invocation.
39
39
 
@@ -45,9 +45,20 @@ Run in parallel:
45
45
 
46
46
  | Check | Command | Timeout |
47
47
  |-------|---------|---------|
48
- | Lint | `ruff check mempalace/ tests/` | 30s |
49
- | Format | `ruff format --check mempalace/ tests/` | 30s |
50
- | Tests | `python -m pytest tests/ -x -q` | 120s |
48
+ | Lint | `ruff check mempalace_code/ tests/ scripts/` | 30s |
49
+ | Format | `ruff format --check mempalace_code/ tests/ scripts/` | 30s |
50
+ | Tests | `python -m pytest tests/ -x -q -m "not needs_network"` | 120s |
51
+ | Typecheck | `python -m pyright --pythonpath "$(python -c 'import sys; print(sys.executable)')"` | 120s |
52
+ | Strict slice typecheck | `python -m pyright -p pyrightconfig.strict.json` | 60s |
53
+ | Public safety | `python scripts/public_safety_scan.py --tracked --staged` | 30s |
54
+ | Scorecard | `python scripts/quality_scorecard.py --check` | 30s |
55
+
56
+ The scorecard check is stdlib-only (no install, no network) and validates the
57
+ quality scorecard's shape, determinism, public-safety, and committed artifact
58
+ freshness. The public-safety scan checks tracked and staged repository files for
59
+ private local paths, secret-like tokens, and local-only raw artifacts. After a
60
+ quality change lands, regenerate the committed artifacts with
61
+ `python scripts/quality_scorecard.py --write` (see `docs/quality/README.md`).
51
62
 
52
63
  ### If storage changed — add these
53
64
 
@@ -67,6 +78,25 @@ python -m pytest tests/test_miner.py tests/test_lang_detect.py -v
67
78
  python -m pytest tests/test_mcp_server.py -v
68
79
  ```
69
80
 
81
+ ### If dependencies changed — add these
82
+
83
+ First check current and target versions against OSV or an equivalent advisory
84
+ source. Do not accept a target version in an affected advisory range.
85
+
86
+ Then audit a fresh resolver environment, not only the existing `.venv`:
87
+
88
+ ```bash
89
+ python -m pip install pip-audit
90
+ pip-audit
91
+ python3.13 -m venv /tmp/mempalace-ci-venv
92
+ /tmp/mempalace-ci-venv/bin/python -m pip install -e ".[dev,treesitter]"
93
+ /tmp/mempalace-ci-venv/bin/python -m pytest tests/ -v -m "not needs_network"
94
+ ```
95
+
96
+ If an optional extra changed, create a separate fresh environment for that
97
+ extra and run its focused compatibility tests. For ChromaDB, do not install or
98
+ raise into affected 1.x versions while GHSA-f4j7-r4q5-qw2c applies.
99
+
70
100
  ## Step 3: Report Results
71
101
 
72
102
  After all checks complete, output a verdict:
@@ -103,8 +133,8 @@ If a check fails, suggest the fix:
103
133
 
104
134
  | Error Pattern | Likely Fix |
105
135
  |---------------|-----------|
106
- | Ruff lint errors | `ruff check --fix mempalace/ tests/` |
107
- | Ruff format errors | `ruff format mempalace/ tests/` |
136
+ | Ruff lint errors | `ruff check --fix mempalace_code/ tests/ scripts/` |
137
+ | Ruff format errors | `ruff format mempalace_code/ tests/ scripts/` |
108
138
  | Import errors | Check venv: `pip install -e ".[dev]"` |
109
139
  | Test failures | Read the error, fix the code |
110
140
  | Missing fixture | Check conftest.py |
@@ -59,8 +59,12 @@ jobs:
59
59
  pyproject.toml
60
60
  uv.lock
61
61
  - run: pip install ruff
62
- - run: ruff check mempalace_code/ tests/
63
- - run: ruff format --check mempalace_code/ tests/
62
+ - run: ruff check mempalace_code/ tests/ scripts/
63
+ - run: ruff format --check mempalace_code/ tests/ scripts/
64
+ - name: Public-safety scan (tracked + staged)
65
+ run: python scripts/public_safety_scan.py --tracked --staged
66
+ - name: Quality scorecard (shape + determinism + public-safety)
67
+ run: python scripts/quality_scorecard.py --check
64
68
 
65
69
  typecheck:
66
70
  runs-on: ubuntu-latest
@@ -76,6 +80,8 @@ jobs:
76
80
  - run: pip install -e ".[dev,chroma,spellcheck,treesitter]"
77
81
  - name: Pyright typecheck
78
82
  run: python -m pyright --pythonpath "$(python -c 'import sys; print(sys.executable)')"
83
+ - name: Pyright strict slice
84
+ run: python -m pyright -p pyrightconfig.strict.json
79
85
 
80
86
  model-tests:
81
87
  runs-on: ubuntu-latest
@@ -23,6 +23,7 @@ palace/
23
23
  .venv/
24
24
  venv/
25
25
  .env
26
+ .verify-state
26
27
 
27
28
  # IDE
28
29
  .idea/
@@ -41,8 +42,13 @@ Thumbs.db
41
42
  docs/plans/
42
43
  docs/audits/
43
44
  .tasks/
45
+ .protocols/
44
46
  autopilot.toml
45
47
 
48
+ # Local benchmark outputs for external/private corpora
49
+ benchmarks/results_token_delta_*.json
50
+ !benchmarks/results_token_delta_mempalace.json
51
+
46
52
  # Claude Code session data (keep skills, prompts, settings.json tracked)
47
53
  .claude/*
48
54
  !.claude/skills/