mempalace-code 1.10.3__tar.gz → 1.10.4__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (224) hide show
  1. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/verify/INSTRUCTIONS.md +10 -0
  2. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.github/workflows/ci.yml +8 -2
  3. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.gitignore +1 -0
  4. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/CHANGELOG.md +34 -0
  5. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/PKG-INFO +1 -1
  6. mempalace_code-1.10.4/docs/BACKLOG.yaml +271 -0
  7. mempalace_code-1.10.4/docs/quality/README.md +90 -0
  8. mempalace_code-1.10.4/docs/quality/scorecard.json +189 -0
  9. mempalace_code-1.10.4/docs/quality/scorecard.md +96 -0
  10. mempalace_code-1.10.4/docs/quality/workflow-review-protocol.md +72 -0
  11. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/disk_budget.py +7 -6
  12. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/pyproject.toml +4 -37
  13. mempalace_code-1.10.4/pyrightconfig.strict.json +16 -0
  14. mempalace_code-1.10.4/scripts/public_safety_scan.py +249 -0
  15. mempalace_code-1.10.4/scripts/quality_scorecard.py +691 -0
  16. mempalace_code-1.10.4/tests/test_public_safety_scan.py +72 -0
  17. mempalace_code-1.10.4/tests/test_quality_scorecard.py +489 -0
  18. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_type_suppressions.py +28 -3
  19. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/uv.lock +1 -1
  20. mempalace_code-1.10.3/.verify-state +0 -1
  21. mempalace_code-1.10.3/docs/BACKLOG.yaml +0 -170
  22. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/prompts/codex-hardening-review.md +0 -0
  23. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/prompts/codex-plan-review.md +0 -0
  24. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/settings.json +0 -0
  25. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/_shared/commit-checkpoint.md +0 -0
  26. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/_shared/mode-classification.md +0 -0
  27. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/_shared/task-state.md +0 -0
  28. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/bench/SKILL.md +0 -0
  29. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/doc-refresh/INSTRUCTIONS.md +0 -0
  30. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/doc-refresh/SKILL.md +0 -0
  31. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/entropy-gc/INSTRUCTIONS.md +0 -0
  32. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/entropy-gc/SKILL.md +0 -0
  33. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/mine/SKILL.md +0 -0
  34. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/palace-health/SKILL.md +0 -0
  35. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/release/SKILL.md +0 -0
  36. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/release-prep/SKILL.md +0 -0
  37. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/ship/INSTRUCTIONS.md +0 -0
  38. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/ship/SKILL.md +0 -0
  39. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/start/INSTRUCTIONS.md +0 -0
  40. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/start/SKILL.md +0 -0
  41. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/status/SKILL.md +0 -0
  42. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/task-hardening/INSTRUCTIONS.md +0 -0
  43. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/task-hardening/SKILL.md +0 -0
  44. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/task-plan/INSTRUCTIONS.md +0 -0
  45. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/task-plan/SKILL.md +0 -0
  46. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.claude/skills/verify/SKILL.md +0 -0
  47. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.github/ISSUE_TEMPLATE/bug_report.md +0 -0
  48. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.github/ISSUE_TEMPLATE/feature_request.md +0 -0
  49. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.github/PULL_REQUEST_TEMPLATE.md +0 -0
  50. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.github/workflows/dotnet-bench.yml +0 -0
  51. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.github/workflows/publish.yml +0 -0
  52. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/.pre-commit-config.yaml +0 -0
  53. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/AGENTS.md +0 -0
  54. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/CLAUDE.md +0 -0
  55. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/CONTRIBUTING.md +0 -0
  56. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/LICENSE +0 -0
  57. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/NOTICE +0 -0
  58. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/README.md +0 -0
  59. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/assets/mempalace_banner.jpg +0 -0
  60. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/BENCHMARKS.md +0 -0
  61. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/HYBRID_MODE.md +0 -0
  62. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/README.md +0 -0
  63. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/code_retrieval_bench.py +0 -0
  64. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/convomem_bench.py +0 -0
  65. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/data/code_retrieval_queries.json +0 -0
  66. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/dotnet_bench.py +0 -0
  67. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/embed_ab_bench.py +0 -0
  68. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/locomo_bench.py +0 -0
  69. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/longmemeval_bench.py +0 -0
  70. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/membench_bench.py +0 -0
  71. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/results_embed_ab_2026-04-09.json +0 -0
  72. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/results_token_delta_mempalace.json +0 -0
  73. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/benchmarks/token_delta_bench.py +0 -0
  74. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/docs/AGENT_INSTALL.md +0 -0
  75. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/docs/BACKLOG-archived.yaml +0 -0
  76. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/docs/BACKUP_RESTORE.md +0 -0
  77. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/docs/BENCH_TOKEN_DELTA.md +0 -0
  78. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/docs/COMPARISON_GRAPHIFY.md +0 -0
  79. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/docs/HOW_SEARCH_WORKS.md +0 -0
  80. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/docs/LLM_USAGE_RULES.md +0 -0
  81. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/docs/OFFLINE_USAGE.md +0 -0
  82. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/docs/UPSTREAM_HARDENING.md +0 -0
  83. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/docs/WHY_THIS_FORK.md +0 -0
  84. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/docs/refactoring/REFAC-MINER-MODULES/progress.md +0 -0
  85. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/examples/HOOKS_TUTORIAL.md +0 -0
  86. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/examples/basic_mining.py +0 -0
  87. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/examples/convo_import.py +0 -0
  88. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/examples/gemini_cli_setup.md +0 -0
  89. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/examples/mcp_setup.md +0 -0
  90. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/hooks/README.md +0 -0
  91. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/hooks/mempal_precompact_hook.sh +0 -0
  92. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/hooks/mempal_save_hook.sh +0 -0
  93. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace/__init__.py +0 -0
  94. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace/mcp_server.py +0 -0
  95. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/README.md +0 -0
  96. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/__init__.py +0 -0
  97. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/__main__.py +0 -0
  98. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/_chroma_store.py +0 -0
  99. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/_stdio.py +0 -0
  100. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/architecture.py +0 -0
  101. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/backup.py +0 -0
  102. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli.py +0 -0
  103. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/__init__.py +0 -0
  104. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/alias.py +0 -0
  105. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/backup_restore.py +0 -0
  106. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/common.py +0 -0
  107. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/diary.py +0 -0
  108. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/export_import.py +0 -0
  109. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/ingest.py +0 -0
  110. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/maintenance.py +0 -0
  111. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/model.py +0 -0
  112. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/preflight.py +0 -0
  113. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/query.py +0 -0
  114. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/version_check.py +0 -0
  115. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/cli_commands/watch.py +0 -0
  116. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/config.py +0 -0
  117. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/convo_miner.py +0 -0
  118. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/dialect.py +0 -0
  119. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/entity_detector.py +0 -0
  120. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/entity_registry.py +0 -0
  121. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/export.py +0 -0
  122. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/general_extractor.py +0 -0
  123. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/knowledge_graph.py +0 -0
  124. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/language_catalog.py +0 -0
  125. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/layers.py +0 -0
  126. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/__init__.py +0 -0
  127. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/dispatch.py +0 -0
  128. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/protocol_text.py +0 -0
  129. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/registry.py +0 -0
  130. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/runtime.py +0 -0
  131. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/__init__.py +0 -0
  132. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/architecture.py +0 -0
  133. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/diary.py +0 -0
  134. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/graph.py +0 -0
  135. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/kg.py +0 -0
  136. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/read.py +0 -0
  137. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/search.py +0 -0
  138. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp/tools/write.py +0 -0
  139. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp_server.py +0 -0
  140. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mcp_tool_profiles.py +0 -0
  141. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/migrate.py +0 -0
  142. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/miner.py +0 -0
  143. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mining/__init__.py +0 -0
  144. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mining/batching.py +0 -0
  145. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mining/chunkers.py +0 -0
  146. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mining/kg_extract.py +0 -0
  147. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mining/languages.py +0 -0
  148. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mining/orchestrator.py +0 -0
  149. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mining/projects.py +0 -0
  150. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mining/scanner.py +0 -0
  151. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mining/symbols.py +0 -0
  152. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/mirror_preflight.py +0 -0
  153. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/normalize.py +0 -0
  154. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/onboarding.py +0 -0
  155. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/palace_graph.py +0 -0
  156. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/py.typed +0 -0
  157. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/reader.py +0 -0
  158. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/retrieval_rerank.py +0 -0
  159. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/room_detector_local.py +0 -0
  160. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/search_reranker.py +0 -0
  161. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/searcher.py +0 -0
  162. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/spellcheck.py +0 -0
  163. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/split_mega_files.py +0 -0
  164. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/storage.py +0 -0
  165. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/treesitter.py +0 -0
  166. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/version.py +0 -0
  167. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/version_check.py +0 -0
  168. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/mempalace_code/watcher.py +0 -0
  169. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/scripts/bootstrap.sh +0 -0
  170. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/scripts/codex-review.sh +0 -0
  171. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/scripts/migrate_storage_smoke.py +0 -0
  172. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/scripts/nuke_wing.py +0 -0
  173. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/conftest.py +0 -0
  174. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/fixtures/unreasoned_suppression.py +0 -0
  175. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_architecture_extraction.py +0 -0
  176. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_backup.py +0 -0
  177. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_backup_cli.py +0 -0
  178. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_chroma_compat.py +0 -0
  179. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_chroma_import_errors.py +0 -0
  180. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_chunking.py +0 -0
  181. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_cli.py +0 -0
  182. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_cli_command_modules.py +0 -0
  183. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_code_retrieval_bench.py +0 -0
  184. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_config.py +0 -0
  185. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_convo_miner.py +0 -0
  186. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_dialect.py +0 -0
  187. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_disk_budget.py +0 -0
  188. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_dotnet_bench.py +0 -0
  189. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_dotnet_config.py +0 -0
  190. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_e2e.py +0 -0
  191. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_embed_ab_bench.py +0 -0
  192. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_entity_detector.py +0 -0
  193. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_entity_registry.py +0 -0
  194. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_export.py +0 -0
  195. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_general_extractor.py +0 -0
  196. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_kg_extract.py +0 -0
  197. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_knowledge_graph.py +0 -0
  198. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_lang_detect.py +0 -0
  199. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_language_catalog.py +0 -0
  200. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_layers.py +0 -0
  201. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_mcp_registry.py +0 -0
  202. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_mcp_server.py +0 -0
  203. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_mcp_tool_profiles.py +0 -0
  204. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_migrate.py +0 -0
  205. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_migrate_storage_smoke.py +0 -0
  206. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_miner.py +0 -0
  207. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_miner_modules.py +0 -0
  208. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_normalize.py +0 -0
  209. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_offline.py +0 -0
  210. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_packaging_namespace.py +0 -0
  211. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_palace_graph.py +0 -0
  212. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_reader.py +0 -0
  213. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_retrieval_rerank.py +0 -0
  214. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_search_reranker.py +0 -0
  215. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_searcher.py +0 -0
  216. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_split_mega_files.py +0 -0
  217. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_stdio.py +0 -0
  218. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_storage.py +0 -0
  219. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_storage_lance.py +0 -0
  220. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_symbol_extract.py +0 -0
  221. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_treesitter.py +0 -0
  222. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_version_check.py +0 -0
  223. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_version_consistency.py +0 -0
  224. {mempalace_code-1.10.3 → mempalace_code-1.10.4}/tests/test_watcher.py +0 -0
@@ -49,6 +49,16 @@ Run in parallel:
49
49
  | Format | `ruff format --check mempalace_code/ tests/ scripts/` | 30s |
50
50
  | Tests | `python -m pytest tests/ -x -q -m "not needs_network"` | 120s |
51
51
  | Typecheck | `python -m pyright --pythonpath "$(python -c 'import sys; print(sys.executable)')"` | 120s |
52
+ | Strict slice typecheck | `python -m pyright -p pyrightconfig.strict.json` | 60s |
53
+ | Public safety | `python scripts/public_safety_scan.py --tracked --staged` | 30s |
54
+ | Scorecard | `python scripts/quality_scorecard.py --check` | 30s |
55
+
56
+ The scorecard check is stdlib-only (no install, no network) and validates the
57
+ quality scorecard's shape, determinism, public-safety, and committed artifact
58
+ freshness. The public-safety scan checks tracked and staged repository files for
59
+ private local paths, secret-like tokens, and local-only raw artifacts. After a
60
+ quality change lands, regenerate the committed artifacts with
61
+ `python scripts/quality_scorecard.py --write` (see `docs/quality/README.md`).
52
62
 
53
63
  ### If storage changed — add these
54
64
 
@@ -59,8 +59,12 @@ jobs:
59
59
  pyproject.toml
60
60
  uv.lock
61
61
  - run: pip install ruff
62
- - run: ruff check mempalace_code/ tests/
63
- - run: ruff format --check mempalace_code/ tests/
62
+ - run: ruff check mempalace_code/ tests/ scripts/
63
+ - run: ruff format --check mempalace_code/ tests/ scripts/
64
+ - name: Public-safety scan (tracked + staged)
65
+ run: python scripts/public_safety_scan.py --tracked --staged
66
+ - name: Quality scorecard (shape + determinism + public-safety)
67
+ run: python scripts/quality_scorecard.py --check
64
68
 
65
69
  typecheck:
66
70
  runs-on: ubuntu-latest
@@ -76,6 +80,8 @@ jobs:
76
80
  - run: pip install -e ".[dev,chroma,spellcheck,treesitter]"
77
81
  - name: Pyright typecheck
78
82
  run: python -m pyright --pythonpath "$(python -c 'import sys; print(sys.executable)')"
83
+ - name: Pyright strict slice
84
+ run: python -m pyright -p pyrightconfig.strict.json
79
85
 
80
86
  model-tests:
81
87
  runs-on: ubuntu-latest
@@ -23,6 +23,7 @@ palace/
23
23
  .venv/
24
24
  venv/
25
25
  .env
26
+ .verify-state
26
27
 
27
28
  # IDE
28
29
  .idea/
@@ -4,6 +4,40 @@
4
4
 
5
5
  No changes yet.
6
6
 
7
+ ## v1.10.4 — 2026-06-06
8
+
9
+ Patch release for public quality/demo gates after v1.10.3.
10
+
11
+ ### Added
12
+
13
+ - Deterministic public quality scorecard artifacts under `docs/quality/`, with
14
+ Markdown and JSON output generated by `scripts/quality_scorecard.py`.
15
+ - Repo-wide public-safety scanner for tracked and staged files:
16
+ `python scripts/public_safety_scan.py --tracked --staged`.
17
+ - Public-safe multi-agent workflow review protocol for future quality work.
18
+ - Strict Pyright slice config for stable low-level modules, gated in CI and
19
+ `/verify`.
20
+ - Detailed Autopilot demo backlog items for dependency audit CI, release status
21
+ checks, committed-tree public-safety scanning, scorecard metric expansion,
22
+ architecture guards, CLI/MCP contracts, docs drift guards, and workflow
23
+ effectiveness checks.
24
+
25
+ ### Changed
26
+
27
+ - `/verify` and CI now run public-safety, scorecard freshness, and strict-slice
28
+ typecheck gates in addition to lint, format, tests, and basic Pyright.
29
+ - Ruff global ignores were reduced from 33 to 3; older package/test debt remains
30
+ scoped to per-file ignores so new scripts inherit stricter rules.
31
+ - Suppression scanning now uses Python tokenization so strings/docstrings that
32
+ mention `# type: ignore` do not count as live suppressions.
33
+ - `scripts/quality_scorecard.py --check` now fails when committed scorecard
34
+ artifacts are stale.
35
+
36
+ ### Removed
37
+
38
+ - `.verify-state` is no longer tracked and is ignored as a local-only verification
39
+ baseline.
40
+
7
41
  ## v1.10.3 — 2026-06-05
8
42
 
9
43
  Follow-up patch for the v1.10.2 release: fixes the hosted test failure, refreshes
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: mempalace-code
3
- Version: 1.10.3
3
+ Version: 1.10.4
4
4
  Summary: Developer memory tool — mine codebases and conversations into a LanceDB-backed searchable palace. No API key required.
5
5
  Project-URL: Homepage, https://github.com/rergards/mempalace-code
6
6
  Project-URL: Repository, https://github.com/rergards/mempalace-code
@@ -0,0 +1,271 @@
1
+ # ============================================================
2
+ # BACKLOG.yaml — Machine-readable project backlog
3
+ # Format: sections + items (DH2-style)
4
+ # Parse: backlog list --status open --file docs/BACKLOG.yaml
5
+ # ============================================================
6
+ #
7
+ # project: mempalace-code
8
+
9
+ sections:
10
+ - id: immediate
11
+ order: 1
12
+ title: "IMMEDIATE — Foundation & Project Setup"
13
+ description: "Fork identity, CI, docs. Must be done before any feature work."
14
+ - id: pre_release
15
+ order: 2
16
+ title: "PRE-RELEASE — v1.0 Blockers (Autopilot Pass)"
17
+ description: "P0 and P1 items that must land before a public v1.0. All items here are autopilot-ready — owner decisions already made. Batch in one large autopilot pass. Items needing owner judgment live in other sections."
18
+ - id: coding_first
19
+ order: 3
20
+ title: "CODING-FIRST — Smart Code Mining"
21
+ description: "Language-aware chunking, structural boundaries, code-optimized search. The core differentiator."
22
+ - id: storage_reliability
23
+ order: 4
24
+ title: "STORAGE & RELIABILITY"
25
+ description: "LanceDB hardening, migration tooling, backup/restore."
26
+ - id: mcp_developer_tools
27
+ order: 5
28
+ title: "MCP — Developer-Focused Tools"
29
+ description: "New and improved MCP tools for coding workflows."
30
+ - id: cleanup
31
+ order: 6
32
+ title: "CLEANUP — De-emphasize Dialog-First Features"
33
+ description: "Refactor or gate conversation-centric modules. Keep functional but not default."
34
+ - id: quality
35
+ order: 7
36
+ title: "QUALITY — Tests, Benchmarks, CI"
37
+ description: "Test coverage, code-mining benchmarks, CI hardening."
38
+ - id: autopilot_demo
39
+ order: 8
40
+ title: "AUTOPILOT DEMO — Code Quality Showcase"
41
+ description: "Measurable, public-safe improvements that demonstrate Autopilot can raise code quality without changing product scope."
42
+ - id: future
43
+ order: 9
44
+ title: "FUTURE — Post-v1 Ideas"
45
+ description: "Ideas for after the first public release."
46
+ # ============================================================
47
+ # OPEN ITEMS
48
+ # ============================================================
49
+ items:
50
+ - key: STORE-HF-CACHED-SEARCH-SUBPROCESS-GUARD
51
+ section: quality
52
+ status: open
53
+ priority: P2
54
+ summary: Add subprocess-level guard that cached model search/fetch never emits HuggingFace token warnings or performs network metadata calls after setup.
55
+ acceptance:
56
+ - Run a real CLI subprocess with a preseeded HuggingFace cache and network/socket access blocked or mocked.
57
+ - Assert `mempalace-code search` exits successfully without `HF_TOKEN`, `unauthenticated`, `huggingface.co`, or retry noise on stdout/stderr.
58
+ - Assert repeated `mempalace-code fetch-model` on a cached model uses local-only resolution and does not perform Hub metadata requests.
59
+ - Keep the existing network-marked download tests separate from this no-network regression guard.
60
+ - key: DEPENDENCY-SECURITY-UPGRADE-GATE
61
+ section: quality
62
+ status: open
63
+ priority: P1
64
+ summary: Add a repeatable audited dependency-upgrade gate before raising package ceilings or refreshing the lock.
65
+ acceptance:
66
+ - Enumerate current and target versions for direct runtime, dev, and optional dependencies from package metadata before changing bounds.
67
+ - Query OSV or an equivalent advisory source for both current and target direct dependency versions; block target ranges that are compromised or currently affected.
68
+ - Run pip-audit or an equivalent resolver-level audit on fresh environments for the default install and every optional extra whose bounds change.
69
+ - Keep deprecated optional backends capped away from affected ranges; do not raise ChromaDB to 1.x while GHSA-f4j7-r4q5-qw2c affects the available 1.x line.
70
+ - Update uv.lock only after the audited resolver passes, then run hosted-CI-equivalent tests in a clean pip environment so stale local locks cannot hide dependency drift.
71
+ - key: DEPENDENCY-SCHEDULED-AUDIT-CI
72
+ section: quality
73
+ status: open
74
+ priority: P1
75
+ summary: Add a scheduled dependency audit workflow that checks current resolved packages without changing bounds.
76
+ acceptance:
77
+ - Add a GitHub Actions workflow on `schedule` and `workflow_dispatch` that installs the default package and every optional extra in fresh environments.
78
+ - Run `pip-audit` or an equivalent resolver-level audit for default, `[dev]`, `[treesitter]`, `[spellcheck]`, and `[chroma]` installs.
79
+ - Query OSV or an equivalent advisory source for direct dependency versions including `lancedb`, `sentence-transformers`, `pyyaml`, `packaging`, `chromadb`, and tree-sitter packages.
80
+ - Treat known accepted risks as explicit allowlist entries with advisory ID, package, affected range, reason, and expiry date.
81
+ - Publish only package names, versions, advisory IDs, and remediation notes; never include private resolver caches, machine paths, or credentials.
82
+ - Open or update a backlog item when an advisory appears, a package becomes yanked, or a previously safe target range becomes affected.
83
+ - key: RELEASE-PUBLICATION-STATUS-GATE
84
+ section: quality
85
+ status: open
86
+ priority: P1
87
+ summary: Add a release-status verification gate that checks every public publication surface before calling a release shipped.
88
+ acceptance:
89
+ - Add a script or documented command that takes an expected version and checks tag existence, tag workflow status, GitHub Release presence, PyPI version visibility, and clean install smoke from PyPI.
90
+ - Verify `publish/main`, the version tag, GitHub Actions tag publish run, GitHub Releases, and PyPI JSON/API state as separate facts with separate pass/fail rows.
91
+ - Fail if branch tests pass but tag publish, release creation, or PyPI visibility is missing or red.
92
+ - Keep output public-safe: no private remote URLs, tokens, local paths, hostnames, or non-public incident notes.
93
+ - Wire the command into the `/release` skill/runbook and require it before release completion summaries.
94
+ - Add tests for parsing mocked GitHub/PyPI responses and for partial-success states such as "tests green, PyPI missing".
95
+ - key: AUTOPILOT-DEMO-QUALITY-SCORECARD
96
+ section: autopilot_demo
97
+ status: done
98
+ priority: P1
99
+ summary: Add a deterministic public quality scorecard that makes Autopilot cleanup progress visible across releases.
100
+ acceptance:
101
+ - Add a script or command that emits markdown and JSON metrics for code size, largest modules, Ruff ignore counts, Pyright mode, unreasoned suppressions, test count, and available smoke suites.
102
+ - Generate any raw baseline evidence under local ignored docs/audits/, then commit only a sanitized public summary with public repo data and relative paths.
103
+ - Document how each Autopilot demo task updates the scorecard with before/after metrics.
104
+ - CI or `/verify` runs the scorecard command and fails on malformed output.
105
+ resolution: "2026-06-05: Deterministic public scorecard: scripts/quality_scorecard.py emits Markdown+JSON; --check gates shape/determinism/public-safety in CI lint job and /verify; baseline committed to docs/quality/; update workflow in docs/quality/README.md"
106
+ done_summary: "Deterministic public scorecard: scripts/quality_scorecard.py emits Markdown+JSON; --check gates shape/determinism/public-safety in CI lint job and /verify; baseline committed to docs/quality/; update workflow in docs/quality/README.md"
107
+ - key: AUTOPILOT-DEMO-PUBLIC-SAFETY-GATE
108
+ section: autopilot_demo
109
+ status: done
110
+ priority: P1
111
+ summary: Add a repo-wide public-safety gate for tracked and staged files.
112
+ acceptance:
113
+ - Add a stdlib scanner that checks tracked worktree files and staged index blobs.
114
+ - Block secret-like tokens, real local machine paths, and local-only artifact paths without printing the matched secret text.
115
+ - Wire the scanner into CI and `/verify`.
116
+ - Remove or ignore any local-only artifact that is already tracked.
117
+ resolution: "2026-06-06: Added scripts/public_safety_scan.py --tracked --staged, CI and /verify wiring, focused tests, and removed tracked .verify-state while adding it to .gitignore."
118
+ done_summary: "Repo-wide public-safety scan now gates tracked/staged files and redacts matched content; .verify-state is local-only."
119
+ - key: AUTOPILOT-DEMO-RUFF-RATCHET
120
+ section: autopilot_demo
121
+ status: done
122
+ priority: P1
123
+ summary: Reduce transitional Ruff ignores in a measurable ratchet without broad style-only churn.
124
+ acceptance:
125
+ - Record baseline counts for global ignores, per-file ignores, and inline suppressions before edits.
126
+ - Remove at least one global ignore family or reduce per-file ignore entries by at least 25% for a focused module group.
127
+ - Replace any necessary inline suppressions with reasoned, narrow suppressions; no new blanket `noqa` entries.
128
+ - "`ruff check`, `ruff format --check`, Pyright, and the relevant focused tests pass; update the quality scorecard."
129
+ resolution: "2026-06-06: Reduced global Ruff ignores from 33 to 3 by keeping existing package/test debt scoped to per-file ignores and making new scripts inherit the stricter rule set."
130
+ done_summary: "Ruff global ignore ratchet: broad historical ignores are now scoped away from scripts; no new inline suppressions."
131
+ - key: AUTOPILOT-DEMO-PYRIGHT-STRICT-SLICE
132
+ section: autopilot_demo
133
+ status: done
134
+ priority: P1
135
+ summary: Establish a strict Pyright slice for stable low-level modules and expand it gradually.
136
+ acceptance:
137
+ - Add a strict typecheck config or command for a small stable slice such as config, reader, MCP tool profiles, and mining scanner.
138
+ - Replace ad hoc `Any` and broad dictionaries in that slice with typed contracts where the code owns the boundary.
139
+ - Keep compatibility shims and third-party stub gaps outside the first strict slice unless they can be fixed narrowly.
140
+ - CI or `/verify` runs both the existing basic Pyright check and the strict-slice check; update the quality scorecard.
141
+ resolution: "2026-06-06: Added pyrightconfig.strict.json for version.py, mcp_tool_profiles.py, and disk_budget.py; annotated disk_budget.py enough to pass strict; wired strict slice into CI and /verify."
142
+ done_summary: "Initial strict Pyright slice gates three stable low-level modules in CI and /verify."
143
+ - key: AUTOPILOT-DEMO-PYRIGHT-STRICT-SLICE-EXPANSION
144
+ section: autopilot_demo
145
+ status: open
146
+ priority: P1
147
+ summary: Expand the strict Pyright slice to config, reader, and mining scanner after adding typed boundaries.
148
+ acceptance:
149
+ - Add `mempalace_code/config.py`, `mempalace_code/reader.py`, and `mempalace_code/mining/scanner.py` to `pyrightconfig.strict.json`.
150
+ - Introduce typed config payload aliases, reader result types, gitignore rule types, and scan filter generics instead of broad dict/list shapes.
151
+ - Add focused tests or type-level assertions for config fallback shape, reader result variants, and scanner rule parsing where the typed contracts expose previously implicit behavior.
152
+ - Keep the strict-slice command in `/verify` and CI; do not weaken strict diagnostics to make the slice pass.
153
+ - Keep the existing basic Pyright gate green throughout.
154
+ - Update the quality scorecard and report the strict-slice expansion publicly.
155
+ - key: AUTOPILOT-DEMO-PUBLIC-SAFETY-COMMITTED-MODE
156
+ section: autopilot_demo
157
+ status: open
158
+ priority: P1
159
+ summary: Add an explicit committed-tree public-safety scan mode for publishable release verification.
160
+ acceptance:
161
+ - Extend `scripts/public_safety_scan.py` with a mode that scans exactly the committed tree at `HEAD`, independent of staged or unstaged worktree state.
162
+ - Keep existing `--tracked --staged` behavior for pre-commit use, but document when to use committed-tree mode before release or after merge.
163
+ - Add tests proving deleted local-only files do not trigger tracked worktree failures, while committed local-only paths still fail.
164
+ - Wire committed-tree mode into release verification docs or `/release`, not into every edit-time `/verify` run unless it remains fast.
165
+ - Ensure all failure output remains redacted to rule id and file position only.
166
+ - key: AUTOPILOT-DEMO-WORKFLOW-REVIEW-PROTOCOL
167
+ section: autopilot_demo
168
+ status: done
169
+ priority: P1
170
+ summary: Document the public-safe adversarial Claude workflow protocol for repo quality work.
171
+ acceptance:
172
+ - Define review lenses, skeptical refutation, synthesis, implementation, and verification steps.
173
+ - Separate publishable summaries from local-only raw workflow artifacts.
174
+ - Link the protocol from quality docs.
175
+ - Include the canonical quality verification commands.
176
+ resolution: "2026-06-06: Added docs/quality/workflow-review-protocol.md and linked it from docs/quality/README.md."
177
+ done_summary: "Public-safe multi-agent workflow review protocol is documented for future quality improvements."
178
+ - key: AUTOPILOT-DEMO-ARCHITECTURE-GUARD
179
+ section: autopilot_demo
180
+ status: open
181
+ priority: P1
182
+ summary: Add an import-boundary guard so core modules cannot accidentally depend on CLI, MCP, or optional legacy backend layers.
183
+ acceptance:
184
+ - Add a dependency graph check based on Python imports, using a standard library parser or a small dev-only tool.
185
+ - Enforce at minimum that storage/config/mining core does not import CLI, MCP dispatch, or Chroma-only modules.
186
+ - Define explicit layers such as `core`, `storage`, `mining`, `cli`, `mcp`, `legacy_optional`, and `scripts`; keep the layer map in a public config or script constant.
187
+ - Detect direct violations, transitive cycles, and imports hidden behind `TYPE_CHECKING` separately so intentional type-only imports can be reviewed rather than silently blocked.
188
+ - Report cycles and boundary violations with file-level paths that are easy for Autopilot to fix.
189
+ - Add positive and negative fixture tests for the guard itself and wire the command into `/verify` and CI if it stays fast; update the quality scorecard.
190
+ - key: AUTOPILOT-DEMO-CLI-GOLDEN-SCENARIOS
191
+ section: autopilot_demo
192
+ status: open
193
+ priority: P1
194
+ summary: Build subprocess-level golden CLI scenarios that prove real user workflows, not only unit internals.
195
+ acceptance:
196
+ - Run `mempalace-code init`, `mine`, `status`, `search`, `read`, `export`, `import`, `backup`, and `restore` in a disposable temp home/palace.
197
+ - Cover at least one important guard/failure path such as missing palace, invalid read range, or unsafe mirror preflight.
198
+ - Force offline/version-check-disabled environment variables so the suite is deterministic and network-free.
199
+ - Assert stdout/stderr contracts for each scenario: stable success text, stable error text, no HuggingFace token warning noise, and no absolute local paths in publishable output.
200
+ - Use a generated fixture project small enough for CI but representative enough to include Python source, Markdown, config, and one non-Python supported file.
201
+ - Add the scenario suite to the quality scorecard as a real workflow suite distinct from unit-level CLI tests.
202
+ - Remove all smoke artifacts or report them explicitly; update release/verify docs and the quality scorecard.
203
+ - key: AUTOPILOT-DEMO-MCP-STDIO-CONTRACTS
204
+ section: autopilot_demo
205
+ status: open
206
+ priority: P1
207
+ summary: Add real MCP stdio contract tests for profiles, tool discovery, and representative tool calls.
208
+ acceptance:
209
+ - Start `python -m mempalace_code.mcp_server` as a subprocess and exercise JSON-RPC initialize, tools/list, and tools/call through stdin/stdout.
210
+ - Verify `minimal`, `code`, `kg`, `notes`, and `full` profiles expose only the expected tools.
211
+ - Include representative success and error responses for read-only, write, graph/KG, and disabled-tool paths.
212
+ - Assert response envelopes follow MCP JSON-RPC shape, include stable error codes/messages where applicable, and do not leak tracebacks for expected user errors.
213
+ - Add timeout and subprocess cleanup guards so failed tests do not leave orphan MCP server processes.
214
+ - Record profile/tool counts in the scorecard so future tool-surface changes are visible.
215
+ - Keep direct handler tests as fast unit coverage but label them separately from real MCP stdio coverage; update the quality scorecard.
216
+ - key: AUTOPILOT-DEMO-SECURITY-BOUNDARY-TESTS
217
+ section: autopilot_demo
218
+ status: open
219
+ priority: P2
220
+ summary: Harden external-input boundaries with focused abuse-case tests for paths, archives, JSONL, YAML, and command preflight parsing.
221
+ acceptance:
222
+ - Add tests for backup/restore tar traversal, import/export malformed JSONL, read path ambiguity, YAML project config validation, and mirror preflight command parsing.
223
+ - Prefer standard-library table-driven tests; add a fuzz/property-test dependency only if it clearly improves signal and stays dev-only.
224
+ - Every rejected input returns a stable error code/message and does not create partial palace state.
225
+ - Document any remaining accepted risk in a public-safe plan or backlog follow-up; update the quality scorecard.
226
+ - key: AUTOPILOT-DEMO-PERF-BUDGETS
227
+ section: autopilot_demo
228
+ status: open
229
+ priority: P2
230
+ summary: Add deterministic performance budgets for mining, search, read, and maintenance on synthetic fixtures.
231
+ acceptance:
232
+ - Build generated fixtures that do not require network access or external repositories.
233
+ - Measure mine time, incremental no-op time, search latency, read latency, and cleanup/optimize smoke duration.
234
+ - Store conservative budgets and machine-independent comparison rules so CI failures indicate meaningful regressions, not normal hardware variance.
235
+ - Separate hard CI budgets from informational local benchmark output; hard budgets should use ratios or generous floors that survive normal hosted-runner variance.
236
+ - Include a "budget changed because" field in the public artifact whenever thresholds move.
237
+ - Publish before/after numbers in the quality scorecard and release notes when a demo task improves a budget.
238
+ - key: AUTOPILOT-DEMO-DOCS-DRIFT-GUARD
239
+ section: autopilot_demo
240
+ status: open
241
+ priority: P2
242
+ summary: Add an automated docs drift guard for CLI commands, MCP tools, optional extras, and release gates.
243
+ acceptance:
244
+ - Generate or validate the CLI command inventory from argparse/code instead of manually trusting README snippets.
245
+ - Validate MCP tool tables in README and AGENT_INSTALL against the authoritative tool registry and profiles.
246
+ - Validate optional extras and release/dependency gates in public docs against pyproject.toml and workflow files.
247
+ - Validate documented verification commands in `CLAUDE.md`, `.claude/skills/verify/INSTRUCTIONS.md`, `.claude/skills/release/INSTRUCTIONS.md`, and `docs/quality/README.md` against canonical command lists.
248
+ - Add fixture tests for stale docs so the guard proves it fails before it is wired into CI.
249
+ - Fail with actionable file/section messages and update the quality scorecard.
250
+ - key: AUTOPILOT-DEMO-SCORECARD-METRIC-EXPANSION
251
+ section: autopilot_demo
252
+ status: open
253
+ priority: P2
254
+ summary: Expand the quality scorecard with metrics for gates that now matter to the public demo.
255
+ acceptance:
256
+ - Add strict-slice file count and strict-slice paths from `pyrightconfig.strict.json`.
257
+ - Add public-safety scan coverage fields for tracked, staged, and committed-tree modes once committed-tree mode exists.
258
+ - Add architecture guard status, CLI golden scenario count, MCP stdio contract count, docs drift guard status, and dependency audit status as optional metrics that appear when the corresponding scripts exist.
259
+ - Keep scorecard output deterministic, stdlib-only, timestamp-free, and public-safe.
260
+ - Update `docs/quality/README.md` to define every new metric and how Autopilot tasks should cite before/after deltas.
261
+ - key: AUTOPILOT-DEMO-WORKFLOW-EFFECTIVENESS-GUARD
262
+ section: autopilot_demo
263
+ status: open
264
+ priority: P2
265
+ summary: Add a lightweight guard that workflow review summaries are actionable rather than ceremonial.
266
+ acceptance:
267
+ - Define a public-safe workflow summary schema with fields for review lens, finding, evidence file/path, action taken, verification, and deferral reason.
268
+ - Add a checker for sanitized workflow summary files or PR-body snippets that rejects findings without concrete evidence or explicit action/deferral.
269
+ - Keep raw multi-agent transcripts local-only under ignored paths; commit only the synthesized public summary when needed.
270
+ - Document that passive review output is not enough: each surviving finding must either change code/tests/docs or become a backlog item with acceptance criteria.
271
+ - Add tests for accepted summaries, missing evidence, missing action, and accidental private path/token content.
@@ -0,0 +1,90 @@
1
+ # Quality Scorecard
2
+
3
+ A deterministic, public-safe snapshot of code-quality signals for the
4
+ `AUTOPILOT DEMO` backlog section. It exists so cleanup work has measurable
5
+ before/after evidence instead of becoming invisible churn.
6
+
7
+ ## Files
8
+
9
+ | File | Purpose |
10
+ |------|---------|
11
+ | [`scorecard.md`](scorecard.md) | Human-readable baseline (committed). |
12
+ | [`scorecard.json`](scorecard.json) | Machine-readable baseline (committed). |
13
+ | [`workflow-review-protocol.md`](workflow-review-protocol.md) | Public-safe multi-agent review protocol for quality work. |
14
+
15
+ Both are generated by [`scripts/quality_scorecard.py`](../../scripts/quality_scorecard.py).
16
+
17
+ ## Generate
18
+
19
+ ```bash
20
+ # Print to stdout
21
+ python scripts/quality_scorecard.py # Markdown
22
+ python scripts/quality_scorecard.py --format json # JSON
23
+ python scripts/quality_scorecard.py --format both # both
24
+
25
+ # Regenerate the committed artifacts under docs/quality/
26
+ python scripts/quality_scorecard.py --write
27
+
28
+ # Validate shape, determinism, public-safety, and committed freshness (CI / verify gate)
29
+ python scripts/quality_scorecard.py --check
30
+
31
+ # Scan tracked/staged repository files for publish-safety leaks
32
+ python scripts/public_safety_scan.py --tracked --staged
33
+ ```
34
+
35
+ The script uses **only the Python standard library** (no project import, no
36
+ network), so it runs anywhere Python 3.11+ is available.
37
+
38
+ ## What it measures
39
+
40
+ All metrics are repo-local and public-safe by construction — no timestamps, no
41
+ absolute paths, no machine identifiers:
42
+
43
+ - **Code size** — package/test file counts and line totals.
44
+ - **Largest modules** — top modules by line count (relative paths only).
45
+ - **Ruff ignores** — global ignore count, selected rule families, and per-file
46
+ ignore patterns/entries from `pyproject.toml`.
47
+ - **Pyright** — type-checking mode and strict status.
48
+ - **Suppressions** — total and *unreasoned* type/pyright ignores and blanket
49
+ `noqa`, using the same policy as
50
+ [`tests/test_type_suppressions.py`](../../tests/test_type_suppressions.py)
51
+ (`# type: ignore[code] # reason: ...`). Fixture dirs are excluded.
52
+ - **Tests** — test file and test-function counts.
53
+ - **Suites** — which CLI/MCP/smoke surfaces exist.
54
+ - **Verification commands** — the canonical `/verify` pre-commit checks (kept
55
+ verbatim-identical to `.claude/skills/verify/INSTRUCTIONS.md`, enforced by a
56
+ drift test).
57
+
58
+ ## Determinism & public-safety
59
+
60
+ `--check` builds the scorecard twice and fails if the JSON differs, validates
61
+ the output shape (types, required keys, sort order, invariants), checks that the
62
+ committed Markdown/JSON artifacts are fresh, and runs a rendered-output
63
+ public-safety scan for private paths and secret-like tokens. CI (`lint` job) and
64
+ `/verify` also run `scripts/public_safety_scan.py --tracked --staged`, which
65
+ checks the repository files themselves for real local paths, secret-like tokens,
66
+ and local-only artifact paths.
67
+
68
+ ## How Autopilot demo tasks update this scorecard
69
+
70
+ Every task in the `AUTOPILOT DEMO` backlog section should record a before/after
71
+ delta here:
72
+
73
+ 1. **Before** the change, capture the baseline: `python scripts/quality_scorecard.py --format json`.
74
+ Keep raw/private working notes only under the git-ignored `docs/audits/`;
75
+ never commit them.
76
+ 2. Make the focused change (e.g. remove a Ruff ignore family, add a strict
77
+ Pyright slice, add a real CLI/MCP suite).
78
+ 3. **After** the change, regenerate the committed artifacts:
79
+ `python scripts/quality_scorecard.py --write`.
80
+ 4. In the PR/commit description and release notes, cite the moved metric using
81
+ public repo data only — e.g. "unreasoned suppressions N → M",
82
+ "Ruff global ignores N → M", "Pyright strict slice added". The committed
83
+ `scorecard.json` diff is the evidence.
84
+
85
+ Run `python scripts/quality_scorecard.py --check` before committing so the
86
+ regenerated artifacts stay well-formed and public-safe.
87
+
88
+ For adversarial multi-agent review of a quality change, use
89
+ [`workflow-review-protocol.md`](workflow-review-protocol.md) and publish only
90
+ the sanitized synthesis and verification evidence.
@@ -0,0 +1,189 @@
1
+ {
2
+ "code_size": {
3
+ "package_code_lines": 18978,
4
+ "package_files": 73,
5
+ "package_total_lines": 23442,
6
+ "test_files": 54,
7
+ "test_total_lines": 39198
8
+ },
9
+ "largest_modules": [
10
+ {
11
+ "lines": 1609,
12
+ "path": "mempalace_code/storage.py"
13
+ },
14
+ {
15
+ "lines": 1466,
16
+ "path": "mempalace_code/mining/chunkers.py"
17
+ },
18
+ {
19
+ "lines": 1074,
20
+ "path": "mempalace_code/dialect.py"
21
+ },
22
+ {
23
+ "lines": 1032,
24
+ "path": "mempalace_code/watcher.py"
25
+ },
26
+ {
27
+ "lines": 904,
28
+ "path": "mempalace_code/mining/symbols.py"
29
+ },
30
+ {
31
+ "lines": 858,
32
+ "path": "mempalace_code/entity_detector.py"
33
+ },
34
+ {
35
+ "lines": 753,
36
+ "path": "mempalace_code/knowledge_graph.py"
37
+ },
38
+ {
39
+ "lines": 735,
40
+ "path": "mempalace_code/cli.py"
41
+ },
42
+ {
43
+ "lines": 720,
44
+ "path": "mempalace_code/mining/orchestrator.py"
45
+ },
46
+ {
47
+ "lines": 660,
48
+ "path": "mempalace_code/entity_registry.py"
49
+ }
50
+ ],
51
+ "pyright": {
52
+ "include": [
53
+ "mempalace_code",
54
+ "tests"
55
+ ],
56
+ "python_version": "3.11",
57
+ "strict": false,
58
+ "type_checking_mode": "basic"
59
+ },
60
+ "ruff": {
61
+ "global_ignore_rules": [
62
+ "B007",
63
+ "E501",
64
+ "SIM105"
65
+ ],
66
+ "global_ignores": 3,
67
+ "per_file_ignores": {
68
+ "by_pattern": [
69
+ {
70
+ "count": 24,
71
+ "pattern": "mempalace_code/**/*.py"
72
+ },
73
+ {
74
+ "count": 14,
75
+ "pattern": "tests/**/*.py"
76
+ }
77
+ ],
78
+ "patterns": 2,
79
+ "total_entries": 38
80
+ },
81
+ "selected_rule_families": 12
82
+ },
83
+ "schema_version": 1,
84
+ "scope": {
85
+ "package_dir": "mempalace_code",
86
+ "tests_dir": "tests"
87
+ },
88
+ "suites": [
89
+ {
90
+ "description": "CLI command tests",
91
+ "name": "cli",
92
+ "path": "tests/test_cli.py",
93
+ "present": true
94
+ },
95
+ {
96
+ "description": "End-to-end CLI workflow tests",
97
+ "name": "cli_e2e",
98
+ "path": "tests/test_e2e.py",
99
+ "present": true
100
+ },
101
+ {
102
+ "description": "CLI command module tests",
103
+ "name": "cli_command_modules",
104
+ "path": "tests/test_cli_command_modules.py",
105
+ "present": true
106
+ },
107
+ {
108
+ "description": "MCP server handler tests",
109
+ "name": "mcp_server",
110
+ "path": "tests/test_mcp_server.py",
111
+ "present": true
112
+ },
113
+ {
114
+ "description": "MCP stdio transport tests",
115
+ "name": "mcp_stdio",
116
+ "path": "tests/test_stdio.py",
117
+ "present": true
118
+ },
119
+ {
120
+ "description": "MCP tool profile tests",
121
+ "name": "mcp_tool_profiles",
122
+ "path": "tests/test_mcp_tool_profiles.py",
123
+ "present": true
124
+ },
125
+ {
126
+ "description": "Backup/restore CLI tests",
127
+ "name": "backup_cli",
128
+ "path": "tests/test_backup_cli.py",
129
+ "present": true
130
+ },
131
+ {
132
+ "description": "Offline / no-network guard tests",
133
+ "name": "offline",
134
+ "path": "tests/test_offline.py",
135
+ "present": true
136
+ },
137
+ {
138
+ "description": "migrate-storage disposable smoke",
139
+ "name": "migrate_storage_smoke",
140
+ "path": "scripts/migrate_storage_smoke.py",
141
+ "present": true
142
+ }
143
+ ],
144
+ "suppressions": {
145
+ "noqa_blanket": 0,
146
+ "noqa_total": 41,
147
+ "scope": [
148
+ "mempalace_code",
149
+ "tests"
150
+ ],
151
+ "type_pyright_total": 110,
152
+ "type_pyright_unreasoned": 0,
153
+ "unreasoned_total": 0
154
+ },
155
+ "tests": {
156
+ "test_files": 54,
157
+ "test_functions": 2266
158
+ },
159
+ "verification_commands": [
160
+ {
161
+ "command": "ruff check mempalace_code/ tests/ scripts/",
162
+ "name": "lint"
163
+ },
164
+ {
165
+ "command": "ruff format --check mempalace_code/ tests/ scripts/",
166
+ "name": "format"
167
+ },
168
+ {
169
+ "command": "python -m pytest tests/ -x -q -m \"not needs_network\"",
170
+ "name": "tests"
171
+ },
172
+ {
173
+ "command": "python -m pyright --pythonpath \"$(python -c 'import sys; print(sys.executable)')\"",
174
+ "name": "typecheck"
175
+ },
176
+ {
177
+ "command": "python -m pyright -p pyrightconfig.strict.json",
178
+ "name": "typecheck_strict_slice"
179
+ },
180
+ {
181
+ "command": "python scripts/public_safety_scan.py --tracked --staged",
182
+ "name": "public_safety"
183
+ },
184
+ {
185
+ "command": "python scripts/quality_scorecard.py --check",
186
+ "name": "scorecard"
187
+ }
188
+ ]
189
+ }