feat(figma-evidence-guard): per-PR証跡走査化 — cmd_717(B)#2
Open
ysaitogrander wants to merge 38 commits into
Open
Conversation
- shogun CLI v4 (formerly only at ~/.local/bin/shogun) now lives in the repo so install_shogun_cli.sh has a source to copy from - cmd_start launches inbox_watcher for all agents (将軍+家老+足軽N+軍師); this was the missing piece that caused watchers to die silently when shogun was launched without shutsujin_departure.sh - cmd_start sets @agent_id on the shogun pane (was only set on agents session before, breaking session_start_hook self-identification) - cmd_stop pkills inbox_watcher to prevent duplicate watchers on restart - whitelist shogun and install_shogun_cli.sh in .gitignore
The Stop hook command was hardcoded to a WSL-only absolute path (/home/tono/multi-agent-shogun/scripts/stop_hook_inbox.sh), causing "No such file or directory" errors on macOS at the end of every turn. Switch to the relative form used by the SessionStart hook on L8 (bash scripts/stop_hook_inbox.sh), which resolves correctly in both environments as long as Claude Code launches with the project as cwd.
cmd_start's pkill -f "inbox_watcher.sh" matched any process whose command line contained the literal string "inbox_watcher.sh", including Claude Code agents launched with --system-prompt "$(cat instruction.md)" when the instruction mentioned inbox_watcher.sh (karo: 3 hits, ashigaru: 1 hit). The pkill ran right after agents were spawned, silently killing karo and all ashigaru sessions; the user saw "agents not running" with no obvious cause. Tighten the pattern to "bash.*scripts/inbox_watcher\.sh" — instruction files never contain that exact substring, so only real watcher procs match. Apply to both cmd_start and cmd_stop. Separately, _setup_scripts now creates a .venv symlink from project_dir to SHOGUN_HOME/.venv so inbox_watcher.sh can find python3 when shogun start is invoked outside the framework directory. Without this, watchers launched in any other project directory died on line 415 with "No such file or directory" the first time they tried to count unread.
Add scripts/idle_auto_clear.sh: a detection-only daemon that issues a clear_command via inbox_write when an ashigaru is idle + context-bloated. It never touches tmux; delivery/CLI-conversion/recovery stay with inbox_watcher. Safety-first design: AND short-circuit safety gates (status / 0-unread / non-busy / idle-grace / cooldown / optional pane verify) plus a send-time double-check eliminate wrongful clears. - scripts/watcher_supervisor.sh: start_auto_clear_if_missing() with pgrep dedup, wired into start_all_watchers. - scripts/inbox_watcher.sh: recovery guard now also skips done/failed and handles nested(task:)/flat YAML status (prevents pointless Session Start re-arm after idle context回収 of a done/failed agent). - tests: test_idle_auto_clear.bats (21) + test_send_wakeup.bats T-RECOV-DONE-001/002/003. All green. - .gitignore: whitelist !scripts/idle_auto_clear.sh. config/settings.yaml auto_clear block stays gitignored by design (machine-specific runtime). enabled:true must be applied to the deploy target manually. follow-up (gunshi QC nice-to-have, non-blocking): NTH-001 nested-assigned fixture, NTH-002 missing-task-file explicit test, NTH-003 dry-run unit test, NTH-004 grace-boundary(=900s) test. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Pre-existing uncommitted drift from the TVF (Task Verification First) Protocol additions (cmd_510 v2 institutionalization): CLAUDE.md + ashigaru_role.md / karo_role.md sources, regenerated to all CLI variants via scripts/build_instructions.sh so generated/ and CLI auto-load files (AGENTS.md, .github/copilot-instructions.md, agents/default/system.md, .opencode/agents/*) are consistent with sources. No new drift introduced by cmd_585; this only cleans the working tree. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Add permanent rule that Backlog links in PRs must use grander.backlog.jp (grander.backlog.com returns 404): - instructions/roles/ashigaru_role.md: add Backlog domain check to PR required checklist (self-check before PR submission) - instructions/roles/karo_role.md: add Backlog URL domain to Simple QC table for Karo to verify when reviewing completions Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- copilot-shogun.md に「ashigaru_copilotとの協業方法」セクション追加 - タスク委譲手順(assign_to_copilot.sh の正しい使い方) - 既知バグ3点の明文化(wake-up未到達/fswatch単発/inbox_watcher誤宛) - 暫定ワークアラウンドと将来の正しい姿 - タスク適合判定表・完了報告フロー・参照ファイル一覧 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This reverts commit e59063a.
- assign_to_copilot.sh の tmux send-keys を agmsg send.sh で置換する設計を明文化 - セットアップ手順・委譲フロー・タスク適合判定を記載 - cmd_705(agmsg導入)の実装指針として参照 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
figma_fresh_fetch_guard.sh and figma_fetch_record.sh were deleted when reverting an unrelated change. Restored from original commit. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Add agent_registry_is_pane_agent() that mirrors get_ashigaru_ids(): only ashigaru agents with a purely numeric suffix are assigned tmux panes. This removes ashigaru_copilot (type:copilot) from the pane registry, preventing it from being mapped to multiagent:agents.7 and sending stray nudges to the real ashigaru7 pane. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…ot_safety.sh (subtask_705_t1) Adds shared safety gate library for T2/T3 (assign+watcher) to source. Unit tests: 27/27 pass (BAN block / safe pass / --force-with-lease pass / Figma warn). Also adds lib/copilot_safety.sh to .gitignore whitelist. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…pdate to copilot_watcher spawn method Move ashigaru_copilot collaboration section from directly-edited generated file to source template (instructions/cli_specific/copilot_tools.md): - Replace 殿/将軍・家老/足軽 with host-terminal/Shogun・Karo/agent (neutral terms) - Remove cmd_705 reference from section header - Replace old tmux send-keys wakeup description with copilot_watcher spawn flow: assign_to_copilot.sh → task YAML atomic write → copilot_watcher polling → copilot --yolo -p spawn → agmsg report - Add note: 1 spawn = 1 premium request; recommend heavyweight/independent tasks F006 compliant: source template edited, build_instructions.sh regenerated generated files (not direct edit). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…ed safety lib, atomic YAML write - Remove tmux send-keys wake-up block (L172-193): copilot_watcher polling handles wake via mtime - Replace inline validate_command/warn_external_api with source lib/copilot_safety.sh (single source of truth) - Atomicize task YAML write: tmp file + mv rename prevents partial-YAML spawn race (R4) - Add assign_to_copilot.sh to .gitignore allowlist for tracking Verified: BAN command blocked (exit 1), normal command produces atomic YAML, tmux send-keys count=0 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…opilot agent 5s interval polling on ashigaru_copilot.yaml mtime. Implements R1-R5 safety requirements: - R1: PID file + flock single instance, state file dedup per task_id - R2: Settle-wait debounce, each task_id spawned at most once - R3: Fixed prompt passed via file (no task content interpolation) - R4: mtime stability check before YAML read - R5: validate_command via lib/copilot_safety.sh before every spawn Self-restarts on crash via outer while loop. Reports spawn results to gunshi/karo via agmsg send.sh. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…d_706 U1+U5) W1 idleフラグ(/tmp/shogun_idle_karo)+grace判定・W2 karo未読read:false>0主軸+double-check・ W3 cooldown+inbox_write再トリガ・W5 karo専任/clear・spawn・kill禁止(D006)・ enabled=false fail-safe既定。config/settings.yamlにfleet_watchdogブロック追加(U5)。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…light conflict prevention (cmd_705 T3b) Adds check_dedup_conflict() to block Copilot assignment when the target (file path / PR number / ticket ID) overlaps with an in-flight ashigaru task. Also documents the Copilot explicit-assignment-only protocol in header comments. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…cher.sh report() now branches on recipient: gunshi/karo → inbox_write.sh (file-inbox), others (shogun etc.) → agmsg send.sh. Fixes RACE-001 silent-loop defect where agmsg messages to non-team members were silently dropped. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…-registry off-by-one (cmd_706 U2) Replace static settings-order pane registry with live tmux @agent_id queries so karo/ashigaru/gunshi are always routed to their actual panes regardless of settings.yaml ordering. Add fleet_watchdog.sh as a managed daemon with the same restart-if-missing pattern as other watchers. - live_multiagent_agents(): reads @agent_id from tmux at runtime - resolve_pane_by_agent_id(): per-cycle dynamic pane resolution, no index math - start_fleet_watchdog_if_missing(): keeps fleet_watchdog.sh alive (cmd_706 U2) - --print-watchers now shows: karo→agents.0 / ashigaru1-7→agents.1-7 / gunshi→agents.8 - bash -n: syntax OK; no hardcoded pane indices; kill not used (D006) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…gn_to_copilot.sh Adds send.sh shogun→copilot call (|| true fail-safe) so copilot's monitor picks up the task immediately upon assignment. Existing validate/atomic/inbox/dedup order preserved. subtask_705_t7_agmsg_wake. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- lib/figma_guard_common.sh (new): is_figma_relevant_path (allowlist/denylist/conservative) + has_fresh_evidence (48h window, macOS+Linux compat) - scripts/figma_fetch_record.sh: extend with --url/--scope flags; new format adds url:/scope: fields; old positional args remain backward-compatible - .gitignore: un-ignore lib/figma_guard_common.sh Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…— cmd_707 H4 Layer2 (assigner-side) gate for Copilot delegation: Copilot runs outside PreToolUse hooks, so the assigning side must verify Figma evidence before delegating UI tasks. Also fix denylist regex in figma_guard_common.sh to tolerate path prefixes like src/ . Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…ner gate (cmd_707 H4b) Layer2 assigner gate now uses positive-only allowlist so docs/scripts/lib paths pass through without Figma evidence. H2/H3 CI backstop (is_figma_relevant_path) is unchanged. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…_706 U2b) live_multiagent_agents and resolve_pane_by_agent_id now query `-t multiagent:agents` instead of `-t multiagent`, so a stray active window (multiagent:1) no longer causes @agent_id to resolve empty. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…_710_wave0) xDQ4U 全画面 node 同定・canonical-map に画面別 node マップ追記。 G-05〜08/G-11 参照画面の node ID 確定 → Wave2 Figma 忠実性タスクの blocked_by 解除。 - Admin: ログイン/ホール管理/ユーザー管理/整理券(RSRV/SET/CARD/MON)/管理者アカウント管理 各 node - Tablet: TB-01〜24 + SP系 全画面 node (MCP用_タブレット画面 section 4560:89033) - 要特定: 休日/分析/カレンダービュー(正典 4560:41601 に未確認・正直記載・捏造なし) - .gitignore: context/figma-canonical-map.md を whitelist に追加 - Figma 取得証跡: 2026-06-05 REST API Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
… implementation targets (cmd_713)
Add cmd_690b confusion-prevention section: standalone /users/{id} (USER-10) is deprecated,
but the face-check cluster (4560:57288/55842 and surrounding nodes 57004/56715/56417/56104/55569/55306)
remains in scope. Adds controller/route mapping table and node-level status for each screen.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
… nodes (cmd_715-1) - Add ★関所ルール (GATEWAY RULE) section with current canonical vs old node identification table - Document TVF 2-stage judgment: Stage1 node-series check, Stage2 node-content verification - Correct Admin Management System header: replace deprecated nodes (209:23439, 1051:22288) with current canonical 4560:41601 series - Preserve all existing per-screen node maps Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…cmd_715 A-715-r1-1) Regenerate instructions/generated/* from updated roles source files (ashigaru_role.md + karo_role.md with TVF 2段判定 + figma_node_verification added by ashigaru4 in cmd_715 R1). All CLI variants confirmed to contain TVF 2段判定 fields: codex/copilot/kimi/opencode × ashigaru/karo. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
4560:47251/46982/48032 を48h REST実取得・2段判定PASS。 GAP-1: 顔写真チェック一覧=部分実装(データソース乖離・カラム構造違い) GAP-2: ユーザー詳細_編集=未実装(整理券context専用ルートなし) GAP-3: ユーザー詳細モーダル=部分実装(本番号・受付日時欠如) Backlogチケット3件(B-FACE-RAFFLE-001/002/003・担当斎藤)記載。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
ashigaru_role/karo_roleにPR#277教訓を踏まえた証跡同梱必須ルールを追記。 - ashigaru_role: reportテンプレにfigma_evidence_committed+guard_passedフィールド追加 - ashigaru_role: TVF節末尾にF005相当差し戻し対象を明記した証跡同梱必須節追加 - karo_role: TVF配賦時ゲートにUI実装タスクの受入条件(証跡同梱+guard緑)を追加 - build_instructions.sh再生成で全variant(codex/copilot/kimi/opencode)に伝播確認済み Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
B1 lib/figma_guard_common.sh: has_fresh_evidence に scan_evidence_dir 追加。 - FIGMA_GUARD_EVIDENCE_DIR (docs/figma-evidence/) をソース2として OR 判定 - _scan_md_evidence_file: <!-- figma-evidence-block --> ブロック解析 - _scan_json_evidence_file: JSON array/object 形式を python3 で解析 (補足A-717a-1) - *.md / *.json 両拡張子受理 (cmd_715 figma_node_verification 連携) - 既存ログ走査は後方互換で維持 (pre-push/local) B2 scripts/figma_fetch_record.sh: per-PR file 出力モード追加。 - --pr-file: docs/figma-evidence/<branch>_<node>.md を生成 (Markdown ブロック) - --pr-file-json: docs/figma-evidence/<branch>_<node>.json を生成 (JSON 配列) - ログへの追記は両モードとも維持 (後方互換) B3 scripts/figma_fresh_fetch_guard.sh: 共有 lib を source し両 source を検証。 CI 赤時メッセージに --pr-file と commit 手順を明示。 B4 docs/figma-evidence-guard.md: per-PR 運用・標準形式・後方互換を明記。 .gitignore に docs/figma-evidence/*.md / *.json を追加。 B5 tests/unit/test_figma_guard_evidence.bats: 20 ケース (設計書 §3 の 8 基本 + JSON 受理 4 + 退行ゼロ保証 2 + 検知範囲 exempt 確認 6)。全緑確認済。 ガード弱体化ゼロ: 証跡なし UI=赤 / infra 誤発火なし / node 不一致=赤 / 48h 超過=赤 を bats で担保。検知範囲 (is_figma_relevant_path/is_definitely_figma_ui) 不変。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…igaru5) Nodes: 4560:46699/46414/46115/45820/45626/43342 File: xDQ4U6O2LUfIrftJGzacqm 取得: 2026-06-05T11:55:12+09:00 REST API depth=8〜10 目的: cmd_718 Phase1 Figma忠実性差分台帳 TVF2段判定 (cmd_717標準)
…Key追記・冒頭訂正 (ashigaru5) GR-232(node47251顔写真チェック一覧再設計)/GR-233(node46982ユーザー詳細編集・GR-202 subtask化)/GR-234(node48032ユーザー詳細モーダルフィールド追加)をBacklog APIで実起票。ledger冒頭の誤記「API不可・要発注者起票」→「API利用可・実起票済」へ訂正。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…h/token_diet_check.sh - append_cmd.sh: YAML破損防止append (Python自動quote/ブロックスカラー/重複guard/yaml.safe_load検証) - archive_done_cmds.sh: done退避+二重退避guard (cmd_683-704既archive保護)。archive_done_commands.sh後方互換化済 - token_diet_check.sh: 行数/active cmd数閾値警告 (>600行/>20active) - shogun_to_karo.yaml: 570→477行、done 6件をarchiveへ退避 (cmd_710/711/712/714/715/717) - shellcheck全3本通過 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- CLAUDE.md.slim: 351→323行(8%)/20,766→18,332bytes(11.7%)削減 - 削減: 冗長散文16箇所・bash例示・背景説明のみ。規則一字一句保持。 - D001-D008/Tier2/3/WSL2/Prompt Injection: テキスト逐語一致確認済み - queue/reports/cmd_720_claudemd_slim_coverage.md: 全規則対照・失われた規則=0証明 - 本体CLAUDE.md未上書き(候補file方式) - 軍師独立確認依頼済み Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…ples Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
lib/figma_guard_common.sh:has_fresh_evidenceにscan_evidence_dirを追加。docs/figma-evidence/*.md/*.jsonをソース2として OR 判定(gitignore済みlogのCI不可問題を根本解決)scripts/figma_fetch_record.sh:--pr-file(Markdown ブロック)/--pr-file-json(JSON 配列)モード追加。cmd_715 figma_node_verification との連携で.jsonも受理(補足 A-717a-1)scripts/figma_fresh_fetch_guard.sh: 共有 lib を source し両ソースを検証。赤時メッセージに--pr-file+ commit 手順を明示docs/figma-evidence-guard.md: per-PR 運用・.md/.json両標準形式・後方互換を明記。.gitignoreにdocs/figma-evidence/*.md/*.jsonを追加tests/unit/test_figma_guard_evidence.bats: 20 ケース全緑(設計書 §3 の 8 基本 + JSON 受理 4 + 退行ゼロ保証 + exempt 確認)検証済み条件(★ガード弱体化ゼロ★)
.md/.json両ファイル → 緑(新規受理)shellcheck -x -S error全ファイル通過Test plan
bats tests/unit/test_figma_guard_evidence.bats— 20/20 緑(ローカル確認済)shellcheck -x -S error— エラーなしinfra退行注意
guard lib の変更ゆえ軍師 QC(二段の2段目)を依頼済み。
🤖 Generated with Claude Code