feat: attention-optimized semantic protocol v2.7

Core changes:
- Add @defgroup/@ingroup to 1791 C2+ contracts (555 files) for HCA 128× pre-training DSA grouping
- Add §0.1 Pre-Training Frequency matrix to semantics-core
- Add §VIII Attention Architecture rules (ATTN_1-4) with MLA/CSA/HCA/DSA mechanics
- Add @defgroup/@ingroup to canonical syntax (§II) and all contract examples

Agent prompts (5 files):
- Add ZERO-STATE RATIONALE with MLA/CSA/HCA/DSA compression mechanics
- Add pre-training note: @RATIONALE/@REJECTED are in-context learned tags
- svelte-coder: add missing #region contract, fix Svelte rule violations
- python-coder/fullstack-coder: honor function contracts from speckit plan
- qa-tester: add attention compliance audit (P3 ATTN_1-4 checks)

Skills (6 files):
- Translate all axiom_config descriptions to English
- Fix doc_dirs to index .opencode/ and .specify/
- Deduplicate 5× complexity_rules → single global_tags catalog
- Reduce semantics-svelte 591→485 lines (remove duplicate code blocks)
- Fix semantics-testing: 'Short IDs' → 'Short hierarchical IDs'
- Fix all examples: flat IDs → hierarchical Domain.Name format
- Fix Svelte examples: replace raw Tailwind + <button> with semantic tokens + /ui

Speckit workflow (commands + templates):
- speckit.plan: add Function-Level Contracts for C3+ with @PRE/@POST/@TEST_EDGE
- speckit.plan: add Attention Compliance Gate (ATTN_1-4 before contract generation)
- speckit.tasks: add function contract inlining format (constraints in task description)
- speckit.specify: load semantics-core for spec density rules
- spec-template: add #region contract, @SEMANTICS grouping, hierarchical IDs
- ux-reference-template: add #region wrapper
- plan-template: add attention gate, @defgroup/@ingroup guidance
- tasks-template: add attention audit + rebuild + orphan check tasks
- constitution.md: translate to English, add Principle VIII (attention-optimized contracts)

Reference modules rewritten (hierarchical IDs + full contracts):
- Auth.Jwt: 6 child contracts with @RATIONALE/@REJECTED/@TEST_EDGE
- Api.Auth: 5 endpoints with @TEST_EDGE + molecular CoT markers
- Migration.Model: @defgroup Migration with 18 @ACTION + 6 @INVARIANT

Scripts:
- add_defgroup_ingroup.py: zero-risk additive @ingroup migration (1791 insertions)
- migrate_hierarchical.py: flat→hierarchical ID dry-run analysis (792 contracts)
- merge_prompts.py: merge all prompts/skills/commands into one review file

Config:
- axiom_config.yaml: 749→395 lines (-47%), English, doc_dirs include prompts
- Fix test_datasets.py import collision (rename → test_datasets_routes.py)
- Fix test_preview.py: SupersetClient→get_superset_client, AsyncMock, logger f-string
This commit is contained in:
2026-06-08 16:30:59 +03:00
parent 73e809e189
commit 8e8a3c3235
562 changed files with 2523 additions and 244 deletions

View File

@@ -1,3 +1,4 @@
# #region ScriptsPackage [TYPE Package]
# @ingroup Module
# @BRIEF Script entrypoint package root.
# #endregion ScriptsPackage

View File

@@ -1,4 +1,5 @@
# #region check_migration_chain [C:3] [TYPE Module] [SEMANTICS alembic,migration,validation,ci]
# @defgroup Module Module group.
# @BRIEF Validates Alembic migration chain integrity — checks for multiple heads,
# broken chains, and missing down_revision references.
# @RATIONALE Merge migrations (e.g., f0e9d8c7b6a5) are fragile — a new migration
@@ -15,6 +16,7 @@ sys.path.insert(0, str(Path(__file__).resolve().parents[1]))
# #region check_migration_heads [C:2] [TYPE Function]
# @ingroup Module
# @BRIEF Checks that there is exactly one migration head.
# @POST Prints error and exits 1 if multiple heads found.
def check_migration_heads() -> None:
@@ -45,6 +47,7 @@ def check_migration_heads() -> None:
# #endregion check_migration_heads
# #region check_migration_chain_integrity [C:2] [TYPE Function]
# @ingroup Module
# @BRIEF Walks the migration chain from head to root, checking all down_revision links exist.
# @POST Prints error and exits 1 if a broken link is found.
def check_migration_chain_integrity() -> None:
@@ -100,6 +103,7 @@ def check_migration_chain_integrity() -> None:
# #endregion check_migration_chain_integrity
# #region check_migration_main [C:2] [TYPE Function]
# @ingroup Module
# @BRIEF Entry point — runs all migration chain checks.
def main() -> None:
print("[migration-check] === Alembic Migration Chain Validation ===")

View File

@@ -1,4 +1,5 @@
# #region CleanReleaseCliScript [C:3] [TYPE Module] [SEMANTICS clean-release, artifact, manifest, candidate, cli]
# @defgroup Module Module group.
# @BRIEF Provide headless CLI commands for candidate registration, artifact import and manifest build.
# @LAYER Service
# @RELATION CALLS -> ComplianceOrchestrator
@@ -27,6 +28,7 @@ from ..services.clean_release.publication_service import (
# #region build_parser [TYPE Function]
# @ingroup Module
# @BRIEF Build argparse parser for clean release CLI.
def build_parser() -> argparse.ArgumentParser:
parser = argparse.ArgumentParser(prog="clean-release-cli")
@@ -102,6 +104,7 @@ def build_parser() -> argparse.ArgumentParser:
# #region run_candidate_register [TYPE Function]
# @ingroup Module
# @BRIEF Register candidate in repository via CLI command.
# @PRE Candidate ID must be unique.
# @POST Candidate is persisted in DRAFT status.
@@ -131,6 +134,7 @@ def run_candidate_register(args: argparse.Namespace) -> int:
# #region run_artifact_import [TYPE Function]
# @ingroup Module
# @BRIEF Import single artifact for existing candidate.
# @PRE Candidate must exist.
# @POST Artifact is persisted for candidate.
@@ -164,6 +168,7 @@ def run_artifact_import(args: argparse.Namespace) -> int:
# #region run_manifest_build [TYPE Function]
# @ingroup Module
# @BRIEF Build immutable manifest snapshot for candidate.
# @PRE Candidate must exist.
# @POST New manifest version is persisted.
@@ -198,6 +203,7 @@ def run_manifest_build(args: argparse.Namespace) -> int:
# #region run_compliance_run [TYPE Function]
# @ingroup Module
# @BRIEF Execute compliance run for candidate with optional manifest fallback.
# @PRE Candidate exists and trusted snapshots are configured.
# @POST Returns run payload and exit code 0 on success.
@@ -237,6 +243,7 @@ def run_compliance_run(args: argparse.Namespace) -> int:
# #region run_compliance_status [TYPE Function]
# @ingroup Module
# @BRIEF Read run status by run id.
# @PRE Run exists.
# @POST Returns run status payload.
@@ -299,6 +306,7 @@ def _to_payload(value: Any) -> dict[str, Any]:
# #region run_compliance_report [TYPE Function]
# @ingroup Module
# @BRIEF Read immutable report by run id.
# @PRE Run and report exist.
# @POST Returns report payload.
@@ -326,6 +334,7 @@ def run_compliance_report(args: argparse.Namespace) -> int:
# #region run_compliance_violations [TYPE Function]
# @ingroup Module
# @BRIEF Read run violations by run id.
# @PRE Run exists.
# @POST Returns violations payload.
@@ -351,6 +360,7 @@ def run_compliance_violations(args: argparse.Namespace) -> int:
# #region run_approve [TYPE Function]
# @ingroup Module
# @BRIEF Approve candidate based on immutable PASSED report.
# @PRE Candidate and report exist; report is PASSED.
# @POST Persists APPROVED decision and returns success payload.
@@ -382,6 +392,7 @@ def run_approve(args: argparse.Namespace) -> int:
# #region run_reject [TYPE Function]
# @ingroup Module
# @BRIEF Reject candidate without mutating compliance evidence.
# @PRE Candidate and report exist.
# @POST Persists REJECTED decision and returns success payload.
@@ -413,6 +424,7 @@ def run_reject(args: argparse.Namespace) -> int:
# #region run_publish [TYPE Function]
# @ingroup Module
# @BRIEF Publish approved candidate to target channel.
# @PRE Candidate is approved and report belongs to candidate.
# @POST Appends ACTIVE publication record and returns payload.
@@ -441,6 +453,7 @@ def run_publish(args: argparse.Namespace) -> int:
# #region run_revoke [TYPE Function]
# @ingroup Module
# @BRIEF Revoke active publication record.
# @PRE Publication id exists and is ACTIVE.
# @POST Publication record status becomes REVOKED.
@@ -467,6 +480,7 @@ def run_revoke(args: argparse.Namespace) -> int:
# #region main [TYPE Function]
# @ingroup Module
# @BRIEF CLI entrypoint for clean release commands.
def main(argv: list[str] | None = None) -> int:
seed_trace_id()

View File

@@ -1,4 +1,5 @@
# #region CleanReleaseTuiScript [C:3] [TYPE Module] [SEMANTICS clean-release, validate, compliance, release, tui-facade-adapter]
# @defgroup Module Module group.
# @BRIEF Interactive terminal interface for Enterprise Clean Release compliance validation.
# @LAYER UI
# @RELATION DEPENDS_ON -> [ComplianceExecutionService]
@@ -49,6 +50,7 @@ from src.services.clean_release.repository import CleanReleaseRepository
# #region TuiFacadeAdapter [TYPE Class]
# @defgroup Module Module group.
# @BRIEF Thin TUI adapter that routes business mutations through application services.
# @PRE repository contains candidate and trusted policy/registry snapshots for execution.
# @POST Business actions return service results/errors without direct TUI-owned mutations.
@@ -185,6 +187,7 @@ class TuiFacadeAdapter:
}
# #endregion TuiFacadeAdapter
# #region CleanReleaseTUI [TYPE Class]
# @defgroup Module Module group.
# @BRIEF Curses-based application for compliance monitoring.
# @UX_STATE READY -> Waiting for operator to start checks (F5).
# @UX_STATE RUNNING -> Executing compliance stages with progress feedback.
@@ -562,6 +565,7 @@ class CleanReleaseTUI:
self.refresh_overview()
self.refresh_screen()
# #region bundle_build_mode [C:4] [TYPE Function] [SEMANTICS bundle,build,release]
# @ingroup Module
# @BRIEF Interactive bundle build screen — select type, enter tag, watch live build output.
# @PRE TTY is available. Bundle type selected (1 or 2). Tag is non-empty.
# @POST Subprocess completes (success/failure). Output displayed. User returns via Esc.

View File

@@ -1,4 +1,5 @@
# #region CreateAdminScript [C:5] [TYPE Module] [SEMANTICS admin, search, user, cli]
# @defgroup Module Module group.
#
# @BRIEF CLI tool for creating the initial admin user.
# @LAYER Infrastructure
@@ -25,6 +26,7 @@ from src.models.auth import Role, User
# #region create_admin [TYPE Function]
# @ingroup Module
# @BRIEF Creates an admin user and necessary roles/permissions.
# @PRE username and password provided via CLI.
# @POST Admin user exists in auth.db.

View File

@@ -1,5 +1,6 @@
#!/usr/bin/env python3
# #region DeleteRunningTasksUtil [C:3] [TYPE Module]
# @defgroup Module Module group.
# @PURPOSE Script to delete tasks with RUNNING status from the database.
# @LAYER Infrastructure
# @SEMANTICS maintenance, database, cleanup
@@ -11,6 +12,7 @@ from src.core.database import TasksSessionLocal
from src.models.task import TaskRecord
# #region delete_running_tasks [C:4] [TYPE Function]
# @ingroup Module
# @PURPOSE Delete all tasks with RUNNING status from the database.
# @PRE Database is accessible and TaskRecord model is defined.
# @POST All tasks with status 'RUNNING' are removed from the database.

View File

@@ -1,4 +1,5 @@
# #region InitAuthDbScript [C:2] [TYPE Module] [SEMANTICS auth]
# @defgroup Module Module group.
#
# @BRIEF Initializes the auth database and creates the necessary tables.
# @LAYER Service
@@ -22,6 +23,7 @@ from src.scripts.seed_permissions import seed_permissions
# #region run_init [C:3] [TYPE Function]
# @ingroup Module
# @BRIEF Main entry point for the initialization script.
# @POST auth.db is initialized with the correct schema and seeded permissions.
# @RELATION CALLS -> [ensure_encryption_key]

View File

@@ -1,4 +1,5 @@
# #region SeedPermissionsScript [C:5] [TYPE Module] [SEMANTICS rbac, search, auth]
# @defgroup Module Module group.
#
# @BRIEF Populates the auth database with initial system permissions.
# @LAYER Infrastructure
@@ -24,6 +25,7 @@ from src.core.logger import belief_scope, logger
from src.models.auth import Permission, Role
# #region INITIAL_PERMISSIONS [C:3] [TYPE Constant]
# @ingroup Module
# @BRIEF Canonical bootstrap permission tuples seeded into auth storage.
# @RELATION DEPENDS_ON -> SeedPermissionsScript
INITIAL_PERMISSIONS = [
@@ -61,6 +63,7 @@ INITIAL_PERMISSIONS = [
# #region seed_permissions [C:3] [TYPE Function]
# @ingroup Module
# @BRIEF Inserts missing permissions into the database.
# @POST All INITIAL_PERMISSIONS exist in the DB.
# @RELATION DEPENDS_ON -> AuthSessionLocal

View File

@@ -1,4 +1,5 @@
# #region SeedSupersetLoadTestScript [C:5] [TYPE Module] [SEMANTICS superset, validate]
# @defgroup Module Module group.
#
# @BRIEF Creates randomized load-test data in Superset by cloning chart configurations and creating dashboards in target environments.
# @LAYER Infrastructure
@@ -241,6 +242,7 @@ def _build_chart_template_pool(
# #region seed_superset_load_data [TYPE Function]
# @ingroup Module
# @BRIEF Creates dashboards and cloned charts for load testing across target environments.
# @PRE Target environments must be reachable and authenticated.
# @POST Returns execution statistics dictionary.
@@ -369,6 +371,7 @@ def seed_superset_load_data(args: argparse.Namespace) -> dict:
# #region main [TYPE Function]
# @ingroup Module
# @BRIEF CLI entrypoint for Superset load-test data seeding.
# @PRE Command line arguments are valid.
# @POST Prints summary and exits with non-zero status on failure.

View File

@@ -1,5 +1,6 @@
#!/usr/bin/env python3
# #region test_dataset_dashboard_relations_script [C:2] [TYPE Module] [SEMANTICS pydantic, dashboard, dataset, test, superset]
# @defgroup Module Module group.
# @BRIEF Tests and inspects dataset-to-dashboard relationship responses from Superset API.
# @RATIONALE Added '# DIAGNOSTIC SCRIPT — not a test' header comment. Script already had if __name__ guard.