Skip to content

[v1 readiness][kratos] Clean/delete safety and false-positive fixture gate #92

Description

@JeremyDev87

[v1 readiness][kratos] Clean/delete safety and false-positive fixture gate

Goal

Harden v1 deletion safety so clean remains preview-first and false-positive-prone JS/TS entrypoints are protected by regression fixtures.

Source of Truth

  • Parent epic: [v1 readiness] Kratos release gate epic (no version bump) #90
  • Repo: JeremyDev87/kratos
  • Parent implementation plan artifact: /Users/pjw/.hermes/thread-workcells/discord/282499436049858561/1508085811139051580/TASKS/v1-ddplan-issues/IMPLEMENTATION_PLAN.md
  • Version bump, tag, publish, CI dispatch, branch, commit, and PR creation are out of scope for this issue.

Wiki Context Manifest

  • Queries attempted: frontend evidence gates release evidence contract, code is not cheap AI maintenance cost ratio, alex core invariants SSoT No Silent Fallback idempotency, 12-factor agents runtime contract event log release workflow, overeager coding agents task scope destructive action, prompt assets skill issue planning evidence
  • Wiki sources read: [wiki: frontend/evidence-gates.md], [wiki: principles/code-is-not-cheap.md], [wiki: principles/alex-core-invariants.md], [wiki: harness-engineering/12-factor-agents-runtime-contract.md], [wiki: harness-engineering/overeager-coding-agents-scope-contract.md], [wiki: harness-engineering/prompt-assets.md], [wiki: raw/2026-05-24-ai-maintenance-cost-ratio-source-map.md]
  • Relevant wiki facts: v1 readiness requires artifact/runtime/evidence bundles, not only test-green; release and wrapper flows must preserve SSoT, atomicity, idempotency, and No Silent Fallback; destructive or fix-like commands need task-scope/evidence gates; AI-generated velocity must lower future maintenance cost rather than add broad v1 scope.
  • remember-wiki applicability / skip reason: skipped; target repos are JeremyDev87/* personal CLI repos, not Remember/dramancompany repos.
  • Non-wiki inference: repo-specific split below is based on live local repo docs/config/workflows and npm registry checks performed before issue creation.

Quality Lens Router Output

  • Applicable gate families:
    • evidence-contract: v1 readiness, package install, CLI output, release/publish, and fallback claims need concrete proof.
    • simplicity-deletability: v1 work must prefer contract/evidence gaps over broad new features or nonessential abstractions.
    • tdd-systematic-debugging: false-positive, fallback, exit-code, and packaging regressions should be fixture/test-backed.
  • Skipped gates:
    • frontend-design: not-applicable; CLI/runtime/docs work only.
    • vercel-agent-skills: not-applicable; no React/Next/Vercel/mobile surface.
    • deploy-token-safety: limited; no token/deploy mutation in this issue, only release credential evidence requirements.

Evidence Contract

  • Required evidence:
    • Candidate SHA/version alignment evidence when a candidate is selected.
    • Repo test evidence plus source CLI smoke.
    • npm pack / packed-install evidence for the user-consumed artifact.
    • Release workflow/check/dist-tag/GitHub Release evidence where release automation is touched.
    • Explicit fallback/unsupported-platform evidence where wrapper/native-runtime selection is touched.
  • Evidence not applicable:
    • Browser screenshot/DOM: not-applicable, CLI repos.
    • Production URL: not-applicable, npm/GitHub release surface only.
  • Blocking evidence gaps:
    • Final v1 version bump/tag is intentionally out of scope for this issue set.

Owned files / likely touched areas

  • crates/kratos-core/src/analyze.rs
  • crates/kratos-core/src/discover.rs
  • crates/kratos-core/src/resolve.rs
  • crates/kratos-cli/src/commands/clean.rs
  • crates/kratos-core/tests/**
  • fixtures/**

Inspect-only files

  • README*.md
  • CONTRIBUTING.md
  • docs/plans/04-sweep-experience.md

Must not touch

  • automatic deletion defaults
  • unrelated roadmap feature implementation
  • version bump/tag/publish

Implementation steps

  1. List destructive paths and current dry-run/apply semantics.
  2. Add fixtures for framework-consumed exports, scripts, entrypoints, dynamic imports, and suppressions.
  3. Ensure delete/apply behavior is evidence/report based and fail-closed.
  4. Document remaining unsupported patterns as explicit limitations if needed.

Parallelization note

Can run in parallel with K3/K4 if fixture ownership does not overlap.

Dependencies / blocked by

Should follow or coordinate with K1 if report fields change.

Validation / evidence required

  • cargo test --workspace
  • npm run clean -- ./fixtures/demo-app/.kratos/latest-report.json when fixture path exists
  • targeted clean safety tests

Completion criteria

  • Required validation evidence is pasted into the PR body or final issue comment.
  • No v1 version bump/tag/publish is performed.
  • If any required evidence is unavailable, the issue remains open with the gap classified as Medium/High rather than being marked complete.

Metadata

Metadata

Assignees

Labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions