{
"event": "PreToolUse",
"tool_name": "mcp__mcp-contracts__contracts_update",
"tool_input": {
"id": 5,
"yaml_content": "contract:\n name: layered-architecture\n version: \"3.0\"\n status: active\n description: |\n Validierung der Schichtenarchitektur (MVC in \/src, MVP in \/app).\n v3.0: Erweitert um Supervision-Regeln (Controller als Transport-Layer).\n\n created: \"2025-12-20\"\n updated: \"2025-12-22\"\n author: system_generated_under_supervision\n\n scope:\n paths:\n - \"\/src\/**\/*.php\"\n - \"\/app\/**\/*.php\"\n excludes:\n - \"\/tests\/**\"\n - \"\/scripts\/**\"\n - \"\/public\/**\"\n - \"\/config\/**\"\n - \"\/src\/View\/docs\/**\"\n\n rules:\n # === STRUKTUR-REGELN ===\n - id: directory-structure\n check_type: structure_check\n required_dirs:\n - \"\/src\/Domain\"\n - \"\/src\/UseCases\"\n - \"\/src\/Infrastructure\"\n - \"\/src\/Controller\"\n - \"\/src\/View\"\n severity: critical\n description: \"Erwartete Verzeichnisstruktur muss existieren\"\n\n # === LAYER-ABHÄNGIGKEITEN ===\n - id: no-app-imports-in-src\n check_type: dependency_check\n forbidden_imports:\n - \"App\\\\Presenter\"\n - \"App\\\\View\"\n in_files: \"\/src\/**\/*.php\"\n severity: critical\n description: \"src darf nicht von app abhängen\"\n\n - id: no-infrastructure-in-domain\n check_type: dependency_check\n forbidden_imports:\n - \"Infrastructure\\\\\"\n in_files: \"Domain\/**\/*.php\"\n severity: critical\n description: \"Domain darf nicht von Infrastructure abhängen\"\n\n - id: no-superglobals-in-domain\n check_type: forbidden_pattern\n patterns:\n - \"$_GET\"\n - \"$_POST\"\n - \"$_SESSION\"\n - \"$_REQUEST\"\n in_files: \"Domain\/**\/*.php\"\n severity: critical\n description: \"Domain darf keine Superglobals verwenden\"\n\n # === CONTROLLER-REGELN (NEU aus Supervision) ===\n - id: no-pdo-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"private PDO\"\n - \"private \\\\PDO\"\n - \"->query(\"\n - \"->prepare(\"\n in_files: \"Controller\/**\/*.php\"\n severity: critical\n description: \"Controller dürfen kein direktes PDO\/SQL verwenden\"\n\n - id: no-new-repository-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"new .*Repository\"\n in_files: \"Controller\/**\/*.php\"\n severity: critical\n description: \"Controller dürfen Repositories nicht selbst instanziieren\"\n\n - id: no-new-service-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"new .*Service\"\n in_files: \"Controller\/**\/*.php\"\n severity: major\n description: \"Controller dürfen Services nicht selbst instanziieren\"\n\n - id: no-sql-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"SELECT \"\n - \"INSERT INTO\"\n - \"UPDATE \"\n - \"DELETE FROM\"\n in_files: \"Controller\/**\/*.php\"\n severity: critical\n description: \"SQL-Statements gehören in Repositories\"\n\n - id: no-echo-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"echo \"\n - \"echo(\"\n - \"print \"\n - \"print(\"\n in_files: \"Controller\/**\/*.php\"\n severity: major\n description: \"Controller dürfen kein direktes Output erzeugen - nutze view()\/partial()\/json()\"\n\n - id: no-parsedown-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"Parsedown\"\n - \"->text(\"\n in_files: \"Controller\/**\/*.php\"\n severity: major\n description: \"Markdown-Formatierung gehört in Formatter-Klassen\"\n\n - id: no-header-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"header(\"\n in_files: \"Controller\/**\/*.php\"\n severity: minor\n description: \"HTTP-Header über Base-Controller-Methoden setzen\"\n\n # === PRESENTER-REGELN ===\n - id: no-sql-in-presenter\n check_type: forbidden_pattern\n patterns:\n - \"->query(\"\n - \"->prepare(\"\n - \"new PDO\"\n in_files: \"Presenter\/**\/*.php\"\n severity: critical\n description: \"Presenter darf kein direktes SQL enthalten\"\n\n # === PLATZIERUNGS-REGELN ===\n - id: presenter-in-app\n check_type: forbidden_pattern\n patterns:\n - \"class.*Presenter\"\n in_files: \"\/src\/**\/*.php\"\n severity: critical\n description: \"Presenter gehören nach \/app\/Presenter, nicht nach \/src\"\n\n - id: controller-not-in-app\n check_type: forbidden_pattern\n patterns:\n - \"class.*Controller\"\n in_files: \"\/app\/**\/*.php\"\n severity: critical\n description: \"Controller gehören nach \/src\/Controller, nicht nach \/app\"\n\n enforcement:\n on_violation: block\n hook: \"\/var\/www\/tools\/ki-protokoll\/claude-hook\/architecture_guard.py\"\n\n pass_threshold:\n critical_max: 0\n major_max: 2\n minor_max: 5\n\n supervision_reference:\n problems_addressed:\n - \"#1: Controller greifen direkt auf PDO und SQL zu\"\n - \"#3: Controller enthalten Geschäfts- und Workflow-Logik\"\n - \"#5: Präsentationslogik im Controller\"\n - \"#6: Inkonsistente Response-Strategien\"\n - \"#8: Controller bauen Abhängigkeiten selbst\"\n",
"new_version": "3.0",
"change_description": "Erweitert um Supervision-Regeln: no-pdo-in-controller, no-new-repository-in-controller, no-new-service-in-controller, no-sql-in-controller, no-echo-in-controller, no-parsedown-in-controller, no-header-in-controller. Referenziert adressierte Supervision-Probleme.",
"changed_by": "claude"
}
}
{
"tool_response": [
{
"type": "text",
"text": "{\n \"success\": true,\n \"contract\": {\n \"id\": 5,\n \"uuid\": \"d5b5cd24-8128-41b7-8d93-f94710a8ea9d\",\n \"name\": \"layered-architecture-pruefung_v1.0\",\n \"version\": \"3.0\",\n \"status\": \"active\",\n \"yaml_content\": \"contract:\\n name: layered-architecture\\n version: \\\"3.0\\\"\\n status: active\\n description: |\\n Validierung der Schichtenarchitektur (MVC in \/src, MVP in \/app).\\n v3.0: Erweitert um Supervision-Regeln (Controller als Transport-Layer).\\n\\n created: \\\"2025-12-20\\\"\\n updated: \\\"2025-12-22\\\"\\n author: system_generated_under_supervision\\n\\n scope:\\n paths:\\n - \\\"\/src\/**\/*.php\\\"\\n - \\\"\/app\/**\/*.php\\\"\\n excludes:\\n - \\\"\/tests\/**\\\"\\n - \\\"\/scripts\/**\\\"\\n - \\\"\/public\/**\\\"\\n - \\\"\/config\/**\\\"\\n - \\\"\/src\/View\/docs\/**\\\"\\n\\n rules:\\n # === STRUKTUR-REGELN ===\\n - id: directory-structure\\n check_type: structure_check\\n required_dirs:\\n - \\\"\/src\/Domain\\\"\\n - \\\"\/src\/UseCases\\\"\\n - \\\"\/src\/Infrastructure\\\"\\n - \\\"\/src\/Controller\\\"\\n - \\\"\/src\/View\\\"\\n severity: critical\\n description: \\\"Erwartete Verzeichnisstruktur muss existieren\\\"\\n\\n # === LAYER-ABHÄNGIGKEITEN ===\\n - id: no-app-imports-in-src\\n check_type: dependency_check\\n forbidden_imports:\\n - \\\"App\\\\\\\\Presenter\\\"\\n - \\\"App\\\\\\\\View\\\"\\n in_files: \\\"\/src\/**\/*.php\\\"\\n severity: critical\\n description: \\\"src darf nicht von app abhängen\\\"\\n\\n - id: no-infrastructure-in-domain\\n check_type: dependency_check\\n forbidden_imports:\\n - \\\"Infrastructure\\\\\\\\\\\"\\n in_files: \\\"Domain\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Domain darf nicht von Infrastructure abhängen\\\"\\n\\n - id: no-superglobals-in-domain\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"$_GET\\\"\\n - \\\"$_POST\\\"\\n - \\\"$_SESSION\\\"\\n - \\\"$_REQUEST\\\"\\n in_files: \\\"Domain\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Domain darf keine Superglobals verwenden\\\"\\n\\n # === CONTROLLER-REGELN (NEU aus Supervision) ===\\n - id: no-pdo-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"private PDO\\\"\\n - \\\"private \\\\\\\\PDO\\\"\\n - \\\"->query(\\\"\\n - \\\"->prepare(\\\"\\n in_files: \\\"Controller\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Controller dürfen kein direktes PDO\/SQL verwenden\\\"\\n\\n - id: no-new-repository-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"new .*Repository\\\"\\n in_files: \\\"Controller\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Controller dürfen Repositories nicht selbst instanziieren\\\"\\n\\n - id: no-new-service-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"new .*Service\\\"\\n in_files: \\\"Controller\/**\/*.php\\\"\\n severity: major\\n description: \\\"Controller dürfen Services nicht selbst instanziieren\\\"\\n\\n - id: no-sql-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"SELECT \\\"\\n - \\\"INSERT INTO\\\"\\n - \\\"UPDATE \\\"\\n - \\\"DELETE FROM\\\"\\n in_files: \\\"Controller\/**\/*.php\\\"\\n severity: critical\\n description: \\\"SQL-Statements gehören in Repositories\\\"\\n\\n - id: no-echo-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"echo \\\"\\n - \\\"echo(\\\"\\n - \\\"print \\\"\\n - \\\"print(\\\"\\n in_files: \\\"Controller\/**\/*.php\\\"\\n severity: major\\n description: \\\"Controller dürfen kein direktes Output erzeugen - nutze view()\/partial()\/json()\\\"\\n\\n - id: no-parsedown-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"Parsedown\\\"\\n - \\\"->text(\\\"\\n in_files: \\\"Controller\/**\/*.php\\\"\\n severity: major\\n description: \\\"Markdown-Formatierung gehört in Formatter-Klassen\\\"\\n\\n - id: no-header-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"header(\\\"\\n in_files: \\\"Controller\/**\/*.php\\\"\\n severity: minor\\n description: \\\"HTTP-Header über Base-Controller-Methoden setzen\\\"\\n\\n # === PRESENTER-REGELN ===\\n - id: no-sql-in-presenter\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"->query(\\\"\\n - \\\"->prepare(\\\"\\n - \\\"new PDO\\\"\\n in_files: \\\"Presenter\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Presenter darf kein direktes SQL enthalten\\\"\\n\\n # === PLATZIERUNGS-REGELN ===\\n - id: presenter-in-app\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"class.*Presenter\\\"\\n in_files: \\\"\/src\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Presenter gehören nach \/app\/Presenter, nicht nach \/src\\\"\\n\\n - id: controller-not-in-app\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"class.*Controller\\\"\\n in_files: \\\"\/app\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Controller gehören nach \/src\/Controller, nicht nach \/app\\\"\\n\\n enforcement:\\n on_violation: block\\n hook: \\\"\/var\/www\/tools\/ki-protokoll\/claude-hook\/architecture_guard.py\\\"\\n\\n pass_threshold:\\n critical_max: 0\\n major_max: 2\\n minor_max: 5\\n\\n supervision_reference:\\n problems_addressed:\\n - \\\"#1: Controller greifen direkt auf PDO und SQL zu\\\"\\n - \\\"#3: Controller enthalten Geschäfts- und Workflow-Logik\\\"\\n - \\\"#5: Präsentationslogik im Controller\\\"\\n - \\\"#6: Inkonsistente Response-Strategien\\\"\\n - \\\"#8: Controller bauen Abhängigkeiten selbst\\\"\\n\",\n \"scope_description\": \"\",\n \"created_at\": \"2025-12-20T10:59:58\",\n \"created_by\": \"migration\",\n \"updated_at\": \"2025-12-22T10:01:09\"\n },\n \"message\": \"Contract updated to v3.0\"\n}"
}
]
}