{
"event": "PreToolUse",
"tool_name": "mcp__mcp-contracts__contracts_update",
"tool_input": {
"id": 5,
"yaml_content": "contract:\n name: layered-architecture\n version: \"3.2\"\n status: active\n description: |\n Validierung der Schichtenarchitektur (MVC in \/src, MVP in \/app).\n v3.0: Erweitert um Supervision-Regeln (Controller als Transport-Layer).\n v3.1: Pfade korrigiert (src\/ Prefix für in_files).\n v3.2: Regex-Patterns escaped für korrekte Validierung.\n\n created: \"2025-12-20\"\n updated: \"2025-12-22\"\n author: system_generated_under_supervision\n\n scope:\n paths:\n - \"\/src\/**\/*.php\"\n - \"\/app\/**\/*.php\"\n excludes:\n - \"\/tests\/**\"\n - \"\/scripts\/**\"\n - \"\/public\/**\"\n - \"\/config\/**\"\n - \"\/src\/View\/docs\/**\"\n\n rules:\n # === CONTROLLER-REGELN (aus Supervision) ===\n - id: no-pdo-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"private PDO\"\n - \"->query\"\n - \"->prepare\"\n in_files: \"src\/Controller\/**\/*.php\"\n severity: critical\n description: \"Controller dürfen kein direktes PDO\/SQL verwenden\"\n\n - id: no-new-repository-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"new .*Repository\"\n in_files: \"src\/Controller\/**\/*.php\"\n severity: critical\n description: \"Controller dürfen Repositories nicht selbst instanziieren\"\n\n - id: no-new-service-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"new .*Service\"\n in_files: \"src\/Controller\/**\/*.php\"\n severity: major\n description: \"Controller dürfen Services nicht selbst instanziieren\"\n\n - id: no-sql-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"SELECT .* FROM\"\n - \"INSERT INTO\"\n - \"UPDATE .* SET\"\n - \"DELETE FROM\"\n in_files: \"src\/Controller\/**\/*.php\"\n severity: critical\n description: \"SQL-Statements gehören in Repositories\"\n\n - id: no-echo-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"echo '\"\n - 'echo \"'\n in_files: \"src\/Controller\/**\/*.php\"\n severity: major\n description: \"Controller dürfen kein direktes Output erzeugen - nutze view()\/partial()\/json()\"\n\n - id: no-parsedown-in-controller\n check_type: forbidden_pattern\n patterns:\n - \"new Parsedown\"\n - \"Parsedown::\"\n in_files: \"src\/Controller\/**\/*.php\"\n severity: major\n description: \"Markdown-Formatierung gehört in Formatter-Klassen\"\n\n # === DOMAIN-REGELN ===\n - id: no-superglobals-in-domain\n check_type: forbidden_pattern\n patterns:\n - \"_GET\"\n - \"_POST\"\n - \"_SESSION\"\n - \"_REQUEST\"\n in_files: \"src\/Domain\/**\/*.php\"\n severity: critical\n description: \"Domain darf keine Superglobals verwenden\"\n\n # === PRESENTER-REGELN ===\n - id: no-sql-in-presenter\n check_type: forbidden_pattern\n patterns:\n - \"->query\"\n - \"->prepare\"\n - \"new PDO\"\n in_files: \"app\/Presenter\/**\/*.php\"\n severity: critical\n description: \"Presenter darf kein direktes SQL enthalten\"\n\n # === PLATZIERUNGS-REGELN ===\n - id: presenter-in-app\n check_type: forbidden_pattern\n patterns:\n - \"class .* extends .*Presenter\"\n in_files: \"src\/**\/*.php\"\n severity: critical\n description: \"Presenter gehören nach \/app\/Presenter, nicht nach \/src\"\n\n - id: controller-not-in-app\n check_type: forbidden_pattern\n patterns:\n - \"class .* extends .*Controller\"\n in_files: \"app\/**\/*.php\"\n severity: critical\n description: \"Controller gehören nach \/src\/Controller, nicht nach \/app\"\n\n enforcement:\n on_violation: block\n hook: \"\/var\/www\/tools\/ki-protokoll\/claude-hook\/architecture_guard.py\"\n\n pass_threshold:\n critical_max: 0\n major_max: 2\n minor_max: 5\n\n supervision_reference:\n problems_addressed:\n - \"#1: Controller greifen direkt auf PDO und SQL zu\"\n - \"#3: Controller enthalten Geschäfts- und Workflow-Logik\"\n - \"#5: Präsentationslogik im Controller\"\n - \"#6: Inkonsistente Response-Strategien\"\n - \"#8: Controller bauen Abhängigkeiten selbst\"\n",
"new_version": "3.2",
"change_description": "Regex-Patterns escaped und vereinfacht für korrekte Validierung ohne Parse-Fehler",
"changed_by": "claude"
}
}
{
"tool_response": [
{
"type": "text",
"text": "{\n \"success\": true,\n \"contract\": {\n \"id\": 5,\n \"uuid\": \"d5b5cd24-8128-41b7-8d93-f94710a8ea9d\",\n \"name\": \"layered-architecture-pruefung_v1.0\",\n \"version\": \"3.2\",\n \"status\": \"active\",\n \"yaml_content\": \"contract:\\n name: layered-architecture\\n version: \\\"3.2\\\"\\n status: active\\n description: |\\n Validierung der Schichtenarchitektur (MVC in \/src, MVP in \/app).\\n v3.0: Erweitert um Supervision-Regeln (Controller als Transport-Layer).\\n v3.1: Pfade korrigiert (src\/ Prefix für in_files).\\n v3.2: Regex-Patterns escaped für korrekte Validierung.\\n\\n created: \\\"2025-12-20\\\"\\n updated: \\\"2025-12-22\\\"\\n author: system_generated_under_supervision\\n\\n scope:\\n paths:\\n - \\\"\/src\/**\/*.php\\\"\\n - \\\"\/app\/**\/*.php\\\"\\n excludes:\\n - \\\"\/tests\/**\\\"\\n - \\\"\/scripts\/**\\\"\\n - \\\"\/public\/**\\\"\\n - \\\"\/config\/**\\\"\\n - \\\"\/src\/View\/docs\/**\\\"\\n\\n rules:\\n # === CONTROLLER-REGELN (aus Supervision) ===\\n - id: no-pdo-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"private PDO\\\"\\n - \\\"->query\\\"\\n - \\\"->prepare\\\"\\n in_files: \\\"src\/Controller\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Controller dürfen kein direktes PDO\/SQL verwenden\\\"\\n\\n - id: no-new-repository-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"new .*Repository\\\"\\n in_files: \\\"src\/Controller\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Controller dürfen Repositories nicht selbst instanziieren\\\"\\n\\n - id: no-new-service-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"new .*Service\\\"\\n in_files: \\\"src\/Controller\/**\/*.php\\\"\\n severity: major\\n description: \\\"Controller dürfen Services nicht selbst instanziieren\\\"\\n\\n - id: no-sql-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"SELECT .* FROM\\\"\\n - \\\"INSERT INTO\\\"\\n - \\\"UPDATE .* SET\\\"\\n - \\\"DELETE FROM\\\"\\n in_files: \\\"src\/Controller\/**\/*.php\\\"\\n severity: critical\\n description: \\\"SQL-Statements gehören in Repositories\\\"\\n\\n - id: no-echo-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"echo '\\\"\\n - 'echo \\\"'\\n in_files: \\\"src\/Controller\/**\/*.php\\\"\\n severity: major\\n description: \\\"Controller dürfen kein direktes Output erzeugen - nutze view()\/partial()\/json()\\\"\\n\\n - id: no-parsedown-in-controller\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"new Parsedown\\\"\\n - \\\"Parsedown::\\\"\\n in_files: \\\"src\/Controller\/**\/*.php\\\"\\n severity: major\\n description: \\\"Markdown-Formatierung gehört in Formatter-Klassen\\\"\\n\\n # === DOMAIN-REGELN ===\\n - id: no-superglobals-in-domain\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"_GET\\\"\\n - \\\"_POST\\\"\\n - \\\"_SESSION\\\"\\n - \\\"_REQUEST\\\"\\n in_files: \\\"src\/Domain\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Domain darf keine Superglobals verwenden\\\"\\n\\n # === PRESENTER-REGELN ===\\n - id: no-sql-in-presenter\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"->query\\\"\\n - \\\"->prepare\\\"\\n - \\\"new PDO\\\"\\n in_files: \\\"app\/Presenter\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Presenter darf kein direktes SQL enthalten\\\"\\n\\n # === PLATZIERUNGS-REGELN ===\\n - id: presenter-in-app\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"class .* extends .*Presenter\\\"\\n in_files: \\\"src\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Presenter gehören nach \/app\/Presenter, nicht nach \/src\\\"\\n\\n - id: controller-not-in-app\\n check_type: forbidden_pattern\\n patterns:\\n - \\\"class .* extends .*Controller\\\"\\n in_files: \\\"app\/**\/*.php\\\"\\n severity: critical\\n description: \\\"Controller gehören nach \/src\/Controller, nicht nach \/app\\\"\\n\\n enforcement:\\n on_violation: block\\n hook: \\\"\/var\/www\/tools\/ki-protokoll\/claude-hook\/architecture_guard.py\\\"\\n\\n pass_threshold:\\n critical_max: 0\\n major_max: 2\\n minor_max: 5\\n\\n supervision_reference:\\n problems_addressed:\\n - \\\"#1: Controller greifen direkt auf PDO und SQL zu\\\"\\n - \\\"#3: Controller enthalten Geschäfts- und Workflow-Logik\\\"\\n - \\\"#5: Präsentationslogik im Controller\\\"\\n - \\\"#6: Inkonsistente Response-Strategien\\\"\\n - \\\"#8: Controller bauen Abhängigkeiten selbst\\\"\\n\",\n \"scope_description\": \"\",\n \"created_at\": \"2025-12-20T10:59:58\",\n \"created_by\": \"migration\",\n \"updated_at\": \"2025-12-22T10:04:50\"\n },\n \"message\": \"Contract updated to v3.2\"\n}"
}
]
}