Protokoll #6559
| ID | 6559 |
|---|---|
| Zeitstempel | 2025-12-23 06:16:30.964705 |
| Client | root |
| IP | Warning: Undefined array key "request_ip" in /var/www/dev.campus.systemische-tools.de/src/View/protokoll/show.php on line 13 Deprecated: htmlspecialchars(): Passing null to parameter #1 ($string) of type string is deprecated in /var/www/dev.campus.systemische-tools.de/src/View/protokoll/show.php on line 13 |
| Modell | claude-sonnet-4-20250514 |
| Status | completed |
| Tokens | 7,537 (Input: 0, Output: 0) |
| Dauer | 98 ms |
| Request-Zeit | Warning: Undefined array key "request_timestamp" in /var/www/dev.campus.systemische-tools.de/src/View/protokoll/show.php on line 18 |
| Response-Zeit | - |
Warning: Undefined array key "error_message" in /var/www/dev.campus.systemische-tools.de/src/View/protokoll/show.php on line 22
Request
{
"event": "PreToolUse",
"tool_name": "Write",
"tool_input": {
"file_path": "\/var\/www\/dev.campus.systemische-tools.de\/docs\/plan-architecture-gate-enforcement.md",
"content": "# Plan: Architecture Gate Contract Enforcement\n\n## Status: Supervision-Review abgeschlossen\n\n| Komponente | Status |\n|------------|--------|\n| Contract YAML (ID 11) | Existiert, aktiv |\n| Supervision-Review | Abgeschlossen |\n| Pre-Hook | Bereit zur Implementierung |\n| Post-Hook | Phase 2 (nach Pre-Hook) |\n\n---\n\n## Supervision-Entscheidungen\n\n| Frage | Entscheidung |\n|-------|--------------|\n| Rollback bei Violation? | **Nein.** Blockiere vorher oder warne nachher. |\n| Statisch vs. Dynamisch? | **Phase 1: Statisch.** Pre-Hook niemals dynamisch. |\n| Alle 23 Regeln? | **Nein.** 5 harte Regeln zuerst. |\n| Reihenfolge? | Pre-Hook → Test → Post-Hook. Niemals beides gleichzeitig. |\n\n---\n\n## Bereinigte Regelmatrix\n\n### BLOCK (Pre-Hook, nicht verhandelbar)\n\n| ID | Regel | Pattern | Controller-Erkennung |\n|----|-------|---------|---------------------|\n| H1 | strict_types fehlt | `^(?!.*declare\\(strict_types=1\\))` | Alle PHP-Dateien |\n| H2 | Domain nutzt Infrastructure | `use Infrastructure\\\\` in `\/Domain\/` | Pfad enthält `\/Domain\/` |\n| H3 | Static DB außerhalb Factory | `DatabaseFactory::` | Pfad enthält NICHT `\/Factory\/` |\n| H4 | new Repository in Controller | `new \\w+Repository\\(` | Pfad enthält `\/Controller\/` |\n| H5 | new Infrastructure-Service in Controller | `new Infrastructure\\\\` | Pfad enthält `\/Controller\/` |\n\n### WARN (Post-Hook, Indikatoren)\n\n| ID | Regel | Check | Schwellwert |\n|----|-------|-------|-------------|\n| W1 | Klassengröße | Zeilenanzahl | > 300 Zeilen |\n| W2 | Constructor-Komplexität | Parameter-Count | > 5 Parameter |\n| W3 | SQL im Controller | SQL-Keywords | SELECT\/INSERT\/UPDATE\/DELETE |\n| W4 | Fehlende PHPDoc | Public Methods ohne Doc | Warnung |\n\n### GESTRICHEN (zu unscharf)\n\n| Original | Grund |\n|----------|-------|\n| Duplizierte Methodensignaturen | Ohne AST nicht sauber prüfbar |\n| Business Logic Pattern | Nicht formal definierbar |\n| new Service (generisch) | Zu grob, Application Services legitim |\n\n---\n\n## Allowlist (Ausnahmen)\n\n```python\nALLOWED_NEW_PATHS = [\n \"\/Factory\/\", # Factory-Klassen dürfen new verwenden\n \"\/Bootstrap\/\", # Bootstrap-Code darf new verwenden\n \"\/tests\/\", # Test-Code darf new verwenden\n \"\/Test\/\", # PHPUnit Tests\n]\n```\n\n---\n\n## Controller-Erkennung\n\n**Eindeutige Definition:**\n```python\ndef is_controller(file_path: str) -> bool:\n return \"\/Controller\/\" in file_path\n```\n\n**Keine Heuristiken.** Nur Pfad-basiert.\n\n---\n\n## Phase 1: Pre-Hook Implementation\n\n**Datei:** `\/opt\/scripts\/hooks\/architecture_guard.py`\n\n**Trigger:** `PreToolUse` für `Write` auf `*.php`\n\n**Struktur:**\n```python\n#!\/usr\/bin\/env python3\n\"\"\"Architecture Gate - Pre-Hook (Blocking)\"\"\"\n\nimport json\nimport re\nimport sys\n\nHARD_RULES = [\n {\n \"id\": \"H1\",\n \"name\": \"strict_types_required\",\n \"pattern\": r\"declare\\(strict_types=1\\)\",\n \"must_match\": True,\n \"applies_to\": \"all\",\n \"message\": \"Missing declare(strict_types=1)\"\n },\n {\n \"id\": \"H2\",\n \"name\": \"domain_no_infrastructure\",\n \"pattern\": r\"use Infrastructure\\\\\",\n \"must_match\": False,\n \"applies_to\": \"\/Domain\/\",\n \"message\": \"Domain must not use Infrastructure\"\n },\n {\n \"id\": \"H3\",\n \"name\": \"db_factory_only\",\n \"pattern\": r\"DatabaseFactory::\",\n \"must_match\": False,\n \"applies_to_not\": \"\/Factory\/\",\n \"message\": \"DatabaseFactory only allowed in Factory classes\"\n },\n {\n \"id\": \"H4\",\n \"name\": \"no_new_repository_in_controller\",\n \"pattern\": r\"new \\w+Repository\\(\",\n \"must_match\": False,\n \"applies_to\": \"\/Controller\/\",\n \"message\": \"new Repository in Controller not allowed. Use DI.\"\n },\n {\n \"id\": \"H5\",\n \"name\": \"no_new_infrastructure_in_controller\",\n \"pattern\": r\"new Infrastructure\\\\\",\n \"must_match\": False,\n \"applies_to\": \"\/Controller\/\",\n \"message\": \"new Infrastructure in Controller not allowed. Use DI.\"\n }\n]\n\nALLOWED_PATHS = [\"\/Factory\/\", \"\/Bootstrap\/\", \"\/tests\/\", \"\/Test\/\"]\n\ndef check_rules(file_path: str, content: str) -> dict:\n # Allowlist check\n for allowed in ALLOWED_PATHS:\n if allowed in file_path:\n return {\"allowed\": True}\n\n for rule in HARD_RULES:\n if not applies(rule, file_path):\n continue\n\n match = re.search(rule[\"pattern\"], content)\n\n if rule[\"must_match\"] and not match:\n return {\n \"allowed\": False,\n \"message\": f\"ARCHITECTURE VIOLATION [{rule['id']}]: {rule['message']}\"\n }\n\n if not rule[\"must_match\"] and match:\n return {\n \"allowed\": False,\n \"message\": f\"ARCHITECTURE VIOLATION [{rule['id']}]: {rule['message']}\"\n }\n\n return {\"allowed\": True}\n```\n\n**Output bei Violation:**\n```json\n{\n \"allowed\": false,\n \"message\": \"ARCHITECTURE VIOLATION [H4]: new Repository in Controller not allowed. Use DI.\"\n}\n```\n\n---\n\n## Phase 2: Post-Hook Implementation (nach Pre-Hook-Erfolg)\n\n**Datei:** `\/opt\/scripts\/hooks\/architecture_validator.py`\n\n**Trigger:** `PostToolUse` für `Write|Edit` auf `*.php`\n\n**Output (nur Warnungen, kein Block):**\n```\n[ARCHITECTURE] Warnings for ContentController.php:\n - W1: Class has 450 lines (max 300)\n - W2: Constructor has 7 parameters (max 5)\n```\n\n---\n\n## Hook-Konfiguration\n\n```json\n{\n \"hooks\": {\n \"PreToolUse\": [\n {\n \"matcher\": \"Write\",\n \"hooks\": [\n {\n \"type\": \"command\",\n \"command\": \"\/opt\/scripts\/hooks\/architecture_guard.py\",\n \"timeout\": 5\n }\n ]\n }\n ]\n }\n}\n```\n\n**Post-Hook erst nach erfolgreicher Pre-Hook-Phase aktivieren.**\n\n---\n\n## Implementierungs-Reihenfolge\n\n1. [x] Supervision-Review abgeschlossen\n2. [ ] `architecture_guard.py` implementieren (5 harte Regeln)\n3. [ ] Dokumentierte Violation Messages\n4. [ ] Test mit absichtlichen Verstößen\n5. [ ] Integration in `\/root\/.claude\/settings.json`\n6. [ ] Beobachtungsphase (1 Woche)\n7. [ ] Post-Hook `architecture_validator.py` (Warnungen)\n8. [ ] Dokumentation in `\/docs\/prozesse\/`\n\n---\n\n## Contract-Erweiterung\n\nDer Contract (ID 11) sollte um einen `hard_constraints`-Abschnitt erweitert werden:\n\n```yaml\nhard_constraints:\n applies_pre_creation: true\n rules:\n - id: H1\n name: strict_types_required\n block: true\n - id: H2\n name: domain_no_infrastructure\n block: true\n - id: H3\n name: db_factory_only\n block: true\n - id: H4\n name: no_new_repository_in_controller\n block: true\n - id: H5\n name: no_new_infrastructure_in_controller\n block: true\n```\n\n---\n\n## Nächster Schritt\n\nImplementierung von `\/opt\/scripts\/hooks\/architecture_guard.py` mit den 5 harten Regeln.\n"
}
}Response
{
"tool_response": {
"type": "update",
"filePath": "\/var\/www\/dev.campus.systemische-tools.de\/docs\/plan-architecture-gate-enforcement.md",
"content": "# Plan: Architecture Gate Contract Enforcement\n\n## Status: Supervision-Review abgeschlossen\n\n| Komponente | Status |\n|------------|--------|\n| Contract YAML (ID 11) | Existiert, aktiv |\n| Supervision-Review | Abgeschlossen |\n| Pre-Hook | Bereit zur Implementierung |\n| Post-Hook | Phase 2 (nach Pre-Hook) |\n\n---\n\n## Supervision-Entscheidungen\n\n| Frage | Entscheidung |\n|-------|--------------|\n| Rollback bei Violation? | **Nein.** Blockiere vorher oder warne nachher. |\n| Statisch vs. Dynamisch? | **Phase 1: Statisch.** Pre-Hook niemals dynamisch. |\n| Alle 23 Regeln? | **Nein.** 5 harte Regeln zuerst. |\n| Reihenfolge? | Pre-Hook → Test → Post-Hook. Niemals beides gleichzeitig. |\n\n---\n\n## Bereinigte Regelmatrix\n\n### BLOCK (Pre-Hook, nicht verhandelbar)\n\n| ID | Regel | Pattern | Controller-Erkennung |\n|----|-------|---------|---------------------|\n| H1 | strict_types fehlt | `^(?!.*declare\\(strict_types=1\\))` | Alle PHP-Dateien |\n| H2 | Domain nutzt Infrastructure | `use Infrastructure\\\\` in `\/Domain\/` | Pfad enthält `\/Domain\/` |\n| H3 | Static DB außerhalb Factory | `DatabaseFactory::` | Pfad enthält NICHT `\/Factory\/` |\n| H4 | new Repository in Controller | `new \\w+Repository\\(` | Pfad enthält `\/Controller\/` |\n| H5 | new Infrastructure-Service in Controller | `new Infrastructure\\\\` | Pfad enthält `\/Controller\/` |\n\n### WARN (Post-Hook, Indikatoren)\n\n| ID | Regel | Check | Schwellwert |\n|----|-------|-------|-------------|\n| W1 | Klassengröße | Zeilenanzahl | > 300 Zeilen |\n| W2 | Constructor-Komplexität | Parameter-Count | > 5 Parameter |\n| W3 | SQL im Controller | SQL-Keywords | SELECT\/INSERT\/UPDATE\/DELETE |\n| W4 | Fehlende PHPDoc | Public Methods ohne Doc | Warnung |\n\n### GESTRICHEN (zu unscharf)\n\n| Original | Grund |\n|----------|-------|\n| Duplizierte Methodensignaturen | Ohne AST nicht sauber prüfbar |\n| Business Logic Pattern | Nicht formal definierbar |\n| new Service (generisch) | Zu grob, Application Services legitim |\n\n---\n\n## Allowlist (Ausnahmen)\n\n```python\nALLOWED_NEW_PATHS = [\n \"\/Factory\/\", # Factory-Klassen dürfen new verwenden\n \"\/Bootstrap\/\", # Bootstrap-Code darf new verwenden\n \"\/tests\/\", # Test-Code darf new verwenden\n \"\/Test\/\", # PHPUnit Tests\n]\n```\n\n---\n\n## Controller-Erkennung\n\n**Eindeutige Definition:**\n```python\ndef is_controller(file_path: str) -> bool:\n return \"\/Controller\/\" in file_path\n```\n\n**Keine Heuristiken.** Nur Pfad-basiert.\n\n---\n\n## Phase 1: Pre-Hook Implementation\n\n**Datei:** `\/opt\/scripts\/hooks\/architecture_guard.py`\n\n**Trigger:** `PreToolUse` für `Write` auf `*.php`\n\n**Struktur:**\n```python\n#!\/usr\/bin\/env python3\n\"\"\"Architecture Gate - Pre-Hook (Blocking)\"\"\"\n\nimport json\nimport re\nimport sys\n\nHARD_RULES = [\n {\n \"id\": \"H1\",\n \"name\": \"strict_types_required\",\n \"pattern\": r\"declare\\(strict_types=1\\)\",\n \"must_match\": True,\n \"applies_to\": \"all\",\n \"message\": \"Missing declare(strict_types=1)\"\n },\n {\n \"id\": \"H2\",\n \"name\": \"domain_no_infrastructure\",\n \"pattern\": r\"use Infrastructure\\\\\",\n \"must_match\": False,\n \"applies_to\": \"\/Domain\/\",\n \"message\": \"Domain must not use Infrastructure\"\n },\n {\n \"id\": \"H3\",\n \"name\": \"db_factory_only\",\n \"pattern\": r\"DatabaseFactory::\",\n \"must_match\": False,\n \"applies_to_not\": \"\/Factory\/\",\n \"message\": \"DatabaseFactory only allowed in Factory classes\"\n },\n {\n \"id\": \"H4\",\n \"name\": \"no_new_repository_in_controller\",\n \"pattern\": r\"new \\w+Repository\\(\",\n \"must_match\": False,\n \"applies_to\": \"\/Controller\/\",\n \"message\": \"new Repository in Controller not allowed. Use DI.\"\n },\n {\n \"id\": \"H5\",\n \"name\": \"no_new_infrastructure_in_controller\",\n \"pattern\": r\"new Infrastructure\\\\\",\n \"must_match\": False,\n \"applies_to\": \"\/Controller\/\",\n \"message\": \"new Infrastructure in Controller not allowed. Use DI.\"\n }\n]\n\nALLOWED_PATHS = [\"\/Factory\/\", \"\/Bootstrap\/\", \"\/tests\/\", \"\/Test\/\"]\n\ndef check_rules(file_path: str, content: str) -> dict:\n # Allowlist check\n for allowed in ALLOWED_PATHS:\n if allowed in file_path:\n return {\"allowed\": True}\n\n for rule in HARD_RULES:\n if not applies(rule, file_path):\n continue\n\n match = re.search(rule[\"pattern\"], content)\n\n if rule[\"must_match\"] and not match:\n return {\n \"allowed\": False,\n \"message\": f\"ARCHITECTURE VIOLATION [{rule['id']}]: {rule['message']}\"\n }\n\n if not rule[\"must_match\"] and match:\n return {\n \"allowed\": False,\n \"message\": f\"ARCHITECTURE VIOLATION [{rule['id']}]: {rule['message']}\"\n }\n\n return {\"allowed\": True}\n```\n\n**Output bei Violation:**\n```json\n{\n \"allowed\": false,\n \"message\": \"ARCHITECTURE VIOLATION [H4]: new Repository in Controller not allowed. Use DI.\"\n}\n```\n\n---\n\n## Phase 2: Post-Hook Implementation (nach Pre-Hook-Erfolg)\n\n**Datei:** `\/opt\/scripts\/hooks\/architecture_validator.py`\n\n**Trigger:** `PostToolUse` für `Write|Edit` auf `*.php`\n\n**Output (nur Warnungen, kein Block):**\n```\n[ARCHITECTURE] Warnings for ContentController.php:\n - W1: Class has 450 lines (max 300)\n - W2: Constructor has 7 parameters (max 5)\n```\n\n---\n\n## Hook-Konfiguration\n\n```json\n{\n \"hooks\": {\n \"PreToolUse\": [\n {\n \"matcher\": \"Write\",\n \"hooks\": [\n {\n \"type\": \"command\",\n \"command\": \"\/opt\/scripts\/hooks\/architecture_guard.py\",\n \"timeout\": 5\n }\n ]\n }\n ]\n }\n}\n```\n\n**Post-Hook erst nach erfolgreicher Pre-Hook-Phase aktivieren.**\n\n---\n\n## Implementierungs-Reihenfolge\n\n1. [x] Supervision-Review abgeschlossen\n2. [ ] `architecture_guard.py` implementieren (5 harte Regeln)\n3. [ ] Dokumentierte Violation Messages\n4. [ ] Test mit absichtlichen Verstößen\n5. [ ] Integration in `\/root\/.claude\/settings.json`\n6. [ ] Beobachtungsphase (1 Woche)\n7. [ ] Post-Hook `architecture_validator.py` (Warnungen)\n8. [ ] Dokumentation in `\/docs\/prozesse\/`\n\n---\n\n## Contract-Erweiterung\n\nDer Contract (ID 11) sollte um einen `hard_constraints`-Abschnitt erweitert werden:\n\n```yaml\nhard_constraints:\n applies_pre_creation: true\n rules:\n - id: H1\n name: strict_types_required\n block: true\n - id: H2\n name: domain_no_infrastructure\n block: true\n - id: H3\n name: db_factory_only\n block: true\n - id: H4\n name: no_new_repository_in_controller\n block: true\n - id: H5\n name: no_new_infrastructure_in_controller\n block: true\n```\n\n---\n\n## Nächster Schritt\n\nImplementierung von `\/opt\/scripts\/hooks\/architecture_guard.py` mit den 5 harten Regeln.\n",
"structuredPatch": [
{
"oldStart": 1,
"oldLines": 87,
"newStart": 1,
"newLines": 193,
"lines": [
" # Plan: Architecture Gate Contract Enforcement",
" ",
"-## Status Quo",
"+## Status: Supervision-Review abgeschlossen",
" ",
"-| Komponente | Existiert | Enforced |",
"-|------------|-----------|----------|",
"-| Contract YAML | Ja (ID 11) | Nein |",
"-| Pre-Hook | Nein | - |",
"-| Post-Hook | Nein | - |",
"-| Validierung | Nein | - |",
"+| Komponente | Status |",
"+|------------|--------|",
"+| Contract YAML (ID 11) | Existiert, aktiv |",
"+| Supervision-Review | Abgeschlossen |",
"+| Pre-Hook | Bereit zur Implementierung |",
"+| Post-Hook | Phase 2 (nach Pre-Hook) |",
" ",
"-**Problem:** Contract ist nur Dokumentation. Keine technische Durchsetzung.",
"+---",
" ",
"+## Supervision-Entscheidungen",
"+",
"+| Frage | Entscheidung |",
"+|-------|--------------|",
"+| Rollback bei Violation? | **Nein.** Blockiere vorher oder warne nachher. |",
"+| Statisch vs. Dynamisch? | **Phase 1: Statisch.** Pre-Hook niemals dynamisch. |",
"+| Alle 23 Regeln? | **Nein.** 5 harte Regeln zuerst. |",
"+| Reihenfolge? | Pre-Hook → Test → Post-Hook. Niemals beides gleichzeitig. |",
"+",
" ---",
" ",
"-## Ziel",
"+## Bereinigte Regelmatrix",
" ",
"-Jede neue PHP-Datei muss den `architecture-gate-contract` passieren:",
"-- **Pre-Creation:** Blockierung bei Violation (A1-A9)",
"-- **Post-Creation:** Warnung oder Rollback bei Violation (B1-B14)",
"+### BLOCK (Pre-Hook, nicht verhandelbar)",
" ",
"+| ID | Regel | Pattern | Controller-Erkennung |",
"+|----|-------|---------|---------------------|",
"+| H1 | strict_types fehlt | `^(?!.*declare\\(strict_types=1\\))` | Alle PHP-Dateien |",
"+| H2 | Domain nutzt Infrastructure | `use Infrastructure\\\\` in `\/Domain\/` | Pfad enthält `\/Domain\/` |",
"+| H3 | Static DB außerhalb Factory | `DatabaseFactory::` | Pfad enthält NICHT `\/Factory\/` |",
"+| H4 | new Repository in Controller | `new \\w+Repository\\(` | Pfad enthält `\/Controller\/` |",
"+| H5 | new Infrastructure-Service in Controller | `new Infrastructure\\\\` | Pfad enthält `\/Controller\/` |",
"+",
"+### WARN (Post-Hook, Indikatoren)",
"+",
"+| ID | Regel | Check | Schwellwert |",
"+|----|-------|-------|-------------|",
"+| W1 | Klassengröße | Zeilenanzahl | > 300 Zeilen |",
"+| W2 | Constructor-Komplexität | Parameter-Count | > 5 Parameter |",
"+| W3 | SQL im Controller | SQL-Keywords | SELECT\/INSERT\/UPDATE\/DELETE |",
"+| W4 | Fehlende PHPDoc | Public Methods ohne Doc | Warnung |",
"+",
"+### GESTRICHEN (zu unscharf)",
"+",
"+| Original | Grund |",
"+|----------|-------|",
"+| Duplizierte Methodensignaturen | Ohne AST nicht sauber prüfbar |",
"+| Business Logic Pattern | Nicht formal definierbar |",
"+| new Service (generisch) | Zu grob, Application Services legitim |",
"+",
" ---",
" ",
"-## Implementierungsplan",
"+## Allowlist (Ausnahmen)",
" ",
"-### Phase 1: Pre-Hook (Blockierend)",
"+```python",
"+ALLOWED_NEW_PATHS = [",
"+ \"\/Factory\/\", # Factory-Klassen dürfen new verwenden",
"+ \"\/Bootstrap\/\", # Bootstrap-Code darf new verwenden",
"+ \"\/tests\/\", # Test-Code darf new verwenden",
"+ \"\/Test\/\", # PHPUnit Tests",
"+]",
"+```",
" ",
"+---",
"+",
"+## Controller-Erkennung",
"+",
"+**Eindeutige Definition:**",
"+```python",
"+def is_controller(file_path: str) -> bool:",
"+ return \"\/Controller\/\" in file_path",
"+```",
"+",
"+**Keine Heuristiken.** Nur Pfad-basiert.",
"+",
"+---",
"+",
"+## Phase 1: Pre-Hook Implementation",
"+",
" **Datei:** `\/opt\/scripts\/hooks\/architecture_guard.py`",
" ",
" **Trigger:** `PreToolUse` für `Write` auf `*.php`",
" ",
"-**Prüfungen (hartcodiert, deterministisch):**",
"+**Struktur:**",
"+```python",
"+#!\/usr\/bin\/env python3",
"+\"\"\"Architecture Gate - Pre-Hook (Blocking)\"\"\"",
" ",
"-| Regel | Pattern | Aktion |",
"-|-------|---------|--------|",
"-| B4\/B12 | `new \\w+Repository\\(` in Controller | BLOCK |",
"-| B4\/B12 | `new \\w+Service\\(` in Controller | BLOCK |",
"-| B4 | `DatabaseFactory::` außerhalb Factory | BLOCK |",
"-| B4 | `::createConnection()` in Service | BLOCK |",
"-| B5 | `use Infrastructure\\` in Domain | BLOCK |",
"-| B10 | Fehlendes `declare(strict_types=1)` | BLOCK |",
"-| B11 | Namespace stimmt nicht mit Pfad | BLOCK |",
"+import json",
"+import re",
"+import sys",
" ",
"+HARD_RULES = [",
"+ {",
"+ \"id\": \"H1\",",
"+ \"name\": \"strict_types_required\",",
"+ \"pattern\": r\"declare\\(strict_types=1\\)\",",
"+ \"must_match\": True,",
"+ \"applies_to\": \"all\",",
"+ \"message\": \"Missing declare(strict_types=1)\"",
"+ },",
"+ {",
"+ \"id\": \"H2\",",
"+ \"name\": \"domain_no_infrastructure\",",
"+ \"pattern\": r\"use Infrastructure\\\\\",",
"+ \"must_match\": False,",
"+ \"applies_to\": \"\/Domain\/\",",
"+ \"message\": \"Domain must not use Infrastructure\"",
"+ },",
"+ {",
"+ \"id\": \"H3\",",
"+ \"name\": \"db_factory_only\",",
"+ \"pattern\": r\"DatabaseFactory::\",",
"+ \"must_match\": False,",
"+ \"applies_to_not\": \"\/Factory\/\",",
"+ \"message\": \"DatabaseFactory only allowed in Factory classes\"",
"+ },",
"+ {",
"+ \"id\": \"H4\",",
"+ \"name\": \"no_new_repository_in_controller\",",
"+ \"pattern\": r\"new \\w+Repository\\(\",",
"+ \"must_match\": False,",
"+ \"applies_to\": \"\/Controller\/\",",
"+ \"message\": \"new Repository in Controller not allowed. Use DI.\"",
"+ },",
"+ {",
"+ \"id\": \"H5\",",
"+ \"name\": \"no_new_infrastructure_in_controller\",",
"+ \"pattern\": r\"new Infrastructure\\\\\",",
"+ \"must_match\": False,",
"+ \"applies_to\": \"\/Controller\/\",",
"+ \"message\": \"new Infrastructure in Controller not allowed. Use DI.\"",
"+ }",
"+]",
"+",
"+ALLOWED_PATHS = [\"\/Factory\/\", \"\/Bootstrap\/\", \"\/tests\/\", \"\/Test\/\"]",
"+",
"+def check_rules(file_path: str, content: str) -> dict:",
"+ # Allowlist check",
"+ for allowed in ALLOWED_PATHS:",
"+ if allowed in file_path:",
"+ return {\"allowed\": True}",
"+",
"+ for rule in HARD_RULES:",
"+ if not applies(rule, file_path):",
"+ continue",
"+",
"+ match = re.search(rule[\"pattern\"], content)",
"+",
"+ if rule[\"must_match\"] and not match:",
"+ return {",
"+ \"allowed\": False,",
"+ \"message\": f\"ARCHITECTURE VIOLATION [{rule['id']}]: {rule['message']}\"",
"+ }",
"+",
"+ if not rule[\"must_match\"] and match:",
"+ return {",
"+ \"allowed\": False,",
"+ \"message\": f\"ARCHITECTURE VIOLATION [{rule['id']}]: {rule['message']}\"",
"+ }",
"+",
"+ return {\"allowed\": True}",
"+```",
"+",
" **Output bei Violation:**",
" ```json",
" {",
" \"allowed\": false,",
"- \"message\": \"ARCHITECTURE VIOLATION [B4]: new Repository in Controller not allowed. Use DI via constructor.\"",
"+ \"message\": \"ARCHITECTURE VIOLATION [H4]: new Repository in Controller not allowed. Use DI.\"",
" }",
" ```",
" ",
"-### Phase 2: Post-Hook (Warnend)",
"+---",
" ",
"+## Phase 2: Post-Hook Implementation (nach Pre-Hook-Erfolg)",
"+",
" **Datei:** `\/opt\/scripts\/hooks\/architecture_validator.py`",
" ",
" **Trigger:** `PostToolUse` für `Write|Edit` auf `*.php`",
" ",
"-**Prüfungen:**",
"-",
"-| Regel | Check | Aktion |",
"-|-------|-------|--------|",
"-| B1 | Klasse > 300 Zeilen | WARN |",
"-| B2 | Duplizierte Methoden-Signaturen | WARN |",
"-| B3 | Mehr als 5 Constructor-Parameter | WARN |",
"-| B7 | Business Logic Pattern in Controller | WARN |",
"-| B14 | Keine PHPDoc an public methods | WARN |",
"-",
"-**Output:**",
"+**Output (nur Warnungen, kein Block):**",
" ```",
"-[ARCHITECTURE] Warnings for NewFile.php:",
"- - B1: Class has 450 lines (max 300)",
"- - B3: Constructor has 7 parameters (max 5)",
"+[ARCHITECTURE] Warnings for ContentController.php:",
"+ - W1: Class has 450 lines (max 300)",
"+ - W2: Constructor has 7 parameters (max 5)",
" ```",
" ",
"-### Phase 3: Integration mit Contract-System",
"-",
"-**Langfristig:** Hook liest Regeln dynamisch aus Contract YAML statt Hardcoding.",
"-",
"-```python",
"-contract = load_contract('architecture-gate-contract')",
"-for rule in contract['phase_2_post_creation_validation']:",
"- check_rule(file_content, rule)",
"-```",
"-",
" ---",
" ",
" ## Hook-Konfiguration"
]
},
{
"oldStart": 100,
"oldLines": 50,
"newStart": 206,
"newLines": 55,
"lines": [
" }",
" ]",
" }",
"- ],",
"- \"PostToolUse\": [",
"- {",
"- \"matcher\": \"Write|Edit\",",
"- \"hooks\": [",
"- {",
"- \"type\": \"command\",",
"- \"command\": \"\/opt\/scripts\/hooks\/architecture_validator.py\",",
"- \"timeout\": 10",
"- }",
"- ]",
"- }",
" ]",
" }",
" }",
" ```",
" ",
"+**Post-Hook erst nach erfolgreicher Pre-Hook-Phase aktivieren.**",
"+",
" ---",
" ",
"-## Offene Fragen an Supervision",
"+## Implementierungs-Reihenfolge",
" ",
"-1. **Blockieren vs. Warnen:** Welche Regeln sollen hart blockieren, welche nur warnen?",
"+1. [x] Supervision-Review abgeschlossen",
"+2. [ ] `architecture_guard.py` implementieren (5 harte Regeln)",
"+3. [ ] Dokumentierte Violation Messages",
"+4. [ ] Test mit absichtlichen Verstößen",
"+5. [ ] Integration in `\/root\/.claude\/settings.json`",
"+6. [ ] Beobachtungsphase (1 Woche)",
"+7. [ ] Post-Hook `architecture_validator.py` (Warnungen)",
"+8. [ ] Dokumentation in `\/docs\/prozesse\/`",
" ",
"-2. **Rollback:** Soll bei Post-Hook-Violation automatisch zurückgerollt werden?",
"+---",
" ",
"-3. **Ausnahmen:** Gibt es legitime Ausnahmen (z.B. Factory darf `new` verwenden)?",
"+## Contract-Erweiterung",
" ",
"-4. **Granularität:** Sollen alle 23 Regeln implementiert werden oder Fokus auf Top 5?",
"+Der Contract (ID 11) sollte um einen `hard_constraints`-Abschnitt erweitert werden:",
" ",
"-5. **Priorität:** In welcher Reihenfolge implementieren?",
"- - Option A: Erst alle Pre-Hooks, dann Post-Hooks",
"- - Option B: Erst kritischste Regeln (B4, B5, B10), dann Rest",
"+```yaml",
"+hard_constraints:",
"+ applies_pre_creation: true",
"+ rules:",
"+ - id: H1",
"+ name: strict_types_required",
"+ block: true",
"+ - id: H2",
"+ name: domain_no_infrastructure",
"+ block: true",
"+ - id: H3",
"+ name: db_factory_only",
"+ block: true",
"+ - id: H4",
"+ name: no_new_repository_in_controller",
"+ block: true",
"+ - id: H5",
"+ name: no_new_infrastructure_in_controller",
"+ block: true",
"+```",
" ",
"-6. **Dynamisch vs. Statisch:**",
"- - Statisch: Regeln in Python hardcoded (schneller, einfacher)",
"- - Dynamisch: Regeln aus Contract YAML laden (flexibler, komplexer)",
"-",
" ---",
" ",
"-## Nächste Schritte",
"+## Nächster Schritt",
" ",
"-1. [ ] Supervision reviewt diesen Plan",
"-2. [ ] Entscheidung: Welche Regeln zuerst?",
"-3. [ ] Implementierung `architecture_guard.py`",
"-4. [ ] Test mit bewusster Violation",
"-5. [ ] Integration in `\/root\/.claude\/settings.json`",
"-6. [ ] Dokumentation in `\/docs\/prozesse\/`",
"+Implementierung von `\/opt\/scripts\/hooks\/architecture_guard.py` mit den 5 harten Regeln."
]
}
],
"originalFile": "# Plan: Architecture Gate Contract Enforcement\n\n## Status Quo\n\n| Komponente | Existiert | Enforced |\n|------------|-----------|----------|\n| Contract YAML | Ja (ID 11) | Nein |\n| Pre-Hook | Nein | - |\n| Post-Hook | Nein | - |\n| Validierung | Nein | - |\n\n**Problem:** Contract ist nur Dokumentation. Keine technische Durchsetzung.\n\n---\n\n## Ziel\n\nJede neue PHP-Datei muss den `architecture-gate-contract` passieren:\n- **Pre-Creation:** Blockierung bei Violation (A1-A9)\n- **Post-Creation:** Warnung oder Rollback bei Violation (B1-B14)\n\n---\n\n## Implementierungsplan\n\n### Phase 1: Pre-Hook (Blockierend)\n\n**Datei:** `\/opt\/scripts\/hooks\/architecture_guard.py`\n\n**Trigger:** `PreToolUse` für `Write` auf `*.php`\n\n**Prüfungen (hartcodiert, deterministisch):**\n\n| Regel | Pattern | Aktion |\n|-------|---------|--------|\n| B4\/B12 | `new \\w+Repository\\(` in Controller | BLOCK |\n| B4\/B12 | `new \\w+Service\\(` in Controller | BLOCK |\n| B4 | `DatabaseFactory::` außerhalb Factory | BLOCK |\n| B4 | `::createConnection()` in Service | BLOCK |\n| B5 | `use Infrastructure\\` in Domain | BLOCK |\n| B10 | Fehlendes `declare(strict_types=1)` | BLOCK |\n| B11 | Namespace stimmt nicht mit Pfad | BLOCK |\n\n**Output bei Violation:**\n```json\n{\n \"allowed\": false,\n \"message\": \"ARCHITECTURE VIOLATION [B4]: new Repository in Controller not allowed. Use DI via constructor.\"\n}\n```\n\n### Phase 2: Post-Hook (Warnend)\n\n**Datei:** `\/opt\/scripts\/hooks\/architecture_validator.py`\n\n**Trigger:** `PostToolUse` für `Write|Edit` auf `*.php`\n\n**Prüfungen:**\n\n| Regel | Check | Aktion |\n|-------|-------|--------|\n| B1 | Klasse > 300 Zeilen | WARN |\n| B2 | Duplizierte Methoden-Signaturen | WARN |\n| B3 | Mehr als 5 Constructor-Parameter | WARN |\n| B7 | Business Logic Pattern in Controller | WARN |\n| B14 | Keine PHPDoc an public methods | WARN |\n\n**Output:**\n```\n[ARCHITECTURE] Warnings for NewFile.php:\n - B1: Class has 450 lines (max 300)\n - B3: Constructor has 7 parameters (max 5)\n```\n\n### Phase 3: Integration mit Contract-System\n\n**Langfristig:** Hook liest Regeln dynamisch aus Contract YAML statt Hardcoding.\n\n```python\ncontract = load_contract('architecture-gate-contract')\nfor rule in contract['phase_2_post_creation_validation']:\n check_rule(file_content, rule)\n```\n\n---\n\n## Hook-Konfiguration\n\n```json\n{\n \"hooks\": {\n \"PreToolUse\": [\n {\n \"matcher\": \"Write\",\n \"hooks\": [\n {\n \"type\": \"command\",\n \"command\": \"\/opt\/scripts\/hooks\/architecture_guard.py\",\n \"timeout\": 5\n }\n ]\n }\n ],\n \"PostToolUse\": [\n {\n \"matcher\": \"Write|Edit\",\n \"hooks\": [\n {\n \"type\": \"command\",\n \"command\": \"\/opt\/scripts\/hooks\/architecture_validator.py\",\n \"timeout\": 10\n }\n ]\n }\n ]\n }\n}\n```\n\n---\n\n## Offene Fragen an Supervision\n\n1. **Blockieren vs. Warnen:** Welche Regeln sollen hart blockieren, welche nur warnen?\n\n2. **Rollback:** Soll bei Post-Hook-Violation automatisch zurückgerollt werden?\n\n3. **Ausnahmen:** Gibt es legitime Ausnahmen (z.B. Factory darf `new` verwenden)?\n\n4. **Granularität:** Sollen alle 23 Regeln implementiert werden oder Fokus auf Top 5?\n\n5. **Priorität:** In welcher Reihenfolge implementieren?\n - Option A: Erst alle Pre-Hooks, dann Post-Hooks\n - Option B: Erst kritischste Regeln (B4, B5, B10), dann Rest\n\n6. **Dynamisch vs. Statisch:**\n - Statisch: Regeln in Python hardcoded (schneller, einfacher)\n - Dynamisch: Regeln aus Contract YAML laden (flexibler, komplexer)\n\n---\n\n## Nächste Schritte\n\n1. [ ] Supervision reviewt diesen Plan\n2. [ ] Entscheidung: Welche Regeln zuerst?\n3. [ ] Implementierung `architecture_guard.py`\n4. [ ] Test mit bewusster Violation\n5. [ ] Integration in `\/root\/.claude\/settings.json`\n6. [ ] Dokumentation in `\/docs\/prozesse\/`\n"
}
}