sneak/mfer - mfer - git.eeqj.de

sneak/mfer

Fork 0

Commit Graph

Author	SHA1	Message	Date
clawbot	9ce16a83ad	Add TODO section to README with 1.0 roadmap, remove TODO.md (#54 ) All checks were successful check / check (push) Successful in 4s Details ## Summary Performs a design and status review of the codebase and adds a comprehensive TODO section to `README.md` listing remaining work for a 1.0 release. ### What changed - README.md: Added a `TODO: Remaining Work for 1.0` section covering: - 7 design questions requiring @sneak's input before implementation (manifest type export, Go module path, GPG vs pure-Go crypto, format framing, etc.) — each with an answer field for inline decisions - Implementation tasks organized by category: repo infrastructure, format & correctness, library, CLI, testing & robustness, documentation, and release checklist - Updated build status section (removed stale Drone CI badge, replaced with description of current Docker-based CI) - TODO.md: Removed — items integrated into README TODO section - AGENTS.md: Updated reference from `TODO.md` to README TODO section ### Design review findings What works well: - Core library (Builder, Scanner, Checker) is solid with good test coverage - Format specification is well-designed (protobuf + zstd, multihash, deterministic serialization) - CLI covers all major operations (gen, check, list, export, freshen, fetch) - Test suite is thorough — builder, scanner, checker, GPG, CLI integration, corruption detection - afero abstraction enables clean testing without filesystem side effects Key gaps for 1.0: - Missing repo infrastructure (`.golangci.yml`, `.editorconfig`, CI workflow) - `manifest` type is unexported — consumers can't use it in their own type declarations - GPG signing shells out to `gpg` subprocess — fragile and may not be installed - Go module path inconsistency between `go.mod` and proto `go_package` - `fetch` command lacks retry logic and has no HTTP timeout - Missing fuzz tests for untrusted input deserialization - Freshen CLI command has incomplete integration test coverage closes #47 closes #50 Co-authored-by: user <user@Mac.lan guest wan> Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de> Co-authored-by: Jeffrey Paul <sneak@noreply.example.org> Reviewed-on: #54 Co-authored-by: clawbot <clawbot@noreply.example.org> Co-committed-by: clawbot <clawbot@noreply.example.org>	2026-04-07 00:43:56 +02:00
clawbot	6ba32f5b35	Add REPO_POLICIES.md, rename CLAUDE.md to AGENTS.md, deduplicate (#51 ) Closes #48 ## Changes - Added `REPO_POLICIES.md` — copied from the standard template at [sneak/prompts](https://git.eeqj.de/sneak/prompts/src/branch/main/prompts/REPO_POLICIES.md) (last_modified: 2026-03-10). This is the authoritative cross-project policy document covering repository structure, tooling, Docker, formatting, testing, and workflow standards. - Renamed `CLAUDE.md` → `AGENTS.md` — deduplicated content: - Rules already covered by `REPO_POLICIES.md` (e.g. `git add -A`, Makefile targets) are no longer repeated - `AGENTS.md` retains only agent-specific workflow instructions: test-first bug fixing, no AI attribution in commits, per-change make fmt/test/lint workflow, and repo-specific notes (proto files, FORMAT.md, TODO.md) - Updated `README.md` — added a reference to `REPO_POLICIES.md` in the Participation section - Formatting — `make fmt` (prettier) applied to all markdown files ## Verification `docker build .` passes clean — lint, fmt-check, and all tests green. Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de> Reviewed-on: #51 Co-authored-by: clawbot <clawbot@noreply.example.org> Co-committed-by: clawbot <clawbot@noreply.example.org>	2026-03-17 05:07:43 +01:00

Author

SHA1

Message

Date

clawbot

9ce16a83ad

Add TODO section to README with 1.0 roadmap, remove TODO.md (#54 )

check / check (push) Successful in 4s

Details

## Summary

Performs a design and status review of the codebase and adds a comprehensive TODO section to `README.md` listing remaining work for a 1.0 release.

### What changed

- **README.md**: Added a `TODO: Remaining Work for 1.0` section covering:
  - **7 design questions** requiring @sneak's input before implementation (manifest type export, Go module path, GPG vs pure-Go crypto, format framing, etc.) — each with an answer field for inline decisions
  - **Implementation tasks** organized by category: repo infrastructure, format & correctness, library, CLI, testing & robustness, documentation, and release checklist
  - Updated build status section (removed stale Drone CI badge, replaced with description of current Docker-based CI)
- **TODO.md**: Removed — items integrated into README TODO section
- **AGENTS.md**: Updated reference from `TODO.md` to README TODO section

### Design review findings

**What works well:**
- Core library (Builder, Scanner, Checker) is solid with good test coverage
- Format specification is well-designed (protobuf + zstd, multihash, deterministic serialization)
- CLI covers all major operations (gen, check, list, export, freshen, fetch)
- Test suite is thorough — builder, scanner, checker, GPG, CLI integration, corruption detection
- afero abstraction enables clean testing without filesystem side effects

**Key gaps for 1.0:**
- Missing repo infrastructure (`.golangci.yml`, `.editorconfig`, CI workflow)
- `manifest` type is unexported — consumers can't use it in their own type declarations
- GPG signing shells out to `gpg` subprocess — fragile and may not be installed
- Go module path inconsistency between `go.mod` and proto `go_package`
- `fetch` command lacks retry logic and has no HTTP timeout
- Missing fuzz tests for untrusted input deserialization
- Freshen CLI command has incomplete integration test coverage

closes #47
closes #50

Co-authored-by: user <user@Mac.lan guest wan>
Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de>
Co-authored-by: Jeffrey Paul <sneak@noreply.example.org>
Reviewed-on: #54
Co-authored-by: clawbot <clawbot@noreply.example.org>
Co-committed-by: clawbot <clawbot@noreply.example.org>

2026-04-07 00:43:56 +02:00

clawbot

6ba32f5b35

Add REPO_POLICIES.md, rename CLAUDE.md to AGENTS.md, deduplicate (#51 )

Closes #48

## Changes

- **Added `REPO_POLICIES.md`** — copied from the standard template at [sneak/prompts](https://git.eeqj.de/sneak/prompts/src/branch/main/prompts/REPO_POLICIES.md) (last_modified: 2026-03-10). This is the authoritative cross-project policy document covering repository structure, tooling, Docker, formatting, testing, and workflow standards.

- **Renamed `CLAUDE.md` → `AGENTS.md`** — deduplicated content:
  - Rules already covered by `REPO_POLICIES.md` (e.g. `git add -A`, Makefile targets) are no longer repeated
  - `AGENTS.md` retains only agent-specific workflow instructions: test-first bug fixing, no AI attribution in commits, per-change make fmt/test/lint workflow, and repo-specific notes (proto files, FORMAT.md, TODO.md)

- **Updated `README.md`** — added a reference to `REPO_POLICIES.md` in the Participation section

- **Formatting** — `make fmt` (prettier) applied to all markdown files

## Verification

`docker build .` passes clean — lint, fmt-check, and all tests green.

Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de>
Reviewed-on: #51
Co-authored-by: clawbot <clawbot@noreply.example.org>
Co-committed-by: clawbot <clawbot@noreply.example.org>

2026-03-17 05:07:43 +01:00

2 Commits