marfrit/aish
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4f5c3aeba9dd0857c356b414c6279beaa6360bdc
aish/docs
T
History
marfrit 4f5c3aeba9 docs/PHASE9: formulate — project-local config overlay (.aish.lua) 
Phase 9 formulate manifest + PHASE0 §11 amendment (adds Phase 9 row)
+ PHASE0 §10 amendment (config resolution order now references Phase
9's overlay step). Substrate-touch lands same commit per CLAUDE.md §3.

Four pillars:

  1. .aish.lua walk-up from cwd; stops at $HOME or filesystem root.
     First found file becomes the project layer. Absence = no-op.

  2. Shallow merge over user config: project top-level keys REPLACE
     user keys. Predictable; deep merge surprises with array/table
     semantics. Users compose full blocks explicitly.

  3. Trust prompt + sha256-pinned persistence in ~/.aish/trusted-
     projects (JSONL, mode 0600). First encounter prompts; subsequent
     startups load only if recorded sha matches. Content change ->
     re-prompt. Matches direnv-allow security posture.

  4. :config show meta — lists each source path with the top-level
     keys it contributed + sanitized effective config dump
     (token-bearing fields masked).

Key design decisions documented:

  - Trust mechanism is explicit (not default-trust-all-cwds) —
    .aish.lua runs arbitrary Lua via dofile; hostile cloned-repo
    case is a real concern.
  - $HOME boundary on walk-up — don't search /tmp or /. Repos
    outside $HOME get no project layer.
  - Reload on cd: NO. Config resolved at startup only.
  - sha256 via shelled `sha256sum` (POSIX-portable; avoid
    vendoring a Lua impl).

§9 risk table covers: hostile repo (trust prompt), corrupted trust
file (best-effort skip), updated repo (sha mismatch re-prompts),
dofile errors (pcall-protected), walk-up safety ($HOME boundary).

6 open questions for analyze:
  Q-P1 — trust prompt before/after startup status
  Q-P2 — sha256sum vs openssl dgst (baseline)
  Q-P3 — log walk-up path?
  Q-P4 — rl.readline safe at startup?
  Q-P5 — :config show full vs top-level
  Q-P6 — project-set secrets.vault security

Scope confirmed via AskUserQuestion: project-local overlay (chosen
over cost preflight enforcement and cross-session cost persistence,
both deferred as Phase 10 candidates per §11).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-16 23:36:35 +00:00
..
PHASE0.md
docs/PHASE9: formulate — project-local config overlay (.aish.lua)
2026-05-16 23:36:35 +00:00
PHASE1.md
review followups: pcall shield, :resume guard, shell quoting, nits
2026-05-10 20:05:23 +00:00
PHASE2-baseline.md
docs/PHASE2-baseline: pre-implementation measurements
2026-05-12 12:34:32 +00:00
PHASE2.md
phase2 amend: __ separator (Bedrock-safe) + post_sse error diagnostics
2026-05-12 20:04:57 +00:00
PHASE3-baseline.md
docs/PHASE3: analyze + baseline — \C-n mechanics, LLM latency, module pre-state
2026-05-12 22:37:58 +00:00
PHASE3.md
docs/PHASE3: re-review NIT fold-in — pipe-to-sh EOL, ci= note, §12 sync
2026-05-12 22:45:25 +00:00
PHASE4.md
docs/PHASE4: review fold-in — flock for race, Norris suppression, summarizer self-amp
2026-05-13 04:50:43 +00:00
PHASE5.md
docs/PHASE5: review fold-in — callback signature, Norris suppression, cost defaults
2026-05-13 11:15:39 +00:00
PHASE6-baseline.md
docs/PHASE6-baseline: substrate probes ahead of implementation
2026-05-16 21:58:56 +00:00
PHASE6.md
config + docs/PHASE6: example block + status -> Implement (Phase 6 commit #6)
2026-05-16 22:27:58 +00:00
PHASE7-baseline.md
docs/PHASE7-baseline: live broker probes for usage shape
2026-05-16 22:49:53 +00:00
PHASE7.md
config + docs/PHASE7: example block + status -> Implement (Phase 7 commit #6)
2026-05-16 23:02:55 +00:00
PHASE8-baseline.md
docs/PHASE8-baseline: live /tokenize probes
2026-05-16 23:22:05 +00:00
PHASE8.md
config + docs/PHASE8: example block + status -> Implement (Phase 8 commit #5)
2026-05-16 23:32:16 +00:00
PHASE9.md
docs/PHASE9: formulate — project-local config overlay (.aish.lua)
2026-05-16 23:36:35 +00:00