Conversation
…on philosophy SVP is a language-agnostic protocol. The SignatureExtractor + CONTENT_DRIFT mechanism extracted TypeScript-specific signatures from L1 code to detect drift, violating SVP's top-down compilation philosophy. Verification belongs at the L3 contract layer, not by reverse-analyzing compiled artifacts. Pure subtraction: remove signatureHash, CONTENT_DRIFT, detectContentDrift, computeL1Signatures, createTypescriptExtractor, and all related types, tests, and i18n keys. Move typescript to devDependencies. 24 files changed, +50/-950 lines.
There was a problem hiding this comment.
Pull request overview
This PR removes the L1 TypeScript signature extraction and the associated CONTENT_DRIFT mechanism, shifting SVP verification responsibilities away from reverse-analyzing L1 artifacts and simplifying the scan/check/compile-plan pipeline.
Changes:
- Deleted the fingerprint/signature extraction modules and removed
signatureHashfrom the L2 model and related logic. - Removed
CONTENT_DRIFTdetection fromcheck/compilePlan, along with i18n strings and tests. - Simplified scan context and scan prompts to operate on file paths only; moved
typescripttodevDependencies.
Reviewed changes
Copilot reviewed 24 out of 24 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| packages/skills/prompts/scan.ts | Updates scan prompt formatting and instructions to no longer list exports/signatures. |
| packages/skills/link.ts | Stops carrying signatureHash across relinks. |
| packages/skills/adapters/shared.ts | Updates documented L2CodeBlock shape to remove signatureHash. |
| packages/skills/tests/scan-prompts.test.ts | Updates scan prompt tests to reflect file-only scan context. |
| packages/skills/tests/link.test.ts | Removes tests asserting signatureHash preservation behavior. |
| packages/core/store.test.ts | Removes L2 persistence tests around signatureHash. |
| packages/core/scan.ts | Simplifies scan collection to only collect file paths (no extractor support). |
| packages/core/scan.test.ts | Updates scan tests to match simplified scan context. |
| packages/core/l2.ts | Removes signatureHash from the L2CodeBlock interface and comments. |
| packages/core/index.ts | Removes public exports for fingerprinting and TS extractor APIs. |
| packages/core/i18n.ts | Removes CONTENT_DRIFT-related messages and compile-plan reason strings. |
| packages/core/hash.ts | Updates L2 hashing comment to remove mention of signatureHash. |
| packages/core/hash.test.ts | Removes tests asserting hash changes due to signatureHash. |
| packages/core/fingerprint.ts | Deletes semantic fingerprint data structures and hashing utilities. |
| packages/core/fingerprint.test.ts | Deletes fingerprint + TypeScript extractor integration tests. |
| packages/core/extractors/typescript.ts | Deletes runtime TypeScript compiler-based export signature extractor. |
| packages/core/compile-plan.ts | Removes detectContentDrift task generation. |
| packages/core/compile-plan.test.ts | Removes CONTENT_DRIFT compile-plan tests and updates summary expectations. |
| packages/core/check.ts | Removes l1SignatureHashes input and CONTENT_DRIFT issue generation. |
| packages/core/check.test.ts | Removes CONTENT_DRIFT-related tests. |
| packages/cli/load.ts | Removes optional L1 signature computation from check-input loading. |
| packages/cli/load.test.ts | Removes tests for l1SignatureHashes population behavior. |
| packages/cli/commands/prompt.ts | Stops computing L1 signatures for review prompts; scan now calls simplified collector. |
| package.json | Moves typescript from dependencies to devDependencies. |
Comments suppressed due to low confidence (3)
packages/skills/prompts/scan.ts:87
- The scan prompt still instructs the agent to infer pins/validation from function parameters and “constraints visible in signatures”, but the scan context no longer includes any extracted signatures or code content (only file paths). This makes these instructions impossible to follow as written; either update the instructions to tell the agent to open/read the referenced files, or adjust the prompt to avoid relying on signature-level details.
"For each block:",
"1. **Identify cohesion**: Group files that work together (same domain, shared types)",
"2. **Infer input pins**: From function parameters and imported types",
"3. **Infer output pins**: From return types",
"4. **Infer validate rules**: From parameter constraints visible in signatures",
"5. **Write constraints**: Output assertions based on the function contracts",
package.json:31
- package.json moves
typescriptinto devDependencies, but the committed package-lock.json still liststypescriptunder rootdependencies. Since CI runsnpm ci, this mismatch will typically fail installation. Please regenerate and commit an updated package-lock.json so it reflects the new dependency classification.
"devDependencies": {
"@eslint/js": "^10.0.1",
"typescript": "^5.9.3",
"@types/node": "^22.0.0",
"@vitest/coverage-v8": "^4.1.0",
"eslint": "^10.0.3",
"eslint-config-prettier": "^10.1.8",
packages/core/hash.ts:62
- The updated comment says L2 contentHash is based only on
id, blockRef, language, files, butcomputeHash(used byhashL2and also bycheck/rehashL2) will hash any extra keys present on the object after stripping onlycontentHash/sourceHash/revision. If existing L2 JSON still contains legacy keys likesignatureHash, it will still affect the computed hash, contradicting this contract. Consider explicitly stripping legacy fields (e.g.,signatureHash) when hashing L2 to match the new model and avoid unexpected HASH_MISMATCH/rehash churn for existing projects.
/** L2CodeBlock 的 contentHash:基于 id, blockRef, language, files */
export function hashL2(
codeBlock: Omit<L2CodeBlock, "contentHash" | "sourceHash" | "revision">,
): string {
return computeHash(codeBlock as Record<string, unknown>);
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
SignatureExtractor+CONTENT_DRIFTmechanism — SVP is language-agnostic, verification belongs at L3 contract layer, not by reverse-analyzing L1 compiled artifactsfingerprint.ts,extractors/typescript.tsand all related types, functions, tests, i18n keystypescriptfrom dependencies to devDependenciesChanges
24 files changed, +50/-950 lines (pure subtraction)
Deleted:
fingerprint.ts,fingerprint.test.ts,extractors/typescript.tsCore: removed
signatureHashfield,CONTENT_DRIFTcheck,detectContentDrift, extractor-related scan logic, i18n keysCLI/Skills: removed
computeL1Signatures, extractor creation, schema/prompt referencesTests: removed ~20 related test cases across 8 test files
Test plan
tsc --noEmit— 0 errorsvitest run— 730/730 tests passing