Skip to content

fix(bootstrap): ship+deploy dangling P1/P2/P6/P7 hooks; scaffold METALAYER+schemas; two-flow doc (BRO-1431)#75

Merged
broomva merged 1 commit into
mainfrom
feature/bro-1431-bstack-bootstrap-gaps
Jun 8, 2026
Merged

fix(bootstrap): ship+deploy dangling P1/P2/P6/P7 hooks; scaffold METALAYER+schemas; two-flow doc (BRO-1431)#75
broomva merged 1 commit into
mainfrom
feature/bro-1431-bstack-bootstrap-gaps

Conversation

@broomva

@broomva broomva commented Jun 8, 2026

Copy link
Copy Markdown
Owner

BRO-1431 — close bstack bootstrap gaps

Safety bug, surfaced while building rcs-template as a gap-discovery probe for bstack's own bootstrap.

The bug

assets/templates/settings.json.snippet wired the P1 (conversation-bridge), P2 (control-gate), P6 (knowledge-catalog-refresh), P7 (skill-freshness) hooks at ${BROOMVA_WORKSPACE}/scripts/*.sh — but bstack shipped none of those scripts and bootstrap never copied them. Every workspace bootstrapped anywhere but the bstack origin had a non-functional control gate (P2): Claude Code invoked a script that didn't exist, so the safety shield silently no-op'd. doctor §7 detected the gap; nothing closed it.

The fix

  • Ship 4 self-contained, $CLAUDE_PROJECT_DIR-portable hooks in scripts/: control-gate-hook.sh (P2), skill-freshness-hook.sh (P7), conversation-bridge-hook.sh (P1), knowledge-catalog-refresh-hook.sh (P6).
  • Deploy them into $WORKSPACE/scripts/bootstrap Phase 3.1 + repair deploy_workspace_hooks. Idempotent (never overwrites an existing workspace hook; preserves the origin's hand-authored copy); set -e-safe (elif cp … 2>/dev/null && chmod … 2>/dev/null; then … else warn).
  • Scaffold METALAYER.md + schemas/{state,action,trace,evaluator,egri-event}.schema.json in Phase 2 (templates added under assets/templates/{,schemas/}).
  • Document the two-flow bootstrap in SKILL.md: structured (deterministic scaffold — the floor) → generative (agent-authored tailoring — bespoke) → verify (doctor gates both). Mirrors the P18 Category-B/C split.

Test plan / validation

  • Dogfood (the proof): bstack bootstrap on a fresh /tmp workspace with no bstack on PATH → deployed control-gate blocks git push --force (exit 2), allows git status (exit 0); deploys 4 hooks; scaffolds METALAYER + 5 schemas; settings.json valid + references resolve.
  • bstack tests green: template_lockstep 15/15 (canonical count 20 unchanged), gitignore-aware-bootstrap 7/7, schema-validation 8/8, repair-merge-hooks 5/5, onboard 8/8.
  • bash -n + shellcheck -S warning clean on all 4 new scripts + edits.

P20 cross-review

Two independent adversarial reviews (Cato/Strata-B). Both verified path-consistency (${BROOMVA_WORKSPACE} snippet substitution == $WORKSPACE_DIR/scripts/ deploy target — identical) and found no blocker. The one emergent concern (PreToolUse matcher) verified resolved: control-gate is wired for Bash + Write + Edit. Minor conservative over-block notes (e.g. a path containing credentials) accepted by-design for a safety gate. Verdict: PASS.

Primitive count unchanged (20). VERSION 0.26.0 → 0.27.0.

🤖 Generated with Claude Code

@claude
fix(bootstrap): ship + deploy dangling P1/P2/P6/P7 hooks; scaffold ME…
6a6bfcb 
…TALAYER+schemas; two-flow doc (BRO-1431)

Safety bug, surfaced while building rcs-template as a gap-discovery probe.
settings.json.snippet wired the P1/P2/P6/P7 hooks at ${BROOMVA_WORKSPACE}/scripts/*.sh
but bstack shipped none of those scripts and bootstrap never copied them — so every
workspace bootstrapped anywhere but the bstack origin had a NON-FUNCTIONAL control
gate (P2): Claude Code invoked a script that did not exist and the safety shield
silently no-op'd. doctor §7 detected it; nothing closed it.

Fix:
- Ship 4 self-contained, $CLAUDE_PROJECT_DIR-portable hook scripts in scripts/:
  control-gate-hook.sh (P2), skill-freshness-hook.sh (P7), conversation-bridge-hook.sh
  (P1), knowledge-catalog-refresh-hook.sh (P6).
- Deploy them into $WORKSPACE/scripts/ — bootstrap Phase 3.1 + repair deploy_workspace_hooks.
  Idempotent (never overwrites an existing workspace hook); set -e-safe (elif cp && chmod).
- Scaffold METALAYER.md + schemas/{state,action,trace,evaluator,egri-event}.schema.json
  in bootstrap Phase 2 (templates added under assets/templates/{,schemas/}).
- SKILL.md: document the two-flow bootstrap (structured deterministic scaffold ->
  generative agent-authored tailoring -> doctor verify), mirroring the P18 Category-B/C split.

Validation: dogfood on a fresh workspace (no bstack on PATH) — deployed control-gate
blocks `git push --force` (exit 2), allows `git status` (exit 0); deploys 4 hooks;
scaffolds METALAYER + 5 schemas. bstack tests green: template_lockstep 15/15 (count 20),
gitignore-aware-bootstrap 7/7, schema-validation 8/8, repair-merge-hooks 5/5, onboard 8/8.
P20: two independent adversarial reviews, no blockers. Primitive count unchanged (20).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@linear

linear Bot commented Jun 8, 2026

Copy link
Copy Markdown

BRO-1431

@broomva broomva merged commit fff6671 into main Jun 8, 2026
5 checks passed
@broomva broomva deleted the feature/bro-1431-bstack-bootstrap-gaps branch June 8, 2026 18:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@broomva