26382a7ac6
CI / Clippy (push) Failing after 15m13s
CI / Test (ubuntu-latest) (push) Failing after 16m1s
CI / Test (macos-latest) (push) Has been cancelled
CI / Test (windows-latest) (push) Has been cancelled
CI / Build (no embeddings / no ORT) (push) Has been cancelled
CI / Format (push) Has been cancelled
CI / Cookbook (Node) (push) Has been cancelled
CI / Pi Extension (Node) (push) Has been cancelled
CI / Rust SDK (lean-ctx-client) (push) Has been cancelled
CI / Embed SDK (lean-ctx-sdk) (push) Has been cancelled
CI / Python SDK (leanctx) (push) Has been cancelled
CI / Hermes Plugin (Python) (push) Has been cancelled
CI / SDK Conformance Matrix (push) Has been cancelled
CI / Coverage (push) Has been cancelled
CI / cargo-deny (push) Has been cancelled
CI / Adversarial Safety (push) Has been cancelled
CI / Benchmarks (push) Has been cancelled
CI / Output-Quality Gate (eval A/B) (push) Has been cancelled
CI / Documentation (push) Has been cancelled
CI / CI Green (push) Has been cancelled
JetBrains Plugin / Actionlint (push) Has been cancelled
CodeQL / Analyze (actions) (push) Has been cancelled
CodeQL / Analyze (javascript-typescript) (push) Has been cancelled
CodeQL / Analyze (rust) (push) Has been cancelled
JetBrains Plugin / Validation (push) Has been cancelled
JetBrains Plugin / Build (push) Has been cancelled
JetBrains Plugin / Test (push) Has been cancelled
Security Check / Security Scan (push) Has been cancelled
4.8 KiB
4.8 KiB
Knowledge Policy Contract v1
GitLab: #2317
Ziel
Ein versionierter Governance-Vertrag für Project Knowledge (Facts/Patterns/History + Relations), der:
- bounded ist (keine unkontrollierte Growth/Outputs),
- deterministisch ist (stable ordering + stable semantics),
- replayable ist (Timeline/History bleibt interpretierbar),
- sicher ist (kein secret leakage, policy-gated surfaces),
- auditable ist (Writes emit events).
Version (SSOT)
leanctx.contract.knowledge_policy_v1.schema_version=1- SSOT:
CONTRACTS.md - Runtime:
rust/src/core/contracts.rs
- SSOT:
Policy Surface
Config (global/project)
Policy wird über Config.memory geladen und validiert:
- Runtime:
rust/src/core/config.rs(memory_policy_effective) - Structs:
rust/src/core/memory_policy.rs
Minimaler TOML-Ausschnitt:
[memory.knowledge]
max_facts = 200
max_patterns = 50
max_history = 100
contradiction_threshold = 0.5
# Retrieval budgets (bounded outputs)
recall_facts_limit = 10
rooms_limit = 25
timeline_limit = 25
relations_limit = 40
[memory.lifecycle]
decay_rate = 0.01
low_confidence_threshold = 0.3
stale_days = 30
similarity_threshold = 0.85
# Verlustfreie Kapazitäts-Reclaim (#995)
reclaim_headroom_pct = 0.25 # voller Store siedelt sich bei 1 - pct (= 75%) an
reclaim_enabled = true # false ⇒ nur Overflow kappen (Escape Hatch)
Env Overrides (optional)
Die Runtime akzeptiert env overrides für zentrale Felder (siehe memory_policy.rs).
Semantik (MUST)
Facts
- Facts sind logisch durch
(category, key)adressiert. - Current vs archived:
- current:
valid_until == None - archived:
valid_until != None
- current:
- Updates dürfen den vorherigen Zustand nicht “vergessen”: Timeline muss eine nachvollziehbare Folge liefern (archived versions + current).
Contradictions
- Contradiction detection:
- Case-insensitive equality ⇒ kein Widerspruch.
- Word-similarity über Schwelle ⇒ kein Widerspruch (verhindert false positives bei semantisch gleichen Werten).
- Severity semantics (stabil):
High:existing.confidence >= 0.9undexisting.confirmation_count >= 2Medium:existing.confidence >= contradiction_thresholdLow: sonst
Retrieval Budgets (bounded, deterministisch)
recall_facts_limit: max facts in Recall Outputsrooms_limit: max rooms inctx_knowledge action=roomstimeline_limit: max entries inctx_knowledge action=timelinerelations_limit: max edges inctx_knowledge action=relations|relations_diagram
Ordering ist deterministisch (stable sort tie-breaks), danach erfolgt Truncation.
Lifecycle
- Confidence decay + consolidation + compaction laufen deterministisch und bounded:
- Runtime:
rust/src/core/memory_lifecycle.rs - Parameter:
decay_rate,low_confidence_threshold,stale_days,similarity_threshold,max_facts
- Runtime:
Verlustfreie Eviction (MUST, #995)
- Kein Hard-Drop. Jeder Store (facts/history/procedures/patterns) evictet
ausschließlich über den einen Kapazitäts-Manager
(
rust/src/core/memory_capacity.rs::reclaim_store). Der entfernte Tail wird vor dem Löschen nachmemory/archive/<store>/archiviert und ist wiederherstellbar. - Eine Formel + Hysterese.
reclaim_target(max, reclaim_headroom_pct)ist die einzige Zielgrößen-Berechnung. Ein Reclaim triggert nur beilen >= maxund siedelt den Store dann beireclaim_targetan (kein Churn pro Write). - Default-on, gated.
reclaim_enabled = trueist Standard;falsekappt nur den Overflow (Daten bleiben in beiden Fällen verlustfrei). - Retention-Ranking je Store ist deterministisch (stable sort tie-breaks):
facts nach
is_current+ Output-Ranking, history/patterns nach Recency, procedures nachprocedural_memory::retention_cmp. - Archive-Erreichbarkeit.
rehydrate_reachist anmax_filesgekoppelt (ArchiveConfig), sodass jedes retainte Archiv für Recall/Restore erreichbar ist.
Tool Surface
ctx_knowledge(MCP):rust/src/tools/ctx_knowledge/action=policy+value=show|validate(policy visibility + range validation)action=consolidate(+dry_run=true⇒ Preview ohne Writes),action=consolidate_previewaction=restore(store,query,limit) ⇒ verlustfreies Undo aus dem Archiv- Writes (
remember,pattern,feedback, relations) emit audit events
- CLI-Parität:
lean-ctx knowledge consolidate [--all] [--dry-run]undlean-ctx knowledge restore [--store …] [--query …] [--limit N] - Relations:
rust/src/tools/ctx_knowledge_relations.rs(bounded + deterministic outputs)
Security & Privacy
- Keine Secrets in Knowledge/Artifacts/Logs; Redaction + path boundaries gelten auch für Memory I/O.
- Outputs sind bounded; Policies müssen nicht zu Token-Burn führen.