e758f2ebfb
Completes Task #3 of httpclient dogfooding with 100% detection rate (7/7 violations). ## New Extractors - **OptionBoundsExtractor**: Detects Option<T> fields set to None (unbounded) - **OptionValueExtractor**: Extracts values from Some(n) for threshold checks Both extractors use context-aware pattern matching to understand Rust Option<T> semantics, which declarative extractors cannot handle. ## Implementation **Files Created**: - applications/aphoria/src/extractors/option_bounds.rs (257 lines) - applications/aphoria/src/extractors/option_value.rs (277 lines) - applications/aphoria/docs/examples/extractors/programmatic-option-semantics.md **Files Modified**: - applications/aphoria/src/extractors/mod.rs - Added module declarations - applications/aphoria/src/extractors/registry.rs - Registered extractors - applications/aphoria/dogfood/httpclient/.aphoria/claims.toml - Added 4 claims - applications/aphoria/dogfood/httpclient/TASK-1-SUMMARY.md - Task #3 completion ## Results | Metric | Value | |--------|-------| | Detection Rate | 100% (7/7 violations) | | Improvement | +29 percentage points (from 71%) | | New Violations | 2 (max_redirects, max_retries unbounded) | | Unit Tests | 13 (all passing) | ## Two-Claim Strategy For each bounded Option<T> field: 1. **configured** claim - Detects None (unbounded) 2. **max_value** claim - Validates Some(n) threshold Example: - `max_redirects: None` → CONFLICT (not configured) - `max_redirects: Some(20)` → CONFLICT (exceeds 10) - `max_redirects: Some(5)` → PASS ## Enterprise Quality ✓ Proper error handling (no unwrap/expect) ✓ Comprehensive tests (6+7 unit tests) ✓ Full documentation with examples ✓ Reusable for 10+ similar patterns ✓ Screening patterns for performance ## Cachewrap Dogfood Also includes complete cachewrap dogfood exercise: - 10 claims for Redis cache wrapper - Day 1-5 summaries - Full retrospective and evaluation - Declarative extractors for all patterns Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
348 lines
12 KiB
Bash
Executable File
348 lines
12 KiB
Bash
Executable File
#!/bin/bash
|
|
# Batch claim creation for cachewrap dogfood
|
|
# Usage: ./claims-template.sh
|
|
#
|
|
# This template shows the structure for creating claims via CLI.
|
|
# On Day 1, use /aphoria-suggest and /aphoria-claims skills instead
|
|
# for LLM-driven claim authoring with better provenance extraction.
|
|
|
|
set -e
|
|
|
|
echo "Creating 20 claims for cachewrap dogfood..."
|
|
echo ""
|
|
echo "⚠️ RECOMMENDED: Use /aphoria-claims skill instead of this script"
|
|
echo " The skill provides LLM-driven provenance extraction and validation."
|
|
echo ""
|
|
read -p "Continue with manual CLI? (y/N) " -n 1 -r
|
|
echo
|
|
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
|
|
echo "Aborted. Use /aphoria-claims instead."
|
|
exit 1
|
|
fi
|
|
|
|
# ============================================================================
|
|
# REUSED FROM CORPUS (7 claims = 35% reuse rate)
|
|
# ============================================================================
|
|
|
|
# From httpclient corpus (4 patterns)
|
|
|
|
echo "[1/20] Creating claim: cache/timeout (from httpclient)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-001" \
|
|
--concept-path "cache/timeout" \
|
|
--predicate "value_gt" \
|
|
--value "0" \
|
|
--comparison "greater_than" \
|
|
--provenance "Reused from httpclient corpus - timeout handling pattern" \
|
|
--invariant "Timeout MUST be greater than 0 seconds" \
|
|
--consequence "timeout=0 causes indefinite blocking on connection failures" \
|
|
--tier "expert" \
|
|
--category "safety" \
|
|
--evidence "docs/sources/redis-rs-lib.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[2/20] Creating claim: cache/tls_verification (from httpclient)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-002" \
|
|
--concept-path "cache/tls/certificate_validation" \
|
|
--predicate "enabled" \
|
|
--value "true" \
|
|
--comparison "equals" \
|
|
--provenance "Reused from httpclient corpus - TLS verification pattern" \
|
|
--invariant "TLS certificate verification MUST be enabled" \
|
|
--consequence "Disabled TLS verification enables MITM attacks" \
|
|
--tier "expert" \
|
|
--category "security" \
|
|
--evidence "docs/sources/aws-elasticache.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[3/20] Creating claim: cache/retry (from httpclient)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-003" \
|
|
--concept-path "cache/retry/max_attempts" \
|
|
--predicate "value_range" \
|
|
--value "3" \
|
|
--comparison "greater_than" \
|
|
--provenance "Reused from httpclient corpus - retry pattern" \
|
|
--invariant "Max retry attempts SHOULD be at least 3" \
|
|
--consequence "Insufficient retries cause failures on transient errors" \
|
|
--tier "expert" \
|
|
--category "reliability" \
|
|
--evidence "docs/sources/redis-rs-lib.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[4/20] Creating claim: cache/async (from httpclient)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-004" \
|
|
--concept-path "cache/async/runtime" \
|
|
--predicate "required" \
|
|
--value "tokio" \
|
|
--comparison "equals" \
|
|
--provenance "Reused from httpclient corpus - async runtime pattern" \
|
|
--invariant "Async operations MUST use tokio runtime" \
|
|
--consequence "Blocking calls in async context block event loop" \
|
|
--tier "expert" \
|
|
--category "performance" \
|
|
--evidence "docs/sources/redis-rs-lib.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
# From dbpool corpus (2 patterns)
|
|
|
|
echo "[5/20] Creating claim: cache/max_connections (from dbpool)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-005" \
|
|
--concept-path "cache/connection/max_connections" \
|
|
--predicate "required" \
|
|
--value "true" \
|
|
--comparison "equals" \
|
|
--provenance "Reused from dbpool corpus - connection limit pattern" \
|
|
--invariant "Max connections MUST be bounded to prevent resource exhaustion" \
|
|
--consequence "Unbounded connections exhaust file descriptors" \
|
|
--tier "expert" \
|
|
--category "safety" \
|
|
--evidence "docs/sources/aws-elasticache.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[6/20] Creating claim: cache/connection_lifecycle (from dbpool)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-006" \
|
|
--concept-path "cache/connection/lifecycle" \
|
|
--predicate "pooling_required" \
|
|
--value "true" \
|
|
--comparison "equals" \
|
|
--provenance "Reused from dbpool corpus - connection pooling pattern" \
|
|
--invariant "Connection pooling MUST be used for shared connections" \
|
|
--consequence "No pooling causes resource exhaustion - new conn per request" \
|
|
--tier "expert" \
|
|
--category "performance" \
|
|
--evidence "docs/sources/redis-rs-lib.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
# From msgqueue corpus (1 pattern)
|
|
|
|
echo "[7/20] Creating claim: cache/metrics (from msgqueue)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-007" \
|
|
--concept-path "cache/metrics/enabled" \
|
|
--predicate "required" \
|
|
--value "true" \
|
|
--comparison "equals" \
|
|
--provenance "Reused from msgqueue corpus - metrics pattern" \
|
|
--invariant "Hit/miss metrics MUST be tracked for debugging" \
|
|
--consequence "No metrics prevents debugging cache effectiveness" \
|
|
--tier "expert" \
|
|
--category "observability" \
|
|
--evidence "docs/sources/aws-elasticache.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
# ============================================================================
|
|
# NEW CLAIMS FOR CACHING (13 claims = 65%)
|
|
# ============================================================================
|
|
|
|
echo "[8/20] Creating claim: cache/ttl (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-008" \
|
|
--concept-path "cache/ttl" \
|
|
--predicate "required" \
|
|
--value "true" \
|
|
--comparison "equals" \
|
|
--provenance "Redis SETEX command specification" \
|
|
--invariant "TTL (Time To Live) MUST be set for all cached values" \
|
|
--consequence "Missing TTL causes memory leak - unbounded cache growth" \
|
|
--tier "expert" \
|
|
--category "safety" \
|
|
--evidence "docs/sources/redis-spec.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[9/20] Creating claim: cache/eviction_policy (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-009" \
|
|
--concept-path "cache/eviction_policy" \
|
|
--predicate "required" \
|
|
--value "true" \
|
|
--comparison "equals" \
|
|
--provenance "Redis maxmemory-policy documentation" \
|
|
--invariant "Eviction policy MUST be configured (LRU/LFU/random)" \
|
|
--consequence "No eviction policy causes undefined behavior when cache full" \
|
|
--tier "expert" \
|
|
--category "correctness" \
|
|
--evidence "docs/sources/redis-spec.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[10/20] Creating claim: cache/max_size (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-010" \
|
|
--concept-path "cache/max_size" \
|
|
--predicate "required" \
|
|
--value "true" \
|
|
--comparison "equals" \
|
|
--provenance "AWS ElastiCache best practices - memory management" \
|
|
--invariant "Maximum cache size MUST be bounded" \
|
|
--consequence "Unbounded cache causes OOM under sustained load" \
|
|
--tier "expert" \
|
|
--category "safety" \
|
|
--evidence "docs/sources/aws-elasticache.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[11/20] Creating claim: cache/key_validation (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-011" \
|
|
--concept-path "cache/key_validation" \
|
|
--predicate "required" \
|
|
--value "true" \
|
|
--comparison "equals" \
|
|
--provenance "Redis key format specification + OWASP injection prevention" \
|
|
--invariant "Cache keys MUST be validated before use" \
|
|
--consequence "Unvalidated keys enable injection attacks" \
|
|
--tier "expert" \
|
|
--category "security" \
|
|
--evidence "docs/sources/redis-spec.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[12/20] Creating claim: cache/credentials (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-012" \
|
|
--concept-path "cache/credentials/storage" \
|
|
--predicate "must_not_be" \
|
|
--value "hardcoded" \
|
|
--comparison "absent" \
|
|
--provenance "AWS ElastiCache security best practices" \
|
|
--invariant "Credentials MUST NOT be hardcoded in source" \
|
|
--consequence "Hardcoded credentials leak via version control" \
|
|
--tier "expert" \
|
|
--category "security" \
|
|
--evidence "docs/sources/aws-elasticache.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[13/20] Creating claim: cache/serialization (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-013" \
|
|
--concept-path "cache/serialization/format" \
|
|
--predicate "recommended" \
|
|
--value "messagepack" \
|
|
--comparison "equals" \
|
|
--provenance "redis-rs library patterns - efficient serialization" \
|
|
--invariant "MessagePack SHOULD be used for compact serialization" \
|
|
--consequence "JSON serialization wastes bandwidth and memory" \
|
|
--tier "expert" \
|
|
--category "performance" \
|
|
--evidence "docs/sources/redis-rs-lib.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[14/20] Creating claim: cache/compression (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-014" \
|
|
--concept-path "cache/compression/enabled" \
|
|
--predicate "recommended" \
|
|
--value "true" \
|
|
--comparison "equals" \
|
|
--provenance "AWS ElastiCache performance tuning guide" \
|
|
--invariant "Compression SHOULD be enabled for values > 1KB" \
|
|
--consequence "No compression wastes bandwidth and memory" \
|
|
--tier "expert" \
|
|
--category "performance" \
|
|
--evidence "docs/sources/aws-elasticache.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[15/20] Creating claim: cache/circuit_breaker (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-015" \
|
|
--concept-path "cache/circuit_breaker/enabled" \
|
|
--predicate "recommended" \
|
|
--value "true" \
|
|
--comparison "equals" \
|
|
--provenance "AWS ElastiCache high availability guide" \
|
|
--invariant "Circuit breaker SHOULD be used to prevent cascade failures" \
|
|
--consequence "No circuit breaker causes cascade failures when cache down" \
|
|
--tier "expert" \
|
|
--category "reliability" \
|
|
--evidence "docs/sources/aws-elasticache.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[16/20] Creating claim: cache/consistency_mode (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-016" \
|
|
--concept-path "cache/consistency/mode" \
|
|
--predicate "required" \
|
|
--value "eventual" \
|
|
--comparison "equals" \
|
|
--provenance "Redis replication documentation" \
|
|
--invariant "Consistency mode MUST be declared (strong/eventual)" \
|
|
--consequence "Undeclared consistency causes unexpected stale reads" \
|
|
--tier "expert" \
|
|
--category "correctness" \
|
|
--evidence "docs/sources/redis-spec.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[17/20] Creating claim: cache/sharding (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-017" \
|
|
--concept-path "cache/sharding/strategy" \
|
|
--predicate "recommended" \
|
|
--value "consistent_hashing" \
|
|
--comparison "equals" \
|
|
--provenance "Redis cluster specification" \
|
|
--invariant "Consistent hashing SHOULD be used for key distribution" \
|
|
--consequence "Poor sharding strategy causes hot spots and uneven load" \
|
|
--tier "expert" \
|
|
--category "performance" \
|
|
--evidence "docs/sources/redis-spec.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[18/20] Creating claim: cache/stampede_prevention (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-018" \
|
|
--concept-path "cache/stampede/prevention" \
|
|
--predicate "recommended" \
|
|
--value "true" \
|
|
--comparison "equals" \
|
|
--provenance "redis-rs GitHub issue #156 - cache stampede mitigation" \
|
|
--invariant "Cache stampede prevention SHOULD be implemented" \
|
|
--consequence "No stampede prevention causes thundering herd on cache miss" \
|
|
--tier "expert" \
|
|
--category "performance" \
|
|
--evidence "docs/sources/redis-rs-lib.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[19/20] Creating claim: cache/key_prefix (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-019" \
|
|
--concept-path "cache/key_prefix" \
|
|
--predicate "required" \
|
|
--value "true" \
|
|
--comparison "equals" \
|
|
--provenance "AWS ElastiCache multi-tenant best practices" \
|
|
--invariant "Key prefix MUST be used for namespace isolation" \
|
|
--consequence "No key prefix causes collisions in shared cache instances" \
|
|
--tier "expert" \
|
|
--category "correctness" \
|
|
--evidence "docs/sources/aws-elasticache.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo "[20/20] Creating claim: cache/value_size (NEW)..."
|
|
aphoria claims create \
|
|
--id "cachewrap-020" \
|
|
--concept-path "cache/value_size/maximum" \
|
|
--predicate "value_lt" \
|
|
--value "1048576" \
|
|
--comparison "less_than" \
|
|
--provenance "Redis protocol spec + AWS ElastiCache limits" \
|
|
--invariant "Cached values MUST be < 1 MB" \
|
|
--consequence "Oversized values degrade performance and waste memory" \
|
|
--tier "expert" \
|
|
--category "performance" \
|
|
--evidence "docs/sources/redis-spec.md" \
|
|
--by "dogfood-exercise"
|
|
|
|
echo ""
|
|
echo "✅ All 20 claims created successfully!"
|
|
echo ""
|
|
echo "Breakdown:"
|
|
echo "- 7 reused from corpus (35% reuse rate) ✅"
|
|
echo "- 13 new claims specific to caching (65%)"
|
|
echo ""
|
|
echo "Verify claims:"
|
|
echo " cat .aphoria/claims.toml"
|
|
echo ""
|
|
echo "Next: Write DAY1-SUMMARY.md with metrics"
|