ActiveMemory
diff --git a/‎.context/ARCHITECTURE-PRINCIPAL.md‎
Lines changed: 507 additions & 0 deletions b/‎.context/ARCHITECTURE-PRINCIPAL.md‎
Lines changed: 507 additions & 0 deletions
diff --git a/‎.context/ARCHITECTURE.md‎
Lines changed: 289 additions & 237 deletions b/‎.context/ARCHITECTURE.md‎
Lines changed: 289 additions & 237 deletions
diff --git a/‎.context/CHEAT-SHEETS.md‎
Lines changed: 243 additions & 0 deletions b/‎.context/CHEAT-SHEETS.md‎
Lines changed: 243 additions & 0 deletions
diff --git a/‎.context/CONVERGENCE-REPORT.md‎
Lines changed: 153 additions & 0 deletions b/‎.context/CONVERGENCE-REPORT.md‎
Lines changed: 153 additions & 0 deletions
@@ -0,0 +1,243 @@
+# Cheat Sheets
+
+Quick mental models for key lifecycles and flows in ctx.
+
+## CLI Command Dispatch
+
+Steps:
+1. `cmd/ctx/main.go` calls `bootstrap.RootCmd()`
+2. RootCmd creates Cobra root with global flags
+3. `Initialize()` registers 34 commands in 8 groups
+4. PersistentPreRunE fires: boundary check, init check
+5. Cobra routes to matched command's Run() handler
+6. Handler calls core/ logic, domain packages
+7. Output via write/* package, errors via err/* package
+
+Key invariants:
+- PersistentPreRunE runs for ALL subcommands
+- AnnotationSkipInit bypasses init check (doctor, guide, setup)
+- All flag descriptions from YAML (enforced by audit)
+
+Common failure modes:
+- Missing .context/ without SkipInit -> error before Run()
+- Flag name collision with global flag -> silent shadowing
+
+```
+  main.go --> RootCmd() --> PersistentPreRunE --> Run()
+                |                  |               |
+         Initialize()        boundary +        core/ logic
+         34 commands        init guards       --> write/*
+```
+
+---
+
+## Context Loading (ctx agent)
+
+Steps:
+1. Agent calls `ctx agent --budget N`
+2. rc.TokenBudget() resolves budget (flag > env > .ctxrc > 8000)
+3. context/load.Do() reads all .md files from .context/
+4. Files sorted by config.FileReadOrder priority
+5. Each file's tokens estimated (4 chars/token)
+6. Files added in priority order until budget exhausted
+7. Overflow files listed as "Also Noted" summaries
+8. Markdown packet returned to stdout
+
+Key invariants:
+- CONSTITUTION always loaded first
+- Symlinks rejected (M-2 defense)
+- Budget is conservative overestimate (never under-counts)
+
+Common failure modes:
+- Very large TASKS.md consumes most of budget -> low-priority
+  files (GLOSSARY, PLAYBOOK) never seen by agent
+- Empty file detection via EffectivelyEmpty() -> skipped with note
+
+```
+  Agent --> rc.TokenBudget() --> load.Do()
+               |                    |
+         resolve priority     read + estimate tokens
+               |                    |
+         sort by order       fit to budget
+               |                    |
+         format packet       "Also Noted" overflow
+```
+
+---
+
+## MCP Request Lifecycle
+
+Steps:
+1. Client sends JSON-RPC line to stdin
+2. Server.Serve() reads line from scanner
+3. parse.Request() unmarshals JSON
+4. dispatch.Do() routes by method name
+5. Handler executes domain logic
+6. session.CheckGovernance() appends warnings
+7. out.*Response() wraps result
+8. io.Writer.WriteJSON() writes to stdout
+
+Key invariants:
+- Main loop is single-threaded (sequential processing)
+- Governance is advisory only (never blocks)
+- Notifications (no ID) produce no response
+- Poller runs independently on 5s interval
+
+Common failure modes:
+- Slow handler blocks all subsequent requests
+- Parse error -> error response, loop continues
+- Scanner overflow -> truncated JSON -> parse error
+
+```
+  Client                 Server              Handler
+  |--JSON-RPC line------>|                   |
+  |                      |--parse()          |
+  |                      |--dispatch()------>|
+  |                      |                   |--domain logic
+  |                      |                   |--governance check
+  |                      |<--result----------|
+  |<--JSON-RPC response--|                   |
+```
+
+---
+
+## Journal Import Pipeline
+
+Steps:
+1. User runs `ctx journal source --all`
+2. parser.FindSessionsForCWD() scans ~/.claude/projects/
+3. Auto-detects format (JSONL, Copilot, Copilot CLI, Markdown)
+4. Matches sessions by git remote URL and CWD
+5. Loads journal state from .state.json
+6. Plans each session: new, regen, skip, or locked
+7. Formats matched sessions as Markdown
+8. Writes to .context/journal/
+9. Marks imported in state, saves state
+
+Key invariants:
+- Locked entries never regenerated
+- State tracks 5 stages: exported -> enriched -> normalized
+  -> fences_verified -> locked
+- Atomic state writes (temp + rename)
+
+Common failure modes:
+- Changed JSONL format -> silent parse failures, empty sessions
+- Same project in multiple paths -> duplicate imports
+- 1MB buffer limit -> truncated large tool results
+
+```
+  [Scan] --> [Detect Format] --> [Match CWD]
+     |             |                  |
+  4 parsers    auto-detect       git remote
+     |             |                  |
+  [Plan] ----> [Format MD] ----> [Write]
+     |                               |
+  state check                  mark imported
+```
+
+---
+
+## Hook Lifecycle (UserPromptSubmit)
+
+Steps:
+1. Claude Code fires UserPromptSubmit hook
+2. hooks.json routes to `ctx system check-*` commands
+3. system/input.go reads hook JSON from stdin (2s timeout)
+4. Each check runs independently, writes result to stdout
+5. Checks: context-size, ceremonies, persistence, journal,
+   reminders, version, resources, knowledge, map-staleness,
+   memory-drift, freshness, heartbeat
+6. Advisory output returned to Claude Code
+7. All hooks exit 0 (never block initialization)
+
+Key invariants:
+- 2-second stdin read timeout (prevents hanging)
+- Daily throttle via marker file date comparison
+- Adaptive prompt counter: silent 1-15, periodic 16+
+- All hooks exit 0 (never block)
+
+Common failure modes:
+- Missing stdin JSON -> timeout, graceful empty response
+- Throttle marker file corruption -> check runs every prompt
+
+```
+  Claude Code         hooks.json        ctx system check-*
+  |--hook fire------->|                 |
+  |                   |--route--------->|
+  |                   |  (12 checks)    |--read stdin (2s)
+  |                   |                 |--check logic
+  |                   |                 |--throttle gate
+  |<--advisory--------|<--result (0)----|
+```
+
+---
+
+## Entry Write Flow
+
+Steps:
+1. Caller provides EntryParams (type, content, opts)
+2. entry.Validate() checks required fields per type
+   - Decision: context, rationale, consequence
+   - Learning: context, lesson, application
+   - Task/Convention: content only
+3. entry.Write() reads existing file
+4. Formats entry per type template (from tpl/)
+5. Inserts at correct position (tasks: before first unchecked)
+6. Writes file back via io.SafeWriteFile()
+7. Updates index for decisions/learnings (not tasks/conventions)
+
+Key invariants:
+- Entry headers are timestamped: `## [YYYY-MM-DD-HHMMSS] Title`
+- Index updated between INDEX:START/END markers
+- Three callers: CLI add, MCP handler, watch command
+
+Common failure modes:
+- Concurrent writes -> last writer wins (no locking)
+- Index update fails after write -> stale index
+- Missing required field -> validation error before write
+
+```
+  Caller --> Validate() --> Write()
+                |              |
+          check fields    read-modify-write
+                |              |
+          type-specific   format + insert
+                |              |
+          error early     update index
+```
+
+---
+
+## Execution Flow Index (enriched 2026-04-03 via GitNexus)
+
+_Auto-detected from the call graph. Complements the manually
+written cheat sheets above._
+
+Top cross-community flows (spanning multiple domains):
+
+| Flow | Steps | Entry Point | Key Symbols |
+|------|-------|-------------|-------------|
+| Deploy -> ContextDir | 10 | initialize | DeployTemplates, Do, ContextDir |
+| Deploy -> Symlinks | 10 | initialize | DeployTemplates, Do, Symlinks |
+| Write -> Init | 10 | MCP server | Serve, Init, SafeWriteFile |
+| Write -> Server | 10 | MCP server | Serve, New, Do |
+| Write -> TokenBudget | 10 | MCP server | Serve, TokenBudget, Do |
+| Run -> Init | 10 | CLI commands | Run, Do, Init |
+| Sync -> ContextDir | 10 | sync cmd | Run, Do, ContextDir |
+| Run -> Text | 9 | CLI commands | Run, Do, desc.Text |
+| Run -> URI | 9 | CLI commands | Run, catalog, URI |
+| Run -> NotFoundError | 8 | CLI commands | Run, Do, NotFound |
+
+### Multi-Flow Hotspots
+
+Symbols participating in 3+ flows (high-impact modification points):
+
+| Symbol | Flows | Location |
+|--------|-------|----------|
+| desc.Text | 53 | internal/assets/read/desc/desc.go:75 |
+| load.Do | 100+ | internal/context/load/loader.go:34 |
+| SafeWriteFile | 69 callers | internal/io/security.go |
+| rc.ContextDir | 20+ | internal/rc/rc.go |
+| validate.Symlinks | 10+ | internal/validate/path.go |
+| err/context.NotFound | 30+ | internal/err/context/context.go |
+| rc.RC | 15+ | internal/rc/rc.go |
@@ -0,0 +1,153 @@
+# Convergence Report
+
+_Generated 2026-04-03 by /ctx-architecture principal_
+
+## By Module
+
+| Module | Confidence | Status | Blocker |
+|--------|------------|--------|---------|
+| internal/config/* | 0.85 | 🟡 Solid | Pattern understood; not all 60 sub-packages individually read |
+| internal/assets | 0.85 | 🟡 Solid | Embed and read/* pattern understood; tpl/ migration pending |
+| internal/io | 0.80 | 🟡 Solid | API understood; edge cases not all traced |
+| internal/format | 0.80 | 🟡 Solid | All functions cataloged |
+| internal/parse | 0.80 | 🟡 Solid | Small package, fully understood |
+| internal/sanitize | 0.80 | 🟡 Solid | Small package, fully understood |
+| internal/validate | 0.70 | 🟡 Solid | API inferred; source not directly read this run |
+| internal/inspect | 0.75 | 🟡 Solid | API cataloged from survey |
+| internal/flagbind | 0.85 | 🟡 Solid | Pattern and all variants documented |
+| internal/exec/* | 0.80 | 🟡 Solid | All 5 wrappers surveyed |
+| internal/log/* | 0.80 | 🟡 Solid | Event + warn split understood |
+| internal/crypto | 0.90 | ✅ Converged | Converged |
+| internal/sysinfo | 0.85 | 🟡 Solid | Platform build tags understood |
+| internal/rc | 0.90 | ✅ Converged | Converged |
+| internal/entity | 0.85 | 🟡 Solid | All types cataloged; some methods not fully traced |
+| internal/entry | 0.85 | 🟡 Solid | Flow understood; not all callers traced |
+| internal/context/* | 0.80 | 🟡 Solid | 6 sub-packages surveyed |
+| internal/drift | 0.85 | 🟡 Solid | 7 checks documented |
+| internal/index | 0.85 | 🟡 Solid | Converged |
+| internal/task | 0.85 | 🟡 Solid | Converged |
+| internal/tidy | 0.80 | 🟡 Solid | Block parsing understood |
+| internal/trace | 0.80 | 🟡 Solid | Flow documented; resolve helpers not all read |
+| internal/journal/parser | 0.80 | 🟡 Solid | 4 parsers documented; Copilot parsers shallow |
+| internal/journal/state | 0.85 | 🟡 Solid | Pipeline stages documented |
+| internal/memory | 0.80 | 🟡 Solid | Discovery + sync flow understood |
+| internal/notify | 0.85 | 🟡 Solid | Converged |
+| internal/claude | 0.80 | 🟡 Solid | Thin wrapper understood |
+| internal/mcp/* | 0.90 | ✅ Converged | All 15 sub-packages deeply read |
+| internal/cli/* (34 cmds) | 0.75 | 🟡 Solid | Taxonomy understood; not all core/ packages deeply read |
+| internal/bootstrap | 0.85 | 🟡 Solid | Registration and guards documented |
+| internal/write/* | 0.80 | 🟡 Solid | Pattern understood; not all 46 packages individually read |
+| internal/err/* | 0.80 | 🟡 Solid | Pattern understood; not all 35 packages individually read |
+| internal/audit | 0.75 | 🟡 Solid | Purpose understood; individual test files not read |
+| internal/compliance | 0.70 | 🟡 Solid | Purpose understood; tests not read |
+
+## By Domain
+
+| Domain | Modules | Converged | Avg Confidence |
+|--------|---------|-----------|----------------|
+| Foundation (config, assets, infra) | 12 | 2/12 | 0.82 |
+| Domain (entity through claude) | 13 | 0/13 | 0.82 |
+| MCP | 1 (15 sub-pkgs) | 1/1 | 0.90 |
+| CLI | 2 (34 commands) | 0/2 | 0.78 |
+| Output (write, err) | 2 | 0/2 | 0.80 |
+| Quality (audit, compliance) | 2 | 0/2 | 0.73 |
+
+## Overall
+
+- Total module groups: 32
+- Converged (>= 0.9): 3  ✅ (crypto, rc, mcp)
+- Solid (0.7-0.89): 28  🟡
+- Shallow (0.4-0.69): 0  🔶
+- Stubbed (< 0.4): 0  🔴
+
+## What Would Help Next
+
+🟡 internal/cli/* (0.75) - Solid
+  → Deep-read core/ packages for journal, agent, system, add
+    (the largest/most complex commands)
+  → Read test files to understand edge case behavior
+  → Ask: "walk me through what happens when ctx journal site runs"
+
+🟡 internal/audit (0.75) - Solid
+  → Read individual audit test files to catalog all 40+ checks
+  → Understand quarantine/allowlist management patterns
+
+🟡 internal/compliance (0.70) - Solid
+  → Read compliance test files to understand file-level checks
+  → Understand relationship to Makefile lint targets
+
+🟡 internal/journal/parser (0.80) - Solid
+  → Deep-read Copilot and Copilot CLI parsers for parity assessment
+  → Read query.go for session lookup capabilities
+
+🟡 internal/trace (0.80) - Solid
+  → Read all resolve_* helper files for ref resolution logic
+  → Trace full commit lifecycle from collect to trailer
+
+## Convergence Verdict
+
+🟡 **MOSTLY CONVERGED** - All modules at 0.70+. Core modules (MCP,
+config pattern, domain flow) well understood. Diminishing returns on
+full re-run; use focus areas for journal, system hooks, and audit
+tests to reach full convergence.
+
+---
+
+## Search Prompts
+
+The right keyword changes everything. Based on what I found in
+the codebase, here are targeted searches worth running — in your
+internal docs, Confluence, Notion, Slack, or publicly:
+
+### Fill the gaps (ranked by how much they'd help)
+
+🟡 internal/cli/system (0.75) - 34 hook subcommands
+  Try searching:
+  - "ctx system check-persistence" behavior or "adaptive prompt counter"
+  - "Claude Code hook lifecycle" or "UserPromptSubmit hook protocol"
+  - "ctx hook throttle" or "daily throttle marker"
+
+🟡 internal/audit (0.75) - 40+ AST audit checks
+  Try searching:
+  - "TestNoDeadExports quarantine" or "grandfathered map audit"
+  - "Go AST audit pattern" or "go/packages test convention"
+
+### Concepts worth understanding deeply
+
+- "MCP protocol 2024-11-05 spec" — the protocol ctx implements;
+  understanding the full spec reveals capability gaps
+- "Claude Code JSONL session format" — reverse-engineered; the
+  actual schema would replace guesswork in journal/parser
+- "Copilot instructions.md specification" — understanding what
+  Copilot expects would inform agent-agnostic setup
+- "go:embed performance large binary" — ctx embeds skills, hooks,
+  templates, YAML; understanding embed overhead at scale matters
+
+### Architecture decision records
+
+- "ctx context priority order rationale" or "FileReadOrder design"
+  — why CONSTITUTION loads first is a design decision worth ADR
+- "ctx YAML externalization decision" or "i18n readiness Go CLI"
+  — the 879-key text externalization is a major architectural bet
+- "ctx MCP vs CLI parity decision" — whether the capability gap
+  between 34 CLI commands and 11 MCP tools is intentional
+
+---
+
+Note: I did not run these searches — you may have internal docs
+where these are more useful than public results, and you know
+which sources to trust.
+
+---
+
+## Enrichment Summary
+
+_Last enrichment: 2026-04-03 via GitNexus (index: bf42b1f6)_
+
+| Phase | Items Processed | Key Findings |
+|-------|----------------|--------------|
+| Danger zones | 25 entries | 4 upgraded to CRITICAL (desc.Text, SafeWriteFile, DescKey-YAML, DiscoverPath); 1 new (load.Do) |
+| Extension points | 14 patterns | Session parser (4 registrations), CLI commands (34), MCP tools (11), MCP prompts (5), agent setup (5) |
+| Execution flows | 257 total, 10 indexed | 7 multi-flow hotspots identified (desc.Text at 53 flows is #1) |
+| Clustering | 94 clusters vs 5 manual domains | Journal (47%) and Initialize (50%) are low-cohesion; write/err are leaves, not communities |
+| Shallow modules | 0 enriched | All modules already >= 0.70; no confidence bumps warranted |