Skip to content

Comments

phase0-spine-lockdown-2026-02-19: lock meaning-spine contracts, enforce unique offsets, harden emission#617

Merged
wileland merged 3 commits intodevelopfrom
codex/implement-phase-0-spine-lockdown-changes
Feb 20, 2026
Merged

phase0-spine-lockdown-2026-02-19: lock meaning-spine contracts, enforce unique offsets, harden emission#617
wileland merged 3 commits intodevelopfrom
codex/implement-phase-0-spine-lockdown-changes

Conversation

@wileland
Copy link
Owner

@wileland wileland commented Feb 20, 2026

Motivation

  • Reduce brittle string-coupling in the Meaning Spine by centralizing contract and receipt reason codes as a frozen vocab.
  • Prevent ambiguous offset inference from producing noisy or unsafe receipts (ambiguity = poison).
  • Ensure v1 receipt validation is strict and never silently falls through to weaker matching.
  • Stop raw model text from leaking into ENTRY_ANALYZED emissions and surface a machine-readable contract ledger only.

Description

  • Added a shared frozen contract vocabulary at server/src/utils/meaningSpineContracts.js with CONTRACT_REASONS and RECEIPT_VALIDATION_REASONS, and replaced ad-hoc strings in the touched code paths.
  • Introduced server/src/utils/narrativePolicy.js exposing isNarrativeEnabled() and removed the sanitizer-level caller override for the narrative toggle, so callers cannot bypass the shared policy.
  • Enforced Unique Match Rule in server/src/workers/reflection.worker.js: added findUniqueReceiptOffsets() and hasAmbiguousQuoteMatch() so inferred offsets return null when a quote occurs multiple times; ambiguous inferred receipts are tagged with offsetInference: 'AMBIGUOUS_MATCH' in canonicalization.
  • Hardened validateReceipt in server/src/utils/truthValidator.js to return explicit failure reasons (INVALID_RECEIPT_SHAPE, OFFSET_AMBIGUOUS, MISSING_REQUIRED_FIELDS, etc.) and to use the new RECEIPT_VALIDATION_REASONS constants.
  • Hardened sanitizer/emit boundary in reflection.worker.js: sanitizeBloomCardsWithContract() returns sanitized cards plus a contract ledger; emitEntryAnalyzed() now includes the contract at top-level and only sanitized bloom_cards inside meaning.structuredData and no longer emits meaning.text or meaning.summary (prevents raw model text exposure).
  • Prevented raw-model fallback text leaking by neutralizing the fallback headline used when parsing fails (coerceCards() now uses a neutral 'Reflection' headline).
  • Added/updated regression tests: server/tests/receipt.v1.test.js now references the shared constants and includes tests for INVALID_RECEIPT_SHAPE and ambiguous-offset dropping; server/src/workers/__tests__/reflection.worker.test.ts adds a test ensuring raw model text is not present in the serialized ENTRY_ANALYZED payload.

Testing

  • Ran node scripts/codex_preflight.mjs --ci and it passed in the Codex Web context.
  • Installed dependencies via pnpm install --frozen-lockfile.
  • Ran pnpm -C server test and the server test suite passed (server tests completed successfully).
  • Ran workspace CI helpers pnpm lint:ci and pnpm test:ci; both completed successfully.
  • Tests added/updated: server/tests/receipt.v1.test.js (receipt-shape + ambiguous-offset assertions) and server/src/workers/__tests__/reflection.worker.test.ts (emission serialization regression). All automated tests triggered in this run passed.

Codex Task

@github-actions
Copy link

github-actions bot commented Feb 20, 2026
edited
Loading

Audit

Audit artifacts not found.

Schema

No drift detected ✅

Codex

No Codex outputs yet.

@wileland wileland changed the base branch from codex/phase0-spine-lockdown-exec-2026-02-19 to develop February 20, 2026 00:10
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Feb 20, 2026
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: fee2dd4c81

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@wileland wileland merged commit 58b59a1 into develop Feb 20, 2026
4 checks passed
wileland added a commit that referenced this pull request Feb 20, 2026
@wileland
chore(release): sync develop -> main (#619)
2e188ab 
* phase0-spine-lockdown-2026-02-19: lock meaning-spine contracts, enforce unique offsets, harden emission (#617)

* chore(codex): phase0 spine lockdown task spec

* chore(codex): tighten phase0 spine lockdown spec for codex web

* fix(server): lock meaning spine contracts and receipt validation

* feat(server): canonicalize transcripts at ingest v1 (#618)

* codex(task): phase1 ingest transcript canonicalization v1

* feat(server): canonicalize transcripts at ingest v1

* fix(codex): align latest.json locks/scope; fold transcript whitespace safely
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@wileland