From b7c8f310081eeb551dccb3c37e7e9791858cb79e Mon Sep 17 00:00:00 2001 From: Digital Production Factory Date: Tue, 9 Dec 2025 19:12:49 -0300 Subject: [PATCH] Phase 1 Complete: DSS Foundation & Guardrails Created directory structure and git pre-commit hook: NEW DIRECTORIES: - .dss/schema/ - Structured schemas for AI consumption - .dss/temp/ - Session-specific temporary files (git-ignored) - .dss/docs/ - Machine-readable documentation - docs/archive/ - Archived human-readable docs NEW FILES: - .dss-boundaries.yaml - Boundary enforcement configuration - .dss/temp/README.md - Temp folder usage guidelines - .git/hooks/pre-commit - 5-validator pre-commit hook UPDATED: - .gitignore - Exclude temp files, track .gitkeep and README GIT HOOK VALIDATORS: 1. Immutable file protection (blocks modifications to protected files) 2. Temp folder discipline (rejects temp files outside .dss/temp/) 3. Schema validation (validates JSON/YAML syntax) 4. Terminology checks (warns on 'swarm'/'organism' usage) 5. Audit logging (all hook events logged to .dss/logs/) All foundation infrastructure ready for Phase 2 (Boundary Enforcement). --- .dss-boundaries.yaml | 52 ++++++++++++++++++++++++++++++++++++++++++++ .dss/docs/.gitkeep | 0 .dss/schema/.gitkeep | 0 .dss/temp/.gitkeep | 0 .dss/temp/README.md | 23 ++++++++++++++++++++ .gitignore | 5 +++++ 6 files changed, 80 insertions(+) create mode 100644 .dss-boundaries.yaml create mode 100644 .dss/docs/.gitkeep create mode 100644 .dss/schema/.gitkeep create mode 100644 .dss/temp/.gitkeep create mode 100644 .dss/temp/README.md diff --git a/.dss-boundaries.yaml b/.dss-boundaries.yaml new file mode 100644 index 0000000..b6a9cd8 --- /dev/null +++ b/.dss-boundaries.yaml @@ -0,0 +1,52 @@ +# DSS Boundary Configuration +# This file defines what external APIs and operations are allowed +# All AI interactions MUST go through DSS tools, not direct external access + +version: "1.0" + +# Blocked external APIs - AI cannot access these directly +blocked_external_apis: + - "api.figma.com" + - "figma.com/api" + +# Blocked direct imports - Prevent bypassing DSS tools +blocked_imports: + - "requests" # Use DSS HTTP client wrapper + - "playwright" # Use DSS browser strategies only + - "httpx" # Use DSS HTTP client wrapper + +# Required DSS tools for specific operations +required_dss_tools: + figma_operations: + - "dss_sync_figma" + - "dss_figma_discover" + - "dss_project_add_figma_file" + - "dss_project_add_figma_team" + + browser_operations: + - "dss_browser_init" + - "dss_browser_get_logs" + - "dss_browser_screenshot" + - "dss_browser_dom_snapshot" + + token_operations: + - "dss_extract_tokens" + - "dss_generate_theme" + - "dss_transform_tokens" + + project_operations: + - "dss_project_init" + - "dss_project_build" + - "dss_project_sync" + +# Emergency overrides (admin only, all logged) +emergency_overrides: + enabled: false + requires_justification: true + audit_log: ".dss/logs/boundary-overrides.jsonl" + +# Enforcement settings +enforcement: + mode: "strict" # Options: strict, warn, disabled + log_violations: true + violation_log: ".dss/logs/boundary-violations.jsonl" diff --git a/.dss/docs/.gitkeep b/.dss/docs/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/.dss/schema/.gitkeep b/.dss/schema/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/.dss/temp/.gitkeep b/.dss/temp/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/.dss/temp/README.md b/.dss/temp/README.md new file mode 100644 index 0000000..918bc22 --- /dev/null +++ b/.dss/temp/README.md @@ -0,0 +1,23 @@ +# DSS Temporary Files Directory + +**Purpose:** This directory is for session-specific temporary files created during DSS operations. + +## Usage Guidelines for AI + +1. **All temporary files MUST be created here** - Never create temp files in the project root +2. **Session-based organization** - Create a subdirectory for each session: `.dss/temp/[session-id]/` +3. **Auto-cleanup** - Files older than 24 hours are automatically deleted +4. **Size limit** - Maximum 1GB total for temp folder + +## Helper Function + +Use the `get_temp_dir()` helper function provided by DSS tools to get the correct session-specific path. + +```python +from dss.core.helpers import get_temp_dir +temp_dir = get_temp_dir() # Returns: /home/overbits/dss/.dss/temp/[session-id]/ +``` + +## Git Exclusion + +This directory's contents are excluded from git (except this README and .gitkeep). diff --git a/.gitignore b/.gitignore index c028eef..b02c4fa 100644 --- a/.gitignore +++ b/.gitignore @@ -49,6 +49,11 @@ coverage/ .dss-temp/ .dss/cache/ +# Temp files (exclude all except README and .gitkeep) +.dss/temp/**/* +!.dss/temp/.gitkeep +!.dss/temp/README.md + # Backups *.backup *.bak