Keysat
6a6112a15f
Rename CLAUDE.md -> AGENTS.md (cross-vendor standard) with a relative CLAUDE.md symlink so Claude Code still loads it. Move each .claude/rules file into docs/guides/ (paths: frontmatter preserved) and replace the rules file with a relative symlink into the guide. Repoint the AGENTS.md index paragraph at docs/guides/ so non-Claude agents find the guides.
24 lines
1.2 KiB
Markdown
24 lines
1.2 KiB
Markdown
---
|
|
paths:
|
|
- "image/app/redaction/**"
|
|
- "image/app/redaction_gateway.py"
|
|
- "docs/REDACTION_GATEWAY.md"
|
|
---
|
|
|
|
# Redaction (`/scrub` + `/rehydrate`)
|
|
|
|
- `image/app/redaction/scrub.py` + `test_scrub_leak.py` are vendored **byte-for-byte** from the CRM repo (sha recorded in `redaction/__init__.py`). **Never edit them here** — change them in the CRM repo, re-vendor (`cp`), update the sha, re-run the leak test.
|
|
- The gateway around the vendored scrubber is `image/app/redaction_gateway.py`. Its token-map store lives on `/data` (`REDACTION_MAP_DB`, default `/data/redaction_maps.db`) and fails closed if it can't open — set the env var when running outside the container.
|
|
|
|
## Test suites — both must pass before shipping ANY redaction change
|
|
|
|
```bash
|
|
cd image
|
|
.venv/bin/python -m app.redaction.test_gateway # /scrub + /rehydrate acceptance; offline, no cluster needed
|
|
.venv/bin/python app/redaction/test_scrub_leak.py # vendored golden-file leak test; offline
|
|
```
|
|
|
|
Keep the leak test green against the vendored `scrub.py` after any re-vendor.
|
|
|
|
Policy context: scrubbed text via `/scrub` is the **only** sanctioned path toward frontier/cloud models — see the whole-repo privacy rule in CLAUDE.md.
|