UNPKG

autosnippet

Version:

Extract code patterns into a knowledge base for AI coding assistants

github.com/GxFn/AutoSnippet

GxFn/AutoSnippet

100 lines (93 loc) 3.85 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# ═══════════════════════════════════════════════════════════ # AutoSnippet Constitution — 权限宪法 # ═══════════════════════════════════════════════════════════ # # 三层权限架构: # ① 能力层 (capabilities) — git push --dry-run 探测物理写权限 # ② 角色层 (roles) — 角色权限矩阵 (action:resource) # ③ 治理层 (rules) — 扁平规则引擎 # # 双路径模式: # AUTH_ENABLED=false → recipes 子仓库探针自动决定角色(能力层驱动) # AUTH_ENABLED=true → 登录后根据用户配置角色(角色层驱动) # ═══════════════════════════════════════════════════════════ version: "3.0" effective_date: "2026-02-13" # ─── 能力探测 ───────────────────────────────────────────── capabilities: git_write: description: "recipes 子仓库 git push 权限" probe: "git push --dry-run" # 子仓库路径(相对于 projectRoot,可自定义) sub_repo_dir: "AutoSnippet/recipes" no_subrepo: "allow" no_remote: "allow" cache_ttl: 86400 # ─── 治理规则(扁平规则替代优先级层级) ───────────────── rules: - id: "destructive_confirm" description: "删除操作需要确认" check: "destructive_needs_confirmation" - id: "content_required" description: "创建 candidate/recipe 需要内容" check: "creation_needs_content" - id: "ai_no_direct_recipe" description: "AI 不能直接创建/批准 recipe" check: "ai_cannot_approve_recipe" - id: "batch_authorized" description: "批量操作需要授权" check: "batch_needs_authorization" # ─── 角色定义 ───────────────────────────────────────────── roles: - id: "external_agent" name: "External Agent" description: "IDE 中的外部 AI Agent(Cursor / Copilot / Claude Code)" permissions: - "read:recipes" - "read:guard_rules" - "create:candidates" - "submit:knowledge" - "read:audit_logs:self" - "knowledge:bootstrap" - "create:skills" constraints: - "不能直接修改 Recipe" - "不能修改 Guard 规则" - "不能删除任何数据" - id: "chat_agent" name: "ChatAgent" description: "AutoSnippet 内置 AI Agent(Dashboard 对话 / 程序化调用)" permissions: - "read:recipes" - "read:candidates" - "create:candidates" - "read:guard_rules" constraints: - "生成的 Candidate 必须包含完整 Reasoning" - "不能绕过 Guard 检查" - id: "contributor" name: "Contributor" description: "有子仓库但无 push 权限的团队成员(只读)" permissions: - "read:recipes" - "read:candidates" - "read:guard_rules" - "read:audit_logs:self" constraints: - "不能创建/修改 Recipe(无子仓库写权限)" - "不能修改 Guard 规则" - id: "visitor" name: "Visitor" description: "严格模式下的最小权限访客" permissions: - "read:recipes" - "read:guard_rules" constraints: - "仅可读取,不能执行任何写操作" - id: "developer" name: "开发者" description: "项目 Owner,完整权限" permissions: - "*" requires_capability: - "git_write"