[BOOT-PACK] Project = ChatGPT-Gouvernance-Projets RegistryRoot = \\DS-918\chatgpt\ChatGPT-Gouvernance-Projets\_registry Encoding = utf8-nobom TargetScriptName = Targets = [POLICY] IndexFormat = txt AllowedTextExt = txt DisallowedTextExt= md EffectiveSince = 2025-10-17 [BUG_KB_JSON] { "entries": [ { "id": "KB-PS1-ENCODING-UTF8BOM", "title": "Windows PowerShell 5.1 parsing requires UTF-8 with BOM or pure ASCII for .ps1", "blocking": false, "workaround": "Save .ps1 as UTF-8 BOM; avoid typographic punctuation; or run in pwsh Core.", "tags": [ "powershell", "encoding", "utf8-bom", "compat" ], "seen_in_threads": [ "2025-10-18" ] }, { "id": "KB-PS1-TYPO-PUNCT", "title": "Typographic quotes and em/en dash break PowerShell parser when file is read as ANSI", "blocking": false, "workaround": "Normalize to ASCII: replace curly quotes and dashes and NBSP; keep scripts ASCII-safe.", "tags": [ "powershell", "quotes", "emdash", "ansi" ], "seen_in_threads": [ "2025-10-18" ] }, { "id": "KB-EXEC-POLICY-BYPASS", "title": "ExecutionPolicy AllSigned blocks unsigned scripts on network shares", "blocking": false, "workaround": "Use -ExecutionPolicy Bypass per-process; generate .cmd wrappers that call powershell.exe -ExecutionPolicy Bypass", "tags": [ "powershell", "executionpolicy", "bypass", "netshare" ], "seen_in_threads": [ "2025-10-18" ] }, { "id": "BUGKB-ONE-SHOT-GATING-2025-10-17", "date": "2025-10-17T00:49:00+02:00", "title": "Execution apres N due to non-hermetic gating and ternary misuse", "env": [ "Win11", "PowerShell console (no admin)", "NAS SMB" ], "impact": [ "REGLES/INDEX/XREF/TRANSCRIPT modifies involontairement", "snapshot du jour cree", "multiples .bak" ], "repro": [ "Coller un bloc ou \u0027return\u0027 n\u0027encapsule pas toutes les commandes (hors if global).", "Utiliser une pseudo-ternary \u0027?:\u0027 en PowerShell provoque une erreur de parsing, puis collage fractionne." ], "detection": { "verify_cmds": [ "Select-String -Path REGLES_GOUVERNANCE.txt -Pattern \u0027SCRIPT-GENERATION-HANDOVER-RULE\\\\s+v1\\\\.0\u0027", "Get-ChildItem \\\\DS-918\\\\...\\\\_registry -Filter *.bak | Sort-Object LastWriteTime -Descending | Select -First 5 Name,LastWriteTime" ], "patterns": [ "presence de \u0027?\u0027 suivi de \u0027:\u0027 (indice) - verifier manuellement", "one-shot sans encapsulation globale \u0026 { ... } (regex tete absente)", "lignes d\u0027ecriture hors if ( -eq \u0027O\u0027)" ] }, "fix": { "summary": "Encapsulation hermetique \u0026 { } + EXECUTE uniquement si ( -eq \u0027O\u0027); suppression du ternary", "code_guardrail": [ "# Guardrail minimal pour one-shot", "\u0026 {", " = Read-Host \u0027Proceed? Type O to continue (O/N)\u0027; if( -ne \u0027O\u0027){ Write-Host \u0027[CANCEL]\u0027; return }", " # EXECUTE ICI UNIQUEMENT", "}" ], "recipe_steps": [ "Tout le bloc (helpers+preview+O/N+execute) dans un unique scriptblock \u0026 { ... }", "Aucune commande d\u0027ecriture apres la condition", "Remplacer la pseudo-ternary par un if/else PowerShell explicite" ] }, "guardrails": [ "ENCAPSULATION-ONE-SHOT v1.0 : bloc unique \u0026 { ... } obligatoire", "ASCII-only, no here-strings, single-layer", "Preview -\u003e O/N -\u003e ecriture ; .bak systematiques ; local-\u003eNAS Safe-Replace" ], "verify_cmds": [ "Get-ChildItem \\\\DS-918\\\\chatgpt\\\\ChatGPT-Gouvernance-Projets\\\\_registry -Filter *.bak | Sort-Object LastWriteTime -Descending | Select -First 3 Name,LastWriteTime", "Select-String -Path \\\\DS-918\\\\...\\\\REGLES_GOUVERNANCE.txt -Pattern \u0027ENCAPSULATION-ONE-SHOT\\\\s+v1\\\\.0\u0027" ], "tags": [ "powershell", "paste-ready", "gating", "safe-create", "governance" ], "status": "fixed", "seen_in_threads": [ ] }, { "id": "BUGKB-BOOT-PACK-KB-MISSING-2025-10-17", "date": "2025-10-17T00:53:33+02:00", "title": "Boot-pack incomplet (KB et Patch History absents) entraine boucles et incoherences", "env": [ "Win11", "PowerShell console (no admin)", "NAS SMB" ], "impact": [ "Rebouclages et echanges multiples avant d obtenir un script correct", "Incoherence des regles appliquees suivant les fils", "Perte de temps (manque de garde-fous connus)" ], "repro": [ "Demarrer un fil code/script sans fournir bug_kb\\\\BUG_KB.jsonl et _patches\\\\SCRIPT_PATCH_HISTORY.txt", "Le modele ne charge pas les garde-fous et recettes correctives deja connues", "Livraisons non standard (ex: here-strings, gating partiel, verifs insuffisantes)" ], "detection": { "verify_cmds": [ "Test-Path \\\\DS-918\\\\...\\\\_registry\\\\bug_kb\\\\BUG_KB.jsonl", "Test-Path \\\\DS-918\\\\...\\\\_registry\\\\_patches\\\\SCRIPT_PATCH_HISTORY.txt", "Select-String -Path \\\\DS-918\\\\...\\\\_registry\\\\REGLES_GOUVERNANCE.txt -Pattern \u0027BOOT-PACK-KB-REQUIRED\\\\s+v1\\\\.0\u0027" ], "patterns": [ "Audit BOOT-PACK: elements manquants (KB JSONL, Patch History)", "REGLES_GOUVERNANCE.txt sans section BOOT-PACK-KB-REQUIRED v1.0" ] }, "fix": { "summary": "Rendre KB et Patch History obligatoires dans le BOOT-PACK + enforcer et audit", "code_guardrail": [ "# Guardrail (pseudocode):", "if (-not (Test-Path bug_kb\\\\BUG_KB.jsonl) -or -not (Test-Path _patches\\\\SCRIPT_PATCH_HISTORY.txt)) {", " Write-Host \u0027[BLOCK] KB/Patch History manquants. Fournissez le BOOT-PACK complet.\u0027", " return", "}" ], "recipe_steps": [ "Ajouter la regle BOOT-PACK-KB-REQUIRED v1.0 dans REGLES_GOUVERNANCE.txt", "Exiger le BOOT-PACK complet a l ouverture de tout fil code/script", "Refuser de livrer des scripts tant que KB et Patch History ne sont pas fournis", "Utiliser l audit BOOT-PACK avant generation", "Mettre a jour la memoire du modele pour cette exigence" ] }, "guardrails": [ "BOOT-PACK-KB-REQUIRED v1.0", "SAFE-CREATE-ENFORCER v1.1", "ENCAPSULATION-ONE-SHOT v1.0", "SCRIPT-GENERATION-HANDOVER-RULE v1.0" ], "verify_cmds": [ "Get-ChildItem \\\\DS-918\\\\chatgpt\\\\ChatGPT-Gouvernance-Projets\\\\_registry\\\\bug_kb -Filter BUG_KB.jsonl", "Get-ChildItem \\\\DS-918\\\\chatgpt\\\\ChatGPT-Gouvernance-Projets\\\\_registry\\\\_patches -Filter SCRIPT_PATCH_HISTORY.txt" ], "tags": [ "governance", "boot-pack", "kb", "patch-history", "paste-ready", "safe-create" ], "status": "fixed", "seen_in_threads": [ ] }, { "id": "KB-20251018-121605", "title": null, "blocking": false, "root_cause": null, "workaround": null, "fix": null, "tags": [ null ], "seen_in_threads": [ null ], "last_seen": "2025-10-18T12:16:04+02:00" }, { "id": "KB-20251018-130600", "title": "Unhandled script error: Out-File : Le processus ne peut pas acc‚der au fichier", "blocking": false, "root_cause": "Erreur non classifiée (voir log).", "workaround": "Analyser le message, reproduire, ajouter une règle précise.", "fix": "", "tags": [ "powershell", "autolog", "ps51", "unclassified", "oneshot", "slof" ], "seen_in_threads": [ "2025-10-18" ], "last_seen": "2025-10-18T13:06:00+02:00" }, { "id": "KB-20251018-131432", "title": "Unhandled script error: Out-File : Le processus ne peut pas acc�der au fichier", "blocking": false, "root_cause": "Erreur non classifi�e (voir log).", "workaround": "Analyser le message, reproduire, ajouter une r�gle pr�cise.", "fix": "", "tags": [ "powershell", "autolog", "ps51", "unclassified", "oneshot", "slof" ], "seen_in_threads": [ "2025-10-18" ], "last_seen": "2025-10-18T13:14:31+02:00" } ], "updated": "2025-10-18T13:14:31+02:00" }