{"id":"BUGKB-ONE-SHOT-GATING-2025-10-17","date":"2025-10-17T00:49:00+02:00","title":"Execution apres N due to non-hermetic gating and ternary misuse","env":["Win11","PowerShell console (no admin)","NAS SMB"],"impact":["REGLES/INDEX/XREF/TRANSCRIPT modifies involontairement","snapshot du jour cree","multiples .bak"],"repro":["Coller un bloc ou \u0027return\u0027 n\u0027encapsule pas toutes les commandes (hors if global).","Utiliser une pseudo-ternary \u0027?:\u0027 en PowerShell provoque une erreur de parsing, puis collage fractionne."],"detection":{"verify_cmds":["Select-String -Path REGLES_GOUVERNANCE.txt -Pattern \u0027SCRIPT-GENERATION-HANDOVER-RULE\\\\s+v1\\\\.0\u0027","Get-ChildItem \\\\DS-918\\\\...\\\\_registry -Filter *.bak | Sort-Object LastWriteTime -Descending | Select -First 5 Name,LastWriteTime"],"patterns":["presence de \u0027?\u0027 suivi de \u0027:\u0027 (indice) - verifier manuellement","one-shot sans encapsulation globale \u0026 { ... } (regex tete absente)","lignes d\u0027ecriture hors if ( -eq \u0027O\u0027)"]},"fix":{"summary":"Encapsulation hermetique \u0026 { } + EXECUTE uniquement si ( -eq \u0027O\u0027); suppression du ternary","code_guardrail":["# Guardrail minimal pour one-shot","\u0026 {","   = Read-Host \u0027Proceed? Type O to continue (O/N)\u0027; if( -ne \u0027O\u0027){ Write-Host \u0027[CANCEL]\u0027; return }","  # EXECUTE ICI UNIQUEMENT","}"],"recipe_steps":["Tout le bloc (helpers+preview+O/N+execute) dans un unique scriptblock \u0026 { ... }","Aucune commande d\u0027ecriture apres la condition","Remplacer la pseudo-ternary par un if/else PowerShell explicite"]},"guardrails":["ENCAPSULATION-ONE-SHOT v1.0 : bloc unique \u0026 { ... } obligatoire","ASCII-only, no here-strings, single-layer","Preview -\u003e O/N -\u003e ecriture ; .bak systematiques ; local-\u003eNAS Safe-Replace"],"verify_cmds":["Get-ChildItem \\\\DS-918\\\\chatgpt\\\\ChatGPT-Gouvernance-Projets\\\\_registry -Filter *.bak | Sort-Object LastWriteTime -Descending | Select -First 3 Name,LastWriteTime","Select-String -Path \\\\DS-918\\\\...\\\\REGLES_GOUVERNANCE.txt -Pattern \u0027ENCAPSULATION-ONE-SHOT\\\\s+v1\\\\.0\u0027"],"tags":["powershell","paste-ready","gating","safe-create","governance"],"status":"fixed"}{"id":"BUGKB-BOOT-PACK-KB-MISSING-2025-10-17","date":"2025-10-17T00:53:33+02:00","title":"Boot-pack incomplet (KB et Patch History absents) entraine boucles et incoherences","env":["Win11","PowerShell console (no admin)","NAS SMB"],"impact":["Rebouclages et echanges multiples avant d obtenir un script correct","Incoherence des regles appliquees suivant les fils","Perte de temps (manque de garde-fous connus)"],"repro":["Demarrer un fil code/script sans fournir bug_kb\\\\BUG_KB.jsonl et _patches\\\\SCRIPT_PATCH_HISTORY.txt","Le modele ne charge pas les garde-fous et recettes correctives deja connues","Livraisons non standard (ex: here-strings, gating partiel, verifs insuffisantes)"],"detection":{"verify_cmds":["Test-Path \\\\DS-918\\\\...\\\\_registry\\\\bug_kb\\\\BUG_KB.jsonl","Test-Path \\\\DS-918\\\\...\\\\_registry\\\\_patches\\\\SCRIPT_PATCH_HISTORY.txt","Select-String -Path \\\\DS-918\\\\...\\\\_registry\\\\REGLES_GOUVERNANCE.txt -Pattern \u0027BOOT-PACK-KB-REQUIRED\\\\s+v1\\\\.0\u0027"],"patterns":["Audit BOOT-PACK: elements manquants (KB JSONL, Patch History)","REGLES_GOUVERNANCE.txt sans section BOOT-PACK-KB-REQUIRED v1.0"]},"fix":{"summary":"Rendre KB et Patch History obligatoires dans le BOOT-PACK + enforcer et audit","code_guardrail":["# Guardrail (pseudocode):","if (-not (Test-Path bug_kb\\\\BUG_KB.jsonl) -or -not (Test-Path _patches\\\\SCRIPT_PATCH_HISTORY.txt)) {","  Write-Host \u0027[BLOCK] KB/Patch History manquants. Fournissez le BOOT-PACK complet.\u0027","  return","}"],"recipe_steps":["Ajouter la regle BOOT-PACK-KB-REQUIRED v1.0 dans REGLES_GOUVERNANCE.txt","Exiger le BOOT-PACK complet a l ouverture de tout fil code/script","Refuser de livrer des scripts tant que KB et Patch History ne sont pas fournis","Utiliser l audit BOOT-PACK avant generation","Mettre a jour la memoire du modele pour cette exigence"]},"guardrails":["BOOT-PACK-KB-REQUIRED v1.0","SAFE-CREATE-ENFORCER v1.1","ENCAPSULATION-ONE-SHOT v1.0","SCRIPT-GENERATION-HANDOVER-RULE v1.0"],"verify_cmds":["Get-ChildItem \\\\DS-918\\\\chatgpt\\\\ChatGPT-Gouvernance-Projets\\\\_registry\\\\bug_kb -Filter BUG_KB.jsonl","Get-ChildItem \\\\DS-918\\\\chatgpt\\\\ChatGPT-Gouvernance-Projets\\\\_registry\\\\_patches -Filter SCRIPT_PATCH_HISTORY.txt"],"tags":["governance","boot-pack","kb","patch-history","paste-ready","safe-create"],"status":"fixed"}