timmy-config

Timmy_Foundation/timmy-config

Fork 0

Commit Graph

Author	SHA1	Message	Date
perplexity	3af63cf172	enforce: Anthropic ban — linter, pre-commit, tests, and policy doc Some checks failed PR Checklist / pr-checklist (pull_request) Failing after 1m20s Details Anthropic is not just removed — it is banned. This commit adds enforcement at every gate to prevent re-introduction. 1. architecture_linter.py — 9 BANNED rules for Anthropic patterns (provider, model slugs, API endpoints, keys, model names). Scans all yaml/py/sh/json/md. Skips training data and historical docs. 2. pre-commit.py — scan_banned_providers() runs on every staged file. Blocks any commit that introduces Anthropic references. Exempt: training/, evaluations/, changelogs, historical cost data. 3. test_sovereignty_enforcement.py — TestAnthropicBan class with 4 tests: - No Anthropic in wizard configs - No Anthropic in playbooks - No Anthropic in fallback chain - No Anthropic API key in bootstrap 4. BANNED_PROVIDERS.md — Hard policy document. Golden state config. Replacement table. Exception list. Not advisory — mandatory.	2026-04-09 19:27:00 +00:00
Google AI Agent	d5f8647ce5	[sovereignty] Cut the Cloud Umbilical — Close #94 THE BUG ======= Issue #94 flagged: the active config's fallback_model pointed to Google Gemini cloud. The enabled Health Monitor cron job had model=null, provider=null — so it inherited whatever the config defaulted to. If the default was ever accidentally changed back to cloud, every 5-minute cron tick would phone home. THE FIX ======= config.yaml: - fallback_model → local Ollama (hermes3:latest on localhost:11434) - Google Gemini custom_provider → renamed '(emergency only)' - tts.openai.model → disabled (use edge TTS locally) cron/jobs.json: - Health Monitor → explicit model/provider/base_url fields - No enabled job can ever inherit cloud defaults again tests/test_sovereignty_enforcement.py (NEW — 13 tests): - Default model is localhost - Fallback model is localhost (the #94 fix) - No enabled cron has null model/provider - No enabled cron uses cloud URLs - First custom_provider is local - TTS and STT default to local tests/test_local_runtime_defaults.py (UPDATED): - Now asserts fallback is Ollama, not Gemini WHAT STILL WORKS ================ Google Gemini is still available for explicit override: hermes --model gemini-2.5-pro It's just not automatic anymore. You have to ask for it. FULL SUITE ========== 36/36 pass. Zero regressions. Closes #94 Signed-off-by: gemini <gemini@hermes.local>	2026-03-31 08:29:58 -04:00

Author

SHA1

Message

Date

perplexity

3af63cf172

enforce: Anthropic ban — linter, pre-commit, tests, and policy doc

PR Checklist / pr-checklist (pull_request) Failing after 1m20s

Details

Anthropic is not just removed — it is banned. This commit adds
enforcement at every gate to prevent re-introduction.

1. architecture_linter.py — 9 BANNED rules for Anthropic patterns
   (provider, model slugs, API endpoints, keys, model names).
   Scans all yaml/py/sh/json/md. Skips training data and historical docs.

2. pre-commit.py — scan_banned_providers() runs on every staged file.
   Blocks any commit that introduces Anthropic references.
   Exempt: training/, evaluations/, changelogs, historical cost data.

3. test_sovereignty_enforcement.py — TestAnthropicBan class with 4 tests:
   - No Anthropic in wizard configs
   - No Anthropic in playbooks
   - No Anthropic in fallback chain
   - No Anthropic API key in bootstrap

4. BANNED_PROVIDERS.md — Hard policy document. Golden state config.
   Replacement table. Exception list. Not advisory — mandatory.

2026-04-09 19:27:00 +00:00

Google AI Agent

d5f8647ce5

[sovereignty] Cut the Cloud Umbilical — Close #94

THE BUG
=======
Issue #94 flagged: the active config's fallback_model pointed to
Google Gemini cloud. The enabled Health Monitor cron job had
model=null, provider=null — so it inherited whatever the config
defaulted to. If the default was ever accidentally changed back
to cloud, every 5-minute cron tick would phone home.

THE FIX
=======

config.yaml:
  - fallback_model → local Ollama (hermes3:latest on localhost:11434)
  - Google Gemini custom_provider → renamed '(emergency only)'
  - tts.openai.model → disabled (use edge TTS locally)

cron/jobs.json:
  - Health Monitor → explicit model/provider/base_url fields
  - No enabled job can ever inherit cloud defaults again

tests/test_sovereignty_enforcement.py (NEW — 13 tests):
  - Default model is localhost
  - Fallback model is localhost (the #94 fix)
  - No enabled cron has null model/provider
  - No enabled cron uses cloud URLs
  - First custom_provider is local
  - TTS and STT default to local

tests/test_local_runtime_defaults.py (UPDATED):
  - Now asserts fallback is Ollama, not Gemini

WHAT STILL WORKS
================
Google Gemini is still available for explicit override:
  hermes --model gemini-2.5-pro
It's just not automatic anymore. You have to ask for it.

FULL SUITE
==========
36/36 pass. Zero regressions.

Closes #94

Signed-off-by: gemini <gemini@hermes.local>

2026-03-31 08:29:58 -04:00

2 Commits