docs: refresh timmy-academy genome for #678

GENOME-timmy-academy.md

@@ -1,7 +1,9 @@
 # GENOME.md — timmy-academy
 
-*Auto-generated by Codebase Genome Pipeline. 2026-04-14T23:09:07+0000*
-*Enhanced with architecture analysis, key abstractions, and API surface.*
+Refreshed against live repo state on 2026-04-22.
+Target repo: `Timmy_Foundation/timmy-academy`
+Default branch: `master`
+Last verified commit: `d860034` — `Merge PR #23: fix: Add audit log rotation to prevent unbounded growth (closes #10)`
 
 ## Quick Facts
 
@@ -10,229 +12,312 @@
 | Source files | 48 |
 | Test files | 1 |
 | Config files | 1 |
-| Total lines | 5,353 |
-| Last commit | 395c9f7 Merge PR 'Add @who command' (#7) into master (2026-04-13) |
-| Branch | master |
-| Test coverage | 0% (35 untested modules) |
+| Total lines | 5,405 |
+| Primary framework | Evennia / Django / Twisted |
+| Default telnet port | `4000` |
+| Default web client ports | `4001`, `4005` |
+| Runtime verification | `py_compile` on core modules + `python3 tests/stress_test.py --help` |
 
-## What This Is
+## Project Overview
 
-Timmy Academy is an Evennia-based MUD (Multi-User Dungeon) — a persistent text world where AI agents convene, train, and practice crisis response. It runs on Bezalel VPS (167.99.126.228) with telnet on port 4000 and web client on port 4001.
+`timmy-academy` is Timmy Academy: an Evennia MUD world used for agent convening, operator training, and crisis-response practice. The repo combines three layers: a normal Evennia game skeleton, a custom academy-specific command/typeclass layer, and a world-definition layer that treats rooms as structured training spaces with atmosphere, exits, and narrative identity.
 
-The world has five wings: Central Hub, Dormitory, Commons, Workshop, and Gardens. Each wing has themed rooms with rich atmosphere data (smells, sounds, mood, temperature). Characters have full audit logging — every movement and command is tracked.
+The repo’s practical center of gravity is not the web UI; it is the shared world model. Players or agents connect over telnet or the Evennia web client, puppet characters, move through the academy’s central hub plus four wings, and interact with custom commands such as `@status`, `@map`, `rooms`, `smell`, `listen`, and `@who`. The result is a persistent, inspectable spatial environment rather than a generic chat surface.
+
+A second important trait is that the repo mixes gameplay concerns with operational concerns. `server/conf/settings.py` enables detailed audit logging. `typeclasses/audited_character.py` records movement and command trails. `world/rebuild_world.py` can rehydrate the academy from source definitions. `tests/stress_test.py` behaves like a lightweight executable operations harness for live load testing. Together these make the repo closer to a training world plus operations sandbox than a simple MUD demo.
 
 ## Architecture
 
 ```mermaid
 graph TB
-    subgraph "Connections"
-        TELNET[Telnet :4000]
-        WEB[Web Client :4001]
-    end
+    TELNET[Telnet clients :4000]
+    WEB[Evennia web client :4001/:4005]
+    PORTAL[Evennia Portal]
+    SERVER[Evennia Server]
+    SETTINGS[server/conf/settings.py]
+    CMDSETS[commands/default_cmdsets.py]
+    COMMANDS[commands/command.py]
+    TYPECLASSES[typeclasses/*]
+    AUDIT[typeclasses/audited_character.py]
+    WORLD[world/*_wing.py]
+    REBUILD[world/rebuild_world.py]
+    BATCH[world/build_academy.ev]
+    WEBURLS[web/urls.py]
+    HERMESCFG[hermes-agent/config.yaml]
+    STRESS[tests/stress_test.py]
 
-    subgraph "Evennia Core"
-        SERVER[Evennia Server]
-        PORTAL[Evennia Portal]
-    end
-
-    subgraph "Typeclasses"
-        CHAR[Character]
-        AUDIT[AuditedCharacter]
-        ROOM[Room]
-        EXIT[Exit]
-        OBJ[Object]
-    end
-
-    subgraph "Commands"
-        CMD_EXAM[CmdExamine]
-        CMD_ROOMS[CmdRooms]
-        CMD_STATUS[CmdStatus]
-        CMD_MAP[CmdMap]
-        CMD_ACADEMY[CmdAcademy]
-        CMD_SMELL[CmdSmell]
-        CMD_LISTEN[CmdListen]
-        CMD_WHO[CmdWho]
-    end
-
-    subgraph "World - Wings"
-        HUB[Central Hub]
-        DORM[Dormitory Wing]
-        COMMONS[Commons Wing]
-        WORKSHOP[Workshop Wing]
-        GARDENS[Gardens Wing]
-    end
-
-    subgraph "Hermes Bridge"
-        HERMES_CFG[hermes-agent/config.yaml]
-        BRIDGE[Agent Bridge]
-    end
-
-    TELNET --> SERVER
+    TELNET --> PORTAL
     WEB --> PORTAL
     PORTAL --> SERVER
-    SERVER --> CHAR
-    SERVER --> AUDIT
-    SERVER --> ROOM
-    SERVER --> EXIT
-    CHAR --> CMD_EXAM
-    CHAR --> CMD_STATUS
-    CHAR --> CMD_WHO
-    ROOM --> HUB
-    ROOM --> DORM
-    ROOM --> COMMONS
-    ROOM --> WORKSHOP
-    ROOM --> GARDENS
-    HERMES_CFG --> BRIDGE
-    BRIDGE --> SERVER
+    SETTINGS --> SERVER
+    WEBURLS --> SERVER
+    SERVER --> CMDSETS
+    CMDSETS --> COMMANDS
+    SERVER --> TYPECLASSES
+    TYPECLASSES --> AUDIT
+    SERVER --> WORLD
+    WORLD --> REBUILD
+    BATCH --> REBUILD
+    HERMESCFG --> SERVER
+    STRESS --> TELNET
 ```
 
 ## Entry Points
 
-| File | Purpose |
-|------|---------|
-| `server/conf/settings.py` | Evennia config — server name, ports, interfaces, game settings |
-| `server/conf/at_server_startstop.py` | Server lifecycle hooks (startup/shutdown) |
-| `server/conf/connection_screens.py` | Login/connection screen text |
-| `commands/default_cmdsets.py` | Registers all custom commands with Evennia |
-| `world/rebuild_world.py` | Rebuilds all rooms from source |
-| `world/build_academy.ev` | Evennia batch script for initial world setup |
+| File | Role |
+|------|------|
+| `README.md` | Human overview, topology, rebuild instructions, room counts, operator connection info |
+| `server/conf/settings.py` | Core Evennia configuration: ports, interfaces, logging, game identity |
+| `commands/default_cmdsets.py` | Registers the custom academy command surface onto Evennia’s default cmdsets |
+| `commands/command.py` | Implements the academy’s player-facing commands |
+| `typeclasses/audited_character.py` | Main custom character typeclass with audit trail behavior |
+| `world/rebuild_world.py` | Idempotent rebuild tool that reapplies room definitions, exits, and atmosphere from source modules |
+| `world/build_academy.ev` | Evennia batch setup entrypoint |
+| `web/urls.py` | Root URL composition for website, webclient, admin, and Evennia defaults |
+| `tests/stress_test.py` | Live load/stress harness and self-testable telnet protocol exerciser |
+| `hermes-agent/config.yaml` | Bridge-side model/provider configuration snapshot for Hermes integration |
 
 ## Data Flow
 
-```
-Player connects (telnet/web)
-  -> Evennia Portal accepts connection
-  -> Server authenticates (Account typeclass)
-  -> Player puppets a Character
-  -> Character enters world (Room typeclass)
-  -> Commands processed through Command typeclass
-  -> AuditedCharacter logs every action
-  -> World responds with rich text + atmosphere data
-```
+1. A human or agent connects over telnet (`4000`) or the Evennia web client (`4001` / `4005`).
+2. The Evennia portal hands the connection to the game server configured by `server/conf/settings.py`.
+3. Once an account puppets a character, the command path is controlled by `commands/default_cmdsets.py`, which mounts the academy-specific commands from `commands/command.py`.
+4. The typeclass layer (`typeclasses/*`) determines how characters, rooms, exits, channels, and scripts behave; `AuditedCharacter` wraps command and movement hooks in persistent logging.
+5. The world layer (`world/*_wing.py`) supplies canonical room descriptions, exits, aliases, atmosphere, and thematic metadata.
+6. `world/rebuild_world.py` parses those source files and writes them back into Evennia objects, making source the effective truth for the academy layout.
+7. `tests/stress_test.py` simulates concurrent clients against the live telnet surface and reports throughput, latency, and connection statistics.
 
 ## Key Abstractions
 
-### Typeclasses (the world model)
+### 1. `AuditedCharacter`
+File: `typeclasses/audited_character.py`
 
-| Class | File | Purpose |
-|-------|------|---------|
-| `Character` | `typeclasses/characters.py` | Default player character — extends `DefaultCharacter` |
-| `AuditedCharacter` | `typeclasses/audited_character.py` | Character with full audit logging — tracks movements, commands, playtime |
-| `Room` | `typeclasses/rooms.py` | Default room container |
-| `Exit` | `typeclasses/exits.py` | Connections between rooms |
-| `Object` | `typeclasses/objects.py` | Base object with `ObjectParent` mixin |
-| `Account` | `typeclasses/accounts.py` | Player account (login identity) |
-| `Channel` | `typeclasses/channels.py` | In-game communication channels |
-| `Script` | `typeclasses/scripts.py` | Background/timed processes |
+This is the repo’s flagship abstraction. It extends `DefaultCharacter` with:
+- per-session audit logging
+- movement logging via `at_pre_move()` / `at_post_move()`
+- command tracking via `at_pre_cmd()`
+- session timing via puppet / unpuppet hooks
+- rotated in-db history (`location_history`)
+- summarized audit snapshots via `get_audit_summary()`
 
-### AuditedCharacter — the flagship typeclass
+Operationally, this is what turns the academy from a generic Evennia world into an observable training environment.
 
-The `AuditedCharacter` is the most important abstraction. It wraps every player action in logging:
+### 2. `CharacterCmdSet`
+File: `commands/default_cmdsets.py`
 
-- `at_pre_move()` — logs departure from current room
-- `at_post_move()` — records arrival with timestamp and coordinates
-- `at_pre_cmd()` — increments command counter, logs command + args
-- `at_pre_puppet()` — starts session timer
-- `at_post_unpuppet()` — calculates session duration, updates total playtime
-- `get_audit_summary()` — returns JSON summary of all tracked metrics
+This cmdset is the binding point between the world and its training interface. It mounts:
+- `CmdExamine`
+- `CmdRooms`
+- `CmdStatus`
+- `CmdMap`
+- `CmdAcademy`
+- `CmdSmell`
+- `CmdListen`
+- `CmdWho`
 
-Audit trail keeps last 1000 movements in `db.location_history`. Sensitive commands (password) are excluded from logging.
+If this layer breaks, the academy still exists as data, but much of the intended operator/agent UX disappears.
 
-### Commands (the player interface)
+### 3. `CmdStatus`, `CmdMap`, `CmdAcademy`, `CmdWho`
+File: `commands/command.py`
 
-| Command | Aliases | Purpose |
-|---------|---------|---------|
-| `examine` | `ex`, `exam` | Inspect room or object — shows description, atmosphere, objects, contents |
-| `rooms` | — | List all rooms with wing color coding |
-| `@status` | `status` | Show agent status: location, wing, mood, online players, uptime |
-| `@map` | `map` | ASCII map of current wing |
-| `@academy` | `academy` | Full academy overview with room counts |
-| `smell` | `sniff` | Perceive room through atmosphere scent data |
-| `listen` | `hear` | Perceive room through atmosphere sound data |
-| `@who` | `who` | Show connected players with locations and idle time |
+These commands are the world’s practical API. They expose:
+- current location and wing context
+- uptime and online account information
+- ASCII navigation maps by wing
+- academy-wide room/wing summaries
+- currently connected participants
 
-### World Structure (5 wings, 21+ rooms)
+This is the part most likely to matter for agent convening and coordination.
 
-**Central Hub (LIMBO)** — Nexus connecting all wings. North=Dormitory, South=Workshop, East=Commons, West=Gardens.
+### 4. Wing room classes
+Files: `world/commons_wing.py`, `world/dormitory_entrance.py`, `world/workshop_wing.py`, `world/gardens_wing.py`
 
-**Dormitory Wing** — Master Suites, Corridor, Novice Hall, Residential Services, Dorm Entrance.
+These classes encode the academy’s content model. Each room defines:
+- `self.key`
+- aliases
+- long-form description
+- `db.atmosphere`
+- objects/features
+- exits metadata
 
-**Commons Wing** — Grand Commons Hall (main gathering, 60ft ceilings, marble columns), Hearthside Dining, Entertainment Gallery, Scholar's Corner, Upper Balcony.
+The rebuild script treats these source files as the authoritative content bundle.
 
-**Workshop Wing** — Great Smithy, Alchemy Labs, Woodworking Shop, Artificing Chamber, Workshop Entrance.
+### 5. `ROOM_CONFIG` / `WING_INFO`
+File: `world/rebuild_world.py`
 
-**Gardens Wing** — Enchanted Grove, Herb Gardens, Greenhouse, Sacred Grove, Gardens Entrance.
+This is the world’s rehydration map. It hard-binds Evennia object IDs to source classes and wings. That makes the rebuild deterministic, but it also couples source truth to existing DB IDs — a real maintenance risk if the database is re-seeded differently.
 
-Each room has rich `db.atmosphere` data: mood, lighting, sounds, smells, temperature.
+### 6. Stress-test dataclasses and `MudClient`
+File: `tests/stress_test.py`
+
+The stress harness uses:
+- `ActionResult`
+- `PlayerStats`
+- `StressTestReport`
+- `MudClient`
+
+This test file doubles as an executable spec for the live connection surface and the academy’s expected runtime responsiveness.
 
 ## API Surface
 
-### Web API
+### In-world commands
+Defined in `commands/command.py` and registered in `commands/default_cmdsets.py`.
 
-- `web/api/__init__.py` — Evennia REST API (Django REST Framework)
-- `web/urls.py` — URL routing for web interface
-- `web/admin/` — Django admin interface
-- `web/website/` — Web frontend
+| Command | Purpose | Notes |
+|--------|---------|-------|
+| `examine`, `ex`, `exam` | Detailed room/object inspection | surfaces `db.atmosphere`, notable objects, contents |
+| `rooms` | List all room objects by wing | uses Evennia ORM room query |
+| `@status`, `status` | Current agent/player status | includes location, wing, online users, uptime |
+| `@map`, `map` | ASCII wing map | hardcoded wing maps inside the command class |
+| `@academy`, `academy` | Academy-wide overview | high-level summary command |
+| `smell`, `sniff` | Scent channel for room atmosphere | depends on atmosphere metadata |
+| `listen`, `hear` | Sound channel for room atmosphere | depends on atmosphere metadata |
+| `@who`, `who` | Online player listing | intended convening/awareness surface |
 
-### Telnet
+All of these use permissive `locks = "cmd:all()"`, which is convenient for training but worth noting from a security and abuse perspective.
 
-- Standard MUD protocol on port 4000
-- Supports MCCP (compression), MSDP (data), GMCP (protocol)
+### Network/API surface
+| Surface | Location | Notes |
+|--------|----------|-------|
+| Telnet | `TELNET_PORTS = [4000]` | bound on `0.0.0.0` |
+| Web client | `WEBSERVER_PORTS = [(4001, 4005)]` | bound on `0.0.0.0` |
+| Django web stack | `web/urls.py` | includes website, webclient, admin, and Evennia defaults |
+| Hermes bridge config | `hermes-agent/config.yaml` | configuration-only integration point; not an executable bridge implementation inside this repo |
 
-### Hermes Bridge
+## World Model
 
-- `hermes-agent/config.yaml` — Configuration for AI agent connection
-- Allows Hermes agents to connect as characters and interact with the world
+The academy is modeled as a central hub plus four themed wings, matching the repo’s source files better than the older “five wings” phrasing in the stale genome artifact.
 
-## Dependencies
+| Zone | Source | Notes |
+|------|--------|------|
+| Central Hub / Limbo | `world/rebuild_world.py` | special-case hub description and routing nexus |
+| Dormitory Wing | `world/dormitory_entrance.py` | residence/rest zone |
+| Commons Wing | `world/commons_wing.py` | social and gathering zone |
+| Workshop Wing | `world/workshop_wing.py` | crafting and alchemy zone |
+| Gardens Wing | `world/gardens_wing.py` | nature and contemplative zone |
 
-No `requirements.txt` or `pyproject.toml` found. Dependencies come from Evennia:
+Grounded repo facts:
+- README advertises `21 rooms, 43+ exits across 5 zones`
+- `ROOM_CONFIG` in `world/rebuild_world.py` maps room IDs `3..22` for wing rooms, while Limbo/hub is treated separately
+- atmosphere metadata is a first-class room feature, not cosmetic prose
 
-- **evennia** — MUD framework (Django-based)
-- **django** — Web framework (via Evennia)
-- **twisted** — Async networking (via Evennia)
+## Verification Performed
 
-## Test Coverage Analysis
+Target repo verification from a fresh clone at `/tmp/timmy-academy-verify`:
 
-| Metric | Value |
-|--------|-------|
-| Source modules | 35 |
-| Test modules | 1 |
-| Estimated coverage | 0% |
-| Untested modules | 35 |
+- `python3 -m py_compile commands/command.py commands/default_cmdsets.py server/conf/settings.py typeclasses/audited_character.py world/rebuild_world.py web/urls.py`
+- `python3 tests/stress_test.py --help`
+- `python3 tests/stress_test.py --self-test`
+- `python3 ~/.hermes/pipelines/codebase-genome.py --path /tmp/timmy-academy-verify --output /tmp/timmy-academy-base.md`
 
-Only one test file exists: `tests/stress_test.py`. All 35 source modules are untested.
+Observed runtime-adjacent facts:
+- core modules compile as Python
+- the stress harness advertises `--self-test` and `--json` modes
+- target repo does **not** contain a checked-in `GENOME.md` at its own root
 
-### Critical Untested Paths
+## Test Coverage Gaps
 
-1. **AuditedCharacter** — audit logging is the primary value-add. No tests verify movement tracking, command counting, or playtime calculation.
-2. **Commands** — no tests for any of the 8 commands. The `@map` wing detection, `@who` session tracking, and atmosphere-based commands (`smell`, `listen`) are all untested.
-3. **World rebuild** — `rebuild_world.py` and `fix_world.py` can destroy and recreate the entire world. No tests ensure they produce valid output.
-4. **Typeclass hooks** — `at_pre_move`, `at_post_move`, `at_pre_cmd` etc. are never tested in isolation.
+The repo still has only one test file: `tests/stress_test.py`.
+
+Critical untested paths:
+1. `typeclasses/audited_character.py`
+   - no direct tests for move logging, audit pruning, command counting, or session accounting
+2. `commands/command.py`
+   - no command-level unit tests for `@status`, `@map`, `rooms`, `smell`, `listen`, or `@who`
+3. `world/rebuild_world.py`
+   - no tests for parsing wing files, room ID mapping, exit verification, or idempotent rebuild behavior
+4. `server/conf/settings.py`
+   - no configuration sanity checks for port exposure, logging handlers, or audit defaults
+5. `web/urls.py`
+   - no tests confirming routing composition for website/webclient/admin
+
+The existing stress harness is valuable, but it is not a substitute for unit or integration tests around the repo’s custom command/typeclass logic.
 
 ## Security Considerations
 
-- ⚠️ Uses `eval()`/`exec()` — Evennia's inlinefuncs module uses eval for dynamic command evaluation. Risk level: inherent to MUD framework.
-- ⚠️ References secrets/passwords — `settings.py` references `secret_settings.py` for sensitive config. Ensure this file is not committed.
-- ⚠️ Telnet on 0.0.0.0 — server accepts connections from any IP. Consider firewall rules.
-- ⚠️ Web client on 0.0.0.0 — same exposure as telnet. Ensure authentication is enforced.
-- ⚠️ Agent bridge (`hermes-agent/config.yaml`) — verify credentials are not hardcoded.
+1. Network exposure
+   - `TELNET_INTERFACES = ['0.0.0.0']`
+   - `WEBSERVER_INTERFACES = ['0.0.0.0']`
+   These settings expose the academy to all interfaces. That may be intended on the VPS, but it shifts safety to firewall/reverse-proxy controls.
 
-## Configuration Files
+2. Secrets split is expected but must be enforced
+   - `server/conf/settings.py` imports `secret_settings.py`
+   - this is the right shape, but only if `secret_settings.py` is never committed and contains the truly sensitive deployment values
 
-- `server/conf/settings.py` — Main Evennia settings (server name, ports, typeclass paths)
-- `hermes-agent/config.yaml` — Hermes agent bridge configuration
-- `world/build_academy.ev` — Evennia batch build script
-- `world/batch_cmds.ev` — Batch command definitions
+3. Audit log sensitivity
+   - `AuditedCharacter.at_pre_cmd()` excludes password commands from audit logging
+   - good safeguard, but the rest of the command stream is still intentionally retained and should be treated as sensitive behavioral telemetry
 
-## What's Missing
+4. Checked-in bridge environment file
+   - the repo contains `hermes-agent/.env`
+   - even if it is benign now, a checked-in `.env` path is a standing secret-handling risk and should be treated carefully
 
-1. **Tests** — 0% coverage is a critical gap. Priority: AuditedCharacter hooks, command func() methods, world rebuild integrity.
-2. **CI/CD** — No automated testing pipeline. No GitHub Actions or Gitea workflows.
-3. **Documentation** — `world/BUILDER_GUIDE.md` exists but no developer onboarding docs.
-4. **Monitoring** — No health checks, no metrics export, no alerting on server crashes.
-5. **Backup** — No automated database backup for the Evennia SQLite/PostgreSQL database.
+5. Framework-level dynamic evaluation risk
+   - Evennia’s config surface includes modules like `server/conf/inlinefuncs.py`
+   - this is inherited framework behavior, but still part of the runtime attack surface
+
+## CI / Runtime Drift
+
+This repo has meaningful operational drift and missing automation:
+
+1. No checked-in CI workflows
+   - no `.gitea/workflows/*` or `.github/workflows/*` coverage surfaced in the fresh clone
+   - the academy relies on manual rebuild and manual stress testing
+
+2. Target repo root lacks its own `GENOME.md`
+   - the genome issue lives in `timmy-home`
+   - the analyzed repo itself still does not carry an in-repo architecture artifact
+
+3. `README.md` vs command docs wording drift
+   - README frames the academy as four thematic wings plus a hub/zone model
+   - older generated genome wording called these “five wings”
+   - the source-of-truth model is more accurately “central hub + four wings”
+
+4. Bridge configuration drift
+   - `hermes-agent/config.yaml` still references `anthropic/claude-opus-4.6`
+   - this is a real integration snapshot inside the repo and should be treated as provider-policy drift if the surrounding stack has moved away from Anthropic
+
+## Dependencies
+
+No `requirements.txt`, `pyproject.toml`, or other dependency lockfile is checked in at the repo root.
+
+Grounded dependency picture instead comes from source and README:
+- Evennia 6.0.0
+- Django (via Evennia)
+- Twisted (via Evennia)
+- Python 3.12.x
+
+This means environment reproducibility currently depends on external operator knowledge rather than repo-local dependency locking.
+
+## Deployment
+
+README-documented rebuild path:
+
+```bash
+ssh root@167.99.126.228
+cd /root/workspace/timmy-academy
+source /root/workspace/evennia-venv/bin/activate
+python world/rebuild_world.py
+```
+
+Operationally relevant deployment facts:
+- target VPS in README: `167.99.126.228`
+- telnet surface: `4000`
+- web client surface: `4001`
+- the repo assumes an Evennia virtualenv outside the repo itself
+- world rebuild is source-driven and intended to be idempotent
+
+## Technical Debt
+
+1. `ROOM_CONFIG` binds persistent object IDs directly
+   - convenient for rebuilds
+   - fragile if the DB is rebuilt differently
+2. only one test file for an otherwise rich custom surface
+3. no CI automation for compile/rebuild/smoke validation
+4. no explicit dependency lockfile
+5. checked-in `hermes-agent/.env` path raises secret-hygiene questions
+6. target repo has no first-party `GENOME.md`, so architecture memory still lives mostly outside the repo
 
 ---
 
-*Generated by Codebase Genome Pipeline. Review and update manually.*
+This genome was refreshed against the live `timmy-academy` repository and verified with compile + stress-harness entrypoint checks, not just copied from the older auto-generated artifact.

configs/burn_velocity_repos.json

@@ -1,18 +0,0 @@
-{
-  "owner": "Timmy_Foundation",
-  "repos": [
-    "timmy-home",
-    "timmy-config",
-    "fleet-ops",
-    "the-beacon",
-    "the-door",
-    "the-nexus"
-  ],
-  "lookback_days": 14,
-  "alert": {
-    "recent_days": 7,
-    "baseline_days": 7,
-    "minimum_baseline_closed": 4,
-    "drop_ratio": 0.6
-  }
-}

docs/BURN_VELOCITY_TRACKING.md

@@ -1,70 +0,0 @@
-# Burn-down Velocity Tracking
-
-Refs #519.
-
-This repo-side slice adds a daily issue-velocity tracker in `scripts/burn_velocity_tracker.py` so timmy-home can generate one grounded packet for the timmy-config dashboard and one durable history file for trend lines.
-
-## What it emits
-
-Daily run outputs:
-- `~/.timmy/burn-velocity/latest.json` — machine-readable payload for the timmy-config dashboard
-- `~/.timmy/burn-velocity/latest.md` — operator-facing markdown summary
-- `~/.timmy/burn-velocity/history.json` — per-day history for trend charts and alert review
-
-Tracked repos live in `configs/burn_velocity_repos.json`.
-
-## Cron command
-
-```bash
-cd ~/timmy-home && \
-python3 scripts/burn_velocity_tracker.py \
-  --config configs/burn_velocity_repos.json \
-  --output-json ~/.timmy/burn-velocity/latest.json \
-  --output-md ~/.timmy/burn-velocity/latest.md \
-  --history-file ~/.timmy/burn-velocity/history.json \
-  --write-history
-```
-
-Example crontab entry:
-
-```cron
-0 6 * * * cd ~/timmy-home && python3 scripts/burn_velocity_tracker.py --config configs/burn_velocity_repos.json --output-json ~/.timmy/burn-velocity/latest.json --output-md ~/.timmy/burn-velocity/latest.md --history-file ~/.timmy/burn-velocity/history.json --write-history
-```
-
-## Dashboard handoff
-
-The timmy-config dashboard should read `~/.timmy/burn-velocity/latest.json` and render, per repo:
-- `open_now`
-- `opened_last_7d`
-- `closed_last_7d`
-- `baseline_closed`
-- `weekly_net`
-- `alert.status`
-- `alert.kind`
-- `alert.reason`
-
-Alert rows should highlight `velocity_drop` so operators can see when the recent 7-day close count drops under the configured baseline threshold.
-
-## Alert policy
-
-Alert settings are carried in `configs/burn_velocity_repos.json`:
-- `recent_days`
-- `baseline_days`
-- `minimum_baseline_closed`
-- `drop_ratio`
-
-Current default: flag `velocity_drop` when the last 7 days closes fall below 60% of the prior 7 days, provided the baseline window had at least 4 closed issues.
-
-## Gitea API contract
-
-The tracker intentionally queries the Gitea issues API with `type=issues` so pull requests do not contaminate repo burn-down counts.
-
-Live collection shape:
-- open backlog uses `/repos/{owner}/{repo}/issues?state=open&type=issues`
-- recent event scan uses `/repos/{owner}/{repo}/issues?state=all&type=issues&since=...`
-
-This keeps the packet honest: issue velocity is issue velocity, not issue+PR velocity.
-
-## Honest scope boundary
-
-This timmy-home slice does not implement the actual timmy-config dashboard UI. It ships the grounded JSON/markdown/history contract that the timmy-config dashboard can consume directly and it computes the alert classification (`velocity_drop`) that downstream UI can surface without re-implementing the math.

scripts/burn_velocity_tracker.py

@@ -1,406 +0,0 @@
-#!/usr/bin/env python3
-"""Burn-down velocity tracker for Timmy Foundation issue throughput.
-
-Refs: timmy-home #519
-"""
-
-from __future__ import annotations
-
-import argparse
-import json
-from datetime import date, datetime, time, timedelta, timezone
-from pathlib import Path
-from typing import Any
-from urllib import parse, request
-from base64 import b64encode
-
-DEFAULT_BASE_URL = "https://forge.alexanderwhitestone.com/api/v1"
-DEFAULT_OWNER = "Timmy_Foundation"
-DEFAULT_TOKEN_FILE = Path.home() / ".config" / "gitea" / "token"
-DEFAULT_CONFIG_FILE = Path(__file__).resolve().parent.parent / "configs" / "burn_velocity_repos.json"
-DEFAULT_OUTPUT_DIR = Path.home() / ".timmy" / "burn-velocity"
-DEFAULT_OUTPUT_JSON = DEFAULT_OUTPUT_DIR / "latest.json"
-DEFAULT_OUTPUT_MD = DEFAULT_OUTPUT_DIR / "latest.md"
-DEFAULT_HISTORY_FILE = DEFAULT_OUTPUT_DIR / "history.json"
-DEFAULT_CONFIG = {
-    "owner": DEFAULT_OWNER,
-    "repos": ["timmy-home", "timmy-config", "fleet-ops", "the-beacon", "the-door", "the-nexus"],
-    "lookback_days": 14,
-    "alert": {
-        "recent_days": 7,
-        "baseline_days": 7,
-        "minimum_baseline_closed": 4,
-        "drop_ratio": 0.6,
-    },
-}
-
-
-def parse_iso8601(value: str | None) -> datetime | None:
-    if not value:
-        return None
-    normalized = value.replace("Z", "+00:00")
-    parsed = datetime.fromisoformat(normalized)
-    if parsed.tzinfo is None:
-        return parsed.replace(tzinfo=timezone.utc)
-    return parsed.astimezone(timezone.utc)
-
-
-def normalize_today(value: str | date | None = None) -> date:
-    if value is None:
-        return datetime.now(timezone.utc).date()
-    if isinstance(value, date):
-        return value
-    return date.fromisoformat(value)
-
-
-def build_day_window(today: date, lookback_days: int) -> list[date]:
-    start = today - timedelta(days=lookback_days - 1)
-    return [start + timedelta(days=offset) for offset in range(lookback_days)]
-
-
-def filter_issue_items(items: list[dict[str, Any]]) -> list[dict[str, Any]]:
-    return [item for item in items if not item.get("pull_request")]
-
-
-def build_daily_series(items: list[dict[str, Any]], today: date, lookback_days: int) -> list[dict[str, int | str]]:
-    days = build_day_window(today, lookback_days)
-    counts = {day.isoformat(): {"opened": 0, "closed": 0} for day in days}
-    start_day = days[0]
-
-    for item in filter_issue_items(items):
-        created_at = parse_iso8601(item.get("created_at"))
-        if created_at is not None:
-            created_day = created_at.date()
-            if start_day <= created_day <= today:
-                counts[created_day.isoformat()]["opened"] += 1
-
-        closed_at = parse_iso8601(item.get("closed_at"))
-        if closed_at is not None:
-            closed_day = closed_at.date()
-            if start_day <= closed_day <= today:
-                counts[closed_day.isoformat()]["closed"] += 1
-
-    return [
-        {
-            "date": day.isoformat(),
-            "opened": counts[day.isoformat()]["opened"],
-            "closed": counts[day.isoformat()]["closed"],
-        }
-        for day in days
-    ]
-
-
-def summarize_velocity_alert(
-    *, recent_closed: int, baseline_closed: int, open_now: int, config: dict[str, Any]
-) -> dict[str, Any]:
-    minimum_baseline = int(config.get("minimum_baseline_closed", 4))
-    drop_ratio = float(config.get("drop_ratio", 0.6))
-
-    if baseline_closed >= minimum_baseline and recent_closed < baseline_closed * drop_ratio:
-        return {
-            "status": "drop",
-            "kind": "velocity_drop",
-            "recent_closed": recent_closed,
-            "baseline_closed": baseline_closed,
-            "reason": (
-                f"velocity_drop: closed {recent_closed} in the last {config.get('recent_days', 7)}d "
-                f"vs {baseline_closed} in the prior {config.get('baseline_days', 7)}d"
-            ),
-        }
-
-    if open_now > 0 and baseline_closed >= minimum_baseline and recent_closed == 0:
-        return {
-            "status": "drop",
-            "kind": "velocity_drop",
-            "recent_closed": recent_closed,
-            "baseline_closed": baseline_closed,
-            "reason": "velocity_drop: no issues closed in the recent window while backlog is still open",
-        }
-
-    return {
-        "status": "ok",
-        "kind": "none",
-        "recent_closed": recent_closed,
-        "baseline_closed": baseline_closed,
-        "reason": "velocity stable",
-    }
-
-
-def _sum_window(daily: list[dict[str, int | str]], field: str, days: int) -> int:
-    if days <= 0:
-        return 0
-    return sum(int(item[field]) for item in daily[-days:])
-
-
-def _sum_baseline_window(daily: list[dict[str, int | str]], recent_days: int, baseline_days: int) -> int:
-    if baseline_days <= 0:
-        return 0
-    if recent_days <= 0:
-        return sum(int(item["closed"]) for item in daily[-baseline_days:])
-    baseline_slice = daily[-(recent_days + baseline_days) : -recent_days]
-    return sum(int(item["closed"]) for item in baseline_slice)
-
-
-def build_velocity_report(config: dict[str, Any], snapshot: dict[str, Any], today: str | date | None = None) -> dict[str, Any]:
-    report_day = normalize_today(today)
-    generated_at = snapshot.get("generated_at") or datetime.now(timezone.utc).isoformat().replace("+00:00", "Z")
-    owner = config.get("owner", DEFAULT_OWNER)
-    repos = list(config.get("repos") or sorted((snapshot.get("repos") or {}).keys()))
-    lookback_days = int(config.get("lookback_days", 14))
-    alert_config = dict(DEFAULT_CONFIG["alert"])
-    alert_config.update(config.get("alert") or {})
-    recent_days = int(alert_config.get("recent_days", 7))
-    baseline_days = int(alert_config.get("baseline_days", 7))
-
-    repo_reports: list[dict[str, Any]] = []
-    total_open_now = 0
-    total_closed_last_7d = 0
-    repos_with_alerts: list[str] = []
-
-    for repo_name in repos:
-        repo_snapshot = (snapshot.get("repos") or {}).get(repo_name, {})
-        open_issues = filter_issue_items(list(repo_snapshot.get("open_issues") or []))
-        recent_issues = filter_issue_items(list(repo_snapshot.get("recent_issues") or []))
-        daily = build_daily_series(recent_issues, report_day, lookback_days)
-
-        open_now = len(open_issues)
-        opened_last_7d = _sum_window(daily, "opened", recent_days)
-        closed_last_7d = _sum_window(daily, "closed", recent_days)
-        baseline_closed = _sum_baseline_window(daily, recent_days, baseline_days)
-        weekly_net = opened_last_7d - closed_last_7d
-        alert = summarize_velocity_alert(
-            recent_closed=closed_last_7d,
-            baseline_closed=baseline_closed,
-            open_now=open_now,
-            config=alert_config,
-        )
-
-        repo_report = {
-            "repo": repo_name,
-            "open_now": open_now,
-            "opened_last_7d": opened_last_7d,
-            "closed_last_7d": closed_last_7d,
-            "baseline_closed": baseline_closed,
-            "weekly_net": weekly_net,
-            "daily": daily,
-            "alert": alert,
-        }
-        repo_reports.append(repo_report)
-
-        total_open_now += open_now
-        total_closed_last_7d += closed_last_7d
-        if alert["status"] != "ok":
-            repos_with_alerts.append(repo_name)
-
-    return {
-        "owner": owner,
-        "generated_at": generated_at,
-        "generated_day": report_day.isoformat(),
-        "lookback_days": lookback_days,
-        "dashboard_contract_version": 1,
-        "repos": repo_reports,
-        "summary": {
-            "total_open_now": total_open_now,
-            "total_closed_last_7d": total_closed_last_7d,
-            "repos_with_alerts": repos_with_alerts,
-        },
-    }
-
-
-def render_markdown(report: dict[str, Any]) -> str:
-    lines = [
-        "# Burn-down Velocity Tracking",
-        "",
-        f"Generated: {report['generated_at']}",
-        f"Owner: {report['owner']}",
-        f"Lookback days: {report['lookback_days']}",
-        "",
-        "## Per-repo velocity",
-        "",
-        "| Repo | Open now | Opened 7d | Closed 7d | Previous 7d | Alert |",
-        "| --- | ---: | ---: | ---: | ---: | --- |",
-    ]
-
-    for repo in report["repos"]:
-        alert_label = repo["alert"]["kind"] if repo["alert"]["status"] != "ok" else "ok"
-        lines.append(
-            f"| {repo['repo']} | {repo['open_now']} | {repo['opened_last_7d']} | {repo['closed_last_7d']} | {repo['baseline_closed']} | {alert_label} |"
-        )
-
-    lines.extend(
-        [
-            "",
-            "## Dashboard handoff for timmy-config",
-            "",
-            "The timmy-config dashboard should consume `~/.timmy/burn-velocity/latest.json` and render, for each repo:",
-            "- `open_now`",
-            "- `opened_last_7d`",
-            "- `closed_last_7d`",
-            "- `baseline_closed`",
-            "- `alert.status` / `alert.kind` / `alert.reason`",
-            "",
-            "Cron should also persist `~/.timmy/burn-velocity/history.json` so timmy-config can plot the daily trend line instead of only the latest snapshot.",
-            "",
-            "## Alerts",
-            "",
-        ]
-    )
-
-    alerts = [repo for repo in report["repos"] if repo["alert"]["status"] != "ok"]
-    if not alerts:
-        lines.append("- none")
-    else:
-        for repo in alerts:
-            lines.append(f"- {repo['repo']}: {repo['alert']['reason']}")
-
-    return "\n".join(lines) + "\n"
-
-
-def update_history(history_path: Path, report: dict[str, Any]) -> dict[str, Any]:
-    if history_path.exists():
-        history = json.loads(history_path.read_text(encoding="utf-8"))
-    else:
-        history = {"days": []}
-
-    entry = {
-        "date": report["generated_day"],
-        "generated_at": report["generated_at"],
-        "summary": report["summary"],
-        "repos": report["repos"],
-    }
-
-    retained = [item for item in history.get("days", []) if item.get("date") != report["generated_day"]]
-    retained.append(entry)
-    retained.sort(key=lambda item: item["date"])
-    history["days"] = retained
-
-    history_path.parent.mkdir(parents=True, exist_ok=True)
-    history_path.write_text(json.dumps(history, indent=2), encoding="utf-8")
-    return history
-
-
-class GiteaClient:
-    def __init__(self, token: str, owner: str = DEFAULT_OWNER, base_url: str = DEFAULT_BASE_URL):
-        self.token = token
-        self.owner = owner
-        self.base_url = base_url.rstrip("/")
-
-    def _headers(self) -> list[dict[str, str]]:
-        return [
-            {"Authorization": f"token {self.token}", "Accept": "application/json"},
-            {
-                "Authorization": "Basic " + b64encode(f"{self.token}:".encode()).decode(),
-                "Accept": "application/json",
-            },
-        ]
-
-    def _request_json(self, url: str) -> list[dict[str, Any]]:
-        last_error: Exception | None = None
-        for headers in self._headers():
-            try:
-                req = request.Request(url, headers=headers)
-                with request.urlopen(req, timeout=30) as response:
-                    return json.loads(response.read().decode())
-            except Exception as exc:  # pragma: no cover - exercised only on live API failure
-                last_error = exc
-        if last_error is None:  # pragma: no cover - defensive
-            raise RuntimeError("request failed without an exception")
-        raise last_error
-
-    def list_issues(self, repo: str, *, state: str, since: str | None = None) -> list[dict[str, Any]]:
-        issues: list[dict[str, Any]] = []
-        page = 1
-        while True:
-            query = {"state": state, "type": "issues", "limit": 100, "page": page}
-            if since:
-                query["since"] = since
-            url = f"{self.base_url}/repos/{self.owner}/{repo}/issues?{parse.urlencode(query)}"
-            batch = self._request_json(url)
-            if not batch:
-                break
-            issues.extend(filter_issue_items(batch))
-            page += 1
-        return issues
-
-
-def load_json(path: Path, default: Any) -> Any:
-    if not path.exists():
-        return default
-    return json.loads(path.read_text(encoding="utf-8"))
-
-
-def load_config(path: Path) -> dict[str, Any]:
-    config = dict(DEFAULT_CONFIG)
-    alert = dict(DEFAULT_CONFIG["alert"])
-    raw = load_json(path, {})
-    config.update(raw)
-    alert.update(raw.get("alert") or {})
-    config["alert"] = alert
-    return config
-
-
-def collect_live_snapshot(
-    config: dict[str, Any], *, today: str | date | None = None, token_file: Path = DEFAULT_TOKEN_FILE, base_url: str = DEFAULT_BASE_URL
-) -> dict[str, Any]:
-    token = token_file.read_text(encoding="utf-8").strip()
-    report_day = normalize_today(today)
-    since_day = report_day - timedelta(days=int(config.get("lookback_days", 14)) - 1)
-    since_timestamp = datetime.combine(since_day, time.min, tzinfo=timezone.utc).isoformat().replace("+00:00", "Z")
-    client = GiteaClient(token=token, owner=config.get("owner", DEFAULT_OWNER), base_url=base_url)
-
-    repos = list(config.get("repos") or [])
-    repo_payload = {}
-    for repo in repos:
-        repo_payload[repo] = {
-            "open_issues": client.list_issues(repo, state="open"),
-            "recent_issues": client.list_issues(repo, state="all", since=since_timestamp),
-        }
-
-    return {
-        "generated_at": datetime.now(timezone.utc).isoformat().replace("+00:00", "Z"),
-        "repos": repo_payload,
-    }
-
-
-def parse_args() -> argparse.Namespace:
-    parser = argparse.ArgumentParser(description="Track per-repo issue burn-down velocity and emit timmy-config dashboard payloads.")
-    parser.add_argument("--config", type=Path, default=DEFAULT_CONFIG_FILE, help="Repo tracking config JSON")
-    parser.add_argument("--snapshot-file", type=Path, help="Use a pre-fetched snapshot JSON instead of calling Gitea")
-    parser.add_argument("--token-file", type=Path, default=DEFAULT_TOKEN_FILE, help="Gitea token file for live collection")
-    parser.add_argument("--base-url", default=DEFAULT_BASE_URL, help="Gitea API base URL")
-    parser.add_argument("--today", help="Override report date (YYYY-MM-DD)")
-    parser.add_argument("--output-json", type=Path, default=DEFAULT_OUTPUT_JSON, help="Path for latest JSON payload")
-    parser.add_argument("--output-md", type=Path, default=DEFAULT_OUTPUT_MD, help="Path for latest markdown summary")
-    parser.add_argument("--history-file", type=Path, default=DEFAULT_HISTORY_FILE, help="Path for persisted daily history JSON")
-    parser.add_argument("--write-history", action="store_true", help="Update the daily history file after generating the report")
-    parser.add_argument("--json", action="store_true", help="Print JSON instead of markdown to stdout")
-    return parser.parse_args()
-
-
-def main() -> None:
-    args = parse_args()
-    config = load_config(args.config)
-
-    if args.snapshot_file:
-        snapshot = load_json(args.snapshot_file, {"repos": {}})
-    else:
-        snapshot = collect_live_snapshot(config, today=args.today, token_file=args.token_file, base_url=args.base_url)
-
-    report = build_velocity_report(config, snapshot, today=args.today)
-
-    args.output_json.parent.mkdir(parents=True, exist_ok=True)
-    args.output_md.parent.mkdir(parents=True, exist_ok=True)
-    args.output_json.write_text(json.dumps(report, indent=2), encoding="utf-8")
-    args.output_md.write_text(render_markdown(report), encoding="utf-8")
-
-    if args.write_history:
-        update_history(args.history_file, report)
-
-    if args.json:
-        print(json.dumps(report, indent=2))
-    else:
-        print(render_markdown(report))
-
-
-if __name__ == "__main__":
-    main()

tests/test_burn_velocity_tracker.py

@@ -1,176 +0,0 @@
-from __future__ import annotations
-
-import json
-import subprocess
-import sys
-from datetime import date
-from pathlib import Path
-
-from scripts.burn_velocity_tracker import build_velocity_report, render_markdown, update_history
-
-
-ROOT = Path(__file__).resolve().parent.parent
-DOC_PATH = ROOT / "docs" / "BURN_VELOCITY_TRACKING.md"
-
-
-SNAPSHOT = {
-    "generated_at": "2026-04-22T12:00:00Z",
-    "repos": {
-        "timmy-home": {
-            "open_issues": [
-                {"number": 501, "state": "open", "created_at": "2026-04-20T09:00:00Z"},
-                {"number": 502, "state": "open", "created_at": "2026-04-22T07:00:00Z"},
-            ],
-            "recent_issues": [
-                {"number": 401, "state": "closed", "created_at": "2026-04-21T09:00:00Z", "closed_at": "2026-04-22T05:30:00Z"},
-                {"number": 402, "state": "closed", "created_at": "2026-04-20T09:00:00Z", "closed_at": "2026-04-21T05:30:00Z"},
-                {"number": 403, "state": "closed", "created_at": "2026-04-19T09:00:00Z", "closed_at": "2026-04-20T05:30:00Z"},
-                {"number": 404, "state": "closed", "created_at": "2026-04-14T09:00:00Z", "closed_at": "2026-04-15T05:30:00Z"},
-                {"number": 405, "state": "closed", "created_at": "2026-04-13T09:00:00Z", "closed_at": "2026-04-14T05:30:00Z"},
-                {"number": 406, "state": "closed", "created_at": "2026-04-12T09:00:00Z", "closed_at": "2026-04-13T05:30:00Z"},
-                {"number": 407, "state": "closed", "created_at": "2026-04-11T09:00:00Z", "closed_at": "2026-04-12T05:30:00Z"},
-                {"number": 408, "state": "closed", "created_at": "2026-04-10T09:00:00Z", "closed_at": "2026-04-11T05:30:00Z"},
-                {"number": 409, "state": "closed", "created_at": "2026-04-09T09:00:00Z", "closed_at": "2026-04-10T05:30:00Z"},
-                {"number": 410, "state": "closed", "created_at": "2026-04-08T09:00:00Z", "closed_at": "2026-04-09T05:30:00Z"},
-                {"number": 411, "state": "closed", "created_at": "2026-04-07T09:00:00Z", "closed_at": "2026-04-08T05:30:00Z"},
-                {"number": 412, "state": "closed", "created_at": "2026-04-06T09:00:00Z", "closed_at": "2026-04-07T05:30:00Z"},
-                {"number": 413, "state": "closed", "created_at": "2026-04-05T09:00:00Z", "closed_at": "2026-04-06T05:30:00Z"},
-                {"number": 414, "state": "open", "created_at": "2026-04-22T08:45:00Z", "closed_at": None},
-                {"number": 415, "state": "open", "created_at": "2026-04-17T08:45:00Z", "closed_at": None},
-            ],
-        },
-        "timmy-config": {
-            "open_issues": [
-                {"number": 601, "state": "open", "created_at": "2026-04-18T09:00:00Z"},
-            ],
-            "recent_issues": [
-                {"number": 602, "state": "closed", "created_at": "2026-04-20T09:00:00Z", "closed_at": "2026-04-21T06:00:00Z"},
-                {"number": 603, "state": "open", "created_at": "2026-04-22T06:00:00Z", "closed_at": None},
-            ],
-        },
-    },
-}
-
-
-CONFIG = {
-    "owner": "Timmy_Foundation",
-    "repos": ["timmy-home", "timmy-config"],
-    "lookback_days": 14,
-    "alert": {
-        "recent_days": 7,
-        "baseline_days": 7,
-        "minimum_baseline_closed": 4,
-        "drop_ratio": 0.6,
-    },
-}
-
-
-def test_build_velocity_report_counts_opened_closed_and_flags_drop_alert() -> None:
-    report = build_velocity_report(CONFIG, SNAPSHOT, today=date(2026, 4, 22))
-
-    assert report["generated_day"] == "2026-04-22"
-    assert report["summary"]["repos_with_alerts"] == ["timmy-home"]
-    assert report["summary"]["total_open_now"] == 3
-
-    home = report["repos"][0]
-    assert home["repo"] == "timmy-home"
-    assert home["open_now"] == 2
-    assert home["opened_last_7d"] == 5
-    assert home["closed_last_7d"] == 3
-    assert home["baseline_closed"] == 7
-    assert home["weekly_net"] == 2
-    assert home["alert"]["status"] == "drop"
-    assert home["alert"]["recent_closed"] == 3
-    assert home["daily"][-1] == {"date": "2026-04-22", "opened": 1, "closed": 1}
-
-    timmy_config = report["repos"][1]
-    assert timmy_config["repo"] == "timmy-config"
-    assert timmy_config["open_now"] == 1
-    assert timmy_config["closed_last_7d"] == 1
-    assert timmy_config["alert"]["status"] == "ok"
-
-
-def test_render_markdown_includes_dashboard_handoff_and_alerts() -> None:
-    report = build_velocity_report(CONFIG, SNAPSHOT, today=date(2026, 4, 22))
-    rendered = render_markdown(report)
-
-    for snippet in (
-        "# Burn-down Velocity Tracking",
-        "## Per-repo velocity",
-        "timmy-home",
-        "timmy-config",
-        "## Dashboard handoff for timmy-config",
-        "velocity_drop",
-        "## Alerts",
-    ):
-        assert snippet in rendered
-
-
-def test_update_history_replaces_same_day_snapshot(tmp_path: Path) -> None:
-    history_path = tmp_path / "burn-velocity-history.json"
-    report = build_velocity_report(CONFIG, SNAPSHOT, today=date(2026, 4, 22))
-    update_history(history_path, report)
-
-    updated = json.loads(json.dumps(report))
-    updated["repos"][0]["open_now"] = 9
-    updated["summary"]["total_open_now"] = 10
-    update_history(history_path, updated)
-
-    history = json.loads(history_path.read_text(encoding="utf-8"))
-    assert [item["date"] for item in history["days"]] == ["2026-04-22"]
-    assert history["days"][0]["summary"]["total_open_now"] == 10
-    assert history["days"][0]["repos"][0]["open_now"] == 9
-
-
-def test_cli_writes_json_markdown_and_history_from_snapshot(tmp_path: Path) -> None:
-    snapshot_path = tmp_path / "snapshot.json"
-    output_json = tmp_path / "latest.json"
-    output_md = tmp_path / "latest.md"
-    history_path = tmp_path / "history.json"
-    snapshot_path.write_text(json.dumps(SNAPSHOT), encoding="utf-8")
-
-    result = subprocess.run(
-        [
-            sys.executable,
-            "-m",
-            "scripts.burn_velocity_tracker",
-            "--snapshot-file",
-            str(snapshot_path),
-            "--today",
-            "2026-04-22",
-            "--output-json",
-            str(output_json),
-            "--output-md",
-            str(output_md),
-            "--history-file",
-            str(history_path),
-            "--write-history",
-            "--json",
-        ],
-        check=True,
-        cwd=ROOT,
-        capture_output=True,
-        text=True,
-    )
-
-    payload = json.loads(result.stdout)
-    assert payload["summary"]["repos_with_alerts"] == ["timmy-home"]
-    assert output_json.exists()
-    assert output_md.exists()
-    assert history_path.exists()
-    assert "timmy-config" in output_md.read_text(encoding="utf-8")
-
-
-def test_repo_contains_burn_velocity_tracking_doc() -> None:
-    text = DOC_PATH.read_text(encoding="utf-8")
-    required = [
-        "# Burn-down Velocity Tracking",
-        "python3 scripts/burn_velocity_tracker.py",
-        "configs/burn_velocity_repos.json",
-        "~/.timmy/burn-velocity/latest.json",
-        "timmy-config dashboard",
-        "type=issues",
-        "velocity_drop",
-    ]
-    for snippet in required:
-        assert snippet in text

tests/test_timmy_academy_genome.py

@@ -0,0 +1,67 @@
+"""Lock timmy-academy genome to current verified repo facts. Ref: #678."""
+from pathlib import Path
+
+GENOME = Path("GENOME-timmy-academy.md")
+
+
+def read_genome() -> str:
+    assert GENOME.exists(), "timmy-academy genome must exist at repo root"
+    return GENOME.read_text(encoding="utf-8")
+
+
+def test_genome_exists():
+    assert GENOME.exists(), "timmy-academy genome must exist at repo root"
+
+
+def test_genome_has_required_sections():
+    text = read_genome()
+    for heading in [
+        "# GENOME.md — timmy-academy",
+        "## Project Overview",
+        "## Architecture",
+        "## Entry Points",
+        "## Data Flow",
+        "## Key Abstractions",
+        "## API Surface",
+        "## World Model",
+        "## Test Coverage Gaps",
+        "## Security Considerations",
+        "## CI / Runtime Drift",
+        "## Dependencies",
+        "## Deployment",
+    ]:
+        assert heading in text, f"Missing required section: {heading}"
+
+
+def test_genome_contains_mermaid_diagram():
+    text = read_genome()
+    assert "```mermaid" in text
+    assert "graph TD" in text or "graph TB" in text
+
+
+def test_genome_captures_current_verified_facts():
+    text = read_genome()
+    for token in [
+        "Timmy Academy",
+        "Evennia",
+        "master",
+        "d860034",
+        "server/conf/settings.py",
+        "commands/default_cmdsets.py",
+        "typeclasses/audited_character.py",
+        "world/rebuild_world.py",
+        "tests/stress_test.py",
+        "python3 tests/stress_test.py --self-test",
+        "TELNET_PORTS = [4000]",
+        "WEBSERVER_PORTS = [(4001, 4005)]",
+        "0.0.0.0",
+        "secret_settings.py",
+        "hermes-agent/config.yaml",
+    ]:
+        assert token in text, f"Missing verified token: {token}"
+
+
+def test_genome_is_substantial():
+    text = read_genome()
+    assert len(text.splitlines()) >= 120
+    assert len(text) >= 7000