jester/zlh-grind
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

docs: replace with consolidated anti-drift policy (upload, console, auth, filesystem)

Browse Source
This commit is contained in:
jester 2026-03-01 23:17:55 +00:00
parent 5bb7714f9f
commit c297bbcadf
1 changed files with 60 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
ANTI_DRIFT.md
View File

@ -1,63 +1,35 @@
# Anti-Drift Rules ZLH Frontend # Anti-Drift Policy
ZeroLagHub has historically suffered from "cool idea creep." The grind repo must reflect real implementation.
This document exists to stop that from happening again.
## Known Drift Patterns ---
- Adding visual effects to compensate for unfinished features
- Layering multiple aesthetic ideas (HUD + glow + 3D)
- Treating the UI as a showcase instead of a tool
- Reintroducing browser-only logic into shared utilities
## Drift Prevention Rules ## Do NOT
### 1. Subtraction First - Document future features as complete
If something feels off: - Leave outdated architecture notes in any doc
- Remove an effect - Allow staging/symlink model references to remain
- Simplify a color - Duplicate filesystem rules outside the agent
- Flatten a component - Add CORS to agents
- Expose agent ports through Caddy
- Reintroduce APIv1 endpoints
- Reintroduce Pterodactyl-based auth
- Use cookie-based authentication
- Use server-side portal sessions
Never add effects to "balance" other effects. ---
### 2. One Idea Per Layer ## When Architecture Changes
At most:
- One accent color family
- One subtle animation
- One background texture
If more than one exists, drift has begun. 1. Update `README.md`
2. Update `CONSTRAINTS.md`
3. Update the relevant architecture doc under `docs/architecture/`
4. Update `SESSION_LOG.md`
5. Close thread in `OPEN_THREADS.md` if resolved
### 3. Control Plane Mental Model ---
Ask before merging:
> "Would this feel appropriate in a production admin console at 2AM?"
If no, remove it. ## Console Anti-Drift
### 4. Marketing ≠ Dashboard
- Marketing pages may be expressive.
- Dashboard and terminals must be calm and utilitarian.
- Product UI must never feel like a demo reel.
## Drift Response
If drift is detected:
1. Revert the change
2. Document why it was tempting
3. Re-apply only what serves usability
## Auth & Portal Drift Guardrails
The following are explicitly disallowed:
- Reintroducing APIv1 endpoints
- Reintroducing Pterodactyl-based auth
- CSRF token logic
- Cookie-based authentication
- Server-side portal sessions
All auth must flow:
Portal → JWT → APIv2
## Console Anti-Drift Rule
The interactive console **MUST** remain: The interactive console **MUST** remain:
@ -66,10 +38,45 @@ The interactive console **MUST** remain:
- WebSocket-based - WebSocket-based
- Full duplex (input + output) - Full duplex (input + output)
🚫 Disallowed: Disallowed:
- Log tailing as "console" - Log tailing as "console"
- Exec-per-command models - Exec-per-command models
- Frontend-owned processes - Frontend-owned processes
- Proxmox console passthrough - Proxmox console passthrough
Any deviation requires explicit architectural review. ---
## Upload Anti-Drift
The upload pipeline **MUST** remain:
- Streamed via raw `http.request` piping in the API
- Direct runtime write in the agent (no staging, no symlinks)
- Enforced by agent allowlist only (portal does not enforce security)
Disallowed:
- `fetch()` for upload proxy
- Staging folders
- Symlink-based deployment
- API re-implementing agent filesystem policy
---
## Auth Anti-Drift
All auth must flow: `Portal → JWT → API`
Disallowed:
- CSRF token logic
- Cookie-based authentication
- APIv1 patterns
- Pterodactyl auth patterns
---
## Drift Response
If drift is detected:
1. Revert the change
2. Document why it was tempting
3. Re-apply only what serves usability and real architecture