Memory Wiki

Untitled Session

2026-05-24 08:21 UTC · 54 messages · cli

You2026-05-24 08:23 UTC
Write build plans for T21-T24 (Module 4 — Email). All fault rules enforced.
Donna2026-05-24 08:23 UTC
I'll start by reading the mandatory context files and examining the existing module patterns to build comprehensive plans.
Tool2026-05-24 08:23 UTC
{"content": " 1|# Past Faults Log — Profe Core Modules\n 2|\n 3|> **Purpose:** Every bug, design miss, and edge case discovered during development is recorded here.\n 4|> Future modules (and future TBs) MUST read this log before writing code.\n 5|\n 6|---\n 7|\n 8|## ...
Tool2026-05-24 08:23 UTC
{"content": " 1|# Build Plan V3: Profe Core — Modules 2-10 (COMPLETE)\n 2|\n 3|**Document ID:** BUILD-PLAN-SA-003-V3-COMPLETE \n 4|**Author:** SA (Super Architect) \n 5|**Date:** 2026-05-24 \n 6|**Status:** AUTHORITATIVE \n 7|**Phase 1 Status:** ✅ COMPLETE & LOCKED (P...
Tool2026-05-24 08:23 UTC
{"total_count": 50, "files": ["/root/profe-modules/rate_limiter/tests/Unit/RateLimitKeyBuilderTest.php", "/root/profe-modules/rate_limiter/tests/Unit/RateLimiterTest.php", "/root/profe-modules/rate_limiter/tests/Unit/RateLimitRepositoryTest.php", "/root/profe-modules/rate_limiter/tests/Integration/R...
Donna2026-05-24 08:23 UTC
Let me read more of the PB and examine existing modules for patterns.
Tool2026-05-24 08:23 UTC
{"content": " 501|- ⚠️ **Idempotency guards** — `profe_webhook_events.event_id` UNIQUE KEY. `isDuplicate()` check before processing.\n 502|- ⚠️ **Webhook exempt route** — Register `'stripe-webhook'` via `CsrfMiddlewareInterface::addExemptRoute()`.\n 503|- ⚠️ **Rate limiter** — Redis-backed tok...
Tool2026-05-24 08:23 UTC
{"total_count": 100, "files": ["/root/profe-modules/checkout_service/src/CheckoutService/CheckoutService.php", "/root/profe-modules/checkout_service/src/CheckoutService/CheckoutServiceInterface.php", "/root/profe-modules/checkout_service/src/CheckoutService/Exception/CheckoutServiceException.php", "...
Donna2026-05-24 08:23 UTC
Let me study reference modules for implementation patterns.
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * WebhookHandlerModule — ModuleInstanceInterface implementation for webhook_handler\n 4| *\n 5| * HC-04: Webhook route CSRF/Auth exempt.\n 6| * FAULT-004: Webhook route explicitly exempted.\n 7| * FAULT-01: Factory closure captures $c, n...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * WebhookHandler — Stripe webhook event processing implementation\n 4| *\n 5| * HC-01: Stripe SDK used for signature verification via StripeServiceInterface.\n 6| * HC-02: Webhook signature via SDK — NOT hand-rolled HMAC.\n 7| * HC-03: I...
Tool2026-05-24 08:23 UTC
{"content": " 1|{\n 2| \"name\": \"webhook_handler\",\n 3| \"version\": \"1.0.0\",\n 4| \"description\": \"Stripe webhook event processing with idempotency and typed event routing\",\n 5| \"dependencies\": [\n 6| \"Profe\\\\CoreUsers\\\\CoreUsersInterface\"...
Tool2026-05-24 08:23 UTC
{"content": " 1|{\n 2| \"name\": \"profe/webhook-handler\",\n 3| \"description\": \"Stripe webhook event processing — signature verification, idempotent event routing\",\n 4| \"type\": \"profe-module\",\n 5| \"license\": \"proprietary\",\n 6| \"autoload\": {\n ...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * WebhookHandlerInterface — Stripe webhook event processing service contract\n 4| *\n 5| * @package Profe\\WebhookHandler\n 6| */\n 7|\n 8|declare(strict_types=1);\n 9|\n 10|namespace Profe\\WebhookHandler;\n 11|\n 12|in...
Donna2026-05-24 08:23 UTC
Let me look at more reference files - repositories, tests, exceptions, migrations, and the billing_admin module for the admin pattern.
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * WebhookEventRepository — DB operations on profe_webhook_events\n 4| *\n 5| * FAULT-04: Bare table names, no $wpdb->prefix.\n 6| * FAULT-05: All queries use prepared statements.\n 7| *\n 8| * @package Profe\\WebhookHandler\\Reposito...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * WebhookHandlerException — Typed exception for webhook event processing\n 4| *\n 5| * @package Profe\\WebhookHandler\n 6| */\n 7|\n 8|declare(strict_types=1);\n 9|\n 10|namespace Profe\\WebhookHandler;\n 11|\n 12|class ...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * CreateWebhookEventsMigration — Migration for profe_webhook_events table\n 4| *\n 5| * Registered via DbMigrationInterface in boot().\n 6| * HC-03: Idempotency via UNIQUE KEY defined in DDL.\n 7| *\n 8| * @package Profe\\WebhookHand...
Tool2026-05-24 08:23 UTC
{"content": " 1|# webhook_handler — Stripe Webhook Event Processing\n 2|\n 3|## Purpose\n 4|Receive and process Stripe webhook events. Verify signatures via `StripeServiceInterface::verifyWebhookSignature()`, provide idempotent event processing via `profe_webhook_events.event_id` UNI...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * BillingAdminModule — ModuleInstanceInterface implementation for billing_admin\n 4| *\n 5| * HC-01: ModuleInstanceInterface implemented.\n 6| * HC-04: Admin-only endpoints — all routes check manage_options.\n 7| * FAULT-004: CSRF enforc...
Donna2026-05-24 08:23 UTC
Let me examine more patterns - the service, tests, and admin patterns.
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * BillingAdminService — Billing admin API implementation\n 4| *\n 5| * HC-01: All mutation endpoints CSRF-protected via Module.\n 6| * HC-02: Pagination enforces max 100 per_page.\n 7| * HC-03: Events emitted after action success.\n ...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|declare(strict_types=1);\n 3|\n 4|namespace Profe\\BillingAdmin\\Test\\Unit;\n 5|\n 6|use PHPUnit\\Framework\\TestCase;\n 7|\n 8|class BillingAdminModuleTest extends TestCase\n 9|{\n 10| // --- Test 13: Module name ---\n 11|\n ...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|declare(strict_types=1);\n 3|\n 4|namespace Profe\\BillingAdmin\\Test\\Unit;\n 5|\n 6|use PHPUnit\\Framework\\TestCase;\n 7|use Profe\\BillingAdmin\\BillingAdminService;\n 8|use Profe\\BillingAdmin\\BillingAdminInterface;\n 9|use Profe\\B...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|declare(strict_types=1);\n 3|\n 4|namespace Profe\\BillingAdmin\\Test\\Fixture;\n 5|\n 6|/**\n 7| * BillingAdminFixtures — Test data fixtures for billing_admin tests\n 8| *\n 9| * @package Profe\\BillingAdmin\\Test\\Fixture\n 10| */\n ...
Donna2026-05-24 08:23 UTC
Let me check the StripeService implementation for the external API wrapper pattern.
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * StripeService — Stripe API Wrapper Implementation\n 4| *\n 5| * HC-01: Stripe SDK used — NOT hand-rolled curl.\n 6| * HC-02: Webhook signature via SDK — uses \\Stripe\\Webhook::constructEvent().\n 7| * HC-03: API keys via ConfigManager...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * StripeServiceInterface — Stripe API Wrapper Service Contract\n 4| *\n 5| * Thin, type-safe wrapper around the official stripe/stripe-php SDK.\n 6| * This is the ONLY module that interacts with Stripe — no other module\n 7| * may call \...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * StripeServiceModule — ModuleInstanceInterface implementation for stripe_service\n 4| *\n 5| * HC-01: Stripe SDK used — requires stripe/stripe-php in composer.json.\n 6| * HC-03: API keys via ConfigManagerInterface.\n 7| * HC-04: Test/l...
Tool2026-05-24 08:23 UTC
{"content": " 1|{\n 2| \"name\": \"profe/stripe-service\",\n 3| \"description\": \"Stripe API Wrapper — customer management, checkout sessions, billing portal, webhook verification\",\n 4| \"type\": \"profe-module\",\n 5| \"license\": \"proprietary\",\n 6| \"au...
Tool2026-05-24 08:23 UTC
{"content": " 1|{\n 2| \"name\": \"stripe_service\",\n 3| \"version\": \"1.0.0\",\n 4| \"description\": \"Stripe API wrapper — SDK-based customer management, checkout, billing portal, webhook verification\",\n 5| \"dependencies\": [\n 6| \"Profe\\\\CoreUser...
Donna2026-05-24 08:23 UTC
Let me check integration test pattern and the existing test files to complete my understanding.
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|declare(strict_types=1);\n 3|\n 4|namespace Profe\\WebhookHandler\\Test\\Integration;\n 5|\n 6|use PHPUnit\\Framework\\TestCase;\n 7|use Profe\\WebhookHandler\\WebhookHandler;\n 8|use Profe\\WebhookHandler\\Repository\\WebhookEventRepository;...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|declare(strict_types=1);\n 3|\n 4|namespace Profe\\WebhookHandler\\Test\\Fixture;\n 5|\n 6|/**\n 7| * WebhookHandlerFixtures — Test data fixtures for webhook_handler tests\n 8| *\n 9| * FAULT-07: Test fixtures in correct test namespace.\n...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|declare(strict_types=1);\n 3|\n 4|namespace Profe\\BillingAdmin\\Test\\Integration;\n 5|\n 6|use PHPUnit\\Framework\\TestCase;\n 7|use Profe\\BillingAdmin\\BillingAdminService;\n 8|use Profe\\BillingAdmin\\BillingAdminInterface;\n 9|use P...
Donna2026-05-24 08:23 UTC
Now I have a thorough understanding of all patterns. Let me also check for the existing migrations location and existing modules structure.
Tool2026-05-24 08:23 UTC
{"total_count": 5, "files": ["/root/profe-modules/migrations/007_create_profe_rate_limits.sql", "/root/profe-modules/migrations/006_create_profe_webhook_events.sql", "/root/profe-modules/migrations/004_create_profe_mem_history.sql", "/root/profe-modules/migrations/005_create_profe_subscriptions.sql"...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * BillingAdminInterface — Billing admin API service contract\n 4| *\n 5| * Provides administrative API surfaces for managing billing operations.\n 6| * No new tables — reads from profe_subscriptions, profe_orders, profe_webhook_events, profe...
Tool2026-05-24 08:23 UTC
{"content": " 1|<?php\n 2|/**\n 3| * BillingAdminRepository — DB operations on profe_* tables for billing admin\n 4| *\n 5| * FAULT-04: Bare table names, no $wpdb->prefix.\n 6| * FAULT-05: All queries use prepared statements.\n 7| *\n 8| * @package Profe\\BillingAdmin...
Donna2026-05-24 08:23 UTC
Now I have all the context I need. Let me create all 4 build plans simultaneously.
Tool2026-05-24 08:23 UTC
{"bytes_written": 13707, "dirs_created": true, "lint": {"status": "skipped", "message": "No linter for .md files"}}
Donna2026-05-24 08:23 UTC
Tool2026-05-24 08:23 UTC
{"bytes_written": 13530, "dirs_created": true, "lint": {"status": "skipped", "message": "No linter for .md files"}}
Donna2026-05-24 08:23 UTC
Tool2026-05-24 08:23 UTC
{"bytes_written": 14006, "dirs_created": true, "lint": {"status": "skipped", "message": "No linter for .md files"}}
Donna2026-05-24 08:23 UTC
Tool2026-05-24 08:23 UTC
{"bytes_written": 11843, "dirs_created": true, "lint": {"status": "skipped", "message": "No linter for .md files"}}
Donna2026-05-24 08:23 UTC
Let me verify all 4 build plan files were created correctly.
Tool2026-05-24 08:23 UTC
{"output": "-rw-r--r-- 1 root root 41930 May 24 08:12 /root/.hermes/plans/task-t20-build-plan.md\n-rw-r--r-- 1 root root 13707 May 24 08:22 /root/.hermes/plans/task-t21-build-plan.md\n-rw-r--r-- 1 root root 13530 May 24 08:22 /root/.hermes/plans/task-t22-build-plan.md\n-rw-r--r-- 1 root root 14006 M...
Tool2026-05-24 08:23 UTC
{"output": "1170 /root/.hermes/plans/task-t20-build-plan.md\n 318 /root/.hermes/plans/task-t21-build-plan.md\n 300 /root/.hermes/plans/task-t22-build-plan.md\n 326 /root/.hermes/plans/task-t23-build-plan.md\n 286 /root/.hermes/plans/task-t24-build-plan.md\n 2400 total", "exit_code": 0, "error": ...
Donna2026-05-24 08:23 UTC
All 4 files created. Let me do a quick content sanity check.
Tool2026-05-24 08:23 UTC
{"output": "/root/.hermes/plans/task-t21-build-plan.md:9\n/root/.hermes/plans/task-t22-build-plan.md:8\n/root/.hermes/plans/task-t23-build-plan.md:5\n/root/.hermes/plans/task-t24-build-plan.md:10", "exit_code": 0, "error": null}
Tool2026-05-24 08:23 UTC
{"output": "/root/.hermes/plans/task-t21-build-plan.md: 16 tests\n/root/.hermes/plans/task-t22-build-plan.md: 15 tests\n/root/.hermes/plans/task-t23-build-plan.md: 15 tests\n/root/.hermes/plans/task-t24-build-plan.md: 13 tests", "exit_code": 0, "error": null}
Donna2026-05-24 08:23 UTC
All fault rules confirmed across all 4 plans. Here's the summary. --- ## Summary ### What I Did Created 4 build plans for Module 4 — Email (T21-T24) at: - `/root/.hermes/plans/task-t21-build-plan.md` — BrevoService - `/root/.hermes/plans/task-t22-build-plan.md` — MailQueue - `/root/.hermes/plans/task-t23-build-plan.md` — EmailTemplates - `/root/.hermes/plans/task-t24-build-plan.md` — EmailAdmin ### Files Created | File | Lines | Size | |---|---|---| | `task-t21-build-plan.md` | 318 | 13.7 KB | | `task-t22-build-plan.md` | 300 | 13.5 KB | | `task-t23-build-plan.md` | 326 | 14.0 KB | | `task-t24-build-plan.md` | 286 | 11.8 KB | ### Fault Rule Enforcement | Rule | T21 BrevoService | T22 MailQueue | T23 EmailTemplates | T24 EmailAdmin | |---|---|---|---|---| | **FAULT-004** (CSRF on POST/DELETE) | ✅ Webhook exempt; admin routes use `checkAdminAccessWithCsrf()`→`requireValidNonce()` | ✅ POST endpoints use `checkAdminAccessWithCsrf()` | ✅ POST/PUT/DELETE use `checkAdminAccessWithCsrf()` | ✅ POST endpoints use `checkAdminAccessWithCsrf()` | | **FAULT-005/009** (≥12 tests) | ✅ **16 tests** (6 service + 3 client + 3 repo + 2 module + 2 integration) | ✅ **15 tests** (5 service + 3 processor + 3 repo + 2 module + 2 integration) | ✅ **15 tests** (5 service + 3 renderer + 3 repo + 2 module + 2 integration) | ✅ **13 tests** (5 service + 3 repo + 2 module + 3 integration) | | **FAULT-006** (PHP migration classes) | ✅ `CreateBrevoWebhookEventsMigration.php` (table: `profe_brevo_webhook_events`) | ✅ `CreateMailQueueMigration.php` (table: `profe_mail_queue`) | ✅ `CreateEmailTemplatesMigration.php` (table: `profe_email_templates`) | ✅ No new tables — no migration needed | | **FAULT-008** (Declared deps injected) | ✅ 5 deps in constructor | ✅ 5 deps in constructor | ✅ 4 deps in constructor | ✅ 7 deps in constructor | | **FAULT-002/007** (document direct profe_users) | ✅ Documented in `handleWebhook()` for email→UUID resolution | ✅ Documented in `enqueue()` for UUID lookup | ✅ N/A (no profe_users queries) | ✅ Documented in Repository for JOIN enrichment | ### Key Design Decisions - **T21 BrevoService**: Uses direct REST API via `wp_remote_post()/get()` (Brevo has no official PHP SDK v3). Creates `profe_brevo_webhook_events` table with UNIQUE key for idempotency. Webhook route CSRF/auth exempt. - **T22 MailQueue**: All email deferred (never sent inline). Exponential backoff: `NOW() + (2^attempts * 60)` seconds, max 5 retries. Idempotency via UUID `idempotency_key` UNIQUE constraint. - **T23 EmailTemplates**: Data-driven template storage (not class-per-template). Uses `{{variable}}` syntax. 27 templates defined (16 transactional, 6 campaign, 5 system). Auto-generates plain-text from HTML. - **T24 EmailAdmin**: No new tables. Reads from `profe_mail_queue`, `profe_brevo_webhook_events`, `profe_email_templates`. Test email goes through queue (never direct send). Preview never sends. ### Structure Used Each plan follows the proven pattern from existing modules (webhook_handler, billing_admin, stripe_service): - `ModuleInstanceInterface` with factory closures (FAULT-01) - `checkAdminAccess()` + `checkAdminAccessWithCsrf()` for admin routes - Repository layer with bare table names + prepared statements (FAULT-04/05) - Full test plan with Unit + Integration tests + Fixtures