feat: no-index MCP chirp + ADR-044 ephemeral port + dogfood/v1.1 cleanups (1.1.0-rc2)

.agents/skills/wardline-gate/SKILL.md

@@ -0,0 +1,65 @@
+---
+name: wardline-gate
+description: >
+  Use when scanning for or fixing trust-boundary / taint findings, when a
+  `wardline scan` reports a defect, or when wiring wardline into an agent's
+  edit-verify loop. Explains the scan -> explain -> fix-at-the-boundary ->
+  rescan cycle and the baseline-vs-waiver discipline.
+---
+
+# Wardline: the trust-boundary gate
+
+Wardline is a deterministic, whole-program static taint analyzer. It marks trust
+boundaries with two decorators from `wardline.decorators`: `@external_boundary`
+(untrusted data arriving from outside) and `@trusted` (a producer that must only
+receive validated data). When untrusted data reaches a trusted producer it raises
+`PY-WL-101` at `ERROR`.
+
+## The loop
+
+1. **Scan.** Run `wardline scan . --fail-on ERROR` (or call the `scan` MCP tool).
+   Read the gate verdict and the active (non-suppressed) findings — `active` is
+   the population the gate enforces on.
+2. **Explain.** For each active defect, call `explain_taint` with the finding's
+   `fingerprint`, `path`+`line`, and its `qualname` as `sink_qualname`. Do this
+   right after the scan and before editing — a stale fingerprint returns an error.
+   With a Loomweave store configured, pass `chain: true` to walk the full taint
+   chain back to the originating boundary.
+3. **Fix at the BOUNDARY, not the sink.** Add validation or rejection at the hop
+   where untrusted data should have been checked — not a band-aid at the sink.
+4. **Re-scan.** Confirm the finding is gone.
+
+## Exit codes (CLI path)
+
+- `0` — clean (or gate not requested).
+- `1` — the gate tripped: a non-suppressed defect at/above `--fail-on`.
+- `2` — a wardline error (bad config, unreadable path). Not a finding.
+
+Branch on the code. On a trip, read the structured report wardline just wrote —
+the finding names the function, file, and lines, which is enough to locate the
+leak.
+
+## Suppression discipline
+
+Prefer FIXING a finding. Suppress only a finding you have judged a true
+non-issue, always with a reason:
+
+- MCP `baseline` — snapshot current defects so only NEW findings surface.
+  `overwrite: false` (default) refuses to clobber an existing baseline;
+  `overwrite: true` re-derives it. A coarse, whole-set tool; requires a reason.
+- `waiver_add` — waive ONE finding by fingerprint with a mandatory reason and an
+  expiry date. An audited, time-boxed exception.
+- `wardline judge` (opt-in, network) — an LLM pass that labels each defect
+  TRUE/FALSE positive. Never runs automatically, never folded into scan; fails
+  loud with no API key so "couldn't triage" is never mistaken for "nothing to
+  triage". Above-floor false positives can be recorded as audited suppressions.
+
+## CLI vs MCP
+
+- **CLI:** `wardline scan`, `wardline judge`, `wardline baseline create/update`.
+  Branch on the exit code; read the findings file it writes.
+- **MCP:** `wardline mcp` exposes `scan`, `explain_taint`, `fix`, `judge`
+  (network), `baseline`, `waiver_add`; resources
+  `wardline://vocab|rules|config|config-schema`; and the `wardline:loop` prompt.
+  The server is stateless — the read-only tools are pure functions of your code
+  on disk and your config.

.github/workflows/release.yml

@@ -175,8 +175,42 @@ jobs:
       - name: Phase 3 subsystems
         run: CARGO_BUILD=0 bash tests/e2e/phase3_subsystems.sh
 
+  # macOS (aarch64) pre-release gate — mirrors ci.yml's rust-macos job so a
+  # macOS-only clippy/--all-targets regression cannot reach the build/publish
+  # jobs. ci.yml gates every PR, but release.yml's Linux-only `verify` left a
+  # gap for a macOS-only test/all-targets lint issue that does not break the
+  # --bin build (clarion-47d395e03c). build-rust already uses macos-14, so no
+  # new runner dependency. Restore the x86_64 (macos-13) leg here alongside the
+  # build matrix when those runners recover (clarion-ec389a8e72).
+  verify-macos:
+    name: Verify macOS (${{ matrix.target }})
+    runs-on: ${{ matrix.runner }}
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - target: aarch64-apple-darwin
+            runner: macos-14
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
+
+      - uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8
+        with:
+          toolchain: stable
+          components: clippy
+
+      - uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32
+        with:
+          key: release-verify-${{ matrix.target }}
+
+      - name: clippy
+        run: cargo clippy --workspace --all-targets --all-features -- -D warnings
+
+      - name: build workspace bins
+        run: cargo build --workspace --bins
+
   build-rust:
-    needs: [verify]
+    needs: [verify, verify-macos]
     name: Build loomweave (${{ matrix.target }})
     runs-on: ${{ matrix.runner }}
     strategy:
@@ -242,7 +276,7 @@ jobs:
           retention-days: 7
 
   build-wheels:
-    needs: [verify]
+    needs: [verify, verify-macos]
     name: Build loomweave wheel (${{ matrix.target }})
     runs-on: ${{ matrix.runner }}
     # maturin bin-wheels for PyPI. Matrix mirrors `build-rust` (Linux x86_64 +
@@ -293,7 +327,7 @@ jobs:
           retention-days: 7
 
   build-plugin:
-    needs: [verify]
+    needs: [verify, verify-macos]
     name: Build Python plugin sdist
     runs-on: ubuntu-latest
     steps:

.gitignore

@@ -36,10 +36,14 @@ tests/e2e/external-operator-smoke-results-*.md
 .loomweave/loomweave.db
 .loomweave/instance_id
 .loomweave/loomweave.lock
+.loomweave/ephemeral.port
 
 # Documentation site build output (mkdocs `site_dir`, web/mkdocs.yml).
 /site-build/
 
+# Wardline scan output written by `wardline scan` (raw, regenerated per run).
+/findings.jsonl
+
 # Filigree-managed docs — a running filigree process rewrites its managed
 # instruction blocks in these every session; untracked to avoid diff churn
 # (filigree regenerates them on demand).

.loomweave/.gitignore

@@ -9,6 +9,10 @@ loomweave.db
 instance_id
 loomweave.lock
 
+# Read-API live port discovery file (ADR-044): present only while serve runs,
+# rewritten per bind, loopback-only — a runtime artifact, never committed.
+ephemeral.port
+
 # SQLite write-ahead files never belong in the repo.
 *-wal
 *-shm

.mcp.json

@@ -1,30 +1,26 @@
 {
   "mcpServers": {
+    "filigree": {
+      "args": [],
+      "command": "/home/john/.local/bin/filigree-mcp",
+      "type": "stdio"
+    },
     "loomweave": {
       "args": [
         "serve"
       ],
-      "command": "/home/john/.local/bin/loomweave",
+      "command": "/home/john/.local/share/uv/tools/loomweave/bin/loomweave",
       "env": {},
       "type": "stdio"
     },
-    "filigree": {
-      "args": [],
-      "command": "/home/john/.local/bin/filigree-mcp",
-      "type": "stdio"
-    },
     "wardline": {
+      "type": "stdio",
+      "command": "/home/john/.local/bin/wardline",
       "args": [
         "mcp",
         "--root",
-        ".",
-        "--loomweave-url",
-        "http://127.0.0.1:9111",
-        "--filigree-url",
-        "http://127.0.0.1:8542/api/weft/scan-results"
-      ],
-      "command": "/home/john/.local/bin/wardline",
-      "type": "stdio"
+        "."
+      ]
     }
   }
 }

.pre-commit-config.yaml

@@ -19,3 +19,12 @@ repos:
         args: [--strict, --config-file=plugins/python/pyproject.toml, plugins/python]
         additional_dependencies:
           - pytest>=8.0
+  - repo: local
+    hooks:
+      - id: wardline-scan
+        name: wardline scan
+        entry: wardline scan
+        language: system
+        types: [python]
+        pass_filenames: false
+

CHANGELOG.md

@@ -12,6 +12,89 @@ only when an incompatible change is made to that surface. See
 
 ## [Unreleased]
 
+## [1.1.0rc2] — 2026-06-06
+
+Second 1.1 release candidate, rolling up dogfood-friction fixes and deferred
+v1.1 engineering items on top of rc1. No package is published for release
+candidates. (Cargo SemVer `1.1.0-rc2`; Python wheels normalise to PEP 440
+`1.1.0rc2`.)
+
+### Added
+
+- **Worktree-aware staleness (ADR-045).** `project_status_get`, the
+  `loomweave://context` resource, and the session-start banner now surface
+  `indexed_at_commit` + `worktree_dirty`, and a new `Staleness::StaleWorktree`
+  verdict fires when an otherwise-fresh index has untracked source on disk.
+  Detection uses a hardened, hash-free `git ls-files --others` scoped to ingested
+  source extensions (false-positive guard), proven filter-safe by test — closes
+  the "fresh lies about uncommitted code" friction (clarion-26c7e52027,
+  clarion-d9cf8bcfa9).
+
+### Changed
+
+- **`.loomweave/.gitignore` (ADR-005)** now also excludes `instance_id` and
+  `*.lock`, so `git add -A` no longer stages the per-project serve fingerprint or
+  the analyze advisory lock; ADR-005 documents the live-index commit hazard and
+  points at `loomweave db backup` (clarion-7381e6382d).
+- **WAL hygiene.** The storage writer-actor runs `PRAGMA wal_checkpoint(TRUNCATE)`
+  after each committed run, so the on-disk `loomweave.db` reflects committed state
+  while `serve` is alive instead of lagging behind a multi-MB WAL sidecar
+  (clarion-cdee445ed8).
+- **Release CI parity.** `release.yml` gains a macOS aarch64 `verify-macos` gate
+  (mirroring `ci.yml`) wired into the build/publish `needs` chain, closing the
+  gap where a macOS-only lint/test regression could reach the build jobs
+  (clarion-47d395e03c).
+
+### Removed
+
+- **Dead `entity_fts.content_text` column** dropped via migration 0009 — it was
+  never populated and never read (content search is served by the ADR-040
+  embeddings sidecar). `CURRENT_SCHEMA_VERSION` is now 9 (clarion-716449c371).
+
+### Docs
+
+- macOS Gatekeeper quarantine workaround added to `getting-started.md`
+  Troubleshooting (clarion-03dfa1f94d).
+- ADR-024 in-place migration-retirement guard activated: `published_build.txt`
+  backfilled to `v1.0.0` (first published build; 0001 byte-identical since), so
+  later schema changes must be additive migrations (clarion-b20448b3ac).
+
+## [1.1.0rc1] — 2026-06-06
+
+First 1.1 release candidate. No package is published for release candidates —
+the `1.1.0` package ships only at the final tag. (Cargo SemVer `1.1.0-rc1`;
+the Python wheels normalise to PEP 440 `1.1.0rc1`.)
+
+### Added
+
+- **Read-API ephemeral port publication (ADR-044).** `loomweave serve` binds a
+  per-project **deterministic** read-API port (blake3 over the canonical project
+  path, band `9400–10399`, disjoint from Filigree's `8400–9399`) with an
+  OS-assigned **ephemeral fallback** when that port is taken, and publishes the
+  *actually bound* port to `.loomweave/ephemeral.port` — a normative cross-product
+  file contract (port-only ASCII + optional trailing newline, atomic temp+rename,
+  **loopback-only**, removed on clean shutdown). This resolves the cross-project
+  `127.0.0.1:9111` bind collision so multiple projects can `serve` concurrently
+  without mis-targeting one another. New consume-time resolver
+  `resolve_loomweave_url` (precedence: explicit target > published file >
+  configured URL > none) is the reference reader; `doctor` and
+  `project_status_get` report the live published endpoint. The published file is
+  git-ignored.
+- **No-index degraded MCP mode.** `serve` on a project with no index no longer
+  exits 1 — it serves a degraded MCP stdio session that answers `initialize` and
+  chirps to run `loomweave install` + `loomweave analyze` from every tool call,
+  so the MCP client connects and is told how to recover.
+
+### Changed
+
+- **`serve.http.bind` is now optional** (`Option<SocketAddr>`). Unset — the new
+  default — auto-selects and publishes the per-project deterministic port; an
+  explicit value is honoured verbatim (no fallback). The installer no longer
+  stamps `serve.http.bind: 127.0.0.1:9111`, the integration bindings write the
+  per-project deterministic loomweave URL, and `install`/`doctor --fix` self-heal
+  the stale hard-coded `9111` stamp on existing projects.
+- Version bumped to `1.1.0rc1` across the Rust workspace and the Python plugin.
+
 ## [1.0.0] — Loomweave — 2026-06-05
 
 **This release renames the product and re-baselines its version.** What shipped

Cargo.toml

@@ -12,7 +12,7 @@ members = [
 ]
 
 [workspace.package]
-version = "1.0.0"
+version = "1.1.0-rc2"
 edition = "2024"
 license = "MIT"
 repository = "https://github.com/foundryside-dev/loomweave"