chore: add copyright headers, CI tests, and sanitize gitignore

2026-04-25 04:16:22 +02:00 · 2026-03-31 22:13:34 +10:00 · 2026-03-31 22:13:34 +10:00 · d1f844235e
commit d1f844235e
parent 5cbb3d89d3
325 changed files with 2267 additions and 902 deletions
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -0,0 +1,31 @@
 name: Go Tests
 on:
  push:
    branches: [ "main", "master" ]
  pull_request:
    branches: [ "main", "master" ]
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Set up Go
        uses: actions/setup-go@v5
        with:
          go-version: '1.25.0'
          cache: true
      - name: Build
        run: go build -v ./...
      - name: Test
        run: go test -v ./...
      - name: Vet & Lint
        run: |
          go vet ./...
          go install honnef.co/go/tools/cmd/staticcheck@latest
          staticcheck ./...
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,35 @@
 # Binaries
 *.exe
 *.exe~
 *.dll
 *.so
 *.dylib
 gomcp
 soc
 immune
 sidecar
 dist/
 # Databases
 *.db
 *.sqlite
 *.sqlite3
 *.wal
 *.shm
 # Logs & Secrets
 *.log
 .env
 *.key
 .decisions.log
 sentinel_leash
 .rlm/
 # IDE
 .vscode/
 .idea/
 *.swp
 *.swo
 # Vendor
 vendor/
--- a/README.md
+++ b/README.md
@ -1,18 +1,18 @@
-# GoMCP: Recursive Language Model Server
+# GoMCP: The Secure Memory Core for AI Agents
 ![Go Version](https://img.shields.io/badge/Go-1.25.0-blue.svg)
 ![License](https://img.shields.io/badge/License-Apache_2.0-green.svg)
 ![Protocol](https://img.shields.io/badge/MCP-Supported-orange.svg)
-> **The only Open-Source RLM (Recursive Language Model) Memory Server with Mathematically Proven Safety.**
+> **"Единственный RLM-сервер памяти с математически доказанной безопасностью (Sentinel Lattice). Работает локально, масштабируется глобально."**
 GoMCP is the enterprise core of the Syntrex AI SOC ecosystem. It is an extremely fast, secure, and persistent Model Context Protocol (MCP) server entirely written in Go. GoMCP gives Large Language Models a permanent, evolving memory and self-modifying context, transforming standard text agents into self-improving persistent intelligences.
 ## 🚀 Key Features
- **Context Consciousness Crystal (C³):** Hierarchical memory layers (L0-L3) combined with SQLite-backed temporal caching.
+- 🛡️ **Sentinel Lattice Primitives:** (TSA, CAFL, GPS...)
- **57+ Native MCP Tools:** Deeply integrated tools for agentic self-reflection, codebase navigation, and file editing. 
+- ⚡ **Sub-millisecond latency:** Pure Go execution with optional Rust bindings
- **Sub-millisecond latency:** Engineered for speed and durability under enterprise loads.
+- 🔌 **57+ Native MCP Tools:** Deeply integrated tools right out of the box
- **Secure by Default:** Zero-G execution environment and robust isolation from the main operating system logic. DoH shielding, uTLS protocols, and session resumption natively integrated.
+- 💾 **Persistent Causal Graph Memory:** Hierarchical memory layers (L0-L3) backed by robust SQLite temporal caching
 ## ⚡ Quick Start
--- a/add_headers.py
+++ b/add_headers.py
@ -0,0 +1,22 @@
 import os
 import glob
 HEADER = """// Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 """
 def run():
    for filepath in glob.glob("**/*.go", recursive=True):
        if os.path.isfile(filepath):
            with open(filepath, 'r', encoding='utf-8') as f:
                content = f.read()
            # Skip if already has header
            if "Copyright 2026 Syntrex Lab" not in content:
                with open(filepath, 'w', encoding='utf-8') as f:
                    f.write(HEADER + content)
 if __name__ == '__main__':
    run()
--- a/cmd/gomcp/main.go
+++ b/cmd/gomcp/main.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // GoMCP v2 — High-performance Go-native MCP server for the RLM Toolkit.
 // Provides hierarchical persistent memory, cognitive state management,
 // causal reasoning chains, and code crystal indexing.
--- a/cmd/immune/main.go
+++ b/cmd/immune/main.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package main provides the SENTINEL immune agent (SEC-002 eBPF Runtime Guard).
 //
 // The immune agent monitors SOC processes at the kernel level using eBPF
--- a/cmd/sidecar/main.go
+++ b/cmd/sidecar/main.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package main provides the Universal Sidecar CLI entry point (§5.5).
 //
 // Usage:
--- a/cmd/soc-correlate/main.go
+++ b/cmd/soc-correlate/main.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package main provides the SOC Correlate process (SEC-001 Process Isolation).
 //
 // Responsibility: Receives persisted events from soc-ingest via IPC,
--- a/cmd/soc-ingest/main.go
+++ b/cmd/soc-ingest/main.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package main provides the SOC Ingest process (SEC-001 Process Isolation).
 //
 // Responsibility: HTTP endpoint, authentication, secret scanner,
--- a/cmd/soc-respond/main.go
+++ b/cmd/soc-respond/main.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package main provides the SOC Respond process (SEC-001 Process Isolation).
 //
 // Responsibility: Receives incidents from soc-correlate via IPC,
--- a/cmd/soc/main.go
+++ b/cmd/soc/main.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package main provides the standalone SOC API server entry point.
 //
 // @title SYNTREX Sentinel SOC API
@ -29,10 +33,10 @@ import (
 	"syscall"
 	"github.com/syntrex-lab/gomcp/internal/application/soc"
 	socdomain "github.com/syntrex-lab/gomcp/internal/domain/soc"
 	"github.com/syntrex-lab/gomcp/internal/domain/engines"
-	"github.com/syntrex-lab/gomcp/internal/infrastructure/auth"
+	socdomain "github.com/syntrex-lab/gomcp/internal/domain/soc"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/audit"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/auth"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/email"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/logging"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/postgres"
@ -274,4 +278,3 @@ func configureMemorySafety(logger *slog.Logger) {
 		"sys_mib", m.Sys/1024/1024,
 	)
 }
--- a/cmd/syntrex-proxy/main.go
+++ b/cmd/syntrex-proxy/main.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // syntrex-proxy — transparent reverse proxy that scans LLM prompts.
 //
 // Usage:
--- a/docs/docs.go
+++ b/docs/docs.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package docs Code generated by swaggo/swag. DO NOT EDIT
 package docs
--- a/internal/application/contextengine/config.go
+++ b/internal/application/contextengine/config.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package contextengine
 import (
--- a/internal/application/contextengine/config_test.go
+++ b/internal/application/contextengine/config_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package contextengine
 import (
@ -5,9 +9,9 @@ import (
 	"path/filepath"
 	"testing"
 	ctxdomain "github.com/syntrex-lab/gomcp/internal/domain/context"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	ctxdomain "github.com/syntrex-lab/gomcp/internal/domain/context"
 )
 func TestLoadConfig_FileNotExists(t *testing.T) {
--- a/internal/application/contextengine/engine.go
+++ b/internal/application/contextengine/engine.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package contextengine implements the Proactive Context Engine.
 // It automatically injects relevant memory facts into every MCP tool response
 // via ToolHandlerMiddleware, so the LLM always has context without asking.
--- a/internal/application/contextengine/engine_test.go
+++ b/internal/application/contextengine/engine_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package contextengine
 import (
@ -10,9 +14,9 @@ import (
 	"github.com/mark3labs/mcp-go/mcp"
 	"github.com/syntrex-lab/gomcp/internal/domain/memory"
 	ctxdomain "github.com/syntrex-lab/gomcp/internal/domain/context"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	ctxdomain "github.com/syntrex-lab/gomcp/internal/domain/context"
 )
 // --- Mock FactProvider ---
--- a/internal/application/contextengine/processor.go
+++ b/internal/application/contextengine/processor.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package contextengine — processor.go
 // Processes unprocessed interaction log entries into session summary facts.
 // This closes the memory loop: tool calls → interaction log → summary facts → boot instructions.
--- a/internal/application/contextengine/processor_test.go
+++ b/internal/application/contextengine/processor_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package contextengine
 import (
@ -5,10 +9,10 @@ import (
 	"testing"
 	"time"
 	"github.com/syntrex-lab/gomcp/internal/domain/memory"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/syntrex-lab/gomcp/internal/domain/memory"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 )
 // --- mock FactStore for processor tests ---
--- a/internal/application/contextengine/provider.go
+++ b/internal/application/contextengine/provider.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package contextengine
 import (
--- a/internal/application/contextengine/provider_test.go
+++ b/internal/application/contextengine/provider_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package contextengine
 import (
@ -6,9 +10,9 @@ import (
 	"sync"
 	"testing"
 	"github.com/syntrex-lab/gomcp/internal/domain/memory"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/syntrex-lab/gomcp/internal/domain/memory"
 )
 // --- Mock FactStore for provider tests ---
--- a/internal/application/lifecycle/manager.go
+++ b/internal/application/lifecycle/manager.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package lifecycle manages graceful shutdown with auto-save of session state,
 // cache flush, and database closure.
 package lifecycle
--- a/internal/application/lifecycle/manager_test.go
+++ b/internal/application/lifecycle/manager_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package lifecycle
 import (
--- a/internal/application/lifecycle/shredder.go
+++ b/internal/application/lifecycle/shredder.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package lifecycle
 import (
--- a/internal/application/lifecycle/shredder_test.go
+++ b/internal/application/lifecycle/shredder_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package lifecycle
 import (
--- a/internal/application/orchestrator/config.go
+++ b/internal/application/orchestrator/config.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package orchestrator
 import (
--- a/internal/application/orchestrator/config_test.go
+++ b/internal/application/orchestrator/config_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package orchestrator
 import (
--- a/internal/application/orchestrator/orchestrator.go
+++ b/internal/application/orchestrator/orchestrator.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package orchestrator implements the DIP Heartbeat Orchestrator.
 //
 // The orchestrator runs a background loop with 4 modules:
--- a/internal/application/orchestrator/orchestrator_test.go
+++ b/internal/application/orchestrator/orchestrator_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package orchestrator
 import (
--- a/internal/application/resilience/behavioral.go
+++ b/internal/application/resilience/behavioral.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resilience
 import (
--- a/internal/application/resilience/behavioral_test.go
+++ b/internal/application/resilience/behavioral_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resilience
 import (
--- a/internal/application/resilience/healing_engine.go
+++ b/internal/application/resilience/healing_engine.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resilience
 import (
--- a/internal/application/resilience/healing_engine_test.go
+++ b/internal/application/resilience/healing_engine_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resilience
 import (
--- a/internal/application/resilience/healing_strategies.go
+++ b/internal/application/resilience/healing_strategies.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resilience
 import "time"
--- a/internal/application/resilience/health_monitor.go
+++ b/internal/application/resilience/health_monitor.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resilience
 import (
--- a/internal/application/resilience/health_monitor_test.go
+++ b/internal/application/resilience/health_monitor_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resilience
 import (
--- a/internal/application/resilience/integrity.go
+++ b/internal/application/resilience/integrity.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resilience
 import (
--- a/internal/application/resilience/metrics_collector.go
+++ b/internal/application/resilience/metrics_collector.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package resilience implements the Sentinel Autonomous Resilience Layer (SARL).
 //
 // Five levels of autonomous self-recovery:
--- a/internal/application/resilience/preservation.go
+++ b/internal/application/resilience/preservation.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resilience
 import (
--- a/internal/application/resilience/preservation_test.go
+++ b/internal/application/resilience/preservation_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resilience
 import (
--- a/internal/application/resilience/recovery_playbooks.go
+++ b/internal/application/resilience/recovery_playbooks.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resilience
 import (
--- a/internal/application/resilience/recovery_playbooks_test.go
+++ b/internal/application/resilience/recovery_playbooks_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resilience
 import (
--- a/internal/application/resources/provider.go
+++ b/internal/application/resources/provider.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package resources provides MCP resource implementations.
 package resources
--- a/internal/application/resources/provider_test.go
+++ b/internal/application/resources/provider_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package resources
 import (
@ -5,11 +9,11 @@ import (
 	"encoding/json"
 	"testing"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/syntrex-lab/gomcp/internal/domain/memory"
 	"github.com/syntrex-lab/gomcp/internal/domain/session"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 func newTestProvider(t *testing.T) (*Provider, *sqlite.DB, *sqlite.DB) {
--- a/internal/application/shadow_ai/approval.go
+++ b/internal/application/shadow_ai/approval.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package shadow_ai
 import (
--- a/internal/application/shadow_ai/correlation.go
+++ b/internal/application/shadow_ai/correlation.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package shadow_ai
 import (
--- a/internal/application/shadow_ai/detection.go
+++ b/internal/application/shadow_ai/detection.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package shadow_ai
 import (
--- a/internal/application/shadow_ai/doc_bridge.go
+++ b/internal/application/shadow_ai/doc_bridge.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package shadow_ai
 import (
--- a/internal/application/shadow_ai/fallback.go
+++ b/internal/application/shadow_ai/fallback.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package shadow_ai
 import (
--- a/internal/application/shadow_ai/health.go
+++ b/internal/application/shadow_ai/health.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package shadow_ai
 import (
--- a/internal/application/shadow_ai/interfaces.go
+++ b/internal/application/shadow_ai/interfaces.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package shadow_ai implements the Sentinel Shadow AI Control Module.
 //
 // Five levels of shadow AI management:
--- a/internal/application/shadow_ai/plugins.go
+++ b/internal/application/shadow_ai/plugins.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package shadow_ai
 import (
--- a/internal/application/shadow_ai/registry.go
+++ b/internal/application/shadow_ai/registry.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package shadow_ai
 import (
--- a/internal/application/shadow_ai/shadow_ai_test.go
+++ b/internal/application/shadow_ai/shadow_ai_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package shadow_ai
 import (
@ -1222,4 +1226,3 @@ func TestController_ReviewDocument_WithSecrets(t *testing.T) {
 		t.Fatal("blocked docs should not create approval")
 	}
 }
--- a/internal/application/shadow_ai/soc_integration.go
+++ b/internal/application/shadow_ai/soc_integration.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package shadow_ai
 import (
--- a/internal/application/sidecar/client.go
+++ b/internal/application/sidecar/client.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package sidecar
 import (
--- a/internal/application/sidecar/parser.go
+++ b/internal/application/sidecar/parser.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package sidecar implements the Universal Sidecar (§5.5) — a zero-dependency
 // Go binary that runs alongside SENTINEL sensors, tails their STDOUT/logs,
 // and pushes parsed security events to the SOC Event Bus.
--- a/internal/application/sidecar/sidecar.go
+++ b/internal/application/sidecar/sidecar.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package sidecar
 import (
--- a/internal/application/sidecar/sidecar_test.go
+++ b/internal/application/sidecar/sidecar_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package sidecar
 import (
--- a/internal/application/sidecar/tailer.go
+++ b/internal/application/sidecar/tailer.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package sidecar
 import (
--- a/internal/application/soc/analytics.go
+++ b/internal/application/soc/analytics.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package soc provides SOC analytics: event trends, severity distribution,
 // top sources, MITRE ATT&CK coverage, and time-series aggregation.
 package soc
--- a/internal/application/soc/analytics_test.go
+++ b/internal/application/soc/analytics_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package soc
 import (
--- a/internal/application/soc/e2e_test.go
+++ b/internal/application/soc/e2e_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package soc
 import (
@ -524,4 +528,3 @@ func TestE2E_CrescendoEscalation(t *testing.T) {
 	assert.Equal(t, domsoc.SeverityCritical, lastInc.Severity)
 	assert.Contains(t, lastInc.MITREMapping, "T1059")
 }
--- a/internal/application/soc/ingest_bench_test.go
+++ b/internal/application/soc/ingest_bench_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package soc
 import (
--- a/internal/application/soc/load_test.go
+++ b/internal/application/soc/load_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package soc
 import (
--- a/internal/application/soc/service.go
+++ b/internal/application/soc/service.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package soc provides application services for the SENTINEL AI SOC subsystem.
 package soc
@ -213,7 +217,6 @@ func (s *Service) TestWebhook() []WebhookResult {
 	return wh.NotifyIncident("webhook_test", testIncident)
 }
 // Drain puts the service into drain mode (§15.7 Stage 1).
 // New events are rejected with ErrDraining; existing processing continues.
 func (s *Service) Drain() {
@ -301,6 +304,7 @@ func (s *Service) runRetentionPurge() {
 		}
 	}
 }
 // IngestEvent processes an incoming security event through the SOC pipeline.
 // Returns the event ID and any incident created by correlation.
 //
@ -1161,7 +1165,7 @@ func (s *Service) Dashboard(tenantID string) (*DashboardData, error) {
 		return nil, err
 	}
-	lastHourEvents, err := s.repo.CountEventsSince(tenantID, time.Now().Add(-1 * time.Hour))
+	lastHourEvents, err := s.repo.CountEventsSince(tenantID, time.Now().Add(-1*time.Hour))
 	if err != nil {
 		return nil, err
 	}
--- a/internal/application/soc/service_test.go
+++ b/internal/application/soc/service_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package soc
 import (
--- a/internal/application/soc/stix_feed.go
+++ b/internal/application/soc/stix_feed.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package soc
 import (
--- a/internal/application/soc/stix_feed_test.go
+++ b/internal/application/soc/stix_feed_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package soc
 import (
--- a/internal/application/soc/threat_intel.go
+++ b/internal/application/soc/threat_intel.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package soc provides a threat intelligence feed integration
 // for enriching SOC events and correlation rules.
 //
--- a/internal/application/soc/threat_intel_test.go
+++ b/internal/application/soc/threat_intel_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package soc
 import (
--- a/internal/application/soc/webhook.go
+++ b/internal/application/soc/webhook.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package webhook provides outbound SOAR webhook notifications
 // for the SOC pipeline. Fires HTTP POST on incident creation/update.
 package soc
@ -80,8 +84,6 @@ func NewWebhookNotifier(config WebhookConfig) *WebhookNotifier {
 	}
 }
 // NotifyIncident sends an incident webhook to all configured endpoints.
 // Non-blocking: fires goroutines for each endpoint.
 func (w *WebhookNotifier) NotifyIncident(eventType string, incident *domsoc.Incident) []WebhookResult {
--- a/internal/application/tools/apathy_service.go
+++ b/internal/application/tools/apathy_service.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package tools — Apathy Detection and Apoptosis Recovery (DIP H1.4).
 //
 // This file implements:
--- a/internal/application/tools/apathy_service_test.go
+++ b/internal/application/tools/apathy_service_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
--- a/internal/application/tools/causal_service.go
+++ b/internal/application/tools/causal_service.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
--- a/internal/application/tools/causal_service_test.go
+++ b/internal/application/tools/causal_service_test.go
@ -1,12 +1,16 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
 	"context"
 	"testing"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 )
 func newTestCausalService(t *testing.T) *CausalService {
--- a/internal/application/tools/crystal_service.go
+++ b/internal/application/tools/crystal_service.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
--- a/internal/application/tools/crystal_service_test.go
+++ b/internal/application/tools/crystal_service_test.go
@ -1,12 +1,16 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
 	"context"
 	"testing"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 )
 func newTestCrystalService(t *testing.T) *CrystalService {
--- a/internal/application/tools/decision_recorder.go
+++ b/internal/application/tools/decision_recorder.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 // DecisionRecorder is the interface for recording tamper-evident decisions (v3.7).
--- a/internal/application/tools/doctor.go
+++ b/internal/application/tools/doctor.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
--- a/internal/application/tools/fact_service.go
+++ b/internal/application/tools/fact_service.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package tools provides application-level tool services that bridge
 // domain logic with MCP tool handlers.
 package tools
--- a/internal/application/tools/fact_service_test.go
+++ b/internal/application/tools/fact_service_test.go
@ -1,13 +1,17 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
 	"context"
 	"testing"
 	"github.com/syntrex-lab/gomcp/internal/domain/memory"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/syntrex-lab/gomcp/internal/domain/memory"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 )
 func newTestFactService(t *testing.T) *FactService {
--- a/internal/application/tools/intent_service.go
+++ b/internal/application/tools/intent_service.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package tools provides application-level tool services.
 // This file adds the Intent Distiller MCP tool integration (DIP H0.2).
 package tools
--- a/internal/application/tools/pulse.go
+++ b/internal/application/tools/pulse.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
--- a/internal/application/tools/session_service.go
+++ b/internal/application/tools/session_service.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
--- a/internal/application/tools/session_service_test.go
+++ b/internal/application/tools/session_service_test.go
@ -1,13 +1,17 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
 	"context"
 	"testing"
 	"github.com/syntrex-lab/gomcp/internal/domain/session"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/syntrex-lab/gomcp/internal/domain/session"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 )
 func newTestSessionService(t *testing.T) *SessionService {
--- a/internal/application/tools/synapse_service.go
+++ b/internal/application/tools/synapse_service.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
--- a/internal/application/tools/system_service.go
+++ b/internal/application/tools/system_service.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
--- a/internal/application/tools/system_service_test.go
+++ b/internal/application/tools/system_service_test.go
@ -1,12 +1,16 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package tools
 import (
 	"context"
 	"testing"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/syntrex-lab/gomcp/internal/infrastructure/sqlite"
 )
 func newTestSystemService(t *testing.T) *SystemService {
--- a/internal/config/config.go
+++ b/internal/config/config.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package config
 import (
--- a/internal/config/config_test.go
+++ b/internal/config/config_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package config
 import (
--- a/internal/domain/alert/alert.go
+++ b/internal/domain/alert/alert.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package alert defines the Alert domain entity and severity levels
 // for the DIP-Watcher proactive monitoring system.
 package alert
--- a/internal/domain/alert/alert_test.go
+++ b/internal/domain/alert/alert_test.go
@ -1,12 +1,16 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package alert_test
 import (
 	"testing"
 	"time"
 	"github.com/syntrex-lab/gomcp/internal/domain/alert"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/syntrex-lab/gomcp/internal/domain/alert"
 )
 func TestAlert_New(t *testing.T) {
--- a/internal/domain/alert/bus.go
+++ b/internal/domain/alert/bus.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package alert
 import "sync"
--- a/internal/domain/causal/chain.go
+++ b/internal/domain/causal/chain.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package causal defines domain entities for causal reasoning chains.
 package causal
--- a/internal/domain/causal/chain_test.go
+++ b/internal/domain/causal/chain_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package causal
 import (
--- a/internal/domain/circuitbreaker/breaker.go
+++ b/internal/domain/circuitbreaker/breaker.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package circuitbreaker implements a state machine that controls
 // the health of recursive pipelines (DIP H1.1).
 //
--- a/internal/domain/circuitbreaker/breaker_test.go
+++ b/internal/domain/circuitbreaker/breaker_test.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package circuitbreaker
 import (
--- a/internal/domain/context/context.go
+++ b/internal/domain/context/context.go
@ -1,3 +1,7 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 // Package context defines domain entities for the Proactive Context Engine.
 // The engine automatically injects relevant memory facts into every tool response,
 // ensuring the LLM always has context without explicitly requesting it.
--- a/internal/domain/context/context_test.go
+++ b/internal/domain/context/context_test.go
@ -1,12 +1,16 @@
 // Copyright 2026 Syntrex Lab. All rights reserved.
 // Use of this source code is governed by an Apache-2.0 license
 // that can be found in the LICENSE file.
 package context
 import (
 	"testing"
 	"time"
 	"github.com/syntrex-lab/gomcp/internal/domain/memory"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/syntrex-lab/gomcp/internal/domain/memory"
 )
 // --- ScoredFact tests ---
--- a/Show more
+++ b/Show more