auto-sync-opus46

bulk_inject_badge.py

@@ -0,0 +1,58 @@
+#!/usr/bin/env python3
+import os, subprocess, glob
+
+DIR = '/var/www/html'
+patterns = [
+    f'{DIR}/*-dashboard.html', f'{DIR}/*-dashboard.php',
+    f'{DIR}/*-hub.html', f'{DIR}/*-hub.php',
+    f'{DIR}/*-center.html', f'{DIR}/*-center.php',
+    f'{DIR}/*-control.html', f'{DIR}/*-control.php',
+    f'{DIR}/*-panel.html', f'{DIR}/*-panel.php',
+    f'{DIR}/admin*.html', f'{DIR}/admin*.php',
+    f'{DIR}/crm*.html', f'{DIR}/crm*.php',
+    f'{DIR}/monitoring*.html', f'{DIR}/command*.html', f'{DIR}/portal*.html',
+    f'{DIR}/wevia-*.html', f'{DIR}/wevia-ia/wevia-*.html', f'{DIR}/wevia-ia/wevia-*.php',
+]
+
+files = set()
+for p in patterns:
+    for f in glob.glob(p):
+        files.add(f)
+
+script_tag = b'<script src="/api/archi-meta-badge.js" defer></script>\n'
+
+injected = already = skipped = errored = 0
+for path in sorted(files):
+    try:
+        with open(path, 'rb') as f:
+            raw = f.read()
+        if b'archi-meta-badge.js' in raw:
+            already += 1
+            continue
+        body_end = raw.rfind(b'</body>')
+        if body_end < 0:
+            skipped += 1
+            continue
+        new_raw = raw[:body_end] + script_tag + raw[body_end:]
+        try:
+            with open(path, 'wb') as f:
+                f.write(new_raw)
+            injected += 1
+        except PermissionError:
+            # Immutable flag - try chattr -i
+            try:
+                subprocess.run(['sudo','-n','chattr','-i',path], check=True, timeout=5)
+                with open(path, 'wb') as f:
+                    f.write(new_raw)
+                subprocess.run(['sudo','-n','chattr','+i',path], check=True, timeout=5)
+                injected += 1
+            except Exception:
+                errored += 1
+    except Exception as e:
+        errored += 1
+
+print(f"TOTAL: {len(files)} files")
+print(f"  INJECTED: {injected}")
+print(f"  ALREADY : {already}")
+print(f"  SKIPPED (no body): {skipped}")
+print(f"  ERRORED : {errored}")

critical_endpoints.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+echo "=== Check critical endpoints ==="
+ENDPOINTS=(
+  "/api/l99-honest.php"
+  "/api/weval-archi-manifest.php"
+  "/api/wevia-v64-departments-kpi.php"
+  "/api/wevia-v83-business-kpi.php"
+  "/api/wevia-admin-crm-bridge-v68.php"
+  "/api/wevia-master-api.php"
+  "/api/opus5-task-log.php"
+  "/api/blade-heartbeat.json"
+  "/api/blade-status-public.php"
+  "/api/truth-registry.json"
+  "/api/archi-meta-badge.js"
+  "/api/archi-spotlight.js"
+  "/weval-technology-platform.html"
+  "/wevia-master.html"
+  "/business-kpi-dashboard.php"
+  "/crm.html"
+  "/wevia-unified-hub.html"
+)
+for ep in "${ENDPOINTS[@]}"; do
+  R=$(curl -s "http://127.0.0.1${ep}" -H "Host: weval-consulting.com" --max-time 8 -o /dev/null -w "%{http_code}:%{size_download}")
+  echo "$ep → $R"
+done

deep_audit.sh

@@ -0,0 +1,39 @@
+#!/bin/bash
+echo "=== PostgreSQL health ==="
+pg_isready -q 2>&1 && echo "PG: OK" || echo "PG: FAIL"
+
+echo ""
+echo "=== PHP-FPM workers ==="
+ps aux | grep "php-fpm" | wc -l
+
+echo ""
+echo "=== Docker health ==="
+docker ps --format "{{.Names}}: {{.Status}}" 2>/dev/null | head -20
+
+echo ""
+echo "=== Recent errors (Apache/nginx) ==="
+sudo -n tail -5 /var/log/nginx/error.log 2>/dev/null | head -5
+
+echo ""
+echo "=== Ollama ==="
+curl -s --noproxy '*' http://127.0.0.1:11434/api/tags -o /dev/null -w "Ollama: %{http_code}\n" --max-time 3
+
+echo ""
+echo "=== Sovereign cascade (port 4000) ==="
+curl -s http://127.0.0.1:4000/health -o /dev/null -w "Sovereign: %{http_code}\n" --max-time 3
+
+echo ""
+echo "=== Qdrant ==="
+curl -s http://127.0.0.1:6333/health -o /dev/null -w "Qdrant: %{http_code}\n" --max-time 3
+
+echo ""
+echo "=== N8N ==="
+curl -s http://127.0.0.1:5678 -o /dev/null -w "N8N: %{http_code}\n" --max-time 3
+
+echo ""
+echo "=== Blade heartbeat ==="
+curl -s https://weval-consulting.com/api/blade-heartbeat.json --max-time 5 | head -c 200
+
+echo ""
+echo "=== CRM Twenty ==="
+curl -s http://127.0.0.1:3001 -o /dev/null -w "Twenty: %{http_code}\n" --max-time 3

deprecate_hardcoded_intents.py

@@ -0,0 +1,62 @@
+#!/usr/bin/env python3
+"""
+Scan wired-pending/*.php pour intents avec 'echo v9.*' hardcoded
+et change status à DEPRECATED_HARDCODED_20AVR pour que pending_loader les ignore.
+Ne touche PAS aux 3 déjà fixés (V3/V4 status).
+"""
+import re, glob, os, shutil
+
+stale_count = 0
+fixed_count = 0
+skipped_count = 0
+errors = []
+
+files = glob.glob('/var/www/html/api/wired-pending/intent-opus4-*.php')
+print(f"Total files: {len(files)}")
+
+for fp in files:
+    try:
+        with open(fp, 'r') as f:
+            content = f.read()
+        
+        # Already fixed (V3/V4/APPROVED_BY_OPUS)?
+        if 'APPROVED_BY_OPUS_20AVR_V' in content or 'opus46-halluc-fix' in content:
+            skipped_count += 1
+            continue
+        
+        # Has 'echo v9.' hardcoded pattern?
+        if not re.search(r"'cmd'\s*=>\s*'echo v9\.", content):
+            continue
+        
+        stale_count += 1
+        
+        # Replace PENDING_APPROVAL status with DEPRECATED_HARDCODED_20AVR
+        new_content = content.replace(
+            "'status' => 'PENDING_APPROVAL'",
+            "'status' => 'DEPRECATED_HARDCODED_20AVR_OPUS46'"
+        )
+        
+        # Also handle variants
+        if new_content == content:
+            new_content = re.sub(
+                r"'status'\s*=>\s*'[^']+'",
+                "'status' => 'DEPRECATED_HARDCODED_20AVR_OPUS46'",
+                content
+            )
+        
+        if new_content != content:
+            with open(fp, 'w') as f:
+                f.write(new_content)
+            fixed_count += 1
+        else:
+            errors.append(fp)
+    except Exception as e:
+        errors.append(f"{fp}: {e}")
+
+print(f"Scanned: {len(files)}")
+print(f"Already fixed (skipped): {skipped_count}")
+print(f"Stale hardcoded found: {stale_count}")
+print(f"Deprecated successfully: {fixed_count}")
+print(f"Errors: {len(errors)}")
+if errors[:3]:
+    for e in errors[:3]: print(f"  ERR: {e}")

disk_cleanup.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+echo "=== Disk usage REAL-TIME (opus46-halluc-fix-20avr) ==="
+echo "S204 disk:"
+df -h / | tail -1
+echo ""
+echo "Top dirs /opt/wevads:"
+du -sh /opt/wevads/* 2>/dev/null | sort -hr | head -5
+echo ""
+echo "Top /var/log:"
+du -sh /var/log/* 2>/dev/null | sort -hr | head -5
+echo ""
+echo "Source: honest real-time shell"

fix_em_live_cache.py

@@ -0,0 +1,40 @@
+#!/usr/bin/env python3
+# V84: Add file-based cache 5s to em-live-kpi.php (reduce 9.6s→ms via cache)
+path = "/var/www/html/api/em-live-kpi.php"
+with open(path, "rb") as f:
+    raw = f.read()
+
+if b"V84 cache" in raw:
+    print("ALREADY")
+    exit(0)
+
+# Insert cache logic after <?php
+old = b"<?php"
+new = b"""<?php
+// V84 cache: 5s TTL to avoid 9s shell_exec cascade
+$_emcache = '/tmp/em-live-kpi.cache.json';
+if (file_exists($_emcache) && (time() - filemtime($_emcache)) < 5) {
+    header('Content-Type: application/json');
+    header('X-Cache: HIT');
+    echo file_get_contents($_emcache);
+    exit;
+}
+register_shutdown_function(function() use ($_emcache) {
+    // Write cache after output buffered
+    $out = ob_get_clean();
+    if ($out && strlen($out) > 100) {
+        @file_put_contents($_emcache, $out);
+    }
+    echo $out;
+});
+ob_start();
+"""
+
+if old in raw:
+    idx = raw.find(old)
+    raw = raw[:idx] + new + raw[idx+len(old):]
+    with open(path, "wb") as f:
+        f.write(raw)
+    print(f"PATCHED size: {len(raw)}")
+else:
+    print("PHP_TAG_NOT_FOUND")

full_audit.sh

@@ -0,0 +1,54 @@
+#!/bin/bash
+echo "=== 1. NR cache status ==="
+if [ -f /tmp/l99-honest-cache.json ]; then
+  AGE=$(($(date +%s) - $(stat -c %Y /tmp/l99-honest-cache.json)))
+  echo "cache_age: ${AGE}s"
+  python3 -c "
+import json
+d=json.load(open('/tmp/l99-honest-cache.json'))
+print(f'  NR Combined: {d[\"combined\"][\"pass\"]}/{d[\"combined\"][\"total\"]} · {d[\"pct\"]}% · {d[\"sigma\"]}')
+print(f'  Master: {d[\"master\"][\"pass\"]}/{d[\"master\"][\"total\"]} · Opus: {d[\"opus\"][\"pass\"]}/{d[\"opus\"][\"total\"]}')
+"
+fi
+
+echo ""
+echo "=== 2. Disk ==="
+df -h / | tail -1
+
+echo ""
+echo "=== 3. Badge injection count (REAL) ==="
+REAL_COUNT=$(grep -lr "archi-meta-badge.js" /var/www/html --include="*.html" --include="*.php" 2>/dev/null | wc -l)
+echo "Files with archi-meta-badge: $REAL_COUNT"
+
+echo ""
+echo "=== 4. Manifest endpoint ==="
+curl -s -o /dev/null -w "HTTP=%{http_code} size=%{size_download}\n" "http://127.0.0.1/api/weval-archi-manifest.php" -H "Host: weval-consulting.com"
+
+echo ""
+echo "=== 5. 15 Depts ==="
+curl -s "http://127.0.0.1/api/wevia-v64-departments-kpi.php" -H "Host: weval-consulting.com" | python3 -c "
+import sys, json
+d = json.load(sys.stdin)
+s = d['summary']
+print(f'  agents: {s[\"agents_wired\"]}/{s[\"agents_needed\"]} = {s[\"gap_ratio_pct\"]}%')
+warns = [dp for dp in d['departments'] if dp['agents_needed']>0 and dp['agents_wired']/dp['agents_needed']<0.8]
+print(f'  WARNS: {len(warns)}')
+for w in warns: print(f'    - {w[\"label\"]}: {w[\"agents_wired\"]}/{w[\"agents_needed\"]}')
+"
+
+echo ""
+echo "=== 6. Git HEAD ==="
+cd /var/www/html && git log -1 --format="%h %s" 2>/dev/null | head -1
+
+echo ""
+echo "=== 7. Spotlight file ==="
+ls -la /var/www/html/api/archi-spotlight.js 2>/dev/null
+ls -la /var/www/html/api/archi-meta-badge.js 2>/dev/null
+
+echo ""
+echo "=== 8. Critical errors in fpm ==="
+tail -5 /var/log/php8.5-fpm.log 2>/dev/null | head -5
+
+echo ""
+echo "=== 9. WEVIA master chat health ==="
+curl -s "http://127.0.0.1/api/wevia-master-api.php" -H "Host: weval-consulting.com" -H "Content-Type: application/json" -d '{"message":"nr 201","session_id":"audit"}' --max-time 25 | head -c 200

functional-test-results.json

@@ -1,5 +1,5 @@
 {
-  "ts": "2026-04-20T12:30:02.419184",
+  "ts": "2026-04-20T13:30:02.537178",
   "tests": [
     {
       "name": "Sovereign responds",
@@ -9,7 +9,7 @@
     {
       "name": "Director health",
       "s": "PASS",
-      "o": "{\"status\":\"alive\",\"version\":\"1.0.0\",\"uptime\":\"6d 0h\"}"
+      "o": "{\"status\":\"alive\",\"version\":\"1.0.0\",\"uptime\":\"6d 1h\"}"
     },
     {
       "name": "NonReg >150",
@@ -44,7 +44,7 @@
     {
       "name": "Master API",
       "s": "PASS",
-      "o": "{\n    \"version\": \"1.0.0\",\n    \"timestamp\": \"2026-04-20T10:30"
+      "o": "{\n    \"version\": \"1.0.0\",\n    \"timestamp\": \"2026-04-20T11:30"
     },
     {
       "name": "Disk <90",
@@ -54,7 +54,7 @@
     {
       "name": "Crons >30",
       "s": "PASS",
-      "o": "268"
+      "o": "270"
     },
     {
       "name": "Git brain clean",

infra-guardian.sh

@@ -1 +1,7 @@
-#!/bin/bash\n# Infra Guardian — checks critical services\nfor s in nginx ollama; do systemctl is-active $s >/dev/null 2>&1 || systemctl restart $s 2>/dev/null; done\ndocker ps -q 2>/dev/null | wc -l > /dev/null
+#!/bin/bash
+for s in nginx ollama; do
+  systemctl is-active $s >/dev/null 2>&1 || systemctl restart $s 2>/dev/null
+done
+D=$(docker ps -q 2>/dev/null | wc -l)
+T=$(date -Iseconds)
+echo "[$T] guardian ok d=$D" >> /var/log/infra-guardian.log

inject_wevia_admin_badge.py

@@ -0,0 +1,23 @@
+#!/usr/bin/env python3
+import os
+
+path = '/var/www/html/wevia-ia/wevia-admin.php'
+script_tag = b'<script src="/api/archi-meta-badge.js" defer></script>\n'
+
+with open(path, 'rb') as f:
+    raw = f.read()
+
+if b'archi-meta-badge.js' in raw:
+    print("ALREADY")
+    exit(0)
+
+# Find LAST </body>
+body_end = raw.rfind(b'</body>')
+if body_end < 0:
+    print("NO_BODY")
+    exit(1)
+
+new_raw = raw[:body_end] + script_tag + raw[body_end:]
+with open(path, 'wb') as f:
+    f.write(new_raw)
+print(f"INJECTED: {len(raw)}→{len(new_raw)}")

l99-state.json

@@ -1,5 +1,5 @@
 {
-  "timestamp": "2026-04-20T12:55:02.612007",
+  "timestamp": "2026-04-20T13:35:02.301944",
   "layers": {
     "DOCKER": {
       "pass": 19,

linkedin-demo-hits.jsonl

@@ -0,0 +1,7 @@
+{"ts":"2026-04-20T10:59:52+00:00","ref":"https:\/\/www.linkedin.com\/feed\/","ua":"curl\/8.5.0","ip":"2a01:4f9:c011:a3c9::1","utm":"linkedin","from_linkedin":1}
+{"ts":"2026-04-20T11:25:31+00:00","ref":"https:\/\/www.linkedin.com\/feed\/","ua":"curl\/8.5.0","ip":"2a01:4f9:c011:a3c9::1","utm":"linkedin","from_linkedin":1}
+{"ts":"2026-04-20T11:25:31+00:00","ref":"https:\/\/www.linkedin.com\/feed\/","ua":"curl\/8.5.0","ip":"2a01:4f9:c011:a3c9::1","utm":"linkedin","from_linkedin":1}
+{"ts":"2026-04-20T11:25:31+00:00","ref":"https:\/\/www.linkedin.com\/feed\/","ua":"curl\/8.5.0","ip":"2a01:4f9:c011:a3c9::1","utm":"linkedin","from_linkedin":1}
+{"ts":"2026-04-20T11:25:31+00:00","ref":"https:\/\/www.linkedin.com\/feed\/","ua":"curl\/8.5.0","ip":"2a01:4f9:c011:a3c9::1","utm":"linkedin","from_linkedin":1}
+{"ts":"2026-04-20T11:25:31+00:00","ref":"https:\/\/www.linkedin.com\/feed\/","ua":"curl\/8.5.0","ip":"2a01:4f9:c011:a3c9::1","utm":"linkedin","from_linkedin":1}
+{"ts":"2026-04-20T11:25:31+00:00","ref":"https:\/\/www.linkedin.com\/feed\/","ua":"curl\/8.5.0","ip":"2a01:4f9:c011:a3c9::1","utm":"linkedin","from_linkedin":1}

patch_badge_spotlight.py

@@ -0,0 +1,15 @@
+#!/usr/bin/env python3
+# Append spotlight loader to badge JS - single-file inject still works
+path = "/var/www/html/api/archi-meta-badge.js"
+with open(path, "rb") as f:
+    raw = f.read()
+
+loader = b'\n// V83: Spotlight Ctrl+K loader\n(function(){var s=document.createElement(\'script\');s.src=\'/api/archi-spotlight.js\';s.defer=true;document.head.appendChild(s);})();\n'
+
+if b"archi-spotlight.js" in raw:
+    print("ALREADY")
+else:
+    raw = raw + loader
+    with open(path, "wb") as f:
+        f.write(raw)
+    print(f"APPENDED loader size: {len(raw)}")

s204-honest-status.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+echo -n "S204 honest shell exec: "
+uptime -p
+echo -n "Load: "
+cat /proc/loadavg | cut -d' ' -f1-3
+echo -n "RAM: "
+free -h | awk '/^Mem:/ {print $3 " / " $2}'
+echo -n "Disk: "
+df -h / | tail -1 | awk '{print $3 " / " $2 " (" $5 ")"}'
+echo "Source: opus46-halluc-fix-20avr real-time shell"

tour_infra.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+echo "=== TOUR INFRA REAL-TIME (opus46-halluc-fix-20avr) ==="
+echo "S204: $(hostname) $(uptime -p)"
+echo "Load: $(cat /proc/loadavg | cut -d' ' -f1-3)"
+free -h | awk '/^Mem:/ {print "RAM: " $3 " used / " $2 " total"}'
+df -h / | tail -1 | awk '{print "Disk /: " $3 " / " $2 " (" $5 ")"}'
+echo ""
+echo "Docker containers:"
+docker ps --format "{{.Names}}: {{.Status}}" 2>/dev/null | head -8
+echo ""
+echo "Services status:"
+for svc in apache2 nginx postgresql php8.5-fpm docker pmta ollama; do
+  status=$(systemctl is-active $svc 2>/dev/null)
+  echo "  $svc: $status"
+done
+echo ""
+echo "Source: honest real-time shell exec"