Rules for human contributors and AI agents. Complements AGENTS.md (workflows) and CONTRIBUTING.md (PR process).
- Read: Source, tests, docs, public config as needed.
- Write: Only files required for the fix or feature; no unrelated formatting or refactors.
- Execute: Tests, typecheck, documented CLI commands. No destructive commands on user data without approval.
- Off-limits: Other people's machines, production deployments you don't own, credentials you lack permission to use.
Maintainer may widen scope per task.
- Never commit secrets — API keys, tokens, real
.envvalues, private URLs, session cookies. Use.env.examplewith placeholders. - Never rename with find-and-replace in GitNexus-indexed projects — use
renameMCP tool withdry_run: truefirst, reviewgraphvstext_searchedits. No separategitnexus renameCLI exists. - Run impact analysis before editing shared symbols —
impact(upstream) for functions/classes/methods others call. Do not ignore HIGH/CRITICAL without maintainer sign-off. - Run
detect_changesbefore commit — confirm diffs map to expected symbols/processes when the graph is available. - Preserve embeddings — plain
npx gitnexus analyzenow preserves any embeddings recorded in.gitnexus/meta.json(the previous behavior wiped them). Use--embeddingsto also generate vectors for new/changed nodes; use--drop-embeddingsonly when an explicit wipe is intended (e.g., model swap).
Format: Trigger → Instruction → Reason. Append new Signs when the same mistake repeats.
- Trigger: MCP warns index is behind
HEAD, or search doesn't match latest commit. - Do:
npx gitnexus analyze(plus--embeddingsif used). - Why: Tools query LadybugDB from last analyze; git changes are invisible until re-indexed.
- Trigger: Semantic search quality drops;
stats.embeddingsinmeta.jsonis 0 after refresh. - Do: Re-run
npx gitnexus analyze --embeddingsto regenerate. Check the analyze log for aWarning: could not load cached embeddingsline — if present, the cache restore failed (corrupt DB / schema mismatch) and the rebuild had nothing to preserve. If you intentionally passed--drop-embeddings, this is expected. - Why: Plain
analyzepreserves prior vectors by re-inserting them after the rebuild; the only ways to end up at zero are an explicit--drop-embeddings, a cache-load failure (now logged), or a model/dimension change that invalidates the cache.
- Trigger: MCP stderr says no indexed repos.
- Do:
npx gitnexus analyzein the target repo; verifynpx gitnexus listshows it. - Why: MCP discovers repos via
~/.gitnexus/registry.json, populated by analyze.
- Trigger: Query/impact results belong to another project.
- Do: Call
list_repos, then passrepoon subsequent tools. - Why: Default target is ambiguous when multiple repos are registered.
- Trigger: Errors opening
.gitnexus/lbugwhile MCP and analyze both run. - Do: Stop overlapping processes (one writer at a time). Retry analyze or restart MCP.
- Why: Embedded DB expects single-process ownership.
- npm: Do not publish from unreviewed automation. Bump version intentionally; tag releases to match
package.json. - Dependencies: Minimal, auditable
package.jsonchanges; run tests and CI after lockfile updates. - License: PolyForm Noncommercial 1.0.0 — do not relicense without maintainer approval.
Stop and ask a human maintainer when:
- Impact analysis shows HIGH/CRITICAL risk and the task still requires the change.
- You need to alter CI, release, or security-sensitive config.
- Requirements conflict (e.g. "speed up analyze" vs "must keep all embeddings on huge repo").
- You are unsure whether data loss is acceptable (
clean, forced migrations, schema changes).
- ARCHITECTURE.md — components and data flow
- RUNBOOK.md — commands for recovery
- CONTRIBUTING.md — PR and commit expectations