feat(metrics): v1.89 metrics reduction — evidence dedup + naming + safety wiring#431
Merged
feat(metrics): v1.89 metrics reduction — evidence dedup + naming + safety wiring#431
Conversation
…fety wiring
6-phase reduction-only release. No new architecture, no new metrics.
Phase 1: Delete 3 legacy shell exporters (firewall, geoban, portscan)
Phase 2: Evidence layer refactored — ZERO direct nft calls (INV-M-002).
Imports validator.ValidateKernel() directly. Counters, sets,
chains extracted from validator's parsed kernel data.
Phase 3: Wire 6 disconnected safety metrics setters at 2 call sites
(sync handler + watchdog callback) per INV-M-008.
Phase 4: Rename 9 watchdog metrics (go_* → runtime_*, _total on gauges)
with deprecated compatibility aliases (removed in v1.90).
Phase 5: Mark sampler.go DEPRECATED (INV-M-006).
Phase 6: VERSION 1.89.0, CHANGELOG, README /metrics section.
8 global invariants (INV-M-001 through INV-M-008) enforced and verified.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Contributor
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Scanned FilesNone |
…n sampler.go - FHS spec: version bump 1.88.0 → 1.89.0 in generated nftban_fhs_spec.sh (CI gate: FHS generated files check) - sampler.go: move SPDX header to line 4 (within first 5 lines) so CI SPDX validation passes. DEPRECATED comment moved after SPDX line. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
SetMemoryPressureLevel,SetProtectionActive, etc.) at exactly 2 call sites (sync handler + watchdog callback)go_*→runtime_*, remove_totalfrom 3 gauges) with deprecated compatibility aliases for one release cyclesampler.goDEPRECATED — no new code may useGetSampler()Global Invariants Enforced
Test plan
go test ./internal/metrics/...passes (includes new evidence_extract_test.go)go test ./internal/validator/...passesgo test ./internal/watchdog/...passes/metricsscrape (both old+new names present)🤖 Generated with Claude Code