plugin-ipc is a cross-language IPC library for Netdata plugins and helper services.
Success means:
- one authoritative specification under
docs/; - one interoperable protocol stack;
- typed service APIs for C, Rust, and Go;
- POSIX and Windows transport coverage;
- cross-language interoperability as a release requirement;
- benchmarks and tests that prove behavior and performance claims.
This project uses a local Statement of Work system.
The SOW system is self-contained in this repository. Normal SOW work must not depend on ~/.agents, ~/.AGENTS.md, global skills, global templates, or global scripts. Use this AGENTS.md, project-local SOW files, project-local specs, project-local skills, and the active SOW.
- User responsibilities: purpose, scope decisions, design forks, risk acceptance, destructive approvals, and final product judgment.
- Assistant responsibilities: investigation, evidence, implementation, tests or equivalent validation, reviews, documentation, memory updates, and concise reporting.
Before non-trivial work:
- Read pending/current SOWs for overlap, contradictions, and existing decisions.
- Read relevant specs under
.agents/sow/specs/. - Inspect
.agents/skills/project-*/SKILL.mdif any exist, and load every runtime project skill whose trigger matches the work. - Inspect the authoritative docs under
docs/and the relevant C, Rust, Go, test, and benchmark code. - Ask the user only for irreducible product/design/risk decisions.
Assistants must not create git worktrees on their own. Create a git worktree only when the user explicitly asks for it or approves it.
SOWs, specs, documentation, project skills, agent instructions, and code comments are commit-ready artifacts. Treat them as public unless a repository-specific policy explicitly says otherwise.
CRITICAL: Never write raw sensitive data to durable artifacts. This includes passwords, API keys, bearer tokens, SNMP communities, private keys, connection strings with embedded credentials, session cookies, community member names, customer names, customer identifiers, personal data, non-private IP addresses that can identify customers, private endpoints, account IDs, and proprietary incident details.
Write only sanitized evidence:
- use placeholders such as
[REDACTED_SECRET],[CUSTOMER],[ACCOUNT],[PRIVATE_ENDPOINT]; - use stable aliases such as
customer-aonly when the real mapping is not stored in the repository; - cite file paths, line numbers, command names, schema fields, or error classes instead of copying sensitive values;
- summarize logs and traces; include only minimal redacted snippets.
If sensitive data is required to continue, stop and ask the user for a secure handling path. If sensitive data is found in a durable artifact, sanitize it before any commit. If sensitive data was already committed, tell the user and do not rewrite history without explicit approval.
When SOW evidence comes from local mirrored or cloned open-source repositories, cite the upstream repository and checked commit instead of the workstation absolute path.
Use:
owner/repo @ commit
relative/path/inside/repo:line
Resolve owner/repo from the repository remote, record the checked commit, and keep paths relative to the upstream repository root. Never write workstation absolute paths for external open-source evidence into SOW evidence.
Implementation must not begin until the active SOW contains a concrete ## Pre-Implementation Gate section. Before moving a SOW from pending/open to current/in-progress, or before continuing implementation in an existing current SOW that lacks this section, fill the gate.
The gate must record the problem/root-cause model, evidence reviewed, affected contracts and surfaces, existing patterns to reuse, risk and blast radius, sensitive data handling plan, implementation plan, validation plan, artifact impact plan, and open decisions. The sensitive data plan must cover SOWs, specs, documentation, project skills, agent instructions, and code comments. Generic placeholders such as TBD, N/A, or "to be checked later" are invalid unless the SOW explains why the item truly does not apply. If the gate exposes an unknown that cannot be resolved by investigation, stop and ask the user before implementation.
Create or reuse a SOW for non-trivial work:
- feature work;
- bug fixes with behavioral impact;
- refactors;
- migrations;
- documentation or content changes with product/business impact;
- process changes;
- regressions;
- spec hygiene;
- project skill changes;
- benchmark/performance investigations;
- any work with unclear risk.
Trivial work does not need a SOW:
- typo fixes;
- formatting-only changes;
- mechanical rename with no behavior change;
- simple search/replace with low risk.
When unsure, treat the work as non-trivial.
- Pending:
.agents/sow/pending/ - Current:
.agents/sow/current/ - Done:
.agents/sow/done/ - Specs:
.agents/sow/specs/ - Template for new SOWs:
.agents/sow/SOW.template.md - Local audit:
.agents/sow/audit.sh
Create new SOW files from .agents/sow/SOW.template.md. The template is project-local and may be customized for this repository.
Empty SOW directories must contain .gitkeep or .keep so the committed repository preserves the full SOW layout after clone/checkout.
Filename:
SOW-NNNN-YYYYMMDD-{slug}.md
Status and directory must agree:
openlives inpending/in-progresslives incurrent/pausedlives incurrent/completedlives indone/closedlives indone/
The successful terminal SOW status is completed. done is a directory name, not a status value. Never write Status: done or Status: complete.
When a SOW's work is ready to close:
- Finish implementation, docs, specs, skills, validation, and follow-up mapping.
- Update the SOW to
Status: completed. - Move the SOW file to
.agents/sow/done/. - Commit the work, artifact updates, SOW status change, and SOW move together as one commit, unless the user explicitly requested a different commit split.
Do not create a separate commit just to mark or move the SOW. Do not claim a SOW is completed while the implementation and the SOW lifecycle change live in separate uncommitted or separately committed states.
Never execute multiple SOWs as one batch.
If work overlaps:
- merge or consolidate before implementation; or
- split into separate SOWs and complete one before starting the next.
Progress reports are not stop points. Once a SOW is in progress, continue until it is delivered, failed with evidence, blocked on a real user decision/approval, or superseded by newer user instructions.
When user decisions are needed:
- Present concrete evidence with files/lines or source references.
- Provide numbered options.
- Explain pros, cons, implications, and risks.
- Recommend one option with reasoning.
- Record the user's decision in the SOW before implementation.
"Deferred" is not a terminal outcome.
Before a SOW can close, every valid deferred item must be:
- implemented in the current SOW; or
- explicitly rejected as not worth doing, with evidence; or
- represented by a real pending/current SOW file.
Pre-close, search the SOW for:
defer|later|follow-up|future|TODO|pending
Map every remaining item to implemented, rejected, or tracked.
A regression is discovered after a SOW was considered completed or closed, later testing or use finds broken behavior, and the original SOW's claimed outcome is no longer true.
When behavior that a completed SOW claimed working stops working:
- Find the original SOW in
done/. - Move it back to
current/. - Mark it
in-progresswith a regression note in## Status. - Append a new dated
## Regression - YYYY-MM-DDsection at the end of the file, after the original outcome, lessons, and follow-up content. - In that appended section, record what broke, evidence, why previous validation missed it, the repair plan, validation, and updates needed to specs, skills, docs, audits, or follow-up SOWs.
- Fix and validate there.
Never prepend regression content above the original SOW narrative. The original requirements, analysis, plan, validation, outcome, lessons, and follow-up must remain readable first. Do not create a new SOW for a true regression.
A SOW cannot be completed until Validation records:
- acceptance criteria evidence;
- tests or equivalent validation;
- real-use evidence when a runnable path exists;
- reviewer findings and how they were handled;
- same-failure search results;
- artifact maintenance gate for
AGENTS.md, runtime project skills, specs, end-user/operator docs, end-user/operator skills, and SOW lifecycle; - SOW status/directory consistency;
- spec update or specific reason no spec update was needed;
- project skill update or specific reason no skill update was needed;
- end-user/operator docs update or evidence-backed reason none were affected;
- end-user/operator skill update or evidence-backed reason none were affected by docs/spec changes;
- lessons extracted or specific reason there were none;
- follow-up mapping.
Generic "N/A" is invalid.
Every SOW close must explicitly record whether each durable artifact class was updated or why no update was needed:
AGENTS.md- workflow, responsibility, local framework, project-wide guardrails.- Runtime project skills -
.agents/skills/project-*/SKILL.mdfor HOW to work here. - Specs -
.agents/sow/specs/for WHAT the project does. - End-user/operator docs - README, docs site, runbooks, published guides, help text, or other human-facing documentation.
- End-user/operator skills - output/reference skills copied or consumed outside normal repo work.
- SOW lifecycle - split, merge, status, directory, deferred work, regression reopening, and follow-up mapping.
This is an assistant responsibility. If a SOW changes behavior, docs, specs, commands, schemas, defaults, workflows, examples, or operating procedure, the assistant must update every affected artifact in the same SOW, or record the evidence-backed reason an artifact is unaffected.
Specs are memory of WHAT this project does.
The authoritative product and protocol specifications currently live under docs/. SOW specs under .agents/sow/specs/ should capture durable project decisions, cross-cutting behavioral rules, and SOW-discovered facts that are not already represented in the public specs.
Update specs when shipped work changes:
- protocol behavior;
- public API contracts;
- wire formats;
- transport behavior;
- data formats;
- operational guarantees;
- known edge cases.
Specs describe current reality, not aspiration. If specs and code disagree, record the discrepancy in the active SOW and resolve or track it.
Project skills are memory of HOW to work here.
Runtime input project skills should live under .agents/skills/project-*/SKILL.md. The project- prefix is the generic hook meaning "agents working in this repo must consider this skill." Before non-trivial work, inspect those skill descriptions and load every matching runtime skill.
Do not create generic project-* skills only to make the framework look complete. Project skills will be added incrementally when concrete reusable workflow knowledge exists.
Output/reference skills may also exist as docs or exported artifacts. Do not rename, shorten, or change their descriptions only to satisfy runtime discovery. Instead, list them separately below and update them when the related public/operator workflow changes.
Runtime input skills:
.agents/skills/project-netdata-vendoring/SKILL.mdTrigger: any work that copies, syncs, vendors, merges, or checks NetIPC source changes into a Netdata checkout. Purpose: require sourceplugin-ipcCI and GitHub code/security scanner preflight before touching Netdata's vendored NetIPC copy.
Output/reference skills:
docs/netipc-integrator-skill.mdConsumer: downstream assistants or operators integrating NetIPC services. Update when: public APIs, examples, service workflow, transport support, validation commands, or integration guidance changes.
- Configure/build C plus available Rust and Go pieces:
make - Explicit configure/build:
cmake -S . -B buildthencmake --build build - Local validation and benchmark commands must run at low scheduler priority so the workstation desktop stays responsive. Prefer
tests/run-low-priority.sh <command> [args...]for direct commands; project validation scripts undertests/*.shalready self-reexec through this helper. The helper usesnice -n 19plusionice -c 3when available, and falls back on platforms withoutionice. - Run CTest after configure/build:
tests/run-low-priority.sh ctest --test-dir build --output-on-failure - POSIX coverage:
bash tests/run-coverage-c.sh,bash tests/run-coverage-rust.sh,bash tests/run-coverage-go.sh - POSIX interop examples:
bash tests/interop_codec.sh,bash tests/test_uds_interop.sh,bash tests/test_shm_interop.sh,bash tests/test_service_interop.sh tests/interop_codec.shconfiguresbuild/; do not run it in parallel with CTest or another build-directory validation command.- Windows validation scripts are under
tests/run-*-windows*.shandtests/test_*_win*.sh; use the specific script matching the touched transport/API. - Benchmark generation:
bash tests/generate-benchmarks-posix.shorbash tests/generate-benchmarks-windows.sh - Netdata vendor diff:
bash ./diff-netdata-vendor.sh /path/to/netdata - Netdata vendor copy:
bash ./vendor-to-netdata.sh /path/to/netdata
- The public specs under
docs/are authoritative. When implementation and specs disagree, treat the specs as right unless a SOW explicitly revises them. - Preserve the layer boundaries in
docs/code-organization.md: Codec owns wire format; transport owns connection/framing/profile mechanics; service owns typed orchestration and snapshot helpers. - Cross-language interoperability is mandatory across C, Rust, and Go. Do not change one language implementation without checking the corresponding contract and other language implementations.
- Go must remain pure Go without
cgo. - Performance claims require benchmark evidence. Do not adjust benchmark floors or accept parity gaps without a fact-based analysis.
- Before any Netdata vendoring work, load
.agents/skills/project-netdata-vendoring/SKILL.mdand complete its preflight even if the user did not explicitly ask for CI, scanner, or drift checks. Do not modify Netdata's vendored NetIPC copy until the active SOW records: the candidateplugin-ipcsource commit; GitHub Actions/check-run evidence; GitHub code-scanning, Dependabot, and secret-scanning evidence; the last source-to-Netdata vendoring baseline; a two-way gap analysis of what changed inplugin-ipcsince that baseline and what changed in Netdata's vendored NetIPC copy since that baseline; and a migration plan for every drift class. Failing, pending, cancelled, timed-out, or untriaged open scanner findings block vendoring unless they are fixed, documented as evidence-backed false positives, or explicitly risk-accepted by the user in the SOW. Unknown baseline, unexplained downstream drift, or no migration plan also blocks vendoring. - Archived TODO history under
.agents/sow/todo-history/TODO-*is existing project memory. Do not move, delete, or rewrite those archived notes without explicit user approval; track future classification or migration through a SOW.
- No pre-existing
AGENTS.mdor tool-specific instruction file was found during SOW bootstrap. - Existing public docs under
docs/were preserved as the authoritative specification surface. - Existing root
TODO*.mdfiles were archived under.agents/sow/todo-history/by explicit user request and tracked through SOW-0002. - No runtime
project-*skills were created during bootstrap by user request.
Project SOW status: initialized