Skip to main content

SCAR — version control for negative knowledge (deadends, fences, landmines)

Project description

SCAR — Version Control for Negative Knowledge

Git records what your codebase is. Nothing records what it refused to be.

SCAR is a git-native system for capturing, anchoring, and enforcing the negative knowledge of a codebase — the dead ends, the load-bearing weirdness, the invisible tripwires — and surfacing it at the exact moment someone (human or AI agent) is about to step on it.

The one-liner

Every codebase is a battlefield where the bodies have been removed. SCAR puts the markers back.

The three primitives

Type Meaning Example
deadend We tried X. It failed because Y. Don't retry unless Z changes. "We tried Redis for session storage in 2024-03. Eviction under memory pressure logged users out mid-checkout. Don't retry unless sessions become re-derivable."
fence This code looks wrong. It is intentional. Here's why. "Yes, this retry loop sleeps 7 seconds, not 5. The upstream vendor's rate limiter has a 6-second window they don't document."
landmine Changing A breaks B in a way nothing in the code tells you. "The CSV export in reports/ depends on the column order of this SELECT. Reorder it and Finance's reconciliation pipeline silently corrupts."

Why now

AI agents write an increasing share of all code. Agents have zero hallway memory. They see a weird retry loop and "clean it up." They see a missing cache layer and re-add the library that was removed after a data-corruption incident. They retry, across thousands of sessions, the exact approaches that already failed — because the repository only records positive space.

Humans at least had tribal knowledge. Agents have none. And as agents author more of the code, the negative knowledge stops even entering human memory — it evaporates entirely.

The flip side: agents also solve the historically fatal flaw of every knowledge-capture system — authorship cost. Nobody writes documentation after a failure. But an agent that just tried an approach and abandoned it can write a deadend scar in milliseconds, for free, at the moment of maximum context.

Agents created the urgency. Agents remove the adoption barrier. That's the wedge.

How it works

.scars/
├── 0001-redis-sessions.deadend.md
├── 0002-vendor-retry-window.fence.md
└── 0003-csv-column-order.landmine.md
  • Scars are small structured Markdown files with YAML frontmatter, tracked in git, reviewed in PRs like code.
  • Each scar is anchored to code via paths, symbol names, and content fingerprints — not line numbers — so anchors survive refactors.
  • Enforcement happens at the moment of action:
    • scar check <path> — CLI gate for humans and CI
    • Agent hook (Claude Code PreToolUse, etc.) — injects relevant scars into the agent's context before it edits the file
    • MCP server — planned, so any agent can query the scar graph
  • scar harvest — mines git history (reverts, add-then-remove dependencies, reopened issues) to propose candidate scars for codebases starting from zero.
  • Scars are advisory, never blocking, by default. Stale knowledge is challenged via scar challenge, and every scar can carry expiry conditions ("valid until we drop Postgres 12").

Install

uv tool install scar-cli   # or: pipx install scar-cli

Zero runtime dependencies. Python ≥3.10.

Quickstart

cd your-repo
scar init                  # creates .scars/ with template + README

# write your first scar
cp .scars/template.md .scars/candidates/redis-sessions.md
$EDITOR .scars/candidates/redis-sessions.md

scar lint                  # validate format
scar promote redis-sessions.md   # human review gate: candidate -> active

# from then on
scar check src/auth/       # what's anchored here?
scar why src/auth/         # full history of pain for this path
scar harvest               # mine git history for candidate scars

Wiring the Claude Code hook (auto-injects scars before any agent edit):

scar hook install

Quality discipline

  • Candidates vs active: agents and scar harvest only ever write to .scars/candidates/. A human promotes (scar promote) — nothing enters active enforcement without review.
  • Expiry conditions: every scar can declare when it stops being true ("valid until sessions are re-derivable"). Stale knowledge is a bug, not a feature.
  • Validated in use: in a 14-day agent auto-authorship trial, agents drafted 13 keepable scars across 3 repos with 0% false positives — including one that caught a real parser bug in this repo and fired on the exact edit that fixed it.

Read more

  • IDEA.md — the full pitch: problem, solution, why this, why now, why me
  • SPEC.md — scar format, anchoring model, CLI surface, agent integration
  • STRESS-TEST.md — adversarial analysis: failure modes, loopholes, objections, premortem
  • ROADMAP.md — phased plan from prototype to product

Status & expectations

Working software, shared as-is. CLI v0 is shipped: 9 subcommands, 63 tests, zero dependencies, CI-enforced. It runs daily across the author's repos (where it has already caught real bugs — see .scars/ in this very repo for live examples).

This is personal infrastructure published as a gift to the OSS community, not a product. Issues and PRs are welcome and read with interest, but there is no support SLA and no roadmap promise. If it's useful to you, that's the whole point.

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

scar_cli-0.1.1.tar.gz (73.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

scar_cli-0.1.1-py3-none-any.whl (19.7 kB view details)

Uploaded Python 3

File details

Details for the file scar_cli-0.1.1.tar.gz.

File metadata

  • Download URL: scar_cli-0.1.1.tar.gz
  • Upload date:
  • Size: 73.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for scar_cli-0.1.1.tar.gz
Algorithm Hash digest
SHA256 d56e981f65db823b635cea0dcd796d6c6763d0fbf0830756f058de7969d2be3e
MD5 22c479de40290b07d65b3bb2e3cb0928
BLAKE2b-256 1279d54a9de2870f9463e378f486941171c4b524f5b9d89e0ab78562eedd8e5f

See more details on using hashes here.

Provenance

The following attestation bundles were made for scar_cli-0.1.1.tar.gz:

Publisher: release.yml on Daily-Nerd/Scar

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file scar_cli-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: scar_cli-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 19.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for scar_cli-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 532bbf47402d7578ebcd2cf374d733fc1a7a42e82fb208f165ae98cb496019dc
MD5 28e99eadbadcf987b70d0706c3212d41
BLAKE2b-256 c123bea13db16a8e7e657f3ef81e491942d2f943e36063cdf3019b76ab2320f5

See more details on using hashes here.

Provenance

The following attestation bundles were made for scar_cli-0.1.1-py3-none-any.whl:

Publisher: release.yml on Daily-Nerd/Scar

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page