- music_parallelism.sh: restore batched-pgrep/xdotool optimization that exists
in /usr/local/bin/ but had been lost from the repo, plus bump intervals
(FAST 0.5s->2s, IDLE 3s->10s) to further cut fork rate
- organize_downloads.sh: replace per-file tr fork with bash 4 ${var,,}
parameter expansion, replace per-log-line $(date) fork with printf %()T builtin
Follow-up to fork-storm fixes after observing 122 CPU-hours of date calls
in a 90-minute window (root cause was nvidia-pmon-logger.sh, fixed separately).
Resource-usage report showed ~29 cores of average load coming from i3blocks
helper scripts forking awk/tr/grep/bc/sensors/nvidia-smi every tick. Rewrite
all five hot-path scripts to eliminate forks:
- volume.sh: persist mode, blocks on 'pactl subscribe' event stream.
No polling, no sleep, no fork per tick.
- gpu_monitor.sh: persist mode, single long-lived 'nvidia-smi --loop=5'
feeds a bash 'while read' loop. Falls back to /sys for amdgpu.
- battery_status.sh: reads /sys/class/power_supply/BAT*/ directly.
Zero forks; replaces 'acpi | awk' pipeline.
- cpu_monitor.sh: reads /proc/loadavg and k10temp/coretemp /sys/class/hwmon.
Zero forks; replaces 'sensors | awk | tr' + bc arithmetic.
- motherboard_temp.sh: reads nct*/it*/f71* Super-I/O hwmon node directly.
Zero forks.
Configure volume + gpu_monitor with interval=persist so i3blocks keeps
one long-lived producer each instead of forking per tick.
Also add:
- kill_stale_recorders.sh -- kill stray ffmpeg x11grab / dotnet-trace /
dotnet-monitor processes left running after sessions.
- monitors.slice -- resource-capped user slice (CPUQuota=50%,
MemoryMax=512M, MemorySwapMax=0 for zram safety, TasksMax=256) to
bound future monitoring regressions.
- efficient-polling-scripts SKILL -- rules for writing status-bar and
polling scripts without forks; fork-pipeline to bash-builtin translation
table; verification checklist.
Verified live: strace -c on cpu_monitor.sh shows 1 execve / 0 clones;
persist producers (pactl subscribe, nvidia-smi --loop) show 0 CPU ticks
over a 3s idle sample. Per-invocation timing 1.6-1.9 ms (was 30-80 ms).
- New companion Android app (com.kuhy.focusstatus) under
phone_focus_mode/focus_status_app/ with a pure-Java, Gradle-less
command-line build pipeline (build.sh). Shows an ongoing
notification titled 'Focus: HOME / AWAY / DAEMON DOWN' with
distance, GPS, disabled-app count, last check, daemon checkmarks,
and a 'Re-check now' action button.
- focus_daemon.sh: write_status_snapshot() + sleep_with_recheck()
for JSON status + early-wake on trigger file. init() chmods
STATE_DIR 777 so the app can drop the trigger file.
- config.sh: new STATUS_FILE / RECHECK_TRIGGER; WHITELIST expanded
with com.kuhy.focusstatus and 11 more user-requested apps
(podcini X, mpv, bible/openbible, pkp/portalpasazera, orange,
runnerup, splitbills/splitwise, xiaomi smarthome).
- focus_ctl.sh: new 'recheck' + 'notif-status' subcommands.
- deploy.sh: new step [7/7] builds APK, installs, grants
POST_NOTIFICATIONS, pre-approves Magisk SU policy, launches
foreground service.
- .gitignore: exclude focus_status_app/build symlink + debug.keystore.
End-to-end verified on device: notification live with real values;
Re-check button triggers a daemon location check within ~1s.
- Add comprehensive tests for all packages (3572 tests, 100% branch coverage)
- Split oversized test files to stay under 500-line limit
- Add per-file ruff ignores for test-appropriate suppressions
- Fix _cache_decks.py to properly convert JSON lists to tuples
- Add session-scoped conftest fixture for logging handler cleanup (Python 3.14)
- Update ruff pre-commit hook to v0.15.2
- Add codespell ignore words for test data
- Add generated output files to .gitignore
Add is_autoclose_suspended() function that checks for a per-app
suspend file dated today. When suspended, launches the app directly
without the auto-close timer via exec.
- Add type annotations and docstrings to focus_mode_daemon.py, transcribe_fw.py, transcribe_helpers.py
- Use logging module instead of print
- Fix bare except clauses with specific exception types
- Add enforce-resolved.sh: validates ReadEtcHosts=yes, prevents
DNSOverTLS bypass, removes drop-in overrides, locks drop-in dir
- Add resolved-guard.path/service: watches /etc/systemd/resolved.conf
and its drop-in directory for tampering
- Update pacman hooks to unlock/relock nsswitch.conf and resolved.conf
alongside /etc/hosts during package transactions
- Extend setup_hosts_guard.sh with --skip-resolved option, resolved
canonical snapshot, drop-in directory locking, and enforcement
- Add resolved.conf checks to check_and_enable_services.sh: validates
ReadEtcHosts, DNSOverTLS, drop-in overrides, immutable attribute,
and resolved-guard.path status with auto-fix capability
Fixed on live system: ReadEtcHosts was set to 'no' and nsswitch.conf
was missing 'files' in the hosts line, completely bypassing /etc/hosts.
Move warsaw_bridges, warsaw_districts, warsaw_landmarks, warsaw_metro,
warsaw_osiedla, warsaw_streets, and car_brand_logos into the existing
python_pkg/anki_decks/ directory alongside the polish_* generators.
Also move preview_all.html into anki_decks/.
Update all import paths, filesystem references in geo_data.py,
docstrings, READMEs, test imports, and .gitignore accordingly.