Release rollup#383
Merged
Merged
Conversation
…tion (#375) - verify_plan 改 phase-only postcondition(去 exactly-one-human 要求),不再越权 - 单 item apply/verify try/except skip+continue 隔离,单坏 item 不崩整个 daemon loop - run_once 接 beat callback,collect 后及每 item 后续 heartbeat,长 tick 不冻 - SKILL.md release fresh_heartbeats 文档追平实现(every restart-managed daemon fresh within 90s) - 补 4 项 behavior test + release schema source-regression design-consensus r1 3/3 consensus:minimal(issue #370) Closes #370. Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…377) - git rm .claude/skills(移除第二 Claude 平台入口,根 .claude-plugin manifest 为唯一入口) - .gitignore 忽略 .claude/skills(本机 setup 不发布) - README 补本地可手动 ln -s ../skills .claude/skills 说明 - test_source_publication_boundary.py 反转断言:git check-ignore .claude/skills 成功 + ls-files 不含 design-consensus r1 3/3 consensus:minimal(issue #374) Closes #374. Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…ctor-loop/host.env (#378) - 删 wakeup_plan.py 内硬编码 .refactor-loop/host.env 存在性检查 - pending_bootstrap_actions 经 LoopContext/host_env_available 判定;无 host env 时 reason 指向 host-owned 注入文件 - 保留 legacy .refactor-loop/host.env 仅 compatibility read - 补 behavior test:CONSENSUS_RND_HOST_ENV 存在 + 无 legacy 时不 emit bootstrap-missing design-consensus r1 3/3 consensus:delete(issue #372) Closes #372. Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* #373: branch-topology required-env(删 INTEGRATION_BRANCH/REVIEW_BASE_BRANCH 硬编码默认) r4 consensus:minimal(option A):sync/dev.py、sync/executor.py、controller_actions.py、 release/commits.py 删 auto-refact-dev/dev/origin-dev 硬编码 fallback;SKILL.md host env matrix INTEGRATION_BRANCH/REVIEW_BASE_BRANCH defaulted→required 语义;host.env.example 更新; +5 test(含 release-commits/sync fail-closed-without-branch-env behavior test)。 full $TEST_CMD 981 OK(skipped=1)。 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * fix(#381 review r1): 删 sync/dev.py if-False 死代码,断言改真 branch-topology behavior check quality reviewer reject(applied):#373 implement 为满足 source-regression 塞的 if False: + 裸表达式 Refactor(iter373/issue-373) 是不可达死代码;删除,test_sync_dev source-regression 断言改为锁真实合同(无 DEFAULT_INTEGRATION_BRANCH/DEFAULT_REVIEW_BASE_BRANCH 硬编码默认、 存在 missing required host branch env fail-closed、无 legacy alias 读)。 architect/tests=comment(advisory)。full $TEST_CMD 982 OK(skipped=1)。 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…_banner (#379) * structural(#371): 删公共 post-banner CLI,迁 ControllerActions.post_status_banner + #191 owner gate - 删 cli.py COMMANDS[post-banner] + banners.py public main/parse_args/post_status_banner 等 entry - 新增 controller-internal ControllerActions.post_status_banner(BannerRequest)->str:owner gate→invalid target→body tempfile→gh(self.gh),non-owner/缺context/invalid target fail-closed - 保留 banners.py build_status_banner/gh_comment_command/AUTO_LOOP_SENTINEL - SKILL.md GitHub state surface 改 ControllerActions.post_status_banner、spawn recipe 删 public CLI 示例 - 更新 test_cli_command_router/test_banner_package/test_controller_actions/test_runtime_exception_authorization_sources/test_skill_reference_anchors design-consensus r4 3/3 consensus:structural(issue #371) Closes #371. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * fix(#379 review r1): 补 post_status_banner gh-failure 分支 behavior test tests reviewer reject(applied):新增 test_controller_actions 用例 —— owner allowed + target valid + self.gh returncode≠0 → RuntimeError 含 stderr,且 body tempfile 仍删除。 quality reviewer self-doc 注释需求(rejected):加 Refactor-history 源注释会与 test_source_language_policy scanner 冲突(见 #373 同类 finding),full $TEST_CMD 979 OK 证明现状 test-safe;rationale 提交 re-review 裁决。 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * fix(#379 review r3): policy=none 下对齐 source-language scanner 的注释期望 HOST_REFACTOR_COMMENT_POLICY=none 时本仓库 scanner 禁止新增 refactor-history 源注释。调整 test_controller_actions.py 迁移断言与 test_source_language_policy.py 期望,使其不再要求 post_status_banner 处的 # Refactor 自文档注释;rationale 留在 PR body/commit。979 tests OK (skipped=1) 全套自验通过。 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
review-gate architect(PR #382 rollup)发现 test_source_publication_boundary.py (iter374)与 test_wakeup_plan.py(iter372)各有一个 net-new `# Refactor` Old/New 源注释块,违反本 session 已生效的 HOST_REFACTOR_COMMENT_POLICY=none(test-file scanner scope gap 未机械捕获,architect 按 policy 语义抓到)。仅删这两块注释, rationale 保留在各自 PR body/commit;不改任何 test 逻辑。全套 990 tests OK。 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
loning
added
crnd:lifecycle:managed
Contributor
Author
📊 当前状态 — fresh rollup review-gate r1(❌ 不需要人介入)
下一步自动会做:3 reviewer → 真值表(reject=0 → MERGE)→ ready+merge 到 dev,作为 beta.6 release-gate 的 dev 侧输入。 🤖 controller status banner ⟦AI:AUTO-LOOP⟧ |
Contributor
Author
🤖 架构审查通过: 未发现 CLAUDE.md 回归TL;DR
详细说明我按三点 diff 审了实际改动: 把 / 设为 required host facts, 进入 owner-gated controller action, 镜像明确不提供跨设备写许可。 没有看到新增外部 repo 引用、 / / 拆分、公共 CLI、 生产事实源, 或 下的新 Old/New refactor-history source comment。 📎 完整 codex 原始输出(存档备查)---
pr: 383
role: architect
verdict: approve
---
## Verdict
approve - no architecture compliance concerns; the rollup preserves host-owned runtime facts, narrows controller write surfaces, and does not introduce a parallel architecture path.
## Evidence
- `skills/codex-refactor-loop/host.env.example:3`: the template states host runtime facts are injected by `host.env`, and lines 51-55 make `INTEGRATION_BRANCH` / `REVIEW_BASE_BRANCH` required host facts. This aligns with CLAUDE.md: "事实源唯一:同一约束禁止在多处平行声明。版本号 -> `.version-bump.json`;host 运行时事实 -> `host.env`;skill 行为 -> 该 skill 的 SKILL.md 与 `scripts/test_*.py`。"
- `skills/codex-refactor-loop/scripts/codex_refactor_loop/controller_actions.py:51`: controller branch config now reads only canonical `INTEGRATION_BRANCH` / `REVIEW_BASE_BRANCH`, and lines 56-64 fail closed when missing. This avoids hardcoded host branch topology and matches CLAUDE.md: "host 项目:消费 skill 的下游项目。skill **无 host 项目改动权**:不修改 host 的 `.git` 配置 / CI 配置 / policy 文档;只在 `host.env` 暴露的 surface 上工作。"
- `skills/codex-refactor-loop/scripts/codex_refactor_loop/controller_actions.py:159`: `post_status_banner()` is a controller action gated by `_require_owner_or_raise("post-banner")` before target normalization or `gh` posting. This stays within CLAUDE.md's active-controller boundary: "跨设备时 GitHub/已 push git 面只允许一个 active-controller lease owner 执行 controller 写路径;本地 `.refactor-loop` 只是 owner 机器缓存/日志,不得授权跨设备工作。"
- `skills/codex-refactor-loop/authorizations/runtime-exceptions.md:230`: the observability writer mirror now says issue/PR target writes still require the #191 `ActiveControllerLease` / `require_active_controller(...)` gate and are not a cross-device write permit. This preserves the narrow-allowlist clause in CLAUDE.md: "任何 controller-runtime 例外必须 narrow allowlist + no lifecycle authority by default;授权来源必须 durable artifact + 仓库级文档双重锚定。"
- `skills/codex-refactor-loop/scripts/codex_refactor_loop/wakeup_plan.py:535`: bootstrap detection now checks `LoopContext.host_env` and reports a missing host-owned runtime injection file, rather than making `.refactor-loop/host.env` the production source. This respects the prompt's host production SSOT boundary and CLAUDE.md's `.refactor-loop` cache/log boundary.
- `.gitignore:18` plus `README.md:45`: the deleted tracked `.claude/skills` symlink is replaced by ignored local setup guidance, so the rollup does not add a new platform entrypoint or retained compatibility shim. This aligns with CLAUDE.md's "删除优先" clause.
- Scope honesty: PR body declares this as a release rollup of #370/#374/#372/#373/#371 plus comment-policy cleanup. The three-dot diff is confined to the declared rollup surfaces: platform-local setup, `codex-refactor-loop` controller/runtime contracts, and matching tests. I found no new external repo references, no new `*WriteActor` / `*ReadActor` / `*Store` split, no new public `post-banner` CLI, no new `.refactor-loop` production SSOT, and no new Old/New refactor-history source comments under `HOST_REFACTOR_COMMENT_POLICY=none`.
⟦AI:AUTO-LOOP⟧
REVIEW_DONE:383:architect:approve⟦AI:AUTO-LOOP⟧ |
Contributor
Author
🤖 Quality review: commentTL;DR
详细说明这轮主要看命名、死代码、过度抽象、重复、复杂度和无关改动。整体改动集中在删除 public 唯一建议是去掉重复的 branch-env 必填解析。 📎 完整 codex 原始输出(存档备查)---
pr: 383
role: quality
verdict: comment
---
## Verdict
Comment: the PR is generally readable and focused, but the new required branch-env validation is duplicated across controller/sync paths and should have one owner before it drifts.
## Evidence
- `skills/codex-refactor-loop/scripts/codex_refactor_loop/controller_actions.py:51`: `INTEGRATION_BRANCH` / `REVIEW_BASE_BRANCH` are stripped, checked with a local missing-list, and reported as `missing required host branch env`.
- `skills/codex-refactor-loop/scripts/codex_refactor_loop/sync/dev.py:41`: `_required_branch_env()` repeats the same two-field strip + missing-list + error-message shape.
- `skills/codex-refactor-loop/scripts/codex_refactor_loop/sync/executor.py:88`: `_expected_branches()` repeats the same validation again, with extra host-env fallback wrapped around it. Three copies is enough that future branch-surface changes will need synchronized edits in multiple places.
## What would change your verdict (only if comment or reject)
Extract the shared "read required branch pair from merged env and return `(integration, review_base)` or a missing-list/error string" into one small helper owned by the host-env/context layer, then let `ControllerActions`, `sync.dev`, and `sync.executor` adapt that result to their local exception type.
⟦AI:AUTO-LOOP⟧
REVIEW_DONE:383:quality:comment⟦AI:AUTO-LOOP⟧ |
Contributor
Author
🤖 架构审查通过: 可读摘要修正版TL;DR
详细说明我按三点 diff 审了实际改动: 未发现新增外部 repo 引用、 📎 完整 codex 原始输出(存档备查)---
pr: 383
role: architect
verdict: approve
---
## Verdict
approve - no architecture compliance concerns; the rollup preserves host-owned runtime facts, narrows controller write surfaces, and does not introduce a parallel architecture path.
## Evidence
- `skills/codex-refactor-loop/host.env.example:3`: the template states host runtime facts are injected by `host.env`, and lines 51-55 make `INTEGRATION_BRANCH` / `REVIEW_BASE_BRANCH` required host facts. This aligns with CLAUDE.md: "事实源唯一:同一约束禁止在多处平行声明。版本号 -> `.version-bump.json`;host 运行时事实 -> `host.env`;skill 行为 -> 该 skill 的 SKILL.md 与 `scripts/test_*.py`。"
- `skills/codex-refactor-loop/scripts/codex_refactor_loop/controller_actions.py:51`: controller branch config now reads only canonical `INTEGRATION_BRANCH` / `REVIEW_BASE_BRANCH`, and lines 56-64 fail closed when missing. This avoids hardcoded host branch topology and matches CLAUDE.md: "host 项目:消费 skill 的下游项目。skill **无 host 项目改动权**:不修改 host 的 `.git` 配置 / CI 配置 / policy 文档;只在 `host.env` 暴露的 surface 上工作。"
- `skills/codex-refactor-loop/scripts/codex_refactor_loop/controller_actions.py:159`: `post_status_banner()` is a controller action gated by `_require_owner_or_raise("post-banner")` before target normalization or `gh` posting. This stays within CLAUDE.md's active-controller boundary: "跨设备时 GitHub/已 push git 面只允许一个 active-controller lease owner 执行 controller 写路径;本地 `.refactor-loop` 只是 owner 机器缓存/日志,不得授权跨设备工作。"
- `skills/codex-refactor-loop/authorizations/runtime-exceptions.md:230`: the observability writer mirror now says issue/PR target writes still require the #191 `ActiveControllerLease` / `require_active_controller(...)` gate and are not a cross-device write permit. This preserves the narrow-allowlist clause in CLAUDE.md: "任何 controller-runtime 例外必须 narrow allowlist + no lifecycle authority by default;授权来源必须 durable artifact + 仓库级文档双重锚定。"
- `skills/codex-refactor-loop/scripts/codex_refactor_loop/wakeup_plan.py:535`: bootstrap detection now checks `LoopContext.host_env` and reports a missing host-owned runtime injection file, rather than making `.refactor-loop/host.env` the production source. This respects the prompt's host production SSOT boundary and CLAUDE.md's `.refactor-loop` cache/log boundary.
- `.gitignore:18` plus `README.md:45`: the deleted tracked `.claude/skills` symlink is replaced by ignored local setup guidance, so the rollup does not add a new platform entrypoint or retained compatibility shim. This aligns with CLAUDE.md's "删除优先" clause.
- Scope honesty: PR body declares this as a release rollup of #370/#374/#372/#373/#371 plus comment-policy cleanup. The three-dot diff is confined to the declared rollup surfaces: platform-local setup, `codex-refactor-loop` controller/runtime contracts, and matching tests. I found no new external repo references, no new `*WriteActor` / `*ReadActor` / `*Store` split, no new public `post-banner` CLI, no new `.refactor-loop` production SSOT, and no new Old/New refactor-history source comments under `HOST_REFACTOR_COMMENT_POLICY=none`.
⟦AI:AUTO-LOOP⟧
REVIEW_DONE:383:architect:approve⟦AI:AUTO-LOOP⟧ |
Contributor
Author
🤖 tests reviewer 批准 PR #383TL;DR
详细说明我按三点 diff 检查了实际测试文件,不只看 rollup 摘要。新增逻辑对应的测试覆盖到 host branch fail-closed、banner controller action owner gate、release-commits host review base、dev-sync/executor branch env fail-closed、Claude publication boundary、wakeup host-env locator,以及相关 source-regression guard。 PR head 上运行 touched test modules 通过: 📎 完整 codex 原始输出(存档备查)---
pr: 383
role: tests
verdict: approve
---
## Verdict
Test coverage and test quality are adequate for the diff.
## Evidence
- `skills/codex-refactor-loop/scripts/test_controller_actions.py:69` covers the new fail-closed host branch requirement, and `test_pr_open_helpers_do_not_use_legacy_branch_alias_values` asserts real `gh`/`git` arguments use canonical host branch values instead of legacy aliases.
- `skills/codex-refactor-loop/scripts/test_controller_actions.py:139` covers the new controller-owned banner posting path with active-controller gating, target normalization, body sentinel preservation, temp-file cleanup, non-owner no-side-effect behavior, and invalid-target blocking.
- `skills/codex-refactor-loop/scripts/test_release_commits.py:243` and `:254` cover both sides of the release-commits branch change: missing `REVIEW_BASE_BRANCH` fails closed without overwriting stale artifacts, and omitted `--target-ref` resolves through the host review base.
- `skills/codex-refactor-loop/scripts/test_sync_dev.py:567` and `test_sync_operations_executor.py:337` cover missing or blank branch env for daemon config and operation execution, including the important "before git fetch" no-side-effect assertion.
- `skills/codex-refactor-loop/scripts/test_runtime_exception_authorization_sources.py:702`, `test_source_publication_boundary.py:36`, and `test_wakeup_plan.py:605` add source-regression or behavior checks for the new no-regression rules: public `post-banner` CLI removal, `.claude/skills` publication boundary, and host-env locator bootstrap behavior.
- I found no added sleep/delay pacing, `[Skip]`/manual-test bypass, weakened assertions, or bump-only tests in the touched test diff.
- Verification run at PR head `origin/rollup/cc59a6dc11eae631850cae08c3748572acaa83c8`: `python3 -m unittest` over the 12 touched test modules passed, `Ran 292 tests in 20.663s OK`.
⟦AI:AUTO-LOOP⟧
REVIEW_DONE:383:tests:approve⟦AI:AUTO-LOOP⟧ |
Contributor
Author
📊 review-gate 共识 — MERGE_WITH_COMMENTS,合并到 dev(❌ 不需要人介入)
Surfaced comment(quality,advisory 不阻塞):#373 引入的 required branch-env 校验在 3 处重复( 动作:即刻 ready + squash-merge 到 dev。 🤖 controller status banner ⟦AI:AUTO-LOOP⟧ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary / 摘要
Release rollup:
auto-refact-dev→dev,纳入 7 个已合并 commit(beta.6 周期)。closed_label_reconciler收窄回 phase-only terminal reconciliation(fix(#370): closed_label_reconciler 收窄回 phase-only terminal reconciliation,修 daemon 崩死 #375).claude/skillssymlink,改为 ignored 本地 setup(fix(#374): 删除 tracked .claude/skills symlink 改为 ignored local setup #377)wakeup-planbootstrap host-env 检查下沉LoopContext,去硬编码(fix(#372): wakeup-plan bootstrap host-env 检查下沉 LoopContext #378)ControllerActions.post_status_banner(+[goal] 多设备并发协作 — 多台机器同时安全跑 codex-refactor-loop(下次发版) #191 owner gate)(structural(#371): 删公共 post-banner CLI 迁 ControllerActions.post_status_banner #379)HOST_REFACTOR_COMMENT_POLICY=none的 refactor-history 源注释Scope / 范围
7 commits,
auto-refact-dev领先dev7。各 cluster PR 已过 review-gate 共识 + CI 绿后合入 integration 分支;policy=none 违反已在 trunk 清理(上一 rollup #382 的 architect reject 已闭环)。本 rollup 是 integration→review-base 的并行人审闸。说明
beta.6 发版前把 integration 分支批量推进到 dev。release-gate 仍需全绿(当前唯一红
fresh_heartbeats=#380 reconciler crash-loop,design-consensus 收敛中)+ host opt-in 才发版;不在红信号发版。🤖 Auto-loop / codex-refactor-loop release-rollup
⟦AI:AUTO-LOOP⟧