Private
Public Access
0
0
Commit Graph

3429 Commits

Author SHA1 Message Date
ed 9f9fcf93e1 conductor(track): plan for result_migration_small_files_20260617 2026-06-17 18:20:06 -04:00
ed 0aa00e394d conductor(track): spec for result_migration_small_files_20260617 (sub-track 2 of 5) 2026-06-17 18:19:42 -04:00
ed 87f273d044 Merge branch 'master' of C:\projects\manual_slop into tier2/result_migration_review_pass_20260617 2026-06-17 17:21:27 -04:00
ed dc5e581368 chore(track): archive throw-away scripts for result_migration_review_pass_20260617 (4 helper scripts + sites_to_classify.json) 2026-06-17 17:02:27 -04:00
ed 8be3d52ed1 docs(report): add TRACK_COMPLETION_result_migration_review_pass_20260617 (end-of-track report) 2026-06-17 17:01:19 -04:00
ed 3347926717 conductor(track): mark result_migration_review_pass_20260617 as completed (all 22 tasks done; all 11 test tiers PASS) 2026-06-17 16:58:19 -04:00
ed a6d00f0057 conductor(plan): mark t6_1 and t6_2 complete (audit verified, all 11 test tiers PASS) 2026-06-17 16:55:54 -04:00
ed f6c7a81595 docs(reports): TRACK_COMPLETION_tier2_sandbox_hardening_20260617
End-of-track report for the 4 sandbox bugs hit by the first Tier 2
run (send_result_to_send_20260616) and the audit infrastructure
added to prevent regression. 5 fixes (4 bugs + 1 audit) shipped as
6 atomic commits on master.

See the report for:
- Per-fix description, root cause, and file:line refs
- Live clone state after the fixes
- 38 default-on + 3 opt-in test inventory
- 4 conventions established
- Next steps for the user (re-run, merge review branch, etc.)
- Known follow-ups NOT in this track
2026-06-17 16:35:44 -04:00
ed 7baef97d2c feat(audit): add no-temp-writes audit + regression test
Tier 2 sandbox invariant: no production script under ./scripts/ may
write to the global %TEMP% directory (C:\\Users\\Ed\\AppData\\Local\\
Temp\\). All scratch / intermediate files must live in:
- ./tests/artifacts/  (for test artifacts)
- C:\\Users\\Ed\\AppData\\Local\\manual_slop\\tier2\\  (for app data)

Writing to %TEMP% breaks the sandbox boundary: the OpenCode session
fires the 'ask' prompt for paths outside the project root, halting
autonomous ops (the 2026-06-17 bug with audit_exception_handling.py
output being written to %TEMP% by the agent's shell redirection).

Convention enforcement (per conductor/workflow.md Audit Script Policy):

- scripts/audit_no_temp_writes.py: the canonical audit. Same shape
  as scripts/audit_exception_handling.py: --json for machine output,
  --strict for the CI gate (exits 1 on any violation). Patterns
  cover tempfile module, os.environ['TEMP'], C:\Users\Ed\AppData\Local\Temp, %TEMP%,
  /tmp/, etc. Excludes the throw-away archive at scripts/tier2/
  artifacts/ and itself (so it can find its own pattern defs).

- tests/test_no_temp_writes.py: default-on regression test. Calls
  the audit with --strict and asserts exit 0. If a new script
  under ./scripts/ ever uses %TEMP%, the test fails and CI breaks.

Current state: CLEAN. All 36 tier2 tests pass (1 new + 16 slash
command spec + 13 failcount + 6 opt-in). Sanity-checked: dropping
a fake 'import tempfile' script into ./scripts/ triggered exit 1
with 'FOUND 1 matches: scripts/_test_temp_check/test_uses_temp.py:1:
import tempfile'.

Future: also add a corresponding deny rule to the sandbox bash
permission in a follow-up if needed (already added in 03c9df84 for
the agent's own bash). The audit + test is the structural guard.
2026-06-17 16:30:50 -04:00
ed 428ff64de9 conductor(plan): mark Phase 5 complete (report written + umbrella spec updated) 2026-06-17 16:21:27 -04:00
ed a152903871 docs(track): update result_migration_20260616 with post-review scope (sub-track 4 gains 1 site; all others unchanged) 2026-06-17 16:20:04 -04:00
ed 08faeee7f6 docs(report): add result_migration_review_pass report (43 sites classified, 10 heuristics added, 21 UNCLEAR reclassified) 2026-06-17 16:18:14 -04:00
ed 662b6e8aba conductor(plan): mark Phase 4 complete (10 heuristics added; UNCLEAR 24->3 in review scope) 2026-06-17 16:17:02 -04:00
ed f26091941c feat(scripts): add heuristics to audit_exception_handling for review pass patterns (10 new heuristics + tests) 2026-06-17 16:15:16 -04:00
ed 03c9df8450 fix(tier2): deny %TEMP% writes - use app-data dir for temp files
The Tier 2 agent wrote audit_exception_handling.py output to
C:\\Users\\Ed\\AppData\\Local\\Temp\\audit_initial.json via shell
redirection. This is OUTSIDE the sandbox allowlist (which is
C:\\projects\\manual_slop_tier2 + C:\\Users\\Ed\\AppData\\Local\\
manual_slop\\tier2 + C:\\Users\\Ed\\AppData\\Local\\manual_slop\\
tier2_failures). The OpenCode session-level guard fires the 'ask'
prompt for paths outside the project root, which has no answer in an
autonomous session, so ops halted mid-track.

Fix (3 layers):

1. opencode.json.fragment: add bash deny rule
   '*AppData\\Local\\Temp\\*': 'deny' to BOTH the top-level
   permission.bash (for default agents) and the tier2-autonomous
   agent's permission.bash. The agent physically cannot run shell
   commands that target the global Temp dir.

2. conductor/tier2/agents/tier2-autonomous.md: add 'Temp files'
   convention telling the agent to use
   C:\\Users\\Ed\\AppData\\Local\\manual_slop\\tier2\\ for scratch
   / audit-output / intermediate files, NOT %TEMP%.

3. conductor/tier2/commands/tier-2-auto-execute.md: same convention
   in the slash command so the agent sees it at slash-command time.

Tests (default-on):
- test_agent_denies_temp_writes: agent prompt has the Temp deny in
  frontmatter bash + the app-data dir note
- test_config_fragment_denies_temp_writes: both top-level and agent
  bash have the deny rule

All 16 tier 2 slash command tests pass.

Also: cleaned up the leaked audit_initial.json + audit.json +
audit_after*.json from %TEMP% (they were leftovers from a prior
run). Re-ran setup against the live clone; opencode.json's agent
bash and top-level bash both have the deny rule.
2026-06-17 16:13:19 -04:00
ed 8b954ee180 conductor(plan): mark Phase 3 complete (19 INTERNAL_RETHROW sites classified: 7 PATTERN_1 + 2 PATTERN_2 + 9 compliant + 0 migration-target) 2026-06-17 15:57:33 -04:00
ed 27153d89ea docs(track): result_migration_review_pass decisions for src/warmup.py INTERNAL_RETHROW (1 compliant + 0 migration-target) 2026-06-17 15:56:16 -04:00
ed af47b3eaa2 conductor(plan): mark t3_6 complete (src/models.py INTERNAL_RETHROW review) 2026-06-17 15:55:44 -04:00
ed 9d8be94edf docs(track): result_migration_review_pass decisions for src/models.py INTERNAL_RETHROW (1 compliant + 0 migration-target) 2026-06-17 15:55:10 -04:00
ed 306895f667 conductor(plan): mark t3_5 complete (src/api_hooks.py INTERNAL_RETHROW review) 2026-06-17 15:54:44 -04:00
ed d98f8f92c6 docs(track): result_migration_review_pass decisions for src/api_hooks.py INTERNAL_RETHROW (2 PATTERN_2, same site) 2026-06-17 15:54:13 -04:00
ed e3600545bf conductor(plan): mark t3_4 complete (src/gui_2.py INTERNAL_RETHROW review) 2026-06-17 15:53:37 -04:00
ed 5aef87df28 docs(track): result_migration_review_pass decisions for src/gui_2.py INTERNAL_RETHROW (2 compliant + 0 migration-target) 2026-06-17 15:53:07 -04:00
ed 443946f8b3 conductor(plan): mark t3_3 complete (src/app_controller.py INTERNAL_RETHROW review); add rethrow_sites_compliant metric 2026-06-17 15:52:36 -04:00
ed 98b22b7298 docs(track): result_migration_review_pass decisions for src/app_controller.py INTERNAL_RETHROW (3 compliant + 0 migration-target) 2026-06-17 15:51:56 -04:00
ed 51a45099ef conductor(plan): mark t3_2 complete (src/rag_engine.py INTERNAL_RETHROW review) 2026-06-17 15:51:19 -04:00
ed 7569cc970d docs(track): result_migration_review_pass decisions for src/rag_engine.py INTERNAL_RETHROW (2 PATTERN_1/2 + 2 compliant + 0 migration-target; noted audit script bug) 2026-06-17 15:50:45 -04:00
ed 7804ebd015 conductor(plan): mark t3_1 complete (src/ai_client.py INTERNAL_RETHROW review) 2026-06-17 15:15:10 -04:00
ed 19bc5fb9de docs(track): result_migration_review_pass decisions for src/ai_client.py INTERNAL_RETHROW (6 PATTERN_1, 0 migration-target) 2026-06-17 15:14:39 -04:00
ed 2b34b8fc11 conductor(plan): mark Phase 2 complete (24 UNCLEAR sites reviewed: 23 compliant + 1 migration-target) 2026-06-17 15:12:29 -04:00
ed 4ac5b8ae2d docs(track): result_migration_review_pass decisions for src/multi_agent_conductor.py UNCLEAR (1 compliant + 0 migration-target) 2026-06-17 15:11:43 -04:00
ed 31a40dd9c6 conductor(plan): mark t2_5 complete (src/models.py UNCLEAR review) 2026-06-17 15:10:57 -04:00
ed c9e84c0515 docs(track): result_migration_review_pass decisions for src/models.py UNCLEAR (2 compliant + 0 migration-target) 2026-06-17 15:10:24 -04:00
ed 3119d90170 conductor(plan): mark t2_4 complete (src/app_controller.py UNCLEAR review) 2026-06-17 15:09:57 -04:00
ed 9003cce36f docs(track): result_migration_review_pass decisions for src/app_controller.py UNCLEAR (2 compliant + 0 migration-target) 2026-06-17 15:09:26 -04:00
ed f71af2febe conductor(plan): mark t2_3 complete (src/ai_client.py UNCLEAR review) 2026-06-17 15:08:55 -04:00
ed cf3d88bf65 docs(track): result_migration_review_pass decisions for src/ai_client.py UNCLEAR (2 compliant + 0 migration-target) 2026-06-17 15:08:25 -04:00
ed 91b3337a18 conductor(plan): mark t2_2 complete (src/mcp_client.py UNCLEAR review) 2026-06-17 15:07:32 -04:00
ed 1c07e978bc docs(track): result_migration_review_pass decisions for src/mcp_client.py UNCLEAR (4 compliant + 0 migration-target) 2026-06-17 15:07:01 -04:00
ed f94d77eab8 conductor(plan): mark t2_1 complete (src/gui_2.py UNCLEAR review) 2026-06-17 15:05:58 -04:00
ed f004b58e4b docs(track): result_migration_review_pass decisions for src/gui_2.py UNCLEAR (12 compliant + 1 migration-target) 2026-06-17 15:05:26 -04:00
ed bd13bd7d06 conductor(plan): mark Phase 1 setup tasks complete (t1_1, t1_2) 2026-06-17 15:02:45 -04:00
ed 3ec601d4da fix(tier2): override top-level model to MiniMax-M3
The clone's opencode.json inherited the main repo's top-level 'model'
field (zai/glm-5) via 'git clone'. The tier2-autonomous agent has its
own 'model: minimax-coding-plan/MiniMax-M3' override, so the default
agent path was technically correct, but any other agent spawned without
an explicit model (or if the user manually switched to build/plan)
would have used zai/glm-5 instead of MiniMax-M3.

Fix:
1. Add top-level 'model: minimax-coding-plan/MiniMax-M3' to
   conductor/tier2/opencode.json.fragment.
2. setup_tier2_clone.ps1 merge now overrides 'model' from the fragment
   (was only overriding agent, permission, default_agent).
3. Added test_config_fragment_has_top_level_model (default-on) to
   assert the fragment's model field.
4. Added test_setup_script_overrides_model (opt-in TIER2_SANDBOX_TESTS=1)
   to assert the merge code.

All 17 tests pass (14 default-on + 3 opt-in).

Verified: re-ran setup against the live clone; opencode.json's
top-level 'model' is now minimax-coding-plan/MiniMax-M3.
2026-06-17 14:50:01 -04:00
ed 396eb82c1a conductor(track): init result_migration_review_pass_20260617 (sub-track 1 of 5)
Sub-track 1 of the 5-sub-track result_migration_20260616 campaign.
Audit-driven research task: classify 43 ambiguous exception-handling sites
(24 UNCLEAR + 19 INTERNAL_RETHROW across 11 files) and update the
audit script's heuristics. No production code change.

Scope: 11 files, 43 sites, T-shirt S. The per-site decisions feed
sub-tracks 2-4 (small_files, app_controller, gui_2) as their starting
migration scope.

Files: spec.md, plan.md, metadata.json, state.toml under
conductor/tracks/result_migration_review_pass_20260617/. Row added
to conductor/tracks.md.
2026-06-17 14:45:52 -04:00
ed fd5175bf7b fix(tier2): override MCP server path + reset mcp_paths.toml in clone
Follow-up to 9cd85364. The previous fix patched the OpenCode session-
level permission.read/write allowlist to include the sandbox clone
path, but Tier 2 was still hitting 'ACCESS DENIED' on clone paths.

Root cause: the MCP server has its OWN allowlist that's separate from
OpenCode's session-level permission. The MCP server's allowlist =
project_root (parent dir of the script) + extra_dirs from
mcp_paths.toml in the project root. The clone inherited the main
repo's mcp.manual-slop.command via 'git clone', which launched
C:\\projects\\manual_slop\\scripts\\mcp_server.py with
PYTHONPATH=C:\\projects\\manual_slop\\src. So the MCP server was
using the main repo's project_root + the main repo's mcp_paths.toml
(extra_dirs=['C:/projects/gencpp']) -- exactly the
'Allowed base directories are: gencpp, manual_slop' the user saw.

Fix: setup_tier2_clone.ps1 now overrides the clone's mcp.manual-slop
config to point at the CLONE's scripts/mcp_server.py and src/, and
replaces the clone's mcp_paths.toml with an empty extra_dirs list.
The MCP server's allowlist becomes [C:\\projects\\manual_slop_tier2]
only -- the sandbox boundary.

Added test_setup_script_overrides_mcp_server (text-based regression)
to assert the script contains the required overrides. Opt-in via
TIER2_SANDBOX_TESTS=1.

Verified: re-ran setup against the live clone. opencode.json now has
mcp.manual-slop.command pointing at C:\\projects\\manual_slop_tier2\\
scripts\\mcp_server.py with PYTHONPATH=C:\\projects\\manual_slop_tier2\\
src. mcp_paths.toml has 'extra_dirs = []'.
2026-06-17 14:42:10 -04:00
ed b6caca4096 test(theme_nerv): align alert test with kwargs call signature
Replace positional args[3..5] assertions with assert_called_once_with using
rounding=/thickness=/flags= kwargs to match the existing add_rect call in
src/theme_nerv_fx.py:AlertPulsing.render and the parallel test in
tests/test_theme_nerv_fx.py:TestThemeNervFx.test_alert_pulsing_render.

Fixes test_alert_pulsing_render_active IndexError that surfaced when the
positional contract was asserted against the kwargs-shaped production call.
2026-06-17 14:20:17 -04:00
ed 97d306449f Merge remote-tracking branch 'tier2-clone/tier2/send_result_to_send_20260616'
# Conflicts:
#	manualslop_layout.ini
2026-06-17 13:46:58 -04:00
ed d626ee4625 config 2026-06-17 13:46:40 -04:00
ed 9cd8536455 fix(tier2): top-level permission allowlist - sandbox paths now enforced
Regression: a Tier 2 session was denied access to
C:\\projects\\manual_slop_tier2\\scripts\\run_tests_batched.py
with 'Allowed base directories are: gencpp, manual_slop'. The
tier2-autonomous agent had a correct permission.read allowlist, but
the top-level permission block (inherited from the main repo's
opencode.json via 'git clone') had no read/write keys, and OpenCode
uses the top-level for the default agent path. The agent's
permission.read was merged but apparently not enforced for the
default-agent access check.

Fix:
1. Add a top-level 'permission' block to
   conductor/tier2/opencode.json.fragment with:
   - permission.edit: 'deny' (default agents locked down)
   - permission.read: deny *, allow sandbox clone + app-data dirs
   - permission.write: same
   - permission.bash: deny *, allowlist of read-only git commands +
     uv run python scripts/{run_tests_batched.py,tier2/*} + basic
     shell commands. git push/checkout/restore/reset remain denied.

2. Update setup_tier2_clone.ps1 to also patch the top-level
   'permission' block (was only merging the tier2-autonomous agent
   block). The script preserves the user's mcp, model, instructions,
   watcher, and plugin settings from the inherited opencode.json.

3. Update test_tier2_slash_command_spec.py:
   - Rename test_command_fetches_origin_main -> ..._master (we
     changed the slash command on 2026-06-17).
   - Add test_config_fragment_has_top_level_permission to assert
     the new top-level permission block has the right deny-all +
     allowlist shape.

The tier2-autonomous agent's permission block is unchanged; it
overrides the top-level for that agent's tool calls.
2026-06-17 13:43:53 -04:00
ed 4b5d5caa8b docs(tier2): hand off to tier 1 - architectural investigation of stack overflow
User indicated they want tier 1 to investigate ('something feels
architecturally wrong'). Investigation summary:

ROOT CAUSE: imgui.set_window_focus('Response') called on the same
frame as the response render, when _trigger_blink is set by
_handle_ai_response. The native call exhausts the main thread's
1.94MB stack.

VERIFIED: disabling _trigger_blink and _autofocus_response_tab makes
the test PASS. The process survives, the response event arrives with
correct error text.

HISTORY CHECK (git log -S):
- _trigger_blink: pre-existing since March 2026 (c88330cc feat(hot-
  reload) Exhaustive region grouping for module-level render funcs)
- _autofocus_response_tab: pre-existing since March 6 2026 (0e9f84f0
  'fixing')
- set_window_focus in render_response_panel: pre-existing since
  96a013c3 'fixes and possible wip gui_2/theme_2 for multi-viewport'
- response event flow: pre-existing since 68861c07 feat(mma):
  Decouple UI from API calls using UserRequestEvent and AsyncEventQueue
- FR1 (send_result error routing): commit 24ba2499 (Jun 15 2026) in
  public_api_migration_and_ui_polish_20260615 track

The jank is OLDER than the user thinks. The most likely explanation:
the test was never run as part of the regular tier-3 batch, so the
crash was masked by the Isolated-Pass Verification Fallacy.

QUESTIONS FOR TIER 1:
1. Is _trigger_blink a sound design?
2. Should imgui focus changes be deferred to next frame's idle phase?
3. Is there a general principle that no native imgui call should be
   made during the same frame as a draw call?

PROPOSED MINIMAL FIX: defer set_window_focus to next frame's idle
phase via a _pending_focus_response flag handled in
_process_pending_gui_tasks (which runs before the render).
2026-06-17 13:40:12 -04:00