Resolve task_capability_map.py conflict by keeping all three capability
entries: commit_files and gitea_commit_files (gitea.repo.commit, #262,
from master) and reconcile_merged_cleanups (gitea.read, #269, this
branch). Capability boundaries unchanged — reconciliation reporting stays
read-only; no close/merge capability broadened.
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
route_task_session now calls assess_infra_stop() live instead of
check_mid_merge(). Update TestMCPHealth.test_route_task_session_blocks_during_merge
to mock the infra-stop assessment path and assert infra_stop_assessment
is returned when blocked.
Part of #285 / PR #286 review fix.
Reviewer reports treated 'git fetch prgs master' as read-only
diagnostics while claiming 'Git/worktree mutations: None'. Fetch edits
no files but updates remote-tracking refs, so hiding it under
diagnostics understates what the run mutated.
Add git_ref_mutating_commands() classifying fetch, pull, push, merge,
update-ref, remote update, branch -d/-D, and reset --hard as git ref
mutations, and assess_git_ref_mutation_report() which fails a report
when ref-updating commands ran but the report lacks a non-none 'Git ref
mutations' entry, omits 'fetched <remote>/<branch>' for a targeted
fetch, still claims 'Git/worktree mutations: None', or lists the
command under read-only diagnostics.
Tests cover fetch-only review, missing ledger entry, missing fetch
target, contradictory none-claim, read-only misclassification, worktree
creation (not a ref mutation), merge, cleanup branch deletion,
no-mutation blocked handoff, and dict command-log entries.
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Return wrapped {prs, pagination} from gitea_list_prs with has_more,
inventory_complete, and page traversal via api_fetch_page. Route
gitea_review_pr inventory through gitea_list_prs so trust gates can
prove pagination finality. Add assess_list_prs_pagination_proof verifier.
Closes#340
Extend review_proofs with assess_create_issue_final_report to enforce
workflow-source proof, create-issue handoff schema fields, and rejection
of work-issue/review-merge cross-mode handoff fields.
Closes#337
Introduce assess_mutation_ledger_report so reviewer final reports cannot
claim no file edits when the action log records performed mutations.
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Consolidate all four canonical workflow files and router SKILL.md:
- review-merge-pr.md (from #334 canonical prompt)
- reconcile-landed-pr.md (reconciliation gates + handoff schema)
- create-issue.md (canonical issue-creation prompt)
- work-issue.md (canonical author/coder prompt)
SKILL.md is now a short router with mode isolation and universal rules.
Adds final-report schemas for all modes and 13 doc-contract tests.
Supersedes partial split work in PR #335; full #333 acceptance in one PR.
Closes#334
- Add workflows/review-merge-pr.md with reviewer-only gates and steps
- Add schemas/review-merge-final-report.md with mutation ledger fields
- Turn SKILL.md into task-mode router; replace inlined §F/§G with links
- Point review/merge templates at extracted workflow
- Add doc-contract tests for split structure
Part of #333.
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Workflow reports included the authenticated user's personal email even
when username/profile identity was sufficient (observed: 'Identity:
jcwalker3 / [email protected]' in a reconciliation handoff).
Add format_identity_summary() producing the canonical no-email identity
line ('<username> / <profile>' with optional role/remote, reducing an
email passed in the username slot to its local part), and
assess_email_disclosure() flagging personal email addresses in report
text unless the report itself justifies the disclosure (tool proof,
explicit request, or identity disambiguation).
Tests cover no-email summaries for author and reviewer identities,
role/remote suffixes, email-in-username reduction, clean reports,
single and multiple unjustified disclosures, and justified
disambiguation.
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Resolve _GUIDE_RULES conflict by keeping both operator guide keys:
shell_spawn_hard_stop (#258, landed on master via PR #281) and
subagent_delegation (#266, this branch).
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Introduce assess_request_changes_approval_proof in review_proofs.py so
review workflows can fail closed when approving an unchanged head after a
prior REQUEST_CHANGES unless explicit override proof is provided.
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Adds subagent_gate.py following the author_proofs/review_proofs pure-policy
pattern:
- assess_subagent_delegation: deterministic write tasks (issue claim,
branch creation, code edits, commits, PR creation, review, merge,
cleanup) are blocked for subagents unless explicitly allowed with a
recorded justification and the full inherited gate context (issue lock,
branch/worktree path, identity/profile, allowed tool class, command
deny list, validation ledger requirement, final report schema);
read-only delegation stays allowed; unknown task types fail closed.
- validate_subagent_report: subagent output is accepted only when it
carries the same proof fields as a parent workflow final report.
- Operator guide: new subagent_delegation rule in _GUIDE_RULES so MCP
clients discover the policy.
- tests/test_subagent_gate.py: 13 tests covering blocked write
delegation, justification requirement, missing/blank inherited
context, allowed read-only delegation, unknown tasks, and invalid
subagent final reports.
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Introduce validation_ledger with command ledger format, full-suite claim
checks, and structured final-report verification so sessions cannot
overclaim validation or misreport review/merge state.
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Add assess_infra_stop() to scan git state and conflict markers on each
reviewer capability check, return the exact conflict path in responses,
and clear stale capability-stop terminal state once the worktree is clean.
Closes#285
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
test_skip_scan_walk_root_skips_sibling_worktrees_only derived its
fixture paths from __file__, so the branches/ sibling-worktree skip
assertion only held when the suite ran from a branches/<slug> worktree
whose orchestration checkout has a real branches/ directory —
skip_python_scan_walk_root skips a branches/ walk root only when
<project_root>/branches exists on disk. From the main checkout or any
plain clone the test failed with 'AssertionError: False is not true'.
Build the <main>/branches/<worktree> layout in a TemporaryDirectory and
assert against those paths instead. All four behavioural assertions are
preserved and no production code changes.
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Document default tool-call and wall-time budgets for deterministic MCP
work, forbid subagent commit delegation when gitea_commit_files is
available, and pin the rules in runbooks, portable skill, operator guide,
and doc-contract tests.
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Implement gitea_reconcile_merged_cleanups with dry-run reporting for merged
PR remote branches and local branches/ worktrees, plus confirmation-gated
execute mode. Safety gates cover protected branches, open PR references,
active issue locks, dirty worktrees, and delete_branch capability.
Closes#269
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Allow issue lock from base-equivalent branches/ worktrees instead of
requiring the literal master/main branch name. Runtime preflight and
mark_issue/lock_issue now inspect the declared active task workspace so
dirty control-checkout state does not block clean task worktrees.
Closes#275
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Document MCP-native gitea_commit_files as the only approved commit path when
gitea.repo.commit is allowed; ban WebFetch, Playwright, and manual base64
workarounds in runbooks and safety model. Add doc tests.
Closes#260.
Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>