Harden author-run reporting and mutation capability proof: Controller Handoff, exact issue-claim capability, exact sweep evidence, PR head SHA #183
Closed
opened 2026-07-05 14:22:16 -05:00 by jcwalker3
·
3 comments
No Branch/Tag Specified
master
fix/issue-709-decision-lock-cross-profile
fix/issue-695-native-transport-quarantine
fix/issue-698-report-validator-schema
fix/issue-702-stale-binding-lease-recovery
fix/issue-699-structured-auth-mcp-errors
fix/issue-695-native-quarantine-v2
fix/issue-693-review-decision-lock-recovery
fix/issue-691-obsolete-reviewer-lease-cleanup
feat/issue-687-reconciler-branch-delete
fix/issue-683-workflow-guard-hardening
chore/issue-681-preserve-review-session-wip
feat/issue-604-anti-stomp-preflight
feat/issue-606-sentry-observability
fix/issue-671-block-stable-branch-push
fix/issue-675-residual-preflight-remediation
fix/issue-673-remediate-regressions-part2
fix/issue-673-remediate-regressions
feat/issue-603-lifecycle-labels
fix/issue-627-set-issue-labels-pagination
feat/issue-601-first-class-leases
feat/issue-612-incident-bridge
feat/issue-600-controller-allocator-api
fix/issue-620-head-scoped-review-locks
feat/issue-613-allocator-db-substrate
docs/mcp-stable-control-runtime-policy
feat/issue-609-prepared-review-verdict-resume
feat/issue-610-live-remote-parity
feat/issue-503-reviewer-active-worktree
feat/issue-470-preflight-contract
feat/issue-440-lock-recovery
feat/issue-440-branch-recovery
feat/issue-458-queue-fail-closed-copy
feat/issue-400-early-duplicate-work-gate
feat/issue-308-reconcile-inventory-pagination
feat/issue-308-reconcile-pagination-proof
docs/issue-261-agent-temp-artifact-cleanup
feat/issue-262-map-commit-files
fix/infra-stop-conflict-marker-false-positive
feat/issue-139-role-aware-task-routing
feat/issue-188-continuation-selection-wall
feat/issue-189-continuation-mode-proofs
feat/issue-232-refresh-wiki-proof-heads
feat/issue-210-block-workspace-edits
feat/issue-204-exact-issue-lock
docs/issue-80-label-taxonomy
docs/issue-79-safety-boundary-updates
v1.1.0
Labels
Clear labels
allocator
anti-stomp
architecture
bug
chore
codex
concurrency
contamination
control-plane
dashboard
database
design
documentation
enhancement
gitea
glitchtip
important
incident
incident-bridge
integration
jenkins
labels
leases
mcp
mcp-health
mcp-menu
multi-project
mutating
nice-to-have
observability
portability
preflight
protected-branch
queue
read-only
reconnect
recovery
refactor
release
reliability
resumable-review
reviewer
roadmap
safety
security
self-hosted
sentry
stale-runtime
status:blocked
status:in-progress
status:pr-open
status:ready
terminal-lock
testing
tracker
type:bug
type:feature
type:feature
type:guardrail
visibility
workflow
workflow-hardening
workflow-hardening
Controller-owned work allocator
Prevent concurrent LLM session stomping
Architecture / structural design
OpenAI Codex client / workflow session surface
Concurrent session safety
Workflow or session contamination incident
MCP control-plane coordination and allocation authority
MCP operational dashboard/queue view
Internal coordination storage (SQLite/Postgres)
Design / investigation, no implementation
Docs / runbooks
New feature or improvement
Gitea MCP workflow
GlitchTip integration
Operational or process incident requiring durable audit trail
Sentry-to-Gitea incident bridging
Integration testing
Jenkins integration
Label taxonomy management
Lease adopt/release/expire lifecycle
MCP server / tooling
MCP namespace and runtime health
MCP menu surface
Work spanning multiple monitoring projects or Gitea repos
Mutating action; requires gating
Observability, metrics, traces, error reporting
Cross-platform / portability
Shared preflight gates before mutation
Protected branch / stable-branch policy concern
Work queue visibility and allocation
Read-only, no mutation
MCP client reconnect/reload recovery path
Recovery paths for stale/foreign leases
Code refactor / restructure
Release / versioning
Reliability / failure handling
Persist and resume prepared review verdicts across sessions
Reviewer workflow tooling
Roadmap / umbrella issue
Safety rails and fail-closed mutation guards
Security / trust boundary
Self-hosted infrastructure integration
Sentry error monitoring integration
Stale backend daemon / runtime-vs-master parity failures
Issue is blocked
Issue is being worked on
Issue has an open pull request
Issue is ready for work
Terminal review lock (#332) path
Tests / test coverage
Issue tracker hygiene / meta
Bug or defect
Feature or enhancement
Feature or enhancement
Safety gate or guardrail
Workflow state visibility for LLMs/operators
Cross-tool workflow
LLM workflow coordination hardening
LLM workflow coordination hardening
No labels
Milestone
No items
No Milestone
Projects
Clear projects
No projects
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Scaled-Tech-Consulting/Gitea-Tools#183
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Problem:
A Grok author run selected Gitea-Tools issue #178, created branch
feat/issue-178-fix-test-suite-stdout-capture, and opened PR #180 (headff4ab500df8447f4409b3e9cc262520e8076d806at filing time). The run was safe — it usedjcwalker3 / prgs-author, did not review/approve/merge, checked both configured repositories, and stopped after PR creation — but it exposed several remaining author-side workflow/reporting gaps that no existing open issue covers as a unit.Observed gaps (evidence: the Grok run's final report):
Missing Controller Handoff.
The final report was detailed but did not include a compact
Controller Handoffblock (SKILL.md §K). Future controllers must not have to manually extract branch, PR, validation, status, and next action from a long report.Unknown capability treated as allowed for the issue claim.
The report says:
gitea_mark_issue task resolve unknown but profile permits issue ops; used per workflow skill. This is not acceptable as A-level proof. If a mutation task is unknown to the capability resolver, the workflow must not treat general profile permissions as equivalent to exact capability proof. It must either resolve the exact mutation capability, use a known allowed lower-level operation with explicit proof, or fail closed.Validation did not fully prove the linked issue's acceptance.
Issue #178 is about fixing pytest stdout capture so junitxml is not required, but the report did not clearly prove that
./venv/bin/python -m pytest tests/ --ignore=branchesnow prints a normal pytest summary without the junitxml workaround (it reported targeted tests, "full relevant" tests, and subprocess pipe capture instead). Issue-specific canonical validation must be shown with the exact visible summary.Secret/provenance sweep was not exact.
The report cites
tests/test_clear_provenance.pyand says the staged diff was clean, but does not include the exact diff-level scan command, pattern, or script used. Sweeps must state exact command/method and scope.PR head SHA missing from the final report.
The report gives the branch but not the final PR #180 head SHA. Controller handoffs must include the branch and the exact head commit.
Required behavior:
Controller Handoffsection.Tests / harness assertions:
Acceptance criteria:
Related:
review_proofs.py) to author final reports.build_commit_push_report.gitea_mark_issue-style claim operations).Claimed for implementation as author (profile prgs-author). Branch: feat/issue-183-harden-author-run-reporting.
Note: gitea_resolve_task_capability for mark_issue unknown (as in prior runs); using comment claim per exact-capability discipline. No status:in-progress label applied via mark.
Scope: implement the gaps listed: require Controller Handoff in reports, exact capability for claim, exact sweep evidence, include PR head SHA.
Refs #183
PR #187 opened with the hardenings: mark_issue in capability map, controller_handoff assessor + integration, tests, doc updates for exact handoff/sweep/head SHA.
Author profile throughout. Fresh branch, scoped, checks passed.
Closes #183
Additional resolver-coverage gap:
edit_pr(observed during PR #203 remediation)Observed gap:
During PR #203 author remediation, the review blocker required adding
Closes #199linkage to the PR body.gitea_resolve_task_capability('edit_pr')returnedUnknown task/action: 'edit_pr' (fail closed), so the author correctly failed closed and could not update the PR body. The agent fell back to a PR comment carrying the linkage plus a merger instruction — but a PR comment is not equivalent to PR body linkage when auto-close semantics are required: Gitea only auto-closes from the PR body's closing keywords.This is the same failure class as the
mark_issuegap already tracked here (gap 2): a legitimate, profile-appropriate author mutation with no resolver task name, forcing either an unprovable mutation or a semantically weaker fallback.Required wall (additive to this issue's list):
Acceptance criteria (additive):
gitea_resolve_task_capability(edit_pr)resolves to the exact profile permission required.gitea.pr.comment,gitea.pr.create) never authorizes a body edit.Evidence pointer: PR #203 comment 3391 (the remediation report that hit this gap); the
gitea_edit_prMCP tool exists but has no resolver task mapping. Related: #191 requirement 4 (exact capability per mutation type, including label changes) —edit_prbelongs in the same capability-map expansion asmark_issue/label operations.