Merger cleanup is profile-local and reviewer initialization can destroy terminal decision-lock evidence #709
Open
opened 2026-07-13 23:48:59 -05:00 by jcwalker3
·
2 comments
No Branch/Tag Specified
master
fix/issue-709-decision-lock-cross-profile
fix/issue-695-native-transport-quarantine
fix/issue-698-report-validator-schema
fix/issue-702-stale-binding-lease-recovery
fix/issue-699-structured-auth-mcp-errors
fix/issue-695-native-quarantine-v2
fix/issue-693-review-decision-lock-recovery
fix/issue-691-obsolete-reviewer-lease-cleanup
feat/issue-687-reconciler-branch-delete
fix/issue-683-workflow-guard-hardening
chore/issue-681-preserve-review-session-wip
feat/issue-604-anti-stomp-preflight
feat/issue-606-sentry-observability
fix/issue-671-block-stable-branch-push
fix/issue-675-residual-preflight-remediation
fix/issue-673-remediate-regressions-part2
fix/issue-673-remediate-regressions
feat/issue-603-lifecycle-labels
fix/issue-627-set-issue-labels-pagination
feat/issue-601-first-class-leases
feat/issue-612-incident-bridge
feat/issue-600-controller-allocator-api
fix/issue-620-head-scoped-review-locks
feat/issue-613-allocator-db-substrate
docs/mcp-stable-control-runtime-policy
feat/issue-609-prepared-review-verdict-resume
feat/issue-610-live-remote-parity
feat/issue-503-reviewer-active-worktree
feat/issue-470-preflight-contract
feat/issue-440-lock-recovery
feat/issue-440-branch-recovery
feat/issue-458-queue-fail-closed-copy
feat/issue-400-early-duplicate-work-gate
feat/issue-308-reconcile-inventory-pagination
feat/issue-308-reconcile-pagination-proof
docs/issue-261-agent-temp-artifact-cleanup
feat/issue-262-map-commit-files
fix/infra-stop-conflict-marker-false-positive
feat/issue-139-role-aware-task-routing
feat/issue-188-continuation-selection-wall
feat/issue-189-continuation-mode-proofs
feat/issue-232-refresh-wiki-proof-heads
feat/issue-210-block-workspace-edits
feat/issue-204-exact-issue-lock
docs/issue-80-label-taxonomy
docs/issue-79-safety-boundary-updates
v1.1.0
Labels
Clear labels
allocator
anti-stomp
architecture
bug
chore
codex
concurrency
contamination
control-plane
dashboard
database
design
documentation
enhancement
gitea
glitchtip
important
incident
incident-bridge
integration
jenkins
labels
leases
mcp
mcp-health
mcp-menu
multi-project
mutating
nice-to-have
observability
portability
preflight
protected-branch
queue
read-only
reconnect
recovery
refactor
release
reliability
resumable-review
reviewer
roadmap
safety
security
self-hosted
sentry
stale-runtime
status:blocked
status:in-progress
status:pr-open
status:ready
terminal-lock
testing
tracker
type:bug
type:feature
type:feature
type:guardrail
visibility
workflow
workflow-hardening
workflow-hardening
Controller-owned work allocator
Prevent concurrent LLM session stomping
Architecture / structural design
OpenAI Codex client / workflow session surface
Concurrent session safety
Workflow or session contamination incident
MCP control-plane coordination and allocation authority
MCP operational dashboard/queue view
Internal coordination storage (SQLite/Postgres)
Design / investigation, no implementation
Docs / runbooks
New feature or improvement
Gitea MCP workflow
GlitchTip integration
Operational or process incident requiring durable audit trail
Sentry-to-Gitea incident bridging
Integration testing
Jenkins integration
Label taxonomy management
Lease adopt/release/expire lifecycle
MCP server / tooling
MCP namespace and runtime health
MCP menu surface
Work spanning multiple monitoring projects or Gitea repos
Mutating action; requires gating
Observability, metrics, traces, error reporting
Cross-platform / portability
Shared preflight gates before mutation
Protected branch / stable-branch policy concern
Work queue visibility and allocation
Read-only, no mutation
MCP client reconnect/reload recovery path
Recovery paths for stale/foreign leases
Code refactor / restructure
Release / versioning
Reliability / failure handling
Persist and resume prepared review verdicts across sessions
Reviewer workflow tooling
Roadmap / umbrella issue
Safety rails and fail-closed mutation guards
Security / trust boundary
Self-hosted infrastructure integration
Sentry error monitoring integration
Stale backend daemon / runtime-vs-master parity failures
Issue is blocked
Issue is being worked on
Issue has an open pull request
Issue is ready for work
Terminal review lock (#332) path
Tests / test coverage
Issue tracker hygiene / meta
Bug or defect
Feature or enhancement
Feature or enhancement
Safety gate or guardrail
Workflow state visibility for LLMs/operators
Cross-tool workflow
LLM workflow coordination hardening
LLM workflow coordination hardening
Milestone
No items
No Milestone
Projects
Clear projects
No projects
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Scaled-Tech-Consulting/Gitea-Tools#709
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Problem
The merge workflow can initialize and clean the merger profile’s empty decision lock while leaving the reviewer profile’s terminal lock untouched. A later reviewer session can then overwrite that unresolved reviewer evidence. If cleanup or audit publication is skipped, no durable fail-closed recovery record is guaranteed. This permanently destroys provenance and can leave an otherwise-approved PR blocked because truthful historical applied-cleanup evidence cannot be reconstructed.
Forensic evidence (do not fabricate history)
No historical claim of
applied=true+last_terminal_pr=696+pr_merged=trueis valid.Defect classes
Acceptance criteria
AC1 — Exact decision cleanup
Merge cleanup targets the reviewer decision/lock associated with the approval being consumed (verify repository, PR, head SHA, reviewer profile, review/session identity, terminal mutation before cleanup).
AC2 — No silent overwrite
Starting/initializing a reviewer session never overwrites unresolved terminal decision-lock evidence; fail closed or preserve/archive via auditable transition. Empty initialized lock must not erase a prior terminal ledger.
AC3 — Durable post-merge reconciliation
If PR merges but cleanup or audit publication fails, record durable recovery-required state (not undo merge). Survives restart; identifies merged PR, head, merge commit, target lock/profile, failed step, required recovery action.
AC4 — Audit publication
Successful cleanup is fully reconciled only after audit is published and read back (applied status, terminal PR, merged state, cleanup target profile/lock, operation/session IDs, timestamps, comment ID). Comment failure → retryable recovery-required without repeating unsafe mutations.
AC5 — Truthful irrecoverable-evidence recovery
Native, generic, tightly gated recovery for already-destroyed historical terminal evidence. Never emit
applied=trueor claim historical cleanup was proven. Distinct record (provenance_irrecoverable/operator_recovery_required). Scoped to repository, PR, exact head, incident/canonical evidence, operator authorization, safe-state verification. Auditable, idempotent, read back; not a broad approval/merge bypass. Define precise merger acceptance conditions. Do not hard-code PR #696, #703, or Incident #700.AC6 — Anti-stomp and replay safety
Cleanup, audit retry, and irrecoverable recovery are idempotent. Stale sessions / wrong heads / repos / profiles / reviews fail closed. Authorization for one PR/head cannot unblock another.
AC7 — Compatibility
Existing valid lock/audit records remain readable; legacy empty locks handled conservatively; schema/version changes have explicit validation/migration.
AC8 — Regression coverage
Tests for all scenarios in the implementation plan (merger-local empty while reviewer terminal remains; exact reviewer cleanup after merge; init overwrite attempt; audit-comment failure; restart/retry; duplicates; wrong identity; irrecoverable recovery without fabrication; cross-PR reuse; legacy compatibility; no gate regressions).
Non-goals
Links
Canonical Issue State
STATE:
ready-for-review
WHO_IS_NEXT:
reviewer
NEXT_ACTION:
Independent prgs-reviewer formal review of PR #710 at head
ec5cf67771against #709 AC1–AC8; do not merge PR #703; do not self-review as author.NEXT_PROMPT:
WHAT_HAPPENED:
Author created #709 (dedicated; #693 partial only), implemented AC1–AC8 in branches/fix-issue-709-decision-lock-cross-profile, full suite 2710 passed / 6 skipped, pushed
ec5cf67, opened PR #710 Closes #709. Linked Incident #700 comment 11489 and PR #703 comment 11495.WHY:
Merger profile-local empty locks cannot stand in for reviewer terminal cleanup; silent re-init overwrite and missing audit must fail closed with truthful recovery paths.
RELATED_PRS:
PR #710 (this fix); PR #703 remains open merge-blocked; PR #696 forensic context only.
BLOCKERS:
none for review start; PR #703 merge remains blocked until this repair lands and any sanctioned recovery is executed.
VALIDATION:
pytest focused 32 passed; full suite 2710 passed, 6 skipped, 1 warning, 161 subtests passed; head ec5cf677718b6a6a5fc9a5102b5ce1783592509a; root control checkout not mutated for this work.
LAST_UPDATED_BY:
jcwalker3 / prgs-author
Canonical Issue State
STATE:
author-remediation-complete; ready-for-fresh-review
WHO_IS_NEXT:
reviewer
NEXT_ACTION:
Independent prgs-reviewer formal review of PR #710 at head
9cb12ee0f4against review-434 F1/F2/F3 remediation and #709 AC1–AC8; do not merge PR #703; do not self-review as author.NEXT_PROMPT:
WHAT_HAPPENED:
Author remediations for review 434 F1/F2/F3 pushed as new commit
9cb12eeon fix/issue-709-decision-lock-cross-profile (PR #710). Server-side HMAC authorization artifacts; merger consumption path; remote/org/repo/head enforcement on load/clear. Full suite 2738 passed / 6 skipped. See PR #710 comment 11538 for F1/F2/F3 code/invariant/test mapping.WHY:
Caller-asserted authorization and PR-number-only cleanup were security defects; merger_may_accept was write-only.
RELATED_PRS:
PR #710 (this fix, head
9cb12ee); PR #703 remains open merge-blocked / untouched.BLOCKERS:
none for fresh review start; do not treat review 434 as approved; do not merge #703 from this workstream.
VALIDATION:
focused 46 passed; related 151 passed; full 2738 passed, 6 skipped, 1 warning (pre-existing StarletteDeprecationWarning), 161 subtests; head 9cb12ee0f442a89535b6f81712367f1112a3e59e; root control checkout not mutated.
LAST_UPDATED_BY:
jcwalker3 / prgs-author