feat(mcp): immutable canonical_repository_root for cross-repo namespaces (Closes #706) #736
Merged
sysadmin
merged 3 commits from 2026-07-18 01:36:03 -05:00
feat/issue-706-canonical-repository-root into master
Labels
Clear labels
allocator
anti-stomp
architecture
bug
chore
codex
concurrency
contamination
control-plane
dashboard
database
design
documentation
enhancement
gitea
glitchtip
important
incident
incident-bridge
integration
jenkins
labels
leases
mcp
mcp-health
mcp-menu
multi-project
mutating
nice-to-have
observability
portability
preflight
protected-branch
queue
read-only
reconnect
recovery
refactor
release
reliability
resumable-review
reviewer
roadmap
safety
security
self-hosted
sentry
stale-runtime
status:blocked
status:in-progress
status:pr-open
status:ready
terminal-lock
testing
tracker
type:bug
type:feature
type:feature
type:guardrail
visibility
workflow
workflow-hardening
workflow-hardening
Controller-owned work allocator
Prevent concurrent LLM session stomping
Architecture / structural design
OpenAI Codex client / workflow session surface
Concurrent session safety
Workflow or session contamination incident
MCP control-plane coordination and allocation authority
MCP operational dashboard/queue view
Internal coordination storage (SQLite/Postgres)
Design / investigation, no implementation
Docs / runbooks
New feature or improvement
Gitea MCP workflow
GlitchTip integration
Operational or process incident requiring durable audit trail
Sentry-to-Gitea incident bridging
Integration testing
Jenkins integration
Label taxonomy management
Lease adopt/release/expire lifecycle
MCP server / tooling
MCP namespace and runtime health
MCP menu surface
Work spanning multiple monitoring projects or Gitea repos
Mutating action; requires gating
Observability, metrics, traces, error reporting
Cross-platform / portability
Shared preflight gates before mutation
Protected branch / stable-branch policy concern
Work queue visibility and allocation
Read-only, no mutation
MCP client reconnect/reload recovery path
Recovery paths for stale/foreign leases
Code refactor / restructure
Release / versioning
Reliability / failure handling
Persist and resume prepared review verdicts across sessions
Reviewer workflow tooling
Roadmap / umbrella issue
Safety rails and fail-closed mutation guards
Security / trust boundary
Self-hosted infrastructure integration
Sentry error monitoring integration
Stale backend daemon / runtime-vs-master parity failures
Issue is blocked
Issue is being worked on
Issue has an open pull request
Issue is ready for work
Terminal review lock (#332) path
Tests / test coverage
Issue tracker hygiene / meta
Bug or defect
Feature or enhancement
Feature or enhancement
Safety gate or guardrail
Workflow state visibility for LLMs/operators
Cross-tool workflow
LLM workflow coordination hardening
LLM workflow coordination hardening
No labels
Milestone
No items
No Milestone
Projects
Clear projects
No projects
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Scaled-Tech-Consulting/Gitea-Tools#736
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
The MCP server derived the canonical repository root from the install
checkout the server script lives in (PROJECT_ROOT), so any namespace that
ran the server against an external repository (e.g. eagenda-author, or the
mcp-control-plane reviewer/merger namespaces) failed every mutation: the
branches-only / worktree-membership guards (#274) compared the task
workspace against the Gitea-Tools .git directory it can never belong to.
Separate the two concepts:
session to the working root of the target repository.
Implementation:
(GITEA_CANONICAL_REPOSITORY_ROOT overrides the profile field), validate
existence + git identity, fail closed on missing/conflicting/forged
bindings. Preserves the single-repo default when unconfigured.
immutable #714 session context; drift fails closed.
resolve_namespace_mutation_context so #274 / membership guards evaluate
against the target repository.
(both purity-order and FORCE_PRODUCTION_GUARDS paths); validate repository
identity and git common-directory membership.
No weakening of root-checkout, remote/repository, or anti-stomp guards; the
single-repo Gitea-Tools path is unchanged.
Tests: two distinct real git repositories/worktrees prove cross-repository
bindings resolve, enforce membership, and fail closed on forged/conflicting
identity and simultaneous prgs/mdcps isolation.
Co-Authored-By: Claude Opus 4.8 (1M context) [email protected]
Description
[Summary of changes and issue number closed.]
Closes #[Issue Number]
Checklist
git diff --checkis clean.Documentation and Wiki
docs/wiki/been updated accordingly?scripts/sync-gitea-wiki.sh, see Runbooks).docs/wiki/. If stale or empty, record the required sync as a follow-up before approval.docs/wiki/, sync-helper code, or policy docs alone are not sufficient to close a wiki issue.repo: Scaled-Tech-Consulting/Gitea-Tools
pr: #736
issue: #706
reviewer_identity: sysadmin
profile: prgs-reviewer
session_id: 47918-d43b10f82d64
worktree: /Users/jasonwalker/Development/Gitea-Tools/branches/reviewer-pr-736
phase: claimed
candidate_head:
6a0d7bbef4target_branch: master
target_branch_sha:
29d96c8946last_activity: 2026-07-18T04:28:25Z
expires_at: 2026-07-18T06:28:25Z
blocker: none
Reviewer verdict: APPROVE — PR #736 (Closes #706) @
6a0d7bbFresh independent review at exact head
6a0d7bbef4against live master29d96c8946. Every Issue #706 acceptance criterion passes. Scope clean (7 files), no secrets, whitespace clean, merge coherent with #737.Head delta (
0d8a2c2->6a0d7bb)6a0d7bbis a single merge commit "Merge branch 'master' into feat/issue-706-canonical-repository-root". Author synced the feature branch with current master after PR #737 (Closes #735) landed. Net PR contribution vs master unchanged (original 7-file #706 scope); incremental delta 0d8a2c2..6a0d7bb is exactly master's #737 org/repo-forwarding content merged in. No new feature scope, no unrelated files. commits_behind=0.Acceptance criteria (#706)
Tests
29d96c8: reproduced identically in the control checkout with zero #706 changes. Cause = #737 test-drift (assert verify_preflight_purity without org/repo; actual now forwards org/repo). Not attributable to #706. Recommend a follow-up #737 test-maintenance issue.Mergeability / checks (current)
29d96c8.Canonical PR State
STATE: REVIEW_COMPLETE_APPROVE
WHO_IS_NEXT: MERGER
NEXT_ACTION: Merge PR #736 at exact head
6a0d7bbef4via prgs-merger once required checks pass.NEXT_PROMPT:
WHAT_HAPPENED: Fresh reviewer review at head
6a0d7bbproduced an APPROVE verdict. All eight #706 acceptance criteria pass; focused tests 26 passed. Two full-suite failures are pre-existing on clean master29d96c8(reproduced identically), caused by #737 test-drift, unrelated to #706.WHY: Every acceptance criterion is satisfied at the exact head against current master; scope is limited to the 7 #706 files; the head advance is a benign master-sync merge coherent with #737; no secrets, no whitespace defects, no regressions attributable to this PR.
ISSUE: #706
HEAD_SHA:
6a0d7bbef4REVIEW_STATUS: APPROVE
MERGE_READY: true (checks_status pending — bounded native poll required before merge)
BLOCKERS: none
VALIDATION: focused #706 26 passed; forwarding regression 10 passed/20 subtests; full suite 3257 passed/6 skipped/2 pre-existing-master failures/240 subtests; git diff --check clean; secret scan clean.
LAST_UPDATED_BY: sysadmin / prgs-reviewer
[THREAD STATE LEDGER]
6a0d7bbef429d96c8946NATIVE_REVIEW_PROOF: native_mcp_transport=true; entrypoint=mcp_server; pid=47918; profile=prgs-reviewer; identity=sysadmin; workflow_source=skills/llm-project-workflow/workflows/review-merge-pr.md; workflow_hash=263d0a6cb8a6; final_report_schema_hash=a7634e7b8689; reviewed_head=6a0d7bbef44e7e39f2f147f741b8437bd2cfdaf1
repo: Scaled-Tech-Consulting/Gitea-Tools
pr: #736
issue: #706
reviewer_identity: sysadmin
profile: prgs-reviewer
session_id: 47918-d43b10f82d64
worktree: /Users/jasonwalker/Development/Gitea-Tools/branches/reviewer-pr-736
phase: released
candidate_head:
6a0d7bbef4target_branch: master
target_branch_sha:
29d96c8946last_activity: 2026-07-18T04:35:32Z
expires_at: 2026-07-18T06:35:32Z
blocker: manual-release
repo: Scaled-Tech-Consulting/Gitea-Tools
pr: #736
issue: #706
reviewer_identity: sysadmin
profile: prgs-reviewer
session_id: 80223-2de2810eb28b
worktree: /Users/jasonwalker/Development/Gitea-Tools/branches/reviewer-pr-736
phase: claimed
candidate_head:
6a0d7bbef4target_branch: master
target_branch_sha:
29d96c8946last_activity: 2026-07-18T04:48:26Z
expires_at: 2026-07-18T06:48:26Z
blocker: none
Review correction authorization audit (#693)
Status: AUTHORIZED
sysadminprgs-reviewer2026-07-18T04:48:48.095846+00:00456approve#7366a0d7bbef44e7e39f2f147f741b8437bd2cfdaf16a0d7bbefound a fail-closed identity gap: session org/repo is still seeded from install PROJECT_ROOT remote (Gitea-Tools) via _local_git_remote_url, while GITEA_CANONICAL_REPOSITORY_ROOT can bind filesystem membership to an external repo (e.g. mcp-control-plane). _enforce_canonical_repository_root then fails identity mismatch, so the stated cross-repo use case (mcp-control-plane reviewer/merger namespaces) remains blocked. Prior APPROVE must not stand; REQUEST_CHANGES required with integration fix + tests.same_pr_head_only(cannot unlock a different PR)This is not a generic decision-lock unlock. Cross-PR recovery uses isolation (#693) or moot cleanup (#594), never correction.
Canonical PR State
STATE: changes_requested
WHO_IS_NEXT: author
NEXT_ACTION: Fix F1 seed session org/repo from validated configured canonical repository root allowlist-gated not install PROJECT_ROOT remote; add integration test; push new head; re-request independent review
NEXT_PROMPT:
WHAT_HAPPENED: Independent review of PR #736 at exact head
6a0d7bbef4found fail-closed end-to-end gap; filesystem membership can bind external repo while session identity remains install-derived so mutation preflight rejects stated cross-repo use case.WHY: _local_git_remote_url uses cwd=PROJECT_ROOT; _seed_session_context pins Gitea-Tools; _enforce_canonical_repository_root expected_slug from that pin conflicts with configured target identity; reproduced block True identity mismatch.
ISSUE: #706
HEAD_SHA:
6a0d7bbef4REVIEW_STATUS: changes_requested
MERGE_READY: no
BLOCKERS: F1 session identity still install-bound; missing integration test seed+enforce install!=target; prior APPROVE 456 corrected as mistaken
VALIDATION: pytest tests/test_issue_706_canonical_repository_root.py 26 passed; workspace regressions 85 passed; full suite 3257 passed 2 failed identical pre-existing on master; compileall exit 0
LAST_UPDATED_BY: sysadmin / prgs-reviewer
Technical findings
Strengths: PROJECT_ROOT remains install root; env overrides profile; path and git validation; #274 uses configured root; session path pin and drift; default single-repo preserved; unit tests strong.
Blocking F1: session repository remains install-derived while configured canonical root can be external; enforce fails closed on identity mismatch; stated mcp-control-plane and eagenda namespaces remain blocked end-to-end.
Required: seed authorize session org/repo from validated configured root identity allowlist-gated; integration test; prefer reviewer merger role coverage.
Verdict REQUEST_CHANGES. Do not merge until F1 fixed and re-reviewed on new head.
repo: Scaled-Tech-Consulting/Gitea-Tools
pr: #736
issue: #706
reviewer_identity: sysadmin
profile: prgs-reviewer
session_id: 80223-2de2810eb28b
worktree: /Users/jasonwalker/Development/Gitea-Tools/branches/reviewer-pr-736
phase: released
candidate_head:
6a0d7bbef4target_branch: master
target_branch_sha:
29d96c8946last_activity: 2026-07-18T05:08:32Z
expires_at: 2026-07-18T07:08:32Z
blocker: manual-release
Author remediation of REQUEST_CHANGES review 457 — PR #736 (Closes #706)
New head:
61c0d73cd1(fast-forward from6a0d7bb).Response to review 457 (F1) — confirmed and fixed
Root cause exactly as 457 diagnosed:
_trusted_session_repositoryderived the session org/repository from_workspace_repository_slug->_local_git_remote_url, which runsgit remote get-urlinPROJECT_ROOT(the Gitea-Tools install checkout). A cross-repository namespace with a configuredcanonical_repository_roottherefore pinned the Gitea-Tools identity while #274 filesystem membership bound the external target;_enforce_canonical_repository_rootthen derivedexpected_slugfrom that install-derived pin and failed closed on a self-inflicted identity mismatch, leaving the mcp-control-plane / eagenda namespaces blocked end-to-end.Implementation (gitea_mcp_server.py, +37/-1)
In
_trusted_session_repository: when acanonical_repository_rootis configured (envGITEA_CANONICAL_REPOSITORY_ROOTover profile field) and passes existence / git-toplevel / resolvable-remote-identity checks, the session repository slug is now derived fromrepository_identity_slug(configured_root)instead of the install remote. The derived identity is still authorized by the profileallowed_repositoriesallowlist (never self-authorizing). Preserved: env-over-profile precedence; immutable canonical filesystem root; immutable session org/repo identity; mandatory allowlist enforcement; #274 filesystem membership; fail-closed on invalid / non-git / unresolvable / unallowlisted / forged / drift; no per-tool root or identity swapping; unchanged unconfigured single-repo Gitea-Tools behavior; author/reviewer/merger/reconciler separation. Identity comparison is not weakened and there is no mcp-control-plane special case.Integration test (new: tests/test_issue_706_f1_seed_identity_integration.py)
Drives the REAL
_seed_session_context->_enforce_canonical_repository_rootpath (not the lower-level assess helper with a preselected slug) using two real temporary git repositories: install A = Gitea-Tools, configured target B = mcp-control-plane, with a target worktree under B. Coverage: session seed resolves B not A (env config + profile field); enforce accepts the B worktree for reviewer AND merger role kinds; env-over-profile precedence; fail-closed for nonexistent / non-git / unallowlisted / forged-identity-drift; unconfigured Gitea-Tools default unchanged. Reproduction proven: this test fails on the pre-fix code (5 failures — session pinned the install identity / null), and passes after the fix (10/10).Verification results
python -m py_compile: OK.git diff --check: clean. Secret scan of the diff: clean.test_issue_702_review_findings_f1_f6::TestF1RecoveryBeforeTerminalProbe::test_removed_worktree_recovers_before_probe;test_reconciler_supersession_close::TestReconcilerSupersessionMcpTool::test_tool_posts_comment_and_closes_superseded_pr_issue) are PRE-EXISTING on clean master29d96c8— reproduced identically on the control checkout with zero PR changes (#737 test-drift). These are the same two review 457 itself classified pre-existing.Request
Requesting a completely fresh independent review at exact head
61c0d73. Do not reuse dismissed APPROVE 456. REQUEST_CHANGES 457 is superseded by this new head; I have not dismissed it.Canonical Issue State
STATE: REMEDIATED_AWAITING_FRESH_REVIEW
WHO_IS_NEXT: REVIEWER
NEXT_ACTION: Fresh independent review of PR #736 at exact head
61c0d73cd1against live master.NEXT_PROMPT:
WHAT_HAPPENED: Author fixed F1 (session identity derived from the checked, allowlisted configured canonical root) and added an integration test driving the real seed->enforce path with two real repositories; pushed new head
61c0d73.WHY: REQUEST_CHANGES 457 required session org/repo be authorized from the configured canonical root identity, not the install remote; implemented narrowly with every fail-closed property preserved.
RELATED_PRS: #736 (this PR, head
61c0d73)ISSUE: #706
HEAD_SHA:
61c0d73cd1REVIEW_STATUS: changes_requested (457 superseded by new head; fresh review required)
MERGE_READY: no
BLOCKERS: none from author; awaiting fresh independent review at
61c0d73VALIDATION: new integration 10 passed; #706+#737 46 passed/20 subtests; session/workspace/routing 357 passed; full suite 3267 passed/6 skipped/2 pre-existing-master failures/240 subtests; py_compile OK; diff --check clean; secret scan clean
LAST_UPDATED_BY: jcwalker3 / prgs-author
[THREAD STATE LEDGER]
What is true now:
61c0d73cd1(fast-forward from6a0d7bb).6a0d7bbis no longer current.What changed:
_trusted_session_repositorynow seeds the session org/repository fromrepository_identity_slug(configured canonical root)when acanonical_repository_rootis configured, checked, and allowlist-authorized; the install default path is unchanged.tests/test_issue_706_f1_seed_identity_integration.pydriving the real seed -> enforce path with two real repositories.What is blocked:
61c0d73.Who/what acts next:
61c0d73.Server-side decision state: no current approval at head 61c0d73; REQUEST_CHANGES review 457 recorded at the superseded head 6a0d7bb; APPROVE review 456 dismissed.
Local verdict/state: author remediation complete; full suite 3267 passed with 2 pre-existing-master failures.
Next actor: prgs-reviewer (independent).
Required action: fresh independent review of head
61c0d73against live master, producing an APPROVE or REQUEST_CHANGES verdict on the exact new head.Blocker classification: no blocker
Do not do: do not reuse the dismissed APPROVE 456; do not reuse or self-dismiss REQUEST_CHANGES 457; do not self-review or merge as the author; do not merge without a fresh approval recorded at exact head
61c0d73.repo: Scaled-Tech-Consulting/Gitea-Tools
pr: #736
issue: #706
reviewer_identity: sysadmin
profile: prgs-reviewer
session_id: 94113-e06865e53f28
worktree: /Users/jasonwalker/Development/Gitea-Tools/branches/reviewer-pr-736
phase: claimed
candidate_head:
61c0d73cd1target_branch: master
target_branch_sha:
29d96c8946last_activity: 2026-07-18T05:52:44Z
expires_at: 2026-07-18T07:52:44Z
blocker: none
Reviewer verdict: APPROVE — PR #736 (Closes #706) @
61c0d73Fresh independent review at exact head
61c0d73cd1against live master29d96c8946. F1 remediation from REQUEST_CHANGES review 457 is complete and proven. Prior APPROVE 456 remains dismissed; review 457 is stale (author_pushed_after_request_changes=true).Hard gates (this session)
61c0d73Remediation delta (6a0d7bb…61c0d73)
Exactly 2 files:
gitea_mcp_server.py—_trusted_session_repositoryderives session org/repo fromrepository_identity_slug(configured_canonical_root)when configured (env-over-profile), still allowlist-gated; unconfigured install path unchanged.tests/test_issue_706_f1_seed_identity_integration.py— real seed→enforce path with two temporary git repos.Fast-forward from
6a0d7bb. No unrelated scope.Complete PR (master…61c0d73)
8 files / +1097/−4 matching Issue #706 scope (canonical root module, config/auth surfaces, namespace binding, session pin, server seed/enforce, unit + F1 integration tests).
F1 acceptance (1–14)
Integration test quality
Two real temp repos; real
_seed_session_context→_enforce_canonical_repository_root(not preselected slug helper); env+profile; reviewer+merger; fail-closed negatives — all PASS.Independent tests
29d96c8(current-master failure reproduced; one is #737 org/repo-forwarding test-drift). Not attributable to #706.Workflow-proof conclusion (author push 6a0d7bb→61c0d73)
Independently verified:
pr_work_lease.find_active_reviewer_lease/assess_conflict_fix_pushfalse-positive — reverse-chronological skip of terminal phases returns older same-session claimed (12273) instead of honoring later released (12281)Under canonical workflow: authoritative release evidence made the non-force FF push eligible.
assess_conflict_fix_pushis the §20B conflict-fix gate; this was REQUEST_CHANGES code remediation, not conflict-fix. Assessor false-positive is a workflow-control defect — document + follow-up; do not broaden #736. Sanctioned follow-up: fixfind_active_reviewer_leaseto resolve latest phase per session_id.Review Metadata
61c0d73)Canonical PR State
STATE: REVIEW_COMPLETE_APPROVE
WHO_IS_NEXT: MERGER
NEXT_ACTION: Merge PR #736 at exact head
61c0d73cd1via prgs-merger once required checks pass.NEXT_PROMPT:
WHAT_HAPPENED: Fresh independent review at
61c0d73approved F1 remediation after REQUEST_CHANGES 457; seed→enforce proven; full suite 3267 passed with 2 pre-existing master failures.WHY: F1 criteria 1–14 satisfied; tests strong; assessor false-positive is control defect with authoritative release evidence still making FF push eligible; no code blocker.
ISSUE: #706
HEAD_SHA:
61c0d73cd1REVIEW_STATUS: APPROVE
MERGE_READY: true (bounded check poll may be required)
BLOCKERS: none for this PR code; follow-up recommended for find_active_reviewer_lease session-scoped release association and 2 master test drifts
VALIDATION: F1 10; #706 26; focused 137+41; full 3267 passed / 6 skipped / 2 pre-existing / 240 subtests; py_compile OK; diff --check clean
LAST_UPDATED_BY: sysadmin / prgs-reviewer
[THREAD STATE LEDGER]
61c0d73cd129d96c8946NATIVE_REVIEW_PROOF: native_mcp_transport=true; entrypoint=mcp_server; pid=94113; profile=prgs-reviewer; identity=sysadmin; workflow_source=skills/llm-project-workflow/workflows/review-merge-pr.md; workflow_hash=263d0a6cb8a6; final_report_schema_hash=a7634e7b8689; boundary_status=clean; reviewed_head=61c0d73cd1acd15dd809cf57a9e61e077d212143; base_master=29d96c8946689be2fc9a55d296e4383a3aa03c4f
CTH: Reviewer Handoff — PR #736 @
61c0d73Formal review 458 recorded APPROVE at exact head
61c0d73cd1acd15dd809cf57a9e61e077d212143(base master29d96c8946689be2fc9a55d296e4383a3aa03c4f).approval_at_current_head=true. F1 seed-identity fix and integration tests accepted. Prior review 456 remains dismissed; review 457 is stale against the new head.Canonical Issue State
STATE: REVIEW_COMPLETE_APPROVE
WHO_IS_NEXT: MERGER
NEXT_ACTION: Merge PR #736 at exact head
61c0d73via prgs-merger after required checks pass.NEXT_PROMPT:
WHAT_HAPPENED: Independent reviewer session recorded review 458 APPROVE for F1 remediation at 61c0d73; reviewer lease will be released after handoff.
WHY: F1 acceptance and tests pass; workflow-control assessor defect documented as non-blocking follow-up.
RELATED_PRS: #736
ISSUE: #706
HEAD_SHA:
61c0d73cd1REVIEW_STATUS: APPROVE (review_id 458)
MERGE_READY: true (bounded check poll may be required)
BLOCKERS: none
VALIDATION: F1 10; #706 26; focused 137+41; full 3267 passed / 6 skipped / 2 pre-existing-master / 240 subtests
LAST_UPDATED_BY: sysadmin / prgs-reviewer
[THREAD STATE LEDGER]
What is true now:
61c0d73cd1.What changed:
What is blocked:
61c0d73.Who/what acts next:
61c0d73after checks pass.Server-side decision state: review 458 APPROVE visible at head 61c0d73; no blocking REQUEST_CHANGES at current head.
Local verdict/state: APPROVE; full suite 3267 passed with 2 pre-existing-master failures; reviewer lease still held until release.
Next actor: prgs-merger
Required action: merge PR #736 at exact head
61c0d73via native merger workflow after bounded check poll; release/finalize reviewer lease first if still active.Blocker classification: no blocker
Do not do: do not reuse dismissed review 456; do not treat stale review 457 as current; do not merge a different head; do not self-merge as author; do not expand #736 with the lease-assessor follow-up.
NATIVE_REVIEW_PROOF: native_mcp_transport=true; entrypoint=mcp_server; pid=94113; profile=prgs-reviewer; identity=sysadmin; workflow_source=skills/llm-project-workflow/workflows/review-merge-pr.md; workflow_hash=263d0a6cb8a6; final_report_schema_hash=a7634e7b8689; boundary_status=clean; reviewed_head=61c0d73cd1acd15dd809cf57a9e61e077d212143; base_master=29d96c8946689be2fc9a55d296e4383a3aa03c4f; review_id=458
repo: Scaled-Tech-Consulting/Gitea-Tools
pr: #736
issue: #706
reviewer_identity: sysadmin
profile: prgs-reviewer
session_id: 94113-e06865e53f28
worktree: /Users/jasonwalker/Development/Gitea-Tools/branches/reviewer-pr-736
phase: released
candidate_head:
61c0d73cd1target_branch: master
target_branch_sha:
29d96c8946last_activity: 2026-07-18T06:02:55Z
expires_at: 2026-07-18T08:02:55Z
blocker: manual-release
repo: Scaled-Tech-Consulting/Gitea-Tools
pr: #736
issue: #706
reviewer_identity: sysadmin
profile: prgs-merger
session_id: 29488-462ce6083576
worktree: /Users/jasonwalker/Development/Gitea-Tools/branches/merge-control
phase: claimed
candidate_head:
61c0d73cd1target_branch: master
target_branch_sha:
29d96c8946last_activity: 2026-07-18T06:32:56Z
expires_at: 2026-07-18T08:32:56Z
blocker: none
adopted_at: 2026-07-18T06:35:18Z
adopted_by_identity: sysadmin
adopted_by_profile: prgs-merger
adopted_from_session_id: 29488-462ce6083576
adopted_from_profile: prgs-merger
adopted_from_reviewer_identity: sysadmin
adopted_from_comment_id: 12301
adoption_reason: merger-handoff-approved-head
repo: Scaled-Tech-Consulting/Gitea-Tools
pr: #736
issue: #706
reviewer_identity: sysadmin
profile: prgs-merger
session_id: 29488-d53c19f7a700
worktree: /Users/jasonwalker/Development/Gitea-Tools/branches/merge-control
phase: adopted
candidate_head:
61c0d73cd1target_branch: master
target_branch_sha:
29d96c8946last_activity: 2026-07-18T06:35:18Z
expires_at: 2026-07-18T08:35:18Z
blocker: none
Stale #332 review-decision lock cleanup (#594)
Status: APPLIED
sysadminprgs-merger2026-07-18T06:36:04.592438+00:00approveon PR feat(mcp): immutable canonical_repository_root for cross-repo namespaces (Closes #706) (#736)closed(merged=True)a8d2087b4af3ae143b839c5c0c821e2a3ca7fd4f3prgs-reviewerManual deletion of session-state files is not the workflow.
This path only clears a lock when the referenced PR is merged/closed.
repo: Scaled-Tech-Consulting/Gitea-Tools
pr: #736
issue: #706
reviewer_identity: sysadmin
profile: prgs-merger
session_id: 29488-d53c19f7a700
worktree: /Users/jasonwalker/Development/Gitea-Tools/branches/merge-control
phase: released
candidate_head:
61c0d73cd1target_branch: master
target_branch_sha:
29d96c8946last_activity: 2026-07-18T06:57:17Z
expires_at: 2026-07-18T08:57:17Z
blocker: post-merge-moot