docs: LLM-Agent-SHA opaque attribution convention, Phase 0 (#86) #87
Reference in New Issue
Block a user
Delete Branch "docs/issue-86-llm-agent-sha-phase0"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Implements #86 Phase 0 only, per the owner decision (#86,
#issuecomment-1354).What this adds
docs/llm-agent-sha.md(new) — the full convention:llm-<12 lowercase hex>, regex^llm-[0-9a-f]{12}$; CSPRNG or non-secret-UUID-hash generation; forbidden derivations (token/email/username/hostname/path/model/conversation).LLM-Agent-SHA(attribution only) vs same authenticated Gitea user (blocks self-review/self-merge) vs same MCP profile (governsallowed_operations).docs/llm-workflow-runbooks.md— attribution subsection under the "profile is the role" principle; implement/review runbooks now point at the metadata blocks; related-documents link.Templates
start-issue.md/review-pr.md— handoff and review metadata blocks; explicit reviewer rule that a different SHA does NOT make you a different actor.tests/test_llm_agent_sha.py(new, 10 tests) — negative proof the SHA is inert:LLM-Agent-SHAstill fails self-approve and self-merge (gitea_check_pr_eligibility), and the gatedgitea_merge_pr/gitea_review_prtools refuse with no mutating API call.gitea_check_pr_eligibility,gitea_merge_pr,gitea_review_pr,gitea_submit_pr_review) accepts an agent/llm parameter or readsLLM_AGENT_*in its source.Explicitly NOT in this PR (deferred per owner decision)
No launcher-enforced generation, no
LLM_AGENT_SHA/LLM_AGENT_ROLEenv handling in tools, nogitea_whoamiSHA fields, no automatic PR body injection, no audit schema changes, no lineage tracking. Zero eligibility/gate code changed.Checks
py_compilemcp_server.py / manage_labels.py / gitea_auth.py — OKbash -n scripts/clear-provenance— OKpytest tests/test_review_pr.py -q— 4 passed;tests/test_merge_pr.py -q— 4 passedpytest tests/ -q— 355 passed (345 → +10)git diff --check— cleanCloses #86 (Phase 0 scope).
LLM Handoff Metadata:
🤖 Generated with Claude Code