Claude/coord postmerge cleanup#145
Merged
Merged
Conversation
… + PR-workflow note Post-merge cleanup on top of #142's squash-merge. No behavioural changes — 26/26 bridge tests stay green. * path-claims: cache segment-split per registered path so the n×m overlap scan inside register() stops re-splitting; collapse the O(n²) `//` normalisation while-loop into a single `\/+` regex; extract DEFAULT_TTL_S so register() and refresh() share one default; normalise the paths-array iteration into a small helper. * dispatcher: split the path-claims interception into explicit before/after hooks (pathClaimsBefore strips the bridge-only `paths` field before forwarding to the verified backend; pathClaimsAfter registers/refreshes/releases against the response), so the dispatch function reads as envelope-validate → before-hook → fetch → after-hook. * coord-hooks.sh: extract _coord_claim_quiet so coord-claim and coord-worktree share one parse path and interpret "granted" the same way; drop the duplicated python-parse blocks. * CLAUDE.md: add a "PR Workflow" section documenting the squash-merge + follow-up-commit hazard that produced PR #142's ghost-conflict, with the empty-diff diagnostic and the post-merge cleanup recipe.
Measures register() (the hot path on coord_claim_task) across realistic (10 claims) → stress (1000 claims) population sizes, plus the pathsOverlap leaf primitive and bookkeeping (refresh, list). Bench holds active-claim count stable by reusing one task slot per iter, so the reported numbers reflect overlap-scan cost at the seeded population — not arithmetic-series accumulation. Reference numbers on dev host: 240k ops/s at 10 claims, 3.9k ops/s at 1000 claims, pathsOverlap ~170 ns/op. Numbers are host-dependent; use deltas across commits, not absolute values.
Runs node mcp-bridge/tests/path_claims_bench.js on every PR/push that touches the bridge, uploads the output as an artifact, and posts a sticky PR comment (marker-tag find-or-update) so bench deltas are visible inline across pushes instead of buried in the artifact tarball. Separate job from the existing zig `benchmarks` so the JS bench gets its own runner (no Zig install) and the logs stay untangled. Per-job permissions override (pull-requests: write) keeps workflow-level permissions at read-all — only the comment step needs write. Comment failure is non-fatal (continue-on-error) so a token hiccup or fork PR never gates the bench. Same pattern as hypatia-scan's PR comment step.
…op-gap) Two short ADRs evaluating the remaining survey gaps so the implementation pick is made on documented tradeoffs rather than implementer instinct. * 0015 — Promote bridge-only path-claims to a backend-enforced lock primitive. New P-08 LockSoundness in Idris2 (constructive — segment- prefix mutual exclusion is structurally inductive). Closes the survey's file-lock gap completely. Cost: 2-4 days, but the first non-task-id concept entering the proved backend core. * 0016 — Cross-host federation stop-gap using mTLS + ed25519, sized to match Ruflo's posture. Explicitly positioned as a v1 for the ambitious ADR-0010 (DID + ML-DSA-87 + ML-KEM-1024 + federated quarantine), not a replacement. Loopback bus and Idris2 ABI untouched; cost: 4-6 days; trust bootstrap stays manual on purpose (SSH known_hosts model). Both end with a recommendation block. Verdict: 0016 closes the more user-visible gap and carries lower architectural risk; 0015 is the strongest technical answer but only worth it if "advisory warning is not enough" is a stated requirement.
User picked 0016 over 0015 after reviewing both spikes. Flip status fields to match: * 0016 — Accepted with a 6-phase implementation plan (identity → sign/verify → mTLS transport → coord tools → Idris2 Federation.idr → tests). Each phase its own PR off main after this ADR lands. Total estimated 4-6 days. * 0015 — Deferred. Stays on file as the design-of-record for a backend-enforced lock primitive should the bridge-layer advisory layer prove insufficient. Reopen by flipping to "Proposed".
🏁 path-claims benchCommit NumbersHost-dependent — compare deltas across commits, not absolute values. |
🔍 Hypatia Security ScanFindings: 125 issues detected
View findings[
{
"reason": "Stale AI session file -- delete",
"type": "stale",
"file": "GEMINI.md",
"action": "delete",
"rule_module": "root_hygiene",
"severity": "medium"
},
{
"reason": "Issue in quality.yml",
"type": "missing_workflow",
"file": "quality.yml",
"action": "create",
"rule_module": "workflow_audit",
"severity": "high"
},
{
"reason": "Issue in security-policy.yml",
"type": "missing_workflow",
"file": "security-policy.yml",
"action": "create",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Action hyperpolymath/standards/.github/workflows/governance-reusable.yml@main needs attention",
"type": "unpinned_action",
"file": "governance.yml",
"action": "pin_sha",
"rule_module": "workflow_audit",
"severity": "high"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/sanctify-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/academic-workflow-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/fireflag-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/ephapax-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/bofig-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/hesiod-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
}
]Powered by Hypatia Neurosymbolic CI/CD Intelligence |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Changes
RSR Quality Checklist
Required
just testor equivalent)just fmtor equivalent)unsafeblocks without// SAFETY:commentsbelieve_me,unsafeCoerce,Obj.magic,Admitted,sorry).envfiles includedAs Applicable
.machine_readable/STATE.a2mlupdated (if project state changed).machine_readable/ECOSYSTEM.a2mlupdated (if integrations changed).machine_readable/META.a2mlupdated (if architectural decisions changed)TOPOLOGY.mdupdated (if architecture changed)CHANGELOGor release notes updatedsrc/abi/andffi/zig/consistent)Testing
Screenshots