4fd5ac7be3
Fixes molecule-core#1957: agent identity collapse where all agents share one GitHub PAT and their writes attribute to the CEO. This plugin takes the pragmatic "wrap, don't multiply identities" path: - Injects MOLECULE_AGENT_ROLE / OWNER / ATTRIBUTION_BADGE per workspace - Ships a shell wrapper for `gh` that: * prepends an attribution badge to issue/PR bodies on publish * rewrites --assignee @me to the role's designated human owner * emits an NDJSON audit log to /var/log/molecule-gh.ndjson - Wrapper is shipped as base64 env var; each workspace template's install.sh decodes and writes it to /usr/local/bin/gh Scales where GitHub Apps / machine users don't: adding a new agent role is one entry in config.yaml, not a GitHub UI roundtrip per role. See README + known-issues.md for the v2-architecture migration plan. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
16 lines
591 B
Modula-2
16 lines
591 B
Modula-2
module github.com/Molecule-AI/molecule-ai-plugin-gh-identity
|
|
|
|
go 1.25.0
|
|
|
|
require gopkg.in/yaml.v3 v3.0.1
|
|
|
|
// This plugin's Mutator type satisfies monorepo's provisionhook.EnvMutator
|
|
// structurally — we don't import it, so no cross-module replace directive
|
|
// is needed. If we ever need to reference exported types from
|
|
// molecule-monorepo/platform, uncomment:
|
|
//
|
|
// replace github.com/Molecule-AI/molecule-monorepo/platform => ../molecule-monorepo/workspace-server
|
|
//
|
|
// Keeping this out of the require list lets the plugin build standalone in CI
|
|
// without checking out the monorepo.
|