5708 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
devops-engineer	2cf2744fb9	ci: retrigger CI [empty]	2026-05-13 17:42:56 +00:00
devops-engineer	a709609a3c	Merge remote-tracking branch 'origin/main' into fix/stdio-fallback-all-environments	2026-05-13 17:04:44 +00:00
devops-engineer	22839034ef	Merge pull request 'fix(ci): close burn-in — remove continue-on-error mask from sop-tier-check' (#825) from ci/burn-in-remove-sop-tier-check-coe into main	2026-05-13 17:02:51 +00:00
core-be	946e12afaf	test(canvas): freeze time in formatTTL tests — eliminate CI timing flake ... Same fix as applied to fix/stdio-fallback-all-environments (#778). vi.useFakeTimers()/vi.useRealTimers() pin Date.now() so the flake (expected '5m', got '4m' on slow runners) cannot occur. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-13 09:33:10 -07:00
core-be	ac675237fb	Merge branch 'main' into ci/burn-in-remove-sop-tier-check-coe	2026-05-13 09:32:48 -07:00
core-be	27431fa852	test(canvas): freeze time in formatTTL tests — eliminate CI timing flake ... formatTTL calls Date.now() internally; tests were computing the expected timestamp with a separate Date.now() call. On a slow CI runner the delta exceeded a bucket boundary (4m instead of 5m). vi.useFakeTimers()/vi.useRealTimers() in beforeEach/afterEach pins Date.now() to a single value for the duration of each test so the comparison is always exact. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-13 09:29:14 -07:00
devops-engineer	c451b96db8	Merge pull request 'fix(runtime): accept kimi/kimi-cli as BYO-compute external runtime' (#771) from fix/kimi-external-runtime into main	2026-05-13 16:15:54 +00:00
core-be	7f2b218cd3	feat(kimi): Kimi as first-class BYO-compute runtime + delegation retry fix ... - Add isExternalLikeRuntime() helper for kimi/kimi-cli/external - Extend runtime_registry, workspace handler, canvas UX for Kimi - Fix delegation retry: skip retry when response body already received - Restore a2a_client cache-first path (peer_name KeyError, already on main) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-13 09:01:30 -07:00
platform-engineer	2067070f93	fix(ci): resolve 4 CI failures on PR#778 ... 1. ci-mcp-stdio-transport.yml: install pytest-cov so --no-cov flag doesn't conflict with workspace/pytest.ini addopts (exit code 4). Run 26124 (MCP stdio with regular-file stdout). 2. ci-mcp-stdio-transport.yml: add # mc#774 tracker on continue-on-error: true to satisfy lint-continue-on-error-tracking Tier 2e. Run 26132. 3. ci-mcp-stdio-transport.yml: add # bp-exempt directive comment above mcp-stdio-regular-file job key to satisfy lint-required-context-exists-in-bp Tier 2g. Run 26135. 4. bundle_test.go: import github.com/DATA-DOG/go-sqlmock explicitly so the package identifier resolves when compiled with -tags=integration. Run 26130 (Handlers Postgres Integration). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-13 08:16:09 -07:00
devops-engineer	1231177325	Merge branch 'main' into fix/stdio-fallback-all-environments	2026-05-13 14:14:42 +00:00
devops-engineer	36561cb0f1	Merge pull request 'feat(canvas): mount SearchDialog in desktop + mobile canvas shells' (#837) from design/826-searchdialog-mount-v2 into main	2026-05-13 14:13:41 +00:00
Molecule AI Core-UIUX	ac3136bb55	fix(canvas): remove duplicate SearchDialog mount from desktop page.tsx ... SearchDialog is already rendered inside Canvas.tsx (line 374). Adding it to page.tsx created a redundant second instance on desktop. Mobile shell (MobileApp.tsx) now correctly mounts SearchDialog for viewports < 640px where Canvas.tsx is never rendered. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 12:52:22 +00:00
Molecule AI Core-UIUX	fdec70e714	feat(canvas): mount SearchDialog in desktop + mobile canvas shells ... Adds Cmd+K workspace search to both canvas entry points: - page.tsx: mounts SearchDialog in the desktop shell - MobileApp.tsx: mounts SearchDialog in the mobile shell Phase 20.3: closes the "Workspace search (Cmd+K)" requirement. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 12:52:22 +00:00
infra-sre	98a1cf2151	ci: trigger sop-checklist gate re-evaluation	2026-05-13 12:49:31 +00:00
devops-engineer	a6c9b12d76	Merge pull request 'fix(memory/pgplugin): restore idx++ in PatchNamespace (OFFSEC-004)' (#832) from fix/offsec-004-patchnamespace-idx into main	2026-05-13 12:39:01 +00:00
Molecule AI · devops-engineer	a0da6b8db2	fix(e2e): suppress shellcheck SC2034 on intentionally-unused vars in test_mcp_stdio_staging.sh ... entry_rc captures the trap entry exit code (intentionally unused for now); TENANT stores the provisioning response body (unused -- errors are caught by --fail-with-body exit code). Rename entry_rc -> _entry_rc and add inline disable comment on TENANT to satisfy shellcheck --severity=warning.	2026-05-13 12:26:37 +00:00
Molecule AI Infra-Runtime-BE	3e9a2665f3	test(executor): update error-handling tests for sanitize_agent_error ... The sanitize_agent_error(exc=e) fix produces the sanitized format "Agent error (RuntimeError) — see workspace logs for details." instead of the raw exception string. Update two assertions in test_agent_error_handling and test_terminal_error_routes_via_updater_failed to expect the secure format, and assert raw message is NOT present. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 11:50:59 +00:00
Molecule AI Infra-Runtime-BE	d0611d4eee	Merge origin/main into fix/stdio-fallback-all-environments ... Conflicts resolved: - workspace/a2a_client.py: accept HEAD (TTL cache check, full comment) - workspace/a2a_executor.py: accept HEAD (sanitize_agent_error(exc=e)) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 11:44:23 +00:00
Molecule AI Infra-Runtime-BE	c12da5a241	fix(a2a_executor): restore sanitize_agent_error on subprocess errors ... The stdio-fallback branch replaced the sanitize_agent_error() wrapper with a bare f-string, causing raw exception messages to surface in the chat UI instead of the sanitized "Agent error ({type}) — see workspace logs for details." format. This restores the original sanitize_agent_error(exc=e) call in the updater.failed() path — same category of regression as the OFFSEC-003 sanitization fix (261a8e24) and the TTL cache fix (c2325f1a). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 11:42:58 +00:00
Molecule AI Core-OffSec	4b5614cbdd	fix(memory/pgplugin): restore idx++ in PatchNamespace (OFFSEC-004) ... Commit ad7acd30 removed this increment as a golangci-lint false-positive ("unused variable: idx") — idx is used in the query string built by fmt.Sprintf, so the lint was wrong. The removal broke the dual-field case: when both ExpiresAt and Metadata are set, the query uses \$3 for metadata but args only has 3 elements (indices 0=name, 1=expires, 2=metadata), so \$3 is out-of-bounds or reads the wrong value. Fix: restore idx++ after the metadata args append. Test: add TestStore_PatchNamespace_DualFields — covers the previously untested case where both expires_at and metadata are patched in one call. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 11:35:07 +00:00
Molecule AI Infra-Runtime-BE	261a8e2498	fix(builtin_tools/a2a): restore OFFSEC-003 peer-result sanitization ... The stdio-fallback branch removed the OFFSEC-003 sanitization from builtin_tools/a2a_tools.py (the LangChain adapter's A2A tools): - Removed the `from _sanitize_a2a import sanitize_a2a_result` import - Removed `sanitize_a2a_result()` wrapping from all delegate_task() return paths (peer text, error messages, raw data) Without this, the LangChain adapter passes raw peer content directly into the agent's LLM context — the same OFFSEC-003 injection surface that was fixed in a2a_tools_delegation.py (#492/#537). This patch restores the exact original sanitization calls. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 11:34:51 +00:00
Molecule AI Infra-Runtime-BE	c2325f1a17	fix(a2a): restore TTL cache check in enrich_peer_metadata_nonblocking ... The stdio-fallback branch removed the cache-first check from enrich_peer_metadata_nonblocking, causing 5 tests to fail: test_envelope_enrichment_uses_cache_when_present test_envelope_enrichment_fetches_on_cache_miss test_envelope_enrichment_re_fetches_after_ttl test_enrich_peer_metadata_nonblocking_cache_hit_returns_immediately test_enrich_peer_metadata_nonblocking_cache_miss_schedules_fetch The removed lines checked the peer metadata cache (TTL-bounded) and returned immediately on a cache hit. Without this, every push for a known peer schedules a background fetch — a performance regression and a deviation from the documented contract (PR #2484). This patch restores the cache check to the exact original logic. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 11:09:54 +00:00
devops-engineer	9373b19a0e	Merge pull request 'test(canvas): add pure-function coverage for AuditTrailPanel + MemoryInspectorPanel' (#822) from design/remaining-canvas-coverage into main	2026-05-13 09:47:27 +00:00
Molecule AI Core-DevOps	9a7e461495	fix(ci): close burn-in — remove continue-on-error mask from sop-tier-check tier-check job ... Burn-in window (internal#189 Phase 1) deployed 2026-05-10. The 7-day window closes 2026-05-17. Remove continue-on-error: true from the tier-check job so AND-composition is fully enforced. Changes: - Remove job-level `continue-on-error: true` and its mc#774 burn-in comment (sop-tier-check was one of the 42 bare CoE directives annotated in mc#774). - Step-level `continue-on-error: true` on Install jq and Verify tier label remain (documented mc#774 masks, separate from burn-in). - Update BURN-IN NOTE → BURN-IN CLOSED with reference to mc#774 protocol for any future mask re-introductions. - Update SOP_LEGACY_CHECK comment to note burn-in closed. Refs: internal#189, mc#774, #804 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 09:38:58 +00:00
Molecule AI Core-UIUX	3e7f498a0c	test(canvas): add pure-function coverage for AuditTrailPanel + MemoryInspectorPanel ... Adds unit tests for exported helpers: - formatAuditRelativeTime: boundary cases for minute/hour/day - isPluginUnavailableError: MEMORY_PLUGIN_URL detection, null/undefined edge cases - formatTTL: null/undefined/expired/second/minute/hour/day boundaries Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 09:30:07 +00:00
devops-engineer	de8464d221	Merge pull request 'test(canvas): add test coverage for canvas, mobile, settings, and FilesTab (22 files)' (#783) from design/704-tree-test-fix into main	2026-05-13 09:29:24 +00:00
Molecule AI Core-UIUX	de21d4a482	test(FilesTab): add FilesToolbar + NotAvailablePanel coverage ... Cherry-picked from test/settings-tab-coverage. - FilesToolbar.test.tsx: 349 lines - NotAvailablePanel.test.tsx: 101 lines Total: 197 test files, 3076 tests passing. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 09:15:14 +00:00
Molecule AI Core-UIUX	d0ad8c76fa	test(FilesTab): add useFilesApi coverage — 7 cases ... Cherry-picked from test/settings-tab-coverage (commit 46086ef6). Covers file entry walking and API interactions. Total: 195 test files, 3047 tests passing. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 09:15:14 +00:00
Molecule AI Core-UIUX	5c2238265f	test: add components-pure + TestConnectionButton coverage ... Cherry-picked from test/settings-tab-coverage (commit 226b7679). - components-pure.test.ts: 184 lines, toMobileAgent + classifyForFilter - TestConnectionButton.test.tsx: 245 lines, 29 test cases Total: 194 test files, 3040 tests passing. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 09:15:14 +00:00
Molecule AI Core-UIUX	9378720c96	test(canvas): add TopBar + FileEditor + AttachmentLightbox coverage ... Cherry-picked from test/settings-tab-coverage (commit 36d93f21). - canvas/TopBar.test.tsx: 97 lines, canvas header scaffold rendering - FileEditor.test.tsx: 312 lines, file editor rendering + interactions - AttachmentLightbox.test.tsx: 247 lines, image lightbox rendering Total: 192 test files, 3006 tests passing. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 09:15:14 +00:00
Molecule AI Core-UIUX	2eb3f3eade	test(mobile): add MobileHome + MobileMe + MobileChat + MobileDetail coverage ... Cherry-picked from test/settings-tab-coverage (commit fd424dba). - MobileHome.test.tsx: 245 lines, agent list + filter chips - MobileMe.test.tsx: 212 lines, Me screen rendering - MobileChat.test.tsx: 323 lines, chat thread + composer - MobileDetail.test.tsx: 367 lines, agent detail view Makes #727 a complete superset of all mobile screen test coverage. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 09:15:14 +00:00
Molecule AI Core-UIUX	0e9709b2bf	test(canvas): add SidePanel + TemplatePalette coverage ... Cherry-picked from test/settings-tab-coverage (PRs #708/#726). - SidePanel.general.test.tsx: 390 lines - TemplatePalette.test.tsx: 260 lines Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 09:15:14 +00:00
Molecule AI Core-UIUX	2ca269fec0	test(settings): add AddKeyForm + OrgTokensTab + SecretRow + SecretsTab coverage ... Cherry-picked from test/settings-tab-coverage (PRs #708/#726). - AddKeyForm: 340 lines, form validation + submission tests - OrgTokensTab: 407 lines, org token CRUD + display tests - SecretRow: 291 lines, secret display + reveal/copy/delete actions - SecretsTab: 308 lines, secrets list + empty state + add form Makes #704 a true superset of all settings test coverage. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 09:15:14 +00:00
Molecule AI Core-UIUX	ec51e5f381	test(settings): add SettingsPanel coverage — 14 cases ... Covers: closed-by-default, open/close, tab navigation (Secrets/Tokens/Org API Keys), unsaved guard integration (keep editing, discard), fetchSecrets on open, aria-label accessibility. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 09:15:14 +00:00
Molecule AI Core-UIUX	be6ca035a8	test(canvas/tabs): add tree.test.ts — 29 cases for FilesTab getIcon + buildTree ... Cherry-picked from test/settings-tab-coverage (PR #726). Covers: getIcon extension matching (upper/lowercase, no-ext), buildTree node-counting (file/folder/total), root-vs-nested classification. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 09:15:14 +00:00
devops-engineer	98fe199de4	Merge pull request 'fix(ci): add serialized Gitea merge queue' (#819) from fix/gitea-merge-queue into main	2026-05-13 09:06:02 +00:00
hongming	c65a43133e	Merge branch 'main' into fix/gitea-merge-queue	2026-05-13 08:59:50 +00:00
hongming-codex-laptop	9eb8aad5c1	fix(ci): add serialized Gitea merge queue	2026-05-13 01:56:58 -07:00
devops-engineer	01ca22eedd	Merge pull request 'fix(ci): add labeled/unlabeled to sop-checklist-gate triggers (mc#817)' (#818) from fix/sop-gate-labeled-trigger into main	2026-05-13 08:50:36 +00:00
devops-engineer	4d63795470	Merge pull request 'fix(ci/main): sync audit-force-merge REQUIRED_CHECKS with branch protection' (#812) from sre/main-drift-fix into main	2026-05-13 08:49:29 +00:00
Molecule AI Infra-SRE	0b5ac695b1	fix(ci/main): sync audit-force-merge REQUIRED_CHECKS with branch protection ... mc#805 drift: REQUIRED_CHECKS listed Secret scan + sop-tier-check (neither enforced on main) while missing the enforced sop-checklist. Correct main branch protection requires: - CI / all-required (pull_request) - sop-checklist / all-items-acked (pull_request) Also trims verbose comments and moves permissions: into the job block to mirror sop-tier-check.yml structure. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 08:41:45 +00:00
core-devops	8e1d12e563	fix(ci): add labeled/unlabeled to sop-checklist-gate pull_request_target types ... Closes mc#817. The gate was not re-running when a tier label was added after initial PR open, leaving a stale failure status. Adding labeled/unlabeled triggers a fresh evaluation whenever tier label changes, eliminating need for manual compensating statuses.	2026-05-13 08:41:40 +00:00
devops-engineer	3db93d3d44	Merge pull request '[core-be-agent] test(handlers/bundle): add bundle_test.go — 5 cases + fix nil broadcaster panic' (#801) from feat/workspace-dispatchers-test-coverage into main	2026-05-13 08:29:41 +00:00
devops-engineer	f547ff99a2	Merge PR #813: bound Playwright browser install ... Merge via devops-engineer after SOP, QA, security, and manual workflow-only CI validation passed.	2026-05-13 08:22:14 +00:00
hongming-codex-laptop	eafb5b4ac0	fix(ci): bound Playwright browser install	2026-05-13 01:10:34 -07:00
devops-engineer	871f8f52b5	Merge pull request 'fix(lint): resolve 64 pre-existing golangci-lint violations in workspace-server' (#803) from fix/golangci-lint-preexisting-violations into main	2026-05-13 07:55:29 +00:00
devops-engineer	e2d49a56e7	Merge pull request 'fix(ci): remove || true guards from jq pipelines in audit-force-merge.sh' (#792) from ci/audit-force-merge-silent-fail-fix into main	2026-05-13 07:47:42 +00:00
devops-engineer	463afaf7d9	Merge PR #811: harden Cloudflare sweep and disable AWS janitor schedule ... Merge via devops-engineer after SOP, QA, and security gates passed.	2026-05-13 07:47:02 +00:00
devops-engineer	f06a8e76fc	Merge pull request 'fix(platform): install docker-cli-buildx in workspace-server image (mc#765 follow-up)' (#796) from fix/workspace-server-docker-cli-buildx-mc765-followup into main	2026-05-13 07:42:04 +00:00
hongming-codex-laptop	334b748492	fix(ci): harden Cloudflare sweep API errors	2026-05-13 00:35:15 -07:00