Merge branch 'main' into fix/internal-802-bp-directive-comments

2026-06-06 17:30:46 +00:00 · 2026-06-06 14:45:29 +00:00 · 2026-06-06 12:05:29 +00:00 · 2026-06-05 09:46:09 +00:00
3 changed files with 6 additions and 9 deletions
@@ -40,6 +40,7 @@ env:
  GITHUB_SERVER_URL: https://git.moleculesai.app

 jobs:
+  # bp-exempt: informational lint enforcing docker-host/publish pin convention (internal#512), not a merge gate
  lint-docker-host-pin:
    name: Lint docker-host pin on docker-touching workflows
    runs-on: docker-host
@@ -161,7 +161,7 @@ func (h *PluginsHandler) uninstallViaDocker(ctx context.Context, c *gin.Context,
 	// 1. Strip plugin's rule/fragment markers from CLAUDE.md (mirrors
 	//    AgentskillsAdaptor.uninstall lines 184-188). Best-effort: if
 	//    the user edited CLAUDE.md, our marker stays untouched.
-	h.stripPluginMarkersFromMemory(ctx, workspaceID, containerName, pluginName)
+	h.stripPluginMarkersFromMemory(ctx, containerName, pluginName)

 	// 2. Remove copied skill dirs declared in the plugin's plugin.yaml.
 	for _, skill := range skillNames {
@@ -171,11 +171,9 @@ func (h *PluginsHandler) uninstallViaDocker(ctx context.Context, c *gin.Context,
 			log.Printf("Plugin uninstall: skipping invalid skill name %q in %s: %v", skill, pluginName, err)
 			continue
 		}
-		if _, rmErr := h.execAsRoot(ctx, containerName, []string{
+		_, _ = h.execAsRoot(ctx, containerName, []string{
 			"rm", "-rf", "/configs/skills/" + skill,
-		}); rmErr != nil {
-			log.Printf("Plugin uninstall: failed to remove skill %s from %s: %v", skill, workspaceID, rmErr)
-		}
+		})
 	}

 	// 3. Delete the plugin directory itself (as root to handle file ownership).
@@ -393,7 +393,7 @@ func (h *PluginsHandler) readPluginSkillsFromContainer(ctx context.Context, cont
 // `# Plugin: <name> /` — mirrors AgentskillsAdaptor.uninstall's stripping
 // logic so install/uninstall are symmetric. Best-effort: silent on read or
 // write failure, since the rest of uninstall must still succeed.
-func (h *PluginsHandler) stripPluginMarkersFromMemory(ctx context.Context, workspaceID, containerName, pluginName string) {
+func (h *PluginsHandler) stripPluginMarkersFromMemory(ctx context.Context, containerName, pluginName string) {
 	// Use sed via bash -c for atomic in-place delete: drop the marker line
 	// and the blank line that follows it (install adds a leading blank line
 	// before the marker via append_to_memory). Three sed passes mirror the
@@ -417,9 +417,7 @@ func (h *PluginsHandler) stripPluginMarkersFromMemory(ctx context.Context, works
 		`awk 'BEGIN{skip=0; blanks=0} /^%s/{skip=1; blanks=0; next} skip==1 && /^[[:space:]]*$/{blanks++; if(blanks>=2){skip=0; print; next} next} /^# Plugin: /{if(skip==1)skip=0} skip==1{next} {print}' /configs/CLAUDE.md > /tmp/claude.new && mv /tmp/claude.new /configs/CLAUDE.md`,
 		regexpEscapeForAwk(marker),
 	)
-	if _, awkErr := h.execAsRoot(ctx, containerName, []string{"bash", "-c", script}); awkErr != nil {
-		log.Printf("Plugin uninstall: failed to strip markers from CLAUDE.md for %s in %s: %v", pluginName, workspaceID, awkErr)
-	}
+	_, _ = h.execAsRoot(ctx, containerName, []string{"bash", "-c", script})
 }

 // regexpEscapeForAwk escapes characters that have special meaning inside an
Author	SHA1	Message	Date
devops-engineer	7002ee7520	Merge branch 'main' into fix/internal-802-bp-directive-comments qa-review / approved (pull_request_review) Has been skipped Details sop-tier-check / tier-check (pull_request_review) Successful in 11s Details ci-arm64-advisory / fast-checks (pull_request) Waiting to run Details Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 9s Details CI / Detect changes (pull_request) Successful in 7s Details CI / Python Lint & Test (pull_request) Successful in 8s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 9s Details E2E Chat / detect-changes (pull_request) Successful in 9s Details CI / Platform (Go) (pull_request) Successful in 2s Details Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 6s Details Lint forbidden tenant-env keys / Scan for repo-host token write into tenant workspace surface (pull_request) Successful in 4s Details CI / Canvas (Next.js) (pull_request) Successful in 3s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 1s Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 3s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 15s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 16s Details E2E Chat / E2E Chat (pull_request) Successful in 3s Details Lint forbidden tenant-env keys / Scan workspace_secrets writers for forbidden env keys (pull_request) Successful in 11s Details CI / Canvas Deploy Status (pull_request) Has been skipped Details CI / all-required (pull_request) Successful in 3s Details lint-required-workflows-docker-host-pinned / Lint docker-host pin on docker-touching workflows (pull_request) Successful in 10s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 8s Details gate-check-v3 / gate-check (pull_request_target) Successful in 10s Details sop-checklist / review-refire (pull_request_target) Has been skipped Details Lint shellcheck (arm64 pilot) / shellcheck-arm64 (pilot) (pull_request) Successful in 16s Details security-review / approved (pull_request_target) Successful in 5s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 13s Details sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l Details sop-checklist / na-declarations (pull_request) N/A: (none) Details sop-checklist / all-items-acked (pull_request_target) Successful in 5s Details sop-tier-check / tier-check (pull_request_target) Successful in 6s Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 19s Details qa-review / approved (pull_request_target) Successful in 26s Details lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 58s Details lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Successful in 1m18s Details lint-required-context-exists-in-bp / lint-required-context-exists-in-bp (pull_request) Successful in 1m13s Details Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 1m28s Details Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m36s Details audit-force-merge / audit (pull_request_target) Successful in 8s Details security-review / approved (pull_request_review) Has been cancelled Details	2026-06-06 17:30:46 +00:00
devops-engineer	8a1a799389	Merge branch 'main' into fix/internal-802-bp-directive-comments ci-arm64-advisory / fast-checks (pull_request) Waiting to run Details CI / Python Lint & Test (pull_request) Successful in 3s Details Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 4s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 4s Details E2E Chat / detect-changes (pull_request) Successful in 6s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 7s Details Lint forbidden tenant-env keys / Scan for repo-host token write into tenant workspace surface (pull_request) Successful in 5s Details CI / Detect changes (pull_request) Successful in 10s Details Lint forbidden tenant-env keys / Scan workspace_secrets writers for forbidden env keys (pull_request) Successful in 5s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 8s Details CI / Platform (Go) (pull_request) Successful in 2s Details CI / Canvas (Next.js) (pull_request) Successful in 2s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 1s Details Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 9s Details lint-required-workflows-docker-host-pinned / Lint docker-host pin on docker-touching workflows (pull_request) Successful in 4s Details E2E Chat / E2E Chat (pull_request) Successful in 2s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 6s Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 2s Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 3s Details CI / Canvas Deploy Status (pull_request) Has been skipped Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 6s Details sop-checklist / review-refire (pull_request_target) Has been skipped Details gate-check-v3 / gate-check (pull_request_target) Successful in 6s Details sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l Details sop-checklist / na-declarations (pull_request) N/A: (none) Details sop-checklist / all-items-acked (pull_request_target) Successful in 5s Details security-review / approved (pull_request_target) Failing after 4s Details sop-tier-check / tier-check (pull_request_target) Failing after 5s Details Lint shellcheck (arm64 pilot) / shellcheck-arm64 (pilot) (pull_request) Successful in 14s Details CI / all-required (pull_request) Successful in 35s Details qa-review / approved (pull_request_target) Successful in 40s Details Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m17s Details lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m38s Details Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 1m43s Details lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Successful in 1m47s Details lint-required-context-exists-in-bp / lint-required-context-exists-in-bp (pull_request) Successful in 1m47s Details	2026-06-06 14:45:29 +00:00
devops-engineer	8a6f37128f	Merge branch 'main' into fix/internal-802-bp-directive-comments ci-arm64-advisory / fast-checks (pull_request) Waiting to run Details CI / Python Lint & Test (pull_request) Successful in 3s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 7s Details E2E Chat / detect-changes (pull_request) Successful in 7s Details Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 5s Details Lint forbidden tenant-env keys / Scan for repo-host token write into tenant workspace surface (pull_request) Successful in 4s Details Lint forbidden tenant-env keys / Scan workspace_secrets writers for forbidden env keys (pull_request) Successful in 4s Details CI / Detect changes (pull_request) Successful in 16s Details Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 16s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 18s Details lint-required-workflows-docker-host-pinned / Lint docker-host pin on docker-touching workflows (pull_request) Successful in 7s Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 7s Details E2E Chat / E2E Chat (pull_request) Successful in 7s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 25s Details Lint shellcheck (arm64 pilot) / shellcheck-arm64 (pilot) (pull_request) Successful in 17s Details gate-check-v3 / gate-check (pull_request_target) Successful in 9s Details CI / Canvas (Next.js) (pull_request) Successful in 6s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 10s Details CI / Platform (Go) (pull_request) Successful in 6s Details sop-checklist / review-refire (pull_request_target) Has been skipped Details qa-review / approved (pull_request_target) Successful in 9s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 4s Details security-review / approved (pull_request_target) Failing after 5s Details CI / Canvas Deploy Status (pull_request) Has been skipped Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 5s Details sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l Details sop-checklist / na-declarations (pull_request) N/A: (none) Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 6s Details sop-checklist / all-items-acked (pull_request_target) Successful in 8s Details sop-tier-check / tier-check (pull_request_target) Failing after 8s Details CI / all-required (pull_request) Successful in 3s Details Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 1m2s Details lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m2s Details lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Successful in 1m12s Details lint-required-context-exists-in-bp / lint-required-context-exists-in-bp (pull_request) Successful in 1m12s Details Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m17s Details	2026-06-06 12:05:29 +00:00
Molecule AI Dev Engineer A (Kimi)	11291e2939	fix(ci): add bp-exempt directive to lint-required-workflows-docker-host-pinned (internal#802) ci-arm64-advisory / fast-checks (pull_request) Waiting to run Details Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 3s Details CI / Python Lint & Test (pull_request) Successful in 4s Details CI / Detect changes (pull_request) Successful in 5s Details Lint shellcheck (arm64 pilot) / shellcheck-arm64 (pilot) (pull_request) Successful in 1s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 6s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 4s Details Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 4s Details Lint forbidden tenant-env keys / Scan workspace_secrets writers for forbidden env keys (pull_request) Successful in 4s Details E2E Chat / detect-changes (pull_request) Successful in 7s Details lint-required-workflows-docker-host-pinned / Lint docker-host pin on docker-touching workflows (pull_request) Successful in 4s Details Lint forbidden tenant-env keys / Scan for repo-host token write into tenant workspace surface (pull_request) Successful in 11s Details gate-check-v3 / gate-check (pull_request_target) Successful in 4s Details qa-review / approved (pull_request_target) Failing after 3s Details CI / Canvas (Next.js) (pull_request) Successful in 2s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 1s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 17s Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 2s Details CI / Canvas Deploy Status (pull_request) Has been skipped Details E2E Chat / E2E Chat (pull_request) Successful in 2s Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 2s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 18s Details security-review / approved (pull_request_target) Failing after 12s Details CI / Platform (Go) (pull_request) Successful in 12s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 10s Details CI / all-required (pull_request) Successful in 2s Details lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 57s Details lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Failing after 1m5s Details Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 1m6s Details lint-required-context-exists-in-bp / lint-required-context-exists-in-bp (pull_request) Successful in 1m10s Details Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m8s Details qa-review / approved (pull_request_review) Has been skipped Details security-review / approved (pull_request_review) Has been skipped Details sop-tier-check / tier-check (pull_request_review) Failing after 4s Details sop-checklist / review-refire (pull_request_target) Has been skipped Details sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l Details sop-checklist / na-declarations (pull_request) N/A: (none) Details sop-checklist / all-items-acked (pull_request_target) Successful in 4s Details sop-tier-check / tier-check (pull_request_target) Successful in 5s Details The lint-required-context-exists-in-bp linter requires every workflow job that emits a commit status to carry a bp directive within 3 lines above the job key. Three of the four flagged files already had correct directives; this file was missing one. Add # bp-exempt because this is an informational convention-enforcing lint (internal#512), not a merge gate. Closes internal#802	2026-06-05 09:46:09 +00:00