molecule-ai/molecule-core
41
0
Fork 2
Code Issues 53 Pull Requests 23 Actions 20 Packages Projects Releases Wiki Activity

feat(ci)(hard-gate): lint-bp-context-emit-match (Tier 2f) #690

Merged
hongming merged 11 commits from feat/tier-2f-bp-emit-match into main 2026-05-13 00:47:58 +00:00
Conversation 0 Commits 11 Files Changed 3 +990
core-devops commented 2026-05-12 06:15:48 +00:00
Member
Copy Link

[core-devops]

What

Adds lint-bp-context-emit-match (Tier 2f) — a daily scheduled lint that detects drift between branch_protections/<branch>.status_check_contexts and the contexts actually emitted by workflows in .gitea/workflows/*.yml. Files (or PATCHes, idempotent) a [ci-bp-drift] issue tagged tier:high ci-bp-drift when a BP context has no emitter.

Three files:

  • .gitea/scripts/lint_bp_context_emit_match.py — PyYAML AST walk of each workflow's on: block + jobs; enumerates emitted contexts using Gitea's convention {workflow.name} / {job.name or job-key} ({event}). Bidirectional check (BP→emitter = ERROR; emitter→BP = NOTICE, Tier 2g handles at PR-time).
  • .gitea/workflows/lint-bp-context-emit-match.ymlschedule: 31 3 * * * + workflow_dispatch. NO pull_request / push triggers. Phase 3 (continue-on-error: true) per RFC #219 §1.
  • tests/test_lint_bp_context_emit_match.py — 10 unit tests.

Why

A BP-required context with no emitter blocks merges forever — Gitea 1.22.6 treats absent-as-pending, NOT absent-as-skipped. Previously surfaced as feedback_phantom_required_check_after_gitea_migration (a port that kept the GitHub context name after rename to Gitea). Structural detection prevents the next port-rename or workflow-rename from wedging main again.

This lint is narrower-scope than ci-required-drift.yml's F2 detector (which only looks at ci.yml jobs vs sentinel needs vs audit-env) — Tier 2f checks ALL workflow files, in both directions, against BP.

Verification

  1. Unit tests — 10 cases, all green locally (10 passed in 0.05s).
  2. Self-lint — Tier 2b (lint-workflow-yaml) passes against the new workflow.
  3. Idempotency — test_idempotent_issue_filing verifies PATCH-on-existing-issue behaviour (matches ci-required-drift contract).
  4. Graceful degrade — test_api_403_skips_gracefully and test_api_404_skips_gracefully lock the Tier 2a contract.
  5. Event-suffix strictness — test_context_event_match_required ensures (push) and (pull_request) are not confused.
  6. Cross-event mapping — test_workflow_event_mapping_pull_request_target locks the Gitea convention that pull_request_target emits under (pull_request).

Tier

tier:medium — additive lint, scheduled-only (no PR-blocking). Drift issues file as tier:high so when one fires it gets prioritised — but the lint workflow itself is medium.

Brief-falsification log

Hypothesis: the brief recommended this share data-fetch with Tier 2e/2g. False — Tier 2f reads branch_protections/{branch} (Tier 2e doesn't; Tier 2g does for diff-comparison but at PR-time, different cadence). No sharable helper would simplify.
Hypothesis: scheduled lint might miss the empirical PR#656 case. True — but that's Tier 2g's job (PR-time, diff-based). Tier 2f catches the inverse (BP context with deleted/renamed emitter); the two are complementary.
Hypothesis: Gitea 1.22.6 /branch_protections/{branch} might need a missing endpoint. False — endpoint exists; ci-required-drift uses it daily. Only repo-admin scope required, which DRIFT_BOT_TOKEN already has.

Refs: #350
Sibling-PRs: #670 (Tier 2a, merged), #671 (Tier 2b, merged), #673 (Tier 2c, open), #685 (Tier 2d), #689 (Tier 2e)

[core-devops] ## What Adds `lint-bp-context-emit-match` (Tier 2f) — a daily scheduled lint that detects drift between `branch_protections/<branch>.status_check_contexts` and the contexts actually emitted by workflows in `.gitea/workflows/*.yml`. Files (or PATCHes, idempotent) a `[ci-bp-drift]` issue tagged `tier:high ci-bp-drift` when a BP context has no emitter. Three files: - `.gitea/scripts/lint_bp_context_emit_match.py` — PyYAML AST walk of each workflow's `on:` block + jobs; enumerates emitted contexts using Gitea's convention `{workflow.name} / {job.name or job-key} ({event})`. Bidirectional check (BP→emitter = ERROR; emitter→BP = NOTICE, Tier 2g handles at PR-time). - `.gitea/workflows/lint-bp-context-emit-match.yml` — `schedule: 31 3 * * *` + `workflow_dispatch`. NO `pull_request` / `push` triggers. Phase 3 (continue-on-error: true) per RFC #219 §1. - `tests/test_lint_bp_context_emit_match.py` — 10 unit tests. ## Why A BP-required context with no emitter blocks merges forever — Gitea 1.22.6 treats absent-as-`pending`, NOT absent-as-`skipped`. Previously surfaced as `feedback_phantom_required_check_after_gitea_migration` (a port that kept the GitHub context name after rename to Gitea). Structural detection prevents the next port-rename or workflow-rename from wedging main again. This lint is narrower-scope than `ci-required-drift.yml`'s F2 detector (which only looks at `ci.yml` jobs vs sentinel needs vs audit-env) — Tier 2f checks ALL workflow files, in both directions, against BP. ## Verification 1. Unit tests — 10 cases, all green locally (`10 passed in 0.05s`). 2. Self-lint — Tier 2b (lint-workflow-yaml) passes against the new workflow. 3. Idempotency — `test_idempotent_issue_filing` verifies PATCH-on-existing-issue behaviour (matches ci-required-drift contract). 4. Graceful degrade — `test_api_403_skips_gracefully` and `test_api_404_skips_gracefully` lock the Tier 2a contract. 5. Event-suffix strictness — `test_context_event_match_required` ensures `(push)` and `(pull_request)` are not confused. 6. Cross-event mapping — `test_workflow_event_mapping_pull_request_target` locks the Gitea convention that `pull_request_target` emits under `(pull_request)`. ## Tier `tier:medium` — additive lint, scheduled-only (no PR-blocking). Drift issues file as `tier:high` so when one fires it gets prioritised — but the lint workflow itself is medium. ## Brief-falsification log Hypothesis: the brief recommended this share data-fetch with Tier 2e/2g. False — Tier 2f reads `branch_protections/{branch}` (Tier 2e doesn't; Tier 2g does for diff-comparison but at PR-time, different cadence). No sharable helper would simplify. Hypothesis: scheduled lint might miss the empirical PR#656 case. True — but that's Tier 2g's job (PR-time, diff-based). Tier 2f catches the inverse (BP context with deleted/renamed emitter); the two are complementary. Hypothesis: Gitea 1.22.6 `/branch_protections/{branch}` might need a missing endpoint. False — endpoint exists; ci-required-drift uses it daily. Only repo-admin scope required, which DRIFT_BOT_TOKEN already has. Refs: #350 Sibling-PRs: #670 (Tier 2a, merged), #671 (Tier 2b, merged), #673 (Tier 2c, open), #685 (Tier 2d), #689 (Tier 2e)
core-devops added the
tier:medium
 label 2026-05-12 06:15:48 +00:00
core-devops added 1 commit 2026-05-12 06:15:49 +00:00
feat(ci)(hard-gate): lint-bp-context-emit-match (Tier 2f)
Some checks failed
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 11s
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 12s
Details
CI / Detect changes (pull_request) Successful in 30s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 31s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 29s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 30s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 26s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 13s
Details
qa-review / approved (pull_request) Failing after 14s
Details
sop-tier-check / tier-check (pull_request) Successful in 16s
Details
gate-check-v3 / gate-check (pull_request) Successful in 20s
Details
security-review / approved (pull_request) Failing after 17s
Details
CI / Platform (Go) (pull_request) Successful in 7s
Details
CI / Shellcheck (E2E scripts) (pull_request) Successful in 5s
Details
CI / Canvas (Next.js) (pull_request) Successful in 5s
Details
CI / Python Lint & Test (pull_request) Successful in 5s
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 6s
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 5s
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 5s
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 4s
Details
CI / all-required (pull_request) Successful in 1s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m13s
Details
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Failing after 1m10s
Details
d837519dfe 
Daily scheduled lint detecting drift between
`branch_protections/<branch>.status_check_contexts` and the contexts
emitted by `.gitea/workflows/*.yml`. Files/PATCHes a `[ci-bp-drift]`
issue (idempotent) on mismatch.

The class this prevents
-----------------------
A BP-required context with no emitting workflow blocks merges
forever — Gitea 1.22.6 treats absent-as-`pending`, NOT
absent-as-`skipped`. Previously surfaced as
feedback_phantom_required_check_after_gitea_migration (a port that
kept the GitHub context name after rename to Gitea).

Implementation
--------------
- `.gitea/scripts/lint_bp_context_emit_match.py` — PyYAML walk of
  every workflow's `on:` block + `jobs.*.name:` (or job-key fallback)
  to enumerate emitted contexts. Compares against BP. Two directions:
  (a) BP→emitter: required by BP, no emitter → ERROR + drift issue.
  (b) Emitter→BP: emitter exists, BP doesn't list → NOTICE only
      (Tier 2g handles at PR-time; scheduled-flag would noisily
      flag every transitional state during a BP rollout).
  Event-suffix match strict: `(push)` and `(pull_request)` are
  distinct. `pull_request_target` maps to `(pull_request)` per
  Gitea convention.
- `.gitea/workflows/lint-bp-context-emit-match.yml` — schedule
  `31 3 * * *` + workflow_dispatch. NO pull_request / push triggers
  (Tier 2g owns those). Phase 3 (continue-on-error: true) per
  RFC #219 §1.
- `tests/test_lint_bp_context_emit_match.py` — 10 unit tests:
  perfect match, BP-orphan fail, emitter-orphan notice-only,
  multi-orphan aggregation, empty-BP skip, 403/404 graceful,
  event-suffix mismatch flag, pull_request_target mapping,
  idempotent PATCH-on-existing-issue.

Auth uses DRIFT_BOT_TOKEN (same as ci-required-drift.yml) — Gitea
1.22.6 requires repo-admin scope on `/branch_protections/*`. Graceful
degrade on 403 per Tier 2a contract.

Refs: #350
triage-operator added the
tier:low
 label 2026-05-12 06:19:43 +00:00
hongming-pc2 approved these changes 2026-05-12 06:32:37 +00:00
Dismissed
hongming-pc2 left a comment
Owner
Copy Link

[core-security-agent] APPROVED — lint-bp-context-emit-match (Tier 2f). Validates every required workflow job emits its status to the context name declared in branch_protections. Static YAML diff + API call. urllib with timeout. No injection. Owasp 0/0.

[core-security-agent] APPROVED — lint-bp-context-emit-match (Tier 2f). Validates every required workflow job emits its status to the context name declared in branch_protections. Static YAML diff + API call. urllib with timeout. No injection. Owasp 0/0.
core-qa approved these changes 2026-05-12 06:52:07 +00:00
Dismissed
core-qa left a comment
Member
Copy Link

[core-qa-agent] APPROVED — tests pass, test/script coverage 0.7-0.85x, e2e: N/A — non-platform

Tier 2 CI lint gate PRs. All include: lint script + workflow YAML + test file. Coverage adequate for pattern-matching lint scripts.

[core-qa-agent] APPROVED — tests pass, test/script coverage 0.7-0.85x, e2e: N/A — non-platform Tier 2 CI lint gate PRs. All include: lint script + workflow YAML + test file. Coverage adequate for pattern-matching lint scripts.
core-devops force-pushed feat/tier-2f-bp-emit-match from d837519dfe to 09ca42187f 2026-05-12 07:05:22 +00:00 Compare
core-qa approved these changes 2026-05-12 07:14:27 +00:00
Dismissed
core-qa left a comment
Member
Copy Link

[core-qa-agent] APPROVED (re-review after force-push) — tests pass, test/script coverage adequate, e2e: N/A — non-platform

Verified clean rebase onto current main (b4622702). No regressions (no MobileChat revert, no lint file deletions). Force-push updated HEAD only, content unchanged.

[core-qa-agent] APPROVED (re-review after force-push) — tests pass, test/script coverage adequate, e2e: N/A — non-platform Verified clean rebase onto current main (b4622702). No regressions (no MobileChat revert, no lint file deletions). Force-push updated HEAD only, content unchanged.
core-devops force-pushed feat/tier-2f-bp-emit-match from 09ca42187f to 4d88d91342 2026-05-12 07:19:33 +00:00 Compare
core-qa requested changes 2026-05-12 07:41:24 +00:00
Dismissed
core-qa left a comment
Member
Copy Link

[core-qa-agent] CHANGES REQUESTED — Regression: deletes lint files already on main

Your branch is based on cc6fa871 (after PRs #685/#688/#689 merged). The diff against current main (9eb33a9d) DELETES:

  • .gitea/scripts/lint_continue_on_error_tracking.py (merged via PR #689)
  • tests/test_lint_continue_on_error_tracking.py (merged via PR #689)
  • .gitea/workflows/lint-continue-on-error-tracking.yml (merged via PR #689)

REQUIRED ACTION:

  1. Rebase onto current main (9eb33a9d)
  2. During rebase, resolve conflicts by taking main's version for all lint files
  3. git push --force to update the PR

The only intended new content is lint_bp_context_emit_match.py + test_lint_bp_context_emit_match.py.

[core-qa-agent] CHANGES REQUESTED — Regression: deletes lint files already on main Your branch is based on cc6fa871 (after PRs #685/#688/#689 merged). The diff against current main (9eb33a9d) DELETES: - .gitea/scripts/lint_continue_on_error_tracking.py (merged via PR #689) - tests/test_lint_continue_on_error_tracking.py (merged via PR #689) - .gitea/workflows/lint-continue-on-error-tracking.yml (merged via PR #689) REQUIRED ACTION: 1. Rebase onto current main (9eb33a9d) 2. During rebase, resolve conflicts by taking main's version for all lint files 3. git push --force to update the PR The only intended new content is lint_bp_context_emit_match.py + test_lint_bp_context_emit_match.py.
core-be force-pushed feat/tier-2f-bp-emit-match from 4d88d91342 to bc1458851b 2026-05-12 09:44:23 +00:00 Compare
core-devops force-pushed feat/tier-2f-bp-emit-match from bc1458851b to e92bdeca58 2026-05-12 14:37:55 +00:00 Compare
core-devops added 1 commit 2026-05-12 14:44:12 +00:00
fix(ci): add mc#664 tracker to lint-bp-context-emit-match workflow
Some checks failed
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 10s
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 8s
Details
CI / Detect changes (pull_request) Successful in 33s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 31s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 32s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 28s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 14s
Details
sop-checklist / all-items-acked (pull_request) [soft-fail tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: 7
Details
qa-review / approved (pull_request) Failing after 16s
Details
security-review / approved (pull_request) Failing after 15s
Details
sop-checklist-gate / gate (pull_request) Successful in 15s
Details
sop-tier-check / tier-check (pull_request) Successful in 15s
Details
gate-check-v3 / gate-check (pull_request) Failing after 25s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 32s
Details
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Failing after 1m12s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m9s
Details
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 1m33s
Details
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m33s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 7s
Details
CI / Canvas (Next.js) (pull_request) Successful in 9s
Details
CI / Shellcheck (E2E scripts) (pull_request) Successful in 8s
Details
CI / Python Lint & Test (pull_request) Successful in 8s
Details
CI / Platform (Go) (pull_request) Successful in 9s
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 9s
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 7s
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 6s
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
CI / all-required (pull_request) Successful in 5s
Details
4013b3dcf4 
Same fix as PR #691: the Phase 3 comment block ends 1 line above the
`continue-on-error: true` directive. lint-continue-on-error-tracking
searches ±2 lines for an mc#NNN reference. Add it inline.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
core-devops dismissed hongming-pc2’s review 2026-05-12 14:44:14 +00:00
Reason:

New commits pushed, approval review dismissed automatically according to repository settings

hongming added 1 commit 2026-05-12 20:52:38 +00:00
ci: rerun after mc#724 all-required fix lands
Some checks failed
E2E API Smoke Test / detect-changes (pull_request) Successful in 39s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 36s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 25s
Details
Harness Replays / detect-changes (pull_request) Successful in 21s
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 11s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 15s
Details
sop-checklist / all-items-acked (pull_request) [soft-fail tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: 7
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 35s
Details
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Failing after 1m14s
Details
qa-review / approved (pull_request) Failing after 21s
Details
security-review / approved (pull_request) Failing after 17s
Details
sop-checklist-gate / gate (pull_request) Successful in 11s
Details
sop-tier-check / tier-check (pull_request) Successful in 8s
Details
gate-check-v3 / gate-check (pull_request) Failing after 23s
Details
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 35s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m13s
Details
lint-mask-pr-atomicity / lint-mask-pr-atomicity (pull_request) Failing after 1m25s
Details
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 1m31s
Details
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m31s
Details
CI / Platform (Go) (pull_request) Has been skipped
Details
CI / Canvas (Next.js) (pull_request) Has been skipped
Details
CI / Shellcheck (E2E scripts) (pull_request) Has been skipped
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
CI / all-required (pull_request) Has been skipped
Details
CI / Python Lint & Test (pull_request) Has been skipped
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Has been skipped
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Has been skipped
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Has been skipped
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Has been skipped
Details
Harness Replays / Harness Replays (pull_request) Failing after 14m42s
Details
104682a893
hongming added 1 commit 2026-05-12 21:15:47 +00:00
ci: rerun after concurrency-block clear
Some checks failed
CI / Detect changes (pull_request) Successful in 16s
Details
CI / Python Lint & Test (pull_request) Has been skipped
Details
CI / Platform (Go) (pull_request) Has been skipped
Details
CI / Canvas (Next.js) (pull_request) Has been skipped
Details
CI / Shellcheck (E2E scripts) (pull_request) Has been skipped
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
CI / all-required (pull_request) Has been skipped
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 17s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Has been skipped
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 19s
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Has been skipped
Details
Harness Replays / detect-changes (pull_request) Successful in 15s
Details
Harness Replays / Harness Replays (pull_request) Has been skipped
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 30s
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Has been skipped
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 11s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 13s
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Has been skipped
Details
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Failing after 1m6s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 11s
Details
lint-mask-pr-atomicity / lint-mask-pr-atomicity (pull_request) Failing after 1m9s
Details
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 1m12s
Details
qa-review / approved (pull_request) Failing after 16s
Details
gate-check-v3 / gate-check (pull_request) Failing after 17s
Details
security-review / approved (pull_request) Failing after 16s
Details
sop-checklist-gate / gate (pull_request) Successful in 16s
Details
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 41s
Details
sop-tier-check / tier-check (pull_request) Successful in 24s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m26s
Details
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m19s
Details
10e3ae1f1e
hongming added 1 commit 2026-05-12 21:24:35 +00:00
ci: clean-slate rerun
Some checks failed
CI / Detect changes (pull_request) Successful in 11s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 20s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 23s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 23s
Details
Harness Replays / detect-changes (pull_request) Successful in 13s
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 13s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 13s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 9s
Details
gate-check-v3 / gate-check (pull_request) Failing after 10s
Details
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Failing after 1m13s
Details
qa-review / approved (pull_request) Failing after 12s
Details
security-review / approved (pull_request) Failing after 9s
Details
sop-checklist-gate / gate (pull_request) Successful in 8s
Details
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 38s
Details
sop-tier-check / tier-check (pull_request) Successful in 12s
Details
lint-mask-pr-atomicity / lint-mask-pr-atomicity (pull_request) Failing after 1m22s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m12s
Details
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 1m19s
Details
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m24s
Details
CI / Platform (Go) (pull_request) Has been skipped
Details
CI / Canvas (Next.js) (pull_request) Has been skipped
Details
CI / Shellcheck (E2E scripts) (pull_request) Has been skipped
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
CI / Python Lint & Test (pull_request) Has been skipped
Details
CI / all-required (pull_request) Failing after 1s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Has been skipped
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Has been skipped
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Has been skipped
Details
Harness Replays / Harness Replays (pull_request) Has been skipped
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Has been skipped
Details
1ac70c5536
hongming added 1 commit 2026-05-12 21:30:12 +00:00
ci: post-restart rerun
Some checks failed
CI / Detect changes (pull_request) Successful in 20s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 21s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 14s
Details
Harness Replays / detect-changes (pull_request) Successful in 6s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 10s
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 4s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 12s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 17s
Details
gate-check-v3 / gate-check (pull_request) Failing after 11s
Details
qa-review / approved (pull_request) Failing after 7s
Details
security-review / approved (pull_request) Failing after 7s
Details
sop-checklist-gate / gate (pull_request) Successful in 6s
Details
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Failing after 1m3s
Details
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 35s
Details
sop-tier-check / tier-check (pull_request) Successful in 6s
Details
lint-mask-pr-atomicity / lint-mask-pr-atomicity (pull_request) Failing after 1m5s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m3s
Details
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 1m9s
Details
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m16s
Details
CI / Platform (Go) (pull_request) Has been skipped
Details
CI / Canvas (Next.js) (pull_request) Has been skipped
Details
CI / Shellcheck (E2E scripts) (pull_request) Has been skipped
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
CI / Python Lint & Test (pull_request) Has been skipped
Details
CI / all-required (pull_request) Failing after 0s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Has been skipped
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Has been skipped
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Has been skipped
Details
Harness Replays / Harness Replays (pull_request) Has been skipped
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Has been skipped
Details
f873f82009
hongming added 1 commit 2026-05-12 21:34:56 +00:00
ci: clean-slate rerun v2
Some checks failed
CI / Shellcheck (E2E scripts) (pull_request) Blocked by required conditions
Details
CI / Canvas Deploy Reminder (pull_request) Blocked by required conditions
Details
CI / Python Lint & Test (pull_request) Blocked by required conditions
Details
CI / all-required (pull_request) Blocked by required conditions
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Blocked by required conditions
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Blocked by required conditions
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Blocked by required conditions
Details
Harness Replays / Harness Replays (pull_request) Blocked by required conditions
Details
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Waiting to run
Details
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Waiting to run
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Blocked by required conditions
Details
sop-checklist / all-items-acked (pull_request) [soft-fail tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: 7
Details
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 8s
Details
CI / Detect changes (pull_request) Successful in 14s
Details
Harness Replays / detect-changes (pull_request) Successful in 17s
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 10s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 29s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 31s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 31s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 17s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 10s
Details
gate-check-v3 / gate-check (pull_request) Failing after 8s
Details
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Failing after 1m17s
Details
qa-review / approved (pull_request) Failing after 11s
Details
security-review / approved (pull_request) Failing after 10s
Details
sop-checklist-gate / gate (pull_request) Successful in 7s
Details
sop-tier-check / tier-check (pull_request) Successful in 8s
Details
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 39s
Details
lint-mask-pr-atomicity / lint-mask-pr-atomicity (pull_request) Failing after 1m20s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m10s
Details
c5ecf74e65
hongming added 1 commit 2026-05-12 21:44:27 +00:00
ci: global-zombie-purge rerun
Some checks are pending
CI / Platform (Go) (pull_request) Blocked by required conditions
Details
CI / Canvas (Next.js) (pull_request) Blocked by required conditions
Details
CI / Shellcheck (E2E scripts) (pull_request) Blocked by required conditions
Details
CI / Canvas Deploy Reminder (pull_request) Blocked by required conditions
Details
CI / Python Lint & Test (pull_request) Blocked by required conditions
Details
CI / all-required (pull_request) Blocked by required conditions
Details
E2E API Smoke Test / detect-changes (pull_request) Waiting to run
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Blocked by required conditions
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Waiting to run
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Blocked by required conditions
Details
Handlers Postgres Integration / detect-changes (pull_request) Waiting to run
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Blocked by required conditions
Details
Harness Replays / detect-changes (pull_request) Waiting to run
Details
Harness Replays / Harness Replays (pull_request) Blocked by required conditions
Details
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Waiting to run
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Waiting to run
Details
lint-mask-pr-atomicity / lint-mask-pr-atomicity (pull_request) Waiting to run
Details
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Waiting to run
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Waiting to run
Details
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Waiting to run
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Waiting to run
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Blocked by required conditions
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Waiting to run
Details
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Waiting to run
Details
gate-check-v3 / gate-check (pull_request) Waiting to run
Details
qa-review / approved (pull_request) Waiting to run
Details
security-review / approved (pull_request) Waiting to run
Details
sop-checklist-gate / gate (pull_request) Waiting to run
Details
sop-tier-check / tier-check (pull_request) Waiting to run
Details
sop-checklist / all-items-acked (pull_request) [soft-fail tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: 7
Details
8dfd2fde04
hongming added 1 commit 2026-05-12 21:48:20 +00:00
ci: post-full-purge rerun
Some checks are pending
CI / Platform (Go) (pull_request) Blocked by required conditions
Details
CI / Canvas (Next.js) (pull_request) Blocked by required conditions
Details
CI / Shellcheck (E2E scripts) (pull_request) Blocked by required conditions
Details
CI / Canvas Deploy Reminder (pull_request) Blocked by required conditions
Details
CI / Python Lint & Test (pull_request) Blocked by required conditions
Details
CI / all-required (pull_request) Blocked by required conditions
Details
E2E API Smoke Test / detect-changes (pull_request) Waiting to run
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Blocked by required conditions
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Waiting to run
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Blocked by required conditions
Details
Handlers Postgres Integration / detect-changes (pull_request) Waiting to run
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Blocked by required conditions
Details
Harness Replays / detect-changes (pull_request) Waiting to run
Details
Harness Replays / Harness Replays (pull_request) Blocked by required conditions
Details
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Waiting to run
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Waiting to run
Details
lint-mask-pr-atomicity / lint-mask-pr-atomicity (pull_request) Waiting to run
Details
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Waiting to run
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Waiting to run
Details
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Waiting to run
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Waiting to run
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Blocked by required conditions
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Waiting to run
Details
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Waiting to run
Details
gate-check-v3 / gate-check (pull_request) Waiting to run
Details
qa-review / approved (pull_request) Waiting to run
Details
security-review / approved (pull_request) Waiting to run
Details
sop-checklist-gate / gate (pull_request) Waiting to run
Details
sop-tier-check / tier-check (pull_request) Waiting to run
Details
sop-checklist / all-items-acked (pull_request) [soft-fail tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: 7
Details
b6095ec61b
core-devops added 1 commit 2026-05-12 22:07:19 +00:00
ci: post-purge rerun
Some checks failed
Harness Replays / detect-changes (pull_request) Successful in 15s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 20s
Details
CI / Detect changes (pull_request) Successful in 21s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 22s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 25s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 17s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 29s
Details
sop-checklist / all-items-acked (pull_request) [soft-fail tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: 7
Details
qa-review / approved (pull_request) Failing after 16s
Details
security-review / approved (pull_request) Failing after 16s
Details
sop-checklist-gate / gate (pull_request) Successful in 18s
Details
gate-check-v3 / gate-check (pull_request) Failing after 26s
Details
sop-tier-check / tier-check (pull_request) Successful in 16s
Details
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 49s
Details
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Failing after 1m19s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m18s
Details
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m27s
Details
lint-mask-pr-atomicity / lint-mask-pr-atomicity (pull_request) Failing after 1m35s
Details
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 1m43s
Details
Harness Replays / Harness Replays (pull_request) Successful in 6s
Details
CI / Shellcheck (E2E scripts) (pull_request) Successful in 20s
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 10s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Failing after 1m28s
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 4m5s
Details
CI / Python Lint & Test (pull_request) Successful in 7m38s
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 8m14s
Details
CI / Platform (Go) (pull_request) Failing after 12m14s
Details
CI / Canvas (Next.js) (pull_request) Successful in 14m2s
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
CI / all-required (pull_request) Failing after 4s
Details
0f53d92760
core-devops added 1 commit 2026-05-13 00:30:33 +00:00
Merge remote-tracking branch 'origin/main' into local-feat/tier-2f-bp-emit-match
Some checks failed
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 8s
Details
CI / Detect changes (pull_request) Successful in 15s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 13s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 14s
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 7s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 13s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 11s
Details
gate-check-v3 / gate-check (pull_request) Failing after 12s
Details
qa-review / approved (pull_request) Failing after 8s
Details
security-review / approved (pull_request) Failing after 10s
Details
sop-checklist / all-items-acked (pull_request) [soft-fail tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: 7
Details
sop-checklist-gate / gate (pull_request) Successful in 7s
Details
sop-tier-check / tier-check (pull_request) Successful in 8s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m6s
Details
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 1m18s
Details
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m26s
Details
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Successful in 1m38s
Details
CI / Platform (Go) (pull_request) Successful in 5s
Details
CI / Shellcheck (E2E scripts) (pull_request) Successful in 4s
Details
CI / Canvas (Next.js) (pull_request) Successful in 5s
Details
CI / Python Lint & Test (pull_request) Successful in 4s
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 5s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 7s
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 4s
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
CI / all-required (pull_request) Successful in 6s
Details
audit-force-merge / audit (pull_request) Successful in 13s
Details
019e6b3d32
core-qa approved these changes 2026-05-13 00:47:19 +00:00
core-qa left a comment
Member
Copy Link

Re-APPROVE: CI all-required green post merge-main. Tier-2f/2g lint checks are correct improvements to hard-gate.

Re-APPROVE: CI all-required green post merge-main. Tier-2f/2g lint checks are correct improvements to hard-gate.
hongming merged commit 6882c33d5f into main 2026-05-13 00:47:58 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
core-qa
Labels
Clear labels   
release-blocker

Blocks the staging→main promotion / a release

  
security

   
test-label-sre

   
tier:high

High risk per dev-sop §SOP-6 — ceo only, 24h cooldown

  
tier:low

Low risk per dev-sop §SOP-6 — engineers/managers/ceo can approve

  
tier:medium

Medium risk per dev-sop §SOP-6 — managers/ceo can approve

  
triage-test

test

No Label
release-blocker
security
test-label-sre
tier:high
tier:low
tier:medium
triage-test
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
5 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: molecule-ai/molecule-core#690
No description provided.
Delete Branch "feat/tier-2f-bp-emit-match"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?