hongming-ceo-delegated
8c48bc9474
ci-arm64-advisory / fast-checks (pull_request) Waiting to run
Lint shellcheck (arm64 pilot) / shellcheck-arm64 (pilot) (pull_request) Successful in 11s
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 15s
CI / Python Lint & Test (pull_request) Successful in 7s
CI / Detect changes (pull_request) Successful in 11s
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 15s
E2E API Smoke Test / detect-changes (pull_request) Successful in 19s
E2E Chat / detect-changes (pull_request) Successful in 18s
Harness Replays / detect-changes (pull_request) Successful in 4s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 6s
Lint forbidden tenant-env keys / Scan workspace_secrets writers for forbidden env keys (pull_request) Successful in 4s
Lint no tenant GITEA or GITHUB token write / Scan for repo-host token write into tenant workspace surface (pull_request) Successful in 4s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 4s
E2E Staging SaaS (full lifecycle) / pr-validate (pull_request) Successful in 36s
gate-check-v3 / gate-check (pull_request) Successful in 5s
qa-review / approved (pull_request) Failing after 7s
security-review / approved (pull_request) Failing after 4s
sop-checklist / review-refire (pull_request) Has been skipped
sop-tier-check / tier-check (pull_request) Successful in 6s
sop-checklist / all-items-acked (pull_request) acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, local-postgres-e2
sop-checklist / na-declarations (pull_request) N/A: (none)
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m3s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 7s
CI / Canvas (Next.js) (pull_request) Successful in 8s
E2E Chat / E2E Chat (pull_request) Successful in 7s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 8s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 3s
Harness Replays / Harness Replays (pull_request) Successful in 2s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 1m39s
E2E Staging SaaS (full lifecycle) / E2E Staging SaaS (pull_request) Successful in 6m23s
CI / Platform (Go) (pull_request) Successful in 4m34s
CI / all-required (pull_request) Successful in 9m37s
CI / Canvas Deploy Reminder (pull_request) Has been skipped
audit-force-merge / audit (pull_request) Successful in 7s
CPProvisioner.collectCPConfigFiles hard-capped the config bundle (config.yaml + prompts/*) at 12 KiB because the control plane embedded it in EC2 user-data (16 KiB AWS ceiling). That failed a paying customer: the jrs-auto SEO Agent's config exceeds 12 KiB, so Start() rejected it client-side with "cp provisioner: collect config files: config files exceed 12288 bytes" — the workspace could never provision. The control plane now delivers config OFF user-data (stages to Secrets Manager, the workspace fetches it into /configs at boot — see molecule-controlplane cp#329). The bundle travels here only inside the JSON HTTP body to CP, which has no 16 KiB limit, so the 12 KiB ceiling is obsolete. Raise cpConfigFilesMaxBytes from 12 KiB to 256 KiB: it becomes a pure transport-DoS guard (a buggy/hostile tenant can't stream an unbounded body and OOM the CP provision path), not the old user-data ceiling. Legitimate growth — more schedules, longer prompts, more skills — never re-hits a wall. TDD: TestStart_OversizedConfigBundleProvisions reproduces the exact failure (>12288-byte SEO-shaped bundle) and proves it now reaches the CP request body intact; TestCollectCPConfigFiles_DoSGuardStillBounds proves the guard still rejects an oversized (>256 KiB) bundle. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>