a4fc04189c
Some checks failed
branch-protection drift check / Branch protection drift (pull_request) Successful in 10s
Check merge_group trigger on required workflows / Required workflows have merge_group trigger (pull_request) Successful in 11s
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 14s
cascade-list-drift-gate / check (pull_request) Successful in 18s
Check migration collisions / Migration version collision check (pull_request) Successful in 23s
CI / Detect changes (pull_request) Successful in 24s
E2E API Smoke Test / detect-changes (pull_request) Successful in 24s
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 24s
pr-guards / disable-auto-merge-on-push (pull_request) Failing after 7s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 22s
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 16s
Harness Replays / detect-changes (pull_request) Successful in 25s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 20s
sop-tier-check / tier-check (pull_request) Failing after 21s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 38s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 26s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 41s
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 1m46s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 13s
Harness Replays / Harness Replays (pull_request) Successful in 9s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 1m31s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 4m8s
CI / Python Lint & Test (pull_request) Successful in 8m54s
CI / Canvas Deploy Reminder (pull_request) Has been skipped
CI / Canvas (Next.js) (pull_request) Failing after 10m21s
CI / Platform (Go) (pull_request) Successful in 13m8s
CodeQL / Analyze (${{ matrix.language }}) (go) (pull_request) Failing after 22m59s
CodeQL / Analyze (${{ matrix.language }}) (javascript-typescript) (pull_request) Failing after 23m26s
CodeQL / Analyze (${{ matrix.language }}) (python) (pull_request) Failing after 23m31s
audit-force-merge / audit (pull_request) Successful in 4s
Closes #155. Without this, every commit from a workspace booted via the standard provisioner lands with an empty `user.name`/`user.email` and Gitea attributes the work to whichever PAT pushed (typically the founder's `claude-ceo-assistant`), instead of the persona that actually authored the commit. That's the same fingerprint pattern that got us suspended on GitHub 2026-05-06. GITEA_USER is already injected per-workspace by the provisioner from workspace_secrets (verified: 8/8 Core-* workspaces have it set, correctly-named, on operator + local). Boot picks it up unconditionally; falls through cleanly if unset (e.g. legacy boxes without persona identity wiring). Email uses `bot.moleculesai.app` so agent commits are visually distinct from human-authored commits in Gitea history. The `gitconfig` copy from `/root/.gitconfig` to `/home/agent/.gitconfig` is now unconditional — previously it was nested inside the `molecule-git-token-helper.sh` block, which meant the per-persona identity wouldn't propagate to the agent user when the helper was unavailable. Also added an inline note that the github.com credential-helper block is post-suspension legacy. Full removal tracked under #171; this PR deliberately doesn't touch it (smaller blast radius). Tested: docker exec sets the same config in 8 running Core-* workspaces locally and they pick up correct identity for `git config -l`. Will reset when those containers restart, hence this PR for the persistent fix. |
||
|---|---|---|
| .. | ||
| adapters | ||
| builtin_tools | ||
| lib | ||
| molecule_audit | ||
| platform_tools | ||
| plugins_registry | ||
| policies | ||
| scripts | ||
| skill_loader | ||
| tests | ||
| .coveragerc | ||
| a2a_cli.py | ||
| a2a_client.py | ||
| a2a_executor.py | ||
| a2a_mcp_server.py | ||
| a2a_response.py | ||
| a2a_tools_delegation.py | ||
| a2a_tools_inbox.py | ||
| a2a_tools_memory.py | ||
| a2a_tools_messaging.py | ||
| a2a_tools_rbac.py | ||
| a2a_tools.py | ||
| adapter_base.py | ||
| agent.py | ||
| agents_md.py | ||
| boot_routes.py | ||
| build-all.sh | ||
| card_helpers.py | ||
| config.py | ||
| configs_dir.py | ||
| consolidation.py | ||
| coordinator.py | ||
| Dockerfile | ||
| entrypoint.sh | ||
| event_log.py | ||
| events.py | ||
| executor_helpers.py | ||
| heartbeat.py | ||
| inbox_uploads.py | ||
| inbox.py | ||
| initial_prompt.py | ||
| internal_chat_uploads.py | ||
| internal_file_read.py | ||
| main.py | ||
| mcp_cli.py | ||
| mcp_doctor.py | ||
| mcp_heartbeat.py | ||
| mcp_inbox_pollers.py | ||
| mcp_workspace_resolver.py | ||
| molecule_ai_status.py | ||
| not_configured_handler.py | ||
| platform_auth.py | ||
| platform_inbound_auth.py | ||
| plugins.py | ||
| preflight.py | ||
| prompt.py | ||
| pytest.ini | ||
| rebuild-runtime-images.sh | ||
| requirements.txt | ||
| runtime_wedge.py | ||
| secret_redactor.py | ||
| shared_runtime.py | ||
| smoke_mode.py | ||
| transcript_auth.py | ||
| watcher.py | ||