release(prep): v0.14.1 — SBOM emitter fix + version bumps#264
Merged
Conversation
- pyproject.toml: 0.13.3 → 0.14.1 (dev was stuck at 0.13.3 throughout the v0.14.0 stream; bumping past v0.14.0 to align with what's actually on main) - RECOMMENDED_VERSION: 0.13.3 → 0.14.1 - pyproject.toml scripts: drop `bicameral-mcp-classify` (broken since #244 deleted cli/classify.py — carryover cleanup from the v0.14.0 release surgery) - release/sbom_emit.py: install wheel into temp venv before scanning. Fixes the v0.14.0 publish-pipeline halt where `cyclonedx-py environment <wheel>` failed because the subcommand introspects a Python environment via a Python-executable path, not a wheel file. New flow: tempdir venv → pip install wheel + cyclonedx-bom → run `cyclonedx-py environment --output-file <out> <venv-python>`. Output is the wheel's actual dependency closure with no contamination from the build env. `--output-file` flag replaces v0.14.0's `-o` short form (cyclonedx-py 7.x dropped the alias). - CHANGELOG.md: new ## v0.14.1 release header summarizing SBOM fix + #257 diagnose CLI + #259/#260 dependabot bumps. Demoted prior "[Unreleased]" content to "[Unreleased — pre-v0.14.0]" to mark the cutoff. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
jinhongkuan
had a problem deploying
to
recording-approval
GitHub Actions
Failure
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Sync's autonomy contract (skills/bicameral-sync/SKILL.md:203 — "Always complete step 2 before responding ... runs autonomously after a commit. Do not wait for user input.") broke whenever a touched decision had no `binds_to` edge yet, which is the common case for any newly-ingested decision. The agent had to be hand-walked: sync → "now bind" → "now sync again". P0 because every onboarding session hits this on the first post-ingest commit, breaking demo 02's headline value claim. Root cause: `handlers/link_commit.py` injects `_GROUNDING_INSTRUCTION_*` strings telling the agent what to do next, but the sync skill's only explicit step (step 2) consumes `pending_compliance_checks`, not `pending_grounding_checks`. Ungrounded entries fell through to "end of skill, return to user." Fix: new step 1.5 between current step 1 (Sync HEAD) and step 2 (Resolve every pending compliance check). The new step: - Triggers on `pending_grounding_checks` entries with `reason="ungrounded"`. - Resolves the symbol via Grep/Read + validate_symbols on the touched file. - Calls `bicameral.bind(decision_id, file_path, symbol_name)`. - Concatenates the returned `PendingComplianceCheck` with any pendings from the original `link_commit` response and proceeds to step 2 in the same invocation — no second human nudge. The `reason="symbol_disappeared"` (relocation) path is preserved unchanged — that case still bails out for V2 atomic rebind, per existing handlers/link_commit.py:77-92 logic. A one-line *symbol* glossary lands at the head of step 1.5, on first use of `symbol_name` in this skill (no separate bicameral-bind skill file exists; bind is invoked from sync + ingest, with the glossary introduced wherever the first invocation lives). Acceptance per #263: - [x] sync skill has explicit step consuming `pending_grounding_checks` reason=ungrounded → emits bind call - [x] After bind, skill proceeds to compliance resolution in same invocation (concatenated pendings list) - [x] reason=symbol_disappeared path unchanged - [x] Symbol glossary line in skill Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
jinhongkuan
had a problem deploying
to
recording-approval
GitHub Actions
Failure
jinhongkuan
had a problem deploying
to
recording-approval
GitHub Actions
Failure
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fast-follow on v0.14.0. Restores CycloneDX SBOM generation in the publish pipeline (skipped in v0.14.0 by hotfixes #261 + #262), fixes a P0 sync-skill autonomy bug, bumps version to v0.14.1, and cleans up a broken script entry left over from #244.
Closes
bicameral-syncstalls on ungrounded decisionsWhat's in the v0.14.1 release scope
This PR + the already-merged dev PRs since v0.14.0 cut: #257 (Layer 3 diagnose CLI), #259 (bm25s bump), #260 (sqlite-vec bump).
Out: #258 (Layer 4 ledger export/import) — currently CONFLICTING after #257 merged ahead of it; author needs to rebase. Will land in v0.14.2 or whenever it rebases.
Changes in this PR
release/sbom_emit.pyrewritten: install wheel into temp venv first, thencyclonedx-py environment --output-file <out> <venv-python>. Fixes the v0.14.0 halt at SBOM gen.skills/bicameral-sync/SKILL.md: new step 1.5 auto-binds ungrounded decisions in the same invocation, instead of bailing out for the user (fix(skill): bicameral-sync stalls on ungrounded decisions, requiring manual bind + re-sync #263 P0).pyproject.tomlversion0.13.3→0.14.1. Removes brokenbicameral-mcp-classifyscript.RECOMMENDED_VERSION0.13.3→0.14.1.CHANGELOG.md— new## v0.14.1release header.Test plan
python3 -c 'import ast; ast.parse(...)'on sbom_emit.pyruff check . && ruff format --check .clean