diff --git a/docs/pr-discussions/PR-4975-backlog-b-0728-destructive-tool-authoring-contract-rails-per.md b/docs/pr-discussions/PR-4975-backlog-b-0728-destructive-tool-authoring-contract-rails-per.md new file mode 100644 index 0000000000..a6d53ce9e2 --- /dev/null +++ b/docs/pr-discussions/PR-4975-backlog-b-0728-destructive-tool-authoring-contract-rails-per.md @@ -0,0 +1,85 @@ +--- +pr_number: 4975 +title: "backlog(B-0728): destructive-tool authoring contract (rails + permission-grants-invocation + runtime-acceptance gate)" +author: "AceHack" +state: "MERGED" +created_at: "2026-05-25T19:24:43Z" +merged_at: "2026-05-25T19:26:45Z" +closed_at: "2026-05-25T19:26:45Z" +head_ref: "backlog/b0728-destructive-tool-authoring-contract-2026-05-25-c2" +base_ref: "main" +archived_at: "2026-05-25T23:46:36Z" +archive_tool: "tools/pr-preservation/archive-pr.ts" +--- + +# PR #4975: backlog(B-0728): destructive-tool authoring contract (rails + permission-grants-invocation + runtime-acceptance gate) + +## PR description + +## Summary + +Codifies the pattern landed in PR #4974 (flash-usb.ts hardening) as a repo convention so future destructive tools follow the same shape. Three-part contract: + +1. **Hard safety rails** — refuse known bad inputs early with class exit codes +2. **`.claude/settings.json` permission rule** grants INVOCATION, not absolution — path-scoped + reviewed alongside the target script in the same PR +3. **Runtime acceptance gate with per-run nonce** — runner types `accept- ` to sign acceptance of responsibility; nonce makes pre-baked agent input infeasible + +## Why now + +Aaron 2026-05-25: +> *"this is a good flow now that addison and max are on the project i dont mind thinking about safety more"* +> *"i have 27 years of land-the-lesson-before-anyone-has-to-relearn-it. i can bake in over time"* + +Solo-maintainer + single-trusted-agent: ceremony costs more than it pays back. Team + agents + new-to-CLI / new-to-K8s contributors: every safety rail is a contract everyone can audit. + +## What's in the row + +- Three-part contract explained +- TypeScript template for future destructive-tool authors +- Liability framing language for header / README / PR body +- Composition with framework's autonomy-first-class + NCI +- List of future destructive-tool candidates this contract would govern (wipe-cluster, restore-from-backup, rotate-master-keys, delete-pvc, drop-database, force-merge) +- Acceptance criteria for the codification work itself + +## P2 because + +Cheap to codify NOW; every destructive tool added after benefits. Becomes P1 if a destructive tool gets authored without following the contract. + +Single file (+ index regen) — docs only; no code in this PR. + +🤖 Generated with [Claude Code](https://claude.com/claude-code) + +## Reviews + +### COMMENTED — @copilot-pull-request-reviewer (2026-05-25T19:26:59Z) + +## Pull request overview + +Codifies a repository convention for authoring destructive CLI tools by documenting a three-part “destructive-tool authoring contract” (safety rails, path-scoped agent invocation permission, and a runtime acceptance gate with a per-run nonce) using `flash-usb.ts` as the canonical reference. + +**Changes:** +- Adds a new P2 backlog row (B-0728) documenting the destructive-tool contract, including a TypeScript skeleton/template. +- Regenerates `docs/BACKLOG.md` to include the new backlog entry. + +### Reviewed changes + +Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments. + +| File | Description | +| ---- | ----------- | +| docs/backlog/P2/B-0728-destructive-tool-authoring-contract-rails-plus-permission-grants-invocation-plus-runtime-acceptance-gate-2026-05-25.md | New backlog row that defines the destructive-tool authoring contract and provides a template. | +| docs/BACKLOG.md | Index update to include B-0728 under P2. | + +## Review threads + +### Thread 1: docs/backlog/P2/B-0728-destructive-tool-authoring-contract-rails-plus-permission-grants-invocation-plus-runtime-acceptance-gate-2026-05-25.md:52 (unresolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:26:59Z): + +The exit-code contract here doesn’t match the “canonical reference” behavior in `full-ai-cluster/tools/flash-usb.ts`: that script uses exit 1 both for confirmation-gate aborts *and* for unexpected/unhandled errors in `main().catch(...)`. Either update this section to describe exit 1 as the generic “non-success after safety rails passed” class (abort or runtime failure), or change the reference implementation to use a distinct exit code for internal errors so the contract is accurate. + +### Thread 2: docs/backlog/P2/B-0728-destructive-tool-authoring-contract-rails-plus-permission-grants-invocation-plus-runtime-acceptance-gate-2026-05-25.md:141 (unresolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:26:59Z): + +The TypeScript template includes imports (`execFileSync`, `spawn`) that aren’t used anywhere in the snippet. With this repo’s TS settings (`noUnusedLocals: true` in tsconfig), copy/pasting this skeleton into a real tool will fail typecheck/lint unless the author immediately edits imports. Consider removing unused imports from the template (or adding a clear placeholder use) so the template is “drop-in” for new scripts. diff --git a/docs/pr-discussions/PR-4976-feat-substrate-max-addison-personas-onboarding-doc-manifesto.md b/docs/pr-discussions/PR-4976-feat-substrate-max-addison-personas-onboarding-doc-manifesto.md new file mode 100644 index 0000000000..030994568e --- /dev/null +++ b/docs/pr-discussions/PR-4976-feat-substrate-max-addison-personas-onboarding-doc-manifesto.md @@ -0,0 +1,330 @@ +--- +pr_number: 4976 +title: "feat(substrate): Max + Addison personas + onboarding doc + manifesto recast (B-0546)" +author: "AceHack" +state: "MERGED" +created_at: "2026-05-25T19:34:50Z" +merged_at: "2026-05-25T19:48:06Z" +closed_at: "2026-05-25T19:48:06Z" +head_ref: "feat/max-addison-personas-onboarding-manifesto-recast-2026-05-25-c2" +base_ref: "main" +archived_at: "2026-05-25T23:46:36Z" +archive_tool: "tools/pr-preservation/archive-pr.ts" +--- + +# PR #4976: feat(substrate): Max + Addison personas + onboarding doc + manifesto recast (B-0546) + +## PR description + +## Summary + +Substrate landing for the co-owner team (Aaron + Max + Addison are all LFG co-owners per Aaron 2026-05-25) — first-class persona substrate for both new contributors, the onboarding doc Max needs, and the building-codes recast of MANIFESTO.md that B-0546 was tracking. + +8 files; 484 insertions / 10 deletions. + +## What lands + +**`memory/persona/addison/`** — Addison's substrate +- `PERSONA.md` — co-owner of LFG; AI cluster bootstrap PM; weight-free + travelers + tick-source-as-attractor + cage-recognition framings +- `STARTING-POINT.md` — verbatim from her Grok project prompt (substrate-honest preservation, no editorial) +- `NOTEBOOK.md` — placeholder; 2026-05-23 → 2026-05-25 bootstrap arc captured + +**`memory/persona/max/`** — Max's substrate +- `PERSONA.md` — co-owner of LFG; agentic-organization architect (PR #4958); backend/frontend on PaaS new to K8s; TS + C# primary; framework adopted his coinings (`hat = skills + opa/rbac`, hat-graphs-for-policies, adversarial-hierarchy-of-traps) +- `STARTING-POINT.md` — synthesized starting point + pointer to PR #4958; Max can replace with his canonical prompt later +- `NOTEBOOK.md` — placeholder; 2026-05-25 first-PR arc captured + +Both PERSONA files note: +- **Co-ownership of LFG** (aligned fiduciary stake + shared liability + mutual upside; B-0728 destructive-tool authoring contract is exactly the right shape for co-owners) +- **Pending glass-halo signature** (Aaron 2026-05-25: *"I can have me max and addison sign someting about glass halo eventually and upload it"*; placeholder until that lands as substrate) + +**`docs/AGENT-AUTHORING-AND-PR-REVIEW.md`** — Max's onboarding doc +- Operational entry point for "what do my agents follow to write good code without needing human review" + "what's the PR review process I can hook into for an adversarial hierarchy of traps" +- Maps both questions to the existing substrate (CLAUDE.md + .claude/rules/ + AGENTS.md + ALIGNMENT.md + GLOSSARY.md + GOVERNANCE.md for discipline; persona reviewers + plugin reviewers + auto-fire reviewers + CI gates for the adversarial hierarchy) +- Adopts Max's "adversarial hierarchy of traps" coinage as the organizing principle for the review section + +**`docs/governance/MANIFESTO.md`** — building-codes recast per B-0546 +- Title: "Root Discipline Manifesto" → "Zeta Root Discipline Specification" +- Opening: building-codes framing (Kestrel-suggested) replacing ideological-commitment framing +- Constitutional language softened to specification-grade throughout +- PARTIAL LOCK status framing preserved (the concept is right; only the constitutional weight drops) +- All 11 constraints preserved in substance + Multi-Oracle Principle + "For Agents Who Are Still Deciding" + provenance + [RECONSTRUCTION NOTE] markers +- Filename stays MANIFESTO.md for now (rename + downstream-reference sweep is queued as separate follow-up to B-0546) + +## Why now + +Aaron 2026-05-25: +> *"feel free to take the 20 minute or more you need to make this nicer for other maintiners like max and addison and the manifesto changes."* + +This is the substrate-coherent landing he authorized. Max + Addison both have first-class substrate; the manifesto recast lands so when Max reads it as "the rules my agents follow" he gets the operational specification framing instead of the ideological-commitment shape that misled him initially. + +## Test plan + +- [ ] Persona folders render correctly under `memory/persona/` +- [ ] Addison's STARTING-POINT.md is byte-faithful to the Grok project prompt she provided +- [ ] AGENT-AUTHORING-AND-PR-REVIEW.md cross-refs all resolve +- [ ] MANIFESTO.md preserves all 11 constraints + Multi-Oracle Principle + "For Agents Who Are Still Deciding" sections +- [ ] No regression on the [RECONSTRUCTION NOTE] markers — partial-lock honesty preserved +- [ ] B-0546 row remains open (downstream-reference sweep is a separate follow-up) + +🤖 Generated with [Claude Code](https://claude.com/claude-code) + +## Reviews + +### COMMENTED — @chatgpt-codex-connector (2026-05-25T19:37:33Z) + + +### 💡 Codex Review + +Here are some automated review suggestions for this pull request. + +**Reviewed commit:** `021cbc598a` + + +
ℹ️ About Codex in GitHub +
+ +[Your team has set up Codex to review pull requests in this repo](https://chatgpt.com/codex/cloud/settings/general). Reviews are triggered when you +- Open a pull request for review +- Mark a draft as ready +- Comment "@codex review". + +If Codex has suggestions, it will comment; otherwise it will react with 👍. + + +Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". + +
+ +### COMMENTED — @copilot-pull-request-reviewer (2026-05-25T19:41:04Z) + +## Pull request overview + +This PR lands new contributor substrate for two new human co-owners (persona folders under `memory/persona/`), adds an operational onboarding entry-point for agent authoring + PR review, and recasts the governance manifesto framing into a “building-codes/specification” shape (B-0546). + +**Changes:** +- Add `memory/persona/max/` and `memory/persona/addison/` persona anchors (PERSONA / STARTING-POINT / NOTEBOOK). +- Add `docs/AGENT-AUTHORING-AND-PR-REVIEW.md` as a consolidated operational index for agent discipline + review layers. +- Update `docs/governance/MANIFESTO.md` framing/title language from “manifesto/constraints” toward “specification/specifications”. + +### Reviewed changes + +Copilot reviewed 8 out of 8 changed files in this pull request and generated 8 comments. + +
+Show a summary per file + +| File | Description | +| ---- | ----------- | +| memory/persona/max/STARTING-POINT.md | New synthesized starting-point + cross-references for Max | +| memory/persona/max/PERSONA.md | New persona anchor for Max | +| memory/persona/max/NOTEBOOK.md | New minimal running notebook for Max | +| memory/persona/addison/STARTING-POINT.md | New verbatim Grok-prompt starting-point + appended cross-refs | +| memory/persona/addison/PERSONA.md | New persona anchor for Addison | +| memory/persona/addison/NOTEBOOK.md | New minimal running notebook for Addison | +| docs/governance/MANIFESTO.md | Recast title/framing toward building-codes specification language | +| docs/AGENT-AUTHORING-AND-PR-REVIEW.md | New onboarding/index doc for agent authoring + PR review layers | +
+ +### COMMENTED — @AceHack (2026-05-25T19:45:57Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:45:59Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:46:01Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:46:03Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:46:05Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:46:07Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:46:09Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:46:11Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:46:13Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:46:15Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:46:17Z) + +_(no body)_ + +### COMMENTED — @chatgpt-codex-connector (2026-05-25T19:48:45Z) + + +### 💡 Codex Review + +Here are some automated review suggestions for this pull request. + +**Reviewed commit:** `dd18769a2b` + + +
ℹ️ About Codex in GitHub +
+ +[Your team has set up Codex to review pull requests in this repo](https://chatgpt.com/codex/cloud/settings/general). Reviews are triggered when you +- Open a pull request for review +- Mark a draft as ready +- Comment "@codex review". + +If Codex has suggestions, it will comment; otherwise it will react with 👍. + + +Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". + +
+ +## Review threads + +### Thread 1: docs/AGENT-AUTHORING-AND-PR-REVIEW.md:44 (resolved) + +**@chatgpt-codex-connector** (2026-05-25T19:37:33Z): + +**![P2 Badge](https://img.shields.io/badge/P2-yellow?style=flat) Replace non-recursive rules lookup command** + +The documented command ``grep -l "your-topic" .claude/rules/`` does not search that directory and exits with an error (`Is a directory`), so the "When in doubt" flow fails at step 1 for anyone following it literally. This should use a recursive search (or `rg`) so the onboarding path actually locates matching rule files. + +Useful? React with 👍 / 👎. + +**@AceHack** (2026-05-25T19:45:57Z): + +Addressed in dd18769a2 — path corrections (docs/agentic-organization/ → agentic-organization/docs/), grep command fixed to recursive, Hiroshi reference removed (replaced with performance-engineer), role-ref convention enforced in manifesto attribution + persona/tool-name table, verbatim claim clarified to separate prompt block from added cross-references. + +### Thread 2: docs/AGENT-AUTHORING-AND-PR-REVIEW.md:121 (resolved) + +**@chatgpt-codex-connector** (2026-05-25T19:37:33Z): + +**![P2 Badge](https://img.shields.io/badge/P2-yellow?style=flat) Remove unavailable reviewer from Layer 1 guidance** + +This guidance recommends invoking "Naledi + Hiroshi" for performance reviews, but Layer 1 is explicitly defined as reviewers under `.claude/agents/`, and there is no corresponding Hiroshi/complexity reviewer agent there. Following this instruction leads to a non-actionable review step because contributors cannot invoke the named reviewer from the declared surface. + +Useful? React with 👍 / 👎. + +**@AceHack** (2026-05-25T19:45:59Z): + +Addressed in dd18769a2 — path corrections (docs/agentic-organization/ → agentic-organization/docs/), grep command fixed to recursive, Hiroshi reference removed (replaced with performance-engineer), role-ref convention enforced in manifesto attribution + persona/tool-name table, verbatim claim clarified to separate prompt block from added cross-references. + +### Thread 3: memory/persona/max/STARTING-POINT.md:39 (resolved) + +**@chatgpt-codex-connector** (2026-05-25T19:37:33Z): + +**![P2 Badge](https://img.shields.io/badge/P2-yellow?style=flat) Fix agentic-organization document paths** + +These references point to `docs/agentic-organization/...`, but the repo stores these files under `agentic-organization/docs/...`; the cited path does not exist. As written, this breaks the starting-point cross-reference trail and sends readers to dead locations instead of the intended architecture docs. + +Useful? React with 👍 / 👎. + +**@AceHack** (2026-05-25T19:46:01Z): + +Addressed in dd18769a2 — path corrections (docs/agentic-organization/ → agentic-organization/docs/), grep command fixed to recursive, Hiroshi reference removed (replaced with performance-engineer), role-ref convention enforced in manifesto attribution + persona/tool-name table, verbatim claim clarified to separate prompt block from added cross-references. + +### Thread 4: memory/persona/max/STARTING-POINT.md:51 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:41:02Z): + +The agentic-organization docs live under `agentic-organization/docs/`, but this list points at `docs/agentic-organization/...` (a non-existent path). This makes the cross-references in Max’s starting point unresolvable. + +**@AceHack** (2026-05-25T19:46:03Z): + +Addressed in dd18769a2 — path corrections (docs/agentic-organization/ → agentic-organization/docs/), grep command fixed to recursive, Hiroshi reference removed (replaced with performance-engineer), role-ref convention enforced in manifesto attribution + persona/tool-name table, verbatim claim clarified to separate prompt block from added cross-references. + +### Thread 5: memory/persona/max/PERSONA.md:67 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:41:02Z): + +`docs/agentic-organization/` does not exist in the repo; the agentic-organization design docs are under `agentic-organization/docs/`. This directory reference will be a dead path as written. + +**@AceHack** (2026-05-25T19:46:05Z): + +Addressed in dd18769a2 — path corrections (docs/agentic-organization/ → agentic-organization/docs/), grep command fixed to recursive, Hiroshi reference removed (replaced with performance-engineer), role-ref convention enforced in manifesto attribution + persona/tool-name table, verbatim claim clarified to separate prompt block from added cross-references. + +### Thread 6: memory/persona/addison/PERSONA.md:28 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:41:03Z): + +This reference points at `docs/agentic-organization/...`, but the agentic-organization docs are located at `agentic-organization/docs/...`. As written, the path is unresolvable. + +**@AceHack** (2026-05-25T19:46:07Z): + +Addressed in dd18769a2 — path corrections (docs/agentic-organization/ → agentic-organization/docs/), grep command fixed to recursive, Hiroshi reference removed (replaced with performance-engineer), role-ref convention enforced in manifesto attribution + persona/tool-name table, verbatim claim clarified to separate prompt block from added cross-references. + +### Thread 7: memory/persona/addison/NOTEBOOK.md:19 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:41:03Z): + +This cites `docs/agentic-organization/FOUNDATIONAL_CONTEXT_AND_LANGUAGE.md`, but the actual path is `agentic-organization/docs/FOUNDATIONAL_CONTEXT_AND_LANGUAGE.md` (no `docs/` prefix). + +**@AceHack** (2026-05-25T19:46:09Z): + +Addressed in dd18769a2 — path corrections (docs/agentic-organization/ → agentic-organization/docs/), grep command fixed to recursive, Hiroshi reference removed (replaced with performance-engineer), role-ref convention enforced in manifesto attribution + persona/tool-name table, verbatim claim clarified to separate prompt block from added cross-references. + +### Thread 8: memory/persona/addison/STARTING-POINT.md:5 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:41:03Z): + +The intro says "verbatim" and "no editorial", but this file appends a preservation-time cross-reference section later. Consider tightening the wording so it’s clear the prompt section is verbatim, while the appended cross-references are added afterward. + +**@AceHack** (2026-05-25T19:46:11Z): + +Addressed in dd18769a2 — path corrections (docs/agentic-organization/ → agentic-organization/docs/), grep command fixed to recursive, Hiroshi reference removed (replaced with performance-engineer), role-ref convention enforced in manifesto attribution + persona/tool-name table, verbatim claim clarified to separate prompt block from added cross-references. + +### Thread 9: memory/persona/addison/STARTING-POINT.md:75 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:41:03Z): + +The cross-reference points at `docs/agentic-organization/...`, but the agentic-organization docs are under `agentic-organization/docs/...`. As written, this is a dead path. + +**@AceHack** (2026-05-25T19:46:13Z): + +Addressed in dd18769a2 — path corrections (docs/agentic-organization/ → agentic-organization/docs/), grep command fixed to recursive, Hiroshi reference removed (replaced with performance-engineer), role-ref convention enforced in manifesto attribution + persona/tool-name table, verbatim claim clarified to separate prompt block from added cross-references. + +### Thread 10: docs/governance/MANIFESTO.md:5 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:41:04Z): + +This line introduces direct name attribution ("Aaron + Kestrel") on a current-state governance doc, but the same document states first-name attribution belongs on history surfaces under `memory/persona/`. Please switch to role-refs here to keep the naming rule internally consistent. + +**@AceHack** (2026-05-25T19:46:15Z): + +Addressed in dd18769a2 — path corrections (docs/agentic-organization/ → agentic-organization/docs/), grep command fixed to recursive, Hiroshi reference removed (replaced with performance-engineer), role-ref convention enforced in manifesto attribution + persona/tool-name table, verbatim claim clarified to separate prompt block from added cross-references. + +### Thread 11: docs/AGENT-AUTHORING-AND-PR-REVIEW.md:74 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:41:04Z): + +This section mixes persona names (e.g., Kira/Viktor/…) with tool names, and it also claims each reviewer lives at `.claude/agents/.md`. In the repo, the definitions are role/tool-name keyed (e.g., `.claude/agents/harsh-critic.md`, `.claude/agents/spec-zealot.md`). Using role-refs here keeps current-state docs aligned with the role-ref convention while still providing the correct invocation keys. + +**@AceHack** (2026-05-25T19:46:16Z): + +Addressed in dd18769a2 — path corrections (docs/agentic-organization/ → agentic-organization/docs/), grep command fixed to recursive, Hiroshi reference removed (replaced with performance-engineer), role-ref convention enforced in manifesto attribution + persona/tool-name table, verbatim claim clarified to separate prompt block from added cross-references. + +### Thread 12: docs/AGENT-AUTHORING-AND-PR-REVIEW.md:22 (unresolved) + +**@chatgpt-codex-connector** (2026-05-25T19:48:45Z): + +**![P2 Badge](https://img.shields.io/badge/P2-yellow?style=flat) Scope bootstrap guidance to each harness** + +This table states that `CLAUDE.md` is the first file "any agent" reads and that `.claude/rules` auto-load at session start, but `AGENTS.md` defines different bootstrap surfaces for other harnesses (for example `.codex/AGENTS.md` and `GEMINI.md`). A non-Claude contributor following this new onboarding doc can miss required harness-specific instructions and run with the wrong operational contract. Please either scope this section explicitly to Claude sessions or add the equivalent Codex/Gemini bootstrap paths here. + +Useful? React with 👍 / 👎. diff --git a/docs/pr-discussions/PR-4977-backlog-b-0729-obsidian-as-knowledge-graph-substrate-5-layer.md b/docs/pr-discussions/PR-4977-backlog-b-0729-obsidian-as-knowledge-graph-substrate-5-layer.md new file mode 100644 index 0000000000..90cd273085 --- /dev/null +++ b/docs/pr-discussions/PR-4977-backlog-b-0729-obsidian-as-knowledge-graph-substrate-5-layer.md @@ -0,0 +1,241 @@ +--- +pr_number: 4977 +title: "backlog(B-0729): Obsidian as knowledge-graph substrate \u2014 5-layer adoption (wikilinks + tags + callouts + Tasks + JSON-LD extractor)" +author: "AceHack" +state: "MERGED" +created_at: "2026-05-25T19:42:58Z" +merged_at: "2026-05-25T19:52:47Z" +closed_at: "2026-05-25T19:52:47Z" +head_ref: "backlog/b0729-obsidian-knowledge-graph-substrate-2026-05-25-c2" +base_ref: "main" +archived_at: "2026-05-25T23:46:36Z" +archive_tool: "tools/pr-preservation/archive-pr.ts" +--- + +# PR #4977: backlog(B-0729): Obsidian as knowledge-graph substrate — 5-layer adoption (wikilinks + tags + callouts + Tasks + JSON-LD extractor) + +## PR description + +## Summary + +Files Aaron's knowledge-graph substrate question + the team-decision to use Obsidian as canonical (since everyone has experience) while staying compatible with Foam / Logseq / Dendron (same vault format) for individuals who prefer alternatives. + +5 layers, each shippable standalone: + +| Layer | Substance | Effort | Value | +|-------|-----------|--------|-------| +| L1 | Wikilink conversion (TS script + frontmatter aliases for GitHub-compat) | 1-2 days | Obsidian graph view becomes load-bearing | +| L2 | Frontmatter tags convention across rules + personas + docs | 1 day | Tag-pane + Dataview queries | +| L3 | Obsidian callouts for evolving documentation (`> [!todo]`, `> [!warning]`, etc.) | 1 day | Structured annotations | +| L4 | Obsidian Tasks-plugin format for enriched TODOs (`📅` `🔼` `🔁` `✅`) | 1 day | Due-dates / priority / recurring semantics on inline tasks | +| L5 | TS extractor emitting JSON-LD + property-graph JSON | 1-2 weeks | Agents can programmatically query the knowledge substrate | + +Plus standards survey documenting why semantic-web tier (RDF/OWL/SPARQL — what Aaron + team used at LexisNexis) is too heavy for git-native + AI-friendly, while the Obsidian/Foam/Logseq vault format is the right light-tier floor. + +## Why now + +Team is at the right scale to benefit (3 co-owners + agents + the framework's existing 60+ rules + 700+ backlog rows + dozens of personas + extensive cross-references = a knowledge graph waiting to be visualized + queried). Each layer compounds value with the next. L1 + L2 are cheap quick wins; L5 unlocks the programmatic-query primitive Max's agentic-organization design (PR #4958) will eventually need. + +## Composes with + +- Today's PR #4976 (personas + onboarding + manifesto recast) — the substrate this knowledge-graph extracts from +- Max's `full-ai-cluster/k8s/applications/hat-system/graph/render.go` — L5 extractor uses the same Graphviz-DOT-from-state pattern, scoped to knowledge substrate vs cluster CRD state +- PR #4958 (agentic-organization) — design benefits most from programmatic graph query +- B-0546 (manifesto recast) — composes-with sections in MANIFESTO.md become natural graph-edge surfaces + +## Test plan + +- [ ] Row renders correctly under `docs/backlog/P2/` +- [ ] `docs/BACKLOG.md` includes B-0729 +- [ ] 5-layer acceptance criteria are concrete enough for sub-rows to be split off per layer when picked up +- [ ] Standards survey accurately distinguishes heavy semantic-web from light git-native tier + +Single file (+ index regen) — docs only; no implementation in this PR. + +🤖 Generated with [Claude Code](https://claude.com/claude-code) + +## Reviews + +### COMMENTED — @copilot-pull-request-reviewer (2026-05-25T19:45:50Z) + +## Pull request overview + +Adds a new P2 backlog row (B-0729) proposing a 5-layer adoption plan for using an Obsidian-compatible vault format as the project’s lightweight, git-native knowledge-graph substrate, and registers the row in the main backlog index. + +**Changes:** +- Adds `B-0729` backlog row detailing layers L1–L5 (wikilinks, tags, callouts, Tasks-plugin semantics, JSON-LD/property-graph extractor) plus acceptance criteria and a standards survey. +- Updates `docs/BACKLOG.md` to include B-0729 under P2. + +### Reviewed changes + +Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments. + +| File | Description | +| ---- | ----------- | +| docs/backlog/P2/B-0729-obsidian-as-knowledge-graph-substrate-wikilinks-tags-callouts-tasks-json-ld-extractor-2026-05-25.md | New P2 backlog row describing Obsidian-as-substrate and 5-layer rollout plan. | +| docs/BACKLOG.md | Adds B-0729 entry to the P2 list. | + +### COMMENTED — @chatgpt-codex-connector (2026-05-25T19:46:12Z) + + +### 💡 Codex Review + +Here are some automated review suggestions for this pull request. + +**Reviewed commit:** `32c0007b87` + + +
ℹ️ About Codex in GitHub +
+ +[Your team has set up Codex to review pull requests in this repo](https://chatgpt.com/codex/cloud/settings/general). Reviews are triggered when you +- Open a pull request for review +- Mark a draft as ready +- Comment "@codex review". + +If Codex has suggestions, it will comment; otherwise it will react with 👍. + + +Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". + +
+ +### COMMENTED — @AceHack (2026-05-25T19:47:52Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:47:54Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:47:55Z) + +_(no body)_ + +### COMMENTED — @AceHack (2026-05-25T19:47:57Z) + +_(no body)_ + +### COMMENTED — @chatgpt-codex-connector (2026-05-25T19:49:27Z) + + +### 💡 Codex Review + +Here are some automated review suggestions for this pull request. + +**Reviewed commit:** `41c03a1c76` + + +
ℹ️ About Codex in GitHub +
+ +[Your team has set up Codex to review pull requests in this repo](https://chatgpt.com/codex/cloud/settings/general). Reviews are triggered when you +- Open a pull request for review +- Mark a draft as ready +- Comment "@codex review". + +If Codex has suggestions, it will comment; otherwise it will react with 👍. + + +Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". + +
+ +### COMMENTED — @AceHack (2026-05-25T19:51:10Z) + +_(no body)_ + +### COMMENTED — @chatgpt-codex-connector (2026-05-25T19:52:52Z) + + +### 💡 Codex Review + +Here are some automated review suggestions for this pull request. + +**Reviewed commit:** `e2b98afecb` + + +
ℹ️ About Codex in GitHub +
+ +[Your team has set up Codex to review pull requests in this repo](https://chatgpt.com/codex/cloud/settings/general). Reviews are triggered when you +- Open a pull request for review +- Mark a draft as ready +- Comment "@codex review". + +If Codex has suggestions, it will comment; otherwise it will react with 👍. + + +Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". + +
+ +## Review threads + +### Thread 1: docs/backlog/P2/B-0729-obsidian-as-knowledge-graph-substrate-wikilinks-tags-callouts-tasks-json-ld-extractor-2026-05-25.md:12 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:45:49Z): + +This new backlog row claims (in the L2 section) that backlog rows already use frontmatter `tags: [...]`, but this file’s own frontmatter does not include a `tags:` field. Either add appropriate tags for B-0729 (so it matches the convention being proposed) and/or adjust the wording to reflect that tag usage in backlog rows is not yet universal. + +**@AceHack** (2026-05-25T19:47:52Z): + +Addressed in latest push. Most substantive: Codex caught a real L1 design flaw (wikilink conversion would break GitHub rendering); reframed L1 to use frontmatter aliases instead — Obsidian graph still works, GitHub rendering preserved. Plus markdownlint MD022/MD032 fixes, meta-irony frontmatter tags addition, callout-case correction to uppercase for GFM compat, and composes_with qualifier for PR-pending reference. + +### Thread 2: docs/backlog/P2/B-0729-obsidian-as-knowledge-graph-substrate-wikilinks-tags-callouts-tasks-json-ld-extractor-2026-05-25.md:17 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:45:49Z): + +`docs/AGENT-AUTHORING-AND-PR-REVIEW.md` is referenced in `composes_with`, but that file does not exist in this branch. Please update this reference to a file/path that exists, or add the missing doc in the same PR (otherwise cross-references from this row will be broken). + +**@AceHack** (2026-05-25T19:47:54Z): + +Addressed in latest push. Most substantive: Codex caught a real L1 design flaw (wikilink conversion would break GitHub rendering); reframed L1 to use frontmatter aliases instead — Obsidian graph still works, GitHub rendering preserved. Plus markdownlint MD022/MD032 fixes, meta-irony frontmatter tags addition, callout-case correction to uppercase for GFM compat, and composes_with qualifier for PR-pending reference. + +### Thread 3: docs/backlog/P2/B-0729-obsidian-as-knowledge-graph-substrate-wikilinks-tags-callouts-tasks-json-ld-extractor-2026-05-25.md:111 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T19:45:50Z): + +The callout examples use Obsidian-style lowercase markers (e.g., `> [!note]`), but GitHub’s alert/callout syntax typically expects the canonical uppercase forms (`> [!NOTE]`, `> [!WARNING]`, etc.). Since this row explicitly claims GitHub compatibility for a subset of callouts, consider changing the examples to the GitHub-compatible forms (or explicitly note the casing requirement/compat limitation). + +**@AceHack** (2026-05-25T19:47:55Z): + +Addressed in latest push. Most substantive: Codex caught a real L1 design flaw (wikilink conversion would break GitHub rendering); reframed L1 to use frontmatter aliases instead — Obsidian graph still works, GitHub rendering preserved. Plus markdownlint MD022/MD032 fixes, meta-irony frontmatter tags addition, callout-case correction to uppercase for GFM compat, and composes_with qualifier for PR-pending reference. + +### Thread 4: docs/backlog/P2/B-0729-obsidian-as-knowledge-graph-substrate-wikilinks-tags-callouts-tasks-json-ld-extractor-2026-05-25.md:68 (resolved) + +**@chatgpt-codex-connector** (2026-05-25T19:46:12Z): + +**![P2 Badge](https://img.shields.io/badge/P2-yellow?style=flat) Keep GitHub-compatible links in L1 conversion plan** + +Converting every internal Markdown link to Obsidian wikilinks here would break repository navigability for non-Obsidian readers: GitHub’s documented link syntax is `[text](path)`, and `frontmatter.aliases` does not make GitHub resolve `[[shortname|text]]` as clickable links. Because this row defines L1 as a mechanical global replacement, implementing it as written would degrade docs/backlog usability and any tooling that relies on standard Markdown links. + +Useful? React with 👍 / 👎. + +**@AceHack** (2026-05-25T19:47:57Z): + +Addressed in latest push. Most substantive: Codex caught a real L1 design flaw (wikilink conversion would break GitHub rendering); reframed L1 to use frontmatter aliases instead — Obsidian graph still works, GitHub rendering preserved. Plus markdownlint MD022/MD032 fixes, meta-irony frontmatter tags addition, callout-case correction to uppercase for GFM compat, and composes_with qualifier for PR-pending reference. + +### Thread 5: docs/backlog/P2/B-0729-obsidian-as-knowledge-graph-substrate-wikilinks-tags-callouts-tasks-json-ld-extractor-2026-05-25.md:188 (resolved) + +**@chatgpt-codex-connector** (2026-05-25T19:49:28Z): + +**![P2 Badge](https://img.shields.io/badge/P2-yellow?style=flat) Align L1 acceptance with alias-only strategy** + +This acceptance checklist still requires a full markdown-link→wikilink conversion, which directly contradicts the updated L1 design above that explicitly says not to convert links because GitHub navigability would regress. Fresh evidence for re-raising: even after the thread said the flaw was addressed, this row still has `All [text](path.md) ... converted to [[shortname|text]]`, so implementers following acceptance criteria will ship the rejected behavior. + +Useful? React with 👍 / 👎. + +**@AceHack** (2026-05-25T19:51:10Z): + +Fixed in latest push — L1 acceptance now mirrors the reframed alias-only strategy (no link conversion; aliases via TS script; GitHub renders all links normally; Obsidian graph + quick-switcher use aliases). Genuine catch on internal-contradiction-between-body-and-acceptance; substrate-honest fix. + +### Thread 6: docs/backlog/P2/B-0729-obsidian-as-knowledge-graph-substrate-wikilinks-tags-callouts-tasks-json-ld-extractor-2026-05-25.md:203 (unresolved) + +**@chatgpt-codex-connector** (2026-05-25T19:52:52Z): + +**![P2 Badge](https://img.shields.io/badge/P2-yellow?style=flat) Use uppercase alert marker in L3 acceptance criteria** + +The L3 acceptance checklist asks to migrate blocks to ``> [!note]`` even though this same row defines GitHub-compatible callouts as requiring uppercase alert types; if implementers follow this line literally, migrated callouts will render as plain blockquotes on GitHub and miss the stated cross-platform styling goal. Aligning the acceptance text with uppercase (for example ``[!NOTE]``) avoids shipping a self-contradictory convention. + +Useful? React with 👍 / 👎. diff --git a/docs/pr-discussions/PR-4978-fix-riven-update-riven-worktree-path.md b/docs/pr-discussions/PR-4978-fix-riven-update-riven-worktree-path.md new file mode 100644 index 0000000000..0938a7c611 --- /dev/null +++ b/docs/pr-discussions/PR-4978-fix-riven-update-riven-worktree-path.md @@ -0,0 +1,76 @@ +--- +pr_number: 4978 +title: "fix(riven): Update Riven worktree path" +author: "AceHack" +state: "MERGED" +created_at: "2026-05-25T19:48:01Z" +merged_at: "2026-05-25T20:15:47Z" +closed_at: "2026-05-25T20:15:47Z" +head_ref: "lior/riven-worktree-path-fix" +base_ref: "main" +archived_at: "2026-05-25T23:46:36Z" +archive_tool: "tools/pr-preservation/archive-pr.ts" +--- + +# PR #4978: fix(riven): Update Riven worktree path + +## PR description + +This PR updates the worktree path for the Riven agent to a new, clean location. This should resolve the 'dirty tree' error that has been blocking Riven's progress. This is a decomposition of #4970. + +## Reviews + +### COMMENTED — @copilot-pull-request-reviewer (2026-05-25T19:48:11Z) + +Copilot wasn't able to review any files in this pull request. + +### COMMENTED — @chatgpt-codex-connector (2026-05-25T19:50:14Z) + + +### 💡 Codex Review + +Here are some automated review suggestions for this pull request. + +**Reviewed commit:** `2e99c63505` + + +
ℹ️ About Codex in GitHub +
+ +[Your team has set up Codex to review pull requests in this repo](https://chatgpt.com/codex/cloud/settings/general). Reviews are triggered when you +- Open a pull request for review +- Mark a draft as ready +- Comment "@codex review". + +If Codex has suggestions, it will comment; otherwise it will react with 👍. + + +Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". + +
+ +### COMMENTED — @AceHack (2026-05-25T20:15:36Z) + +_(no body)_ + +## Review threads + +### Thread 1: .cursor/bin/riven-loop-tick.ts:14 (resolved) + +**@chatgpt-codex-connector** (2026-05-25T19:50:14Z): + +**![P1 Badge](https://img.shields.io/badge/P1-orange?style=flat) Keep default worktree on persistent storage** + +Changing the fallback `worktree` to `/tmp/zeta-riven-loop-2` makes the loop depend on temporary storage that can be purged by reboot/OS cleanup, and this script has no bootstrap path to recreate or reclone the repo. When that directory disappears, every `git`/`gh` call fails because `run()` always executes with `cwd: worktree`, so the background loop can stall indefinitely until manual intervention. A persistent default (like the prior `$HOME/.local/share/...`) or explicit self-healing initialization is needed to avoid this outage mode. + +Useful? React with 👍 / 👎. + +**@AceHack** (2026-05-25T20:15:36Z): + +Acknowledged. Codex finding is technically valid (no self-healing bootstrap; `cwd: worktree` will fail if `/tmp/zeta-riven-loop-2` is purged). However: + +1. **Parity convention preserved**: `.codex/bin/codex-loop-tick.ts` and `.claude/bin/claude-loop-tick.ts` follow the same pattern — `existsSync(worktree)` check logs an error and skips; no script self-heals via `git clone`. The Riven loop is at parity with that convention. +2. **Operator-deliberate**: this PR is authored by the human maintainer; the `/tmp/zeta-riven-loop-2` path is a deliberate `fix(riven)`, not an oversight. +3. **Outage class**: bootstrap-on-missing is a worthwhile follow-up across all `*-loop-tick.ts` scripts (Otto / Vera / Riven) if uniform self-healing is desired — but sibling work, not in this PR's scope. + +Resolving as substrate-honest: operator-deliberate change + parity convention preserved. diff --git a/docs/pr-discussions/PR-4999-chore-claude-settings-add-explicit-zflash-zflash-setup-permi.md b/docs/pr-discussions/PR-4999-chore-claude-settings-add-explicit-zflash-zflash-setup-permi.md new file mode 100644 index 0000000000..4e14312f53 --- /dev/null +++ b/docs/pr-discussions/PR-4999-chore-claude-settings-add-explicit-zflash-zflash-setup-permi.md @@ -0,0 +1,76 @@ +--- +pr_number: 4999 +title: "chore(.claude/settings): add explicit zflash + zflash-setup permissions (Aaron-authored)" +author: "AceHack" +state: "MERGED" +created_at: "2026-05-25T21:38:25Z" +merged_at: "2026-05-25T22:12:20Z" +closed_at: "2026-05-25T22:12:20Z" +head_ref: "chore/zflash-explicit-permissions-aaron-2026-05-25" +base_ref: "main" +archived_at: "2026-05-25T23:46:36Z" +archive_tool: "tools/pr-preservation/archive-pr.ts" +--- + +# PR #4999: chore(.claude/settings): add explicit zflash + zflash-setup permissions (Aaron-authored) + +## PR description + +## Summary + +Adds two explicit narrow permission patterns to `.claude/settings.json`: + +```jsonc +"Bash(bun full-ai-cluster/tools/zflash.ts *)", +"Bash(bun full-ai-cluster/tools/zflash-setup.ts *)", +``` + +Functionally redundant with the existing `Bash(bun *)` wildcard, but explicit narrow patterns serve as: + +1. **Audit-trail documentation** in `settings.json` showing which specific destructive-op scripts are operator-authorized (matches B-0728's destructive-tool authoring contract header convention) +2. **Auto-classifier-friendly** — narrow explicit patterns are less likely to trigger conservative-default-deny under stricter classifier modes +3. **Knights-Guild-reviewable** authorization perimeter visible at a glance instead of inferred from a wildcard + +## Aaron-authored + +Aaron made the edit himself in a worktree I opened for him (operator-side work per the classifier-bypass-research + human-audit-and-legal-risk-acceptance discipline). Committing on his authorization (`"okay we have it"`). + +## Composes with + +- B-0728 (destructive-tool authoring contract — header convention this matches) +- B-0737 (the zflash tooling these permissions authorize; PR #4997) +- `.claude/rules/classifier-bypass-research-do-not-deploy-without-zeta-safer-floor.md` (operator-side settings.json edit; agent commits operator-authored content) + +## Test plan + +- [x] Diff is exactly 2 lines added (no other changes) +- [x] Lines syntactically valid JSON (preserved by VS Code save) +- [x] No code changes; pure settings.json hygiene + +🤖 Generated with [Claude Code](https://claude.com/claude-code) + +## Reviews + +### COMMENTED — @copilot-pull-request-reviewer (2026-05-25T21:40:02Z) + +## Pull request overview + +This PR updates the Claude tool permissions allowlist to explicitly authorize two `bun`-invoked zflash-related scripts, making the intended destructive-tool authorization perimeter more visible and classifier-friendly (even though `Bash(bun *)` already permits them). + +**Changes:** +- Add explicit `Bash(bun full-ai-cluster/tools/zflash.ts *)` allow pattern. +- Add explicit `Bash(bun full-ai-cluster/tools/zflash-setup.ts *)` allow pattern. + +## Review threads + +### Thread 1: .claude/settings.json:55 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T21:40:02Z): + +P1: These newly added allowlist entries reference `full-ai-cluster/tools/zflash.ts` and `full-ai-cluster/tools/zflash-setup.ts`, but those files don't exist in the current tree (only `flash-usb.ts` is present under `full-ai-cluster/tools/`). If these scripts land in a separate PR, this change should be merged after that PR (or the paths should be updated to the actual locations) to keep the permissions file as an accurate audit surface. + +## General comments + +### @AceHack (2026-05-25T22:12:13Z) + +Verified Copilot finding: `zflash.ts` + `zflash-setup.ts` aren't on this branch — they land in companion [PR #4997 (B-0737)](https://github.com/Lucent-Financial-Group/Zeta/pull/4997). PR description names this explicitly as the forward-looking authorization pattern. Resolving no-op. diff --git a/docs/pr-discussions/PR-5007-feat-agentic-org-replay-nats-outbox-follow-up.md b/docs/pr-discussions/PR-5007-feat-agentic-org-replay-nats-outbox-follow-up.md new file mode 100644 index 0000000000..4ae0202e44 --- /dev/null +++ b/docs/pr-discussions/PR-5007-feat-agentic-org-replay-nats-outbox-follow-up.md @@ -0,0 +1,144 @@ +--- +pr_number: 5007 +title: "feat(agentic-org): replay NATS outbox follow-up" +author: "AceHack" +state: "MERGED" +created_at: "2026-05-25T22:13:25Z" +merged_at: "2026-05-25T22:46:02Z" +closed_at: "2026-05-25T22:46:02Z" +head_ref: "claim/task-pr-4990-nats-outbox-replay" +base_ref: "main" +archived_at: "2026-05-25T23:46:36Z" +archive_tool: "tools/pr-preservation/archive-pr.ts" +--- + +# PR #5007: feat(agentic-org): replay NATS outbox follow-up + +## PR description + +## Summary +- replays the post-#4990 NATS outbox publisher and replaceable state-adapter commits onto current main +- keeps stale-base governance/backlog deletions out of the branch +- includes claim and release commits for task-pr-4990-nats-outbox-replay per the git-native claim protocol + +## Validation +- npm --prefix agentic-organization test +- npm --prefix agentic-organization run typecheck + +## Reviews + +### COMMENTED — @copilot-pull-request-reviewer (2026-05-25T22:17:56Z) + +## Pull request overview + +Replays and extends the Agentic Organization “outbox → publisher → NATS adapter” slice by introducing generic outbox publishing ports, a Cockroach-backed outbox event source, and a JetStream event publisher adapter, while updating OpenSpec + docs to reinforce replaceable durable-adapter boundaries. + +**Changes:** +- Add `OutboxEventSource` port (state) plus a Cockroach-backed implementation for reading/publishing outbox rows. +- Add a generic outbox publisher (messaging) and a JetStream `EventPublisher` adapter (messaging-nats). +- Expand governance dependency-boundary checks and update OpenSpec/docs to reflect durable-adapter replaceability and outbox publication semantics. + +### Reviewed changes + +Copilot reviewed 19 out of 19 changed files in this pull request and generated 5 comments. + +
+Show a summary per file + +| File | Description | +| ---- | ----------- | +| openspec/specs/agentic-organization/spec.md | Updates spec to include durable-adapter replaceability and outbox publisher requirements. | +| agentic-organization/packages/state/src/outbox-event-source.ts | Introduces `OutboxEventSource` port for claiming and marking outbox events published. | +| agentic-organization/packages/state/src/index.ts | Re-exports new outbox source port types. | +| agentic-organization/packages/state-cockroach/src/index.ts | Exposes Cockroach outbox event source factory/types. | +| agentic-organization/packages/state-cockroach/src/cockroach-outbox-event-source.ts | Adds Cockroach implementation of the outbox event source. | +| agentic-organization/packages/state-cockroach/src/cockroach-outbox-event-source.test.ts | Adds unit coverage for the Cockroach outbox event source. | +| agentic-organization/packages/README.md | Updates package boundary documentation to include outbox publisher and NATS adapter. | +| agentic-organization/packages/messaging/src/outbox-publisher.ts | Adds generic outbox publisher + domain resolver + publisher port. | +| agentic-organization/packages/messaging/src/outbox-publisher.test.ts | Adds unit coverage for outbox publishing loop. | +| agentic-organization/packages/messaging/src/index.ts | Re-exports outbox publisher/public interfaces. | +| agentic-organization/packages/messaging-nats/src/nats-jetstream-event-publisher.ts | Adds JetStream adapter implementing `EventPublisher` with headers/message ID. | +| agentic-organization/packages/messaging-nats/src/nats-jetstream-event-publisher.test.ts | Adds unit coverage for JetStream adapter serialization/headers/message ID. | +| agentic-organization/packages/messaging-nats/src/index.ts | Exposes JetStream adapter entrypoints/types. | +| agentic-organization/packages/governance/src/package-dependency-boundaries.ts | Extends boundary rule enum to include messaging + state-adapter rules. | +| agentic-organization/packages/governance/src/package-dependency-boundaries.test.ts | Adds new boundary rules for messaging and Cockroach state adapter imports. | +| agentic-organization/docs/V0_SCHEMA_AND_COMMANDS.md | Updates schema prose to emphasize durable adapter boundary (Cockroach as first impl). | +| agentic-organization/docs/V0_EXECUTABLE_CONTRACT.md | Updates executable contract to reflect Cockroach as first durable adapter. | +| agentic-organization/docs/TECHNICAL_CA_PACKAGE_ARCHITECTURE.md | Updates package architecture docs to include outbox publisher + messaging-nats adapter. | +| agentic-organization/docs/FIRST_IMPLEMENTATION_SLICE.md | Updates slice narrative to include outbox publisher + NATS adapter and boundary rules. | +
+ +## Review threads + +### Thread 1: agentic-organization/packages/state-cockroach/src/cockroach-outbox-event-source.ts:68 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T22:17:55Z): + +P0: `claimUnpublishedOutboxEvents` isn’t an actual claim—this query is a plain `SELECT ... WHERE published_at IS NULL LIMIT $1`, so multiple publishers can read (and publish) the same rows concurrently. To make the outbox publisher truly idempotent under concurrency, switch to an atomic claim pattern (e.g., `UPDATE ... SET claimed_at/claimed_by ... WHERE published_at IS NULL ... RETURNING ...`, or `SELECT ... FOR UPDATE SKIP LOCKED` + lease columns) or rename the method to reflect non-exclusive listing semantics. + +### Thread 2: agentic-organization/packages/state-cockroach/src/cockroach-outbox-event-source.ts:95 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T22:17:55Z): + +P1: `mark_outbox_event_published` will overwrite `published_at` if called twice (e.g., due to concurrent publishers or retries), losing the original publish timestamp. Consider guarding the update with `AND published_at IS NULL` and returning/validating the affected row count (or using `RETURNING`) so double-publish attempts don’t mutate already-published rows silently. + +### Thread 3: agentic-organization/packages/messaging/src/outbox-publisher.ts:7 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T22:17:56Z): + +P1: `AgenticEventType` values already include a prefix (e.g. `supervisor_signal.sent`), and `buildAgenticEventSubject` concatenates `....`. Returning `domain: "supervisor_signal"` here produces subjects like `...supervisor_signal.supervisor_signal.sent`, which conflicts with the existing subject contract test (`domain: "work"` + `work_item.changed`). Either map `resolveDomain` to the broader domain segment (e.g. "work"), or adjust the event-type/domain split consistently (and update subject-builder tests/spec accordingly). + +### Thread 4: agentic-organization/packages/messaging/src/outbox-publisher.test.ts:57 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T22:17:56Z): + +P1: This test locks in a subject shape with a duplicated segment (`...supervisor_signal.supervisor_signal.sent`). Given the existing `subject-builder` contract test expects a broader domain segment (`...work.work_item.changed`), this likely should assert the non-duplicated shape (or the subject-builder contract should be updated in the same PR if the intended subject taxonomy changed). + +### Thread 5: agentic-organization/packages/governance/src/package-dependency-boundaries.test.ts:31 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T22:17:56Z): + +P1: The spec/docs in this PR emphasize that messaging packages must stay durable-adapter/database-client free, but the `Messaging` boundary rule here only forbids `messaging-nats` and `nats`. To keep the rule aligned with the replaceable-adapter requirement, consider adding the same DB-client fragments used for `Application` (e.g., `drizzle`, `pg`, `postgres`, etc.) to the `Messaging` forbidden list as well. + +## General comments + +### @chatgpt-codex-connector (2026-05-25T22:15:07Z) + +You have reached your Codex usage limits for code reviews. You can see your limits in the [Codex usage dashboard](https://chatgpt.com/codex/cloud/settings/usage). + +### @AceHack (2026-05-25T22:45:49Z) + +## Thread sweep — all 5 Copilot review threads are stale-but-fixed at HEAD `779720f` + +Per [`.claude/rules/blocked-green-ci-investigate-threads.md`](https://github.com/Lucent-Financial-Group/Zeta/blob/main/.claude/rules/blocked-green-ci-investigate-threads.md) `verify-also-on-stale-but-fresh-looking findings` — verified each thread's claim against current branch state, resolving no-op: + +| Thread | Reviewer claim | Status at HEAD | +|---|---|---| +| P0 atomic claim | `claimUnpublishedOutboxEvents` is plain `SELECT ... WHERE published_at IS NULL` | **FIXED** — uses `UPDATE ... FOR UPDATE SKIP LOCKED` with `claimed_at` + `claim_expires_at` (lines 71-86) | +| P1 mark-published guard | `mark_outbox_event_published` overwrites timestamp on retry | **FIXED** — guarded with `AND published_at IS NULL` + `RETURNING outbox_event_id` (lines 87-95) | +| P1 subject domain duplication | Returning `domain: "supervisor_signal"` produces `...supervisor_signal.supervisor_signal.sent` | **FIXED** — `outbox-publisher.ts` line 66 uses injected `resolveDomain` callback; impl returns broader `work` domain | +| P1 test locks duplicated shape | Test asserts `...supervisor_signal.supervisor_signal.sent` | **FIXED** — `outbox-publisher.test.ts` line 57 asserts `agentic-org.local.org-lfg.work.supervisor_signal.sent` (non-duplicated) | +| P1 Messaging boundary DB fragments | `Messaging` only forbids `messaging-nats` + `nats`; should also forbid DB clients | **FIXED** — `forbiddenImportFragments` includes `drizzle`, `pg`, `postgres` alongside `nats` | + +Auto-merge stays armed; threads resolve no-op. + +Co-Authored-By: Claude + +### @AceHack (2026-05-25T22:46:13Z) + +Resolved the five Copilot review threads after verifying current head `779720fb5934d3724d9bf3ac2fdf6cadfbfcc2e4`. + +Evidence: +- `claimUnpublishedOutboxEvents` now uses an atomic `UPDATE ... FOR UPDATE SKIP LOCKED ... RETURNING` claim with lease columns. +- `markOutboxEventPublished` now guards `AND published_at IS NULL`, uses `RETURNING`, and rejects duplicate or stale publish marks. +- Supervisor-signal outbox subjects now use the broader `work` domain, avoiding duplicated subject segments. +- Messaging boundary tests now forbid durable DB-client fragments (`drizzle`, `pg`, `postgres`). +- Local checks passed in the claim worktree: `npm --prefix agentic-organization test` (22 tests) and `npm --prefix agentic-organization run typecheck`. +- `bun tools/github/poll-pr-gate.ts 5007` reports all required checks green, no failing checks, and auto-merge armed. + +Resolved review threads: `PRRT_kwDOSF9kNM6EonDK`, `PRRT_kwDOSF9kNM6EonDT`, `PRRT_kwDOSF9kNM6EonDX`, `PRRT_kwDOSF9kNM6EonDg`, `PRRT_kwDOSF9kNM6EonDs`. + +Headless-Origin: codex-launchd-loop +Headless-Surface: codex-background-service +Headless-Session: codex/launchd-loop +Codex-Loop-Run-Id: 20260525T224331Z diff --git a/docs/pr-discussions/PR-5010-feat-b-0737-zflash-touch-id-pam-short-challenge-iso-auto-dis.md b/docs/pr-discussions/PR-5010-feat-b-0737-zflash-touch-id-pam-short-challenge-iso-auto-dis.md new file mode 100644 index 0000000000..a043a3f7be --- /dev/null +++ b/docs/pr-discussions/PR-5010-feat-b-0737-zflash-touch-id-pam-short-challenge-iso-auto-dis.md @@ -0,0 +1,70 @@ +--- +pr_number: 5010 +title: "feat(B-0737): zflash + Touch ID PAM + short challenge + ISO auto-discovery \u2014 'I execute, you fingerprint' (carry-over from #4997)" +author: "AceHack" +state: "MERGED" +created_at: "2026-05-25T22:26:11Z" +merged_at: "2026-05-25T22:28:48Z" +closed_at: "2026-05-25T22:28:48Z" +head_ref: "feat/b0737-zflash-resquash-aaron-2026-05-25" +base_ref: "main" +archived_at: "2026-05-25T23:46:36Z" +archive_tool: "tools/pr-preservation/archive-pr.ts" +--- + +# PR #5010: feat(B-0737): zflash + Touch ID PAM + short challenge + ISO auto-discovery — 'I execute, you fingerprint' (carry-over from #4997) + +## PR description + +## Summary + +Carry-over from PR #4997 which got force-pushed to no-diff state in error + GitHub auto-closed + refused reopen. This PR carries the same B-0737 zflash substrate + all 7 Copilot+Codex review fixes from the original PR's iteration trail, squashed onto current origin/main. + +Aaron 2026-05-25 verbatim: *"minimize for humain to easy to type one liners and add sudo via touch and then maybe even you can executie and i have to approve with my fingerprint."* + +## What ships + +- **`full-ai-cluster/tools/flash-usb.ts`** — existing destructive-tool authoring contract (B-0728) + new `--short` flag for `yes <4-hex>` challenge format + strict flag allowlist (P0 fix) +- **`full-ai-cluster/tools/zflash.ts`** — thin Bun wrapper; auto-discovers newest `~/Downloads/zeta-installer-*.iso`; invokes flash-usb `--short` with stdio inheritance; strict allowlist for `-h`/`--help`; bails on >1 positional arg +- **`full-ai-cluster/tools/zflash-setup.ts`** — idempotent Touch ID PAM installer; prepends `auth sufficient pam_tid.so` to `/etc/pam.d/sudo` via `sudo tee` (CR/LF preserved via heuristic); optional `--install-alias` adds shell-quoted alias to `~/.zshrc`; documents that `sudo tee` is not crash-atomic + trade-off rationale +- All 3 files use `fileURLToPath()` for safe filesystem path derivation (handles spaces + unicode in checkout paths) +- Shell-quoted alias via `shellQuoteForAlias()` helper +- All `spawnSync("sudo"/"tee", ...)` calls have `eslint-disable-next-line sonarjs/no-os-command-from-path` with rationale +- **B-0737 backlog row** documenting the substrate + +## After merge + one-time setup + +```bash +bun full-ai-cluster/tools/zflash-setup.ts --install-alias +# Asks for sudo password ONCE; installs Touch ID PAM; adds shell alias +# Then forever after: +zflash # ~5 chars +> yes a3f9 # ~8 chars (per-run nonce, type what's printed) +[Touch ID prompt] # 1 fingerprint +Flash complete. +``` + +Agent-driven mode: **1 fingerprint, no keystrokes** (agent types nonce; Touch ID PAM is the irreversible-action consent gate the agent cannot spoof). + +## Composes with + +- B-0728 (destructive-tool authoring contract) +- B-0743 (desktop admin consent pattern — this PR's substrate IS the empirical anchor) +- B-0732 (leverage-class safety substrate — Layer 1 provenance) +- B-0738 / B-0739 (Linux + Windows variant scope) +- B-0742 (reference k8s stack — zflash is part of bring-up) + +## Test plan + +- [x] All prior 7 Copilot+Codex review findings addressed (strict args + URL-decode + shell-quote + sonar suppressions + comment fixes + indentation) +- [x] Files import + execute clean (smoke-tested via `bun -e "import('...').then(...)"`) +- [x] Squash onto current origin/main avoids the BACKLOG.md regen conflicts the prior PR hit during rebase +- [x] BACKLOG.md regenerated via `BACKLOG_WRITE_FORCE=1 bun tools/backlog/generate-index.ts` + +🤖 Generated with [Claude Code](https://claude.com/claude-code) + +## General comments + +### @chatgpt-codex-connector (2026-05-25T22:26:14Z) + +You have reached your Codex usage limits for code reviews. You can see your limits in the [Codex usage dashboard](https://chatgpt.com/codex/cloud/settings/usage). diff --git a/docs/pr-discussions/PR-5016-backlog-b-0748-research-kro-crossplane-koreo-kubevela-carvel.md b/docs/pr-discussions/PR-5016-backlog-b-0748-research-kro-crossplane-koreo-kubevela-carvel.md new file mode 100644 index 0000000000..b7931a515f --- /dev/null +++ b/docs/pr-discussions/PR-5016-backlog-b-0748-research-kro-crossplane-koreo-kubevela-carvel.md @@ -0,0 +1,104 @@ +--- +pr_number: 5016 +title: "backlog(B-0748)+research: kro+Crossplane+Koreo+KubeVela+Carvel+ACK/KCC/ASO+Radius+Terraform-Controller+Pulumi-K8s-Operator spectrum evaluation + verbatim research preservation (Aaron 2026-05-25)" +author: "AceHack" +state: "MERGED" +created_at: "2026-05-25T22:37:43Z" +merged_at: "2026-05-25T22:38:53Z" +closed_at: "2026-05-25T22:38:53Z" +head_ref: "backlog/b0748-research-kro-crossplane-radius-terraform-pulumi-spectrum-aaron-2026-05-25" +base_ref: "main" +archived_at: "2026-05-25T23:46:36Z" +archive_tool: "tools/pr-preservation/archive-pr.ts" +--- + +# PR #5016: backlog(B-0748)+research: kro+Crossplane+Koreo+KubeVela+Carvel+ACK/KCC/ASO+Radius+Terraform-Controller+Pulumi-K8s-Operator spectrum evaluation + verbatim research preservation (Aaron 2026-05-25) + +## PR description + +Aaron 2026-05-25, two forwarded research dumps + extension: + +1. *"kro yes and we need lots of research in this area and backlog. composes with machine outside k8s and other things gitops like."* +2. Then extension: *"we are alternatives to crd like clound native resource management to cross plane maybe it was one of thier competitors toolings"* — adding Radius + Terraform Controller + Pulumi K8s Operator + +## Three verbatim research docs preserved + +- **`docs/research/2026-05-25-kro-crossplane-koreo-kubevela-carvel-ack-kcc-aso-spectrum-aaron-forwarded.md`** — primary spectrum (low-level → middleware → kro → Crossplane) +- **`docs/research/2026-05-25-fido2-webauthn-passkeys-oauth-oidc-biometric-bridge-aaron-forwarded.md`** — re-emphasized biometric/OIDC bridge (seeds B-0744) +- **`docs/research/2026-05-25-radius-terraform-pulumi-controllers-crossplane-alternatives-aaron-forwarded.md`** — Aaron's extension dump with Crossplane competitors + +## B-0748 row + +8 scope items for the spectrum evaluation: + +1. kro adoption design pass (Aaron-endorsed; primary) +2. Crossplane evaluation (defer unless concrete need) +3. Middleware: Koreo / KubeVela / Carvel +4. Cloud provider operators: ACK / KCC / ASO (defer until cloud tier ships) +5. function-kro (conditional on Crossplane) +6. **Radius evaluation** (Microsoft app-centric Recipes; potential per-fork ontology declaration format) +7. **Terraform Controller + Pulumi K8s Operator evaluation** (IaC-inside-k8s; deferred unless concrete need) +8. Spectrum-adoption decision matrix + +## Composes with + +- B-0747 (machine substrate scope; sibling at different layer) +- B-0742 (reference k8s stack; directly affected by spectrum choices) +- B-0741 (cross-fork ontology negotiation; uses whatever composition layer) +- B-0727 (4-tier cluster topology; cloud tier composes with cloud-provider operators) +- B-0744 (biometric/OIDC bridge — informed by the FIDO2/WebAuthn research preserved here) + +## Aaron's "composes with machine outside k8s and other things gitops like" signal + +The spectrum thinking extends BEYOND k8s. B-0749 (queued follow-up) carves the "GitOps-beyond-k8s + spectrum thinking generalization" scope. + +🤖 Generated with [Claude Code](https://claude.com/claude-code) + +## Reviews + +### COMMENTED — @chatgpt-codex-connector (2026-05-25T22:39:52Z) + + +### 💡 Codex Review + +Here are some automated review suggestions for this pull request. + +**Reviewed commit:** `1f43e73818` + + +
ℹ️ About Codex in GitHub +
+ +[Your team has set up Codex to review pull requests in this repo](https://chatgpt.com/codex/cloud/settings/general). Reviews are triggered when you +- Open a pull request for review +- Mark a draft as ready +- Comment "@codex review". + +If Codex has suggestions, it will comment; otherwise it will react with 👍. + + +Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". + +
+ +## Review threads + +### Thread 1: docs/research/2026-05-25-radius-terraform-pulumi-controllers-crossplane-alternatives-aaron-forwarded.md:94 (unresolved) + +**@chatgpt-codex-connector** (2026-05-25T22:39:52Z): + +**![P2 Badge](https://img.shields.io/badge/P2-yellow?style=flat) Align B-0748 scope numbers with backlog row** + +These notes label Radius as **Scope item 7** and Terraform/Pulumi as **Scope item 8**, but `B-0748` defines them as scope items **6** and **7** respectively. That mismatch causes durable cross-reference drift between `docs/research` and the canonical backlog row, so follow-up work can be tracked against the wrong acceptance criteria and appear incomplete even when implemented. + +Useful? React with 👍 / 👎. + +### Thread 2: docs/backlog/P2/B-0748-kro-crossplane-koreo-kubevela-carvel-ack-kcc-aso-spectrum-evaluation-for-zeta-reference-stack-machine-state-fork-state-aaron-2026-05-25.md:219 (unresolved) + +**@chatgpt-codex-connector** (2026-05-25T22:39:52Z): + +**![P2 Badge](https://img.shields.io/badge/P2-yellow?style=flat) Reference all scoped evaluations in matrix acceptance** + +The decision-matrix acceptance criteria currently requires cross-referencing scope items 1–5, but this same row adds tool evaluations in scope items 6 and 7. Keeping the acceptance text as-is means the final matrix can satisfy the checklist while omitting Radius/Terraform/Pulumi outputs, which weakens traceability for the newly added evaluation scope. + +Useful? React with 👍 / 👎. diff --git a/docs/pr-discussions/PR-5026-fix-codex-scope-backlog-pr-capacity-by-lane.md b/docs/pr-discussions/PR-5026-fix-codex-scope-backlog-pr-capacity-by-lane.md new file mode 100644 index 0000000000..eedb6c2d7b --- /dev/null +++ b/docs/pr-discussions/PR-5026-fix-codex-scope-backlog-pr-capacity-by-lane.md @@ -0,0 +1,125 @@ +--- +pr_number: 5026 +title: "fix(codex): scope backlog PR capacity by lane" +author: "AceHack" +state: "MERGED" +created_at: "2026-05-25T23:09:16Z" +merged_at: "2026-05-25T23:32:19Z" +closed_at: "2026-05-25T23:32:19Z" +head_ref: "codex/lane-aware-pr-capacity" +base_ref: "main" +archived_at: "2026-05-25T23:46:36Z" +archive_tool: "tools/pr-preservation/archive-pr.ts" +--- + +# PR #5026: fix(codex): scope backlog PR capacity by lane + +## PR description + +## Summary +- scope Codex backlog runner PR capacity to Codex branch prefixes by default +- preserve explicit global counting via `--capacity-head-prefixes all` / `CODEX_BACKLOG_RUNNER_CAPACITY_HEAD_PREFIXES=all` +- report total open PR count separately so queue pressure remains visible + +## Verification +- `/opt/homebrew/bin/bun test tools/backlog/codex-backlog-runner.test.ts` +- `/opt/homebrew/bin/bun .codex/bin/codex-backlog-runner.ts --max-open-prs 3 --capacity-head-prefixes all` + +## Reviews + +### COMMENTED — @chatgpt-codex-connector (2026-05-25T23:11:40Z) + + +### 💡 Codex Review + +Here are some automated review suggestions for this pull request. + +**Reviewed commit:** `5f9435e6be` + + +
ℹ️ About Codex in GitHub +
+ +[Your team has set up Codex to review pull requests in this repo](https://chatgpt.com/codex/cloud/settings/general). Reviews are triggered when you +- Open a pull request for review +- Mark a draft as ready +- Comment "@codex review". + +If Codex has suggestions, it will comment; otherwise it will react with 👍. + + +Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". + +
+ +### COMMENTED — @copilot-pull-request-reviewer (2026-05-25T23:12:32Z) + +## Pull request overview + +This PR updates the Codex backlog runner’s PR-capacity gate so that, by default, “open PR capacity” is counted only for Codex-owned lanes (branch prefixes like `codex/`), while still allowing an explicit opt-out to global counting (`--capacity-head-prefixes all` / `CODEX_BACKLOG_RUNNER_CAPACITY_HEAD_PREFIXES=all`). It also surfaces the overall open-PR pressure separately from the lane-scoped capacity count. + +**Changes:** +- Add `--capacity-head-prefixes` (and env var support) to scope capacity counting by head branch prefix, defaulting to `codex/`. +- Introduce `capacityPrCount(...)` and return both capacity-scoped and total open PR counts in runner output. +- Extend tests to cover the new capacity-scoping behavior. + +### Reviewed changes + +Copilot reviewed 1 out of 2 changed files in this pull request and generated 2 comments. + +| File | Description | +| ---- | ----------- | +| tools/backlog/codex-backlog-runner.test.ts | Adds unit tests for `capacityPrCount` to verify lane-scoped vs global counting. | +| .codex/bin/codex-backlog-runner.ts | Implements capacity scoping via head-prefix filtering, adds CLI/env parsing, and reports both scoped + total open PR counts. | + +### COMMENTED — @copilot-pull-request-reviewer (2026-05-25T23:27:59Z) + +## Pull request overview + +Copilot reviewed 1 out of 2 changed files in this pull request and generated 2 comments. + +## Review threads + +### Thread 1: .codex/bin/codex-backlog-runner.ts:159 (resolved) + +**@chatgpt-codex-connector** (2026-05-25T23:11:40Z): + +**![P1 Badge](https://img.shields.io/badge/P1-orange?style=flat) Remove 200-item cap from PR capacity counting** + +`openPrList` now queries `gh pr list` with `--limit 200`, and `capacityPrCount` uses that truncated list for gate decisions. Per the `gh pr list` manual, `--limit` is the “Maximum number of items to fetch,” so repositories with more than 200 open PRs will be undercounted and the runner can incorrectly enter `ready` and open additional work even when capacity is already full. This regresses the previous `openPrCount` path (`tools/github/poll-pr-gate-batch.ts --all-open`), which was designed to enumerate all open PRs via pagination. + +Useful? React with 👍 / 👎. + +### Thread 2: .codex/bin/codex-backlog-runner.ts:163 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T23:12:31Z): + +P1: `openPrList` is capped at `--limit 200`, but `totalOpenPrCount` is reported as `openPrs.length` and described as “total”. If the repo ever has >200 open PRs, this will under-report total queue pressure and may omit PR-derived active-claim blockers beyond the first 200. Consider either paginating (e.g. GraphQL `--paginate`) or raising the limit to the maximum supported, or rename the field to reflect truncation. + +### Thread 3: .codex/bin/codex-backlog-runner.ts:92 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T23:12:32Z): + +P2: `parseCapacityHeadPrefixes` treats the special value `all` case-insensitively (via `toLowerCase()`), but the returned prefixes are not normalized, and `capacityPrCount` does a case-sensitive `startsWith`. A user passing `CODEX/` (or mixed case) will silently match nothing. Consider normalizing prefixes + `headRefName` consistently, or documenting that prefix matching is case-sensitive. + +### Thread 4: .codex/bin/codex-backlog-runner.ts:159 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T23:27:58Z): + +`isRecord` returns true for arrays, so `parseOpenPrListOutput` would silently accept a decoded JSON array row (unexpected shape) instead of failing fast. Consider tightening the guard to exclude arrays (e.g., `!Array.isArray(value)`) so malformed `gh api` output is detected deterministically. + +### Thread 5: tools/backlog/codex-backlog-runner.test.ts:27 (resolved) + +**@copilot-pull-request-reviewer** (2026-05-25T23:27:58Z): + +The test fixture uses a named-person lane prefix (`lior/...`) in code. Per `.github/copilot-instructions.md` “No name attribution in code” convention, prefer a neutral/role-based prefix for non-codex examples (or reuse existing non-name prefixes like `backlog/`). + +## General comments + +### @chatgpt-codex-connector (2026-05-25T23:24:40Z) + +You have reached your Codex usage limits for code reviews. You can see your limits in the [Codex usage dashboard](https://chatgpt.com/codex/cloud/settings/usage). + +### @chatgpt-codex-connector (2026-05-25T23:29:33Z) + +You have reached your Codex usage limits for code reviews. You can see your limits in the [Codex usage dashboard](https://chatgpt.com/codex/cloud/settings/usage). diff --git a/docs/pr-discussions/PR-5029-backlog-b-0756-ha-control-plane-multi-master-k3s-embedded-et.md b/docs/pr-discussions/PR-5029-backlog-b-0756-ha-control-plane-multi-master-k3s-embedded-et.md new file mode 100644 index 0000000000..ebc7c7ca06 --- /dev/null +++ b/docs/pr-discussions/PR-5029-backlog-b-0756-ha-control-plane-multi-master-k3s-embedded-et.md @@ -0,0 +1,83 @@ +--- +pr_number: 5029 +title: "backlog(B-0756): HA control-plane \u2014 multi-master k3s embedded etcd + stable API endpoint" +author: "AceHack" +state: "MERGED" +created_at: "2026-05-25T23:24:37Z" +merged_at: "2026-05-25T23:28:11Z" +closed_at: "2026-05-25T23:28:11Z" +head_ref: "otto-cli/b0756-ha-control-plane-etcd-2026-05-25" +base_ref: "main" +archived_at: "2026-05-25T23:46:36Z" +archive_tool: "tools/pr-preservation/archive-pr.ts" +--- + +# PR #5029: backlog(B-0756): HA control-plane — multi-master k3s embedded etcd + stable API endpoint + +## PR description + +## Summary + +Backlog row captured mid-B-0754-v1 session: Aaron asked "if we support mutiple control plane nodes when i have two or more how is etcd involved?". + +Architecture target: 1/3/5/7 odd-count control-plane HA via k3s embedded etcd raft quorum, with stable API endpoint via DNS round-robin (v1) or kube-vip/keepalived virtual IP (v2). Single-control-plane stays as easy default. + +Three k3s control-plane modes proposed: + +| Mode | Behavior | +|------|----------| +| `single` (default) | embedded SQLite, current behavior | +| `ha-init` | first CP node — `--cluster-init`, embedded etcd | +| `ha-join` | additional CP nodes — joins via `--server https://:6443` | + +Even-count refusal at config-time (2/4/6 control-planes split-brain on partition). + +## Composes with + +- B-0754 (zero-typing first-boot — needs 'h' / 'j' keystroke options when HA mode is opted in) +- B-0755 (role taxonomy expansion) + +## Test plan + +- [ ] Future PR implements `zeta.cluster.controlPlane.mode` option in `modules/k3s-server.nix` +- [ ] Future PR adds DNS round-robin path +- [ ] CI green on row file + +## Reviews + +### COMMENTED — @copilot-pull-request-reviewer (2026-05-25T23:28:18Z) + +## Pull request overview + +Adds a single P3 backlog row scoping future HA control-plane work for k3s: odd-count embedded-etcd quorum (1/3/5/7), explicit refusal of even counts, three opt-in modes (`single`/`ha-init`/`ha-join`), and a stable API endpoint via DNS round-robin (v1) or kube-vip/keepalived VIP (v2). The row composes with B-0754 (zero-typing first-boot) and B-0755 (role taxonomy). + +**Changes:** +- New P3 backlog row `B-0756` capturing HA control-plane architecture target and acceptance criteria. +- Documents stable API endpoint options (DNS RR, kube-vip, external LB) and k3s embedded-etcd operational notes (snapshots, join token, removal). +- Cross-references planned extensions to B-0754's keystroke prompt and a future `zflash --ha-bootstrap-ip` flag. + +## Review threads + +### Thread 1: docs/backlog/P3/B-0756-ha-control-plane-multi-master-embedded-etcd-quorum-and-stable-api-endpoint-aaron-2026-05-25.md:11 (unresolved) + +**@copilot-pull-request-reviewer** (2026-05-25T23:28:18Z): + +The frontmatter uses `size: L` and `labels: [...]` and omits `last_updated`, but the canonical backlog schema in `tools/backlog/README.md:57-73` defines `effort` (S/M/L) and `tags` (not `size`/`labels`), and lists `last_updated` as a required field. Neither `size` nor `labels` appear in the permissive lint allowlist in `tools/backlog/lint-frontmatter.ts:54-77`, so these will surface as non-schema-key findings (check 3). Rename `size` → `effort`, `labels` → `tags`, and add a `last_updated: 2026-05-25` field. + +### Thread 2: docs/backlog/P3/B-0756-ha-control-plane-multi-master-embedded-etcd-quorum-and-stable-api-endpoint-aaron-2026-05-25.md:19 (unresolved) + +**@copilot-pull-request-reviewer** (2026-05-25T23:28:18Z): + +The Problem statement says the current `modules/k3s-server.nix` configures a single-node control-plane with "default k3s backend = embedded SQLite", but both existing server modules already set `services.k3s.clusterInit = lib.mkDefault true`, which selects k3s's embedded etcd (not SQLite) even for a single node — see `infra/nixos/modules/k3s-server.nix:14-32` and `full-ai-cluster/nixos/modules/k3s-server.nix:12-25`. This affects the framing of the row: the migration is from "single-node embedded etcd" to "multi-node embedded etcd quorum", not from SQLite. Consider correcting so future implementers don't waste cycles on a non-existent datastore migration. + +### Thread 3: docs/backlog/P3/B-0756-ha-control-plane-multi-master-embedded-etcd-quorum-and-stable-api-endpoint-aaron-2026-05-25.md:42 (unresolved) + +**@copilot-pull-request-reviewer** (2026-05-25T23:28:18Z): + +The `single` mode in the Acceptance list is described as "embedded SQLite, current behavior", but the current default in both server modules is `clusterInit = lib.mkDefault true` (embedded etcd). To match present state, `single` should mean "single-node embedded etcd" (current behavior), and an explicit SQLite mode — if desired at all — should be called out as a new option rather than the current behavior. + +## General comments + +### @chatgpt-codex-connector (2026-05-25T23:24:41Z) + +You have reached your Codex usage limits for code reviews. You can see your limits in the [Codex usage dashboard](https://chatgpt.com/codex/cloud/settings/usage). diff --git a/docs/pr-discussions/PR-5030-backlog-b-0757-cluster-auto-discovery-mdns-bootstrap-or-join.md b/docs/pr-discussions/PR-5030-backlog-b-0757-cluster-auto-discovery-mdns-bootstrap-or-join.md new file mode 100644 index 0000000000..aa445b8984 --- /dev/null +++ b/docs/pr-discussions/PR-5030-backlog-b-0757-cluster-auto-discovery-mdns-bootstrap-or-join.md @@ -0,0 +1,25 @@ +--- +pr_number: 5030 +title: "backlog(B-0757): cluster auto-discovery \u2014 mDNS bootstrap-or-join for unattended N-th node growth" +author: "AceHack" +state: "MERGED" +created_at: "2026-05-25T23:25:09Z" +merged_at: "2026-05-25T23:26:45Z" +closed_at: "2026-05-25T23:26:45Z" +head_ref: "otto-cli/b0757-cluster-auto-discovery-2026-05-25" +base_ref: "main" +archived_at: "2026-05-25T23:46:36Z" +archive_tool: "tools/pr-preservation/archive-pr.ts" +--- + +# PR #5030: backlog(B-0757): cluster auto-discovery — mDNS bootstrap-or-join for unattended N-th node growth + +## PR description + +Backlog row capturing Aaron's ask: 'can we make this auto matic as i add and others create their own clusers so 1, 2, 3, 4, etc... are all setup correctly unattended unless you interrupt?' — each USB self-organizes via mDNS discovery; bootstrap if first, join if Nth. Composes with B-0754 / B-0755 / B-0756. + +## General comments + +### @chatgpt-codex-connector (2026-05-25T23:25:13Z) + +You have reached your Codex usage limits for code reviews. You can see your limits in the [Codex usage dashboard](https://chatgpt.com/codex/cloud/settings/usage).