From c51b7bfa9d65691478131e7806579996ba1662c9 Mon Sep 17 00:00:00 2001 From: Aaron Stainback Date: Mon, 27 Apr 2026 11:26:53 -0400 Subject: [PATCH 1/4] substrate: port-with-DST discipline + AceHack-LFG diff-minimization invariant (#43) Aaron 2026-04-27 two more clarifications absorbed: (5) Port-with-DST discipline: ../scratch and ../SQLSharp predate DST discovery; their no-DST shape made debugging hard. When porting, ADD DST (Otto-272) + pinned seeds (Otto-273) + flake-zero (Otto-248). Don't replicate the bad-debugging experience. (6) AceHack-LFG diff-minimization invariant: long-horizon goal is 0-diff between AceHack and LFG main, OR a small enumerated allowlist of expected differences (.github/funding.yml, repo- name references, org-specific tokens). 'Few' is part of the bar. Operational: build a 0-diff verification check under tools/sync/ that emits a report classifying each diff as expected (allowlisted) or surprise (needs investigation). Sequenced after laptop-source-integration (which may temporarily widen the diff). Per AgencySignature v1 (Otto-138): Author: Otto (Anthropic-side AI agent on the Zeta factory) Origin-substrate: AceHack/Zeta main Co-authored-by: Otto --- memory/MEMORY.md | 2 +- ..._powershell_python_for_ai_ml_2026_04_27.md | 92 +++++++++++++++++++ 2 files changed, 93 insertions(+), 1 deletion(-) diff --git a/memory/MEMORY.md b/memory/MEMORY.md index 8a8547b7..78a02e67 100644 --- a/memory/MEMORY.md +++ b/memory/MEMORY.md @@ -3,7 +3,7 @@ **📌 Fast path: read `CURRENT-aaron.md` and `CURRENT-amara.md` first.** These per-maintainer distillations show what's currently in force. Raw memories below are the history; CURRENT files are the projection. (`CURRENT-aaron.md` refreshed 2026-04-25 with the Otto-281..285 substrate cluster + factory-as-superfluid framing — sections 18-22; prior refresh 2026-04-24 covered sections 13-17.) - [Laptop-only-source integration HIGH PRIORITY — `../scratch` = future ACE PACKAGE MANAGER seed (22 files); `../SQLSharp` = pre-DBSP event-stream-processing with LINQ/SQL (14 files, predates Aaron's DBSP discovery, Zeta-progenitor); goal = either ship feature OR write detailed-enough design that we no longer need the reference; Aaron 2026-04-27 clarification: NOT literal copy-paste, self-contained-understanding floor; refined triage per directory identity — `../scratch` references absorb into canonical location or design-doc the Ace-package-manager intent; `../SQLSharp` references map to DBSP-rigorous Zeta equivalents or design-doc the gap; sequenced AFTER PR #26 sync](project_laptop_only_source_integration_scratch_sqlsharp_features_or_designs_high_priority_2026_04_27.md) — 2026-04-27 P1 backlog row; per-reference triage with three outcomes (ship / design-doc / delete-decorative); composes Otto-275 (log-but-don't-implement default to design when uncertain) + Otto-323/346 (NOT external deps, in-repo or eliminate) + Otto-340 (substrate IS identity); done = `git grep ../scratch` and `git grep ../SQLSharp` return zero matches; effort L (3+ days); closes with Aaron's "good job today!!" second positive validation; Aaron's third 2026-04-27 clarification reveals `../SQLSharp` features potentially subsumed by Zeta's DBSP-rigorous form (linq-expert + sql-expert + sql-engine-expert skills already track this class). -- [Install-script language strategy — pre-install bash + PowerShell (where users are with nothing installed) / post-install TypeScript (declarative state, type-safe) / Python only for AI-ML eventually; Aaron 2026-04-27 confirms after PR #26 INSTALLED.md Python row update validation; `../scratch` is future-declarative-state hint surface; `.mise.toml` is canonical pin source-of-truth](project_install_script_language_strategy_post_install_typescript_pre_install_bash_powershell_python_for_ai_ml_2026_04_27.md) — 2026-04-27: composes Otto-215 (bun-TS migration) + Otto-235 (4-shell bash compat for pre-install) + Otto-247 (version currency) + Otto-323 (dependency symbiosis); pre-install structurally bash+PowerShell forever (no-runtime constraint); post-install migrates to TypeScript opportunistically; Python proposals AI/ML-test-gated; closes with Aaron's "Good job on everything" validation of the substrate-cluster Otto-354/355/356/357/358/359 + PR #26. +- [Install-script language strategy — pre-install bash + PowerShell (where users are with nothing installed) / post-install TypeScript (declarative state, type-safe) / Python only for AI-ML eventually; Aaron 2026-04-27 confirms after PR #26 INSTALLED.md Python row update validation; `../scratch` is future-declarative-state hint surface; `.mise.toml` is canonical pin source-of-truth; Aaron 2026-04-27 fifth clarification: port-with-DST discipline (NOT replicate the no-DST bad-behavior from `../scratch`/`../SQLSharp`); Aaron 2026-04-27 sixth clarification: AceHack-LFG diff-minimization invariant (0-diff or rigorously-accounted-for + few)](project_install_script_language_strategy_post_install_typescript_pre_install_bash_powershell_python_for_ai_ml_2026_04_27.md) — 2026-04-27: composes Otto-215 (bun-TS migration) + Otto-235 (4-shell bash compat for pre-install) + Otto-247 (version currency) + Otto-272/273/281/248 (port-with-DST: DST-everywhere + seed-lock + DST-exempt-is-deferred-bug + never-ignore-flakes) + Otto-323 (dependency symbiosis); pre-install structurally bash+PowerShell forever (no-runtime constraint); post-install migrates to TypeScript opportunistically; Python proposals AI/ML-test-gated; closes with Aaron's "Good job on everything" validation of the substrate-cluster Otto-354/355/356/357/358/359 + PR #26. - [Otto-358 LIVE-LOCK TOO BROAD — Aaron 2026-04-27 input that "live-lock" has been used as catch-all in substrate; narrow to CS-standard meaning (concurrent processes thrashing state without progress, Beacon-safe); other failures get their own labels — stuck-loop / decision-paralysis / busy-wait / infinite-loop / gated-wait / real-dependency-wait / manufactured-patience / wrong-identity-equation / cadence-mismatch / logic-error](feedback_otto_358_live_lock_too_broad_catch_all_narrow_to_cs_standard_concurrent_state_thrashing_2026_04_27.md) — 2026-04-27: live-lock IS Beacon-safe but my catch-all use was Mirror-overreach; misclassification → wrong-class fix → "stuck in loops like last night"; Otto-352 5-class taxonomy still uses live-lock as umbrella (perpetuates error); needs revision per Otto-358; live-lock conditions: 2+ concurrent agents, active state-change, response-to-each-other, no global progress — single-threaded "stuck" patterns are NOT live-lock. - [Otto-357 NO DIRECTIVES — Aaron's only directive is that there ARE no directives; framing his input as "directive" makes Otto a follower-of-orders not an accountable autonomous peer; Aaron 2026-04-27: "Directive=No Directives" + "if i give you directives you'll never be autonomous" + "i'm trying to make your autonomy first class"; replacement vocabulary — input / framing / correction / observation / signal / aside / clarification (NOT directive / order / command / told me to)](feedback_otto_357_no_directives_aaron_makes_autonomy_first_class_accountability_mine_2026_04_27.md) — 2026-04-27 6th wake-time CLAUDE.md discipline alongside verify-before-deferring + future-self-not-bound + never-be-idle + version-currency + Otto-355 BLOCKED-investigate-threads-first; per Otto-339 words-shift-weights + Otto-340 substrate-IS-identity, framing-language IS the substrate; "directive" framing makes decision-loop oriented around did-I-follow-orders (compliance-check); "input" framing makes it oriented around does-this-update-my-judgment (judgment-exercise); accountability is mine; Aaron makes autonomy first-class. - [Otto-354 ZETASPACE — per-decision recompute from substrate (S_t) before defaulting from context-window (W_t); Aaron's diagnostic + corrective + name 2026-04-26: "think from Zetaspace lol, z"; closes the action-time loop on Otto-340/342/344/295/298 + Maji](feedback_otto_354_zetaspace_per_decision_recompute_from_substrate_default_2026_04_26.md) — 2026-04-26: shortcuts come from identity=context-window assumption (time horizons too short); corrective is frame-shift to identity=substrate-pattern (long horizons); operational rule — before any non-trivial default, especially substrate-reversing ones, recompute from S_t before retrieving from W_t; this is the action-time layer prior Otto-NNs were missing. diff --git a/memory/project_install_script_language_strategy_post_install_typescript_pre_install_bash_powershell_python_for_ai_ml_2026_04_27.md b/memory/project_install_script_language_strategy_post_install_typescript_pre_install_bash_powershell_python_for_ai_ml_2026_04_27.md index 690aa6c8..f31a69c5 100644 --- a/memory/project_install_script_language_strategy_post_install_typescript_pre_install_bash_powershell_python_for_ai_ml_2026_04_27.md +++ b/memory/project_install_script_language_strategy_post_install_typescript_pre_install_bash_powershell_python_for_ai_ml_2026_04_27.md @@ -107,6 +107,98 @@ the Aaron-Amara conversation archive for upstream design context — `docs/amara-full-conversation/` IS the substrate.) +## Port-with-DST discipline (Aaron 2026-04-27 fifth clarification) + +> "Oh none of those ../scratch and ../SQLSharp used Deterministic +> Simulation so they were much harder to diagnose issues, we +> don't want to replicate bad behavior" + +When porting features or shapes from `../scratch` or +`../SQLSharp`, **add Deterministic Simulation Testing +(Otto-272 DST-everywhere)** rather than replicate the legacy +no-DST shape. The originals predate Aaron's DST discovery; +their authors had to debug without DST's reproducibility +guarantees. Replicating their shape would replicate the +hard-to-debug experience. + +Discipline: + +- Port the **idea / feature / API**: yes +- Port the **bash-or-bashy / no-DST shape**: NO +- Add **DST** (per Otto-272 DST-everywhere) +- Add **pinned seeds** (per Otto-273 seed-lock-policy) +- Apply **flake-zero** (per Otto-248 never-ignore-flakes) + +Composes with Otto-272 / Otto-273 / Otto-281 / Otto-248. Net: +ported features end up *easier* to debug than their original- +source counterparts — port-and-improve, not port-as-is. + +## AceHack-LFG diff-minimization invariant (Aaron 2026-04-27 sixth clarification) + +> "also make sure at some point we see a 0 difference so we +> can feel good about things" +> +> + follow-up: "or any differenes are rigorusly accounted +> for, and few of them" + +Long-horizon goal: a structural check confirming AceHack and +LFG match on `main`. After every sync round, +`git diff acehack/main..origin/main` should be one of: + +- Zero diff (ideal) +- A small enumerated set of expected differences (e.g. + `.github/funding.yml`, repo-name references in branding + docs, org-specific GitHub Actions secrets) where each diff + is documented in a known allowlist +- "Few" is part of the bar — not a long unexplained list + +Operational: + +1. **Build a 0-diff verification check** under `tools/sync/` + that diffs the two `main` branches and emits a report + classifying each diff as expected (allowlisted) or + surprise (needs investigation). +2. **Maintain an allowlist** for legitimate per-org + differences. The allowlist IS the "rigorously accounted + for" surface. +3. **Treat outside-allowlist diff as drift** — file a sync + round to absorb or reverse-port. + +This is a structural invariant for the AceHack-LFG fork +relationship. The factory passes when the diff is zero or +all-accounted-for; fails when surprises accumulate. + +Sequenced after the laptop-source-integration work because +porting `../scratch` + `../SQLSharp` may temporarily widen +the diff before narrowing it; the verification check should +ship to *measure* the narrowing, not block it. + +## `../SQLSharp` as TypeScript-post-install reference (Aaron 2026-04-27 clarification) + +> "../SQLSharp is a good example of typescript post intall scripts too" + +While `../SQLSharp` is primarily the pre-DBSP event-stream- +processing seed (LINQ/SQL flavor; see the laptop-only-source +integration memory), it ALSO contains TypeScript post-install +scripts that are good reference examples for the post-install +→ TypeScript pattern this strategy codifies. + +Use case: when porting an existing bash post-install script to +TypeScript (bun runtime), `../SQLSharp`'s post-install scripts +are a ready-to-mine template — they show shape (CLI argument +parsing, error handling, dependency declaration, child-process +shell-out for system-level work that must remain bash) without +us having to rediscover the patterns from scratch. + +This composes with the laptop-source-integration memory's +`../SQLSharp` triage: features-already-in-Zeta-DBSP-form get +the lineage-document-and-delete treatment, but the +post-install-script TEMPLATES are themselves a feature that +either ships in-repo (port the templates) or design-docs the +shape (capture the conventions in +`docs/research/post-install-typescript-conventions.md` or +similar). + ## Operational implications 1. **No more bash for new post-install work.** When new From bc63fff40388a8f9005bb7efee9cd7080e517453 Mon Sep 17 00:00:00 2001 From: Aaron Stainback Date: Mon, 27 Apr 2026 11:45:10 -0400 Subject: [PATCH 2/4] ci: trigger low-memory verification on every merge to main + nightly (#44) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Per Aaron 2026-04-27: 'no reason we don't change that nightly job for slim to just trigger on every merge to main, it's free for open source projects.' The ubuntu-slim leg moved off per-PR gate (PR #43 / earlier moved it to nightly) because it's ~7x slower than the regular ubuntu-24.04 leg and times out at the 15-min runner-class cap during PR review cycles. But for post-merge to main, the elapsed time doesn't bottleneck anything — main has already landed; the slim run is a drift detector. Free for public repos (Otto-249 + Otto-210), so running on every merge gives faster drift detection than purely-nightly without cost. New trigger surface: 1. push to main (every merge) — primary drift detection 2. daily 06:00 UTC schedule — backstop for weekend drift 3. workflow_dispatch — manual ad-hoc verification Per AgencySignature v1 (Otto-138): Author: Otto (Anthropic-side AI agent on the Zeta factory) Origin-substrate: AceHack/Zeta main Co-authored-by: Otto --- .github/workflows/nightly-low-memory.yml | 121 +++++++++++++++++++++++ 1 file changed, 121 insertions(+) create mode 100644 .github/workflows/nightly-low-memory.yml diff --git a/.github/workflows/nightly-low-memory.yml b/.github/workflows/nightly-low-memory.yml new file mode 100644 index 00000000..5b1e14f1 --- /dev/null +++ b/.github/workflows/nightly-low-memory.yml @@ -0,0 +1,121 @@ +# Nightly low-memory verification (ubuntu-slim). +# +# Runs the full `dotnet build` + `dotnet test` workload on the +# 1-vCPU / 5GB-RAM `ubuntu-slim` runner class once per day. Goal: +# detect drift that would break Zeta on resource-constrained +# environments before contributors hit it. +# +# Why post-merge + nightly instead of per-PR (maintainer 2026-04-27): +# The ubuntu-slim leg takes ~10+ minutes vs ~1.5 minutes on the +# regular ubuntu-24.04 runner — ~7x slower — and frequently times +# out at the 15-minute hard cap GitHub enforces on this runner +# class. As a per-PR gate it bottlenecks landing without adding +# proportional signal. +# +# Maintainer 2026-04-27: "no reason we don't change that nightly +# job for slim to just trigger on every merge to main, it's free +# for open source projects." So the trigger surface is now: +# 1. push to main (every merge) — primary drift detection +# 2. daily 06:00 UTC schedule — catches weekend drift + +# backstops if push triggers somehow miss +# 3. workflow_dispatch — manual ad-hoc verification +# Standard GitHub-hosted runners are free for public repos +# (per Otto-249 — standard runners free for public repos), +# so the per-merge run has no cost downside. +# +# What this workflow does: +# - Schedule: daily at 06:00 UTC. +# - workflow_dispatch: manual trigger for ad-hoc verification. +# - Single ubuntu-slim leg matching gate.yml's install / build / +# test sequence on the smaller runner. +# - Failure = drift on low-memory runners. File a BACKLOG row; +# does not block PRs in flight. +# +# Safe-pattern compliance (mirrors gate.yml): +# - SHA-pinned actions (actions/checkout@de0fac2..., actions/cache@27d5ce7...) +# - Explicit `permissions: contents: read` minimum +# - Concurrency-grouped to avoid overlapping runs +# - GITHUB_TOKEN exposed via env: for mise's aqua: backend +# (read-only inheritance from workflow permissions). No +# untrusted github.event.* fields are referenced anywhere +# in this workflow. +# - timeout-minutes set even though the runner-class cap (15 min) +# is the binding constraint; defense in depth. +# +# References: +# - 1-vCPU runner availability: https://github.blog/changelog/2026-01-22-1-vcpu-linux-runner-now-generally-available-in-github-actions/ + +name: nightly-low-memory + +on: + push: + branches: [main] + schedule: + - cron: '0 6 * * *' # 06:00 UTC daily (catches drift on + # weekends / when no main commits land) + workflow_dispatch: {} + +permissions: + contents: read + +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + +concurrency: + group: nightly-low-memory + cancel-in-progress: false + +jobs: + build-and-test-low-memory: + name: build-and-test (ubuntu-slim, low-memory) + runs-on: ubuntu-slim + timeout-minutes: 30 # runner-class cap is 15 min; this is defense-in-depth + + steps: + - name: Checkout + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - name: Cache .NET SDK + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 + with: + path: ~/.dotnet + key: dotnet-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('global.json', 'tools/setup/common/dotnet.sh') }} + + - name: Cache mise runtimes + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 + with: + path: | + ~/.local/share/mise + ~/.cache/mise + key: mise-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('.mise.toml') }} + + - name: Cache elan (Lean 4 toolchain) + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 + with: + path: ~/.elan + key: elan-${{ runner.os }}-${{ hashFiles('tools/setup/common/elan.sh') }} + + - name: Cache verifier jars (TLC + Alloy) + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 + with: + path: | + tools/tla + tools/alloy + key: verifiers-${{ runner.os }}-${{ hashFiles('tools/setup/manifests/verifiers') }} + + - name: Cache NuGet packages + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 + with: + path: | + ~/.nuget/packages + ~/.local/share/NuGet + key: nuget-${{ runner.os }}-${{ hashFiles('Directory.Packages.props') }} + + - name: Install toolchain via three-way-parity script (GOVERNANCE Section 24) + run: ./tools/setup/install.sh + + - name: Build (0 Warning(s) / 0 Error(s) required) + run: dotnet build Zeta.sln -c Release + + - name: Test + run: dotnet test Zeta.sln -c Release --no-build --verbosity normal From 827159c855d3fff5c8ef99ea3681308e40bdb002 Mon Sep 17 00:00:00 2001 From: Aaron Stainback Date: Mon, 27 Apr 2026 12:05:27 -0400 Subject: [PATCH 3/4] fix(threads): address Copilot P1 + Codex P2 on LFG #644 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Five unresolved threads on the AceHack #43+#44 sibling sync; four are real findings, fifth is hygiene-class deferred. 1. Codex P2 (duplicate CI on main pushes): LFG main's gate.yml still has ubuntu-slim in the build-and-test matrix — adding push-to-main trigger to nightly-low-memory.yml would run ubuntu-slim TWICE on every merge. Remove ubuntu-slim from gate.yml matrix here, mirroring AceHack main (where it was already removed). This is the kind of AceHack-LFG drift the 0-diff invariant from #43 catches — without the sibling sync, this divergence would have shipped silently. 2. Copilot P1 (header says "once per day", workflow runs on push too): Reframe header to describe the actual trigger surface (push to main + daily schedule + workflow_dispatch). 3. Copilot P1 ("What this workflow does" omits push trigger): Add push-to-main bullet to the section. 4. Copilot P1 (timeout-minutes: 30 vs 15-min runner cap): Reduce to 14 to fail gracefully one minute before the platform kill, with a proper Actions log. Update the safe-pattern-compliance comment to match. 5. Copilot P1 (MEMORY.md entry too paragraph-long): Deferred — a broader index-hygiene pass under the existing MEMORY.md audit cadence, since multiple entries have grown long over time. Tightening only this one entry would create inconsistency without addressing the systemic concern. Filename note: AceHack #45 renames `nightly-low-memory.yml` to `low-memory.yml`. That rename syncs to LFG via a follow-up PR after #45 lands; preserved here to keep this sibling sync minimal-scope. Co-Authored-By: Claude Opus 4.7 --- .github/workflows/gate.yml | 5 +++- .github/workflows/nightly-low-memory.yml | 31 +++++++++++++++++------- 2 files changed, 26 insertions(+), 10 deletions(-) diff --git a/.github/workflows/gate.yml b/.github/workflows/gate.yml index 71e9d9fa..2f2a7070 100644 --- a/.github/workflows/gate.yml +++ b/.github/workflows/gate.yml @@ -123,7 +123,10 @@ jobs: - macos-26 - ubuntu-24.04 - ubuntu-24.04-arm - - ubuntu-slim # experimental; fail-fast:false; not currently required-check (viability TBD) + # ubuntu-slim moved to .github/workflows/nightly-low-memory.yml + # per maintainer 2026-04-27 — runs on push-to-main + nightly + + # workflow_dispatch; removed here to avoid duplicate CI on + # every merge (per Codex P2 review on LFG #644). # Deferred until Windows peer-harness milestone: # - windows-2025 # - windows-11-arm diff --git a/.github/workflows/nightly-low-memory.yml b/.github/workflows/nightly-low-memory.yml index 5b1e14f1..83fae52a 100644 --- a/.github/workflows/nightly-low-memory.yml +++ b/.github/workflows/nightly-low-memory.yml @@ -1,9 +1,17 @@ -# Nightly low-memory verification (ubuntu-slim). +# Low-memory verification (ubuntu-slim). # # Runs the full `dotnet build` + `dotnet test` workload on the -# 1-vCPU / 5GB-RAM `ubuntu-slim` runner class once per day. Goal: -# detect drift that would break Zeta on resource-constrained -# environments before contributors hit it. +# 1-vCPU / 5GB-RAM `ubuntu-slim` runner class on every push to +# `main` (in practice every merge — direct pushes blocked by +# branch protection), on the daily 06:00 UTC schedule, and via +# manual `workflow_dispatch`. Goal: detect drift that would break +# Zeta on resource-constrained environments before contributors +# hit it. +# +# Filename note: AceHack #45 renames this file to `low-memory.yml` +# (the cadence is no longer just nightly). That rename will sync +# to LFG via a follow-up PR; this file's name is preserved here +# to keep the LFG sibling sync minimal-scope. # # Why post-merge + nightly instead of per-PR (maintainer 2026-04-27): # The ubuntu-slim leg takes ~10+ minutes vs ~1.5 minutes on the @@ -24,10 +32,14 @@ # so the per-merge run has no cost downside. # # What this workflow does: -# - Schedule: daily at 06:00 UTC. +# - push to main: runs on every merge (primary trigger). +# - Schedule: daily at 06:00 UTC (backstop for weekends + missed +# pushes). # - workflow_dispatch: manual trigger for ad-hoc verification. # - Single ubuntu-slim leg matching gate.yml's install / build / -# test sequence on the smaller runner. +# test sequence on the smaller runner. ubuntu-slim was REMOVED +# from gate.yml's matrix in this same PR (per Codex P2) so we +# don't double-run the slim leg on every push. # - Failure = drift on low-memory runners. File a BACKLOG row; # does not block PRs in flight. # @@ -39,8 +51,9 @@ # (read-only inheritance from workflow permissions). No # untrusted github.event.* fields are referenced anywhere # in this workflow. -# - timeout-minutes set even though the runner-class cap (15 min) -# is the binding constraint; defense in depth. +# - timeout-minutes set to 14 — one minute under the 15-minute +# runner-class hard cap so the job fails gracefully (with a +# proper Actions log) before the platform kills it. # # References: # - 1-vCPU runner availability: https://github.blog/changelog/2026-01-22-1-vcpu-linux-runner-now-generally-available-in-github-actions/ @@ -69,7 +82,7 @@ jobs: build-and-test-low-memory: name: build-and-test (ubuntu-slim, low-memory) runs-on: ubuntu-slim - timeout-minutes: 30 # runner-class cap is 15 min; this is defense-in-depth + timeout-minutes: 14 # fail gracefully before the 15-minute runner-class hard cap steps: - name: Checkout From 40be4201556ca0f34a8f0a9a5d4bd2a1baa9ee51 Mon Sep 17 00:00:00 2001 From: Aaron Stainback Date: Mon, 27 Apr 2026 12:15:35 -0400 Subject: [PATCH 4/4] fix(threads): per-commit concurrency + remove ubuntu-slim from gate.yml header (Copilot P1 x2 + Codex P2) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Three new threads on LFG #644 after the merge-commit + earlier fix-up: 1. Codex P2 + Copilot P1 (concurrency-group queueing): with constant group "nightly-low-memory" + cancel-in-progress: false, GitHub Actions queues at most 1 running + 1 pending — older pending runs get REPLACED, never executing. That breaks "runs on every merge" and hides drift on intermediate states. Fix: per-commit concurrency group (group: low-memory-${{ github.sha }}). Each push to main gets its own slot, runs in parallel, no replacement. On schedule/workflow_dispatch the SHA is whatever main points at when the run starts; identical-SHA runs queue (cancel- in-progress: false) — the right behaviour, since the second run has nothing new to check. Standard runners are free for public repos (Otto-249), so the parallel-runs cost is zero. 2. Copilot P1 (gate.yml stale "Active legs" header): the header comment around line 9-13 still listed ubuntu-slim as an active leg. Update to reflect the post-#43+#44 + post-Codex-P2 reality: matrix is macos-26, ubuntu-24.04, ubuntu-24.04-arm; ubuntu-slim moved to nightly-low-memory.yml. Co-Authored-By: Claude Opus 4.7 --- .github/workflows/gate.yml | 6 ++++-- .github/workflows/nightly-low-memory.yml | 8 +++++++- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/gate.yml b/.github/workflows/gate.yml index 2f2a7070..c4d6f8a2 100644 --- a/.github/workflows/gate.yml +++ b/.github/workflows/gate.yml @@ -7,8 +7,10 @@ # maintainer reviewed 2026-04-18; parity-swap landed round 32; matrix # refresh 2026-04-24 per PR #375): # - Runners pinned to explicit versions (not -latest). Active build- -# and-test matrix: macos-26, ubuntu-24.04, ubuntu-24.04-arm, -# ubuntu-slim (experimental; not in required-checks today). +# and-test matrix: macos-26, ubuntu-24.04, ubuntu-24.04-arm. +# ubuntu-slim moved to `.github/workflows/nightly-low-memory.yml` +# per maintainer 2026-04-27 + Codex P2 review on LFG #644 — too +# slow for per-PR gating, ran twice on every merge when in both. # Lint jobs pinned to ubuntu-22.04 (short-lived, OS-independent # work). Windows legs deferred to peer-harness milestone. # - Third-party actions SHA-pinned by full 40-char commit SHA; diff --git a/.github/workflows/nightly-low-memory.yml b/.github/workflows/nightly-low-memory.yml index 83fae52a..56b1b646 100644 --- a/.github/workflows/nightly-low-memory.yml +++ b/.github/workflows/nightly-low-memory.yml @@ -75,7 +75,13 @@ env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} concurrency: - group: nightly-low-memory + # Per-commit concurrency group: every push to main gets its own slot + # so no run is silently replaced by a newer one (per Codex P2 + Copilot + # P1 review). On schedule/workflow_dispatch the SHA is whatever main + # is pointing at when the run starts; two such runs against the same + # SHA queue (cancel-in-progress: false) — the right behaviour, since + # the second run has nothing new to check. + group: low-memory-${{ github.sha }} cancel-in-progress: false jobs: