Conversation
- Add backend validation to detect and warn about anon vs service keys - Prevent startup with incorrect Supabase key configuration - Consolidate frontend state management following KISS principles - Remove duplicate state tracking and sessionStorage polling - Add clear error display when backend fails to start - Improve .env.example documentation with detailed key selection guide - Add comprehensive test coverage for validation logic - Remove unused test results checking to eliminate 404 errors The implementation now warns users about key misconfiguration while maintaining backward compatibility. Frontend state is simplified with MainLayout as the single source of truth for backend status.
- Use python-jose (already in dependencies) instead of PyJWT for JWT decoding - Make unknown Supabase key roles fail fast per alpha principles - Skip all JWT validations (not just signature) when checking role - Update tests to expect failure for unknown roles Fixes: - No need to add PyJWT dependency - python-jose provides JWT functionality - Unknown key types now raise ConfigurationError instead of warning - JWT decode properly skips all validations to only check role claim
Collaborator
Author
|
resolves #223 |
Collaborator
Author
|
resolves #204 |
Owner
|
@Wirasm This is great, much needed so thank you! However, when I start up Archon on this PR I get this error in the Archon-UI container: 2025-08-16 06:23:51 /usr/local/bin/docker-entrypoint.sh: exec: line 11: /app/start.sh: not found Might be best to not change the Dockerfile for the frontend. |
- Rolled back to match main branch Dockerfile - Removed 3-second sleep script that was added for backend readiness - Container now runs npm directly without intermediate script - Tested and verified all services start correctly without the delay
Collaborator
Author
|
@coleam00 please test it again |
Collaborator
Author
|
solves: #286 |
POWERFULMOVES
added a commit
to POWERFULMOVES/PMOVES-Archon
that referenced
this pull request
Feb 12, 2026
…ions-health Feat/ghcr integrations health
coleam00
pushed a commit
that referenced
this pull request
Apr 7, 2026
…237) * Fix: Add stale workflow cleanup and defense-in-depth error handling Problem: Workflows could get stuck in "running" state indefinitely when the async generator disconnected but the AI subprocess continued working. This blocked new workflow invocations with "Workflow already running" errors. Root cause: No cleanup mechanism existed for workflows that failed to complete due to disconnection between the executor and the Claude SDK. Solution (defense-in-depth): 1. Activity-based staleness detection: Workflows inactive for 15+ minutes are auto-failed when a new workflow is triggered on the same conversation 2. Top-level error handling: All errors in workflow execution are caught and the workflow is properly marked as failed (prevents stuck state) 3. Manual cancel command: /workflow cancel lets users force-fail stuck workflows immediately Changes: - Add last_activity_at column via migration for staleness tracking - Add updateWorkflowActivity() to track activity during execution - Add staleness check before blocking concurrent workflows - Wrap workflow execution in try-catch to ensure failure is recorded - Add /workflow cancel subcommand to command handler - Update test to match new error handling behavior Fixes #232 * docs: Add /workflow cancel command to documentation * Improve error handling and add comprehensive tests for stale workflow cleanup Error handling improvements: - Add workflow ID and error context to updateWorkflowActivity logs - Add stack trace, error name, and cause to top-level catch block - Separate DB failure recording from file logging for clearer error messages - Add try-catch around staleness cleanup with user-facing error message - Check sendCriticalMessage return value and log when user not notified Test coverage additions: - Add staleness detection tests (stale vs non-stale, fallback to started_at) - Add /workflow cancel command tests - Add updateWorkflowActivity function tests (including non-throwing behavior) All 845 tests pass, type-check clean, lint clean.
coleam00
pushed a commit
that referenced
this pull request
Apr 7, 2026
* Fix: PR worktrees use actual branch for same-repo PRs (#232) When creating a worktree for a PR review, the system was always creating a synthetic branch (`pr-N-review`) instead of using the PR's actual branch. This caused confusion when pushing changes back to the PR, as commits went to an orphan branch instead of updating the PR. Changes: - Add `isForkPR` field to IsolationHints and IsolationRequest - Add fork detection in GitHub adapter (compares head.repo vs base.repo) - Update createFromPR() to use actual branch for same-repo PRs - Fork PRs still use synthetic branch (can't push to forks anyway) - Update generateBranchName() to return actual PR branch for same-repo PRs - Add tests for same-repo vs fork PR behavior Fixes #232 * docs: Update PR worktree behavior documentation for fork vs same-repo PRs * Address PR review findings: error handling and test coverage 1. **Error handling improvements**: - Add `prFetchFailed` flag to `IsolationHints` for degraded mode detection - Distinguish transient vs non-transient failures in PR fetch error handling - Make upstream tracking failure non-fatal (worktree still usable) 2. **Documentation**: - Add comment clarifying deleted fork edge case (null head.repo) 3. **Test coverage**: - Add fork detection unit tests (same-repo, fork, deleted fork, case sensitivity) - Add orchestrator integration tests for isForkPR pass-through Addresses review feedback from PR #238. * Simplify error handling in PR fetch logic - Remove code duplication in logging branches - Use dynamic function selection for log level - Remove redundant boolean fields from log output - Consolidate comments
Tyone88
pushed a commit
to Tyone88/Archon
that referenced
this pull request
Apr 16, 2026
…oleam00#237) * Fix: Add stale workflow cleanup and defense-in-depth error handling Problem: Workflows could get stuck in "running" state indefinitely when the async generator disconnected but the AI subprocess continued working. This blocked new workflow invocations with "Workflow already running" errors. Root cause: No cleanup mechanism existed for workflows that failed to complete due to disconnection between the executor and the Claude SDK. Solution (defense-in-depth): 1. Activity-based staleness detection: Workflows inactive for 15+ minutes are auto-failed when a new workflow is triggered on the same conversation 2. Top-level error handling: All errors in workflow execution are caught and the workflow is properly marked as failed (prevents stuck state) 3. Manual cancel command: /workflow cancel lets users force-fail stuck workflows immediately Changes: - Add last_activity_at column via migration for staleness tracking - Add updateWorkflowActivity() to track activity during execution - Add staleness check before blocking concurrent workflows - Wrap workflow execution in try-catch to ensure failure is recorded - Add /workflow cancel subcommand to command handler - Update test to match new error handling behavior Fixes coleam00#232 * docs: Add /workflow cancel command to documentation * Improve error handling and add comprehensive tests for stale workflow cleanup Error handling improvements: - Add workflow ID and error context to updateWorkflowActivity logs - Add stack trace, error name, and cause to top-level catch block - Separate DB failure recording from file logging for clearer error messages - Add try-catch around staleness cleanup with user-facing error message - Check sendCriticalMessage return value and log when user not notified Test coverage additions: - Add staleness detection tests (stale vs non-stale, fallback to started_at) - Add /workflow cancel command tests - Add updateWorkflowActivity function tests (including non-throwing behavior) All 845 tests pass, type-check clean, lint clean.
Tyone88
pushed a commit
to Tyone88/Archon
that referenced
this pull request
Apr 16, 2026
* Fix: PR worktrees use actual branch for same-repo PRs (coleam00#232) When creating a worktree for a PR review, the system was always creating a synthetic branch (`pr-N-review`) instead of using the PR's actual branch. This caused confusion when pushing changes back to the PR, as commits went to an orphan branch instead of updating the PR. Changes: - Add `isForkPR` field to IsolationHints and IsolationRequest - Add fork detection in GitHub adapter (compares head.repo vs base.repo) - Update createFromPR() to use actual branch for same-repo PRs - Fork PRs still use synthetic branch (can't push to forks anyway) - Update generateBranchName() to return actual PR branch for same-repo PRs - Add tests for same-repo vs fork PR behavior Fixes coleam00#232 * docs: Update PR worktree behavior documentation for fork vs same-repo PRs * Address PR review findings: error handling and test coverage 1. **Error handling improvements**: - Add `prFetchFailed` flag to `IsolationHints` for degraded mode detection - Distinguish transient vs non-transient failures in PR fetch error handling - Make upstream tracking failure non-fatal (worktree still usable) 2. **Documentation**: - Add comment clarifying deleted fork edge case (null head.repo) 3. **Test coverage**: - Add fork detection unit tests (same-repo, fork, deleted fork, case sensitivity) - Add orchestrator integration tests for isForkPR pass-through Addresses review feedback from PR coleam00#238. * Simplify error handling in PR fetch logic - Remove code duplication in logging branches - Use dynamic function selection for log level - Remove redundant boolean fields from log output - Consolidate comments
joaobmonteiro
pushed a commit
to joaobmonteiro/Archon
that referenced
this pull request
Apr 26, 2026
…oleam00#237) * Fix: Add stale workflow cleanup and defense-in-depth error handling Problem: Workflows could get stuck in "running" state indefinitely when the async generator disconnected but the AI subprocess continued working. This blocked new workflow invocations with "Workflow already running" errors. Root cause: No cleanup mechanism existed for workflows that failed to complete due to disconnection between the executor and the Claude SDK. Solution (defense-in-depth): 1. Activity-based staleness detection: Workflows inactive for 15+ minutes are auto-failed when a new workflow is triggered on the same conversation 2. Top-level error handling: All errors in workflow execution are caught and the workflow is properly marked as failed (prevents stuck state) 3. Manual cancel command: /workflow cancel lets users force-fail stuck workflows immediately Changes: - Add last_activity_at column via migration for staleness tracking - Add updateWorkflowActivity() to track activity during execution - Add staleness check before blocking concurrent workflows - Wrap workflow execution in try-catch to ensure failure is recorded - Add /workflow cancel subcommand to command handler - Update test to match new error handling behavior Fixes coleam00#232 * docs: Add /workflow cancel command to documentation * Improve error handling and add comprehensive tests for stale workflow cleanup Error handling improvements: - Add workflow ID and error context to updateWorkflowActivity logs - Add stack trace, error name, and cause to top-level catch block - Separate DB failure recording from file logging for clearer error messages - Add try-catch around staleness cleanup with user-facing error message - Check sendCriticalMessage return value and log when user not notified Test coverage additions: - Add staleness detection tests (stale vs non-stale, fallback to started_at) - Add /workflow cancel command tests - Add updateWorkflowActivity function tests (including non-throwing behavior) All 845 tests pass, type-check clean, lint clean.
joaobmonteiro
pushed a commit
to joaobmonteiro/Archon
that referenced
this pull request
Apr 26, 2026
* Fix: PR worktrees use actual branch for same-repo PRs (coleam00#232) When creating a worktree for a PR review, the system was always creating a synthetic branch (`pr-N-review`) instead of using the PR's actual branch. This caused confusion when pushing changes back to the PR, as commits went to an orphan branch instead of updating the PR. Changes: - Add `isForkPR` field to IsolationHints and IsolationRequest - Add fork detection in GitHub adapter (compares head.repo vs base.repo) - Update createFromPR() to use actual branch for same-repo PRs - Fork PRs still use synthetic branch (can't push to forks anyway) - Update generateBranchName() to return actual PR branch for same-repo PRs - Add tests for same-repo vs fork PR behavior Fixes coleam00#232 * docs: Update PR worktree behavior documentation for fork vs same-repo PRs * Address PR review findings: error handling and test coverage 1. **Error handling improvements**: - Add `prFetchFailed` flag to `IsolationHints` for degraded mode detection - Distinguish transient vs non-transient failures in PR fetch error handling - Make upstream tracking failure non-fatal (worktree still usable) 2. **Documentation**: - Add comment clarifying deleted fork edge case (null head.repo) 3. **Test coverage**: - Add fork detection unit tests (same-repo, fork, deleted fork, case sensitivity) - Add orchestrator integration tests for isForkPR pass-through Addresses review feedback from PR coleam00#238. * Simplify error handling in PR fetch logic - Remove code duplication in logging branches - Use dynamic function selection for log level - Remove redundant boolean fields from log output - Consolidate comments
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pull Request
Summary
This PR addresses a critical configuration issue where users accidentally use Supabase ANON (public) keys instead of SERVICE keys, causing database write failures. It adds backend validation to detect and prevent this misconfiguration, while also simplifying frontend state management following KISS principles.
Changes Made
Type of Change
Affected Services
Testing
Test Evidence
Checklist
Breaking Changes
None - the system remains backward compatible while adding validation warnings.
Additional Notes
Key Improvements:
Files Added:
archon-ui-main/src/components/BackendStartupError.tsx- Error display componentpython/tests/test_supabase_validation.py- Comprehensive validation testsCritical Fixes Applied:
python-jose(already in dependencies) instead of requiring PyJWTThe implementation follows the "warn but don't break" approach - providing helpful validation while maintaining backward compatibility.