194 commits

Author	SHA1	Message	Date
Claude	bf2842eff8	fix: feat: stack lock protocol for singleton project stack access (#255) ... Fix python3 -c injection: pass lock_file as sys.argv[1] instead of interpolating it inside the double-quoted -c string. Removes the single-quote escape risk when project names contain special chars. Also drop the misleading "atomic" comment on the tmp+mv write. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-06 07:09:26 +00:00
Claude	139f77fdf5	fix: feat: stack lock protocol for singleton project stack access (#255) ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-06 06:30:09 +00:00
Agent	7ad1c63de3	fix: chore: remove dead tmux-based session code (agent-session.sh, phase-handler.sh) (#262) ... - Delete lib/agent-session.sh (entirely dead file with no active callers) - Delete dev/phase-handler.sh (entirely dead file with no active callers) - Update lib/formula-session.sh to remove tmux-based functions: - Removed: start_formula_session, run_formula_and_monitor, formula_phase_callback, write_compact_context, remove_formula_worktree, cleanup_stale_crashed_worktrees - Kept utility functions: acquire_cron_lock, check_memory, load_formula, profile_write_journal, formula_prepare_profile_context, build_graph_section, etc. - Update dev/phase-test.sh to inline read_phase() function (no longer sources agent-session.sh) - Update documentation: AGENTS.md, lib/AGENTS.md, dev/AGENTS.md, .woodpecker/agent-smoke.sh, docs/PHASE-PROTOCOL.md, lib/pr-lifecycle.sh - All 38 phase tests pass	2026-04-05 22:25:53 +00:00
Agent	4b47ca3c46	fix: fix: agent-sdk.sh agent_run has no session lock — concurrent claude -p crashes (#261)	2026-04-05 20:53:09 +00:00
Claude	3351bf06f0	chore: gardener housekeeping 2026-04-05	2026-04-05 18:04:54 +00:00
Agent	cbfbfef0bb	fix: fix: hire-an-agent branch protection fails — race condition after initial push (#238)	2026-04-05 17:50:58 +00:00
Agent	e4acd032f0	fix: export FORGE_REPO_OWNER from load-project.sh (#241)	2026-04-05 17:25:23 +00:00
Agent	2b4c8be245	fix: remove hardcoded 'johba' references — use dynamic project config instead (#241)	2026-04-05 17:18:04 +00:00
Agent	a2bfe1aa82	fix: fix: dev-poll does not recover stale in-progress issues — pipeline stays blocked (#224)	2026-04-05 15:29:25 +00:00
Agent	fcaa2891eb	fix: fix: agent_run nudges unnecessarily when worktree is clean and no push expected (#219)	2026-04-05 14:54:29 +00:00
Agent	c362ac1440	fix: fix: agents container missing procps package — formula-session check_memory fails (#211)	2026-04-05 14:24:20 +00:00
Agent	8184baf759	fix: fix: gardener-run.sh hardcodes LOG_FILE to read-only $SCRIPT_DIR (#210)	2026-04-05 14:15:41 +00:00
Claude	3950c7fb8f	chore: gardener housekeeping 2026-04-05	2026-04-05 13:40:45 +00:00
Agent	d03b44377d	fix: fix: forge_api_paginate crashes on invalid JSON response (#194)	2026-04-05 07:13:08 +00:00
Agent	a916904e76	fix: correct merge_when_checks_succeed to true for auto-merge (#170)	2026-04-03 06:37:13 +00:00
Agent	7b9c483477	fix: feat: vault PRs should auto-merge after approval (#170)	2026-04-03 06:29:35 +00:00
Agent	83ce8a7981	fix: feat: disinto init should set up branch protection on Forgejo (#10)	2026-04-02 21:22:37 +00:00
Agent	a2d5d71c04	fix: feat: CI log access — disinto ci-logs + dev-agent CI failure context (#136)	2026-04-02 08:20:21 +00:00
Agent	e9a4fc7b80	fix: bug: dev-agent does not clean up branch/worktree on CI exhausted or block (#115)	2026-04-01 15:12:45 +00:00
Agent	1697ab3b3e	fix: use shared formula_lessons_block() to avoid duplicate detection CI failure	2026-04-01 14:25:43 +00:00
Agent	fef058081f	fix: feat(20g): migrate all remaining agents to .profile + remove ops repo journal dirs (#90)	2026-04-01 14:16:13 +00:00
Agent	cbb9907135	fix: add architect-bot to FORGE_BOT_USERNAMES default and fix duplicate detection exclusion	2026-04-01 10:12:12 +00:00
Agent	564e2e774d	fix: feat(96a): architect-bot user + directory + run script scaffold (#99)	2026-04-01 09:53:47 +00:00
Agent	ee99f185e6	fix: feat: generic journal aspect — post-session reflection + lessons-learned context injection (#97)	2026-04-01 09:28:49 +00:00
Agent	471d24fa23	fix: feat(20e): formula evolution — agent proposes changes via PR to .profile (#88)	2026-04-01 08:42:09 +00:00
Agent	bcad5c7638	fix: correct jq array indexing for journal branch creation	2026-04-01 08:33:55 +00:00
Agent	0d2ed587c1	fix: feat(20d): branch protection on .profile repos — admin-only formula merge (#87)	2026-04-01 08:22:36 +00:00
Agent	7f68812a96	fix: feat(20b): dev-agent reads formula from .profile repo (#85)	2026-04-01 08:13:52 +00:00
Agent	ff79cb15a5	fix: feat: branch protection on ops repo — require admin approval for vault PRs (#77)	2026-04-01 06:58:18 +00:00
Agent	657b8aff36	fix: feat: lib/vault.sh — helper for agents to create vault PRs on ops repo (#75)	2026-03-31 21:33:16 +00:00
Agent	aad21dc084	fix: chore: tear down old vault scripts — prepare for PR-based vault (#73)	2026-03-31 20:38:05 +00:00
Agent	dc545a817b	fix: chore(26a): delete action-agent.sh, action-poll.sh, and action/AGENTS.md (#65) ... - Delete action/ directory and all its contents - Remove action-bot from bin/disinto bot token mapping and collaborator lists - Remove FORGE_ACTION_TOKEN from lib/env.sh and .env.example - Remove action-bot from FORGE_BOT_USERNAMES in lib/env.sh and .env.example - Update .woodpecker/agent-smoke.sh to remove action script checks - Update AGENTS.md: remove action agent from description and table - Update lib/AGENTS.md: remove action-agent references from sourced by columns - Update docs/PHASE-PROTOCOL.md: remove action-agent reference - Update docs/AGENT-DESIGN.md: remove action-agent from agent table - Update planner/AGENTS.md: update action formula execution reference - Update README.md: update formula-driven execution reference Part of #26 — retire action-agent system.	2026-03-31 19:42:25 +00:00
Agent	39ab881b11	fix: SECURITY: SOPS decryption without integrity verification (#61) ... - Add sops --verify to validate GCM ciphertext tag before decryption - Treat all decryption failures as fatal errors (exit 1) instead of warnings - Added integrity check comment for clarity - Ensures tampered .env.enc files are rejected before use	2026-03-31 19:21:49 +00:00
Agent	318910265e	fix: SECURITY: Unquoted curl URLs with variables in API calls (#60) ... Add URL validation helper to prevent URL injection attacks in API calls. - Added validate_url() helper in lib/env.sh to validate URL format - Added validation to forge_api() to prevent URL injection - Added validation to woodpecker_api() to prevent URL injection - Added validation to ci-debug.sh api() function - All URLs are already properly quoted with "${VAR}/..." patterns - This adds defense-in-depth by validating URL variables before use	2026-03-31 18:48:29 +00:00
Agent	b64859a2a5	fix: SECURITY: Replace eval usage with safer alternatives (#59)	2026-03-31 18:21:55 +00:00
Agent	4bcd2c275b	fix: refactor: rename vault-runner → runner and vault-run → run (#43)	2026-03-29 12:43:18 +00:00
johba	5bcaaf7d88	fix: preserve FORGE_TOKEN override when sourcing .env ... Same pattern as FORGE_URL — the llama container sets FORGE_TOKEN to dev-qwen token via FORGE_TOKEN_OVERRIDE, but env.sh sources .env which clobbers it back to dev-bot. All PRs and issue claims show dev-bot instead of dev-qwen, and assignee locking fails. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-29 07:56:38 +00:00
johba	f316087003	feat: nudge model when it stops without pushing ... Some models (especially local) emit end_turn prematurely. After agent_run completes, check if code was pushed. If not, resume the session with a nudge: "You stopped but did not push. Complete the implementation, commit, and push." Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-29 07:45:58 +00:00
johba	59b4cafcfc	fix: log Claude output diagnostics on no_push failure ... Save agent_run output to agent-run-last.json. On no_push, log the result text, turn count, and cost. Save full output to no-push-{issue}-{ts}.json for later analysis. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 23:03:17 +00:00
Agent	4c08b7840e	fix: fix: use Forgejo assignee as issue lock to prevent concurrent claims (#38)	2026-03-28 19:31:27 +00:00
johba	80811498e4	fix: local keyword outside function in env.sh ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 13:59:07 +00:00
johba	d82d80cabb	fix: preserve FORGE_URL when sourcing .env inside container ... source .env clobbers FORGE_URL from http://forgejo:3000 (Docker DNS) to http://localhost:3000 (unreachable inside container). Save and restore FORGE_URL around the source. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 13:58:46 +00:00
johba	a80bdde5e4	fix: cron polls get no FORGE_TOKEN — env.sh skipped .env in container ... Root cause: env.sh skipped sourcing .env when DISINTO_CONTAINER=1, assuming compose injects all env vars. But cron jobs do NOT inherit compose env vars — they only get crontab-level variables. Result: FORGE_TOKEN was empty in every cron poll. API calls returned nothing, polls silently found "no open PRs" and exited. Fix: always source .env regardless of DISINTO_CONTAINER. Compose env vars (FORGE_URL) are set in the crontab env and take precedence. Entrypoint also adds FORGE_URL to crontab env vars. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 13:43:17 +00:00
Claude	ab5f96dc96	fix: guard cd in formula_worktree_setup with || return (SC2164) ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 13:16:29 +00:00
Claude	de2e7dc1fb	fix: Migrate planner, predictor, supervisor to SDK (#6) ... Replace tmux-based run_formula_and_monitor() with synchronous agent_run() from lib/agent-sdk.sh, matching the pattern established in gardener-run.sh. Key changes per agent: - Drop agent-session.sh, use agent-sdk.sh (SID_FILE, LOGFILE) - Remove SESSION_NAME, PHASE_FILE, PHASE_POLL_INTERVAL (tmux/phase artifacts) - Strip phase protocol from prompt footer (SDK mode needs no phase signals) - Preserve all prompt composition: context blocks, memory, journal, preflight Shared helpers added to lib/formula-session.sh: - build_sdk_prompt_footer(): build_prompt_footer minus phase protocol - formula_worktree_setup(): fetch + cleanup + create worktree + EXIT trap Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 13:06:34 +00:00
openhands	8f41230fa0	fix: Migrate review-pr.sh to SDK + pr-lifecycle (#800) ... Move SID_FILE recovery into agent_recover_session() in lib/agent-sdk.sh to eliminate remaining duplicate block between dev-agent.sh and review-pr.sh. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 06:34:26 +00:00
openhands	c2e95799a0	fix: Migrate review-pr.sh to SDK + pr-lifecycle (#800) ... Extract agent_run() into shared lib/agent-sdk.sh to eliminate code duplication between dev-agent.sh and review-pr.sh (CI dedup check). Rewrite review-pr.sh from tmux-based agent-session.sh to synchronous claude -p invocations via shared agent-sdk.sh, matching the SDK pattern from dev-agent.sh (#798). Key changes: - Create lib/agent-sdk.sh with shared agent_run() function - Both dev-agent.sh and review-pr.sh now source lib/agent-sdk.sh instead of defining agent_run() inline - Replace agent-session.sh (tmux + monitor_phase_loop) with agent_run() - Add .sid file for session continuity: re-reviews resume the original session via --resume, so Claude remembers its prior review - Use worktree.sh for worktree cleanup - Remove phase file signaling — completion is automatic when claude -p returns - Keep all review business logic unchanged Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 06:32:12 +00:00
openhands	c5c24cda67	fix: Extract lib/worktree.sh — create, recover, cleanup (#797) ... Extract reusable worktree management into lib/worktree.sh: - worktree_create: git worktree add + checkout + submodules - worktree_recover: detect existing worktree, reuse or recreate - worktree_cleanup: remove worktree + clear Claude Code project cache - worktree_cleanup_stale: scan /tmp for orphaned worktrees, skip preserved - worktree_preserve: mark worktree for debugging (skip stale cleanup) Update callers: - dev-agent.sh: use worktree_create/worktree_recover/worktree_cleanup - action-agent.sh: use worktree_cleanup/worktree_preserve - formula-session.sh: delegate cleanup_stale_crashed_worktrees, use worktree_preserve - All formula agents source lib/worktree.sh Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 19:06:31 +00:00
openhands	9c172703d9	fix: refactor issue_block comment to avoid duplicate-detection false positive ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 18:31:10 +00:00
openhands	694fff5ebb	fix: Extract lib/issue-lifecycle.sh — claim, release, block, deps (#796) ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 18:28:17 +00:00