- Remove action-agent card from site/docs/architecture.html
- Remove action/ directory line from architecture.html
- Update formula comments to reference dispatcher instead of action-agent
- Remove action/action.log from log scan loops in preflight.sh and collect-metrics.sh
- Remove action from find command in agent-smoke.sh
- Add sops --verify to validate GCM ciphertext tag before decryption
- Treat all decryption failures as fatal errors (exit 1) instead of warnings
- Added integrity check comment for clarity
- Ensures tampered .env.enc files are rejected before use
Add URL validation helper to prevent URL injection attacks in API calls.
- Added validate_url() helper in lib/env.sh to validate URL format
- Added validation to forge_api() to prevent URL injection
- Added validation to woodpecker_api() to prevent URL injection
- Added validation to ci-debug.sh api() function
- All URLs are already properly quoted with "${VAR}/..." patterns
- This adds defense-in-depth by validating URL variables before use
- Use FORGE_URL/FORGE_OPS_REPO for clonable URL
- Pass -e SECRET_NAME without value (Docker inherits from env)
- Simplify logging to hide all -e flags entirely
- Redact secrets in logs (=***)
- Fix -e flags before service name in docker compose run
- Use FORGE_OPS_REPO for cloning ops repo
- Refresh ops repo in each poll loop iteration
- Use array-based command execution to prevent shell injection
- Load vault secrets after env.sh for dispatcher access
- Create docker/edge/Dockerfile with bash, jq, curl, git, docker-cli
- Create docker/edge/dispatcher.sh as placeholder no-op loop
- Update edge service to build from ./docker/edge instead of caddy:alpine image
- Mount Docker socket into edge container for dispatcher access
- Mount dispatcher.sh as read-only volume
Same pattern as FORGE_URL — the llama container sets FORGE_TOKEN
to dev-qwen token via FORGE_TOKEN_OVERRIDE, but env.sh sources .env
which clobbers it back to dev-bot. All PRs and issue claims show
dev-bot instead of dev-qwen, and assignee locking fails.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Some models (especially local) emit end_turn prematurely. After
agent_run completes, check if code was pushed. If not, resume the
session with a nudge: "You stopped but did not push. Complete the
implementation, commit, and push."
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Local llama does not support claude --resume (no server-side session
storage). Stale .sid files from failed runs cause agent_run to exit
instantly on every retry, creating an infinite 1-second failure loop.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Save agent_run output to agent-run-last.json. On no_push, log the
result text, turn count, and cost. Save full output to
no-push-{issue}-{ts}.json for later analysis.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This keeps getting re-added by agents. It spins up a full Forgejo
inside CI and never finishes within the timeout.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
FORGE_TOKEN_OVERRIDE in compose env sets a per-agent token.
PRs, issue claims, and comments from the llama agent now show
dev-qwen instead of dev-bot.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The smoke-init pipeline tests `disinto init` against a Forgejo
instance — it does not build or use the agents Docker image.
Changes under docker/ should not trigger this workflow.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Use `read -rs` to hide typed secret value from terminal
- Prompt for confirmation before overwriting an existing secret
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
