979 commits

This branch

This branch

All branches

Author	SHA1	Message	Date
Agent	353b3d68d5	fix: feat: lib/vault.sh — helper for agents to create vault PRs on ops repo (#75)	2026-03-31 21:17:47 +00:00
dev-qwen	4be719bcef	Merge pull request 'fix: feat: define vault action TOML schema for PR-based approval (#74)' (#80) from fix/issue-74 into main	2026-03-31 21:08:48 +00:00
Agent	af8b675b36	fix: feat: define vault action TOML schema for PR-based approval (#74) ... - Add vault/SCHEMA.md documenting the TOML schema for vault actions - Add validate_vault_action() function to vault/vault-env.sh that: - Validates required fields (id, formula, context, secrets) - Validates secret names against allowlist - Rejects unknown fields - Validates formula exists in formulas/ - Create vault/validate.sh script for CLI validation - Add example TOML files in vault/examples/: - webhook-call.toml: Example calling external webhook - promote.toml: Example promoting build/artifact - publish.toml: Example publishing to ClawHub	2026-03-31 20:58:51 +00:00
dev-qwen	29717f767b	Merge pull request 'fix: chore: tear down old vault scripts — prepare for PR-based vault (#73)' (#79) from fix/issue-73 into main	2026-03-31 20:48:44 +00:00
Agent	aad21dc084	fix: chore: tear down old vault scripts — prepare for PR-based vault (#73)	2026-03-31 20:38:05 +00:00
dev-qwen	bfce7a9a06	Merge pull request 'fix: chore(26c): update AGENTS.md and docs — remove action-agent references (#67)' (#78) from fix/issue-67 into main	2026-03-31 20:23:40 +00:00
Agent	e60e6bc3ae	fix: remove action label from dev-poll.sh guard patterns	2026-03-31 20:20:39 +00:00
Agent	2c62674c7c	fix: chore(26c): update AGENTS.md and docs — remove action-agent references (#67)	2026-03-31 20:09:52 +00:00
dev-qwen	083b0cc829	Merge pull request 'fix: chore(26a): delete action-agent.sh, action-poll.sh, and action/AGENTS.md (#65)' (#72) from fix/issue-65 into main	2026-03-31 19:58:37 +00:00
Agent	d9a6030127	fix: remove remaining action-agent references from docs and configs ... - Remove action-agent card from site/docs/architecture.html - Remove action/ directory line from architecture.html - Update formula comments to reference dispatcher instead of action-agent - Remove action/action.log from log scan loops in preflight.sh and collect-metrics.sh - Remove action from find command in agent-smoke.sh	2026-03-31 19:55:00 +00:00
Agent	dc545a817b	fix: chore(26a): delete action-agent.sh, action-poll.sh, and action/AGENTS.md (#65) ... - Delete action/ directory and all its contents - Remove action-bot from bin/disinto bot token mapping and collaborator lists - Remove FORGE_ACTION_TOKEN from lib/env.sh and .env.example - Remove action-bot from FORGE_BOT_USERNAMES in lib/env.sh and .env.example - Update .woodpecker/agent-smoke.sh to remove action script checks - Update AGENTS.md: remove action agent from description and table - Update lib/AGENTS.md: remove action-agent references from sourced by columns - Update docs/PHASE-PROTOCOL.md: remove action-agent reference - Update docs/AGENT-DESIGN.md: remove action-agent from agent table - Update planner/AGENTS.md: update action formula execution reference - Update README.md: update formula-driven execution reference Part of #26 — retire action-agent system.	2026-03-31 19:42:25 +00:00
dev-qwen	333a6dcee7	Merge pull request 'fix: Bug: docker-compose.yml has escaped backslashes in ${HOME} variables (#62)' (#71) from fix/issue-62 into main	2026-03-31 19:33:33 +00:00
Agent	01943edfc3	fix: Bug: docker-compose.yml has escaped backslashes in ${HOME} variables (#62)	2026-03-31 19:29:30 +00:00
dev-qwen	842e529004	Merge pull request 'fix: SECURITY: SOPS decryption without integrity verification (#61)' (#70) from fix/issue-61 into main	2026-03-31 19:27:55 +00:00
Agent	39ab881b11	fix: SECURITY: SOPS decryption without integrity verification (#61) ... - Add sops --verify to validate GCM ciphertext tag before decryption - Treat all decryption failures as fatal errors (exit 1) instead of warnings - Added integrity check comment for clarity - Ensures tampered .env.enc files are rejected before use	2026-03-31 19:21:49 +00:00
dev-qwen	16b0a9a318	Merge pull request 'fix: SECURITY: Unquoted curl URLs with variables in API calls (#60)' (#69) from fix/issue-60 into main	2026-03-31 18:54:09 +00:00
Agent	318910265e	fix: SECURITY: Unquoted curl URLs with variables in API calls (#60) ... Add URL validation helper to prevent URL injection attacks in API calls. - Added validate_url() helper in lib/env.sh to validate URL format - Added validation to forge_api() to prevent URL injection - Added validation to woodpecker_api() to prevent URL injection - Added validation to ci-debug.sh api() function - All URLs are already properly quoted with "${VAR}/..." patterns - This adds defense-in-depth by validating URL variables before use	2026-03-31 18:48:29 +00:00
dev-qwen	357c25c7f6	Merge pull request 'fix: SECURITY: Replace eval usage with safer alternatives (#59)' (#63) from fix/issue-59 into main	2026-03-31 18:28:26 +00:00
Agent	b64859a2a5	fix: SECURITY: Replace eval usage with safer alternatives (#59)	2026-03-31 18:21:55 +00:00
dev-bot	92812ccc34	docs: rewrite SKILL.md to focus on external project setup (#64) ... Restructures SKILL.md to: - Remove self-development guidance — focus on external project setup - Clarify that `disinto init` accepts remote URLs or owner/name slugs - Add project configuration TOML format documentation with field descriptions - Revise mirror setup section to reference project TOML Closes #822 and #823 on Codeberg. --- _Upstream: codeberg johba/disinto PR #824_ Co-authored-by: johba <johba@users.codeberg.org> Reviewed-on: #64 Reviewed-by: review-bot <review-bot@disinto.local> Co-authored-by: dev-bot <dev-bot@disinto.local> Co-committed-by: dev-bot <dev-bot@disinto.local>	2026-03-31 18:17:38 +00:00
dev-qwen	fd1a8555f6	Merge pull request 'fix: refactor: rename vault-runner → runner and vault-run → run (#43)' (#58) from fix/issue-43 into main	2026-03-29 12:49:08 +00:00
Agent	4bcd2c275b	fix: refactor: rename vault-runner → runner and vault-run → run (#43)	2026-03-29 12:43:18 +00:00
dev-qwen	9335681a72	Merge pull request 'fix: fix: save full Claude session log on no_push for debugging (#49)' (#56) from fix/issue-49 into main	2026-03-29 11:45:22 +00:00
dev-qwen	a049b2c486	Merge pull request 'fix: fix: dev-poll.sh in-progress scan falls through on waiting PRs (#55)' (#57) from fix/issue-55 into main	2026-03-29 11:42:40 +00:00
Agent	d6d8093fa9	fix: fix: save full Claude session log on no_push for debugging (#49)	2026-03-29 11:33:21 +00:00
Agent	b49309141b	fix: fix: dev-poll.sh in-progress scan falls through on waiting PRs (#55)	2026-03-29 11:30:48 +00:00
dev-qwen	16fc7979c5	Merge pull request 'fix: feat: task dispatcher — poll ops repo and launch runners (#45)' (#54) from fix/issue-45 into main	2026-03-29 11:09:30 +00:00
Agent	6be0eee20b	fix: dispatcher — fix clone URL and secret injection ... - Use FORGE_URL/FORGE_OPS_REPO for clonable URL - Pass -e SECRET_NAME without value (Docker inherits from env) - Simplify logging to hide all -e flags entirely	2026-03-29 11:00:58 +00:00
Agent	649a893184	fix: dispatcher — remove unused variable ... - Remove unused secret_val variable to pass shellcheck	2026-03-29 10:42:44 +00:00
Agent	6e34b13a05	fix: dispatcher — address AI review feedback ... - Redact secrets in logs (=***) - Fix -e flags before service name in docker compose run - Use FORGE_OPS_REPO for cloning ops repo - Refresh ops repo in each poll loop iteration - Use array-based command execution to prevent shell injection - Load vault secrets after env.sh for dispatcher access	2026-03-29 10:21:54 +00:00
Agent	c9ef5eb98b	fix: feat: task dispatcher — poll ops repo and launch runners (#45)	2026-03-29 09:15:01 +00:00
dev-qwen	fb4ffe9fb6	Merge pull request 'fix: feat: custom edge container Dockerfile with dispatcher dependencies (#44)' (#53) from fix/issue-44 into main	2026-03-29 09:05:47 +00:00
Agent	8ab1009b15	feat: custom edge container Dockerfile with dispatcher dependencies ... - Create docker/edge/Dockerfile with bash, jq, curl, git, docker-cli - Create docker/edge/dispatcher.sh as placeholder no-op loop - Update edge service to build from ./docker/edge instead of caddy:alpine image - Mount Docker socket into edge container for dispatcher access - Mount dispatcher.sh as read-only volume	2026-03-29 08:57:20 +00:00
dev-qwen	6b47f949dd	Merge pull request 'fix: fix: install shellcheck in agents Dockerfile (#48)' (#52) from fix/issue-48 into main	2026-03-29 08:44:18 +00:00
Agent	b2d3af4370	fix: install shellcheck in agents Dockerfile (#48)	2026-03-29 08:38:17 +00:00
dev-qwen	bec2e50a67	Merge pull request 'fix: secrets migrate-vault: missing post-encrypt verification step (#39)' (#51) from fix/issue-39 into main	2026-03-29 08:17:06 +00:00
Agent	711e650190	fix: secrets migrate-vault: missing post-encrypt verification step (#39)	2026-03-29 08:10:35 +00:00
johba	5bcaaf7d88	fix: preserve FORGE_TOKEN override when sourcing .env ... Same pattern as FORGE_URL — the llama container sets FORGE_TOKEN to dev-qwen token via FORGE_TOKEN_OVERRIDE, but env.sh sources .env which clobbers it back to dev-bot. All PRs and issue claims show dev-bot instead of dev-qwen, and assignee locking fails. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-29 07:56:38 +00:00
johba	f316087003	feat: nudge model when it stops without pushing ... Some models (especially local) emit end_turn prematurely. After agent_run completes, check if code was pushed. If not, resume the session with a nudge: "You stopped but did not push. Complete the implementation, commit, and push." Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-29 07:45:58 +00:00
johba	f6cb387a2e	fix: local keyword outside function in dev-agent diagnostics ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-29 07:14:10 +00:00
johba	8122f2dd5d	fix: clear stale session IDs before each llama poll ... Local llama does not support claude --resume (no server-side session storage). Stale .sid files from failed runs cause agent_run to exit instantly on every retry, creating an infinite 1-second failure loop. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-29 07:00:52 +00:00
johba	59b4cafcfc	fix: log Claude output diagnostics on no_push failure ... Save agent_run output to agent-run-last.json. On no_push, log the result text, turn count, and cost. Save full output to no-push-{issue}-{ts}.json for later analysis. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 23:03:17 +00:00
dev-bot	06da075505	Merge pull request 'fix: fix: DELETE /issues/{n}/labels/{id} uses label name instead of numeric ID (silent no-op) (#41)' (#46) from fix/issue-41 into main	2026-03-28 21:50:12 +00:00
johba	cb39cbcace	chore: gitignore smoke-init.yml to prevent agents recreating it ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 21:49:30 +00:00
johba	f3e37b1711	chore: permanently remove smoke-init.yml ... This keeps getting re-added by agents. It spins up a full Forgejo inside CI and never finishes within the timeout. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 21:49:03 +00:00
Agent	76a4d42a42	fix: fix: DELETE /issues/{n}/labels/{id} uses label name instead of numeric ID (silent no-op) (#41)	2026-03-28 21:44:11 +00:00
johba	b30252d32b	feat: llama agent runs as dev-qwen Forgejo identity ... FORGE_TOKEN_OVERRIDE in compose env sets a per-agent token. PRs, issue claims, and comments from the llama agent now show dev-qwen instead of dev-bot. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 21:00:24 +00:00
dev-bot	65ccfd730e	Merge pull request 'fix: fix: install age and sops in agents Dockerfile (#30)' (#34) from fix/issue-30 into main	2026-03-28 20:40:13 +00:00
Agent	0ccecf6ae5	fix: restore tea CLI and add sops checksum verification (#30)	2026-03-28 19:58:50 +00:00
Claude	120b3d3a4b	ci: remove docker/** from smoke-init path trigger ... The smoke-init pipeline tests `disinto init` against a Forgejo instance — it does not build or use the agents Docker image. Changes under docker/ should not trigger this workflow. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 19:58:50 +00:00