- planner: filter CI and dev metrics by project name to prevent cross-project pollution
- planner: replace fragile awk JSONL filter with jq select()
- supervisor: add codeberg_count_paginated() helper; replace hardcoded limit=50 dev-metric API calls with paginated counts so projects with >50 issues report accurate blocked-ratio data
- supervisor: add 24h age filter to CI metric SQL query so stale pipelines are not re-emitted with a fresh timestamp
- supervisor: replace fragile awk key-order-dependent JSON filter in rotate_metrics() with jq select(); add safety guard to prevent overwriting file with empty result on parse failure
- supervisor: move mkdir -p for metrics dir to startup (once) instead of every emit_metric() call
- supervisor: guard _RAM_TOTAL_MB against empty value in bash arithmetic
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- supervisor-poll.sh: append structured JSONL metrics on every poll
- infra metric (ram_used_pct, disk_used_pct, swap_mb) after Layer 1 checks
- ci metric (pipeline id, duration_min, status) per project via wpdb query
- dev metric (issues_in_backlog, issues_blocked, pr_open) per project via Codeberg API
- rotate_metrics() trims metrics/supervisor-metrics.jsonl to last 30 days on startup
- planner-agent.sh: reads last 7 days of metrics before Phase 2 gap analysis
- computes avg CI duration, success rate, RAM/disk utilization, blocked ratio
- injects summary into gap analysis prompt as "Operational metrics" section
- instructs planner to create optimization issues when metrics conflict with VISION.md
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
dev-poll.sh had 5 places checking CI_STATE='success', all blocking
projects without CI. Extracted ci_passed() helper that treats
empty/pending/unknown as pass when WOODPECKER_REPO_ID=0.
Don't start new issues while open PRs are waiting for review/CI.
This prevents dev-agent from churning through backlog issues
without reviews landing first.
Projects with woodpecker_repo_id=0 (like disinto) have no CI status.
Review-poll treated empty CI state as failure and skipped all PRs.
Now treats empty/pending CI as pass when no CI is configured.
TMPDIR is not guaranteed to be set. Replaced with /tmp/ directly.
This caused harb dev-agent to crash when posting refusal comments,
leaving issues stuck in a retry loop.
- Add RESOURCES.example.md: committed template showing Compute/Domains/Accounts/Budget structure
- Gitignore RESOURCES.md so local infrastructure data is never committed
- Planner phase 2 reads RESOURCES.md from factory root when present
- Planner prompt instructs Claude to reference specific resource aliases in operational issues
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Hardcoded /tmp/dev-agent.lock meant harb and disinto dev-polls shared
a lock — one project's running agent blocked the other. Now uses
/tmp/dev-agent-{project}.lock and dev-agent-{project}.log.
Implements the vault subsystem: a JSONL queue and gate agent that sits
between agent output and irreversible external actions (emails, posts,
API calls, charges).
New files:
- vault/vault-poll.sh: cron entry (*/30), three phases: retry approved,
timeout escalations (48h), invoke vault-agent for new pending actions
- vault/vault-agent.sh: claude -p wrapper that classifies and routes
actions based on risk × reversibility routing table
- vault/vault-fire.sh: two-phase dispatcher (pending→approved→fired)
with per-action locking and webhook-call handler
- vault/vault-reject.sh: moves actions to rejected/ with reason + timestamp
- vault/PROMPT.md: vault-agent system prompt with routing table
Modified:
- lib/matrix_listener.sh: new vault dispatch branch for APPROVE/REJECT
replies to escalation threads
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The broad regex `(?:^|\n)\s*-\s*#\K[0-9]+` matched ANY bullet with #NNN,
including ## Related sections. This caused #893 (and likely others) to be
permanently blocked by sibling issues that aren't actual dependencies.
Now only extracts deps from:
- Inline 'depends on #NNN' / 'blocked by #NNN' phrases
- ## Dependencies / ## Depends on / ## Blocked by sections
This matches the same logic used by dev-poll.sh get_deps().
Adds PRIORITY_blockers_starving_factory detection: scans backlog issues'
deps, finds any that are open but not labeled backlog, and puts them
at the top of the Claude prompt as highest priority for promotion.
Previously, gardener promoted random tech-debt issues while the actual
blockers (e.g. #650, #563, #714, #743) were ignored, leaving all
backlog items permanently stuck.
Replace lib/parse-deps.py with lib/parse-deps.sh to keep the toolchain
all-bash. Rewrite supervisor P3b cycle detection and P3c stale dep check
as pure bash using associative arrays and DFS.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Single source of truth for dependency parsing, replacing three copies:
- dev-poll.sh get_deps() now calls parse-deps.py
- supervisor P3b/P3c import parse_deps() via importlib
Supports stdin, argument, and --json modes for different callers.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add three new supervisor checks:
- P2c: alert when dev-agent reports "no ready issues" for 6+ consecutive polls
- P3b: detect circular dependency deadlocks via DFS cycle detection
- P3c: flag backlog issues blocked by deps open >30 days
Update supervisor PROMPT.md with guidance for Claude to resolve circular deps
by reading code context, and handle stale deps by checking relevance.
Gardener prompt now forbids bidirectional deps between sibling issues and
requires ## Related (not ## Dependencies) for cross-references.
Closes#16, Closes#17
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The supervisor agent was confusingly named "factory" (same as the
project). Rename directory, script, log, lock, status, and escalation
files. Update all references across scripts and docs.
FACTORY_ROOT env var unchanged (refers to project root, not agent).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
These docs never existed — gardener and review-pr referenced them
as if they did. AGENTS.md tree is now the single architecture
reference for all agents.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Explains how to seed the AGENTS.md tree with watermarks before the
first planner run to avoid the first-run flood. Also adds planner
to cron schedule and lifecycle diagram.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Remove STATE_FILE variable and all STATE.md references from phase 2
- Restore matrix_send for gap analysis issue creation
- Replace broad `git add -A "*.md"` with targeted `find -name AGENTS.md`
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Phase 1 rewritten:
- Claude gets --dangerously-skip-permissions to navigate code, read
diffs, and update AGENTS.md files directly
- Per-file <!-- last-reviewed: SHA --> watermarks replace global marker
- Sub-directory AGENTS.md files discovered and updated independently
- ~200 line convention enforced via prompt
- Changes committed on branch and PR'd
Phase 2 now reads AGENTS.md tree + STATE.md for gap analysis.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
STATE.md was a machine-generated system description that was always
worse than the human-curated AGENTS.md. Killed STATE.md entirely.
Phase 1: Reviews recent git history against AGENTS.md, suggests
updates via PR to keep the file tree, conventions, and architecture
descriptions current.
Phase 2: Gap analysis — compares AGENTS.md + VISION.md + open issues,
creates backlog issues for missing capabilities.
Add unconditional worktree cleanup to factory supervisor:
- Remove review + dev worktrees older than 2h with no active agent
- Use git worktree remove --force instead of rm -rf
- Run git worktree prune every poll to clear dangling refs
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Feeds AGENTS.md, PRODUCT-TRUTH.md, ARCHITECTURE.md, UX-DECISIONS.md
into the prompt so the planner understands the system at a conceptual
level. Rewritten prompt emphasizes describing the system, not the
changes. Good/bad examples guide output style.
