Harden pre-submit live drill flows#72
Conversation
|
Warning Review limit reached
Next review available in: 8 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (8)
📝 WalkthroughWalkthroughThis PR hardens pre-submit setup for the Terminal Benchmark API drill (WS-POL-001-10): it adds guide version conflict handling and optional source snapshots to guide creation, exposes checker names/configs on active-guide responses, introduces a worker profile upsert endpoint gating task claiming, and writes audit evidence on pre-submit checker failures. Documentation and agent-loop tracking files are updated accordingly. ChangesBackend Behavior Changes
Estimated code review effort: 3 (Moderate) | ~30 minutes Agent-Loop Process Tracking Documents
Possibly related PRs
Suggested reviewers: 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In
@.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/reviews/WS-POL-001-10-internal-review-evidence.md:
- Around line 55-67: The test delta reviewer row is missing its own
checker-required metadata, so `scripts/check_internal_review_evidence.py` cannot
validate it from the row alone. Update the `test delta` entry in the internal
review evidence table to include the required `reviewed code sha` and `reviewer
run ids` fields directly, following the same canonical structure used by the
other reviewer rows.
In `@backend/app/modules/tasks/router.py`:
- Around line 84-102: The ensure_worker_profile endpoint is excluding nullable
fields from the response, which breaks the declared contract for
WorkerProfileResponse. Remove response_model_exclude_none from the router.post
decorator on ensure_worker_profile so WorkerProfileResponse.display_name and
email are still serialized even when they are None, keeping the response shape
consistent for clients.
In `@docs/spec_chunk_4_task_queue_assignment.md`:
- Around line 122-124: The endpoint inventory is incomplete because POST
/api/v1/workers/me/profile is documented in Security/Auth but missing from API
Impact > New endpoints. Update the New endpoints list in this spec to include
POST /api/v1/workers/me/profile, keeping the wording aligned with the existing
endpoint entries and the Security/Auth description so the two sections match.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro Plus
Run ID: b62b62ad-d429-4596-8226-8d3604737339
📒 Files selected for processing (16)
.agent-loop/LOOP_STATE.md.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/STATUS.md.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/chunks/WS-POL-001-10-pre-submit-live-drill-hardening.md.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/reviews/WS-POL-001-10-internal-review-evidence.md.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/reviews/WS-POL-001-10-pr-trust-bundle.mdbackend/app/modules/projects/schemas.pybackend/app/modules/projects/service.pybackend/app/modules/tasks/router.pybackend/app/modules/tasks/schemas.pybackend/app/modules/tasks/service.pybackend/tests/test_projects.pybackend/tests/test_tasks.pydocs/architecture_data_model.mddocs/architecture_lockdown.mddocs/decision_0011_submission_artifact_policy_drives_pre_submit.mddocs/spec_chunk_4_task_queue_assignment.md
PR Trust Bundle: WS-POL-001-10
Chunk
WS-POL-001-10- Pre-Submit Live Drill HardeningGoal
Fix the concrete pre-submit setup and intake gaps found during the real
Terminal Benchmark API drill before continuing post-submit work.
Human-Approved Intent
The user explicitly asked to fix the first five pre-submit issues before moving
forward:
direct DB seeding.
representative task examples so agents are not forced to reason from guide
markdown alone.
operators.
leave durable operator audit evidence.
Chunk contract:
.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/chunks/WS-POL-001-10-pre-submit-live-drill-hardening.mdWhat Changed
GuideVersionConflictand mapped duplicate guide insert conflicts toHTTP 409.
source_snapshotto guide creation, reusing the existingsource snapshot capture and automatic setup enqueue path.
checker_namesandchecker_configsto the active-guidePreSubmitCheckerPolicySummaryResponse;compiled_bundleremains excluded.WorkerProfileUpsertRequest,WorkerProfileResponse, andPOST /api/v1/workers/me/profile.pre_submission_check_failedtask audit events for blockedsubmission-create attempts.
cases.
audit semantics.
Why It Changed
The live Terminal Benchmark drill showed the lifecycle was mostly wired, but
parts still behaved like tests rather than a real Workstream workflow. This
chunk removes those rough edges while keeping the architecture project-scoped:
one active guide/source snapshot/effective project policy/project
PreSubmitCheckerPolicy, with tasks locking references to that context.Design Chosen
_create_guide_source_snapshot_model.assignment already depend on
WorkerProfile.pre_submission_checker_failedforsubmission-create responses and
pre_submission_check_failedfor internaltask audit evidence.
bodies.
Alternatives Rejected
represent a human/API workflow.
SubmissionArtifactPolicyremains the artifact intake contract.failed pre-submit check means no valid submission exists yet.
changed public/operator behavior were updated.
Scope Control
No migrations, checker internals, project-agent runtime changes, post-submit
policy redesign, review lifecycle, revision lifecycle, payment, reputation,
blockchain, frontend, or demo behavior was changed.
Product Behavior
pre_submission_checker_failed, create no submission, and writepre_submission_check_failedaudit evidence for project operators.accept,needs_revision, andreject.Acceptance Criteria Proof
test_duplicate_guide_version_returns_conflict.test_guide_creation_accepts_source_snapshot_items_for_agent_material.test_guide_activation_and_active_guide_retrieval.test_worker_can_create_profile_before_claiming_task.test_worker_profile_request_is_fail_closed_and_validatedandtest_worker_profile_requires_worker_role.test_pre_submit_failure_writes_audit_event_without_submission.Tests/Checks Run
Result summary:
Reviewer Results
Internal review evidence:
.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/reviews/WS-POL-001-10-internal-review-evidence.mdReviewed base SHA:
8a524dec9de1fabb7ae6a605d45ae8ab3778a32cReviewed diff digest before evidence files:
67e2b7561d3688f6e588e5abe09317104da3bbd66ec97231f9f49b886801903bIntegrityErrorconcern addressed.External Review
No external PR review has been run for this local chunk yet. CodeRabbit and
GitHub Actions should run after the PR is opened.
Remaining Risks
not worth abstracting until another profile path appears.
of this chunk.
Human Review Focus
authenticated workers before claim.
product review decision.
keeping compiled bundles private.
Human Merge Ownership
Only the user can approve and merge this PR. Codex must not merge it without
explicit user approval for that specific PR.
Summary by CodeRabbit
New Features
Bug Fixes
Documentation