Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 31 additions & 16 deletions .agent-loop/LOOP_STATE.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,18 +4,16 @@

- Active initiative: `WS-POL-001` - Submission Artifact Policy Foundation
- Active planning chunk: none
- Active implementation chunk: `WS-POL-001-09` - OpenAI Agents SDK Only Project
Setup Runtime
- Branch: `codex/ws-pol-001-09-openai-agent-sdk-only`
- Status: `WS-POL-001-09` is in implementation and internal review. This chunk
removes the production `local_fixture` project setup runtime and the old
runtime selector so automatic project setup only uses the OpenAI Agents SDK
runtime behind the Workstream project-agent port.
- Last merged implementation SHA: `0c32c97`
- Last merge commit: `aea7024`
- Current gate: deterministic verification and internal reviewer fanout for
`WS-POL-001-09`
- Next chunk: inactive until `WS-POL-001-09` reaches a human checkpoint
- Active implementation chunk: `WS-POL-001-10` - Pre-Submit Live Drill Hardening
- Branch: `codex/ws-pol-001-10-pre-submit-hardening`
- Status: `WS-POL-001-10` is open as PR #72. Implementation and internal
review are complete; CodeRabbit follow-up fixes are addressed locally and the
branch is awaiting pushed CI reruns and the human merge checkpoint.
- Last merged implementation SHA: `8a524de`
- Last merge commit: `8a524de`
- Current gate: PR #72 external checks after evidence rebind, then human merge
decision
- Next chunk: inactive until `WS-POL-001-10` reaches a human checkpoint

## Operating Rule

Expand All @@ -38,10 +36,17 @@ through Celery. It did not redesign post-submit policy, review, revision,
payment, reputation, blockchain integrations, frontend behavior, or task
submission runtime.

The active `WS-POL-001-09` chunk is a corrective hardening chunk for the project
setup runtime boundary. It removes the production fixture adapter and does not
change task, checker, post-submit, review, revision, payment, reputation,
blockchain, frontend, or object-storage behavior.
The merged `WS-POL-001-09` chunk was a corrective hardening chunk for the
project setup runtime boundary. It removed the production fixture adapter and
did not change task, checker, post-submit, review, revision, payment,
reputation, blockchain, frontend, or object-storage behavior.

The active `WS-POL-001-10` chunk is a corrective hardening chunk for the
pre-submit live API drill. It fixes guide-version conflict mapping, guide-create
source snapshot capture, active-guide checker summary visibility, worker
self-profile onboarding, and failed pre-submit audit evidence. It does not
change post-submit policy, review, revision, payment, reputation, blockchain,
frontend, or agent-runtime behavior.

## Last Review State

Expand Down Expand Up @@ -94,3 +99,13 @@ blockchain, frontend, or object-storage behavior.
- `WS-POL-001-08` external review response is tracked at `.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/reviews/WS-POL-001-08-external-review-response.md`.
- `WS-POL-001-08` PR trust bundle is tracked at `.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/reviews/WS-POL-001-08-pr-trust-bundle.md`.
- PR #69 merged into `main` as `aea7024`.
- `WS-POL-001-09` started on branch `codex/ws-pol-001-09-openai-agent-sdk-only`
after the user's explicit correction to remove the production fixture runtime.
- `WS-POL-001-09` internal review evidence is tracked at `.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/reviews/WS-POL-001-09-internal-review-evidence.md`.
- `WS-POL-001-09` external review response is tracked at `.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/reviews/WS-POL-001-09-external-review-response.md`.
- `WS-POL-001-09` PR trust bundle is tracked at `.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/reviews/WS-POL-001-09-pr-trust-bundle.md`.
- PR #71 merged into `main` as `8a524de`.
- `WS-POL-001-10` started after the user's explicit start signal for the first
five pre-submit hardening fixes from the live API drill.
- PR #72 is open from `codex/ws-pol-001-10-pre-submit-hardening`; CodeRabbit
follow-up fixes are applied locally and require CI rerun after push.
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,15 @@
## Current Status

`WS-POL-001-01`, `WS-POL-001-02`, `WS-POL-001-03`, `WS-POL-001-04`,
`WS-POL-001-05`, `WS-POL-001-06`, `WS-POL-001-07`, and `WS-POL-001-08` are
merged to `main`. `WS-POL-001-09` is active on
`codex/ws-pol-001-09-openai-agent-sdk-only` after the user's explicit correction
to remove the production fixture runtime and keep project setup on the OpenAI
Agents SDK runtime.
`WS-POL-001-05`, `WS-POL-001-06`, `WS-POL-001-07`, `WS-POL-001-08`, and
`WS-POL-001-09` are merged to `main`. `WS-POL-001-10` is open as PR #72 from
`codex/ws-pol-001-10-pre-submit-hardening` after the user's explicit start
signal for the first five pre-submit hardening fixes from the real Terminal
Benchmark API drill.

## Active Chunk

`WS-POL-001-09` - OpenAI Agents SDK Only Project Setup Runtime.
`WS-POL-001-10` - Pre-Submit Live Drill Hardening.

## Chunk Status

Expand All @@ -25,13 +25,14 @@ Agents SDK runtime.
| `WS-POL-001-06` | Merged | `codex/ws-pol-001-06-terminal-benchmark-drill` | 67 | Hardens the Terminal Benchmark proof harness and removes stale project guide/payment contracts before continuing pre-submit checker work. |
| `WS-POL-001-07` | Merged | `codex/ws-pol-001-07-task-contract-cleanup` | 68 | Removes task-owned `required_files`/`required_evidence` from request/response/model/migration and keeps artifact requirements project-policy driven. |
| `WS-POL-001-08` | Merged | `codex/ws-pol-001-08-celery-project-setup` | 69 | Makes guide/source capture enqueue Celery pre-submit setup automatically: sufficiency first, blocked stops, draft submission artifact policy next; removes remaining construction-state compatibility surfaces. |
| `WS-POL-001-09` | In review | `codex/ws-pol-001-09-openai-agent-sdk-only` | - | Removes the production `local_fixture` project setup runtime and old runtime selector; keeps deterministic test behavior in explicit test-local fakes only. |
| `WS-POL-001-09` | Merged | `codex/ws-pol-001-09-openai-agent-sdk-only` | 71 | Removes the production `local_fixture` project setup runtime and old runtime selector; keeps deterministic test behavior in explicit test-local fakes only. |
| `WS-POL-001-10` | PR open; CodeRabbit fixes applied locally | `codex/ws-pol-001-10-pre-submit-hardening` | 72 | Hardens duplicate guide-version conflicts, guide-create source snapshots, active-guide checker summaries, worker self-profile onboarding, and failed pre-submit audit evidence. |

## Blockers

| Blocker | Owner | Next action |
|---|---|---|
| None | - | Complete deterministic verification and internal review for `WS-POL-001-09`. |
| None | - | Push evidence-rebound follow-up, rerun PR #72 CI, then human checkpoint for `WS-POL-001-10`. |

## Follow-Ups

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,150 @@
# Chunk Contract: WS-POL-001-10 - Pre-Submit Live Drill Hardening

## Parent initiative

WS-POL-001 - Submission Artifact Policy Foundation

## Goal

Fix the concrete pre-submit setup and intake gaps found during the real
Terminal Benchmark API drill, without expanding into post-submit review,
revision, payment, or agent-runtime redesign.

## Why this chunk exists

The live drill proved the project guide -> agent setup -> policy approval ->
task lock -> pre-submit path, but it also exposed several places where the API
still behaved like an internal test harness instead of a real operator/worker
workflow. This chunk hardens those seams before we continue post-submit work.

## Approved plan reference

- INTENT:
`.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/INTENT.md`
- PLAN:
`.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/PLAN.md`
- CHUNK_MAP:
`.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/CHUNK_MAP.md`

## Risk class

L1

## SLA

P1

## Allowed files

```text
backend/app/modules/projects/schemas.py
backend/app/modules/projects/service.py
backend/app/modules/tasks/router.py
backend/app/modules/tasks/schemas.py
backend/app/modules/tasks/service.py
backend/tests/test_projects.py
backend/tests/test_tasks.py
docs/architecture_data_model.md
docs/architecture_lockdown.md
docs/decision_0011_submission_artifact_policy_drives_pre_submit.md
docs/spec_chunk_4_task_queue_assignment.md
.agent-loop/LOOP_STATE.md
.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/STATUS.md
.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/chunks/WS-POL-001-10-pre-submit-live-drill-hardening.md
.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/reviews/WS-POL-001-10-*
```

## Not allowed

```text
backend/alembic/**
backend/app/adapters/project_agents/**
backend/app/interfaces/project_agents.py
backend/app/modules/checkers/**
backend/app/modules/projects/models.py
backend/app/modules/projects/repository.py
backend/app/modules/tasks/models.py
backend/app/modules/tasks/repository.py
docs/** except the explicitly allowed files above
.github/workflows/**
demos/**
frontend/**
review lifecycle implementation
revision lifecycle implementation
payment/reputation/blockchain code
post-submit checker policy redesign
agent runtime provider replacement
new scripts or fake local fixtures
```

## Acceptance criteria

- [ ] Duplicate guide versions return a mapped conflict response instead of an
unhandled database error.
- [ ] Project guide creation can include source-snapshot items, including
representative task examples, so the automatic sufficiency and derivation
agents receive the same material captured at guide setup time.
- [ ] The active-guide response exposes project pre-submit checker names and
checker configs, while still excluding the compiled checker bundle body.
- [ ] Workers can create or refresh their own active worker profile through a
public authenticated worker API before claiming a task; workers without a
profile remain blocked from claiming.
- [ ] A failed pre-submit submission attempt creates no submission version but
writes a durable task audit event containing the structured checker
result for project operators.
- [ ] Request bodies remain fail-closed through Pydantic `extra="forbid"`; no
legacy project guide artifact fields are reintroduced.

## Verification commands

```bash
cd backend && .venv/bin/python -m ruff check app/modules/projects/schemas.py app/modules/projects/service.py app/modules/tasks/router.py app/modules/tasks/schemas.py app/modules/tasks/service.py tests/test_projects.py tests/test_tasks.py
cd backend && .venv/bin/python -m pytest tests/test_projects.py -k 'duplicate_guide_version_returns_conflict or guide_creation_accepts_source_snapshot_items_for_agent_material or guide_activation_and_active_guide_retrieval' -q
cd backend && .venv/bin/python -m pytest tests/test_tasks.py -k 'worker_can_create_profile_before_claiming_task or worker_without_profile_cannot_claim_ready_task or pre_submit_failure_writes_audit_event_without_submission' -q
cd backend && .venv/bin/docstr-coverage app/modules/projects app/modules/tasks --config .docstr.yaml
python3 scripts/check_stale_workstream_wording.py
python3 scripts/check_markdown_links.py
git diff --check
```

## Required reviewers

Every listed reviewer must end with one exact result value:

- `PASS`
- `PASS AFTER FIXES`
- `PASS WITH LOW RISKS`
- `N/A - with approved reason`

Required:

- [ ] senior engineering
- [ ] QA/test
- [ ] security/auth
- [ ] product/ops
- [ ] architecture
- [ ] reuse/dedup
- [ ] test delta

## Human review focus

- The worker profile endpoint is authenticated and worker-owned, not a hidden
seed path.
- Guide creation source items are captured as immutable snapshot material and
do not revive legacy guide-owned artifact fields.
- Failed pre-submit attempts remain user-facing as
`pre_submission_checker_failed`, create no submission row, and leave operator
audit evidence.
- Active-guide output gives enough checker visibility for operators without
leaking the compiled bundle body.

## Stop conditions

Stop and escalate if:

- fixing any item requires database migrations
- the project-agent runtime contract needs to change
- post-submit/review/revision/payment scope is required
- tests or CI must be weakened to pass
- same blocker remains after 2 repair attempts
- secrets or production data are needed
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# External Review Response: WS-POL-001-10

## Scope

External review feedback for PR #72: `Harden pre-submit live drill flows`.

Internal sub-agent evidence is tracked separately in:

- `.agent-loop/initiatives/WS-POL-001-submission-artifact-policy-foundation/reviews/WS-POL-001-10-internal-review-evidence.md`

## CodeRabbit Review

CodeRabbit reviewed PR #72 on 2026-07-06 and posted three actionable comments.

| Source | Finding | Severity | Status | Response |
|---|---|---:|---|---|
| CodeRabbit | Internal review evidence was not in the parser-required format; the `test delta` row and reviewed revision metadata could not pass `scripts/check_internal_review_evidence.py`. | Major | Fixed | Rebound evidence to reviewed code SHA `1b7d2e889fe1fd0460349b77c37e643a4e0c4cb0`, normalized reviewer rows to known tracks, used parseable reviewer run IDs, and limited post-review changes to evidence/status files. |
| CodeRabbit | `POST /api/v1/workers/me/profile` used `response_model_exclude_none=True`, dropping required nullable `display_name` and `email` fields. | Minor | Fixed | Removed `response_model_exclude_none=True` from the route and added `test_worker_profile_response_includes_nullable_identity_fields`. |
| CodeRabbit | `POST /api/v1/workers/me/profile` was documented in Security/Auth but missing from the chunk 4 endpoint inventory. | Minor | Fixed | Added the endpoint to `docs/spec_chunk_4_task_queue_assignment.md` under API Impact. |

## Verification

```bash
cd backend && .venv/bin/python -m ruff check tests/test_tasks.py app/modules/tasks/router.py
cd backend && .venv/bin/python -m pytest tests/test_tasks.py -k 'worker_can_create_profile_before_claiming_task or worker_profile_response_includes_nullable_identity_fields or worker_profile_request_is_fail_closed_and_validated or worker_profile_requires_worker_role or worker_without_profile_cannot_claim_ready_task or pre_submit_failure_writes_audit_event_without_submission' -q
python3 scripts/check_markdown_links.py docs/spec_chunk_4_task_queue_assignment.md
python3 scripts/check_stale_workstream_wording.py
git diff --check
```

Results:

- ruff: passed.
- Focused worker/pre-submit task tests: 6 passed, 59 deselected.
- Markdown link check: passed for 10 changed Markdown files.
- Stale wording scan: passed.
- Diff whitespace check: passed.

## Remaining External State

GitHub Actions and CodeRabbit must rerun after this response and fix are pushed.
Loading
Loading