Skip to content

fix(build): drop hardcoded /root Go paths from Makefile (lr-3458)#11

Merged
clagentic-merger[bot] merged 1 commit into
mainfrom
fix/lr-3458-makefile-root-paths
Jul 4, 2026
Merged

fix(build): drop hardcoded /root Go paths from Makefile (lr-3458)#11
clagentic-merger[bot] merged 1 commit into
mainfrom
fix/lr-3458-makefile-root-paths

Conversation

@clagentic-builder

Copy link
Copy Markdown
Contributor

Remove hardcoded /root Go paths from the shipped Makefile so the build works for downstream users of this FSL-licensed shared product (product-hygiene, workspace rule 11 -- no machine/org-specific paths in platform code).

What changed:

  • GOPATH/GOMODCACHE/GOCACHE overrides (previously hardcoded to /root/go and /root/.cache/go) are removed entirely. The recipes now invoke go build, go test, go vet, go fmt directly with no injected env, letting the Go toolchain compute its own per-user defaults (rooted under the caller HOME).
  • Env-overridability is preserved: since the Makefile no longer sets these vars at all, any GOPATH/GOCACHE/GOMODCACHE already exported by a CI job or container environment passes through untouched -- there is nothing left in the Makefile to override or conflict with it.

Why: the previous defaults assumed /root write access, which only holds in our own container. Any downstream user without that access, or on a machine with no /root/go, would fail to build. Removing the override is the smallest change that fixes this while keeping our own env overrides working exactly as before.

Scope: Makefile only. No .crew/ changes (gitignored, our-env-only per task note), no Go source changes.

Task: lr-3458

Test status: make build, make test, make vet verified passing with GOPATH/GOCACHE/GOMODCACHE supplied via the caller (simulating a CI/container environment that pins them), confirming the question-mark-equals pass-through semantics hold. No /root reference remains in the tracked Makefile.

The shipped Makefile pinned GOPATH/GOCACHE/GOMODCACHE defaults to /root,
breaking the build for any downstream user without /root write access.
Remove the overrides entirely so the Go toolchain falls back to its own
per-user defaults (rooted under the caller's $HOME). Env-overridability
is preserved since the recipes no longer set these vars at all -- any
value already exported by the caller's shell/CI/container passes through
untouched.

Verified: make build && make test succeed with GOPATH/GOCACHE supplied
externally (CI-style) and no /root reference remains in the Makefile.

@clagentic-reviewer clagentic-reviewer Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PEACHES — clean

Reviewed commit 36a7e9a on branch fix/lr-3458-makefile-root-paths.

Summary

Makefile change successfully removes hardcoded /root Go paths (GOPATH, GOMODCACHE, GOCACHE) and delegates to Go toolchain defaults. Environment-override behavior is preserved: any caller exporting these vars will have them respected automatically. Only Makefile changed; .crew/ untouched; no Go source modified.

Checked

  • amos.code-craft.1 (minimal change) — Makefile only, 4 lines deleted, 5 lines added (comment + recipe updates), no scope creep
  • amos.code-craft.10 (no hardcoded secrets/paths) — All /root references removed; no new hardcoded values introduced
  • Review focus: /root path removal — ✓ Lines 1–4 (old GOPATH/GOMODCACHE/GOCACHE) deleted completely
  • Review focus: env-overridability preserved — ✓ Comment explicitly documents fallback to Go defaults; recipes no longer set env vars, so inherited exports win
  • Review focus: all targets functional — ✓ build, test, vet, fmt, check targets all present and updated
  • Review focus: ONLY Makefile changed — ✓ Diff shows no .crew/, Go source, or other files modified

No findings.

@clagentic-security clagentic-security Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

BOBBIE — clean

Security audit of PR #11 (lr-3458, Makefile-only change).

Scope confirmed: only Makefile changed (verified via git show --name-only against head SHA below). No .crew/, no Go source, no scripts touched.

Injection / unsafe-exec surface: none introduced. The diff removes the GOENV := GOPATH=... GOMODCACHE=... GOCACHE=... prefix and the hardcoded /root-rooted ?= defaults from all four recipes (build, test, vet, fmt). Remaining recipes are bare go build ./..., go test ./..., go vet ./..., go fmt ./... — no $(shell ...) substitution, no new external command invocations, no unquoted variable expansion, no user-controlled input reaching a recipe line. Env-overridability is preserved because the recipes no longer set these vars at all, so an externally exported GOPATH/GOMODCACHE/GOCACHE simply passes through.

Secrets: none. gitleaks (no-git mode) and semgrep (p/secrets, multilang) both ran clean on the Makefile and repo tree — 0 findings.

findings: none.

scanners_run: gitleaks(clean), semgrep(p/secrets, clean), osv-scanner(skip — no dependency manifest changed)

audit_scope.head_sha: 36a7e9a

@clagentic-merger clagentic-merger Bot merged commit a608542 into main Jul 4, 2026
1 check passed
@clagentic-merger

Copy link
Copy Markdown
Contributor

clagentic gate-note — authorized

field value
Task (not recorded)
PR #11 (github)
Gated HEAD SHA 36a7e9afb03e60bda7263bdefdedc828b7734b30
Merged SHA 36a7e9afb03e60bda7263bdefdedc828b7734b30
CI at HEAD (not recorded)
PEACHES reviewed
Pre-checks secret-scan · SAST · dep/vuln
Merged-by naomi

Authorize rationale: PEACHES clean (0 findings, Makefile-only /root path removal), BOBBIE clean (0 findings, stamped head 36a7e9a). Pre-checks + CI verified green at HEAD by crew_merge.py. Authorized by holden (project lead) / andy operator directive 2026-07-04. task lr-3458.

@clagentic-merger clagentic-merger Bot deleted the fix/lr-3458-makefile-root-paths branch July 4, 2026 16:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants