fix(verdict): require freshness on base_sha-matched acceptance (CGLS-9 defense-in-depth) #43

Open

triform-admin wants to merge 1 commit from agent/verdict-freshness-cgls9 into main

pull from: agent/verdict-freshness-cgls9

merge into: triform:main

triform:main

triform:agent/preview-rename-public-status

triform:fix/interaction-red-unknown

triform:agent/overlay-cap-128

triform:agent/instances-sighup-reload

triform:agent/per-lane-build-slot

triform:agent/runplan-per-build-reread

triform:agent/cgls11-pool-overlay-flycheck

triform:agent/cgls12-content-macro-detection

triform:agent/manifest-run-plan-on-main

triform:agent/ci-concurrency

triform:agent/macro-witness-fix

triform:agent/appserve-build-job

triform:agent/build-to-completion

triform:agent/fix-overlay-reaches-ra

triform:agent/fix-appbuild-test-manifest-hash

triform:agent/fix-serve-ra-procmacro-skew

triform:agent/fix-otlp-v1-traces-path

triform:agent/ra-stderr-visible

triform:agent/manifest-run-plan

triform:agent/self-serve-previews

triform:agent/appserve-worktree-setup

triform:agent/appserve-dockerfile-fix

triform:agent/timer-settle-unknown-cgls9

triform:agent/app-serve

triform:agent/verdict-cli

triform:agent/witness-offloop

triform:agent/bounded-git

triform:agent/readyz

triform:agent/verdict-attribution

triform:agent/otlp-queue

triform:agent/infra-258-260

triform:agent/project-checks-nonblocking

triform:agent/attribution-helper

triform:release/v0.3.0

triform:agent/batch-concurrency-validation

triform:agent/project-checks-hard

triform:agent/amem-49-exporter-timeout

triform:agent/infra-54-init-success-log

triform:agent/infra-49-blocking-client

triform:agent/infra-49-simple-exporter

triform:agent/honest-verdict-and-otel

triform:agent/overlay-project-checks

triform:agent/fsn-serve-shards

triform:agent/existing-red-report

triform:agent/checks-base-pruning

triform:agent/docs-project-check-resource-discipline

triform:agent/session-handover-2026-05-25

triform:agent/builder-template-cache-repair

triform:agent/tf-multiverse-serve-service

triform:agent/serve-auth-read-image

triform:agent/cargoless-http-read-auth

triform:agent/serve-image-bump

triform:agent/push-only-ready

triform:agent/architect

triform:agent/bench-lead-m3

triform:agent/builder-infra-msrv-doc

triform:agent/builder-infra-doc-housekeeping

triform:agent/builder-infra-roadmap-integration

triform:agent/builder-infra-docs-combined

triform:agent/docs-launch-lead-roadmap-refresh

triform:agent/docs-launch-lead-prestage

triform:agent/builder-infra-update-lock

triform:agent/docs-launch-lead-w2-docs

triform:agent/builder-infra-263-disk-full

triform:agent/dev-fixer-2c

triform:agent/dev-fixer-2b

triform:agent/bench-lead-m2-on-9429462

triform:agent/docs-launch-lead-brand-coherence

triform:agent/bench-lead-m2-approx

triform:agent/docs-launch-lead-dewasm-scope

triform:agent/dev-fixer-otel-wave1

triform:agent/dev-fixer-dewasm

triform:agent/dogfood-lead-stage1-rework

triform:agent/dev-fixer-respawn-driver-reset

triform:agent/dev-fixer-pushoverlay

triform:agent/dev-fixer-healthz

triform:agent/dogfood-lead-stage1-suite

triform:agent/bench-lead-diffharness

triform:agent/dev-fixer-serve-wire

triform:agent/builder-infra-serve-image

triform:agent/docs-launch-lead-inc2spec

triform:agent/builder-infra-serve-k8s

triform:agent/builder-infra-v020

triform:agent/docs-launch-lead-e5

triform:agent/builder-infra-198

triform:agent/dev-fixer-modelr-cio

triform:agent/builder-infra-podinfra

triform:agent/bench-lead-15bench-r

triform:agent/bench-lead-15bench

triform:agent/builder-infra-14-integ

triform:agent/builder-infra-14auth-fix

triform:agent/builder-infra-tripleguard

triform:agent/builder-infra-i2fixed

triform:agent/builder-infra-i1

triform:agent/builder-infra-reset0

triform:agent/builder-infra-capcore

triform:agent/builder-infra-12

triform:agent/builder-infra-4

triform:agent/builder-infra-incr4

triform:agent/builder-infra-incr3

triform:agent/builder-infra-182

triform:agent/builder-infra-14auth

triform:agent/docs-launch-lead-e4

triform:agent/bench-lead-modelr-13c

triform:agent/docs-launch-lead-e3

triform:agent/bench-lead-modelr-13

triform:agent/dev-fixer-modelr-c

triform:agent/docs-launch-lead-e2

triform:agent/builder-infra-comp2v2

triform:agent/builder-infra-cigatefix2

triform:agent/dev-fixer-modelr-b

triform:agent/bench-lead-modelr

triform:agent/builder-infra-cigatefix

triform:agent/builder-infra-comp2

triform:agent/docs-launch-lead-modelr

triform:agent/builder-infra-modelr

triform:agent/docs-launch-lead-final

triform:agent/bench-lead

triform:agent/dev-fixer-132

triform:agent/dev-fixer-97

triform:agent/docs-launch-lead-prep

triform:agent/dev-fixer-128

triform:agent/dev-fixer-procmacro-downrank

triform:agent/dev-fixer-idle-evict

triform:agent/dev-fixer-structural-trigger

triform:agent/dev-fixer-openclosed-design

triform:agent/dev-fixer-94

triform:agent/dev-fixer-97-plan

triform:agent/docs-launch-sf

triform:agent/docs-launch-lead-d1b

triform:chore/f13a-integrate-v2

triform:agent/dev-fixer-f13a

triform:chore/cwdl-71-phase-d

triform:chore/buildid-integrate-v2

triform:agent/dev-fixer-f13b

triform:agent/buildid

triform:agent/ra-config

triform:agent/d-a2-design

triform:agent/docs-launch-lead-d1

triform:agent/docs-launch-lead

triform:agent/dev-fixer-5

triform:agent/dev-fixer-4

triform:agent/dev-fixer-3

triform:chore/launch-readiness-docs

triform:agent/dev-fixer-2

triform:agent/f8-integrate

triform:agent/integration-default

triform:agent/dev-fixer-f8

triform:agent/dev-fixer

triform:agent/builder-infra

triform:agent/v0-feature-complete

triform:agent/daemon-core-21

triform:agent/v0-final-converge2

triform:agent/ra-bench-wt

triform:agent/cli-ux-v0

triform:agent/v0-final-converge

triform:agent/build-cas-publisher

triform:agent/docs-v0

triform:agent/v0-core-converge

triform:agent/gate-locked

triform:agent/main-stabilize

triform:agent/cli-ux-wire

triform:agent/devserver-bundle

triform:agent/daemon-core-sup

triform:agent/integration-converge

triform:agent/build-cas-bundle

triform:agent/daemon-core-wt

triform:agent/build-cas

triform:agent/devserver

triform:agent/cli-ux

triform:integ/dc-ac6

triform:integ/ra-bench

triform:integ/daemon-core

triform:agent/ra-bench

triform:agent/proto-contracts

triform:agent/daemon-core

Conversation 0 Commits 1 Files changed 1 +81 -20

triform-admin commented 2026-06-14 14:51:33 +00:00

Owner

Copy link

Narrows status_is_acceptable to require base_sha match AND freshness (published after our push), closing a stale-echo acceptance. Defense-in-depth for the CGLS-9 a8 residual false-green; the daemon-side 2s synthetic-settle race is the primary closer and is tracked separately. 25/25 verdict unit tests pass.

See tf-multiverse memory project_cgls9_a8_residual_false_green_2026_06_13 for full telemetry-pinned root cause.

Narrows status_is_acceptable to require base_sha match AND freshness (published after our push), closing a stale-echo acceptance. Defense-in-depth for the CGLS-9 a8 residual false-green; the daemon-side 2s synthetic-settle race is the primary closer and is tracked separately. 25/25 verdict unit tests pass. See tf-multiverse memory project_cgls9_a8_residual_false_green_2026_06_13 for full telemetry-pinned root cause.

triform-admin added 1 commit 2026-06-14 14:51:33 +00:00

fix(verdict): require freshness on base_sha-matched acceptance (CGLS-9 defense-in-depth) ... 2dcdf60a65

status_is_acceptable accepted any daemon status whose base_sha matched the
client --base, regardless of freshness. A green published for the base
BEFORE our push — the central --server-root / foreign-worktree case where
the daemon cannot attribute our overlay and leaves a pre-existing base-green
standing — would match the SHA while having analyzed nothing of ours
(crates:[]). The await accepted it as our overlay's verdict.

Narrow the (Some,Some) arm to require base_sha match AND freshness
(published after our push). Mismatch still never accepts (A2 cross-branch
protection intact); unattributed still degrades to freshness. Removes the
documented idempotent-re-run fast-path (a genuine re-run now waits for one
fresh publication — seconds, paid rarely); soundness over the micro-opt for
a merge gate.

Defense-in-depth only: the deployed daemon mints a FRESH base-green per
push without analyzing foreign overlays (a 2s synthetic-settle race in
spawn_ra_native_settle), so this client fix cannot fully close the
false-green alone — the daemon-side settle fix is tracked separately. This
hardening still correctly rejects a genuinely stale echo.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

Some checks failed

Hide all checks

ci / rust-analyzer latency harness (S1 / AC#2) (push) Has been skipped

Details

ci / fmt (push) Failing after 2m20s

Details

ci / test (pull_request) Successful in 1m53s

Details

ci / clippy (push) Successful in 3m12s

Details

ci / rust-analyzer latency harness (S1 / AC#2) (pull_request) Has been skipped

Details

ci / fmt (pull_request) Failing after 1m3s

Details

ci / build (push) Successful in 3m57s

Details

ci / test (push) Successful in 3m55s

Details

ci / build (pull_request) Successful in 3m33s

Details

ci / clippy (pull_request) Successful in 1m13s

Details

This pull request can be merged automatically.

This branch is out-of-date with the base branch

You are not authorized to merge this pull request.

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin agent/verdict-freshness-cgls9:agent/verdict-freshness-cgls9

git switch agent/verdict-freshness-cgls9

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git switch main

git merge --no-ff agent/verdict-freshness-cgls9

git switch agent/verdict-freshness-cgls9

git rebase main

git switch main

git merge --ff-only agent/verdict-freshness-cgls9

git switch agent/verdict-freshness-cgls9

git rebase main

git switch main

git merge --no-ff agent/verdict-freshness-cgls9

git switch main

git merge --squash agent/verdict-freshness-cgls9

git switch main

git merge --ff-only agent/verdict-freshness-cgls9

git switch main

git merge agent/verdict-freshness-cgls9

git push origin main

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

triform/cargoless!43

No description provided.