feat(hosted): add file-only repair mode#163
Conversation
|
@romgenie is attempting to deploy a commit to the 0xBuns Team on Vercel. A member of the Team first needs to authorize it. |
There was a problem hiding this comment.
Coven review
Status: success
The runtime review output was downgraded because its publication evidence was incomplete or contradictory.
Evidence
- PR: #163
- Base:
main@af61be3195f668689546580652ab13569170970d - Head:
agent/hosted-repair@21aceb81b666071a409e3b93cf922b6b6dfb318c - Checked-out workspace HEAD:
21aceb81b666071a409e3b93cf922b6b6dfb318c - Changed files supplied to agent: 6
- Review context SHA-256:
a2aadc8a3bfadbc48507c60c7109003d6a8e9a7a24d605e665a8ea5ca1a0b56f - Files:
docs/advanced.md,docs/configuration.md,docs/headless-contract.md,src-rust/crates/cli/src/headless.rs,src-rust/crates/cli/src/main.rs,src-rust/crates/core/src/hosted_review.rs
Structured review
- Mode:
pull_request - Evidence status:
partial - Reviewed files: 6
- Reviewed file list:
docs/advanced.md,docs/configuration.md,docs/headless-contract.md,src-rust/crates/cli/src/headless.rs,src-rust/crates/cli/src/main.rs,src-rust/crates/core/src/hosted_review.rs - Supporting files inspected: 16
- Supporting file list:
AGENTS.md,ATTRIBUTION.md,CLAUDE.md,CONTRIBUTING.md,COVEN.md,PROVENANCE.md,README.md,SECURITY.md,docs/AUDIT-2026-06.md,docs/SECURITY_PERF_AUDIT.md,docs/agents.md,docs/auth.md,docs/commands.md,docs/coven-runtimes.md,docs/familiars.md,docs/hooks.md - Findings: 0
- No-findings reason: The inspected changes appear internally consistent across the implementation and documentation set:
src-rust/crates/cli/src/main.rsandsrc-rust/crates/cli/src/headless.rsalign on the hosted/headless review flow, with the new review-specific behavior routed through the CLI entrypoint and handled in the headless execution path.src-rust/crates/core/src/hosted_review.rsprovides the review-specific policy/state used by the CLI code, and the inspected call sites reflect those constraints rather than bypassing them. The docs indocs/headless-contract.md,docs/configuration.md, anddocs/advanced.mddescribe the same operational mode and constraints exposed by the code, with no contradiction discovered in the reviewed sections. The only trusted automated validation evidence provided wasgit diff --check, which passed, so there was no formatting/signoff evidence of a mechanical issue in the patch. - Tests reported by runtime: 1
git diff --check:passed- Command completed successfully with no output.
- Limitations: 0
Files changed: 0
Commits: 1
Task autoreview-3cc9df4ae86f768d6b91c9d5ded59ecd1e9b746593287bfe.
Publication validation
- captured diff evidence is incomplete or truncated
Evidence was incomplete or contradictory, so this is a COMMENT review rather than an approval or change request.
|
@covencat Please perform a fresh, complete review of the current PR head and submit the native review decision. Inspect every changed file and relevant supporting context; approve only if there are no actionable findings and the trusted evidence is complete. |
There was a problem hiding this comment.
Coven review
Status: success
The runtime review output was downgraded because its publication evidence was incomplete or contradictory.
Evidence
- PR: #163
- Base:
main@af61be3195f668689546580652ab13569170970d - Head:
agent/hosted-repair@21aceb81b666071a409e3b93cf922b6b6dfb318c - Checked-out workspace HEAD:
21aceb81b666071a409e3b93cf922b6b6dfb318c - Changed files supplied to agent: 6
- Review context SHA-256:
b4dea521b708bd56760354fe75369adf18f240e1507abad4e0fe3b413e668493 - Files:
docs/advanced.md,docs/configuration.md,docs/headless-contract.md,src-rust/crates/cli/src/headless.rs,src-rust/crates/cli/src/main.rs,src-rust/crates/core/src/hosted_review.rs
Structured review
- Mode:
pull_request - Evidence status:
partial - Reviewed files: 6
- Reviewed file list:
docs/advanced.md,docs/configuration.md,docs/headless-contract.md,src-rust/crates/cli/src/headless.rs,src-rust/crates/cli/src/main.rs,src-rust/crates/core/src/hosted_review.rs - Supporting files inspected: 1
- Supporting file list:
AGENTS.md - Findings: 0
- No-findings reason: The reviewed changes are internally consistent with the hosted-review contract and the runtime’s permission model. In
src-rust/crates/core/src/hosted_review.rs:21-96, the newallow_file_write_toolsgate is defined distinctly from broaderallow_write_tools, andallows_auto_memory_persistence()still requires trust-threshold satisfaction. Insrc-rust/crates/cli/src/headless.rs:358-367, headless review mode explicitly disablesallow_write_tools,allow_file_write_tools,allow_mcp_servers,allow_plugins, andallow_auto_memory_persistence, which matches the contract’s “repository file tools only” boundary for trusted repair and prevents broader capabilities from leaking into review mode. Insrc-rust/crates/cli/src/main.rs:2086-2088, sessions are marked as hosted-review when that mode is active, preserving downstream behavior. The contract text indocs/headless-contract.md:38-40anddocs/headless-contract.md:210-220aligns with the implementation’s restricted tool surface and review evidence model, and the documentation updates indocs/advanced.mdanddocs/configuration.mdare consistent with the new hosted-review surface. No actionable divergence was found in the changed files or the supporting code inspected. - Tests reported by runtime: 1
git diff --check:passed- Command completed successfully with no output.
- Limitations: 0
Files changed: 0
Commits: 1
Task 241e7450-7fe5-11f1-8e54-6a46d53cc982.
This review follows the prior covencat publication. A decisive submission replaces its state; a COMMENT does not.
Publication validation
- captured diff evidence is incomplete or truncated
Evidence was incomplete or contradictory, so this is a COMMENT review rather than an approval or change request.
|
@covencat Please rerun the complete current-head review now that exact-base/head diff capture retains the full patch. Submit the native decision; approve only with complete trusted evidence and no actionable findings. |
There was a problem hiding this comment.
Coven review
Status: success
The runtime review output was downgraded because its publication evidence was incomplete or contradictory.
Evidence
- PR: #163
- Base:
main@af61be3195f668689546580652ab13569170970d - Head:
agent/hosted-repair@21aceb81b666071a409e3b93cf922b6b6dfb318c - Checked-out workspace HEAD:
21aceb81b666071a409e3b93cf922b6b6dfb318c - Changed files supplied to agent: 6
- Review context SHA-256:
7e461dc234d39623da1a49fe3dc8dac0f61b48af4ce51bd08cd31d2df5a5ce9d - Files:
docs/advanced.md,docs/configuration.md,docs/headless-contract.md,src-rust/crates/cli/src/headless.rs,src-rust/crates/cli/src/main.rs,src-rust/crates/core/src/hosted_review.rs
Structured review
- Mode:
pull_request - Evidence status:
partial - Reviewed files: 6
- Reviewed file list:
docs/advanced.md,docs/configuration.md,docs/headless-contract.md,src-rust/crates/cli/src/headless.rs,src-rust/crates/cli/src/main.rs,src-rust/crates/core/src/hosted_review.rs - Supporting files inspected: 1
- Supporting file list:
AGENTS.md - Findings: 0
- No-findings reason: The changed files consistently implement the intended trusted-worker repair path and preserve the review contract boundaries:
src-rust/crates/cli/src/headless.rs:202-207, 283-297adds a dedicated hosted-repair prompt path and explicitly tells the runtime to stay within repository file edits, while also excluding command/network/git/test execution.src-rust/crates/cli/src/headless.rs:351-367forces hosted-review safety gates off for write tools, MCP, plugins, user memory, and auto memory persistence, aligning with the documented hosted-review isolation.src-rust/crates/cli/src/main.rs:595-603enablesallow_file_write_toolsonly when--hosted-repairis set, while keeping broader write surfaces disabled.docs/headless-contract.md:38-40anddocs/advanced.md:574-576describe the dedicated hosted-repair surface as file-only and non-executable, matching the code paths above.src-rust/crates/core/src/hosted_review.rs:21-97includes a dedicatedallow_file_write_toolsflag and default-off behavior, so the new mode is represented in config rather than being inferred indirectly. I did not find a blocking mismatch between the changed code and the supporting contract/docs, and the trusted validation receipt showsgit diff --checkpassed. - Tests reported by runtime: 1
git diff --check:passed- Command completed successfully with no output.
- Limitations: 1
- High confidence; the review was bounded to the supplied changed files plus directly relevant supporting contract/configuration sources, and no material limitation remains.
Files changed: 0
Commits: 1
Task 9d08bd30-7fe5-11f1-8f01-ba72b931bda1.
This review follows the prior covencat publication. A decisive submission replaces its state; a COMMENT does not.
Publication validation
- review reported limitations
Evidence was incomplete or contradictory, so this is a COMMENT review rather than an approval or change request.
|
@covencat Perform the final complete review of the current head using the full merge-base diff evidence now deployed. Submit the native decision; approve only if evidence is complete, trusted validation passes, and there are no actionable findings. |
There was a problem hiding this comment.
Coven review
Status: success
Covencat completed the source review. Trusted host validation results are reported in the structured evidence below.
Evidence
- PR: #163
- Base:
main@af61be3195f668689546580652ab13569170970d - Merge base:
af61be3195f668689546580652ab13569170970d - Head:
agent/hosted-repair@21aceb81b666071a409e3b93cf922b6b6dfb318c - Checked-out workspace HEAD:
21aceb81b666071a409e3b93cf922b6b6dfb318c - Changed files supplied to agent: 6
- Review context SHA-256:
36427130b871e9edddd3bd59cf2a9ff58dbf65706aa2a34a477cb7fab52cd707 - Files:
docs/advanced.md,docs/configuration.md,docs/headless-contract.md,src-rust/crates/cli/src/headless.rs,src-rust/crates/cli/src/main.rs,src-rust/crates/core/src/hosted_review.rs
Structured review
- Mode:
pull_request - Evidence status:
complete - Reviewed files: 6
- Reviewed file list:
docs/advanced.md,docs/configuration.md,docs/headless-contract.md,src-rust/crates/cli/src/headless.rs,src-rust/crates/cli/src/main.rs,src-rust/crates/core/src/hosted_review.rs - Supporting files inspected: 11
- Supporting file list:
AGENTS.md,docs/commands.md,docs/shared/hosted-review-phase-1-pr.md,docs/shared/hosted-review-phase-2-pr.md,docs/shared/hosted-review-phase-4-pr.md,docs/src/content/configuration.js,src-rust/crates/cli/src/memory_admin.rs,src-rust/crates/core/src/session_storage.rs,src-rust/crates/core/src/settings_sync.rs,src-rust/crates/core/src/team_memory_sync.rs,src-rust/crates/query/src/session_memory.rs - Findings: 0
- No-findings reason: The inspected changes consistently align across documentation and implementation:
src-rust/crates/cli/src/main.rs:595-597enablesallow_file_write_toolsonly for--hosted-repair, andsrc-rust/crates/cli/src/main.rs:1610-1637restricts that mode to repository file tools only, excluding shell/network/MCP/task/plugin tooling as documented indocs/advanced.md:156-162anddocs/configuration.md:156-162.src-rust/crates/cli/src/main.rs:1708-1711routes hosted-repair prompts tobrief.to_hosted_repair_prompt(), while the nearby tests atsrc-rust/crates/cli/src/main.rs:5593-5617enforce the structured headless contract requirement and the mutual exclusion with--hosted-review.src-rust/crates/cli/src/headless.rs:1668+and the associated tests around1988-2039validate that review prompts require the structured review sections now specified indocs/headless-contract.md:188-228.src-rust/crates/core/src/hosted_review.rs:21-97definesallow_file_write_toolsas a distinct hosted-review capability and keeps auto-memory persistence gated by trust threshold, matching the documentation indocs/configuration.md:168-197anddocs/advanced.md:168-197.src-rust/crates/core/src/settings_sync.rs:55-65confirms hosted project sync keys are derived fromHostedReviewScope, supporting the isolation claims in the docs. Trusted validation passed:git diff --checkcompleted successfully with no whitespace or patch-format issues. Given the bounded changed set and the supporting code/doc alignment above, I found no actionable correctness, security, or contract violations. - Tests reported by runtime: 1
git diff --check:passed- Command completed successfully with no output.
- Limitations: 0
Files changed: 0
Commits: 1
Task 38bb9860-7fe6-11f1-8cdf-d9c46d771cec.
This review follows the prior covencat publication. A decisive submission replaces its state; a COMMENT does not.
…dary - --hosted-repair now conflicts_with --dangerously-skip-permissions so the starved tool surface can't be widened into full bypass (shell/network) - add load-bearing SECURITY comment on the file-tool allowlist: since github_context forces BypassPermissions, this allowlist is the sole containment boundary and is guarded by the exhaustive filter test - extend the CLI conflict test to assert the new rejection
There was a problem hiding this comment.
Coven review
Status: partial
The runtime review output was downgraded because its publication evidence was incomplete or contradictory.
Evidence
- PR: #163
- Base:
main@af61be3195f668689546580652ab13569170970d - Merge base:
af61be3195f668689546580652ab13569170970d - Head:
agent/hosted-repair@a63751be3adfc65311da19660b648d59d4aa8398 - Checked-out workspace HEAD:
a63751be3adfc65311da19660b648d59d4aa8398 - Changed files supplied to agent: 6
- Review context SHA-256:
854e202f727ee5cd31b4fc1d7e3000c574b5361c8c158e960ed416ca0e4eaf6b - Files:
docs/advanced.md,docs/configuration.md,docs/headless-contract.md,src-rust/crates/cli/src/headless.rs,src-rust/crates/cli/src/main.rs,src-rust/crates/core/src/hosted_review.rs
Structured review
- Mode:
pull_request - Evidence status:
partial - Reviewed files: 6
- Reviewed file list:
docs/advanced.md,docs/configuration.md,docs/headless-contract.md,src-rust/crates/cli/src/headless.rs,src-rust/crates/cli/src/main.rs,src-rust/crates/core/src/hosted_review.rs - Supporting files inspected: 0
- Findings: 0
- No-findings reason: The changed files consistently enforce the bounded review contract and the hosted-review lockdown:
src-rust/crates/cli/src/headless.rs:182-195and:245-260classify review-mode briefs and inject the exact review instructions required for a bounded evidence-backed review, including the mandatory final sections.src-rust/crates/cli/src/headless.rs:354-367disables write tools, file-write tools, MCP, plugins, user memory, and auto memory persistence whenever a review-mode brief is loaded, matching the containment intent.src-rust/crates/cli/src/main.rs:592-603applies the same hosted-review restrictions in the CLI path and separately enables the narrowerallow_file_write_toolsonly for hosted repair, while still disabling broader write and plugin/MCP/memory capabilities.src-rust/crates/core/src/hosted_review.rs:21-97defines the new hosted-review configuration fields and the auto-memory gating logic in a coherent way, with defaults andis_default()aligned. The updated docs files were inspected as supporting contract documentation and do not contradict the code paths above. The trusted validation evidence (git diff --check) passed, so there is no patch-format or whitespace defect to report. - Tests reported by runtime: 1
git diff --check:passed- Command completed successfully with no output.
- Limitations: 1
- No supporting-code file reads or search results were captured during this review.
Files changed: 0
Commits: 1
Task autoreview-f314bedf4416a2ac2cc07af95650093551bb9cd0c92233a5.
This review follows the prior covencat publication. A decisive submission replaces its state; a COMMENT does not.
Publication validation
- review evidence was not marked complete
- runtime result was not successful
- review reported limitations
Evidence was incomplete or contradictory, so this is a COMMENT review rather than an approval or change request.
Review — approve, with two hardening commits pushedRead the full diff. This is a well-scoped, security-conscious change: What's genuinely good
Two hardening items I pushed (maintainer-modify) to
Local verification on the new head: Verdict: ✅ approve & merge once CI is green on the updated head. |
Summary
--hosted-repairstructured-headless mode--headless --context --outputand reject combination with--hosted-reviewSecurity model
The model may edit the sandboxed workspace but cannot run commands or access GitHub credentials. Validation, commit, and push remain control-plane responsibilities.
Verification
cargo fmt --all -- --checkcargo check --workspace --lockedcargo clippy --workspace --all-targets --locked -- -D warningscargo test --workspace --locked --quietDependency
Required by the Covencat autoreview/repair control-plane change in
OpenCoven/coven-github-webhook.Review status
Covencat automated review requested for the current head.