Merge branch 'main' into dependabot/github_actions/actions/setup-python-6

Author: codifide

.github/workflows/ci.yml

@@ -25,7 +25,7 @@ jobs:
           python-version: ${{ matrix.python-version }}
 
       - name: Install package
-        run: pip install -e ".[blob]"
+        run: pip install -e "."
 
       - name: Run test suite
         run: python3 -m pytest tests/ -q --tb=short

.github/workflows/codeql.yml

@@ -33,7 +33,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: ${{ matrix.language }}
           build-mode: ${{ matrix.build-mode }}
@@ -42,6 +42,6 @@ jobs:
           queries: security-extended
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
         with:
           category: "/language:${{ matrix.language }}"

.kiro/specs/v4-language/tasks.md

@@ -44,10 +44,10 @@
 ## REQ-V4-3: Public registry
 
 - [x] **V4-3-1** Write `docs/REGISTRY.md`
-- [ ] **V4-3-2** Publish the five canonical pipeline symbols to codifide.com (blob write API pending)
+- [x] **V4-3-2** Publish the five canonical pipeline symbols to codifide.com ✓ all 5 live
 - [x] **V4-3-3** Add `registry` field to capability manifest — deferred (no field defined yet)
 - [x] **V4-3-4** Add cookbook entry for publish-and-resolve workflow
-- [ ] **V4-3-5** Verify `run --registry https://codifide.com` resolves pipeline symbols
+- [x] **V4-3-5** Verify `run --registry https://codifide.com` resolves pipeline symbols ✓ confirmed
 - [x] **V4-3-6** File Quill/Glyph dispatch
 - [x] **V4-3-7** Registry browser at codifide.com/registry
 

codifide/runtime/interpreter.py

@@ -588,9 +588,12 @@ def _call_primitive(self, name: str, arg_exprs: tuple, frame: _Frame) -> Any:
         # an argument. A program that wants to compute over a possibly-refused
         # value must handle it explicitly in a `believe` arm. Without this
         # check, arithmetic on ⊥ surfaces as a host TypeError.
-        for a in args:
-            if isinstance(a, _BottomType):
-                raise BottomPropagationError(fn=name)
+        # Exception: is_bottom is the one primitive whose purpose is to
+        # inspect a bottom value — it must not propagate.
+        if name != "is_bottom":
+            for a in args:
+                if isinstance(a, _BottomType):
+                    raise BottomPropagationError(fn=name)
         try:
             result = spec.fn(*args)
         except CodifideError:

codifide/store/blob_store.py

@@ -21,11 +21,11 @@
 This mirrors the filesystem store's sharded layout, making the two backends
 interchangeable and the blob store browseable.
 
-**Public access.** Symbol blobs are stored with ``access='public'``. The
+**Public access.** Symbol blobs are stored with ``access='private'``. The
 content is content-addressed — the hash is the identity, so there is no
-secret in the content. Public access means agents can resolve symbols
-directly from the CDN URL without going through the serverless function,
-which is faster and cheaper.
+secret in the content. Private access means reads go through the Vercel
+Blob API (authenticated with ``BLOB_READ_WRITE_TOKEN``) rather than a
+public CDN URL. The serverless GET handler fetches and proxies the bytes.
 
 **Write protection.** The ``put`` method requires ``BLOB_READ_WRITE_TOKEN``.
 The serverless function that exposes ``POST /symbols`` should be
@@ -109,7 +109,6 @@ def put(self, name: str, definition: Definition) -> str:
                 pathname,
                 data,
                 options={
-                    "access": "public",
                     "token": self._token,
                     "contentType": "application/cbor",
                     "cacheControlMaxAge": 31536000,  # 1 year — immutable
@@ -166,7 +165,7 @@ def get_bytes(self, identity: str) -> bytes:
         vb = _require_vercel_blob()
         pathname = self._pathname(identity)
 
-        # Public blobs have a stable CDN URL. Fetch via the download URL.
+        # Private blobs require a signed download URL obtained via the API.
         try:
             result = vb.head(
                 pathname,
@@ -181,11 +180,14 @@ def get_bytes(self, identity: str) -> bytes:
         if not download_url:
             raise StoreError(f"Vercel Blob returned no URL for {identity}")
 
-        # Fetch the bytes directly from the CDN URL.
+        # Fetch the bytes using the signed URL (works for both public and private blobs).
         import urllib.request
         import urllib.error
         try:
-            with urllib.request.urlopen(download_url, timeout=30) as resp:
+            req = urllib.request.Request(download_url)
+            if self._token:
+                req.add_header("Authorization", f"Bearer {self._token}")
+            with urllib.request.urlopen(req, timeout=30) as resp:
                 data = resp.read(_MAX_BLOB_BYTES + 1)
         except urllib.error.HTTPError as exc:
             if exc.code == 404:

crates/codifide-canonical/Cargo.toml

@@ -15,4 +15,4 @@ path = "src/bin/codifide_canonical.rs"
 
 [dependencies]
 serde_json = "1"
-sha2 = "0.10"
+sha2 = "0.11"

crates/codifide-interpreter/Cargo.toml

@@ -19,7 +19,7 @@ serde_json = "1"
 rayon = "1.10"
 
 [dev-dependencies]
-criterion = { version = "0.5", features = ["html_reports"] }
+criterion = { version = "0.8", features = ["html_reports"] }
 
 [[bench]]
 name = "interpreter"

docs/AGENT_QUICKREF.md

@@ -324,42 +324,34 @@ cand
 Both patterns are valid. `cand` + `when` is preferred for three or more
 branches; `if/then/else` is preferred for binary choices inside a body.
 
-**`is_bottom` — value inspector, not propagation catcher.**
+**`is_bottom` — value inspector.**
 
-`is_bottom(x)` returns `true` when `x` is a literal `bottom` value.
-It **cannot** catch a `bottom` that propagated through a bind:
+`is_bottom(x)` returns `true` when `x` is a `bottom` value (including `bottom "reason"`).
+Both the direct-call and bind patterns work:
 
 ```codifide
-# WRONG — bottom propagates through the bind before is_bottom sees it
+# Direct-call — is_bottom sees the value before any bind
 cand
-  r <- function_that_refuses()
-  if is_bottom(r) then "caught" else r   # raises BottomPropagationError
+  if is_bottom(function_that_refuses()) then "refused" else "ok"
 
-# RIGHT — use a believe arm to handle propagated bottom
+# Bind pattern — also works; is_bottom receives the bottom value
 cand
   r <- function_that_refuses()
-  believe r
-    ge(conf(r), 0.70) => r
-    else              => bottom          # or handle the refusal here
+  if is_bottom(r) then "refused" else r
 ```
 
-`is_bottom` is useful when `bottom` is passed as an explicit argument
-or stored in a data structure, not when it arrives via function return.
-
-**Direct-call `is_bottom` works.** If you need to check whether a function
-refuses *before* binding its result, call `is_bottom` directly on the call
-expression — no bind needed:
+For conditional routing on a possibly-refused value, `believe` is usually
+cleaner and more idiomatic:
 
 ```codifide
-# Works — is_bottom sees the value before any bind propagates it
+# Idiomatic — believe handles refusal explicitly
 cand
-  if is_bottom(moderate(message)) then "refused" else moderate(message)
+  r <- function_that_refuses()
+  believe r
+    ge(conf(r), 0.70) => r
+    else              => bottom
 ```
 
-This short-circuits: if `moderate` refuses, the `else` branch never runs.
-Note that `moderate` is called twice — once for the check and once for the
-value. For expensive functions, prefer the `believe` pattern instead.
-
 ## Content-addressed imports
 
 Individual symbol imports bring one symbol into scope by name:

docs/REGISTRY.md

@@ -18,6 +18,8 @@ published at the following identities:
 | `classify_content` | `sha256:377099c5bddb8cebe9e8bc6b8499bb00ea99083798d1b064799ac82c55636fae` |
 | `moderate` | `sha256:1bbe69ba7dae84a1fc1a5b335ac2fd9f4be3e4462857db3cc0d38c4af5be4a2a` |
 | `route_message` | `sha256:68c15e1108ac195e211634d2755f58353422db61b077690ec59686ad87d2d964` |
+| `run_pipeline` | `sha256:9315527239ae775f5f61caedd7f589b2d72e621c384511a1663856235d1a764c` |
+| `composed_pipeline` | `sha256:311ba990e2555bba609c230d28072d290bdf1d88b0e1e2d13db553bf34472346` |
 
 These are the symbols from the content-moderation pipeline task spec
 (`docs/AGENT_TASK_SPEC.md`). They are the canonical test case for

tests/test_runtime.py

@@ -318,5 +318,156 @@ def inner
         self.assertIn("called from", msg)
 
 
+# ---------------------------------------------------------------------------
+# is_bottom — direct-call pattern and propagation footgun regression
+# (Sable audit note: AUD-OVERNIGHT-02 follow-up)
+# ---------------------------------------------------------------------------
+
+class IsBottomTests(unittest.TestCase):
+    """Tests for the is_bottom(f()) direct-call pattern.
+
+    The quickref documents two idioms:
+      - WRONG: r <- f(); is_bottom(r)  — bottom propagates through bind
+      - RIGHT: is_bottom(f())          — is_bottom sees the value before bind
+
+    These tests confirm both behaviours and cover BottomWithReason.
+    """
+
+    def test_is_bottom_on_literal_bottom_returns_true(self) -> None:
+        src = """
+def main
+  intent "is_bottom on literal bottom"
+  sig    () -> Bool
+  effects {}
+  cand
+    is_bottom(bottom)
+"""
+        self.assertTrue(run(parse(src), "main"))
+
+    def test_is_bottom_on_normal_value_returns_false(self) -> None:
+        src = """
+def main
+  intent "is_bottom on a normal value"
+  sig    () -> Bool
+  effects {}
+  cand
+    is_bottom(42)
+"""
+        self.assertFalse(run(parse(src), "main"))
+
+    def test_is_bottom_direct_call_on_refusing_function(self) -> None:
+        # RIGHT pattern: is_bottom(f()) — sees the bottom before any bind.
+        src = """
+def refuses
+  intent "always refuses"
+  sig    () -> Any
+  effects {}
+  cand
+    bottom
+
+def main
+  intent "direct-call is_bottom on a refusing function"
+  sig    () -> Bool
+  effects {}
+  cand
+    is_bottom(refuses())
+"""
+        self.assertTrue(run(parse(src), "main"))
+
+    def test_is_bottom_direct_call_on_non_refusing_function(self) -> None:
+        # RIGHT pattern: is_bottom(f()) where f returns a value.
+        src = """
+def gives_value
+  intent "returns a string"
+  sig    () -> String
+  effects {}
+  cand
+    "hello"
+
+def main
+  intent "direct-call is_bottom on a non-refusing function"
+  sig    () -> Bool
+  effects {}
+  cand
+    is_bottom(gives_value())
+"""
+        self.assertFalse(run(parse(src), "main"))
+
+    def test_is_bottom_on_bottom_with_reason(self) -> None:
+        # BottomWithReason is a subclass of _BottomType — is_bottom must catch it.
+        src = """
+def refuses_with_reason
+  intent "refuses with a reason string"
+  sig    () -> Any
+  effects {}
+  cand
+    bottom "not enough confidence"
+
+def main
+  intent "is_bottom on bottom-with-reason via direct call"
+  sig    () -> Bool
+  effects {}
+  cand
+    is_bottom(refuses_with_reason())
+"""
+        self.assertTrue(run(parse(src), "main"))
+
+    def test_is_bottom_bind_propagation_footgun(self) -> None:
+        # Previously: r <- f(); is_bottom(r) raised BottomPropagationError
+        # because is_bottom was treated like any other primitive.
+        # After the interpreter fix (is_bottom exempt from propagation check),
+        # this pattern now works correctly — is_bottom returns True.
+        # The quickref has been updated to reflect this.
+        src = """
+def refuses
+  intent "always refuses"
+  sig    () -> Any
+  effects {}
+  cand
+    bottom
+
+def main
+  intent "bind-then-is_bottom now works"
+  sig    () -> Bool
+  effects {}
+  cand
+    r <- refuses()
+    is_bottom(r)
+"""
+        # Both the direct-call and bind patterns now return True.
+        self.assertTrue(run(parse(src), "main"))
+
+    def test_is_bottom_in_conditional_expression(self) -> None:
+        # is_bottom used in an inline conditional — common real-world pattern.
+        src = """
+def maybe_refuses
+  intent "refuses when input is zero"
+  sig    (n: Int) -> Any
+  effects {}
+  cand
+    when gt(n, 0)
+    n
+  cand
+    bottom
+
+def main_refuses
+  intent "test refusing path"
+  sig    () -> String
+  effects {}
+  cand
+    if is_bottom(maybe_refuses(0)) then "refused" else "ok"
+
+def main_ok
+  intent "test non-refusing path"
+  sig    () -> String
+  effects {}
+  cand
+    if is_bottom(maybe_refuses(5)) then "refused" else "ok"
+"""
+        m = parse(src)
+        self.assertEqual(run(m, "main_refuses"), "refused")
+        self.assertEqual(run(m, "main_ok"), "ok")
+
+
 if __name__ == "__main__":
     unittest.main()