You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- Confirmed the real Codex path invokes the configured Codex binary with `ALL_ADAPTERS_SIMULATION_MODE=0` and `CODEX_SIMULATION_MODE=0`.
16
16
- Hardened simulation result handling so the shared simulation runner writes `is_simulation=true`, and Codex/Claude normalizers preserve or infer simulation status from deterministic simulation artifacts instead of relabeling them as real when normalization runs with simulation env disabled.
17
17
- Added `codencer run events`, `codencer run report`, `codencer run cancel`, and structured `codencer run resume` blocker behavior.
18
+
- Exposed daemon-backed local `codencer run resume` for states already supported by `RecoveryService.ResumeRun` (`created` and `paused_for_gate`), with explicit `run_resumed` CLI events and structured `run_resume_blocked` output when the selected run is not resumable.
- Preserved `codencer.submit_project_task_and_wait` as a compatibility tool while adding non-blocking submit/start paths for planners that should not hold one long HTTP/MCP request open.
20
21
- Updated Gateway Console simple-task submit to send `wait=false`, poll the run report until terminal status, display `pending` while waiting, and emit the terminal audit event once when report refresh observes completion.
@@ -186,6 +187,12 @@ Branch: `next-phase`
186
187
-`make verify-release-artifact-selfhost VERSION=v0.3.0-selfhost-artifact-verify TARGETS=host REQUIRE_TARGETS=host` after adding store-backed Gateway API redaction sweep - passed
187
188
-`make verify-public-release` after adding store-backed Gateway API redaction sweep - passed
188
189
-`git diff --check` after adding store-backed Gateway API redaction sweep - passed
190
+
-`go test ./internal/localexec ./internal/app ./internal/service ./cmd/codencer` after exposing local run resume - passed
191
+
-`make build-codencer && ./scripts/verify_public_selfhost_release.sh` after exposing local run resume - passed
192
+
-`go test ./...` after exposing local run resume - passed
193
+
-`make verify-gateway` after exposing local run resume - passed
194
+
-`make verify-public-release` after exposing local run resume - passed
195
+
-`git diff --check` after exposing local run resume - passed
189
196
-`CODENCER_E2E_REAL_EXECUTORS=codex,claude CODENCER_E2E_CODEX_COMMAND=<codex-binary> CODENCER_E2E_CLAUDE_COMMAND=<claude-binary> make verify-public-selfhost-rc` - failed by design with `NO-GO` after Codex and Claude passed and Antigravity was missing
190
197
-`cd web/gateway-console && CODENCER_E2E_BIN_DIR=../../bin CODENCER_E2E_EXECUTOR_ADAPTER=antigravity CODENCER_E2E_EXECUTOR_PROFILE=antigravity-default CODENCER_E2E_ANTIGRAVITY_INSTANCE_FILE=<temp-file> node tests/live/verify-live.mjs` - failed correctly; the provided Antigravity LS did not expose the isolated verifier repo workspace
191
198
-`git diff --check` - passed
@@ -195,11 +202,11 @@ Branch: `next-phase`
195
202
- Antigravity real executor proof is not proven in the public self-host RC gate.
196
203
- Latest Codex real executor RC subgate passed with the configured Codex binary and simulation disabled, but the overall default public RC gate remains `NO-GO` because Claude Code and Antigravity proofs were missing from that run.
197
204
- Current local Antigravity app processes expose reachable RPC endpoints, but the available candidates do not expose the isolated verifier repo workspace through `GetWorkspaceInfos`, so the verifier refuses to bind them for public release proof.
198
-
-`codencer run resume` and Gateway MCP `codencer.resume_project_run` are exposed as structured blockers because the daemon/Relay path does not yet expose a true resume route. Gateway MCP unsupported resume attempts now record sanitized `resume_project_run_requested` and `resume_project_run_blocked` audit events for run-history correlation.
205
+
-Local `codencer run resume`now routes through the daemon and succeeds for `created` or `paused_for_gate` runs supported by `RecoveryService.ResumeRun`; completed/non-resumable local runs still return a structured `run_resume_blocked` capability blocker. Gateway/Relay project-level `codencer.resume_project_run` remains a structured blocker and records sanitized `resume_project_run_requested` and `resume_project_run_blocked` audit events for run-history correlation.
199
206
- Project-scoped cancel now routes through Gateway, Relay, Connector, and local daemon cancellation; whether the underlying executor stops immediately remains bounded by daemon/executor cancellation semantics.
200
207
- Raw log/artifact upload remains unsupported by design. `codencer sync publish --confirm` ingests metadata-only run/project summaries into Gateway history; it does not upload local reports, logs, artifacts, daemon URLs, or filesystem paths.
201
208
- Run history/audit synced-scope transport now exists for explicit metadata-only `codencer sync publish`, including sanitized aggregate and per-run sync audit events; broader incremental sync policy and external source reconciliation remain incomplete.
202
-
- Human interrupt lifecycle is still partial: local report/event records, Gateway blocker audit, sanitized Gateway HTTP/MCP operator-response audit, unsupported resume-attempt audit, and a Console run-detail response panel now exist, but true resume remains incomplete.
209
+
- Human interrupt lifecycle is still partial: local report/event records, local daemon-backed resume for resumable states, Gateway blocker audit, sanitized Gateway HTTP/MCP operator-response audit, unsupported Gateway resume-attempt audit, and a Console run-detail response panel now exist, but automatic continuation after human response and Gateway/Relay project resume remain incomplete.
203
210
- Broader explicit JSON/debug/path surface policy proof remains incomplete. Default local human CLI output now covers init, config show, project init/status/scan, executor list, sync preview, submit, run events, run report, and run resume blocker output, and the source/artifact Gateway verifier now covers public Gateway API and MCP leak checks for core list/run/audit/activation surfaces.
Copy file name to clipboardExpand all lines: reports/public-selfhost-hardening/implementation-audit.md
+9-9Lines changed: 9 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -37,8 +37,8 @@ the exact package was not available in the current attachment cache.
37
37
| Local-first source of truth | Partially implemented | Local daemon/CLI exists; default init/config/project/status/run/submit human output is redacted, while explicit JSON/debug/path outputs still carry local state for operator tooling. |
38
38
| Explicit sync/publish | Partially implemented |`codencer sync status/preview/publish` now provides metadata-only preview; confirmed publish ingests sanitized metadata into Gateway run history and records aggregate/per-run sync audit events. Raw logs/artifacts remain blocked. |
39
39
| Local CLI submit UX | Partially implemented |`codencer submit` exists and is local-first; default human output redacts local paths, but progress UX remains narrow. |
40
-
| Async run lifecycle | Partially implemented | Local `run start/list/get/status/events/report/cancel/resume` exists; Gateway/Relay/Connector now route true project-scoped cancel, Gateway MCP exposes async start/submit/list/status/report/events/cancel, and resume remains a structured capability blocker with requested/blocked audit events. Gateway Console now submits simple tasks with `wait=false`, polls run reports, and records terminal audit events on report refresh. |
41
-
| Human interrupt lifecycle | Partially implemented | Local reports/events now expose first-class `human_interrupts`, Gateway blocker outcomes emit `human_interrupt_created` audit events, Gateway HTTP/MCP and Console run detail can record sanitized operator responses as `human_interrupt_responded`, unsupported Gateway MCP resume attempts record requested/blocked audit events, and Antigravity unsafe permission waits now fail fast as manual-attention results; true resume remains incomplete. |
40
+
| Async run lifecycle | Partially implemented | Local `run start/list/get/status/events/report/cancel/resume` exists; local resume now routes through daemon `RecoveryService.ResumeRun` for `created` and `paused_for_gate` runs and returns structured blockers for non-resumable states. Gateway/Relay/Connector now route true project-scoped cancel, Gateway MCP exposes async start/submit/list/status/report/events/cancel, and Gateway project resume remains a structured capability blocker with requested/blocked audit events. Gateway Console now submits simple tasks with `wait=false`, polls run reports, and records terminal audit events on report refresh. |
41
+
| Human interrupt lifecycle | Partially implemented | Local reports/events now expose first-class `human_interrupts`, local daemon-backed resume exists for resumable states, Gateway blocker outcomes emit `human_interrupt_created` audit events, Gateway HTTP/MCP and Console run detail can record sanitized operator responses as `human_interrupt_responded`, unsupported Gateway MCP resume attempts record requested/blocked audit events, and Antigravity unsafe permission waits now fail fast as manual-attention results; automatic continuation after human response remains incomplete. |
42
42
| Real executor proofs | Partially implemented | Codex has prior artifact-backed proof and latest rerun invoked the real Codex binary with simulation disabled but failed on an external Codex usage-limit error; earlier Claude Code proof exists; Antigravity remains unproven and now fails early when the provided LS workspace does not match the isolated verifier repo. |
43
43
| Run history/audit/console | Partially implemented | Gateway-observed run history/audit now includes scope, limit/offset pagination, server-side filters, grouped lifecycle summaries, and explicit synced metadata audit events; broader synced/local ingest transport remains incomplete. |
44
44
| Redaction | Partially implemented | Gateway/sync sanitization exists and artifact-backed release verification now covers default human CLI output for init, config show, project init/status/scan, executor list, sync preview, submit, run events, run report, and run resume blocker output. Source-tree and unpacked-artifact Gateway smoke now also sweeps public Gateway API outputs for relays, projects, machines, connectors, executors, runs, run detail/events, audit events, and activation commands. Broader explicit JSON/debug/path surface policy proof is still incomplete. |
@@ -72,20 +72,20 @@ the exact package was not available in the current attachment cache.
72
72
73
73
| Requirement | Status | Evidence |
74
74
| --- | --- | --- |
75
-
| Submit/status/events/report/cancel/resume lifecycle | Partially implemented | Local `run start/list/get/status/events/report/cancel/resume` exists. Gateway MCP now exposes `codencer.start_project_run`, `codencer.submit_project_task`, `codencer.list_project_runs`, `codencer.get_project_run_status`, `codencer.get_run_report`, `codencer.get_gateway_run_events`, and project-scoped `codencer.cancel_project_run`; `resume_project_run` remains a structured capability blocker and records `resume_project_run_requested` plus `resume_project_run_blocked` audit events. |
75
+
| Submit/status/events/report/cancel/resume lifecycle | Partially implemented | Local `run start/list/get/status/events/report/cancel/resume` exists, and local resume succeeds for daemon-resumable `created` and `paused_for_gate` states while returning structured blockers for non-resumable states. Gateway MCP now exposes `codencer.start_project_run`, `codencer.submit_project_task`, `codencer.list_project_runs`, `codencer.get_project_run_status`, `codencer.get_run_report`, `codencer.get_gateway_run_events`, and project-scoped `codencer.cancel_project_run`; `resume_project_run` remains a structured capability blocker and records `resume_project_run_requested` plus `resume_project_run_blocked` audit events. |
76
76
| Long-running tasks not dependent on one blocking request | Partially implemented | Local submit can run without `--wait`, Relay MCP has async project tools, Gateway MCP has a non-blocking async lifecycle, and Gateway Console simple-task submit now returns after submission and polls reports until terminal evidence is available. Manifest mode remains a blocking advanced path. |
77
77
|`get_run_report` for simple and manifest runs | Implemented for covered Gateway paths | Gateway tests cover submit/get report and manifest report paths. |
78
-
| Run state transitions include waiting/canceled/resumed | Partially implemented | Domain has states/gates in daemon tests; Gateway MCP preserves non-terminal `submitted/running` states, forwards project-scoped cancel, records `run_cancelled`, and still exposes structured resume blockers where true resume support is absent. |
78
+
| Run state transitions include waiting/canceled/resumed | Partially implemented | Domain has states/gates in daemon tests; local daemon/CLI resume records `run_resumed` for daemon-resumable states and `run_resume_blocked` for non-resumable states. Gateway MCP preserves non-terminal `submitted/running` states, forwards project-scoped cancel, records `run_cancelled`, and still exposes structured resume blockers where Gateway project resume support is absent. |
79
79
80
80
### 03 - Human Interrupts and Permissions
81
81
82
82
| Requirement | Status | Evidence |
83
83
| --- | --- | --- |
84
84
| Planning approval required | Partially implemented | Local blockers map manual approvals to `planning_approval_required` interrupt records; no complete UI/MCP approval lifecycle. |
85
-
| Clarifying questions | Partially implemented | Question blockers now produce `clarifying_question_required` interrupt records and Gateway `human_interrupt_created` audit; Gateway HTTP/MCP and Console run detail can record a sanitized operator answer, while true resume remains incomplete. |
85
+
| Clarifying questions | Partially implemented | Question blockers now produce `clarifying_question_required` interrupt records and Gateway `human_interrupt_created` audit; Gateway HTTP/MCP and Console run detail can record a sanitized operator answer, while automatic continuation after the answer remains incomplete. |
86
86
| Permission requests | Partially implemented | Dangerous executor confirmation exists in Gateway Console, unsafe-action blockers map to `permission_request_required`, and Antigravity unsupported/out-of-workspace permission waits now become manual-attention results instead of timeouts; no generalized permission-request lifecycle. |
87
87
| OS/system human action required | Partially implemented | Daemon-not-running blockers map to `os_system_human_action_required` records; no full OS-action resolver flow. |
88
-
| Resume/cancel/audit interrupt lifecycle | Partially implemented | Local events include `human_interrupt_created`; Gateway audit records blocker interrupts, sanitized operator responses from HTTP/MCP/Console, and unsupported Gateway MCP resume requested/blocked events; project-scoped cancel is forwarded and audited; resume still returns a structured unsupported/capability blocker. |
88
+
| Resume/cancel/audit interrupt lifecycle | Partially implemented | Local events include `human_interrupt_created`, `run_resumed`, and `run_resume_blocked`; Gateway audit records blocker interrupts, sanitized operator responses from HTTP/MCP/Console, and unsupported Gateway MCP resume requested/blocked events; project-scoped cancel is forwarded and audited; Gateway project resume still returns a structured unsupported/capability blocker. |
89
89
90
90
### 04 - CLI Commands and Control Plane
91
91
@@ -96,7 +96,7 @@ the exact package was not available in the current attachment cache.
96
96
|`codencer run events`| Implemented |`run events` returns local run timeline/events for known run plan records. |
97
97
|`codencer run report`| Implemented |`run report` returns the local run report without relying on a Gateway call. |
98
98
|`codencer run cancel`| Partially implemented |`run cancel` is exposed locally, and project-scoped Gateway/Relay/Connector cancel now reaches daemon-backed cancellation; executor-specific cancellation behavior still depends on the active executor/daemon state. |
99
-
|`codencer run resume`| Partially implemented |`run resume`is exposed as a structured unsupported blocker until daemon HTTP resume exists; Gateway MCP resume attempts now also emit sanitized requested/blocked audit events for run-history correlation. |
99
+
|`codencer run resume`| Partially implemented |`run resume`now calls daemon HTTP resume and succeeds for `created` or `paused_for_gate` runs supported by `RecoveryService.ResumeRun`; non-resumable runs return a structured blocker with `run_resume_blocked`, and Gateway MCP resume attempts emit sanitized requested/blocked audit events for run-history correlation. |
100
100
|`codencer executor list/scan/test/default`| Implemented | Implemented in `cmd/codencer/main.go`. |
101
101
|`codencer sync` or publish equivalent | Partially implemented |`codencer sync status/preview/publish` exists with metadata-only preview and no raw upload. |
102
102
| Public defaults are local/self-host | Partially implemented | Config/default docs and scripts exist; needs re-check against new specs. |
@@ -137,8 +137,8 @@ the exact package was not available in the current attachment cache.
137
137
The release remains `NO-GO` until at least these are resolved:
138
138
139
139
1. Antigravity real executor proof must pass or the final verdict must remain `NO-GO`.
140
-
2. Async lifecycle now covers local, Relay MCP, Gateway MCP, Gateway Console simple-task submit/report polling, and project-scoped cancel; manifest mode and true resume remain incomplete or structured blockers.
141
-
3. Human interrupt lifecycle still needs true resume support; first-class local interrupt records plus Gateway HTTP/MCP/Console response audit and unsupported resume requested/blocked audit now exist for blocker outcomes.
140
+
2. Async lifecycle now covers local, Relay MCP, Gateway MCP, Gateway Console simple-task submit/report polling, project-scoped cancel, and local daemon-backed resume for resumable states; manifest mode and Gateway/Relay project resume remain incomplete or structured blockers.
141
+
3. Human interrupt lifecycle still needs automatic continuation after human response and Gateway/Relay project resume; first-class local interrupt records plus local resume, Gateway HTTP/MCP/Console response audit, and unsupported Gateway resume requested/blocked audit now exist for blocker outcomes.
142
142
4. Full redaction proof across every CLI/MCP/UI/Gateway surface remains incomplete, although default local human CLI output for init, config show, project init/status/scan, executor list, sync preview, submit, run events, run report, run resume blocker output, and core source/artifact Gateway API outputs are now covered.
143
143
5. Raw log/artifact sync remains unsupported by design; only sanitized metadata-only `codencer sync publish --confirm` is implemented.
144
144
6. Broader incremental sync policy and external source reconciliation remain incomplete even though Gateway-observed and explicit synced metadata history/audit now exist.
0 commit comments