docs: establish canonical settlement architecture and 7-step Next Clean Sequence#70
docs: establish canonical settlement architecture and 7-step Next Clean Sequence#70flyingrobots wants to merge 26 commits into
Conversation
… AgentActionService, and adapters
…bility CLI & projection to optics
…neService, and SubmissionReadService, decouple FSM random
…bservedGraphProjection
…-time mocks via Dependency Injection
…ime mocks via context Dependency Injection
… compile-time mocks via Dependency Injection
…ext dependency injection
…ompile-time mocks
…context and ControlPlaneService
… blob read migration compatibility errors
…n and hanging at 95% loadscreen
|
Warning Review limit reached
More reviews will be available in 28 minutes and 30 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more credits in the billing tab to continue. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits. 🚦 How do rate limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (71)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: f1981db83f
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| const evaluator = new QuestCompletionEvaluator(); | ||
| const coneResult = await questReader.getQuestCone(quest.id); | ||
| if (coneResult) { | ||
| quest.computedCompletion = evaluator.evaluate(coneResult.value); |
There was a problem hiding this comment.
When a quest cone exceeds WarpQuestReadAdapter's 100-node budget, getQuestCone() returns only a prefix with completeness: 'truncated', but this line still computes and stores a normal completion verdict from that partial data. For governed quests with more than ~100 linked requirements/criteria/evidence, omitted failing or missing criteria can be ignored, causing SettlementGateService to treat the quest as complete and allow seal/merge based on an incomplete read; the code should avoid assigning a complete verdict, or fall back to the full traceability data, when the cone is truncated.
Useful? React with 👍 / 👎.
| requirements, | ||
| criteria, | ||
| evidence, |
There was a problem hiding this comment.
When getQuestCone() returns criteria/evidence, these arrays become non-empty but the quest object passed to buildQuestWorkSemantics() still has no computedCompletion. In this context, and in the mirrored detail built in buildQuestCandidates, WorkSemanticsService has no failing/missing/linked sets, so it marks criteria as unknown and then reports the evidence summary as satisfied whenever criteria exist, hiding failing or missing evidence from briefing/next packets. Compute the cone completion and attach it to the quest before building semantics.
Useful? React with 👍 / 👎.
| ); | ||
|
|
||
| // Merge governing campaign policies | ||
| const policy = cone.policies[0]; |
There was a problem hiding this comment.
When a campaign or milestone has multiple governs edges, cone.policies comes from graph neighbor order and is not sorted before this first element is used as the only policy. The previous projection path sorted policy IDs before choosing one, so the same graph can evaluate completion against different policies after materialization or replica ordering changes, especially if one policy is lenient and another is strict. Sort or otherwise resolve all applicable policies deterministically before computing completion.
Useful? React with 👍 / 👎.
| id: evId, | ||
| kind: evProps['kind'] as 'test' | 'benchmark' | 'manual' | 'screenshot', | ||
| result: evProps['result'] as 'pass' | 'fail' | 'linked', | ||
| producedAt: typeof evProps['produced_at'] === 'number' ? evProps['produced_at'] : Date.now(), |
There was a problem hiding this comment.
For evidence nodes missing numeric produced_at, this read path fabricates the current wall-clock time instead of ignoring the invalid evidence. In a criterion with an older recorded fail and a malformed pass missing produced_at, the fabricated timestamp makes the pass look newest on every read, so computed completion can flip to satisfied and unblock governed settlement based on invalid graph data. Preserve deterministic reads by skipping or rejecting evidence without a valid timestamp.
Useful? React with 👍 / 👎.
| const requirement = new Requirement({ | ||
| id: reqId, | ||
| description: typeof reqProps['description'] === 'string' ? reqProps['description'] : '', | ||
| kind: reqProps['kind'] as 'functional' | 'non-functional', | ||
| priority: reqProps['priority'] as 'must' | 'should' | 'could' | 'wont', | ||
| }); |
There was a problem hiding this comment.
When a linked requirement node is legacy or only partially written, these unchecked values are passed directly into the Requirement constructor, which throws on missing/short descriptions or invalid kind/priority. This path now runs while building briefing/next packets and quest-detail completion, whereas the old projection skipped invalid requirement nodes, so one bad linked requirement can make the whole read fail instead of degrading. Validate and continue before constructing the domain object.
Useful? React with 👍 / 👎.
| return new Policy({ | ||
| id, | ||
| coverageThreshold: typeof props['coverage_threshold'] === 'number' ? props['coverage_threshold'] : undefined, | ||
| requireAllCriteria: typeof props['require_all_criteria'] === 'boolean' ? props['require_all_criteria'] : undefined, |
There was a problem hiding this comment.
When an existing policy has a numeric coverage_threshold outside [0, 1] or NaN from an older/manual patch, this constructs Policy directly and throws. ObservedGraphProjection now reads policies through this adapter, while the previous code range-checked and defaulted invalid values, so a single malformed policy on a campaign can break show/trace dashboard reads for governed quests. Preserve the prior fallback behavior before creating the domain object.
Useful? React with 👍 / 👎.
1 participant
Unites Xyph's category shift as a sovereign settlement runtime with a concrete technical RFC (14 invariants, portable witness envelope, immutable evidence binding) and the definitive 7-step Next Clean Sequence.