chore(deps): bump starlette from 1.0.0 to 1.0.1#4
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
dependabot
Bot
added
dependencies
wallter
added a commit
that referenced
this pull request
Jun 9, 2026
…ORE-105) - Reintroduce trw-mcp/src/trw_mcp/state/bandit_policy.py with WithholdingPolicy (FR03 4-tier rates + 4 forced triggers incl. Page-Hinkley #4), select_nudge_learning_bandit (FR04 phase-transition burst), render_nudge_content, build_context_vector, and resolve_client_class - Wire _nudge_rules.select_nudge_learning() to call bandit_policy when a BanditSelector instance is provided; non-BanditSelector objects fall through to deterministic path unchanged - Augment append_ceremony_status with _try_bandit_nudge_content: loads bandit state from .trw/meta/bandit_state.json, runs candidate recall, applies WithholdingPolicy, renders nudge_line content, persists state atomically (temp-file + rename), and logs bandit_decision events - Add TRWConfig.phase_transition_withhold_rate field in new _fields_bandit.py mixin (ge=0.0, le=0.30, default=0.10) to satisfy FR06 - Update test_no_intelligence_imports.py: remove bandit_policy import guards (bandit is local-first per Vision Principle 6); keep meta_synthesis and attribution guards; add positive tests for the restored module - Update test_core_103_104_105_p0.py: replace INFRA-054 fall-through assertion with type-guard test; add bandit-wiring integration test - Update test_offline_parity.py: reflect that bandit_policy is local, not backend-only - Add test_bandit_policy.py with 36 focused tests covering all FRs: critical never withheld, normal/light-mode rates, all 4 forced triggers, phase-transition burst 2-3 learnings, render_nudge_content, context vector dimensions, config field, nudge wiring, live decorator Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
wallter
added a commit
that referenced
this pull request
Jun 9, 2026
…or state - Add WithholdingPolicy.get_detector_states() / load_detector_states() to serialize/restore per-arm PageHinkleyDetector state via to_dict/from_dict - Extend save_bandit_state(policy=) to write detector_states into the C-5 envelope; backwards-compatible (None ⇒ empty dict) - Add load_bandit_state_and_policy() that restores both BanditSelector and a pre-populated WithholdingPolicy; skips detector restore on model-family mismatch to avoid stale alarm state - In _try_bandit_nudge_content: replace separate load_bandit_state + fresh WithholdingPolicy with load_bandit_state_and_policy; call policy.update_reward() alongside bandit.update() so the Page-Hinkley detector accumulates reward observations in the live path; pass policy=policy to save_bandit_state so detector state is persisted - Tests (TestFR05ProductionPath): 4 hard-assertion tests proving (1) policy.update_reward() is called in the production path, (2) detector_states key appears in the persisted envelope, (3) load_bandit_state_and_policy correctly restores detector._n, (4) Page-Hinkley alarm fires across simulated sessions (trigger #4 reachable in production) - Harden TestLiveDecoratorPath.test_live_path_calls_bandit_update from soft if-exists guard to hard assert so it no longer passes vacuously Closes FR05 integration gap: detector was inert in production because update_reward() was never called and state was never persisted. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
wallter
added a commit
that referenced
this pull request
Jun 9, 2026
… PRD WHY: DIST cluster post-mortem (DISTILLERY-DEFECT-LEDGER-2026-04-18.md) found that 3 of 4 PRDs shipped at status=implemented while containing 12 stub paths. The review rubric accepted stubs because the PRD template never distinguished "functionally complete" from "stub + fallback path exists." This must be fixed BEFORE HPO Sprint 96 grooming — those PRDs are more complex and more stub-prone. Framework changes: - docs/requirements-aare-f/prompts/prd-creation.md: YAML template adds functionality_level (stub|partial|live) + stubs[] fields with inline doc - docs/requirements-aare-f/CLAUDE.md: new §Functionality-Level Frontmatter section with progression rule (status=implemented requires live + empty stubs; OR partial with implementation_scope note; OR stub only if stubs ARE the deliverable) + review-rubric addition - trw-mcp/src/trw_mcp/state/validation/prd_integrity.py: new _check_functionality_level_matches_status() validator enforces FPI #7 at trw_prd_validate. 4 new failure rules: - aaref_functionality_level_required - aaref_functionality_level_valid_value - aaref_implemented_requires_live - aaref_live_implies_empty_stubs - aaref_non_live_requires_enumerated_stubs Re-classifications (honest status per FPI #7): - PRD-DIST-001: status=implemented, functionality_level=live, stubs=[] (genuinely complete; signal-quality defects #4/#5/#8/#9/#10 are follow-ups) - PRD-DIST-002: status=partial, functionality_level=partial, stubs=[S3,S7,S11] (live vLLM path never exercised end-to-end) - PRD-DIST-003: status=partial, functionality_level=partial, stubs=[S4,S5,S6,S8] (golden-gen dry-run, ToCS/CommitBench canned fixtures, DSPy optional-dep) - PRD-DIST-004: status=stub, functionality_level=stub, stubs=[S9,S12] (backend /v1/distill/synthesize endpoint does not exist) Tests: trw-mcp validator subset 152 green after change. Next: Phase 2 — 4 parallel sub-agents execute code fixes across DIST-001 (signal-quality), DIST-002 (live vLLM), DIST-003 (Claude-teacher + DSPy), DIST-004 (build the actual backend endpoint). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Bumps [starlette](https://github.com/Kludex/starlette) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/Kludex/starlette/releases) - [Changelog](https://github.com/Kludex/starlette/blob/main/docs/release-notes.md) - [Commits](Kludex/starlette@1.0.0...1.0.1) --- updated-dependencies: - dependency-name: starlette dependency-version: 1.0.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/uv/starlette-1.0.1
branch
from
fcc80e7 to
dbf42a0
Compare
Author
|
Superseded by #7. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps starlette from 1.0.0 to 1.0.1.
Release notes
Sourced from starlette's releases.
Changelog
Sourced from starlette's changelog.
Commits
48f8e33Version 1.0.1 (#3281)f078832Remove Hugging Face sponsor block from docs (#3280)472951echore(deps): bump the github-actions group with 2 updates (#3277)764dab0Ignore malformedHostheader when constructingrequest.url(#3279)19d0811Harden GitHub Actions workflows and Dependabot config (#3276)01f4637chore(deps): bump idna from 3.10 to 3.15 (#3274)b8fa514docs: fix typos in TestClient docs and test_requests comment (#3266)e935b6bfix uvicorn domain (#3269)96af952Add 7-day cooldown for dependency resolution via uv exclude-newer (#3265)61e385bAdd zizmor GitHub Actions security analysis workflow (#3264)