Hare/yoi
1
1
Fork 0
Code Actions Packages Releases Activity

ticket: close direct delegation authority split

Browse Source
This commit is contained in:
Keisuke Hirata 2026-06-08 15:44:01 +09:00
parent 92d1c0bb10
commit 3db52a63ad
No known key found for this signature in database
4 changed files with 107 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
.yoi/tickets/open/20260608-010442-split-direct-and-delegation-authority/artifacts/.gitkeep → .yoi/tickets/closed/20260608-010442-split-direct-and-delegation-authority/artifacts/.gitkeep
View File

6
.yoi/tickets/open/20260608-010442-split-direct-and-delegation-authority/item.md → .yoi/tickets/closed/20260608-010442-split-direct-and-delegation-authority/item.md
View File

@ -2,13 +2,13 @@
id: '20260608-010442-split-direct-and-delegation-authority'
slug: 'split-direct-and-delegation-authority'
title: 'Split direct and delegation authority for Pods'
status: 'open'
status: 'closed'
kind: 'task'
priority: 'P1'
labels: ['pod', 'scope', 'delegation', 'orchestrator', 'security', 'profile']
workflow_state: 'inprogress'
workflow_state: 'done'
created_at: '2026-06-08T01:04:42Z'
updated_at: '2026-06-08T06:40:40Z'
updated_at: '2026-06-08T06:43:52Z'
assignee: null
legacy_ticket: null
queued_by: 'workspace-panel'

36
.yoi/tickets/closed/20260608-010442-split-direct-and-delegation-authority/resolution.md Normal file
View File

@ -0,0 +1,36 @@
Merged and completed the direct/delegation authority split.
Summary:
- Added a separate `delegation_scope` alongside direct `scope` in manifest/profile resolution.
- `SpawnPod` requested child scope is now validated against delegation authority rather than direct tool scope.
- Missing old delegation metadata/snapshots default to no delegation, so restored older Pods fail closed for child delegation.
- Direct tool scope remains available for parent `Read`/`Write`/`Edit`/`Bash` behavior.
- Orchestrator profile receives explicit workspace-write delegation; base/non-orchestrator role profiles do not inherit broad delegation.
- Fixed reviewer-identified recursive/non-recursive subset and deny-overlap edge cases with path-set based validation.
Merged branch/worktree:
- Branch: `split-direct-and-delegation-authority`
- Commits: `a4a9b00`, `f43c8ac`
- Merge commit on `develop`: `92d1c0b merge: split direct and delegation authority`
Validation passed after merge:
- `cargo test -p manifest profile --lib`
- `cargo test -p manifest deserialize_old_manifest_snapshot_defaults_to_no_delegation --lib`
- `cargo test -p manifest delegation_ --lib`
- `cargo test -p manifest --lib`
- `cargo test -p pod spawn_pod --test spawn_pod_test`
- `cargo test -p pod-registry`
- `cargo check -q`
- `cargo fmt --check`
- `git diff --check`
- `cargo run -q -p yoi -- ticket doctor`
- `nix build .#yoi`
Cleanup completed:
- Stopped coder/reviewer Pods and reclaimed scope.
- Removed `.worktree/split-direct-and-delegation-authority`.
- Deleted branch `split-direct-and-delegation-authority`.
Residual notes:
- Non-recursive path-set validation is intentionally conservative and path-based; it does not infer whether a direct child path is a file or directory.
- Future child-to-grandchild subdelegation support will require an explicit child-delegation request/validation/persistence surface and remains out of scope.

68
.yoi/tickets/open/20260608-010442-split-direct-and-delegation-authority/thread.md → .yoi/tickets/closed/20260608-010442-split-direct-and-delegation-authority/thread.md
View File

@ -381,3 +381,71 @@ Parent/human decision needs:
- User has authorized merge-completion and cleanup after approved work. Proceeding to merge-completion unless post-merge validation fails.
---
<!-- event: review author: orchestrator at: 2026-06-08T06:43:35Z status: approve -->
## Review: approve
Final merge-completion approval after merge to `develop` and post-merge validation.
Evidence:
- Merged branch `split-direct-and-delegation-authority` with `--no-ff`.
- Reviewer `reviewer-split-direct-delegation` approved after fix-loop.
- Post-merge validation passed: focused manifest/profile/delegation tests, `cargo test -p manifest --lib`, `cargo test -p pod spawn_pod --test spawn_pod_test`, `cargo test -p pod-registry`, `cargo check -q`, `cargo fmt --check`, `git diff --check`, `cargo run -q -p yoi -- ticket doctor`, and `nix build .#yoi`.
- Coder/reviewer Pods stopped and delegated scope reclaimed.
- Merged worktree removed and branch deleted.
This approval is for the merged main-branch result, not merely the branch-local reviewer verdict.
---
<!-- event: state_changed author: orchestrator at: 2026-06-08T06:43:35Z from: inprogress to: done reason: merged_and_validated field: workflow_state -->
## State changed
Merged to `develop`, post-merge validation passed, final merge-completion approval recorded, and direct/delegation branch/worktree/Pods cleaned up.
---
<!-- event: close author: hare at: 2026-06-08T06:43:52Z status: closed -->
## Closed
Merged and completed the direct/delegation authority split.
Summary:
- Added a separate `delegation_scope` alongside direct `scope` in manifest/profile resolution.
- `SpawnPod` requested child scope is now validated against delegation authority rather than direct tool scope.
- Missing old delegation metadata/snapshots default to no delegation, so restored older Pods fail closed for child delegation.
- Direct tool scope remains available for parent `Read`/`Write`/`Edit`/`Bash` behavior.
- Orchestrator profile receives explicit workspace-write delegation; base/non-orchestrator role profiles do not inherit broad delegation.
- Fixed reviewer-identified recursive/non-recursive subset and deny-overlap edge cases with path-set based validation.
Merged branch/worktree:
- Branch: `split-direct-and-delegation-authority`
- Commits: `a4a9b00`, `f43c8ac`
- Merge commit on `develop`: `92d1c0b merge: split direct and delegation authority`
Validation passed after merge:
- `cargo test -p manifest profile --lib`
- `cargo test -p manifest deserialize_old_manifest_snapshot_defaults_to_no_delegation --lib`
- `cargo test -p manifest delegation_ --lib`
- `cargo test -p manifest --lib`
- `cargo test -p pod spawn_pod --test spawn_pod_test`
- `cargo test -p pod-registry`
- `cargo check -q`
- `cargo fmt --check`
- `git diff --check`
- `cargo run -q -p yoi -- ticket doctor`
- `nix build .#yoi`
Cleanup completed:
- Stopped coder/reviewer Pods and reclaimed scope.
- Removed `.worktree/split-direct-and-delegation-authority`.
- Deleted branch `split-direct-and-delegation-authority`.
Residual notes:
- Non-recursive path-set validation is intentionally conservative and path-based; it does not infer whether a direct child path is a file or directory.
- Future child-to-grandchild subdelegation support will require an explicit child-delegation request/validation/persistence surface and remains out of scope.
---