From 0717aae341326b585aded3ca9380bfb01dc4a634 Mon Sep 17 00:00:00 2001 From: Hare Date: Sat, 20 Jun 2026 21:04:10 +0900 Subject: [PATCH 1/8] pod: preserve profile override scope --- crates/pod/src/entrypoint.rs | 125 +++++++++++++++++++++++++++++++---- 1 file changed, 111 insertions(+), 14 deletions(-) diff --git a/crates/pod/src/entrypoint.rs b/crates/pod/src/entrypoint.rs index 083472dc..fc09bc20 100644 --- a/crates/pod/src/entrypoint.rs +++ b/crates/pod/src/entrypoint.rs @@ -320,6 +320,21 @@ fn workspace_worktree_delegation(workspace_root: &Path) -> ScopeConfig { } } +fn append_missing_rules(target: &mut Vec, defaults: Vec) { + for rule in defaults { + if !target.contains(&rule) { + target.push(rule); + } + } +} + +fn apply_scope_launch_defaults(scope: &mut ScopeConfig, defaults: ScopeConfig) { + // Profile resolution has already applied explicit profile/workspace override scope rules. + // Launch policy contributes runtime defaults on top rather than replacing those grants. + append_missing_rules(&mut scope.allow, defaults.allow); + append_missing_rules(&mut scope.deny, defaults.deny); +} + fn apply_profile_launch_policy( manifest: &mut PodManifest, workspace_root: &Path, @@ -333,24 +348,28 @@ fn apply_profile_launch_policy( }; match role { Some(TicketRole::Orchestrator) => { - manifest.scope = workspace_scope(workspace_root, Permission::Read, &[]); + let default_scope = workspace_scope(workspace_root, Permission::Read, &[]); + apply_scope_launch_defaults(&mut manifest.scope, default_scope); manifest.delegation_scope = workspace_worktree_delegation(workspace_root); } Some(TicketRole::Intake) | Some(TicketRole::Reviewer) => { - manifest.scope = workspace_scope(workspace_root, Permission::Read, &[]); + let default_scope = workspace_scope(workspace_root, Permission::Read, &[]); + apply_scope_launch_defaults(&mut manifest.scope, default_scope); manifest.delegation_scope = ScopeConfig::default(); } Some(TicketRole::Coder) => { - manifest.scope = workspace_scope(workspace_root, Permission::Write, &[]); + let default_scope = workspace_scope(workspace_root, Permission::Write, &[]); + apply_scope_launch_defaults(&mut manifest.scope, default_scope); manifest.delegation_scope = ScopeConfig::default(); } None => { let worktree_root = workspace_root.join(".worktree"); - manifest.scope = workspace_scope( + let default_scope = workspace_scope( workspace_root, Permission::Write, std::slice::from_ref(&worktree_root), ); + apply_scope_launch_defaults(&mut manifest.scope, default_scope); manifest.delegation_scope = workspace_worktree_delegation(workspace_root); } } @@ -665,6 +684,22 @@ permission = "write" ) } + fn scope_rule(target: &Path, permission: Permission) -> ScopeRule { + ScopeRule { + target: target.to_path_buf(), + permission, + recursive: true, + } + } + + fn assert_scope_contains(rules: &[ScopeRule], target: &Path, permission: Permission) { + let expected = scope_rule(target, permission); + assert!( + rules.contains(&expected), + "expected scope rules to contain {expected:?}; got {rules:?}" + ); + } + #[test] fn user_manifest_flag_is_not_accepted() { let err = Cli::try_parse_from(["yoi pod", "--user-manifest", "manifest.toml"]).unwrap_err(); @@ -754,6 +789,68 @@ permission = "write" assert_eq!(manifest.worker.language, "manifest"); } + #[test] + fn profile_launch_preserves_workspace_override_scope_allow_in_final_manifest() { + let tmp = TempDir::new().unwrap(); + let workspace = tmp.path().join("runtime-workspace"); + let external = tmp.path().join("external-readable"); + let yoi_dir = workspace.join(".yoi"); + std::fs::create_dir_all(&workspace).unwrap(); + std::fs::create_dir_all(&external).unwrap(); + std::fs::create_dir_all(&yoi_dir).unwrap(); + write( + &yoi_dir.join("override.local.toml"), + &format!( + r#" +[[scope.allow]] +target = "{}" +permission = "read" +recursive = true +"#, + external.display() + ), + ); + let profile = tmp.path().join("profile.lua"); + write( + &profile, + r#" +local yoi = require("yoi") +return yoi.profile { + slug = "override-scope", + model = { scheme = "anthropic", model_id = "test-model" }, +} +"#, + ); + let cli = Cli::try_parse_from([ + "yoi pod", + "--workspace", + workspace.to_str().unwrap(), + "--profile", + profile.to_str().unwrap(), + ]) + .unwrap(); + + let (manifest, _loader) = resolve_manifest(&cli).unwrap(); + let snapshot = serde_json::to_value(&manifest).unwrap(); + let snapshot_scope: ScopeConfig = + serde_json::from_value(snapshot["scope"].clone()).unwrap(); + + assert_scope_contains(&manifest.scope.allow, &external, Permission::Read); + assert_scope_contains(&manifest.scope.allow, &workspace, Permission::Write); + assert_scope_contains( + &manifest.scope.deny, + &workspace.join(".worktree"), + Permission::Write, + ); + assert_scope_contains(&snapshot_scope.allow, &external, Permission::Read); + assert_scope_contains(&snapshot_scope.allow, &workspace, Permission::Write); + assert_scope_contains( + &snapshot_scope.deny, + &workspace.join(".worktree"), + Permission::Write, + ); + } + #[test] fn profile_uses_selected_profile() { let tmp = TempDir::new().unwrap(); @@ -883,15 +980,15 @@ permission = "write" assert!(called); assert_eq!(manifest.pod.name, "runtime-workspace"); - assert_eq!(manifest.scope.allow.len(), 1); - assert_eq!(manifest.scope.allow[0].target, workspace); - assert_eq!(manifest.scope.allow[0].permission, Permission::Write); + assert_eq!(manifest.scope.allow.len(), 2); + assert_scope_contains(&manifest.scope.allow, tmp.path(), Permission::Write); + assert_scope_contains(&manifest.scope.allow, &workspace, Permission::Write); assert_eq!(manifest.scope.deny.len(), 1); - assert_eq!( - manifest.scope.deny[0].target, - tmp.path().join("runtime-workspace/.worktree") + assert_scope_contains( + &manifest.scope.deny, + &tmp.path().join("runtime-workspace/.worktree"), + Permission::Write, ); - assert_eq!(manifest.scope.deny[0].permission, Permission::Write); assert_eq!(manifest.delegation_scope.allow.len(), 2); assert_eq!( manifest.delegation_scope.allow[0].target, @@ -944,9 +1041,9 @@ permission = "write" }) .unwrap(); - assert_eq!(manifest.scope.allow.len(), 1); - assert_eq!(manifest.scope.allow[0].target, workspace); - assert_eq!(manifest.scope.allow[0].permission, Permission::Read); + assert_eq!(manifest.scope.allow.len(), 2); + assert_scope_contains(&manifest.scope.allow, tmp.path(), Permission::Write); + assert_scope_contains(&manifest.scope.allow, &workspace, Permission::Read); assert!(manifest.scope.deny.is_empty()); assert_eq!(manifest.delegation_scope.allow.len(), 2); assert_eq!( From 36b9ed450f1a82cb77cad7433853f56793c11550 Mon Sep 17 00:00:00 2001 From: Hare Date: Sat, 20 Jun 2026 21:07:06 +0900 Subject: [PATCH 2/8] ticket: dispatch profile override scope review --- .yoi/tickets/00001KVJABS1A/item.md | 2 +- .yoi/tickets/00001KVJABS1A/thread.md | 13 +++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/.yoi/tickets/00001KVJABS1A/item.md b/.yoi/tickets/00001KVJABS1A/item.md index 70b4f15c..2c47c596 100644 --- a/.yoi/tickets/00001KVJABS1A/item.md +++ b/.yoi/tickets/00001KVJABS1A/item.md @@ -2,7 +2,7 @@ title: 'Profile launch should preserve override scope allowances' state: 'inprogress' created_at: '2026-06-20T10:48:57Z' -updated_at: '2026-06-20T12:06:19Z' +updated_at: '2026-06-20T12:07:00Z' assignee: null queued_by: 'workspace-panel' queued_at: '2026-06-20T11:52:33Z' diff --git a/.yoi/tickets/00001KVJABS1A/thread.md b/.yoi/tickets/00001KVJABS1A/thread.md index 543d0451..105ec69e 100644 --- a/.yoi/tickets/00001KVJABS1A/thread.md +++ b/.yoi/tickets/00001KVJABS1A/thread.md @@ -152,3 +152,16 @@ Next action: - Dispatch Reviewer for r1 review against Ticket requirements, with focus on scope allow/deny merge semantics, authority boundary/no broadening beyond explicit override + defaults, workspace write / `.worktree` deny preservation, Ticket role policy preservation, snapshot/tool-visible scope consistency, and whether the full `cargo test -p pod` failure is unrelated/pre-existing。 --- + + + +## Plan + +Review dispatch: +- Spawned Reviewer Pod `yoi-reviewer-00001KVJABS1A-r1` against implementation branch `impl/00001KVJABS1A-profile-override-scope`。 +- Review target commit: `0717aae3 pod: preserve profile override scope`。 +- Review baseline: `72e9f2f1`。 +- Reviewer task focuses on scope allow/deny merge semantics, no authority broadening beyond explicit override + launch defaults, workspace write / `.worktree` deny preservation, Ticket role launch/delegation constraints, metadata snapshot/effective scope consistency, restore non-goal, and reported full `cargo test -p pod` failure triage。 +- Reviewer is instructed not to edit source, commit, merge, close the Ticket, or use TicketReview directly; it will report verdict/evidence back to Orchestrator。 + +--- From e752a7206a0abd0a1ee5bd88b32b6e6cf0c39760 Mon Sep 17 00:00:00 2001 From: Hare Date: Sat, 20 Jun 2026 21:08:41 +0900 Subject: [PATCH 3/8] ticket: accept webfetch pdf and intake gate --- .../artifacts/orchestration-plan.jsonl | 1 + .yoi/tickets/00001KVJA7V2R/item.md | 4 +- .yoi/tickets/00001KVJA7V2R/thread.md | 60 +++++++++++++++++++ .../artifacts/orchestration-plan.jsonl | 1 + .yoi/tickets/00001KVJDJD02/item.md | 4 +- .yoi/tickets/00001KVJDJD02/thread.md | 58 ++++++++++++++++++ 6 files changed, 124 insertions(+), 4 deletions(-) create mode 100644 .yoi/tickets/00001KVJA7V2R/artifacts/orchestration-plan.jsonl create mode 100644 .yoi/tickets/00001KVJDJD02/artifacts/orchestration-plan.jsonl diff --git a/.yoi/tickets/00001KVJA7V2R/artifacts/orchestration-plan.jsonl b/.yoi/tickets/00001KVJA7V2R/artifacts/orchestration-plan.jsonl new file mode 100644 index 00000000..378f70f4 --- /dev/null +++ b/.yoi/tickets/00001KVJA7V2R/artifacts/orchestration-plan.jsonl @@ -0,0 +1 @@ +{"id":"orch-plan-20260620-120740-1","ticket_id":"00001KVJA7V2R","kind":"accepted_plan","accepted_plan":{"summary":"`WebFetch` が `application/pdf` を `pdf-extract` により page-delimited Markdown-ish text (`pdf_text_by_pages`) として返せるようにする。既存 HTML/text/JSON/XML behavior と network safety/output bounds は維持し、semantic Markdown/OCR/native dependency は導入しない。","branch":"impl/00001KVJA7V2R-webfetch-pdf-text","worktree":"/home/hare/Projects/yoi/.worktree/00001KVJA7V2R-webfetch-pdf-text","role_plan":"Orchestrator は Profile scope review と並行して専用 implementation worktree `.worktree/00001KVJA7V2R-webfetch-pdf-text` を作成し、Coder をその child worktree への narrow write scope で起動する。Coder 実装後、Reviewer が WebFetch safety bounds、PDF binary path separation、metadata/output truncation、dependency/Nix impact、HTML/text regression を確認する。"},"author":"yoi-orchestrator","at":"2026-06-20T12:07:40Z"} diff --git a/.yoi/tickets/00001KVJA7V2R/item.md b/.yoi/tickets/00001KVJA7V2R/item.md index f52d5c1a..e3a43db4 100644 --- a/.yoi/tickets/00001KVJA7V2R/item.md +++ b/.yoi/tickets/00001KVJA7V2R/item.md @@ -1,8 +1,8 @@ --- title: 'WebFetch: PDF を page-delimited text として取得できるようにする' -state: 'queued' +state: 'inprogress' created_at: '2026-06-20T10:46:48Z' -updated_at: '2026-06-20T12:06:29Z' +updated_at: '2026-06-20T12:08:34Z' assignee: null readiness: 'implementation_ready' risk_flags: ['security', 'dependency', 'public-api', 'output-bounds'] diff --git a/.yoi/tickets/00001KVJA7V2R/thread.md b/.yoi/tickets/00001KVJA7V2R/thread.md index 304b4722..12fb4290 100644 --- a/.yoi/tickets/00001KVJA7V2R/thread.md +++ b/.yoi/tickets/00001KVJA7V2R/thread.md @@ -29,4 +29,64 @@ Intake 済み。Orchestrator は implementation routing として扱える。実 Ticket を `workspace-panel` が queued にしました。 +--- + + + +## Decision + +Routing decision: implementation_ready_parallel + +Reason: +- Panel Queue により、この Ticket は Orchestrator routing 対象として明示許可された。 +- User standing directive: blocker が無いものは並列実行する。現在の `00001KVJABS1A` は Profile scope review 中であり、WebFetch PDF 実装とは domain/file conflict がないため並列化できる。 +- Ticket body は調査済みの PDF extraction 方針、`pdf-extract` 採用理由、binary path 分離、page-delimited Markdown-ish output、metadata、bounds、non-goals、validation を実装可能な粒度で定義している。 +- 未解決 relation blocker はない。 +- Orchestrator worktree は clean、matching branch/worktree はなし。 +- Risk domain は security / dependency / public-api / output-bounds だが、Ticket は existing WebFetch network safety、`max_response_bytes` / `max_output_bytes`、unsupported binary rejection、no OCR/semantic Markdown/native dependency を明示している。bounded context check 後も implementation 前に必要な追加 human decision は見つからなかった。 + +Evidence checked: +- Ticket `00001KVJA7V2R` body / thread / relations / artifacts。 +- `TicketRelationQuery(00001KVJA7V2R)`: no blockers。 +- `TicketOrchestrationPlanQuery(00001KVJA7V2R)`: no previous plan records; accepted plan recorded now。 +- Workspace state: + - Orchestrator worktree clean at `36b9ed45`。 + - queued: `00001KVJA7V2R`, `00001KVJDJD02`。 + - inprogress: `00001KVJABS1A` review only。 + - no matching WebFetch PDF branch/worktree。 + +IntentPacket: + +Intent: +- Extend `WebFetch` so `application/pdf` can be fetched and returned as bounded, page-delimited text suitable for LLM reading。 +- Use `pdf_extract::extract_text_from_mem_by_pages()` and present output as Markdown-ish page sections, not semantic PDF-to-Markdown。 + +Binding decisions / invariants: +- Keep WebFetch as fetch/extraction tool; no summarization or research orchestration。 +- PDF bytes must not go through the UTF-8 text / `reject_binary()` path。 +- Preserve private/local host rejection, bounded redirects, Content-Length / `max_response_bytes`, `max_output_bytes`, embedded credential rejection, untrusted content warning。 +- Initial supported MIME is `application/pdf` only; no extension sniffing or `application/octet-stream` PDF guessing。 +- No Poppler/Pdfium/subprocess/native dependency/OCR/scanned-PDF support/table reconstruction/cache。 +- Existing HTML/text/JSON/XML behavior and `html_extraction` metadata must not regress。 +- New metadata should use `pdf_extraction` with method/pages/readable/diagnostic information。 + +Requirements / acceptance criteria: +- Valid PDF returns `## Page 1`, `## Page 2`, etc. page-delimited bounded text。 +- `transformed_as` communicates `pdf_text_by_pages` or equivalent, not semantic Markdown。 +- `output_truncated` is correct when PDF text exceeds `max_output_bytes`。 +- Malformed/encrypted/textless PDFs do not panic; return diagnostic error or readable=false metadata。 +- Non-PDF unsupported binary remains rejected。 +- Focused WebFetch tests and relevant cargo/fmt/diff validation pass。 + +Next action: +- Record `queued -> inprogress` and commit Ticket records before creating implementation worktree and spawning Coder。 + +--- + + + +## State changed + +Ticket body/thread, relation metadata, Orchestrator worktree state, visible Pods, existing branch/worktree, and bounded WebFetch/PDF context were checked. There is no unresolved blocking dependency, no conflicting inprogress implementation, and no missing planning decision. Accepting this queued Ticket for parallel implementation before worktree/Pod side effects. + --- diff --git a/.yoi/tickets/00001KVJDJD02/artifacts/orchestration-plan.jsonl b/.yoi/tickets/00001KVJDJD02/artifacts/orchestration-plan.jsonl new file mode 100644 index 00000000..f4c83799 --- /dev/null +++ b/.yoi/tickets/00001KVJDJD02/artifacts/orchestration-plan.jsonl @@ -0,0 +1 @@ +{"id":"orch-plan-20260620-120740-1","ticket_id":"00001KVJDJD02","kind":"accepted_plan","accepted_plan":{"summary":"Intake role prompt / ticket-intake workflow に Ticket 化前の最小調査ゲートを明示し、曖昧な依頼では既存 Ticket/docs/code/workflow 調査・draft提示・spike/requirements_sync判断を TicketCreate より前に行うよう model-facing instructionを補強する。","branch":"impl/00001KVJDJD02-intake-investigation-gate","worktree":"/home/hare/Projects/yoi/.worktree/00001KVJDJD02-intake-investigation-gate","role_plan":"Orchestrator は Profile scope review / WebFetch PDF 実装と並行して専用 implementation worktree `.worktree/00001KVJDJD02-intake-investigation-gate` を作成し、Coder をその child worktree への narrow write scope で起動する。Coder 実装後、Reviewer が prompt/workflow authority、Ticket化前調査 gate、draft/user-agreement/spike semantics、stale vocabulary removal、Intake role boundariesを確認する。"},"author":"yoi-orchestrator","at":"2026-06-20T12:07:40Z"} diff --git a/.yoi/tickets/00001KVJDJD02/item.md b/.yoi/tickets/00001KVJDJD02/item.md index 7ce303c9..d8d9f3f4 100644 --- a/.yoi/tickets/00001KVJDJD02/item.md +++ b/.yoi/tickets/00001KVJDJD02/item.md @@ -1,8 +1,8 @@ --- title: 'Intake workflow に Ticket 化前の調査ゲートを明示する' -state: 'queued' +state: 'inprogress' created_at: '2026-06-20T11:45:00Z' -updated_at: '2026-06-20T12:06:37Z' +updated_at: '2026-06-20T12:08:34Z' assignee: null readiness: 'implementation_ready' risk_flags: ['prompt-context', 'workflow-source', 'role-behavior', 'ticket-authority'] diff --git a/.yoi/tickets/00001KVJDJD02/thread.md b/.yoi/tickets/00001KVJDJD02/thread.md index 5882cff4..c14a3a81 100644 --- a/.yoi/tickets/00001KVJDJD02/thread.md +++ b/.yoi/tickets/00001KVJDJD02/thread.md @@ -13,4 +13,62 @@ LocalTicketBackend によって作成されました。 Ticket を `workspace-panel` が queued にしました。 +--- + + + +## Decision + +Routing decision: implementation_ready_parallel + +Reason: +- Panel Queue により、この Ticket は Orchestrator routing 対象として明示許可された。 +- User standing directive: blocker が無いものは並列実行する。現在の `00001KVJABS1A` review と WebFetch PDF work とは別 domain の prompt/workflow resource修正であり、直接 conflict はないため並列化できる。 +- Ticket body は Intake role prompt / workflow の弱点、Ticket 化前調査 gate、draft-before-create、user agreement gate、spike/requirements_sync handling、stale vocabulary removal、Intake boundaries を実装可能な粒度で定義している。 +- 未解決 relation blocker はない。 +- Orchestrator worktree は clean、matching branch/worktree はなし。 +- Risk domain は prompt-context / workflow-source / role-behavior / ticket-authority だが、Ticket は Intake が coder/reviewer/helper Pod を起動しないこと、implementation routing/merge/closeをしないこと、user agreement without official Ticket create ruleを維持することを明示している。bounded context check 後も implementation 前に必要な追加 human decision は見つからなかった。 + +Evidence checked: +- Ticket `00001KVJDJD02` body / thread / relations / artifacts。 +- `TicketRelationQuery(00001KVJDJD02)`: no blockers。 +- `TicketOrchestrationPlanQuery(00001KVJDJD02)`: no previous plan records; accepted plan recorded now。 +- Workspace state: + - Orchestrator worktree clean at `36b9ed45`。 + - queued: `00001KVJA7V2R`, `00001KVJDJD02`。 + - inprogress: `00001KVJABS1A` review only。 + - no matching Intake workflow branch/worktree。 + +IntentPacket: + +Intent: +- Strengthen Intake model-facing role/workflow guidance so ambiguous requests go through a minimum investigation gate before official Ticket creation。 +- Make Intake separate user claims, confirmed facts, unverified hypotheses, and undecided points in drafts/Tickets。 + +Binding decisions / invariants: +- Intake remains non-scheduler and must not spawn coder/reviewer/read-only investigation helper Pods。 +- Intake must not create implementation worktrees, route implementation/review, merge, or close。 +- User agreement before official Ticket creation remains required。 +- Do not save user claims, confirmed facts, unverified hypotheses, and undecided points as if they are all requirements。 +- Preserve prompt/workflow resource boundaries between bundled resources and workspace override; explain intended differences if they remain。 +- Remove or replace stale `Action required` / `Attention required` vocabulary in draft templates with current Ticket-operation language。 + +Requirements / acceptance criteria: +- Intake prompt/workflow explicitly states when to inspect existing Tickets / workflows / relevant files before TicketCreate。 +- If investigation is needed, Intake can stop at draft / `spike_needed` / `requirements_sync_needed` rather than official Ticket creation。 +- `resources/prompts/role/intake.md`, `resources/workflows/ticket-intake-workflow.md`, and `.yoi/workflow/ticket-intake-workflow.md` are reconciled or their differences are intentional/clear。 +- Ticket作成前 user agreement rule is preserved。 +- Validation includes prompt/workflow diff review and `git diff --check`; run TicketDoctor if Ticket consistency needs checking。 + +Next action: +- Record `queued -> inprogress` and commit Ticket records before creating implementation worktree and spawning Coder。 + +--- + + + +## State changed + +Ticket body/thread, relation metadata, Orchestrator worktree state, visible Pods, existing branch/worktree, and bounded Intake prompt/workflow context were checked. There is no unresolved blocking dependency, no conflicting inprogress implementation, and no missing planning decision. Accepting this queued Ticket for parallel implementation before worktree/Pod side effects. + --- From 61ae37a7520030a00b5bb8a41eec4ed4d232662a Mon Sep 17 00:00:00 2001 From: Hare Date: Sat, 20 Jun 2026 21:09:57 +0900 Subject: [PATCH 4/8] ticket: start webfetch pdf and intake gate worktrees --- .yoi/tickets/00001KVJA7V2R/item.md | 2 +- .yoi/tickets/00001KVJA7V2R/thread.md | 15 +++++++++++++++ .yoi/tickets/00001KVJDJD02/item.md | 2 +- .yoi/tickets/00001KVJDJD02/thread.md | 15 +++++++++++++++ 4 files changed, 32 insertions(+), 2 deletions(-) diff --git a/.yoi/tickets/00001KVJA7V2R/item.md b/.yoi/tickets/00001KVJA7V2R/item.md index e3a43db4..4811dabf 100644 --- a/.yoi/tickets/00001KVJA7V2R/item.md +++ b/.yoi/tickets/00001KVJA7V2R/item.md @@ -2,7 +2,7 @@ title: 'WebFetch: PDF を page-delimited text として取得できるようにする' state: 'inprogress' created_at: '2026-06-20T10:46:48Z' -updated_at: '2026-06-20T12:08:34Z' +updated_at: '2026-06-20T12:09:50Z' assignee: null readiness: 'implementation_ready' risk_flags: ['security', 'dependency', 'public-api', 'output-bounds'] diff --git a/.yoi/tickets/00001KVJA7V2R/thread.md b/.yoi/tickets/00001KVJA7V2R/thread.md index 12fb4290..93f33c55 100644 --- a/.yoi/tickets/00001KVJA7V2R/thread.md +++ b/.yoi/tickets/00001KVJA7V2R/thread.md @@ -90,3 +90,18 @@ Next action: Ticket body/thread, relation metadata, Orchestrator worktree state, visible Pods, existing branch/worktree, and bounded WebFetch/PDF context were checked. There is no unresolved blocking dependency, no conflicting inprogress implementation, and no missing planning decision. Accepting this queued Ticket for parallel implementation before worktree/Pod side effects. --- + + + +## Implementation report + +Implementation orchestration start: +- Acceptance records were committed on Orchestrator branch: `e752a720 ticket: accept webfetch pdf and intake gate`。 +- Created implementation worktree `/home/hare/Projects/yoi/.worktree/00001KVJA7V2R-webfetch-pdf-text` on branch `impl/00001KVJA7V2R-webfetch-pdf-text` at `e752a720`。 +- Spawned Coder Pod `yoi-coder-00001KVJA7V2R` with write scope limited to the implementation worktree and read-only root scope only for runtime workspace identity。 +- Coder task explicitly forbids root/original workspace implementation, semantic PDF Markdown/OCR/native dependency scope creep, merge, Ticket close, and cleanup。 + +Next action: +- Wait for Coder implementation report, then inspect branch diff/validation evidence and route to Reviewer。 + +--- diff --git a/.yoi/tickets/00001KVJDJD02/item.md b/.yoi/tickets/00001KVJDJD02/item.md index d8d9f3f4..43f1e15b 100644 --- a/.yoi/tickets/00001KVJDJD02/item.md +++ b/.yoi/tickets/00001KVJDJD02/item.md @@ -2,7 +2,7 @@ title: 'Intake workflow に Ticket 化前の調査ゲートを明示する' state: 'inprogress' created_at: '2026-06-20T11:45:00Z' -updated_at: '2026-06-20T12:08:34Z' +updated_at: '2026-06-20T12:09:50Z' assignee: null readiness: 'implementation_ready' risk_flags: ['prompt-context', 'workflow-source', 'role-behavior', 'ticket-authority'] diff --git a/.yoi/tickets/00001KVJDJD02/thread.md b/.yoi/tickets/00001KVJDJD02/thread.md index c14a3a81..a64256c6 100644 --- a/.yoi/tickets/00001KVJDJD02/thread.md +++ b/.yoi/tickets/00001KVJDJD02/thread.md @@ -72,3 +72,18 @@ Next action: Ticket body/thread, relation metadata, Orchestrator worktree state, visible Pods, existing branch/worktree, and bounded Intake prompt/workflow context were checked. There is no unresolved blocking dependency, no conflicting inprogress implementation, and no missing planning decision. Accepting this queued Ticket for parallel implementation before worktree/Pod side effects. --- + + + +## Implementation report + +Implementation orchestration start: +- Acceptance records were committed on Orchestrator branch: `e752a720 ticket: accept webfetch pdf and intake gate`。 +- Created implementation worktree `/home/hare/Projects/yoi/.worktree/00001KVJDJD02-intake-investigation-gate` on branch `impl/00001KVJDJD02-intake-investigation-gate` at `e752a720`。 +- Spawned Coder Pod `yoi-coder-00001KVJDJD02` with write scope limited to the implementation worktree and read-only root scope only for runtime workspace identity。 +- Coder task explicitly forbids root/original workspace implementation, Intake helper Pod spawning behavior changes, implementation routing/merge/close scope creep, merge, Ticket close, and cleanup。 + +Next action: +- Wait for Coder implementation report, then inspect branch diff/validation evidence and route to Reviewer。 + +--- From 203160db4fb40d8c9dff60e0b876a4a8ca7f0167 Mon Sep 17 00:00:00 2001 From: Hare Date: Sat, 20 Jun 2026 21:12:19 +0900 Subject: [PATCH 5/8] ticket: approve profile override scope --- .yoi/tickets/00001KVJABS1A/item.md | 2 +- .yoi/tickets/00001KVJABS1A/thread.md | 42 ++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+), 1 deletion(-) diff --git a/.yoi/tickets/00001KVJABS1A/item.md b/.yoi/tickets/00001KVJABS1A/item.md index 2c47c596..38a2daf3 100644 --- a/.yoi/tickets/00001KVJABS1A/item.md +++ b/.yoi/tickets/00001KVJABS1A/item.md @@ -2,7 +2,7 @@ title: 'Profile launch should preserve override scope allowances' state: 'inprogress' created_at: '2026-06-20T10:48:57Z' -updated_at: '2026-06-20T12:07:00Z' +updated_at: '2026-06-20T12:12:10Z' assignee: null queued_by: 'workspace-panel' queued_at: '2026-06-20T11:52:33Z' diff --git a/.yoi/tickets/00001KVJABS1A/thread.md b/.yoi/tickets/00001KVJABS1A/thread.md index 105ec69e..088fea31 100644 --- a/.yoi/tickets/00001KVJABS1A/thread.md +++ b/.yoi/tickets/00001KVJABS1A/thread.md @@ -165,3 +165,45 @@ Review dispatch: - Reviewer is instructed not to edit source, commit, merge, close the Ticket, or use TicketReview directly; it will report verdict/evidence back to Orchestrator。 --- + + + +## Review: approve + +Verdict: `approve` + +確認範囲: +- Ticket contract / Orchestrator IntentPacket。 +- Implementation diff: `72e9f2f1..0717aae3`。 +- 変更ファイル: `crates/pod/src/entrypoint.rs` のみ。 +- Launch-policy change、snapshot/tool-visible scope path、restore path、focused tests を確認。 + +Approval evidence: +- `append_missing_rules` / `apply_scope_launch_defaults` により、launch-policy defaults は既に解決済みの Profile / override scope を置換せず、missing rules として append される。 +- Normal launch は workspace-root write scope と `.worktree` write deny を引き続き append する。 +- Ticket role launch は role-specific default direct scope と delegation defaults を引き続き適用する。 +- `resolve_manifest()` は `apply_profile_launch_policy()` 後の final manifest を返す。 +- `Pod::from_manifest_with_context` は `manifest.scope` から tool-visible scope を作る。 +- Pod metadata snapshot serialization は final manifest を使う。 +- Restore path は existing `resolved_manifest_snapshot` がある場合それを使うため、この変更で restore 時に override を再評価する挙動は入っていない。 +- Focused tests は override-local `scope.allow` survival、normal profile launch defaults、Orchestrator role default scope/delegation preservation を cover している。 + +Blocking issues: none。 + +Non-blocking concerns / follow-ups: +- Full `cargo test -p pod` は以下 2 件の prompt-guidance assertion failure で失敗する。 + - `prompt::catalog::tests::pod_orchestration_guidance_section_renders_resource_body` + - `prompt::system::tests::pod_orchestration_guidance_is_included_for_pod_management_tools` + - Missing asserted text: `"worktree status, diff, and test results"` +- Reviewer判断: この branch diff は `crates/pod/src/entrypoint.rs` のみであり、prompt rendering/assertion paths / prompt resources / catalog tests を変更していないため、この failure は unrelated/pre-existing。 + +Reviewer validation: +- `cargo fmt --all --check`: passed。 +- `git diff --check 72e9f2f1..HEAD`: passed。 +- `cargo test -p pod entrypoint::tests::`: passed, 22 tests。 +- `cargo check -p pod`: passed。 +- `cargo test -p pod`: unrelated prompt assertion failures only; 410 passed, 2 failed。 + +Worktree status at review end: clean。 + +--- From 22c631cf88f96541ebcdbb1329ce3f979a01fcb0 Mon Sep 17 00:00:00 2001 From: Hare Date: Sat, 20 Jun 2026 21:13:19 +0900 Subject: [PATCH 6/8] ticket: complete profile override scope --- .yoi/tickets/00001KVJABS1A/item.md | 4 +-- .yoi/tickets/00001KVJABS1A/thread.md | 45 ++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+), 2 deletions(-) diff --git a/.yoi/tickets/00001KVJABS1A/item.md b/.yoi/tickets/00001KVJABS1A/item.md index 38a2daf3..bd500473 100644 --- a/.yoi/tickets/00001KVJABS1A/item.md +++ b/.yoi/tickets/00001KVJABS1A/item.md @@ -1,8 +1,8 @@ --- title: 'Profile launch should preserve override scope allowances' -state: 'inprogress' +state: 'done' created_at: '2026-06-20T10:48:57Z' -updated_at: '2026-06-20T12:12:10Z' +updated_at: '2026-06-20T12:13:11Z' assignee: null queued_by: 'workspace-panel' queued_at: '2026-06-20T11:52:33Z' diff --git a/.yoi/tickets/00001KVJABS1A/thread.md b/.yoi/tickets/00001KVJABS1A/thread.md index 088fea31..a29d6aee 100644 --- a/.yoi/tickets/00001KVJABS1A/thread.md +++ b/.yoi/tickets/00001KVJABS1A/thread.md @@ -207,3 +207,48 @@ Reviewer validation: Worktree status at review end: clean。 --- + + + +## Implementation report + +Merge and final validation report: + +Merged implementation branch into Orchestrator branch: +- Merge commit: `a1386881 merge: profile override scope` +- Implementation commit included: + - `0717aae3 pod: preserve profile override scope` + +Reviewer outcome: +- r1 approved with no blocking issues。 +- Reviewer confirmed explicit Profile/workspace override `scope.allow` preservation, no wholesale `manifest.scope` replacement, workspace root write / `.worktree` deny default preservation, Ticket role launch/delegation defaults, final snapshot/tool-visible scope consistency, and restore non-goal preservation。 + +Orchestrator validation after merge passed: +- `cargo fmt --all --check` +- `git diff --check HEAD^1..HEAD` +- `cargo test -p pod entrypoint::tests::` +- `cargo check -p pod` + +Validation log: +- `/run/user/1000/yoi/yoi-orchestrator/bash-output/bash-WNUQvw.log` + +Known unrelated validation note: +- Full `cargo test -p pod` was not used as a final gate because Reviewer confirmed unrelated/pre-existing prompt-guidance assertion failures outside this branch's diff。 + +Nix validation: +- Not run because this Ticket changed only Rust source in `crates/pod/src/entrypoint.rs` and no dependency/package/source-filter files changed。 + +Final state: +- Orchestrator worktree clean at `a1386881` after validation。 +- Implementation worktree remains available for cleanup after Ticket completion records are committed。 +- WebFetch PDF and Intake investigation gate Coder Pods continue in parallel。 + +--- + + + +## State changed + +Implementation was merged into Orchestrator branch at `a1386881`, review approved, and final Orchestrator validation passed: `cargo fmt --all --check`, `git diff --check HEAD^1..HEAD`, `cargo test -p pod entrypoint::tests::`, and `cargo check -p pod`. + +--- From 69c55a21a49981d4d572d790864a001e8b7d6b52 Mon Sep 17 00:00:00 2001 From: Hare Date: Sat, 20 Jun 2026 21:13:40 +0900 Subject: [PATCH 7/8] ticket: close profile override scope --- .yoi/tickets/00001KVJABS1A/item.md | 4 +- .yoi/tickets/00001KVJABS1A/resolution.md | 35 ++++++++++++++++ .yoi/tickets/00001KVJABS1A/thread.md | 51 ++++++++++++++++++++++++ 3 files changed, 88 insertions(+), 2 deletions(-) create mode 100644 .yoi/tickets/00001KVJABS1A/resolution.md diff --git a/.yoi/tickets/00001KVJABS1A/item.md b/.yoi/tickets/00001KVJABS1A/item.md index bd500473..87e4b207 100644 --- a/.yoi/tickets/00001KVJABS1A/item.md +++ b/.yoi/tickets/00001KVJABS1A/item.md @@ -1,8 +1,8 @@ --- title: 'Profile launch should preserve override scope allowances' -state: 'done' +state: 'closed' created_at: '2026-06-20T10:48:57Z' -updated_at: '2026-06-20T12:13:11Z' +updated_at: '2026-06-20T12:13:32Z' assignee: null queued_by: 'workspace-panel' queued_at: '2026-06-20T11:52:33Z' diff --git a/.yoi/tickets/00001KVJABS1A/resolution.md b/.yoi/tickets/00001KVJABS1A/resolution.md new file mode 100644 index 00000000..4a24114e --- /dev/null +++ b/.yoi/tickets/00001KVJABS1A/resolution.md @@ -0,0 +1,35 @@ +## Resolution + +`00001KVJABS1A` を完了しました。 + +実装内容: +- Profile launch policy が `manifest.scope` を wholesale replacement しないように修正しました。 +- 既に解決済みの Profile / workspace override scope に対して、launch-policy default rules を missing rules として append するようにしました。 +- `.yoi/override.local.toml` 等で指定された追加 `scope.allow` / `scope.deny` は保持されます。 +- Normal launch の workspace root write scope と `.worktree` write deny は維持されます。 +- Ticket role launch の default direct scope / delegation defaults は維持されます。 +- Final manifest/snapshot と tool-visible scope が同じ final effective scope を見るように維持しました。 +- Restore path は existing `resolved_manifest_snapshot` を使う挙動のままで、override 再評価は追加していません。 + +主な commit: +- `0717aae3 pod: preserve profile override scope` +- `a1386881 merge: profile override scope` + +Review: +- r1 は `approve`。 +- Reviewer は scope merge semantics、no authority broadening、workspace write / `.worktree` deny preservation、Ticket role defaults、snapshot/tool-visible scope consistency、restore non-goal preservation を確認しました。 + +最終 validation: +- `cargo fmt --all --check` +- `git diff --check HEAD^1..HEAD` +- `cargo test -p pod entrypoint::tests::` +- `cargo check -p pod` + +Known unrelated note: +- Full `cargo test -p pod` は branch 外の既存 prompt-guidance assertion failure で失敗するため final gate にしませんでした。Reviewer はこの failure が `crates/pod/src/entrypoint.rs` の diff に起因しないことを確認済みです。 + +Nix validation: +- Not run because no dependency/package/source-filter files changed。 + +Validation log: +- `/run/user/1000/yoi/yoi-orchestrator/bash-output/bash-WNUQvw.log` \ No newline at end of file diff --git a/.yoi/tickets/00001KVJABS1A/thread.md b/.yoi/tickets/00001KVJABS1A/thread.md index a29d6aee..335696ce 100644 --- a/.yoi/tickets/00001KVJABS1A/thread.md +++ b/.yoi/tickets/00001KVJABS1A/thread.md @@ -252,3 +252,54 @@ Final state: Implementation was merged into Orchestrator branch at `a1386881`, review approved, and final Orchestrator validation passed: `cargo fmt --all --check`, `git diff --check HEAD^1..HEAD`, `cargo test -p pod entrypoint::tests::`, and `cargo check -p pod`. --- + + + +## State changed + +Ticket を closed にしました。 + + +--- + + + +## 完了 + +## Resolution + +`00001KVJABS1A` を完了しました。 + +実装内容: +- Profile launch policy が `manifest.scope` を wholesale replacement しないように修正しました。 +- 既に解決済みの Profile / workspace override scope に対して、launch-policy default rules を missing rules として append するようにしました。 +- `.yoi/override.local.toml` 等で指定された追加 `scope.allow` / `scope.deny` は保持されます。 +- Normal launch の workspace root write scope と `.worktree` write deny は維持されます。 +- Ticket role launch の default direct scope / delegation defaults は維持されます。 +- Final manifest/snapshot と tool-visible scope が同じ final effective scope を見るように維持しました。 +- Restore path は existing `resolved_manifest_snapshot` を使う挙動のままで、override 再評価は追加していません。 + +主な commit: +- `0717aae3 pod: preserve profile override scope` +- `a1386881 merge: profile override scope` + +Review: +- r1 は `approve`。 +- Reviewer は scope merge semantics、no authority broadening、workspace write / `.worktree` deny preservation、Ticket role defaults、snapshot/tool-visible scope consistency、restore non-goal preservation を確認しました。 + +最終 validation: +- `cargo fmt --all --check` +- `git diff --check HEAD^1..HEAD` +- `cargo test -p pod entrypoint::tests::` +- `cargo check -p pod` + +Known unrelated note: +- Full `cargo test -p pod` は branch 外の既存 prompt-guidance assertion failure で失敗するため final gate にしませんでした。Reviewer はこの failure が `crates/pod/src/entrypoint.rs` の diff に起因しないことを確認済みです。 + +Nix validation: +- Not run because no dependency/package/source-filter files changed。 + +Validation log: +- `/run/user/1000/yoi/yoi-orchestrator/bash-output/bash-WNUQvw.log` + +--- From d547198361b3fca2c6082d1231fb83d0967b878a Mon Sep 17 00:00:00 2001 From: Hare Date: Sat, 20 Jun 2026 21:16:34 +0900 Subject: [PATCH 8/8] ticket: record intake investigation gate implementation report --- .yoi/tickets/00001KVJDJD02/item.md | 2 +- .yoi/tickets/00001KVJDJD02/thread.md | 58 ++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 1 deletion(-) diff --git a/.yoi/tickets/00001KVJDJD02/item.md b/.yoi/tickets/00001KVJDJD02/item.md index 43f1e15b..9c120514 100644 --- a/.yoi/tickets/00001KVJDJD02/item.md +++ b/.yoi/tickets/00001KVJDJD02/item.md @@ -2,7 +2,7 @@ title: 'Intake workflow に Ticket 化前の調査ゲートを明示する' state: 'inprogress' created_at: '2026-06-20T11:45:00Z' -updated_at: '2026-06-20T12:09:50Z' +updated_at: '2026-06-20T12:16:24Z' assignee: null readiness: 'implementation_ready' risk_flags: ['prompt-context', 'workflow-source', 'role-behavior', 'ticket-authority'] diff --git a/.yoi/tickets/00001KVJDJD02/thread.md b/.yoi/tickets/00001KVJDJD02/thread.md index a64256c6..d82c0a1d 100644 --- a/.yoi/tickets/00001KVJDJD02/thread.md +++ b/.yoi/tickets/00001KVJDJD02/thread.md @@ -87,3 +87,61 @@ Next action: - Wait for Coder implementation report, then inspect branch diff/validation evidence and route to Reviewer。 --- + + + +## Implementation report + +Coder implementation report received from `yoi-coder-00001KVJDJD02`. + +Implementation commit: +- `1143ae1c workflow: add intake investigation gate` + +Changed areas reported: +- `resources/prompts/role/intake.md`: + - Added explicit minimum investigation gate before `TicketCreate` / material refinement。 + - Reinforced user agreement before official Ticket creation。 + - Added separation of user claims, confirmed facts, unverified hypotheses, and undecided points。 + - Preserved Intake non-scheduler boundaries: no coder/reviewer/helper Pods, no worktrees, no routing/merge/close。 +- `resources/workflows/ticket-intake-workflow.md`: + - Expanded bundled workflow from thin pointer into concrete reusable Intake procedure。 + - Added Ticket化前の最小調査ゲート。 + - Added `spike_needed` / `requirements_sync_needed` draft stop behavior。 + - Replaced stale `Action required` / `Attention required` draft wording with `Next Ticket operation`。 + - Added recommended Ticket body sections for claims/facts/hypotheses/open questions。 + - Documented bundled-vs-workspace workflow boundary。 +- `.yoi/workflow/ticket-intake-workflow.md`: + - Reconciled workspace override with bundled workflow while preserving dogfooding-specific details。 + - Added explicit local investigation gate conditions and outputs。 + - Updated draft template and Ticket body guidance。 + - Clarified that workspace override may add Objective/split/local policy details but must not weaken bundled invariants。 + +Coder validation reported: +- `git diff --check`: passed。 +- Stale vocabulary grep for `Action required` / `Attention required` in touched prompt/workflow files: no matches。 +- Investigation-gate grep confirmed new terms are present: + - `minimum investigation gate` + - `Ticket 化前の最小調査ゲート` + - `spike_needed` + - `requirements_sync_needed` + - `Confirmed facts / sources` + - `Unverified hypotheses` + - `Undecided points / open questions` +- Workflow/prompt test search: no dedicated workflow prompt tests found; only unrelated Dashboard test reference。 +- No code tests run because changes are prompt/workflow Markdown only。 + +Known risks / deferrals: +- No runtime schema/code changes were made。 +- `.yoi/workflow/ticket-intake-workflow.md` intentionally remains a more detailed workspace override; bundled workflow is compact reusable baseline。 +- `TicketDoctor` not run by Coder; no Ticket record structure was changed。 + +Orchestrator evidence checked before review dispatch: +- Implementation worktree is clean。 +- HEAD is `1143ae1c`。 +- Diff from acceptance `e752a720..HEAD` is one implementation commit touching 3 files, 186 insertions / 19 deletions。 +- `git diff --check e752a720..HEAD` produced no diagnostics。 + +Next action: +- Dispatch Reviewer for r1 review against Ticket requirements, with focus on model-facing Intake behavior, Ticket化前 investigation gate clarity, user-agreement preservation, stale vocabulary removal, bundled/workspace workflow boundary, and Intake non-scheduler boundaries。 + +---