Skip to content

[codex] Add isolated git-warp v17 upgrade harness#321

Merged
flyingrobots merged 11 commits into
mainfrom
feat/isolated-warp-upgrade-fixture
Jun 1, 2026
Merged

[codex] Add isolated git-warp v17 upgrade harness#321
flyingrobots merged 11 commits into
mainfrom
feat/isolated-warp-upgrade-fixture

Conversation

@flyingrobots

@flyingrobots flyingrobots commented May 31, 2026

Copy link
Copy Markdown
Owner

PR Title

[codex] Add isolated git-warp v17 upgrade harness

Summary

  • Add a sanitized Git bundle fixture for the current gitmind graph state and an isolated Docker upgrade harness that runs with --network none.
  • Upgrade the substrate from @git-stunts/git-warp v14 to v17, plus @git-stunts/plumbing and ajv, with the lockfile audited clean.
  • Add a v17 graph compatibility facade, run the v17 checkpoint migration in the fixture harness, flush CLI stdout/stderr before explicit exit, and batch review decision writes to keep Git-backed tests stable.
  • Cap Vitest worker fan-out and increase the default integration-test timeout for the heavier v17 Git-backed operations.
  • Harden the upgrade fixture with a lockfile-backed package install, pinned Docker base image digest, and static regression coverage for those invariants.

Problem Statement

  • Git Mind needs a reproducible, repo-local safety rail for upgrading legacy git-warp graph data before the dependency substrate can move forward. The fixture must be isolated from this checkout, inspectable in Git, and strong enough to prove that the legacy checkpoint migrates and the upgraded package can read real graph data.

ADR Compliance (Required)

Relevant ADR(s)

  • ADR-0002 (Worktree Independence and Materialization Architecture)
  • ADR-0003 (Graph-Native Content, Deterministic Materialization, and Workspace Bridge)
  • None

Compliance Declaration

  • This PR is fully compliant with all checked ADRs.
  • This PR intentionally deviates from one or more checked ADRs (complete Exception Request below).

Exception Request (Required if deviating)

  • ADR clause(s) deviated from: N/A
  • Why deviation is necessary now: N/A
  • Risk introduced by deviation: N/A
  • Mitigation and rollback plan: Revert this branch if the v17 substrate must be backed out.
  • Follow-up ADR/issue to reconcile architecture debt: N/A

Architecture Laws Checklist (Hard Gates)

Canonical Truth & Context

  • Graph remains canonical truth (no dual truth with generated files).
  • No hidden worktree coupling introduced in core/domain/materialization paths.
  • Context-sensitive behavior is explicit (--at, --observer, --trust) or deterministically defaulted.
  • Resolved context is surfaced in output metadata where applicable.

Determinism & Provenance

  • Pure query/materialization paths remain deterministic for identical inputs.
  • Mutations/materializations include provenance receipts/envelopes where required.
  • Cache keys (if used) are derived only from semantic inputs + pinned versions.

Artifact Hygiene

  • No forbidden generated artifact paths are tracked.
  • Any generated artifacts intentionally tracked are in allowlisted publish paths only.
  • Pre-commit/CI policy checks updated or confirmed valid.

Contracts & Compatibility

  • Machine-facing outputs are schema-versioned.
  • Breaking contract changes include version bump + migration notes.
  • Backward compatibility impact is documented below.

Extension/Effects Safety (if applicable)

  • Extension behavior does not bypass capability restrictions.
  • Effectful operations use explicit plan/apply semantics and emit receipts.
  • Timeouts/resource bounds are defined for new script/effect paths.

Scope Control

  • PR is single-purpose/cohesive (no unrelated refactors).
  • Any non-essential refactor is split into separate PR(s) or explicitly justified.

Backward Compatibility

  • CLI/API contract changes: No intentional output contract changes. CLI commands now flush stdout/stderr and exit explicitly after dispatch to avoid v17 write-path handles keeping Node alive.
  • Data model/storage changes: Existing legacy fixture checkpoints are migrated from git-warp checkpoint schema 2 to schema 5 inside the isolated harness before read assertions. New writes use the git-warp v17 substrate.
  • Migration required?: Yes for existing v14/v16 graph checkpoints before reading with v17; this PR proves the migration path in Docker using the committed fixture.
  • User-facing behavior changes: Dependency and runtime substrate modernization only; normal Git Mind commands should preserve current behavior.

Test Plan (Required)

Unit

  • Added/updated tests for changed logic
  • Commands:
npm test -- --run test/review.test.js
npm test -- --run test/upgrade-fixture.test.js
npm test

Integration

  • Added/updated integration tests
  • Commands:
npm run test:upgrade-fixture

Determinism

  • Determinism assertions included for relevant paths
  • Method: The fixture harness validates a fixed bundle checksum, expected refs, migration source checkpoint, migrated checkpoint schema, sentinel nodes, graph counts, export/content boundaries, lockfile-backed package install, and pinned Docker base image in a Docker container with --network none.
  • Commands:
npm run test:upgrade-fixture

Contract/Schema

  • Schema validation updated/passing
  • Commands:
npm test

Policy Gates

  • Mechanical architecture gates pass
  • Commands:
git diff --check
npm run lint
npm audit --omit=dev

Security / Trust Impact

  • Threat surface changed?: The upgrade harness executes only inside an isolated Docker container with no network access; dependency audit reports zero production vulnerabilities after npm audit fix.
  • Trust policy impact: No trust policy semantics changed.
  • Provenance/audit impact: Fixture metadata records source commit, refs, checksum, dependency versions, expected graph counts, sentinel nodes, and migration schema expectations.
  • New failure modes introduced: Existing graph checkouts with old checkpoint schemas must run the v17 migration before being read by the upgraded package.

Performance Impact

  • Hot path affected?: Graph open/read/write paths now route through git-warp v17 compatibility surfaces.
  • Expected impact (latency/memory/io): v17 Git-backed operations are heavier in tests; review decision writes were batched and Vitest worker fan-out was capped to keep local and CI runs stable.
  • Benchmarks or profiling evidence: npm test passed 31 files / 594 tests in the final local run; fixture migration/read assertions passed in Docker, including the lockfile install regression and pinned Docker base assertion.

Observability / Debuggability

  • Errors are actionable and include context.
  • Logs/diagnostics added or updated where needed.
  • git mind status / diagnostics updated if writeback/eventing behavior changed.

Operational Notes

  • Feature flag (if any): None.
  • Rollback strategy: Revert this PR to return to git-warp v14 plus the previous lockfile and remove the isolated upgrade fixture harness.
  • Operational caveats: The local checkout's own old git-warp refs should not be read with v17 until the migration is run; the test harness intentionally migrates only the copied fixture inside Docker.

Linked Issues / Milestones


Reviewer Quick Verdict Block (for maintainers)

MUST (Hard Gates)

  • PASS

SHOULD (Quality)

  • PASS

Verdict

  • APPROVE

@coderabbitai

coderabbitai Bot commented May 31, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Warning

Review limit reached

@flyingrobots, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 14 minutes and 46 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: f2b535a6-4cf7-417c-a673-3ca46bea606f

📥 Commits

Reviewing files that changed from the base of the PR and between 2a47d21 and 23e5b7b.

⛔ Files ignored due to path filters (1)
  • package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (8)
  • bin/git-mind.js
  • package.json
  • src/graph.js
  • src/review.js
  • test/cli-flush.test.js
  • test/graph.test.js
  • test/review.test.js
  • test/upgrade-fixture.test.js

Walkthrough

This pull request executes a substrate upgrade from @git-stunts/git-warp v14 to v17 and @git-stunts/plumbing v2 to v3. It introduces a compatibility wrapper for the graph API, batches review decision persistence, and adds a complete Docker-based isolation fixture to validate the upgrade end-to-end without relying on local repository state.

Changes

git-warp v17 substrate upgrade with isolated fixture validation

Layer / File(s) Summary
Graph v17 compatibility wrapper
src/graph.js, test/graph.test.js
compatGraph() wraps v17 surfaces to expose v14-compatible core/query/patches access, tracks materialization state, and uses a Proxy to reset state on commit(). initGraph() switches to NodeCryptoAdapter and returns the wrapped instance. Observer filtering test validates surface exposure control.
Review decision atomic persistence
src/review.js
addDecisionToPatch() centralizes decision node writes. acceptSuggestion, rejectSuggestion, and batchDecision now batch edge updates and decision nodes into a single patch per operation, eliminating separate record-decision steps and improving atomicity.
Dependency upgrade to v17
package.json
@git-stunts/git-warp bumped to 17.0.0, @git-stunts/plumbing to 3.0.3, ajv to 8.20.0. Adds test:upgrade-fixture npm script.
Upgrade fixture harness infrastructure
scripts/test-upgrade-fixture.sh, scripts/upgrade-fixture/Dockerfile
Shell script orchestrates Docker build and container execution: stages npm package tarball, package-lock, fixture assets, and runner into temp directory; builds versioned image; runs container with network isolation and scrubbed environment; cleans up on exit. Dockerfile installs build tools, unpacks git-mind package, installs dependencies via npm ci, configures isolated Git environment, and runs Node.js runner.
Upgrade validation logic
scripts/upgrade-fixture/run-upgrade-fixture.mjs
Node.js CLI runner validates fixture bundle integrity, bootstraps git refs, executes git-warp upgrade, and asserts checkpoint state/schema transitions, graph health metrics, sentinel node presence, export structure, and content attachments. Verifies bundle is unmodified after test.
Fixture metadata and harness tests
test/fixtures/upgrade/gitmind-v5-warp14.fixture.json, test/fixtures/upgrade/README.md, test/upgrade-fixture.test.js
Fixture JSON contains sanitized v5/git-warp-14 graph snapshot with source metadata, bundle details, expected refs and graph state, and sentinel nodes. README documents fixture purpose and regeneration. Test suite verifies Dockerfile digest-pinning and lockfile-driven dependency installation.
Configuration and robustness updates
bin/git-mind.js, vitest.config.js, docs/design/git-warp-upgrade-audit.md
CLI adds flushStream() helper to await stdout/stderr flushing before process exit. Vitest config sets worker limits and 30-second test timeout. Design audit document updated with v17 continuation status and explicit six-step validation sequence.

Sequence Diagram

sequenceDiagram
  participant Fixture as Fixture Harness
  participant Git as Git Operations
  participant WarpUpgrade as git-warp Upgrade
  participant Validate as Validators
  Fixture->>Fixture: Create Docker context
  Fixture->>Fixture: Stage npm tgz + lock + bundle
  Fixture->>Fixture: Build versioned image
  Fixture->>Fixture: docker run --network none
  Fixture->>Git: Initialize work repo
  Fixture->>Git: Fetch bundle refs (HEAD mapping)
  Fixture->>Git: git fsck health check
  Fixture->>WarpUpgrade: Run upgrade script
  WarpUpgrade->>WarpUpgrade: Parse JSON result
  Fixture->>Validate: Assert checkpoint state
  Fixture->>Validate: Assert graph health metrics
  Fixture->>Validate: Assert sentinel node presence
  Fixture->>Validate: Assert export counts
  Fixture->>Validate: Assert content attachment
  Fixture->>Fixture: Verify bundle SHA unchanged
  Fixture-->>Fixture: Exit with summary
Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

The PR spans multiple integration layers (dependency upgrade, API compatibility wrapper, decision batching refactor, Docker orchestration, and comprehensive validation logic), requiring separate reasoning for each checkpoint. The graph compatibility layer and decision batching are logic-dense changes. The fixture framework adds 42+ lines of shell scripting, 33+ lines of Dockerfile, and 237+ lines of Node.js validation logic with intricate assertion sequences. Heterogeneous file coverage and cross-cutting concerns (crypto adapter switching, patch batching, container isolation, ref mapping) demand careful inspection of each layer.

Possibly related PRs

  • flyingrobots/git-mind#194: Modified acceptSuggestion/rejectSuggestion/batchDecision review decision flow—this PR consolidates those changes further by batching all persistence into single patches.
  • flyingrobots/git-mind#296: Modified graph integration around @git-stunts/git-warp—this PR adds a compatibility wrapper for v17 surfaces while that PR shifted to native graph methods.

Poem

🚀 A wrapper wraps the warp, decisions batch and sync,
The fixture freezes time in bundles, validates the link.
From fourteen to seventeen, the graph still reads and grows,
Docker spins in isolation—no remotes, no repos.
The bridge is built: one surface for the old and new ways both.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 27.59% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The PR title '[codex] Add isolated git-warp v17 upgrade harness' directly and clearly identifies the main feature: adding an isolated upgrade harness for git-warp v17 substrate modernization.
Description check ✅ Passed The PR description is comprehensive and complete, covering all required template sections: summary, problem statement, ADR compliance with declarations, architecture laws checklist, scope control, backward compatibility, detailed test plan with exact commands, security/trust impact, performance impact, observability, and operational notes.
Linked Issues check ✅ Passed The PR fully satisfies all acceptance criteria from issue #320: sanitized fixture captures v5/git-warp-14 state with refs/warp/gitmind/*, metadata includes source commit/versions/refs, harness runs in isolated Docker without mounting repository, copies only explicit artifacts, uses scrubbed environment, proves new code can read fixture without mutation, and serves as safety rail for v17/plumbing@3 upgrade.
Out of Scope Changes check ✅ Passed All code changes are tightly scoped to the stated objective of adding an isolated v17 upgrade harness and performing the substrate upgrade. The changes include: fixture creation, Docker harness infrastructure, CLI stream flushing for v17 compatibility, graph compatibility wrapper for v17, batched review writes (performance optimization for heavier v17 operations), and Vitest configuration hardening—all directly supporting the upgrade objective. No extraneous refactors detected.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Copy link
Copy Markdown
Owner Author

@codex self-audit found a new issue that should be fixed before merge.

ID Severity Source File Lines Issue Evidence Recommended mitigation prompt
CL-001 P5 Self scripts/test-upgrade-fixture.sh 42 Extra blank line at EOF violates repository whitespace hygiene. git diff --check origin/main...HEAD reports scripts/test-upgrade-fixture.sh:42: new blank line at EOF. Remove the trailing blank line from scripts/test-upgrade-fixture.sh, then rerun git diff --check origin/main...HEAD and relevant fixture checks.

@chatgpt-codex-connector

Copy link
Copy Markdown

To use Codex here, create an environment for this repo.

Copy link
Copy Markdown
Owner Author

@codex self-audit found an additional determinism issue.

ID Severity Source File Lines Issue Evidence Recommended mitigation prompt
CL-002 P2 Self scripts/upgrade-fixture/Dockerfile; scripts/test-upgrade-fixture.sh; package.json Dockerfile L14-L16; script L22-L28; package L30-L32 The isolated upgrade fixture installs the packed package with floating semver dependency ranges instead of the audited lockfile. npm pack --dry-run --json shows package-lock.json is not included in the tarball, while the Dockerfile runs npm install -g /tmp/git-mind-package.tgz; package.json uses ^17.0.0, ^3.0.3, and ^8.20.0. Future registry releases can change what the fixture actually tests. Add a deterministic regression test for the fixture installer, copy package-lock.json into the Docker build context, unpack the package under /opt/git-mind, run npm ci --omit=dev against that lockfile, and expose the CLI from that locked install rather than using npm install -g on the tarball.

@chatgpt-codex-connector

Copy link
Copy Markdown

To use Codex here, create an environment for this repo.

Copy link
Copy Markdown
Owner Author

@codex self-audit found another reproducibility issue.

ID Severity Source File Lines Issue Evidence Recommended mitigation prompt
CL-003 P3 Self scripts/upgrade-fixture/Dockerfile; test/upgrade-fixture.test.js Dockerfile L1 The upgrade fixture Docker base image is tag-only and can drift over time. FROM node:22-bookworm-slim points at a moving tag, so future fixture runs may use a different Node/Debian image than the reviewed PR. Add a deterministic fixture-harness assertion that the Docker base is digest-pinned, then pin node:22-bookworm-slim to the currently verified manifest digest.

@chatgpt-codex-connector

Copy link
Copy Markdown

To use Codex here, create an environment for this repo.

Copy link
Copy Markdown
Owner Author

@codex self-audit found a documentation accuracy issue.

ID Severity Source File Lines Issue Evidence Recommended mitigation prompt
CL-004 P5 Self docs/design/git-warp-upgrade-audit.md L50-L74 The v17 continuation text describes the safety rail as happening before dependency changes, but this PR now includes the dependency upgrade as well. The diff adds This pass adds an upgrade safety rail before changing the dependency versions: while the same PR changes @git-stunts/git-warp, @git-stunts/plumbing, and ajv in package.json. Update the design note so it describes the actual PR sequence: fixture safety rail first, then v17 dependency upgrade and migration playback.

@chatgpt-codex-connector

Copy link
Copy Markdown

To use Codex here, create an environment for this repo.

@flyingrobots

Copy link
Copy Markdown
Owner Author

Code Lawyer Activity Summary

@codex please confirm the audit closure below.

GraphQL review discovery found 0 unresolved inline review threads and 0 formal reviews. The only existing top-level PR comment was the CodeRabbit draft-skip notice, so no PR-originated threads required resolution.

ID Severity Source File Issue Fix commit Outcome
CL-001 P5 Self scripts/test-upgrade-fixture.sh git diff --check origin/main...HEAD reported a trailing blank line at EOF. 8571c02 Removed the extra EOF whitespace.
CL-002 P2 Self scripts/upgrade-fixture/Dockerfile, scripts/test-upgrade-fixture.sh, scripts/upgrade-fixture/run-upgrade-fixture.mjs, test/upgrade-fixture.test.js The Docker fixture installed the package tarball without the repo lockfile, allowing ^ dependency ranges to resolve floating registry versions. 9320b63 Docker now installs the unpacked package with the committed lockfile, and the runner resolves the package root explicitly.
CL-003 P3 Self scripts/upgrade-fixture/Dockerfile, test/upgrade-fixture.test.js Docker base image used a floating tag, weakening reproducibility. 74af3a2 Pinned node:22-bookworm-slim to a manifest digest and asserted that invariant in tests.
CL-004 P5 Self docs/design/git-warp-upgrade-audit.md Audit wording said this work happened before dependency changes even though the branch upgrades to git-warp v17. 573cc23 Reworded the document to distinguish the original 14.x audit from the current v17 continuation.

Verification ledger:

Gate Result
git diff --check origin/main...HEAD PASS
npm run lint PASS
npm audit --omit=dev PASS, 0 vulnerabilities
npm test PASS, 31 files / 593 tests
npm run test:upgrade-fixture PASS, Docker --network none, fixture result ok with 128 nodes and 227 edges
gh pr checks 321 PASS at audit time

@chatgpt-codex-connector

Copy link
Copy Markdown

To use Codex here, create an environment for this repo.

@flyingrobots flyingrobots marked this pull request as ready for review May 31, 2026 21:58

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 573cc23241

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread src/graph.js Outdated
@flyingrobots

Copy link
Copy Markdown
Owner Author

Code Lawyer Activity Summary - Observer Compatibility Pass

@codex please confirm the PR-thread closure below.

GraphQL review discovery found 1 unresolved review thread at the start of this pass. It was actionable, reproduced locally, fixed in one commit, pushed, and resolved through the resolveReviewThread GraphQL mutation.

ID Severity Source File Lines Issue Fix commit Outcome
CL-005 P2 PR review src/graph.js 115-117 v17 observer handles expose a read-only observer surface; wrapping them as a full graph eagerly required methods such as getEdgeProps/content methods and broke --observer read paths before filtered graph data could be returned. 2a47d21 Added a real initGraph() regression covering observer-filtered nodes, edges, and property exposure; changed the v17 compatibility layer so unsupported optional methods throw lazily instead of breaking observer construction.

Verification ledger:

Gate Result
RED regression npm test -- --run test/graph.test.js failed before the fix with git-warp surface missing getEdgeProps()
Targeted regression npm test -- --run test/graph.test.js PASS, 4 tests
Context/view regression npm test -- --run test/resolve-context.test.js test/views.test.js PASS, 67 tests
git diff --check origin/main...HEAD PASS
npm run lint PASS
npm audit --omit=dev PASS, 0 vulnerabilities
npm test PASS, 31 files / 594 tests
npm run test:upgrade-fixture PASS, Docker --network none, fixture result ok with 128 nodes and 227 edges
GraphQL review threads after fix 0 unresolved
GitHub Actions checks after push PASS for CodeQL, template, architecture gates, analyze jobs, Node 22, and Node 24
CodeRabbit check PENDING at closure time: Review in progress

No additional self-discovered issues were added after re-running git diff origin/main...HEAD for this pass.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
src/review.js (1)

206-249: ⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

adjustSuggestion was not refactored for single-patch atomicity, contradicting the PR's stated goal.

The PR objective explicitly states: "batches review decision writes to stabilize Git-backed tests." You meticulously refactored acceptSuggestion, rejectSuggestion, and batchDecision to use single-commit atomicity. Yet adjustSuggestion still performs 2–4 separate commits:

  1. createEdge() (if type changed) → separate commit via edges.js
  2. patch.commit() for reviewedAt (lines 220–222)
  3. removeEdge() (if type changed) → separate commit via edges.js
  4. recordDecision() at line 247 → yet another commit

This inconsistency defeats the atomicity invariant. If adjustSuggestion is exercised in Git-backed tests, expect the same race conditions and flakiness you sought to eliminate.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/review.js` around lines 206 - 249, adjustSuggestion currently performs
multiple separate commits (via createEdge/removeEdge and recordDecision),
breaking the single-patch atomicity goal; refactor it to build and commit a
single graph.patch: call graph.createPatch() at the start, use patch-aware
variants or add an optional patch parameter to createEdge and removeEdge so they
apply their changes into this patch, set edge properties (confidence, rationale,
reviewedAt) on that same patch, and write the decision into the same patch
(extend recordDecision to accept a patch or expose a patch-friendly API) before
calling patch.commit() once; update references to createEdge, removeEdge,
recordDecision, graph.createPatch, and patch.commit accordingly.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@bin/git-mind.js`:
- Around line 503-513: flushStream currently rejects on stream.write errors and
those awaits for process.stdout/process.stderr are unguarded, causing noisy
failures on broken pipes; modify flushStream(stream) so its write callback
treats errors with err.code 'EPIPE' or 'ERR_STREAM_DESTROYED' as non-fatal (call
resolve) and only reject for other errors, then keep the await
flushStream(process.stdout) / flushStream(process.stderr) calls as-is so normal
exits ignore broken-pipe/stream-destroyed cases while still propagating other
unexpected write errors.

In `@package.json`:
- Around line 30-32: The package manifest currently uses caret ranges for
`@git-stunts/git-warp` and `@git-stunts/plumbing`, which allows downstream
minor/patch drift; update package.json to pin the versions (replace "^17.0.0"
and "^3.0.3" with exact "17.0.0" and "3.0.3") if you want immutable consumer
installs, or alternatively add a CI fixture that runs the “next minor” upgrade
test (reuse test/upgrade-fixture.test.js and
scripts/upgrade-fixture/run-upgrade-fixture.mjs) to assert compatibility with
the next minor—choose one approach and apply it consistently.

In `@src/graph.js`:
- Around line 128-131: The observer wrapper calls query.observer directly
causing a raw TypeError when the surface is missing; change it to use the same
binding helper used elsewhere (e.g., bind() or bindOptional()) so the wrapper
first resolves the surface and throws the informative "git-warp surface missing
X()" error if absent—specifically, replace the direct call to query.observer in
the observer property (which currently awaits ensureMaterialized() then calls
query.observer(...)) with the bound variant (via bind or bindOptional) and then
pass its result through compatGraph after awaiting, preserving
ensureMaterialized() behavior.

---

Outside diff comments:
In `@src/review.js`:
- Around line 206-249: adjustSuggestion currently performs multiple separate
commits (via createEdge/removeEdge and recordDecision), breaking the
single-patch atomicity goal; refactor it to build and commit a single
graph.patch: call graph.createPatch() at the start, use patch-aware variants or
add an optional patch parameter to createEdge and removeEdge so they apply their
changes into this patch, set edge properties (confidence, rationale, reviewedAt)
on that same patch, and write the decision into the same patch (extend
recordDecision to accept a patch or expose a patch-friendly API) before calling
patch.commit() once; update references to createEdge, removeEdge,
recordDecision, graph.createPatch, and patch.commit accordingly.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 0dd39496-f0e0-4e55-bb80-659e4b3a1e45

📥 Commits

Reviewing files that changed from the base of the PR and between 5ed15dc and 2a47d21.

⛔ Files ignored due to path filters (1)
  • package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (14)
  • bin/git-mind.js
  • docs/design/git-warp-upgrade-audit.md
  • package.json
  • scripts/test-upgrade-fixture.sh
  • scripts/upgrade-fixture/Dockerfile
  • scripts/upgrade-fixture/run-upgrade-fixture.mjs
  • src/graph.js
  • src/review.js
  • test/fixtures/upgrade/README.md
  • test/fixtures/upgrade/gitmind-v5-warp14.bundle
  • test/fixtures/upgrade/gitmind-v5-warp14.fixture.json
  • test/graph.test.js
  • test/upgrade-fixture.test.js
  • vitest.config.js
📜 Review details
🧰 Additional context used
📓 Path-based instructions (4)
**/*.{js,mjs,cjs}

📄 CodeRabbit inference engine (AGENTS.md)

Use Plain JavaScript with JSDoc, no TypeScript

**/*.{js,mjs,cjs}: Use Plain JavaScript with JSDoc for code style, no TypeScript
Target Node.js >= 22 runtime with ES modules

Files:

  • vitest.config.js
  • test/upgrade-fixture.test.js
  • bin/git-mind.js
  • src/graph.js
  • test/graph.test.js
  • src/review.js
  • scripts/upgrade-fixture/run-upgrade-fixture.mjs
**/*.js

📄 CodeRabbit inference engine (AGENTS.md)

Use chalk + figures for terminal output formatting in CLI

Files:

  • vitest.config.js
  • test/upgrade-fixture.test.js
  • bin/git-mind.js
  • src/graph.js
  • test/graph.test.js
  • src/review.js
**/*.test.{js,mjs,cjs}

📄 CodeRabbit inference engine (AGENTS.md)

**/*.test.{js,mjs,cjs}: YOU MUST treat tests as the executable form of design acceptance criteria for substantial work
Translate design acceptance criteria into failing tests before implementation when behavior is changing substantially
Use vitest for testing

**/*.test.{js,mjs,cjs}: Treat tests as the executable form of design acceptance criteria for substantial work
Translate design acceptance criteria into failing tests before implementation when behavior is changing substantially
Use vitest for testing

Files:

  • test/upgrade-fixture.test.js
  • test/graph.test.js
**/{cli,bin}/**/*.{js,mjs,cjs}

📄 CodeRabbit inference engine (CLAUDE.md)

Use chalk and figures for terminal output formatting

Files:

  • bin/git-mind.js
🪛 Checkov (3.2.529)
scripts/upgrade-fixture/Dockerfile

[low] 1-33: Ensure that HEALTHCHECK instructions have been added to container images

(CKV_DOCKER_2)


[low] 1-33: Ensure that a user for the container has been created

(CKV_DOCKER_3)

🪛 Hadolint (2.14.0)
scripts/upgrade-fixture/Dockerfile

[warning] 3-3: Pin versions in apt get install. Instead of apt-get install <package> use apt-get install <package>=<version>

(DL3008)


[info] 14-14: Use ADD for extracting archives into an image

(DL3010)


[warning] 16-16: Use WORKDIR to switch to a directory

(DL3003)

🪛 Shellcheck (0.11.0)
scripts/test-upgrade-fixture.sh

[warning] 4-4: Remove space after = if trying to assign a value (for empty string, use var='' ... ).

(SC1007)

🪛 Trivy (0.69.3)
scripts/upgrade-fixture/Dockerfile

[error] 1-1: Image user should not be 'root'

Specify at least 1 USER command in Dockerfile with non-root user as argument

Rule: DS-0002

Learn more

(IaC/Dockerfile)


[warning] 16-22: 'RUN cd ...' to change directory

RUN should not be used to change directory: 'mkdir -p /opt/git-mind && tar -xzf /tmp/git-mind-package.tgz -C /opt/git-mind --strip-components=1 && cp /tmp/package-lock.json /opt/git-mind/package-lock.json && cd /opt/git-mind && npm ci --omit=dev && ln -s /opt/git-mind/bin/git-mind.js /usr/local/bin/git-mind && npm cache clean --force'. Use 'WORKDIR' statement instead.

Rule: DS-0013

Learn more

(IaC/Dockerfile)


[info] 1-1: No HEALTHCHECK defined

Add HEALTHCHECK instruction in your Dockerfile

Rule: DS-0026

Learn more

(IaC/Dockerfile)

🔇 Additional comments (24)
src/graph.js (6)

6-7: LGTM!


12-30: LGTM!


39-71: LGTM!


73-90: LGTM!


141-157: LGTM!


111-127: 💤 Low value

Check pre-materialization safety of discoverTicks() and worldline()

src/graph.js exposes discoverTicks: bindOptional(patches, 'discoverTicks') and worldline: bindOptional(query, 'worldline') without ensureMaterialized(), unlike hasNode/getNodes/getEdges and other read methods. src/epoch.js calls graph.discoverTicks() directly in getCurrentTick() before any explicit materialization.

git-warp’s API docs describe discoverTicks() as discovering logical replay ticks “without expensive deserialization”, so it may be safe pre-materialization—but the wrapper should still match the actual git-warp contract (and autoMaterialize evidence found so far is mostly about createPatch). If either method requires cached/materialized state, this can yield stale/empty results or throw.

test/graph.test.js (1)

51-76: LGTM!

src/review.js (5)

54-74: LGTM!


76-87: LGTM!


161-166: LGTM!


190-194: LGTM!


338-366: LGTM!

scripts/test-upgrade-fixture.sh (2)

4-4: Shellcheck SC1007 is a false positive here — leave it alone.

CDPATH= cd -- "$(dirname -- "$0")/.." is the deliberate idiom: a one-shot CDPATH= assignment scoped to the cd builtin so a user's exported CDPATH can't hijack the relative cd. Removing the space (CDPATH=cd) would change meaning entirely. No action needed.


11-42: LGTM!

package.json (1)

24-24: LGTM!

scripts/upgrade-fixture/Dockerfile (2)

1-1: LGTM!


16-22: ⚡ Quick win

Symlink target already executable; no chmod needed.

bin/git-mind.js is 100755 in git, appears in the npm pack tarball as -rwxr-xr-x, and after tar -xzf ... --strip-components=1 it’s still -rwxr-xr-x at bin/git-mind.js, so the ln -s ... /usr/local/bin/git-mind won’t produce an EACCES dead harness.

			> Likely an incorrect or invalid review comment.
scripts/upgrade-fixture/run-upgrade-fixture.mjs (2)

124-150: LGTM!

Also applies to: 204-237


99-110: ⚡ Quick win

Resolve naming/versioning ambiguity: gitmind-v5-warp14 fixture vs upgrade-v16-to-v17.js entrypoint

gitmind-v5-warp14 is being run via @git-stunts/git-warp/dist/scripts/upgrade-v16-to-v17.js, but the fixture’s own metadata only asserts graphName: "gitmind", previousCheckpointSchema: 2, and currentCheckpointSchema: 5. The runner assertions therefore only prove the end-state schema transition (2 → 5) produced by this script, not that the correct migrator chain is used for a fixture named “warp14” (and that no “v14 → v16” hop is skipped).
Add/confirm the intended mapping between the upgrade-v16-to-v17.js filename and the fixture’s “warp14” + starting schema 2, or rename/document the entrypoint selection so the harness is unambiguous.

vitest.config.js (1)

5-7: LGTM!

test/fixtures/upgrade/gitmind-v5-warp14.fixture.json (1)

1-64: LGTM!

test/fixtures/upgrade/README.md (1)

1-51: LGTM!

test/upgrade-fixture.test.js (1)

1-30: LGTM!

docs/design/git-warp-upgrade-audit.md (1)

3-5: LGTM!

Also applies to: 52-84

Comment thread bin/git-mind.js
Comment thread package.json Outdated
Comment thread src/graph.js
@chatgpt-codex-connector

Copy link
Copy Markdown

Codex Review: Didn't find any major issues. You're on a roll.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@flyingrobots

Copy link
Copy Markdown
Owner Author

@codex please confirm this Code Lawyer closure pass.

Code Lawyer Activity Summary for PR #321

ID Severity Source File Lines Issue Fix commit Outcome
CL-006 P2 CodeRabbit review body, outside diff src/review.js 206-249 adjustSuggestion() still used 2-4 separate patches/commits, violating the PR's single-patch review-decision invariant. 27d69e5 Added RED regression proving same-type adjustments used 2 patches and type changes used 4; refactored edge mutation and decision persistence into one patch and one commit.
CL-007 P2 CodeRabbit inline thread bin/git-mind.js 503-519 CLI shutdown flush rejected broken-pipe / destroyed-stream errors and could turn normal piped exits into noisy failures. 1ee3ac9 Added RED regression around the actual flushStream() body; EPIPE and ERR_STREAM_DESTROYED now resolve while unexpected write errors still reject. Thread PRRT_kwDOO6RLEs6F_mby resolved.
CL-008 P3 CodeRabbit inline thread src/graph.js 128-131 Observer dispatch bypassed the compatibility bind() helper, so a missing observer surface would raise a raw TypeError. bbdf690 Added RED guard for the observer wrapper contract; observer construction now uses bind(query, 'observer') before wrapping the result. Thread PRRT_kwDOO6RLEs6F_mb7 resolved.
CL-009 P5 CodeRabbit inline thread package.json 30-32 Upgraded substrate dependencies were declared with caret ranges, allowing consumer installs to drift away from the audited versions. 23e5b7b Added RED manifest/lockfile regression; pinned root @git-stunts/git-warp to 17.0.0 and root @git-stunts/plumbing to 3.0.3. Thread PRRT_kwDOO6RLEs6F_mb4 resolved.

Verification ledger:

Gate Result
git status --porcelain PASS, clean
git diff --check origin/main...HEAD PASS
npm run lint PASS
npm audit --omit=dev PASS, 0 vulnerabilities
npm test PASS, 32 files / 600 tests
npm run test:upgrade-fixture PASS, Docker --network none, fixture result ok with 128 nodes and 227 edges
GraphQL thread resolution PASS, resolved PRRT_kwDOO6RLEs6F_mby, PRRT_kwDOO6RLEs6F_mb4, and PRRT_kwDOO6RLEs6F_mb7

No new self-discovered diff issues were added in this pass. CodeRabbit's project-wide docstring coverage warning remains documented as a broad pre-merge advisory rather than a changed-line review thread in this substrate-upgrade PR.

@flyingrobots flyingrobots merged commit ce1509a into main Jun 1, 2026
8 checks passed
@flyingrobots flyingrobots deleted the feat/isolated-warp-upgrade-fixture branch June 1, 2026 03:23
@chatgpt-codex-connector

Copy link
Copy Markdown

Code Lawyer Closure Confirmation

Confirmed locally for the Code Lawyer closure pass on PR #321 at HEAD 23e5b7b. I did not make code changes, so I did not commit or create a follow-up PR.

Findings

GraphQL/thread resolution note: I could not independently query GitHub review thread state from this container because there is no configured remote/authenticated gh context. I confirmed the code-side closures and local regression coverage.

Checks Run

  • git status --porcelain
  • git diff --check 5ed15dca896a947cac5fd82f13a34e5feb112047...HEAD
  • npm run lint
  • GIT_AUTHOR_NAME=Codex GIT_AUTHOR_EMAIL=codex@openai.com GIT_COMMITTER_NAME=Codex GIT_COMMITTER_EMAIL=codex@openai.com npm test -- --run test/graph.test.js test/review.test.js test/cli-flush.test.js
  • ⚠️ npm audit --omit=dev — npm registry audit endpoint returned 403 Forbidden from this environment.
  • ⚠️ GIT_AUTHOR_NAME=Codex GIT_AUTHOR_EMAIL=codex@openai.com GIT_COMMITTER_NAME=Codex GIT_COMMITTER_EMAIL=codex@openai.com npm test — 31 files passed with 583 tests passing / 17 skipped; test/contracts.integration.test.js hit its beforeAll hook timeout in this slower container.
  • ⚠️ GIT_AUTHOR_NAME=Codex GIT_AUTHOR_EMAIL=codex@openai.com GIT_COMMITTER_NAME=Codex GIT_COMMITTER_EMAIL=codex@openai.com npm run test:upgrade-fixture — blocked because docker is not installed in this container.
  • ⚠️ command -v gh >/dev/null && gh pr checks 321 || echo 'gh unavailable or not authenticated/remote not configured' — GitHub CLI/remote auth was unavailable here.

View task →

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

dependency: add isolated git-warp v17 upgrade fixture harness

1 participant