Skip to content

feat(workspace): expose safe inbox provenance#527

Closed
luokerenx4 wants to merge 1 commit into
devfrom
feat/inbox-cli-provenance
Closed

feat(workspace): expose safe inbox provenance#527
luokerenx4 wants to merge 1 commit into
devfrom
feat/inbox-cli-provenance

Conversation

@luokerenx4

Copy link
Copy Markdown
Contributor

Summary

  • expose safe Inbox provenance through alice-workspace inbox read
  • backfill missing resumeId values for legacy append-only entries by joining their stored run/session handle against the live registries
  • whitelist public origin fields so historical agentSessionId or arbitrary extra fields never cross the Workspace CLI/MCP boundary
  • document the provenance contract for agents and maintainers

Real scenario

From workspace headless-chain-jul11, the real CLI can now trace:

  • Inbox 0509fdc8-... to issue trump-semis-oil-thesis, Pi, run 52eef140-..., and resume c1bbb653-...
  • Inbox 6d4ba2ec-... to issue financial-industrial-rotation-scan, Pi, run 87a208ec-..., and resume a9bcdaab-...

The first historical entry contained an undeclared native agentSessionId; the public projection strips it.

Verification

  • pnpm vitest run src/core/workspace-tool-center.spec.ts src/tool/inbox-read.spec.ts src/server/cli.spec.ts src/server/cli-commands.spec.ts src/workspaces/cli/shim.spec.ts (53 passed)
  • npx tsc --noEmit
  • pnpm test (2534 passed, 6 skipped)
  • real alice-workspace inbox read --limit 2 through http://127.0.0.1:47332/cli

Boundary touch

  • Workspace CLI/MCP read projection and append-only Inbox provenance
  • no persisted data rewrite or migration
  • no native runtime session ids exposed
  • no trading, credential, Guardian, UI, or package changes

Follow-up

This PR only makes the originating conversation addressable. A separate contribution will add the CLI command that asks that conversation and reads the resulting headless reply.

@vercel

vercel Bot commented Jul 11, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
openalice-demo Ready Ready Preview, Comment Jul 11, 2026 10:16am

Request Review

@luokerenx4

Copy link
Copy Markdown
Contributor Author

Superseded by #532, which merged the safe Inbox origin projection together with the durable provenance store, Issue projection, and Workspace Session directory.

@luokerenx4 luokerenx4 closed this Jul 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant