Skip to content

canon: Sandbox Hygiene — per-flight owned scratch, no fixed shared temp names (DRAFT)#292

Closed
git-repo-auth[bot] wants to merge 2 commits into
mainfrom
policy/sandbox-hygiene-per-flight-scratch
Closed

canon: Sandbox Hygiene — per-flight owned scratch, no fixed shared temp names (DRAFT)#292
git-repo-auth[bot] wants to merge 2 commits into
mainfrom
policy/sandbox-hygiene-per-flight-scratch

Conversation

@git-repo-auth

@git-repo-auth git-repo-auth Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

Draft canon PR — Sandbox Hygiene (policy precedes build)

Status: DRAFT for captain review. Nothing here merges without your read of the exact text.

What this is

A tier-1 canon constraint — Sandbox Hygiene: Per-Flight Owned Scratch, No Fixed Shared Temp Names — drafted before the implementing fix, per the policy-precedes-build ordering. The agent-role-service helper PR cites this constraint by URI.

Why now (observed, not assumed)

At boot this session the sandbox contained a stale /tmp/pr_body.md — 6347 bytes, owned by nobody:nogroup, dated the prior evening. That is the exact residue that produced wrong-content PRs and git-lock failures across earlier flights this session. This constraint closes it.

Anatomy (WHAT / WHY / ENFORCEMENT / SCOPE / VERIFICATION)

  • WHAT — flights mint a uniquely-named, self-owned scratch dir (mktemp -d, 0700); no fixed shared temp names (chiefly /tmp/pr_body.md); PR bodies / clones / diffs live under scratch; mandatory teardown on exit.
  • WHY — shared temp residue lies; a dirty sandbox invalidates its work exactly as a dirty repo does (repo-truth, D0004).
  • ENFORCEMENT — preflight scratch-mint + df/stale-file check; EXIT-trap teardown; a sourced helper; a practice/lint check. Mechanical, not memory.
  • SCOPE — repo-enforceable pieces land in agent-role-service; the per-flight TMPDIR isolation is a Cowork launch-config setting (captain-side, cannot be PR'd); the per-run cloud sandbox (task.js, PR feat: AI voice cliché constraint + ghost writer test (checklist item 8) #80) is explicitly out of scope.
  • VERIFICATION — helper unit test (uniqueness, 0700, ownership, teardown, stale-file detection) + residue check + lint.

Files

  • canon/constraints/sandbox-hygiene-per-flight-scratch.md (new, tier-1)
  • canon/CHANGELOG.md — 0.42.0 bump
  • docs/oddkit/release-notes/2026-07-17-sandbox-hygiene-per-flight-scratch.md (new)

Honesty note

No committed canon file named policy-precedes-build or enforceable-policy-anatomy was found via oddkit_search or in the working tree. This realizes the named ordering and anatomy as specified and reconciles with committed governance (governance-change-discipline, definition-of-done, convention-requires-an-enforcer, repo-truth/D0004). If those canon files exist elsewhere, repoint derives_from before merge.

Companion

Implementation PR: klappy/agent-role-servicescripts/flight-scratch.sh + test (opened separately, cites this constraint).

Assigned to @klappy for review. Draft — not for merge/deploy.

…mp names

Draft tier-1 constraint. Flights must mint a uniquely-named, self-owned
scratch dir (mktemp -d, 0700), do all temp/clone/PR-body work inside it,
and tear it down on exit. Prohibits fixed shared temp names, chiefly
/tmp/pr_body.md. Authored from residue observed at boot this session
(stale /tmp/pr_body.md owned by nobody:nogroup). WHAT/WHY/ENFORCEMENT/
SCOPE/VERIFICATION anatomy; reconciled with policy-precedes-build ordering.
Includes CHANGELOG 0.42.0 bump + release note per governance-change-discipline.
@github-actions

Copy link
Copy Markdown

Canon Quality — Homepage Surfacing ✅

49 essay(s) scanned. Soft report — never blocks; the hard field gate is the Frontmatter Schema job.

All published essays resolve to the homepage feed.

Report: scripts/surfacing-report.py · Canon: klappy://canon/constraints/frontmatter-validation-before-merge

@github-actions

github-actions Bot commented Jul 17, 2026

Copy link
Copy Markdown

Canon Quality — Frontmatter Schema ✅

All 49 file(s) in writings/ conform to klappy://canon/meta/frontmatter-schema.

Validator: scripts/validate-frontmatter.py · Canon: klappy://canon/constraints/frontmatter-validation-before-merge · Run: #371

@github-actions

github-actions Bot commented Jul 17, 2026

Copy link
Copy Markdown

Canon Quality — P0010 Retrieval-Readiness ⚠️

Soft report for klappy://canon/constraints/retrieval-disclosure-contract. 701 files scanned. Never blocks — informational until the corpus is ready to enforce.

  • Blocking-class findings: 15 (structural fields the contract would filter on)
  • Warnings: 0 (kind resolves to unknown)
  • Informational: 13 (exempt templates/archive/drafts)

Kind distribution: {'essays': 51, 'canon': 241, 'apocrypha': 38, 'docs': 305, 'journals': 60, 'unknown': 6}
Kind source: {'path': 566, 'frontmatter': 129, 'none': 6} (frontmatter-primary, path-secondary)
Default-include visibility: 597 visible, 104 hidden (journals/apocrypha/unknown)

By rule: {'audience-invalid': 2, 'exposure-missing': 5, 'tier-missing': 5, 'tier-invalid': 7, 'fm-missing': 3, 'kind-unresolvable': 6}

These are not schema violations (see the Frontmatter Schema job for those on writings/). They are corpus-readiness signals for the retrieval contract: invalid/missing audience, exposure, tier, and docs whose kind cannot be resolved. Fix in a corpus-cleanup PR before the contract flips to enforcing. See the retrieval-readiness-findings artifact for the full list.

Validator: scripts/audit-retrieval-readiness.py · Constraint: klappy://canon/constraints/retrieval-disclosure-contract · Run: #371

@github-actions

github-actions Bot commented Jul 17, 2026

Copy link
Copy Markdown

Canon Quality — oddkit_audit

No dead klappy:// references or legacy link patterns found in writings/. 51 files scanned.

Spec: klappy://docs/oddkit/specs/oddkit-audit · Workflow: .github/workflows/canon-quality.yml · Run: #371

Voice-only pass on a universal constraint + its release note and changelog
entry. Role term -> 'operator' (incl. the 'captain-side' action split ->
'operator-side'); draft-posture 'opened for captain review' -> 'opened for
review'. CHANGELOG change is limited to this PR's new entry; pre-existing
history is untouched. No rulings, thresholds, enforcement, scope, or meaning
changed.
@git-repo-auth

git-repo-auth Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor Author

Closing — relocated to agent-role-service, not merged.

Operator ruling (2026-07-17): the sandbox-hygiene-per-flight-scratch constraint is stack- and implementation-specific (mktemp, /tmp/pr_body.md, flight-scratch.sh, the ~9.6 GB root disk). Per "abstraction matches scope," a doc that a change in ARS or the sandbox stack could falsify is repo-scoped, not universal canon. It belongs in agent-role-service, co-located with the enforcer it governs.

New location: docs/policy/sandbox-hygiene-per-flight-scratch.md in agent-role-service, folded into the enforcer PR so policy + helper travel together:

Frontmatter corrected in the relocated copy: target_repoagent-role-service (was wrongly outcomes-driven-development); derives_from now points at klappy://canon/constraints/policy-precedes-build (#290) and klappy://canon/meta/enforceable-policy-anatomy (#289); Honesty note updated to reflect those now exist. Body preserved as-is. The helper/doc/test citations in ARS were reconciled to the new URI.

Nothing was merged. Closing this draft.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant