Mantis #324 narrowly tightened fs.go from 0644/0755→0600/0700. Athena audit
during task #20 closure-verification (2026-04-25) found sibling files in the
same directory still using 0755 for MkdirAll, leaving parent dirs world-listable
even when file content is 0600.
This commit applies the same hardening to:
- .core/reference/error.go:393 — crash-report parent dir 0755→0700
- .core/reference/embed.go:514/567/656 — workspace template extract dirs 0755→0700
- .core/reference/embed.go:595/660 — os.Create→os.OpenFile(...0600) for
template renders + standard-file copies (default umask 0644 was leaking
workspace-template content to other users on shared hosts)
- pkg/lib/workspace/default/.core/reference/error.go:414 — same crash-report fix
- pkg/lib/workspace/default/.core/reference/embed.go:518/571/660 — same template fixes
Workspace-template duplicates are kept in sync so newly-scaffolded workspaces
inherit the hardened perms instead of regressing to 0755/0644.
Closes Mantis #988.
Co-authored-by: Codex <noreply@openai.com>
Removed local sync/atomic + crypto/rand + encoding/hex based plan ID
generator from pkg/agentic/plan.go. Switched planID() to core.ID()
primitive. Preserves id-{counter}-{suffix} shape via Core's primitive.
prep.go, sync.go, pkg/brain/*.go scanned — no sync imports remained
in non-test files.
Closes tasks.lthn.sh/view.php?id=863
Co-authored-by: Codex <noreply@openai.com>
.core/reference/fs.go (canonical) + pkg/lib/workspace/default/.core/reference/fs.go (embedded copy):
- Write/WriteAtomic/Create/Append default to 0600
- Parent directories use 0700 (was 0755)
- WriteMode reapplies the requested mode after writes so overwriting an
existing file also tightens permissions
Test (pkg/lib/lib_test.go) keeps embedded fs.go synced with canonical +
asserts extracted workspaces carry the secure permission defaults.
tests/cli/extract copy not hand-edited — that flows from regeneration.
Co-authored-by: Codex <noreply@openai.com>
Closes tasks.lthn.sh/view.php?id=324
Closes Mantis #863 ([agent] Phase 2: purge sync stdlib).
Per RFC plans/code/core/go/RFC.primitives-lifecycle.md §14A (landed core/go
dev 8995a80), swaps the four sync.Once usages to core.Once and the two
sync.Once{} reset-pattern callsites to core.Once.Reset():
pkg/agentic/statestore.go:
- Drop `import "sync"`.
- stateStoreRef.once: sync.Once → core.Once
- closeStateStore reset: `s.stateOnce = sync.Once{}` → `s.stateOnce.Reset()`
pkg/agentic/workspace_stats.go:
- Drop `import "sync"`.
- workspaceStatsRef.once: sync.Once → core.Once
- closeWorkspaceStatsStore reset: `s.workspaceStatsOnce = sync.Once{}` →
`s.workspaceStatsOnce.Reset()`
pkg/agentic/prep.go:
- Drop `import "sync"`.
- PrepSubsystem.stateOnce + .workspaceStatsOnce: sync.Once → core.Once
The Reset() pattern matches stdlib semantics (see RFC §14A "Tradeoff: Once.
Reset semantics") — caller serialises via the existing closeStateStore /
closeWorkspaceStatsStore structure that nests Reset inside the lifecycle
inverse, so no concurrent Do races are introduced.
Net: 3 files, +7/-11. Mechanical line-edit per RFC §16 migration plan.
Audit re-check post-commit:
grep -n '"sync"\|sync\.Once\|sync\.Mutex' pkg/agentic/{statestore,workspace_stats,prep}.go
→ empty (lib local variable named `sync` in mirror.go is unrelated; not
in scope of this ticket).
Pre-flight verification: core.Once + Reset symbols verified present on
core/go dev 8995a80. Local AX-10 build blocked by the same pre-existing
workspace forge dep break that affects all consumers (root cause: fake
v0.8.0-alpha.1 pins per task #28); CI in healthy env will validate.
Co-Authored-By: Athena <athena@lthn.ai>
Co-Authored-By: Virgil <virgil@lethean.io>
Fleet registration in pkg/agentic already goes through the shared
&http.Client{Timeout: 30s} at transport.go:13 — no InsecureSkipVerify,
no custom TLS transport. This audit documents that finding and adds
regression coverage so future refactors can't silently strip TLS
validation from the /v1/fleet/register path.
Verdict: OK. No production bug. Tests pass trusted TLS server case
and reject untrusted cert with a wrapped error that surfaces the
certificate / x509 / tls signal in the message.
Closes tasks.lthn.sh/view.php?id=29
Co-authored-by: Codex <noreply@openai.com>
Co-Authored-By: Virgil <virgil@lethean.io>
- `git add` / `git commit` fail with `Operation not permitted` on `.git/index.lock`
- even a plain `touch .git/...` is blocked
Co-Authored-By: Virgil <virgil@lethean.io>
Add warnings for silent filesystem write/delete failures in agentic persistence helpers and record two adjacent hardening gaps for follow-up.\n\nCo-Authored-By: Virgil <virgil@lethean.io>
Three load-bearing gaps between the agent RFC and the MCP surface:
- RFC §9 Fleet Mode describes the 6-digit pairing-code bootstrap as the
primary way an unauthenticated node provisions its first AgentApiKey.
`handleAuthLogin` existed as an Action but never surfaced as an MCP
tool, so IDE/CLI callers had to shell out. Adds `agentic_auth_login`
under `registerPlatformTools` with a thin wrapper over the existing
handler so the platform contract stays single-sourced.
- `RegisterTools` was double-registering `agentic_scan` (bare
`mcp.AddTool` before the CORE_MCP_FULL gate, then again via
`AddToolRecorded` inside the gate). The second call silently replaced
the first and bypassed tool-registry accounting, so REST bridging and
metrics saw a zero for scan. Collapses both into a single recorded
registration before the gate.
- `registerPlanTools` and `registerWatchTool` were also fired twice in
the CORE_MCP_FULL branch. Removes the duplicates so the extended
registration list mirrors the always-on list exactly once.
- Switches `agentic_prep_workspace` from bare `mcp.AddTool` to
`AddToolRecorded` so prep-workspace participates in the same
accounting as every other RFC §6 tool.
TestPrep_RegisterTools_Good_RegistersCompletionTool now asserts all
three `agentic_auth_*` tools surface, covering the new login registration
alongside provision/revoke.
Co-Authored-By: Virgil <virgil@lethean.io>
go-process's OnStartup re-registers process.start/run/kill with
string-ID variants, clobbering the agent's custom handlers that return
*process.Process. This broke pid/queue helpers and 7 tests that need
the rich handle (TestPid_ProcessAlive_Good, TestQueue_CanDispatchAgent_Bad_AgentAtLimit,
etc). Register a Startable override service that reapplies the agent
handlers after every service finishes OnStartup — since services run in
registration order, "agentic.process-overrides" always runs last and
wins.
Co-Authored-By: Virgil <virgil@lethean.io>
Replace os/exec.LookPath with process.Program.Find() — keeps dispatch
runtime detection in line with the repo's process-execution convention
and removes the os/exec import from pkg/agentic/dispatch.go.
Convergence-pass from spark-medium — no new features found on this
sample, confirms core/agent and go-store RFC parity is complete.
Co-Authored-By: Virgil <virgil@lethean.io>
runWorkspaceLanguagePrep now appends `GOWORK=` (empty) to the env passed
to `go work sync` so inherited `GOWORK=off` from a test runner or CI
environment doesn't short-circuit the workspace lookup. The extracted
workspace template includes a go.work referencing ./repo; without this
override the sync fails even though the file is right there.
Converged pass — no new features found this sample.
Co-Authored-By: Virgil <virgil@lethean.io>
Adds `recoverStateOrphans` per RFC §15.5 — startup scans `.core/state/`
for leftover QA workspace buffers from dispatches that crashed before
commit, and discards them so partial cycles do not poison the diff
history described in RFC §7.
- `statestore.go` — new `recoverStateOrphans` wrapper around go-store's
`RecoverOrphans("")` so the agent inherits the store's configured
state directory
- `prep.go` — wires the recovery into OnStartup immediately after
`hydrateWorkspaces` so the registry, queue, and buffers all come back
into a consistent state on restart
- `statestore_test.go` — Good/Bad/Ugly coverage, includes the cwd
redirect guard so the go-store default relative path cannot leak test
artefacts into the package working tree
Co-Authored-By: Virgil <virgil@lethean.io>
Adds `.core/workspace/db.duckdb` — the permanent record of dispatch
cycles described in RFC §15.5. Stats rows persist BEFORE workspace
directories are deleted so "what happened in the last 50 dispatches"
queries survive cleanup and sync drain.
- `workspace_stats.go` — lazy go-store handle for the parent stats DB,
build/record/filter/list helpers, report payload projection
- `commit.go` — writes a stats row as part of the completion pipeline so
every committed dispatch carries forward into the permanent record
- `commands_workspace.go` — `workspace/clean` captures stats before
deleting, new `workspace/stats` command + `agentic.workspace.stats`
action answer the spec's "query on the parent" use case
Co-Authored-By: Virgil <virgil@lethean.io>
Extends DispatchReport with the three RFC §7 diff lists (New, Resolved,
Persistent) and a Clusters list that groups findings by tool/severity/
category/rule_id. runQAWithReport now queries the SQLite journal for up
to persistentThreshold previous cycles of the same workspace, computes
the diff against the current cycle, and populates .meta/report.json
before ws.Commit(). The full findings payload is also pushed to the
journal via CommitToJournal so later cycles have findings-level data
to compare against (workspace.Commit only stores aggregated counts).
Matches RFC §7 Post-Run Analysis without pulling in Poindexter as a
direct dependency — uses straightforward deterministic clustering so
agent stays inside the core/go-* dependency tier.
Co-Authored-By: Virgil <virgil@lethean.io>
The runQA handler now captures every lint finding, tool run, build, vet
and test result into a go-store workspace buffer and commits the cycle
to the journal. Intelligence survives in the report and the journal per
RFC §7 Completion Pipeline.
- qa.go: QAFinding / QAToolRun / QASummary / QAReport DTOs mirroring
lint.Report shape; DispatchReport struct written to .meta/report.json;
runQAWithReport opens NewWorkspace("qa-<workspace>"), invokes
core-lint run --output json via c.Process().RunIn(), records every
finding + tool + stage result, then commits
- runQALegacy preserved for graceful degradation when go-store is
unavailable (RFC §15.6)
- dispatch.go: runQA now delegates to runQAWithReport, bool contract
unchanged for existing call sites
- qa_test.go: Good/Bad/Ugly triads per repo convention
Poindexter clustering from RFC §7 Post-Run Analysis remains open —
needs its own RFC pass for the package boundary.
Co-Authored-By: Virgil <virgil@lethean.io>
Implements `core login CODE` — exchanges a 6-digit pairing code generated
at app.lthn.ai/device for an AgentApiKey, persisted to ~/.claude/brain.key.
Pairing code is the proof, so the POST is unauthenticated.
- auth.go: AuthLoginInput/Output DTOs + handleAuthLogin handler
- commands_platform.go: login / auth/login / agentic:login CLI commands
with cmdAuthLogin persisting the returned key
- prep.go: registered agentic.auth.login / agent.auth.login actions
- auth_test.go / commands_platform_test.go / prep_test.go: Good/Bad/Ugly
triads per repo convention, including key persistence verification
Co-Authored-By: Virgil <virgil@lethean.io>
- prep.go TrackWorkspace mirrors into queue + concurrency store groups
(previously only registry); hydrateWorkspaces reaps filesystem ghosts
(dead PID → failed, persisted back to status.json) so cmdStatus and
out-of-process consumers see coherent state (RFC §15.3)
- sync.go queue read/write goes through go-store first per RFC §16.5
("Queue persists across restarts in db.duckdb"), file remains fallback
for graceful degradation
- statestore.go stateStoreGet helper for go-store-first reads
- tests/cli/restart — new CLI test for RFC §15.7 "dispatch → kill →
restart → no ghost agents" dead-PID reap flow
- 4 new statestore tests: queue group mirror, concurrency refresh,
sync queue persistence, fs ghost reap with disk write-back
Co-Authored-By: Virgil <virgil@lethean.io>
Introduce an optional go-store persistence layer for the three state
groups described in RFC §15.3 — queue, concurrency, registry — plus
runtime_state and dispatch_history used by the sync pipeline.
- statestore.go lazily opens `.core/db.duckdb` via go-store when
available; nil-safe helpers return cleanly so in-memory/file-based
fallbacks survive when the store cannot open (graceful degradation,
RFC §15.6)
- prep.go tracks the store reference on the subsystem and closes it on
shutdown; hydrateWorkspaces now consults the registry group before
the filesystem scan so ghost agents are marked failed across
restarts, and TrackWorkspace mirrors updates back into the cache
- runtime_state.go persists backoff + fail-count snapshots into the
go-store runtime group so dispatch backoff survives restarts even
when the JSON file rotates
- commit.go writes the completed dispatch record into dispatch_history
for RFC §16.3 sync push to drain without rescanning workspaces
- statestore_test.go covers lazy-once init, restore/delete round trip,
ghost-agent failure marking, and runtime-state replay across
subsystem instances
Co-Authored-By: Virgil <virgil@lethean.io>
- sync.go: syncBackoffSchedule (1s/5s/15s/60s/5min) with per-push Attempts
and NextAttempt honoured on retry (RFC §16.5)
- runSyncFlushLoop: ticks every minute from OnStartup when API key present,
drains the queue without re-scanning workspaces
- SyncPushInput.QueueOnly: lets flush loop drain without triggering a full
workspace scan (prevents duplicate pushes)
- Sync ledger at .core/sync/ledger.json: fingerprints keyed by workspace
name + (updated_at, runs); skips already-synced workspaces until fresh
activity
- docs/RFC-AGENT.md: synced from plans/code/core/agent/RFC.md with latest
AgentPlan status enum, complete capability, pr.close/branch.delete,
indexed_at/org brain fields
Co-Authored-By: Virgil <virgil@lethean.io>
- Add isLEMProfile(): codex:lemmy/lemer/lemma/lemrd use --profile not --model
- Add isNativeAgent(): Claude agents run natively (not in Docker)
- Update localAgentCommandScript for LEM profile support
- 12 new tests (Good/Bad/Ugly for profiles, native agent, codex variants)
Co-Authored-By: Virgil <virgil@lethean.io>
- Replace broken registerMCPService with mcp.Register (fixes nil ServiceRuntime panic)
- Remove dead mcp_service.go, update tests to use mcp.Register directly
- Add setTestWorkspace() helper to clear workspaceRootOverride between tests
- Fix 40+ test files with workspace state poisoning from loadAgentConfig
- Fix forge.lthn.ai → dappco.re in findConsumersList test
- Fix BranchWorkspaceCount test to use isolated temp dir
- Add CLI test standard: 32 tests across 19 subsystems (tests/cli/)
- All 9 packages pass, 0 failures
Co-Authored-By: Virgil <virgil@lethean.io>
All RegisterTools and internal register*Tool methods updated from
*mcp.Server to *coremcp.Service. Tool registration calls updated to
use svc.Server() for SDK AddTool calls. Monitor subsystem updated
to store *coremcp.Service and access Server() for Sessions/ResourceUpdated.
Tests updated to create coremcp.Service via New() instead of raw SDK server.
Co-Authored-By: Virgil <virgil@lethean.io>
Replace all forge.lthn.ai import paths in Go source files with dappco.re
equivalents. Update go.mod deps to dappco.re versions as specified.
Co-Authored-By: Virgil <virgil@lethean.io>
