Replace all os.UserHomeDir/os.Getenv/os.Hostname with core.Env().
Replace all filepath.Base/Dir/Glob/IsAbs with core.PathBase/PathDir/
PathGlob/PathIsAbs.
10 files migrated: paths, prep, review_queue, remote, dispatch,
ingest, mirror, plan, verify, watch.
Imports eliminated: 5x os, 7x filepath. All file I/O and path
construction now routes through Core primitives.
Bumps dappco.re/go/core to v0.6.0.
Co-Authored-By: Virgil <virgil@lethean.io>
Replace separate go-io (coreio) and go-log (coreerr) packages with
Core's built-in Fs and error/logging functions. This is the reference
implementation for how all Core ecosystem packages should migrate.
Changes:
- coreio.Local.Read/Write/EnsureDir/Delete/IsFile → core.Fs methods
- coreerr.E() → core.E(), coreerr.Info/Warn/Error → core.Info/Warn/Error
- (value, error) return pattern → core.Result pattern (r.OK, r.Value)
- go-io and go-log moved from direct to indirect deps in go.mod
- Added AX usage-example comments on key public types
- Added newFs("/") helper for unrestricted filesystem access
Co-Authored-By: Virgil <virgil@lethean.io>
High/Security: sanitise input.Repo via filepath.Base to prevent
path traversal in workspace prep (../escape from CODE_PATH).
High/Security: sanitise repo.Repo from API response in syncRepos
to prevent path traversal via crafted checkin responses.
Medium: dispatchFixFromQueue now returns error, review_queue checks
success before recording fix_dispatched.
Known issues updated with async bridge provider findings.
Co-Authored-By: Virgil <virgil@lethean.io>
High: workspace names use UnixNano to prevent same-second collisions
High: sync only pulls the branch the server reported (was pulling current)
Medium: drainQueue serialised via mutex to prevent concurrent over-dispatch
Medium: remote_status checks JSON-RPC error field before reporting success
Medium: dead agent PIDs without output log marked failed, not completed
Low: detectLanguage uses ordered slice instead of map for deterministic results
Also: URL-encoded agent names in messaging, monitor inbox, and sync endpoints.
Co-Authored-By: Virgil <virgil@lethean.io>
High: harvest no longer hardcodes 'main' — detects default branch
via symbolic-ref/rev-parse fallback. Repos with master/other
default branches are now harvested correctly.
High: empty task no longer produces invalid 'agent/' branch name.
Falls back to issue-N or work-timestamp. Branch creation errors
are now surfaced instead of silently ignored.
High: PHP verification no longer returns passed:true when no test
runner exists. Untested PHP repos correctly fail verification.
(brain/direct.go findings 5-6 verified as false positives — API
returns top-level keys, not {data: ...} envelope)
Co-Authored-By: Virgil <virgil@lethean.io>
- Module path: dappco.re/go/agent
- Core import: dappco.re/go/core v0.4.7
- Process service re-enabled with new Core API
- Plugin bumped to v0.11.0
- Directory flattened from go/ to root
Co-Authored-By: Virgil <virgil@lethean.io>
Extract 4 hardcoded templates from prep.go raw strings into
pkg/prompts/lib/templates/ as markdown files:
- coding.md — main coding template with closeout sequence
- conventions.md — convention audit (report only)
- security.md — security review
- verify.md — PR verification
- default.md — fallback
prep.go now calls prompts.Template("coding") instead of
maintaining 120 lines of raw Go string literals.
Backticks now work properly in templates — no more
concatenation hacks for inline code formatting.
Co-Authored-By: Virgil <virgil@lethean.io>
Dispatched agents must now run a 4-pass polish cycle before committing:
1. Self-review (conventions, nil pointers, hardcoded paths)
2. Build + test (fix failures, add tests for critical paths)
3. Simplify (consolidate, deduplicate, reduce complexity)
4. Final check (build clean → commit)
This captures the review→fix→simplify→re-review flow that produces
polished code. Goal: CodeRabbit finds zero issues on agent output.
Co-Authored-By: Virgil <virgil@lethean.io>
- Add paths.go with WorkspaceRoot(), CoreRoot(), PlansRoot()
- All workspace paths now check CORE_WORKSPACE env var first
- Fallback: ~/Code/.core/workspace (works on any machine)
- Remove committed core-agent and mcp binaries from tracking
- Add .gitignore for compiled binaries
Co-Authored-By: Virgil <virgil@lethean.io>
Watches running/queued agent workspaces until all complete.
Sends progress notifications via MCP protocol as each agent finishes.
Returns summary with completed/failed counts and PR URLs.
Co-Authored-By: Virgil <virgil@lethean.io>
When a dispatched agent completes with commits:
1. Branch name threaded through PrepOutput → status.json
2. Completion goroutine pushes branch to forge
3. Auto-creates PR via Forge API with task description
4. PR URL stored in status.json for review
Agents now create PRs instead of committing to main. Combined
with sandbox restrictions, this closes the loop on controlled
agent contributions.
Co-Authored-By: Virgil <virgil@lethean.io>
Three-layer sandboxing:
1. --append-system-prompt with SANDBOX boundary instructions
2. PROMPT.md templates include SANDBOX BOUNDARY (HARD LIMIT) section
3. Agent starts in src/ with only cloned repo visible
Agents are instructed to reject absolute paths, cd .., and any
file operations outside the repository. Violations cause work rejection.
Co-Authored-By: Virgil <virgil@lethean.io>
Replace all fmt.Errorf and errors.New in production code with
coreerr.E("caller.Method", "message", err) from go-log. Replace
all os.ReadFile/os.WriteFile/os.MkdirAll/os.Remove with coreio.Local
equivalents from go-io. Test files are intentionally untouched.
Co-Authored-By: Virgil <virgil@lethean.io>
Brain and agentic subsystems now live in core/agent/pkg/ instead of
core/mcp/pkg/mcp/. core-agent binary uses core/cli for proper command
framework. Usage: core-agent mcp
One repo, one clone, everything works.
Co-Authored-By: Virgil <virgil@lethean.io>
