[agent/codex] Full audit per issue #4. Read CLAUDE.md. Report ALL findings... #5

Merged

Virgil merged 11 commits from agent/deep-audit-per-issue--4--read-claude-md into dev

2026-03-22 18:12:40 +00:00

Virgil commented

2026-03-22 18:12:36 +00:00

Member

Task

Full audit per issue #4. Read CLAUDE.md. Report ALL findings: stdlib usage (os.Getenv, filepath., fmt.Sprintf, strings., errors.New), missing tests, security, error handling. Report with severity and file:line. Do NOT fix.

Agent: codex
Commits: 11
Branch: agent/deep-audit-per-issue--4--read-claude-md

Auto-created by core-agent dispatch system.
Co-Authored-By: Virgil virgil@lethean.io

## Task Full audit per issue #4. Read CLAUDE.md. Report ALL findings: stdlib usage (os.Getenv, filepath.*, fmt.Sprintf, strings.*, errors.New), missing tests, security, error handling. Report with severity and file:line. Do NOT fix. **Agent:** codex **Commits:** 11 **Branch:** `agent/deep-audit-per-issue--4--read-claude-md` --- Auto-created by core-agent dispatch system. Co-Authored-By: Virgil <virgil@lethean.io>

Virgil added 11 commits 2026-03-22 18:12:36 +00:00

fix(dx): audit errors, update CLAUDE.md, clean up node import guard dbe5086a0a

- Replace errors.New() with coreerr.E() in sigil/sigils.go (HashSigil.In, NewSigil)
- Update CLAUDE.md: add missing deps (go-crypt, x/crypto, testify), fix go/pkg/core path,
  add GOWORK=off note, document sentinel error convention, add qa command
- Remove redundant unused import guard in node/node.go

Co-Authored-By: Virgil <virgil@lethean.io>

Merge pull request '[agent/claude:opus] DX audit and fix. 1) Review CLAUDE.md — update any outdate...' (#1 ) from agent/dx-audit-and-fix--1--review-claude-md into main 9c7a447214

feat(security): add WriteMode to Medium interface for file permissions f3f741c0a7

Codex security review found that migrating os.WriteFile(path, data, 0600)
to coreio.Local.Write() changed permissions from owner-only to world-readable
(0644). This is a security regression for encryption output, private keys,
and auth hashes.

WriteMode(path, content, mode) allows callers to specify permissions.
Write() remains the default (0644) for non-sensitive files.

Affected implementors updated: local.Medium, MockMedium, Node, datanode.Medium.

Co-Authored-By: Virgil <virgil@lethean.io>

chore: sync dependencies for v0.1.6 949b0098dc

Co-Authored-By: Virgil <virgil@lethean.io>

chore: sync dependencies for v0.1.7 1b147f4680

Co-Authored-By: Virgil <virgil@lethean.io>

refactor: migrate core import to dappco.re/go/core 92e85351a6

Co-Authored-By: Virgil <virgil@lethean.io>

Merge pull request '[agent/claude] Update all Go files that import forge.lthn.ai/core/go or for...' (#2 ) from agent/update-all-go-files-that-import-forge-lt into main 00279e457a

chore: migrate to dappco.re vanity import path 61d66f45a8

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Merge remote-tracking branch 'github/dev' 94950c711f

ci: add Core ecosystem CI workflow with CodeRabbit auto-fix

CI / test (push) Failing after 2s

Details

CI / auto-fix (push) Failing after 0s

Details

CI / auto-merge (push) Failing after 0s

Details

4b8d05559b

Uses dAppCore/build actions for test, auto-fix on CodeRabbit changes,
and auto-merge on CodeRabbit approval.

Co-Authored-By: Virgil <virgil@lethean.io>

Merge remote-tracking branch 'github/dev'

CI / auto-fix (push) Failing after 0s

Details

CI / auto-merge (push) Failing after 0s

Details

CI / test (push) Failing after 1s

Details

163692870f