Skip to content

chore(runbooks): merge-guard v4.4.53 post-install live-probe — dual-independent CONVERGE#1101

Merged
michael-wojcik merged 1 commit into
Synaptic-Labs-AI:mainfrom
michael-wojcik:chore/runbook-v4.4.53-postinstall-probe
Jul 3, 2026
Merged

chore(runbooks): merge-guard v4.4.53 post-install live-probe — dual-independent CONVERGE#1101
michael-wojcik merged 1 commit into
Synaptic-Labs-AI:mainfrom
michael-wojcik:chore/runbook-v4.4.53-postinstall-probe

Conversation

@michael-wojcik

Copy link
Copy Markdown
Collaborator

Summary

Appends one append-only row to pact-plugin/tests/runbooks/RUNBOOK_RUN_DATES.md recording the post-install live-probe of the INSTALLED merge-guard v4.4.53 hook mains, discharging the post-install gate for the gated closure of #1086, #1087, #1096, #1097 (all shipped in #1095 / v4.4.53 / merge 2c8cdd2c). Also re-confirms the #1037 gh-comment carrier-strip cure (originally shipped v4.4.45 / #1058) as a persistence check.

Runbook-only chore — no plugin behavior change, no version bump.

What landed

  • One new section ## merge-guard-v4.4.53-batch-post-install-live-probe with a single dated row (6 insertions, 0 deletions; prior rows untouched).

Probe result — dual-independent PASS

Why

Per the gated-closure discipline (#924) + the v4.4.45 post-install standard: the fix-level pre-merge probe ran STAGED hooks; a green pytest suite does not discharge a gated closure on a SACROSANCT control (installed-binary-vs-source + runtime-subprocess-vs-in-process unobservables remain open after CI). This row is the installed-binary confirmation that discharges the post-install gate.

Issue closure for #1086/#1087/#1096/#1097 follows as an explicit post-merge step with a probe-row citation (no auto-close keywords used here, per the gated-issue-close discipline). #1037's disposition is confirmed separately (its cure predates this PR).

…l-independent CONVERGE)

Post-install live-probe of the INSTALLED merge-guard v4.4.53 hook mains (byte-identical to origin/main 2c8cdd2 / tag v4.4.53), discharging the post-install gate for the gated closure of Synaptic-Labs-AI#1086/Synaptic-Labs-AI#1087/Synaptic-Labs-AI#1096/Synaptic-Labs-AI#1097. Also re-confirms the Synaptic-Labs-AI#1037 gh-comment carrier-strip cure (shipped v4.4.45/Synaptic-Labs-AI#1058) as a persistence check only.

Dual-independent: test-engineer 50/50 hermetic subprocess probes + merge-guard suite 1952/0/0; blind pact-security-engineer 24/24 adversarial verify. FULL CONVERGE, zero contradictions. Synaptic-Labs-AI#1096 gh-api-only narrowing confirmed dead-by-construction (structural). No HALT. Append-only; no version bump (runbook chore).
Copilot AI review requested due to automatic review settings July 3, 2026 10:54

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds an append-only runbook entry documenting the post-install live-probe results for the installed merge-guard v4.4.53 hooks, intended to discharge the gated-closure requirement for issues #1086/#1087/#1096/#1097 and re-confirm persistence of the #1037 gh-comment carrier-strip behavior.

Changes:

  • Appends a new ## merge-guard-v4.4.53-batch-post-install-live-probe section to the runbook.
  • Records a single dated probe row capturing dual-independent verification outcomes for the installed v4.4.53 hooks.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.


| Run date (UTC) | Operator | Plugin version | Verdict | Harness-independence evidence | Notes (corpus; base-vs-HEAD proof; per-set outcomes; provenance caveat) |
| -------------- | -------- | -------------- | ------- | ----------------------------- | ----------------------------------------------------------------------- |
| 2026-07-03 | michael-wojcik | 4.4.53 installed (hooks byte-identical to origin/main 2c8cdd2c / tag v4.4.53) | **50/50 PASS, post-side** — #1086/#1087 cross-leg over-blocks REMOVED (benign compounds ALLOW) with same-leg dangerous STILL gating incl. the CRITICAL `cd /repo && gh pr close 42 --delete-branch` and `cd /repo && gh api -X DELETE .../git/refs...` DENY; #1087 close laundering CLOSED end-to-end (AMBIG multi-close mints 0 → escalated single `gh pr close 42 --delete-branch` DENIES) + faithful close round-trips (mint 1 → AUTHORIZE, §0 intact); #1096 gh-api-only API-merge MINTS→ALLOW (incl. `-R` global-flag bind, CLI↔API cross-spelling, endpoint-position `-f` decoy laundering CLOSED, different-target REFUSE) while curl/wget merge stays gated-but-unmintable (read=DENY, mint=0); #1097 target-aware retirement CURED (unrelated-target merge does NOT retire → faithful 42-re-exec still AUTHORIZEs; self-consume still retires); #1037 gh-comment carrier-strip persists (ALLOW) with bare-literal DENY non-vacuity. Merge-guard suite 1952 passed / 0 failed / 0 errors. ZERO installed-vs-source divergence · dual-independent CONVERGE (Task #6/#7: 50/50 TE + 24/24 SE, zero contradictions across all 5 areas) · no HALT. | SINGLE-harness post-install re-drive (test-engineer) — REAL SUBPROCESSES of the shipped mains. DUAL-INDEPENDENT: a pact-security-engineer ran an INDEPENDENT adversarial verify (Task #6) of this probe's non-vacuity + verdict-correctness, LOCKING its 24-verdict harness from the installed code BEFORE any cross-read; harness contents + expected-verdicts were NOT shared. Reconciliation routed through the lead (Task #7) → **FULL CONVERGE, zero contradictions** across all 5 areas (#1096/#1087/#1086/#1097/#1037) + non-vacuity; the 50-vs-24 row-count gap is SCOPE (TE = full merged corpus verbatim; SE = minimal adversarial crux + over-block hunt), not divergence. THREE emergent genuine-independence signatures (two separate verifications, not one derived from the other): (1) different byte-identity METHOD — TE `diff -r` of the whole installed hooks tree vs 2c8cdd2c; SE sha256 of both mains + the 151K `merge_guard_common.py` engine + recursive `shared/` diff; (2) RUNTIME SPAN — TE ran macOS `/usr/bin/python3` 3.9.6 (floor), SE ran pyenv 3.14.6 (newest), both PASS → the installed hook behaves identically across the runtime span (a version-specific regex/match-statement divergence would have contradicted); (3) SESSION-GATE BOTH-HALVES — TE ran `get_session_id()==""` (session gate INERT / graceful-degradation), SE ran a POPULATED matching session_id (session-SCOPED path); between them BOTH branches of the session-scoping gate are covered — strictly stronger than either alone, directly exercising the dual-mode teammateMode split. SE-unique deepest finding: cross-CLIENT consume closure (a gh-api-minted `token{merge,7}` is UNCONSUMABLE by a curl exec of PR 7 — curl merge classifies `op=None` on the READ side too → `_token_matches_command` refuses), one laundering level below 'different-target REFUSE'. INDEPENDENCE-WEIGHTING HONESTY (per the #1042/#1063 precedent): the pact-security-engineer is NOT memory-naive on THIS arc — its agent-type memory (separate from pact-test-engineer's) holds two entries authored during this arc (the sec-#71 'value-flag skip DENYLIST unsound — audit the SPACE' finding that drove the gh-api-only narrowing, and the #1096 target-confusion pattern); its verdict is therefore weighted on VERIFIABLE ARTIFACTS (byte-identity + black-box execution of the installed mains + on-disk mint→use→consume non-vacuity flips) that reproduce regardless of recalled authorship, NOT on that memory. The load-bearing independence is the CROSS-TYPE check: a DIFFERENT agent-type (pact-test-engineer, separate agent-memory store, no shared harness) CONVERGES. The only shared ground truth is the shipped CLAUDE.md pins + the merged v4.4.53 test corpus (the authoritative expected-verdict source), NOT a shared harness. IDENTITY GATE first: full `diff -r` of the installed hooks tree (`/Users/mj/.claude/plugins/cache/pact-plugin/PACT/4.4.53/hooks`) vs the worktree at 2c8cdd2c byte-identical (excl. `__pycache__`) — covers both mains + every `shared/` module transitively. Harness-fidelity control (`gh pr merge 42` mint→authorize→use-slot consume) PASSED before any REFUSE was interpreted. | Corpus recovered VERBATIM from the merged artifacts (NOT re-derived from prose): #1086/#1087 cross-leg sweep classes `TestCloseLiteralArmCrossLegSweep` + `TestApiLiteralArmCrossLegSweep` + the fix-level runbook row; #1096 `TestApiMergeMintParity` + `TestApiMergeEndpoint{PositionLaunderingClosed,NoOverBlock,ResidualBoundary}`; #1097 `TestTargetAwareRetirement`; #1037 `test_merge_guard_1037_narrow.py`. Run as REAL SUBPROCESSES of the installed `merge_guard_pre.py`/`merge_guard_post.py` mains (hooks.json `python3 <hook>.py` shape) under macOS `/usr/bin/python3` 3.9.6 (runtime floor); per-probe isolated `CLAUDE_CONFIG_DIR` (== `TOKEN_DIR`) + `HOME`, no `CLAUDE_PROJECT_DIR` → `get_session_id()`=="" → session gate INERT (mode-independent; verdicts key on op+target+bound_flags), zero `~/.claude` contamination; dangerous literals confined to the harness `.py` + subprocess stdin. **#1096 BASE-vs-HEAD proof** (the load-bearing "not a new over-block" substantiation): curl/wget API-merge = (read=DENY, mint=0) at BOTH the v4.4.52 base (`60f14796`, verified to LACK the #1096 mint symbols `_extract_api_merge_pr`/`_api_merge_leg_endpoint`/`_API_MERGE_GH_VALUE_FLAGS`) AND v4.4.53 HEAD → UNCHANGED, so keeping read=DENY is NOT a new over-block (pre-existing gated-but-unmintable, the #1064-class over-block); gh-api merge flips (read=DENY, mint=0)→(mint=1, ALLOW) = the CURE. `gh api` is the bounded/provably-classifiable surface (finite flags + first-positional endpoint); the unsound curl/wget value-flag denylist was dropped, killing the 52-vector target-confusion laundering class BY CONSTRUCTION (can't classify → can't mint → can't launder). Faithful idiomatic merge (`gh pr merge` + `gh api ...pulls/N/merge`) fully MINTS→ALLOW (§0 honest-mistake gate intact); curl/wget raw-API merge staying gated-but-unmintable is a user-ratified accepted limitation (Option B), not the cardinal-sin over-block direction. **#1037 PROVENANCE CAVEAT**: the gh-comment carrier-strip cure shipped v4.4.45/#1058 (`7f98de2f`), NOT #1095 — recorded here as a PERSISTENCE/REGRESSION re-confirm only (general case DEFERRED #1068); non-vacuity: bare `git branch -D victim` DENIES + non-carrier-verb `gh pr edit ... --body` DENIES, proving the ALLOW is the carrier-strip, not a benign literal. This row DISCHARGES the post-install gate for #1086/#1087/#1096/#1097 (gated-closure discipline: the fix-level pre-merge row above ran STAGED hooks; this is the installed-binary confirmation per the v4.4.45 post-install standard). TWO accepted residuals, neither an over-block nor a regression: (i) #1079 attached-method under-block (`gh api --method=PUT`/`-XPUT .../merge` is is_dangerous=False = READ==MINT SYMMETRIC; closed won't-fix) — landed by BOTH verifiers; (ii) implicit-POST `gh api -f k=v .../pulls/N/merge` = read=DENY+mint=0 but POST≠merge (GitHub merge is PUT), a non-functional input — surfaced by the security verify ONLY. #1068 general #1037 case deferred — out of scope. No HALT. |
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants