Remediation of coder3 independent-validation blocker on PR #547.
lane-brief.sh inspected only the open-PR index/title/head fields, never the PR
BODY or Gitea issue linkage. A body-only "Closes #546" was therefore invisible,
so issue #546 (open, with PR #547 'Closes #546' in its body) was placed under
DISPATCH CANDIDATES with work-underway count 0 — re-dispatchable in-flight work,
unacceptable for a dispatch-truth tool.
Fix:
- Fetch open PRs as JSON including `body`; resolve PR->issue links via Gitea's
closing-keyword set (close/closes/closed, fix/fixes/fixed, resolve/resolves/
resolved), case-insensitive, word-boundary anchored, `#` directly following the
keyword. Any issue so linked from an OPEN PR is classified WORK UNDERWAY.
- Preserve the prior title/head bare-ref heuristic and per-repo behavior; require
`#` immediately after the keyword so cross-repo `owner/repo#N` forms don't leak.
- Bare `#N` prose mentions in a body are intentionally NOT links (e.g. "#538 line
of work") to avoid marking live, dispatchable issues as in-flight.
Tests (committed, RED-on-revert non-vacuity):
- test-lane-brief-pr-linkage.sh: open-PR-with-'Closes #546'-in-body excludes #546
from candidates (and a reverted copy with the body-scan removed regresses #546
to a candidate — RED proof); bare #777 and substring 'hotfix #999' stay
candidates (word-boundary + closing-keyword-only guards).
- test-ci-wait-exit-matrix.sh: ci-wait.sh exit matrix 0 (all-success) / 1
(terminal-not-success: failure + error/killed) / 2 (usage) / 3 (timeout).
shellcheck -x + bash -n clean on all four files; no secret values. ci-wait.sh
unchanged (coder3 PASS preserved). Closed-issue exclusion unchanged.
Refs #546, PR #547
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Two defects an independent survey of the tooling surface found in the new
helpers, fixed pre-gate:
- lane-brief.sh: label filter used jq contains() (substring) — `-l security`
wrongly matched label `domain/6-security`. Now exact-token match against
tea's space-separated labels string. Verified live: `-l security` -> 0,
`-l domain/6-security` -> the real holders.
- ci-wait.sh: unknown owner silently defaulted to the `usc` Woodpecker
instance (wrong credentials, wrong pipelines). Now fails hard requiring
`-a <instance>`, matching lane-brief's FATAL-on-unresolved behavior.
Verified: usc owner still infers and exits 0; unknown owner exits 2 with
guidance.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Kt2D8TsnDwhtzEAPijsNmR
Two additive orchestration tools distilled from forensic analysis of a live
U-Connect delivery session, both adopted by the live orchestrator before this
contribution.
lane-brief.sh (git/): one call returns the CURRENT open issue set for a repo
lane (milestone/label) from Gitea, classified for dispatch. Defeats stale
worker self-report (workers brief from static notes and report already-CLOSED
issues as "todo"). Closed excluded by definition; partitions by PR-linkage
(reliable) not assignee/dependency (empty in this fleet). Login resolution:
-L > $GITEA_LOGIN > owner inference > detect-platform.sh fallback.
ci-wait.sh (woodpecker/): blocks until pipeline(s) reach terminal state,
wrapping pipeline-status.sh (resolves repo->id, instance-aware). Replaces
hand-rolled `curl .../repos/1/pipelines/$n` loops that hardcode repo id 1.
Intended as a Monitor command + long (>=1500s) timed fallback, not a tight
poll. Exit 0=all success / 1=terminal non-success / 2=usage / 3=timeout.
Tested live vs usc/uconnect. README updated. No version bump (separate
release PR per convention).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Kt2D8TsnDwhtzEAPijsNmR
Fresh `mosaic gateway install` (npm) left the gateway DB schema empty —
sign-in 500'd with `relation "users" does not exist`, and every entry
point (auth, bootstrap setup) failed because they all query the users
table first. Five stacked bugs on the local (PGlite) tier:
1. `packages/db/package.json` `files: ["dist"]` excluded the `drizzle/`
SQL migrations from the published tarball.
2. `runMigrations()` only supports postgres-js — unusable for embedded
PGlite.
3. `apps/gateway/src/database/database.module.ts` never invoked
migrations at startup.
4. `createPgliteDb` didn't load pgvector, so migration 0001's
`CREATE EXTENSION vector` failed.
5. Drizzle's PG migrator wraps every migration in one outer
transaction, which trips Postgres' `check_safe_enum_use` on
migration 0009 (`ALTER TYPE ADD VALUE 'pending'` → `SET DEFAULT
'pending'` in the same tx).
Changes:
- Ship `drizzle/` in the published tarball.
- `createPgliteDb` loads `@electric-sql/pglite/vector`.
- New `runPgliteMigrations(handle)` walks the Drizzle journal and
runs each statement-breakpoint chunk through PGlite's `client.exec()`
(autocommit per statement). Records into `drizzle.__drizzle_migrations`
for interop with the postgres-js path. Per-statement try/catch
surfaces which statement of which migration failed.
- `DatabaseModule` runs migrations in `OnModuleInit` before
`app.listen()`. Local tier: explicit `runPgliteMigrations` then
`storageAdapter.migrate()`. Postgres tier: just `storageAdapter.migrate()`,
which already calls `runMigrations(url)` internally — no double-call.
- Removed `packages/storage/src/test-utils/pglite-with-vector.ts`. The
"intentionally not exported" rationale is moot now that migration
0001 forces pgvector load anyway. The integration test uses
`createPgliteDb` + `runPgliteMigrations` from `@mosaicstack/db`.
Tests: BetterAuth tables exist after migrate; idempotent (re-runs 0009);
partial-failure surfaces statement-level context and leaves no ledger row.
QA on a fresh PGlite install:
- `Applying PGlite schema migrations...` then `Initializing storage
adapter (pglite)...` in startup log.
- `GET /api/bootstrap/status` → `{"needsSetup":true}` HTTP 200 (was 500).
- `POST /api/bootstrap/setup` reaches Zod validator (was 500).
Scope: this PR fixes the local (PGlite) tier. Postgres-tier first
install still has the outer-transaction problem and a journal ordering
bug (0009's `when` < 0008's). Documented inline as TODO and in the
scratchpad — needs a separate change with real-Postgres validation.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
