Compare commits
1 Commits
feat/758-s
...
fix/mos-op
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
d1f7c75773 |
@@ -38,19 +38,19 @@ Primary blockers:
|
|||||||
|
|
||||||
### AC disposition
|
### AC disposition
|
||||||
|
|
||||||
| AC | Result | Evidence |
|
| AC | Result | Evidence |
|
||||||
|---|---|---|
|
| --- | ----------------- | ------------------------------------------------------------------------------- |
|
||||||
| 01 | **Fail** | No `mosaic tess`; no bidirectional same-session chat/stream E2E |
|
| 01 | **Fail** | No `mosaic tess`; no bidirectional same-session chat/stream E2E |
|
||||||
| 02 | **Fail** | Generic CLI exists, but fleet/Matrix providers are unreachable in production |
|
| 02 | **Fail** | Generic CLI exists, but fleet/Matrix providers are unreachable in production |
|
||||||
| 03 | Pass | Pi profile/model/reasoning/effective-policy tests passed |
|
| 03 | Pass | Pi profile/model/reasoning/effective-policy tests passed |
|
||||||
| 04 | **Fail** | No registered fleet provider or real Mos consumer |
|
| 04 | **Fail** | No registered fleet provider or real Mos consumer |
|
||||||
| 05 | Partial | Hermes normalization/fail-closed matrix passes; live capability path is limited |
|
| 05 | Partial | Hermes normalization/fail-closed matrix passes; live capability path is limited |
|
||||||
| 06 | Partial | PGlite restart/idempotency passes; no actual harness failover |
|
| 06 | Partial | PGlite restart/idempotency passes; no actual harness failover |
|
||||||
| 07 | Partial | Focused denial/replay tests pass; full M5 abuse qualification absent |
|
| 07 | Partial | Focused denial/replay tests pass; full M5 abuse qualification absent |
|
||||||
| 08 | Partial | Mocked shared-intersection parity passes; Matrix not operationally wired |
|
| 08 | Partial | Mocked shared-intersection parity passes; Matrix not operationally wired |
|
||||||
| 09 | **Fail** | Baselines/CI green, but required E2E/security/rollback qualification absent |
|
| 09 | **Fail** | Baselines/CI green, but required E2E/security/rollback qualification absent |
|
||||||
| 10 | **Fail** | Inventory incomplete/inconsistent; rollback not exercised |
|
| 10 | **Fail** | Inventory incomplete/inconsistent; rollback not exercised |
|
||||||
| 11 | Pass/ledger stale | Documentation and sitemap exist; plugin/catalog ledger remains unresolved |
|
| 11 | Pass/ledger stale | Documentation and sitemap exist; plugin/catalog ledger remains unresolved |
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
@@ -207,14 +207,14 @@ Missing pieces:
|
|||||||
|
|
||||||
# 5. Minimal follow-up issue decomposition
|
# 5. Minimal follow-up issue decomposition
|
||||||
|
|
||||||
| Order | Issue | Minimum acceptance criteria |
|
| Order | Issue | Minimum acceptance criteria |
|
||||||
|---|---|---|
|
| ----- | ------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
||||||
| 1 | **Logical identity and security fencing** | Server-derived `{tenant, logicalAgentId, connectorId, harness, leaseEpoch, scopes, expiry}`; signed/fenced execution grant; stale/forged/cross-tenant grants denied and audited; no connector credential in handoffs |
|
| 1 | **Logical identity and security fencing** | Server-derived `{tenant, logicalAgentId, connectorId, harness, leaseEpoch, scopes, expiry}`; signed/fenced execution grant; stale/forged/cross-tenant grants denied and audited; no connector credential in handoffs |
|
||||||
| 2 | **Durable connector lease** | PostgreSQL-backed exclusive lease with CAS, monotonic epoch, TTL/heartbeat, explicit takeover, and gateway rejection of stale holders; connectors for Claude Code, Pi, and Codex |
|
| 2 | **Durable connector lease** | PostgreSQL-backed exclusive lease with CAS, monotonic epoch, TTL/heartbeat, explicit takeover, and gateway rejection of stale holders; connectors for Claude Code, Pi, and Codex |
|
||||||
| 3 | **Canonical handoff/checkpoint** | Versioned, sealed schema containing canonical mission/task/git references, checkpoint digest, causal sequence, required capabilities, pending/ambiguous operation references, and source/destination acknowledgement; no raw secrets or mandatory harness transcript |
|
| 3 | **Canonical handoff/checkpoint** | Versioned, sealed schema containing canonical mission/task/git references, checkpoint digest, causal sequence, required capabilities, pending/ambiguous operation references, and source/destination acknowledgement; no raw secrets or mandatory harness transcript |
|
||||||
| 4 | **Exactly-once connector journal** | Durable operation IDs and receipts; idempotency propagated through every adapter; Matrix transaction mapping; tmux replaced or wrapped with receiver-side durable dedupe; ambiguous effects remain held for authorized reconciliation |
|
| 4 | **Exactly-once connector journal** | Durable operation IDs and receipts; idempotency propagated through every adapter; Matrix transaction mapping; tmux replaced or wrapped with receiver-side durable dedupe; ambiguous effects remain held for authorized reconciliation |
|
||||||
| 5 | **Cross-harness failover and rollback E2E** | Real Mos identity moves Claude Code → Pi → Codex and back; inject crashes before/after lease transfer, handoff persistence, send, and acknowledgement; stale connector fenced; no duplicate side effects; canonical state preserved; rollback evidence published |
|
| 5 | **Cross-harness failover and rollback E2E** | Real Mos identity moves Claude Code → Pi → Codex and back; inject crashes before/after lease transfer, handoff persistence, send, and acknowledgement; stale connector fenced; no duplicate side effects; canonical state preserved; rollback evidence published |
|
||||||
| 6 | **Generic gateway research ADR** | Evaluate LiteLLM subscription OAuth and Bifrost concepts without adding either to core; include terms/security review, credential lifecycle, tenant mapping, budgets, failover semantics, and adapter-only prototype |
|
| 6 | **Generic gateway research ADR** | Evaluate LiteLLM subscription OAuth and Bifrost concepts without adding either to core; include terms/security review, credential lifecycle, tenant mapping, budgets, failover semantics, and adapter-only prototype |
|
||||||
|
|
||||||
## Generic gateway placement
|
## Generic gateway placement
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user