fix: MEDIUM-tier batch — parse gate, determinism (state_hash/validator), Next.js CVE, mypy enforcement#7
Closed
New1Direction wants to merge 6 commits into
Closed
fix: MEDIUM-tier batch — parse gate, determinism (state_hash/validator), Next.js CVE, mypy enforcement#7New1Direction wants to merge 6 commits into
New1Direction wants to merge 6 commits into
Conversation
added 6 commits
June 1, 2026 13:08
…clean tree The audit's '56 broken files' is overwhelmingly a local-working-tree artifact: 55 of the 56 are UNTRACKED (never committed) — a clean checkout/CI never sees them. Of the committed tree (406 tracked src/*.py) exactly ONE was unparseable: pi_binary_file_detector.py (dead, no importers). Removed it. - New non-skippable gates: compileall step in the lint job + a conformance test (test_no_unparseable_sources.py) asserting every git-TRACKED src/*.py parses. A syntactically-broken committed source now fails the build instead of being hidden behind a per-file exclude. - pyproject: drop the binary_file_detector exclude entries; document that the remaining ones reference local-only untracked stubs absent from the repo. - ci.yml: correct the stale '~56 broken-stub files' mypy comment. - Also fix a latent I001 import-sort lint error in test_catalog_integration.py (would have failed 'ruff check src tests').
…e was non-deterministic) run() extended self._violations / self._pass_results (init'd only in __init__) with no reset, so reusing one instance doubled violations and changed the content-addressed report_id on the second run. Reset both at run() entry. + test.
…rt immutability The old try/except form passed whether or not the model was frozen (the AssertionError was swallowed by the same except-clause). Use pytest.raises(ValidationError), matching the conformance suite's pattern, so dropping frozen=True would now fail the test.
compute_state_hash stripped only the top-level per-step timestamp, but each step's output JSON embeds _latency_metrics / _cache_hit / *_ms (perf_counter floats), so the user-facing determinism receipt changed every real run. Now canonicalizes each step's output, recursively dropping that volatile telemetry, so identical logical input reproduces the same state_hash. + tests.
… criticals) 15.1.0 was vulnerable to the x-middleware-subrequest middleware-bypass (CVE-2025-29927) AND a cluster of later criticals (RCE in the React flight protocol, SSRF via middleware redirects, cache poisoning, App-Router middleware bypass). 15.2.3 (the single fix the audit named) still left all the later ones open, so bumped to the latest 15.x (15.5.19) per npm audit. npm audit now shows 0 critical/high; 2 moderate remain in Next's BUNDLED postcss (no non-breaking fix — npm's only suggestion is a nonsensical downgrade to next@9). NOTE: 4-minor jump — run 'npm run build' in pi-console-frontend to validate the app before deploy (couldn't run the Next build in this environment).
…strict-mypy gate
M6: pi_surplus_orchestrator had a fallback 'from src.pi_agent_interceptor.proxy
import ledger' — it only resolved when run from the repo root and broke mypy
module resolution ('source file found twice'). The correct installed path is
imported right above it, so the broken fallback is removed (no behaviour change;
it was swallowed anyway). This was the ONLY 'src.'-prefixed import committed (the
other 18 such files are untracked local scratch).
M2: with the resolution blocker gone, mypy can run. Full-tree --strict is still a
large backlog (kept advisory), but added a BLOCKING strict-mypy step over a
curated strict-clean allowlist (auth_guard, sandbox, inspector, objective_tracker)
so type regressions there fail the build. The list grows as modules are cleaned —
ratcheting enforcement up instead of an all-or-nothing flip.
Owner
Author
|
Consolidated. All commits from this PR are now in |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
MEDIUM-tier fixes, focused on the high-value items. Stacked on #6; base is
fix/high-tier-2. All TDD/verified.Fixed
tests/conformance/test_no_unparseable_sources.py) that fails the build on any unparseable committed source, and removed the one committed broken file (pi_binary_file_detector.py, dead). See the correction below re: "56 files".ValidatorRuntimereuse was non-deterministic —run()appended to instance state with no reset, so a reused instance doubled violations and changed the content-addressedreport_id. Now resets per run.pytest.raises(ValidationError).state_hashfolded wall-clock latency — it stripped only the top-leveltimestampbut each step'soutputJSON embeds_latency_metrics/_cache_hit/*_ms; now canonicalized out, so the determinism receipt is reproducible.15.1.0 → 15.5.19— closes CVE-2025-29927 and the later critical cluster (RCE in React flight, SSRF, cache poisoning, middleware bypass) that 15.2.3 alone left open.npm audit: 0 critical/high (2 moderate remain in Next's bundled postcss, no non-breaking fix).npm run buildto validate before deploy.src.-prefixed import removed (pi_surplus_orchestrator) — only resolved from the repo root and broke mypy module resolution; the correct path was already imported right above it.--strictgate over a curated strict-clean allowlist (auth_guard, sandbox, inspector, objective_tracker). Full-tree mypy stays advisory (large backlog); modules graduate into the enforced list as they're cleaned.Verification
PYTHONHASHSEED=0) · strict-mypy gate: clean ·ruff check/format: clean. New tests are RED→GREEN.Corrections to the audit (honesty — recurring pattern)
The MEDIUM tier was substantially inflated by untracked local working-tree files that were never committed and so don't ship / aren't seen by CI:
pyprojectexcludes reference local-only stubs (documented).src.imports break 19 files": 18 of 19 are untracked; only 1 was committed (now fixed).Remaining MEDIUM items (not in this PR — larger / lower-value)
Architectural or doc-level: dead
DeterministicExecutionFabric(#15-sim), parity-reconstruction test gap, kernel entropy gate wired withartifact=None, governor per-detector strict-mode fail-open, strict-mode reads HOME/CWD, Dockerfile unpinned deps, interceptor AST-blocklist, parity coverage (205/296 agents). Happy to take these next.🤖 Generated with Claude Code