Skip to content

feat: production-readiness checker module for Loop 2#69

Merged
fazxes merged 3 commits intomainfrom
feat/readiness-checker
Apr 5, 2026
Merged

feat: production-readiness checker module for Loop 2#69
fazxes merged 3 commits intomainfrom
feat/readiness-checker

Conversation

@fazxes
Copy link
Copy Markdown
Member

@fazxes fazxes commented Apr 5, 2026

Summary

  • New nightshift/readiness.py module with configurable post-build production-readiness checks: secret detection, debug statement scanning, test coverage verification
  • Integrated into build_feature() pipeline after final verification
  • New ReadinessCheck and ReadinessReport TypedDicts; readiness field on FeatureState; readiness_checks config key
  • 40 new tests, 725 total passing
  • Loop 2: 72% -> 81%, Overall: 82% -> 85%

Test plan

  • make check passes (ruff, mypy strict, pytest 725/725, dry-run both agents, shell syntax, ASCII, install refs)
  • All 40 new readiness tests pass (secrets, debug prints, test coverage, aggregate, state round-trip, backward compat, format display, constants)
  • Backward compatibility: state files without readiness field load with readiness=None

fazxes added 3 commits April 5, 2026 04:20
@fazxes
feat: production-readiness checker module for Loop 2 builds
1e4ee94 
Add nightshift/readiness.py with configurable post-build checks:
- Secret/credential detection (API keys, AWS keys, GitHub PATs, passwords)
- Debug statement scanning (print, console.log, debugger, breakpoint, pdb)
- Test coverage verification (production files have corresponding test files)

Integrated into build_feature() pipeline after final verification.
Returns structured ReadinessReport with per-check pass/fail and verdict.
Configurable via readiness_checks list in .nightshift.json.

40 new tests. Loop 2: 72% -> 81%. Overall: 82% -> 85%.
Closes task #68.
@fazxes
fix: add symlink checks before is_file() in readiness scanner
1a5921e 
Safety reviewer caught that a malicious target repo could place symlinks
at paths reported in files_created/files_modified, causing the scanner
to follow them outside the repo. Add is_symlink() guards at all 3
file-access points in check_secrets(), check_debug_prints(), and
check_test_coverage().
@fazxes
docs: add follow-up tasks from PR #69 review advisory notes
a7bf14e 
#84: path traversal guard for readiness scanner (safety reviewer)
#85: fix latent IndexError in readiness display (code reviewer)
@fazxes fazxes merged commit 3877225 into main Apr 5, 2026
@fazxes fazxes deleted the feat/readiness-checker branch April 5, 2026 08:27
fazxes added a commit that referenced this pull request Apr 6, 2026
@fazxes
docs: handoff #69 — pentest findings fixed (PR #135)
f8ece48
fazxes added a commit that referenced this pull request Apr 7, 2026
@fazxes
oversee: triage queue 73->53 pending (20 closures + 1 priority fix)
89a765b 
Closed 20 tasks with evidence:
- DONE (2): #73 (AGENTS.md created), #181 (docs/prompt/ deleted)
- WONTFIX-OBSOLETE (5): #78, #89, #128, #141, #157
  (reference docs/prompt/ or docs/ops/ paths deleted in session #103)
- WONTFIX-DUPLICATE (1): #88 (subset of #69)
- WONTFIX-NEVER-PICKED (12): #66, #69, #90, #96, #112,
  #114, #120, #123, #132, #133, #138, #145
  (low priority, 20-80+ sessions without being picked, speculative)

Priority fix: #103 downgraded from urgent to normal (umbrella epic,
not an actionable urgent fix).
fazxes added a commit that referenced this pull request Apr 7, 2026
@fazxes
overseer: queue triage -- close 8 tasks, fix 30+ stale paths, 4 pente…
e86ec4f 
…st tasks

Queue cleanup after session #103 major restructuring:

Closed (8):
- #73: AGENTS.md exists (commit 38e1fe5)
- #88: duplicate of #69 (auto-changelog)
- #141: obsolete (docs/prompt/evolve.md deleted)
- #157: obsolete (docs/prompt/feedback/ deleted)
- #159: consolidated into #190
- #161: consolidated into #190
- #181: obsolete (docs/prompt/unified.md deleted)
- #184: done (fixed by PR #179)

Path updates (30+ tasks):
- docs/ -> .recursive/ or Recursive/ops/
- scripts/daemon.sh -> Recursive/engine/daemon.sh
- scripts/lib-agent.sh -> Recursive/engine/lib-agent.sh
- .nightshift.json -> .recursive.json
- nightshift/*.py -> nightshift/{core,owl,raven,infra}/*.py

Pentest tasks created (4):
- #194: budget limiter triple-failure (CONFIRMED)
- #195: python3 -c path interpolation (CONFIRMED)
- #196: .recursive.json prompt guard (THEORETICAL)
- #197: costs.json negative value validation (THEORETICAL)
@fazxes fazxes mentioned this pull request Apr 9, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@fazxes