Audit post-v0.6.98 overlay changes before carrying forward

[cbusillo]

Current Status

We stabilized locally on the known-good overlay-v0.6.98.1 baseline from PR #34 because recent post-#34 changes appear to have changed compaction/agent behavior.

Known-good anchor:

• PR Merge upstream v0.6.98 into local overlay #34: Merge upstream v0.6.98 into local overlay #34
• Merge commit: 3b24b27fdabd63e2d2a17e93eb003a80548362e1
• Local branch: stabilize/v0.6.98-known-good
• Baseline metadata commit: carries current .github/github.json on top of the PR Merge upstream v0.6.98 into local overlay #34 merge commit.
• PATH binary has been rebuilt from this baseline and verified with code --version reporting 0.6.98.

Current WIP from the compaction investigation was stashed locally as:

stash@{0}: On fix/auto-compact-overflow-resilience: wip auto compact overflow triage before v0.6.98 baseline

Goal

Audit every PR merged after #34 before carrying any change forward. For each PR or PR group, decide why it exists, what behavior it changed, whether the implementation is good, and whether to keep, rewrite, defer, or drop it.

Review Standard

For each PR/group, record:

• Intent: What problem was it trying to solve?
• Surface: What files and runtime paths did it touch?
• Risk: Could it affect compaction, token pressure, agent behavior, auth, or repo workflow?
• Verdict: keep as-is, keep with rewrite, defer, or drop.
• Validation: What evidence proves the verdict?

Scope

Post-#34 PRs to audit include:

• Trace remote inbox startup diagnostics #35 remote inbox diagnostics
• Move repo workflow metadata to github.json #38, Record metadata validation evidence #39, chore: remove old script #41, Remove validatedThrough metadata #42 GitHub metadata/docs cleanup
• Add code exec behavior harness #52, Fix code exec harness auth isolation #53, Clear inherited gh config in code exec harness #54 code exec harness and GitHub auth isolation
• Add session token efficiency scanner #55, Filter token scan usage by account #57 token usage/account scanning
• Compact image-heavy history before reuse #56 image-heavy history compaction
• Enforce binding skill trigger guidance #58, Enforce independent skill trigger handling #59, Allow grouped skill prefix commands #60 skill trigger behavior

Acceptance Criteria

• Baseline branch remains buildable and PATH code remains a known-good binary while auditing.
• Each PR/group has a written keep/rewrite/defer/drop verdict.
• Suspicious behavior changes, especially compaction/token history behavior, are reproduced or explained before reintroduction.
• Only reviewed-good changes are reintroduced in clean focused PRs.
• The current compaction WIP stash is either intentionally discarded or mined for useful tests/fixes after the audit.

[cbusillo]

Harness Restore Update - 2026-05-13

Restored the code exec behavior harness onto the known-good v0.6.98 stabilization branch as original cherry-picked commits:

• PR Add code exec behavior harness #52 / 99cff8cc18e93108c28290d887e91004edec27ee - add tools/code-exec-harness
• PR Fix code exec harness auth isolation #53 / c3e69d9626ca19da6c6a6a6f22efc1d1a147162e - fix harness GitHub auth isolation
• PR Clear inherited gh config in code exec harness #54 / 4625fc0f15b4688de532411e298b69e7bcd68eac - clear inherited GH_CONFIG_DIR

Local branch now includes these commits after the v0.6.98 baseline metadata commit.

Validation run:

python3 -m py_compile tools/code-exec-harness/harness.py
python3 tools/code-exec-harness/harness.py tools/code-exec-harness/scenarios/github-plan-smoke.json --dry-run --skill-root /Users/cbusillo/Developer/codex-skills --inherit-auth

Dry-run output directory:

/Users/cbusillo/Developer/code/.tmp/code-exec-harness/20260513-142714-github-plan-smoke

Not restored yet:

• stashed harness-only additions for command-start/order assertions
• token scanner PRs Add session token efficiency scanner #55/Filter token scan usage by account #57
• image-heavy history compaction PR Compact image-heavy history before reuse #56
• skill trigger PRs Enforce binding skill trigger guidance #58/Enforce independent skill trigger handling #59/Allow grouped skill prefix commands #60
• compaction WIP stash

Next step: design or restore the smallest harness scenario that reproduces the image-heavy history/token-burn problem before auditing PR #56.

[cbusillo]

Baseline Image-History Evidence - 2026-05-13

On the stabilize/v0.6.98-known-good baseline with harness tooling restored, I added a local characterization test for the image-history/rate-limit problem before touching PR #56.

Evidence added locally:

• code-rs/core/src/client_common.rs
  • old_image_generation_results_are_replayed_as_full_images
  • Proves the baseline request-assembly helper rewrites an old ImageGenerationCall result into a full data:image/png;base64,... input_image payload.
• code-rs/core/tests/image_history_replay.rs
  • Uses a mock Responses endpoint for two turns.
  • Turn 1 returns a completed image_generation_call with a 64 KiB result.
  • Turn 2 captures the actual /v1/responses request body.
  • The first request has 0 image payload bytes; the second request resends >64 KiB of image data in input.

Validation run:

cargo test -p code-core old_image_generation_results_are_replayed_as_full_images -- --nocapture
cargo test -p code-core --test image_history_replay -- generated_images_are_replayed_in_next_turn_request_payload --nocapture

Both passed. This confirms the rate-limit/token-burn mechanism exists on the known-good baseline: generated images can be carried forward as full image payloads in later requests.

Interpretation:

• The goal of PR Compact image-heavy history before reuse #56 is legitimate: reduce repeated image payload replay in reusable history.
• The next audit question is implementation quality: whether PR Compact image-heavy history before reuse #56 fixes this at the right layer without degrading compaction quality or breaking current-turn image use.
• These tests should probably become guardrails for the rewrite/restore decision, but the second test should likely flip from "baseline reproduces burn" to "fixed code does not resend old image payloads while preserving fresh images" once we carry the fix forward.

[cbusillo]

Added #70 to track restoring the clear user-visible compaction status message separately from the image-history/rate-limit work. This keeps the product feedback regression visible without mixing it into compaction mechanics.

[cbusillo]

Opened recovery PR #71 to make local/cbusillo-overlay match the dogfooded v0.6.98 known-good tree through the protected-branch workflow. The previous default tip is preserved as branch backup/local-cbusillo-overlay-pre-v0698-recovery-20260513 and tag local-cbusillo-overlay-pre-v0698-recovery-20260513.