Oracle Wave 2: capability catch-up (v2.48.0)#27
Merged
Conversation
…/chat tools Deny-by-default allowlists: c3_project permits list/info/subprojects/search/ read/compress/status/memory/impact/edits/validate — register/unregister, sub_* mutations, edit/shell, and 'scan' (reveals unregistered .c3 projects, outside the discovered-project trust boundary) are excluded. The wrapper signature has no allow_write and no write-op params; the registry drops undeclared keys, so write verbs cannot reach handle_project from any transport. Every resolution passes resolve_project THEN validate_project_path (the resolver accepts any on-disk .c3 folder; Oracle re-checks membership). c3_artifacts blocks scan (mutates the manifest despite the handler's READ_ACTIONS listing) and restore; list/history/show/diff/status proxy through the validated runtime cache. MCP + OpenAPI pick both up from TOOL_SPECS automatically. Tests pin the allowlist enums, the allow_write drop, and _BLOCKED_MEMORY_ACTIONS == cli.tools.project._MEMORY_WRITE.
…y, scoped cross tools The Oracle treated every project as flat, ignoring the v2.44 parent/child model. Now: ProjectScanner carries registry parent_path (previously dropped) and _enrich adds is_subproject / parent_path (child-config back-link as fallback; broken links degrade to top-level) / subproject_rel_paths / count — /api/projects and the list_projects chat tool surface hierarchy for free. FederatedGraph gains a serve-time parent_child overlay applied on BOTH fresh builds and cache hits (hierarchy lives in .c3/config.json, which the facts-mtime cache key never sees; the overlay is never baked into the cache file, and no fact-level edges are added — they would pollute similarity clustering). c3_search_cross / c3_edits_cross gain an optional scope param: '' = all, 'top' = top-level only, or a project name/path = that project plus its direct sub-projects (resolved + validated).
ActivityReporter was fully built but only reachable on demand. The review loop now emits a cross-project digest when due: config-gated (digest_enabled default FALSE — current behavior preserved; digest_interval_seconds daily; digest_narrate opt-in since narration costs a cloud LLM call), config read live each cycle so toggling needs no restart, last_digest_at pre-stamped in review_state.json so an overlapping run_now can't double-digest, digests persisted to ~/.c3/oracle/activity_digests/<date>.json + latest.json with retention pruning (digest_retention_days), optional one-line JSONL notify sink (digest_notify_file), and the whole path try/except-wrapped so a digest failure never kills the review cycle. New GET /api/activity/digest/latest; Activity tab shows a last-scheduled-digest banner; Settings gains the toggle and interval (round-trips through the existing /api/config).
…ni/claude/auto) Oracle agents ran only on Ollama while core C3's delegate layer already had hardened Codex/Gemini/Claude CLI backends. Agents now carry a per-agent backend (default 'ollama' = unchanged nested tool loop); CLI backends route through cli.tools.delegate.handle_delegate against _OracleDelegateRuntime — a read-only shim of the target project's runtime that forces codex/gemini memory bridges OFF (they write facts into the target), notifications None (no NotificationStore writes), and codex_default_sandbox='read-only', while passing everything else through. CLI backends need a concrete project (subprocess cwd + the TARGET's own delegate config; Oracle never force-enables a backend): explicit project_path arg → conversation's focused project (via thread-local conv state) → instructive error; never silently picked. delegate_task spec/defs gain optional project_path; agent modal gains a backend select; delegate progress notes stream to the UI through the existing agent event sink.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Stacked on #26 (Wave 1) — GitHub will retarget to main when it merges.
Testing