-
-
Notifications
You must be signed in to change notification settings - Fork 4
Feature Remediation and Fixes
The audit is detection-only by hard design — Guardrails & Safety keeps
the repo read-only through the whole detection path. Remediation is a separate, opt-in flow
(argo fix, POST /runs/{id}/fixes) that turns confirmed findings into proposed patches for a
human — never auto-applied, never submitted.
-
Propose. One model session per confirmed finding (read-only repo, artifact tools) describes
the change in a
FIX.json— either a full-file rewrite (new_content) or, for large files, search/replaceedits(eachsearchmust match the file exactly once). Argo then computes the unified diff mechanically (difflib) intoruns/<id>/patches/<id>.diff. Because the model never writes hunk headers, it can't miscount@@ranges — the "corrupt patch" failure mode that broke multi-hunk diffs on large real repos. (A raw*.diffis still accepted as a legacy fallback.) -
Verify, on an isolated copy (the source mount is never touched):
- baseline build/compile check on the copy → error set B;
- apply the patch (
git apply -p1, falling back topatch --fuzz=0); - patched build/compile check → error set A;
-
new_errors = A − B(error signatures normalized so a patch that only shifts line numbers isn't mistaken for a regression).verified = applied ∧ compiles ∧ no new_errors.
Pre-existing breakage never fails a patch — only errors it introduces do. The build runs locally
(auto-detected: py_compile, node --check, go build, cargo check, …) or in Docker
(--network=none, offline) via an explicit --build-cmd.
argo fix --run RUN_ID # propose + verify all confirmed findings
argo fix --run RUN_ID --only ID,ID # just these findings
argo fix --run RUN_ID --no-verify # skip the build/compile check
argo fix --run RUN_ID --docker IMAGE # verify inside this image
argo fix --run RUN_ID --re-audit # see belowWith --re-audit, after a patch verifies, Argo runs a focused, unbiased audit session on the
patched copy — scoped to the finding's affected file(s), and deliberately not told which bug to
look for. If the re-audit no longer reports the original vulnerability class in that file, the
verdict carries re_audit.confirmed_fixed. This is a probabilistic signal (the model could miss
the bug for unrelated reasons), reported alongside the build check, never instead of it. Folded
into the benchmark as patch_quality.re_audit_confirmed_rate.
The Fixes results tab: "Propose & verify fixes" generates a reviewable diff per confirmed finding and shows each with its verify verdict — ✓ verified, compiles, no new errors, or ⚠ with the reason. Patches are proposals for a maintainer — never auto-applied or submitted. See Web UI.
On a real large multi-module run (Java, deep paths), 7 of 11 model-generated unified diffs failed
git apply with "corrupt patch" — the model miscounted multi-hunk @@ line ranges (the simpler
single-hunk diffs applied and verified fine). verify_patch correctly flags non-applying patches
(they remain useful as guidance, just not auto-appliable). The robust long-term fix is having the
model emit the full rewritten file instead of a hand-counted diff, and computing the diff
mechanically — planned but not yet built.
-
Benchmarks & Costs — where
--fixesfolds the verified-patch rate into a benchmark run. -
Runtime Verification — reuses the same isolated-copy /
--network=nonebuild machinery.