Doctor link v0.2.0
Doctor link v0.2.0
Release date: 2026-07-13
Doctor link v0.2.0 adds a bounded, evidence-backed automatic problem-solving path for Python projects. It can reproduce a concrete failure, prepare a repair task, invoke Codex only after explicit approval, and independently decide whether the original acceptance contract has actually passed.
Highlights
doctor-link solveprovides one end-to-end path from a failing project to a locally verified repair.- Preview mode reproduces the problem and writes the complete repair prompt without modifying the project.
--allow-repaircreates a dedicated Git branch and permits up to three Codex repair rounds inside a workspace-write sandbox.- Doctor link independently reruns every required command; an AI statement that a problem is fixed is never accepted as proof.
- Tests, test configuration, reproduction and test catalogs, and directly referenced verification scripts are hash-protected before repair.
- A repair that weakens protected verification inputs is blocked before the altered checks run.
- Legitimate verification-input changes require the explicit
--allow-verification-changesexception and returnreview_required, notverified. - Solve sessions retain prompts, Codex events, stderr, verification results, protected-input hashes, change receipts, branch metadata, and rollback guidance.
- The installed-wheel capability lab covers all 63 public CLI routes through 71 real invocations and nine linked complex scenarios.
Automatic solve workflow
Preview a concrete problem first:
doctor-link solve /path/to/project \
--problem "Describe the observable failure and expected behavior" \
--test-command "python -m pytest -q" \
--jsonPreview mode may run the supplied shell-free checks to prove the problem exists, but it does not create a branch, invoke Codex, or edit code. After reviewing the prompt and repository scope, explicitly authorize repair:
doctor-link solve /path/to/project \
--problem "Describe the observable failure and expected behavior" \
--test-command "python -m pytest -q" \
--allow-repair \
--jsonDoctor link requires a clean Git repository, creates a doctor-link/solve-* branch, invokes codex exec --sandbox workspace-write --json, and reruns the original checks after every repair round. It never commits, pushes, publishes, or bypasses the Codex sandbox.
Acceptance-contract protection
Before repair, Doctor link records SHA-256 hashes for the files that define the solve session's acceptance contract, including:
tests/**,test/**,conftest.py,test_*.py, and*_test.py;pyproject.toml,pytest.ini,tox.ini,setup.cfg,noxfile.py, and.coveragerc;.doctorlink/reproduce.ymland.doctorlink/test-matrix.ymlvariants;- repository-local scripts and non-pytest Python modules directly referenced by verification commands.
If a repair changes a protected input, the default result is blocked with verification_inputs_modified, exit code 4, and a structured per-file change receipt. Doctor link does not execute the altered checks.
When a test or verification configuration must legitimately change, use the explicit review path:
doctor-link solve /path/to/project \
--problem "Describe the required behavior change" \
--test-command "python -m pytest -q" \
--allow-repair \
--allow-verification-changes \
--jsonEven when those checks pass, the result is review_required with exit code 6 and success=false. A human must inspect every protected-input change before accepting the repair.
Result semantics
| Status | Exit | Meaning |
|---|---|---|
verified |
0 | All required checks pass against unchanged protected inputs. |
approval_required |
2 | The problem reproduced, but repair approval was not supplied. |
not_reproduced |
3 | The supplied or discovered checks already pass. |
blocked |
4 | A safety, repository, command, or verification-contract condition prevents acceptance. |
failed |
5 | The repair-round limit was exhausted without passing verification. |
review_required |
6 | Checks pass only after explicitly authorized protected-input changes. |
Packaging and installation
Download the wheel or source archive from this GitHub Release, then install the wheel:
python -m pip install doctor_link-0.2.0-py3-none-any.whl
doctor-link --version
doctor-link preflight . --jsonInstall from source:
git clone https://github.com/linkyang01/doctor-link.git
cd doctor-link
git checkout v0.2.0
python -m venv .venv
source .venv/bin/activate
python -m pip install --upgrade pip
python -m pip install -e .
doctor-link --versionWindows PowerShell activation:
.\.venv\Scripts\Activate.ps1PyPI publication is not part of this release.
Validation evidence
- 319 automated tests passed.
- Branch-aware coverage reached 85.39%, with an enforced 85% minimum.
- Full capability validation passed 63/63 routes through 71 installed-package command invocations and nine complex scenario checks.
- Python 3.10, 3.11, and 3.12 passed.
- Ubuntu, macOS, and Windows smoke jobs passed.
- Ruff passed.
- Bandit medium/high findings: zero.
- Known third-party dependency vulnerabilities: zero at validation time.
- Wheel and source-distribution content checks passed.
- Twine metadata and isolated wheel installation passed.
- Three live Codex repairs passed for tenant isolation, payment idempotency and precision, and atomic Unicode import behavior.
- Source and installed-wheel adversarial checks blocked test-only tampering without executing the modified verification command.
- Verification-input protection cloud run: 29256116016, with all eight jobs passing in PR #144.
Compatibility
- Supported Python: 3.10, 3.11, and 3.12.
- Validated operating systems: GitHub-hosted Ubuntu, macOS, and Windows.
- Existing local-first diagnostic packages and
v0.1.xcommand paths remain supported. - Automatic repair currently targets clean Git-backed Python projects.
Security and privacy
- Diagnostic data and solve receipts stay local unless a user intentionally shares them.
- Repair requires explicit authorization and an existing authenticated Codex environment.
- Codex remains restricted to a workspace-write sandbox.
- Verification commands use the shell-free safe command runner.
- Doctor link does not auto-commit, push, publish, or move existing release tags.
- Users should review the preview and remove sensitive repository context before authorizing an external AI call.
Known boundaries
This release does not provide:
- automatic repair for non-Python project types;
- a hosted web platform or cloud synchronization;
- external account management or production RBAC;
- automatic GitHub writes from
doctor-link solve; - production signing-key or KMS infrastructure;
- hosted enterprise archive or diagnostic knowledge base;
- customer-environment or production-acceptance certification.
Doctor link v0.2.0 should therefore be treated as a local-first, user-authorized problem-solving release, not as a hosted autonomous engineering service.