chore: housekeeping sweep — truth-path dedup, per-repo default branch, executor hardening, drop vestigial uv.lock#47
Merged
Conversation
…latest_path() Introduce TRUTH_LATEST_FILENAME + truth_latest_path(output_dir) in portfolio_truth_types (the domain leaf), and route all 19 path-join sites + the glob through it. The filename now lives in one place instead of being reconstructed across cli, serve/routes, report enrichment, weekly command center, excel export, and the publisher. Human-readable error/log copy and docstrings keep the literal as prose. No behavior change.
The bounded-automation executor opened context-improvement PRs against a hardcoded 'main' base. Detect each repo's actual default branch from the local origin/HEAD ref (no network) in the truth-build pipeline, carry it through IdentityFields, and resolve the PR base in precedence order: explicit caller override > repo-detected default > portfolio fallback. - portfolio_truth_sources: _git_default_branch() + thread through git facts (also DRYs _gather_git_facts' repeated dict construction) - IdentityFields.default_branch: new optional field (additive, '' default) - automation_workflow.build_context_pr_plan: resolve per-repo, '' = auto Covered: origin/HEAD detection incl. multi-segment branches + unset fallback; plan precedence (detected vs explicit override).
…ng PR URL) Two edge cases in execute_context_pr: - branch-orphan: when apply_change fails after 'git checkout -b', the executor returned to the default branch but left the created branch behind, so a retry hit 'branch already exists'. Now delete the orphan on rollback — the operation is retry-safe. - empty execution_ref: when gh pr create succeeds (rc 0) with no URL on stdout, the proposal silently recorded an empty audit ref. The PR was created (re-running would duplicate it), so keep 'applied' but surface the missing URL in the detail instead of losing it silently.
Nothing reads this lockfile: every install path (ci.yml, audit.yml, release.yml) uses `pip install -e ".[extras]"` resolved from pyproject.toml. There is no [tool.uv] config and no CI `uv lock --check`, so the committed lock had drifted lean while a fresh `uv lock` resolves the full optional-extra tree (torch/CUDA/transformers). Removing it stops Dependabot from opening regressive weekly uv-lock PRs against an artifact that affects nothing. pip + pyproject is the real, authoritative install path.
Review follow-up to eeb910c. The orphan-branch cleanup only worked when apply_change failed without dirtying the tree. In the common case where apply_change writes a partial file then raises, a plain checkout of the default branch is blocked ('local changes would be overwritten'), its unchecked returncode leaves HEAD on the orphan, and the orphan delete is then refused ('currently checked out') — stranding the repo on the orphan, the exact failure the cleanup targets. Use a force checkout: the worktree is verified clean before apply_change (skip-dirty rail), so it only discards apply_change's partial writes, then the orphan deletes cleanly.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Four independent housekeeping items, each its own commit. All reviewed via /code-review (one real bug caught + fixed — see commit d1d7c0e).
1.
refactor(truth)— single-source the truth-latest filenameportfolio-truth-latest.jsonwas reconstructed as a path-join in ~19 sites across 8 files. IntroducedTRUTH_LATEST_FILENAME+truth_latest_path(output_dir)inportfolio_truth_types(the domain leaf) and routed every path-join + the oneglob()through it. Human-readable error/log copy stays as prose. No behavior change.2.
feat(automation)— per-repo default branch for context-PR baseThe bounded-automation executor opened context-PRs against a hardcoded
main. Now detects each repo's actual default branch from the localorigin/HEADref (no network), threads it throughIdentityFields.default_branch, and resolves the PR base as explicit override > repo-detected > portfolio fallback. Additive optional field;""means auto-detect.3.
fix(automation)— harden executor failure pathsapply_changeaftergit checkout -bleft the created branch behind, blocking retries. Now force-checkout the default branch (worktree is verified clean beforeapply_change, so-fonly discards partial writes) + delete the orphan. The force-checkout is the review follow-up (d1d7c0e) — a plain checkout was blocked by the dirty tree from a partialapply_change, stranding the repo on the orphan.gh pr createsucceeds (rc 0) with empty stdout, the PR exists (re-running would duplicate it), so the outcome staysappliedbut the missing reference is surfaced in the detail instead of silently recorded.4.
chore(deps)— remove vestigial uv.lockNothing reads it: every install path (
ci.yml,audit.yml,release.yml) usespip install -e ".[extras]"frompyproject.toml. No[tool.uv]config, no CIuv lock --check, so the committed lock had drifted lean while a freshuv lockresolves the full optional-extra tree (torch/CUDA/transformers). Removing it stops Dependabot's weekly regressive uv-lock PRs against an artifact that affects nothing. (Companion: Dependabot #24 closed, #23 download-artifact merged separately.)Verification
ruff check src/ tests/: clean