q(j} <dZddlmZddlmZmZmZddlmZmZm Z m Z m Z ddl m Z mZmZddlmZddlmZmZddlmZmZdd lmZdd lmZmZmZmZmZm Z d Z!d Z"d Z#dZ$dZ%dZ&dZ'dZ(dZ)dZ*dZ+dZ,e-e"e#e$e%e&e'e(e)hZ.dZ/dZ0e-ddhZ1dZ2d*dZ3d+dZ4d,dZ5 d-dZ6 d.d Z7d/d!Z8d0d"Z9e d#d#d#d$d#d#d% d1d&Z:d#d#d#d#d$d#d#d' d2d(Z;gd)Z// ANCHOR-3 (task md): "non-admin merge 만 허용 · admin override 코드 경로 0 · gh pr merge 실호출 0 (subprocess injection mock)" ANCHOR-6 (task md): "forbidden paths 11+종 정적 가드 (replacement_pr_runner/ finish-task.sh/merge_ready_classifier/merge_ready_dryrun_executor/ callback_envelope_schema/anu_callback_registrar/canonical_root_resolver/ anu_collector_action_trigger/dispatch_finalize_hooks/.tasks/tests/fixtures/ tests/regression)" ) annotations)datetime timedeltatimezone)AnyCallableDictListOptional)ACTIVATION_FLAG_DEFAULTassert_default_offresolve_activation_flag)validate_chair_authorization) GATE_STALEvalidate_gate_snapshot)ACTION_WOULD_MERGESCHEMA_AUTO_MERGE_CANDIDATE)PASS)EXECUTION_RESULT_SCHEMAMERGE_DECISION_SCHEMAartifact_already_presentwrite_merge_decisionwrite_merge_execution_resultwrite_pre_merge_gate_snapshotzutils.real_merge_hooks.v1NO_OP_FLAG_DISABLEDNO_OP_NO_AUTHORIZATIONNO_OP_NOT_PASSNO_OP_DRYRUN_MISMATCHNO_OP_GATE_FAILNO_OP_STALE_SNAPSHOTNO_OP_DUPLICATENO_OP_FORBIDDEN_PATHREAL_MERGE_DONEREAL_MERGE_FAILEDPOST_MERGE_SMOKE_FAILED) zutils/replacement_pr_runner.pyzscripts/finish-task.shzutils/merge_ready_classifier.pyz$utils/merge_ready_dryrun_executor.pyz!utils/callback_envelope_schema.pyzutils/anu_callback_registrar.pyz utils/canonical_root_resolver.pyz%utils/anu_collector_action_trigger.pyzdispatch/finalize_hooks.pyzdispatch/__init__.py)z.tasks/ztests/fixtures/ztests/regression/z--adminz--force<c|dgS|sgSg}|D]\}t|ts|tvr|j|.tD]&}|j |s|j|\^|S)zReturn the subset of changed_files that hit the forbidden list. Used by real_merge_execute before any other check so a contaminated PR short-circuits to NO_OP_FORBIDDEN_PATH (+ CHAIR_REPORT) without ever reaching the gate snapshot stage. __INPUT_NONE_FAIL_CLOSED__) isinstancestrFORBIDDEN_PATHSappendFORBIDDEN_DIR_PREFIXES startswith) changed_fileshitspathprefixs G/home/jay/workspace/.worktrees/task-2638-dev6/utils/real_merge_hooks.pydetect_forbidden_pathsr4{s,--  D $$  ? " KK  , Fv& D!   Kctjtjj tt dj dS)N )hoursz%Y-%m-%dT%H:%M:%S+09:00)rnowrutc astimezonerstrftimer5r3_now_kstr>s6 X\\" HYQ/0 1 + ,r5cVt|tr|ni}|jd} | t|nd}|jdd}t|t r|nd}|||jdd|jdd|jdddS#tt f$rd}YqwxYw) Nprrhead_shatask_idbranchbase_sha)r@rArCrDrE)r)dictgetint TypeError ValueErrorr*) pr_identitypiraw_prsafe_prraw_head safe_heads r3_identity_or_defaultrQs";52B VVD\F!'!3#f+vvj"%H&x52I66)R(&&2&FF:r*   z "sBB('B(c t||xs t||xsd|xsdt|t||t|d S)NrB) schemaactually_executedts_kstrK verdict_inputdryrun_action_inputactivation_flagchair_authorization_present result_enumreasons)rr>boollist) rKrZrXrY dryrun_actionverdictr[rUrTs r3_build_decisionr`sK(.&HJ" B,20'+,G'H"=  r5cr|sy|jd}|jd}||syt||||S)Nr@rA)rGr)rKdecisioncanonical_rootwrite_artifactsr@rAs r3_persist_decisionresA   Bz*H z Hh GGr5c>|Dcgc] }|tvs |c}Scc}w)uReturn any forbidden CLI tokens observed in argv. The injected subprocess_runner must receive argv composed by this module only — so the static guard is over our composition, not the runner. )_FORBIDDEN_CLI_TOKENS)argvtoks r3_validate_runner_no_adminrjs  @C3*?#?C @@ @s c6dddtt|ddgS)uCompose the ONLY allowed gh pr merge argv (non-admin, no force). Returns the argv but does NOT execute it. Callers MUST pass it through an injected subprocess_runner; the default runner is None which means "do not call subprocess at all" — the regression contract. ghr@mergez--mergez--delete-branch=false)r*rH)r@s r3_compose_merge_argvrns% dGSR\ r5NT)rXsubprocess_runnerrcr/rdrUclockchtt|} | d}| d}t|tr|j dnd}t|tr|j dnd}t | }|rZt | tt|t|du|||Dcgc]}d| c}| d }t| ||| }t||ddd gd St|sAt | tdt|du||d g| d }t| ||| }t||dddgd St|| | \}}}|sYt | td t|du|||Dcgc] }d|d| c}xs|g| d }t| ||| }t||dddgd S|tk7r:t | td d ||d|dg| d }t| ||| }t||dddgd S|tk7r@t | t d d ||d|dtg| d }t| ||| }t ||dddgd St|trg|j dt"k7rOt | t d d ||d|j ddt"g| d }t| ||| }t ||dddgd St%|| \}}}|s|t&k(rt(nt*}d}t|tr|j dng}hd} t|t,r?|D]9}!t|!ts|!j d}"|"| vr+|"dk(rt|!j drd }M|"dk(r*|!j ddk7s|!j ddvrd }||"dk(r|!j ddurd }|"d k(r|!j dxsddk7rd }|"d!k(r|!j dxsddk7rd }|"d"k(rt|!j drd }|"d#k(r|!j dd$vrd }|"d%k(st|!j ds8d }<t | |d d |||Dcgc] }d&|d| c}xs|g| d }t| ||| }d}#| rt|trt/||||}#|||dd|#|gd'St1|||r6t | t2d d ||d(g| d }t| ||| }t2||dddgd Sd}#| rt|trt/||||}#t | t4d d ||d)g| d  }t7|}$t9|$}%|%r;d|d*<t*|d+<|d,d-|%gz|d,<t| ||| }t*||dd|#d gd'Sg}&|Tt:| xs t=| t4d.d.d.d dgdd.d/d0 }'t| ||| }(d})| rt?|||'|})t4||(|)|'|#dgd'S ||$t@}*tM|*d6d7},tM|*d8d.xsd.}-tM|*d9d.xsd.}.d2jG|$tO|,| xs t=|-d:d|.d:dd;}/|&jQ|/|,dk7rd|d*<tD|d+<|d,d<|,d=|.jSdd>gz|d,<t| ||| }(t:| xs t=| tDd.d.d.d d|&dd.d? }'d})| rt?|||'|})tD||(|)|'|#d |&d'St| ||| }(t:| xs t=| t4tM|*d@d.xsd.tM|*dAd.xsd.tM|*dBd.xsd.d d|&dd.d? }'d})| rt?|||'|})t4||(|)|'|#d|&d'Scc}wcc}wcc}w#tB$r}+d|d*<tD|d+<|d,d1|+gz|d,<t| ||| }(t:| xs t=| tDd.d.d.d dd2jG|$d3| xs t=d4gdd.tI|+jJd|+d5 }'d})| rt?|||'|})tD||(|)|'|#d d2jG|$d3| xs t=d4gd'cYd}+~+Sd}+~+wwxYw)CuDecide and (when fully authorized) execute a real PR merge. Defaults are fail-closed: * ``activation_flag=False`` (spec §6.3 hardcoded default). * ``chair_authorization=None`` → NO_OP_NO_AUTHORIZATION. * ``subprocess_runner=None`` → never invokes ``gh pr merge`` even when every gate passes (regression contract — task md "subprocess injection mock"). The function ALWAYS returns a dict with ``result_enum`` ∈ NO_OP_* / REAL_MERGE_* + ``decision`` payload + ``execution_result`` (when merge fired) + ``merge_decision_path`` / ``execution_result_path`` (when artifact writers ran). r@rAr_Nexecutor_actionzforbidden path hit: F)rZrXrYr^r_r[rUrT)rcrdT)rZrbmerge_decision_pathexecution_result_pathexecution_resultchair_report_requiredsubprocess_invocationsu2activation_flag=False — default OFF (spec §6.3))rpzchair_authorization z: zmerge_ready_result.verdict=u ≠ PASSz dryrun_artifact.executor_action=u ≠ rSzdryrun_artifact.schema=gates>critical7_hitsforbidden_pathblocking_secretpost_merge_smokedep_cycle_or_serialreplacement_pr_failexpected_files_exactadmin_override_requirednamervaluer{rnet_new_identifier_exposure)rNrrzryr~r|)FFAILr}zgate_snapshot )rZrbrsrtru snapshot_pathrvrwzCmerge_execution_result.json already present for this (pr, head_sha)z>all gates pass + chair_authorization OK + activation_flag=TruerTrZr[z-INTERNAL: admin-override token leak in argv: rBu@subprocess_runner=None — inert pass path (no gh pr merge call)) rSrUrKrZmerge_commit_shamergedAtmergedBy non_adminadmin_override_usedrw post_smoke_okcallback_handoff_event_idnotezsubprocess raised:  )cmdexitts) rSrUrKrZrrrrrrwrrerror returncodestdoutstderri8)rrr stdout_tail stderr_tailzsubprocess exit=z stderr=) rSrUrKrZrrrrrrwrrrrr)*r rQr)rFrGr4r`r"r\rerrrrrrrrrrr rr]rrr!r#rnrjrr>r_SUBPROCESS_TIMEOUT_SECONDS Exceptionr$jointype__name__getattrrHr,strip)0merge_ready_resultrK gate_snapshotdryrun_artifactcallback_envelopechair_authorizationrXrorcr/rdrUrppidr@rAr_r^forbidden_hitsprbr1auth_ok auth_code auth_reasonsrgate_ok gate_code gate_reasonsrZ chair_report snap_gates_C7_GATE_NAMESgaterrrhleaksrwru decision_pathexecution_pathprocexcrcrr invocations0 r3real_merge_executers > { +C TB:H3=>PRV3W $$Y/]aG2<_d2S-.Y] ,M:N" , 1(,-@-L(M'9GHA+A3/H#  !h~_no/ #'%) $%)&(    " +!(,-@-L(M'IJ#  !h~_no. #'%) $%*&(  (DS($GY  " . (,-@-L(M'FRS+I;b<SbXaWb#  !h~_no1 #'%) $%*&(  $" & (,'27+YGH#  !h~_no) #'%) $%*&(  **" - (,'2=2C5I[H^_#  !h~_no0 #'%) $%*&(  /4(_-@-@-JNi-i" - (,')/*=*=h*G)J%.13#  !h~_no0 #'%) $%*&(  (>U($GY  .7:.E*?  *4]D*IM  g &r    j$ '" (!$-xx'~-44dhhw>O9P#'L..HHW%*xx =>iO#'L338IU8R#'L--488G3D3Ia2O#'L--488G3D3Ia2O#'L22tDHHW9Hm^M' #'%) $*%1&(   Hn=" ' (,'Z[#  !h~_no* #'%) $%*&(  M:mT:5b(MSab  #$(#QR H r "D %d +E (-$%"1&y1;E7 C5  !h~_no* #'%) $*%)&(  46 .* * "#(&(!)+V *#xhwx  9"hHXZhiN* #0%3 0*%*&(  &  'BCN |Q 'B T8R ( .BF T8R ( .BFxx~B" de}de} J!!*- Qw(-$%"3&y1rd(6<<>$3+?*@ A5  *#xhwx -* , "#(&<!)+   9"hHXZhiN, #0%3 0*%)&<  &c8NdstM)&HJ&#D* ] `1C`,&`1,`1)rXrorcr/rd env_lookuprpcJ| t| }t|||||||||| | |  S)uVSingle entry-point invoked from dispatch/__init__.py (회장 결정 #8). Resolves the activation flag (env var) when not pinned by the caller and delegates to real_merge_execute. This indirection lets dispatch keep its import minimal (1 line) while the switch itself stays here, per the finalize_hooks-minimal directive. ) rrKrrrrrXrorcr/rdrp)rr) classifier_resultrrKrrrrXrorcr/rdrrps r3dryrun_to_real_switchrsE.1*= ,#'+/'+%#'  r5)REAL_MERGE_HOOKS_SCHEMArrrrrr r!r"r#r$r% NO_OP_RESULTSr+r-r4rr)r/Optional[List[str]]return List[str])rr*)rKrrDict[str, Any])rKrrZr*rXr\rYr\r^ Optional[str]r_rr[rrUrrTr\rr) rKrrbrrcrrdr\rr)rhrrr)r@rrr)rzOptional[Dict[str, Any]]rKrrrrrrrrrrXr\ro)Optional[Callable[[List[str], int], Any]]rcrr/rrdr\rUrrp Optional[Any]rr)rrrrrKrrrrrrrrXzOptional[bool]rorrcrr/rrdr\rz(Optional[Callable[[str], Optional[str]]]rprrr)=__doc__ __future__rrrrtypingrrr r r utils.activation_flag_validatorr r r#utils.chair_authorization_validatorrutils.gate_snapshot_validatorrr!utils.merge_ready_dryrun_executorrrutils.merge_ready_statesr utils.real_merge_artifact_schemarrrrrrrrrrrrr r!r"r#r$r% frozensetrr+r-rgrr4r>rQr`rerjrnrr__all__r=r5r3rs<#2266 *6 ,1!/#-#-#'3    "9i"89!8&  "&  !  4 H H H" H  H  H A ,4CG$()-  d0ddd d  d  ddAd"d'dd d dd^'+CG$()- ;?&%&#& & &  &  &$&A&"&'&&9& &&T r5