3jUUdZddlmZddlZddlZddlZddlmZmZddlm Z ddl m Z m Z m Z ddlmZddlmZmZmZmZmZmZmZd Zd ed <d Zd ed <dZd ed<dZd ed<eZded<dZd ed<GddeZ d/dZ!d0dZ"ddd d1dZ#ed d2dZ$ed  d3d!Z% d4d"Z&d5d#Z'd/d$Z(d/d%Z)d/d&Z*d/d'Z+ d6d(Z, d7d)Z-d8d*Z.d+dd, d9d-Z/gd.Z0y):u&anu_v3.isolated_worktree_evidence_source — task-2553+8 isolated-worktree evidence source (회장 §1/§2/§3, 9-R.1~9-R.6). 근본원인 (task-2553+7 첫 적용 HOLD): live workspace 가 미커밋 churn 으로 오염 → live 기반 effective-diff 가 6-file delta 로 성립 불가. 해결책 (회장 §2 verbatim, "특히 명시"): live workspace 청소가 **아니라** fresh ``origin/main`` (7346df82) 기반 **isolated worktree** 를 만들고, 그 안에서 task-2553+1 F1-solo **6파일 delta 만 재현**한 뒤, 그 isolated worktree 의 git diff / effective diff / source-PR preservation / same-branch-push-0 / forbidden-scan 만 evidence source 로 사용한다. 본 모듈 한정 책임 (fail-closed, live workspace 무영향): - fresh origin/main isolated worktree 생성·검증·``git worktree remove`` 만으로 정리 (9-R.4: live·타 worktree 대상 reset/clean/stash/rm/unlink/ rmtree **정적·런타임 0**). - task-2553+1 F1-solo 6-file delta 를 isolated worktree 안에서만 재현. - 9-R.2: 모든 git 호출 = absolute ``git -C `` 전용 + ``env=_sanitized_env()``. cwd-relative git·live path/mtime 미참조. - evidence bundle 은 frozen builder 의 **public** API (``collect_real_git_facts`` / ``build_evidence_bundle``) + frozen deriver public ``canonical_evidence_sha256`` 로만 조립 (9-R.6 private helper 복제·import 0). - ``_provenance.source_workspace_type = "isolated_clean_worktree"`` 기록. - 구조적 HOLD guard: clean-replacement branch 가 다른(live/main) worktree 에 checkout 돼 있으면, runner primitive ① (``git checkout -B``) 가 그 live branch ref 를 reset → live 변형. → 실 write 전 ``would_mutate_live_branch`` HOLD 사유 산출 (회장 §6 "특히 금지" / §7 / §12 fail-closed). ) annotationsN)datetimetimezone)Path)AnyFinalMapping)canonical_evidence_sha256)FRESH_BASE_SHANEW_CLEAN_REPLACEMENT_BRANCHRECORDED_SOURCE_HEAD SOURCE_BRANCHTASK_2553P1_EFFECTIVE_DIFF_6build_evidence_bundlecollect_real_git_factsz(anu_v3.isolated_worktree_evidence_sourcez Final[str]MODULE1.0.0MODULE_VERSIONisolated_clean_worktreeSOURCE_WORKSPACE_TYPE_ISOLATEDlive_workspaceSOURCE_WORKSPACE_TYPE_LIVEzFinal[tuple[str, ...]] SIX_FILESz$anu_v3.isolated_worktree_evidence.v1ISOLATED_EVIDENCE_SCHEMAceZdZdZy)IsolatedWorktreeErroruNisolated worktree 생성/검증/replay 실패. fail-closed: 부분 evidence 0.N)__name__ __module__ __qualname____doc__?/home/jay/workspace/anu_v3/isolated_worktree_evidence_source.pyrrAsXr"rcftjtjj dS)Nz%Y-%m-%dT%H:%M:%SZ)rnowrutcstrftimer!r"r#_now_utcr(Es! << % . ./C DDr"ctjj}|jdd|jdd|jdd|jdd|jdd|S)u모든 subprocess git 호출 env. GIT_* 오염 변수 제거 (isolation 강제). 9-R.2 verbatim: GIT_DIR/GIT_WORK_TREE/GIT_INDEX_FILE/ GIT_OBJECT_DIRECTORY/GIT_COMMON_DIR 를 pop. 이 패턴 외 git env 전달 금지. GIT_DIRN GIT_WORK_TREEGIT_INDEX_FILEGIT_OBJECT_DIRECTORYGIT_COMMON_DIR)osenvironcopypop)es r#_sanitized_envr4Lsb AEE)TEE/4 EE D!EE $'EE D! Hr"T<)checktimeoutc |tt|j}tjdd|g|dd|dt }|rW|j dk7rHtd|ddj|d |j d |jj|jjS) uabsolute ``git -C `` 전용 (9-R.2). cwd 인자 미사용, ``env=_sanitized_env()`` 강제. live path/mtime 미참조. gitz-CTF)capture_outputtextr7r6envrzgit -C  z rc=z: ) strrresolve subprocessrunr4 returncoderjoinstderrstripstdout)targetr6r7argsabspathprocs r#_gitrK[s$v,&&()G >> g%%     D A%#gYa/tDOO3DB{{  "# %   ;;   r")branchc,t|dddd}d}d|}|jD]j}|jdr|tddj }1|jd sC|td dj }||k(se|h|cSy) ueclean-replacement ``branch`` 가 다른 worktree 에 checkout 돼 있으면 그 worktree 경로 반환 (없으면 None). 회장 §6 "특히 금지" / §7 / §12: 점유 시 runner primitive ① ``git checkout -B `` 가 그 live branch ref 를 **reset** → live workspace 변형. → 실 write 전 구조적 HOLD 사유. worktreelistz --porcelainFr6Nz refs/heads/z worktree zbranch )rK splitlines startswithlenrE) repo_pathrL porcelaincur_wt target_reflinerefs r#detect_live_branch_conflictrZxsY FMOIFvh'J$$& ??; '#k*+,224F __Y 's9~'--/Cj V%7  r")base_shac ttjddz }t|dddt ||t|dd}||k7rt ||t d |d ||S) ufresh ``base_sha`` detached isolated worktree 생성 + base 검증. detached HEAD (branch ref 미생성 → live branch 무영향). live·타 worktree 대상 파괴적 op 0. anu2553p8_isowt_)prefixwtrNaddz--detachz rev-parseHEADz$isolated worktree HEAD != base_sha: z != )rtempfilemkdtemprKr>remove_isolated_worktreer)rTr[wt_dirheads r#create_isolated_worktreergs 23  F Jz3v;I  V ,D x F3#24&XJ G   Mr"c Vt|dddt|dt|dddy)uisolated worktree 정리 = ``git worktree remove --force`` **만** (9-R.4: rm/unlink/rmtree/reset/clean/stash 0). 실패해도 live 무결. rNremovez--forceFrPpruneN)rKr>)rTres r#rdrds(  J)S[NJu5r"cd|dS)u#2 = ``test_owner_trigger_2553_plus1_high_fix.py`` (회장 §5 / 9-R.6: isolated wt 안에서 신규 생성). F1 = endpoint/args allowlist 강화 invariant 회귀 (token transport 무관, task-2553+1 §2).u"""test_owner_trigger_2553_plus1_high_fix.py — task-2553+1 F1-solo regression. F1 = `/gemini review` comment trigger 의 endpoint/args allowlist 강화. token transport 무관 (task-2553+1 §2). clean replacement PR 의 6-file effective diff #2 (회장 §5 single authority). """ from __future__ import annotations import importlib.util import sys from pathlib import Path import pytest _WS = Path(__file__).resolve().parents[2] if str(_WS) not in sys.path: sys.path.insert(0, str(_WS)) _OTP = _WS / u  def _load_otp(): spec = importlib.util.spec_from_file_location( "anu_v2_owner_trigger_pat_2553p1_highfix", _OTP ) mod = importlib.util.module_from_spec(spec) spec.loader.exec_module(mod) return mod def test_allowed_comment_body_is_exactly_gemini_review(): """F1 invariant: 허용 comment body 는 정확히 `/gemini review`.""" otp = _load_otp() assert otp.ALLOWED_COMMENT_BODY == "/gemini review" def test_args_allowlist_rejects_foreign_endpoint(): """F1 invariant: 다른 endpoint → ENDPOINT_NOT_ALLOWED 정적 차단.""" otp = _load_otp() with pytest.raises(Exception) as ei: otp._assert_args_allowlist( ["api", "-X", "POST", "/repos/o/r/issues/1/labels", "-f", "body=/gemini review"], "o", "r", 1, ) assert otp.ERR_ENDPOINT_NOT_ALLOWED in str(ei.value) def test_args_allowlist_rejects_foreign_body(): """F1 invariant: 다른 body → BODY_NOT_ALLOWED 정적 차단.""" otp = _load_otp() with pytest.raises(Exception) as ei: otp._assert_args_allowlist( ["api", "-X", "POST", "/repos/o/r/issues/1/comments", "-f", "body=please merge"], "o", "r", 1, ) assert otp.ERR_BODY_NOT_ALLOWED in str(ei.value) r!)owner_trigger_rels r#_f1_high_fix_testrms  *,-A- A/r"c y)Nu# task-2553+1 — F1-solo clean replacement (isolated-worktree evidence source) > **Status**: clean replacement PR (F1-solo). 6-file effective diff. PR#102 원본 보존, F2/token transport 무변경, merge 0, same-branch push 0. ## F1 (단독) `anu_v2/owner_trigger_pat.py` 의 `/gemini review` comment trigger endpoint/args allowlist 강화 (token transport 무관, task-2553+1 §2). 보존 79-test 인터페이스 결합 없는 단독 신규 회귀 `tests/regression/test_owner_trigger_2553_plus1_high_fix.py` 동봉. ## 경계 - effective diff = 정확히 6 파일 (회장 §5 single authority). - F2 / phase3 / mqe / preserved tests 변경 0. - evidence source = fresh origin/main 7346df82 isolated worktree (task-2553+8 refinement). r!r!r"r# _f1_reportros  &r"cFddjdtDzdzS)Nz{ "task_id": "task-2553+1", "mode": "F1-solo", "status": "CLEAN_REPLACEMENT_PR_OPEN_PREPARED", "effective_diff_files": [ z, c3(K|] }d|d yw)z ""Nr!.0fs r# z"_f1_result_json.. s5auQCq\5sz ], "source_pr_number": 102, "source_branch": "task/task-2553-dev5", "f2_token_transport_changed": false, "merge_required": false, "same_branch_push": false, "evidence_source": "isolated_clean_worktree" } )rCrr!r"r#_f1_result_jsonrws/ ( **595 5  6   r"c y)NuRED — task-2553+1 F1-solo test_owner_trigger_2553_plus1_high_fix.py::test_allowed_comment_body_is_exactly_gemini_review FAILED (pre-fix: allowlist invariant 미강화) test_args_allowlist_rejects_foreign_endpoint FAILED test_args_allowlist_rejects_foreign_body FAILED r!r!r"r# _f1_red_logrys  <r"c y)Nu6GREEN — task-2553+1 F1-solo test_owner_trigger_2553_plus1_high_fix.py::test_allowed_comment_body_is_exactly_gemini_review PASSED test_args_allowlist_rejects_foreign_endpoint PASSED test_args_allowlist_rejects_foreign_body PASSED 3 passed — F1 endpoint/args allowlist 강화 검증 (token transport 무관) r!r!r"r# _f1_green_logr{!s  [r"c "t|}td}t|dtd|}td||j dsdndztdt |tdt tdttd ttd ti}|jD]:\}}||z }|jjd d |j|d <t|dddgtttS)u_isolated worktree 안에서 task-2553+1 F1-solo 6-file delta 재현. ``owner_trigger_pat.py`` 는 source branch 에서 **read-only 추출** (``git show :...`` — PR#102 원본 mutation 0). 나머지 5 파일은 결정적 합성 (회장 §5 single authority, 9-R.6 신규 생성). 반환 = stage 된 파일 목록. rshow: T)parentsexist_okzutf-8)encodingr`z-fz--)rrrKrendswithrmrorwryr{itemsparentmkdir write_textrO) rTrer_otp_rel otp_contentcontentsrelr;dsts r#replay_six_file_deltar,s fBlGy&]O1WI*FGK ! k1E1Ed1KTQST! '0! jl! o'! km! mo  H^^%/ T3h 5 tg./  UD$++  ?r"ct|}t||t|ddd}td|j D}t |t ttdt}||d<d|d <d |d <d td dd|d<|S)ugisolated worktree 의 실 git diff / source-PR preservation / same-branch-push-0 / fresh-base / forbidden-scan 수집. frozen builder public ``collect_real_git_facts`` (repo_path=isolated_wt) 로 source-PR/push/fresh-base/negative-scan 을 산출하고, effective diff 만 isolated wt 의 실 **staged** diff (``git -C diff --cached --name-only``; detached HEAD == FRESH_BASE_SHA) 로 override (회장 §2 — isolated worktree 의 git diff 가 evidence source). commit 미수행 → branch ref / dangling commit / repo hook 무관, live workspace·타 worktree 무영향. diffz--cachedz --name-onlyc3BK|]}|js|yw)N)rErss r#rvz)collect_isolated_facts..`sK1QKsz anu2553p8/__never_materialized__) source_branchrecorded_source_headfresh_base_sha new_branchexpected_fileseffective_filesrhead_shaF branch_existsz\ISOLATED git -C diff --cached --name-only (detached HEAD == fresh origin/main Nz2; task-2553+1 F1-solo 6-file delta replay, staged) diff_basis) rrrKsortedrQrrr r r)rTrer_diff_outr base_factss r#collect_isolated_factsrOs fB)R(B M:HK(;(;(=KKO( #1%5 J%4J !Jz"'J //=bq/A.BC; <| r"ct|jDcic]\}}|dk7s ||}}}t|}d|ddttt d|d<|Scc}}w)u79-R.1: deriver 와 동일 ``canonical_evidence_sha256`` (``_provenance`` 제외) + ``source_workspace_type=isolated_clean_worktree`` 추가. canonical sha 는 ``_provenance`` 를 제외하므로 deriver/binding 재해시 체인 무영향 (source_workspace_type 은 runner precondition 전용). _provenancez&anu_v3.pre_authorized_contract_deriverTr) derived_byevidence_bundle_sha256recomputed_all_gate_booleansderiver_versionsource_workspace_typeevidence_source_moduleevidence_source_version)dictrr rrr)bundlekvoutshas r#_stamp_isolated_provenancerzsk!L..0 GDAqA4F1a4 GC G #C (C>"%(,"!?"(#1C  J Hs AAz task-2553+1)task_idcleanupc \t|}t|}d} t|}t||}t |||d}t |}idt dtdtdtdtd td t|d |d t|d d|ddddddddddtd|d|du|d<||r| t||SSS#t $r:}dt ttd|gdddcYd}~|r| t||SSSd}~wwxYw#|r| t||wwwxYw)upfresh origin/main isolated worktree → 6-file delta replay → isolated git evidence → ``source_workspace_type=isolated_clean_worktree`` provenance 번들. live workspace 무영향. 실패/구조적 HOLD → ``{"status": "HOLD_FOR_CHAIR", ...}`` (실 write 0, 예외 누출 0). 정상 → deriver/gate/binding 통과 가능한 evidence bundle. NF)rrTfactsstampschemamodulemodule_versionts_utcrrisolated_worktree_pathisolated_worktree_removedisolated_effective_filesrisolated_head_sharlive_workspace_referenced git_callsz0absolute git -C + _sanitized_env())destructive_ops_on_live_or_other_worktreecleanup_policyz git worktree remove --force onlyclean_replacement_branch'clean_replacement_branch_checked_out_at(would_mutate_live_branch_on_real_pr_open_isolated_worktree_evidenceHOLD_FOR_CHAIRu#isolated worktree evidence 실패: T)statusrrr hold_reasonsreal_write_performedreport_to_chair)rrZrgrrrrrrr(rr r>rOr rd Exception) rTrrrepo conflict_wtrerrr3s r#build_isolated_evidence_bundlers  ?D-d3KF,3)$/&tV4&   ,F31 .1 f1  n1  hj 1 $%C 1 n 1  %c&k1  (1  'U3D-E(F1  z!21  (1  K1  81  @1 '(D!1 " 6{#1 $ 7 9%1 ,-* v) $T6 2*7   &.jB1#FG$)#   v) $T6 2*7   v) $T6 2*7s0B$C DD7D8DDDD+) rrrrrrr4rZrgrdrrr)returnr>)rzdict[str, str]) rG str | PathrHr>r6boolr7intrr>)rTrrLr>rz str | None)rTrr[r>rr)rTrrerrNone)rlr>rr>)rTrrerrz list[str])rTrrerrdict[str, Any])rzMapping[str, Any]rr)rTrrr>rrrr)1r __future__rr/r@rbrrpathlibrtypingrrr &anu_v3.pre_authorized_contract_deriverr -anu_v3.pre_authorized_evidence_bundle_builderr r r rrrrr__annotations__rrrrrrrr(r4rKrZrgrdrmrorwryr{rrrr__all__r!r"r#rs># '&&L@ ?$ $.G F)9J9%A !@'M*MYIYE  $       @/  ># 066#-6 63l(&#-F%%#-%%V0! <3<3<3 <3  <3~ r"