IjfQ"UdZddlmZddlZddlZddlmZmZddlmZddl m Z m Z m Z m Z ddlmZmZmZmZddlmZmZdd lmZmZmZdd lmZmZd Z d e!d <dZ"d e!d<dZ#d e!d<dZ$d e!d<dZ%d e!d<dZ&d e!d<dZ'd e!d<dZ(de!d<dZ)de!d<Gdd e*Z+d3d!Z,d4d"Z-dd#dd$ d5d%Z.d6d&Z/ d7 d8d'Z0d9d(Z1d:d)Z2 d;d*Z3dd0Z6d?d1Z7gd2Z8y)@uanu_v3.pre_authorized_activation_runner — task-2553+1 F1-solo clean replacement PR open **활성화 오케스트레이션** (task-2553+6 §7.2, 9-R.1/9-R.3/9-R.4). 회장 §1 핵심: GO-ready packet 을 사람이 읽고 복붙해 PR open 을 승인하는 구조 제거. builder→deriver→gate→ALLOW validator→binding preflight→(ALLOW + 4 조건 전부 + ``activate=True``) 일 때만 §9-R.1 4 primitive 실 git. 9-R.3 실 write 도달 경로 (엄격, 하나라도 불충족 → HOLD packet, 실 write 0): builder → deriver(STATUS_DERIVED) → gate(ALLOW) → binding.bind(dry_run=True) preflight (STATUS_DRY_RUN_PLAN_ONLY: provenance 유효 + evidence_bundle_sha256 재해시 일치 + decision machine 4-field) → ALLOW validator → (4 조건 전부 + ``activate=True``). 9-R.1 허용 실 write primitive = **이 4개만** (그 외 GitHub mutation 정적 부재): ① 신규 branch 생성(fresh origin/main base) ② commit(6 effective-diff 파일만) ③ push(신규 branch only) ④ clean replacement PR open(1회). 금지(코드상 부재, 9-R.4): merge / PR-merge / auto-merge / PR#102 원본 mutation / same-branch push / source branch push. 9-R.4 merge-impossibility = 설계·정적 증명: 본 모듈에 merge/PR-merge/ auto-merge/PR#102-mutation/same-branch-push 호출·API·import **부재**. 실 git 호출은 화이트리스트 4 primitive 함수만 경유. 9-R.5 자동화 단위 분리: collector handoff / adjudication hook / HOLD packet writer = 독립 함수 (runner 비대화 방지, 독립 테스트 가능). 9-R.6 불변식: deriver/gate/binding 의 **public API 만 호출** (``derive`` / ``evaluate`` / ``bind``). private helper 복제·import 금지. ) annotationsN)datetimetimezone)Path)AnyFinalMappingSequence)DECISION_ALLOWDECISION_SCHEMA_NAME GATE_MODULEevaluate)STATUS_DERIVEDderive)NEW_CLEAN_REPLACEMENT_BRANCHTASK_2553P1_EFFECTIVE_DIFF_6build_evidence_bundle)STATUS_DRY_RUN_PLANbindz'anu_v3.pre_authorized_activation_runnerz Final[str] RUNNER_MODULEz1.0.0RUNNER_VERSIONz*anu_v3.pre_authorized_activation_result.v1ACTIVATION_RESULT_SCHEMADRY_RUN_VERIFIEDSTATUS_DRY_RUN_VERIFIED#ACTIVATED_CLEAN_REPLACEMENT_PR_OPENSTATUS_ACTIVATED_PR_OPENHOLD_FOR_CHAIR STATUS_HOLDREFUSED_FAIL_CLOSEDSTATUS_REFUSED)branch_create_fresh_basecommit_six_effective_diff_filespush_new_branch_onlyclean_replacement_pr_open_oncezFinal[tuple[str, ...]]ALLOWED_WRITE_PRIMITIVES)z gh pr mergez--automerge_pull_requestsame_branch_pushsource_branch_pushSTATICALLY_ABSENT_MUTATIONSceZdZdZy) RunnerErroruOorchestration precondition 실패. fail-closed: 절대 실 write 진입 불가.N)__name__ __module__ __qualname____doc__>/home/jay/workspace/anu_v3/pre_authorized_activation_runner.pyr+r+VsYr1r+cftjtjj dS)Nz%Y-%m-%dT%H:%M:%SZ)rnowrutcstrftimer0r1r2_now_utcr7Zs! << % . ./C DDr1cg}t|tsdgS|jdtk7r#|j d|jd|jdt k7r#|j d|jd|jdt k7r$|j d|jdd|jd d ur|j d |S) ugate decision 의 machine-readable 4 field 만 검증 (9-R.4 정렬). ``reasons`` / ``executor_contract`` prose 는 control-flow 미사용. 반환 = 위반 사유 목록(빈 list = ALLOW 유효). u,decision 이 Mapping 아님 (spoofed/누락)schemaudecision.schema 불일치: gate_moduleu decision.gate_module 불일치: decisionzdecision != ALLOW (=)no_github_write_performedTz*decision.no_github_write_performed != true) isinstancer getr appendr r )r;bads r2allow_decision_validatorrBas C h (>??||H!55 0h1G0JKL||M"k1 5hll=6Q5TUV||J>1 )(,,z*B)EQGH||/0< ?@ Jr1out_pathstagedetailcdttt|t|t |dddt |xsidd }|5t |jtj|dddzd |S) uJ§11 HOLD packet. 실 write 0. report_to_chair=True. 자동 진행 금지.z(anu_v3.pre_authorized_activation_hold.v1FTuHOLD_FOR_CHAIR — activation runner 미진행. 실 PR open 0. 회장 보고 대상 (무한 재시도 금지, 자동 진행 금지).) r9 runner_modulerunner_versionts_utctask_idstatusrF hold_reasonsreal_write_performedgithub_mutation_performedreport_to_chairrGnote)indent ensure_ascii zutf-8)encoding) rrr7rlistdictr write_textjsondumps)rLreasonsrErFrGpackets r2write_hold_for_chair_packetr_xs=&(*W %%*v|$ TF$ X!! JJvae t | dgt| jdgz|dd| jdiS| d} t| } t| }|rAt | dg|zt| jdgz|dd| jdiSt!| | d}|jdt"k7r>t | dgt|jdgz|dd|jdiS| jdtk(| |jdt"k(|jdijd duxrH|jdijd!duxr#|jdijd"dud#}t%|j'}id$t(d%t*d&t,d'|d| d(| d| jdd)|jdd*|d+|d,t/|d-tt0d.d/d0d/d1dd2d/}|r|s)t2|d<d/|d3<|jd4|d4<d5|d6<|S t5|||}t7|t8d7}t;||t=||d8d9}t@|d<d|d3<d|d.<||d<<||d=<||d><tC||d1<d?|d6<|S#t$r} t d d | g|d cYd} ~ Sd} ~ wwxYw#t>$r} t | d:| g|d;cYd} ~ Sd} ~ wwxYw)Aubuilder→deriver→gate→ALLOW validator→binding preflight→(activate+4조건) 실 git. 부작용: activate=True + 전 precondition 충족 시에만 4 primitive. 그 외 전부 dry-run (실 write 0, fail-closed). c3&K|]}|v ywNr0).0krs r2 z!run_activation..%s    s)r^ readiness marker_kindgo_readyrLrCu]raw GO-ready packet 직접 입력 차단 (gate normalization bypass 금지, 9-R.3/§9#3·#21) input_guard)rErFN repo_pathz task-2553+1ubuilder 실패: builderu:evidence_bundle 이 Mapping 아님 (builder 산출 무효)rMzderiver STATUS != DERIVEDrNderiverderivation_statusrDcontractz"gate decision != ALLOW (validator)r]gate_allow_validator gate_decisionr;T)r;rrdry_runz-binding preflight STATUS != DRY_RUN_PLAN_ONLYbinding_preflightbinding_statusprecondition_9R8provenance_stamp_presentevidence_bundle_sha256_match%decision_bound_to_provenance_contract)deriver_status_derivedgate_decision_allowbinding_preflight_dry_run_plan.provenance_and_sha_and_decision_machine_4fieldr9rIrJrKderived_contractbinding_preflight_statusfour_conditionsall_four_conditions_met activate_flagallowed_write_primitivesrPFmerge_performedrarQrOdry_run_executor_planuDRY_RUN_VERIFIED — builder→deriver→gate(ALLOW)→binding preflight(DRY_RUN_PLAN_ONLY) 전 단계 통과. activate=True + 4조건 전부 충족 시에만 실 PR open. 현재 dry-run 유지 (실 write 0, 9-R.5 #16).rRzAtask-2553+1 F1-solo clean replacement (pre-authorized activation)z%task-2553+1 F1-solo clean replacementuPRE_AUTHORIZED clean replacement PR open (gate ALLOW + binding DRY_RUN_PLAN preflight). PR #102 원본 보존, merge 0, same-branch push 0.uI실 primitive 실패 (실 write 부분 발생 가능 — 회장 보고): real_primitivecreated_branch commit_headpr_urlu}ACTIVATED — clean replacement PR open 완료 (§9-R.1 4 primitive only). merge 0, PR#102 원본 보존, same-branch push 0.r0)"r7rr>r anyr_rr?rrY Exception_deriver_deriverrX_gate_evaluaterB _binding_bindrallvaluesrrrrur%rrrrrrr+r_extract_pr_number)rrrrrrrtsrerL derivationrr; validator_bad preflightrall_fourbasebrheadrs ` r2run_activationrs. B  ?D/7+  G  /O'' 267K'#    "3#'(<"#=O ow /*  I J"   /%%i45G!1J~~h>1*  ( ):>>."56 7"')AB   *%Hh'H-X6M*  1 2] B8<< 2./ 0"(#X\\*%=>   ' I }}X"55*  < =9==45 6"%$immH&=>   #-..":n"L#00*3--*A + MM,b 1 5 5*    0"599.  0"5997O(?))+,H *   .  "   7   H   j1  #IMM($;  ?  "8  h  #D)A$B  $U  5  T  5! D( 0X', #$(1 6M(N $% > V   %dHj A$  ( O  #445   3    .DN#'D  (,D $%D DDN*62D = L Ky  * s # $"    R  * XYZX[ \ ]""    s<%N'88O' O 0OO O  O6O1+O61O6c|jdjddd}|jr t|SdS)N/)rstriprsplitisdigitint)rtails r2rrs9 ==  $ $S! ,R 0D 3t90D0r1) rrrrrrr%rBr_rnrxr)returnr)r;rr list[str]) rLrr] Sequence[str]rEstr | Path | NonerFrrGMapping[str, Any] | Nonerdict[str, Any])rmMapping[str, Any]rrr)rmrrvrrr)rrr{rrr)rrrrrrrr)rrrrrrrr)rrrrrr) rrrrrrrrrr)rz str | Pathrrrrurrrrrrrrrr)rrrz int | None)9r/ __future__rr[rrrpathlibrtypingrrr r !anu_v3.pre_authorized_action_gater r r rr&anu_v3.pre_authorized_contract_deriverrrr-anu_v3.pre_authorized_evidence_bundle_builderrrr&anu_v3.pre_authorized_executor_bindingrrrr__annotations__rrrrrr r%r)rr+r7rBr_rnrxrrrrrrr__all__r0r1r2rs<# '00   F zE$ $'S*S&88'L*L* Z*2 24073Z)ZE6#''+         %  L4-1()<D 4  4$ 4/2 4 4C (+368152>'+/3CC.C C  C  C%C-CCL1 r1