j]:UdZddlmZddlZddlZddlZddlmZddlm Z m Z m Z ee jjjjZeeej"vr!ej"j%eeej"j'deeddlmZmZmZmZmZmZmZmZmZmZmZm Z m!Z!m"Z"m#Z#ddl$m%Z%m&Z&ddl'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-dAdBd Z.dCd Z/dDd Z0d d ddddddZ1de2d<dd ddddddZ3de2d<dd ddddddZ4de2d<dd dddd ddZ5de2d!<d"d ddd#d$ddZ6de2d%<d&Z7d'Z8d(Z9d)Z:d*Z;d+Zd.Z?d/Z@d0ZAd1ZBd2ZCd3ZDd4ZEd5ZFd6ZGd7ZHd8ZId9ZJd:ZKd;ZLd<ZMd=ZNd>ZOd?ZPd@ZQy)Futests/regression/test_bot_merge_identity_2522.py 회귀 테스트 — task-2522 GitHub App bot merge identity hardening. 회장 §본질: task-2522의 목표는 "머지가 되게 하는 것"이 **아니다.** 이미 머지는 된다. 목표는 **"누가 머지했는가"**를 자동화 기준에 맞게 고치는 것. owner_pat로 머지되면 functional success여도 autonomy success로 인정 X. 5 연속 mergedBy=JonghyukJeon (PR #68/#69/#70/#71/#72) 종결 박제 + token source 4 enum 분류. 영역 A — Token source 분류 (4건) 영역 B — owner_pat fallback fixture replay (PR #68~#72, 5건) 영역 C — capability probe + autonomy_score 변화 (5건) 총 14건. 회장 §6 단일 파일. 회장 §보안: raw token value를 어떤 형태로도 출력/기록 X. fixture token도 prefix만 사용. gh api 실호출 금지 — 모두 runner mock / dataclass 직접 주입. ) annotationsN)Path)AnyDictList)DEFAULT_AUDIT_JSONL_PATHMergeIdentityAuditRecord TokenSourceTOKEN_SOURCE_GITHUB_APPTOKEN_SOURCE_GITHUB_ACTIONSTOKEN_SOURCE_OWNER_PATTOKEN_SOURCE_UNKNOWNappend_audit_jsonlbuild_audit_recordclassify_token_sourcecompute_autonomy_score_deltadecide_autonomy_capability_gapexpected_bot_identity_for_actorfingerprint_token_for_auditprobe_token_source_from_env)OWNER_PAT_FALLBACK_BLOCKEDselect_merge_token_decision) BlockedReasonRepositoryCapabilityclassify_capability_gapprobe_bot_merge_identity*reevaluate_bot_can_merge_with_token_sourceselect_merge_pathc4tjg|||S)N)args returncodestdoutstderr) subprocessCompletedProcess)r!r"r#s D/home/jay/workspace/tests/regression/test_bot_merge_identity_2522.pycpr'Hs  & &B:f]c ddcddfd }|S)uLgh pr view --json number,mergedBy 호출에 응답하는 runner factory.c&~t|dks |ddgdk7r tdddS t|d}j |}| tddd Stdt j |dS#t$rtdddcYSwxYw) Nr)ghprviewzunexpected callz bad pr numberz Not Found)lenr'int ValueErrorgetjsondumps)r cwdnpayload pr_payloadss r&runnerz#make_pr_view_runner..runnerOs  t9q=D1I)==a./ / .DG A//!$ ?a[) )!TZZ("--  .a_- - .sA77BBN)r z List[str]r8rreturnsubprocess.CompletedProcess)r;r<s` r&make_pr_view_runnerrALs . Mr(c \tdddddd}|j|tdi|S)NTF)can_squash_mergerequires_approvalrequires_thread_resolutionauto_merge_enabled bot_can_mergeadmin_override_requiredr@)dictupdater) overridesbases r&make_capabilityrM_s:#( % D KK   '$ ''r(D JonghyukJeonUser)logintypez task-2517z2026-05-09T00:53:24Z)task_idmergedAt)numbermergedBy_metaDict[str, Any] PR_68_FIXTUREEz task-2519z2026-05-09T02:04:50Z PR_69_FIXTUREFz task-2518z2026-05-09T04:50:46Z PR_70_FIXTUREGz task-2520z2026-05-09T06:31:34Z PR_71_FIXTUREH task-2521z2026-05-09T13:30:00Z PR_72_FIXTUREghs_aaaaghp_zzzzgithub_pat_yyycttdti}|jtk(sJ|jdusJ|j dusJ|j tddk(sJ|jJt|jdk(sJtj|j}tdd|vsJdy) u[(1) ``ghs_`` prefix token + actions runner 신호 없음 → GITHUB_APP_INSTALLATION_TOKEN.GITHUB_APP_INSTALLATION_TOKEN token_valueenvTFNz-raw token suffix leaked into serialised probe) r"_FIXTURE_INSTALLATION_TOKEN_PREFIX token_sourcer installation_signalactions_runner_signaltoken_prefix_observedtoken_fingerprint_sha256_8r2r6r7to_dictprobe serialiseds r&>test_a1_ghs_prefix_classified_as_github_app_installation_tokenrws !6 ,.P Q E   !8 88 8  $ $ ,, ,  & &% // /  & &*LRa*P PP P  + + 77 7 u// 0A 55 5EMMO,J -ab 1 C7 Cr(cttdti}|jtk(sJ|jdusJtt dt i}|jtk(sJ|jdusJy)u9(2) ``ghp_`` 또는 ``github_pat_`` prefix → OWNER_PAT. GITHUB_PATrhTGH_PATN)r!_FIXTURE_OWNER_PAT_CLASSIC_PREFIXrnr owner_pat_signal%_FIXTURE_OWNER_PAT_FINEGRAINED_PREFIXprobe_aprobe_bs r&9test_a2_ghp_and_github_pat_prefix_classified_as_owner_patrs$5 < =G   #9 99 9  # #t ++ +$9 < =G   #9 99 9  # #t ++ +r(ctdddd}|jtk(sJ|jdusJttdtd}|jtk(sJ|jdusJy)u(3) GITHUB_ACTIONS=true env (token 값 없음) → GITHUB_ACTIONS_TOKEN. runner GITHUB_TOKEN(ghs_)가 있어도 actions runner 환경에서는 ACTIONS_TOKEN으로 분류된다 (출처가 명확). Ntruezubuntu-runner-1)GITHUB_ACTIONS RUNNER_NAMErhT)r GITHUB_TOKEN)rrnr rprmr~s r&6test_a3_github_actions_env_classified_as_actions_tokenrs$%6G HG   #> >> >  ( (D 00 0$6%7Y ZG   #> >> >  ( (D 00 0r(c.tdi}|jtk(sJ|jdusJ|jdusJ|j dusJ|j J|jJt|jtjusJy)u0(4) env 미설정, token 값 없음 → UNKNOWN.NrhF) rrnrrpror|rqrrr UNKNOWN)rus r&(test_a4_no_signals_classified_as_unknownrs !d ;E   !5 55 5  & &% // /  $ $ -- -  ! !U ** *  & & .. .  + + 33 3 u)) *k.A.A AA Ar(c t||i}tdd|g|}|jdusJ|jdk(sJ|jdusJ|j dk(sJ|j dusJt|}|tjk(sJt|ttdti |d d |d d |jd ijd|jd ijd}|jtk(sJ|j dk(sJ|j"dusJ|j$dusJ|j&dusJy)uS공통 검증: PR fixture replay → owner_pat fallback 박제 + autonomy gap True. Jeon-Jonghyuk dev_workspacer<T owner_patFrOryrhrVrQrRrW mergeCommitrS) pr_number token_probemergedBy_login mergedBy_typemerge_commit_sharSN)rAr fallback_to_owner_token_detectedrnbot_can_merge_as_appmerge_actor_loginmerge_actor_is_botrrAUTOMATION_CAPABILITY_GAPrrr{r5token_source_usedr rmergedBy_is_botexpected_bot_identityautonomy_capability_gap)rfixturer<identityblockedrecords r&_replay_pr_owner_pat_fallbackrs )W!5 6F'9+fH  4 4 << <  K // /  ( (E 11 1  % % 77 7  & &% // /%h/G m== == = )9@A z*73j)&1 Wb155mD GR(,,Y7 F  # #'= == =  N 22 2  ! !U ** *  ' '5 00 0  ) )T 11 1r(c$tdty)u>(5) PR #68 mergedBy=JonghyukJeon — task-2517 fixture replay.rNN)rrYr@r(r&'test_b1_pr_68_owner_pat_fallback_replayr  !"m4r(c$tdty)u>(6) PR #69 mergedBy=JonghyukJeon — task-2519 fixture replay.rZN)rr[r@r(r&'test_b2_pr_69_owner_pat_fallback_replayrrr(c$tdty)u>(7) PR #70 mergedBy=JonghyukJeon — task-2518 fixture replay.r\N)rr]r@r(r&'test_b3_pr_70_owner_pat_fallback_replayrrr(c$tdty)u>(8) PR #71 mergedBy=JonghyukJeon — task-2520 fixture replay.r^N)rr_r@r(r&'test_b4_pr_71_owner_pat_fallback_replayrrr(ctdttttt t td}tddgd|}t|jdk(sJtd|jDsJ|jdusJ|jd usJtd dittj }|j"d k(sJ|j$d usJ|j&dusJy ) u(9) PR #72 mergedBy=JonghyukJeon — task-2521 fixture replay (본 task의 직전 PR). 회장 §본질: task-2521 자체가 owner_pat fallback으로 머지되어 5 연속 패턴 종결. select_merge_path → escalate_capability_gap. 회장 직접 머지 X (ops 채널만). r`)rNrZr\r^r`rrrrkc34K|]}|jywr=)fallback_to_owner_token).0rs r& z:test_b5_pr_72_owner_pat_fallback_replay..0sPQq((PsTFrUescalate_capability_gapN)rrbrArYr[r]r_rr2merge_identity_auditallrrrrMrractionrequires_chaircapability_gap)r<rplans r&'test_b5_pr_72_owner_pat_fallback_replayrs ""m4! }- }"F(*>vH x,, - 22 2 P(2O2OP PP P  4 4 << <  ( (E 11 1  2// D ;;3 33 3   % '' '   $ && &r(ctdi}|jtk(sJtd}t ||j}|j dusJt |j}|ddusJ|dd k(sJ|d dusJy) u(10) bot/app token 없음 (UNKNOWN) → reevaluate가 bot_can_merge=False 강제. select_merge_token_decision → AUTOMATION_CAPABILITY_GAP (allow_merge=False). NrhTrGrnF allow_mergedecisionrr)rrnrrMrrGrrucapreevalrs r&@test_c1_no_bot_app_token_classified_as_automation_capability_gaprCs "d ;E   !5 55 5  -C 7%J\J\ ]F   5 (( (*5+=+=>H M "e ++ + J #> >> > $ % -- -r(c2ttdti}|jtk(sJt d}t ||j}|j dusJ||k(sJt|j}|ddusJ|ddk(sJ|d d usJy ) uV(11) bot/app token 있음 + ruleset 허용 → bot_can_merge 유지, allow_merge=True.rgrhTrrrr APP_TOKEN_OKrFN)rrmrnr rMrrGrrs r&/test_c2_app_token_with_ruleset_allows_bot_mergerUs !6 ,.P Q E   !8 88 8  -C 7%J\J\ ]F   4 '' ' S==*5+=+=>H M "d ** * J > 11 1 $ % .. .r(chttdti}td|ddd}|jdusJt d | }|j d k(sJ|j d k(sJ|jd k(sJd |jjvsd|jjvsJyy)u(12) mergedBy = owner (사람) → autonomy_score 유지 또는 -1. 회장 §본질: owner 직접 머지는 5 연속 패턴 → score 하락 신호. ryrhr`rOrPrarrrrrSTprevious_scorerrz owner directN) rr{rrrr new_scoredeltareasonlowerrurrs r&,test_c3_owner_merged_score_held_or_decreasedris "5 < = E % F  ) )T 11 1 (& IE   1 $$ $ ??a   ;;"   %,,,,. ..ELLDVDVDX2XX X2X .r(cttdti}td|ddd}|jdusJ|jd usJ|j d usJt d | }|jd k(sJ|jd k(sJy)u(13) mergedBy = bot/app + token_source = GITHUB_APP_* → autonomy_score +1. 회장 §본질: 본 task의 종결 목표 — 다음 PR이 bot으로 머지되면 7→8. rgrhigithub-actions[bot]Bot task-2522rFTrrrlr0N) rrmrrrrrrrrs r&1test_c4_bot_merged_with_app_token_score_increasedrs "6 ,.P Q E , F  ) )U 22 2  ' '4 // /  ! !T )) ) (& IE ??a   ;;!  r(c ttdti}t|j}|ddusJ|dtk(sJ|ddusJt d}t ||j }|jdusJtd |d d d }tdz dz dz }|jr|jt||}||k(sJ|jsJ|jdjjd}t!j"|}tdd|vsJd|ddusJ|dt$k(sJ|jdt'd|} | j(dk(sJy)u`(14) owner_pat fallback → 자동 머지 거부, AUTOMATION_CAPABILITY_GAP marker로 박제. 회장 §5 명시: - owner_pat fallback 발생 → Critical 7종 아님, AUTOMATION_CAPABILITY_GAP marker - select_merge_token_decision은 OWNER_PAT_FALLBACK_BLOCKED + capability_gap=True - audit JSONL append + 다음 score 산출 ryrhrFrrTrrr`rOrPrrmemoryeventsz&test_bot_merge_identity_2522_tmp.jsonl) audit_pathzutf-8)encodingrrkNz(raw token suffix leaked into JSONL auditrr) missing_okrrr)rr{rrnrrMrrGr_WORKTREE_ROOTexistsunlinkr read_textstrip splitlinesr6loadsr rr) rurrrrtmp written_pathliner:rs r&8test_c5_owner_pat_fallback_blocks_auto_merge_with_markerrs "5 < = E+5+=+=>H M "e ++ + J #= == = $ % -- -  -C 7%J\J\ ]F   5 (( ( % F 8 #h .1Y YC zz| %f=L 3   ::<< =='= * 0 0 2 = = ? CDjjG ,QR 0 <2 < , - 55 5 & '+A AA AJJ$J )& IE ??a  r(c~tDchc]}|j}}|tttt hk(sJycc}w)uEsanity: TokenSource enum 정확히 4종 — 회장 §1 추가 금지.N)r valuer r r r)membervaluess r&,test_sanity_token_source_enum_exact_4_valuesrsA)4 5vfll 5F 5 #   6s:cRtt}|jdsJ|y)uRsanity: default audit path가 memory/orchestration-audit/bot-merge-identity.jsonl.zbot-merge-identity.jsonlN)strrendswith)ps r&5test_sanity_default_audit_jsonl_path_inside_workspacers% $%A ::0 1414 1r(cd}t|d|i}td|dd}tj|j d }d |vsJd |vsJy ) uVsanity: build_audit_record 결과 직렬화 시 raw token 5자 이후 부분 노출 X.ghs_aaaaSECRETSUFFIX1234567890rgrhr0rr)rrrrF) ensure_ascii SECRETSUFFIXghs_aN)rrr6r7rs) fake_tokenrurrvs r&0test_sanity_no_raw_token_in_record_serialisationrsi1J ! ,j 9 E , F FNN,5AJ  ++ + j  r(ctdddusJtdddusJtdddusJtdddusJtd ddusJy ) uMsanity: expected_bot_identity_for_actor — bot suffix or type==Bot → True.rrTzdependabot[bot]rPrenovaterOFr1N)rr@r(r&(test_sanity_expected_bot_identity_helperrsm *+@% HD PP P *+6 Be KK K *2u 5 >> >r(c0ttdddusJy)uBsanity: token_source=UNKNOWN → 무조건 GAP=True (fail-closed).rT)rnrrN)rrr@r(r&@test_sanity_decide_autonomy_capability_gap_unknown_is_failclosedrs' )),     r(ctd}|Jt|dk(sJt|dtdJtdJy)u;sanity: token fingerprint는 sha256의 첫 8 hex 문자만.ghs_test_value_xyzNrlr1)rr2r3)fps r&1test_sanity_fingerprint_truncation_to_8_hex_charsrsR $%9 :B >> r7a<<BK &t , 44 4 &r * 22 2r(ctddi}|jtk(sJtj|j }d|vsJd|vsJy)uUsanity: probe_token_source_from_env() 결과는 raw token 값을 보유하지 않음.ryghp_abcdefghijk0123456789)rj abcdefghijk 0123456789N)rrnr r6r7rsrts r&=test_sanity_probe_token_source_from_env_no_raw_value_returnedr sW '\;V,W XE   !7 77 7EMMO,J  ** * z )) )r(cddlm}|tDchc]}|j}}hd}|j |s Jd||z ycc}w)uBsanity: MergeIdentityAuditRecord 회장 §3 필수 7 field 존재.r)fields>r timestamprrrrrzrequired fields missing: N) dataclassesr r nameissubset)_fieldsf field_namesexpected_requireds r&Ctest_sanity_merge_identity_audit_record_dataclass_7_required_fieldsrs^-#*+C#DEa166EKE  % %k 2 #$5 $C#DE 2FsA c dtfdtfdtfdtfdtfg}d}|D]\}}t t dt i}t|||d d |d d |jd ijd }t||}|jdk(sJd|d|j|j}|dk(sJy)uintegration: PR #68~#72 5건 모두 owner_pat fallback → score 7→2 (5회 -1). 회장 §본질 5 연속 패턴 박제. score floor=0 검증. rNrZr\r^r`rryrhrVrQrRrWrSrrrzPR #u: 기대 -1, 실제 N) rYr[r]r_rbrr{rr5rrr)fixturesscorepr_numfixrurrs r&;test_integration_5pr_consecutive_owner_pat_fallback_patternr2s ] ] ] ] ] H E %9@A $z?73j/&1GGGR(,,Y7  -E&Q{{b RD0DU[[M"RR  A::r()rr1r1)r!r3r"rr#rr>r?)r;zDict[int, Any])r>r)rr3rrXr>None)R__doc__ __future__rr6r$syspathlibrtypingrrr__file__resolveparentrrpathremoveinsertutils.bot_merge_identityrr r r r r rrrrrrrrrutils.merge_queue_executorrrutils.repository_policy_adapterrrrrrrr'rArMrY__annotations__r[r]r_rbrmr{r}rwrrrrrrrrrrrrrrrrrrrrr rrr@r(r&r,s(#  "" h'')0077>>~#(("HHOOC'(3~&'"e& (((&9$2H I! ~ (&9$2H I! ~ (&9$2H I! ~ (&9$2H I! ~ (&9$2H I! ~&0"$.!(8%(,&1. B$ 2F5 5 5 5 'H.$/(Y22/ n5 !&?3*.r(