test(agent-journal): persist safe evaluation program state#125
Merged
Conversation
Record only safe stage, version, PR, merge, CI, historical identifier, digest, cleanup, and pause metadata so clean sessions cannot skip gates. RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-program-ledger.test.ts Failure: ENOENT for the absent program-state ledger.
Validate the ledger through exact allowlisted schemas and transition invariants so unknown payloads, private paths, credentials, or skipped acceptance states cannot be added unnoticed. RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-program-ledger.test.ts Failure: the strict program-state validator module was absent.
Keep schema v1 incapable of representing accepted infrastructure or V4 progress, and reject contradictory actions, path-like branches, and more credential-shaped metadata. Later gates require committed schema evolution. RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-program-ledger.test.ts Failure: six adversarial state, path, and credential mutations validated unexpectedly.
Require plain JSON objects and inspect every own key so inherited, non-enumerable, or symbolic payload fields cannot survive validation. RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-program-ledger.test.ts Failure: inherited rawMessages and hidden toolPayload fields were accepted.
Reject inherited, hidden, symbolic, or sparse fields on every ledger array so validation covers the entire JSON object graph rather than records only. RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-program-ledger.test.ts Failure: inherited, non-enumerable, and symbol payloads on versions were accepted.
Reject hidden, accessor-backed, or nonstandard required properties so a validated ledger serializes the same safe fields that were checked. RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-program-ledger.test.ts Failure: hidden required root and nested fields were accepted.
Reject accessor-backed, non-writable, non-configurable, or abnormal length descriptors so array values cannot change after successful validation. RED: npx vitest run packages/pi-agent-journal/__tests__/evaluation-program-ledger.test.ts Failure: accessor-backed and non-writable versions indices were accepted.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Clean sessions can now reconcile the Agent Journal evaluation program without inferring progress from conversation history. The ledger records only safe stage, terminal-version, PR/merge/CI, opaque identifier, digest, cleanup, and pending-action metadata, and schema v1 is deliberately incapable of claiming infrastructure acceptance or V4 progress.
A strict validator rejects unknown fields, private-path and credential-shaped metadata, contradictory gate states, cutover claims, exotic object/array prototypes, hidden or symbolic properties, accessors, sparse arrays, and time-of-check/time-of-use substitutions.
Validation
ENOENT)npm run check:cispecdocs_validate