diff --git a/REVIEW-lvl5.md b/REVIEW-lvl5.md index 40bc7fb..f2d91b4 100644 --- a/REVIEW-lvl5.md +++ b/REVIEW-lvl5.md @@ -67,3 +67,82 @@ abra output and the unit surface. M2 must still prove, on real CI end-to-end: ≥1 lint-blocked L4, ≥1 N/A-skip climb, drone `!testme` ×2, canaries at designed levels under the NEW formula, old artifacts rendering live, durations not inflated (lint ≤~60s; observed ~0.7s), the before/after level table for ALL enrolled recipes, and card/dashboard/badge visually (PNG/SVG). + +--- + +## M2 — Proven in real CI: **PASS** @ 2026-06-11T11:27Z + +Main @ `a521d43` (impl merged 08e6cc8 + PR-path fix 68c3486). Cold-verified from a **fresh clone +of main** on the cc-ci host (`/tmp/adv-m2`), drone API (token from /run/secrets), live HTTPS +artifacts, and Read PNGs. JOURNAL not consulted before this verdict. + +**Acceptance per plan §4 M2 + §6 DoD — all satisfied:** + +1. **Unit suite + lint (fresh clone main).** `cc-ci-run -m pytest tests/unit/ -q` → **247 passed**; + `scripts/lint.sh` → PASS. The new PR-path regression test + `test_run_lint_detached_pr_tree_lints_exact_ref` passes (covers fix 68c3486: abra lint checks + out the repo DEFAULT BRANCH, so a detached scratch clone would FATA or silently lint a stale + branch; fix forces local main AT the tested ref + repoints origin to scratch → lints the PR + head content). My M1 smoke only exercised the HEAD path; this closes that gap. +2. **Genuine L5 (full clean climb).** Runs 398 hedgedoc / 406 immich / 407 plausible / 413 mumble: + results.json schema=2, level=5, all 5 rungs pass, no cap keys, drone build status=success. +3. **Lint-blocked L4, verdict-neutral — the central claim.** Run 405 custom-html PR4: + results.json level=4, lint=fail rules_failed=[R011], all five TIERS pass + (install/upgrade/backup/restore/custom), **drone build 405 status=SUCCESS**, and the bridge + `reflected outcome build 405 (custom-html PR #4): success` to the PR. A lint failure caps the + level at 4 but does NOT flip the run verdict. Card PNG shows lint ✗ FAIL red, "level 4 of 5", + badge #a0b93f. Neutrality proven BOTH directions (415/416 red with lint=pass — see #6). +4. **N/A-skip climb (the de-cap).** Run 399 custom-html-tiny: backup_restore=skip with declared + reason in skips.intentional ("stateless static file server … no backupbot.backup label"), + other rungs pass, **level=5** (was L2 @ #205). Card PNG shows backup/restore "⊘ INTENTIONAL + SKIP" + reason, level 5 of 5. A formerly-capped non-backup-capable recipe now climbs. +5. **Drone !testme path ×3, GENUINE (not manual API).** ccci-bridge poll logs: + `[poll] triggered build 405 for custom-html@36b362aa (PR #4, comment 14332)`, + `406 immich@107d7220 (PR #2, comment 14333)`, `407 plausible@13458fac (PR #3, comment 14334)`, + each followed by `reflected outcome … success`. Build params confirm RECIPE/PR/REF match the + real PR heads. ≥2 required; 3 delivered, all on real PRs showing the lint rung. +6. **Canaries at re-derived designed level + backup-fail still blocks.** 415 (bkp-bad) / 416 + (rst-bad): drone build status=**failure** (red), results.json level=1, rungs {install pass, + upgrade skip(structural — no version tags on SRC+REF mirror), backup_restore FAIL, functional + unver, lint pass}. New-formula trace: install(1) → upgrade skip(climb) → backup_restore + fail(BLOCK) → L1. RED is caused by the failing backup/restore TIER (verdict logic untouched), + NOT by lint (lint=pass). Re-derivation is sound; matches OLD-rule level too (old: upgrade N/A + caps at L1) — no regression, same designed level, red either way. +7. **Unverified-blocks (mission example #3), synthesized.** host run + `/var/lib/cc-ci-runs/lvl5-unver-demo/results.json`: schema=2, level=2, rungs {install pass, + upgrade pass, backup_restore UNVER, functional pass, lint pass}, skips.unintentional= + [backup_restore]. backup unver blocks at L2 even though functional+lint pass above it. ✓ +8. **Durations not inflated.** drone build wall-times: 398=100s, 399=45s, 405=61s, 406 immich=199s + (shot baseline 198-199s), 407 plausible=164s (shot baseline 166s), 413=80s. lint adds ~0.7s; + the two cross-phase baselines are flat (407 slightly faster). No duration regression. +9. **Old artifacts render, no relabel.** /runs/370 (schema=1, level=4, level_cap_reason present) + serves 200 (results.json + summary.png); dashboard `/` + `/recipe/immich` 200 with mixed + schema-1/schema-2 rows; unit history-compat tests green. +10. **lint.txt served.** /runs/398/lint.txt 200 — full real abra table (HEAVY-box), cmd + rc=0 + + status=pass header, ref=09bf4d54 (hedgedoc's EXACT tested ref). +11. **Badges number+colour only.** hedgedoc badge ">level 5<" #3fb950; custom-html ">level 4<" + #a0b93f; grep finds NO cap/skip/na/reason language in badge SVGs. Matches operator spec. +12. **P3 matrix 19/19 lint PASS** (BACKLOG-lvl5.md) via documented scratch-clone method; no mirror + PRs / DEFERRED needed; warn-severity misses only (don't fail the rung). lasuite-meet R014 now + passes genuinely (tag annotated upstream — not suppressed). **Before/after table: every level + shift is explained by the rule change** — L4→L5 (+lint, baseline from real artifacts + P3 + sweep), de-cap L2→L5 (custom-html-tiny proven #399; mailu same mechanism), L4 lintdemo (#405), + canary L1, bluesky N/A consistent. **No unexplained shift / no downward regression.** "Analytic + 5" cells are derivation-checkable from two evidenced inputs (real baseline tiers + proven lint). +13. **No secret leak.** Independent sweep: no /run/secrets infra-secret VALUES and no generated + app-credential patterns appear in any published run artifact (the new lint.txt surface incl.). + results.json flags no_secret_leak=true + clean_teardown=true across runs. + +**§6 Definition of Done satisfied:** new level system live on main and visible end-to-end +(results.json→card→dashboard→badge); L5 = abra recipe lint on the tested ref; capping fully +removed (no cap/cap_reason/capped); all 19 enrolled recipes linted + dispositioned with an +adversary-checked before/after table; ≥1 real L5 + ≥1 lint-blocked L4 + ≥1 N/A-skip climb through +real CI incl. the drone path ×3; old artifacts unharmed; M1 (cfc87fd) + M2 fresh Adversary +PASSes; no verdict or duration regressions. + +**No VETO. Builder is cleared to write `## DONE` to STATUS-lvl5.md.** + +Out-of-scope note (Builder's STATUS query): the WC5 promote-on-green-cold observation (a +STAGES-filtered hand-run promoted custom-html's canonical) is pre-existing and orthogonal to the +level system — NOT a lvl5 finding/regression and not a DONE blocker. If the Builder wants it +tracked, DEFERRED.md/IDEAS.md is the right home; I'm not filing it as an [adversary] finding.