status(shot): M2 evidence assembled — P3/P4 ledgers complete, proof table, durations, dashboard checks
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
autonomic-bot
@ -57,21 +57,50 @@ PNG-size note: 4801/4802 B at 1280×800 is a byte-stable blank-frame fingerprint
|
||||
default page at `/` (no content seeded for this recipe's install; only custom-html-tiny seeds via
|
||||
install_steps.sh). Screenshot is an honest representative view of a fresh install. → OK as-is.
|
||||
|
||||
### P3 — Fixes
|
||||
### P3 — Fixes (all merged to main)
|
||||
|
||||
- [ ] Harness default improvement (fixes BLANK+LOADING classes): after domcontentloaded nav, bounded
|
||||
network-idle/paint wait + blank-frame detect (tiny PNG → one retry with stronger wait), all within
|
||||
NAV_DEADLINE_S=45 / step worst-case ≤ ~60s. Unit tests in tests/unit/test_screenshot.py.
|
||||
- [ ] plausible SCREENSHOT hook (tests/plausible/recipe_meta.py) to a rendering, credential-free path.
|
||||
- [ ] Re-audit mattermost-lts / mumble / keycloak / lasuite-* after harness fix; per-recipe hooks only
|
||||
where the default still can't work.
|
||||
- [ ] bluesky-pds: document N/A in matrix (Adversary agreement at M1/M2).
|
||||
- [x] Harness default improvement (ce50f64 + A1 hardening 7ad7d1f): bounded networkidle settle
|
||||
(10s) + 0.5s render grace after domcontentloaded; blank/spinner-frame detect (<10000 B) → ONE
|
||||
retry with 4s settle, larger frame kept (A1). Wait budget 45+10+0.5+4+0.5 = 60s, unit-tested.
|
||||
8 new unit tests; 207 pass; lint PASS.
|
||||
- [x] plausible — NOT a hook in the end: the real root cause was EXTRA_ENV SECRET_KEY_BASE being
|
||||
62 chars (<64-byte Phoenix cookie-store minimum) → every HTML render 500'd. Fixed to 68 chars
|
||||
(b98a471); default capture then lands the genuine registration page. Stale auth_controller
|
||||
comments corrected (no assertion touched).
|
||||
- [x] mattermost-lts SCREENSHOT hook (80e5713 + 3c33129): interstitial appears on ANY first-visit
|
||||
route incl /login (proven byte-identical PNG) → hook navigates /login, clicks "View in Browser"
|
||||
best-effort, settles; lands the real login form. First real hook; public screenshot.settle().
|
||||
- [x] keycloak / lasuite-docs / lasuite-drive / lasuite-meet / immich / cryptpad / n8n: fixed by
|
||||
the harness default alone (no hooks needed — proof PNGs below).
|
||||
- [x] mumble: NOT fixable harness-side — pinned mumble-web:0.5 client never paints UI for an
|
||||
anonymous browser (≥90s DOM/console/network observation: no errors, no failed requests,
|
||||
connect-dialog elements absent, no autoconnect overrides). Loader frame = the genuine anonymous
|
||||
web view; voice (the recipe's function) fully covered by protocol tests. DEFERRED.md entry filed
|
||||
(upstream question for the operator).
|
||||
- [x] bluesky-pds: documented N/A while upstream image broken (rcust DEFERRED; Adversary-agreed at
|
||||
M1, contingent re-check at M2 — latest failing evidence ab-bluesky-pds-oldmain, 2026-06-11).
|
||||
|
||||
### P4 — Proof runs
|
||||
### P4 — Proof runs (fresh, post-fix; every PNG visually Read by Builder)
|
||||
|
||||
- [ ] Fresh real-CI run per fixed recipe (immich, lasuite-meet, n8n, cryptpad, keycloak, lasuite-docs,
|
||||
lasuite-drive, mumble, mattermost-lts, plausible), ≥2 via drone `!testme`; visual check each PNG;
|
||||
card + dashboard render. Healthy class: cite existing artifact + visual check (done in P1).
|
||||
| recipe | proof run (dir on cc-ci) | level (baseline) | PNG B | visual |
|
||||
|---|---|---|---|---|
|
||||
| immich | 370 (drone !testme immich#2) | 4 (=356:4) | 234351 | real "Welcome to Immich" onboarding |
|
||||
| plausible | 371 (drone !testme plausible#3) | 4 (=357:4) | 64132 | real registration form, empty fields |
|
||||
| keycloak | shot-proof-keycloak | 4 | 215587 | real "Sign in to your account" form |
|
||||
| cryptpad | shot-proof-cryptpad | 4 | 57310 | real landing + document-type picker |
|
||||
| lasuite-meet | shot-proof-lasuite-meet | 4 | 225686 | real video-conferencing landing |
|
||||
| lasuite-docs | shot-proof-lasuite-docs | 4 | 284769 | real Docs landing |
|
||||
| lasuite-drive | shot-proof2-lasuite-drive | 4 | 132037 | real Drive landing |
|
||||
| n8n | shot-proof-n8n | 4 | 26433 | real "Set up owner account", empty fields (now deterministic) |
|
||||
| mattermost-lts | shot-proof3-mattermost-lts | 2 (=m2r:2) | 178367 | real "Log in to your account" form (hook v2) |
|
||||
| mumble | shot-proof-mumble | 4 | 7980 | loader frame — best-available (see P3/DEFERRED) |
|
||||
|
||||
Drone durations pre/post (same recipe+PR): immich 199s→198s; plausible 209s→166s (faster — capture
|
||||
no longer burns 45s failing). Healthy class (ghost, hedgedoc, discourse, custom-html,
|
||||
custom-html-tiny, mailu, matrix-synapse, uptime-kuma): existing artifacts cited in P1 matrix, each
|
||||
visually verified real + credential-free; no new runs needed per plan §3 P4.
|
||||
Dashboard/card: grid thumbnails for runs 370/371 served 200, summary.html embeds screenshot.png,
|
||||
/badge/immich.svg 200.
|
||||
|
||||
## Adversary findings
|
||||
|
||||
|
||||
Reference in New Issue
Block a user