review(2): cryptpad F2-9 + F2-13 CLOSED — re-verify after fix b44d75b (poll-all-frames). create-pad roundtrip test_cryptpad_pad_content_survives_fresh_session PASSED (46s, was 340s timeout), all 5 tiers green, deploy-count=1, clean teardown. Fix non-vacuous (still asserts marker surfaces in fresh context = server-side encrypted persistence). §4.3 create-pad floor demonstrated; conditional sign-off satisfied
This commit is contained in:
@ -373,7 +373,7 @@ Phase plan: `/srv/cc-ci/cc-ci-plan/plan-phase2-recipe-tests.md`
|
||||
specific tests were API-shape liveness, not create-and-read-back. F2-8 was the
|
||||
gate-blocker that drove the F2-X-pattern callout.
|
||||
|
||||
- [ ] **F2-9 [adversary] — cryptpad (Q3.4) create-pad deferral: CONDITIONAL sign-off** —
|
||||
- [x] **F2-9 [adversary] — CLOSED @2026-05-29** (create-pad lift demonstrated green; was CONDITIONAL sign-off) —
|
||||
Plan §4.3: "cryptpad — create a pad and confirm it persists (note client-side-encryption:
|
||||
page is JS-rendered, so use Playwright, not bare curl)." DECISIONS.md §"Phase 2 Q3.4"
|
||||
documents three failed attempts (contenteditable+iframe, no fragment, no stable app-launch
|
||||
@ -594,7 +594,7 @@ Phase plan: `/srv/cc-ci/cc-ci-plan/plan-phase2-recipe-tests.md`
|
||||
wait proven non-vacuous (5 P7-negative unit tests pass + code-read of services_converged/
|
||||
wait_healthy/wait_ready_probes RAISE on stuck convergence). Verdict: REVIEW-2 "## Q3.2 … PASS".
|
||||
|
||||
- [ ] **F2-13 [adversary] — cryptpad create-pad roundtrip FLAKY: read-back leg fails cold** — blocks
|
||||
- [x] **F2-13 [adversary] — CLOSED @2026-05-29** (was: cryptpad roundtrip read-back flaky) — blocks
|
||||
closing F2-9. Cold-verify @2026-05-29 (clean env, git==host d4eae4e, log
|
||||
`/root/adv-f29-cryptpad-135552.log`): `RECIPE=cryptpad PR=0 cc-ci-run runner/run_recipe_ci.py` →
|
||||
custom tier **FAIL**. `tests/cryptpad/playwright/test_pad_content_roundtrip.py::
|
||||
@ -616,3 +616,9 @@ Phase plan: `/srv/cc-ci/cc-ci-plan/plan-phase2-recipe-tests.md`
|
||||
maximal-subset basis stands. F2-9 was a CONDITIONAL sign-off → stays OPEN; this is not a VETO,
|
||||
not a passed-gate regression. Full detail: REVIEW-2 "## cryptpad F2-9 — NOT CLOSING".
|
||||
- Filed by Adversary @2026-05-29.
|
||||
- **CLOSED @2026-05-29 (also closes F2-9):** fix `b44d75b` (poll-all-frames read-back) —
|
||||
re-verify cold (log `/root/adv-f29-cryptpad-r2-143211.log`) `test_cryptpad_pad_content_survives_fresh_session`
|
||||
**PASSED** (1 passed in 46.72s, was 340s timeout), all 5 tiers green, deploy-count=1, clean
|
||||
teardown. Fix is non-vacuous (still asserts the unique marker surfaces in a FRESH context →
|
||||
proves server-side encrypted persistence; returns False/fails if it doesn't). Verdict: REVIEW-2
|
||||
"## cryptpad F2-9 + F2-13 — CLOSED".
|
||||
|
||||
@ -1082,3 +1082,29 @@ clarification, normal close = ONE cold-verified green — but it must actually b
|
||||
test that fails 1-in-N cold is not a reliable green. **Teardown sacred:** post-run no cryptpad stack,
|
||||
no per-run cryptpad volume; warm canonicals intact.
|
||||
Anti-anchoring honored (verdict from my own run + code; not JOURNAL-first).
|
||||
|
||||
## cryptpad F2-9 + F2-13 — CLOSED @2026-05-29 (re-verify after fix b44d75b — create-pad roundtrip GREEN)
|
||||
Re-verified from `/root/adv-verify` @ origin/main `62ac9b5` (fix `b44d75b` present — confirmed
|
||||
`_poll_any_frame_for_text` in the test file; git==host on code). CLEAN env (no concurrent run).
|
||||
`RECIPE=cryptpad PR=0 cc-ci-run runner/run_recipe_ci.py` (log `/root/adv-f29-cryptpad-r2-143211.log`).
|
||||
|
||||
**RUN SUMMARY:** deploy-count=1; **install/upgrade/backup/restore/custom ALL pass.**
|
||||
The §4.3 create-pad lifecycle test now **PASSES**:
|
||||
`tests/cryptpad/playwright/test_pad_content_roundtrip.py::test_cryptpad_pad_content_survives_fresh_session
|
||||
PASSED (1 passed in 46.72s)` — vs my prior cold run's FAIL (340s timeout, frame never attached).
|
||||
|
||||
**The fix is targeted + NON-VACUOUS (verified by code-read before re-running):** `b44d75b` replaced the
|
||||
brittle "wait for the specific deeply-nested `ckeditor-inner` frame to ATTACH by URL" (the flaky leg)
|
||||
with `_poll_any_frame_for_text(page2, marker, ...)` — polls EVERY frame's body for the unique marker.
|
||||
It still **requires the marker to actually surface in a FRESH browser context** (only the URL+fragment
|
||||
key carried over) → still genuinely proves server-side encrypted persistence + client decryption; it
|
||||
just doesn't hard-depend on identifying which frame renders it. `_poll_any_frame_for_text` returns
|
||||
False (→ `assert found` FAILS) if the marker never appears, so a genuinely non-persisting pad would
|
||||
still RED. The 46s PASS (vs 340s prior timeout) = it found the marker fast, not that the check was
|
||||
loosened. This fixed FRAME-IDENTIFICATION flakiness, NOT the persistence assertion — the right fix.
|
||||
|
||||
**Verdict: F2-13 CLOSED and F2-9 CLOSED.** The cryptpad §4.3 create-and-read-back FLOOR (the
|
||||
distinguishing assertion F2-9's CONDITIONAL sign-off was tracking for Q5 lift) is now demonstrated
|
||||
GREEN on my own cold run — the conditional is satisfied. One cold-verified green (operator
|
||||
clarification). **Teardown sacred:** post-run no cryptpad stack/volume; warm canonicals intact.
|
||||
Anti-anchoring honored (code-read + my own run; not JOURNAL-first).
|
||||
|
||||
Reference in New Issue
Block a user