| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rewrite
End-to-end rewrite addressing the issues from the user's UX review.
The system now feels like a daemon-orchestration tool: lock a contract
and the orchestrator just goes; PR raised → auto-ship → reopen for
amendments. The sidebar tree shows real entities only (no duplicates,
no inline action buttons polluting the file list), and every entity
gets a right-click context menu. Task page matches the old /exec
layout (diff on the left, feed + composer on the right).
## Backend — strict lifecycle (the orchestrator-never-spawned bug)
Root cause: `phase_planning()` gates on `directive.status='active'`, but
`start_contract()` only flipped the contract row — the parent directive
stayed in whatever state it was. So locking a contract did nothing
visible.
Fix: contract lifecycle now drives directive status in the same
transaction.
start_contract → if contract becomes active, flip directive
draft|paused|idle|inactive → active
pause_contract → after promote, if no active contract left,
directive → paused
complete_contract→ after promote, if no active left, directive →
inactive (also fires on auto-ship from PR detect)
unlock_contract → if was active and no active left, directive →
paused
reopen_contract → NEW. shipped → active. Directive → active,
orchestrator_task_id/pr_url/pr_branch cleared so
the reconciler spawns a fresh planner. The
planner reads get_latest_merged_revision and
frames the new plan as an amendment.
handlers::directive_documents lifts state.kick_directive_reconciler()
into run_contract_transition so every successful transition wakes the
reconciler immediately (no 15s wait).
handlers::directives `update_directive` (PR-detection branch) calls
`complete_contract(active_contract_id, pr_url, pr_branch)` instead of
`set_directive_inactive`. The contract auto-ships; the directive
follows via the sync above. No more manual "Mark complete" click.
POST /api/v1/contracts/{id}/reopen added + wired through openapi.
Spawn task names dropped the directive-title prefix that looked
redundant in the sidebar:
"Plan: <title>" → "orchestrator"
"Re-plan: <title>" → "orchestrator (re-plan)"
"PR: <title>" → "completion"
"Update PR: <title>" → "completion (update)"
## Frontend — sidebar
* De-dupe: DocumentTasksFolder filters tasks[] to exclude any task
whose id already appears in steps[].taskId. Single row per task,
single highlight on click.
* Generic SidebarContextMenu (new) replaces the directive-only
DirectiveContextMenu (deleted). Per-entity item arrays built at the
page level — directive, contract, step, task each have their own
contextual actions.
* Right-click works on every sidebar entity now (was directive-only).
* `+ New document` / `+ New ephemeral task` inline buttons removed.
Reachable via the directive folder right-click OR the hover-only
`+` button on the directive folder row.
* ContractHeader: dropped "Mark complete" button (auto-fires on PR).
Added "Reopen for amendment" button when contract is shipped.
## Frontend — task page rewrite
TaskPage.tsx replaces DocumentTaskStream.tsx (deleted). Two-column
layout matches the old /exec page that the user preferred:
┌────────────────────────┬──────────────────────────────────┐
│ Changed files (~30%) │ Transcript feed (scrollable) │
│ ────────────────── │ ────────────────────── │
│ src/foo.rs │ [user] do thing │
│ src/bar.rs │ [tool] Read foo.rs │
│ │ │
│ Diff (selected file) │ │
│ ├──────────────────────────────────┤
│ │ Composer (sticky bottom) │
└────────────────────────┴──────────────────────────────────┘
Diff comes from getTaskDiff(); parseDiff + DiffFileView exported from
OverlayDiffViewer for reuse (no duplication). Diff auto-refreshes
when the task transitions to a terminal state. Transcript styling +
sticky composer keep the parts the user liked. "Open in task page"
button removed — the right pane IS the task page.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#100)
* revert: roll back PRs #93-#98 to pre-Lexical baseline
Reverts the entire chain of directive document UI work and the homepage redesign,
restoring the working tree to the state at 3679ceb (before c8b169d / PR #93).
PRs reverted:
- #93 c8b169d feat: Document UI for directive orchestration with Lexical editor
- #94 d6f01a6 fix: compilation error and warnings already merged via PR #93
- #95 5aa3faf fix: resolve compilation error and warnings in Rust backend
- #97 d513f93 feat: document UI with contract blocks, expandable logs, and interaction controls
- #96 6366941 feat: Redesign homepage with professional PC-98 styling
- #98 d1fdfb1 feat: revert broken directive PRs, re-implement Lexical document orchestrator
The directive Document UI experiments produced fragile output and merge artifacts;
follow-up commits in this PR change orchestration to favor strictly linear DAGs and
add goal/conflict verification so future runs do not require this kind of cleanup.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* feat(directive): strict-linear-DAG planning + mandatory `directive verify`
Tightens directive orchestration so the final PR almost never needs a hand-merge:
1. Planning prompts now strongly bias toward strictly linear DAGs.
Parallel steps are reserved for genuinely independent work (e.g. disjoint
modules); the default for "in doubt" is sequential. Linear chains inherit
each previous step's worktree, so the final merge is typically just a
rebase against the base branch.
2. New CLI command `makima directive verify` does a local in-memory
`git merge-tree` of HEAD against `<remote>/<base>` and exits non-zero
with a list of conflicting files if the PR would not merge cleanly.
Pure-local — no API call, no working-tree mutation.
3. Completion / PR-creation prompts now mandate three pre-push checks:
a. build (`cargo check` and/or `tsc --noEmit`),
b. `makima directive verify --base <base_branch>` must exit 0, and
c. an explicit goal-alignment self-check against the diff.
The orchestrator is told NOT to push, create the PR, or call
`makima directive update` until all three pass. Skipping any of them
is documented as a directive failure.
The combination means that with a linear DAG the final PR-creation task
should almost never see a real conflict — when it does, that is treated as
a planning bug to escalate rather than something to paper over with
`-X theirs`.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* fix(frontend): TS errors pre-existing on master
- TaskSlideOutPanel: declare missing `selectedFileDiff` / `selectedFilePath`
state hooks that were referenced everywhere but never created, and
re-balance the JSX so the `<>...</>` fragment in the non-diff branch is
closed (the previous indentation/braces would not parse).
- api.ts: add a `getWorktreeDiff` thin wrapper around `getTaskDiff` so
TaskDetail's per-file click handler type-checks (the per-file slice is a
future improvement; today both return the full task diff).
- WorktreeFilesPanel: remove unused `isClickable` local; the gating already
reads `onFileClick` directly inline.
Run after revert: `npx tsc --noEmit` exits 0.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* feat: soryu-co/soryu - makima: Fix worktree info failing when origin ref is missing
* WIP: heartbeat checkpoint
* WIP: heartbeat checkpoint
* WIP: heartbeat checkpoint
* feat: soryu-co/soryu - makima: Add worktree commit endpoint and diff endpoint for regular users
* feat: soryu-co/soryu - makima: Add frontend diff viewing with clickable worktree files
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
steps, rename Mesh to Exec (#84)
* feat: soryu-co/soryu - makima: Rename Mesh to Exec in navigation
* WIP: heartbeat checkpoint
* WIP: heartbeat checkpoint
* WIP: heartbeat checkpoint
* feat: soryu-co/soryu - makima: Add contract-backed steps to directive flow
* WIP: heartbeat checkpoint
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
bug fixes (#62)
* feat: soryu-co/soryu - makima: Fix directive goal update bug - stale closure issue
* WIP: heartbeat checkpoint
* WIP: heartbeat checkpoint
* feat: soryu-co/soryu - makima: Create Orders database schema and backend API
* feat: soryu-co/soryu - makima: Fix task Claude instance not receiving user inputs from input box
* WIP: heartbeat checkpoint
* feat: soryu-co/soryu - makima: Build Orders frontend page replacing the Board page
* WIP: heartbeat checkpoint
* WIP: heartbeat checkpoint
* feat: soryu-co/soryu - makima: Fix directive PR creation system
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add local_only flag to contracts database and models
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Task completion checkpoint
* Skip automatic completion actions in local_only mode
Add `local_only` flag to contracts that prevents automatic completion
actions (branch, merge, pr) from executing when tasks complete. This
allows users to manually handle code changes via patch files or other
means when operating in local-only mode.
Changes:
- Add `local_only` field to Contract model and request types
- Add database migration for the new column
- Add `local_only` parameter to SpawnTask command in both state.rs and
daemon protocol.rs
- Modify task manager to skip completion action execution when
`local_only` is true, with appropriate logging
- Pass `local_only` flag through all task spawning paths:
- mesh_supervisor.rs (task spawn, retry, resume)
- mesh.rs (task start, reassign, continue)
- mesh_chat.rs (run task)
- contract_chat.rs (run task)
- Update repository create/update functions to handle `local_only`
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Task completion checkpoint
* Implement core patch export system
Add functionality to create uncompressed, human-readable git patches
for export. This enables users to generate patches that can be manually
applied or shared, without the compression used for internal checkpoints.
Changes:
- Add ExportPatchResult struct with patch content, file count, and line stats
- Add create_export_patch() function that generates diffs against a base SHA
- Add get_head_sha() utility function
- Add parse_diff_stat() helper to extract line counts from git output
- Add CreateExportPatch command to daemon protocol
- Add ExportPatchCreated response message to protocol
- Add handler in task manager to process export patch requests
- Add server-side handling to broadcast patch results to UI
The export patch system automatically finds the merge-base when no base
SHA is provided, trying upstream tracking branch first, then common
default branches (origin/main, origin/master, main, master).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Task completion checkpoint
* Add GitActionsPanel frontend component
* Add WorktreeFilesPanel and PatchesListPanel components
* Add local-only mode toggle to contract creation
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix completion actions: default to PR and support remote repos
- Change default completion action from 'branch' to 'pr' for tasks
using daemon working directory
- Allow PR completion action to work without target_repo_path if the
worktree already has an origin remote configured (e.g., when cloned
from a remote URL)
- Update create_pull_request to accept optional target_repo parameter
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Add dismiss functionality for completed standalone tasks
## Changes
### Backend
- Add 'hidden' field to Task model (models.rs)
- Add database migration for hidden column (20250122000000_add_task_hidden.sql)
- Update task listing queries to include hidden field and filter out hidden tasks
- Update update_task_for_owner to handle hidden field
### Frontend
- Add hidden field to TaskSummary interface (api.ts)
- Add dismissTask API function (api.ts)
- Add hideTask function to useTasks hook
- Add Dismiss button to TaskList for completed standalone tasks
- Wire up onDismiss handler in mesh.tsx route
## Behavior
- Completed standalone tasks (tasks without a contract) show a "Dismiss" button
- Dismissing a task sets hidden=true and removes it from the task list
- Hidden tasks are filtered out by default in all task listing queries
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Allow creating anonymous tasks (tasks without a contract_id) directly
from the mesh page:
- Add 'Create Standalone Task' option in task creation modal step 1
- Update step 2 to handle null selectedContract for standalone tasks
- Show working directory input for standalone tasks
- Update TaskList to show standalone tasks (filter: !parentTaskId && (isSupervisor || !contractId))
- Display 'Standalone Tasks' group header with lightning bolt icon
- Update empty state message to mention standalone tasks
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
|
| | |
|
| |
|
|
|
| |
* [WIP] Heartbeat checkpoint - 2026-01-20 22:40:37 UTC
* Task completion checkpoint
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Filter mesh page task list to show only supervisor tasks
- Add `isSupervisor` filter to rootTasks filter in TaskList component
- Only supervisor tasks will appear in the mesh page task list
- Regular tasks are now hidden from the main view
- Update empty state messages to reflect supervisor-only filtering
- When clicking a supervisor task, its detail still shows orchestrated tasks
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Add supervisor task button to workflow board contract cards
- Add supervisorTaskId field to ContractSummary type in backend and frontend
- Update SQL queries in repository.rs to include supervisor_task_id
- Add navigation button (▶) to WorkflowContractCard that links to /mesh/{supervisorTaskId}
- Button only shows when contract has a supervisorTaskId
- Button has tooltip "Open Supervisor Task" and stops propagation to avoid triggering card click
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Add full task page navigation button to TaskTree rows
Add a hover-visible arrow icon (↗) to each task row in the TaskTree
component that links to the full task page (/tasks/{taskId}). The button:
- Appears on hover using opacity transition
- Stops event propagation to avoid triggering parent onSelect
- Matches existing hover styling patterns with the #75aafc color scheme
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add status filter toggle to Mesh Tab TaskList component
Add a filter toggle at the top of the TaskList that allows filtering by
contract status (All, Active, Completed, Archive) with Active as the default.
Changes:
- Backend: Add contract_status field to TaskSummary struct in models.rs
- Backend: Update all SQL queries returning TaskSummary to include
c.status as contract_status from the contracts table join
- Frontend: Add contractStatus to TaskSummary TypeScript type
- Frontend: Add useState for statusFilter with 'active' as default
- Frontend: Add filter button group in header area next to '+ New Task'
- Frontend: Update groupedTasks useMemo to filter based on contract status
- Frontend: Update empty state message to reflect current filter
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Task completion checkpoint
* feat(mesh): show all contract tasks for supervisor tasks
When viewing a supervisor task (task.isSupervisor === true), the
TaskDetail component now shows all tasks in the contract instead
of showing the subtasks tree.
Changes:
- Add contractTasks prop to TaskDetailProps for passing contract tasks
- Add displayTasks computed value that uses contractTasks for supervisors
- Change section header from "Subtasks" to "Contract Tasks" for supervisors
- Hide the "+ Add Subtask" button for supervisor tasks
- Update empty state message for supervisors
- Fetch contract tasks in mesh.tsx when viewing a supervisor task
- Filter out the supervisor itself from the contract tasks list
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Task completion checkpoint
* Task completion checkpoint
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add phase_guard field to Contract model and database
This adds a new boolean field to control whether the supervisor should
wait for user confirmation before progressing to the next phase. When
enabled, users can review and potentially amend phase outputs (like
plans, requirements docs) before the contract continues.
Changes:
- Add migration for phase_guard column (defaults to false)
- Add phase_guard to Contract, CreateContractRequest, and
UpdateContractRequest structs
- Update create_contract_for_owner and update_contract_for_owner
repository functions to handle phase_guard
- Update all CreateContractRequest instantiations with phase_guard field
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: Add phase_guard for contract phase transitions
Implement phase_guard logic in the advance_phase tool. When a contract
has phase_guard enabled, the phase transition now:
1. Asks for user confirmation before advancing
2. Allows users to request changes to phase deliverables
3. Passes feedback to the task without advancing if changes requested
Changes:
- Add phase_guard field to Contract model and CreateContractRequest
- Add PhaseTransitionRequest, PhaseFileInfo, PhaseTaskInfo structs
- Update ChangePhaseRequest with confirmed and feedback fields
- Update ContractToolRequest::AdvancePhase with confirmed/feedback
- Modify advance_phase handling in contract_chat.rs with phase_guard logic
- Update change_phase endpoint in contracts.rs with phase_guard support
- Add database migration for phase_guard column
When phase_guard=false: Phase advances immediately (current behavior)
When phase_guard=true: Returns pending_confirmation status with deliverables
If user provides feedback: Returns feedback to task, doesn't advance
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(frontend): Add UI for phase transition confirmation requests
When phase_guard is enabled and a supervisor tries to advance the contract
phase, users now see a confirmation modal with:
- Current and proposed next phase visualization
- Phase deliverables checklist (if available)
- Summary of the phase work
- Options to "Approve & Advance" or "Request Changes" with feedback
Components added:
- PhaseConfirmationModal: Full modal dialog for phase confirmations
- PhaseConfirmationInline: Inline variant for task output view
- PhaseConfirmationNotification: Global notification wrapper
- PhaseConfirmationToast: Alternative toast-style notification
Integration:
- Added phase_confirmation message type to TaskOutput renderer
- Extended PendingQuestion API type with phase confirmation data
- Integrated notification into main app layout
The UI uses the existing supervisor question infrastructure (polling via
/api/v1/mesh/questions) and responds with APPROVE or CHANGES_REQUESTED
prefixed feedback.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(frontend): Add Phase Guard toggle to AutopilotPanel
Added the phase_guard toggle to the AutopilotPanel component, which allows
users to enable/disable requiring confirmation before phase transitions.
Changes:
- Added phaseGuard and autonomousLoop fields to Contract interface in api.ts
- Added phaseGuard field to UpdateContractRequest in api.ts
- Added Phase Guard toggle UI in AutopilotPanel with similar styling to master
- Toggle shows an 'active' badge when enabled
- Connected toggle to contract update API
The toggle appears below the autopilot control buttons and allows users to
require confirmation before the supervisor advances to the next phase.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add comprehensive CLI documentation
- Create makima/docs/CLI.md with complete command reference for:
- makima server: HTTP/WebSocket server options
- makima daemon: Worker daemon configuration
- makima supervisor: Contract orchestration commands
- makima contract: Task-contract interaction commands
- Include configuration file examples and environment variables
- Add usage workflows for common scenarios
- Update makima/README.md with CLI overview and link to docs
Add GitHub Actions release workflow for v0.1.0
Creates automated release workflow that:
- Triggers on v* tag pushes
- Builds binaries for Linux x86_64, macOS x86_64, and macOS ARM64
- Uses Rust nightly toolchain (required for edition 2024)
- Packages binaries as .tar.gz archives
- Creates GitHub release with installation instructions
fix(ci): update macOS runner for x86_64 builds
Replace deprecated macos-13 runner with macos-15-intel for
x86_64-apple-darwin target. The macos-13 runner has been retired
by GitHub Actions.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add dismissing notifications and fix CLI task ID arg
Add worktree cleanup when contracts complete or are deleted (#21)
- Add CleanupWorktree daemon command variant
- Handle CleanupWorktree in daemon task manager
- Add cleanup_contract_worktrees helper function
- Trigger cleanup when contract status becomes 'completed'
- Trigger cleanup before contract deletion
Add Autonomous Loop Mode for persistent task completion (#20)
Implements the "Autonomous Loop Mode" feature inspired by Ralph for Claude Code.
This enables tasks to automatically restart and continue working until they
explicitly signal completion via a COMPLETION_GATE block.
Key features:
- Exit confirmation via COMPLETION_GATE: Tasks must output a <COMPLETION_GATE>
block with `ready: true` to signal completion. Without this, the task
auto-restarts using `claude --continue` to resume the conversation.
- Circuit breaker: Prevents infinite loops by detecting:
* Maximum iteration limit (default: 10)
* No progress for N consecutive iterations (default: 3)
* Same error repeated N times (default: 5)
- spawn_continue: New ProcessManager method to spawn Claude with the
`--continue` flag, resuming from the previous session state.
Toggle: Enable via `autonomous_loop` flag on contracts. When set, all tasks
spawned for that contract will run in autonomous loop mode.
Files changed:
- completion_gate.rs: COMPLETION_GATE parser and CircuitBreaker logic
- claude.rs: spawn_continue() for --continue mode spawning
- manager.rs: Autonomous loop iteration logic in run_task()
- protocol.rs: autonomousLoop field in DaemonCommand::SpawnTask
- models.rs/repository.rs: autonomous_loop column on contracts/tasks
- Migration: Adds autonomous_loop columns to contracts and tasks tables
Add get-task and output commands to supervisor CLI (#24)
Add two new supervisor subcommands:
- `makima supervisor task <task_id>` - Get individual task details
- `makima supervisor output <task_id>` - Get task output/claude log
This allows supervisors to fetch task details and claude output
directly from the CLI instead of using curl to call the task API.
Add optional bubblewrap sandboxing for Claude processes (#23)
Add --bubblewrap flag and process.bubblewrap config section to enable
running Claude Code in a bubblewrap sandbox for process isolation.
When enabled, claude processes run with filesystem restrictions:
- Root filesystem mounted read-only
- Working directory (worktree) mounted read-write
- Fresh /dev, /proc, /tmp
- Network access preserved for API calls
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
|
| | |
|
| | |
|
| |
|
