Skip to content

Add generic principal audit context to pending actions#2565

Open
chubes4 wants to merge 2 commits into
mainfrom
fix/generic-principal-audit-pending-actions
Open

Add generic principal audit context to pending actions#2565
chubes4 wants to merge 2 commits into
mainfrom
fix/generic-principal-audit-pending-actions

Conversation

@chubes4
Copy link
Copy Markdown
Member

@chubes4 chubes4 commented Jun 6, 2026

Summary

  • Adds generic, redacted tool execution audit context with principal class, credential scope, source summary, timestamp, and result status.
  • Carries that audit metadata into staged pending actions and exposes frontend-ready pending-action list/get rows with flattened fields and resolve hints.
  • Normalizes CLI pending-action rows so action kinds like bundle_upgrade can list without requiring legacy top-level agent_id fields.

Closes #2563.
Refs #2564.
Refs #2526.

Verification

  • php tests/pending-action-inspection-normalization-smoke.php
  • php tests/tool-executor-ability-native-smoke.php
  • php -l inc/Engine/AI/Tools/ToolExecutor.php && php -l inc/Engine/AI/Actions/PendingActionInspectionAbility.php && php -l inc/Engine/AI/Actions/PendingActionHelper.php && php -l inc/Cli/Commands/PendingActionsCommand.php && php -l tests/pending-action-inspection-normalization-smoke.php
  • git diff --check

Notes

  • vendor/bin/phpcs <edited files> is not currently usable as a targeted signal without a repo config; it flags existing project tab indentation/docblock style across unchanged lines.

AI assistance

  • AI assistance: Yes
  • Tool(s): OpenCode (gpt-5.5)
  • Used for: Implementing the generic audit/pending-action mechanics, drafting the smoke coverage, and running targeted verification. Chris remains responsible for review and merge.

@homeboy-ci
Copy link
Copy Markdown
Contributor

homeboy-ci Bot commented Jun 6, 2026
edited
Loading

Homeboy Results — data-machine

Lint

lint — passed

ℹ️ Full options: homeboy docs commands/lint
Deep dive: homeboy lint data-machine --changed-since dd9eac3

Artifacts and drill-down
  • CI results artifact: homeboy-ci-results-data-machine-lint-quality-Linux-node24 contains immediate command JSON for this action invocation.
  • Observation artifact: homeboy-observations-data-machine-lint-quality-Linux-node24 contains exported Homeboy run history for deeper queries.
  • Drill-down: download the observation artifact, then run homeboy runs import <dir>, homeboy runs list, and homeboy runs findings <run-id>.
  • Artifacts are attached to the workflow run: https://github.com/Extra-Chill/data-machine/actions/runs/27076595050

Test

test — failed

ℹ️ No tests ran — the runner failed before producing results. See raw_output.stderr_tail / raw_output.stdout_tail for the underlying error (bootstrap failure, missing deps, DB connection, etc.).
ℹ️ To run specific tests: homeboy test data-machine -- --filter=TestName
ℹ️ Auto-fix lint issues: homeboy refactor data-machine --from lint --write
ℹ️ Collect coverage: homeboy test data-machine --coverage
ℹ️ Analyze failures: homeboy test data-machine --analyze
ℹ️ Pass args to test runner: homeboy test -- [args]
ℹ️ Full options: homeboy docs commands/test
Deep dive: homeboy test data-machine --changed-since dd9eac3

Artifacts and drill-down
  • CI results artifact: homeboy-ci-results-data-machine-test-quality-Linux-node24 contains immediate command JSON for this action invocation.
  • Observation artifact: homeboy-observations-data-machine-test-quality-Linux-node24 contains exported Homeboy run history for deeper queries.
  • Drill-down: download the observation artifact, then run homeboy runs import <dir>, homeboy runs list, and homeboy runs findings <run-id>.
  • Artifacts are attached to the workflow run: https://github.com/Extra-Chill/data-machine/actions/runs/27076595050

Audit

audit — passed

  • audit — 53 finding(s)
  • Total: 53 finding(s)

Deep dive: homeboy audit data-machine --changed-since dd9eac3

Artifacts and drill-down
  • CI results artifact: homeboy-ci-results-data-machine-audit-quality-Linux-node24 contains immediate command JSON for this action invocation.
  • Observation artifact: homeboy-observations-data-machine-audit-quality-Linux-node24 contains exported Homeboy run history for deeper queries.
  • Drill-down: download the observation artifact, then run homeboy runs import <dir>, homeboy runs list, and homeboy runs findings <run-id>.
  • Artifacts are attached to the workflow run: https://github.com/Extra-Chill/data-machine/actions/runs/27076595050
Tooling versions
  • Homeboy CLI: homeboy 0.222.2+02f79a99
  • Extension: wordpress from https://github.com/Extra-Chill/homeboy-extensions
  • Extension revision: f6bf36dc
  • Action: unknown@unknown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Propagate principal and audit context through agent tool execution

1 participant

@chubes4