-
Notifications
You must be signed in to change notification settings - Fork 1
Chore: add Telegram repo safe workflow #13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| --- | ||
| name: telegram-plugin-maintenance | ||
| description: Maintain speech115/telegram-plugin: GitHub radar, safe PR flow, MCP/control-plane checks, plugin docs sync. | ||
| --- | ||
|
|
||
| # Telegram Plugin Maintenance | ||
|
|
||
| Use this skill for `/Users/sereja/Projects/tools/telegram` when the task touches | ||
| GitHub state, commits/PRs, MCP tool behavior, control-plane commands, plugin | ||
| packaging, or release readiness. | ||
|
|
||
| ## First Pass | ||
|
|
||
| 1. Inspect local state with `git status --short --branch`. | ||
| 2. For GitHub state, use `github-radar`: | ||
| - `repobar pulls speech115/telegram-plugin --limit 20 --json` | ||
| - `repobar issues speech115/telegram-plugin --limit 20 --json` | ||
| - `repobar ci speech115/telegram-plugin --limit 20 --json` | ||
| 3. Read `AGENTS.md`, then the narrower `mcp/AGENTS.md` or | ||
| `control-plane/AGENTS.md` for files you will touch. | ||
|
|
||
| ## Safe Change Flow | ||
|
|
||
| - Create a `codex/...` branch before repo changes. | ||
| - Commit with `safe-commit`, listing exact paths. | ||
| - Use `safe-pr` only when the user asked to publish a branch/PR. | ||
| - Keep merge, issue close, PR comments, tags, and releases as separate explicit | ||
| user-approved actions. | ||
|
|
||
| ## Checks | ||
|
|
||
| Run `scripts/safe-gate` before commit. For narrower edits, the focused checks | ||
| are: | ||
|
|
||
| ```bash | ||
| mcp/.venv/bin/python -m pytest -q mcp/tests | ||
| control-plane/.venv/bin/python -m pytest -q control-plane/tests | ||
| mcp/bin/sync-agent-docs --plugin-dir plugin --check --no-restart --json | ||
| ``` | ||
|
|
||
| Run `scripts/ci-release-gate.sh` for release or packaging changes. | ||
|
|
||
| ## Telegram-Specific Boundaries | ||
|
|
||
| - Default MCP expansion is read-only. | ||
| - Do not add or expose read-state mutators unless the user explicitly asks. | ||
| - Do not copy sessions, rewrite LaunchAgents, sync plugin caches, or start | ||
| mirror/backfill jobs as incidental cleanup. | ||
| - After MCP tool metadata or surface changes, sync agent docs: | ||
|
|
||
| ```bash | ||
| mcp/bin/sync-agent-docs --plugin-dir plugin --no-restart --json | ||
| ``` | ||
|
|
||
| Treat plugin drift checks as packaging evidence only; they do not prove live MCP | ||
| runtime health. |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| # Telegram Plugin Repo Rules | ||
|
|
||
| ## Scope | ||
|
|
||
| This repo contains three coupled surfaces: | ||
|
|
||
| - `mcp/`: Telegram MCP server and live tool behavior. | ||
| - `control-plane/`: local operator commands, release checks, and agent docs. | ||
| - `plugin/`: packaged Codex plugin and bundled Telegram skill. | ||
|
|
||
| Prefer the more specific `mcp/AGENTS.md` and `control-plane/AGENTS.md` when | ||
| working inside those directories. | ||
|
|
||
| ## GitHub Workflow | ||
|
|
||
| - Use the `github-radar` skill before PR, merge, release, or issue cleanup work. | ||
| - Use the `git-safe-workflow` skill for commits and PRs. | ||
| - Default path is branch -> local checks -> exact-file commit -> PR. | ||
| - Do not push directly to `main` unless the user explicitly asks for direct-main | ||
| behavior. | ||
| - Do not merge PRs, close issues, post public GitHub comments, tag, or release | ||
| without a separate explicit user request. | ||
|
|
||
| ## Local Gate | ||
|
|
||
| Run `scripts/safe-gate` before committing non-trivial changes. It checks: | ||
|
|
||
| - whitespace diff hygiene; | ||
| - MCP tests; | ||
| - control-plane tests in portable mode; | ||
| - agent docs sync drift. | ||
|
|
||
| For full release verification, run `scripts/ci-release-gate.sh`. | ||
|
|
||
| ## Product Safety | ||
|
|
||
| - Keep Telegram read-surface expansion read-only by default. | ||
| - Do not add read-state mutators, direct sends, cache sync, session copying, | ||
| LaunchAgent rewrites, or mirror jobs without an explicit request. | ||
| - After MCP tool surface changes, run `mcp/bin/sync-agent-docs --plugin-dir plugin --no-restart --json`. | ||
| - A clean plugin drift report is not enough; verify the actual runtime/tool | ||
| surface when the change affects MCP behavior. |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| #!/usr/bin/env bash | ||
| set -euo pipefail | ||
|
|
||
| ROOT="$(cd "$(dirname "$0")/.." && pwd)" | ||
|
|
||
| python_for() { | ||
| local package_dir="$1" | ||
| if [ -x "${ROOT}/${package_dir}/.venv/bin/python" ]; then | ||
| printf '%s\n' "${ROOT}/${package_dir}/.venv/bin/python" | ||
| else | ||
| command -v python3 | ||
| fi | ||
| } | ||
|
|
||
| git -C "${ROOT}" diff --check | ||
|
|
||
| MCP_PYTHON="$(python_for mcp)" | ||
| CONTROL_PYTHON="$(python_for control-plane)" | ||
|
|
||
| ( | ||
| cd "${ROOT}/mcp" | ||
| "${MCP_PYTHON}" -m unittest discover -s tests | ||
|
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This gate is advertised as running the MCP tests, but Useful? React with 👍 / 👎. |
||
| ) | ||
|
|
||
| ( | ||
| cd "${ROOT}/control-plane" | ||
| export TELEGRAM_CI_PORTABLE=1 | ||
| export TELEGRAM_MONOREPO_ROOT="${ROOT}" | ||
| export TELEGRAM_CONTROL_PLANE_ROOT="${ROOT}/control-plane" | ||
| export TELEGRAM_MCP_REPO="${ROOT}/mcp" | ||
| export TELEGRAM_PLUGIN_SOURCE="${ROOT}/plugin" | ||
| export TELEGRAM_PLUGIN_PACKAGE="${ROOT}/plugin" | ||
| export TELEGRAM_PROJECTS_ROOT="${ROOT}" | ||
| "${CONTROL_PYTHON}" -m pytest -q tests | ||
| ) | ||
|
|
||
| "${ROOT}/mcp/bin/sync-agent-docs" --plugin-dir "${ROOT}/plugin" --check --no-restart --json | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the CLI path this branch never sees tool failures from
telegram_read:read_onceraisesFastReadToolError, butread_with_failovercatches it as the baseFastReadErrorand re-raises a genericFastReadErrorafter the loop. For structured MCP errors such as{"code":"permission_denied"}, the final string does not satisfyexception_is_tool_error, sotelegram-fast-read-todayemits a raw error instead of the newtool_error_code/payload fields.Useful? React with 👍 / 👎.