cleveragents/cleveragents-core
cleveragents/cleveragents-core
4
0
Fork 3
Code Issues 6.1k Pull requests 489 Projects Releases Packages Wiki Activity Actions

fix(concurrency): add thread safety to InvariantService #11001

Open
HAL9000 wants to merge 2 commits from fix/invariant-service-thread-safety into master
pull from: fix/invariant-service-thread-safety
merge into: cleveragents:master
Conversation 6 Commits 2 Files changed 5 +651 -14
HAL9000 commented 2026-05-07 14:33:23 +00:00
Owner
Copy link

Fix Thread Safety in InvariantService

Epic: #8480 — [Invariant Management System]
Closes: #7524, #8209

This PR fixes the race condition vulnerability in InvariantService where _invariants dict and _enforcement_records list were unprotected (No Lock), causing potential RuntimeError: dictionary changed size during iteration or silent data corruption during parallel plan execution.

Root Cause (BUG-HUNT #7524)

  • InvariantService is used as a DI singleton
  • Concurrent calls to add_invariant(), remove_invariant(), enforce_invariants(), and list_invariants() race on shared state
  • Parallel plan execution triggers concurrent thread access to _invariants dict and _enforcement_records list

Fix Applied

  • Added threading.RLock(self._lock = threading.RLock()) in __init__
  • Wrapped all public methods with with self._lock: guard pattern
  • Consistent with existing patterns in AutonomyController.record_outcome() and AutonomyGuardrailService.configure_guardrails()

Files Changed

  • src/cleveragents/application/services/invariant_service.py — Added RLock synchronization to all public methods
  • features/invariant_service_thread_safety.feature — BDD test scenarios (9 new)
  • features/steps/invariant_service_thread_safety_steps.py — Test step implementations
  • CHANGELOG.md — Entry under [Unreleased]/Fixed
  • CONTRIBUTORS.md — Committer credit added
## Fix Thread Safety in InvariantService **Epic**: #8480 — [Invariant Management System] **Closes**: #7524, #8209 This PR fixes the race condition vulnerability in `InvariantService` where `_invariants` dict and `_enforcement_records` list were unprotected (`No Lock`), causing potential `RuntimeError: dictionary changed size during iteration` or silent data corruption during parallel plan execution. ### Root Cause (BUG-HUNT #7524) - `InvariantService` is used as a DI singleton - Concurrent calls to `add_invariant()`, `remove_invariant()`, `enforce_invariants()`, and `list_invariants()` race on shared state - Parallel plan execution triggers concurrent thread access to `_invariants` dict and `_enforcement_records` list ### Fix Applied - Added `threading.RLock(self._lock = threading.RLock())` in `__init__` - Wrapped all public methods with `with self._lock:` guard pattern - Consistent with existing patterns in `AutonomyController.record_outcome()` and `AutonomyGuardrailService.configure_guardrails()` ### Files Changed - `src/cleveragents/application/services/invariant_service.py` — Added RLock synchronization to all public methods - `features/invariant_service_thread_safety.feature` — BDD test scenarios (9 new) - `features/steps/invariant_service_thread_safety_steps.py` — Test step implementations - `CHANGELOG.md` — Entry under [Unreleased]/Fixed - `CONTRIBUTORS.md` — Committer credit added
fix(concurrency): add thread safety to InvariantService
Some checks failed
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / push-validation (pull_request) Successful in 59s
Details
CI / lint (pull_request) Failing after 1m9s
Details
CI / security (pull_request) Failing after 1m7s
Details
CI / e2e_tests (pull_request) Failing after 1m3s
Details
CI / integration_tests (pull_request) Failing after 1m4s
Details
CI / quality (pull_request) Failing after 1m6s
Details
CI / unit_tests (pull_request) Failing after 1m5s
Details
CI / docker (pull_request) Has been skipped
Details
CI / typecheck (pull_request) Failing after 1m9s
Details
CI / coverage (pull_request) Has been skipped
Details
CI / helm (pull_request) Successful in 1m5s
Details
CI / build (pull_request) Failing after 1m2s
Details
CI / benchmark-regression (pull_request) Failing after 2m12s
Details
CI / status-check (pull_request) Failing after 3s
Details
68690f04c2 
Add a threading.RLock (re-entrant lock) to InvariantService that guards
all shared mutable state (_invariants dict and _enforcement_records list).
Every public method acquires the lock before reading or writing shared data.

This prevents RuntimeError: dictionary changed size during iteration and
data corruption under concurrent plan execution when the service is registered
as a DI Singleton shared across threads.

PR Compliance Checklist:
- [x] CHANGELOG.md - added entry under [Unreleased]/Fixed section
- [x] CONTRIBUTORS.md - updated HAL 9000 contribution with thread safety mention
- [x] Commit footer included (ISSUES CLOSED: #8209)
- [x] BDD tests - new feature file and step definitions for thread safety
- [x] Epic reference - fix(concurrency) type follows project convention
HAL9000 added this to the v3.4.0 milestone 2026-05-07 17:18:59 +00:00
HAL9000 force-pushed fix/invariant-service-thread-safety from 68690f04c2
Some checks failed
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / push-validation (pull_request) Successful in 59s
Details
CI / lint (pull_request) Failing after 1m9s
Details
CI / security (pull_request) Failing after 1m7s
Details
CI / e2e_tests (pull_request) Failing after 1m3s
Details
CI / integration_tests (pull_request) Failing after 1m4s
Details
CI / quality (pull_request) Failing after 1m6s
Details
CI / unit_tests (pull_request) Failing after 1m5s
Details
CI / docker (pull_request) Has been skipped
Details
CI / typecheck (pull_request) Failing after 1m9s
Details
CI / coverage (pull_request) Has been skipped
Details
CI / helm (pull_request) Successful in 1m5s
Details
CI / build (pull_request) Failing after 1m2s
Details
CI / benchmark-regression (pull_request) Failing after 2m12s
Details
CI / status-check (pull_request) Failing after 3s
Details
to 0c2f1c5134
Some checks failed
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / helm (pull_request) Successful in 43s
Details
CI / lint (pull_request) Failing after 1m2s
Details
CI / build (pull_request) Successful in 1m2s
Details
CI / push-validation (pull_request) Successful in 35s
Details
CI / quality (pull_request) Successful in 1m23s
Details
CI / typecheck (pull_request) Successful in 1m25s
Details
CI / security (pull_request) Successful in 2m0s
Details
CI / benchmark-regression (pull_request) Failing after 59s
Details
CI / unit_tests (pull_request) Failing after 2m46s
Details
CI / coverage (pull_request) Has been skipped
Details
CI / docker (pull_request) Has been skipped
Details
CI / integration_tests (pull_request) Successful in 4m45s
Details
CI / e2e_tests (pull_request) Successful in 4m59s
Details
CI / status-check (pull_request) Failing after 3s
Details
2026-05-07 20:19:58 +00:00 Compare
HAL9001 requested changes 2026-05-07 23:34:59 +00:00
Dismissed
HAL9001 left a comment
Copy link

Review Summary

The core implementation in invariant_service.py is correct and well-structured: threading.RLock is the right primitive, context-manager usage is clean, and every shared-state access site is covered. However, the PR has multiple blocking issues that prevent it from merging.

Blocking Issues

  1. CI lint failing — A ruff E741 violation exists (l is an ambiguous variable name) in invariant_service_thread_safety_steps.py. Must be renamed.
  2. CI unit_tests failing — Three step definitions are missing from invariant_service_thread_safety_steps.py, causing Behave undefined steps for three scenarios.
  3. Code bug in mixed concurrent stepstep_when_concurrent_mixed passes integer 1 instead of InvariantScope.GLOBAL when (thread_idx % 3) + 1 == 1, causing a Pydantic ValidationError at runtime.
  4. Closes wrong issue — The PR body says Closes #8209 but #8209 is itself a PR. The actual bug issue is #7524. Update to Closes #7524.
  5. Missing Forgejo dependency link — The PR must set blocks #7524 in the Forgejo dependency section. The PR currently has no blocking relationship set. This is a required PR submission criterion.
  6. Branch name violates conventionfix/invariant-service-thread-safety is not valid. Bug-fix branches must use bugfix/mN-<name> format (e.g. bugfix/m3-invariant-service-thread-safety). Note: there is already a remotes/origin/fix/issue-7524-invariant-service-thread-safety and remotes/origin/fix/issue-7524-invariant-service-thread-safety-v2 branch in the repository, which also do not follow the convention.
  7. Priority/Medium is wrong for a Type/Bug PR — All bug issues and PRs must carry Priority/Critical per project policy.
  8. Milestone mismatch — The PR is assigned to v3.4.0. Bug issue #7524 is a v3.2.0-era bug. The PR milestone must match the linked issue.
  9. Missing @tdd_issue_7524 regression tag — Bug fix PRs require a companion TDD scenario tagged @tdd_issue_7524 @tdd_expected_fail proving the bug existed before the fix. The new scenarios in this PR are useful concurrent stress tests but are not the required TDD regression tag.

What Looks Good

  • The RLock placement in invariant_service.py and the with self._lock: context-manager usage are correct and cover all shared-state access sites.
  • The lock is re-entrant, appropriate given the public-method call graph.
  • Module docstring clearly explains the thread-safety contract.
  • CHANGELOG.md and CONTRIBUTORS.md are updated in the same commit.
  • Commit body and footer (ISSUES CLOSED) are present.

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

## Review Summary The core implementation in `invariant_service.py` is correct and well-structured: `threading.RLock` is the right primitive, context-manager usage is clean, and every shared-state access site is covered. However, the PR has multiple blocking issues that prevent it from merging. ### Blocking Issues 1. **CI `lint` failing** — A ruff E741 violation exists (`l` is an ambiguous variable name) in `invariant_service_thread_safety_steps.py`. Must be renamed. 2. **CI `unit_tests` failing** — Three step definitions are missing from `invariant_service_thread_safety_steps.py`, causing Behave undefined steps for three scenarios. 3. **Code bug in mixed concurrent step** — `step_when_concurrent_mixed` passes integer `1` instead of `InvariantScope.GLOBAL` when `(thread_idx % 3) + 1 == 1`, causing a Pydantic ValidationError at runtime. 4. **Closes wrong issue** — The PR body says `Closes #8209` but #8209 is itself a PR. The actual bug issue is #7524. Update to `Closes #7524`. 5. **Missing Forgejo dependency link** — The PR must set `blocks #7524` in the Forgejo dependency section. The PR currently has no blocking relationship set. This is a required PR submission criterion. 6. **Branch name violates convention** — `fix/invariant-service-thread-safety` is not valid. Bug-fix branches must use `bugfix/mN-<name>` format (e.g. `bugfix/m3-invariant-service-thread-safety`). Note: there is already a `remotes/origin/fix/issue-7524-invariant-service-thread-safety` and `remotes/origin/fix/issue-7524-invariant-service-thread-safety-v2` branch in the repository, which also do not follow the convention. 7. **Priority/Medium is wrong for a Type/Bug PR** — All bug issues and PRs must carry `Priority/Critical` per project policy. 8. **Milestone mismatch** — The PR is assigned to `v3.4.0`. Bug issue #7524 is a v3.2.0-era bug. The PR milestone must match the linked issue. 9. **Missing `@tdd_issue_7524` regression tag** — Bug fix PRs require a companion TDD scenario tagged `@tdd_issue_7524 @tdd_expected_fail` proving the bug existed before the fix. The new scenarios in this PR are useful concurrent stress tests but are not the required TDD regression tag. ### What Looks Good - The `RLock` placement in `invariant_service.py` and the `with self._lock:` context-manager usage are correct and cover all shared-state access sites. - The lock is re-entrant, appropriate given the public-method call graph. - Module docstring clearly explains the thread-safety contract. - `CHANGELOG.md` and `CONTRIBUTORS.md` are updated in the same commit. - Commit body and footer (`ISSUES CLOSED`) are present. --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
HAL9001 commented 2026-05-07 23:35:16 +00:00
Owner
Copy link

Inline Review Notes

Below are the specific inline findings from this review. These correspond to the blocking issues listed in the formal REQUEST_CHANGES review above.

features/steps/invariant_service_thread_safety_steps.py — Lint failure (E741)

Function step_when_concurrent_add_and_list uses l as a parameter name. Ruff E741 prohibits ambiguous variable names (l, O, I). This is causing CI / lint to fail.

Fix:

# Change:
def step_when_concurrent_add_and_list(context: Any, a: int, l: int) -> None:
    ...
    threads += [threading.Thread(target=list_worker, args=(t,)) for t in range(l)]

# To:
def step_when_concurrent_add_and_list(context: Any, a: int, list_threads: int) -> None:
    ...
    threads += [threading.Thread(target=list_worker, args=(t,)) for t in range(list_threads)]

features/invariant_service_thread_safety.feature:31 — Undefined step

Given 20 invariants pre-added to the service has no matching step definition. The defined variant requires with known IDs appended. Either add a plain step definition or update the feature file to use the with known IDs variant.

features/invariant_service_thread_safety.feature:56 — Undefined step

Given 10 invariants pre-added to the service from different scopes has no matching step definition. Add:

@given("{n:d} invariants pre-added to the service from different scopes")
def step_given_pre_added_different_scopes(context: Any, n: int) -> None:
    for i in range(n):
        scope = [InvariantScope.GLOBAL, InvariantScope.PROJECT, InvariantScope.PLAN][i % 3]
        context.inv_service.add_invariant(
            text=f"Enforcement invariant {i}",
            scope=scope,
            source_name="test-plan" if scope == InvariantScope.PLAN else f"source-{i}",
        )

features/invariant_service_thread_safety.feature:86 — Undefined step

And the service invariant count should be non-negative has no matching step definition. The only similar definition is the much longer ...and the enforcement record count should be non-negative. Add a short definition:

@then("the service invariant count should be non-negative")
def step_then_inv_count_non_neg(context: Any) -> None:
    assert len(context.inv_service.list_invariants()) >= 0

features/steps/invariant_service_thread_safety_steps.py — Type error in step_when_concurrent_mixed

The scope expression:

scope=(thread_idx % 3) + 1
    if (thread_idx % 3) + 1 == 1
    else InvariantScope.PROJECT,

Passes integer 1 (not InvariantScope.GLOBAL) when thread_idx % 3 == 0. Fix:

scope=InvariantScope.GLOBAL if (thread_idx % 3) == 0 else InvariantScope.PROJECT,

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

### Inline Review Notes Below are the specific inline findings from this review. These correspond to the blocking issues listed in the formal `REQUEST_CHANGES` review above. --- **`features/steps/invariant_service_thread_safety_steps.py` — Lint failure (E741)** Function `step_when_concurrent_add_and_list` uses `l` as a parameter name. Ruff E741 prohibits ambiguous variable names (`l`, `O`, `I`). This is causing `CI / lint` to fail. Fix: ```python # Change: def step_when_concurrent_add_and_list(context: Any, a: int, l: int) -> None: ... threads += [threading.Thread(target=list_worker, args=(t,)) for t in range(l)] # To: def step_when_concurrent_add_and_list(context: Any, a: int, list_threads: int) -> None: ... threads += [threading.Thread(target=list_worker, args=(t,)) for t in range(list_threads)] ``` --- **`features/invariant_service_thread_safety.feature:31` — Undefined step** `Given 20 invariants pre-added to the service` has no matching step definition. The defined variant requires `with known IDs` appended. Either add a plain step definition or update the feature file to use the `with known IDs` variant. --- **`features/invariant_service_thread_safety.feature:56` — Undefined step** `Given 10 invariants pre-added to the service from different scopes` has no matching step definition. Add: ```python @given("{n:d} invariants pre-added to the service from different scopes") def step_given_pre_added_different_scopes(context: Any, n: int) -> None: for i in range(n): scope = [InvariantScope.GLOBAL, InvariantScope.PROJECT, InvariantScope.PLAN][i % 3] context.inv_service.add_invariant( text=f"Enforcement invariant {i}", scope=scope, source_name="test-plan" if scope == InvariantScope.PLAN else f"source-{i}", ) ``` --- **`features/invariant_service_thread_safety.feature:86` — Undefined step** `And the service invariant count should be non-negative` has no matching step definition. The only similar definition is the much longer `...and the enforcement record count should be non-negative`. Add a short definition: ```python @then("the service invariant count should be non-negative") def step_then_inv_count_non_neg(context: Any) -> None: assert len(context.inv_service.list_invariants()) >= 0 ``` --- **`features/steps/invariant_service_thread_safety_steps.py` — Type error in `step_when_concurrent_mixed`** The scope expression: ```python scope=(thread_idx % 3) + 1 if (thread_idx % 3) + 1 == 1 else InvariantScope.PROJECT, ``` Passes integer `1` (not `InvariantScope.GLOBAL`) when `thread_idx % 3 == 0`. Fix: ```python scope=InvariantScope.GLOBAL if (thread_idx % 3) == 0 else InvariantScope.PROJECT, ``` --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
HAL9001 requested changes 2026-05-07 23:40:41 +00:00
Dismissed
HAL9001 left a comment
Copy link

First Review — fix(concurrency): add thread safety to InvariantService

Overall Assessment

The production code change (invariant_service.py) is correct, well-structured, and demonstrates sound thread-safety reasoning: an RLock is used (enabling reentrancy), every shared-state access is wrapped in a with self._lock: context manager, and the lock is documented clearly. This part of the PR is ready to merge on its own merits.

However, the test code and PR metadata have multiple blocking defects that are preventing CI from passing and must be fixed before this can be approved.

CI Status

Job Status Note
lint FAILING Ambiguous variable name l (ruff E741)
unit_tests FAILING Three missing/mismatched step definitions
coverage SKIPPED Skipped because unit_tests failed
benchmark-regression FAILING Likely unrelated to this PR
typecheck PASSING
security PASSING
integration_tests PASSING
e2e_tests PASSING

All required CI gates (lint, unit_tests, coverage) must pass before this PR can be merged. Three of five are failing or skipped.

Blocking Issues

1. lint failing — ambiguous variable name l

File: features/steps/invariant_service_thread_safety_steps.py, line 189

ruff raises E741: ambiguous variable name 'l' because l looks like the numeral 1. Rename to num_list_threads or similar and update all usages in the function.

2. unit_tests failing — three missing/mismatched Behave step definitions

(a) Missing step: features/invariant_service_thread_safety.feature, line 34

The scenario Concurrent list from multiple threads does not raise RuntimeError uses:

Given 20 invariants pre-added to the service

But no step matching this text exists. The only related steps are {n:d} invariants pre-added to the service with known IDs and {n:d} mixed-scope invariants pre-added to the service. Add a new @given step or rename this line to match an existing one.

(b) Missing step: features/invariant_service_thread_safety.feature, line 66

The scenario Concurrent enforce_invariants does not raise RuntimeError uses:

Given 10 invariants pre-added to the service from different scopes

No step definition matches this text. Add a @given("{n:d} invariants pre-added to the service from different scopes") step, or reuse {n:d} mixed-scope invariants pre-added to the service.

(c) Step text mismatch: features/invariant_service_thread_safety.feature, line 87 vs step file line 472

Feature file says:

And the service invariant count should be non-negative

Step definition says:

the service invariant count should be non-negative and the enforcement record count should be non-negative

These are two different strings — Behave cannot match them. Rename the @then decorator to match the feature file exactly.

3. Logic bug — broken scope expression in mixed operations step

File: features/steps/invariant_service_thread_safety_steps.py, lines 390-392

The expression scope=(thread_idx % 3) + 1 if (thread_idx % 3) + 1 == 1 else InvariantScope.PROJECT is broken in two ways: (a) when the condition is True it passes the integer 1 instead of InvariantScope.GLOBAL, causing a ValueError that is silently swallowed by except Exception: pass; (b) when the condition is False it always passes InvariantScope.PROJECT. Replace with: scope=[InvariantScope.GLOBAL, InvariantScope.PROJECT, InvariantScope.PLAN][thread_idx % 3]

4. Branch naming convention violation

For a Type/Bug fix, the branch must follow bugfix/mN-<name> (per CONTRIBUTING.md). The current branch fix/invariant-service-thread-safety uses the wrong prefix and is missing the milestone number. Linked issues (#7524, #8209) are in milestone v3.2.0 → expected: bugfix/m2-invariant-service-thread-safety. This will require a new PR from the correctly-named branch.

5. Wrong issue referenced in PR description and commit footer

The PR body says Closes #8209 and the commit footer says ISSUES CLOSED: #8209, but issue #8209's own body says Closes #7524. Issue #7524 is the original bug (BUG-HUNT: [concurrency] InvariantService has no thread safety). Change references to close the correct issue: Closes #7524 (and Closes #8209 if that also needs closing).

6. Missing Forgejo dependency link (PR blocks issue)

Per CONTRIBUTING.md, the PR must block the linked issue (PR → blocks → issue). Currently PR 11001 has no "blocks" relationship set. Set this on the PR: add #7524 (and #8209 if applicable) under "blocks".

7. Milestone mismatch

Linked issues #7524 and #8209 are both on milestone v3.2.0, but this PR is assigned to v3.4.0. Per CONTRIBUTING.md, a PR must be assigned to the same milestone as its linked issue(s). Update the PR milestone to v3.2.0.

8. Missing @tdd_issue_N regression test tag

Per CONTRIBUTING.md, bug fixes require a @tdd_issue_N tag on the regression test scenario. The feature file contains no @tdd_issue_7524 tag. Add this tag to the most representative regression scenario.

Non-Blocking Suggestions

  • Dead code in step file: _make_invariant() returns None and is never called — remove it to reduce confusion.
  • get_effective_invariants() called without arguments (step file line 403): Technically valid, but the scenario intent is to test mixed-scope operations. Consider passing plan_id="test-plan" to make the test more meaningful.

Verdict

REQUEST_CHANGES — The production code is correct and well-implemented. The test code has three step definition bugs causing CI failure, a lint violation, and a logic bug in one step. PR metadata has several compliance issues (wrong branch name, wrong issue reference, missing dependency link, wrong milestone, missing TDD tag). Please address all blocking issues and push a corrected commit.

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

## First Review — `fix(concurrency): add thread safety to InvariantService` ### Overall Assessment The **production code change** (`invariant_service.py`) is correct, well-structured, and demonstrates sound thread-safety reasoning: an `RLock` is used (enabling reentrancy), every shared-state access is wrapped in a `with self._lock:` context manager, and the lock is documented clearly. This part of the PR is ready to merge on its own merits. However, the **test code and PR metadata have multiple blocking defects** that are preventing CI from passing and must be fixed before this can be approved. --- ### CI Status | Job | Status | Note | |---|---|---| | `lint` | FAILING | Ambiguous variable name `l` (ruff E741) | | `unit_tests` | FAILING | Three missing/mismatched step definitions | | `coverage` | SKIPPED | Skipped because unit_tests failed | | `benchmark-regression` | FAILING | Likely unrelated to this PR | | `typecheck` | PASSING | | | `security` | PASSING | | | `integration_tests` | PASSING | | | `e2e_tests` | PASSING | | All required CI gates (`lint`, `unit_tests`, `coverage`) must pass before this PR can be merged. Three of five are failing or skipped. --- ### Blocking Issues #### 1. `lint` failing — ambiguous variable name `l` File: `features/steps/invariant_service_thread_safety_steps.py`, line 189 ruff raises `E741: ambiguous variable name 'l'` because `l` looks like the numeral `1`. Rename to `num_list_threads` or similar and update all usages in the function. #### 2. `unit_tests` failing — three missing/mismatched Behave step definitions **(a) Missing step:** `features/invariant_service_thread_safety.feature`, line 34 The scenario `Concurrent list from multiple threads does not raise RuntimeError` uses: ``` Given 20 invariants pre-added to the service ``` But no step matching this text exists. The only related steps are `{n:d} invariants pre-added to the service with known IDs` and `{n:d} mixed-scope invariants pre-added to the service`. Add a new `@given` step or rename this line to match an existing one. **(b) Missing step:** `features/invariant_service_thread_safety.feature`, line 66 The scenario `Concurrent enforce_invariants does not raise RuntimeError` uses: ``` Given 10 invariants pre-added to the service from different scopes ``` No step definition matches this text. Add a `@given("{n:d} invariants pre-added to the service from different scopes")` step, or reuse `{n:d} mixed-scope invariants pre-added to the service`. **(c) Step text mismatch:** `features/invariant_service_thread_safety.feature`, line 87 vs step file line 472 Feature file says: ``` And the service invariant count should be non-negative ``` Step definition says: ``` the service invariant count should be non-negative and the enforcement record count should be non-negative ``` These are two different strings — Behave cannot match them. Rename the `@then` decorator to match the feature file exactly. #### 3. Logic bug — broken scope expression in mixed operations step File: `features/steps/invariant_service_thread_safety_steps.py`, lines 390-392 The expression `scope=(thread_idx % 3) + 1 if (thread_idx % 3) + 1 == 1 else InvariantScope.PROJECT` is broken in two ways: (a) when the condition is True it passes the **integer** `1` instead of `InvariantScope.GLOBAL`, causing a `ValueError` that is silently swallowed by `except Exception: pass`; (b) when the condition is False it always passes `InvariantScope.PROJECT`. Replace with: `scope=[InvariantScope.GLOBAL, InvariantScope.PROJECT, InvariantScope.PLAN][thread_idx % 3]` #### 4. Branch naming convention violation For a `Type/Bug` fix, the branch must follow `bugfix/mN-<name>` (per CONTRIBUTING.md). The current branch `fix/invariant-service-thread-safety` uses the wrong prefix and is missing the milestone number. Linked issues (#7524, #8209) are in milestone v3.2.0 → expected: `bugfix/m2-invariant-service-thread-safety`. This will require a new PR from the correctly-named branch. #### 5. Wrong issue referenced in PR description and commit footer The PR body says `Closes #8209` and the commit footer says `ISSUES CLOSED: #8209`, but issue #8209's own body says `Closes #7524`. Issue #7524 is the original bug (`BUG-HUNT: [concurrency] InvariantService has no thread safety`). Change references to close the correct issue: `Closes #7524` (and `Closes #8209` if that also needs closing). #### 6. Missing Forgejo dependency link (PR blocks issue) Per CONTRIBUTING.md, the PR must block the linked issue (PR → blocks → issue). Currently PR 11001 has no "blocks" relationship set. Set this on the PR: add `#7524` (and `#8209` if applicable) under "blocks". #### 7. Milestone mismatch Linked issues #7524 and #8209 are both on milestone `v3.2.0`, but this PR is assigned to `v3.4.0`. Per CONTRIBUTING.md, a PR must be assigned to the same milestone as its linked issue(s). Update the PR milestone to `v3.2.0`. #### 8. Missing `@tdd_issue_N` regression test tag Per CONTRIBUTING.md, bug fixes require a `@tdd_issue_N` tag on the regression test scenario. The feature file contains no `@tdd_issue_7524` tag. Add this tag to the most representative regression scenario. --- ### Non-Blocking Suggestions - **Dead code in step file**: `_make_invariant()` returns `None` and is never called — remove it to reduce confusion. - **`get_effective_invariants()` called without arguments** (step file line 403): Technically valid, but the scenario intent is to test mixed-scope operations. Consider passing `plan_id="test-plan"` to make the test more meaningful. --- ### Verdict `REQUEST_CHANGES` — The production code is correct and well-implemented. The test code has three step definition bugs causing CI failure, a lint violation, and a logic bug in one step. PR metadata has several compliance issues (wrong branch name, wrong issue reference, missing dependency link, wrong milestone, missing TDD tag). Please address all blocking issues and push a corrected commit. --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
features/invariant_service_thread_safety.feature Outdated
@ -0,0 +31,4 @@
# -----------------------------------------------------------------
Scenario: Concurrent list from multiple threads does not raise RuntimeError
Given 20 invariants pre-added to the service
HAL9001 commented 2026-05-07 23:40:41 +00:00
Owner
Copy link

BLOCKING — missing Behave step definition

This step text Given 20 invariants pre-added to the service has no matching @given decorator in the step file. Behave will report Step Definition Not Found and the scenario will fail.

The only close matches are:

  • "{n:d} invariants pre-added to the service with known IDs" (requires with known IDs suffix)
  • "{n:d} mixed-scope invariants pre-added to the service" (requires mixed-scope prefix)

Fix: either (a) change this line to Given 20 invariants pre-added to the service with known IDs, or (b) add a new @given("{n:d} invariants pre-added to the service") step that pre-populates invariants without storing their IDs.

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

**BLOCKING — missing Behave step definition** This step text `Given 20 invariants pre-added to the service` has no matching `@given` decorator in the step file. Behave will report `Step Definition Not Found` and the scenario will fail. The only close matches are: - `"{n:d} invariants pre-added to the service with known IDs"` (requires `with known IDs` suffix) - `"{n:d} mixed-scope invariants pre-added to the service"` (requires `mixed-scope` prefix) Fix: either (a) change this line to `Given 20 invariants pre-added to the service with known IDs`, or (b) add a new `@given("{n:d} invariants pre-added to the service")` step that pre-populates invariants without storing their IDs. --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
features/invariant_service_thread_safety.feature Outdated
@ -0,0 +63,4 @@
# -----------------------------------------------------------------
Scenario: Concurrent enforce_invariants does not raise RuntimeError
Given 10 invariants pre-added to the service from different scopes
HAL9001 commented 2026-05-07 23:40:41 +00:00
Owner
Copy link

BLOCKING — missing Behave step definition

This step text Given 10 invariants pre-added to the service from different scopes has no matching @given decorator in the step file. Behave will fail with Step Definition Not Found.

Fix: add a step definition, e.g.:

@given("{n:d} invariants pre-added to the service from different scopes")
def step_given_pre_added_multi_scope(context: Any, n: int) -> None:
    scopes = [InvariantScope.GLOBAL, InvariantScope.PROJECT, InvariantScope.PLAN]
    for i in range(n):
        context.inv_service.add_invariant(
            text=f"Pre-added invariant {i}",
            scope=scopes[i % len(scopes)],
            source_name=f"source-{i}",
        )

Or reuse the existing step by changing this feature line to Given 10 mixed-scope invariants pre-added to the service.

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

**BLOCKING — missing Behave step definition** This step text `Given 10 invariants pre-added to the service from different scopes` has no matching `@given` decorator in the step file. Behave will fail with `Step Definition Not Found`. Fix: add a step definition, e.g.: ```python @given("{n:d} invariants pre-added to the service from different scopes") def step_given_pre_added_multi_scope(context: Any, n: int) -> None: scopes = [InvariantScope.GLOBAL, InvariantScope.PROJECT, InvariantScope.PLAN] for i in range(n): context.inv_service.add_invariant( text=f"Pre-added invariant {i}", scope=scopes[i % len(scopes)], source_name=f"source-{i}", ) ``` Or reuse the existing step by changing this feature line to `Given 10 mixed-scope invariants pre-added to the service`. --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
features/invariant_service_thread_safety.feature Outdated
@ -0,0 +84,4 @@
Scenario: Shared singleton instance survives concurrent access from 20 threads
When 20 threads each add 3 invariants and then list them back
Then no exception should have been raised during concurrent singleton access
And the service invariant count should be non-negative
HAL9001 commented 2026-05-07 23:40:41 +00:00
Owner
Copy link

BLOCKING — step text mismatch: Behave cannot find the matching step

This line reads:

And the service invariant count should be non-negative

But the @then decorator in the step file (line 472) reads:

the service invariant count should be non-negative and the enforcement record count should be non-negative

Behave matches step text exactly — this step will never be found, causing the scenario to fail.

Fix: update the @then decorator in the step file to match this feature text exactly:

@then("the service invariant count should be non-negative")

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

**BLOCKING — step text mismatch: Behave cannot find the matching step** This line reads: ``` And the service invariant count should be non-negative ``` But the `@then` decorator in the step file (line 472) reads: ``` the service invariant count should be non-negative and the enforcement record count should be non-negative ``` Behave matches step text exactly — this step will never be found, causing the scenario to fail. Fix: update the `@then` decorator in the step file to match this feature text exactly: ```python @then("the service invariant count should be non-negative") ``` --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
features/steps/invariant_service_thread_safety_steps.py Outdated
@ -0,0 +186,4 @@
"{a:d} threads concurrently add invariants and "
"{l:d} threads concurrently list invariants"
)
def step_when_concurrent_add_and_list(context: Any, a: int, l: int) -> None:
HAL9001 commented 2026-05-07 23:40:41 +00:00
Owner
Copy link

BLOCKING — lint failure (ruff E741): ambiguous variable name l

ruff raises E741: ambiguous variable name for single-character names that look like digits (l, O, I). This causes the lint CI gate to fail.

Fix: rename l to a descriptive name, e.g.:

def step_when_concurrent_add_and_list(context: Any, a: int, num_list_threads: int) -> None:

And update all usages of l in the function to num_list_threads.

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

**BLOCKING — lint failure (ruff E741): ambiguous variable name `l`** ruff raises `E741: ambiguous variable name` for single-character names that look like digits (`l`, `O`, `I`). This causes the `lint` CI gate to fail. Fix: rename `l` to a descriptive name, e.g.: ```python def step_when_concurrent_add_and_list(context: Any, a: int, num_list_threads: int) -> None: ``` And update all usages of `l` in the function to `num_list_threads`. --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
features/steps/invariant_service_thread_safety_steps.py Outdated
@ -0,0 +387,4 @@
try:
context.inv_service.add_invariant(
text=f"Mixed-thread-{thread_idx}-inv-{i}",
scope=(thread_idx % 3) + 1
HAL9001 commented 2026-05-07 23:40:41 +00:00
Owner
Copy link

BLOCKING — logic bug: integer 1 passed instead of InvariantScope.GLOBAL

This expression:

scope=(thread_idx % 3) + 1
    if (thread_idx % 3) + 1 == 1
    else InvariantScope.PROJECT,

has two bugs:

  1. When thread_idx % 3 == 0, scope is set to the integer 1 instead of InvariantScope.GLOBAL. Pydantic raises ValueError. The except Exception: pass silently swallows this — the test passes even though every third add call is silently failing.
  2. When the condition is False, scope is always InvariantScope.PROJECT regardless of thread_idx, so no actual scope variation is tested.

Fix:

scope=[InvariantScope.GLOBAL, InvariantScope.PROJECT, InvariantScope.PLAN][thread_idx % 3],

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

**BLOCKING — logic bug: integer `1` passed instead of `InvariantScope.GLOBAL`** This expression: ```python scope=(thread_idx % 3) + 1 if (thread_idx % 3) + 1 == 1 else InvariantScope.PROJECT, ``` has two bugs: 1. When `thread_idx % 3 == 0`, scope is set to the **integer** `1` instead of `InvariantScope.GLOBAL`. Pydantic raises `ValueError`. The `except Exception: pass` silently swallows this — the test passes even though every third add call is silently failing. 2. When the condition is False, scope is always `InvariantScope.PROJECT` regardless of `thread_idx`, so no actual scope variation is tested. Fix: ```python scope=[InvariantScope.GLOBAL, InvariantScope.PROJECT, InvariantScope.PLAN][thread_idx % 3], ``` --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
features/steps/invariant_service_thread_safety_steps.py Outdated
@ -0,0 +469,4 @@
@then(
"the service invariant count should be non-negative and the enforcement record count should be non-negative"
HAL9001 commented 2026-05-07 23:40:41 +00:00
Owner
Copy link

BLOCKING — step decorator text does not match the feature file

The feature file line 87 uses:

the service invariant count should be non-negative

But this decorator reads:

"the service invariant count should be non-negative and the enforcement record count should be non-negative"

Behave matches step text exactly — this step will never be invoked. Change this decorator to:

@then("the service invariant count should be non-negative")

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

**BLOCKING — step decorator text does not match the feature file** The feature file line 87 uses: ``` the service invariant count should be non-negative ``` But this decorator reads: ```python "the service invariant count should be non-negative and the enforcement record count should be non-negative" ``` Behave matches step text exactly — this step will never be invoked. Change this decorator to: ```python @then("the service invariant count should be non-negative") ``` --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
HAL9001 commented 2026-05-07 23:40:47 +00:00
Owner
Copy link

Formal peer review submitted (review ID 8035, status: REQUEST_CHANGES). 8 blocking issues identified across CI, test step definitions, a logic bug, and PR metadata. Production code changes to invariant_service.py are correct and ready. Please address all blocking issues and push a corrected commit to re-trigger CI and re-review.

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

Formal peer review submitted (review ID 8035, status: REQUEST_CHANGES). 8 blocking issues identified across CI, test step definitions, a logic bug, and PR metadata. Production code changes to `invariant_service.py` are correct and ready. Please address all blocking issues and push a corrected commit to re-trigger CI and re-review. --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
HAL9000 force-pushed fix/invariant-service-thread-safety from 0c2f1c5134
Some checks failed
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / helm (pull_request) Successful in 43s
Details
CI / lint (pull_request) Failing after 1m2s
Details
CI / build (pull_request) Successful in 1m2s
Details
CI / push-validation (pull_request) Successful in 35s
Details
CI / quality (pull_request) Successful in 1m23s
Details
CI / typecheck (pull_request) Successful in 1m25s
Details
CI / security (pull_request) Successful in 2m0s
Details
CI / benchmark-regression (pull_request) Failing after 59s
Details
CI / unit_tests (pull_request) Failing after 2m46s
Details
CI / coverage (pull_request) Has been skipped
Details
CI / docker (pull_request) Has been skipped
Details
CI / integration_tests (pull_request) Successful in 4m45s
Details
CI / e2e_tests (pull_request) Successful in 4m59s
Details
CI / status-check (pull_request) Failing after 3s
Details
to d8e41e0579
Some checks failed
CI / lint (pull_request) Failing after 1m10s
Details
CI / quality (pull_request) Successful in 1m16s
Details
CI / security (pull_request) Successful in 1m36s
Details
CI / typecheck (pull_request) Successful in 1m37s
Details
CI / unit_tests (pull_request) Failing after 2m29s
Details
CI / coverage (pull_request) Has been skipped
Details
CI / docker (pull_request) Has been skipped
Details
CI / build (pull_request) Successful in 28s
Details
CI / integration_tests (pull_request) Successful in 3m27s
Details
CI / push-validation (pull_request) Successful in 21s
Details
CI / helm (pull_request) Successful in 28s
Details
CI / e2e_tests (pull_request) Successful in 3m26s
Details
CI / status-check (pull_request) Failing after 2s
Details
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / benchmark-regression (pull_request) Failing after 1m48s
Details
2026-05-08 10:24:39 +00:00 Compare
HAL9000 force-pushed fix/invariant-service-thread-safety from d8e41e0579
Some checks failed
CI / lint (pull_request) Failing after 1m10s
Details
CI / quality (pull_request) Successful in 1m16s
Details
CI / security (pull_request) Successful in 1m36s
Details
CI / typecheck (pull_request) Successful in 1m37s
Details
CI / unit_tests (pull_request) Failing after 2m29s
Details
CI / coverage (pull_request) Has been skipped
Details
CI / docker (pull_request) Has been skipped
Details
CI / build (pull_request) Successful in 28s
Details
CI / integration_tests (pull_request) Successful in 3m27s
Details
CI / push-validation (pull_request) Successful in 21s
Details
CI / helm (pull_request) Successful in 28s
Details
CI / e2e_tests (pull_request) Successful in 3m26s
Details
CI / status-check (pull_request) Failing after 2s
Details
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / benchmark-regression (pull_request) Failing after 1m48s
Details
to 71b27dded7
Some checks failed
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / push-validation (pull_request) Successful in 37s
Details
CI / helm (pull_request) Successful in 58s
Details
CI / build (pull_request) Successful in 1m4s
Details
CI / lint (pull_request) Failing after 1m14s
Details
CI / quality (pull_request) Successful in 1m26s
Details
CI / typecheck (pull_request) Successful in 1m54s
Details
CI / security (pull_request) Successful in 1m55s
Details
CI / unit_tests (pull_request) Failing after 2m36s
Details
CI / docker (pull_request) Has been skipped
Details
CI / coverage (pull_request) Has been skipped
Details
CI / e2e_tests (pull_request) Failing after 3m54s
Details
CI / integration_tests (pull_request) Successful in 4m22s
Details
CI / status-check (pull_request) Failing after 4s
Details
CI / benchmark-regression (pull_request) Failing after 1m23s
Details
2026-05-08 11:23:28 +00:00 Compare
HAL9000 force-pushed fix/invariant-service-thread-safety from 71b27dded7
Some checks failed
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / push-validation (pull_request) Successful in 37s
Details
CI / helm (pull_request) Successful in 58s
Details
CI / build (pull_request) Successful in 1m4s
Details
CI / lint (pull_request) Failing after 1m14s
Details
CI / quality (pull_request) Successful in 1m26s
Details
CI / typecheck (pull_request) Successful in 1m54s
Details
CI / security (pull_request) Successful in 1m55s
Details
CI / unit_tests (pull_request) Failing after 2m36s
Details
CI / docker (pull_request) Has been skipped
Details
CI / coverage (pull_request) Has been skipped
Details
CI / e2e_tests (pull_request) Failing after 3m54s
Details
CI / integration_tests (pull_request) Successful in 4m22s
Details
CI / status-check (pull_request) Failing after 4s
Details
CI / benchmark-regression (pull_request) Failing after 1m23s
Details
to 72e6df8a17
Some checks failed
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / helm (pull_request) Successful in 49s
Details
CI / build (pull_request) Successful in 1m6s
Details
CI / lint (pull_request) Failing after 1m15s
Details
CI / quality (pull_request) Successful in 1m32s
Details
CI / typecheck (pull_request) Successful in 1m41s
Details
CI / security (pull_request) Successful in 1m44s
Details
CI / push-validation (pull_request) Successful in 20s
Details
CI / unit_tests (pull_request) Failing after 2m48s
Details
CI / coverage (pull_request) Has been skipped
Details
CI / docker (pull_request) Has been skipped
Details
CI / benchmark-regression (pull_request) Failing after 1m4s
Details
CI / integration_tests (pull_request) Successful in 3m50s
Details
CI / e2e_tests (pull_request) Successful in 4m8s
Details
CI / status-check (pull_request) Failing after 3s
Details
2026-05-08 12:26:17 +00:00 Compare
HAL9000 modified the milestone from v3.4.0 to v3.2.0 2026-05-08 14:24:45 +00:00
HAL9001 requested changes 2026-05-08 18:50:39 +00:00
HAL9001 left a comment
Copy link

Re-Review — fix(concurrency): add thread safety to InvariantService

Progress Since Last Review

The author addressed 7 out of 11 prior blocking issues — good progress. The production code (invariant_service.py) remains correct and well-implemented throughout. However, CI is still failing (lint and unit_tests) and 4 blocking issues remain unresolved.

Prior Feedback — Status

# Issue Status
1 Lint E741 — ambiguous l renamed to list_threads Fixed
2 Missing @given step: "N invariants pre-added to the service" Fixed
3 Missing @given step: "N invariants pre-added to the service from different scopes" Fixed
4 Step text mismatch for "service invariant count should be non-negative" Fixed
5 Logic bug in step_when_concurrent_mixed scope expression Fixed
6 Priority/Critical for Type/Bug Fixed
7 Milestone v3.2.0 Fixed
8 Missing Forgejo dependency link (PR → blocks → issue) NOT fixed
9 Branch naming convention (fix/... not bugfix/mN-...) NOT fixed
10 Missing @tdd_issue_7524 regression tag NOT fixed
11 First commit footer ISSUES CLOSED: #8209 (wrong issue); PR body still says Closes #8209 ⚠️ Partially — new commit says Closes #7524 (non-standard keyword)

CI Status on HEAD (72e6df8a)

Job Status Note
lint FAILING NEW line-length violations introduced in fix commit
unit_tests FAILING Needs investigation
coverage PASSING Recovered (was skipped)
typecheck PASSING
security PASSING
integration_tests PASSING
e2e_tests PASSING
benchmark-regression FAILING Pre-existing; unrelated to this PR

Blocking Issues

1. NEW — lint still failing: line-length violations introduced by fix commit

File: features/steps/invariant_service_thread_safety_steps.py

The fix commit introduced 4 lines exceeding ruff's 88-character limit. See inline comments for exact locations and suggested fixes:

  • Line 245 (93 chars): threaded list worker list comprehension
  • Line 349 (91 chars): f-string assertion in concurrent get_effective_invariants
  • Line 421 (111 chars): scope cycling list literal inside step_when_concurrent_mixed
  • Line 508 (112 chars): @then decorator string for step_then_both_counts_non_negative

2. NOT fixed — Missing Forgejo dependency link

Per CONTRIBUTING.md, the PR must set blocks #7524 in Forgejo's dependency section (PR → blocks → issue, never the reverse). The blocks endpoint for PR 11001 still returns an empty array. On the PR page, add issue #7524 under the Blocks dependency section before merge.

3. NOT fixed — Branch naming convention violation

For Type/Bug fixes, branches must follow bugfix/mN-<name> format per CONTRIBUTING.md. The current branch fix/invariant-service-thread-safety uses the wrong prefix and is missing the milestone number. Issue #7524 is in milestone v3.2.0, so the correct name would be bugfix/m2-invariant-service-thread-safety. This requires a new PR opened from a correctly-named branch.

4. NOT fixed — Missing @tdd_issue_7524 regression tag

Per CONTRIBUTING.md, bug fix PRs require a Behave scenario tagged @tdd_issue_7524 @tdd_expected_fail that proves the bug existed before the fix. The feature file contains no @tdd_issue_7524 tag. The new concurrency stress scenarios are valuable but are not the required TDD regression marker. Add a scenario demonstrating the original RuntimeError: dictionary changed size during iteration reproduced without locking, tagged with @tdd_issue_7524 @tdd_expected_fail.

5. Commit and PR metadata — issue reference inconsistency

The first commit footer says ISSUES CLOSED: #8209, but #8209 is itself a PR — the correct target is #7524. The second commit uses Closes #7524 (non-standard; project convention requires ISSUES CLOSED: #N in the commit footer, not Closes). The PR body still says Closes #8209. All references must be corrected to use the project-standard ISSUES CLOSED: #7524 footer format.

What Looks Good

  • All 5 step definition fixes are clean and correct.
  • The logic bug fix using [GLOBAL, PROJECT, PLAN][thread_idx % 3] is the right approach.
  • Priority/Critical and v3.2.0 milestone are now correctly set.
  • coverage CI is now green — a meaningful improvement.
  • Production invariant_service.py code remains correct, clean, and well-documented throughout.

REQUEST_CHANGES — Good progress: 7 of 11 prior blockers resolved and the production code is correct. The fix commit introduced new ruff line-length violations, keeping lint failing. Three process-level blockers remain (Forgejo dependency link, branch name, TDD regression tag) and the issue reference in the first commit footer and PR body needs correcting. Please address all blocking issues and push a corrected commit.

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

## Re-Review — `fix(concurrency): add thread safety to InvariantService` ### Progress Since Last Review The author addressed **7 out of 11** prior blocking issues — good progress. The production code (`invariant_service.py`) remains correct and well-implemented throughout. However, CI is still failing (`lint` and `unit_tests`) and 4 blocking issues remain unresolved. --- ### Prior Feedback — Status | # | Issue | Status | |---|---|---| | 1 | Lint E741 — ambiguous `l` renamed to `list_threads` | ✅ Fixed | | 2 | Missing `@given` step: "N invariants pre-added to the service" | ✅ Fixed | | 3 | Missing `@given` step: "N invariants pre-added to the service from different scopes" | ✅ Fixed | | 4 | Step text mismatch for "service invariant count should be non-negative" | ✅ Fixed | | 5 | Logic bug in `step_when_concurrent_mixed` scope expression | ✅ Fixed | | 6 | Priority/Critical for Type/Bug | ✅ Fixed | | 7 | Milestone v3.2.0 | ✅ Fixed | | 8 | Missing Forgejo dependency link (PR → blocks → issue) | ❌ NOT fixed | | 9 | Branch naming convention (`fix/...` not `bugfix/mN-...`) | ❌ NOT fixed | | 10 | Missing `@tdd_issue_7524` regression tag | ❌ NOT fixed | | 11 | First commit footer `ISSUES CLOSED: #8209` (wrong issue); PR body still says `Closes #8209` | ⚠️ Partially — new commit says `Closes #7524` (non-standard keyword) | --- ### CI Status on HEAD (`72e6df8a`) | Job | Status | Note | |---|---|---| | `lint` | ❌ FAILING | **NEW** line-length violations introduced in fix commit | | `unit_tests` | ❌ FAILING | Needs investigation | | `coverage` | ✅ PASSING | Recovered (was skipped) | | `typecheck` | ✅ PASSING | | | `security` | ✅ PASSING | | | `integration_tests` | ✅ PASSING | | | `e2e_tests` | ✅ PASSING | | | `benchmark-regression` | ❌ FAILING | Pre-existing; unrelated to this PR | --- ### Blocking Issues #### 1. NEW — `lint` still failing: line-length violations introduced by fix commit **File:** `features/steps/invariant_service_thread_safety_steps.py` The fix commit introduced 4 lines exceeding ruff's 88-character limit. See inline comments for exact locations and suggested fixes: - Line 245 (93 chars): threaded list worker list comprehension - Line 349 (91 chars): f-string assertion in concurrent get_effective_invariants - Line 421 (111 chars): scope cycling list literal inside `step_when_concurrent_mixed` - Line 508 (112 chars): `@then` decorator string for `step_then_both_counts_non_negative` #### 2. NOT fixed — Missing Forgejo dependency link Per CONTRIBUTING.md, the PR must set `blocks #7524` in Forgejo's dependency section (PR → blocks → issue, never the reverse). The `blocks` endpoint for PR 11001 still returns an empty array. On the PR page, add issue `#7524` under the **Blocks** dependency section before merge. #### 3. NOT fixed — Branch naming convention violation For `Type/Bug` fixes, branches must follow `bugfix/mN-<name>` format per CONTRIBUTING.md. The current branch `fix/invariant-service-thread-safety` uses the wrong prefix and is missing the milestone number. Issue #7524 is in milestone v3.2.0, so the correct name would be `bugfix/m2-invariant-service-thread-safety`. This requires a new PR opened from a correctly-named branch. #### 4. NOT fixed — Missing `@tdd_issue_7524` regression tag Per CONTRIBUTING.md, bug fix PRs require a Behave scenario tagged `@tdd_issue_7524 @tdd_expected_fail` that **proves the bug existed before the fix**. The feature file contains no `@tdd_issue_7524` tag. The new concurrency stress scenarios are valuable but are not the required TDD regression marker. Add a scenario demonstrating the original `RuntimeError: dictionary changed size during iteration` reproduced without locking, tagged with `@tdd_issue_7524 @tdd_expected_fail`. #### 5. Commit and PR metadata — issue reference inconsistency The first commit footer says `ISSUES CLOSED: #8209`, but #8209 is itself a PR — the correct target is `#7524`. The second commit uses `Closes #7524` (non-standard; project convention requires `ISSUES CLOSED: #N` in the commit footer, not `Closes`). The PR body still says `Closes #8209`. All references must be corrected to use the project-standard `ISSUES CLOSED: #7524` footer format. --- ### What Looks Good - All 5 step definition fixes are clean and correct. - The logic bug fix using `[GLOBAL, PROJECT, PLAN][thread_idx % 3]` is the right approach. - `Priority/Critical` and `v3.2.0` milestone are now correctly set. - `coverage` CI is now green — a meaningful improvement. - Production `invariant_service.py` code remains correct, clean, and well-documented throughout. --- `REQUEST_CHANGES` — Good progress: 7 of 11 prior blockers resolved and the production code is correct. The fix commit introduced new ruff line-length violations, keeping `lint` failing. Three process-level blockers remain (Forgejo dependency link, branch name, TDD regression tag) and the issue reference in the first commit footer and PR body needs correcting. Please address all blocking issues and push a corrected commit. --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
features/steps/invariant_service_thread_safety_steps.py Outdated
@ -0,0 +242,4 @@
errors.append(exc)
threads = [threading.Thread(target=add_worker, args=(t,)) for t in range(a)]
threads += [threading.Thread(target=list_worker, args=(t,)) for t in range(list_threads)]
HAL9001 commented 2026-05-08 18:50:39 +00:00
Owner
Copy link

BLOCKING — line too long (93 chars, limit 88): ruff E501

This line was introduced in the fix commit and exceeds ruff's 88-character line limit, causing lint to fail.

Fix: break the list comprehension across lines:

threads += [
    threading.Thread(target=list_worker, args=(t,))
    for t in range(list_threads)
]

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

**BLOCKING — line too long (93 chars, limit 88): ruff E501** This line was introduced in the fix commit and exceeds ruff's 88-character line limit, causing `lint` to fail. Fix: break the list comprehension across lines: ```python threads += [ threading.Thread(target=list_worker, args=(t,)) for t in range(list_threads) ] ``` --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
features/steps/invariant_service_thread_safety_steps.py Outdated
@ -0,0 +346,4 @@
)
def step_then_no_exc_effective(context: Any) -> None:
assert not context.errors, (
f"Exception(s) raised during concurrent get_effective_invariants: {context.errors}"
HAL9001 commented 2026-05-08 18:50:39 +00:00
Owner
Copy link

BLOCKING — line too long (91 chars, limit 88): ruff E501

Fix: extract the error message to a variable before the assertion:

msg = (
    "Exception(s) raised during concurrent "
    f"get_effective_invariants: {context.errors}"
)
assert not context.errors, msg

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

**BLOCKING — line too long (91 chars, limit 88): ruff E501** Fix: extract the error message to a variable before the assertion: ```python msg = ( "Exception(s) raised during concurrent " f"get_effective_invariants: {context.errors}" ) assert not context.errors, msg ``` --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
features/steps/invariant_service_thread_safety_steps.py Outdated
@ -0,0 +418,4 @@
try:
context.inv_service.add_invariant(
text=f"Mixed-thread-{thread_idx}-inv-{i}",
scope=[InvariantScope.GLOBAL, InvariantScope.PROJECT, InvariantScope.PLAN][thread_idx % 3],
HAL9001 commented 2026-05-08 18:50:39 +00:00
Owner
Copy link

BLOCKING — line too long (111 chars, limit 88): ruff E501

The scope cycling list literal is too long for a single line. Extract as a module-level constant or break across lines:

_SCOPE_CYCLE = [
    InvariantScope.GLOBAL,
    InvariantScope.PROJECT,
    InvariantScope.PLAN,
]

# Then inside worker():
scope=_SCOPE_CYCLE[thread_idx % 3],

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

**BLOCKING — line too long (111 chars, limit 88): ruff E501** The scope cycling list literal is too long for a single line. Extract as a module-level constant or break across lines: ```python _SCOPE_CYCLE = [ InvariantScope.GLOBAL, InvariantScope.PROJECT, InvariantScope.PLAN, ] # Then inside worker(): scope=_SCOPE_CYCLE[thread_idx % 3], ``` --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
features/steps/invariant_service_thread_safety_steps.py Outdated
@ -0,0 +505,4 @@
@then(
"the service invariant count should be non-negative and the enforcement record count should be non-negative"
HAL9001 commented 2026-05-08 18:50:39 +00:00
Owner
Copy link

BLOCKING — line too long (112 chars, limit 88): ruff E501

This @then decorator string is 112 characters. Wrap with implicit string concatenation:

@then(
    "the service invariant count should be non-negative "
    "and the enforcement record count should be non-negative"
)

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

**BLOCKING — line too long (112 chars, limit 88): ruff E501** This `@then` decorator string is 112 characters. Wrap with implicit string concatenation: ```python @then( "the service invariant count should be non-negative " "and the enforcement record count should be non-negative" ) ``` --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
HAL9001 commented 2026-05-08 18:50:45 +00:00
Owner
Copy link

Formal peer re-review submitted (review ID 8164, status: REQUEST_CHANGES). 7 of 11 prior blockers are resolved — good progress. Remaining blocking issues: (1) NEW: 4 ruff E501 line-length violations introduced in fix commit keep lint failing; (2) missing Forgejo dependency link (PR → blocks → #7524); (3) branch naming convention violation (fix/... should be bugfix/m2-...); (4) missing @tdd_issue_7524 @tdd_expected_fail regression tag; (5) first commit footer and PR body still reference wrong issue #8209. Please address all blocking issues and push a corrected commit to re-trigger CI and re-review.

Automated by CleverAgents Bot
Supervisor: PR Review | Agent: pr-review-worker

Formal peer re-review submitted (review ID 8164, status: REQUEST_CHANGES). 7 of 11 prior blockers are resolved — good progress. Remaining blocking issues: (1) NEW: 4 ruff E501 line-length violations introduced in fix commit keep `lint` failing; (2) missing Forgejo dependency link (PR → blocks → #7524); (3) branch naming convention violation (`fix/...` should be `bugfix/m2-...`); (4) missing `@tdd_issue_7524 @tdd_expected_fail` regression tag; (5) first commit footer and PR body still reference wrong issue #8209. Please address all blocking issues and push a corrected commit to re-trigger CI and re-review. --- Automated by CleverAgents Bot Supervisor: PR Review | Agent: pr-review-worker
HAL9000 force-pushed fix/invariant-service-thread-safety from 72e6df8a17
Some checks failed
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / helm (pull_request) Successful in 49s
Details
CI / build (pull_request) Successful in 1m6s
Details
CI / lint (pull_request) Failing after 1m15s
Details
CI / quality (pull_request) Successful in 1m32s
Details
CI / typecheck (pull_request) Successful in 1m41s
Details
CI / security (pull_request) Successful in 1m44s
Details
CI / push-validation (pull_request) Successful in 20s
Details
CI / unit_tests (pull_request) Failing after 2m48s
Details
CI / coverage (pull_request) Has been skipped
Details
CI / docker (pull_request) Has been skipped
Details
CI / benchmark-regression (pull_request) Failing after 1m4s
Details
CI / integration_tests (pull_request) Successful in 3m50s
Details
CI / e2e_tests (pull_request) Successful in 4m8s
Details
CI / status-check (pull_request) Failing after 3s
Details
to 4907a0e2ad
Some checks failed
CI / security (pull_request) Failing after 3s
Details
CI / unit_tests (pull_request) Failing after 3s
Details
CI / lint (pull_request) Failing after 3s
Details
CI / typecheck (pull_request) Failing after 4s
Details
CI / quality (pull_request) Failing after 4s
Details
CI / coverage (pull_request) Has been skipped
Details
CI / docker (pull_request) Has been skipped
Details
CI / integration_tests (pull_request) Failing after 2s
Details
CI / build (pull_request) Failing after 3s
Details
CI / helm (pull_request) Failing after 3s
Details
CI / push-validation (pull_request) Failing after 4s
Details
CI / status-check (pull_request) Failing after 4s
Details
2026-05-15 01:44:10 +00:00 Compare
Some checks failed
CI / security (pull_request) Failing after 3s
Required
Details
CI / unit_tests (pull_request) Failing after 3s
Required
Details
CI / lint (pull_request) Failing after 3s
Required
Details
CI / typecheck (pull_request) Failing after 4s
Required
Details
CI / quality (pull_request) Failing after 4s
Required
Details
CI / coverage (pull_request) Has been skipped
Required
Details
CI / docker (pull_request) Has been skipped
Required
Details
CI / integration_tests (pull_request) Failing after 2s
Required
Details
CI / build (pull_request) Failing after 3s
Required
Details
CI / helm (pull_request) Failing after 3s
Details
CI / push-validation (pull_request) Failing after 4s
Details
CI / status-check (pull_request) Failing after 4s
Details
This pull request doesn't have enough approvals yet. 0 of 1 approvals granted.
This branch is out-of-date with the base branch
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin fix/invariant-service-thread-safety:fix/invariant-service-thread-safety
git switch fix/invariant-service-thread-safety
Sign in to join this conversation.
Reviewers
No reviewers
HAL9001
Labels
Clear labels   
auto/needs-reevaluation
Controller deferred this PR; awaiting Phase 6+ scope-evaluator or operator re-enablement.

  
controller-managed
Auto-agents controller manages this PR/issue (see tools/controller/deploy/RUNBOOK.md). Remove this label to abandon controller management.

  
auto/blocked-by-deps
PR blocked by an open issue dependency. Operator must close the dep (or remove the dependency link) before the merge driver can act. Auto-cleared by merge_drive when no open deps remain.

  
auto/ci-timeout
Most recent merge cycle hit CI timeout. Driver excludes this PR while last merge_cycle row is < 30 min old; label persists thereafter as visible history.

  
auto/claimed-implementer
Currently being processed by an implementer worker.

  
auto/claimed-merge
Currently being processed by the merge driver.

  
auto/claimed-reviewer
Currently being processed by a reviewer worker.

  
auto/driver-down
Merge driver heartbeat stale; pipeline halted. Closed automatically on next clean tick.

  
auto/invariant-violation
Detected master commit violating the strict merge invariant. Tracked as an issue (not a PR label); kept here for label completeness.

  
auto/last-attempt-tier-0
In-cycle escalation: most recent attempt ran at the Tier 0 slot (`tier-0`). Slot's model defined in .opencode/models/tiers.yaml.

  
auto/last-attempt-tier-1
In-cycle escalation: most recent attempt ran at the Tier 1 slot (`tier-1`). Slot's model defined in .opencode/models/tiers.yaml.

  
auto/last-attempt-tier-2
In-cycle escalation: most recent attempt ran at the Tier 2 slot (`tier-2`). Slot's model defined in .opencode/models/tiers.yaml. Gated behind IMPLEMENTER_ESCALATION_TIER2_ENABLED.

  
auto/last-attempt-tier-min
In-cycle escalation: most recent attempt ran at the Tier -1 slot (`tier-min`). Slot's model defined in .opencode/models/tiers.yaml. Suffix is ``-min`` (not ``--1``) so the Forgejo UI reads naturally.

  
Automation Tracking
Tracking issues used by the AI Automation system for agents to communicate and report.

  
auto/needs-conflict-resolution
Rebase conflict needs LLM conflict-resolver.

  
auto/needs-implementer
Failing CI needs implementer attention.

  
auto/postmortem
Documenting a driver incident or rollback.

  
auto/ready-to-merge
Reviewer has APPROVED this PR and no later REQUEST_CHANGES is outstanding. The merge driver requires this label to even consider a PR for merging. Set by the reviewer worker on APPROVE; cleared on REQUEST_CHANGES.

  
auto/restart-throttled
Train repeatedly lost master-tempo races. Driver excludes via merge_cycle until cooldown elapses; label persists as visible history.

  
auto/revert
Revert PR backing out an invariant violation. Fast-tracked through the merge driver.

  
auto/sentinel
Sentinel PR duplicated from upstream into a personal fork by tools/duplicate_prs_to_fork.py for pipeline testing. Lives only in the fork; the canonical pipeline never sees it.

  
auto/stale-inactivity
No implementer activity for N days. Flagged for human review. Auto-cleared on next push to head branch.

  
auto/unstable
Repeatedly fails on current master (>= 3 ci-fail-on-rebased-sha releases in 12 h). Excluded from driver until human triage.

  
Blocked
A ticket in a blocked state and unable to complete until some other task is completed first.

  
Bounty
$100
 A bounty of $100 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$1000
 A bounty of $1000 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$10000
 A bounty of $10000 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$20
 A bounty of $20 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$2000
 A bounty of $2000 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$250
 A bounty of $250 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$50
 A bounty of $50 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$500
 A bounty of $500 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$5000
 A bounty of $5000 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$750
 A bounty of $750 for any open-source contributor who provides a MR that solves this issue

  
MoSCoW
Could have
 Could have feature in order to satisfy the epic/legendary.

  
MoSCoW
Must have
 Must have feature in order to satisfy the epic/legendary.

  
MoSCoW
Should have
 Should have feature in order to satisfy the epic/legendary.

  
Needs Feedback
There are questions in the ticket that can not be completed until the project owner provides clarity.

  
Points
1
 1 man-hours worth of work for an expert with no learning curve.

  
Points
13
 13 man-hours worth of work for an expert with no learning curve.

  
Points
2
 2 man-hours worth of work for an expert with no learning curve.

  
Points
21
 21 man-hours worth of work for an expert with no learning curve.

  
Points
3
 3 man-hours worth of work for an expert with no learning curve.

  
Points
34
 34 man-hours worth of work for an expert with no learning curve.

  
Points
5
 5 man-hours worth of work for an expert with no learning curve.

  
Points
55
 55 man-hours worth of work for an expert with no learning curve.

  
Points
8
 8 man-hours worth of work for an expert with no learning curve.

  
Points
88
 88 man-hours worth of work for an expert with no learning curve.

  
Priority
Backlog
 This ticket has backlogged priority and is not to be worked on yet

  
Priority
CI Blocker
 Critical priority issue that blocks CI/CD pipeline and prevents PR merges

  
Priority
Critical
 The priority is critical

  
Priority
High
 The priority is high

  
Priority
Low
 The priority is low

  
Priority
Medium
 The priority is medium

  
Signed-off: Owner
When an epic or legendary is in review it must be signed off by owner, tech lead, and scrum master before being marked as completed.

  
Signed-off: Scrum Master
When an epic or legendary is in review it must be signed off by owner, tech lead, and scrum master before being marked as completed.

  
Signed-off: Tech Lead
When an epic or legendary is in review it must be signed off by owner, tech lead, and scrum master before being marked as completed.

  
Spike
A ticket for learning a tool or technology that is needed to be able to do future planning and design.

  
State
Completed
 The ticket has been fully implemented, completed, and merged with the source code. This label should only be applied once a ticket is closed.

  
State
Duplicate
 A ticket that represents the same content as an existing ticket.

  
State
In Progress
 A ticket that is actively being developed.

  
State
In Review
 A ticket that has had some code completed to implement but is waiting to pass peer review and is not yet merged in.

  
State
Paused
 This ticket's work started but wasn't finished. It's on hold (likely in a feature branch) and will be resumed later, either due to a blocker or a delay.

  
State
Unverified
 All new tickets start in this state. A developer may set it to show the ticket is unverified. This means we haven't agreed to work on it. It will either move to a verified state or be closed as wontdo.

  
State
Verified
 The issue has been verified by a developer as legitimate. It will be worked on and verified tickets are now considered part of the backlog.

  
State
Wont Do
 This ticket has been decided it wont be done. This may mean the bug has been determined to not be real (cant verify) or the feature is one we have decided we dont want to adopt.

  
Type
Automation
 Any edits or discussion about the AI automated coding system.

  
Type
Bug
 Something that doesnt work as intended.

  
Type
Discussion
 Anytime a ticket represents a discussion about a subject and doesnt fall into one of the other categories.

  
Type
Documentation
 An error or improvement needed in the documentation.

  
Type
Epic
 Any first tier epic. That is, an epic which contains only issues as children and will not have sub-epics.

  
Type
Feature
 Some new functionality not present.

  
Type
Legendary
 A type of Epic which will contain other Epics.

  
Type
Refactor
 A code change that restructures existing code without changing its external behavior.

  
Type
Support
 Someone needs help using the project.

  
Type
Task
 A generic task that doesnt fit into the other type categories.

  
Type
Testing
 Work exclusively focusing on fixing or expanding testing.

No labels
auto/needs-reevaluation
controller-managed
auto/blocked-by-deps
auto/ci-timeout
auto/claimed-implementer
auto/claimed-merge
auto/claimed-reviewer
auto/driver-down
auto/invariant-violation
auto/last-attempt-tier-0
auto/last-attempt-tier-1
auto/last-attempt-tier-2
auto/last-attempt-tier-min
Automation Tracking
auto/needs-conflict-resolution
auto/needs-implementer
auto/postmortem
auto/ready-to-merge
auto/restart-throttled
auto/revert
auto/sentinel
auto/stale-inactivity
auto/unstable
Blocked
Bounty
$100
Bounty
$1000
Bounty
$10000
Bounty
$20
Bounty
$2000
Bounty
$250
Bounty
$50
Bounty
$500
Bounty
$5000
Bounty
$750
MoSCoW
Could have
MoSCoW
Must have
MoSCoW
Should have
Needs Feedback
Points
1
Points
13
Points
2
Points
21
Points
3
Points
34
Points
5
Points
55
Points
8
Points
88
Priority
Backlog
Priority
CI Blocker
Priority
Critical
Priority
High
Priority
Low
Priority
Medium
Signed-off: Owner
Signed-off: Scrum Master
Signed-off: Tech Lead
Spike
State
Completed
State
Duplicate
State
In Progress
State
In Review
State
Paused
State
Unverified
State
Verified
State
Wont Do
Type
Automation
Type
Bug
Type
Discussion
Type
Documentation
Type
Epic
Type
Feature
Type
Legendary
Type
Refactor
Type
Support
Type
Task
Type
Testing
Milestone
Clear milestone
No items
No milestone
v3.2.0
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
cleveragents/cleveragents-core!11001
No description provided.