space/gitea-codex
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[fix]. Remove host review fallback
All checks were successful
ci / test (push) Successful in 35s
Details
ci / publish (push) Successful in 55s
Details

Browse Source
This commit is contained in:
Space-Banane
2026-05-23 00:10:53 +02:00
parent 0ab2d62609
commit 328c7f2290
3 changed files with 35 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
TODO.md
View File

@@ -4,7 +4,7 @@
### P0 (Critical)
- [ ] `BUG`: True isolated runner flow: clone/fetch/checkout PR branch inside the ephemeral container itself, not on host before prompt generation.
- [ ] `BUG`: Remove host-side fallback path for review execution, or gate it behind explicit `ALLOW_HOST_FALLBACK=false` by default so isolation cannot be bypassed silently.
- [x] `BUG`: Remove host-side fallback path for review execution, or gate it behind explicit `ALLOW_HOST_FALLBACK=false` by default so isolation cannot be bypassed silently.
- [x] `BUG`: Enforce `.codex-review.yml` `enabled=false` at runtime (currently loaded but not enforced).
- [x] `BUG`: Remove `.codex-review.yml` fix policy (`commands.allow_fix`) and rely on global `ENABLE_FIX_COMMANDS`.
- [x] `BUG`: Add stuck-job recovery for `running` jobs (lease timeout + requeue/fail) so one crashed worker does not deadlock the queue.