Conversation
Signed-off-by: Michael Kantor <[email protected]>
Signed-off-by: Michael Kantor <[email protected]>
Signed-off-by: Michael Kantor <[email protected]>
Signed-off-by: Michael Kantor <[email protected]>
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a local approval center for HOL Guard, enabling the resolution of blocked artifact changes through a daemon-served HTML interface or the new approvals CLI command. This system supports non-interactive environments by queuing requests and optionally waiting for user decisions. Review feedback identified critical security improvements, including CSRF protection via Origin header verification and request size limits to prevent DoS attacks. Additionally, suggestions were made to optimize receipt lookups in the database and enhance the approval form's user experience by pre-selecting recommended scopes.
Code Review SummaryStatus: No New Issues | Recommendation: Merge Latest Changes (commit b3cee1a)This commit contains only formatting/style changes - no security or logic modifications:
Review SummaryThis PR has been thoroughly reviewed across multiple incremental commits:
Security Issues Addressed
Recommendation: Merge Reviewed by minimax-m2.5-20260211 · 497,241 tokens |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 719ed1f162
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
Signed-off-by: Michael Kantor <[email protected]>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 047a6a67aa
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
Signed-off-by: Michael Kantor <[email protected]>
Signed-off-by: Michael Kantor <[email protected]>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: e42ebf2c07
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
…center # Conflicts: # src/codex_plugin_scanner/guard/approvals.py # src/codex_plugin_scanner/guard/cli/commands.py # src/codex_plugin_scanner/guard/daemon/server.py # src/codex_plugin_scanner/guard/runtime/runner.py # src/codex_plugin_scanner/guard/store.py # tests/test_guard_approvals.py # tests/test_guard_runtime.py
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c6c8de2f89
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
Signed-off-by: Michael Kantor <[email protected]>
Signed-off-by: Michael Kantor <[email protected]>
Signed-off-by: Michael Kantor <[email protected]>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b71a024c9c
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
kantorcodes
force-pushed
the
codex/guard-approval-center
branch
from
46ebf00 to
201a6f2
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 201a6f2e7e
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
kantorcodes
force-pushed
the
codex/guard-approval-center
branch
from
201a6f2 to
2ca49d6
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2ca49d6ec1
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
kantorcodes
force-pushed
the
codex/guard-approval-center
branch
3 times, most recently
from
1678f68 to
b3cee1a
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b3cee1afa8
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
Signed-off-by: Michael Kantor <[email protected]>
kantorcodes
force-pushed
the
codex/guard-approval-center
branch
from
b3cee1a to
e0b8d9b
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: e0b8d9b365
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| select scope, action, artifact_hash from policy_decisions | ||
| where harness = ? and ( | ||
| (scope = 'artifact' and artifact_id = ?) | ||
| (scope = 'artifact' and artifact_id = ? and (? is null or artifact_hash = ? or artifact_hash is null)) |
There was a problem hiding this comment.
The artifact predicate in resolve_policy treats a missing incoming hash as a wildcard (? is null), so hash-pinned artifact decisions can still match when callers do not provide artifact_hash. In practice, the hook flow can call policy resolution with no hash, which turns an "exact version" decision into an artifact-wide decision for that path and weakens reapproval guarantees. Tighten this branch so hash-scoped rows are ignored when the incoming hash is absent.
Useful? React with 👍 / 👎.
| advisories = store.list_cached_advisories(limit=None) | ||
| verdict = evaluate_protect_request(request, advisories) | ||
| receipt = _build_install_receipt(request, verdict) | ||
| store.add_receipt(receipt) |
There was a problem hiding this comment.
build_protect_payload persists a receipt/event before running the wrapped command. If subprocess.run then raises (for example FileNotFoundError on a missing executable or TimeoutExpired from the fixed timeout), the command fails but Guard has already stored a successful-looking protect record, which pollutes audit/history data. Persist after execution (or record an explicit execution-failed state) to keep stored outcomes accurate.
Useful? React with 👍 / 👎.
1 participant
Summary
Verification