[limen GEN-organvm-limen-security-0622] Security hardening pass on organvm/limen#52
[limen GEN-organvm-limen-security-0622] Security hardening pass on organvm/limen#524444J99 wants to merge 1 commit into
Conversation
limen task GEN-organvm-limen-security-0622
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 22dfad87ab
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| priority: high | ||
| budget_cost: 2 | ||
| status: done | ||
| status: dispatched |
There was a problem hiding this comment.
In the parent this task was already done with the PR URL and heal marker in its dispatch log; this change rewrites it back to dispatched while also removing those evidence entries. In the normal heartbeat/recovery flow, that makes a completed task look like a stale active claim with no PR evidence, so it can be reopened or dispatched again and the budget counters are rolled back. Please preserve the latest done state and logs instead of committing an older board snapshot.
Useful? React with 👍 / 👎.
| and (t.target_agent or "any") in _DISPATCH_LANES | ||
| and (t.target_agent or "any") not in _dead | ||
| ) | ||
| open_now = sum(1 for t in tasks if t.status == "open" and (t.target_agent or "any") not in _dead) |
There was a problem hiding this comment.
Here open_now counts every open task whose target is not in _down_lanes(), including service lanes such as github_actions, copilot, warp, or oz even when they are not part of the active heartbeat lanes. With the default daemon, heartbeat-loop.sh only passes "$EFFECTIVE_LANES,jules" to dispatch-parallel.py and EFFECTIVE_LANES is built from local lanes, plus warp/oz only when WARP_API_KEY is set, so a queue mostly made of non-active service-lane tasks can satisfy --floor and stop backlog generation while the actually dispatchable queue is empty. Keep this count aligned with the active dispatch lanes.
Useful? React with 👍 / 👎.
| gemini_auth = bool(os.environ.get("GEMINI_API_KEY")) or ( | ||
| Path.home() / ".gemini" / "settings.json" | ||
| ).exists() and "auth" in ( | ||
| (Path.home() / ".gemini" / "settings.json").read_text(errors="ignore") |
There was a problem hiding this comment.
When ~/.gemini/settings.json exists but macOS TCC or filesystem permissions deny reading it, this unguarded read_text() raises during the route beat. The heartbeat swallows the failed process, but route.py then produces no assignments for that cycle, so a protected Gemini config can stall routing for all lanes on that machine; catch PermissionError/OSError and treat file-based Gemini auth as absent.
Useful? React with 👍 / 👎.
| @@ -22,22 +22,6 @@ set -uo pipefail | |||
| export HOME="${HOME:-/Users/4jp}" | |||
| export PATH="/opt/homebrew/bin:/usr/local/bin:$HOME/.local/bin:/usr/bin:/bin:/usr/sbin:/sbin" | |||
There was a problem hiding this comment.
With the .venv/bin prepend removed, every later call in this daemon is still plain python3, and the remaining PYTHONPATH only exposes local source, not dependencies like PyYAML or pydantic. On hosts where Limen is installed in $LIMEN_ROOT/.venv rather than globally, the first inline import of limen.dispatch or any script that imports yaml now runs under the system Python and fails, leaving the heartbeat unable to route, feed, or dispatch; keep the venv on PATH or invoke $LIMEN_ROOT/.venv/bin/python3 for these calls.
Useful? React with 👍 / 👎.
| play "$C_FEED" && { python3 "$LIMEN_ROOT/scripts/mine-backlog.py" --limit "${LIMEN_MINE_LIMIT:-25}" --apply 2>&1 | tail -1 || true # EXPLORE | ||
| python3 "$LIMEN_ROOT/scripts/generate-backlog.py" --apply 2>&1 | tail -1 || true # SELF-FEED: build-out levers on the ranked tier | ||
| python3 "$LIMEN_ROOT/scripts/discover-value.py" --apply 2>&1 | tail -1 || true; } # DISCOVER: no repo stays dark — surface latent value, burn the tank | ||
| python3 "$LIMEN_ROOT/scripts/generate-backlog.py" --apply 2>&1 | tail -1 || true; } # SELF-FEED: top queue to floor when mining is dry → never idle |
There was a problem hiding this comment.
This feed block no longer runs discover-value.py, while generate-backlog.py now fail-closes when value-repos.json is empty or missing. In a fresh or unranked deployment that means the heartbeat can neither create discovery tasks for dark repos nor populate the ranked tier that backlog generation requires, so the autonomous queue dries up after mined issues are exhausted; keep the discovery organ scheduled or provide another automatic path that promotes repos into the value tier.
Useful? React with 👍 / 👎.
1 participant
Autonomous limen dispatch of task
GEN-organvm-limen-security-0622.Run the ecosystem audit for organvm/limen (npm audit / pip-audit / equivalent), upgrade or pin high-severity advisories, and add input validation at the main untrusted-input entrypoints. Open a PR; keep the build green. [auto-generated 2026-06-22 to keep the stream endless]
Produced in an isolated worktree off origin — review before merge.