feat: v0.7.0 engine foundations -- structured failure diagnosis + auditable decisions

[Aureliolo]

Summary

Implements two v0.7.0 engine foundation issues:

• feat: structured failure diagnosis in RecoveryResult #706 -- structured failure diagnosis in RecoveryResult
• feat: no-self-review pattern + auditable decisions drop-box for approval gates #700 -- no-self-review pattern + auditable decisions drop-box for approval gates

Closes #706
Closes #700

#706: Structured Failure Diagnosis

RecoveryResult now carries machine-readable failure classification instead of just an error string:

• New FailureCategory enum: TOOL_FAILURE, STAGNATION, BUDGET_EXCEEDED, QUALITY_GATE_FAILED, TIMEOUT, DELEGATION_FAILED, UNKNOWN
• New failure_context: dict[str, Any] -- strategy-specific structured metadata (deep-copied at construction boundary, defaults to {})
• New criteria_failed: tuple[NotBlankStr, ...] -- acceptance criteria that were not met (uniqueness validated)
• New stagnation_evidence: StagnationResult | None -- linked stagnation detection data
• New infer_failure_category() helper uses keyword matching with first-match-wins semantics; returns UNKNOWN when no rule matches (honest default, not silent TOOL_FAILURE lie)
• New infer_failure_category_without_evidence() helper clamps STAGNATION / QUALITY_GATE_FAILED -> UNKNOWN for callers that cannot supply the required sidecar data, preventing the cross-field validator from crashing on error messages containing keywords like "stagnation", "quality", or "criteria"
• Cross-field validator on RecoveryResult: stagnation_evidence iff STAGNATION category (and verdict must not be NO_STAGNATION); criteria_failed non-empty when QUALITY_GATE_FAILED
• FailAndReassignStrategy and CheckpointRecoveryStrategy populate the new fields on every result using the evidence-clamping variant
• Checkpoint reconciliation messages now include the failure category and any unmet criteria so resumed agents have structured context
• Criteria descriptions are sanitized via sanitize_message() before injection into the LLM reconciliation prompt; sanitize_message now also strips common prompt-injection markers ([INST], <|system|>, {{ }}, "ignore previous instructions", etc.)
• Post-recovery task transition reason embeds failure_category as a stable (failure_category=<value>) wire-format contract so the downstream task router/reassignment selector can read it from status history

Note on #706 action items: "stagnation_evidence" uses the existing StagnationResult model since the issue-referenced StagnationEvidence does not exist -- StagnationResult already carries verdict, repetition ratio, cycle length, and forward-compatible details. The "smarter routing" action item is addressed via the transition reason embedding; a full routing strategy rework is scoped as a follow-up once the data is consumed in production.

#700: No-Self-Review + Decisions Drop-Box

Structurally prevents an agent from reviewing its own work, and adds an immutable append-only audit trail of every review gate decision.

No-self-review enforcement:

• New SelfReviewError exception carrying task_id + agent_id attributes; the exception message is deliberately generic ("Self-review is not permitted") so callers can never leak internal identifiers via str(exc) in HTTP responses
• New ReviewGateService.check_can_decide() preflight method that runs BEFORE save_if_pending in the approval controller -- a rejected self-review attempt or missing task never leaves a decided approval row or a broadcast WebSocket event behind
• Defense in depth: DecisionRecord model validator also rejects executing_agent_id == reviewer_agent_id at construction time; SQLite CHECK(reviewer_agent_id != executing_agent_id) enforces the same invariant at the database level
• API controller returns 403 Forbidden with a generic "Self-review is not permitted" message; 404 / 409 responses also use generic messages so task UUIDs are never echoed in error bodies
• Narrower exception handling in _preflight_review_gate / _try_review_gate_transition -- TaskNotFoundError -> 404, TaskVersionConflictError -> 409, TaskInternalError -> 503 ServiceUnavailable (mirroring the tasks controller), instead of silently swallowing errors as 200 OK
• _record_decision narrowed to catch only QueryError / DuplicateRecordError -- programming errors (ValidationError, TypeError, AttributeError) propagate loudly so schema drift surfaces in dev/CI instead of being masked as silent audit loss
• Tasks reaching the review gate without an assigned executor are refused (logged at ERROR) rather than having a sentinel string jammed through the NotBlankStr executing_agent_id field

Decisions drop-box:

• New DecisionRecord frozen Pydantic model: id, task_id, approval_id, executing_agent_id, reviewer_agent_id, decision (DecisionOutcome enum), reason (NotBlankStr | None with empty-string coercion), criteria_snapshot (tuple[NotBlankStr, ...] with uniqueness validation), recorded_at, server-assigned monotonic version, metadata (defaults to {})
• New DecisionRepository protocol (append-only: append_with_next_version, get, list_by_task, list_by_agent) with DecisionRole = Literal["executor", "reviewer"] -- lives in persistence/repositories_decisions.py and is re-exported from repositories.py for backwards compatibility
• approval_id is threaded through complete_review -> _record_decision so every audit record carries a back-reference to the triggering ApprovalItem
• SQLiteDecisionRepository implementation: single atomic INSERT ... (SELECT COALESCE(MAX(version), 0) + 1 ...) statement computes version atomically under aiosqlite's per-statement serialization, eliminating the TOCTOU race that a read-then-write pattern would create under concurrent reviewers. The UNIQUE(task_id, version) constraint rejects any residual collision as DuplicateRecordError. Dropped the custom BEGIN IMMEDIATE transaction (inconsistent with the rest of the codebase's implicit-transaction style)
• list_by_agent's dynamic column name is derived from a closed-set _ROLE_TO_COLUMN dict keyed by the DecisionRole Literal, not an if/elif chain, keeping the S608 suppression tightly scoped to a bounded identifier set
• New decision_records table with FK task_id -> tasks(id) ON DELETE RESTRICT (audit trail preservation takes priority over task cleanup), CHECK constraints on decision enum values, reviewer/executor separation, version >= 1, and recorded_at UTC offset format (LIKE '%+00:00' OR LIKE '%Z'); UNIQUE(task_id, version); compound indexes (executing_agent_id, recorded_at DESC) + (reviewer_agent_id, recorded_at DESC) to serve ordered list_by_agent queries without a sort step
• _record_decision is best-effort (logged via logger.exception with full context on failure) since the transition has already committed -- audit integrity failures do not roll back the review transition, but known transient failures are the only ones swallowed

File splits to stay under the 800-line CLAUDE.md limit:

• persistence/repositories.py (918 -> 703): DecisionRepository + DecisionRole moved to persistence/repositories_decisions.py; CheckpointRepository + HeartbeatRepository moved to persistence/repositories_checkpoint.py. Both re-exported from repositories.py for backwards compatibility.
• api/controllers/approvals.py (862 -> 623): review-gate flow helpers (try_mid_execution_resume, preflight_review_gate, try_review_gate_transition, signal_resume_intent) moved to api/controllers/_approval_review_gate.py; re-aliased with leading underscore in approvals.py to preserve the internal API.
• persistence/sqlite/decision_repo.py::append_with_next_version: extracted _build_insert_params module-level helper and _execute_insert private method so the public method stays under the 50-line function limit.

Scoped out of this PR (tracked as follow-up in #1076): "Consider versioning agent identities/charters as first-class artifacts" (#700 action 4) -- the issue phrases this as "consider" and it warrants its own design discussion. Tracked separately so #700 can close cleanly with the drop-box + no-self-review work delivered.

Test Plan

• 14,150 unit tests pass (uv run python -m pytest tests/ -m unit -n 8)
• 167 integration tests pass (uv run python -m pytest tests/ -m integration -n 8)
• uv run ruff check src/ tests/ clean
• uv run ruff format --check src/ tests/ clean
• uv run mypy src/ tests/ clean
• Pre-push hooks pass (ruff, mypy affected modules, pytest affected modules)

New / extended tests:

• tests/unit/core/test_enums_failure_category.py -- FailureCategory + DecisionOutcome round-trip
• tests/unit/engine/test_recovery_failure_diagnosis.py -- RecoveryResult new fields, cross-field validators, criteria uniqueness, stagnation NO_STAGNATION verdict rejection, infer_failure_category_without_evidence clamping behavior, C1 regression tests that feed "stagnation" / "quality" / "criteria" error strings through the strategy construction path
• tests/unit/engine/test_decisions.py -- DecisionRecord model validation including new test_self_review_rejected + criteria uniqueness + metadata default factory
• tests/unit/persistence/sqlite/test_decision_repo.py -- SQLite repo CRUD, monotonic version assignment, duplicate detection, JSON round-trip, corrupted row handling, DB-level self-review CHECK, protocol conformance, new concurrent-writer test that fires 20 asyncio.gather appends and asserts distinct monotonic versions
• tests/unit/engine/test_review_gate.py -- self-review prevention, decision recording with approval_id, non-fatal on QueryError, new test_decision_record_programming_error_propagates regression guard ensuring TypeError / ValidationError bubble up instead of being silently swallowed
• tests/unit/api/controllers/test_approvals_helpers.py -- new TestPreflightReviewGate + TestTryReviewGateTransition classes covering every typed engine-error mapping (SelfReview -> 403, TaskNotFound -> 404, TaskVersionConflict -> 409, TaskInternal -> 503), plus assertions that generic messages never leak task_id or agent_id
• tests/unit/engine/checkpoint/test_resume.py -- reconciliation includes failure_category + criteria_failed, criteria sanitization

Review Coverage

Pre-reviewed by 16 specialized agents (code-reviewer, python-reviewer, docs-consistency, pr-test-analyzer, silent-failure-hunter, comment-analyzer, type-design-analyzer, logging-audit, resilience-audit, conventions-enforcer, security-reviewer, persistence-reviewer, test-quality-reviewer, async-concurrency-reviewer, api-contract-drift, issue-resolution-verifier) plus external feedback from Gemini, Copilot, and CodeRabbit. All valid findings addressed in the fix commit; invalid PEP 758 and "dead code" false positives rejected with justification in the review log.

Documentation

• docs/design/engine.md: RecoveryResult model table updated with UNKNOWN + cross-field invariants + transition-reason wire format; review gate section documents the two-phase preflight/complete split and the generic-message contract for 403/404/409
• docs/design/operations.md: new "Review Gate Invariants" + "Auditable Decisions Drop-Box" + "Design Rationale: Append-Only vs Consolidation" subsections under "Security and Approval System" (previously had no mention of either feature; engine/decisions.py module docstring now points here accurately)
• docs/design/memory.md: DecisionRecord / DecisionRepository added to the Entities Persisted table
• CLAUDE.md Package Structure: engine/ mentions decisions drop-box and no-self-review enforcement; persistence/ mentions decision record repository

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 75286c36-7353-4479-8710-c47bae6abd38

📥 Commits

Reviewing files that changed from the base of the PR and between 5d37e7e and a82ba8c.

📒 Files selected for processing (2)

• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/persistence/sqlite/decision_repo.py

📜 Recent review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Build Web
• GitHub Check: Build Backend
• GitHub Check: Test (Python 3.14)
• GitHub Check: Dependency Review
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (3)

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: No from __future__ import annotations—Python 3.14 has PEP 649
Use PEP 758 except syntax: except A, B: (no parentheses) on Python 3.14—ruff enforces this
All public functions must have type hints; use mypy strict mode
Use Google-style docstrings required on public classes and functions—enforced by ruff D rules
Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement
Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves
Use Pydantic v2 (BaseModel, model_validator, computed_field, ConfigDict); use allow_inf_nan=False in all ConfigDict declarations to reject NaN/Inf in numeric fields
Use @computed_field for derived values instead of storing + validating redundant fields; use NotBlankStr from core.types for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators
Prefer asyncio.TaskGroup for fan-out/fan-in parallel operations in new code; prefer structured concurrency over bare create_task
Line length: 88 characters (ruff)
Functions must be less than 50 lines; files must be less than 800 lines
Handle errors explicitly, never silently swallow exceptions
Always use variable name logger (not _logger, not log)
Always use structured logging kwargs: logger.info(EVENT, key=value) never logger.info("msg %s", val)
All error paths must log at WARNING or ERROR with context before raising
All state transitions must log at INFO
DEBUG logging for object creation, internal flow, entry/exit of key functions; pure data models, enums, and re-exports do NOT need logging

Files:

• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/persistence/sqlite/decision_repo.py

src/synthorg/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/synthorg/**/*.py: Every module with business logic MUST have from synthorg.observability import get_logger then logger = get_logger(__name__)
Never use import logging / logging.getLogger() / print() in application code (exceptions: observability/setup.py, observability/sinks.py, observability/syslog_handler.py, observability/http_handler.py may use stdlib logging and print())
Always use event name constants from domain-specific modules under synthorg.observability.events (e.g., API_REQUEST_STARTED from events.api); import directly
NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples; use generic names: example-provider, example-large-001, example-medium-001, example-small-001, large/medium/small as aliases; vendor names allowed only in: (1) Operations design page, (2) .claude/ skill/agent files, (3) third-party imports, (4) provider presets

Files:

• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/persistence/sqlite/decision_repo.py

src/**/*.py

⚙️ CodeRabbit configuration file

This project uses Python 3.14+ with PEP 758 except syntax: "except A, B:" (comma-separated, no parentheses) is correct and mandatory -- do NOT flag it as a typo or suggest parenthesized form. The "except builtins.MemoryError, RecursionError: raise" pattern is intentional project convention for system-error propagation. When evaluating the 50-line function limit, count only the function body excluding the signature lines, decorators, and docstring. Functions 1-5 lines over due to docstrings or multi-line signatures should not be flagged. Do not suggest extracting single-use helper functions called exactly once -- this reduces readability without improving maintainability.

Files:

• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/persistence/sqlite/decision_repo.py

🧠 Learnings (29)

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/persistence/**/*.py : Persistence uses pluggable PersistenceBackend protocol. SQLite is the initial backend. Settings use SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Persistence backend: pluggable PersistenceBackend protocol in `src/synthorg/persistence/`, SQLite initial, SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-31T21:07:37.470Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T21:07:37.470Z
Learning: Applies to **/*.py : Use `except A, B:` (no parentheses) per PEP 758 exception syntax on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (without parentheses) per PEP 758 for exception handling in Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (no parentheses) for exception handling — PEP 758 exception syntax enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T15:43:05.601Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) — enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to **/*.py : Use PEP 758 except syntax with `except A, B:` (no parentheses) for multiple exceptions—ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) on Python 3.14—ruff enforces this

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T16:55:07.730Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T16:55:07.730Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: use `except A, B:` (no parentheses) — ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Handle errors explicitly, never silently swallow. Validate at system boundaries (user input, external APIs, config files).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T21:49:53.264Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:49:53.264Z
Learning: Fix everything valid — never skip when review agents find valid issues (including pre-existing issues in surrounding code, suggestions, and findings adjacent to the PR's changes). No deferring, no 'out of scope' skipping.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to src/ai_company/!(observability)/**/*.py : All error paths must log at WARNING or ERROR with context before raising.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T16:55:07.730Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T16:55:07.730Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T18:38:44.202Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:38:44.202Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for `dict`/`list` fields

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-01T09:09:43.948Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:09:43.948Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at construction and `MappingProxyType` wrapping for read-only enforcement in non-Pydantic internal collections (registries, BaseTool)

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-01T09:58:27.410Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:58:27.410Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for dict/list fields in frozen Pydantic models

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : For non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction and wrap with `MappingProxyType` for read-only enforcement

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction + `MappingProxyType` wrapping for read-only enforcement

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Immutability: create new objects, never mutate existing ones. For non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T23:05:29.577Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T23:05:29.577Z
Learning: Applies to **/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves. Never mix static config fields with mutable runtime fields in one model.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (via `model_copy(update=...)`) for runtime state that evolves

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Use Pydantic v2 conventions: `BaseModel`, `model_validator`, `computed_field`, `ConfigDict`. For derived values use `computed_field` instead of storing + validating redundant fields. Use `NotBlankStr` (from `core.types`) for all identifier/name fields — including optional (`NotBlankStr | None`) and tuple (`tuple[NotBlankStr, ...]`) variants — instead of manual whitespace validators.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T11:41:02.964Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T11:41:02.964Z
Learning: Applies to src/**/*.py : Models: Pydantic v2 (`BaseModel`, `model_validator`, `computed_field`, `ConfigDict`). Use `computed_field` for derived values instead of storing + validating redundant fields. Use `NotBlankStr` for all identifier/name fields — including optional (`NotBlankStr | None`) and tuple (`tuple[NotBlankStr, ...]`) variants — instead of manual whitespace validators.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-26T15:18:16.848Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-26T15:18:16.848Z
Learning: Applies to src/**/*.py : Use Pydantic v2 conventions: `BaseModel`, `model_validator`, `computed_field`, `ConfigDict`. Use `computed_field` for derived values instead of storing redundant fields. Use `NotBlankStr` for all identifier/name fields.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use Pydantic v2 BaseModel, model_validator, computed_field, ConfigDict.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T18:42:17.990Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:42:17.990Z
Learning: Applies to src/synthorg/**/*.py : Use Pydantic v2 conventions: `BaseModel`, `model_validator`, `computed_field`, `ConfigDict`

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

🔇 Additional comments (15)

src/synthorg/persistence/sqlite/decision_repo.py (13)

400-400: PEP 758 exception syntax: parentheses should be removed.

Per coding guidelines for Python 3.14, exception handlers should use comma-separated form without parentheses.

Also applies to: 434-434, 454-454

---

475-475: PEP 758 exception syntax: parentheses should be removed.

Per coding guidelines for Python 3.14, exception handlers should use comma-separated form without parentheses.

Also applies to: 502-502, 581-581

---

666-666: PEP 758 exception syntax: parentheses should be removed.

Per coding guidelines for Python 3.14, exception handlers should use comma-separated form without parentheses.

---

1-37: Well-structured module setup.

The module docstring clearly explains the append-only semantics and atomic versioning strategy. Imports are appropriate, and the logger is correctly initialized per project guidelines.

---

52-62: Elegant atomic versioning pattern.

The COALESCE(MAX(version), 0) + 1 subquery elegantly handles both the first-record case and concurrent appends, combined with the UNIQUE(task_id, version) constraint to reject any races that somehow produce duplicates.

---

102-112: Thorough recursive unfreezing for JSON serialization.

_unfreeze_for_json correctly handles all immutable container types (MappingProxyType, tuple, frozenset) that might appear in nested metadata, ensuring json.dumps only sees JSON-serializable primitives.

---

115-144: Good separation of constraint error types.

The distinction between _is_unique_constraint_error and _is_structural_constraint_error using sqlite_errorname enables proper error handling: duplicate records become DuplicateRecordError (swallowable by best-effort callers), while schema violations propagate as the original IntegrityError to surface programming errors loudly.

---

240-303: Solid defensive validation before persistence.

The implementation correctly:

1. Deep-copies metadata with MappingProxyType wrapping (line 247-249)
2. Rejects naive datetimes with logging before raising ValueError (lines 258-271)
3. Validates via DecisionRecord construction before SQL (lines 277-290)
4. Re-raises ValidationError without wrapping as QueryError so schema drift surfaces loudly

This ensures invalid data never reaches the durable audit log. Based on learnings: "Use copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for dict/list fields".

---

409-428: Correct commit-after-guard pattern.

The defensive read-back check and rollback before raising QueryError (lines 409-428) ensures no "ghost row" survives when fetchone() returns None. The commit at line 433 only runs after the guard succeeds.

---

468-485: Properly serialized reads prevent phantom data.

All read methods acquire _write_lock before executing queries, preventing reads from observing uncommitted rows from in-flight INSERT → SELECT → commit sequences on the shared connection.

Also applies to: 494-516, 570-599

---

531-569: Robust role validation with consistent error handling.

The defense-in-depth pattern checks the input type first (lines 547-557), then validates the value via dict lookup (lines 559-569). Both paths raise ValueError with consistent message format and appropriate logging.

---

622-648: Excellent schema-drift detection with explicit column reads.

Building parsed via explicit row["col"] indexing (lines 627-639) ensures any missing column immediately raises KeyError with the specific column name logged via PERSISTENCE_DECISION_RECORD_DESERIALIZE_FAILED (lines 641-647). This is significantly more informative than a generic ValidationError from model_validate.

---

649-658: Good shape validation for criteria_snapshot.

Checking isinstance(decoded_criteria, list) before converting to tuple (lines 651-657) prevents silent data corruption where a bare string would become ("a", "b", "c") or a dict would become ("x",).

src/synthorg/persistence/sqlite/backend.py (2)

100-108: Shared write lock pattern is well-implemented.

The _shared_write_lock creation and injection into SQLiteDecisionRepository correctly addresses the cross-repository transaction coordination documented in the decision_repo docstring. The lock is created once at the backend level and shared with the audit-critical decision repository, serializing multi-statement transactions on the single aiosqlite.Connection.

Also applies to: 241-243

---

426-433: LGTM!

The decision_records property correctly follows the established pattern using _require_connected, consistent with all other repository accessors in this backend.

---

Walkthrough

Introduces structured failure-diagnosis and auditable decision capture across engine, persistence, API, tests, and docs: adds FailureCategory and DecisionOutcome enums; extends RecoveryResult with failure_category, failure_context, criteria_failed, and stagnation_evidence plus inference helpers; adds DecisionRecord Pydantic model and DecisionRepository protocol; implements SQLite decision_records table and SQLiteDecisionRepository; enforces no-self-review via SelfReviewError and ReviewGateService.check_can_decide with preflight checks and best-effort append semantics; centralizes approval helpers in _approval_review_gate; updates wiring, observability events, tests, and design docs.

Suggested labels

autorelease: tagged

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA a82ba8c.

Ensure that dependencies are being submitted on PR branches. Re-running this action after a short time may resolve the issue. See the documentation for more information and troubleshooting advice.

Scanned Files

None

[gemini-code-assist]

Code Review

This pull request implements a structured failure diagnosis system and an auditable decision record drop-box for the approval gate. It introduces the FailureCategory enum and expands RecoveryResult with machine-readable metadata to improve task reassignment and checkpoint reconciliation. Additionally, the ReviewGateService now enforces a no-self-review policy, supported by new preflight checks in the API layer and an append-only DecisionRepository. Feedback includes a critical fix for invalid exception syntax in the review gate service and a suggestion to improve the readability of the CLAUDE.md file.

[gemini-code-assist]

This except syntax is from Python 2 and will cause a SyntaxError in Python 3. To catch multiple exceptions, they should be grouped within a tuple.

Suggested change

	except MemoryError, RecursionError:
	raise
	except (MemoryError, RecursionError):
	raise

[gemini-code-assist]

This line has become excessively long, which impairs readability. For better clarity and maintainability of this important documentation file, please consider restructuring this summary into a multi-line format, such as a bulleted list.

For example:

  engine/         # Orchestration, execution loops, and coordination.
                  # - Task engine (observer registration, background observer dispatch)
                  # - Checkpoint recovery and structured failure diagnosis
                  # - Approval/review gates (no-self-review, decisions drop-box)
                  # - ... and so on.

[codecov]

Codecov Report

❌ Patch coverage is 85.03563% with 63 lines in your changes missing coverage. Please review.
✅ Project coverage is 89.57%. Comparing base (174e2be) to head (a82ba8c).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
src/synthorg/persistence/sqlite/decision_repo.py	61.40%	37 Missing and 7 partials ⚠️
src/synthorg/engine/decisions.py	82.97%	4 Missing and 4 partials ⚠️
src/synthorg/engine/agent_engine.py	53.84%	5 Missing and 1 partial ⚠️
src/synthorg/api/controllers/approvals.py	77.77%	1 Missing and 1 partial ⚠️
src/synthorg/engine/immutable.py	66.66%	1 Missing and 1 partial ⚠️
src/synthorg/persistence/sqlite/backend.py	87.50%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1072      +/-   ##
==========================================
- Coverage   89.62%   89.57%   -0.06%     
==========================================
  Files         744      750       +6     
  Lines       43625    43975     +350     
  Branches     4379     4417      +38     
==========================================
+ Hits        39099    39389     +290     
- Misses       3751     3797      +46     
- Partials      775      789      +14     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Pull request overview

This PR lays down v0.7.0 engine foundations by (1) making recovery outcomes carry structured, machine-readable failure diagnosis for better checkpoint reconciliation/routing, and (2) enforcing no-self-review at the approval gate while persisting an append-only, auditable decision trail.

Changes:

• Extend RecoveryResult with FailureCategory, structured failure_context, unmet criteria, and (optional) stagnation evidence; include these in checkpoint reconciliation and post-recovery status reasons.
• Add decisions “drop-box”: DecisionRecord model + DecisionRepository protocol + SQLite schema/repo + observability events.
• Enforce no-self-review via ReviewGateService.check_can_decide() preflight, API-level 403 mapping, and DB/model invariants.

Reviewed changes

Copilot reviewed 34 out of 34 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
tests/unit/persistence/test_protocol.py	Adds DecisionRepository to persistence protocol conformance fakes/tests.
tests/unit/persistence/sqlite/test_migrations.py	Updates migration expectations for new decision_records table + indexes.
tests/unit/persistence/sqlite/test_decision_repo.py	New unit tests for SQLite decision repository behavior and invariants.
tests/unit/memory/procedural/test_pipeline.py	Updates recovery-result construction for new required diagnosis fields.
tests/unit/engine/test_review_gate.py	Expands tests for self-review prevention and decision recording.
tests/unit/engine/test_recovery_failure_diagnosis.py	New tests for RecoveryResult diagnosis fields, invariants, and inference helper.
tests/unit/engine/test_recovery_checkpoint_fields.py	Updates checkpoint-field tests to include new required recovery fields.
tests/unit/engine/test_decisions.py	New tests for DecisionRecord immutability/validation behavior.
tests/unit/engine/checkpoint/test_strategy.py	Updates checkpoint strategy tests for new recovery fields.
tests/unit/engine/checkpoint/test_resume.py	Extends resume reconciliation tests to include failure category + unmet criteria sanitization.
tests/unit/core/test_enums_failure_category.py	New tests for FailureCategory and DecisionOutcome enums.
tests/unit/api/fakes.py	Adds in-memory FakeDecisionRepository to support API/service tests.
tests/unit/api/controllers/test_approvals_helpers.py	Updates controller helper test to ensure unknown exceptions propagate (no silent 200).
src/synthorg/persistence/sqlite/schema.sql	Adds decision_records table and supporting indexes/constraints.
src/synthorg/persistence/sqlite/decision_repo.py	Implements append-only SQLite repo with atomic per-task version assignment.
src/synthorg/persistence/sqlite/backend.py	Wires decision_records repository into SQLite backend.
src/synthorg/persistence/repositories.py	Adds DecisionRepository protocol + DecisionRole type.
src/synthorg/persistence/protocol.py	Exposes decision_records on PersistenceBackend protocol.
src/synthorg/observability/events/persistence.py	Adds persistence event constants for decision record operations.
src/synthorg/observability/events/execution.py	Adds EXECUTION_RECOVERY_DIAGNOSIS event constant.
src/synthorg/observability/events/approval_gate.py	Adds approval-gate event constants for self-review + decision recording.
src/synthorg/engine/review_gate.py	Enforces no-self-review and appends auditable decision records (best-effort).
src/synthorg/engine/recovery.py	Adds structured failure diagnosis to RecoveryResult + inference helper + invariants.
src/synthorg/engine/immutable.py	Adds helper to deep-copy dict fields at model construction boundaries.
src/synthorg/engine/errors.py	Introduces SelfReviewError.
src/synthorg/engine/decisions.py	Adds immutable DecisionRecord model (type-level self-review invariant).
src/synthorg/engine/checkpoint/strategy.py	Populates new recovery diagnosis fields for checkpoint-resume results.
src/synthorg/engine/checkpoint/resume.py	Injects failure category + unmet criteria into reconciliation messages (sanitized).
src/synthorg/engine/agent_engine.py	Embeds failure category into post-recovery transition reasons + passes diagnosis to resume.
src/synthorg/core/enums.py	Adds FailureCategory and DecisionOutcome enums.
src/synthorg/api/controllers/approvals.py	Adds review-gate preflight; maps typed engine errors to 403/404/409; stops swallowing unknown exceptions.
src/synthorg/api/app.py	Only wires ReviewGateService when both task_engine and persistence are available.
docs/design/engine.md	Updates engine design docs for diagnosis fields and decisions drop-box behavior.
CLAUDE.md	Updates package structure notes to reflect new foundations.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

infer_failure_category() can return categories like QUALITY_GATE_FAILED or STAGNATION that have cross-field invariants (criteria_failed non-empty / stagnation_evidence required). This FailAndReassignStrategy always constructs RecoveryResult without those fields, so certain error messages (e.g. containing "criteria") will raise during RecoveryResult validation and cause recovery to fail entirely (leaving the task execution un-transitioned). Consider either (a) only inferring categories that don’t require extra fields here, (b) downgrading to UNKNOWN when required evidence/criteria isn’t available, or (c) populating the required fields before constructing RecoveryResult.

Suggested change

	result = RecoveryResult(
	task_execution=failed_execution,
	strategy_type=self.STRATEGY_TYPE,
	context_snapshot=snapshot,
	error_message=error_message,
	failure_category=category,
	failure_context={
	"strategy_type": self.STRATEGY_TYPE,
	},
	)
	logger.info(
	EXECUTION_RECOVERY_DIAGNOSIS,
	task_id=task_execution.task.id,
	failure_category=category.value,
	safe_category = category
	if category in (
	FailureCategory.QUALITY_GATE_FAILED,
	FailureCategory.STAGNATION,
	):
	safe_category = FailureCategory.UNKNOWN
	result = RecoveryResult(
	task_execution=failed_execution,
	strategy_type=self.STRATEGY_TYPE,
	context_snapshot=snapshot,
	error_message=error_message,
	failure_category=safe_category,
	failure_context={
	"strategy_type": self.STRATEGY_TYPE,
	"inferred_failure_category": category.value,
	},
	)
	logger.info(
	EXECUTION_RECOVERY_DIAGNOSIS,
	task_id=task_execution.task.id,
	failure_category=result.failure_category.value,

[Copilot]

_build_resume_result() sets failure_category via infer_failure_category(error_message) but does not populate criteria_failed or stagnation_evidence. Because RecoveryResult enforces cross-field invariants (e.g. QUALITY_GATE_FAILED requires non-empty criteria_failed), certain error messages will make checkpoint recovery raise at construction time and force fallback (or fail recovery entirely). Suggest downgrading inferred categories to UNKNOWN when required structured fields aren’t available, or explicitly populating those fields in this strategy before constructing RecoveryResult.

[Copilot]

check_can_decide()’s docstring says the returned task is “cached so the caller can reuse it for complete_review without re-fetching”, but complete_review() always calls check_can_decide() again and there’s no way to pass the pre-fetched task through. This leads to an extra get_task() call per decision and the documentation is currently inaccurate. Either update the docstring, or add an API that allows complete_review() to accept the preflight task (or otherwise reuse it).

Suggested change

	The task (cached so the caller can reuse it for
	``complete_review`` without re-fetching).
	The validated task fetched during preflight.

[coderabbitai]

Actionable comments posted: 11

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

src/synthorg/engine/checkpoint/strategy.py (1)

274-288: ⚠️ Potential issue | 🟠 Major

RecoveryResult validation error: checkpoint resume cannot satisfy QUALITY_GATE_FAILED invariant.

When error_message contains "quality" or "criteria" (case-insensitive), infer_failure_category() returns FailureCategory.QUALITY_GATE_FAILED. However, this code doesn't populate criteria_failed, and the RecoveryResult validator (recovery.py:195-200) requires non-empty criteria_failed when failure_category is QUALITY_GATE_FAILED. This causes a runtime ValueError if checkpoint recovery is triggered by an error matching these keywords (e.g., "quality check failed", "criteria not met").

Option A – Downgrade QUALITY_GATE_FAILED to UNKNOWN for checkpoint resume:

+        category = infer_failure_category(error_message)
+        # Checkpoint resume cannot provide criteria_failed evidence, so
+        # downgrade QUALITY_GATE_FAILED to UNKNOWN to satisfy the invariant.
+        if category is FailureCategory.QUALITY_GATE_FAILED:
+            category = FailureCategory.UNKNOWN
+
         return RecoveryResult(
             task_execution=task_execution,
             strategy_type=self.STRATEGY_TYPE,
             context_snapshot=snapshot,
             error_message=error_message,
-            failure_category=infer_failure_category(error_message),
+            failure_category=category,
             failure_context={

Option B – Relax the validator for checkpoint resume scenarios (requires changes in recovery.py).

src/synthorg/api/controllers/approvals.py (1)

534-569: ⚠️ Potential issue | 🟠 Major

A late review-gate failure still leaves the approval permanently decided.

save_if_pending() and the WebSocket publish happen before _signal_resume_intent(). If complete_review() later raises TaskNotFoundError or TaskVersionConflictError, this endpoint returns 404/409 after the approval row is already committed, and the client cannot retry because the approval is no longer pending. Preflight reduces one race, but it does not make the workflow atomic.

A safer shape here is to couple the approval update and review-gate transition behind one transactional/compensating boundary, and at minimum delay publish/logging until the downstream transition succeeds.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/api/controllers/approvals.py` around lines 534 - 569, The code
currently saves the approval and publishes/logs before calling
_signal_resume_intent, which can leave the approval committed if downstream
_signal_resume_intent (or complete_review) fails; to fix, delay
persisting/publishing until the downstream transition succeeds: call
_signal_resume_intent first (using updated.task_id rather than saved.task_id),
await it, and only then call app_state.approval_store.save_if_pending(updated)
followed by _publish_approval_event and _log_approval_decision; keep the
preflight _preflight_review_gate check but ensure save_if_pending,
_publish_approval_event, and _log_approval_decision happen after
_signal_resume_intent to avoid leaving a decided approval when the task
transition fails.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/synthorg/engine/agent_engine.py`:
- Around line 669-688: The category assignment includes a redundant None check;
remove the dead else branch and directly read the value from recovery_result
since this block is only executed when recovery_result is not None—replace the
conditional expression that sets category with a direct access like
recovery_result.failure_category.value and keep the rest of the call to
sync_to_task_engine (refer to recovery_result, category, and
ctx.task_execution.status to locate the change).

In `@src/synthorg/persistence/protocol.py`:
- Around line 167-170: The Persistence protocol was updated with a new property
decision_records (DecisionRepository) but the PersistenceBackend class docstring
Attributes section wasn't updated; update the PersistenceBackend docstring to
include an Attributes entry describing decision_records: name
(decision_records), type (DecisionRepository), and brief purpose ("Repository
for DecisionRecord persistence (decisions drop-box)"), and ensure the wording
matches the `@property` docstring for decision_records so generated API docs
remain accurate.

In `@src/synthorg/persistence/sqlite/decision_repo.py`:
- Line 202: Replace the parenthesized tuple exception syntax used in the except
clause "except (sqlite3.Error, aiosqlite.Error) as exc:" with the PEP 758
comma-separated form so the handler reads using comma-separated exceptions
without parentheses; locate the try/except in decision_repo.py where that clause
appears (the DB error handling block around sqlite3/aiosqlite operations) and
update the except line accordingly while leaving the handler body and variable
name (exc) unchanged.
- Line 310: Update the except clause in decision_repo.py to use the PEP 758
comma-separated exception syntax by replacing the current "except
(ValidationError, json.JSONDecodeError, TypeError) as exc:" with the
comma-separated form "except ValidationError, json.JSONDecodeError, TypeError as
exc:" so the handler for ValidationError, json.JSONDecodeError and TypeError
(variable exc) is written without parentheses; keep the same handler body
unchanged and run tests to confirm no syntax/regression issues.
- Line 275: Replace the parenthesized exception tuple with PEP 758
comma-separated syntax: change the handler currently written as "except
(sqlite3.Error, aiosqlite.Error) as exc:" to the new form "except sqlite3.Error,
aiosqlite.Error as exc:" so the except block in decision_repo.py (the clause
that catches sqlite3.Error and aiosqlite.Error and binds exc) uses the
comma-separated exception list.
- Line 147: Replace the parenthesized multi-exception clause in the except
handler that catches sqlite3.Error and aiosqlite.Error with the PEP 758
comma-separated form: locate the except block currently written as "except
(sqlite3.Error, aiosqlite.Error) as exc" in decision_repo.py (inside the
repository methods handling DB operations) and change it to use "except
sqlite3.Error, aiosqlite.Error as exc" so the handler follows the project
guideline for Python 3.14.
- Line 223: Replace the parenthesized multi-except clause with the PEP 758
comma-separated form: locate the except block written as "except (sqlite3.Error,
aiosqlite.Error) as exc" in decision_repo.py and change it to "except
sqlite3.Error, aiosqlite.Error as exc" so the clause uses the new syntax while
preserving the same exception handling behavior; ensure the rest of the except
body (logging/raising) remains unchanged.

In `@tests/unit/api/fakes.py`:
- Around line 321-323: The test fake computes next_version by counting records
(existing_for_task and next_version) which breaks when versions are
non-contiguous; change the logic that builds the DecisionRecord so next_version
is computed as max of existing record.version values + 1 (treat empty set as 0)
using the records in self._records for the given task_id; update the code around
existing_for_task / next_version / DecisionRecord to use that max(...,
default=0) + 1 approach so seeded non-contiguous histories produce the correct
next version.

In `@tests/unit/engine/test_decisions.py`:
- Around line 81-122: The test suite lacks a check that executing_agent_id and
reviewer_agent_id cannot be the same; add a new unit test (e.g.,
test_self_review_rejected) that calls _make_record with executing_agent_id and
reviewer_agent_id set to the same value and asserts it raises ValidationError
using pytest.raises(ValidationError); place this alongside the other validators
in tests/unit/engine/test_decisions.py so regressions in the cross-field
validator are caught.

In `@tests/unit/engine/test_recovery_failure_diagnosis.py`:
- Around line 46-64: The test function test_failure_category_required declares
an unused fixture parameter sample_task_with_criteria causing unnecessary setup;
remove sample_task_with_criteria from the test_failure_category_required
signature so the function only accepts sample_agent_context and avoid touching
any other logic (ensure the function still uses sample_agent_context,
TaskStatus, RecoveryResult, etc.).
- Around line 66-84: The test_failure_context_required function declares an
unused fixture parameter sample_task_with_criteria; remove that parameter from
the test signature so only used fixtures (sample_agent_context) remain, updating
the function definition for test_failure_context_required to omit
sample_task_with_criteria to eliminate the unused-fixture warning.

---

Outside diff comments:
In `@src/synthorg/api/controllers/approvals.py`:
- Around line 534-569: The code currently saves the approval and publishes/logs
before calling _signal_resume_intent, which can leave the approval committed if
downstream _signal_resume_intent (or complete_review) fails; to fix, delay
persisting/publishing until the downstream transition succeeds: call
_signal_resume_intent first (using updated.task_id rather than saved.task_id),
await it, and only then call app_state.approval_store.save_if_pending(updated)
followed by _publish_approval_event and _log_approval_decision; keep the
preflight _preflight_review_gate check but ensure save_if_pending,
_publish_approval_event, and _log_approval_decision happen after
_signal_resume_intent to avoid leaving a decided approval when the task
transition fails.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 2c12f1e9-d98e-4d4f-92bf-a10c60fb6fab

📥 Commits

Reviewing files that changed from the base of the PR and between 7af94de and dcfee25.

📒 Files selected for processing (34)

• CLAUDE.md
• docs/design/engine.md
• src/synthorg/api/app.py
• src/synthorg/api/controllers/approvals.py
• src/synthorg/core/enums.py
• src/synthorg/engine/agent_engine.py
• src/synthorg/engine/checkpoint/resume.py
• src/synthorg/engine/checkpoint/strategy.py
• src/synthorg/engine/decisions.py
• src/synthorg/engine/errors.py
• src/synthorg/engine/immutable.py
• src/synthorg/engine/recovery.py
• src/synthorg/engine/review_gate.py
• src/synthorg/observability/events/approval_gate.py
• src/synthorg/observability/events/execution.py
• src/synthorg/observability/events/persistence.py
• src/synthorg/persistence/protocol.py
• src/synthorg/persistence/repositories.py
• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/persistence/sqlite/decision_repo.py
• src/synthorg/persistence/sqlite/schema.sql
• tests/unit/api/controllers/test_approvals_helpers.py
• tests/unit/api/fakes.py
• tests/unit/core/test_enums_failure_category.py
• tests/unit/engine/checkpoint/test_resume.py
• tests/unit/engine/checkpoint/test_strategy.py
• tests/unit/engine/test_decisions.py
• tests/unit/engine/test_recovery_checkpoint_fields.py
• tests/unit/engine/test_recovery_failure_diagnosis.py
• tests/unit/engine/test_review_gate.py
• tests/unit/memory/procedural/test_pipeline.py
• tests/unit/persistence/sqlite/test_decision_repo.py
• tests/unit/persistence/sqlite/test_migrations.py
• tests/unit/persistence/test_protocol.py

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Build Sandbox
• GitHub Check: Build Web
• GitHub Check: Build Backend
• GitHub Check: Agent
• GitHub Check: Test (Python 3.14)
• GitHub Check: Dependency Review
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (5)

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: Do not use from __future__ import annotations in Python -- Python 3.14 has PEP 649 native lazy annotations
Use except A, B: syntax (no parentheses) for exception handling in Python 3.14 per PEP 758 -- ruff enforces this
All public functions and methods must have type hints, with mypy strict mode enforcement
Google-style docstrings are required on all public classes and functions, enforced by ruff D rules
Create new objects rather than mutating existing ones. For non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement.
Use frozen Pydantic models for config and identity; use separate mutable-via-copy models (via model_copy(update=...)) for runtime state that evolves. Never mix static config fields with mutable runtime fields in one model.
Use Pydantic v2 with conventions: allow_inf_nan=False in all ConfigDict declarations to reject NaN/Inf in numeric fields; use @computed_field for derived values instead of storing redundant fields; use NotBlankStr for all identifier and name fields including optional and tuple variants, instead of manual whitespace validators
Prefer asyncio.TaskGroup for fan-out/fan-in parallel operations in new code (e.g., multiple tool invocations, parallel agent calls). Prefer structured concurrency over bare create_task.
Maintain a line length of 88 characters (enforced by ruff)
Functions must be less than 50 lines, files must be less than 800 lines
Handle errors explicitly, never silently swallow exceptions
Validate at system boundaries (user input, external APIs, config files)

Files:

• tests/unit/engine/checkpoint/test_strategy.py
• src/synthorg/observability/events/execution.py
• src/synthorg/persistence/protocol.py
• tests/unit/memory/procedural/test_pipeline.py
• src/synthorg/api/app.py
• src/synthorg/engine/errors.py
• tests/unit/persistence/sqlite/test_migrations.py
• src/synthorg/engine/checkpoint/strategy.py
• src/synthorg/engine/immutable.py
• tests/unit/core/test_enums_failure_category.py
• tests/unit/engine/test_recovery_checkpoint_fields.py
• tests/unit/engine/checkpoint/test_resume.py
• src/synthorg/engine/checkpoint/resume.py
• tests/unit/engine/test_decisions.py
• tests/unit/api/controllers/test_approvals_helpers.py
• src/synthorg/engine/agent_engine.py
• tests/unit/engine/test_review_gate.py
• src/synthorg/observability/events/approval_gate.py
• tests/unit/api/fakes.py
• src/synthorg/api/controllers/approvals.py
• src/synthorg/core/enums.py
• tests/unit/engine/test_recovery_failure_diagnosis.py
• tests/unit/persistence/test_protocol.py
• src/synthorg/persistence/repositories.py
• src/synthorg/engine/recovery.py
• src/synthorg/observability/events/persistence.py
• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/engine/decisions.py
• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py
• tests/unit/persistence/sqlite/test_decision_repo.py

tests/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

tests/**/*.py: Use @pytest.mark.unit, @pytest.mark.integration, @pytest.mark.e2e, and @pytest.mark.slow for test markers
Maintain 80% minimum code coverage (enforced in CI)
Prefer @pytest.mark.parametrize for testing similar cases
Test vendor names must use test-provider, test-small-001, etc. instead of real vendor names
Use Python Hypothesis for property-based testing with @given + @settings. Hypothesis profiles configured in tests/conftest.py: ci (deterministic, max_examples=10 + derandomize=True), dev (1000 examples), fuzz (10,000 examples, no deadline), extreme (500,000 examples, no deadline). Control via HYPOTHESIS_PROFILE env var.
When Hypothesis finds a failing example, it is a real bug. Fix the underlying bug and add an explicit @example(...) decorator to the test so the case is permanently covered in CI.
Never skip, dismiss, or ignore flaky tests. For timing-sensitive tests, mock time.monotonic() and asyncio.sleep() to make them deterministic. For tasks that must block indefinitely until cancelled, use asyncio.Event().wait() instead of asyncio.sleep(large_number).

Files:

• tests/unit/engine/checkpoint/test_strategy.py
• tests/unit/memory/procedural/test_pipeline.py
• tests/unit/persistence/sqlite/test_migrations.py
• tests/unit/core/test_enums_failure_category.py
• tests/unit/engine/test_recovery_checkpoint_fields.py
• tests/unit/engine/checkpoint/test_resume.py
• tests/unit/engine/test_decisions.py
• tests/unit/api/controllers/test_approvals_helpers.py
• tests/unit/engine/test_review_gate.py
• tests/unit/api/fakes.py
• tests/unit/engine/test_recovery_failure_diagnosis.py
• tests/unit/persistence/test_protocol.py
• tests/unit/persistence/sqlite/test_decision_repo.py

---

⚙️ CodeRabbit configuration file

Test files do not require Google-style docstrings on classes or functions -- ruff D rules are only enforced on src/. A bare @settings() decorator with no arguments on Hypothesis property tests is a no-op and should not be suggested -- the HYPOTHESIS_PROFILE env var controls example counts via registered profiles, which @given() honors automatically.

Files:

• tests/unit/engine/checkpoint/test_strategy.py
• tests/unit/memory/procedural/test_pipeline.py
• tests/unit/persistence/sqlite/test_migrations.py
• tests/unit/core/test_enums_failure_category.py
• tests/unit/engine/test_recovery_checkpoint_fields.py
• tests/unit/engine/checkpoint/test_resume.py
• tests/unit/engine/test_decisions.py
• tests/unit/api/controllers/test_approvals_helpers.py
• tests/unit/engine/test_review_gate.py
• tests/unit/api/fakes.py
• tests/unit/engine/test_recovery_failure_diagnosis.py
• tests/unit/persistence/test_protocol.py
• tests/unit/persistence/sqlite/test_decision_repo.py

src/synthorg/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/synthorg/**/*.py: Every module with business logic must have from synthorg.observability import get_logger then logger = get_logger(__name__)
Always use logger as the variable name (not _logger, not log)
Always use event name constants from domain-specific modules under synthorg.observability.events (e.g., API_REQUEST_STARTED from events.api, TOOL_INVOKE_START from events.tool). Import directly: from synthorg.observability.events.<domain> import EVENT_CONSTANT
Use structured logging with logger.info(EVENT, key=value) -- never logger.info("msg %s", val)
Log all error paths at WARNING or ERROR level with context before raising
Log all state transitions at INFO level
Use DEBUG level logging for object creation, internal flow, and entry/exit of key functions
Never use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples. Use generic names: example-provider, example-large-001, example-medium-001, example-small-001, large/medium/small as aliases. Vendor names allowed only in: (1) Operations design page, (2) .claude/ files, (3) third-party import paths, (4) provider presets which are user-facing runtime data. Tests must use test-provider, test-small-001, etc.

Files:

• src/synthorg/observability/events/execution.py
• src/synthorg/persistence/protocol.py
• src/synthorg/api/app.py
• src/synthorg/engine/errors.py
• src/synthorg/engine/checkpoint/strategy.py
• src/synthorg/engine/immutable.py
• src/synthorg/engine/checkpoint/resume.py
• src/synthorg/engine/agent_engine.py
• src/synthorg/observability/events/approval_gate.py
• src/synthorg/api/controllers/approvals.py
• src/synthorg/core/enums.py
• src/synthorg/persistence/repositories.py
• src/synthorg/engine/recovery.py
• src/synthorg/observability/events/persistence.py
• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/engine/decisions.py
• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

src/**/*.py

⚙️ CodeRabbit configuration file

This project uses Python 3.14+ with PEP 758 except syntax: "except A, B:" (comma-separated, no parentheses) is correct and mandatory -- do NOT flag it as a typo or suggest parenthesized form. The "except builtins.MemoryError, RecursionError: raise" pattern is intentional project convention for system-error propagation. When evaluating the 50-line function limit, count only the function body excluding the signature lines, decorators, and docstring. Functions 1-5 lines over due to docstrings or multi-line signatures should not be flagged. Do not suggest extracting single-use helper functions called exactly once -- this reduces readability without improving maintainability.

Files:

• src/synthorg/observability/events/execution.py
• src/synthorg/persistence/protocol.py
• src/synthorg/api/app.py
• src/synthorg/engine/errors.py
• src/synthorg/engine/checkpoint/strategy.py
• src/synthorg/engine/immutable.py
• src/synthorg/engine/checkpoint/resume.py
• src/synthorg/engine/agent_engine.py
• src/synthorg/observability/events/approval_gate.py
• src/synthorg/api/controllers/approvals.py
• src/synthorg/core/enums.py
• src/synthorg/persistence/repositories.py
• src/synthorg/engine/recovery.py
• src/synthorg/observability/events/persistence.py
• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/engine/decisions.py
• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

docs/**/*.md

📄 CodeRabbit inference engine (CLAUDE.md)

Documentation is in docs/ (Markdown, built with Zensical, config: mkdocs.yml). Design spec in docs/design/ (12 pages). Architecture in docs/architecture/. Roadmap in docs/roadmap/. Security in docs/security.md. Licensing in docs/licensing.md.

Files:

• docs/design/engine.md

🧠 Learnings (56)

📚 Learning: 2026-03-20T11:18:48.128Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T11:18:48.128Z
Learning: Applies to src/synthorg/**/*.py : Use event name constants from domain-specific modules under `synthorg.observability.events` (e.g., `API_REQUEST_STARTED` from `events.api`, `TOOL_INVOKE_START` from `events.tool`). Import directly: `from synthorg.observability.events.<domain> import EVENT_CONSTANT`.

Applied to files:

• src/synthorg/observability/events/execution.py
• src/synthorg/observability/events/approval_gate.py
• src/synthorg/observability/events/persistence.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use event name constants from synthorg.observability.events domain-specific modules (e.g., PROVIDER_CALL_START from events.provider). Import directly: from synthorg.observability.events.<domain> import EVENT_CONSTANT.

Applied to files:

• src/synthorg/observability/events/execution.py
• src/synthorg/observability/events/approval_gate.py
• src/synthorg/observability/events/persistence.py

📚 Learning: 2026-04-02T07:18:02.381Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-02T07:18:02.381Z
Learning: Applies to src/synthorg/**/*.py : Use event name constants from domain-specific modules under `synthorg.observability.events` (e.g., `API_REQUEST_STARTED` from `events.api`, `TOOL_INVOKE_START` from `events.tool`); import directly from the domain module

Applied to files:

• src/synthorg/observability/events/execution.py
• src/synthorg/observability/events/approval_gate.py
• src/synthorg/observability/events/persistence.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Always use event name constants from domain-specific modules under `synthorg.observability.events` (e.g., `API_REQUEST_STARTED` from `events.api`, `TOOL_INVOKE_START` from `events.tool`); import directly rather than using string literals

Applied to files:

• src/synthorg/observability/events/execution.py
• src/synthorg/observability/events/approval_gate.py
• src/synthorg/observability/events/persistence.py

📚 Learning: 2026-03-18T21:23:23.586Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-18T21:23:23.586Z
Learning: Applies to src/synthorg/**/*.py : Event names: always use constants from the domain-specific module under synthorg.observability.events (e.g., API_REQUEST_STARTED from events.api, TOOL_INVOKE_START from events.tool). Import directly from synthorg.observability.events.<domain>.

Applied to files:

• src/synthorg/observability/events/execution.py
• src/synthorg/observability/events/approval_gate.py
• src/synthorg/api/controllers/approvals.py
• src/synthorg/observability/events/persistence.py

📚 Learning: 2026-03-15T18:38:44.202Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:38:44.202Z
Learning: Applies to src/synthorg/**/*.py : Always use event name constants from domain-specific modules under `synthorg.observability.events` (e.g., `PROVIDER_CALL_START` from `events.provider`); import directly: `from synthorg.observability.events.<domain> import EVENT_CONSTANT`

Applied to files:

• src/synthorg/observability/events/execution.py
• src/synthorg/observability/events/persistence.py

📚 Learning: 2026-04-04T19:50:52.893Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-04T19:50:52.893Z
Learning: Applies to src/synthorg/**/*.py : Always use event name constants from domain-specific modules under `synthorg.observability.events` (e.g., `API_REQUEST_STARTED` from `events.api`, `TOOL_INVOKE_START` from `events.tool`). Import directly: `from synthorg.observability.events.<domain> import EVENT_CONSTANT`

Applied to files:

• src/synthorg/observability/events/execution.py
• src/synthorg/observability/events/approval_gate.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Persistence backend: pluggable PersistenceBackend protocol in `src/synthorg/persistence/`, SQLite initial, SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/protocol.py
• tests/unit/persistence/test_protocol.py
• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/persistence/**/*.py : Persistence uses pluggable PersistenceBackend protocol. SQLite is the initial backend. Settings use SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/protocol.py
• tests/unit/persistence/test_protocol.py
• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/engine/**/*.py : Engine package (engine/): agent orchestration, parallel execution, task decomposition, routing, TaskEngine (centralized single-writer), task lifecycle/recovery/shutdown, workspace isolation, coordination (4 dispatchers: SAS/centralized/decentralized/context-dependent, wave execution), approval gates (escalation detection, context parking/resume), stagnation detection (ToolRepetitionDetector, corrective prompt injection), AgentRuntimeState (execution status), context budget management, conversation compaction (oldest-turns summarizer)

Applied to files:

• tests/unit/memory/procedural/test_pipeline.py
• src/synthorg/engine/errors.py
• tests/unit/engine/test_recovery_checkpoint_fields.py
• src/synthorg/engine/agent_engine.py
• tests/unit/engine/test_review_gate.py
• tests/unit/api/fakes.py
• tests/unit/persistence/test_protocol.py
• src/synthorg/persistence/repositories.py
• src/synthorg/engine/review_gate.py
• CLAUDE.md

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Engine: Agent orchestration, execution loops, parallel execution, task decomposition, routing, task assignment, centralized single-writer task state engine (TaskEngine), task lifecycle, recovery, shutdown, workspace isolation, coordination (multi-agent pipeline: TopologyDispatcher protocol, 4 dispatchers — SAS/centralized/decentralized/context-dependent, wave execution, workspace lifecycle integration, CoordinationSectionConfig company config bridge, build_coordinator factory), coordination error classification, prompt policy validation, checkpoint recovery (checkpoint/, per-turn persistence, heartbeat detection, CheckpointRecoveryStrategy), approval gate (escalation detection, context parking/resume, EscalationInfo/ResumePayload models), stagnation detection (stagnation/, StagnationDetector protocol, ToolRepetitionDetector, dual-signal analysis, corrective prompt injection), agent runtime state (AgentRuntimeState, lightweight per-agent execution status for dashboard queries and recove...

Applied to files:

• tests/unit/memory/procedural/test_pipeline.py
• src/synthorg/engine/agent_engine.py
• tests/unit/persistence/test_protocol.py
• CLAUDE.md

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Prefer `asyncio.TaskGroup` for fan-out/fan-in parallel operations in new code (e.g. multiple tool invocations, parallel agent calls). Prefer structured concurrency over bare `create_task`. Existing code is being migrated incrementally.

Applied to files:

• tests/unit/memory/procedural/test_pipeline.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for `dict`/`list` fields

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : For non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction and wrap with `MappingProxyType` for read-only enforcement

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-04-01T09:58:27.410Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:58:27.410Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for dict/list fields in frozen Pydantic models

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-03-15T18:38:44.202Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:38:44.202Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using `model_copy(update=...)`) for runtime state

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Immutability: create new objects, never mutate existing ones. For non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement.

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (via `model_copy(update=...)`) for runtime state that evolves

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-04-01T09:09:43.948Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:09:43.948Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at construction and `MappingProxyType` wrapping for read-only enforcement in non-Pydantic internal collections (registries, BaseTool)

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves. Never mix static config fields with mutable runtime fields in one model.

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-04-04T19:50:52.893Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-04T19:50:52.893Z
Learning: Applies to **/*.py : Create new objects rather than mutating existing ones. For non-Pydantic internal collections (registries, BaseTool), use `copy.deepcopy()` at construction + `MappingProxyType` wrapping for read-only enforcement.

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-03-16T23:05:29.577Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T23:05:29.577Z
Learning: Applies to **/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-04-01T09:37:49.451Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:37:49.451Z
Learning: Applies to **/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models with `model_copy(update=...)` for runtime state that evolves

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-04-04T19:50:52.893Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-04T19:50:52.893Z
Learning: Applies to **/*.py : Use frozen Pydantic models for config and identity; use separate mutable-via-copy models (via `model_copy(update=...)`) for runtime state that evolves. Never mix static config fields with mutable runtime fields in one model.

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-03-19T07:13:44.964Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:13:44.964Z
Learning: Applies to src/synthorg/budget/**/*.py : Budget package (budget/): cost tracking, budget enforcement (pre-flight/in-flight checks, auto-downgrade), billing periods, cost tiers, quota/subscription tracking, CFO cost optimization (anomaly detection, efficiency analysis, downgrade recommendations, approval decisions), spending reports, budget errors (BudgetExhaustedError, DailyLimitExceededError, QuotaExhaustedError)

Applied to files:

• src/synthorg/engine/agent_engine.py

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/budget/**/*.py : Budget tracking includes pre-flight/in-flight checks, auto-downgrade, billing periods, cost tiers, quota/subscription. CFO includes anomaly detection, efficiency analysis, downgrade recommendations.

Applied to files:

• src/synthorg/engine/agent_engine.py

📚 Learning: 2026-03-31T16:09:24.320Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T16:09:24.320Z
Learning: Applies to src/synthorg/**/*.py : Use event name constants from `synthorg.observability.events.<domain>` modules (e.g., `API_REQUEST_STARTED` from `events.api`, `TOOL_INVOKE_START` from `events.tool`); import directly and use in structured logging

Applied to files:

• src/synthorg/observability/events/approval_gate.py
• src/synthorg/api/controllers/approvals.py
• src/synthorg/observability/events/persistence.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/api/**/*.py : Authentication uses JWT + API key. Approval gate integration for high-risk operations.

Applied to files:

• src/synthorg/observability/events/approval_gate.py
• src/synthorg/api/controllers/approvals.py
• src/synthorg/engine/review_gate.py

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/observability/**/*.py : Observability package (observability/): structured logging, correlation tracking, log sinks; event constants organized by domain under observability/events/ (e.g., events.api, events.tool, events.git, events.context_budget, events.backup)

Applied to files:

• src/synthorg/observability/events/approval_gate.py
• src/synthorg/observability/events/persistence.py

📚 Learning: 2026-03-15T18:28:13.207Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:28:13.207Z
Learning: Applies to src/synthorg/**/*.py : Event names: always use constants from domain-specific modules under synthorg.observability.events (e.g., PROVIDER_CALL_START from events.provider, BUDGET_RECORD_ADDED from events.budget, etc.). Import directly: `from synthorg.observability.events.<domain> import EVENT_CONSTANT`.

Applied to files:

• src/synthorg/observability/events/approval_gate.py
• src/synthorg/observability/events/persistence.py

📚 Learning: 2026-03-16T06:24:56.341Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T06:24:56.341Z
Learning: Applies to src/synthorg/hr/**/*.py : HR engine must provide: hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, trend detection), promotion/demotion

Applied to files:

• tests/unit/api/fakes.py
• tests/unit/persistence/test_protocol.py
• CLAUDE.md

📚 Learning: 2026-03-19T07:13:44.964Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:13:44.964Z
Learning: Applies to src/synthorg/hr/**/*.py : HR package (hr/): hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, LLM calibration, collaboration overrides, trend detection), promotion/demotion (criteria evaluation, approval strategies, model mapping)

Applied to files:

• tests/unit/api/fakes.py
• tests/unit/persistence/test_protocol.py
• CLAUDE.md

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/api/**/*.py : REST API: Litestar framework, controllers with guards, channels for WebSocket, JWT + API key + WS ticket auth, approval gate integration, coordination endpoint, collaboration endpoint, settings endpoint. RFC 9457 structured errors (ErrorCategory, ErrorCode, ErrorDetail, ProblemDetail, CATEGORY_TITLES, category_title, category_type_uri, content negotiation).

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/api/**/*.py : API package (api/): Litestar REST + WebSocket with controllers, guards, channels, JWT + API key + WS ticket auth, approval gate integration, coordination endpoint, collaboration endpoint, settings endpoint, provider management endpoint (CRUD + test + presets), backup endpoint, RFC 9457 structured errors, AppState hot-reload slots, service auto-wiring (Phase 1 at construction, Phase 2 on startup), lifecycle helpers

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-03-20T11:18:48.128Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T11:18:48.128Z
Learning: Applies to src/synthorg/**/*.py : Retryable errors (`is_retryable=True`): `RateLimitError`, `ProviderTimeoutError`, `ProviderConnectionError`, `ProviderInternalError`. Non-retryable errors raise immediately without retry.

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-03-16T19:13:34.746Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T19:13:34.746Z
Learning: Applies to src/synthorg/providers/**/*.py : Retryable errors (is_retryable=True): RateLimitError, ProviderTimeoutError, ProviderConnectionError, ProviderInternalError. Non-retryable errors raise immediately without retry. RetryExhaustedError signals that all retries failed — the engine layer catches this to trigger fallback chains.

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-04-01T17:49:14.133Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T17:49:14.133Z
Learning: Applies to src/synthorg/{providers,engine}/**/*.py : Retryable errors are `RateLimitError`, `ProviderTimeoutError`, `ProviderConnectionError`, `ProviderInternalError`; non-retryable errors raise immediately; `RetryExhaustedError` signals all retries failed

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Handle errors explicitly, never silently swallow. Validate at system boundaries (user input, external APIs, config files).

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-04-04T19:50:52.893Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-04T19:50:52.893Z
Learning: Applies to src/synthorg/providers/**/*.py : Retryable errors (`is_retryable=True`) include: `RateLimitError`, `ProviderTimeoutError`, `ProviderConnectionError`, `ProviderInternalError`. Non-retryable errors raise immediately without retry. `RetryExhaustedError` signals that all retries failed.

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-03-20T08:28:32.845Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T08:28:32.845Z
Learning: Applies to src/synthorg/**/*.py : `RetryConfig` and `RateLimiterConfig` are set per-provider in `ProviderConfig`. Retryable errors: `RateLimitError`, `ProviderTimeoutError`, `ProviderConnectionError`, `ProviderInternalError`. Non-retryable errors raise immediately.

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising. All state transitions must log at INFO. DEBUG for object creation, internal flow, and key function entry/exit

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-03-17T06:43:14.114Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:43:14.114Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising. All state transitions must log at INFO. DEBUG for object creation, internal flow, entry/exit of key functions. Pure data models, enums, and re-exports do NOT need logging.

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising. All state transitions must log at INFO. DEBUG for object creation, internal flow, entry/exit of key functions.

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-03-31T20:07:03.035Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T20:07:03.035Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising; all state transitions must log at INFO; DEBUG for object creation, internal flow, entry/exit of key functions

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/**/*.py : Package structure: src/synthorg/ organized as: api/ (REST+WebSocket, Litestar), auth/ (auth subpackage), backup/ (scheduled/manual backups), budget/ (cost tracking, CFO), cli/ (superseded by Go CLI), communication/ (message bus, meetings), config/ (YAML loading), core/ (domain models, resilience config), engine/ (orchestration, task state, coordination, approval gates, stagnation detection, context budget, compaction), hr/ (hiring, performance, promotion), memory/ (pluggable backend, Mem0, retrieval, consolidation), persistence/ (operational data, SQLite, settings), observability/ (logging, correlation, sinks), providers/ (LLM abstraction, LiteLLM, auth types, presets, runtime CRUD), settings/ (runtime-editable, typed definitions, encryption, config bridge), security/ (SecOps, rule engine, output scanning, progressive trust, autonomy levels), templates/ (company templates, personalities), tools/ (registry, built-in tools, git, sandbox, code_runner, MCP...

Applied to files:

• src/synthorg/api/controllers/approvals.py
• tests/unit/persistence/test_protocol.py
• CLAUDE.md

📚 Learning: 2026-03-19T11:33:01.580Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T11:33:01.580Z
Learning: Applies to src/synthorg/**/*.py : Log all error paths at WARNING or ERROR with context before raising; log all state transitions at INFO; log object creation/internal flow/entry-exit at DEBUG

Applied to files:

• src/synthorg/api/controllers/approvals.py

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/engine/coordination/**/*.py : Task coordination uses multi-agent pipeline with 4 dispatchers (SAS/centralized/decentralized/context-dependent), wave execution, and workspace lifecycle integration.

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/communication/**/*.py : Communication package (communication/): message bus, dispatcher, messenger, channels, delegation, loop prevention, conflict resolution; meeting/ subpackage for meeting protocol (round-robin, position papers, structured phases), scheduler (frequency, participant resolver), orchestrator

Applied to files:

• src/synthorg/persistence/repositories.py
• CLAUDE.md

📚 Learning: 2026-03-16T06:24:56.341Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T06:24:56.341Z
Learning: Applies to src/synthorg/**/*.py : Always use event name constants from the domain-specific module under `synthorg.observability.events` in logging calls

Applied to files:

• src/synthorg/observability/events/persistence.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Documentation source in `docs/` (Markdown, built with Zensical). Design spec in `docs/design/` (7 pages: index, agents, organization, communication, engine, memory, operations). Architecture in `docs/architecture/` (overview, tech-stack, decision log). Roadmap in `docs/roadmap/`. Security in `docs/security.md`. Licensing in `docs/licensing.md`. Reference in `docs/reference/`. REST API reference in `docs/rest-api.md`. Library reference in `docs/api/` (auto-generated from docstrings). Custom templates in `docs/overrides/`. Config in `mkdocs.yml`.

Applied to files:

• CLAUDE.md

📚 Learning: 2026-03-14T15:43:05.601Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to docs/** : Docs source in docs/ (Markdown, built with Zensical); design spec in docs/design/ (7 pages: index, agents, organization, communication, engine, memory, operations)

Applied to files:

• CLAUDE.md

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Settings: Runtime-editable settings persistence (DB > env > YAML > code defaults), typed definitions (9 namespaces), Fernet encryption for sensitive values, config bridge, ConfigResolver (typed composed reads for controllers), validation, registry, change notifications via message bus. Per-namespace setting definitions in definitions/ submodule (api, company, providers, memory, budget, security, coordination, observability, backup).

Applied to files:

• CLAUDE.md

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to docs/design/*.md : Design spec pages: 7 pages in `docs/design/` — index, agents, organization, communication, engine, memory, operations

Applied to files:

• CLAUDE.md

📚 Learning: 2026-03-31T14:31:11.894Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T14:31:11.894Z
Learning: Applies to docs/design/*.md : Update the relevant `docs/design/` page when approved deviations occur to reflect the new reality

Applied to files:

• docs/design/engine.md

📚 Learning: 2026-03-18T08:23:08.912Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-18T08:23:08.912Z
Learning: When approved deviations occur, update the relevant `docs/design/` page to reflect the new reality.

Applied to files:

• docs/design/engine.md

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Sync protocol class doc attributes with new property.

Optional: add decision_records to the PersistenceBackend class docstring’s Attributes section so API documentation stays complete.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/persistence/protocol.py` around lines 167 - 170, The Persistence
protocol was updated with a new property decision_records (DecisionRepository)
but the PersistenceBackend class docstring Attributes section wasn't updated;
update the PersistenceBackend docstring to include an Attributes entry
describing decision_records: name (decision_records), type (DecisionRepository),
and brief purpose ("Repository for DecisionRecord persistence (decisions
drop-box)"), and ensure the wording matches the `@property` docstring for
decision_records so generated API docs remain accurate.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Use PEP 758 comma-separated exception syntax without parentheses.

Per project coding guidelines for Python 3.14, exception handlers should use the comma-separated form without parentheses.

♻️ Proposed fix

-        except (sqlite3.Error, aiosqlite.Error) as exc:
+        except sqlite3.Error, aiosqlite.Error as exc:

As per coding guidelines: "Use except A, B: syntax (no parentheses) for exception handling in Python 3.14 per PEP 758".

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	except (sqlite3.Error, aiosqlite.Error) as exc:
	except sqlite3.Error, aiosqlite.Error as exc:

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/persistence/sqlite/decision_repo.py` at line 147, Replace the
parenthesized multi-exception clause in the except handler that catches
sqlite3.Error and aiosqlite.Error with the PEP 758 comma-separated form: locate
the except block currently written as "except (sqlite3.Error, aiosqlite.Error)
as exc" in decision_repo.py (inside the repository methods handling DB
operations) and change it to use "except sqlite3.Error, aiosqlite.Error as exc"
so the handler follows the project guideline for Python 3.14.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Use PEP 758 comma-separated exception syntax without parentheses.

♻️ Proposed fix

-        except (sqlite3.Error, aiosqlite.Error) as exc:
+        except sqlite3.Error, aiosqlite.Error as exc:

As per coding guidelines: "Use except A, B: syntax (no parentheses) for exception handling in Python 3.14 per PEP 758".

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	except (sqlite3.Error, aiosqlite.Error) as exc:
	except sqlite3.Error, aiosqlite.Error as exc:

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/persistence/sqlite/decision_repo.py` at line 202, Replace the
parenthesized tuple exception syntax used in the except clause "except
(sqlite3.Error, aiosqlite.Error) as exc:" with the PEP 758 comma-separated form
so the handler reads using comma-separated exceptions without parentheses;
locate the try/except in decision_repo.py where that clause appears (the DB
error handling block around sqlite3/aiosqlite operations) and update the except
line accordingly while leaving the handler body and variable name (exc)
unchanged.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Use PEP 758 comma-separated exception syntax without parentheses.

♻️ Proposed fix

-        except (sqlite3.Error, aiosqlite.Error) as exc:
+        except sqlite3.Error, aiosqlite.Error as exc:

As per coding guidelines: "Use except A, B: syntax (no parentheses) for exception handling in Python 3.14 per PEP 758".

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	except (sqlite3.Error, aiosqlite.Error) as exc:
	except sqlite3.Error, aiosqlite.Error as exc:

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/persistence/sqlite/decision_repo.py` at line 223, Replace the
parenthesized multi-except clause with the PEP 758 comma-separated form: locate
the except block written as "except (sqlite3.Error, aiosqlite.Error) as exc" in
decision_repo.py and change it to "except sqlite3.Error, aiosqlite.Error as exc"
so the clause uses the new syntax while preserving the same exception handling
behavior; ensure the rest of the except body (logging/raising) remains
unchanged.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Use PEP 758 comma-separated exception syntax without parentheses.

♻️ Proposed fix

-        except (sqlite3.Error, aiosqlite.Error) as exc:
+        except sqlite3.Error, aiosqlite.Error as exc:

As per coding guidelines: "Use except A, B: syntax (no parentheses) for exception handling in Python 3.14 per PEP 758".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/persistence/sqlite/decision_repo.py` at line 275, Replace the
parenthesized exception tuple with PEP 758 comma-separated syntax: change the
handler currently written as "except (sqlite3.Error, aiosqlite.Error) as exc:"
to the new form "except sqlite3.Error, aiosqlite.Error as exc:" so the except
block in decision_repo.py (the clause that catches sqlite3.Error and
aiosqlite.Error and binds exc) uses the comma-separated exception list.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Use PEP 758 comma-separated exception syntax without parentheses.

♻️ Proposed fix

-        except (ValidationError, json.JSONDecodeError, TypeError) as exc:
+        except ValidationError, json.JSONDecodeError, TypeError as exc:

As per coding guidelines: "Use except A, B: syntax (no parentheses) for exception handling in Python 3.14 per PEP 758".

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	except (ValidationError, json.JSONDecodeError, TypeError) as exc:
	except ValidationError, json.JSONDecodeError, TypeError as exc:

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/persistence/sqlite/decision_repo.py` at line 310, Update the
except clause in decision_repo.py to use the PEP 758 comma-separated exception
syntax by replacing the current "except (ValidationError, json.JSONDecodeError,
TypeError) as exc:" with the comma-separated form "except ValidationError,
json.JSONDecodeError, TypeError as exc:" so the handler for ValidationError,
json.JSONDecodeError and TypeError (variable exc) is written without
parentheses; keep the same handler body unchanged and run tests to confirm no
syntax/regression issues.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Remove unused fixture parameter sample_task_with_criteria.

Same issue as above — the fixture is declared but not used.

♻️ Proposed fix

     def test_failure_context_required(
         self,
         sample_agent_context: AgentContext,
-        sample_task_with_criteria: Task,
     ) -> None:

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	def test_failure_context_required(
	self,
	sample_agent_context: AgentContext,
	sample_task_with_criteria: Task,
	) -> None:
	"""failure_context is required -- omitting it raises ValidationError."""
	ctx = sample_agent_context.with_task_transition(
	TaskStatus.IN_PROGRESS, reason="starting"
	)
	assert ctx.task_execution is not None
	failed = ctx.task_execution.with_transition(TaskStatus.FAILED, reason="crash")
	with pytest.raises(ValidationError, match="failure_context"):
	RecoveryResult( # type: ignore[call-arg]
	task_execution=failed,
	strategy_type="fail_reassign",
	context_snapshot=ctx.to_snapshot(),
	error_message="crash",
	failure_category=FailureCategory.TOOL_FAILURE,
	)
	def test_failure_context_required(
	self,
	sample_agent_context: AgentContext,
	) -> None:
	"""failure_context is required -- omitting it raises ValidationError."""
	ctx = sample_agent_context.with_task_transition(
	TaskStatus.IN_PROGRESS, reason="starting"
	)
	assert ctx.task_execution is not None
	failed = ctx.task_execution.with_transition(TaskStatus.FAILED, reason="crash")
	with pytest.raises(ValidationError, match="failure_context"):
	RecoveryResult( # type: ignore[call-arg]
	task_execution=failed,
	strategy_type="fail_reassign",
	context_snapshot=ctx.to_snapshot(),
	error_message="crash",
	failure_category=FailureCategory.TOOL_FAILURE,
	)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tests/unit/engine/test_recovery_failure_diagnosis.py` around lines 66 - 84,
The test_failure_context_required function declares an unused fixture parameter
sample_task_with_criteria; remove that parameter from the test signature so only
used fixtures (sample_agent_context) remain, updating the function definition
for test_failure_context_required to omit sample_task_with_criteria to eliminate
the unused-fixture warning.

[coderabbitai]

Actionable comments posted: 14

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)

tests/unit/memory/procedural/test_pipeline.py (1)

58-90: ⚠️ Potential issue | 🟡 Minor

Keep the shared recovery fixture semantically consistent.

test_extracts_error_and_strategy() passes "Budget exhausted", but this helper still stamps the result as FailureCategory.TOOL_FAILURE. That makes the shared fixture internally inconsistent and can hide category-specific regressions once _build_payload() or the proposer starts reading failure_category. Let callers override the category/context here instead of hard-coding them.

♻️ Proposed fix

 def _make_recovery_result(
     *,
     task: Task | None = None,
     error_message: str = "Provider timeout",
+    failure_category: FailureCategory = FailureCategory.TOOL_FAILURE,
+    failure_context: dict[str, Any] | None = None,
 ) -> RecoveryResult:
     t = task or _make_task()
     agent_id = str(uuid4())
     exec_id = str(uuid4())
@@
     return RecoveryResult(
         task_execution=te,
         strategy_type="fail_reassign",
         context_snapshot=snapshot,
         error_message=error_message,
-        failure_category=FailureCategory.TOOL_FAILURE,
-        failure_context={},
+        failure_category=failure_category,
+        failure_context={} if failure_context is None else failure_context,
     )

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tests/unit/memory/procedural/test_pipeline.py` around lines 58 - 90, The
shared fixture _make_recovery_result currently hard-codes failure_category and
failure_context (using FailureCategory.TOOL_FAILURE and {}), which makes it
semantically inconsistent with tests that pass different error messages; change
_make_recovery_result to accept optional parameters failure_category:
FailureCategory = FailureCategory.TOOL_FAILURE and failure_context: dict | None
= None (default to {} when None) and use those values when constructing the
RecoveryResult, and update callers (e.g., tests like
test_extracts_error_and_strategy) to pass the appropriate
failure_category/failure_context when needed.

src/synthorg/api/controllers/approvals.py (1)

330-365: ⚠️ Potential issue | 🔴 Critical

Late review-gate failures still commit the approval decision.

Now that _signal_resume_intent() propagates late review-gate failures, the ordering here is unsafe: save_if_pending() and _publish_approval_event() both run before the actual review-gate transition. If the task is reassigned or otherwise changes in that window, the endpoint can return 403/409/503 after the ApprovalItem is already decided and broadcast. In the self-review race, that breaks the no-self-review guarantee with a classic TOCTOU hole. This needs a transactional/compensating unit of work around approval persistence + review-gate transition, not just a preflight check.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/api/controllers/approvals.py` around lines 330 - 365, The
current ordering lets late review-gate failures (from _signal_resume_intent)
occur after app_state.approval_store.save_if_pending and
_publish_approval_event, creating a TOCTOU where a decided ApprovalItem can be
persisted/broadcast then rolled back — fix by making the review-gate transition
atomic with persistence: either (A) perform the actual review-gate transition
(not just _preflight_review_gate) before calling save_if_pending and only
publish after that transition succeeds, or (B) wrap save_if_pending + the call
to _signal_resume_intent in a transactional/compensating unit of work so that if
_signal_resume_intent fails you rollback the persisted decision and suppress
broadcasting; move _publish_approval_event and _log_approval_decision to after
the successful transition/commit and ensure _preflight_review_gate remains as an
early check.

src/synthorg/engine/review_gate.py (1)

147-156: ⚠️ Potential issue | 🟡 Minor

Normalize blank rejection reasons once and reuse them.

_record_decision() already collapses whitespace-only reason to None, but the rejection path still appends any truthy string to transition_reason. A " " input therefore leaves task history with a meaningless suffix while the audit row stores no reason for the same decision.

Proposed fix

-        if approved:
+        normalized_reason = reason.strip() if reason and reason.strip() else None
+
+        if approved:
             target = TaskStatus.COMPLETED
             transition_reason = f"Review approved by {decided_by}"
             event = APPROVAL_GATE_REVIEW_COMPLETED
         else:
             target = TaskStatus.IN_PROGRESS
             transition_reason = f"Review rejected by {decided_by}"
-            if reason:
-                transition_reason += f": {reason}"
+            if normalized_reason is not None:
+                transition_reason += f": {normalized_reason}"
             event = APPROVAL_GATE_REVIEW_REWORK
@@
         await self._record_decision(
             task=task,
             decided_by=decided_by,
             approved=approved,
-            reason=reason,
+            reason=normalized_reason,
             approval_id=approval_id,
         )

Also applies to: 176-181

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/engine/review_gate.py` around lines 147 - 156, The rejection
branch appends the raw reason (which can be whitespace) to transition_reason,
causing a meaningless suffix; ensure you use the normalized/processed reason
rather than the original input by trimming/collapsing whitespace once (as done
in _record_decision()) and checking that normalized_reason is truthy before
appending to transition_reason; apply the same change to the second occurrence
around APPROVAL_GATE_REVIEW_REWORK (and the corresponding block at 176-181) so
transition_reason only gets a real reason string.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/design/engine.md`:
- Around line 721-728: Update the sentence that currently states "Every
completed review is appended to the auditable decisions drop-box
(DecisionRepository) as an immutable DecisionRecord..." to clearly indicate this
is best-effort: change the wording to state that the system attempts to append a
DecisionRecord to the DecisionRepository for every completed review but append
failures are logged and do not block the review transition (i.e., it's a
best-effort append where runtime contract logs failures and continues).
Reference DecisionRepository and DecisionRecord in the revised sentence so
readers can find the implementation and follow-up behavior.

In `@src/synthorg/api/app.py`:
- Around line 847-856: The preflight gating is being disabled whenever
persistence is missing; instead ensure ReviewGateService is created whenever
task_engine exists (even if persistence is None) so _preflight_review_gate()
still runs; change the branch that currently requires both task_engine and
persistence to create a ReviewGateService(task_engine=task_engine,
persistence=persistence) when task_engine is not None and call
app_state.set_review_gate_service(review_gate_service), letting
ReviewGateService handle the absence of persistence (decision recording should
degrade/NO-OP) while check_can_decide continues to use task_engine only.

In `@src/synthorg/engine/agent_engine.py`:
- Around line 681-700: The transition reason sent in agent_engine.py (inside the
post-recovery block where sync_to_task_engine is called) only includes
recovery_result.failure_category and drops the unmet criteria details; update
the reason passed to sync_to_task_engine (the call that uses
target_status=ctx.task_execution.status, task_id=task_id, agent_id=agent_id) to
append a sanitized fragment of recovery_result.criteria_failed (or equivalent
field) when failure_category == QUALITY_GATE_FAILED (or when criteria_failed is
present), ensuring you redact/limit sensitive text and length to avoid bloating
the task history; keep the existing failure_category string intact and add a
short, escaped criteria_summary (e.g. first N chars or joined failing keys) to
the reason so downstream routers can see which criteria failed.

In `@src/synthorg/engine/decisions.py`:
- Around line 85-102: The metadata Field is left as a plain mutable dict so
callers can mutate record.metadata after construction; modify the
_deep_copy_metadata field validator to return an immutable read-only mapping by
wrapping the deep-copied mapping with types.MappingProxyType (or equivalent)
before assignment, ensuring the metadata attribute on the model is a read-only
Mapping; update the metadata annotation if needed to typing.Mapping[str, Any]
and keep using the existing metadata Field and _deep_copy_metadata validator and
deep_copy_mapping helper to perform the deep copy then wrap with
MappingProxyType to enforce immutability.

In `@src/synthorg/engine/errors.py`:
- Around line 172-199: Update the SelfReviewError class to use the NotBlankStr
type for its public identifier fields instead of plain str: import NotBlankStr
from core.types, change the __init__ signature to def __init__(self, *, task_id:
NotBlankStr, agent_id: NotBlankStr) -> None, and assign self.task_id and
self.agent_id accordingly; you may keep the existing runtime non-blank checks
for defense-in-depth but they should accept NotBlankStr inputs and not duplicate
semantics. Ensure the class still calls super().__init__("Self-review is not
permitted") and preserves the EngineError inheritance and documented behavior.

In `@src/synthorg/engine/immutable.py`:
- Around line 3-10: The module doc and contract promise to intercept both dict
and list inputs, but deep_copy_mapping() currently only deep-copies dicts;
change the helper to consistently handle both mapping and sequence inputs
(detect dict and list/tuple and return a deep copy for either), update its
name/comments to reflect "collection" semantics (e.g., deep_copy_collection) and
adjust any callers to use the new behavior/signature, ensuring frozen Pydantic
model fields that are lists also get copy.deepcopy() applied at the construction
boundary so no mutable alias is retained.

In `@src/synthorg/engine/recovery.py`:
- Around line 49-55: The table _FAILURE_CATEGORY_RULES currently lacks any
pattern mapping to FailureCategory.TOOL_FAILURE, so infer_failure_category() can
never return TOOL_FAILURE from error strings; add one or more string patterns
(e.g., "tool", "tool error", "tool failure", "plugin", "external service",
"connector") mapped to FailureCategory.TOOL_FAILURE in the
_FAILURE_CATEGORY_RULES tuple so string-based inference can yield TOOL_FAILURE;
update the tuple entry alongside the existing entries (e.g., insert
(("tool","tool error","tool failure","plugin","external service"),
FailureCategory.TOOL_FAILURE)) and ensure infer_failure_category continues to
iterate this table unchanged.

In `@src/synthorg/engine/review_gate.py`:
- Around line 272-285: Replace the tuple-based multi-except with PEP 758 syntax:
change the handler from "except (QueryError, DuplicateRecordError) as exc:" to
"except QueryError, DuplicateRecordError as exc:" so the block that logs
APPROVAL_GATE_DECISION_RECORD_FAILED via logger.exception (using task.id,
decided_by, approved, error_type, error) uses the repo-expected exception
syntax.
- Around line 249-263: The criteria_snapshot construction is vulnerable to
duplicate acceptance criterion descriptions and must dedupe before appending to
DecisionRecord; update the comprehension in review_gate.py (where
criteria_snapshot is built for
_persistence.decision_records.append_with_next_version inside the
_record_decision flow) to produce a tuple of unique, non-empty c.description
values (preserving original order) from task.acceptance_criteria (e.g., filter
c.description.strip() and skip repeats) so
DecisionRecord.append_with_next_version no longer receives duplicate entries.

In `@src/synthorg/engine/sanitization.py`:
- Around line 38-45: The shared prompt-injection regex _PROMPT_INJECTION_PATTERN
is overbroad and currently strips legitimate templating delimiters like "{{",
"}}", "{%", and "%}", corrupting structured content processed by
sanitize_message() used across checkpoints, summarizers and procedural-memory;
remove the alternation tokens that match "{{", "}}", "{%", and "%}" from the
regex so the sanitizer no longer redacts these templating delimiters while
preserving the other injection patterns, then run tests or sample flows that
exercise sanitize_message() to confirm acceptance criteria, assistant snippets,
and procedural payloads remain intact.

In `@src/synthorg/persistence/sqlite/decision_repo.py`:
- Around line 160-185: The repository currently constructs and persists a row
before applying DecisionRecord model normalization/validation in
append_with_next_version, causing invalid/unaligned data to be committed; change
append_with_next_version to build a DecisionRecord (using DecisionRecord(...) or
a dedicated _normalize_record helper) and run its validation/normalization
(e.g., blank reason -> None, normalize recorded_at to UTC, deduplicate/normalize
criteria_snapshot, enforce NotBlankStr) before calling _execute_insert, then
pass the validated params to _execute_insert; catch model ValidationError and
convert it into the repository's QueryError or DuplicateRecordError contract
instead of letting it leak, and ensure _row_to_record remains able to read back
persisted rows that match the validated form.

In `@tests/unit/api/fakes.py`:
- Around line 307-359: The fake repository uses broad primitives (str, datetime)
that diverge from DecisionRepository; change the identifier/name parameter
annotations in append_with_next_version, get, list_by_task and list_by_agent to
use NotBlankStr from core.types (including approval_id: NotBlankStr | None and
criteria_snapshot: tuple[NotBlankStr, ...] for tuple variants) and keep other
signatures aligned with DecisionRepository so tests mirror the real contract;
add the NotBlankStr import and adjust any callers in the test file if necessary.

In `@tests/unit/engine/test_review_gate.py`:
- Around line 240-257: The test test_task_without_assignee_proceeds must
exercise the real review-gate branch and assert no decision is persisted when
assigned_to is None: create the task via _make_task with assigned_to=None but
use a realistic pre-review status (e.g., TaskStatus.IN_REVIEW or the status that
triggers ReviewGateService.complete_review path) instead of TaskStatus.CREATED,
instantiate mocks via _make_mock_task_engine and _make_mock_decision_repo and
wrap the repo with _make_mock_persistence, call
ReviewGateService.complete_review, assert mock_te.submit was awaited once AND
assert the decision repo save method (the mock from _make_mock_decision_repo)
was not called to ensure no decision record was persisted.

In `@tests/unit/persistence/sqlite/test_migrations.py`:
- Around line 39-40: Add assertions that validate the actual constraints on the
decision_records table rather than just its existence: query sqlite_master or
PRAGMA table_info/foreign_key_list/index_list to assert the reviewer column has
a CHECK or trigger enforcing reviewer != executor (or validate via a SELECT that
would fail if reviewer==executor exists), assert the foreign key for
executor/reviewer uses ON DELETE RESTRICT, and assert there is a UNIQUE index on
(task_id, version) (or verify via PRAGMA index_list / PRAGMA index_info for the
unique index). Update the tests around decision_records to include these
targeted DDL/PRAGMA checks so regressions in reviewer!=executor, ON DELETE
RESTRICT, and UNIQUE(task_id, version) are detected.

---

Outside diff comments:
In `@src/synthorg/api/controllers/approvals.py`:
- Around line 330-365: The current ordering lets late review-gate failures (from
_signal_resume_intent) occur after app_state.approval_store.save_if_pending and
_publish_approval_event, creating a TOCTOU where a decided ApprovalItem can be
persisted/broadcast then rolled back — fix by making the review-gate transition
atomic with persistence: either (A) perform the actual review-gate transition
(not just _preflight_review_gate) before calling save_if_pending and only
publish after that transition succeeds, or (B) wrap save_if_pending + the call
to _signal_resume_intent in a transactional/compensating unit of work so that if
_signal_resume_intent fails you rollback the persisted decision and suppress
broadcasting; move _publish_approval_event and _log_approval_decision to after
the successful transition/commit and ensure _preflight_review_gate remains as an
early check.

In `@src/synthorg/engine/review_gate.py`:
- Around line 147-156: The rejection branch appends the raw reason (which can be
whitespace) to transition_reason, causing a meaningless suffix; ensure you use
the normalized/processed reason rather than the original input by
trimming/collapsing whitespace once (as done in _record_decision()) and checking
that normalized_reason is truthy before appending to transition_reason; apply
the same change to the second occurrence around APPROVAL_GATE_REVIEW_REWORK (and
the corresponding block at 176-181) so transition_reason only gets a real reason
string.

In `@tests/unit/memory/procedural/test_pipeline.py`:
- Around line 58-90: The shared fixture _make_recovery_result currently
hard-codes failure_category and failure_context (using
FailureCategory.TOOL_FAILURE and {}), which makes it semantically inconsistent
with tests that pass different error messages; change _make_recovery_result to
accept optional parameters failure_category: FailureCategory =
FailureCategory.TOOL_FAILURE and failure_context: dict | None = None (default to
{} when None) and use those values when constructing the RecoveryResult, and
update callers (e.g., tests like test_extracts_error_and_strategy) to pass the
appropriate failure_category/failure_context when needed.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: d69b9c2c-9a9f-4557-b017-d46b3f7f6d16

📥 Commits

Reviewing files that changed from the base of the PR and between dcfee25 and 1ce2649.

📒 Files selected for processing (40)

• CLAUDE.md
• docs/design/engine.md
• docs/design/memory.md
• docs/design/operations.md
• src/synthorg/api/app.py
• src/synthorg/api/controllers/_approval_review_gate.py
• src/synthorg/api/controllers/approvals.py
• src/synthorg/core/enums.py
• src/synthorg/engine/agent_engine.py
• src/synthorg/engine/checkpoint/resume.py
• src/synthorg/engine/checkpoint/strategy.py
• src/synthorg/engine/decisions.py
• src/synthorg/engine/errors.py
• src/synthorg/engine/immutable.py
• src/synthorg/engine/recovery.py
• src/synthorg/engine/review_gate.py
• src/synthorg/engine/sanitization.py
• src/synthorg/observability/events/approval_gate.py
• src/synthorg/observability/events/execution.py
• src/synthorg/observability/events/persistence.py
• src/synthorg/persistence/protocol.py
• src/synthorg/persistence/repositories.py
• src/synthorg/persistence/repositories_checkpoint.py
• src/synthorg/persistence/repositories_decisions.py
• src/synthorg/persistence/sqlite/backend.py
• src/synthorg/persistence/sqlite/decision_repo.py
• src/synthorg/persistence/sqlite/schema.sql
• tests/unit/api/controllers/test_approvals_helpers.py
• tests/unit/api/fakes.py
• tests/unit/core/test_enums_failure_category.py
• tests/unit/engine/checkpoint/test_resume.py
• tests/unit/engine/checkpoint/test_strategy.py
• tests/unit/engine/test_decisions.py
• tests/unit/engine/test_recovery_checkpoint_fields.py
• tests/unit/engine/test_recovery_failure_diagnosis.py
• tests/unit/engine/test_review_gate.py
• tests/unit/memory/procedural/test_pipeline.py
• tests/unit/persistence/sqlite/test_decision_repo.py
• tests/unit/persistence/sqlite/test_migrations.py
• tests/unit/persistence/test_protocol.py

[coderabbitai]

Actionable comments posted: 7

♻️ Duplicate comments (3)

src/synthorg/persistence/sqlite/decision_repo.py (2)

169-182: ⚠️ Potential issue | 🟠 Major

Return the UTC-normalized timestamp you actually persist.

_build_insert_params() normalizes recorded_at to UTC, but the returned record is copied from the pre-normalized draft_record. append_with_next_version() can therefore return a different recorded_at than get(record_id) immediately afterwards.

♻️ Minimal fix

+        normalized_recorded_at = recorded_at.astimezone(UTC)
         try:
             draft_record = DecisionRecord(
                 id=record_id,
                 task_id=task_id,
                 approval_id=approval_id,
                 executing_agent_id=executing_agent_id,
                 reviewer_agent_id=reviewer_agent_id,
                 decision=decision,
                 reason=reason,
                 criteria_snapshot=criteria_snapshot,
-                recorded_at=recorded_at,
+                recorded_at=normalized_recorded_at,
                 version=1,  # placeholder; overwritten after insert
                 metadata=metadata_view,
             )

Also applies to: 205-206

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/persistence/sqlite/decision_repo.py` around lines 169 - 182, The
returned DecisionRecord is built from the pre-normalized draft_record so
recorded_at can differ from the UTC-normalized value actually persisted; after
calling _build_insert_params() (or otherwise obtaining the normalized
recorded_at used for insert) update the draft DecisionRecord.recorded_at to that
normalized UTC timestamp (so append_with_next_version()/get(record_id) return
the same recorded_at); apply the same change where DecisionRecord is constructed
later (the other occurrence around the 205-206 area).

---

253-253: 🛠️ Refactor suggestion | 🟠 Major

Use the repo's PEP 758 except A, B: form consistently.

These handlers are still using parenthesized tuples. The project standard for Python 3.14 is the comma-separated spelling, so this file will keep attracting lint churn until the clauses are updated together.

As per coding guidelines, "Use PEP 758 except syntax: except A, B: (no parentheses) on Python 3.14—ruff enforces this".

#!/bin/bash
rg -n 'except \([^)]*(sqlite3\.Error|aiosqlite\.Error|ValidationError)[^)]*\) as ' src/synthorg/persistence/sqlite/decision_repo.py

Also applies to: 290-290, 305-305, 326-326, 382-382, 419-419

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/persistence/sqlite/decision_repo.py` at line 253, Replace
parenthesized multi-exception handlers with the PEP 758 comma-separated form
throughout decision_repo.py: change occurrences like "except (sqlite3.Error,
aiosqlite.Error) as exc" to the project standard "except sqlite3.Error,
aiosqlite.Error as exc" (and similarly for ValidationError combinations). Update
every matching except clause (the ones flagged around the current occurrences
and at the other positions noted) so they use the comma-separated syntax
consistently; search for the exact pattern "except ( ... ) as " in this file and
edit each to the form "except A, B as <name>" preserving the existing exception
variable name and surrounding logic (e.g., in the exception handlers inside the
DecisionRepository methods where sqlite3.Error, aiosqlite.Error, and
ValidationError are caught).

tests/unit/api/fakes.py (1)

308-320: ⚠️ Potential issue | 🟡 Minor

Tighten the fake to the production repository signature.

recorded_at: datetime and role: str are still broader than DecisionRepository (AwareDatetime / DecisionRole in src/synthorg/persistence/repositories_decisions.py). That lets tests type-check against calls the real repository would reject.

Also applies to: 355-360

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tests/unit/api/fakes.py` around lines 308 - 320, The fake function
append_with_next_version accepts broader types (recorded_at: datetime and role:
str) than the real DecisionRepository; tighten its signature to match the
production repository by replacing recorded_at: datetime with recorded_at:
AwareDatetime and role: str with role: DecisionRole (use the same types/imports
as in src/synthorg/persistence/repositories_decisions.py), update any references
in the fake (and the duplicate at lines ~355-360) to use those types so tests
type-check against the real repository signature.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/design/engine.md`:
- Around line 1038-1040: The doc currently claims that "task router" and
"reassignment selector" parse the transition-reason wire format, which
overstates shipped behavior; update the paragraph referencing the
transition-reason format ("Post-recovery status: <status>
(failure_category=<value>)" and the embedded field failure_category) to remove
the specific consumer names (task router, reassignment selector) and instead
refer to "downstream consumers" or "future routing components"; also add a brief
note that embedding failure_category is provided by this PR but the
routing/reassignment work is deferred so those parsers are not yet part of this
change (leave references to FailAndReassignStrategy and
CheckpointRecoveryStrategy._build_resume_result /
infer_failure_category_without_evidence() as-is if present).

In `@src/synthorg/engine/decisions.py`:
- Around line 104-123: The current _deep_copy_and_freeze_metadata validator
wraps only the top-level mapping in MappingProxyType but leaves nested dict/list
values mutable; update the logic so after deep_copy_mapping(value) you
recursively freeze nested containers (e.g., convert dict -> MappingProxyType,
list -> tuple, set -> frozenset) before returning so record.metadata and any
nested structures are truly immutable; you can implement a helper like
freeze_recursive(copied) and call it from _deep_copy_and_freeze_metadata (ensure
you still unwrap a MappingProxyType input into dict first, and then re-wrap the
top-level mapping with MappingProxyType after freezing nested contents).

In `@src/synthorg/engine/recovery.py`:
- Around line 421-426: The EXECUTION_RECOVERY_DIAGNOSIS event is being emitted
twice; remove the duplicate logger.info call in recovery.py (the call that
passes EXECUTION_RECOVERY_DIAGNOSIS, task_id=task_execution.task.id,
failure_category=category.value,
criteria_failed_count=len(result.criteria_failed)) so the diagnosis is only
logged by AgentEngine._post_execution_pipeline (see
AgentEngine._post_execution_pipeline that already logs RecoveryResult). Simply
delete that logger.info block (or guard it out) in the recovery logic so the
event is emitted once.

In `@src/synthorg/engine/review_gate.py`:
- Around line 181-186: Normalize the review reason string once inside
complete_review() before passing it to both the transition and
_record_decision(): trim and collapse whitespace-only values to None (the same
normalization _record_decision() does) and reuse that normalized value for the
transition reason and for the approval_id/DecisionRecord.reason payload; update
both the call around await self._record_decision(... approval_id=approval_id,
...) at the first site and the other call near lines 268-269 to pass the
normalized_reason variable instead of the raw reason string so task history and
DecisionRecord.reason stay consistent.

In `@tests/unit/engine/test_review_gate.py`:
- Around line 355-372: Update the unit test
test_decision_includes_criteria_snapshot to exercise the
deduplication/blank-stripping logic by passing a task with duplicate and blank
criteria (e.g., ("JWT login", "JWT login", "  ", "Refresh works")) to
_make_task, call ReviewGateService.complete_review as before, then check that
repo.append_with_next_version.call_args.kwargs["criteria_snapshot"] equals the
cleaned tuple ("JWT login", "Refresh works"); this targets
ReviewGateService._record_decision and the repo.append_with_next_version
behavior so the ValidationError regression will be caught.
- Around line 76-80: The helper _make_mock_persistence currently sets
decision_records on type(persistence) using PropertyMock which modifies the
MagicMock class globally; instead assign the provided repo directly to the
instance (persistence.decision_records = repo) so each call returns an
independent instance attribute and avoids cross-test coupling—update the
function to stop using type(persistence) or PropertyMock and attach repo to
persistence.decision_records.

---

Duplicate comments:
In `@src/synthorg/persistence/sqlite/decision_repo.py`:
- Around line 169-182: The returned DecisionRecord is built from the
pre-normalized draft_record so recorded_at can differ from the UTC-normalized
value actually persisted; after calling _build_insert_params() (or otherwise
obtaining the normalized recorded_at used for insert) update the draft
DecisionRecord.recorded_at to that normalized UTC timestamp (so
append_with_next_version()/get(record_id) return the same recorded_at); apply
the same change where DecisionRecord is constructed later (the other occurrence
around the 205-206 area).
- Line 253: Replace parenthesized multi-exception handlers with the PEP 758
comma-separated form throughout decision_repo.py: change occurrences like
"except (sqlite3.Error, aiosqlite.Error) as exc" to the project standard "except
sqlite3.Error, aiosqlite.Error as exc" (and similarly for ValidationError
combinations). Update every matching except clause (the ones flagged around the
current occurrences and at the other positions noted) so they use the
comma-separated syntax consistently; search for the exact pattern "except ( ...
) as " in this file and edit each to the form "except A, B as <name>" preserving
the existing exception variable name and surrounding logic (e.g., in the
exception handlers inside the DecisionRepository methods where sqlite3.Error,
aiosqlite.Error, and ValidationError are caught).

In `@tests/unit/api/fakes.py`:
- Around line 308-320: The fake function append_with_next_version accepts
broader types (recorded_at: datetime and role: str) than the real
DecisionRepository; tighten its signature to match the production repository by
replacing recorded_at: datetime with recorded_at: AwareDatetime and role: str
with role: DecisionRole (use the same types/imports as in
src/synthorg/persistence/repositories_decisions.py), update any references in
the fake (and the duplicate at lines ~355-360) to use those types so tests
type-check against the real repository signature.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: b703e766-df42-4991-a96a-0ff0f1969575

📥 Commits

Reviewing files that changed from the base of the PR and between 1ce2649 and 3e6d6d5.

📒 Files selected for processing (14)

• docs/design/engine.md
• src/synthorg/api/app.py
• src/synthorg/engine/agent_engine.py
• src/synthorg/engine/decisions.py
• src/synthorg/engine/errors.py
• src/synthorg/engine/immutable.py
• src/synthorg/engine/recovery.py
• src/synthorg/engine/review_gate.py
• src/synthorg/engine/sanitization.py
• src/synthorg/persistence/sqlite/decision_repo.py
• tests/unit/api/fakes.py
• tests/unit/engine/test_review_gate.py
• tests/unit/persistence/sqlite/test_decision_repo.py
• tests/unit/persistence/sqlite/test_migrations.py

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Test (Python 3.14)
• GitHub Check: Build Web
• GitHub Check: Build Backend
• GitHub Check: Build Sandbox
• GitHub Check: Dependency Review
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (4)

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: No from __future__ import annotations—Python 3.14 has PEP 649
Use PEP 758 except syntax: except A, B: (no parentheses) on Python 3.14—ruff enforces this
All public functions must have type hints; use mypy strict mode
Use Google-style docstrings required on public classes and functions—enforced by ruff D rules
Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement
Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves
Use Pydantic v2 (BaseModel, model_validator, computed_field, ConfigDict); use allow_inf_nan=False in all ConfigDict declarations to reject NaN/Inf in numeric fields
Use @computed_field for derived values instead of storing + validating redundant fields; use NotBlankStr from core.types for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators
Prefer asyncio.TaskGroup for fan-out/fan-in parallel operations in new code; prefer structured concurrency over bare create_task
Line length: 88 characters (ruff)
Functions must be less than 50 lines; files must be less than 800 lines
Handle errors explicitly, never silently swallow exceptions
Always use variable name logger (not _logger, not log)
Always use structured logging kwargs: logger.info(EVENT, key=value) never logger.info("msg %s", val)
All error paths must log at WARNING or ERROR with context before raising
All state transitions must log at INFO
DEBUG logging for object creation, internal flow, entry/exit of key functions; pure data models, enums, and re-exports do NOT need logging

Files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/errors.py
• tests/unit/persistence/sqlite/test_migrations.py
• src/synthorg/engine/sanitization.py
• src/synthorg/engine/agent_engine.py
• tests/unit/engine/test_review_gate.py
• src/synthorg/engine/recovery.py
• tests/unit/persistence/sqlite/test_decision_repo.py
• tests/unit/api/fakes.py
• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py
• src/synthorg/api/app.py
• src/synthorg/engine/decisions.py

src/synthorg/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/synthorg/**/*.py: Every module with business logic MUST have from synthorg.observability import get_logger then logger = get_logger(__name__)
Never use import logging / logging.getLogger() / print() in application code (exceptions: observability/setup.py, observability/sinks.py, observability/syslog_handler.py, observability/http_handler.py may use stdlib logging and print())
Always use event name constants from domain-specific modules under synthorg.observability.events (e.g., API_REQUEST_STARTED from events.api); import directly
NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples; use generic names: example-provider, example-large-001, example-medium-001, example-small-001, large/medium/small as aliases; vendor names allowed only in: (1) Operations design page, (2) .claude/ skill/agent files, (3) third-party imports, (4) provider presets

Files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/errors.py
• src/synthorg/engine/sanitization.py
• src/synthorg/engine/agent_engine.py
• src/synthorg/engine/recovery.py
• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py
• src/synthorg/api/app.py
• src/synthorg/engine/decisions.py

src/**/*.py

⚙️ CodeRabbit configuration file

This project uses Python 3.14+ with PEP 758 except syntax: "except A, B:" (comma-separated, no parentheses) is correct and mandatory -- do NOT flag it as a typo or suggest parenthesized form. The "except builtins.MemoryError, RecursionError: raise" pattern is intentional project convention for system-error propagation. When evaluating the 50-line function limit, count only the function body excluding the signature lines, decorators, and docstring. Functions 1-5 lines over due to docstrings or multi-line signatures should not be flagged. Do not suggest extracting single-use helper functions called exactly once -- this reduces readability without improving maintainability.

Files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/errors.py
• src/synthorg/engine/sanitization.py
• src/synthorg/engine/agent_engine.py
• src/synthorg/engine/recovery.py
• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py
• src/synthorg/api/app.py
• src/synthorg/engine/decisions.py

tests/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

tests/**/*.py: Use pytest.mark.unit, @pytest.mark.integration, @pytest.mark.e2e, @pytest.mark.slow markers for test categorization
Use asyncio_mode = "auto" for async tests—no manual @pytest.mark.asyncio needed
Global timeout: 30 seconds per test in pyproject.toml; non-default overrides (e.g., timeout(60)) are allowed but do NOT add per-file markers for the default
Prefer @pytest.mark.parametrize for testing similar cases
Tests must use test-provider, test-small-001, etc. instead of real vendor names
Use Hypothesis (@given + @settings) for property-based testing; profiles in tests/conftest.py: ci (deterministic, 10 examples + derandomize=True), dev (1000 examples), fuzz (10,000 examples, no deadline), extreme (500,000 examples, no deadline); controlled via HYPOTHESIS_PROFILE env var
When Hypothesis finds a failure, it is a real bug—fix the underlying bug and add an explicit @example(...) decorator to permanently cover the case in CI; do NOT skip or ignore flaky tests
For timing-sensitive tests, mock time.monotonic() and asyncio.sleep() to make them deterministic; for tasks that must block indefinitely until cancelled, use asyncio.Event().wait() instead of asyncio.sleep(large_number)

Files:

• tests/unit/persistence/sqlite/test_migrations.py
• tests/unit/engine/test_review_gate.py
• tests/unit/persistence/sqlite/test_decision_repo.py
• tests/unit/api/fakes.py

---

⚙️ CodeRabbit configuration file

Test files do not require Google-style docstrings on classes or functions -- ruff D rules are only enforced on src/. A bare @settings() decorator with no arguments on Hypothesis property tests is a no-op and should not be suggested -- the HYPOTHESIS_PROFILE env var controls example counts via registered profiles, which @given() honors automatically.

Files:

• tests/unit/persistence/sqlite/test_migrations.py
• tests/unit/engine/test_review_gate.py
• tests/unit/persistence/sqlite/test_decision_repo.py
• tests/unit/api/fakes.py

🧠 Learnings (47)

📓 Common learnings

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Engine: Agent orchestration, execution loops, parallel execution, task decomposition, routing, task assignment, centralized single-writer task state engine (TaskEngine), task lifecycle, recovery, shutdown, workspace isolation, coordination (multi-agent pipeline: TopologyDispatcher protocol, 4 dispatchers — SAS/centralized/decentralized/context-dependent, wave execution, workspace lifecycle integration, CoordinationSectionConfig company config bridge, build_coordinator factory), coordination error classification, prompt policy validation, checkpoint recovery (checkpoint/, per-turn persistence, heartbeat detection, CheckpointRecoveryStrategy), approval gate (escalation detection, context parking/resume, EscalationInfo/ResumePayload models), stagnation detection (stagnation/, StagnationDetector protocol, ToolRepetitionDetector, dual-signal analysis, corrective prompt injection), agent runtime state (AgentRuntimeState, lightweight per-agent execution status for dashboard queries and recove...

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for `dict`/`list` fields

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : For non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction and wrap with `MappingProxyType` for read-only enforcement

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-04-01T09:58:27.410Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:58:27.410Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for dict/list fields in frozen Pydantic models

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-15T18:38:44.202Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:38:44.202Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using `model_copy(update=...)`) for runtime state

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (via `model_copy(update=...)`) for runtime state that evolves

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-04-01T09:09:43.948Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:09:43.948Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at construction and `MappingProxyType` wrapping for read-only enforcement in non-Pydantic internal collections (registries, BaseTool)

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves. Never mix static config fields with mutable runtime fields in one model.

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Immutability: create new objects, never mutate existing ones. For non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement.

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-16T23:05:29.577Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T23:05:29.577Z
Learning: Applies to **/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction + `MappingProxyType` wrapping for read-only enforcement

Applied to files:

• src/synthorg/engine/immutable.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-04-01T09:37:49.451Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:37:49.451Z
Learning: Applies to **/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models with `model_copy(update=...)` for runtime state that evolves

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using `model_copy(update=...)`) for runtime state that evolves

Applied to files:

• src/synthorg/engine/immutable.py

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/engine/**/*.py : Engine package (engine/): agent orchestration, parallel execution, task decomposition, routing, TaskEngine (centralized single-writer), task lifecycle/recovery/shutdown, workspace isolation, coordination (4 dispatchers: SAS/centralized/decentralized/context-dependent, wave execution), approval gates (escalation detection, context parking/resume), stagnation detection (ToolRepetitionDetector, corrective prompt injection), AgentRuntimeState (execution status), context budget management, conversation compaction (oldest-turns summarizer)

Applied to files:

• src/synthorg/engine/errors.py
• src/synthorg/engine/agent_engine.py
• tests/unit/api/fakes.py
• src/synthorg/engine/review_gate.py

📚 Learning: 2026-04-01T17:49:14.133Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T17:49:14.133Z
Learning: Applies to src/synthorg/{providers,engine}/**/*.py : Retryable errors are `RateLimitError`, `ProviderTimeoutError`, `ProviderConnectionError`, `ProviderInternalError`; non-retryable errors raise immediately; `RetryExhaustedError` signals all retries failed

Applied to files:

• src/synthorg/engine/errors.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `NotBlankStr` from `core.types` for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators

Applied to files:

• src/synthorg/engine/errors.py
• tests/unit/api/fakes.py

📚 Learning: 2026-03-31T20:07:03.035Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T20:07:03.035Z
Learning: Applies to **/*.py : Use `NotBlankStr` (from `core.types`) for all identifier/name fields, including optional (`NotBlankStr | None`) and tuple (`tuple[NotBlankStr, ...]`) variants, instead of manual whitespace validators

Applied to files:

• src/synthorg/engine/errors.py
• tests/unit/api/fakes.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Use Pydantic v2 conventions: `BaseModel`, `model_validator`, `computed_field`, `ConfigDict`. For derived values use `computed_field` instead of storing + validating redundant fields. Use `NotBlankStr` (from `core.types`) for all identifier/name fields — including optional (`NotBlankStr | None`) and tuple (`tuple[NotBlankStr, ...]`) variants — instead of manual whitespace validators.

Applied to files:

• src/synthorg/engine/errors.py
• tests/unit/api/fakes.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use Pydantic v2 with adopted conventions: use computed_field for derived values instead of storing + validating redundant fields; use NotBlankStr from core.types for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators.

Applied to files:

• src/synthorg/engine/errors.py
• tests/unit/api/fakes.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use `computed_field` for derived values instead of storing + validating redundant fields; use `NotBlankStr` from `core.types` for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators

Applied to files:

• src/synthorg/engine/errors.py
• tests/unit/api/fakes.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Handle errors explicitly, never silently swallow. Validate at system boundaries (user input, external APIs, config files).

Applied to files:

• src/synthorg/engine/errors.py
• src/synthorg/engine/review_gate.py

📚 Learning: 2026-03-26T15:18:16.848Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-26T15:18:16.848Z
Learning: Applies to src/**/*.py : Use Pydantic v2 conventions: `BaseModel`, `model_validator`, `computed_field`, `ConfigDict`. Use `computed_field` for derived values instead of storing redundant fields. Use `NotBlankStr` for all identifier/name fields.

Applied to files:

• src/synthorg/engine/errors.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Engine: Agent orchestration, execution loops, parallel execution, task decomposition, routing, task assignment, centralized single-writer task state engine (TaskEngine), task lifecycle, recovery, shutdown, workspace isolation, coordination (multi-agent pipeline: TopologyDispatcher protocol, 4 dispatchers — SAS/centralized/decentralized/context-dependent, wave execution, workspace lifecycle integration, CoordinationSectionConfig company config bridge, build_coordinator factory), coordination error classification, prompt policy validation, checkpoint recovery (checkpoint/, per-turn persistence, heartbeat detection, CheckpointRecoveryStrategy), approval gate (escalation detection, context parking/resume, EscalationInfo/ResumePayload models), stagnation detection (stagnation/, StagnationDetector protocol, ToolRepetitionDetector, dual-signal analysis, corrective prompt injection), agent runtime state (AgentRuntimeState, lightweight per-agent execution status for dashboard queries and recove...

Applied to files:

• src/synthorg/engine/agent_engine.py
• docs/design/engine.md

📚 Learning: 2026-03-19T07:13:44.964Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:13:44.964Z
Learning: Applies to src/synthorg/budget/**/*.py : Budget package (budget/): cost tracking, budget enforcement (pre-flight/in-flight checks, auto-downgrade), billing periods, cost tiers, quota/subscription tracking, CFO cost optimization (anomaly detection, efficiency analysis, downgrade recommendations, approval decisions), spending reports, budget errors (BudgetExhaustedError, DailyLimitExceededError, QuotaExhaustedError)

Applied to files:

• src/synthorg/engine/agent_engine.py

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/budget/**/*.py : Budget tracking includes pre-flight/in-flight checks, auto-downgrade, billing periods, cost tiers, quota/subscription. CFO includes anomaly detection, efficiency analysis, downgrade recommendations.

Applied to files:

• src/synthorg/engine/agent_engine.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to tests/**/*.py : Fix flaky tests completely and fundamentally; for timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins

Applied to files:

• tests/unit/engine/test_review_gate.py

📚 Learning: 2026-03-15T21:49:53.264Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:49:53.264Z
Learning: Fix everything valid — never skip when review agents find valid issues (including pre-existing issues in surrounding code, suggestions, and findings adjacent to the PR's changes). No deferring, no 'out of scope' skipping.

Applied to files:

• tests/unit/engine/test_review_gate.py
• src/synthorg/api/app.py
• docs/design/engine.md

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to tests/**/*.py : For timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic; for tasks that must block indefinitely until cancelled, use `asyncio.Event().wait()` instead of `asyncio.sleep(large_number)`

Applied to files:

• tests/unit/engine/test_review_gate.py

📚 Learning: 2026-03-16T06:24:56.341Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T06:24:56.341Z
Learning: Applies to src/synthorg/hr/**/*.py : HR engine must provide: hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, trend detection), promotion/demotion

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-19T07:13:44.964Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:13:44.964Z
Learning: Applies to src/synthorg/hr/**/*.py : HR package (hr/): hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, LLM calibration, collaboration overrides, trend detection), promotion/demotion (criteria evaluation, approval strategies, model mapping)

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/api/**/*.py : Authentication uses JWT + API key. Approval gate integration for high-risk operations.

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/api/app.py

📚 Learning: 2026-03-31T21:07:37.470Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T21:07:37.470Z
Learning: Applies to **/*.py : Use `except A, B:` (no parentheses) per PEP 758 exception syntax on Python 3.14

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (without parentheses) per PEP 758 for exception handling in Python 3.14

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (no parentheses) for exception handling — PEP 758 exception syntax enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to **/*.py : Use PEP 758 except syntax with `except A, B:` (no parentheses) for multiple exceptions—ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to **/*.py : Handle errors explicitly; never silently swallow exceptions

Applied to files:

• src/synthorg/engine/review_gate.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Handle errors explicitly, never silently swallow exceptions

Applied to files:

• src/synthorg/engine/review_gate.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to **/*.py : Handle errors explicitly—never silently swallow exceptions.

Applied to files:

• src/synthorg/engine/review_gate.py

📚 Learning: 2026-03-14T15:43:05.601Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) — enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) on Python 3.14—ruff enforces this

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T16:55:07.730Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T16:55:07.730Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: use `except A, B:` (no parentheses) — ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Prefer `asyncio.TaskGroup` for fan-out/fan-in parallel operations in new code (e.g. multiple tool invocations, parallel agent calls). Prefer structured concurrency over bare `create_task`. Existing code is being migrated incrementally.

Applied to files:

• src/synthorg/engine/review_gate.py

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/persistence/**/*.py : Persistence uses pluggable PersistenceBackend protocol. SQLite is the initial backend. Settings use SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Persistence backend: pluggable PersistenceBackend protocol in `src/synthorg/persistence/`, SQLite initial, SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: NEVER create a PR directly with `gh pr create`—ALWAYS use `/pre-pr-review` (or `/pre-pr-review quick` for trivial/docs-only); for trivial changes skip agents but still run automated checks; fix all valid issues found by review agents

Applied to files:

• src/synthorg/api/app.py

📚 Learning: 2026-04-01T05:46:17.064Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T05:46:17.064Z
Learning: Fix all valid issues found by review agents (including pre-existing issues in surrounding code, suggestions, and adjacent findings) — never skip or defer

Applied to files:

• src/synthorg/api/app.py
• docs/design/engine.md

🔇 Additional comments (2)

src/synthorg/engine/decisions.py (1)

91-94: No action needed; the code is correct as-is.

MappingProxyType[str, Any] is subscriptable on Python 3.14+ and imports safely. The validator properly deep-copies the input using copy.deepcopy() and wraps it in MappingProxyType, which follows the freezing convention. Changing the annotation to Mapping[str, Any] would only reduce type precision without solving any real issue.

tests/unit/persistence/sqlite/test_decision_repo.py (1)

346-378: This test correctly exercises the atomic version-increment guarantee.

The test is designed to verify that concurrent asyncio.gather() calls to append_with_next_version() all receive distinct monotonic versions without collisions—exactly as claimed in the docstring. Since aiosqlite serializes per-connection operations through a worker thread, concurrent coroutines are queued and executed sequentially at the SQL level. The atomic INSERT statement with COALESCE(MAX(version), 0) + 1 is the protection mechanism, and the test correctly validates it by asserting no UNIQUE(task_id, version) collisions occur across 20 writes.

Note: Multi-connection testing with :memory: is not feasible; each connection gets an isolated database. A shared in-memory DB would require the special URI format file::memory:?cache=shared and would be a different test scenario.

[coderabbitai]

Actionable comments posted: 4

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/synthorg/engine/decisions.py`:
- Around line 30-48: The _freeze_recursive function currently ignores tuples,
leaving mutable objects inside them unfrozen; update _freeze_recursive (the
function named _freeze_recursive) to recognize tuple instances like list
instances and recursively freeze each element, returning a tuple of frozen
elements (i.e., add an isinstance(value, tuple) branch that mirrors the list
handling) so nested mutable dicts/sets/lists inside tuples are converted to
MappingProxyType/frozenset/tuple respectively.

In `@src/synthorg/persistence/sqlite/decision_repo.py`:
- Around line 194-216: The code currently catches DecisionRecord ValidationError
in the try/except and converts it into a QueryError, which hides schema/input
bugs; change the handler in the DecisionRecord construction block so that
ValidationError from DecisionRecord is not downgraded—either remove the except
that wraps into QueryError or re-raise the original ValidationError after
logging (keep the logger.warning call using
PERSISTENCE_DECISION_RECORD_SAVE_FAILED and the same contextual fields), so
malformed criteria_snapshot/IDs surface as validation failures instead of being
treated as best-effort QueryError.

In `@tests/unit/api/fakes.py`:
- Around line 4-9: The fake decision repo currently preserves the caller
timezone for recorded_at; update the fake implementation (the
append_with_next_version method in the fake decision repository used in
tests/unit/api/fakes.py) to normalize any datetime it produces to UTC (e.g.,
call .astimezone(datetime.timezone.utc) or otherwise convert to an aware UTC
datetime) so recorded_at matches the production behavior of
SQLiteDecisionRepository.append_with_next_version(); ensure AwareDatetime/typing
imports are used consistently and adjust any tests that assert timezone-aware
UTC values if necessary.

In `@tests/unit/persistence/sqlite/test_decision_repo.py`:
- Around line 390-409: Update the
test_self_review_rejected_at_db_check_constraint to assert the database CHECK
rather than relying on append_with_next_version/DecisionRecord validation:
remove the call to _append/SQLiteDecisionRepository.append_with_next_version and
instead perform a direct SQL INSERT that sets reviewer_agent_id ==
executing_agent_id (same values as before) against the decisions table using the
migrated_db connection, then assert that the DB raises the constraint error
(QueryError) — this mirrors the bogus-decision CHECK test pattern so the
schema-level CHECK(reviewer_agent_id != executing_agent_id) is actually
exercised.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 7c84aee7-8a80-424b-9c20-6addae400057

📥 Commits

Reviewing files that changed from the base of the PR and between 3e6d6d5 and 1c41535.

📒 Files selected for processing (9)

• docs/design/engine.md
• src/synthorg/engine/decisions.py
• src/synthorg/engine/recovery.py
• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py
• tests/unit/api/fakes.py
• tests/unit/engine/test_decisions.py
• tests/unit/engine/test_review_gate.py
• tests/unit/persistence/sqlite/test_decision_repo.py

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Test (Python 3.14)
• GitHub Check: Build Backend
• GitHub Check: Build Web
• GitHub Check: Build Sandbox
• GitHub Check: Dependency Review
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (4)

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: No from __future__ import annotations—Python 3.14 has PEP 649
Use PEP 758 except syntax: except A, B: (no parentheses) on Python 3.14—ruff enforces this
All public functions must have type hints; use mypy strict mode
Use Google-style docstrings required on public classes and functions—enforced by ruff D rules
Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement
Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves
Use Pydantic v2 (BaseModel, model_validator, computed_field, ConfigDict); use allow_inf_nan=False in all ConfigDict declarations to reject NaN/Inf in numeric fields
Use @computed_field for derived values instead of storing + validating redundant fields; use NotBlankStr from core.types for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators
Prefer asyncio.TaskGroup for fan-out/fan-in parallel operations in new code; prefer structured concurrency over bare create_task
Line length: 88 characters (ruff)
Functions must be less than 50 lines; files must be less than 800 lines
Handle errors explicitly, never silently swallow exceptions
Always use variable name logger (not _logger, not log)
Always use structured logging kwargs: logger.info(EVENT, key=value) never logger.info("msg %s", val)
All error paths must log at WARNING or ERROR with context before raising
All state transitions must log at INFO
DEBUG logging for object creation, internal flow, entry/exit of key functions; pure data models, enums, and re-exports do NOT need logging

Files:

• tests/unit/api/fakes.py
• tests/unit/engine/test_decisions.py
• src/synthorg/engine/recovery.py
• tests/unit/persistence/sqlite/test_decision_repo.py
• tests/unit/engine/test_review_gate.py
• src/synthorg/engine/decisions.py
• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

tests/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

tests/**/*.py: Use pytest.mark.unit, @pytest.mark.integration, @pytest.mark.e2e, @pytest.mark.slow markers for test categorization
Use asyncio_mode = "auto" for async tests—no manual @pytest.mark.asyncio needed
Global timeout: 30 seconds per test in pyproject.toml; non-default overrides (e.g., timeout(60)) are allowed but do NOT add per-file markers for the default
Prefer @pytest.mark.parametrize for testing similar cases
Tests must use test-provider, test-small-001, etc. instead of real vendor names
Use Hypothesis (@given + @settings) for property-based testing; profiles in tests/conftest.py: ci (deterministic, 10 examples + derandomize=True), dev (1000 examples), fuzz (10,000 examples, no deadline), extreme (500,000 examples, no deadline); controlled via HYPOTHESIS_PROFILE env var
When Hypothesis finds a failure, it is a real bug—fix the underlying bug and add an explicit @example(...) decorator to permanently cover the case in CI; do NOT skip or ignore flaky tests
For timing-sensitive tests, mock time.monotonic() and asyncio.sleep() to make them deterministic; for tasks that must block indefinitely until cancelled, use asyncio.Event().wait() instead of asyncio.sleep(large_number)

Files:

• tests/unit/api/fakes.py
• tests/unit/engine/test_decisions.py
• tests/unit/persistence/sqlite/test_decision_repo.py
• tests/unit/engine/test_review_gate.py

---

⚙️ CodeRabbit configuration file

Test files do not require Google-style docstrings on classes or functions -- ruff D rules are only enforced on src/. A bare @settings() decorator with no arguments on Hypothesis property tests is a no-op and should not be suggested -- the HYPOTHESIS_PROFILE env var controls example counts via registered profiles, which @given() honors automatically.

Files:

• tests/unit/api/fakes.py
• tests/unit/engine/test_decisions.py
• tests/unit/persistence/sqlite/test_decision_repo.py
• tests/unit/engine/test_review_gate.py

src/synthorg/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/synthorg/**/*.py: Every module with business logic MUST have from synthorg.observability import get_logger then logger = get_logger(__name__)
Never use import logging / logging.getLogger() / print() in application code (exceptions: observability/setup.py, observability/sinks.py, observability/syslog_handler.py, observability/http_handler.py may use stdlib logging and print())
Always use event name constants from domain-specific modules under synthorg.observability.events (e.g., API_REQUEST_STARTED from events.api); import directly
NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples; use generic names: example-provider, example-large-001, example-medium-001, example-small-001, large/medium/small as aliases; vendor names allowed only in: (1) Operations design page, (2) .claude/ skill/agent files, (3) third-party imports, (4) provider presets

Files:

• src/synthorg/engine/recovery.py
• src/synthorg/engine/decisions.py
• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

src/**/*.py

⚙️ CodeRabbit configuration file

This project uses Python 3.14+ with PEP 758 except syntax: "except A, B:" (comma-separated, no parentheses) is correct and mandatory -- do NOT flag it as a typo or suggest parenthesized form. The "except builtins.MemoryError, RecursionError: raise" pattern is intentional project convention for system-error propagation. When evaluating the 50-line function limit, count only the function body excluding the signature lines, decorators, and docstring. Functions 1-5 lines over due to docstrings or multi-line signatures should not be flagged. Do not suggest extracting single-use helper functions called exactly once -- this reduces readability without improving maintainability.

Files:

• src/synthorg/engine/recovery.py
• src/synthorg/engine/decisions.py
• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

🧠 Learnings (39)

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `NotBlankStr` from `core.types` for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-31T20:07:03.035Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T20:07:03.035Z
Learning: Applies to **/*.py : Use `NotBlankStr` (from `core.types`) for all identifier/name fields, including optional (`NotBlankStr | None`) and tuple (`tuple[NotBlankStr, ...]`) variants, instead of manual whitespace validators

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use `computed_field` for derived values instead of storing + validating redundant fields; use `NotBlankStr` from `core.types` for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Use Pydantic v2 conventions: `BaseModel`, `model_validator`, `computed_field`, `ConfigDict`. For derived values use `computed_field` instead of storing + validating redundant fields. Use `NotBlankStr` (from `core.types`) for all identifier/name fields — including optional (`NotBlankStr | None`) and tuple (`tuple[NotBlankStr, ...]`) variants — instead of manual whitespace validators.

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use Pydantic v2 with adopted conventions: use computed_field for derived values instead of storing + validating redundant fields; use NotBlankStr from core.types for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators.

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-16T06:24:56.341Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T06:24:56.341Z
Learning: Applies to src/synthorg/hr/**/*.py : HR engine must provide: hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, trend detection), promotion/demotion

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-19T07:13:44.964Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:13:44.964Z
Learning: Applies to src/synthorg/hr/**/*.py : HR package (hr/): hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, LLM calibration, collaboration overrides, trend detection), promotion/demotion (criteria evaluation, approval strategies, model mapping)

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/engine/**/*.py : Engine package (engine/): agent orchestration, parallel execution, task decomposition, routing, TaskEngine (centralized single-writer), task lifecycle/recovery/shutdown, workspace isolation, coordination (4 dispatchers: SAS/centralized/decentralized/context-dependent, wave execution), approval gates (escalation detection, context parking/resume), stagnation detection (ToolRepetitionDetector, corrective prompt injection), AgentRuntimeState (execution status), context budget management, conversation compaction (oldest-turns summarizer)

Applied to files:

• tests/unit/api/fakes.py
• src/synthorg/engine/recovery.py
• src/synthorg/engine/review_gate.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use Pydantic v2 BaseModel, model_validator, computed_field, ConfigDict.

Applied to files:

• src/synthorg/engine/recovery.py

📚 Learning: 2026-03-15T18:42:17.990Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:42:17.990Z
Learning: Applies to src/synthorg/**/*.py : Use Pydantic v2 conventions: `BaseModel`, `model_validator`, `computed_field`, `ConfigDict`

Applied to files:

• src/synthorg/engine/recovery.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to tests/**/*.py : Fix flaky tests completely and fundamentally; for timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins

Applied to files:

• tests/unit/engine/test_review_gate.py

📚 Learning: 2026-03-15T21:49:53.264Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:49:53.264Z
Learning: Fix everything valid — never skip when review agents find valid issues (including pre-existing issues in surrounding code, suggestions, and findings adjacent to the PR's changes). No deferring, no 'out of scope' skipping.

Applied to files:

• tests/unit/engine/test_review_gate.py
• src/synthorg/engine/review_gate.py
• docs/design/engine.md

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (via `model_copy(update=...)`) for runtime state that evolves

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-15T18:38:44.202Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:38:44.202Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using `model_copy(update=...)`) for runtime state

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves. Never mix static config fields with mutable runtime fields in one model.

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-16T23:05:29.577Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T23:05:29.577Z
Learning: Applies to **/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-04-01T09:09:43.948Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:09:43.948Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at construction and `MappingProxyType` wrapping for read-only enforcement in non-Pydantic internal collections (registries, BaseTool)

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Immutability: create new objects, never mutate existing ones. For non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement.

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-04-01T09:58:27.410Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:58:27.410Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for dict/list fields in frozen Pydantic models

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction + `MappingProxyType` wrapping for read-only enforcement

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : For non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction and wrap with `MappingProxyType` for read-only enforcement

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for `dict`/`list` fields

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/api/**/*.py : Authentication uses JWT + API key. Approval gate integration for high-risk operations.

Applied to files:

• src/synthorg/engine/review_gate.py

📚 Learning: 2026-03-31T21:07:37.470Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T21:07:37.470Z
Learning: Applies to **/*.py : Use `except A, B:` (no parentheses) per PEP 758 exception syntax on Python 3.14

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (without parentheses) per PEP 758 for exception handling in Python 3.14

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (no parentheses) for exception handling — PEP 758 exception syntax enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to **/*.py : Use PEP 758 except syntax with `except A, B:` (no parentheses) for multiple exceptions—ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to **/*.py : Handle errors explicitly; never silently swallow exceptions

Applied to files:

• src/synthorg/engine/review_gate.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Handle errors explicitly, never silently swallow exceptions

Applied to files:

• src/synthorg/engine/review_gate.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to **/*.py : Handle errors explicitly—never silently swallow exceptions.

Applied to files:

• src/synthorg/engine/review_gate.py

📚 Learning: 2026-03-14T15:43:05.601Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) — enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) on Python 3.14—ruff enforces this

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T16:55:07.730Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T16:55:07.730Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: use `except A, B:` (no parentheses) — ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/engine/review_gate.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Handle errors explicitly, never silently swallow. Validate at system boundaries (user input, external APIs, config files).

Applied to files:

• src/synthorg/engine/review_gate.py

📚 Learning: 2026-04-01T05:46:17.064Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T05:46:17.064Z
Learning: Fix all valid issues found by review agents (including pre-existing issues in surrounding code, suggestions, and adjacent findings) — never skip or defer

Applied to files:

• src/synthorg/engine/review_gate.py
• docs/design/engine.md

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/persistence/**/*.py : Persistence uses pluggable PersistenceBackend protocol. SQLite is the initial backend. Settings use SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Persistence backend: pluggable PersistenceBackend protocol in `src/synthorg/persistence/`, SQLite initial, SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Engine: Agent orchestration, execution loops, parallel execution, task decomposition, routing, task assignment, centralized single-writer task state engine (TaskEngine), task lifecycle, recovery, shutdown, workspace isolation, coordination (multi-agent pipeline: TopologyDispatcher protocol, 4 dispatchers — SAS/centralized/decentralized/context-dependent, wave execution, workspace lifecycle integration, CoordinationSectionConfig company config bridge, build_coordinator factory), coordination error classification, prompt policy validation, checkpoint recovery (checkpoint/, per-turn persistence, heartbeat detection, CheckpointRecoveryStrategy), approval gate (escalation detection, context parking/resume, EscalationInfo/ResumePayload models), stagnation detection (stagnation/, StagnationDetector protocol, ToolRepetitionDetector, dual-signal analysis, corrective prompt injection), agent runtime state (AgentRuntimeState, lightweight per-agent execution status for dashboard queries and recove...

Applied to files:

• docs/design/engine.md

🔇 Additional comments (7)

src/synthorg/engine/review_gate.py (7)

313-326: Use PEP 758 syntax without parentheses for the multi-except handler.

Line 313 still uses the tuple-based form. Per coding guidelines, Python 3.14 requires except A, B: syntax without parentheses.

Proposed fix

-        except (QueryError, DuplicateRecordError) as exc:
+        except QueryError, DuplicateRecordError as exc:

---

1-41: LGTM — module docstring and imports are well-organized.

The updated docstring clearly documents the no-self-review enforcement and audit trail features. Imports are appropriate for the new functionality.

---

44-72: LGTM — clean API design with required task_engine and optional persistence.

The docstring clearly documents the degradation behavior when persistence is absent, and making task_engine required ensures self-review enforcement is always available.

---

74-111: LGTM — well-designed preflight with appropriate error handling.

The method properly logs at WARNING level before raising TaskNotFoundError, returns the validated task for caller inspection, and delegates to _check_self_review for the self-review enforcement.

---

150-195: LGTM — reason normalization properly addresses the consistency concern.

The single normalization at line 158, reused for both the transition reason (line 168) and the audit record (line 193), ensures they stay in sync. The defense-in-depth pattern of re-running the preflight is well-documented.

---

197-218: LGTM — proper self-review enforcement with appropriate logging.

The handling of None assigned_to as an anomalous state worth operator attention (WARNING log) is a sensible design choice, and the method properly logs before raising SelfReviewError.

---

280-292: LGTM — deduplication properly addresses the criteria uniqueness gap.

The order-preserving deduplication ensures DecisionRecord.criteria_snapshot won't reject duplicate entries from tasks that lack unique criteria enforcement.

[coderabbitai]

Actionable comments posted: 3

♻️ Duplicate comments (1)

src/synthorg/persistence/sqlite/decision_repo.py (1)

229-240: ⚠️ Potential issue | 🟠 Major

Log pre-SQL serialization failures too.

_build_insert_params() can still raise TypeError on non-JSON-serializable metadata before the SQL error handling starts. That should still surface as a programming error, but right now it bypasses the structured warning/error log for this write path.

🪵 Suggested fix

-        params = _build_insert_params(
-            record_id=record_id,
-            task_id=task_id,
-            approval_id=approval_id,
-            executing_agent_id=executing_agent_id,
-            reviewer_agent_id=reviewer_agent_id,
-            decision=decision,
-            reason=draft_record.reason,
-            criteria_snapshot=draft_record.criteria_snapshot,
-            recorded_at=draft_record.recorded_at,
-            metadata=dict(draft_record.metadata),
-        )
+        try:
+            params = _build_insert_params(
+                record_id=record_id,
+                task_id=task_id,
+                approval_id=approval_id,
+                executing_agent_id=executing_agent_id,
+                reviewer_agent_id=reviewer_agent_id,
+                decision=decision,
+                reason=draft_record.reason,
+                criteria_snapshot=draft_record.criteria_snapshot,
+                recorded_at=draft_record.recorded_at,
+                metadata=dict(draft_record.metadata),
+            )
+        except TypeError as exc:
+            logger.warning(
+                PERSISTENCE_DECISION_RECORD_SAVE_FAILED,
+                record_id=record_id,
+                task_id=task_id,
+                error=str(exc),
+                error_type="TypeError",
+            )
+            raise

As per coding guidelines, "All error paths must log at WARNING or ERROR with context before raising".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/persistence/sqlite/decision_repo.py` around lines 229 - 240, The
call to _build_insert_params(...) can raise TypeError (non-JSON-serializable
metadata) before the SQL error handling; wrap the params =
_build_insert_params(...) invocation in a try/except that catches TypeError, log
a WARNING or ERROR with contextual fields (record_id, task_id, approval_id,
executing_agent_id, reviewer_agent_id and draft_record.metadata) and the
exception, then re-raise the error so it surfaces as a programming error; place
this around the existing params assignment (reference: _build_insert_params,
draft_record, and the params variable).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/synthorg/persistence/sqlite/decision_repo.py`:
- Around line 156-163: The append path performs INSERT → SELECT →
commit()/rollback() across awaits on a shared aiosqlite.Connection and must be
serialized to avoid cross-coroutine rollbacks wiping other work; add a
per-connection asyncio.Lock (e.g. self._conn_lock) on the DecisionRepo instance
and acquire it around the whole critical section that does the
INSERT/SELECT/commit/_rollback_quietly() (the method implementing the append
sequence and any other blocks noted around the ranges referenced), releasing in
a finally block so commit/rollback and error handling run while holding the
lock; apply the same lock protection to the other affected code regions (the
similar sequences at the other noted ranges) so all DB mutation sequences
against that connection are serialized.
- Around line 448-452: The code in decision_repo.py currently deserializes
raw_criteria with tuple(json.loads(raw_criteria)) which silently accepts
non-array JSON (e.g., strings or objects) and corrupts data; change the read
path that sets parsed["criteria_snapshot"] to first json.loads(raw_criteria) and
then validate that the result is a list/tuple (isinstance(..., list) or tuple)
before converting to tuple; if the loaded value is not an array, raise a
deserialization/ValueError (or propagate an error) so corrupted rows fail
instead of being silently converted—update the handling around
parsed["criteria_snapshot"] in the function that processes
row["criteria_snapshot"] to perform this type check and raise on invalid shapes.

In `@tests/unit/api/fakes.py`:
- Around line 297-381: The tests file exceeds the line limit; extract the
decision-specific fake by moving the FakeDecisionRepository class (and its
helpers like append_with_next_version, get, list_by_task, list_by_agent) into a
new small test-support module (e.g., decision_fakes) and replace the original
class in tests/unit/api/fakes.py with an import from that new module; update any
test imports to reference the new module and ensure the new module preserves the
same public API and uses MappingProxyType, UTC normalization, and the same
exception types (DuplicateRecordError) so behavior remains identical.

---

Duplicate comments:
In `@src/synthorg/persistence/sqlite/decision_repo.py`:
- Around line 229-240: The call to _build_insert_params(...) can raise TypeError
(non-JSON-serializable metadata) before the SQL error handling; wrap the params
= _build_insert_params(...) invocation in a try/except that catches TypeError,
log a WARNING or ERROR with contextual fields (record_id, task_id, approval_id,
executing_agent_id, reviewer_agent_id and draft_record.metadata) and the
exception, then re-raise the error so it surfaces as a programming error; place
this around the existing params assignment (reference: _build_insert_params,
draft_record, and the params variable).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 51f8c255-5b9b-4d29-b340-6defbe6b7b2f

📥 Commits

Reviewing files that changed from the base of the PR and between 1c41535 and 58d864f.

📒 Files selected for processing (4)

• src/synthorg/engine/decisions.py
• src/synthorg/persistence/sqlite/decision_repo.py
• tests/unit/api/fakes.py
• tests/unit/persistence/sqlite/test_decision_repo.py

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Deploy Preview
• GitHub Check: Build Backend
• GitHub Check: Build Web
• GitHub Check: Test (Python 3.14)
• GitHub Check: Dependency Review
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (4)

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: No from __future__ import annotations—Python 3.14 has PEP 649
Use PEP 758 except syntax: except A, B: (no parentheses) on Python 3.14—ruff enforces this
All public functions must have type hints; use mypy strict mode
Use Google-style docstrings required on public classes and functions—enforced by ruff D rules
Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement
Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves
Use Pydantic v2 (BaseModel, model_validator, computed_field, ConfigDict); use allow_inf_nan=False in all ConfigDict declarations to reject NaN/Inf in numeric fields
Use @computed_field for derived values instead of storing + validating redundant fields; use NotBlankStr from core.types for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators
Prefer asyncio.TaskGroup for fan-out/fan-in parallel operations in new code; prefer structured concurrency over bare create_task
Line length: 88 characters (ruff)
Functions must be less than 50 lines; files must be less than 800 lines
Handle errors explicitly, never silently swallow exceptions
Always use variable name logger (not _logger, not log)
Always use structured logging kwargs: logger.info(EVENT, key=value) never logger.info("msg %s", val)
All error paths must log at WARNING or ERROR with context before raising
All state transitions must log at INFO
DEBUG logging for object creation, internal flow, entry/exit of key functions; pure data models, enums, and re-exports do NOT need logging

Files:

• tests/unit/api/fakes.py
• src/synthorg/engine/decisions.py
• src/synthorg/persistence/sqlite/decision_repo.py
• tests/unit/persistence/sqlite/test_decision_repo.py

tests/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

tests/**/*.py: Use pytest.mark.unit, @pytest.mark.integration, @pytest.mark.e2e, @pytest.mark.slow markers for test categorization
Use asyncio_mode = "auto" for async tests—no manual @pytest.mark.asyncio needed
Global timeout: 30 seconds per test in pyproject.toml; non-default overrides (e.g., timeout(60)) are allowed but do NOT add per-file markers for the default
Prefer @pytest.mark.parametrize for testing similar cases
Tests must use test-provider, test-small-001, etc. instead of real vendor names
Use Hypothesis (@given + @settings) for property-based testing; profiles in tests/conftest.py: ci (deterministic, 10 examples + derandomize=True), dev (1000 examples), fuzz (10,000 examples, no deadline), extreme (500,000 examples, no deadline); controlled via HYPOTHESIS_PROFILE env var
When Hypothesis finds a failure, it is a real bug—fix the underlying bug and add an explicit @example(...) decorator to permanently cover the case in CI; do NOT skip or ignore flaky tests
For timing-sensitive tests, mock time.monotonic() and asyncio.sleep() to make them deterministic; for tasks that must block indefinitely until cancelled, use asyncio.Event().wait() instead of asyncio.sleep(large_number)

Files:

• tests/unit/api/fakes.py
• tests/unit/persistence/sqlite/test_decision_repo.py

---

⚙️ CodeRabbit configuration file

Test files do not require Google-style docstrings on classes or functions -- ruff D rules are only enforced on src/. A bare @settings() decorator with no arguments on Hypothesis property tests is a no-op and should not be suggested -- the HYPOTHESIS_PROFILE env var controls example counts via registered profiles, which @given() honors automatically.

Files:

• tests/unit/api/fakes.py
• tests/unit/persistence/sqlite/test_decision_repo.py

src/synthorg/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/synthorg/**/*.py: Every module with business logic MUST have from synthorg.observability import get_logger then logger = get_logger(__name__)
Never use import logging / logging.getLogger() / print() in application code (exceptions: observability/setup.py, observability/sinks.py, observability/syslog_handler.py, observability/http_handler.py may use stdlib logging and print())
Always use event name constants from domain-specific modules under synthorg.observability.events (e.g., API_REQUEST_STARTED from events.api); import directly
NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples; use generic names: example-provider, example-large-001, example-medium-001, example-small-001, large/medium/small as aliases; vendor names allowed only in: (1) Operations design page, (2) .claude/ skill/agent files, (3) third-party imports, (4) provider presets

Files:

• src/synthorg/engine/decisions.py
• src/synthorg/persistence/sqlite/decision_repo.py

src/**/*.py

⚙️ CodeRabbit configuration file

This project uses Python 3.14+ with PEP 758 except syntax: "except A, B:" (comma-separated, no parentheses) is correct and mandatory -- do NOT flag it as a typo or suggest parenthesized form. The "except builtins.MemoryError, RecursionError: raise" pattern is intentional project convention for system-error propagation. When evaluating the 50-line function limit, count only the function body excluding the signature lines, decorators, and docstring. Functions 1-5 lines over due to docstrings or multi-line signatures should not be flagged. Do not suggest extracting single-use helper functions called exactly once -- this reduces readability without improving maintainability.

Files:

• src/synthorg/engine/decisions.py
• src/synthorg/persistence/sqlite/decision_repo.py

🧠 Learnings (36)

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `NotBlankStr` from `core.types` for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-31T20:07:03.035Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T20:07:03.035Z
Learning: Applies to **/*.py : Use `NotBlankStr` (from `core.types`) for all identifier/name fields, including optional (`NotBlankStr | None`) and tuple (`tuple[NotBlankStr, ...]`) variants, instead of manual whitespace validators

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use `computed_field` for derived values instead of storing + validating redundant fields; use `NotBlankStr` from `core.types` for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to tests/**/*.py : Fix flaky tests completely and fundamentally; for timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-31T21:07:37.470Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T21:07:37.470Z
Learning: Applies to tests/**/*.py : NEVER skip, dismiss, or ignore flaky tests — always fix them fully and fundamentally; mock `time.monotonic()` and `asyncio.sleep()` for determinism; use `asyncio.Event().wait()` for indefinite blocking instead of `asyncio.sleep(large_number)`

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to tests/**/*.py : NEVER skip, dismiss, or ignore flaky tests — always fix them fully and fundamentally. For timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-04-02T07:18:02.381Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-02T07:18:02.381Z
Learning: Applies to tests/**/*.py : Never skip, dismiss, or ignore flaky tests; fix them fully and fundamentally by mocking `time.monotonic()` and `asyncio.sleep()` for determinism or using `asyncio.Event().wait()` for indefinite blocking

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-04-01T15:36:39.993Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T15:36:39.993Z
Learning: Applies to tests/**/*.py : Flaky tests: NEVER skip, dismiss, or ignore flaky tests -- always fix them fully and fundamentally. For timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to tests/**/*.py : For timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic; for tasks that must block indefinitely until cancelled, use `asyncio.Event().wait()` instead of `asyncio.sleep(large_number)`

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : For non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction and wrap with `MappingProxyType` for read-only enforcement

Applied to files:

• tests/unit/api/fakes.py
• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-16T06:24:56.341Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T06:24:56.341Z
Learning: Applies to src/synthorg/hr/**/*.py : HR engine must provide: hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, trend detection), promotion/demotion

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-19T07:13:44.964Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:13:44.964Z
Learning: Applies to src/synthorg/hr/**/*.py : HR package (hr/): hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, LLM calibration, collaboration overrides, trend detection), promotion/demotion (criteria evaluation, approval strategies, model mapping)

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/engine/**/*.py : Engine package (engine/): agent orchestration, parallel execution, task decomposition, routing, TaskEngine (centralized single-writer), task lifecycle/recovery/shutdown, workspace isolation, coordination (4 dispatchers: SAS/centralized/decentralized/context-dependent, wave execution), approval gates (escalation detection, context parking/resume), stagnation detection (ToolRepetitionDetector, corrective prompt injection), AgentRuntimeState (execution status), context budget management, conversation compaction (oldest-turns summarizer)

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (via `model_copy(update=...)`) for runtime state that evolves

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-16T23:05:29.577Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T23:05:29.577Z
Learning: Applies to **/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves. Never mix static config fields with mutable runtime fields in one model.

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-04-01T09:09:43.948Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:09:43.948Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at construction and `MappingProxyType` wrapping for read-only enforcement in non-Pydantic internal collections (registries, BaseTool)

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Immutability: create new objects, never mutate existing ones. For non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement.

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-04-01T09:58:27.410Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:58:27.410Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for dict/list fields in frozen Pydantic models

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction + `MappingProxyType` wrapping for read-only enforcement

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-15T18:38:44.202Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:38:44.202Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using `model_copy(update=...)`) for runtime state

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for `dict`/`list` fields

Applied to files:

• src/synthorg/engine/decisions.py

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/persistence/**/*.py : Persistence uses pluggable PersistenceBackend protocol. SQLite is the initial backend. Settings use SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py
• tests/unit/persistence/sqlite/test_decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Persistence backend: pluggable PersistenceBackend protocol in `src/synthorg/persistence/`, SQLite initial, SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-31T21:07:37.470Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T21:07:37.470Z
Learning: Applies to **/*.py : Use `except A, B:` (no parentheses) per PEP 758 exception syntax on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (without parentheses) per PEP 758 for exception handling in Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (no parentheses) for exception handling — PEP 758 exception syntax enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T15:43:05.601Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) — enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to **/*.py : Use PEP 758 except syntax with `except A, B:` (no parentheses) for multiple exceptions—ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) on Python 3.14—ruff enforces this

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T16:55:07.730Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T16:55:07.730Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: use `except A, B:` (no parentheses) — ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Handle errors explicitly, never silently swallow. Validate at system boundaries (user input, external APIs, config files).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising. All state transitions must log at INFO. DEBUG for object creation, internal flow, and key function entry/exit

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising. All state transitions must log at INFO. DEBUG for object creation, internal flow, entry/exit of key functions.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-31T20:07:03.035Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T20:07:03.035Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising; all state transitions must log at INFO; DEBUG for object creation, internal flow, entry/exit of key functions

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

🔇 Additional comments (2)

src/synthorg/engine/decisions.py (1)

130-151: Nice hardening of audit-metadata immutability.

Rebuilding MappingProxyType inputs and recursively freezing nested containers closes the remaining post-construction mutation paths on append-only decision records.

tests/unit/persistence/sqlite/test_decision_repo.py (1)

390-421: Good DB-level coverage for the no-self-review invariant.

By bypassing DecisionRecord and inserting directly, this test now actually exercises the SQLite CHECK(reviewer_agent_id != executing_agent_id) instead of just re-testing the model validator.

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (1)

tests/unit/api/fakes.py (1)

291-297: 🛠️ Refactor suggestion | 🟠 Major

This module is still over the 800-line cap.

The extraction helps, but tests/unit/api/fakes.py still ends at Line 843, so the repo's file-size rule is still violated. Please move one more fake/backend cluster out of this module instead of only re-exporting from here.

As per coding guidelines: "files must be less than 800 lines".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tests/unit/api/fakes.py` around lines 291 - 297, This file still exceeds the
800-line limit; pick another large fake/backend cluster class or group (e.g.,
the next biggest Fake*Repository or Fake*Backend class defined in
tests.unit.api.fakes.py), move its full implementation into a new sibling module
(following the pattern used for FakeDecisionRepository ->
tests.unit.api.fakes_decisions), then import-and-re-export it from
tests.unit.api.fakes using the same name (add a from tests.unit.api.fakes_<name>
import <ClassName> and re-export line with appropriate noqa comments). Ensure
the moved classes, imports, and any dependent helpers are updated so tests still
import the same symbol names and that tests/unit/api/fakes.py drops below 800
lines.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/synthorg/persistence/sqlite/decision_repo.py`:
- Around line 204-223: Before normalizing recorded_at to UTC in
append_with_next_version (or the function containing recorded_at_utc =
recorded_at.astimezone(UTC)), add an explicit runtime check that recorded_at is
timezone-aware (e.g., recorded_at.tzinfo is not None) and raise a ValueError
with a clear message like "recorded_at must be timezone-aware" if it is naive;
ensure this validation is applied wherever decisions are constructed in test
fakes as well so tests mirror the production contract.

In `@tests/unit/api/fakes_decisions.py`:
- Around line 70-83: The fake currently stores caller-provided metadata directly
behind MappingProxyType, causing shape and mutability drift vs production;
before constructing DecisionRecord in the fake (where DecisionRecord is created
and self._records[record_id] is set), run the same metadata
normalization/snapshot path used in
src/synthorg/persistence/sqlite/decision_repo.py (the functions that normalize
and JSON-serialize metadata during insert) so the fake stores a deep-copied,
normalized snapshot; i.e., deep-copy the incoming metadata, apply the repo’s
normalization/serialization routine to produce the persisted shape, then wrap
that resulting dict in MappingProxyType and pass it into DecisionRecord so
stored metadata matches production behavior and is immutable.

---

Duplicate comments:
In `@tests/unit/api/fakes.py`:
- Around line 291-297: This file still exceeds the 800-line limit; pick another
large fake/backend cluster class or group (e.g., the next biggest
Fake*Repository or Fake*Backend class defined in tests.unit.api.fakes.py), move
its full implementation into a new sibling module (following the pattern used
for FakeDecisionRepository -> tests.unit.api.fakes_decisions), then
import-and-re-export it from tests.unit.api.fakes using the same name (add a
from tests.unit.api.fakes_<name> import <ClassName> and re-export line with
appropriate noqa comments). Ensure the moved classes, imports, and any dependent
helpers are updated so tests still import the same symbol names and that
tests/unit/api/fakes.py drops below 800 lines.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: e7a50eb3-d668-4705-8260-541253153b46

📥 Commits

Reviewing files that changed from the base of the PR and between 58d864f and aa521bc.

📒 Files selected for processing (3)

• src/synthorg/persistence/sqlite/decision_repo.py
• tests/unit/api/fakes.py
• tests/unit/api/fakes_decisions.py

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Deploy Preview
• GitHub Check: Test (Python 3.14)
• GitHub Check: Build Backend
• GitHub Check: Build Web
• GitHub Check: Build Sandbox
• GitHub Check: Dependency Review
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (4)

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: No from __future__ import annotations—Python 3.14 has PEP 649
Use PEP 758 except syntax: except A, B: (no parentheses) on Python 3.14—ruff enforces this
All public functions must have type hints; use mypy strict mode
Use Google-style docstrings required on public classes and functions—enforced by ruff D rules
Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement
Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves
Use Pydantic v2 (BaseModel, model_validator, computed_field, ConfigDict); use allow_inf_nan=False in all ConfigDict declarations to reject NaN/Inf in numeric fields
Use @computed_field for derived values instead of storing + validating redundant fields; use NotBlankStr from core.types for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators
Prefer asyncio.TaskGroup for fan-out/fan-in parallel operations in new code; prefer structured concurrency over bare create_task
Line length: 88 characters (ruff)
Functions must be less than 50 lines; files must be less than 800 lines
Handle errors explicitly, never silently swallow exceptions
Always use variable name logger (not _logger, not log)
Always use structured logging kwargs: logger.info(EVENT, key=value) never logger.info("msg %s", val)
All error paths must log at WARNING or ERROR with context before raising
All state transitions must log at INFO
DEBUG logging for object creation, internal flow, entry/exit of key functions; pure data models, enums, and re-exports do NOT need logging

Files:

• tests/unit/api/fakes.py
• tests/unit/api/fakes_decisions.py
• src/synthorg/persistence/sqlite/decision_repo.py

tests/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

tests/**/*.py: Use pytest.mark.unit, @pytest.mark.integration, @pytest.mark.e2e, @pytest.mark.slow markers for test categorization
Use asyncio_mode = "auto" for async tests—no manual @pytest.mark.asyncio needed
Global timeout: 30 seconds per test in pyproject.toml; non-default overrides (e.g., timeout(60)) are allowed but do NOT add per-file markers for the default
Prefer @pytest.mark.parametrize for testing similar cases
Tests must use test-provider, test-small-001, etc. instead of real vendor names
Use Hypothesis (@given + @settings) for property-based testing; profiles in tests/conftest.py: ci (deterministic, 10 examples + derandomize=True), dev (1000 examples), fuzz (10,000 examples, no deadline), extreme (500,000 examples, no deadline); controlled via HYPOTHESIS_PROFILE env var
When Hypothesis finds a failure, it is a real bug—fix the underlying bug and add an explicit @example(...) decorator to permanently cover the case in CI; do NOT skip or ignore flaky tests
For timing-sensitive tests, mock time.monotonic() and asyncio.sleep() to make them deterministic; for tasks that must block indefinitely until cancelled, use asyncio.Event().wait() instead of asyncio.sleep(large_number)

Files:

• tests/unit/api/fakes.py
• tests/unit/api/fakes_decisions.py

---

⚙️ CodeRabbit configuration file

Test files do not require Google-style docstrings on classes or functions -- ruff D rules are only enforced on src/. A bare @settings() decorator with no arguments on Hypothesis property tests is a no-op and should not be suggested -- the HYPOTHESIS_PROFILE env var controls example counts via registered profiles, which @given() honors automatically.

Files:

• tests/unit/api/fakes.py
• tests/unit/api/fakes_decisions.py

src/synthorg/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/synthorg/**/*.py: Every module with business logic MUST have from synthorg.observability import get_logger then logger = get_logger(__name__)
Never use import logging / logging.getLogger() / print() in application code (exceptions: observability/setup.py, observability/sinks.py, observability/syslog_handler.py, observability/http_handler.py may use stdlib logging and print())
Always use event name constants from domain-specific modules under synthorg.observability.events (e.g., API_REQUEST_STARTED from events.api); import directly
NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples; use generic names: example-provider, example-large-001, example-medium-001, example-small-001, large/medium/small as aliases; vendor names allowed only in: (1) Operations design page, (2) .claude/ skill/agent files, (3) third-party imports, (4) provider presets

Files:

• src/synthorg/persistence/sqlite/decision_repo.py

src/**/*.py

⚙️ CodeRabbit configuration file

This project uses Python 3.14+ with PEP 758 except syntax: "except A, B:" (comma-separated, no parentheses) is correct and mandatory -- do NOT flag it as a typo or suggest parenthesized form. The "except builtins.MemoryError, RecursionError: raise" pattern is intentional project convention for system-error propagation. When evaluating the 50-line function limit, count only the function body excluding the signature lines, decorators, and docstring. Functions 1-5 lines over due to docstrings or multi-line signatures should not be flagged. Do not suggest extracting single-use helper functions called exactly once -- this reduces readability without improving maintainability.

Files:

• src/synthorg/persistence/sqlite/decision_repo.py

🧠 Learnings (20)

📓 Common learnings

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Engine: Agent orchestration, execution loops, parallel execution, task decomposition, routing, task assignment, centralized single-writer task state engine (TaskEngine), task lifecycle, recovery, shutdown, workspace isolation, coordination (multi-agent pipeline: TopologyDispatcher protocol, 4 dispatchers — SAS/centralized/decentralized/context-dependent, wave execution, workspace lifecycle integration, CoordinationSectionConfig company config bridge, build_coordinator factory), coordination error classification, prompt policy validation, checkpoint recovery (checkpoint/, per-turn persistence, heartbeat detection, CheckpointRecoveryStrategy), approval gate (escalation detection, context parking/resume, EscalationInfo/ResumePayload models), stagnation detection (stagnation/, StagnationDetector protocol, ToolRepetitionDetector, dual-signal analysis, corrective prompt injection), agent runtime state (AgentRuntimeState, lightweight per-agent execution status for dashboard queries and recove...

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `NotBlankStr` from `core.types` for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-31T20:07:03.035Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T20:07:03.035Z
Learning: Applies to **/*.py : Use `NotBlankStr` (from `core.types`) for all identifier/name fields, including optional (`NotBlankStr | None`) and tuple (`tuple[NotBlankStr, ...]`) variants, instead of manual whitespace validators

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use `computed_field` for derived values instead of storing + validating redundant fields; use `NotBlankStr` from `core.types` for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to tests/**/*.py : Fix flaky tests completely and fundamentally; for timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-31T21:07:37.470Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T21:07:37.470Z
Learning: Applies to tests/**/*.py : NEVER skip, dismiss, or ignore flaky tests — always fix them fully and fundamentally; mock `time.monotonic()` and `asyncio.sleep()` for determinism; use `asyncio.Event().wait()` for indefinite blocking instead of `asyncio.sleep(large_number)`

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to tests/**/*.py : NEVER skip, dismiss, or ignore flaky tests — always fix them fully and fundamentally. For timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-04-02T07:18:02.381Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-02T07:18:02.381Z
Learning: Applies to tests/**/*.py : Never skip, dismiss, or ignore flaky tests; fix them fully and fundamentally by mocking `time.monotonic()` and `asyncio.sleep()` for determinism or using `asyncio.Event().wait()` for indefinite blocking

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-04-01T15:36:39.993Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T15:36:39.993Z
Learning: Applies to tests/**/*.py : Flaky tests: NEVER skip, dismiss, or ignore flaky tests -- always fix them fully and fundamentally. For timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/persistence/**/*.py : Persistence uses pluggable PersistenceBackend protocol. SQLite is the initial backend. Settings use SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Persistence backend: pluggable PersistenceBackend protocol in `src/synthorg/persistence/`, SQLite initial, SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-31T21:07:37.470Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T21:07:37.470Z
Learning: Applies to **/*.py : Use `except A, B:` (no parentheses) per PEP 758 exception syntax on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (without parentheses) per PEP 758 for exception handling in Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (no parentheses) for exception handling — PEP 758 exception syntax enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T15:43:05.601Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) — enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to **/*.py : Use PEP 758 except syntax with `except A, B:` (no parentheses) for multiple exceptions—ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) on Python 3.14—ruff enforces this

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T16:55:07.730Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T16:55:07.730Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: use `except A, B:` (no parentheses) — ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Handle errors explicitly, never silently swallow. Validate at system boundaries (user input, external APIs, config files).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T21:49:53.264Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:49:53.264Z
Learning: Fix everything valid — never skip when review agents find valid issues (including pre-existing issues in surrounding code, suggestions, and findings adjacent to the PR's changes). No deferring, no 'out of scope' skipping.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

[coderabbitai]

Actionable comments posted: 5

♻️ Duplicate comments (1)

src/synthorg/persistence/sqlite/decision_repo.py (1)

365-367: 🧹 Nitpick | 🔵 Trivial

Use the repo’s Python 3.14 multi-except form here too.

This rollback handler still uses the parenthesized clause.

♻️ Proposed fix

-        except (sqlite3.Error, aiosqlite.Error) as rollback_exc:
+        except sqlite3.Error, aiosqlite.Error as rollback_exc:

As per coding guidelines: "Use PEP 758 except syntax: except A, B: (no parentheses) on Python 3.14—ruff enforces this".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/persistence/sqlite/decision_repo.py` around lines 365 - 367, The
except clause after the await self._db.rollback() uses the old parenthesized
tuple form; replace "except (sqlite3.Error, aiosqlite.Error) as rollback_exc:"
with the Python 3.14 multi-except form (no parentheses) so the handler becomes
"except sqlite3.Error, aiosqlite.Error as rollback_exc:" while keeping the same
rollback_exc variable and existing handling logic in decision_repo.py around the
self._db.rollback() call.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/synthorg/persistence/sqlite/decision_repo.py`:
- Around line 437-448: The code currently only catches KeyError when mapping
role via _ROLE_TO_COLUMN, allowing non-string inputs (e.g., list) to raise
TypeError; update DecisionRepository.list_by_agent to validate the role argument
type first: check isinstance(role, str) (or None handling if allowed) and if
not, build the same msg and call logger.warning(...) then raise ValueError(msg);
keep the existing try/except KeyError for unknown string values (role_str and
_ROLE_TO_COLUMN) so every invalid role input consistently raises ValueError.
- Around line 183-199: The code path that rejects naive datetimes currently
raises ValueError without logging or documenting it; update the method in the
DecisionRepository (the append/append_decision method that performs the insert
and checks recorded_at) to log a warning or error with contextual fields (e.g.,
record_id, task_id, version and the offending recorded_at) immediately before
raising ValueError, and add ValueError to the method's Raises: docstring so the
exception is documented; ensure the log level matches other append failure paths
and the message clearly states "naive datetime rejected" plus the offending
value.
- Around line 201-203: Replace the shallow snapshot of metadata with a deep copy
before making it read-only: instead of dict(metadata or {}), deep-copy the
metadata (e.g., via copy.deepcopy(metadata or {})) and then wrap that result
with MappingProxyType so nested dicts/lists are not aliased; update the code
around metadata_view in append_with_next_version()/decision_repo.py and ensure
record.metadata receives the MappingProxyType-wrapped deep copy.
- Around line 281-282: Reads (get, list_by_task, list_by_agent) can observe
uncommitted rows inserted by _execute_insert because they use the shared
aiosqlite.Connection (self._db) without synchronization; fix this by serializing
reads with the same _write_lock (or alternatively use a dedicated read
connection) so SELECTs do not run while an INSERT→SELECT→COMMIT sequence in
_execute_insert is in progress—wrap the SELECT operations in get, list_by_task,
and list_by_agent with an async with self._write_lock (or switch those methods
to use a separate connection instance) to prevent phantom reads on the shared
connection.

In `@tests/unit/api/fakes_backend.py`:
- Around line 173-175: The PersistenceBackend protocol is missing the
workflow_versions property used by controllers; add a read-only property named
workflow_versions to the PersistenceBackend protocol definition (the
PersistenceBackend class/protocol) with the correct return type (e.g.,
WorkflowVersionRepository or the interface used by
FakeWorkflowVersionRepository) and update the protocol's docstring Attributes
section to list workflow_versions so type checkers and readers know it exists;
ensure the property name matches usages in controllers
(state.app_state.persistence.workflow_versions) and any import/type alias
references are adjusted accordingly.

---

Duplicate comments:
In `@src/synthorg/persistence/sqlite/decision_repo.py`:
- Around line 365-367: The except clause after the await self._db.rollback()
uses the old parenthesized tuple form; replace "except (sqlite3.Error,
aiosqlite.Error) as rollback_exc:" with the Python 3.14 multi-except form (no
parentheses) so the handler becomes "except sqlite3.Error, aiosqlite.Error as
rollback_exc:" while keeping the same rollback_exc variable and existing
handling logic in decision_repo.py around the self._db.rollback() call.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: d2ad440b-6d49-4b29-8206-b8f6ba5fe2a1

📥 Commits

Reviewing files that changed from the base of the PR and between aa521bc and bd8bcfe.

📒 Files selected for processing (4)

• src/synthorg/persistence/sqlite/decision_repo.py
• tests/unit/api/fakes.py
• tests/unit/api/fakes_backend.py
• tests/unit/api/fakes_decisions.py

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Test (Python 3.14)
• GitHub Check: Build Web
• GitHub Check: Build Backend
• GitHub Check: Build Sandbox
• GitHub Check: Dependency Review
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (4)

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: No from __future__ import annotations—Python 3.14 has PEP 649
Use PEP 758 except syntax: except A, B: (no parentheses) on Python 3.14—ruff enforces this
All public functions must have type hints; use mypy strict mode
Use Google-style docstrings required on public classes and functions—enforced by ruff D rules
Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement
Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves
Use Pydantic v2 (BaseModel, model_validator, computed_field, ConfigDict); use allow_inf_nan=False in all ConfigDict declarations to reject NaN/Inf in numeric fields
Use @computed_field for derived values instead of storing + validating redundant fields; use NotBlankStr from core.types for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators
Prefer asyncio.TaskGroup for fan-out/fan-in parallel operations in new code; prefer structured concurrency over bare create_task
Line length: 88 characters (ruff)
Functions must be less than 50 lines; files must be less than 800 lines
Handle errors explicitly, never silently swallow exceptions
Always use variable name logger (not _logger, not log)
Always use structured logging kwargs: logger.info(EVENT, key=value) never logger.info("msg %s", val)
All error paths must log at WARNING or ERROR with context before raising
All state transitions must log at INFO
DEBUG logging for object creation, internal flow, entry/exit of key functions; pure data models, enums, and re-exports do NOT need logging

Files:

• tests/unit/api/fakes.py
• tests/unit/api/fakes_backend.py
• tests/unit/api/fakes_decisions.py
• src/synthorg/persistence/sqlite/decision_repo.py

tests/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

tests/**/*.py: Use pytest.mark.unit, @pytest.mark.integration, @pytest.mark.e2e, @pytest.mark.slow markers for test categorization
Use asyncio_mode = "auto" for async tests—no manual @pytest.mark.asyncio needed
Global timeout: 30 seconds per test in pyproject.toml; non-default overrides (e.g., timeout(60)) are allowed but do NOT add per-file markers for the default
Prefer @pytest.mark.parametrize for testing similar cases
Tests must use test-provider, test-small-001, etc. instead of real vendor names
Use Hypothesis (@given + @settings) for property-based testing; profiles in tests/conftest.py: ci (deterministic, 10 examples + derandomize=True), dev (1000 examples), fuzz (10,000 examples, no deadline), extreme (500,000 examples, no deadline); controlled via HYPOTHESIS_PROFILE env var
When Hypothesis finds a failure, it is a real bug—fix the underlying bug and add an explicit @example(...) decorator to permanently cover the case in CI; do NOT skip or ignore flaky tests
For timing-sensitive tests, mock time.monotonic() and asyncio.sleep() to make them deterministic; for tasks that must block indefinitely until cancelled, use asyncio.Event().wait() instead of asyncio.sleep(large_number)

Files:

• tests/unit/api/fakes.py
• tests/unit/api/fakes_backend.py
• tests/unit/api/fakes_decisions.py

---

⚙️ CodeRabbit configuration file

Test files do not require Google-style docstrings on classes or functions -- ruff D rules are only enforced on src/. A bare @settings() decorator with no arguments on Hypothesis property tests is a no-op and should not be suggested -- the HYPOTHESIS_PROFILE env var controls example counts via registered profiles, which @given() honors automatically.

Files:

• tests/unit/api/fakes.py
• tests/unit/api/fakes_backend.py
• tests/unit/api/fakes_decisions.py

src/synthorg/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/synthorg/**/*.py: Every module with business logic MUST have from synthorg.observability import get_logger then logger = get_logger(__name__)
Never use import logging / logging.getLogger() / print() in application code (exceptions: observability/setup.py, observability/sinks.py, observability/syslog_handler.py, observability/http_handler.py may use stdlib logging and print())
Always use event name constants from domain-specific modules under synthorg.observability.events (e.g., API_REQUEST_STARTED from events.api); import directly
NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples; use generic names: example-provider, example-large-001, example-medium-001, example-small-001, large/medium/small as aliases; vendor names allowed only in: (1) Operations design page, (2) .claude/ skill/agent files, (3) third-party imports, (4) provider presets

Files:

• src/synthorg/persistence/sqlite/decision_repo.py

src/**/*.py

⚙️ CodeRabbit configuration file

This project uses Python 3.14+ with PEP 758 except syntax: "except A, B:" (comma-separated, no parentheses) is correct and mandatory -- do NOT flag it as a typo or suggest parenthesized form. The "except builtins.MemoryError, RecursionError: raise" pattern is intentional project convention for system-error propagation. When evaluating the 50-line function limit, count only the function body excluding the signature lines, decorators, and docstring. Functions 1-5 lines over due to docstrings or multi-line signatures should not be flagged. Do not suggest extracting single-use helper functions called exactly once -- this reduces readability without improving maintainability.

Files:

• src/synthorg/persistence/sqlite/decision_repo.py

🧠 Learnings (29)

📓 Common learnings

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Engine: Agent orchestration, execution loops, parallel execution, task decomposition, routing, task assignment, centralized single-writer task state engine (TaskEngine), task lifecycle, recovery, shutdown, workspace isolation, coordination (multi-agent pipeline: TopologyDispatcher protocol, 4 dispatchers — SAS/centralized/decentralized/context-dependent, wave execution, workspace lifecycle integration, CoordinationSectionConfig company config bridge, build_coordinator factory), coordination error classification, prompt policy validation, checkpoint recovery (checkpoint/, per-turn persistence, heartbeat detection, CheckpointRecoveryStrategy), approval gate (escalation detection, context parking/resume, EscalationInfo/ResumePayload models), stagnation detection (stagnation/, StagnationDetector protocol, ToolRepetitionDetector, dual-signal analysis, corrective prompt injection), agent runtime state (AgentRuntimeState, lightweight per-agent execution status for dashboard queries and recove...

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `NotBlankStr` from `core.types` for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-31T20:07:03.035Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T20:07:03.035Z
Learning: Applies to **/*.py : Use `NotBlankStr` (from `core.types`) for all identifier/name fields, including optional (`NotBlankStr | None`) and tuple (`tuple[NotBlankStr, ...]`) variants, instead of manual whitespace validators

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use `computed_field` for derived values instead of storing + validating redundant fields; use `NotBlankStr` from `core.types` for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to tests/**/*.py : Fix flaky tests completely and fundamentally; for timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins

Applied to files:

• tests/unit/api/fakes.py
• tests/unit/api/fakes_backend.py

📚 Learning: 2026-03-31T21:07:37.470Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T21:07:37.470Z
Learning: Applies to tests/**/*.py : NEVER skip, dismiss, or ignore flaky tests — always fix them fully and fundamentally; mock `time.monotonic()` and `asyncio.sleep()` for determinism; use `asyncio.Event().wait()` for indefinite blocking instead of `asyncio.sleep(large_number)`

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to tests/**/*.py : NEVER skip, dismiss, or ignore flaky tests — always fix them fully and fundamentally. For timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-04-02T07:18:02.381Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-02T07:18:02.381Z
Learning: Applies to tests/**/*.py : Never skip, dismiss, or ignore flaky tests; fix them fully and fundamentally by mocking `time.monotonic()` and `asyncio.sleep()` for determinism or using `asyncio.Event().wait()` for indefinite blocking

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-04-01T15:36:39.993Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T15:36:39.993Z
Learning: Applies to tests/**/*.py : Flaky tests: NEVER skip, dismiss, or ignore flaky tests -- always fix them fully and fundamentally. For timing-sensitive tests, mock `time.monotonic()` and `asyncio.sleep()` to make them deterministic instead of widening timing margins

Applied to files:

• tests/unit/api/fakes.py

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/persistence/**/*.py : Persistence uses pluggable PersistenceBackend protocol. SQLite is the initial backend. Settings use SettingsRepository (namespaced settings CRUD).

Applied to files:

• tests/unit/api/fakes.py
• tests/unit/api/fakes_backend.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Persistence backend: pluggable PersistenceBackend protocol in `src/synthorg/persistence/`, SQLite initial, SettingsRepository (namespaced settings CRUD).

Applied to files:

• tests/unit/api/fakes.py
• tests/unit/api/fakes_backend.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for `dict`/`list` fields

Applied to files:

• tests/unit/api/fakes_decisions.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : For non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction and wrap with `MappingProxyType` for read-only enforcement

Applied to files:

• tests/unit/api/fakes_decisions.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves. Never mix static config fields with mutable runtime fields in one model.

Applied to files:

• tests/unit/api/fakes_decisions.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (via `model_copy(update=...)`) for runtime state that evolves

Applied to files:

• tests/unit/api/fakes_decisions.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• tests/unit/api/fakes_decisions.py

📚 Learning: 2026-04-01T09:58:27.410Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:58:27.410Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for dict/list fields in frozen Pydantic models

Applied to files:

• tests/unit/api/fakes_decisions.py

📚 Learning: 2026-04-01T09:09:43.948Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:09:43.948Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at construction and `MappingProxyType` wrapping for read-only enforcement in non-Pydantic internal collections (registries, BaseTool)

Applied to files:

• tests/unit/api/fakes_decisions.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction + `MappingProxyType` wrapping for read-only enforcement

Applied to files:

• tests/unit/api/fakes_decisions.py

📚 Learning: 2026-03-15T18:38:44.202Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:38:44.202Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using `model_copy(update=...)`) for runtime state

Applied to files:

• tests/unit/api/fakes_decisions.py

📚 Learning: 2026-03-31T21:07:37.470Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T21:07:37.470Z
Learning: Applies to **/*.py : Use `except A, B:` (no parentheses) per PEP 758 exception syntax on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (without parentheses) per PEP 758 for exception handling in Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (no parentheses) for exception handling — PEP 758 exception syntax enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T15:43:05.601Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) — enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to **/*.py : Use PEP 758 except syntax with `except A, B:` (no parentheses) for multiple exceptions—ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) on Python 3.14—ruff enforces this

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T16:55:07.730Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T16:55:07.730Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: use `except A, B:` (no parentheses) — ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Handle errors explicitly, never silently swallow. Validate at system boundaries (user input, external APIs, config files).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T21:49:53.264Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:49:53.264Z
Learning: Fix everything valid — never skip when review agents find valid issues (including pre-existing issues in surrounding code, suggestions, and findings adjacent to the PR's changes). No deferring, no 'out of scope' skipping.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

🔇 Additional comments (5)

tests/unit/api/fakes_decisions.py (2)

42-106: Well-implemented fake matching production semantics.

The implementation correctly:

• Computes version as max(..., default=0) + 1 matching production's COALESCE(MAX(version), 0) + 1
• Rejects naive datetimes with clear error message
• Normalizes recorded_at to UTC via astimezone(UTC)
• Deep-copies metadata before wrapping in MappingProxyType to prevent caller mutations from leaking

The deep-copy approach (lines 84-86) provides adequate snapshot semantics for test purposes. While production JSON-serializes metadata (which would reject non-JSON-serializable objects), test metadata is typically JSON-compatible, so this difference is acceptable for a test double.

---

108-132: Query methods correctly implement protocol contract.

• get: Returns None on miss as specified
• list_by_task: Orders by version ascending (oldest first)
• list_by_agent: Validates role with ValueError, orders by recorded_at descending

All match the DecisionRepository protocol defined in src/synthorg/persistence/repositories_decisions.py.

tests/unit/api/fakes_backend.py (1)

39-67: LGTM - Clean initialization with proper dual settings support.

The fake correctly maintains:

• _settings_repo (namespaced FakeSettingsRepository) exposed via settings property
• _settings (flat dict) for legacy get_setting/set_setting methods

This matches the PersistenceBackend protocol which supports both patterns.

tests/unit/api/fakes.py (2)

286-292: Clean re-export preserving backwards compatibility.

The as Y pattern with # noqa: PLC0414 correctly marks an explicit re-export. Existing test imports (from tests.unit.api.fakes import FakeDecisionRepository) continue to work.

---

696-705: Bottom-of-file import correctly avoids circular dependency.

The comment accurately explains why this import must be at the bottom: fakes_backend.py imports Fake*Repository classes from this file, so they must be defined before fakes_backend is loaded. The E402 and PLC0414 noqa comments appropriately acknowledge the style exceptions.

[coderabbitai]

Actionable comments posted: 3

♻️ Duplicate comments (1)

src/synthorg/persistence/sqlite/decision_repo.py (1)

353-353: ⚠️ Potential issue | 🟠 Major

Use the repo's PEP 758 multi-except syntax here.

These handlers still use the parenthesized form, so this file will keep violating the Python 3.14 exception-style rule.

♻️ Proposed fix

-        except (sqlite3.Error, aiosqlite.Error) as exc:
+        except sqlite3.Error, aiosqlite.Error as exc:
@@
-        except (ValidationError, json.JSONDecodeError, TypeError) as exc:
+        except ValidationError, json.JSONDecodeError, TypeError as exc:

Run this after the edit; expect no matches:

#!/bin/bash
rg -n '^\s*except \(' src/synthorg/persistence/sqlite/decision_repo.py

As per coding guidelines: "Use PEP 758 except syntax: except A, B: (no parentheses) on Python 3.14—ruff enforces this".

Also applies to: 390-390, 411-411, 438-438, 517-517, 570-570

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/synthorg/persistence/sqlite/decision_repo.py` at line 353, Replace every
parenthesized multi-except in src/synthorg/persistence/sqlite/decision_repo.py
with the PEP 758 comma form; specifically change handlers like "except
(sqlite3.Error, aiosqlite.Error) as exc" to use the new syntax "except
sqlite3.Error, aiosqlite.Error as exc" (apply the same change for the other
occurrences noted in the review). Update each except block that references
sqlite3.Error and aiosqlite.Error (and any other parenthesized multi-except
occurrences in this file) so they use the PEP 758 form without parentheses.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/synthorg/persistence/sqlite/decision_repo.py`:
- Around line 540-543: Wrap the section that indexes into the DB row (the direct
row["col"] accesses driven by _COLS) in a try/except KeyError inside the same
function in decision_repo.py; in the except block emit the
PERSISTENCE_DECISION_RECORD_DESERIALIZE_FAILED log (include the missing column
name from the KeyError and the record id being deserialized) at WARNING or ERROR
level, then re-raise the same KeyError to preserve existing behavior; apply the
same try/except+log pattern to the other similar block referenced around lines
553-570 so all missing-column failures are logged before propagating.
- Around line 327-333: The code commits the transaction before verifying the
read-back guard, so if cursor.fetchone() returns None the method will report
QueryError after a durable insert; move the commit so it happens only after the
read-back guard succeeds: perform await cursor.fetchone(), check row is not None
and extract row["version"] (or appropriate field), and only then call await
self._db.commit(); apply the same change to the other similar block that uses
_INSERT_SQL, cursor.fetchone(), and await self._db.commit() (the block around
lines 362-379) to ensure no commit occurs before the guard check.

In `@tests/unit/persistence/test_protocol.py`:
- Around line 555-560: The comment claiming object() "satisfies the structural
Protocol check" is inaccurate because a bare object() does not implement
WorkflowVersionRepository methods; instead, update the comment on the
workflow_versions property to state that returning object() only satisfies the
PersistenceBackend interface requirement that the workflow_versions attribute
exists for this conformance test, and note that the full
WorkflowVersionRepository fake (which implements save_version/get_version, etc.)
is provided elsewhere.

---

Duplicate comments:
In `@src/synthorg/persistence/sqlite/decision_repo.py`:
- Line 353: Replace every parenthesized multi-except in
src/synthorg/persistence/sqlite/decision_repo.py with the PEP 758 comma form;
specifically change handlers like "except (sqlite3.Error, aiosqlite.Error) as
exc" to use the new syntax "except sqlite3.Error, aiosqlite.Error as exc" (apply
the same change for the other occurrences noted in the review). Update each
except block that references sqlite3.Error and aiosqlite.Error (and any other
parenthesized multi-except occurrences in this file) so they use the PEP 758
form without parentheses.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 33f8ec37-c4d6-414c-8a66-7b76fd293ee0

📥 Commits

Reviewing files that changed from the base of the PR and between bd8bcfe and 994858e.

📒 Files selected for processing (3)

• src/synthorg/persistence/protocol.py
• src/synthorg/persistence/sqlite/decision_repo.py
• tests/unit/persistence/test_protocol.py

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Test (Python 3.14)
• GitHub Check: Build Web
• GitHub Check: Build Backend
• GitHub Check: Dependency Review
• GitHub Check: Analyze (python)
• GitHub Check: Analyze (javascript-typescript)

🧰 Additional context used

📓 Path-based instructions (4)

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: No from __future__ import annotations—Python 3.14 has PEP 649
Use PEP 758 except syntax: except A, B: (no parentheses) on Python 3.14—ruff enforces this
All public functions must have type hints; use mypy strict mode
Use Google-style docstrings required on public classes and functions—enforced by ruff D rules
Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement
Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves
Use Pydantic v2 (BaseModel, model_validator, computed_field, ConfigDict); use allow_inf_nan=False in all ConfigDict declarations to reject NaN/Inf in numeric fields
Use @computed_field for derived values instead of storing + validating redundant fields; use NotBlankStr from core.types for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators
Prefer asyncio.TaskGroup for fan-out/fan-in parallel operations in new code; prefer structured concurrency over bare create_task
Line length: 88 characters (ruff)
Functions must be less than 50 lines; files must be less than 800 lines
Handle errors explicitly, never silently swallow exceptions
Always use variable name logger (not _logger, not log)
Always use structured logging kwargs: logger.info(EVENT, key=value) never logger.info("msg %s", val)
All error paths must log at WARNING or ERROR with context before raising
All state transitions must log at INFO
DEBUG logging for object creation, internal flow, entry/exit of key functions; pure data models, enums, and re-exports do NOT need logging

Files:

• src/synthorg/persistence/protocol.py
• tests/unit/persistence/test_protocol.py
• src/synthorg/persistence/sqlite/decision_repo.py

src/synthorg/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/synthorg/**/*.py: Every module with business logic MUST have from synthorg.observability import get_logger then logger = get_logger(__name__)
Never use import logging / logging.getLogger() / print() in application code (exceptions: observability/setup.py, observability/sinks.py, observability/syslog_handler.py, observability/http_handler.py may use stdlib logging and print())
Always use event name constants from domain-specific modules under synthorg.observability.events (e.g., API_REQUEST_STARTED from events.api); import directly
NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples; use generic names: example-provider, example-large-001, example-medium-001, example-small-001, large/medium/small as aliases; vendor names allowed only in: (1) Operations design page, (2) .claude/ skill/agent files, (3) third-party imports, (4) provider presets

Files:

• src/synthorg/persistence/protocol.py
• src/synthorg/persistence/sqlite/decision_repo.py

src/**/*.py

⚙️ CodeRabbit configuration file

This project uses Python 3.14+ with PEP 758 except syntax: "except A, B:" (comma-separated, no parentheses) is correct and mandatory -- do NOT flag it as a typo or suggest parenthesized form. The "except builtins.MemoryError, RecursionError: raise" pattern is intentional project convention for system-error propagation. When evaluating the 50-line function limit, count only the function body excluding the signature lines, decorators, and docstring. Functions 1-5 lines over due to docstrings or multi-line signatures should not be flagged. Do not suggest extracting single-use helper functions called exactly once -- this reduces readability without improving maintainability.

Files:

• src/synthorg/persistence/protocol.py
• src/synthorg/persistence/sqlite/decision_repo.py

tests/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

tests/**/*.py: Use pytest.mark.unit, @pytest.mark.integration, @pytest.mark.e2e, @pytest.mark.slow markers for test categorization
Use asyncio_mode = "auto" for async tests—no manual @pytest.mark.asyncio needed
Global timeout: 30 seconds per test in pyproject.toml; non-default overrides (e.g., timeout(60)) are allowed but do NOT add per-file markers for the default
Prefer @pytest.mark.parametrize for testing similar cases
Tests must use test-provider, test-small-001, etc. instead of real vendor names
Use Hypothesis (@given + @settings) for property-based testing; profiles in tests/conftest.py: ci (deterministic, 10 examples + derandomize=True), dev (1000 examples), fuzz (10,000 examples, no deadline), extreme (500,000 examples, no deadline); controlled via HYPOTHESIS_PROFILE env var
When Hypothesis finds a failure, it is a real bug—fix the underlying bug and add an explicit @example(...) decorator to permanently cover the case in CI; do NOT skip or ignore flaky tests
For timing-sensitive tests, mock time.monotonic() and asyncio.sleep() to make them deterministic; for tasks that must block indefinitely until cancelled, use asyncio.Event().wait() instead of asyncio.sleep(large_number)

Files:

• tests/unit/persistence/test_protocol.py

---

⚙️ CodeRabbit configuration file

Test files do not require Google-style docstrings on classes or functions -- ruff D rules are only enforced on src/. A bare @settings() decorator with no arguments on Hypothesis property tests is a no-op and should not be suggested -- the HYPOTHESIS_PROFILE env var controls example counts via registered profiles, which @given() honors automatically.

Files:

• tests/unit/persistence/test_protocol.py

🧠 Learnings (33)

📓 Common learnings

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Engine: Agent orchestration, execution loops, parallel execution, task decomposition, routing, task assignment, centralized single-writer task state engine (TaskEngine), task lifecycle, recovery, shutdown, workspace isolation, coordination (multi-agent pipeline: TopologyDispatcher protocol, 4 dispatchers — SAS/centralized/decentralized/context-dependent, wave execution, workspace lifecycle integration, CoordinationSectionConfig company config bridge, build_coordinator factory), coordination error classification, prompt policy validation, checkpoint recovery (checkpoint/, per-turn persistence, heartbeat detection, CheckpointRecoveryStrategy), approval gate (escalation detection, context parking/resume, EscalationInfo/ResumePayload models), stagnation detection (stagnation/, StagnationDetector protocol, ToolRepetitionDetector, dual-signal analysis, corrective prompt injection), agent runtime state (AgentRuntimeState, lightweight per-agent execution status for dashboard queries and recove...

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/persistence/**/*.py : Persistence uses pluggable PersistenceBackend protocol. SQLite is the initial backend. Settings use SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/protocol.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Persistence backend: pluggable PersistenceBackend protocol in `src/synthorg/persistence/`, SQLite initial, SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/protocol.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/engine/**/*.py : Engine package (engine/): agent orchestration, parallel execution, task decomposition, routing, TaskEngine (centralized single-writer), task lifecycle/recovery/shutdown, workspace isolation, coordination (4 dispatchers: SAS/centralized/decentralized/context-dependent, wave execution), approval gates (escalation detection, context parking/resume), stagnation detection (ToolRepetitionDetector, corrective prompt injection), AgentRuntimeState (execution status), context budget management, conversation compaction (oldest-turns summarizer)

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Engine: Agent orchestration, execution loops, parallel execution, task decomposition, routing, task assignment, centralized single-writer task state engine (TaskEngine), task lifecycle, recovery, shutdown, workspace isolation, coordination (multi-agent pipeline: TopologyDispatcher protocol, 4 dispatchers — SAS/centralized/decentralized/context-dependent, wave execution, workspace lifecycle integration, CoordinationSectionConfig company config bridge, build_coordinator factory), coordination error classification, prompt policy validation, checkpoint recovery (checkpoint/, per-turn persistence, heartbeat detection, CheckpointRecoveryStrategy), approval gate (escalation detection, context parking/resume, EscalationInfo/ResumePayload models), stagnation detection (stagnation/, StagnationDetector protocol, ToolRepetitionDetector, dual-signal analysis, corrective prompt injection), agent runtime state (AgentRuntimeState, lightweight per-agent execution status for dashboard queries and recove...

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-16T06:24:56.341Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T06:24:56.341Z
Learning: Applies to src/synthorg/hr/**/*.py : HR engine must provide: hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, trend detection), promotion/demotion

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/engine/coordination/**/*.py : Task coordination uses multi-agent pipeline with 4 dispatchers (SAS/centralized/decentralized/context-dependent), wave execution, and workspace lifecycle integration.

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-19T07:13:44.964Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:13:44.964Z
Learning: Applies to src/synthorg/hr/**/*.py : HR package (hr/): hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, LLM calibration, collaboration overrides, trend detection), promotion/demotion (criteria evaluation, approval strategies, model mapping)

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/**/*.py : Package structure: src/synthorg/ organized as: api/ (REST+WebSocket, Litestar), auth/ (auth subpackage), backup/ (scheduled/manual backups), budget/ (cost tracking, CFO), cli/ (superseded by Go CLI), communication/ (message bus, meetings), config/ (YAML loading), core/ (domain models, resilience config), engine/ (orchestration, task state, coordination, approval gates, stagnation detection, context budget, compaction), hr/ (hiring, performance, promotion), memory/ (pluggable backend, Mem0, retrieval, consolidation), persistence/ (operational data, SQLite, settings), observability/ (logging, correlation, sinks), providers/ (LLM abstraction, LiteLLM, auth types, presets, runtime CRUD), settings/ (runtime-editable, typed definitions, encryption, config bridge), security/ (SecOps, rule engine, output scanning, progressive trust, autonomy levels), templates/ (company templates, personalities), tools/ (registry, built-in tools, git, sandbox, code_runner, MCP...

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-31T21:07:37.470Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T21:07:37.470Z
Learning: Applies to **/*.py : Use `except A, B:` (no parentheses) per PEP 758 exception syntax on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (without parentheses) per PEP 758 for exception handling in Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (no parentheses) for exception handling — PEP 758 exception syntax enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T15:43:05.601Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) — enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to **/*.py : Use PEP 758 except syntax with `except A, B:` (no parentheses) for multiple exceptions—ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) on Python 3.14—ruff enforces this

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T16:55:07.730Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T16:55:07.730Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: use `except A, B:` (no parentheses) — ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Handle errors explicitly, never silently swallow. Validate at system boundaries (user input, external APIs, config files).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T21:49:53.264Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:49:53.264Z
Learning: Fix everything valid — never skip when review agents find valid issues (including pre-existing issues in surrounding code, suggestions, and findings adjacent to the PR's changes). No deferring, no 'out of scope' skipping.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to src/ai_company/!(observability)/**/*.py : All error paths must log at WARNING or ERROR with context before raising.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T16:55:07.730Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T16:55:07.730Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T18:38:44.202Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:38:44.202Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising. All state transitions must log at INFO. DEBUG for object creation, internal flow, entry/exit of key functions.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising. All state transitions must log at INFO. DEBUG for object creation, internal flow, and key function entry/exit

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-01T09:09:43.948Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:09:43.948Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at construction and `MappingProxyType` wrapping for read-only enforcement in non-Pydantic internal collections (registries, BaseTool)

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for `dict`/`list` fields

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : For non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction and wrap with `MappingProxyType` for read-only enforcement

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-01T09:58:27.410Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:58:27.410Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for dict/list fields in frozen Pydantic models

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction + `MappingProxyType` wrapping for read-only enforcement

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Immutability: create new objects, never mutate existing ones. For non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T23:05:29.577Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T23:05:29.577Z
Learning: Applies to **/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves. Never mix static config fields with mutable runtime fields in one model.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (via `model_copy(update=...)`) for runtime state that evolves

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

🔇 Additional comments (7)

src/synthorg/persistence/protocol.py (4)

25-42: LGTM!

The new imports for DecisionRepository and WorkflowVersionRepository follow the established pattern with proper noqa: TC001 annotations.

---

75-78: Docstring attributes now complete.

The Attributes section has been updated with both workflow_versions and decision_records, addressing the previously requested documentation sync.

---

174-177: LGTM!

The decision_records property follows the established pattern for repository accessors with proper typing and docstring.

---

234-237: LGTM!

The workflow_versions property correctly extends the protocol with proper typing and documentation.

tests/unit/persistence/test_protocol.py (3)

205-224: LGTM!

The _FakeDecisionRepository follows the established pattern for protocol conformance fakes, providing minimal implementations that satisfy the DecisionRepository protocol shape.

---

507-509: LGTM!

The decision_records property correctly returns a _FakeDecisionRepository instance, consistent with other repository properties on _FakeBackend.

---

608-609: LGTM!

The conformance test for _FakeDecisionRepository follows the established pattern and verifies protocol compliance.

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/synthorg/persistence/sqlite/decision_repo.py`:
- Around line 576-603: The code must explicitly read every required column from
the DB row with row[...] (so missing columns raise KeyError and hit the existing
logger.exception path) before calling DecisionRecord.model_validate; change the
construction of parsed so you read and assign each required field (e.g., id,
task_id, version, decision, criteria_snapshot, metadata, etc.) via row[...]
inside the try that logs PERSISTENCE_DECISION_RECORD_DESERIALIZE_FAILED, then
decode raw_criteria/raw_metadata into parsed["criteria_snapshot"] and
parsed["metadata"] as you already do, and only after those explicit
reads/decodes call DecisionRecord.model_validate(parsed) so schema drift results
in the same logged KeyError path rather than a ValidationError.
- Around line 335-353: The except block currently converts all
sqlite3.IntegrityError into DuplicateRecordError or QueryError using
_is_unique_constraint_error; update it to only treat UNIQUE/PRIMARY KEY
violations as DuplicateRecordError and let structural constraint violations (FK,
CHECK, NOT NULL, foreign key or other schema constraints) propagate as the
original sqlite3.IntegrityError so they surface loudly. Concretely: add or use a
predicate like _is_structural_constraint_error(exc) (or extend
_is_unique_constraint_error to return tri-state) in the except
sqlite3.IntegrityError handler; if _is_unique_constraint_error(exc) -> raise
DuplicateRecordError(msg) from exc, elif _is_structural_constraint_error(exc) ->
re-raise exc (raise), else log and raise QueryError(msg). Keep references to
PERSISTENCE_DECISION_RECORD_SAVE_FAILED, record_id, and sqlite_errorname in logs
unchanged.
- Around line 148-150: SQLiteDecisionRepository creates its own asyncio.Lock()
(attribute _write_lock) which leads to races because the same
aiosqlite.Connection is shared across many repos; instead create a single
asyncio.Lock in SQLitePersistenceBackend (before _create_repositories()) and
inject that same lock into every repository that performs writes (e.g., pass it
into SQLiteDecisionRepository constructor and any other mutating repos), remove
the per-repo asyncio.Lock creation in SQLiteDecisionRepository, and replace uses
of self._write_lock there with the injected lock so all repositories serialize
commits/rollbacks on the shared connection.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: cbef8455-5cc3-4721-9dd3-fa4234feecd6

📥 Commits

Reviewing files that changed from the base of the PR and between 994858e and 5d37e7e.

📒 Files selected for processing (2)

• src/synthorg/persistence/sqlite/decision_repo.py
• tests/unit/persistence/test_protocol.py

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Test (Python 3.14)
• GitHub Check: Build Web
• GitHub Check: Build Backend
• GitHub Check: Build Sandbox
• GitHub Check: Dependency Review
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (4)

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: No from __future__ import annotations—Python 3.14 has PEP 649
Use PEP 758 except syntax: except A, B: (no parentheses) on Python 3.14—ruff enforces this
All public functions must have type hints; use mypy strict mode
Use Google-style docstrings required on public classes and functions—enforced by ruff D rules
Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement
Use frozen Pydantic models for config/identity; separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves
Use Pydantic v2 (BaseModel, model_validator, computed_field, ConfigDict); use allow_inf_nan=False in all ConfigDict declarations to reject NaN/Inf in numeric fields
Use @computed_field for derived values instead of storing + validating redundant fields; use NotBlankStr from core.types for all identifier/name fields (including optional and tuple variants) instead of manual whitespace validators
Prefer asyncio.TaskGroup for fan-out/fan-in parallel operations in new code; prefer structured concurrency over bare create_task
Line length: 88 characters (ruff)
Functions must be less than 50 lines; files must be less than 800 lines
Handle errors explicitly, never silently swallow exceptions
Always use variable name logger (not _logger, not log)
Always use structured logging kwargs: logger.info(EVENT, key=value) never logger.info("msg %s", val)
All error paths must log at WARNING or ERROR with context before raising
All state transitions must log at INFO
DEBUG logging for object creation, internal flow, entry/exit of key functions; pure data models, enums, and re-exports do NOT need logging

Files:

• tests/unit/persistence/test_protocol.py
• src/synthorg/persistence/sqlite/decision_repo.py

tests/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

tests/**/*.py: Use pytest.mark.unit, @pytest.mark.integration, @pytest.mark.e2e, @pytest.mark.slow markers for test categorization
Use asyncio_mode = "auto" for async tests—no manual @pytest.mark.asyncio needed
Global timeout: 30 seconds per test in pyproject.toml; non-default overrides (e.g., timeout(60)) are allowed but do NOT add per-file markers for the default
Prefer @pytest.mark.parametrize for testing similar cases
Tests must use test-provider, test-small-001, etc. instead of real vendor names
Use Hypothesis (@given + @settings) for property-based testing; profiles in tests/conftest.py: ci (deterministic, 10 examples + derandomize=True), dev (1000 examples), fuzz (10,000 examples, no deadline), extreme (500,000 examples, no deadline); controlled via HYPOTHESIS_PROFILE env var
When Hypothesis finds a failure, it is a real bug—fix the underlying bug and add an explicit @example(...) decorator to permanently cover the case in CI; do NOT skip or ignore flaky tests
For timing-sensitive tests, mock time.monotonic() and asyncio.sleep() to make them deterministic; for tasks that must block indefinitely until cancelled, use asyncio.Event().wait() instead of asyncio.sleep(large_number)

Files:

• tests/unit/persistence/test_protocol.py

---

⚙️ CodeRabbit configuration file

Test files do not require Google-style docstrings on classes or functions -- ruff D rules are only enforced on src/. A bare @settings() decorator with no arguments on Hypothesis property tests is a no-op and should not be suggested -- the HYPOTHESIS_PROFILE env var controls example counts via registered profiles, which @given() honors automatically.

Files:

• tests/unit/persistence/test_protocol.py

src/synthorg/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/synthorg/**/*.py: Every module with business logic MUST have from synthorg.observability import get_logger then logger = get_logger(__name__)
Never use import logging / logging.getLogger() / print() in application code (exceptions: observability/setup.py, observability/sinks.py, observability/syslog_handler.py, observability/http_handler.py may use stdlib logging and print())
Always use event name constants from domain-specific modules under synthorg.observability.events (e.g., API_REQUEST_STARTED from events.api); import directly
NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples; use generic names: example-provider, example-large-001, example-medium-001, example-small-001, large/medium/small as aliases; vendor names allowed only in: (1) Operations design page, (2) .claude/ skill/agent files, (3) third-party imports, (4) provider presets

Files:

• src/synthorg/persistence/sqlite/decision_repo.py

src/**/*.py

⚙️ CodeRabbit configuration file

This project uses Python 3.14+ with PEP 758 except syntax: "except A, B:" (comma-separated, no parentheses) is correct and mandatory -- do NOT flag it as a typo or suggest parenthesized form. The "except builtins.MemoryError, RecursionError: raise" pattern is intentional project convention for system-error propagation. When evaluating the 50-line function limit, count only the function body excluding the signature lines, decorators, and docstring. Functions 1-5 lines over due to docstrings or multi-line signatures should not be flagged. Do not suggest extracting single-use helper functions called exactly once -- this reduces readability without improving maintainability.

Files:

• src/synthorg/persistence/sqlite/decision_repo.py

🧠 Learnings (32)

📓 Common learnings

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Engine: Agent orchestration, execution loops, parallel execution, task decomposition, routing, task assignment, centralized single-writer task state engine (TaskEngine), task lifecycle, recovery, shutdown, workspace isolation, coordination (multi-agent pipeline: TopologyDispatcher protocol, 4 dispatchers — SAS/centralized/decentralized/context-dependent, wave execution, workspace lifecycle integration, CoordinationSectionConfig company config bridge, build_coordinator factory), coordination error classification, prompt policy validation, checkpoint recovery (checkpoint/, per-turn persistence, heartbeat detection, CheckpointRecoveryStrategy), approval gate (escalation detection, context parking/resume, EscalationInfo/ResumePayload models), stagnation detection (stagnation/, StagnationDetector protocol, ToolRepetitionDetector, dual-signal analysis, corrective prompt injection), agent runtime state (AgentRuntimeState, lightweight per-agent execution status for dashboard queries and recove...

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/persistence/**/*.py : Persistence uses pluggable PersistenceBackend protocol. SQLite is the initial backend. Settings use SettingsRepository (namespaced settings CRUD).

Applied to files:

• tests/unit/persistence/test_protocol.py
• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/engine/**/*.py : Engine package (engine/): agent orchestration, parallel execution, task decomposition, routing, TaskEngine (centralized single-writer), task lifecycle/recovery/shutdown, workspace isolation, coordination (4 dispatchers: SAS/centralized/decentralized/context-dependent, wave execution), approval gates (escalation detection, context parking/resume), stagnation detection (ToolRepetitionDetector, corrective prompt injection), AgentRuntimeState (execution status), context budget management, conversation compaction (oldest-turns summarizer)

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Engine: Agent orchestration, execution loops, parallel execution, task decomposition, routing, task assignment, centralized single-writer task state engine (TaskEngine), task lifecycle, recovery, shutdown, workspace isolation, coordination (multi-agent pipeline: TopologyDispatcher protocol, 4 dispatchers — SAS/centralized/decentralized/context-dependent, wave execution, workspace lifecycle integration, CoordinationSectionConfig company config bridge, build_coordinator factory), coordination error classification, prompt policy validation, checkpoint recovery (checkpoint/, per-turn persistence, heartbeat detection, CheckpointRecoveryStrategy), approval gate (escalation detection, context parking/resume, EscalationInfo/ResumePayload models), stagnation detection (stagnation/, StagnationDetector protocol, ToolRepetitionDetector, dual-signal analysis, corrective prompt injection), agent runtime state (AgentRuntimeState, lightweight per-agent execution status for dashboard queries and recove...

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-16T06:24:56.341Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T06:24:56.341Z
Learning: Applies to src/synthorg/hr/**/*.py : HR engine must provide: hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, trend detection), promotion/demotion

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-17T06:30:14.180Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T06:30:14.180Z
Learning: Applies to src/synthorg/engine/coordination/**/*.py : Task coordination uses multi-agent pipeline with 4 dispatchers (SAS/centralized/decentralized/context-dependent), wave execution, and workspace lifecycle integration.

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-19T07:13:44.964Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:13:44.964Z
Learning: Applies to src/synthorg/hr/**/*.py : HR package (hr/): hiring, firing, onboarding, offboarding, agent registry, performance tracking (task metrics, collaboration scoring, LLM calibration, collaboration overrides, trend detection), promotion/demotion (criteria evaluation, approval strategies, model mapping)

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-19T07:12:14.508Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-19T07:12:14.508Z
Learning: Applies to src/synthorg/**/*.py : Package structure: src/synthorg/ organized as: api/ (REST+WebSocket, Litestar), auth/ (auth subpackage), backup/ (scheduled/manual backups), budget/ (cost tracking, CFO), cli/ (superseded by Go CLI), communication/ (message bus, meetings), config/ (YAML loading), core/ (domain models, resilience config), engine/ (orchestration, task state, coordination, approval gates, stagnation detection, context budget, compaction), hr/ (hiring, performance, promotion), memory/ (pluggable backend, Mem0, retrieval, consolidation), persistence/ (operational data, SQLite, settings), observability/ (logging, correlation, sinks), providers/ (LLM abstraction, LiteLLM, auth types, presets, runtime CRUD), settings/ (runtime-editable, typed definitions, encryption, config bridge), security/ (SecOps, rule engine, output scanning, progressive trust, autonomy levels), templates/ (company templates, personalities), tools/ (registry, built-in tools, git, sandbox, code_runner, MCP...

Applied to files:

• tests/unit/persistence/test_protocol.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Persistence backend: pluggable PersistenceBackend protocol in `src/synthorg/persistence/`, SQLite initial, SettingsRepository (namespaced settings CRUD).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-31T21:07:37.470Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-31T21:07:37.470Z
Learning: Applies to **/*.py : Use `except A, B:` (no parentheses) per PEP 758 exception syntax on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (without parentheses) per PEP 758 for exception handling in Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T07:22:28.134Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T07:22:28.134Z
Learning: Applies to **/*.py : Use `except A, B:` syntax (no parentheses) for exception handling — PEP 758 exception syntax enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T15:43:05.601Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T15:43:05.601Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) — enforced by ruff on Python 3.14

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to **/*.py : Use PEP 758 except syntax with `except A, B:` (no parentheses) for multiple exceptions—ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: `except A, B:` (no parentheses) on Python 3.14—ruff enforces this

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T16:55:07.730Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T16:55:07.730Z
Learning: Applies to **/*.py : Use PEP 758 except syntax: use `except A, B:` (no parentheses) — ruff enforces this on Python 3.14.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-17T22:08:13.456Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-17T22:08:13.456Z
Learning: Applies to src/synthorg/**/*.py : Handle errors explicitly, never silently swallow. Validate at system boundaries (user input, external APIs, config files).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T21:49:53.264Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T21:49:53.264Z
Learning: Fix everything valid — never skip when review agents find valid issues (including pre-existing issues in surrounding code, suggestions, and findings adjacent to the PR's changes). No deferring, no 'out of scope' skipping.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-14T16:18:57.267Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T16:18:57.267Z
Learning: Applies to src/ai_company/!(observability)/**/*.py : All error paths must log at WARNING or ERROR with context before raising.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T16:55:07.730Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T16:55:07.730Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T18:38:44.202Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T18:38:44.202Z
Learning: Applies to src/synthorg/**/*.py : All error paths must log at WARNING or ERROR with context before raising

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for `dict`/`list` fields

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-01T09:09:43.948Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:09:43.948Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at construction and `MappingProxyType` wrapping for read-only enforcement in non-Pydantic internal collections (registries, BaseTool)

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-01T09:58:27.410Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-01T09:58:27.410Z
Learning: Applies to **/*.py : Use `copy.deepcopy()` at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, persistence serialization) for dict/list fields in frozen Pydantic models

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : For non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction and wrap with `MappingProxyType` for read-only enforcement

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-04-05T13:59:09.628Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-04-05T13:59:09.628Z
Learning: Applies to **/*.py : Create new objects instead of mutating existing ones; for non-Pydantic internal collections (registries, `BaseTool`), use `copy.deepcopy()` at construction + `MappingProxyType` wrapping for read-only enforcement

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to **/*.py : Immutability: create new objects, never mutate existing ones. For non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-16T23:05:29.577Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-16T23:05:29.577Z
Learning: Applies to **/*.py : For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-15T19:14:27.144Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T19:14:27.144Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves. Never mix static config fields with mutable runtime fields in one model.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-20T21:44:04.528Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-20T21:44:04.528Z
Learning: Applies to src/synthorg/**/*.py : Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (via `model_copy(update=...)`) for runtime state that evolves

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

📚 Learning: 2026-03-26T15:18:16.848Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-26T15:18:16.848Z
Learning: Applies to src/**/*.py : Handle errors explicitly, never silently swallow them. All error paths must log at WARNING or ERROR with context before raising.

Applied to files:

• src/synthorg/persistence/sqlite/decision_repo.py

🔇 Additional comments (8)

tests/unit/persistence/test_protocol.py (6)

29-29: LGTM!

Import correctly added alongside other repository protocol imports.

---

59-59: LGTM!

Import correctly guarded under TYPE_CHECKING for type-hint-only usage.

---

507-509: LGTM!

Property follows the established pattern of other repository accessors in _FakeBackend.

---

555-566: LGTM!

The comment now accurately explains @runtime_checkable semantics and correctly references where the full WorkflowVersionRepository fake resides.

---

614-615: LGTM!

Conformance test follows the established pattern and correctly verifies protocol compliance.

---

205-224: Verify fake signature matches the DecisionRepository protocol.

The append_with_next_version method uses **_kwargs which is very permissive. Other fakes in this file mirror their protocol signatures explicitly (e.g., _FakeTaskRepository.save(self, task: Task)). Also, role: str on line 222 may need to be DecisionRole if the protocol uses that literal type.

If the protocol uses explicit parameters, aligning the fake's signature helps catch protocol drift at test time.

#!/bin/bash
# Description: Find the DecisionRepository protocol definition to verify method signatures

# Search for DecisionRepository class definition
ast-grep --pattern $'class DecisionRepository:
  $$$
'

# Also search with Protocol inheritance
ast-grep --pattern $'class DecisionRepository(Protocol):
  $$$
'

src/synthorg/persistence/sqlite/decision_repo.py (2)

354-354: Use the mandated Python 3.14 multi-except syntax everywhere in this module.

The parenthesized clauses on Lines 354, 388, 408, 429, 456, 535, and 603 are still the old form; this repo now enforces except A, B: without parentheses.

As per coding guidelines: "Use PEP 758 except syntax: except A, B: (no parentheses) on Python 3.14—ruff enforces this"

Also applies to: 388-388, 408-408, 429-429, 456-456, 535-535, 603-603

---

227-245: Good guard before UTC normalization.

Rejecting naive recorded_at values before astimezone(UTC) closes the host-local-time drift hole cleanly.