Skip to content

docs: GAPS_CLOSEOUT audit — #90/#97/#98 against main#136

Merged
EffortlessSteven merged 1 commit into
mainfrom
docs/gaps-closeout-audit
Apr 18, 2026
Merged

docs: GAPS_CLOSEOUT audit — #90/#97/#98 against main#136
EffortlessSteven merged 1 commit into
mainfrom
docs/gaps-closeout-audit

Conversation

@EffortlessSteven

Copy link
Copy Markdown
Member

Summary

Three-column audit (implemented on main / still missing / needs follow-up) reconciling what's actually merged against the acceptance checklists of the three open pillar issues. Produced before touching more code to avoid solving already-solved problems.

Findings

Recommended merge / follow-up order

  1. feat(packaging): unify shipper CLI into the shipper crate (#95) #135 (package unification) — merged while this audit was being written.
  2. feat(release): Trusted Publishing (OIDC) for crates.io (#96) #122 (Trusted Publishing) — two review concerns addressed; ready for re-CI + merge.
  3. Rehearsal registry: strengthen preflight from dry-run to actual publish + install proof #97 PR 4 — install/smoke check for rehearsal (closes Rehearsal registry: strengthen preflight from dry-run to actual publish + install proof #97).
  4. Receipt-driven yank planning and fix-forward for compromised releases #98 PR 4/5 — `--starting-crate` + plan execution (closes Receipt-driven yank planning and fix-forward for compromised releases #98).

Why this file lives in-repo

Next operator or contributor inheriting the tracker shouldn't have to read a thread of chat to know the gap state. `GAPS_CLOSEOUT.md` stays in the repo until #97 and #98 close; then it either gets deleted or archives to `docs/explanation/`.

Three-column reconciliation of what's actually merged vs each issue's
acceptance checklist. Single source of truth for what closes each
pillar issue.

**Findings:**

- **#90 Recover** — honestly closable. Code side is done (#124 + #130);
  operator-side real rehearsal is an ops action, not a code gap.

- **#97 Prove tier 2** — 85% done. Rehearsal + visibility + hard gate +
  plan_id binding all landed (#127 + #133). Missing: install/smoke
  check (cargo install against the rehearsal registry / consumer
  build). One narrow follow-up PR closes it.

- **#98 Remediate** — 60% done. Receipt schema + plan-yank (from-receipt)
  + yank primitive + fix-forward planning all landed (#121 + #132 +
  #134). Missing: plan-yank's --starting-crate graph mode, plan
  execution for yank + fix-forward. Two narrow follow-ups.

Also captures the two review concerns on #122 (Trusted Publishing)
that were addressed in a follow-up commit to that PR.

Recommended next merge order and follow-up PRs spelled out at bottom.
@coderabbitai

coderabbitai Bot commented Apr 18, 2026

Copy link
Copy Markdown

Warning

Rate limit exceeded

@EffortlessSteven has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 15 minutes and 9 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 15 minutes and 9 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: c8ae9882-6641-4001-a985-c0d219630fa8

📥 Commits

Reviewing files that changed from the base of the PR and between 39592e8 and dde4d69.

📒 Files selected for processing (1)
  • GAPS_CLOSEOUT.md
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch docs/gaps-closeout-audit

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces GAPS_CLOSEOUT.md, a comprehensive audit document tracking the implementation status of key features related to recovery, preflight proving, and remediation. It identifies specific gaps in the current codebase, such as the lack of an install-smoke check for rehearsals and missing plan execution wrappers for yanking and fix-forwarding. Feedback was provided to correct the markdown formatting of a GitHub Actions expression to ensure proper rendering.

Comment thread GAPS_CLOSEOUT.md

### #122 review concerns (raised by 3rd-party review)

1. **Mixed-registration fallback.** `${{ steps.auth.outputs.token \|\| secrets.CARGO_REGISTRY_TOKEN }}` falls back ONLY if the OIDC action outputs an empty token. If the action succeeds but only some of the 12 crates are registered as trusted publishers, `cargo publish` 401s mid-train with no graceful retry on the long-lived token. **Fix**: either (a) add a preflight that probes each crate with the minted OIDC token and fails the whole run early if any crate 401s, or (b) document explicitly that ALL 12 crates must be registered before enabling Trusted Publishing and keep the secret as the bootstrap path.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The logical OR operator || in the GitHub Actions expression is escaped with backslashes (\|\|), which will render literally in markdown as this text is not within a table. Additionally, wrapping the expression and technical terms like cargo publish in backticks would improve readability and maintain consistency with the rest of the document.

Suggested change
1. **Mixed-registration fallback.** `${{ steps.auth.outputs.token \|\| secrets.CARGO_REGISTRY_TOKEN }}` falls back ONLY if the OIDC action outputs an empty token. If the action succeeds but only some of the 12 crates are registered as trusted publishers, `cargo publish` 401s mid-train with no graceful retry on the long-lived token. **Fix**: either (a) add a preflight that probes each crate with the minted OIDC token and fails the whole run early if any crate 401s, or (b) document explicitly that ALL 12 crates must be registered before enabling Trusted Publishing and keep the secret as the bootstrap path.
1. **Mixed-registration fallback.** `${{ steps.auth.outputs.token || secrets.CARGO_REGISTRY_TOKEN }}` falls back ONLY if the OIDC action outputs an empty token. If the action succeeds but only some of the 12 crates are registered as trusted publishers, `cargo publish` 401s mid-train with no graceful retry on the long-lived token. **Fix**: either (a) add a preflight that probes each crate with the minted OIDC token and fails the whole run early if any crate 401s, or (b) document explicitly that ALL 12 crates must be registered before enabling Trusted Publishing and keep the secret as the bootstrap path.

@EffortlessSteven EffortlessSteven merged commit 1150a6f into main Apr 18, 2026
19 checks passed
@EffortlessSteven EffortlessSteven deleted the docs/gaps-closeout-audit branch April 18, 2026 07:45
@codecov

codecov Bot commented Apr 18, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

1 participant