[codex] Reuse compatible plugin metadata snapshots on hot catalog paths

[steipete]

Summary

• Problem: hot model-catalog and manifest-contract readers that omitted workspaceDir could reject the Gateway's current workspace-scoped plugin metadata snapshot and fall back to cold plugin metadata scans.
• Why it matters: those fallbacks can repeat plugin manifest/package stat sweeps on control-plane paths involved in slow agent startup and laggy Gateway/TUI reports.
• What changed: added an explicit snapshot-compatibility opt-in for unscoped control-plane readers, then used it for model catalog and manifest-contract metadata lookups.
• What did NOT change (scope boundary): explicit workspace callers still require an exact workspace match; env/config compatibility remains enforced before reuse.
• CI unblock: updated a stale kitchen-sink prerelease canary assertion from 0.1.5 to the current script default 0.2.5; this was already failing on origin/main and is test-only.

Change Type (select all)

• Bug fix
• Feature
• Refactor required for the fix
• Docs
• Security hardening
• Chore/infra

Scope (select all touched areas)

• Gateway / orchestration
• Skills / tool execution
• Auth / tokens
• Memory / storage
• Integrations
• API / contracts
• UI / DX
• CI/CD / infra

Linked Issue/PR

• Fixes [Bug]: getCurrentPluginMetadataSnapshot workspaceDir mismatch defeats snapshot reuse — 192-stat sweep per dispatch (regression of #76182 / #73353 fix) #77519
• Related Agent bootstrap takes 3+ minutes per turn; core-plugin-tools, system-prompt, stream-setup each 45-75s #77532
• This PR fixes a bug or regression

Root Cause (if applicable)

• Root cause: current metadata snapshots are workspace-scoped, while some hot control-plane readers intentionally operate without a workspace. The strict default compatibility check rejected those snapshots even when the stored workspace was the correct current Gateway scope.
• Missing detection / guardrail: tests covered strict workspace rejection and explicit workspace reuse, but not safe unscoped control-plane reuse with env/config compatibility preserved.
• Contributing context: [codex] Preserve workspace metadata reuse for model refreshes #77554 fixed explicit agent-dir model refresh paths; this follows up on unscoped catalog/contract readers that still needed a safe reuse path.

Regression Test Plan (if applicable)

• Coverage level that should have caught this:
  • Unit test
  • Seam / integration test
  • End-to-end test
  • Existing coverage already sufficient
• Target test or file: src/plugins/current-plugin-metadata-snapshot.test.ts, src/agents/model-catalog.test.ts, src/plugins/manifest-contract-eligibility.test.ts
• Scenario the test should lock in: unscoped readers opt into current workspace-scoped snapshot reuse only while passing env/config through compatibility checks.
• Why this is the smallest reliable guardrail: these tests exercise the snapshot compatibility seam and the two hot readers without needing a live Gateway.
• Existing test that already covers this (if any): strict workspace rejection coverage already existed; this PR extends it for the safe opt-in path.
• If no new test is added, why not: N/A

User-visible / Behavior Changes

Plugin/model catalog metadata lookups should avoid repeated cold scans on compatible hot paths, reducing latency and event-loop pressure for affected Gateway sessions.

Diagram (if applicable)

Before:
unscoped catalog lookup -> current snapshot rejected -> cold plugin metadata scan

After:
unscoped catalog lookup -> env/config-compatible snapshot reused -> no cold scan

Security Impact (required)

• New permissions/capabilities? No
• Secrets/tokens handling changed? No
• New/changed network calls? No
• Command/tool execution surface changed? No
• Data access scope changed? No
• If any Yes, explain risk + mitigation: N/A

Repro + Verification

Environment

• OS: macOS local; Linux via Blacksmith Testbox
• Runtime/container: Node/pnpm repo scripts
• Model/provider: N/A
• Integration/channel (if any): plugin metadata/model catalog surfaces
• Relevant config (redacted): N/A

Steps

1. Call manifest/model catalog readers without a workspace while a workspace-scoped current metadata snapshot exists.
2. Verify they can reuse the compatible snapshot instead of falling back to loadPluginMetadataSnapshot.
3. Verify explicit env and omitted config are still passed into compatibility checks.

Expected

• Compatible unscoped control-plane readers reuse the current snapshot.
• Explicit workspace mismatch remains rejected.
• Env/config mismatches still force fallback.

Actual

• Matches expected with the new tests.

Evidence

• Failing test/log before + passing after
• Trace/log snippets
• Screenshot/recording
• Perf numbers (if relevant)

Human Verification (required)

• Verified scenarios:
  • pnpm exec oxfmt --check --threads=1 src/plugins/current-plugin-metadata-snapshot.ts src/plugins/current-plugin-metadata-snapshot.test.ts src/agents/model-catalog.ts src/agents/model-catalog.test.ts src/plugins/manifest-contract-eligibility.ts src/plugins/manifest-contract-eligibility.test.ts
  • pnpm check:changelog-attributions
  • pnpm test src/plugins/current-plugin-metadata-snapshot.test.ts src/plugins/manifest-contract-eligibility.test.ts src/agents/model-catalog.test.ts
  • pnpm exec oxfmt --check --threads=1 test/scripts/plugin-prerelease-test-plan.test.ts
  • pnpm test test/scripts/plugin-prerelease-test-plan.test.ts
  • Testbox pnpm check:changed on tbx_01kqtrar6geep8cka08mk7cyq4 before the stale-test canary update
  • Testbox pnpm check:changed on tbx_01kqtrsq3225b6xpgfjxbvbbkb after the final diff
• Edge cases checked: explicit env forwarding, omitted config normalization, strict default rejection without opt-in.
• What you did not verify: live multi-agent Gateway strace/syscall reduction.

Review Conversations

• I replied to or resolved every bot review conversation I addressed in this PR.
• I left unresolved only the conversations that still need reviewer or maintainer judgment.

Compatibility / Migration

• Backward compatible? Yes
• Config/env changes? No
• Migration needed? No
• If yes, exact upgrade steps: N/A

Risks and Mitigations

• Risk: overly broad reuse could hide workspace/env/config-specific plugin metadata differences.
  • Mitigation: reuse is explicit opt-in, still runs policy/fingerprint compatibility with normalized config and caller env, and preserves exact matching for explicit workspace callers.

[clawsweeper]

Codex review: needs maintainer review before merge.

Summary
This PR adds an explicit opt-in for unscoped model catalog and manifest-contract readers to reuse a compatible current workspace-scoped plugin metadata snapshot, with tests and a changelog entry.

Reproducibility: yes. from source inspection: current main has unscoped catalog/manifest-contract callers, and the current snapshot helper rejects workspace-scoped snapshots when no workspaceDir is supplied. I did not run tests because this review was read-only.

Next step before merge
The protected maintainer label and normal merge decision need maintainer handling; there is no narrow automated repair to queue because review found no actionable patch defect.

Security
Cleared: The diff does not add permissions, dependencies, network calls, secret handling, lifecycle hooks, or new code-execution surfaces.

Review details

Best possible solution:

Land the PR after maintainer review and exact-head checks if it remains green, keeping the opt-in limited to unscoped control-plane readers with env/config/workspace compatibility enforced.

Do we have a high-confidence way to reproduce the issue?

Yes, from source inspection: current main has unscoped catalog/manifest-contract callers, and the current snapshot helper rejects workspace-scoped snapshots when no workspaceDir is supplied. I did not run tests because this review was read-only.

Is this the best way to solve the issue?

Yes, the proposed approach is the narrowest maintainable fix I found: explicit opt-in for the two unscoped control-plane readers while preserving strict matching for explicit workspace callers and keeping env/config fingerprints in the compatibility check.

Acceptance criteria:

• pnpm exec oxfmt --check --threads=1 src/plugins/current-plugin-metadata-snapshot.ts src/plugins/current-plugin-metadata-snapshot.test.ts src/agents/model-catalog.ts src/agents/model-catalog.test.ts src/plugins/manifest-contract-eligibility.ts src/plugins/manifest-contract-eligibility.test.ts
• pnpm test src/plugins/current-plugin-metadata-snapshot.test.ts src/plugins/manifest-contract-eligibility.test.ts src/agents/model-catalog.test.ts
• pnpm check:changed

What I checked:

• Protected label: The current GitHub labels include maintainer, so this cleanup review must not close the PR even if the patch looks valid.
• Current-main rejection path: Current main rejects a workspace-scoped current metadata snapshot when the caller omits workspaceDir, which matches the hot-path miss described by the PR. (src/plugins/current-plugin-metadata-snapshot.ts:79, 7e591a624fed)
• Unscoped model catalog caller: Current main calls getCurrentPluginMetadataSnapshot from loadManifestModelCatalog without forwarding env and without any opt-in for a stored workspace-scoped snapshot when workspaceDir is omitted. (src/agents/model-catalog.ts:124, 7e591a624fed)
• Unscoped manifest-contract caller: Current main's manifest metadata helper can call the current-snapshot seam without a workspace scope, then falls back to a cold metadata snapshot load. (src/plugins/manifest-contract-eligibility.ts:99, 7e591a624fed)
• PR diff reviewed: The PR diff only changes the snapshot compatibility seam, two metadata readers, targeted tests, and the changelog; it does not touch dependencies, CI, secret handling, network calls, or command execution paths. (src/plugins/current-plugin-metadata-snapshot.ts:49, 078bd2cfa063)
• Related context: The PR explicitly fixes [Bug]: getCurrentPluginMetadataSnapshot workspaceDir mismatch defeats snapshot reuse — 192-stat sweep per dispatch (regression of #76182 / #73353 fix) #77519, relates to Agent bootstrap takes 3+ minutes per turn; core-plugin-tools, system-prompt, stream-setup each 45-75s #77532, and follows merged PR [codex] Preserve workspace metadata reuse for model refreshes #77554 as a narrower continuation for unscoped catalog/contract readers.

Likely related people:

• steipete: Recent GitHub commit history shows repeated work on plugin metadata snapshots, plugin control-plane cache context, manifest-contract metadata consumers, and model-catalog lazy loading; PR [codex] Preserve workspace metadata reuse for model refreshes #77554 is also a merged adjacent slice. (role: recent maintainer and adjacent owner; confidence: high; commits: fecac7e40aef, 9989512a3710, f11046e0bf66; files: src/plugins/current-plugin-metadata-snapshot.ts, src/plugins/manifest-contract-eligibility.ts, src/agents/model-catalog.ts)
• shakkernerd: Recent history attributes the strict unscoped workspace metadata rejection and nearby manifest catalog/tool discovery work to this author. (role: introduced related behavior; confidence: medium; commits: 51c7f544f349, 6b6f140c42d2, f8639d3429b6; files: src/plugins/current-plugin-metadata-snapshot.ts, src/agents/model-catalog.ts, src/plugins/manifest-contract-eligibility.ts)
• vincentkoc: Recent commits touched the model list read-only fast path and plugin metadata snapshot cycle, both adjacent to this PR's hot catalog behavior. (role: recent adjacent maintainer; confidence: medium; commits: b74401074b6e, a2ec5a7d72f4; files: src/agents/model-catalog.ts, src/plugins/current-plugin-metadata-snapshot.ts)

Remaining risk / open question:

• The patch is source- and unit-test-backed, but this review did not include a live multi-agent Gateway perf trace proving syscall reduction on the reported workload.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 7e591a624fed.

[steipete]

Landed.

• Source SHA: 19c2e62
• Merge commit: 48ff390
• Verification: PR CI green on source SHA; Testbox pnpm check:changed passed on tbx_01kqtrsq3225b6xpgfjxbvbbkb; targeted local tests and formatter checks listed in the PR body.