Skip to content

Follow-up coverage: intent-paywall + machine_id race; cookie/compose caveats#22

Merged
Coding-Dev-Tools merged 1 commit into
mainfrom
fix/followup-coverage-2026-07-17
Jul 17, 2026
Merged

Follow-up coverage: intent-paywall + machine_id race; cookie/compose caveats#22
Coding-Dev-Tools merged 1 commit into
mainfrom
fix/followup-coverage-2026-07-17

Conversation

@Coding-Dev-Tools

Copy link
Copy Markdown
Owner

Follow-up to the fleet batch (already merged to main at 16585ed). Adds ONLY the coverage
the fleet did not already provide.

The fleet's 16585ed independently added _park_first_hash + login-race tests and a
license-cache concurrency test (test_online_only_enforcement.py), so the login-lock and
cache-race drafts from my earlier working branch are intentionally DROPPED here as duplicative.

Still-missing coverage landed here:

  • tests/test_intent_paywall.py (new): the _paid(team) 402 gate on
    /api/intent/remember and /api/intent/link (5a31389 gated both routes but tested
    neither; no test referenced these paths) + the licensed-200 path.
  • tests/test_machine_id_concurrency.py (new): 16 threads racing a fresh device id
    converge on ONE id (7b62157 _machine_id_lock + O_EXCL) — main only used machine_id
    for setup, never tested the first-run race.
  • engraphis/routes/v2_team.py _cookie_secure: document the non-proxied-HTTP
    X-Forwarded-Proto caveat. Behavior unchanged (gating XFP behind the empty-default
    ENGRAPHIS_FORWARDED_ALLOW_IPS would drop Secure on proxied deploys; XFP can only ADD
    Secure, never downgrade).
  • docker-compose.yml: note the optional-.env object form needs Compose v2.24+, with
    the older-version fallback.

Verified locally: ruff clean, both new test files green.

…caveats

Follow-up to the fleet batch (already on main at 16585ed). Adds ONLY the coverage the
fleet did not already provide — its 16585ed _park_first_hash login-race tests and
test_online_only_enforcement cache-race test already supersede the login/cache drafts,
so those are intentionally dropped as duplicative.

- tests/test_intent_paywall.py (new): _paid(team) 402 gate on /api/intent/remember
  and /api/intent/link, plus the licensed 200 path. No test referenced these routes
  (5a31389 gated both but tested neither).
- tests/test_machine_id_concurrency.py (new): 16 threads racing a fresh device id
  converge on ONE id (7b62157 _machine_id_lock + O_EXCL). main only used machine_id
  for setup, never tested the first-run race.
- v2_team._cookie_secure: document the non-proxied-HTTP X-Forwarded-Proto caveat.
  Behavior intentionally unchanged — gating XFP behind the empty-default
  ENGRAPHIS_FORWARDED_ALLOW_IPS would drop Secure on proxied deploys; XFP can only
  ADD Secure, never downgrade.
- docker-compose.yml: note the optional-.env object form needs Compose v2.24+ and
  give the older-version fallback.
@Coding-Dev-Tools
Coding-Dev-Tools merged commit 544bda8 into main Jul 17, 2026
7 checks passed
@Coding-Dev-Tools
Coding-Dev-Tools deleted the fix/followup-coverage-2026-07-17 branch July 17, 2026 21:42
Repository owner deleted a comment from chatgpt-codex-connector Bot Jul 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant