Merge Orchestration · scheduled trigger: Scheduler.cycle + mix hypatia.merge_orchestrate#496
Merged
Merged
Conversation
… hypatia.merge_orchestrate
Closes the autonomy loop: one cron/CI entry point that runs the whole
sense -> deliberate -> gate -> manifest pipeline in a single call.
* Scheduler.cycle/1 -- assembles the LIVE inputs the pure Loop doesn't:
resolves the store (opt | MERGE_ORCH_STORE env | data/verisim default),
snapshots Graph-of-Trust into the competence council via
KinCompetence.trust_from_got over the fleet roster, then runs Loop.run and
logs the stats. Trust source (:got): :auto (default) builds a live
Hypatia.Neural.GraphOfTrust snapshot, degrading to a uniform council on any
failure (a scheduled job must never crash the cron); nil forces uniform; a
struct is used directly. The GraphOfTrust call is late-bound (apply/3) so
this module stays compile-decoupled from the neural stack and the logic
tests run dependency-free.
* mix hypatia.merge_orchestrate [--store PATH] [--holder NAME] -- the canonical
scheduled entry point; boots the app, runs one cycle, prints the summary.
The brain stays token-free: the cycle only READS the store and WRITES the
manifest; the .git-private-farm actuator (separate, PAT-bearing) merges.
61 ExUnit (was 58): +3 Scheduler -- uniform-council-arms, a zero-trust sole
approver recuses to flagged (GoT trust engaged end to end through the council),
and the MERGE_ORCH_STORE env fallback. 0 failures, local elixir 1.14,
mix-format-clean, scanner-clean.
The full loop now runs from a single 'mix hypatia.merge_orchestrate'. Scheduling
it (cron / GenServer tick) + the owner follow-ons are all that remain.
🔍 Hypatia Security ScanFindings: 42 issues detected
View findings[
{
"reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.",
"type": "GS007",
"file": ".",
"action": "delete_remote_branches",
"rule_module": "git_state",
"severity": "medium"
},
{
"reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old",
"type": "CSA001",
"file": "src/ui/gossamer/README.adoc",
"action": "review",
"rule_module": "code_scanning_alerts",
"severity": "medium"
},
{
"reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old",
"type": "CSA001",
"file": "scripts/ci-tools/Cargo.toml",
"action": "review",
"rule_module": "code_scanning_alerts",
"severity": "medium"
},
{
"reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old",
"type": "CSA001",
"file": "scripts/bench-tools/Cargo.toml",
"action": "review",
"rule_module": "code_scanning_alerts",
"severity": "medium"
},
{
"reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old",
"type": "CSA001",
"file": "ffi/zig/README.adoc",
"action": "review",
"rule_module": "code_scanning_alerts",
"severity": "medium"
},
{
"reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old",
"type": "CSA001",
"file": "docs/reports/audit/audit-2026-04-15-post.md",
"action": "review",
"rule_module": "code_scanning_alerts",
"severity": "medium"
},
{
"reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old",
"type": "CSA001",
"file": "docs/integration/github-registry.adoc",
"action": "review",
"rule_module": "code_scanning_alerts",
"severity": "medium"
},
{
"reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old",
"type": "CSA001",
"file": "docs/integration/github-registry.adoc",
"action": "review",
"rule_module": "code_scanning_alerts",
"severity": "medium"
},
{
"reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old",
"type": "CSA001",
"file": "docs/integration/a2ml-k9.md",
"action": "review",
"rule_module": "code_scanning_alerts",
"severity": "medium"
},
{
"reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old",
"type": "CSA001",
"file": "docs/architecture/system-integration.md",
"action": "review",
"rule_module": "code_scanning_alerts",
"severity": "medium"
}
]Powered by Hypatia Neurosymbolic CI/CD Intelligence |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The scheduled trigger — closes the autonomy loop
Every piece of the pipeline is merged, but nothing invokes it on a schedule. This is that entry point: one cron/CI call runs the whole sense → deliberate → gate → manifest loop, with the live Graph-of-Trust snapshot finally feeding the competence council.
Scheduler.cycle/1Assembles the live inputs the pure
Loopdeliberately doesn't:opts[:store]→MERGE_ORCH_STOREenv →data/verisimdefault.GraphOfTrustinto the council viaKinCompetence.trust_from_got/2over the fleet roster. The:gotsource::auto(default) builds a liveHypatia.Neural.GraphOfTrustsnapshot, degrading to a uniform council on any failure — a scheduled job must never crash the cron;nilforces uniform; a struct is used directly.Loop.run/1, logs the cycle stats.The
GraphOfTrustcall is late-bound (apply/3) so this module stays compile-decoupled from the neural stack and the logic tests run dependency-free. (GraphOfTrust.trust_score/2defaults unknown entities to0.5neutral, so an un-scored fleet bot is neutral, not silenced.)mix hypatia.merge_orchestrateThe canonical scheduled entry point (mirrors the existing
mix hypatia.record_outcomepattern):Boots the app, runs one cycle, prints the summary. Invoke from cron / CI.
The brain stays token-free: the cycle only reads the store and writes the manifest; the
.git-private-farmactuator (separate, PAT-bearing) performs the merges.Testing (actual, not looks-right)
61 ExUnit, 0 failures (was 58) under Elixir 1.14, mix-format-clean, scanner-clean:
The +3 Scheduler tests prove the trust snapshot engages end-to-end:
citrust 0.0 →cirecuses → the bump is flagged, not armed (the competence weighting fires throughScheduler → Loop → KinCompetence → KinCouncil → Strategistfor real);MERGE_ORCH_STOREenv fallback resolves the store when--storeis omitted.Scope / safety
lib/+ a Mix task, your review.Scheduler+ the Mix task + its test. No change to any existing module. I chose a Mix task (cron-invokable, no supervision-tree risk) over wiring a new GenServer intoapplication.ex.Where this leaves it
The full loop now runs from a single
mix hypatia.merge_orchestrate. What remains is purely scheduling + owner items, no new brain logic:learning_scheduler, or a CI cron) — a one-liner.standardsadoption; P3 handshake +mass_squashin the actuator; the farm Actions-billing fix (so the actuator can run scheduled).Generated by Claude Code