|
94 | 94 |
|
95 | 95 | - [ ] 5.2 (P) Tag server-generated command responses as never-forward |
96 | 96 | - Tag the server-generated command response message as `never_forward` for the session at creation time. |
| 97 | + - Ensure the tag is persisted for the session lifetime as soon as the response is generated and before it is returned to the client. |
97 | 98 | - Ensure recognition does not rely on client-preserved metadata if the client resubmits the response in history. |
98 | 99 | - _Requirements: 3.1, 3.2, 3.3_ |
99 | 100 |
|
|
107 | 108 | - [ ] 6.1 Register identity, registry, and enforcer services in staged initialization |
108 | 109 | - Register new services with appropriate lifetimes and dependency wiring. |
109 | 110 | - Ensure configuration values (tag capacity limit) are available to the registry at runtime. |
| 111 | + - Confirm services are available to command handling, steering injection, and backend orchestration in staged initialization order. |
110 | 112 | - _Requirements: 1.1, 1.2, 1.3, 14.3_ |
111 | 113 |
|
112 | 114 | - [ ] 6.2 Integrate enforcement into backend completion flow before capture and invocation |
|
125 | 127 | - [ ]* 6.4 Add property-based tests for identity and filtering invariants (deferrable) |
126 | 128 | - Generate diverse canonical message shapes (role/content/tool variants) and assert identity determinism. |
127 | 129 | - Assert filtering invariants (order preserved; removed messages are always tagged for the session and scope). |
| 130 | + - Include cases covering tool-result messages whose content is rewritten by compaction. |
128 | 131 | - _Requirements: 1.2, 1.5, 5.2_ |
129 | 132 |
|
130 | 133 | - [ ] 7. Ensure coverage across entry points and session identity propagation (Option B) |
|
143 | 146 | - [ ] 7.3 Ensure internal retry/steering workflows propagate session id and injection provenance |
144 | 147 | - Reuse the same session id across multiple backend calls made within a single logical interaction. |
145 | 148 | - Provide the injected-message provenance boundary for every backend call that appends steering/internal messages. |
| 149 | + - Confirm internal workflows never bypass the shared enforcement boundary. |
146 | 150 | - _Requirements: 7.2, 8.2, 8.3_ |
147 | 151 |
|
148 | 152 | - [ ] 7.4 Add integration tests for session scoping and non-leakage across entry points |
149 | 153 | - Verify tags are applied only within the resolved session id and do not leak across sessions. |
150 | 154 | - Verify a non-HTTP entry point reuses the same session id across multiple backend calls in a single interaction. |
| 155 | + - Verify concurrent interactions do not cross-apply tags between different session identifiers. |
151 | 156 | - _Requirements: 8.1, 8.2, 8.3, 8.4_ |
152 | 157 |
|
153 | 158 | - [ ] 8. Remove legacy regex-based enforcement and legacy code paths (alpha finality) |
|
160 | 165 | - [ ] 8.2 Update tests to remove legacy regex expectations and assert final behavior only |
161 | 166 | - Remove or rewrite tests that depended on legacy regex stripping and replace with tagging/enforcement assertions. |
162 | 167 | - Add regression coverage that fails if legacy regex-based non-forwardable filtering is reintroduced. |
| 168 | + - Remove obsolete helpers/fixtures that existed only to support legacy regex-based enforcement tests. |
163 | 169 | - _Requirements: 13.1, 13.3_ |
164 | 170 |
|
165 | 171 | - [ ] 8.3 Run the full unit and integration suites for this feature and fix failures |
166 | 172 | - Ensure unit tests for identity/registry/enforcer pass. |
167 | 173 | - Ensure integration tests for backend flow, compaction compatibility, and entry point coverage pass. |
| 174 | + - Ensure static checks pass for modified modules (lint, formatting, type checks). |
168 | 175 | - _Requirements: 9.1, 10.1, 11.1_ |
0 commit comments