c372e8452d
- agent-job.yml: pass untrusted issue body via env (BODY), never interpolated into a run: shell line (fixes GHA expression-injection). Adds security note. - lab/.gitignore: keep propose_pr's `git add -A` from sweeping __pycache__ and copied scaffolding into the review diff. - agent_runner.py: simulated reject() now removes the agent's untracked files (git restore can't), and the Module 2 restore line only prints for the real tracked-edit path. - README: clarify --simulate uses a deterministic stand-in, not the delete issue. Closes #24 Closes #25 Closes #26 Closes #27 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01TfzV5QvtPDz8LJS3Pu5VLT
18 lines
755 B
Plaintext
18 lines
755 B
Plaintext
# Keep the agent's proposed diff clean (Module 25, Part B).
|
|
#
|
|
# propose_pr() in agent_runner.py runs `git add -A` on purpose — a real agent (Part D) may touch
|
|
# files you can't enumerate ahead of time, so staging everything is the correct behavior. This
|
|
# .gitignore is what keeps that honest: it excludes the Python caches and the lab scaffolding you
|
|
# copied into tasks-app, so the commit the agent proposes is ONLY its real change (agent_demo.py and
|
|
# its test in the simulated path) — not binary .pyc noise or the orchestrator itself.
|
|
|
|
# Python / tool caches
|
|
__pycache__/
|
|
.pytest_cache/
|
|
.ruff_cache/
|
|
|
|
# Lab scaffolding copied into tasks-app for this module — not part of the agent's change.
|
|
agent_runner.py
|
|
issue-delete-command.md
|
|
agent-job.yml
|