azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync: auto-sync from GURU-KALI at 2026-05-25 14:06:01

Browse Source 
Author: Mike Swanson
Machine: GURU-KALI
Timestamp: 2026-05-25 14:06:01
This commit is contained in:
Mike Swanson
2026-05-25 14:06:02 -07:00
parent c99018ac42
commit e1069aa567
1 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
session-logs/2026-05-25-session.md
View File

@@ -1284,3 +1284,39 @@ curl -s -o /dev/null -w '%{http_code}' http://localhost:3001/status
- claudetools commits: `413df93` (sync.sh submodule fix + solverbot removal), `f2ece8e` (CLAUDE.md wording). - claudetools commits: `413df93` (sync.sh submodule fix + solverbot removal), `f2ece8e` (CLAUDE.md wording).
- Coord: component `gururmm/server` = deployed 0.3.22. Messages: `16aa12fb`/`74a1a3e5` (build-blocked to GURU-5070 + DESKTOP fallback), `b99f718c` (identity check-in reply), `2d518a70` (deploy-done + lessons). DESKTOP-0O8A1RL retired; GURU-5070 is Mike's current session id. - Coord: component `gururmm/server` = deployed 0.3.22. Messages: `16aa12fb`/`74a1a3e5` (build-blocked to GURU-5070 + DESKTOP fallback), `b99f718c` (identity check-in reply), `2d518a70` (deploy-done + lessons). DESKTOP-0O8A1RL retired; GURU-5070 is Mike's current session id.
- Audit tally: 61 findings (2 critical [both now FIXED+deployed], 10 high, 16 medium, 7 low, 26 info). - Audit tally: 61 findings (2 critical [both now FIXED+deployed], 10 high, 16 medium, 7 low, 26 info).
---
## Update: 14:05 MST — rmm-audit skill pinned to Opus 4.7 + re-audit #2 (Mike Swanson / GURU-KALI)
### Session Summary
Pinned the `/rmm-audit` skill to always use Opus 4.7: added a "Model (MANDATORY)" directive to `.claude/skills/rmm-audit/SKILL.md` (spawn every pass with `model: "opus"`, overriding the complexity-based routing — no Sonnet/Haiku downgrades) and updated the report template's Auditor line `claude-sonnet-4-6 -> claude-opus-4-7`. Synced out (claudetools `072687b`).
Re-ran the full audit on current main (`3dcb30e`, deployed v0.3.22), all six passes on Opus 4.7, against a fresh clone (`/tmp/gururmm-audit2`). 45 findings: 0 critical, 5 high, 6 medium, 11 low, 23 info. The morning audit's two CRITICAL auth holes are CONFIRMED RESOLVED + deployed (anon /api/metrics+/logs -> 401). The risk has shifted to the new health/safe-rollout feature being largely inert and to build/deploy infra hazards.
The 5 HIGHs: (1) crash detection is DEAD CODE — `health.rs:45` queries `event_type='update_applied'`, an event never written anywhere (code emits `update_success`/`update_failed`), so the monitor selects zero rows forever; one-line fix. (2) `update_rollouts` table has zero readers/writers — the "safe rollout" promotion table is never populated or consulted; health metrics gate nothing. (3) `build-server.sh` stop-before-validate/no-rollback/unchecked git reset — confirmed root cause of today's migration-46 outage (28 restarts). (4) mac builds 40 commits behind (was 7 this morning) — mac trigger genuinely broken since the Pluto outage. (5) `Agent.update_channel` declared in TS but never returned by the agent endpoints (dead field; `client_id` dead-link now resolved). Report committed to branch `audit/2026-05-25-rmm-audit-2` (gururmm `4a4311b`).
### Key Decisions
- **Pinned audit to 4.7 in the skill file itself** (source of truth) rather than a memory — the repo records it.
- **Fresh clone for the re-audit, not the submodule:** submodule is pinned at a42bd60; deployed/current main is 3dcb30e (with the health fix). Audited current main to reflect the deployed state without dirtying the submodule pin.
- **Report as `-2` suffix on a new branch:** the morning audit's report + UI_GAPS updates are on the unmerged `audit/2026-05-25-rmm-audit` branch; this re-audit supersedes it. Two audit branches now exist — recommend merging #2 and dropping #1.
### Configuration Changes
- claudetools `072687b` — `.claude/skills/rmm-audit/SKILL.md`: Opus-4.7-mandatory directive + report-template model.
- gururmm branch `audit/2026-05-25-rmm-audit-2` (`4a4311b`): `reports/2026-05-25-rmm-audit-2.md` (new) + `docs/UI_GAPS.md` (Watchdog closed, MSPBackups/Organizations in-progress).
### Pending / Incomplete Tasks
- **Re-audit HIGH action order (handed to beast):** (1) fix crash-detection event_type (`health.rs:45` -> `'update_success'`) + test; (2) harden build-server.sh (validate-before-swap, rollback, git-reset exit check, build lock); (3) restore mac build trigger; (4) wire `update_rollouts`/health metrics into promotion gating OR mark Phase-2 scaffolding; (5) `Agent.update_channel` add-to-server-or-drop.
- MEDIUM: health.rs sqlx-macro convention decision; metrics.rs `internal_err` rollout; isError on Logs.tsx + 8 pages; `any` cleanup.
- Two unmerged audit branches (#1 `audit/2026-05-25-rmm-audit`, #2 `audit/2026-05-25-rmm-audit-2`) — consolidate.
- `/tmp/gururmm-audit2` clone can be removed (report is pushed).
### Reference Information
- Re-audit report: `reports/2026-05-25-rmm-audit-2.md` on branch `audit/2026-05-25-rmm-audit-2` (gururmm `4a4311b`). Audited commit `3dcb30e`, server v0.3.22.
- Tally by pass: API 7 (4L/3I), Rust+Auth 3 (2M/1I), TS 16 (1H/3M/4L/8I), Data 7 (2H/2L/3I), Pipeline 12 (2H/1M/1L/8I).
- Prior: morning audit `reports/2026-05-25-rmm-audit.md` @ 7374e8a (branch audit/2026-05-25-rmm-audit).