prior audit: #276 @ 2f26d91. main HEAD == 2f26d91. skip rule trip → no new full audit.
#300 ran on 679f9fe (not on main, 11 commits ahead on a feature branch). most #300 findings still apply since the gap is tooling commits, not code.
sweep (89 audit-finding issues triaged)
- RESOLVED: 0
- FALSE-POSITIVE: 0
- OBVIOUS-FIX: 14 (5 auto-PR'd, 9 deferred to next run)
- AMBIGUOUS: ~55
3 RESOLVED candidates (#344 #354 #355) re-classified: search component absent on main now, but pending feature branch carries it. annotated as deferred, kept open. git ls-tree origin/main → only docs/specs/2026-04-19-ui-design/local-search.md.
auto-fix PRs
CI in flight at write time. fmt / clippy / browser / wasm / cargo-audit green across all 3. test + playwright running.
deferred obvious-fix (next run pickups)
#303 voice.participants caps · #302 sync_since heads cap · #235 TopicAnnounce cap · #236 Event/RotateChannelKey vec caps · #234 display_name length cap · #238 bootstrap CRLF buffer · #227 deploy sshpass replace · #319 trunk version pin · #314 docker USER directive · #269 MessageDb error logging.
stale-sweep
closures: 0. notes added: #344 #354 #355.
lessons
session: https://claude.ai/code/session_01KvXynFPgSaqWTBo65iMnD9
prior audit: #276 @ 2f26d91. main HEAD == 2f26d91. skip rule trip → no new full audit.
#300 ran on 679f9fe (not on main, 11 commits ahead on a feature branch). most #300 findings still apply since the gap is tooling commits, not code.
sweep (89 audit-finding issues triaged)
3 RESOLVED candidates (#344 #354 #355) re-classified: search component absent on main now, but pending feature branch carries it. annotated as deferred, kept open.
git ls-tree origin/main→ onlydocs/specs/2026-04-19-ui-design/local-search.md.auto-fix PRs
willow-channelcrate, wrong EventKind count #255)==#301 [SEC-A-01] Bearer token compared with non-constant-time equality #304 [SEC-A-02] Agentread_resourcedoes not enforceallows_resourcescope #305 [SEC-A-09] Agent HTTP server defaults to TokenScope::Full with no CLI flag #311)pub fn test_config()(with/tmp/test-worker.key) lives in non-test module #331)CI in flight at write time. fmt / clippy / browser / wasm / cargo-audit green across all 3. test + playwright running.
deferred obvious-fix (next run pickups)
#303 voice.participants caps · #302 sync_since heads cap · #235 TopicAnnounce cap · #236 Event/RotateChannelKey vec caps · #234 display_name length cap · #238 bootstrap CRLF buffer · #227 deploy sshpass replace · #319 trunk version pin · #314 docker USER directive · #269 MessageDb error logging.
stale-sweep
closures: 0. notes added: #344 #354 #355.
lessons
git merge-base --is-ancestorcaught that Codebase Audit — main @ 679f9fe (2026-04-25) #300 ran on a non-main branch. saved a redundant 8-agent matrix.git ls-tree origin/main+ open PRs touching the path before closing.cargo check -p <crate>(NOTjust check) + caveman PR body + blocker file fallback. that template held up across 3 willow PRs.cargo install --locked cargo-auditpanicked silently here (binary not in~/.cargo/binafter exit-0 install). checkwhich cargo-auditbefore relying on it; existing [DEP-08] Unmaintainedpaste 1.0.15(RUSTSEC-2024-0436) — not in CI ignore list #316 [DEP-09] Unmaintainedproc-macro-error 0.4.12(RUSTSEC-2024-0370) — not in CI ignore list #317 [DEP-10] Unmaintainedatomic-polyfill 1.0.3(RUSTSEC-2023-0089) — not in CI ignore list #318 already track the RUSTSEC IDs anyway.list_issuesexceeds token cap on big repos — pipe to jq + JSONL early so audit agents work from a flat file.session: https://claude.ai/code/session_01KvXynFPgSaqWTBo65iMnD9