singularity/singularity-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
singularity-forge/UPSTREAM_CHERRY_PICK_CANDIDATES.md
Mikael Hugo 7a6169705a docs: lock in fork stance, reframe cherry-pick list as reference-only 
After attempting cluster B (4 surgical agent-session fixes), even the
first commit conflicted because of structural namespace divergence
(gsd_*→sf_* rename, @sf-run/*→@singularity-forge/* rename, prior
pi-mono direct cherry-picks). The conflicts are real semantic
divergence, not noise.

Conclusion: sf is a fork; we do not periodically sync from
gsd-build/gsd-2. Pretending we still track upstream means weeks of
merge work for diminishing return.

BUILD_PLAN.md adds an explicit "Upstream stance" section documenting
the fork posture and the rationale for the three irreversible naming
choices.

UPSTREAM_CHERRY_PICK_CANDIDATES.md is reframed as a reference list,
not an action plan. The clusters and SHAs remain useful as an
intelligence source — port specific fixes by hand when one bites us;
do not run automated cherry-picks against the list.

Pi-mono SDK syncs continue separately — that path doesn't have the
same divergence problem.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 12:57:44 +02:00

294 lines
12 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Upstream reference list (NOT a cherry-pick action plan)
> **Status: REFERENCE.** sf is a fork; we do not sync from `gsd-build/gsd-2`. See [`BUILD_PLAN.md`](./BUILD_PLAN.md) §"Upstream stance" for why. This file is preserved as **an intelligence list** — high-value upstream work to read or hand-port if a specific bug or feature warrants it. Do not run `git cherry-pick` against this list; the rename divergence (`gsd_*`→`sf_*`, `@sf-run/*`→`@singularity-forge/*`, partial pi-mono cherry-picks) makes automated picks conflict on virtually every commit.
>
> **An attempt was made and rolled back:** cluster B's first commit conflicted on `agent-session.ts` and a deleted test file. Aborted clean. The conflicts were semantic (real divergence), not whitespace.
A read-only enumeration of notable commits in `gsd-build/gsd-2` (`upstream/main` at `fec206dda`, 2026-04-28) that are not in `singularity-ng/singularity-foundry/main` (at `b24f426f2`, 2026-04-29).
Total upstream-only commits: 4,589. This list is the **high-leverage subset** worth being aware of. Skipping the bulk of small/internal commits.
Clusters are roughly ordered by "if any port is worth doing, this first." Each cluster lists SHAs with one-line context.
---
## A. `/gsd eval-review` feature (~17 commits)
A new command for milestone-end evaluation review, with frontmatter schema and integration tests. Single coherent feature; cherry-pick as a block.
```
979487735 feat(gsd): add EVAL-REVIEW frontmatter schema module
6971f4333 feat(gsd): add /gsd eval-review command handler
a2f8f0e08 feat(gsd): register /gsd eval-review in catalog and ops dispatcher
83bcb054c feat(gsd): emit pre-ship soft warning on EVAL-REVIEW status
a686d22cb test(gsd): add /gsd eval-review integration suite
087cd6a0f docs(gsd): add /gsd eval-review user spec, drop ADR-011 references
176fa5c99 fix(gsd): include eval-review in /gsd help full output
bc8e17cd6 refactor(gsd): strip PR/issue references from eval-review code comments
35f5e2b57 docs(gsd): label fenced code blocks in eval-review.md (markdownlint MD040)
d2bf7e7d0 docs(gsd): vary lead phrasing in eval-review Related section
f2206dac3 fix(gsd): degrade AI-SPEC.md read failure to a marker instead of throwing
62207fc8a fix(gsd): clamp computeOverallScore to MIN_SCORE..MAX_SCORE
c0e778b2f fix(gsd): handle UTF-8 multi-byte chars at the truncation boundary
090c02d31 fix(gsd): three CodeRabbit findings — control flow, marker budget, Windows test
8931209c5 fix(gsd): bound eval-review reads to cap and surface AI-SPEC errors
ac71c03b7 fix(gsd): three CodeRabbit findings on eval-review prompt and budgeting
e111ed88f Merge pull request #5118 from NilsR0711/feat/eval-review-v2
18ce71551 fix(gsd): allow review-tier subagent dispatch from validate-milestone
089be6f07 Merge pull request #5099 from jeremymcs/fix/validate-milestone-dispatch-policy
```
Effort: ~2 hours. Touches: `src/resources/extensions/sf/eval-review*`, command catalog, help text.
---
## B. `agent-session` / `agent-end` transitions (4 commits — critical)
These fix real session-transition bugs. Should take regardless of other choices.
```
71114fccf fix(agent-session): guard synthetic agent_end transitions
6d7e4ccb5 fix(agent-session): skip idle wait after agent_end
e3bd04551 Fix session transition during agent_end
c162c44bf Fix agent_end session switch handoff
```
Effort: <1 hour. Likely lands cleanly.
---
## C. claude-code-cli permission persistence (3 commits)
Always-Allow for non-Bash tools didn't persist; fix + tests.
```
a88baeae9 fix(claude-code-cli): persist Always Allow for non-Bash tools
1cce8ae38 test(claude-code-cli): cover empty permission suggestions fallback
bf1d8aad0 Merge pull request #5096 from jeremymcs/fix/always-allow-non-bash-tools
```
Effort: <1 hour.
---
## D. Worktree TUI commands (2 commits)
Adds `worktree list|merge|clean|remove` to the TUI dispatcher.
```
2361ceeb1 feat(gsd): add worktree {list,merge,clean,remove} commands to TUI dispatcher
325aae489 Merge pull request #5055 from jeremymcs/feat/worktree-tui-commands
```
Effort: <1 hour. Touches: `src/resources/extensions/sf/worktree-command*.ts`.
---
## E. Worktree path safety + normalization (~12 commits)
A series of fixes hardening worktree path handling against injection, self-merge, dirty handling, cwd anchoring. Ship all together.
```
0fdacd524 Merge pull request #5062 from jeremymcs/fix/worktree-path-injection
16f025a0e Merge pull request #5051 from jeremymcs/fix/worktree-root-normalization
84a383f51 Merge pull request #5041 from jeremymcs/fix/5024-prevent-self-merge
f6d51492f fix(gsd): normalize worktree project roots
cf9927a1a fix(gsd): normalize auto worktree loop roots
17fce6461 fix(gsd): harden worktree dirty handling
ca7a0bc14 fix(gsd): anchor subagent dispatch to canonical worktree path
de73fb43d fix(gsd): stop dispatch on cwd anchor failures
4aff417ee fix(gsd): anchor cwd at project root in mergeAndExit (closes #5079)
fabecd488 fix(gsd): harden worktree dispatch cwd handling
7cfa24af6 fix(gsd): anchor cwd without cwd guard
13426f8cb fix(gsd): normalize self-merge ref guard
82bcf6b71 Merge pull request #5080 from jeremymcs/fix/headless-auto-cwd-anchor
```
Effort: 2-3 hours. Touches worktree code we already heavily customized **conflicts likely**.
---
## F. Workflow state machine hardening (5 commits)
```
f2377eedd fix(auto): harden workflow state transitions
b9a1c6743 fix(auto): persist workflow retry and summary state
153fb328a fix(auto): address peer review state hardening
381ccdef5 fix(state): fail closed on unreadable milestone summaries
371b2eb31 fix(state): restore slice dependency fallback
71e2c4b8d test(state): align dependency fallback expectation
767c235fa Merge pull request #4758 from jeremymcs/fix/workflow-state-machine-hardening
```
Effort: 1 hour. Important for reliability of long auto runs.
---
## G. Provider additions (4 commits)
Non-controversial provider list updates.
```
838dbc9b7 feat(models): add GLM-5.1 to Z.AI provider in custom models
b21f936ce feat(models): add gpt-5.4-mini to openai-codex list (#1215)
ba06f35c3 feat(gsd): add GPT-5.5 Codex model support
5f3c90bd2 feat(ollama): native /api/chat provider with full option exposure
6132d4089 feat(ollama): configurable probe/request timeouts via env vars
939b75e45 Merge pull request #5045 from jeremymcs/feat/5003-ollama-timeout-env
```
Effort: <30 min. Mostly config/data.
---
## H. Security / data-integrity fixes (~6 commits)
```
65ca5aa2e fix(security): harden project-controlled surfaces # we have 66ff949c1 partial; supersede
da7dd56e7 fix(safety): persist bash evidence at tool_call to close mid-unit re-dispatch race (#5056)
4370bedf3 fix(search): narrow native web_search injection to providers that accept it
9340f1e9b fix(gsd): self-heal symlinked .gsd staging to prevent silent data loss (#4423)
58d3d4d6c fix(knowledge): scope + budget milestone KNOWLEDGE injection (#4721)
bb747ec57 fix(mcp-server): prevent defaultExecFn stdout-buffer deadlock
```
Effort: 1-2 hours. Most are surgical.
---
## I. Headless / non-interactive (5 commits)
```
4ba746888 fix(gsd): instruct workflows to use repo MCP tools
14ec4d97f fix(headless): suppress notification status spam
42f44f1ed fix(gsd): load global mcp and search providers
c15afb45f fix(headless): improve search and mcp status output
cf0274c63 fix(headless): show assistant previews in logs
```
Effort: 1 hour. Useful for our non-interactive autopilot path.
---
## J. Rate limiting + token telemetry (5 commits)
```
f980929f1 feat(auto): proactive rate limiting via min_request_interval_ms (#2996)
73bc4d2f1 fix(auto): stamp request interval at dispatch
41edad041 Merge pull request #5007 from jeremymcs/feat/min-request-interval-ms
b4d4725ad feat(pi-coding-agent): opt-in per-call token telemetry (#5023)
a400838aa Merge pull request #5026 from jeremymcs/feat/5023-token-telemetry
```
Effort: 1 hour. Aligns with SPEC.md §19.6 rate-limit observability.
---
## K. MCP global config (3 commits)
```
a59c38822 feat(mcp-client): read global MCP config from ~/.gsd/mcp.json
49723ef03 Merge pull request #4970 from imxv/feat/mcp-client-global-config
bb747ec57 fix(mcp-server): prevent defaultExecFn stdout-buffer deadlock
```
Effort: <1 hour.
---
## L. Doctor / diagnostics (2 commits)
```
420354f99 feat(gsd): add doctor check for orphan milestone directories (#4996)
1fb9f439e Merge pull request #4998 from gsd-build/fix/4996-milestone-id-gap-detection
```
Effort: <30 min.
---
## M. Performance (3 commits)
```
4dd01472a Merge pull request #5030 from jeremymcs/perf/5027-compaction-cache-breakpoint
8ebb13ee9 Merge pull request #5029 from jeremymcs/perf/5022-startup-optimization
```
Effort: <30 min if conflicts are minimal.
---
## N. Windows fixes (2 commits)
```
9d08d820b Merge pull request #5036 from TommyC81/fix/5015-windows-home-dir
780a8220a Merge pull request #5042 from jeremymcs/fix/5017-windows-dep0190
f857a68ba Merge pull request #5043 from jeremymcs/fix/4946-types-semver
```
Effort: <30 min. Take if Windows is a target; skip otherwise.
---
## O. UnitContextManifest / Composer rewrite (~15 commits)
A major architectural refactor. **Likely conflicts heavily** with our work. Probably **skip** unless we want this direction; revisit during v3 implementation.
```
7d54fe2d3 feat(auto): UnitContextManifest schema + data + CI guard — phase 1 of #4782
ae5b4011e feat(auto): UnitContextManifest v2 contract — typed computed artifacts (#4924)
896da7915 feat(auto): UnitContextManifest tools-policy field — declarative-only (#4934)
7a63d5558 feat(gsd): runtime tools-policy enforcement for planning units (#4934)
1433c5f8e feat(auto): compose reassess-roadmap context from manifest — #4782 phase 2
8a0eee56a feat(auto): migrate run-uat through composer — #4782 phase 3 batch 1
dc9e7a854 feat(auto): migrate research-milestone through composer — #4782 phase 3 batch 2
1765a211c feat(auto): migrate complete-slice through composer — #4782 phase 3 batch 3
17b74c5bf feat(auto): wire pipeline variant into dispatch — phase 2 of #4781
298d63707 feat(auto): milestone scope classifier — phase 1 of #4781
4b4ab00f4 feat(unit-manifest): introduce planning-dispatch mode for slice plan/complete
```
Effort: 1-2 days IF we take it. **Recommendation: defer; revisit when v3 §3 schema reconciliation lands.**
---
## P. Memories cutover (1 commit — relevant for v3 sm integration)
```
d3600f92f feat(gsd): cutover to memories table as single source of truth (ADR-013 step 6)
1f8e77172 Merge pull request #5002 from jeremymcs/fix/4967-memory-capture-error
```
Worth reading carefully this is upstream's answer to what we're calling Singularity Memory integration. May change the recommended sm integration path in BUILD_PLAN.
---
## Recommended order of cherry-picks
Total estimated effort if we take all clusters AN: **~10-15 hours of focused work**, plus conflict resolution.
| Order | Cluster | Why first |
|---|---|---|
| 1 | B agent-session | Critical correctness, lands cleanly |
| 2 | F workflow state | Reliability of long auto runs |
| 3 | H security/data-integrity | We already partially cherry-picked H#1 |
| 4 | C claude-code permission | Small, isolated |
| 5 | A eval-review | New feature, atomic block |
| 6 | G providers | Trivial config |
| 7 | J rate limiting | Aligns with §19.6 |
| 8 | E worktree path safety | Conflicts likely; resolve carefully |
| 9 | I headless | Useful for autopilot |
| 10 | K MCP global config | Small |
| 11 | L doctor / orphan check | Small |
| 12 | D worktree TUI commands | Discretionary feature |
| 13 | M performance | If gains are real |
| 14 | N Windows | Skip if not a target |
| **DEFER** | O composer rewrite | Conflicts; revisit during v3 |
| **READ FIRST** | P memories cutover | Informs sm integration plan |
## Excluded from this list
- ~3,800 commits that are: chore, docs, test housekeeping, internal renames, CI tweaks, version bumps, dependency updates without our use case, branch-merge noise, revert-then-readd churn.
- Most `Merge pull request` commits where the underlying squash already represents the work.
If you want any of those clusters expanded with full file-touch lists before deciding, ask.
Reference in a new issue View git blame Copy permalink