bot-bottle

didericis/bot-bottle

Fork 0

Commit Graph

Select branches

Hide Pull Requests

commit-bottle-state

core-coverage-badge

cover-egress-addon-adapter

cover-global-90

decompose-egress-dlp-config

feat/pipelock-skip-scan-extensions

fix-integration-test-failures

fix/macos-container-relative-dockerfile

flatten-deep-nesting

harden-git-gate-shell-rendering

main

move-codex-auth-to-contrib

pr-211

prd-0049-named-labelled-agents

prd-0054-install-script

prd-egress-control-plane

prd-smolmachines-linux

ratchet-egress-addon-90

ratchet-egress-core-90

ratchet-git-gate-90

ratchet-manifest-90

ratchet-supervise-90

ratchet-yaml-subset-90

table-drive-dlp-tests

#1

#10

#101

#102

#103

#107

#108

#11

#110

#114

#115

#119

#12

#121

#123

#124

#127

#13

#131

#132

#133

#14

#141

#142

#143

#144

#145

#146

#147

#149

#15

#151

#153

#16

#161

#162

#163

#164

#165

#166

#167

#168

#17

#170

#172

#173

#175

#176

#179

#18

#180

#181

#182

#183

#184

#186

#187

#188

#189

#19

#190

#191

#192

#193

#196

#199

#2

#20

#200

#201

#202

#203

#205

#207

#209

#21

#210

#211

#212

#214

#216

#219

#22

#222

#224

#225

#227

#228

#229

#23

#231

#232

#234

#235

#238

#239

#24

#240

#241

#242

#244

#246

#248

#25

#250

#26

#260

#262

#263

#264

#265

#266

#267

#27

#270

#271

#272

#273

#274

#275

#276

#278

#279

#28

#280

#282

#284

#285

#29

#290

#291

#292

#293

#294

#295

#296

#297

#298

#299

#3

#30

#300

#301

#31

#32

#33

#34

#35

#36

#37

#38

#39

#4

#40

#41

#42

#43

#44

#45

#46

#47

#48

#49

#5

#50

#51

#52

#53

#54

#55

#56

#57

#58

#59

#6

#60

#61

#62

#63

#64

#65

#66

#67

#68

#69

#7

#70

#71

#72

#73

#74

#76

#78

#79

#8

#80

#81

#83

#85

#87

#89

#9

#91

#92

#93

#95

#97

#98

#99

1542ee0b93 feat(egress-proxy-block): single-route input + merge-on-apply didericis 2026-05-25 18:45:17 -04:00
3be70eb07a feat(supervise): list-egress-proxy-routes MCP tool, defaults on egress-proxy didericis 2026-05-25 18:23:01 -04:00
1cec0d9aa6 feat(egress-proxy-apply): mirror new route hosts into pipelock allowlist didericis 2026-05-25 17:34:10 -04:00
d75d5f3e48 fix(egress-proxy-apply): chmod tmp file 0644 so mitmproxy can read post-cp didericis 2026-05-25 17:25:35 -04:00
fad76d3364 fix(supervise): stage current-config routes file as routes.yaml didericis 2026-05-25 17:01:12 -04:00
c4cf2453e2 fix(launch): also set lowercase {http,https,no}_proxy on the agent didericis 2026-05-25 16:46:23 -04:00
f807ed1149 fix(egress-proxy): force traffic through pipelock + block unallowlisted hosts didericis 2026-05-25 16:38:18 -04:00
5dc33f3acc fix(egress-proxy): mint CA via openssl req so leaf AKI matches CA SKI didericis 2026-05-25 16:29:27 -04:00
b9c70f7daa fix(egress-proxy): build combined trust bundle (system + pipelock CA) didericis 2026-05-25 15:52:08 -04:00
57a9707e1c fix(egress-proxy): chmod 644 host CAs so mitmproxy user can read after docker cp didericis 2026-05-25 15:42:51 -04:00
f04fbb68a9 feat(egress-proxy): drive claude-code OAuth placeholder off a role marker didericis 2026-05-25 15:28:11 -04:00
9cd583fbbb feat(egress-proxy): retarget remediation at egress-proxy (PRD 0017 chunk 3) didericis 2026-05-25 15:13:44 -04:00
a135415dfe Merge pull request 'feat(egress-proxy): cutover from cred-proxy (PRD 0017 chunk 2)' (#29) from egress-proxy-cutover into main didericis 2026-05-25 15:04:26 -04:00
4abea282e0 revert(egress-proxy): drop Role + agent provisioner (keep git-push block) didericis 2026-05-25 15:02:01 -04:00
fa06a3a0ab feat(egress-proxy): block HTTPS git push + restore role provisioner didericis 2026-05-25 14:48:13 -04:00
70f773ac61 feat(egress-proxy): cutover from cred-proxy (PRD 0017 chunk 2) didericis 2026-05-25 14:30:39 -04:00
9e41845a2b Merge pull request 'feat(egress-proxy): mitmproxy sidecar core (PRD 0017 chunk 1)' (#28) from egress-proxy-sidecar-core into main didericis 2026-05-25 14:04:33 -04:00
3df54573d4 feat(egress-proxy): add mitmproxy-based sidecar core (PRD 0017 chunk 1) didericis 2026-05-25 13:58:24 -04:00
a2a7396a14 Merge pull request 'PRD 0017: Egress-proxy — universal MITM via mitmproxy (replaces cred-proxy)' (#27) from prd-0017-path-aware-egress into main didericis 2026-05-25 13:45:33 -04:00
a79b2b7be0 docs(prd-0017): nest auth.scheme + auth.token_ref under optional auth didericis 2026-05-25 13:35:47 -04:00
b0d9802469 docs(prd-0017): pivot to mitmproxy-based egress-proxy didericis 2026-05-25 13:28:53 -04:00
5b925a6699 docs(prd-0017): path-aware egress filtering via cred-proxy didericis 2026-05-25 08:33:01 -04:00
0668c7bb45 Merge pull request 'fix(supervise): provision MCP via claude mcp add' (#25) from supervise-mcp-add-via-cli into main didericis 2026-05-25 08:31:16 -04:00
6066bb4d4c fix(dashboard): show the literal new allowlist line in green, no prefix didericis 2026-05-25 08:28:29 -04:00
97ff506783 feat(dashboard): highlight new hostname in green on pipelock-block detail didericis 2026-05-25 08:25:24 -04:00
82d6534e6b docs(pipelock-block): flag follow-up for path-aware filtering didericis 2026-05-25 08:15:38 -04:00
f3f2e3e9ab feat(pipelock-block): tool sends failed URL, supervisor merges host didericis 2026-05-25 08:02:53 -04:00
a9bb34cb77 feat(dashboard): highlight newly-arrived proposals in green for 5s didericis 2026-05-25 07:54:34 -04:00
4e4051f420 fix(dashboard): auto-refresh the TUI every 1s didericis 2026-05-25 07:48:24 -04:00
307400f08a fix(supervise): bypass pipelock for agent → supervise MCP traffic didericis 2026-05-25 07:36:27 -04:00
d2e047fa66 fix(pipelock): auto-allow supervise hostname like cred-proxy didericis 2026-05-25 07:27:30 -04:00
0e2fc97aa8 fix(supervise): provision MCP via claude mcp add, not raw settings.json didericis 2026-05-25 06:40:47 -04:00
8e6ed278d0 Merge pull request 'feat(state): clean up per-bottle state on session end (except capability-block)' (#26) from state-cleanup-on-close into main didericis 2026-05-25 07:07:53 -04:00
ef5d2f9a4d feat(state): preserve on crash + always snapshot transcript didericis 2026-05-25 07:05:23 -04:00
fb2b5844c4 feat(cleanup): prompt to remove per-bottle state, separately from containers didericis 2026-05-25 06:56:04 -04:00
9dbd20398e feat(state): clean up per-bottle state on session end (except capability-block) didericis 2026-05-25 06:51:13 -04:00
e07b8ecdb0 Merge pull request 'docs: drop stale bash-first framing' (#24) from docs-bash-first-cleanup into main didericis 2026-05-25 06:36:05 -04:00
5e8ca21669 docs: replace stale bash-first framing with Python-stdlib-first didericis 2026-05-25 06:32:42 -04:00
37ab6659a9 Merge pull request 'supervise: provision agent-side MCP config so Claude sees the sidecar' (#23) from supervise-mcp-provision-followup into main didericis 2026-05-25 06:25:23 -04:00
6e46ca4478 feat(supervise): provision agent-side MCP config so Claude sees the sidecar didericis 2026-05-25 06:22:25 -04:00
27b05f9452 Merge pull request 'PRD 0016: capability block remediation' (#22) from prd-0016-capability-block into main didericis 2026-05-25 06:14:39 -04:00
4032e04a9c feat(bottle): random-suffix identity + cli.py resume <identity> didericis 2026-05-25 06:09:45 -04:00
e996f72532 fix(bottle): identity-key all per-bottle resources by (agent, cwd) didericis 2026-05-25 05:46:26 -04:00
ac8f14ae6f test(capability): integration test for apply_capability_change (PRD 0016) didericis 2026-05-25 05:30:04 -04:00
d9c47d0fbe feat(dashboard): wire capability-block approval to real apply (PRD 0016) didericis 2026-05-25 05:28:35 -04:00
0899a898e0 feat(capability): host-side apply_capability_change orchestrator (PRD 0016) didericis 2026-05-25 05:26:38 -04:00
02811e0417 feat(bottle): per-bottle Dockerfile state + image build hook (PRD 0016) didericis 2026-05-25 05:23:31 -04:00
de87f21ff8 docs(prd-0016): capability block remediation didericis 2026-05-25 03:41:23 -04:00
b5d6320320 Merge pull request 'PRD 0015: pipelock block remediation' (#21) from prd-0015-pipelock-block into main didericis 2026-05-25 05:15:16 -04:00
4fada1651b test(pipelock): integration test for apply_allowlist_change (PRD 0015) didericis 2026-05-25 05:07:26 -04:00
1d58d62c47 feat(dashboard): pipelock edit TUI verb (PRD 0015) didericis 2026-05-25 05:03:20 -04:00
5a6c4be342 feat(dashboard): wire pipelock-block approval to real apply (PRD 0015) didericis 2026-05-25 05:01:18 -04:00
c05457fbef feat(pipelock): host-side apply_allowlist_change helper (PRD 0015) didericis 2026-05-25 04:59:13 -04:00
0197599e49 docs(prd-0015): pipelock block remediation didericis 2026-05-25 03:41:10 -04:00
31ceac0436 Merge pull request 'PRD 0014: cred-proxy block remediation' (#20) from prd-0014-cred-proxy-block into main didericis 2026-05-25 04:54:05 -04:00
70f43d8c4f test(cred-proxy): integration test for SIGHUP + apply round-trip (PRD 0014) didericis 2026-05-25 04:50:29 -04:00
81277e9d81 feat(dashboard): routes edit TUI verb for operator-initiated changes (PRD 0014) didericis 2026-05-25 04:47:22 -04:00
f3a1b4d667 feat(dashboard): wire cred-proxy-block approval to real apply (PRD 0014) didericis 2026-05-25 04:44:33 -04:00
f7f1a7d5da feat(cred-proxy): host-side apply_routes_change helper (PRD 0014) didericis 2026-05-25 04:41:18 -04:00
ee60b09816 feat(cred-proxy): SIGHUP reload of routes.json (PRD 0014) didericis 2026-05-25 04:39:54 -04:00
76a9bd2586 docs(prd-0014): cred-proxy block remediation didericis 2026-05-25 03:40:55 -04:00
609c1a6448 Merge pull request 'PRD 0013: supervise plane foundation' (#19) from prd-0013-supervise-foundation into main didericis 2026-05-25 04:35:56 -04:00
92fee89e20 test(supervise): skip queue round-trip test in docker-in-docker (PRD 0013) didericis 2026-05-25 04:26:06 -04:00
9f445d61be test(supervise): docker integration test for the sidecar (PRD 0013) didericis 2026-05-25 04:16:48 -04:00
0aecb41e33 feat(supervise): TUI dashboard for approve/modify/reject (PRD 0013) didericis 2026-05-25 04:14:45 -04:00
4b2dbcdefd feat(supervise): Docker lifecycle + bottle integration (PRD 0013) didericis 2026-05-25 04:10:39 -04:00
d5ba253878 feat(supervise): MCP sidecar HTTP server + Dockerfile (PRD 0013) didericis 2026-05-25 04:01:40 -04:00
2e06090464 feat(supervise): host-side queue + audit log primitives (PRD 0013) didericis 2026-05-25 03:56:50 -04:00
578363bea3 docs(prd-0013): supervise plane foundation didericis 2026-05-25 03:40:40 -04:00
4079678ceb docs(prd-0012): split into overview + 4 implementation PRDs didericis 2026-05-25 03:40:02 -04:00
58acdcac87 docs(prd-0012): explain why the MCP server is a sidecar, not in-container didericis 2026-05-25 03:05:55 -04:00
6e4bb3ba8d docs(prd-0012): switch /stuck to three structured MCP tool calls didericis 2026-05-25 02:53:26 -04:00
66fc29c72e docs(prd-0012): name the three stuck categories and add pipelock path didericis 2026-05-25 01:47:24 -04:00
a6222aaa57 docs(prd-0012): adopt text-only notify protocol + SIGHUP routes reload didericis 2026-05-25 01:36:29 -04:00
4cce535008 docs(research): drop auto-respawn from the supervisor design didericis 2026-05-25 00:50:41 -04:00
afbb77b040 docs(research): built-in supervisor design (TUI + PR feedback) didericis 2026-05-25 00:15:18 -04:00
1f9722ae27 docs(research): add Betterleaks switching analysis didericis 2026-05-24 23:59:42 -04:00
c33930290f docs(research): survey gitleaks dashboards + add baseline-file primitive didericis 2026-05-24 23:54:46 -04:00
a74dd2b97f docs: research on git-gate commit approval; link from PRD 0012 didericis 2026-05-24 23:39:17 -04:00
83756fa8c9 docs(prd-0012): open question for gitlock/pipelock exception flow didericis 2026-05-24 23:12:55 -04:00
b4c9e149b0 docs: add PRD 0012 — stuck-agent recovery flow didericis 2026-05-24 23:10:30 -04:00
b0581e60d7 Merge pull request 'PRD 0011: Per-file Markdown manifest' (#17) from md-manifest into main didericis 2026-05-24 22:43:44 -04:00
958a8845a6 docs: rewrite README manifest section + ship MD examples (PRD 0011) didericis 2026-05-24 22:19:44 -04:00
6ba5f9a9d3 feat(manifest): per-file MD directory loader (PRD 0011) didericis 2026-05-24 22:15:02 -04:00
8c1e4d0220 feat(yaml_subset): hand-rolled YAML-subset + frontmatter parser didericis 2026-05-24 21:59:34 -04:00
afa8ca67a4 docs(prd-0011): drop the migration command requirement didericis 2026-05-24 21:46:22 -04:00
894bdea288 docs: add PRD 0011 — per-file Markdown manifest didericis 2026-05-24 21:39:58 -04:00
b6046df5fb Merge pull request 'Research: manifest format + grouping options' (#16) from manifest-format-research into main didericis 2026-05-24 21:31:45 -04:00
da969a503d docs(research): manifest format + grouping options didericis 2026-05-24 21:12:43 -04:00
93aaa29158 Merge pull request 'PRD 0010: Credential proxy for agent-bound API tokens' (#14) from cred-proxy into main didericis 2026-05-24 14:24:51 -04:00
6b91506706 docs: redraw README architecture to show pipelock as HTTP/S chokepoint didericis 2026-05-24 14:23:26 -04:00
77a51702fc fix(cred_proxy): force identity encoding on upstream requests didericis 2026-05-24 14:08:35 -04:00
4662087b32 fix(pipelock): disable seed_phrase_detection for anthropic bottles didericis 2026-05-24 13:59:05 -04:00
c5d729e25d fix(pipelock): suppress BIP-39 detector on cred-proxy anthropic path didericis 2026-05-24 13:49:31 -04:00
51b20340a9 fix(pipelock): allow agent->sidecar traffic via SSRF exception didericis 2026-05-24 13:39:27 -04:00
f4452b391d fix(pipelock): auto-allow cred-proxy hostname when routes are declared didericis 2026-05-24 13:25:21 -04:00
32b62cbacc feat(cred_proxy)!: cred-proxy is the only Anthropic auth path didericis 2026-05-24 12:56:09 -04:00
0eb482daf0 fix(docker): surface sidecar docker errors + probe for name orphans didericis 2026-05-24 12:33:54 -04:00
2990c3c903 refactor(cred_proxy): rename Upstream -> Route, fix tea-login AttributeError didericis 2026-05-15 02:39:10 -04:00
fcbbc4484d refactor(cred_proxy): flat routes, role-driven provisioning (PRD 0010) didericis 2026-05-13 21:49:55 -04:00

... 6 7 8 9 10 ...