Skip to content

feat: add scoped workspace fetch and publish handlers#622

Merged
chubes4 merged 3 commits intomainfrom
feat/workspace-scoped-handlers-618-619
Mar 5, 2026
Merged

feat: add scoped workspace fetch and publish handlers#622
chubes4 merged 3 commits intomainfrom
feat/workspace-scoped-handlers-618-619

Conversation

@chubes4
Copy link
Member

@chubes4 chubes4 commented Mar 5, 2026
edited
Loading

Summary

  • add new workspace fetch handler that emits structured repository audit context and scoped read tools (workspace_fetch_ls, workspace_fetch_read)
  • add new workspace_publish handler with scoped mutation tools (workspace_write, workspace_edit, and gated git tools)
  • add WorkspaceScopedTools shared implementation to enforce repo/path scoping at tool execution time
  • wire both handlers into core handler bootstrap and add unit coverage for scoped tool availability

Why

This implements least-privilege workspace automation by making mutation tools available only through explicit adjacent handler configuration.

Testing

  • php -l inc/Core/Steps/Workspace/Tools/WorkspaceScopedTools.php
  • php -l inc/Core/Steps/Fetch/Handlers/Workspace/Workspace.php
  • php -l inc/Core/Steps/Fetch/Handlers/Workspace/WorkspaceSettings.php
  • php -l inc/Core/Steps/Publish/Handlers/Workspace/Workspace.php
  • php -l inc/Core/Steps/Publish/Handlers/Workspace/WorkspaceSettings.php
  • homeboy test data-machine --skip-lint --path="/var/lib/datamachine/workspace/data-machine" --setting database_type=mysql --setting mysql_host=localhost --setting mysql_database=extrachill --setting mysql_user=extrachill --setting mysql_password= -- --filter WorkspaceScopedToolsTest

Related

@github-actions
Copy link

github-actions bot commented Mar 5, 2026
edited
Loading

Homeboy Results — data-machine

Tooling versions

  • Homeboy CLI: homeboy 0.56.0
  • Extension: wordpress from https://github.com/Extra-Chill/homeboy-extensions
  • Extension revision: unknown
  • Action: Extra-Chill/homeboy-action@v1

ℹ️ PR test scope resolved to full for compatibility with installed Homeboy CLI

lint (changed files only)

  • PHPCS: LINT SUMMARY: 2 errors, 19 warnings
  • Fixable: 16 | Files with issues: 6 of 11
  • PHPStan: PHPSTAN SUMMARY: 133 errors at level 5

Homeboy Action v1 — homeboy 0.56.0

This was referenced Mar 5, 2026
Closed
Merged
@chubes4 chubes4 force-pushed the feat/workspace-scoped-handlers-618-619 branch from c6afa25 to fe51dff Compare March 5, 2026 14:55
@chubes4 chubes4 merged commit 2f6842b into main Mar 5, 2026
2 checks passed
@chubes4 chubes4 deleted the feat/workspace-scoped-handlers-618-619 branch March 5, 2026 15:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add Workspace Publish handler with scoped write/edit + git commit/push workflow Add Workspace Fetch handler with scoped AI read tools

1 participant

@chubes4