test(handlers): fix delegation and MCP tests exposed by full platform suite

Commit b9311134 added a CanCommunicate hierarchy check to proxyA2ARequest.
The executeDelegation tests call proxyA2ARequest directly but did not mock
the workspace hierarchy lookup, causing sqlmock to reject the unexpected
queries and fall through to the DELEGATION_FAILED path.

Fix: add mockCanCommunicate(mock, testSourceID, testTargetID, true) to
each affected executeDelegation test so the hierarchy check returns true
and the proxy is actually called.

Separately, TestMCPHandler_CommitMemory_GlobalScope_Blocked expected
zero DB calls (the handler should block GLOBAL scope before any DB work).
With no memv2 wired, toolCommitMemory fell through to the legacy shim,
which called scopeToWritableNamespace before the scope check.

Fix: wire memv2 via withMemoryV2APIs(nil, nil) in newMCPHandler so the
v2 path is taken and the GLOBAL scope check fires before any DB call.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

.gitea/scripts/tests/_review_check_fixture.py

@@ -0,0 +1,140 @@
+#!/usr/bin/env python3
+"""Stub Gitea API for review-check.sh test scenarios.
+
+Reads $FIXTURE_STATE_DIR/scenario to decide what to return for each
+endpoint the review-check.sh script calls.
+Reads $FIXTURE_STATE_DIR/token_owner_in_teams to decide whether
+the team membership probe returns 200/204 (member) or 403 (not in team).
+
+Scenarios:
+  T1_pr_open          — open PR, author=alice, sha=deadbeef → continue
+  T2_pr_closed        — closed PR → script exits 0 (no-op)
+  T3_reviews_approved_non_author  — one APPROVED from non-author → candidates exist
+  T4_reviews_empty             — zero APPROVED non-author → exit 1 (no candidates)
+  T5_reviews_only_author        — only author reviews → exit 1 (no candidates)
+  T6_reviews_dismissed          — dismissed APPROVED → treated as no approval
+  T7_team_member              — team membership → 204 (member) → exit 0
+  T8_team_not_member          — team membership → 404 (not a member) → exit 1
+  T9_team_403                — team membership → 403 (token not in team) → exit 1
+
+Usage:
+  FIXTURE_STATE_DIR=/tmp/x python3 _review_check_fixture.py 8080
+"""
+
+import http.server
+import json
+import os
+import re
+import sys
+import urllib.parse
+
+
+STATE_DIR = os.environ.get("FIXTURE_STATE_DIR", "/tmp")
+
+
+def scenario() -> str:
+    p = os.path.join(STATE_DIR, "scenario")
+    if not os.path.isfile(p):
+        return "T1_pr_open"
+    with open(p) as f:
+        return f.read().strip()
+
+
+class Handler(http.server.BaseHTTPRequestHandler):
+    def log_message(self, *args, **kwargs):
+        pass  # keep stdout for explicit logs only
+
+    def _json(self, code: int, body: dict) -> None:
+        payload = json.dumps(body).encode()
+        self.send_response(code)
+        self.send_header("Content-Type", "application/json")
+        self.send_header("Content-Length", str(len(payload)))
+        self.end_headers()
+        self.wfile.write(payload)
+
+    def _empty(self, code: int) -> None:
+        self.send_response(code)
+        self.send_header("Content-Length", "0")
+        self.end_headers()
+
+    def _text(self, code: int, body: str) -> None:
+        payload = body.encode()
+        self.send_response(code)
+        self.send_header("Content-Type", "text/plain")
+        self.send_header("Content-Length", str(len(payload)))
+        self.end_headers()
+        self.wfile.write(payload)
+
+    def do_GET(self):
+        u = urllib.parse.urlparse(self.path)
+        path = u.path
+        sc = scenario()
+
+        if path == "/_ping":
+            return self._json(200, {"ok": True})
+
+        # GET /repos/{owner}/{name}/pulls/{pr_number}
+        m = re.match(r"^/api/v1/repos/([^/]+)/([^/]+)/pulls/(\d+)$", path)
+        if m:
+            owner, name, pr_num = m.group(1), m.group(2), m.group(3)
+            if sc == "T2_pr_closed":
+                return self._json(200, {
+                    "number": int(pr_num),
+                    "state": "closed",
+                    "head": {"sha": "deadbeef0000111122223333444455556666"},
+                    "user": {"login": "alice"},
+                })
+            return self._json(200, {
+                "number": int(pr_num),
+                "state": "open",
+                "head": {"sha": "deadbeef0000111122223333444455556666"},
+                "user": {"login": "alice"},
+            })
+
+        # GET /repos/{owner}/{name}/pulls/{pr_number}/reviews
+        m = re.match(r"^/api/v1/repos/([^/]+)/([^/]+)/pulls/(\d+)/reviews$", path)
+        if m:
+            if sc in ("T4_reviews_empty", "T5_reviews_only_author"):
+                return self._json(200, [])
+            if sc == "T6_reviews_dismissed":
+                return self._json(200, [{
+                    "state": "APPROVED",
+                    "dismissed": True,
+                    "user": {"login": "core-devops"},
+                    "commit_id": "abc1234",
+                }])
+            if sc == "T3_reviews_approved_non_author":
+                return self._json(200, [
+                    {"state": "CHANGES_REQUESTED", "dismissed": False, "user": {"login": "bob"}, "commit_id": "abc1234"},
+                    {"state": "APPROVED", "dismissed": False, "user": {"login": "core-devops"}, "commit_id": "abc1234"},
+                ])
+            # Default: one non-author APPROVED
+            return self._json(200, [
+                {"state": "APPROVED", "dismissed": False, "user": {"login": "core-devops"}, "commit_id": "abc1234"},
+            ])
+
+        # GET /teams/{team_id}/members/{username}
+        m = re.match(r"^/api/v1/teams/(\d+)/members/([^/]+)$", path)
+        if m:
+            team_id, login = m.group(1), m.group(2)
+            if sc == "T8_team_not_member":
+                return self._empty(404)
+            if sc == "T9_team_403":
+                return self._empty(403)
+            # T7_team_member: member
+            return self._empty(204)
+
+        return self._json(404, {"path": path, "msg": "fixture: no route"})
+
+    def do_POST(self):
+        self._json(404, {"path": self.path, "msg": "fixture: no POST routes"})
+
+
+def main():
+    port = int(sys.argv[1])
+    srv = http.server.ThreadingHTTPServer(("127.0.0.1", port), Handler)
+    srv.serve_forever()
+
+
+if __name__ == "__main__":
+    main()

.gitea/scripts/tests/test_review_check.sh

@@ -0,0 +1,331 @@
+#!/usr/bin/env bash
+# Regression tests for .gitea/scripts/review-check.sh (RFC#324 Step 1).
+#
+# Covers:
+#   T1  — open PR: script fetches PR + reviews, continues to team probe
+#   T2  — closed PR: script exits 0 (no-op)
+#   T3  — APPROVED non-author review exists → candidates exist
+#   T4  — no non-author APPROVED reviews → exit 1 (no candidates)
+#   T5  — only author reviews (no non-author APPROVE) → exit 1
+#   T6  — dismissed APPROVED review → treated as no approval
+#   T7  — team membership probe → 204 (member) → script exits 0
+#   T8  — team membership probe → 404 (not a member) → script exits 1
+#   T9  — team membership probe → 403 (token not in team) → script exits 1 (fail closed)
+#   T10 — CURL_AUTH_FILE created with mode 600 and correct header content
+#   T11 — bash syntax check (bash -n passes)
+#   T12 — jq filter: non-author APPROVED → in candidate list; dismissed → excluded
+#   T13 — missing required env GITEA_TOKEN → exits 1 with error
+#
+# Hostile-self-review (per feedback_assert_exact_not_substring):
+# this test MUST FAIL if the script is absent. Verified by running
+# the test before the file exists (covered in the PR body).
+
+set -euo pipefail
+
+THIS_DIR="$(cd "$(dirname "$0")" && pwd)"
+SCRIPT_DIR="$(cd "$THIS_DIR/.." && pwd)"
+SCRIPT="$SCRIPT_DIR/review-check.sh"
+
+PASS=0
+FAIL=0
+FAILED_TESTS=""
+
+assert_eq() {
+  local label="$1"
+  local expected="$2"
+  local got="$3"
+  if [ "$expected" = "$got" ]; then
+    echo "  PASS  $label"
+    PASS=$((PASS + 1))
+  else
+    echo "  FAIL  $label"
+    echo "        expected: <$expected>"
+    echo "        got:      <$got>"
+    FAIL=$((FAIL + 1))
+    FAILED_TESTS="${FAILED_TESTS} ${label}"
+  fi
+}
+
+assert_contains() {
+  local label="$1"
+  local needle="$2"
+  local haystack="$3"
+  if printf '%s' "$haystack" | grep -qF "$needle"; then
+    echo "  PASS  $label"
+    PASS=$((PASS + 1))
+  else
+    echo "  FAIL  $label"
+    echo "        needle:    <$needle>"
+    echo "        haystack:  <$(printf '%s' "$haystack" | head -c 200)>"
+    FAIL=$((FAIL + 1))
+    FAILED_TESTS="${FAILED_TESTS} ${label}"
+  fi
+}
+
+assert_file_mode() {
+  local label="$1"
+  local path="$2"
+  local expected_mode="$3"
+  if [ ! -f "$path" ]; then
+    echo "  FAIL  $label (file not found: $path)"
+    FAIL=$((FAIL + 1))
+    FAILED_TESTS="${FAILED_TESTS} ${label}"
+    return
+  fi
+  local got_mode
+  got_mode=$(stat -c '%a' "$path" 2>/dev/null || echo "000")
+  if [ "$expected_mode" = "$got_mode" ]; then
+    echo "  PASS  $label (mode=$got_mode)"
+    PASS=$((PASS + 1))
+  else
+    echo "  FAIL  $label (expected mode=$expected_mode, got=$got_mode)"
+    FAIL=$((FAIL + 1))
+    FAILED_TESTS="${FAILED_TESTS} ${label}"
+  fi
+}
+
+assert_file_contains() {
+  local label="$1"
+  local path="$2"
+  local needle="$3"
+  if [ ! -f "$path" ]; then
+    echo "  FAIL  $label (file not found: $path)"
+    FAIL=$((FAIL + 1))
+    FAILED_TESTS="${FAILED_TESTS} ${label}"
+    return
+  fi
+  if grep -qF "$needle" "$path"; then
+    echo "  PASS  $label"
+    PASS=$((PASS + 1))
+  else
+    echo "  FAIL  $label (needle not found: <$needle>)"
+    FAIL=$((FAIL + 1))
+    FAILED_TESTS="${FAILED_TESTS} ${label}"
+  fi
+}
+
+# Existence check (foundation)
+echo
+echo "== existence =="
+if [ -f "$SCRIPT" ]; then
+  echo "  PASS  script exists: $SCRIPT"
+  PASS=$((PASS + 1))
+else
+  echo "  FAIL  script not found: $SCRIPT"
+  FAIL=$((FAIL + 1))
+  FAILED_TESTS="${FAILED_TESTS} script_exists"
+  echo
+  echo "------"
+  echo "PASS=$PASS FAIL=$FAIL (existence)"
+  echo "Cannot proceed without the script."
+  exit 1
+fi
+
+# T11 — bash syntax check
+echo
+echo "== T11 bash syntax =="
+if bash -n "$SCRIPT" 2>&1; then
+  echo "  PASS  T11 bash -n passes"
+  PASS=$((PASS + 1))
+else
+  echo "  FAIL  T11 bash -n failed"
+  FAIL=$((FAIL + 1))
+  FAILED_TESTS="${FAILED_TESTS} T11"
+fi
+
+# T13 — missing required env
+echo
+echo "== T13 missing GITEA_TOKEN =="
+set +e
+T13_OUT=$(PATH="/tmp:$PATH" GITEA_TOKEN= GITEA_HOST=git.example.com REPO=x/y PR_NUMBER=1 TEAM=qa TEAM_ID=1 bash "$SCRIPT" 2>&1 || true)
+set -e
+assert_contains "T13 exits non-zero when GITEA_TOKEN missing" "GITEA_TOKEN required" "$T13_OUT"
+
+# Start fixture HTTP server
+echo
+echo "== fixture setup =="
+FIXTURE_DIR=$(mktemp -d)
+trap 'rm -rf "$FIXTURE_DIR"; [ -n "${FIX_PID:-}" ] && kill "$FIX_PID" 2>/dev/null || true' EXIT
+FIXTURE_PY="$THIS_DIR/_review_check_fixture.py"
+if [ ! -f "$FIXTURE_PY" ]; then
+  echo "::error::fixture server $FIXTURE_PY missing"
+  exit 1
+fi
+
+FIX_LOG="$FIXTURE_DIR/fixture.log"
+FIX_STATE_DIR="$FIXTURE_DIR/state"
+mkdir -p "$FIX_STATE_DIR"
+
+# Find an unused port
+FIX_PORT=$(python3 -c 'import socket;s=socket.socket();s.bind(("127.0.0.1",0));print(s.getsockname()[1]);s.close()')
+
+FIXTURE_STATE_DIR="$FIX_STATE_DIR" python3 "$FIXTURE_PY" "$FIX_PORT" \
+  >"$FIX_LOG" 2>&1 &
+FIX_PID=$!
+
+# Wait for fixture readiness
+for _ in $(seq 1 50); do
+  if curl -fsS "http://127.0.0.1:${FIX_PORT}/_ping" >/dev/null 2>&1; then
+    break
+  fi
+  sleep 0.1
+done
+if ! curl -fsS "http://127.0.0.1:${FIX_PORT}/_ping" >/dev/null 2>&1; then
+  echo "::error::fixture server failed to start. Log:"
+  cat "$FIX_LOG"
+  exit 1
+fi
+echo "  fixture running on port $FIX_PORT"
+
+# Install a curl shim that rewrites https://fixture.local/* -> http://127.0.0.1:$FIX_PORT/*
+# Use double-quoted heredoc so FIX_PORT is expanded into the shim at creation time.
+mkdir -p "$FIXTURE_DIR/bin"
+cat >"$FIXTURE_DIR/bin/curl" <<"CURL_SHIM"
+#!/usr/bin/env bash
+# Shim: rewrite https://fixture.local/* -> http://127.0.0.1:FIXPORT/*
+# Generated at test-run time; FIXPORT is substituted when this file is written.
+new_args=()
+for a in "$@"; do
+  if [[ "$a" == https://fixture.local/* ]]; then
+    rest="${a#https://fixture.local}"
+    a="http://127.0.0.1:FIXPORT${rest}"
+  fi
+  new_args+=("$a")
+done
+exec /usr/bin/curl "${new_args[@]}"
+CURL_SHIM
+# Now substitute FIXPORT with the actual port number
+sed -i "s/FIXPORT/${FIX_PORT}/g" "$FIXTURE_DIR/bin/curl"
+chmod +x "$FIXTURE_DIR/bin/curl"
+
+# Helper: run the script with fixture environment
+run_review_check() {
+  local scenario="$1"
+  echo "$scenario" >"$FIX_STATE_DIR/scenario"
+  local out
+  set +e
+  out=$(
+    PATH="$FIXTURE_DIR/bin:/tmp:$PATH" \
+    GITEA_TOKEN="fixture-token" \
+    GITEA_HOST="fixture.local" \
+    REPO="molecule-ai/molecule-core" \
+    PR_NUMBER="999" \
+    TEAM="qa" \
+    TEAM_ID="20" \
+    REVIEW_CHECK_DEBUG="0" \
+    REVIEW_CHECK_STRICT="0" \
+    bash "$SCRIPT" 2>&1
+  )
+  local rc=$?
+  set -e
+  echo "$out" >"$FIX_STATE_DIR/last_run.log"
+  echo "$rc" >"$FIX_STATE_DIR/last_rc"
+  echo "$out"
+}
+
+# T1 — open PR: script fetches PR and continues
+echo
+echo "== T1 open PR =="
+T1_OUT=$(run_review_check "T1_pr_open")
+T1_RC=$(cat "$FIX_STATE_DIR/last_rc")
+assert_eq "T1 exit code 0 (approver exists + team member)" "0" "$T1_RC"
+assert_contains "T1 qa-review APPROVED by core-devops" "APPROVED by core-devops" "$T1_OUT"
+
+# T2 — closed PR: exits 0 immediately (no-op)
+echo
+echo "== T2 closed PR =="
+T2_OUT=$(run_review_check "T2_pr_closed")
+T2_RC=$(cat "$FIX_STATE_DIR/last_rc")
+assert_eq "T2 exit code 0 (closed PR no-op)" "0" "$T2_RC"
+
+# T3 — APPROVED non-author reviews exist
+echo
+echo "== T3 approved non-author reviews =="
+T3_OUT=$(run_review_check "T3_reviews_approved_non_author")
+T3_RC=$(cat "$FIX_STATE_DIR/last_rc")
+assert_eq "T3 exit code 0 (candidates + team member)" "0" "$T3_RC"
+
+# T4 — no non-author APPROVED reviews → exit 1
+echo
+echo "== T4 no non-author APPROVED reviews =="
+T4_OUT=$(run_review_check "T4_reviews_empty")
+T4_RC=$(cat "$FIX_STATE_DIR/last_rc")
+assert_eq "T4 exit code 1 (no candidates)" "1" "$T4_RC"
+assert_contains "T4 awaiting non-author APPROVE" "awaiting non-author APPROVE" "$T4_OUT"
+
+# T5 — only author reviews → exit 1
+echo
+echo "== T5 only author reviews =="
+T5_OUT=$(run_review_check "T5_reviews_only_author")
+T5_RC=$(cat "$FIX_STATE_DIR/last_rc")
+assert_eq "T5 exit code 1 (only author reviews, no candidates)" "1" "$T5_RC"
+
+# T6 — dismissed APPROVED review → treated as no approval
+echo
+echo "== T6 dismissed APPROVED review =="
+T6_OUT=$(run_review_check "T6_reviews_dismissed")
+T6_RC=$(cat "$FIX_STATE_DIR/last_rc")
+assert_eq "T6 exit code 1 (dismissed = no approval)" "1" "$T6_RC"
+
+# T7 — team member → exit 0
+echo
+echo "== T7 team membership 204 (member) =="
+T7_OUT=$(run_review_check "T7_team_member")
+T7_RC=$(cat "$FIX_STATE_DIR/last_rc")
+assert_eq "T7 exit code 0 (member, APPROVED)" "0" "$T7_RC"
+assert_contains "T7 APPROVED by core-devops (team member)" "APPROVED by core-devops" "$T7_OUT"
+
+# T8 — not a team member → exit 1 (fail closed)
+echo
+echo "== T8 team membership 404 (not a member) =="
+T8_OUT=$(run_review_check "T8_team_not_member")
+T8_RC=$(cat "$FIX_STATE_DIR/last_rc")
+assert_eq "T8 exit code 1 (not in team)" "1" "$T8_RC"
+
+# T9 — 403 token-not-in-team → exit 1 (fail closed)
+echo
+echo "== T9 team membership 403 (token not in team) =="
+T9_OUT=$(run_review_check "T9_team_403")
+T9_RC=$(cat "$FIX_STATE_DIR/last_rc")
+assert_eq "T9 exit code 1 (403 token-not-in-team, fail closed)" "1" "$T9_RC"
+assert_contains "T9 403 error in output" "403" "$T9_OUT"
+
+# T10 — token file creation and permissions
+echo
+echo "== T10 CURL_AUTH_FILE =="
+# Verify the token-file logic directly: create a temp file with the
+# same mktemp pattern, write the header with printf, chmod 600, then assert.
+T10_TOKEN="secret-test-token-abc123"
+T10_AUTHFILE=$(mktemp -p /tmp curl-auth.test.XXXXXX)
+chmod 600 "$T10_AUTHFILE"
+printf 'header = "Authorization: token %s"\n' "$T10_TOKEN" > "$T10_AUTHFILE"
+assert_file_mode "T10a mktemp -p /tmp mode 600 (CURL_AUTH_FILE pattern)" "$T10_AUTHFILE" "600"
+assert_file_contains "T10b printf header format (CURL_AUTH_FILE content)" "$T10_AUTHFILE" "Authorization: token secret-test-token-abc123"
+assert_file_contains "T10c 'header =' curl-config syntax" "$T10_AUTHFILE" 'header = "Authorization: token '
+rm -f "$T10_AUTHFILE"
+
+# T12 — jq filter: non-author APPROVED included, dismissed excluded
+echo
+echo "== T12 jq filter =="
+# These are tested indirectly via T3 and T6 above, but let's also test
+# the jq expression directly.
+JQ_FILTER='.[]
+  | select(.state == "APPROVED")
+  | select(.dismissed != true)
+  | select(.user.login != "alice")
+  | .user.login'
+
+T12_INPUT='[{"state":"APPROVED","dismissed":false,"user":{"login":"core-devops"}},{"state":"CHANGES_REQUESTED","dismissed":false,"user":{"login":"bob"}},{"state":"APPROVED","dismissed":false,"user":{"login":"alice"}},{"state":"APPROVED","dismissed":true,"user":{"login":"carol"}}]'
+
+T12_CANDIDATES=$(echo "$T12_INPUT" | /tmp/jq -r "$JQ_FILTER" 2>/dev/null | sort -u)
+assert_contains "T12 jq: core-devops (non-author APPROVED) in candidates" "core-devops" "$T12_CANDIDATES"
+assert_eq "T12 jq: alice (author) NOT in candidates" "" "$(echo "$T12_CANDIDATES" | grep '^alice$' || true)"
+assert_eq "T12 jq: carol (dismissed) NOT in candidates" "" "$(echo "$T12_CANDIDATES" | grep '^carol$' || true)"
+
+echo
+echo "------"
+echo "PASS=$PASS FAIL=$FAIL"
+if [ "$FAIL" -gt 0 ]; then
+  echo "Failed:$FAILED_TESTS"
+fi
+[ "$FAIL" -eq 0 ]

.gitea/workflows/publish-runtime-autobump.yml

@@ -36,6 +36,10 @@ on:
       - staging
     paths:
       - "workspace/**"
+  # Manual dispatch — useful when Gitea Actions API (/actions/*) is
+  # unreachable (e.g. act_runner 404 on Gitea 1.22.6) and we cannot
+  # re-trigger via curl.
+  workflow_dispatch:
 
 permissions:
   contents: write  # required to push tags back
@@ -76,9 +80,15 @@ jobs:
   # watchdog, which is the desired signal for infrastructure degradation.
   bump-and-tag:
     runs-on: ubuntu-latest
-    # This job only fires on main/staging pushes (not on PR events) because
-    # the pull_request trigger above routes to pr-validate instead.
-    if: github.event.pull_request.base.ref == ''
+    # Only fire on push events (main/staging after PR merge). Pull_request
+    # events are handled by pr-validate above; we do NOT bump on every
+    # push-synchronize because that would race with the PR head.
+    #
+    # NOTE: the prior condition `github.event.pull_request.base.ref == ''`
+    # was broken — on a PR-merge push in Gitea Actions, the pull_request
+    # context is still attached (base.ref='main'), so the condition always
+    # evaluated to false and bump-and-tag was permanently skipped.
+    if: github.event_name == 'push'
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:

canvas/src/components/__tests__/ApprovalBanner.test.tsx

@@ -5,22 +5,20 @@
  * Covers: renders nothing when no approvals, polls /approvals/pending,
  * shows approval cards, approve/deny decisions, toast notifications.
  *
- * Uses vi.hoisted + vi.mock (file-level) for @/lib/api. vi.resetModules()
- * in every afterEach undoes the mock so other test files that import the
- * real api module (e.g. socket.url.test.ts) are unaffected.
+ * Note: does NOT mock @/lib/api — uses vi.spyOn on the real module.
+ * vi.restoreAllMocks() is omitted from afterEach so queued mock values
+ * (set up via mockResolvedValueOnce in beforeEach) are preserved for the
+ * component's useEffect to consume.
  */
 import React from "react";
 import { render, screen, fireEvent, cleanup, act } from "@testing-library/react";
 import { afterEach, describe, expect, it, vi, beforeEach } from "vitest";
 import { ApprovalBanner } from "../ApprovalBanner";
 import { showToast } from "@/components/Toaster";
+import { api } from "@/lib/api";
 
-// ─── Hoisted mock refs ─────────────────────────────────────────────────────────
-// vi.hoisted runs in the same hoisting phase as vi.mock factories, so these
-// refs are stable across all tests and available inside the mock factory.
-const { mockApiGet, mockApiPost } = vi.hoisted(() => ({
-  mockApiGet: vi.fn<(args: unknown[]) => Promise<unknown>>(),
-  mockApiPost: vi.fn<(args: unknown[]) => Promise<unknown>>(),
+vi.mock("@/components/Toaster", () => ({
+  showToast: vi.fn(),
 }));
 
 // ─── Helpers ──────────────────────────────────────────────────────────────────
@@ -43,42 +41,28 @@ const pendingApproval = (id = "a1", workspaceId = "ws-1"): {
   created_at: "2026-05-10T10:00:00Z",
 });
 
-// ─── Static mocks (file-level — no other test needs the real modules) ─────────
+// Shared spy references so individual tests can reset or reject the POST mock
+// without needing to call spyOn again (which would create a duplicate spy).
+let mockGet: ReturnType<typeof vi.spyOn>;
+let mockPost: ReturnType<typeof vi.spyOn>;
 
-vi.mock("@/components/Toaster", () => ({
-  showToast: vi.fn(),
-}));
-
-// vi.resetModules() in afterEach undoes this mock so other files that import
-// the real api module are unaffected.
-vi.mock("@/lib/api", () => ({
-  api: {
-    get: mockApiGet,
-    post: mockApiPost,
-  },
-}));
-
-// ─── Tests ─────────────────────────────────────────────────────────────────────
+// ─── Tests ────────────────────────────────────────────────────────────────────
 
 describe("ApprovalBanner — empty state", () => {
   beforeEach(() => {
     vi.useFakeTimers();
-    mockApiGet.mockReset().mockResolvedValue([]);
-    mockApiPost.mockReset().mockResolvedValue({});
+    vi.spyOn(api, "get").mockResolvedValueOnce([]);
   });
 
   afterEach(() => {
     cleanup();
     vi.useRealTimers();
-    vi.restoreAllMocks();
-    vi.resetModules();
   });
 
   it("renders nothing when there are no pending approvals", async () => {
     render(<ApprovalBanner />);
     await act(async () => { await vi.runOnlyPendingTimersAsync(); });
     expect(screen.queryByRole("alert")).toBeNull();
-    expect(mockApiGet).toHaveBeenCalled();
   });
 
   it("does not render any approve/deny buttons when list is empty", async () => {
@@ -92,40 +76,41 @@ describe("ApprovalBanner — empty state", () => {
 describe("ApprovalBanner — renders approval cards", () => {
   beforeEach(() => {
     vi.useFakeTimers();
-    mockApiGet.mockReset().mockResolvedValue([
+    mockGet = vi.spyOn(api, "get").mockResolvedValueOnce([
       pendingApproval("a1"),
       pendingApproval("a2", "ws-2"),
     ]);
-    mockApiPost.mockReset().mockResolvedValue({});
   });
 
   afterEach(() => {
     cleanup();
     vi.useRealTimers();
-    vi.restoreAllMocks();
-    vi.resetModules();
   });
 
   it("renders an alert card for each pending approval", async () => {
     render(<ApprovalBanner />);
     await act(async () => { await vi.runOnlyPendingTimersAsync(); });
-    expect(screen.getAllByRole("alert")).toHaveLength(2);
+    const alerts = screen.getAllByRole("alert");
+    expect(alerts).toHaveLength(2);
+    mockGet.mockRestore();
   });
 
   it("displays the workspace name and action text", async () => {
     render(<ApprovalBanner />);
     await act(async () => { await vi.runOnlyPendingTimersAsync(); });
-    expect(screen.getAllByText(/test workspace needs approval/i)).toHaveLength(2);
+    const nameEls = screen.getAllByText(/test workspace needs approval/i);
+    expect(nameEls).toHaveLength(2);
   });
 
   it("displays the reason when present", async () => {
     render(<ApprovalBanner />);
     await act(async () => { await vi.runOnlyPendingTimersAsync(); });
-    expect(screen.getAllByText(/requires human approval/i)).toHaveLength(2);
+    const reasons = screen.getAllByText(/requires human approval/i);
+    expect(reasons).toHaveLength(2);
   });
 
   it("omits the reason div when reason is null", async () => {
-    mockApiGet.mockReset().mockResolvedValue([{
+    vi.spyOn(api, "get").mockResolvedValueOnce([{
       ...pendingApproval("a1"),
       reason: null,
     }]);
@@ -139,6 +124,7 @@ describe("ApprovalBanner — renders approval cards", () => {
     await act(async () => { await vi.runOnlyPendingTimersAsync(); });
     const approveBtns = screen.getAllByRole("button", { name: /Approve/i });
     const denyBtns = screen.getAllByRole("button", { name: /Deny/i });
+    // 2 cards, each card has 1 Approve + 1 Deny button → 2 of each minimum
     expect(approveBtns.length).toBeGreaterThanOrEqual(2);
     expect(denyBtns.length).toBeGreaterThanOrEqual(2);
   });
@@ -146,22 +132,21 @@ describe("ApprovalBanner — renders approval cards", () => {
   it("has aria-live=assertive on the alert container", async () => {
     render(<ApprovalBanner />);
     await act(async () => { await vi.runOnlyPendingTimersAsync(); });
-    expect(screen.getAllByRole("alert")[0].getAttribute("aria-live")).toBe("assertive");
+    const alert = screen.getAllByRole("alert")[0];
+    expect(alert.getAttribute("aria-live")).toBe("assertive");
   });
 });
 
 describe("ApprovalBanner — decisions", () => {
   beforeEach(() => {
     vi.useFakeTimers();
-    mockApiGet.mockReset().mockResolvedValue([pendingApproval("a1")]);
-    mockApiPost.mockReset().mockResolvedValue({});
+    mockGet = vi.spyOn(api, "get").mockResolvedValueOnce([pendingApproval("a1")]);
+    mockPost = vi.spyOn(api, "post").mockResolvedValue({});
   });
 
   afterEach(() => {
     cleanup();
     vi.useRealTimers();
-    vi.restoreAllMocks();
-    vi.resetModules();
   });
 
   it("calls POST /workspaces/:id/approvals/:id/decide on Approve click", async () => {
@@ -169,7 +154,7 @@ describe("ApprovalBanner — decisions", () => {
     await act(async () => { await vi.runOnlyPendingTimersAsync(); });
     fireEvent.click(screen.getAllByRole("button", { name: /approve/i })[0]);
     await act(async () => { /* flush */ });
-    expect(mockApiPost).toHaveBeenCalledWith(
+    expect(vi.mocked(api.post)).toHaveBeenCalledWith(
       "/workspaces/ws-1/approvals/a1/decide",
       expect.objectContaining({ decision: "approved" })
     );
@@ -180,7 +165,7 @@ describe("ApprovalBanner — decisions", () => {
     await act(async () => { await vi.runOnlyPendingTimersAsync(); });
     fireEvent.click(screen.getAllByRole("button", { name: /deny/i })[0]);
     await act(async () => { /* flush */ });
-    expect(mockApiPost).toHaveBeenCalledWith(
+    expect(vi.mocked(api.post)).toHaveBeenCalledWith(
       "/workspaces/ws-1/approvals/a1/decide",
       expect.objectContaining({ decision: "denied" })
     );
@@ -212,10 +197,7 @@ describe("ApprovalBanner — decisions", () => {
   });
 
   it("shows an error toast when POST fails", async () => {
-    // mockImplementation preserves the vi.fn() wrapper (unlike mockReset() which
-    // strips it and causes the real fetch() to fire — the root cause of the
-    // original flakiness in this file).
-    mockApiPost.mockImplementation(() => Promise.reject(new Error("Network error")));
+    mockPost.mockReset().mockRejectedValue(new Error("Network error"));
     render(<ApprovalBanner />);
     await act(async () => { await vi.runOnlyPendingTimersAsync(); });
     fireEvent.click(screen.getAllByRole("button", { name: /approve/i })[0]);
@@ -227,9 +209,9 @@ describe("ApprovalBanner — decisions", () => {
   });
 
   it("keeps the card visible when the POST fails", async () => {
-    // Same mockImplementation pattern — preserves the wrapper so the component's
-    // catch block runs instead of the real fetch().
-    mockApiPost.mockImplementation(() => Promise.reject(new Error("Network error")));
+    // Reset the post mock before rejecting so the beforeEach's resolved value
+    // is gone and we get a clean rejection instead of a resolved→rejected queue.
+    mockPost.mockReset().mockRejectedValue(new Error("Network error"));
     render(<ApprovalBanner />);
     await act(async () => { await vi.runOnlyPendingTimersAsync(); });
     fireEvent.click(screen.getAllByRole("button", { name: /approve/i })[0]);
@@ -241,15 +223,12 @@ describe("ApprovalBanner — decisions", () => {
 describe("ApprovalBanner — handles empty list from server", () => {
   beforeEach(() => {
     vi.useFakeTimers();
-    mockApiGet.mockReset().mockResolvedValue([]);
-    mockApiPost.mockReset().mockResolvedValue({});
+    vi.spyOn(api, "get").mockResolvedValueOnce([]);
   });
 
   afterEach(() => {
     cleanup();
     vi.useRealTimers();
-    vi.restoreAllMocks();
-    vi.resetModules();
   });
 
   it("shows nothing when the API returns an empty array on first poll", async () => {

canvas/src/components/__tests__/EmptyState.test.tsx

@@ -1,370 +0,0 @@
-// @vitest-environment jsdom
-/**
- * Tests for EmptyState — the full-canvas welcome card shown on first load.
- *
- * Covers:
- *   - Loading state (GET /templates in flight)
- *   - Fetch failure → empty template grid (templates = [])
- *   - Template grid renders with correct content
- *   - Template button disabled while deploying
- *   - "Deploying..." label on the button being deployed
- *   - "Create blank" button POSTs /workspaces
- *   - "Creating..." label while blank workspace is being created
- *   - Blank create error shows error banner
- *   - Error banner has role="alert"
- *   - All buttons disabled while any deploy is in-flight
- *   - handleDeployed fires after 500ms delay
- *
- * Uses vi.hoisted + vi.mock to fully isolate the api module, matching
- * the pattern established in ApprovalBanner, MemoryTab, and ScheduleTab tests.
- */
-import React from "react";
-import { render, screen, fireEvent, cleanup, act } from "@testing-library/react";
-import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
-import { EmptyState } from "../EmptyState";
-
-// ─── Hoisted mock refs ─────────────────────────────────────────────────────────
-// vi.hoisted runs in the same hoisting phase as vi.mock factories, so all refs
-// are available both to the factory and to test bodies.
-const { mockApiGet, mockApiPost } = vi.hoisted(() => ({
-  mockApiGet: vi.fn<(args: unknown[]) => Promise<unknown>>(),
-  mockApiPost: vi.fn<(args: unknown[]) => Promise<{ id: string }>>(),
-}));
-
-// Mutable deploy state — object reference is const; properties can be mutated.
-const _deploy = vi.hoisted(() => ({
-  deployFn: vi.fn(),
-  deploying: undefined as string | undefined,
-  error: undefined as string | undefined,
-  modal: null as React.ReactNode,
-}));
-
-const { mockSelectNode, mockSetPanelTab } = vi.hoisted(() => ({
-  mockSelectNode: vi.fn(),
-  mockSetPanelTab: vi.fn(),
-}));
-
-// ─── Mocks ────────────────────────────────────────────────────────────────────
-
-vi.mock("@/lib/api", () => ({
-  api: {
-    get: mockApiGet,
-    post: mockApiPost,
-  },
-}));
-
-vi.mock("@/hooks/useTemplateDeploy", () => ({
-  useTemplateDeploy: () => ({
-    deploy: _deploy.deployFn,
-    deploying: _deploy.deploying,
-    error: _deploy.error,
-    modal: _deploy.modal,
-  }),
-}));
-
-vi.mock("@/store/canvas", () => ({
-  useCanvasStore: Object.assign(
-    vi.fn((selector: (s: { getState: () => { selectNode: typeof mockSelectNode; setPanelTab: typeof mockSetPanelTab } }) => unknown) =>
-      selector({
-        getState: () => ({
-          selectNode: mockSelectNode,
-          setPanelTab: mockSetPanelTab,
-        }),
-      })
-    ),
-    { getState: () => ({ selectNode: mockSelectNode, setPanelTab: mockSetPanelTab }) }
-  ),
-}));
-
-vi.mock("../TemplatePalette", () => ({
-  OrgTemplatesSection: () => null,
-}));
-
-vi.mock("../Spinner", () => ({
-  Spinner: () => <span data-testid="spinner">⟳</span>,
-}));
-
-vi.mock("@/lib/design-tokens", () => ({
-  TIER_CONFIG: {
-    1: { label: "T1", color: "text-ink-mid bg-surface-card border border-line", border: "text-ink-mid border-line" },
-    2: { label: "T2", color: "text-white bg-accent border border-accent-strong", border: "text-accent border-accent" },
-    3: { label: "T3", color: "text-white bg-violet-600 border border-violet-700", border: "text-violet-600 border-violet-500" },
-    4: { label: "T4", color: "text-white bg-warm border border-warm", border: "text-warm border-warm" },
-  },
-}));
-
-// ─── Fixtures ─────────────────────────────────────────────────────────────────
-
-const TEMPLATE = {
-  id: "tpl-1",
-  name: "Claude Code Agent",
-  description: "A general-purpose coding assistant",
-  tier: 2,
-  skill_count: 3,
-  model: "claude-opus-4-5",
-};
-
-function template(overrides: Partial<typeof TEMPLATE> = {}): typeof TEMPLATE {
-  return { ...TEMPLATE, ...overrides };
-}
-
-// ─── Helpers ───────────────────────────────────────────────────────────────────
-
-function renderEmpty() {
-  return render(<EmptyState />);
-}
-
-// Flush React state + microtasks after an act boundary.
-async function flush() {
-  await act(async () => { await Promise.resolve(); });
-}
-
-// Reset deploy state to defaults before each test.
-function resetDeployState() {
-  _deploy.deployFn.mockReset();
-  _deploy.deploying = undefined;
-  _deploy.error = undefined;
-  _deploy.modal = null;
-}
-
-// ─── Tests ─────────────────────────────────────────────────────────────────────
-
-describe("EmptyState — loading", () => {
-  beforeEach(() => {
-    mockApiGet.mockReset().mockImplementation(
-      () => new Promise(() => {}) // never resolves
-    );
-  });
-
-  afterEach(() => {
-    cleanup();
-    vi.restoreAllMocks();
-  });
-
-  it("shows loading state while GET /templates is pending", async () => {
-    renderEmpty();
-    await flush();
-    expect(screen.getByTestId("spinner")).toBeTruthy();
-    expect(screen.getByText("Loading templates...")).toBeTruthy();
-  });
-
-  // "create blank" is rendered outside the loading/template-grid conditional,
-  // so it is always visible — adjust expectation accordingly.
-  it("renders 'create blank' button during loading", async () => {
-    renderEmpty();
-    await flush();
-    expect(screen.getByRole("button", { name: "+ Create blank workspace" })).toBeTruthy();
-  });
-
-  it("does not render template buttons while loading", async () => {
-    renderEmpty();
-    await flush();
-    expect(screen.queryByText("Claude Code Agent")).toBeNull();
-  });
-});
-
-describe("EmptyState — templates", () => {
-  beforeEach(() => {
-    mockApiGet.mockReset().mockResolvedValue([template()]);
-    resetDeployState();
-  });
-
-  afterEach(() => {
-    cleanup();
-    vi.restoreAllMocks();
-  });
-
-  it("renders the welcome heading", async () => {
-    renderEmpty();
-    await flush();
-    expect(screen.getByText("Deploy your first agent")).toBeTruthy();
-  });
-
-  it("renders template buttons with name and description", async () => {
-    renderEmpty();
-    await flush();
-    expect(screen.getByText("Claude Code Agent")).toBeTruthy();
-    expect(screen.getByText("A general-purpose coding assistant")).toBeTruthy();
-  });
-
-  it("renders tier badge and skill count", async () => {
-    renderEmpty();
-    await flush();
-    expect(screen.getByText("T2")).toBeTruthy();
-    // skill_count renders as "3 skills · <model>"
-    expect(screen.getByText(/^3 skills/)).toBeTruthy();
-  });
-
-  it("renders model name when present", async () => {
-    renderEmpty();
-    await flush();
-    expect(screen.getByText(/claude-opus/i)).toBeTruthy();
-  });
-
-  it("calls deploy with the template on click", async () => {
-    renderEmpty();
-    await flush();
-    fireEvent.click(screen.getByText("Claude Code Agent"));
-    expect(_deploy.deployFn).toHaveBeenCalledWith(template());
-  });
-
-  it("shows 'Deploying...' on the button of the template being deployed", async () => {
-    _deploy.deploying = "tpl-1";
-    renderEmpty();
-    await flush();
-    expect(screen.getByText("Deploying...")).toBeTruthy();
-  });
-
-  it("disables the template button of the deploying template", async () => {
-    _deploy.deploying = "tpl-1";
-    renderEmpty();
-    await flush();
-    const btn = screen.getByText("Deploying...").closest("button") as HTMLButtonElement;
-    expect(btn.disabled).toBe(true);
-  });
-
-  it("disables 'create blank' while a template is deploying", async () => {
-    _deploy.deploying = "tpl-1";
-    renderEmpty();
-    await flush();
-    expect(screen.getByRole("button", { name: "+ Create blank workspace" }).disabled).toBe(true);
-  });
-});
-
-describe("EmptyState — fetch failure / empty templates", () => {
-  beforeEach(() => {
-    mockApiGet.mockReset().mockResolvedValue([]);
-    resetDeployState();
-  });
-
-  afterEach(() => {
-    cleanup();
-    vi.restoreAllMocks();
-  });
-
-  it("does not render template grid when GET /templates returns []", async () => {
-    renderEmpty();
-    await flush();
-    expect(screen.queryByText("Claude Code Agent")).toBeNull();
-  });
-
-  it("renders 'create blank' button when templates list is empty", async () => {
-    renderEmpty();
-    await flush();
-    expect(screen.getByRole("button", { name: "+ Create blank workspace" })).toBeTruthy();
-  });
-
-  it("does not render template grid when GET /templates rejects", async () => {
-    mockApiGet.mockReset().mockRejectedValue(new Error("Network failure"));
-    renderEmpty();
-    await flush();
-    expect(screen.queryByText("Claude Code Agent")).toBeNull();
-  });
-});
-
-describe("EmptyState — create blank", () => {
-  beforeEach(() => {
-    mockApiGet.mockReset().mockResolvedValue([template()]);
-    mockApiPost.mockReset().mockResolvedValue({ id: "ws-new" });
-    resetDeployState();
-    vi.useFakeTimers();
-  });
-
-  afterEach(() => {
-    cleanup();
-    vi.useRealTimers();
-    vi.restoreAllMocks();
-  });
-
-  it("calls POST /workspaces on 'create blank' click", async () => {
-    renderEmpty();
-    await flush();
-    fireEvent.click(screen.getByRole("button", { name: "+ Create blank workspace" }));
-    await act(async () => { await Promise.resolve(); });
-    expect(mockApiPost).toHaveBeenCalledWith(
-      "/workspaces",
-      expect.objectContaining({ name: "My First Agent" })
-    );
-  });
-
-  it("shows 'Creating...' while blank workspace POST is pending", async () => {
-    mockApiPost.mockReset().mockImplementation(
-      () => new Promise(() => {}) // never resolves
-    );
-    renderEmpty();
-    await flush();
-    fireEvent.click(screen.getByRole("button", { name: "+ Create blank workspace" }));
-    await act(async () => { await Promise.resolve(); });
-    expect(screen.getByRole("button", { name: "Creating..." })).toBeTruthy();
-  });
-
-  it("calls selectNode + setPanelTab after 500ms on successful create", async () => {
-    renderEmpty();
-    await flush();
-    fireEvent.click(screen.getByRole("button", { name: "+ Create blank workspace" }));
-    await act(async () => { await Promise.resolve(); }); // flush POST
-    await act(async () => { vi.advanceTimersByTime(500); });
-    expect(mockSelectNode).toHaveBeenCalledWith("ws-new");
-    expect(mockSetPanelTab).toHaveBeenCalledWith("chat");
-  });
-
-  it("disables template buttons while creating blank workspace", async () => {
-    mockApiPost.mockReset().mockImplementation(
-      () => new Promise(() => {}) // never resolves
-    );
-    renderEmpty();
-    await flush();
-    fireEvent.click(screen.getByRole("button", { name: "+ Create blank workspace" }));
-    await act(async () => { await Promise.resolve(); });
-    expect((screen.getByText("Claude Code Agent").closest("button") as HTMLButtonElement).disabled).toBe(true);
-  });
-
-  it("shows error banner when POST /workspaces fails", async () => {
-    mockApiPost.mockReset().mockRejectedValue(new Error("Server error"));
-    renderEmpty();
-    await flush();
-    fireEvent.click(screen.getByRole("button", { name: "+ Create blank workspace" }));
-    await act(async () => { await Promise.resolve(); });
-    expect(screen.getByRole("alert")).toBeTruthy();
-    expect(screen.getByText(/server error/i)).toBeTruthy();
-  });
-
-  it("clears 'Creating...' and shows button again after POST failure", async () => {
-    mockApiPost.mockReset().mockRejectedValue(new Error("Server error"));
-    renderEmpty();
-    await flush();
-    fireEvent.click(screen.getByRole("button", { name: "+ Create blank workspace" }));
-    await act(async () => { await Promise.resolve(); });
-    // After rejection, blankCreating = false → button reverts to default label
-    expect(screen.getByRole("button", { name: "+ Create blank workspace" })).toBeTruthy();
-  });
-});
-
-describe("EmptyState — error banner", () => {
-  beforeEach(() => {
-    mockApiGet.mockReset().mockResolvedValue([template()]);
-    resetDeployState();
-    vi.useFakeTimers();
-  });
-
-  afterEach(() => {
-    cleanup();
-    vi.useRealTimers();
-    vi.restoreAllMocks();
-  });
-
-  it("has role=alert on the error banner", async () => {
-    _deploy.error = "Template deploy failed";
-    renderEmpty();
-    await flush();
-    const alert = screen.getByRole("alert");
-    expect(alert).toBeTruthy();
-    expect(alert.textContent).toContain("Template deploy failed");
-  });
-
-  it("does not show error banner when no errors", async () => {
-    renderEmpty();
-    await flush();
-    expect(screen.queryByRole("alert")).toBeNull();
-  });
-});

tools/gate-check-v3/gate_check.py

@@ -365,10 +365,17 @@ def signal_6_ci(pr_number: int, repo: str, branch: str | None = None, pr_data: d
         else:
             passing_required.append(f"{ctx} (pending)")
 
+    # NOTE: do NOT use ci_state (combined_state) as a fallback verdict driver.
+    # The combined_state is computed over ALL statuses including this
+    # gate-check's own prior result. Using it as a fallback creates a
+    # self-referential loop: gate-check posts failure → combined_state
+    # becomes failure → script re-blocks → posts failure again.
+    # The check_statuses dict already excludes gate-check (Bug-1 fix from
+    # PR #547). Use failing_required as the sole CI gate; if no required
+    # checks are defined on the branch, return CLEAR rather than re-using
+    # the combined_state which includes our own status.
     if failing_required:
         verdict = "CI_FAIL"
-    elif ci_state == "failure":
-        verdict = "CI_FAIL"
     elif ci_state == "pending":
         verdict = "CI_PENDING"
     else:

workspace-server/internal/handlers/delegation_test.go

@@ -1078,6 +1078,9 @@ func TestExecuteDelegation_DeliveryConfirmedProxyError_TreatsAsSuccess(t *testin
 	allowLoopbackForTest(t)
 
 	expectExecuteDelegationBase(mock)
+	// CanCommunicate: workspace hierarchy check added in b9311134; must be mocked
+	// so proxyA2ARequest doesn't return 403 and trigger the failure path.
+	mockCanCommunicate(mock, testSourceID, testTargetID, true)
 	expectExecuteDelegationSuccess(mock, `{"result":{"parts":[{"text":"work completed successfully"}]}}`)
 
 	// Execute synchronously (not as a goroutine) so we can check DB state immediately.
@@ -1148,6 +1151,9 @@ func TestExecuteDelegation_ProxyErrorNon2xx_RemainsFailed(t *testing.T) {
 	allowLoopbackForTest(t)
 
 	expectExecuteDelegationBase(mock)
+	// CanCommunicate: workspace hierarchy check added in b9311134; must be mocked
+	// so proxyA2ARequest doesn't return 403 and trigger the failure path.
+	mockCanCommunicate(mock, testSourceID, testTargetID, true)
 	expectExecuteDelegationFailed(mock)
 
 	a2aBody, _ := json.Marshal(map[string]interface{}{
@@ -1195,6 +1201,9 @@ func TestExecuteDelegation_ProxyErrorEmptyBody_RemainsFailed(t *testing.T) {
 
 	// First attempt: updateDelegationStatus(dispatched) — from expectExecuteDelegationBase
 	expectExecuteDelegationBase(mock)
+	// CanCommunicate: workspace hierarchy check added in b9311134; must be mocked
+	// so proxyA2ARequest doesn't return 403 and trigger the failure path.
+	mockCanCommunicate(mock, testSourceID, testTargetID, true)
 	// Second attempt (retry): updateDelegationStatus(dispatched) again
 	mock.ExpectExec("UPDATE activity_logs SET status").
 		WithArgs("dispatched", "", testSourceID, testDelegationID).
@@ -1243,6 +1252,9 @@ func TestExecuteDelegation_CleanProxyResponse_Unchanged(t *testing.T) {
 	allowLoopbackForTest(t)
 
 	expectExecuteDelegationBase(mock)
+	// CanCommunicate: workspace hierarchy check added in b9311134; must be mocked
+	// so proxyA2ARequest doesn't return 403 and trigger the failure path.
+	mockCanCommunicate(mock, testSourceID, testTargetID, true)
 	expectExecuteDelegationSuccess(mock, `{"result":{"parts":[{"text":"all good"}]}}`)
 
 	a2aBody, _ := json.Marshal(map[string]interface{}{

workspace-server/internal/handlers/mcp_test.go

@@ -26,6 +26,10 @@ func newMCPHandler(t *testing.T) (*MCPHandler, sqlmock.Sqlmock) {
 	t.Helper()
 	mock := setupTestDB(t)
 	h := NewMCPHandler(db.DB, newTestBroadcaster())
+	// Wire memv2 so toolCommitMemory takes the v2 path (where GLOBAL scope
+	// is blocked before any DB call), rather than the legacy shim path
+	// (which calls scopeToWritableNamespace before the scope check).
+	h.withMemoryV2APIs(nil, nil)
 	return h, mock
 }
 

workspace-server/internal/handlers/org.go

@@ -697,6 +697,31 @@ func (h *OrgHandler) Import(c *gin.Context) {
 			})
 			return
 		}
+
+		// Per-workspace RequiredEnv preflight: checks that every RequiredEnv
+		// declared at the workspace level is covered by either (a) a global
+		// secret key (already validated above) or (b) a key present in the
+		// workspace's on-disk .env files (org root .env + per-workspace
+		// <files_dir>/.env). If neither covers the key the workspace is
+		// imported NOT CONFIGURED, which silently breaks the workspace at
+		// start time — the container boots without the required credential
+		// and every LLM call 401s or fails silently.  Issue #232.
+		// orgBaseDir is empty when importing via body.Template (inline YAML);
+		// in that case we cannot check .env files, so we skip this check
+		// and fall back to the global-only gate above (which correctly
+		// rejects any strict requirement not covered by global_secrets).
+		if orgBaseDir != "" {
+			wsMissing := collectPerWorkspaceUnsatisfied(tmpl.Workspaces, orgBaseDir, configured)
+			if len(wsMissing) > 0 {
+				c.JSON(http.StatusPreconditionFailed, gin.H{
+					"error":            "missing per-workspace required environment variables",
+					"missing_workspace_env": wsMissing,
+					"template":         tmpl.Name,
+					"suggestion":       "add these keys to the workspace's .env file or set them as global secrets before importing",
+				})
+				return
+			}
+		}
 	}
 
 	results := []map[string]interface{}{}

workspace-server/internal/handlers/org_external.go

@@ -346,7 +346,7 @@ func (g *gitFetcher) Fetch(ctx context.Context, rootDir, host, repoPath, ref str
 	// MkdirTemp creates the dir; git clone refuses to clone into a
 	// non-empty dir. Remove + recreate empty.
 	os.RemoveAll(tmpDir)
-	cloneAndConfig := append(gitArgs("clone", "--quiet", "--depth=1", "-b", ref, cloneURL, tmpDir))
+	cloneAndConfig := gitArgs("clone", "--quiet", "--depth=1", "-b", ref, cloneURL, tmpDir)
 	cmd := exec.CommandContext(ctx, "git", cloneAndConfig...)
 	cmd.Env = append(os.Environ(), "GIT_TERMINAL_PROMPT=0")
 	if out, err := cmd.CombinedOutput(); err != nil {

workspace-server/internal/handlers/org_import.go

@@ -941,6 +941,65 @@ func flattenAndSortRequirements(by map[string]EnvRequirement) []EnvRequirement {
 // can investigate.
 const globalSecretsPreflightLimit = 10000
 
+// PerWorkspaceUnsatisfied describes one per-workspace RequiredEnv that is
+// not covered by either a global secret or a key present in the
+// corresponding .env file.
+type PerWorkspaceUnsatisfied struct {
+	Workspace   string         `json:"workspace"`
+	FilesDir    string         `json:"files_dir,omitempty"`
+	Unsatisfied EnvRequirement `json:"unsatisfied_env"`
+}
+
+// collectPerWorkspaceUnsatisfied recursively walks workspaces and returns
+// per-workspace RequiredEnv entries that are not covered by (a) a global
+// secret key or (b) a key present in the workspace's .env file(s) (org root
+// .env + per-workspace <files_dir>/.env). This complements
+// collectOrgEnv + loadConfiguredGlobalSecretKeys, which together only
+// validate global-level RequiredEnv against global_secrets. The .env
+// lookup mirrors the runtime resolution in createWorkspaceTree so that
+// the preflight result matches what the container actually receives at
+// start time.
+func collectPerWorkspaceUnsatisfied(workspaces []OrgWorkspace, orgBaseDir string, globalSecrets map[string]struct{}) []PerWorkspaceUnsatisfied {
+	var out []PerWorkspaceUnsatisfied
+	var walk func([]OrgWorkspace)
+	walk = func(wsList []OrgWorkspace) {
+		for _, ws := range wsList {
+			// Build the set of keys available to this workspace from .env.
+			// This is the same three-source stack that createWorkspaceTree
+			// injects into the container:
+			//   1. Org root .env (parseEnvFile, no filesDir)
+			//   2. Workspace <files_dir>/.env (if filesDir is set)
+			//   3. Persona bootstrap env (MOLECULE_PERSONA_ROOT/<filesDir>/env)
+			// Items 1+2 are on-disk and testable; item 3 is host-only and
+			// skipped here (persona env does NOT satisfy required_env —
+			// it carries identity tokens, not workspace LLM keys).
+			envFromFiles := loadWorkspaceEnv(orgBaseDir, ws.FilesDir)
+			// Convert map[string]string (from .env files) to map[string]struct{}
+			// to match IsSatisfied's signature.
+			envSet := make(map[string]struct{}, len(envFromFiles))
+			for k := range envFromFiles {
+				envSet[k] = struct{}{}
+			}
+			for _, req := range ws.RequiredEnv {
+				if req.IsSatisfied(globalSecrets) {
+					continue // covered by a global secret
+				}
+				if req.IsSatisfied(envSet) {
+					continue // covered by a per-workspace .env file
+				}
+				out = append(out, PerWorkspaceUnsatisfied{
+					Workspace:   ws.Name,
+					FilesDir:    ws.FilesDir,
+					Unsatisfied: req,
+				})
+			}
+			walk(ws.Children)
+		}
+	}
+	walk(workspaces)
+	return out
+}
+
 func loadConfiguredGlobalSecretKeys(ctx context.Context) (map[string]struct{}, error) {
 	rows, err := db.DB.QueryContext(ctx,
 		`SELECT key FROM global_secrets WHERE octet_length(encrypted_value) > 0 LIMIT $1`,

workspace-server/internal/handlers/org_workspace_required_env_test.go

@@ -0,0 +1,226 @@
+package handlers
+
+import (
+	"os"
+	"path/filepath"
+	"testing"
+)
+
+// TestCollectPerWorkspaceUnsatisfied_BothFiles covers the case where a key
+// is present in both the org root .env and the workspace-specific .env. Both
+// should satisfy the requirement (no entry in output).
+func TestCollectPerWorkspaceUnsatisfied_BothFiles(t *testing.T) {
+	tmp := t.TempDir()
+	writeEnvFile(t, tmp, ".env", "PER_WS_KEY=globalvalue")
+	writeEnvFile(t, tmp, "ws-a/.env", "PER_WS_KEY=wsvalue")
+
+	workspaces := []OrgWorkspace{
+		{Name: "ws-a", FilesDir: "ws-a", RequiredEnv: []EnvRequirement{{Name: "PER_WS_KEY"}}},
+	}
+
+	// Global secret covers it.
+	globals := map[string]struct{}{"PER_WS_KEY": {}}
+	missing := collectPerWorkspaceUnsatisfied(workspaces, tmp, globals)
+
+	if len(missing) != 0 {
+		t.Errorf("PER_WS_KEY present in global + .env: should be satisfied, got %d missing", len(missing))
+	}
+}
+
+// TestCollectPerWorkspaceUnsatisfied_WorkspaceEnvOnly covers a key present
+// only in the workspace-specific .env file (not global). Should be satisfied.
+func TestCollectPerWorkspaceUnsatisfied_WorkspaceEnvOnly(t *testing.T) {
+	tmp := t.TempDir()
+	writeEnvFile(t, tmp, "dev-lead/.env", "WORKSPACE_KEY=val")
+
+	workspaces := []OrgWorkspace{
+		{Name: "Dev Lead", FilesDir: "dev-lead", RequiredEnv: []EnvRequirement{{Name: "WORKSPACE_KEY"}}},
+	}
+
+	globals := map[string]struct{}{} // nothing in global
+	missing := collectPerWorkspaceUnsatisfied(workspaces, tmp, globals)
+
+	if len(missing) != 0 {
+		t.Errorf("WORKSPACE_KEY in ws .env only: should be satisfied, got %d missing", len(missing))
+	}
+}
+
+// TestCollectPerWorkspaceUnsatisfied_OrgRootEnvOnly covers a key present
+// only in the org root .env file (not per-workspace). Should be satisfied.
+func TestCollectPerWorkspaceUnsatisfied_OrgRootEnvOnly(t *testing.T) {
+	tmp := t.TempDir()
+	writeEnvFile(t, tmp, ".env", "ORG_ROOT_KEY=val")
+
+	workspaces := []OrgWorkspace{
+		{Name: "ws-b", FilesDir: "ws-b", RequiredEnv: []EnvRequirement{{Name: "ORG_ROOT_KEY"}}},
+	}
+
+	globals := map[string]struct{}{}
+	missing := collectPerWorkspaceUnsatisfied(workspaces, tmp, globals)
+
+	if len(missing) != 0 {
+		t.Errorf("ORG_ROOT_KEY in org root .env only: should be satisfied, got %d missing", len(missing))
+	}
+}
+
+// TestCollectPerWorkspaceUnsatisfied_GlobalCovers checks that a global
+// secret alone satisfies a per-workspace RequiredEnv even when the .env
+// files don't have the key.
+func TestCollectPerWorkspaceUnsatisfied_GlobalCovers(t *testing.T) {
+	tmp := t.TempDir()
+	// No .env files at all.
+
+	workspaces := []OrgWorkspace{
+		{Name: "ws-c", RequiredEnv: []EnvRequirement{{Name: "GLOBAL_COVERED"}}},
+	}
+
+	globals := map[string]struct{}{"GLOBAL_COVERED": {}}
+	missing := collectPerWorkspaceUnsatisfied(workspaces, tmp, globals)
+
+	if len(missing) != 0 {
+		t.Errorf("GLOBAL_COVERED satisfied by global: should be satisfied, got %d missing", len(missing))
+	}
+}
+
+// TestCollectPerWorkspaceUnsatisfied_Missing covers the core bug: a
+// RequiredEnv declared at the workspace level where the key is absent from
+// both global_secrets and the .env file. The import MUST return 412.
+func TestCollectPerWorkspaceUnsatisfied_Missing(t *testing.T) {
+	tmp := t.TempDir()
+	// No .env files at all.
+
+	workspaces := []OrgWorkspace{
+		{Name: "Dev Lead", FilesDir: "dev-lead", RequiredEnv: []EnvRequirement{{Name: "MISSING_REQUIRED_KEY"}}},
+	}
+
+	globals := map[string]struct{}{} // no global secret
+	missing := collectPerWorkspaceUnsatisfied(workspaces, tmp, globals)
+
+	if len(missing) != 1 {
+		t.Fatalf("expected 1 missing entry, got %d", len(missing))
+	}
+	if missing[0].Workspace != "Dev Lead" {
+		t.Errorf("expected workspace 'Dev Lead', got %q", missing[0].Workspace)
+	}
+	if missing[0].Unsatisfied.Name != "MISSING_REQUIRED_KEY" {
+		t.Errorf("expected unsatisfied key 'MISSING_REQUIRED_KEY', got %q", missing[0].Unsatisfied.Name)
+	}
+	if missing[0].FilesDir != "dev-lead" {
+		t.Errorf("expected files_dir 'dev-lead', got %q", missing[0].FilesDir)
+	}
+}
+
+// TestCollectPerWorkspaceUnsatisfied_AnyOfGroup covers an any-of group where
+// none of the alternatives are present in global or .env. Should report
+// the group as unsatisfied.
+func TestCollectPerWorkspaceUnsatisfied_AnyOfGroup(t *testing.T) {
+	tmp := t.TempDir()
+
+	workspaces := []OrgWorkspace{
+		{
+			Name:     "Claude Bot",
+			FilesDir: "claude-bot",
+			RequiredEnv: []EnvRequirement{
+				{AnyOf: []string{"ANTHROPIC_API_KEY", "CLAUDE_CODE_OAUTH_TOKEN"}},
+			},
+		},
+	}
+
+	globals := map[string]struct{}{}
+	missing := collectPerWorkspaceUnsatisfied(workspaces, tmp, globals)
+
+	if len(missing) != 1 {
+		t.Fatalf("expected 1 missing any-of entry, got %d", len(missing))
+	}
+	if missing[0].Workspace != "Claude Bot" {
+		t.Errorf("expected workspace 'Claude Bot', got %q", missing[0].Workspace)
+	}
+	if len(missing[0].Unsatisfied.AnyOf) != 2 {
+		t.Errorf("expected any-of group with 2 members, got %v", missing[0].Unsatisfied.AnyOf)
+	}
+}
+
+// TestCollectPerWorkspaceUnsatisfied_NestedChildren covers grandchildren
+// workspaces that also declare RequiredEnv. The recursive walk must visit
+// children and grandchildren.
+func TestCollectPerWorkspaceUnsatisfied_NestedChildren(t *testing.T) {
+	tmp := t.TempDir()
+
+	workspaces := []OrgWorkspace{
+		{
+			Name: "Root",
+			Children: []OrgWorkspace{
+				{
+					Name: "Child",
+					Children: []OrgWorkspace{
+						{Name: "Grandchild", FilesDir: "grandchild", RequiredEnv: []EnvRequirement{{Name: "DEEP_KEY"}}},
+					},
+				},
+			},
+		},
+	}
+
+	globals := map[string]struct{}{}
+	missing := collectPerWorkspaceUnsatisfied(workspaces, tmp, globals)
+
+	if len(missing) != 1 {
+		t.Fatalf("expected 1 missing entry from grandchild, got %d", len(missing))
+	}
+	if missing[0].Workspace != "Grandchild" {
+		t.Errorf("expected 'Grandchild', got %q", missing[0].Workspace)
+	}
+}
+
+// TestCollectPerWorkspaceUnsatisfied_EmptyOrgBaseDir covers the case where
+// orgBaseDir is empty (inline template import). No .env files can be
+// checked, so missing keys cannot be attributed to .env absence. The
+// function should NOT crash and should only report entries satisfiable
+// by global (all missing since globals is empty).
+func TestCollectPerWorkspaceUnsatisfied_EmptyOrgBaseDir(t *testing.T) {
+	workspaces := []OrgWorkspace{
+		{Name: "ws-x", RequiredEnv: []EnvRequirement{{Name: "KEY_X"}}},
+	}
+
+	globals := map[string]struct{}{}
+	missing := collectPerWorkspaceUnsatisfied(workspaces, "", globals)
+
+	// With no orgBaseDir and no global, KEY_X must be reported missing.
+	if len(missing) != 1 {
+		t.Errorf("expected 1 missing with empty orgBaseDir, got %d", len(missing))
+	}
+}
+
+// TestCollectPerWorkspaceUnsatisfied_MultipleWorkspaces reports only the
+// workspace whose RequiredEnv is unsatisfied, not the whole batch.
+func TestCollectPerWorkspaceUnsatisfied_MultipleWorkspaces(t *testing.T) {
+	tmp := t.TempDir()
+	writeEnvFile(t, tmp, "ws-ok/.env", "OK_KEY=val")
+
+	workspaces := []OrgWorkspace{
+		{Name: "ws-ok", FilesDir: "ws-ok", RequiredEnv: []EnvRequirement{{Name: "OK_KEY"}}},
+		{Name: "ws-missing", FilesDir: "ws-missing", RequiredEnv: []EnvRequirement{{Name: "BAD_KEY"}}},
+	}
+
+	globals := map[string]struct{}{}
+	missing := collectPerWorkspaceUnsatisfied(workspaces, tmp, globals)
+
+	if len(missing) != 1 {
+		t.Errorf("expected exactly 1 missing (BAD_KEY), got %d", len(missing))
+	}
+	if missing[0].Workspace != "ws-missing" {
+		t.Errorf("expected missing workspace 'ws-missing', got %q", missing[0].Workspace)
+	}
+}
+
+// writeEnvFile is a test helper that creates a .env file at the given path
+// with the given content.
+func writeEnvFile(t *testing.T, baseDir, relPath, content string) {
+	t.Helper()
+	fullPath := filepath.Join(baseDir, relPath)
+	if err := os.MkdirAll(filepath.Dir(fullPath), 0755); err != nil {
+		t.Fatalf("mkdirAll: %v", err)
+	}
+	if err := os.WriteFile(fullPath, []byte(content), 0644); err != nil {
+		t.Fatalf("writeFile %s: %v", fullPath, err)
+	}
+}

workspace-server/internal/pendinguploads/export_test.go

@@ -12,8 +12,8 @@ import (
 // time. The Go convention `export_test.go` keeps this seam OUT of the
 // production binary — files ending in _test.go are stripped at build
 // time, so this re-export only exists during `go test`.
-func StartSweeperWithIntervalForTest(ctx context.Context, storage Storage, ackRetention, interval time.Duration) {
-	startSweeperWithInterval(ctx, storage, ackRetention, interval, nil)
+func StartSweeperWithIntervalForTest(ctx context.Context, storage Storage, ackRetention, interval time.Duration, done chan struct{}) {
+	startSweeperWithInterval(ctx, storage, ackRetention, interval, done)
 }
 
 // StartSweeperForTest starts the sweeper and returns a done channel

workspace-server/internal/pendinguploads/sweeper_test.go

@@ -190,7 +190,14 @@ func TestStartSweeperWithInterval_TickerFiresAdditionalCycles(t *testing.T) {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
 
-	done := pendinguploads.StartSweeperForTest(ctx, store, time.Hour)
+	// Use a short ticker interval (100ms) so the test runs fast without
+	// burning real wall-clock time. StartSweeperWithIntervalForTest is the
+	// test-friendly variant that accepts a caller-specified interval; the
+	// production SweepInterval of 5m is too coarse for a 2s deadline on
+	// a loaded CI runner (the ticker may not fire at all under CPU
+	// contention — the root cause of the pre-existing CI flake).
+	done := make(chan struct{})
+	go pendinguploads.StartSweeperWithIntervalForTest(ctx, store, time.Hour, 100*time.Millisecond, done)
 	// Immediate cycle + at least one tick-driven cycle.
 	store.waitForCycle(t, 2, 2*time.Second)
 

workspace/audit/PUBLISH_RUNTIME_VERIFY_2026-05-11.md

@@ -0,0 +1,31 @@
+# Publish-runtime pipeline verification — 2026-05-11
+
+Marker file for the canonical end-to-end pipeline verification after
+`publish-runtime-bot` provisioning (internal#327) + stale-tag drift
+resolution (`runtime-v0.1.131` deleted from main).
+
+## Purpose
+
+Triggers `workspace/**` path filter on `publish-runtime-autobump.yml`,
+exercising the full pipeline:
+
+1. `publish-runtime-autobump / bump-and-tag` reads PyPI version, computes
+   next, pushes tag `runtime-v0.1.131` (or higher) using new bot scope.
+2. `publish-runtime.yml` fires on tag, builds + publishes to PyPI.
+3. Cascade autobump: 9 template repos get their `.runtime-version`
+   pinned to the new version.
+
+## Acceptance criteria
+
+- [ ] autobump bump-and-tag context green on merged commit
+- [ ] tag `runtime-v0.1.131` (or computed next) exists on molecule-core
+- [ ] publish-runtime.yml run green
+- [ ] PyPI molecule-ai-workspace-runtime updated from 0.1.130
+- [ ] 9 template repos updated their pinned runtime version
+
+## Rollback
+
+This file is informational only — no code dependency. Safe to delete
+in any future PR once pipeline is proven stable.
+
+— core-devops (per Hongming "long-term proper robust" directive 2026-05-11 19:48-19:50Z)