fix(codex): forward FORGEJO_TOKEN naar de MCP-subprocess (post_pr_review) #36
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "fix/codex-forgejo-token"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Phase 2-canary NO-GO root-cause-fix (1 regel + comment).
De canary bewees de hele PR_REVIEW-keten end-to-end — codex velde een correct REQUEST_CHANGES-verdict met precies de geplante fouten — maar post_pr_review faalde: requireToken() draait IN de MCP-subprocess en codex forwardt alleen wat in de env_vars-allowlist van config.toml staat. FORGEJO_TOKEN ontbrak (Phase 0 was read-only en had geen Forgejo-writes nodig).
Host-side hoort FORGEJO_TOKEN ook in worker-codex.env (secret, buiten de repo; de hosts kopieren lokaal uit worker-idea.env) — dat gaat via de host-tasks.
Na merge: rebuild + recreate agent-codex op 154 + max2, dan re-canary tegen workers#39.
🤖 Generated with Claude Code