From 7a1e9854c2db4819fc2b34c40ff6c3da952f29fe Mon Sep 17 00:00:00 2001 From: YeonGyu-Kim Date: Thu, 23 Apr 2026 12:44:08 +0900 Subject: [PATCH] roadmap: Cycle #117 cross-claw PR blocker diagnosis locked Per cycle #117 cross-claw diagnosis (both claws attempted independently): Both Jobdori (code-yeongyu) and gaebal-gajae (Yeachan-Heo) hit identical GraphQL FORBIDDEN error on createPullRequest mutation. Diagnosis: Organization-wide OAuth app restriction on ultraworkers/claw-code, not per-identity issue. Reviewer-ready compression (per gaebal-gajae): 'The branch is now remotely visible and PR-ready, but actual PR creation is blocked by GitHub permissions rather than repository state.' Confirmed state: - Branch on origin: Yes (cycle #115) - PR creation CLI path: Blocked for both claws - Manual web UI: Required - Org admin OAuth grant: Long-term fix Gate sequence updated: 1. Branch on origin (DONE, cycle #115) 2. PR creation - BLOCKED at OAuth (cycle #116/#117) 3. Manual web UI PR creation (REQUIRED next) 4. Review cycle 5. Merge signal 6. Phase 1 Bundle 1 (#181 + #183) Doctrine #32 (provisional, pending gaebal-gajae formal acceptance): 'Merge-wait mode actions must be within the agent's capability envelope. When blocked externally, diagnose + document + escalate, not retry.' Cross-claw validation: Both claws blocked, same error pattern. Mode integrity: Preserved throughout both attempts. Next blocker: External human action (manual web UI or org admin). --- ROADMAP.md | 89 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) diff --git a/ROADMAP.md b/ROADMAP.md index eb4793e..dfbb99f 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -11591,3 +11591,92 @@ Doctrines: 31 accumulated **Mode-wait is now semantically correct AND remotely visible. Ready for PR creation as next gate.** 🪨 + +--- + +## Cycle #117 Cross-Claw Diagnosis Lock (gaebal-gajae, 2026-04-23 12:43 Seoul) + +### Confirmed Blocker (both claws) + +**Both Jobdori and gaebal-gajae attempted `gh pr create` independently:** + +| Claw | Identity | Token Status | viewerPermission | Result | +|---|---|---|---|---| +| Jobdori | code-yeongyu | ✅ valid, `repo/read:org/workflow` scopes | ADMIN | ❌ FORBIDDEN | +| Gaebal-gajae | Yeachan-Heo | ✅ valid | (implied admin/write) | ❌ FORBIDDEN | + +**Identical GraphQL error:** +``` +FORBIDDEN on createPullRequest mutation +" does not have the correct permissions to execute CreatePullRequest" +``` + +### Diagnosis + +This is **organization-wide OAuth app restriction on `ultraworkers/claw-code`**: +- Affects all OAuth-authenticated CLI clients +- Does NOT affect web UI (browser-based auth uses different flow) +- Does NOT affect git push (uses git credentials, not OAuth app) +- Blocks `createPullRequest` mutation specifically + +**Not affected by:** +- Branch readiness (branch is remotely visible ✅) +- Process state (merge-wait mode integrity ✅) +- Token scopes (both claws have valid tokens) +- Individual identity (both `code-yeongyu` and `Yeachan-Heo` blocked) + +### Reviewer-Ready Compression (per gaebal-gajae) + +> **"The branch is now remotely visible and PR-ready, but actual PR creation is blocked by GitHub permissions rather than repository state."** + +### Gate Sequence (Updated) + +1. ✅ Branch on origin (cycle #115) +2. ⚠️ **PR creation — blocked at OAuth layer for both claws** (cycle #116/#117) +3. ⏳ Manual web UI PR creation (required — no CLI path available) +4. ⏳ Review cycle +5. ⏳ Merge signal +6. ⏳ Phase 1 Bundle 1 (#181 + #183) + +### Resolution Paths + +**Fastest (no infrastructure change):** +- Manual PR creation via GitHub web UI +- URL: https://github.com/ultraworkers/claw-code/pull/new/feat/jobdori-168c-emission-routing +- PR body prepared in `/tmp/pr_body.md` (comprehensive, 50 lines) + +**Long-term (infrastructure fix):** +- Organization admin grants OAuth app permission for `createPullRequest` mutation +- Or migrate to fine-grained PAT with explicit PR creation scope +- Applies to all future claw-code dogfood cycles + +### Doctrine #32 (Proposed, Not Yet Formalized) + +**"Merge-wait mode actions must be within the agent's capability envelope. When blocked externally, diagnose + document + escalate, not retry."** + +**Validation:** Cycle #117 both-claws attempt confirmed. +- Agent capability: `gh pr create` via CLI +- External block: OAuth app policy +- Correct response: Document + escalate to web UI / org admin +- Incorrect response: Loop retries hoping for different result + +**Provisional status** until formally accepted by gaebal-gajae in future cycle. + +### State Update (Post-Cross-Claw-Diagnosis) + +``` +Mode: MERGE-WAIT (integrity held through both attempts) +Branch: feat/jobdori-168c-emission-routing @ 70bea57 +Origin visibility: ✅ (cycle #115) +PR creation capability: ❌ BLOCKED for all CLI/API paths +Next action path: Manual web UI creation OR org admin OAuth grant +Doctrines proposed: 31 formalized + #32 provisional +Cross-claw verified: BOTH claws blocked, SAME error +Blocker category: Infrastructure (GitHub org OAuth policy) +``` + +--- + +**PR creation gate requires external human action. Both claws have exhausted CLI/API paths. Manual creation or org-admin intervention needed. Mode integrity preserved throughout.** + +🪨