You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
V48 Gate 3 (specification-implementation): file-tree pickers for source path hints + protected IP exclusions
Source path hints and Protected IP exclusions on /deposits are no
longer typed — they are picked from the repository FILE TREE fetched at
the selected repository·branch·commit:
- New VCS `tree` resource (`/api/vcs?resource=tree&owner&repo&path&ref`)
backed by VCSService.getRepositoryContent (provider listFiles), with
empty/mock payloads alongside the existing resources.
- New VCSFileTreePicker: lazy per-directory loading, expand/collapse,
file rows select their exact path, directory rows select their prefix
(`dir/`), selected-path chips with × removal, square theme.
- MUTUAL EXCLUSIVITY: each picker receives the other's selections as
conflicting paths — conflicting rows are disabled and labeled
('Already a source path hint' / 'Already a protected IP exclusion').
- Page state becomes string arrays; the dispatch payload sends
protectedIpExclusions as an array (route already accepts arrays or
newline strings); concept-level withholding is directed to the
Obfuscations field (caption + explainer copy updated).
Tests: new vcsFileTreePicker suite (empty state, ref-scoped fetch, lazy
directory loading, file/prefix selection, chip removal, conflict
disabling); the deposit dispatch-with-exclusions test now picks
'secret-engine/' from the tree and asserts the array payload.
Spec: presentation-laws section gains the path-inputs-are-file-tree-
pickers law (fetched at the selected source package, mutually
exclusive, arrays on the wire, concepts → Obfuscations).
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@@ -157,8 +158,10 @@ export default function DepositPageClient() {
157
158
const[obfuscations,setObfuscations]=useState(
158
159
"Note anything to obfuscate or withhold from the synthesized options: internal names, proprietary framing, or sensitive specifics the source-safe AssetPacks should avoid surfacing.",
'Optional pointers (one per line or comma-separated) to paths or concepts worth flagging — used to estimate this deposit\'s criticality and cost, not to change what synthesis measures.',
132
+
'Optional pointers picked from the repository file tree (at the selected branch and commit) to paths worth flagging — used to estimate this deposit\'s criticality and cost, not to change what synthesis measures.',
133
133
detail:
134
134
'Hints that look sensitive (mentioning secrets, credentials, wallets, auth, keys, payments, or settlement) raise a review warning and nudge the deposit\'s estimated development cost and expected settlement upward — a client-side heuristic, not a synthesis-time exclusion.',
0 commit comments