feat: expose fail-closed Windows cleanup proof#1
Conversation
|
Cursor (@cursor) review Please review exact head 0eb9b4f, focusing on fail-closed owning-container proof, non-masking time bounds, generated dist, and upstream-sync privilege separation. |
|
Cursor (@cursor) review Please review exact head 57a403b; the only delta removes the inherited broken cat-comment workflow after its 403 CI failure. |
Reviewed exact head No concrete defects found in:
I also checked current CI: the only failure is the |
|
Cursor (@cursor) review Please review exact head 8c097cc: finalizer fetches verified upstream, checked diff materialization prevents swallowed failures, and --no-renames classifies both sides of renames. |
Reviewed exact head |
|
Cursor (@cursor) review Please review exact head efeb5ad; new delta makes the Windows matrix fail if any successful build lacks activation-owning resourceSafe=true proof. |
Reviewed exact head |
Reviewed exact head |
|
Cursor (@cursor) review Please review exact head 0ec7ce7; new delta makes Linux integrity rebuild dist and fail on any generated-source drift. |
|
Cursor (@cursor) review exact commit d5405bc. Please report every issue, including minor findings, or explicitly state zero issues. |
|
copilot-pull-request-reviewer review exact commit d5405bc. Please report every issue, including minor findings, or explicitly state zero issues. |
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
5 issues from previous reviews remain unresolved.
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit d5405bc. Configure here.
|
Cursor (@cursor) review exact commit 13ec42d. Please report every issue, including minor findings, or explicitly state zero issues. |
|
copilot-pull-request-reviewer review exact commit 13ec42d. Please report every issue, including minor findings, or explicitly state zero issues. |
|
Cursor (@cursor) review exact commit 6574b30. Please report every issue, including minor findings, or explicitly state zero issues. |
|
copilot-pull-request-reviewer review exact commit 6574b30. Please report every issue, including minor findings, or explicitly state zero issues. |
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit 6574b30. Configure here.

Summary
resourceSafeonly after the activation-owning Windows container returns Unity successfullyVerification
Note
High Risk
Changes Unity license lifecycle signaling, Windows Docker/env wiring, and org-wide build-lock release semantics; mistakes could block paid builds or report unsafe cleanup as safe.
Overview
Adds a
resourceSafeaction output that staysfalseby default and becomestrueonly on Windows when the activation-owning container writes a nonce-bound proof after a successful Unity license return; build exit codes stay authoritative and uncertain cleanup stays fail-closed.Runtime wiring creates a per-attempt proof under
RUNNER_TEMP, mounts it into the Windows Docker image, passes nonce/path env vars, and sets the output afterResourceCleanupProof.consumein the local Windows build path.CI and fork policy run
verify-resource-cleanup-contract.mjs(RC001–RC014) in Integrity, enforce a freshdistdiff, add a Windows push job for the PowerShell proof contract, and gate the paid-license Windows matrix behind org build locks plus classify/release/verify steps (manual dispatch only). Mac/Ubuntu paid matrices drop automaticpushtriggers, usemax-parallel: 1, and macOS builds run only ongame-ci/unity-builder.Fork maintenance adds
UPSTREAM_COMMIT,FORK_MAINTENANCE.md, scheduledUpstream Sync(docs-only auto-merge; executable upstream changes open a singleton tracking issue), and removes the cats PR workflow.Reviewed by Cursor Bugbot for commit 6574b30. Bugbot is set up for automated code reviews on this repo. Configure here.