Skip to content

feat(neo): native ~/.senpi store readers + neo.theme write path (neo-go-tui task 4)#121

Merged
code-yeongyu merged 1 commit into
mainfrom
neo/store
Jul 5, 2026
Merged

feat(neo): native ~/.senpi store readers + neo.theme write path (neo-go-tui task 4)#121
code-yeongyu merged 1 commit into
mainfrom
neo/store

Conversation

@code-yeongyu

@code-yeongyu code-yeongyu commented Jul 5, 2026

Copy link
Copy Markdown
Owner

Summary

Plan task 4 of .omo/plans/neo-go-tui.md: native Go readers for the ~/.senpi store (settings, keybindings, sessions, models, auth presence, themes) plus the lock-replicating settings write path the neo TUI persists its skin through. Additive only, packages/neo internal.

Changes

  • internal/store: agent-dir resolution (env derived from AppName, mirroring config.ts — a pi build reads PI_CODING_AGENT_DIR/.pi), settings global+project merge (project wins), keybindings reader, sessions scanner (safe-path dirs, <timestamp>_<id>.jsonl, header+entry parsing sufficient for the picker, corrupted-line skip-with-warning), models.json, auth presence/type map only, custom themes listing.
  • settings_write.go: replicates FileSettingsStorage.withLock (same lockfile path + retry semantics; read-current → merge only neo fields → write; never whole-file overwrite); persists neo.theme as a separate key — classic theme is never written.
  • qaharness/writeqa: manual-QA driver commands.

QA / Evidence

Evidence: .omo/evidence/task-4-neo-go-tui.txt (+ task-4-qa/) in the work worktree.

  • 35+ table tests incl. a concurrent-writer race test (Go writer vs simulated classic writer) — green under -race; corrupted-JSONL fixture skipped, not fatal.
  • Manual QA: sandbox copy of a real sessions tree — picker data matches ls ground truth (machine-checked report); missing agent dir → clean defaults, no crash; real ~/.senpi/agent/auth.json sha256 identical before/after.
  • Audit round: auth-leak test rewritten falsifiable (canary literal asserted absent from the marshaled struct, with a labeled post-hoc mutation proof it CAN fail); Config parameterization fixed TDD-first (pi-build resolves .pi/ through both entry points, RED captured before the fix); evidence counts corrected. Re-audit verdict: real, no issues.
  • Gates: go build/vet/gofmt/test -count=1 + -race green; npm run check exit 0.

Risks

  • A concurrent classic senpi writing settings is the sharpest edge — covered by the lockfile-replication design plus the race test; neo.theme isolation keeps classic behavior untouched.

Secret safety

No key material ever enters store structs (canary-guarded); no secrets in fixtures or evidence.


Summary by cubic

Adds native Go readers for the ~/.senpi store and a lock-replicating settings write path so the neo TUI can read config and persist its skin safely without affecting classic behavior. Changes are additive and internal to packages/neo/internal/store, mirroring the classic TypeScript loaders.

  • New Features
    • Agent dir resolution with Config (env override from AppName; defaults to <home>/.senpi/agent), supporting senpi and pi (.pi) builds.
    • Settings: load and deep-merge global + project (project wins); read neo.theme with fallback to classic theme; writer merges only neo.theme under the same <settings.json>.lock directory lock (retries + stale handling), never overwrites the file or touches classic theme; project scope respects ConfigDirName.
    • Sessions: scan safe-path cwd directories; parse header and entries from <timestamp>_<id>.jsonl; count messages, first user message, created/modified times; skip corrupt JSONL lines with warnings; handles very long lines.
    • Keybindings: read keybindings.json as action → keys (string or array of strings); malformed or mixed types are ignored; missing file yields defaults.
    • Models: read models.json (providers map + optional disabledProviders); missing file is OK; corrupt file returns an error.
    • Auth: expose provider → credential type only (api_key/oauth); never read or store key material (guarded by canary tests).
    • Themes: list custom themes from themes/ by inner "name"; non-JSON or nameless files are skipped.
    • Manual QA helpers: qaharness (sandbox scan/isolation) and writeqa (write-path receipt).

Written for commit 3aaf769. Summary will update on new commits.

Review in cubic

internal/store: agent-dir resolution (env-derived from AppName, mirroring
config.ts), settings global+project merge with project .pi/settings.json
precedence, keybindings.json reader, sessions scanner (safe-path dirs,
<timestamp>_<id>.jsonl, SessionHeader + picker-sufficient SessionEntry
parsing with corrupted-line skip), models.json, auth.json presence/type
map only (key material never enters structs — guarded by a falsifiable
canary-marshal test), custom themes listing. Settings writes replicate
FileSettingsStorage.withLock (same lockfile path + retry semantics,
read-merge-write of only neo fields, never whole-file overwrite) and
persist the skin under a separate neo.theme key; a concurrent-writer race
test pins coexistence with a classic senpi writer. Config parameterizes
app naming so a pi build resolves .pi/ through every entry point.
qaharness/writeqa are the manual-QA driver commands.

Plan: .omo/plans/neo-go-tui.md
@gitguardian

gitguardian Bot commented Jul 5, 2026

Copy link
Copy Markdown

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secret in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
34569191 Triggered Generic High Entropy Secret 3aaf769 packages/neo/internal/store/auth_test.go View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secret safely. Learn here the best practices.
  3. Revoke and rotate this secret.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider


🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@code-yeongyu code-yeongyu enabled auto-merge July 5, 2026 17:13
@code-yeongyu code-yeongyu merged commit 4293969 into main Jul 5, 2026
3 checks passed
@code-yeongyu code-yeongyu deleted the neo/store branch July 5, 2026 17:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant