Skip to content

fix: consume keychain exists mitigation#405

Merged
rianjs merged 4 commits into
mainfrom
fix/404-keychain-brew-upgrade-prompts
Jun 30, 2026
Merged

fix: consume keychain exists mitigation#405
rianjs merged 4 commits into
mainfrom
fix/404-keychain-brew-upgrade-prompts

Conversation

@rianjs

@rianjs rianjs commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Closes #404

Summary

  • consume the cli-common Store.Exists mitigation released in v0.4.1, which prefers metadata/ref-only lookups over secret reads
  • align the release comment with the actual self-signed Keychain behavior
  • keep the downstream dependency on a released shared-library version instead of a pseudo-version

Verification

  • go test ./...
  • make build
  • make lint
  • local stale-item probe against the shared fix showed published Exists behavior at about 6.3s versus about 10ms with the patched dependency

@rianjs

rianjs commented Jun 29, 2026

Copy link
Copy Markdown
Contributor Author

Depends on open-cli-collective/cli-common#65. Once that merges, I will repin this PR to the resulting main-branch commit before merge so the dependency is not left on an orphaned pseudo-version.

@rianjs rianjs marked this pull request as ready for review June 29, 2026 14:14
@rianjs-bot

rianjs-bot Bot commented Jun 29, 2026

Copy link
Copy Markdown

Automated PR Review

Reviewed commit: f27b7f6a3cfb
Profile: codex-rianjs-bot - Posting as: rianjs-bot[bot]

Summary

Reviewer Findings
automation:ci-release 0
go:implementation-tests 0
policies:conventions 0

Reviewer Coverage

Reviewer Status Inspected Skipped Constraints
automation:ci-release complete_broad .goreleaser.yml unavailable Review scope limited to the assigned automation file .goreleaser.yml.
go:implementation-tests complete_broad go.mod, go.sum unavailable Review scope was intentionally limited to the assigned dependency files (go.mod, go.sum); the upstream cli-common implementation change itself was not part of the inspected diff.; rtk go test ./... returned a non-zero status in this environment without useful surfaced output, so this review relied on the visible dependency diff and nearby repo-local test coverage.
policies:conventions complete_broad .goreleaser.yml, go.mod, go.sum unavailable Network-restricted sandbox prevented fetching Go modules, so I could not independently confirm go mod tidy behavior for the new pseudo-version pin beyond the checked-in diff and local repo guidance.; Review scope limited to repo-local guidance plus shared-standard references visible in this checkout; the canonical ../cli-common/docs convenience copy is not present here.

0 PR discussion threads considered. 0 summarized; 0 resolved.


Completed in 2m 10s | unavailable | gpt-5.4 | cr 0.10.196
Field Value
Model gpt-5.4
Reviewers automation:ci-release, go:implementation-tests, policies:conventions
Engine codex_cli · gpt-5.4
Reviewed by cr · rianjs-bot[bot]
Duration 2m 10s wall · 3m 31s compute
Cost unavailable
Tokens 408.1k in / 9.8k out

Per-workstream usage

Workstream Model In Out Cache read Cache create Cost Duration
orchestrator-selection gpt-5.4 25.2k 609 15.1k unavailable unavailable 17s
automation:ci-release gpt-5.4 34.2k 925 21.8k unavailable unavailable 20s
go:implementation-tests gpt-5.4 130.8k 3.9k 100.7k unavailable unavailable 1m 19s
policies:conventions gpt-5.4 195.7k 4.1k 161.0k unavailable unavailable 1m 24s
orchestrator-rollup gpt-5.4 22.1k 271 18.2k unavailable unavailable 9s

@rianjs-bot rianjs-bot Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automated PR review completed with outcome: approved.

@rianjs rianjs force-pushed the fix/404-keychain-brew-upgrade-prompts branch from f27b7f6 to 4f05f43 Compare June 30, 2026 13:49
@rianjs-bot

rianjs-bot Bot commented Jun 30, 2026

Copy link
Copy Markdown

Automated PR Review

Reviewed commit: 4f05f434e37c
Profile: codex-rianjs-bot - Posting as: rianjs-bot[bot]

Summary

Reviewer Findings
automation:ci-release 0
go:implementation-tests 0
policies:conventions 0

Reviewer Coverage

Reviewer Status Inspected Skipped Constraints
automation:ci-release complete_constrained .goreleaser.yml unavailable Review scoped to the assigned automation file .goreleaser.yml only.
go:implementation-tests complete_constrained go.mod, go.sum unavailable Review scope was limited to the assigned dependency files (go.mod and go.sum); no repository code or tests outside that diff were inspected.
policies:conventions complete_constrained .goreleaser.yml, go.mod, go.sum unavailable Shared cli-common convenience docs were not present locally, so this review was limited to the repo-local guidance in docs/development.md and the visible diff/context.

0 PR discussion threads considered. 0 summarized; 0 resolved.


Completed in 1m 35s | unavailable | gpt-5.4 | cr 0.10.197
Field Value
Model gpt-5.4
Reviewers automation:ci-release, go:implementation-tests, policies:conventions
Engine codex_cli · gpt-5.4
Reviewed by cr · rianjs-bot[bot]
Duration 1m 35s wall · 2m 16s compute
Cost unavailable
Tokens 256.1k in / 6.0k out

Per-workstream usage

Workstream Model In Out Cache read Cache create Cost Duration
orchestrator-selection gpt-5.4 49.1k 1.3k 22.7k unavailable unavailable 29s
automation:ci-release gpt-5.4 56.8k 1.2k 42.6k unavailable unavailable 28s
go:implementation-tests gpt-5.4 55.7k 1.8k 29.8k unavailable unavailable 37s
policies:conventions gpt-5.4 71.8k 1.5k 43.1k unavailable unavailable 32s
orchestrator-rollup gpt-5.4 22.8k 255 15.1k unavailable unavailable 8s

@rianjs-bot rianjs-bot Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automated PR review completed with outcome: approved.

@rianjs rianjs merged commit 8bbca6a into main Jun 30, 2026
10 checks passed
@rianjs rianjs deleted the fix/404-keychain-brew-upgrade-prompts branch June 30, 2026 13:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Fix Keychain access prompts after Homebrew upgrades

1 participant