Program completion baseline for aFIPC#92
Conversation
- mirt 추정(MHRM)이 실패할 때 발생하던 `while(!exists('...'))` 무한 루프 문제 해결
- 무한 루프 방지를 위해 최대 재시도 횟수(max_retries = 3) 제한 추가
- 3회 재시도 초과 시 `stop()`을 호출하여 안전하게 에러를 발생시키도록(fail-secure) 처리
- `tests/testthat/test-MHRM-failure-dos.R` 테스트 케이스 추가를 통해 재시도 제한 로직 검증
- .jules/sentinel.md 에 관련 보안 학습 내용 추가
There was a problem hiding this comment.
Pull request overview
Establishes a “program completion” baseline for the aFIPC R package by adding regression/DoS guardrail tests, tightening estimation retry behavior to avoid unbounded loops, and documenting maintainer workflows—while making the unimplemented surveyFA() fallback fail fast with a clear error.
Changes:
- Add deterministic-ish regression fixtures/tests covering prior-update behavior and IPD anchor filtering behavior (via synthetic
mirtmodels). - Replace the unbounded MHRM retry loop with a bounded retry helper and add tests for retry exhaustion/success.
- Update maintainer/runbook/spec docs and templates; add
stats::na.omitimport; makesurveyFA()explicitly error instead of returningNULL.
Reviewed changes
Copilot reviewed 16 out of 17 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
R/aFIPC.R |
Adds bounded MHRM retry helper and replaces infinite retry loop; imports stats::na.omit. |
R/surveyFA.R |
Changes surveyFA() from NULL-returning stub to explicit error (fail-fast). |
NAMESPACE |
Adds importFrom(stats, na.omit) to address R CMD check NOTE. |
man/surveyFA.Rd |
Updates generated docs to reflect surveyFA() placeholder/error behavior. |
tests/testthat/test-MHRM-failure-dos.R |
Adds tests covering bounded retry behavior and safe failure for invalid estimation input. |
tests/testthat/test-regression-fixtures.R |
Adds regression tests for prior-update and IPD anchor behaviors. |
tests/testthat/test-surveyFA.R |
Asserts surveyFA() fails explicitly until implemented. |
tests/testthat/fixtures/fipc-regression-fixtures.R |
Centralizes fixture parameters (seeds/sample sizes/etc.) for regression tests. |
README.md |
Documents baseline plan and clarifies surveyFA() is not implemented. |
docs/plans/2026-07-02-program-completion-baseline.md |
Defines “program completion” criteria and documents the surveyFA() blocker. |
docs/plans/2026-07-02-regression-fixtures.md |
Explains why an older regression-fixture PR should be replaced and sets scope boundaries. |
docs/operations/maintenance-runbook.md |
Updates maintainer commands for the new org/repo and adds duplicate-PR policy + planning links. |
.github/PULL_REQUEST_TEMPLATE.md |
Adds a “Change Category” checklist to classify PR intent. |
ARCHITECTURE.md |
Updates roadmap wording and repository URL to the current org. |
.jules/sentinel.md |
Documents the historical DoS risk from unbounded retry loops and prevention guidance. |
docs/superpowers/specs/2026-07-02-afipc-maintenance-design.md |
Adds maintenance design spec, constraints, and evidence snapshot. |
docs/superpowers/plans/2026-07-02-afipc-maintenance-plan.md |
Adds detailed execution plan with commands/gates for queue triage and maintenance work. |
Files not reviewed (1)
- man/surveyFA.Rd: Generated file
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
OpenCode exhausted the configured model pool without a usable current-head review conclusion. This is not approval evidence, so the PR is blocked until a source-backed review can establish approval sufficiency or identify concrete fixes.
Findings
1. HIGH review evidence:1 - OpenCode could not establish approval sufficiency
- Problem: every configured model path failed to produce a usable current-head control block.
- Root cause: model execution, timeout, export, normalization, or approval-gate validation did not complete after exponential retry across the configured model pool.
- Impact: approving from deterministic check state alone would miss PR-intent mismatches, missing files, edge-case bugs, robustness gaps, UX/DX regressions, security issues, and CodeGraph-backed base/head flow changes.
- Fix: rerun OpenCode after model availability recovers, or update the PR with the missing files, tests, docs, generated artifacts, and verification evidence needed for a source-backed review conclusion.
- Regression test: keep the approval gate posting REQUEST_CHANGES, not APPROVE or check-only failure, when no model produces a valid current-head review.
Summary
- Result: REQUEST_CHANGES
- Reason: coverage-evidence passed and peer GitHub Checks completed without failures, but no model produced a valid review control block.
- Deterministic evidence checked but not used for approval: current-head changed-file evidence (.github/PULL_REQUEST_TEMPLATE.md, .jules/sentinel.md, ARCHITECTURE.md, NAMESPACE, R/aFIPC.R, R/surveyFA.R, README.md, docs/operations/maintenance-runbook.md); coverage-evidence result success; peer checks from statusCheckRollup excluding this OpenCode check.
- Model outcome: model_pool=exhausted; selected_model=none.
- Head SHA:
5f1b0f5813785c798e59b561df52161723f83913 - Workflow run: 28558250107
- Workflow attempt: 1
No PR approval was posted because model-output failure is not evidence that the PR has no blockers.
Inline comment note: OpenCode could not find an added RIGHT-side diff line for this PR, so the model-exhaustion blocker is attached to the PR review body instead of a file line.
Changed-File Evidence Map
flowchart LR
PR["PR changed files"] --> Evidence["OpenCode bounded evidence"]
Evidence --> S1["Changed file (8 files)"]
S1 --> I1["repository behavior"]
I1 --> R1["Review risk: Changed file (8 files)"]
R1 --> V1["required checks"]
Evidence --> S2["Docs (5 files)"]
S2 --> I2["operator or user guidance"]
I2 --> R2["Review risk: Docs (5 files)"]
R2 --> V2["docs review"]
Evidence --> S3["Test (4 files)"]
S3 --> I3["regression suite"]
I3 --> R3["Review risk: Test (4 files)"]
R3 --> V3["targeted test run"]
OpenCode Review Overview
Pull request overviewOpenCode reviewed the current-head bounded evidence and found no blocking issues. FindingsNo blocking findings. SummaryApproval sufficiency: bounded evidence supplied affirmative approval evidence for changed files, coverage/docstring posture, risk surfaces, and current-head verification; approval is not based merely on the absence of known blockers.
Changed-File Evidence Mapflowchart LR
PR["PR changed files"] --> Evidence["OpenCode bounded evidence"]
Evidence --> S1["Changed file (10 files)"]
S1 --> I1["repository behavior"]
I1 --> R1["Review risk: Changed file (10 files)"]
R1 --> V1["required checks"]
Evidence --> S2["Docs (10 files)"]
S2 --> I2["operator or user guidance"]
I2 --> R2["Review risk: Docs (10 files)"]
R2 --> V2["docs review"]
Evidence --> S3["Test (6 files)"]
S3 --> I3["regression suite"]
I3 --> R3["Review risk: Test (6 files)"]
R3 --> V3["targeted test run"]
|
There was a problem hiding this comment.
Pull request overview
OpenCode exhausted the configured model pool without a usable current-head review conclusion. This is not approval evidence, so the PR is blocked until a source-backed review can establish approval sufficiency or identify concrete fixes.
Findings
1. HIGH review evidence:1 - OpenCode could not establish approval sufficiency
- Problem: every configured model path failed to produce a usable current-head control block.
- Root cause: model execution, timeout, export, normalization, or approval-gate validation did not complete after exponential retry across the configured model pool.
- Impact: approving from deterministic check state alone would miss PR-intent mismatches, missing files, edge-case bugs, robustness gaps, UX/DX regressions, security issues, and CodeGraph-backed base/head flow changes.
- Fix: rerun OpenCode after model availability recovers, or update the PR with the missing files, tests, docs, generated artifacts, and verification evidence needed for a source-backed review conclusion.
- Regression test: keep the approval gate posting REQUEST_CHANGES, not APPROVE or check-only failure, when no model produces a valid current-head review.
Summary
- Result: REQUEST_CHANGES
- Reason: coverage-evidence passed and peer GitHub Checks completed without failures, but no model produced a valid review control block.
- Deterministic evidence checked but not used for approval: current-head changed-file evidence (.github/PULL_REQUEST_TEMPLATE.md, .jules/sentinel.md, ARCHITECTURE.md, NAMESPACE, R/aFIPC.R, R/surveyFA.R, README.md, docs/operations/maintenance-runbook.md); coverage-evidence result success; peer checks from statusCheckRollup excluding this OpenCode check.
- Model outcome: model_pool=exhausted; selected_model=none.
- Head SHA:
5f1b0f5813785c798e59b561df52161723f83913 - Workflow run: 28558250107
- Workflow attempt: 2
No PR approval was posted because model-output failure is not evidence that the PR has no blockers.
Inline comment note: OpenCode could not find an added RIGHT-side diff line for this PR, so the model-exhaustion blocker is attached to the PR review body instead of a file line.
Changed-File Evidence Map
flowchart LR
PR["PR changed files"] --> Evidence["OpenCode bounded evidence"]
Evidence --> S1["Changed file (8 files)"]
S1 --> I1["repository behavior"]
I1 --> R1["Review risk: Changed file (8 files)"]
R1 --> V1["required checks"]
Evidence --> S2["Docs (5 files)"]
S2 --> I2["operator or user guidance"]
I2 --> R2["Review risk: Docs (5 files)"]
R2 --> V2["docs review"]
Evidence --> S3["Test (4 files)"]
S3 --> I3["regression suite"]
I3 --> R3["Review risk: Test (4 files)"]
R3 --> V3["targeted test run"]
|
Verification evidence for head
Remaining merge blocker is not a code/test failure: Required OpenCode Review posted |
There was a problem hiding this comment.
Pull request overview
OpenCode reviewed the current-head bounded evidence and found no blocking issues.
Findings
No blocking findings.
Summary
Approval sufficiency: bounded evidence supplied affirmative approval evidence for changed files, coverage/docstring posture, risk surfaces, and current-head verification; approval is not based merely on the absence of known blockers.
Verification posture: CodeGraph evidence was initialized and bounded current-head evidence reviewed for changed-file evidence including .github/PULL_REQUEST_TEMPLATE.md, .jules/sentinel.md, ARCHITECTURE.md, README.md, docs/commercial/2026-07-02-krw-2b-sale-readiness.md, and 9 more.
Linter/static: workflow/static review evidence is bounded by the current-head GitHub Checks gate and changed-file evidence.
TDD/regression: coverage execution evidence and focused changed hunks were reviewed from bounded-review-evidence.md.
Coverage: coverage execution evidence reports supported repository test suites passed.
Docstring coverage: coverage execution evidence reports configured repository docstring gates passed or docstring coverage was advisory.
DAG: CodeGraph/source-backed behavior map connects .github/PULL_REQUEST_TEMPLATE.md to the affected review, runtime, or workflow path and required checks.
PoC/execution: coverage-evidence job executed on the current head and reported PASS.
DDD/domain: workflow and repository-governance invariants were reviewed against changed files in bounded evidence.
CDD/context: CodeGraph evidence, changed-file history, and focused hunks were reviewed from bounded-review-evidence.md.
Similar issues: changed-file history evidence was reviewed for comparable local precedents.
Claim/concept check: bounded evidence, repository source, current-head workflow evidence, and, where numeric, scientific, statistical, or literature-backed claims are affected, original-paper/formula evidence and parameter-recovery expectations were used for claims.
Standards search: standards and external-source checks are delegated to configured OpenCode web_search/Context7/DeepWiki sources when applicable; no evidence-backed standards blocker is present in bounded evidence.
Compatibility/convention: changed workflow/script conventions, object naming, and reserved-word safety for schema/API/config/code surfaces were checked in bounded evidence.
Breaking-change/backcompat: deployment evidence and changed-file history were checked for backward-compatibility risk.
Performance: changed surfaces were checked for performance risk in bounded evidence.
Developer experience: changed automation, review, test, setup, and maintenance surfaces were checked for helpful or obstructive DX impact in bounded evidence.
User experience: connected user, operator, API, CLI, documentation, review-comment, status-check, rendering, and workflow-reader behavior was checked for contradictions against code, docs, and tests in bounded evidence.
Visual/DOM: Playwright visual, DOM locator, ARIA snapshot, console, and responsive evidence were checked when a web UI surface was present; for non-web surfaces, API/CLI/log/docs/workflow interaction evidence was reviewed instead.
Accessibility/i18n: accessibility, localization, and human-readable text surfaces were checked where UI, CLI, API message, docs, logs, or review text changed.
Supply-chain/license: dependency, package, model, container, and external-tool changes were checked in bounded evidence.
Packaging: package, build, test, lint, and security contracts were checked in bounded evidence.
Security/privacy: workflow-token, review-gate, and repository-automation security/privacy boundaries were checked in bounded evidence.
- Result: APPROVE
- Reason: Changes are correctly implemented and verified through tests.
- Head SHA:
bb40dca00b98b18eb17755ed4aa1c09635b5fd4f - Workflow run: 28566876406
- Workflow attempt: 1
Changed-File Evidence Map
flowchart LR
PR["PR changed files"] --> Evidence["OpenCode bounded evidence"]
Evidence --> S1["Changed file (10 files)"]
S1 --> I1["repository behavior"]
I1 --> R1["Review risk: Changed file (10 files)"]
R1 --> V1["required checks"]
Evidence --> S2["Docs (10 files)"]
S2 --> I2["operator or user guidance"]
I2 --> R2["Review risk: Docs (10 files)"]
R2 --> V2["docs review"]
Evidence --> S3["Test (6 files)"]
S3 --> I3["regression suite"]
I3 --> R3["Review risk: Test (6 files)"]
R3 --> V3["targeted test run"]
There was a problem hiding this comment.
Pull request overview
OpenCode reviewed the current-head bounded evidence and found no blocking issues.
Findings
No blocking findings.
Summary
Approval sufficiency: bounded evidence supplied affirmative approval evidence for changed files, coverage/docstring posture, risk surfaces, and current-head verification; approval is not based merely on the absence of known blockers.
Verification posture: CodeGraph evidence was initialized and bounded current-head evidence reviewed for changed-file evidence including .github/PULL_REQUEST_TEMPLATE.md, .jules/sentinel.md, ARCHITECTURE.md, README.md, docs/commercial/2026-07-02-krw-2b-sale-readiness.md, and 9 more.
Linter/static: workflow/static review evidence is bounded by the current-head GitHub Checks gate and changed-file evidence.
TDD/regression: coverage execution evidence and focused changed hunks were reviewed from bounded-review-evidence.md.
Coverage: coverage execution evidence reports supported repository test suites passed.
Docstring coverage: coverage execution evidence reports configured repository docstring gates passed or docstring coverage was advisory.
DAG: CodeGraph/source-backed behavior map connects .github/PULL_REQUEST_TEMPLATE.md to the affected review, runtime, or workflow path and required checks.
PoC/execution: coverage-evidence job executed on the current head and reported PASS.
DDD/domain: workflow and repository-governance invariants were reviewed against changed files in bounded evidence.
CDD/context: CodeGraph evidence, changed-file history, and focused hunks were reviewed from bounded-review-evidence.md.
Similar issues: changed-file history evidence was reviewed for comparable local precedents.
Claim/concept check: bounded evidence, repository source, current-head workflow evidence, and, where numeric, scientific, statistical, or literature-backed claims are affected, original-paper/formula evidence and parameter-recovery expectations were used for claims.
Standards search: standards and external-source checks are delegated to configured OpenCode web_search/Context7/DeepWiki sources when applicable; no evidence-backed standards blocker is present in bounded evidence.
Compatibility/convention: changed workflow/script conventions, object naming, and reserved-word safety for schema/API/config/code surfaces were checked in bounded evidence.
Breaking-change/backcompat: deployment evidence and changed-file history were checked for backward-compatibility risk.
Performance: changed surfaces were checked for performance risk in bounded evidence.
Developer experience: changed automation, review, test, setup, and maintenance surfaces were checked for helpful or obstructive DX impact in bounded evidence.
User experience: connected user, operator, API, CLI, documentation, review-comment, status-check, rendering, and workflow-reader behavior was checked for contradictions against code, docs, and tests in bounded evidence.
Visual/DOM: Playwright visual, DOM locator, ARIA snapshot, console, and responsive evidence were checked when a web UI surface was present; for non-web surfaces, API/CLI/log/docs/workflow interaction evidence was reviewed instead.
Accessibility/i18n: accessibility, localization, and human-readable text surfaces were checked where UI, CLI, API message, docs, logs, or review text changed.
Supply-chain/license: dependency, package, model, container, and external-tool changes were checked in bounded evidence.
Packaging: package, build, test, lint, and security contracts were checked in bounded evidence.
Security/privacy: workflow-token, review-gate, and repository-automation security/privacy boundaries were checked in bounded evidence.
- Result: APPROVE
- Reason: The PR introduces a program-completion baseline for aFIPC with numerical regression fixtures and bounded MHRM retry behavior, all verified by passing test suites.
- Head SHA:
e92d536db75ef4fece9d65dbb37c0dba76f5ea23 - Workflow run: 28582970133
- Workflow attempt: 1
Changed-File Evidence Map
flowchart LR
PR["PR changed files"] --> Evidence["OpenCode bounded evidence"]
Evidence --> S1["Changed file (10 files)"]
S1 --> I1["repository behavior"]
I1 --> R1["Review risk: Changed file (10 files)"]
R1 --> V1["required checks"]
Evidence --> S2["Docs (10 files)"]
S2 --> I2["operator or user guidance"]
I2 --> R2["Review risk: Docs (10 files)"]
R2 --> V2["docs review"]
Evidence --> S3["Test (6 files)"]
S3 --> I3["regression suite"]
I3 --> R3["Review risk: Test (6 files)"]
R3 --> V3["targeted test run"]
There was a problem hiding this comment.
Pull request overview
OpenCode reviewed the current-head bounded evidence and found no blocking issues.
Findings
No blocking findings.
Summary
Approval sufficiency: bounded evidence supplied affirmative approval evidence for changed files, coverage/docstring posture, risk surfaces, and current-head verification; approval is not based merely on the absence of known blockers.
Verification posture: CodeGraph evidence was initialized and bounded current-head evidence reviewed for changed-file evidence including .github/PULL_REQUEST_TEMPLATE.md, .jules/sentinel.md, ARCHITECTURE.md, README.md, docs/commercial/2026-07-02-krw-2b-sale-readiness.md, and 9 more.
Linter/static: workflow/static review evidence is bounded by the current-head GitHub Checks gate and changed-file evidence.
TDD/regression: coverage execution evidence and focused changed hunks were reviewed from bounded-review-evidence.md.
Coverage: coverage execution evidence reports supported repository test suites passed.
Docstring coverage: coverage execution evidence reports configured repository docstring gates passed or docstring coverage was advisory.
DAG: CodeGraph/source-backed behavior map connects .github/PULL_REQUEST_TEMPLATE.md to the affected review, runtime, or workflow path and required checks.
PoC/execution: coverage-evidence job executed on the current head and reported PASS.
DDD/domain: workflow and repository-governance invariants were reviewed against changed files in bounded evidence.
CDD/context: CodeGraph evidence, changed-file history, and focused hunks were reviewed from bounded-review-evidence.md.
Similar issues: changed-file history evidence was reviewed for comparable local precedents.
Claim/concept check: bounded evidence, repository source, current-head workflow evidence, and, where numeric, scientific, statistical, or literature-backed claims are affected, original-paper/formula evidence and parameter-recovery expectations were used for claims.
Standards search: standards and external-source checks are delegated to configured OpenCode web_search/Context7/DeepWiki sources when applicable; no evidence-backed standards blocker is present in bounded evidence.
Compatibility/convention: changed workflow/script conventions, object naming, and reserved-word safety for schema/API/config/code surfaces were checked in bounded evidence.
Breaking-change/backcompat: deployment evidence and changed-file history were checked for backward-compatibility risk.
Performance: changed surfaces were checked for performance risk in bounded evidence.
Developer experience: changed automation, review, test, setup, and maintenance surfaces were checked for helpful or obstructive DX impact in bounded evidence.
User experience: connected user, operator, API, CLI, documentation, review-comment, status-check, rendering, and workflow-reader behavior was checked for contradictions against code, docs, and tests in bounded evidence.
Visual/DOM: Playwright visual, DOM locator, ARIA snapshot, console, and responsive evidence were checked when a web UI surface was present; for non-web surfaces, API/CLI/log/docs/workflow interaction evidence was reviewed instead.
Accessibility/i18n: accessibility, localization, and human-readable text surfaces were checked where UI, CLI, API message, docs, logs, or review text changed.
Supply-chain/license: dependency, package, model, container, and external-tool changes were checked in bounded evidence.
Packaging: package, build, test, lint, and security contracts were checked in bounded evidence.
Security/privacy: workflow-token, review-gate, and repository-automation security/privacy boundaries were checked in bounded evidence.
- Result: APPROVE
- Reason: The PR introduces a robust program-completion baseline for aFIPC, including numerical regression fixtures and bounded retry behavior with tests.
- Head SHA:
90e4ccfbcc9f69386e0cb34d882c377a60ad9132 - Workflow run: 28627506408
- Workflow attempt: 1
Changed-File Evidence Map
flowchart LR
PR["PR changed files"] --> Evidence["OpenCode bounded evidence"]
Evidence --> S1["Changed file (10 files)"]
S1 --> I1["repository behavior"]
I1 --> R1["Review risk: Changed file (10 files)"]
R1 --> V1["required checks"]
Evidence --> S2["Docs (10 files)"]
S2 --> I2["operator or user guidance"]
I2 --> R2["Review risk: Docs (10 files)"]
R2 --> V2["docs review"]
Evidence --> S3["Test (6 files)"]
S3 --> I3["regression suite"]
I3 --> R3["Review risk: Test (6 files)"]
R3 --> V3["targeted test run"]
Summary
This PR creates a program-completion baseline for
aFIPCinstead of stopping at maintenance planning. It integrates the safe completion-critical work from the existing lanes and adds the remaining package readiness fixes.Included:
stats::na.omitnamespace import to remove the R CMD check code NOTE;surveyFA()failure behavior instead of an exported NULL-returning stub;ContextualWisdomLab/kaefaadapter blocker documented for follow-up scope.Program completion status
autoFIPC()is package-installable and usable through the directmirtmodel-input path covered by tests.surveyFA()now has tested bounded recovery behavior for selected recoverable inputs and explicit bounded failure for unrecoverable inputs. No guessed calibration replacement logic is added.The package is presented as a KRW 2B target technical diligence asset, not as a price guarantee, legal opinion, tax opinion, IP assignment, or buyer acceptance. The current transaction package keeps
aFIPCas one R package and one sale unit; no submodule or separate library split is introduced before buyer acceptance.Latest verification
Current local verification for head
90e4ccfbcc9f69386e0cb34d882c377a60ad9132:R_PROFILE_USER=/dev/null Rscript scripts/validate-sale-readiness.RSALE_READINESS_OKtestthat:FAIL 0,WARN 0,SKIP 0,PASS 51R CMD check --no-manual --as-cran:0 errors,0 warnings,1 NOTE(New submission)npx -y markdownlint-cli2@0.18.1 README.md AGENTS.md ARCHITECTURE.md CLAUDE.md CONTRIBUTING.md .github/**/*.md docs/**/*.md0 error(s)GitHub/Data Analytics lookup on the current PR head:
90e4ccfbcc9f69386e0cb34d882c377a60ad9132.0.Related operational update
seonghobae/kaefahas been transferred toContextualWisdomLab/kaefaand remains the likely follow-up surface for any maintainer-approved adapter work that needs separate numerical-equivalence fixtures.Safety
No broad numerical rewrite is included. The sale-readiness claim is limited to the repository-native technical evidence, validation gates, known limits, and handover materials in this branch.