Install gate, Phase 1: core gate — corgea pip|npm install <named targets>#111
Open
juangaitanv wants to merge 3 commits into
Open
Install gate, Phase 1: core gate — corgea pip|npm install <named targets>#111juangaitanv wants to merge 3 commits into
juangaitanv wants to merge 3 commits into
Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
juangaitanv
added a commit
that referenced
this pull request
Jun 12, 2026
…gistry Addresses Cursor review on #111. - npm `--tag <value>` now resolves the named dist-tag for a bare spec (`npm install --tag beta pkg` gates the beta release, not latest), so a fresh/vulnerable beta/canary no longer bypasses both blocks. Explicit pins/tags still win. - pip `--pre` makes prereleases eligible: PypiVersion now parses PEP 440 prereleases (dev<a<b<rc, all below the plain release) and the resolver includes them only when `--pre` is set, so the gate verdicts the prerelease pip would install instead of the latest stable. - a custom registry/index flag (`--registry`, `-i`, `--index-url`, `--extra-index-url`) now prints a loud warning that the gate resolves against the default registry and can't vouch the mirrored artifact — full mirror resolution / allow-listing stays out of scope (documented limitation, separate PRD).
juangaitanv
force-pushed
the
install-gate-phase-1
branch
from
68dbba9 to
5a99db0
Compare
juangaitanv
added a commit
that referenced
this pull request
Jun 12, 2026
…gistry Addresses Cursor review on #111. - npm `--tag <value>` now resolves the named dist-tag for a bare spec (`npm install --tag beta pkg` gates the beta release, not latest), so a fresh/vulnerable beta/canary no longer bypasses both blocks. Explicit pins/tags still win. - pip `--pre` makes prereleases eligible: PypiVersion now parses PEP 440 prereleases (dev<a<b<rc, all below the plain release) and the resolver includes them only when `--pre` is set, so the gate verdicts the prerelease pip would install instead of the latest stable. - a custom registry/index flag (`--registry`, `-i`, `--index-url`, `--extra-index-url`) now prints a loud warning that the gate resolves against the default registry and can't vouch the mirrored artifact — full mirror resolution / allow-listing stays out of scope (documented limitation, separate PRD).
juangaitanv
force-pushed
the
install-gate-phase-1
branch
from
5a99db0 to
ddd215b
Compare
Harvested from the install-vuln-gate spike (dfac68e), trimmed to named-target paths: no tree resolution, no uv/yarn/pnpm, no --json, no token auth — public fail-open mode only. - corgea npm|pip wrap their package manager: install verbs (found behind global flags) gate named targets; everything else passes through with the manager's own exit code - two independent blocks: publish recency (-t, default 2d) and the vuln-api verdict on each resolved version - refusal output built for agent self-correction: per-advisory "fixed in <version>" lines and a "→ safe version:" steer naming the highest fix covering every advisory - --force overrides everything; --no-fail demotes recency only - git/URL/path/editable specs are noted, never blocked; -r files and bare installs noted, not gated - public mode fails open: vuln-api outages warn and continue - pip→pip3 binary fallback; pip3/pip-add "did you mean" guidance - SKILL.md: install-wrapper section with limitations + staging targets Verified end-to-end: all four deterministic staging targets (axios@0.21.0, minimist@0.0.8, node-fetch@2.6.0, mezzanine==6.0.0) block with exit 1 and steer to the fixed version; installing the steered version passes.
…gistry Addresses Cursor review on #111. - npm `--tag <value>` now resolves the named dist-tag for a bare spec (`npm install --tag beta pkg` gates the beta release, not latest), so a fresh/vulnerable beta/canary no longer bypasses both blocks. Explicit pins/tags still win. - pip `--pre` makes prereleases eligible: PypiVersion now parses PEP 440 prereleases (dev<a<b<rc, all below the plain release) and the resolver includes them only when `--pre` is set, so the gate verdicts the prerelease pip would install instead of the latest stable. - a custom registry/index flag (`--registry`, `-i`, `--index-url`, `--extra-index-url`) now prints a loud warning that the gate resolves against the default registry and can't vouch the mirrored artifact — full mirror resolution / allow-listing stays out of scope (documented limitation, separate PRD).
…tag, no resolution guessing - pypi resolution adopts the registry's canonical spelling (info.name, guarded to PEP 503-equivalent values so a hostile mirror can't redirect the verdict to another package's identity). The vuln-api keys advisories by lowercase(canonical), so checking a user-typed variant (Flask_Cors) would miss the flask-cors row and fail open. - npm --tag is last-wins like npm's own config parser; gating the first of two --tag flags verdicts the wrong dist-tag. - pick_latest_stable no longer guesses by upload time when nothing parses as PEP 440 (could pick a prerelease without --pre); a visible resolution error replaces the silent wrong pick. - Resolution-error output now states the target is ungated.
juangaitanv
force-pushed
the
install-gate-phase-1
branch
from
ddd215b to
5fb3e5d
Compare
juangaitanv
requested review from
Ibrahimrahhal,
asadeddin,
leenk7991 and
yhoztak
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Phase 1 of the install-gate restart — SHIP
Stacked on #110 (Phase 0). Base:
install-gate-phase-0— retargets tomainautomatically when Phase 0 merges. Review this PR's diff in isolation; it contains only the Phase 1 commit.This is the first user-facing slice:
corgea npm|pip install <named targets>.Scope (per the PRD)
npm --loglevel silent install xis still gated; the verb is found, not the flag value).-t, default2d) and the vuln-api verdict.fixed in <version>lines and a→ safe version: <name>@<version>steer (the highest fix covering every advisory).--force(override everything),--no-fail(demote recency only).pip install ., PEP 508name @ url, npmuser/reposhorthand) pass through with a note, never blocked. Non-install subcommands pass straight through.skills/corgea/SKILL.mdinstall-wrapper section, including the limitations doc (wrapper, not an enforcement boundary).Out of scope (later phases): transitive/tree resolution, bare installs,
npm ci,-rparsing,--json, token auth / fail-closed, yarn/pnpm/uv, retries.Exit criteria — met
Verified end-to-end against the live staging worker (registry + vuln-api via loopback proxy, real npm/pip resolution):
axios@0.21.0axios@0.21.2minimist@0.0.8minimist@1.2.2node-fetch@2.6.0node-fetch@2.6.7mezzanine==6.0.0Installing the steered
axios@0.21.2passes the gate — the self-correction loop closes../harness checkgreen.🤖 Generated with Claude Code