Skip to content

Pipeline + anisette audit: findings, corrected _install analysis, anisette list fix#57

Merged
The-Big-Mini merged 2 commits into
developfrom
ClaudeCode
Jul 3, 2026
Merged

Pipeline + anisette audit: findings, corrected _install analysis, anisette list fix#57
The-Big-Mini merged 2 commits into
developfrom
ClaudeCode

Conversation

@The-Big-Mini

@The-Big-Mini The-Big-Mini commented Jul 3, 2026

Copy link
Copy Markdown
Owner

Summary

Broad, evidence-based audit of the core operation pipeline (install / refresh / update / backup / restore / activate) and the anisette subsystem (fetch operation, manager, server-list UI). Both are structurally sound; this PR records the verified findings, corrects a stale analysis in gotchas.md, and ships one safe UI-only anisette fix.

Type of change

  • Bug fix — resolves incorrect behavior without changing existing APIs
  • Documentation or tooling

Changes

  • Anisette server list — pre-select the current server (AnisetteServerList.swift). The list opened with no row selected, so the active server (persisted in menuAnisetteURL) showed no checkmark until the user re-tapped a row. It now initializes the selection from menuAnisetteURL on appear. UI-only — does not touch the auth/provisioning path.
  • Corrected _install context analysis (gotchas.md). The prior gotcha claimed a "fresh throwaway context" would stop the error-poisoning that can strand a row on the AltBackup 1.0 placeholder. It does not: AppOperationContext.error's setter propagates to the shared authenticatedContext (= group.context, first-error-wins, intentional), so any context poisons group.context identically. The concrete stuck-on-1.0 mechanism is a failed BackupAppOperation(.backup) poisoning group.context so the real reinstall fails fast at InstallAppOperation.swift:34. Left as-is (device-critical, untestable here, and the real lever is a design decision).
  • Registered the fablize plugin in .claude/plugin_index.md.

Audited sound (no change needed)

  • Pipelineperform_install/_refresh/_backup/_activate/_deactivatefinishrun, and the InstallAppOperation worker: finish() fires exactly once on every path, context.error is checked at each operation entry, and the recently merged cert-serial-mismatch guard routes through self.finish(operation, .failure) exactly like the pre-existing appNotFound guard (RefreshGroup lifecycle intact).
  • Anisette — the V3 provisioning WebSocket/HTTP state machine guards its finish paths (provisioningSucceeded flag against the post-success disconnect race, maxProvisioningRetries cap on the -45061 loop); AnisetteManager validates URLs with a safe literal fallback; the server-list URL field is debounced. The didReceive default case intentionally does not finish on an unrecognized result (it waits for the next message — correct for the state machine), so it is not a blind-fixable hang. Dev-only note: "Reset adi.pb" gates the actual keychain clear behind #if !DEBUG; left as-is.

Testing

  • CI Build and upload MiniStore is the compile check. The anisette change is a one-line @State initialization on appear; no auth/provisioning code was touched.

Checklist

  • This branch targets develop (never main)
  • I read the full file(s) before editing and followed the conventions in CLAUDE.md
  • The project builds and existing behavior is preserved
  • UI changes were checked on a device or simulator
  • No secrets, signing identities, or personal data are included in this change

🤖 Generated with Claude Code

Broad audit of the install/refresh/update/backup/restore pipeline (2026-07-03).
Orchestration (perform/_install/_refresh/_backup/_activate/finish/run) and the
InstallAppOperation worker verified sound: finish() fires exactly once on every
path, context.error is checked at each operation entry, and the recently added
cert-serial-mismatch guard in _refresh routes through self.finish(operation,
.failure) exactly like the pre-existing appNotFound guard (RefreshGroup
lifecycle intact).

Correct the _install context-parameter gotcha: the error poisoning of
group.context is via AppOperationContext.error -> authenticatedContext.error
(shared group.context, first-error-wins, intentional) and is identical whether
the placeholder install reuses restoreContext or a fresh context, so the
previously suggested fresh-context fix does not stop it. The concrete
stuck-on-1.0 mechanism is a failed BackupAppOperation poisoning group.context so
the real reinstall fails fast. Left as-is: device-critical, untestable here, and
the real lever is a design question. No blind change.

Register the fablize plugin (fivetaku/fablize) in the plugin index.

https://claude.ai/code/session_01PT8zpkUrgTRaGeKmbvVyNe
Audit follow-up. The anisette server list opened with no row selected, so the
active server (persisted in menuAnisetteURL) showed no checkmark until the user
re-tapped a row. Initialize the list selection from menuAnisetteURL on appear so
the current server is reflected immediately. UI-only — does not touch the auth /
provisioning path.

https://claude.ai/code/session_01PT8zpkUrgTRaGeKmbvVyNe
@The-Big-Mini The-Big-Mini changed the title Pipeline audit: findings + corrected _install context analysis (docs) Pipeline + anisette audit: findings, corrected _install analysis, anisette list fix Jul 3, 2026
github-actions Bot added a commit that referenced this pull request Jul 3, 2026
@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Download the artifacts for this pull request (nightly.link):

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Builds for this Pull Request are available at
MiniStore-0.6.5-pr.57.6153d7a-dSYMs
MiniStore-0.6.5-pr.57.6153d7a
build-logs-0.6.5-pr.57.6153d7a
Have a nice day.

@The-Big-Mini The-Big-Mini merged commit 0439786 into develop Jul 3, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant