S5 Rule: When instructions come from 冰朔 (TCS-0002) or are signed by
trusted signers (AG-SY-01/TCS-0002/ICE-0002) with ZY- prefix,
deployment goes directly to production bypassing preview/SkyEye/approval.
- Add isDirectDeploySource() in autonomy-engine.js (single source of truth)
- Add direct-deploy bypass in approval.js POST /request endpoint
- Add directDeployRule config in autonomy-rules.json
- Add deploy audit log (deploy-YYYY-MM-DD.jsonl) for traceability
- Developer (Level 0-2) changes still follow full S2 approval flow
- Fix watchdog for-of destructuring to match codebase var style
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/6ee737eb-684b-44b8-aeaa-f73eb7c6f9c2
- Remove hardcoded '90+ processes' in cancel message (use generic wording)
- Extract LOCK_RELEASE_DELAY_MS constant in atomic-executor.js
- Use array destructuring in watchdog for-of loop
- Use role-based reference in checkpoint escalation message
- Ensure next() is called in blockCancellation when not intercepting
Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com>
Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/6ee737eb-684b-44b8-aeaa-f73eb7c6f9c2