Incomex AI Portal
KB-1B71

B3-F1c-g dot-dot-health Scheduler Repair — PATCH Artifact

8 min read Revision 1
dieu44p3dbirthb3f1c-gdot-dot-healthpatchscheduler-repaircompile-only

B3-F1c-g dot-dot-health Scheduler Repair — PATCH Artifact

Mode: COMPILE PATCH ONLY (no execution, no file modification, no cron change, no PG mutation) Target file: web-test/dot/bin/dot-dot-health (v1.0.0, 301 lines) Companion rollback: p3d-birth-b3f1c-g-dot-dot-health-scheduler-repair-rollback.md Companion report: p3d-birth-b3f1c-g-dot-dot-health-scheduler-repair-patch-report.md Status: PATCH COMPILED — pending GPT review, NOT applied

1. Repair Decision

Recommended option: ADD_LOCAL_NOOP_FLAG

Per B3-MAINLINE-RESUME §3.7, multiple DOT scripts use --local in root cron. Removing --local from this single cron line would diverge from the established DOT scheduler convention. Adding --local (and --cloud for symmetry) as accepted no-op flags in the script's inline arg loop is:

  • Minimal — 2 added lines, no logic change.
  • Backward-compatible — restores documented Usage: dot-dot-health [--cloud|--local] (script header line 21, 49) which was not enforced in the parse loop.
  • Convention-preserving — leaves all DOT cron entries untouched.
  • Defensive — works whether the prod copy has a strict default reject or not.

Rejected alternatives:

Option Rejected because
REMOVE_LOCAL_FROM_CRON Diverges from §3.7 multi-DOT convention; only patches one symptom, not the parse-loop gap.
BOTH_STAGED Unnecessary — ADD_LOCAL_NOOP_FLAG alone closes the defect, and cron is the source of operational convention we want to keep stable.

2. Patch Scope

Two surgical changes, both in web-test/dot/bin/dot-dot-health:

# Change Lines Risk
1 Accept --local and --cloud as no-op cases in the inline arg loop 96-100 None (no-op match)
2 Wrap main "$@" in safe source guard 300 None (preserves direct-exec, prevents source-time mutation)

Both hunks are independently revertible (see rollback artifact).

3. Unified Diff

--- a/web-test/dot/bin/dot-dot-health
+++ b/web-test/dot/bin/dot-dot-health
@@ -95,7 +95,8 @@ log_system_issue() {
 main() {
   for arg in "$@"; do
     case "$arg" in
-      --help|-h) show_help; exit 0 ;;
+      --help|-h)        show_help; exit 0 ;;
+      --local|--cloud)  : ;;  # no-op: environment flag consumed by init_environment
     esac
   done
 
@@ -297,4 +298,6 @@ main() {
   echo "========================================="
 }
 
-main "$@"
+if [[ "${BASH_SOURCE[0]}" == "$0" ]]; then
+  main "$@"
+fi

4. Hunk Detail (annotated)

Hunk 1 — parse_args fix (line 96-100)

Before:

  for arg in "$@"; do
    case "$arg" in
      --help|-h) show_help; exit 0 ;;
    esac
  done

After:

  for arg in "$@"; do
    case "$arg" in
      --help|-h)        show_help; exit 0 ;;
      --local|--cloud)  : ;;  # no-op: environment flag consumed by init_environment
    esac
  done

Rationale:

  • init_environment (environment.sh:249-255) already parses --local|--cloud from "$@", so the script-level case only needs to accept (no-op) the flag — it must NOT re-implement env selection.
  • : is the bash null builtin — semantically the cleanest no-op.
  • Comment is one-line and documents the why (which is non-obvious: the flag is consumed elsewhere, not here).

Hunk 2 — safe source guard (line 300)

Before:

main "$@"

After:

if [[ "${BASH_SOURCE[0]}" == "$0" ]]; then
  main "$@"
fi

Rationale:

  • Prevents accidental system_issues INSERTs / APR POSTs if another script does source dot-dot-health for helper reuse (e.g., run_pg, log_system_issue).
  • BASH_SOURCE[0] == $0 is the canonical bash idiom — true only when executed directly, false when sourced.
  • Zero behavior change for the documented invocation path (dot-dot-health --local, dot-dot-health --cloud, dot-dot-health --help, dot-dot-health bare).

5. Verification Plan (NON-MUTATING ONLY)

All checks are proven non-mutating. No PG writes, no HTTP POST, no system_issues INSERT, no APR create.

V1 — Syntax check

bash -n /path/to/dot-dot-health
# Expected: exit 0, no output

Proof of non-mutation: bash -n parses only, never executes.

V2 — Static parse_args inspection

grep -nE '^\s*--' /path/to/dot-dot-health | grep -E 'local|cloud|help'
# Expected: 3 matching lines (--help|-h, --local|--cloud, plus possibly help-text usage)

Proof of non-mutation: grep is read-only.

V3 — Safe source guard inspection

grep -nE 'BASH_SOURCE\[0\].*\$0|^main "\$@"' /path/to/dot-dot-health
# Expected: BASH_SOURCE guard line present, bare `main "$@"` absent

Proof of non-mutation: grep is read-only.

V4 — --help invocation (proven non-mutating)

/path/to/dot-dot-health --help
# Expected: prints usage banner, exits 0

Proof of non-mutation:

  • In main(), the help arg loop (lines 96-100) runs BEFORE init_environment, BEFORE dot-auth, BEFORE any run_pg / log_system_issue / curl POST.
  • --help matches --help|-h)show_help; exit 0 — terminates before any side-effecting call.
  • show_help only writes to stdout via cat << EOF heredoc and calls show_environment_help (which by source/header is also stdout-only).
  • No run_pg, run_remote, log_system_issue, or curl is reachable on this path.

V5 (EXCLUDED) — bare execution / "dry-run"

Not safe. The script has no --dry-run flag. Bare invocation runs all 9 checks, calls log_system_issue (POST /items/system_issues) and Check 2 also POSTs to /items/approval_requests. Excluded from verification plan.

6. Apply Procedure (for reviewer, NOT to be run by drafter)

# On VPS, after GPT approval:
cd /opt/incomex/dot
# 1. Backup the live script:
cp bin/dot-dot-health bin/dot-dot-health.bak.b3f1c-g.$(date -u +%Y%m%dT%H%M%SZ)
# 2. Apply patch (the two hunks above).
# 3. Run verification V1-V4 in order.
# 4. Wait for next cron tick (or trigger manually if explicitly authorized).

7. Caveats / Open Questions for GPT Review

  1. VPS divergence risk — This patch was compiled against the local clone web-test/dot/bin/dot-dot-health (v1.0.0, 301 lines). The reported parse_args rejects --local symptom is NOT reproducible against this local copy (the inline for arg loop has no default reject; init_environment accepts --local|--cloud). The VPS copy may have diverged with a stricter default case. Reviewer should diff VPS /opt/incomex/dot/bin/dot-dot-health vs. this artifact before applying. Hunk 1 is still safe and correct regardless.

  2. Cron line unchanged — Per the §3.7 convention guidance, cron is NOT touched. If diff reveals the VPS already calls --local correctly and the real failure was elsewhere (e.g., init_environment env var resolution under root cron's minimal PATH), Hunk 1 still does no harm.

  3. init_environment "$@" and print_environment_banner "$@" re-receive --local — Already handled (environment.sh:249-255). No change needed there.

  4. dot-auth "$@" (line 112) — Also receives --local if no DOT_TOKEN is set. Out-of-scope for this patch; assumed working (separate session if it isn't).

  5. agent incident note — User flagged that main "$@" can mutate system_issues. Hunk 2 (safe source guard) directly addresses this for the source-time case. Direct-exec mutation is by design and untouched.

8. Status

b3f1c_g_patch_compile_status=PASS
recommended_repair_option=ADD_LOCAL_NOOP_FLAG
safe_source_guard_included=true
patch_compiled=true
execution_allowed=false
next_recommended_action=GPT_REVIEW_PATCH_ARTIFACT
Back to Knowledge Hub knowledge/dev/laws/dieu44-trien-khai/artifacts/p3d-birth-b3f1c-g-dot-dot-health-scheduler-repair-patch.md