merge(478): WebSocket CRDT sync layer (manual squash from feature/story-478)

Manual squash-merge of feature/story-478_… into master after the in-pipeline
mergemaster runs failed silently. The 478 agent did substantial real work
across multiple respawn cycles before being interrupted; commits on the
feature branch were intact and verified high-quality but never merged via
the normal pipeline path due to compounding bugs:

- The first mergemaster attempt ran ($0.82 in tokens) and exited "Done"
  cleanly but didn't push anything to master — likely the worktree was
  briefly on master rather than the feature branch when the merge_agent_work
  MCP tool ran, so it found nothing to merge.
- Subsequent timer fires defaulted to spawning coders instead of resuming
  mergemaster, burning more tokens for no progress.
- Bug 510 (split-brain shadows yanking done stories back to current) and
  bug 501 (timers don't cancel on stop/completion) compounded the cost.

What this commit lands:
- server/src/crdt_sync.rs (new, ~518 lines): GET /crdt-sync WebSocket
  handler that subscribes to locally-applied SignedOps and streams them as
  binary frames. Per-peer bounded queue (256 ops) drops slow peers.
- server/src/crdt_state.rs: new public functions subscribe_ops(),
  all_ops_json(), apply_remote_op() backing the sync handler. Adds the
  CRDT_OP_TX broadcast channel (capacity 1024).
- server/src/main.rs: wires up the sync subsystem at startup.
- server/src/http/mod.rs: registers the new endpoint.
- server/src/config.rs: adds optional rendezvous field for outbound peers.
- server/src/worktree.rs: minor changes from the original branch.
- server/Cargo.toml: cfg lint suppression for CrdtNode derive.
- crates/bft-json-crdt/src/debug.rs: fix unused-variable warnings.

Resolved a trivial test-mod merge conflict in crdt_state.rs (both 478 and
503 added new tests at the end of the test module — kept both sets).

Note: this is the squash of the original 478 work that the user explicitly
authorized landing. The earlier rogue commit ac9f3ecf — which added a
DIFFERENT, broken implementation of the same feature directly to master
under the user's identity without consent — was reverted earlier in this
session. The forensic tags rogue-commit-2026-04-09-ac9f3ecf and
pre-502-reset-2026-04-09 still exist for incident audit.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

This commit is contained in:

Timmy

2026-04-09 19:46:29 +01:00

parent 41515e3b8f

commit 5765fb57be

8 changed files with 754 additions and 11 deletions

									
										server/src/main.rs
									
		+9
		
												View File
												
				@@ -7,6 +7,7 @@ mod agents;

				mod chat;

				mod config;

				pub mod crdt_state;

				pub mod crdt_sync;

				mod db;

				mod http;

				mod io;

				@@ -312,6 +313,14 @@ async fn main() -> Result<(), std::io::Error> {

				    // (CRDT state layer is initialised above alongside the legacy pipeline.db.)

				    // Start the CRDT sync rendezvous client if configured in project.toml.

				    if let Some(ref root) = *app_state.project_root.lock().unwrap()

				        && let Ok(cfg) = config::ProjectConfig::load(root)

				        && let Some(rendezvous_url) = cfg.rendezvous

				    {

				        crdt_sync::spawn_rendezvous_client(rendezvous_url);

				    }

				    let workflow = Arc::new(std::sync::Mutex::new(WorkflowState::default()));

				    // Event bus: broadcast channel for pipeline lifecycle events.