Harden mneme-check package install step
Engineering guardrails for AI coding agents
Brought to you by:
mnemehq
Originally created by: TheoV823
The mneme-check GitHub Actions workflow installs the local Mneme package before running governance checks:
- name: Install local mneme package
run: pip install -e mneme-project-memory
If this step fails due to a transient network, PyPI, resolver, or environment issue, the workflow fails before Mneme can run. That makes it hard to distinguish a real governance verdict from CI setup failure.
Make the install step more robust while keeping failures visible.
Possible approach:
pip install -e mneme-project-memory in a small retry loop.Small CI reliability improvement. Separate from product/core retrieval scoping.
Originally posted by: TheoV823
Additional CI hardening case found from PR [#43] failure emails.
The package install step succeeded. The job failed earlier than Mneme execution during
Compute changed files (filtered):So this was not a Mneme verdict failure and not a pip install failure. The workflow checked out a PR merge ref and then attempted:
but the shallow/ref state did not provide a valid merge base.
Suggested fix options:
github.event.pull_request.base.shagithub.event.pull_request.head.shaThis fits the same issue because it is workflow hardening around distinguishing CI setup failures from actual Mneme governance outcomes.
Related
Tickets:
#43Originally posted by: TheoV823
Additional CI reporting issue found from PR [#50].
The workflow completed successfully, but the sticky comment showed every checked file as
UNKNOWN:This is misleading because
UNKNOWNis not counted in the summary totals, and the workflow currently only includes command output details forWARNorFAILverdicts. If the CLI errors, crashes, or emits output without aResult:line, the PR comment hides the underlying error and presents a successful run with 0/0/0 totals.Suggested workflow hardening:
unknowncounter.UNKNOWNin the summary, e.g.0 pass, 0 warn, 0 fail, 65 unknown.UNKNOWN, not onlyWARN/FAIL, so CLI stderr/stdout is visible.UNKNOWNresult a workflow failure or at least a clearly markedgovernance-not-run/invalid-outputstate.Result:cannot be parsed.This fits [#45] because it is another case where CI setup/reporting hides whether Mneme actually ran and produced a valid governance verdict.
Related
Tickets: #45
Tickets:
#50Originally posted by: TheoV823
Root cause confirmed as an undeclared PyYAML runtime dependency in
mneme-project-memory/pyproject.toml, not an install-step hardening problem.mneme/adr_parser.pydoes a top-levelimport yaml. PyYAML was missing from[project.dependencies], so on a fresh CI runnerpip install -e mneme-project-memorysucceeded butpython -m mneme.clicrashed at import time withModuleNotFoundError: No module named 'yaml'. The CLI never reachedcheck_prompt, never printedResult:, and the workflow defaulted every file to UNKNOWN. Local dev environments masked the gap because PyYAML was installed as a transitive of unrelated tools.Diagnosable because PR [#102] surfaced UNKNOWN verdicts with raw CLI output in the sticky PR comment. Without that visibility the failure looked like a clean
0 pass, 0 warn, 0 failsummary.Fixed in PR [#124] (squash
4e9fe1f). One-line declarative change; no code paths, governance, benchmark, retrieval, or CLI semantics touched. Verified in a clean venv before merge: install brings in PyYAML 6.0.3,mneme.cli --helpexits 0, andmneme check --mode warnagainst a real in-scope file emits a properResult:line.The next in-scope PR after [#124] will be the in-the-wild confirmation — UNKNOWN should drop to 0.
Related
Tickets:
#102Tickets:
#124