-
Notifications
You must be signed in to change notification settings - Fork 0
Update from task dc3a28fd-ec82-4a91-ba68-bd7b992b7fa6 #9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,69 +1,60 @@ | ||
| ``` | ||
| # Python | ||
|
Comment on lines
+1
to
2
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. |
||
| __pycache__/ | ||
| *.py[cod] | ||
| *$py.class | ||
| .pytest_cache/ | ||
| pytest-cache-files-*/ | ||
| .mypy_cache/ | ||
| .ruff_cache/ | ||
| .coverage | ||
| .coverage.* | ||
| htmlcov/ | ||
| .tox/ | ||
| .nox/ | ||
|
|
||
| # Packaging/build artifacts | ||
| *.so | ||
| .Python | ||
| build/ | ||
| develop-eggs/ | ||
| dist/ | ||
| *.egg-info/ | ||
| downloads/ | ||
| eggs/ | ||
| .eggs/ | ||
| lib/ | ||
| lib64/ | ||
| parts/ | ||
| sdist/ | ||
| var/ | ||
| wheels/ | ||
| *.egg-info/ | ||
| .installed.cfg | ||
| *.egg | ||
| MANIFEST | ||
|
|
||
| # Virtual environments | ||
| .venv/ | ||
| venv/ | ||
| # Virtual Environment | ||
| env/ | ||
| venv/ | ||
| ENV/ | ||
| env.bak/ | ||
| venv.bak/ | ||
|
|
||
| # Local secrets and credentials | ||
| .venv/ | ||
| .env | ||
|
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
The new root ignore list only keeps Useful? React with 👍 / 👎. |
||
| .env.* | ||
| !.env.example | ||
| .envrc | ||
| *.pem | ||
| *.key | ||
| *.p12 | ||
| *.pfx | ||
| .huggingface/ | ||
| .cache/huggingface/ | ||
| .hf-upload-cache/ | ||
| .modal.toml | ||
| .netrc | ||
| .pypirc | ||
|
|
||
| # App/runtime outputs | ||
| .gradio/ | ||
| .playwright-mcp/ | ||
| server*.log | ||
| *.log | ||
| outputs/ | ||
| nexus-visual-weaver-command-center*.png | ||
|
|
||
| # Codex/local tool state | ||
| .codex-home/ | ||
| outputs/moodboards/*/.codex-home/ | ||
| # IDE | ||
| .vscode/ | ||
| .idea/ | ||
|
|
||
| # Notebooks/docs build | ||
| .ipynb_checkpoints/ | ||
| docs/_build/ | ||
| site/ | ||
| # Logs | ||
| *.log | ||
| logs/ | ||
|
Comment on lines
+36
to
+38
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
This replacement ignore list omits Useful? React with 👍 / 👎. |
||
|
|
||
| # OS/editor noise | ||
| # OS | ||
| .DS_Store | ||
| Thumbs.db | ||
| .idea/ | ||
| .vscode/ | ||
| tempCodeRunnerFile.py | ||
|
|
||
| # Testing | ||
| .coverage | ||
| htmlcov/ | ||
| .coverage.* | ||
| .cache | ||
| .pytest_cache/ | ||
| .hypothesis/ | ||
|
|
||
| # Security | ||
| ops_audit/build_logs.txt | ||
| ops_audit/run_logs.txt | ||
|
|
||
| # Modal | ||
| .modal/ | ||
| modal_storage/ | ||
|
|
||
| ``` | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| usage: transformers <command> [<args>] | ||
|
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. |
||
|
|
||
| positional arguments: | ||
| {chat,convert,download,env,run,serve,add-new-model-like,add-fast-image-processor} | ||
| transformers command helpers | ||
| convert CLI tool to run convert model from original author | ||
| checkpoints to Transformers PyTorch checkpoints. | ||
| run Run a pipeline through the CLI | ||
| serve CLI tool to run inference requests through REST and | ||
| GraphQL endpoints. | ||
|
|
||
| options: | ||
| -h, --help show this help message and exit | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| language: en-US | ||
| early_access: false | ||
| reviews: | ||
| profile: assertive | ||
| request_changes_workflow: true | ||
| high_level_summary: true | ||
| high_level_summary_instructions: | | ||
| Summarize this PR as work on NEXUS Visual Weaver, a Hugging Face Build Small | ||
| Hackathon Gradio command-center for governed visual creation. Lead with | ||
| user-facing dashboard/workflow impact, then model-governance impact, then | ||
| security/export-gate impact, then verification evidence. | ||
|
|
||
| Preserve these project anchors in summaries when relevant: | ||
| - FLUX.2 is the pinned image-generation lane. | ||
| - NVIDIA LocateAnything-3B is the pinned grounding lane. | ||
| - ST3GG is the always-on security/export gate. | ||
| - Adult Mode must remain opt-in and must not disable provenance, consent, | ||
| age, export, dataset-partition, or ST3GG gates. | ||
| - ModelRelay/GMR helper rotation is quota-aware and only applies to helper | ||
| lanes, not pinned core lanes. | ||
|
|
||
| Avoid marketing filler, poems, exaggerated claims, or claims that provider | ||
| calls actually ran unless tests or logs prove it. Distinguish implemented | ||
| runtime behavior from dry-run preview surfaces and planning scaffolds. | ||
| poem: false | ||
| review_status: true | ||
| collapse_walkthrough: false | ||
| path_filters: | ||
| - "!outputs/**" | ||
| - "!**/__pycache__/**" | ||
| - "!pytest-cache-files-*/**" | ||
| path_instructions: | ||
| - path: "src/nexus_visual_weaver/**" | ||
| instructions: "Focus on Gradio runtime correctness, defensive security gates, model-lane governance, parameter-budget logic, and test coverage for fallback behavior." | ||
| - path: "app.py" | ||
| instructions: "Check that UI callbacks update the intended regions, never leak secrets, and keep Adult Mode security gates active." | ||
| - path: "tests/**" | ||
| instructions: "Prefer focused regression tests for workflow routing, ST3GG evidence, catalog filtering, and ModelRelay quota behavior." | ||
| chat: | ||
| auto_reply: true |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| # Copy to .env locally or configure these as Hugging Face Space secrets. | ||
| # Never commit real values. | ||
|
|
||
| HF_TOKEN= | ||
| MODAL_TOKEN_ID= | ||
| MODAL_TOKEN_SECRET= | ||
| OPENAI_API_KEY= | ||
| NEXUS_PORT=7860 | ||
|
|
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| * text=auto eol=lf | ||
| *.py text eol=lf | ||
| *.md text eol=lf | ||
| *.yml text eol=lf | ||
| *.yaml text eol=lf | ||
| *.json text eol=lf | ||
| *.png binary | ||
| *.jpg binary | ||
| *.jpeg binary | ||
| *.webp binary | ||
|
|
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| * @specimba | ||
|
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. WARNING: CODEOWNERS file is nested and will not be applied. GitHub CODEOWNERS must live at repository root
|
||
|
|
||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| ## What Changed | ||
| - | ||
|
|
||
| ## Why | ||
| - | ||
|
|
||
| ## Safety Gates | ||
| - [ ] No secrets, tokens, generated auth folders, or provider credentials are committed. | ||
| - [ ] Adult catalog behavior remains opt-in and does not disable ST3GG, consent, provenance, export, or dataset gates. | ||
| - [ ] Pinned lanes remain pinned: FLUX.2 image generation, LocateAnything grounding, ST3GG security. | ||
| - [ ] Generated outputs, moodboards, logs, caches, and local previews stay untracked. | ||
|
|
||
| ## Verification | ||
| - [ ] `python -m compileall app.py src tests` | ||
| - [ ] `python -m pytest -q tests -p no:cacheprovider --basetemp=C:\tmp\pytest-nvw-full` | ||
|
|
||
| ## Screenshots / Notes | ||
| - | ||
|
|
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| name: CI | ||
|
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. CRITICAL: GitHub Actions workflow is nested and will not run. GitHub only discovers workflows under the repository-root
|
||
|
|
||
| on: | ||
| pull_request: | ||
| push: | ||
| branches: | ||
| - main | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| jobs: | ||
| test: | ||
| name: Python tests | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Set up Python | ||
| uses: actions/setup-python@v5 | ||
| with: | ||
| python-version: "3.11" | ||
| cache: pip | ||
|
|
||
| - name: Install dependencies | ||
| run: | | ||
| python -m pip install --upgrade pip | ||
| python -m pip install -r requirements.txt | ||
|
|
||
| - name: Compile | ||
| run: python -m compileall app.py src tests | ||
|
|
||
| - name: Import app | ||
| env: | ||
| NEXUS_DISABLE_REAL_HF: "1" | ||
| run: python -c "import app; print('app import ok')" | ||
|
|
||
| - name: Test | ||
| env: | ||
| NEXUS_DISABLE_REAL_HF: "1" | ||
| PYTEST_DISABLE_PLUGIN_AUTOLOAD: "1" | ||
| run: python -m pytest -q tests -p no:cacheprovider | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,69 @@ | ||
| # Python | ||
| __pycache__/ | ||
| *.py[cod] | ||
| *$py.class | ||
| .pytest_cache/ | ||
| pytest-cache-files-*/ | ||
| .mypy_cache/ | ||
| .ruff_cache/ | ||
| .coverage | ||
| .coverage.* | ||
| htmlcov/ | ||
| .tox/ | ||
| .nox/ | ||
|
|
||
| # Packaging/build artifacts | ||
| build/ | ||
| dist/ | ||
| *.egg-info/ | ||
| .eggs/ | ||
| *.egg | ||
| MANIFEST | ||
|
|
||
| # Virtual environments | ||
| .venv/ | ||
| venv/ | ||
| env/ | ||
| ENV/ | ||
| env.bak/ | ||
| venv.bak/ | ||
|
|
||
| # Local secrets and credentials | ||
| .env | ||
| .env.* | ||
| !.env.example | ||
| .envrc | ||
| *.pem | ||
| *.key | ||
| *.p12 | ||
| *.pfx | ||
| .huggingface/ | ||
| .cache/huggingface/ | ||
| .hf-upload-cache/ | ||
| .modal.toml | ||
| .netrc | ||
| .pypirc | ||
|
|
||
| # App/runtime outputs | ||
| .gradio/ | ||
| .playwright-mcp/ | ||
| server*.log | ||
| *.log | ||
| outputs/ | ||
| nexus-visual-weaver-command-center*.png | ||
|
|
||
| # Codex/local tool state | ||
| .codex-home/ | ||
| outputs/moodboards/*/.codex-home/ | ||
|
|
||
| # Notebooks/docs build | ||
| .ipynb_checkpoints/ | ||
| docs/_build/ | ||
| site/ | ||
|
|
||
| # OS/editor noise | ||
| .DS_Store | ||
| Thumbs.db | ||
| .idea/ | ||
| .vscode/ | ||
| tempCodeRunnerFile.py |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| # AGENTS.md | ||
|
|
||
| ## Operating Rules | ||
|
|
||
| - Keep changes scoped and verifiable. | ||
| - Prefer focused tests over broad, slow runs. | ||
| - Do not launch long-running local servers unless the user asks for visual validation. | ||
| - Do not commit generated outputs, local logs, caches, preview artifacts, or credentials. | ||
| - Use Hugging Face Space secrets and local `.env` files for provider credentials. | ||
| - Preserve the pinned lanes unless the user explicitly approves a model-governance change: | ||
| - FLUX.2 for image generation | ||
| - LocateAnything-3B for grounding | ||
| - ST3GG for security/export review | ||
|
|
||
| ## Verification | ||
|
|
||
| Use these gates before claiming completion: | ||
|
|
||
| ```powershell | ||
| python -m compileall app.py src tests | ||
| $env:PYTEST_DISABLE_PLUGIN_AUTOLOAD='1' | ||
| python -m pytest -q tests -p no:cacheprovider --basetemp=C:\tmp\pytest-nvw-full | ||
| ``` | ||
|
|
||
| ## Review Focus | ||
|
|
||
| - Gradio callback wiring and region updates. | ||
| - Adult Mode starts off and never disables safety gates. | ||
| - ModelRelay respects parameter, license, quota, cooldown, and pinned-lane rules. | ||
| - ST3GG scan results do not expose payload bytes or raw hidden content. | ||
|
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CRITICAL:
.gitignoreis wrapped in fenced code block markers.The opening ``` on line 1 (and the closing marker at EOF) makes ignore patterns literal, so entries such as
.env, `env/`, `.huggingface/`, and cache files may not be ignored. Combined with the removed `.env.*`, `.envrc`, `.pem`, `.key`, and provider credential patterns, this can allow secrets or runtime artifacts to be committed.Reply with
@kilocode-bot fix itto have Kilo Code address this issue.