Ragnor Comerford a7109d5fba MR-771: address PR review feedback ... Three fixes from automated PR review on #65: 1. Internal-branch guard in mutation/load (Cursor Bugbot, Medium). Pre-MR-771 the begin_run path called ensure_public_branch_ref; the direct-publish replacements only normalized the name. A caller passing __run__* or __schema_apply_lock__ verbatim could write directly to a system branch. Re-add the explicit guard at the public write boundary in mutate_with_current_actor and load. 2. Panic-safe coordinator restoration (Cursor Bugbot, High). The previous swap-and-restore pattern would skip restore_coordinator if execute_named_mutation panicked, leaving the handle pinned to the wrong branch indefinitely. Replace with a CoordinatorRestoreGuard RAII type that captures the previous coordinator on swap and restores it in Drop. 3. Flaky cancel-safety test (cubic, P2). tests/runs.rs::cancelled_mutation_future_leaves_no_state asserted manifest version equality after handle.abort(), but abort races the spawned task. Re-frame around what actually defines cancel safety: no __run__* branches, no _graph_runs.lance, no synthesized public branches. The fourth comment (Codex P1: branch_delete losing its in-flight write barrier) is bigger in scope — fits in the MR-794 storage-trait staging story rather than a hotfix here. Tracked there. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>		2026-04-30 15:17:00 +02:00
..
omnigraph	MR-771: address PR review feedback	2026-04-30 15:17:00 +02:00
omnigraph-cli	MR-771: demote Run to direct-publish via expected_table_versions CAS	2026-04-30 08:52:50 +02:00
omnigraph-compiler	Parallel per-type load writes + omnigraph optimize/cleanup CLI (#46)	2026-04-25 14:22:14 +03:00
omnigraph-server	MR-771: demote Run to direct-publish via expected_table_versions CAS	2026-04-30 08:52:50 +02:00