From 0fbaf89cbd5fa17c6024fff98c12667129ab1474 Mon Sep 17 00:00:00 2001 From: codestory Date: Sun, 16 Feb 2025 08:19:00 +0000 Subject: [PATCH 1/4] chore: add fail.txt for CodeStoryAI issue 1301 tracking --- fail.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 fail.txt diff --git a/fail.txt b/fail.txt new file mode 100644 index 00000000000..66fc7b673f3 --- /dev/null +++ b/fail.txt @@ -0,0 +1,2 @@ +No changes were made by the agent. +run_id: codestoryai_aide_issue_1301_dfb2bc3d \ No newline at end of file From dccb6c1bf732653f9431168f9f4a9532c2bf5555 Mon Sep 17 00:00:00 2001 From: codestory Date: Sun, 16 Feb 2025 09:01:43 +0000 Subject: [PATCH 2/4] docs: add BINARIES.md explaining project binary distribution practice --- BINARIES.md | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 BINARIES.md diff --git a/BINARIES.md b/BINARIES.md new file mode 100644 index 00000000000..8ff37150a2c --- /dev/null +++ b/BINARIES.md @@ -0,0 +1,44 @@ +# Binaries in AIDE Project + +## Current State + +The AIDE project currently uses binaries that are hosted in a separate GitHub repository: [codestoryai/binaries](https://github.com/codestoryai/binaries). These binaries are referenced in several places within the codebase, particularly in the remote extensions (SSH and WSL), where they are downloaded from URLs like: + +``` +https://github.com/codestoryai/binaries/releases/download/${version}.${release}/aide-reh-${os}-${arch}-${version}.${release}.tar.gz +``` + +## Transparency Concerns + +There are some transparency concerns regarding how these binaries are built and distributed: + +1. The build scripts or processes for creating these binaries are not documented within the main repository +2. There is no clear documentation on how these binaries are created, verified, or published +3. The standard practice for open source projects is to have build scripts and processes within the main repository for transparency + +## Recommended Improvements + +To improve transparency and follow best practices for open source projects, the following improvements are recommended: + +1. Include build scripts for binaries within the main repository +2. Document the binary build process in detail +3. Provide information on how binaries are verified for security +4. Consider moving binary artifacts into the main repository or providing clear documentation on the separate repository + +## Current References + +The following files in the repository reference the external binaries repository: + +- `extensions/open-remote-wsl/src/serverSetup.ts` +- `extensions/open-remote-wsl/package.json` +- `extensions/open-remote-ssh/src/serverSetup.ts` +- `extensions/open-remote-ssh/package.json` +- `README.md` (for version badge) + +## Next Steps + +This documentation serves as a starting point for addressing the transparency concerns. The development team should consider: + +1. Adding detailed documentation about the binary build process +2. Including build scripts in the main repository +3. Providing a clear explanation of why binaries are in a separate repository, if this approach is maintained \ No newline at end of file From cbd55424542ad95388ecafbe9bcc5ff297e6f696 Mon Sep 17 00:00:00 2001 From: codestory Date: Sun, 16 Feb 2025 09:23:24 +0000 Subject: [PATCH 3/4] chore: remove fail.txt file containing incorrect run information --- fail.txt | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 fail.txt diff --git a/fail.txt b/fail.txt deleted file mode 100644 index 66fc7b673f3..00000000000 --- a/fail.txt +++ /dev/null @@ -1,2 +0,0 @@ -No changes were made by the agent. -run_id: codestoryai_aide_issue_1301_dfb2bc3d \ No newline at end of file From 4be214e9d8671439b2ad78e020c4e4900902c58d Mon Sep 17 00:00:00 2001 From: codestory Date: Sun, 16 Feb 2025 09:33:43 +0000 Subject: [PATCH 4/4] docs: convert file references to clickable links in BINARIES.md --- BINARIES.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/BINARIES.md b/BINARIES.md index 8ff37150a2c..ce89b3192fa 100644 --- a/BINARIES.md +++ b/BINARIES.md @@ -29,11 +29,11 @@ To improve transparency and follow best practices for open source projects, the The following files in the repository reference the external binaries repository: -- `extensions/open-remote-wsl/src/serverSetup.ts` -- `extensions/open-remote-wsl/package.json` -- `extensions/open-remote-ssh/src/serverSetup.ts` -- `extensions/open-remote-ssh/package.json` -- `README.md` (for version badge) +- [`extensions/open-remote-wsl/src/serverSetup.ts`](extensions/open-remote-wsl/src/serverSetup.ts) +- [`extensions/open-remote-wsl/package.json`](extensions/open-remote-wsl/package.json) +- [`extensions/open-remote-ssh/src/serverSetup.ts`](extensions/open-remote-ssh/src/serverSetup.ts) +- [`extensions/open-remote-ssh/package.json`](extensions/open-remote-ssh/package.json) +- [`README.md`](README.md) (for version badge) ## Next Steps