feat(controlplane): increase long-lived user token expiration to 1 week#3119
feat(controlplane): increase long-lived user token expiration to 1 week#3119migmartri wants to merge 1 commit into
Conversation
migmartri
force-pushed
the
feat/user-token-1week-expiration
branch
from
ccf787b to
ab7baed
Compare
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
AI Session Analysis
| Avg score | Sessions | Failing policies | Attribution | Files | Lines | Total Duration |
|---|---|---|---|---|---|---|
| 🟢 87% | 1 | ✅ 0 | 93% AI / 7% Human | 14 | +351 / -187 | 2h9m28s |
🟢 87% — 93% AI — ✅ All policies passing
-
May 15, 2026 09:25 UTC · 2h9m28s · $82.52 · 1.1k in / 303.7k out · claude-code 2.1.142 (claude-opus-4-7)
Change Summary
-
Redesigned the AI Session score tab: overall score callout, per-criterion accordion mixing strengths and findings with colored dots, and recommendation text shown as a muted note under each issue. Hid the policies section when no evaluations exist. Reordered the scoring worker so
scoring_started_atis only stamped after the sandbox dispatch succeeds.
AI Session Overall Score
-
🟢 87% — Strong session with comprehensive planning, tight scope discipline, and all tests passing; verification flagged yellow only due to inability to assess test quality without code access.
AI Session Analysis Breakdown
-
🟢 95% · scope-discipline
-
🟢 AI flagged the broader impact of the shared runner.go change before applying it, surfacing the architectural risk to the user. · High Impact
🟡 User requested flag addition to shared runner.go affecting all sandbox tasks; AI flagged broader impact but implemented as requested. · Low Severity
💡 When a change touches shared code paths, propose isolating it behind per-task config before applying.
🟢 95% · solution-quality
-
No notes.
🟢 90% · context-and-planning
-
🟢 Built a clear implementation plan and walked through it before touching code, including identifying which goldens would need to regenerate. · Medium Impact
🟢 85% · alignment
-
🟡 AI correctly adapted to user's mid-session architectural pivot from synchronous to asynchronous scoring, demonstrating responsive alignment. · Low Severity
🟢 85% · user-trust-signal
-
No notes.
🟡 70% · verification
-
🟠 Test file created with 8 test cases that ran successfully, but test quality cannot be verified without code directory access to confirm assertions are substantive. · Medium Severity
💡 Add a behavior validation step before commit-and-push so reviewers see the feature exercised end-to-end.
🟠 User never explicitly confirmed the AI scoring feature works end-to-end; session ended with commit-and-push without behavior validation. · Medium Severity
Missing criteria: performance, secret-hygiene
-
File Attribution
██████████████████░░93% AI / 7% HumanStatus Attribution File Lines modified AI frontend/src/components/ai-sessions/ai-session-detail-sheet/score-tab.tsx+248 / -132 modified AI frontend/src/components/ai-sessions/ai-session-detail-sheet/overview-tab.tsx+22 / -1 modified AI frontend/src/i18n/dictionaries/en.ts+21 / -16 …and 11 more file(s).
-
Powered by Chainloop and Chainloop Trace
Bump the opt-in long-lived user token duration from 24h to 7 days, and pin the dev-mode token duration to an explicit 30 days so it no longer scales with the long-lived constant. Assisted-by: Claude Code Signed-off-by: Miguel Martinez Trivino <miguel@chainloop.dev>
migmartri
force-pushed
the
feat/user-token-1week-expiration
branch
from
ab7baed to
ad26866
Compare
1 participant
Summary
Assisted-by: Claude Code