Gap
The cheatcode pipeline (epic #656, ADR docs/architecture/CHEATCODES.md) is acquisition-only: discover (#657, shipped) → vet (#658) → install (#659) → hot-load (#660). There is no teardown stage — nothing removes an installed cheatcode. Surfaced by Human review of #671.
Why it matters
Once #659 (install) records an install in the trajectory DB and lands files, there must be a reversible path. Without it, "uninstall" is undefined: the install record orphans, files linger, and any agent wiring (see sibling issue) stays dangling.
Scope to design (ADR addendum, before code)
A cheatcode_uninstall composite + its invariants:
- Remove the install record from the trajectory DB (and emit a teardown audit row — mechanism 4).
- Remove/disable the installed artifact via the marketplace/plugin uninstall path (no manual file deletion).
- Un-wire any agent attachment created at hot-load (depends on the agent-attachment design — sibling issue).
- Human-triggered or bro-proposed; decide whether uninstall needs an approval gate like install does.
- Idempotent + safe if partially installed.
Acceptance
- ADR addendum defines the teardown contract + which DETERMINISM mechanism each step lands in.
- L2/L3/L5 test mandate mirrors the other stages.
Refs: epic #656; blocks clean lifecycle for #659/#660. Milestone v0.10.0.
Gap
The cheatcode pipeline (epic #656, ADR docs/architecture/CHEATCODES.md) is acquisition-only: discover (#657, shipped) → vet (#658) → install (#659) → hot-load (#660). There is no teardown stage — nothing removes an installed cheatcode. Surfaced by Human review of #671.
Why it matters
Once #659 (install) records an install in the trajectory DB and lands files, there must be a reversible path. Without it, "uninstall" is undefined: the install record orphans, files linger, and any agent wiring (see sibling issue) stays dangling.
Scope to design (ADR addendum, before code)
A
cheatcode_uninstallcomposite + its invariants:Acceptance
Refs: epic #656; blocks clean lifecycle for #659/#660. Milestone v0.10.0.