Based on deep analysis of leading autonomous coding agents (Devin, AutoGPT, Aider, MetaGPT), iterate has excellent safety architecture but needs operational maturity. This plan addresses critical gaps.
Priority: CRITICAL
- Current Issue: Evolution makes code changes without tests
- Solution: Add requirement that every code fix must include tests
- Implementation:
- Update
internal/evolution/prompts.goto require test generation - Add
hasTestChanges()verification likehasCodeChanges() - Fail evolution if tests not included
- Update
Priority: CRITICAL
- Current Issue: PR #16 merged with critical bugs (files closed before use)
- Solution: Human-in-the-loop or enhanced AI review
- Implementation:
- Add
REQUIRE_HUMAN_APPROVALflag for code changes - Or improve AI review to catch obvious bugs
- Block merge if review finds issues
- Add
Priority: CRITICAL
- Fix
features.gobugs introduced by evolution #16 - Verify all current code works
Priority: HIGH
- Current Issue: Tests run in same environment (dangerous)
- Solution: Docker-based test isolation
- Implementation:
- Create
Dockerfile.test - Run
go testin container - Mount repo as read-only, copy for writing
- Create
Priority: HIGH
- Learn from Aider: "Write test first"
- Implementation:
- Add skill:
/test-firstworkflow - Prompt: "Write test that fails → Fix code → Verify test passes"
- Track test files created vs code files modified
- Add skill:
Priority: MEDIUM
- Track coverage per evolution
- Fail if coverage drops
- Store in
memory/coverage_history.jsonl
Priority: HIGH
- Why: Industry standard for evaluating coding agents
- Devin scored 13.86%, iterate should measure baseline
- Implementation:
- Add
scripts/benchmark/swe_bench.py - Run on subset of GitHub issues
- Track success rate over time
- Add
Priority: MEDIUM
- Create synthetic bugs in test repo
- See if evolution can fix them
- Track metrics: bug detection rate, fix success rate, test quality
Priority: LOW
- Add metrics to health dashboard:
- Evolution success rate
- Bug detection rate
- Test coverage trend
- SWE-bench score
Priority: HIGH
- Learn from Aider: Map entire repo for context
- Implementation:
- Create
internal/analysis/repo_map.go - Build tree of files, functions, types
- Provide to agent for better context
- Create
Priority: MEDIUM
- Run
go vet,staticcheck,gosecon all changes - Block merge if issues found
- Auto-fix where possible
Priority: MEDIUM
- Create specialized review agent
- Check for common bugs:
- defer in loops
- ignored errors
- nil pointer risks
- resource leaks
Priority: MEDIUM
- Learn from MetaGPT: Separate roles
- Roles:
- Planner: Analyzes codebase, plans fix
- Implementer: Writes code
- Tester: Writes tests
- Reviewer: Reviews code
Priority: MEDIUM
- Agents review each other's work
- Block if reviewer finds issues
- Consensus required for merge
Priority: LOW
- Bug-finder agent (analyzes only)
- Test-writer agent
- Documentation agent
- Performance agent
Priority: MEDIUM
- Track common failure modes
- Update prompts to avoid them
- Example: "Remember to close files AFTER use, not before"
Priority: LOW
- Learn from other Go repos
- Import common patterns
- Avoid common anti-patterns
Priority: MEDIUM
- Before evolution: Check past failures
- Update plan based on learnings
- Don't repeat mistakes
- No code changes without tests
- No critical bugs merged
- All current bugs fixed
- Tests run in Docker container
- Test-first workflow working
- Coverage tracked per evolution
- SWE-bench Lite running
- Baseline score established
- Performance dashboard live
- Repo map generated
- Static analysis passing
- Review agent catching bugs
- Multi-agent roles working
- Cross-review implemented
- Fewer bugs in output
- Learning from failures
- Not repeating mistakes
- Improved success rate
- ✅ Fix features.go bugs (DONE)
- Add mandatory test generation
- Add human approval gate for code changes
- Docker-based test sandbox
- Test-first workflow
- Coverage tracking
- SWE-bench integration
- Self-benchmarking
- Performance dashboard
- Repo mapping
- Static analysis
- Review agent
- Multi-agent architecture
- Learning systems
Mitigation:
- Protected files (already implemented)
- Mandatory tests (Phase 1)
- Sandboxed testing (Phase 2)
- Human approval (Phase 1)
Mitigation:
- Static analysis (Phase 4)
- Code review agent (Phase 4)
- SWE-bench validation (Phase 3)
Mitigation:
- Multi-agent parallelism (Phase 5)
- Caching (already implemented)
- Incremental improvements
This roadmap transforms iterate from "safety-first but buggy" to "safety-first AND reliable". The key is Phase 1 - without mandatory tests and human approval, we risk more buggy code like PR #16.
Start with Phase 1 immediately.