Revert "Lpcox/print failed container logs"

[lpcox]

Reverts #613

[Copilot]

Pull request overview

Reverts prior DIFC/WASM-guard and container stderr logging changes (per PR metadata, revert of gh-aw-mcpg#613), resulting in removal of the WASM guard subsystem and DIFC config/CLI extensions and restoring stricter “sys___init required” behavior when DIFC is enabled.

Changes:

• Removes WASM guard runtime/loader, guard SDK/examples, echo/sample guards, and related integration tests/scripts.
• Simplifies DIFC wiring in the unified server (noop guards only, removes DIFC filter behavior, reintroduces “sys___init required” session semantics when DIFC enabled).
• Drops DIFC-related config schema extensions and CLI flags/envs; removes wazero dependency.

Reviewed changes

Copilot reviewed 49 out of 53 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
test/integration/wasm_guard_test.go	Deletes WASM guard integration tests.
test/integration/echo_guard_test.go	Deletes echo guard integration tests.
scripts/rebase-github-difc.sh	Removes DIFC branch rebase helper script.
scripts/echo-guard-demo.sh	Removes echo-guard demo script.
internal/server/unified_test.go	Updates session/DIFC expectations; removes filtering-related test.
internal/server/unified.go	Removes guard loading/config support, difcFilter logic; changes session requirements and label accumulation behavior.
internal/mcp/connection.go	Reverts stderr capture/logging for failed backend/container startup.
internal/guard/wasm.go	Deletes WASM guard implementation (wazero-based).
internal/guard/loader_test.go	Deletes guard loader tests (URL/path/cache/checksum).
internal/guard/loader.go	Deletes WASM guard loader/downloader and cache/checksum support.
internal/guard/guard_test.go	Removes agent-id fallback-to-session-id tests.
internal/guard/context.go	Removes session-id fallback from agent-id lookup and drops internal/mcp dependency.
internal/difc/resource_test.go	Deletes MCP re-wrapping behavior tests for filtered results.
internal/difc/resource.go	Removes MCP wrapper re-wrapping support in labeled-data results.
internal/difc/path_labels_test.go	Deletes path-labeling unit tests.
internal/difc/path_labels.go	Deletes path-labeling implementation.
internal/difc/evaluator.go	Removes propagation of now-removed MCP wrapper field.
internal/difc/difc_test.go	Updates agent label accumulation test to expect mutation.
internal/difc/agent.go	Changes AccumulateFromRead from no-op to mutating union of tags.
internal/config/validation_schema.go	Removes config-extension gating and schema augmentation for guards/session labels.
internal/config/config_test.go	Deletes tests for session labels and extension validation.
internal/config/config_stdin.go	Removes stdin JSON support for guards and gateway session labels.
internal/config/config_difc.go	Deletes DIFC config types and stdin converter wiring.
internal/config/config_core.go	Removes Guards, DIFCFilter, and Gateway.Session from core config types.
internal/cmd/root_test.go	Deletes tests for DIFC/env defaults, session-label parsing, and config-extension defaults.
internal/cmd/root.go	Removes config-extension prerequisite validation, DIFC filter flag plumbing, and session-label CLI overrides.
internal/cmd/flags_difc.go	Removes DIFC filter/config-extension/session-label flags and related env defaults.
go.mod	Drops github.com/tetratelabs/wazero dependency.
go.sum	Removes wazero checksums.
examples/guards/sample-guard/main.go	Deletes sample WASM guard implementation.
examples/guards/sample-guard/go.mod	Deletes sample guard module file.
examples/guards/sample-guard/README.md	Deletes sample guard documentation.
examples/guards/sample-guard/Makefile	Deletes sample guard build Makefile.
examples/guards/sample-guard-js/guard.js	Deletes JS guard example.
examples/guards/guardsdk/guardsdk.go	Deletes guard SDK library.
examples/guards/guardsdk/example/main.go	Deletes guard SDK example.
examples/guards/guardsdk/example/go.sum	Deletes guard SDK example go.sum.
examples/guards/guardsdk/example/go.mod	Deletes guard SDK example go.mod.
examples/guards/guardsdk/README.md	Deletes guard SDK documentation.
examples/guards/echo-guard/main.go	Deletes echo guard implementation.
examples/guards/echo-guard/go.mod	Deletes echo guard module file.
examples/guards/echo-guard/demo-config.toml	Deletes echo-guard demo gateway config.
examples/guards/echo-guard/codex.config.toml	Deletes Codex demo config.
examples/guards/echo-guard/README.md	Deletes echo guard documentation.
examples/guards/EXTERNAL_GUARD_QUICKSTART.md	Deletes external guard quickstart doc.
config.example.toml	Updates DIFC comment to require sys___init before tool access.
Makefile	Removes echo-guard demo targets; broadens go vet/gofmt/lint scope now that examples are gone.
AGENTS.md	Removes documentation of DIFC-related env vars/config-extension gating.
.serena/project.yml	Deletes Serena project config.
.serena/.gitignore	Deletes Serena cache ignore file.
.gitignore	Stops ignoring *.wasm and guard wasm artifacts (since guards removed).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

GetAgentIDFromContext no longer falls back to the request/session identifier, and there are no non-test call sites of SetAgentIDInContext in the repo. This makes callBackendTool() always use agentID="default", causing all DIFC label state to be shared across all clients/sessions. Restore the previous fallback to the session ID context key (or set the agent ID into the context at request entry based on the session/auth header) so labels are tracked per session/agent as intended.