carson 3.21.0 → 3.21.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8274b4268c0fc93eeb9323f2b9fd0d4e042001d1633ccde431afcb7f61448bae
-  data.tar.gz: cff9a441857c256c82bf0f395c92a29a2879c5f1da45c4de3ae1232803e0ea5f
+  metadata.gz: 6e487779056ecbcf22d7aca1527c557051cd2ce94b31e030a515ffedcb8bbce5
+  data.tar.gz: 9cc271426a2c241d855f9a11d7b583e1bb0db2a8041e2972e8bdb3b7df4b55a7
 SHA512:
-  metadata.gz: 375300bdb2789594fa0a088c3f2d983a31aa492884b7fd399e76f0531885c191b81d855dd35c9d79a488cca6a3fdbdc3da35a9ac24d820901a34558d60bbc4f2
-  data.tar.gz: a5f3ddb10f668b7003578c62bdec28b95c0c584cfe5c93da38d50ffc01e4a03f4a91c31053d02a7a97af396baa247917ce3a5edf95608d801c9ce274024cde04
+  metadata.gz: 1e9085ad4e193f0b0c09b5ea890bbbc708194c0ccaf9b5dea96e4daafa5b074f08790ac994d44fbcee3767641eb519cc97d4b05ae65bc29532a2c695a752807c
+  data.tar.gz: 2bc2779bde9dabc17a79c2e0668f370a8f8aecd9ee41bbb56c51ebedf394d1546e029f611a7ffc2072e496a4d01ade6e390157ca4b4468bdf220a1ac4bb99393

data/LICENSE

@@ -1,21 +1,91 @@
-MIT License
-
-Copyright (c) 2026 Hailei Wang (WHL) <wanghailei@gmail.com>
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+# PolyForm Shield License 1.0.0
+
+<https://polyformproject.org/licenses/shield/1.0.0>
+
+Required Notice: Copyright (c) 2026 Hailei Wang (WHL) <wanghailei@gmail.com>
+
+## Acceptance
+
+In order to get any license under these terms, you must agree to them as both strict obligations and conditions to all your licenses.
+
+## Copyright License
+
+The licensor grants you a copyright license for the software to do everything you might do with the software that would otherwise infringe the licensor's copyright in it for any permitted purpose. However, you may only distribute the software according to Distribution License and make changes or new works based on the software according to Changes and New Works License.
+
+## Distribution License
+
+The licensor grants you an additional copyright license to distribute copies of the software. Your license to distribute covers distributing the software with changes and new works permitted by Changes and New Works License.
+
+## Notices
+
+You must ensure that anyone who gets a copy of any part of the software from you also gets a copy of these terms or the URL for them above, as well as copies of any plain-text lines beginning with `Required Notice:` that the licensor provided with the software. For example:
+
+> Required Notice: Copyright Yoyodyne, Inc. (http://example.com)
+
+## Changes and New Works License
+
+The licensor grants you an additional copyright license to make changes and new works based on the software for any permitted purpose.
+
+## Patent License
+
+The licensor grants you a patent license for the software that covers patent claims the licensor can license, or becomes able to license, that you would infringe by using the software.
+
+## Noncompete
+
+Any purpose is a permitted purpose, except for providing any product that competes with the software or any product the licensor or any of its affiliates provides using the software.
+
+## Competition
+
+Goods and services compete even when they provide functionality through different kinds of interfaces or for different technical platforms. Applications can compete with services, libraries with plugins, frameworks with development tools, and so on, even if they're written in different programming languages or for different computer architectures. Goods and services compete even when provided free of charge. If you market a product as a practical substitute for the software or another product, it definitely competes.
+
+## New Products
+
+If you are using the software to provide a product that does not compete, but the licensor or any of its affiliates brings your product into competition by providing a new version of the software or another product using the software, you may continue using versions of the software available under these terms beforehand to provide your competing product, but not any later versions.
+
+## Discontinued Products
+
+You may begin using the software to compete with a product or service that the licensor or any of its affiliates has stopped providing, unless the licensor includes a plain-text line beginning with `Licensor Line of Business:` with the software that mentions that line of business. For example:
+
+> Licensor Line of Business: YoyodyneCMS Content Management System (http://example.com/cms)
+
+## Sales of Business
+
+If the licensor or any of its affiliates sells a line of business developing the software or using the software to provide a product, the buyer can also enforce Noncompete for that product.
+
+## Fair Use
+
+You may have "fair use" rights for the software under the law. These terms do not limit them.
+
+## No Other Rights
+
+These terms do not allow you to sublicense or transfer any of your licenses to anyone else, or prevent the licensor from granting licenses to anyone else. These terms do not imply any other licenses.
+
+## Patent Defense
+
+If you make any written claim that the software infringes or contributes to infringement of any patent, your patent license for the software granted under these terms ends immediately. If your company makes such a claim, your patent license ends immediately for work on behalf of your company.
+
+## Violations
+
+The first time you are notified in writing that you have violated any of these terms, or done anything with the software not covered by your licenses, your licenses can nonetheless continue if you come into full compliance with these terms, and take practical steps to correct past violations, within 32 days of receiving notice. Otherwise, all your licenses end immediately.
+
+## No Liability
+
+As far as the law allows, the software comes as is, without any warranty or condition, and the licensor will not be liable to you for any damages arising out of these terms or the use or nature of the software, under any kind of legal claim.
+
+## Definitions
+
+The **licensor** is the individual or entity offering these terms, and the **software** is the software the licensor makes available under these terms.
+
+A **product** can be a good or service, or a combination of them.
+
+**You** refers to the individual or entity agreeing to these terms.
+
+**Your company** is any legal entity, sole proprietorship, or other kind of organization that you work for, plus all its affiliates.
+
+**Affiliates** means the other organizations than an organization has control over, is under the control of, or is under common control with.
+
+**Control** means ownership of substantially all the assets of an entity, or the power to direct its management and policies by vote, contract, or otherwise. Control can be direct or indirect.
+
+**Your licenses** are all the licenses granted to you for the software under these terms.
+
+**Use** means anything you do with the software requiring one of your licenses.

data/RELEASE.md

@@ -5,6 +5,12 @@ Release-note scope rule:
 - `RELEASE.md` records only version deltas, breaking changes, and migration actions.
 - Operational usage guides live in `MANUAL.md` and `API.md`.
 
+## 3.21.1
+
+### What changed
+
+- **Command guard false-positive fix** — the `command-guard` regex now matches `gh pr create/merge` only at command position (start of line or after `&&`, `||`, `;`, `|`). Previously it matched inside string arguments, blocking legitimate commands like `git commit -m 'Document gh pr create hook'`.
+
 ## 3.21.0
 
 ### What changed

data/VERSION

@@ -1 +1 @@
-3.21.0
+3.21.1

data/carson.gemspec

@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
 	spec.summary = "Autonomous repository governance — you write the code, Carson manages everything else."
 	spec.description = "Carson is a governance runtime that lives outside the repositories it governs — no Carson-owned artefacts in your repo. On every commit, managed hooks enforce centralised lint policy and review gates. At portfolio level, carson govern triages every open PR across your registered repositories: merge what's ready, dispatch coding agents to fix what's failing, escalate what needs human judgement. One command, all your projects, unmanned."
 	spec.homepage = "https://github.com/wanghailei/carson"
-	spec.license = "MIT"
+	spec.license = "PolyForm-Shield-1.0.0"
 	spec.required_ruby_version = ">= 3.4"
 	spec.metadata = {
 		"source_code_uri" => "https://github.com/wanghailei/carson",

data/hooks/command-guard

@@ -33,7 +33,9 @@ command_text="$(echo "$input" | jq -r '.tool_input.command // empty' 2>/dev/null
 [ -n "$command_text" ] || exit 0
 
 # Check for gh pr commands that Carson replaces.
-guarded_pattern='gh\s+pr\s+(create|merge)'
+# Match only at command position: start of line, or after a shell operator (&&, ||, ;, |).
+# This avoids false positives from gh pr references inside commit messages or string arguments.
+guarded_pattern='(^|&&|\|\||;|\|)\s*gh\s+pr\s+(create|merge)'
 if ! echo "$command_text" | grep -qE "$guarded_pattern"; then
 	exit 0
 fi

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: carson
 version: !ruby/object:Gem::Version
-  version: 3.21.0
+  version: 3.21.1
 platform: ruby
 authors:
 - Hailei Wang
@@ -80,7 +80,7 @@ files:
 - templates/.github/pull_request_template.md
 homepage: https://github.com/wanghailei/carson
 licenses:
-- MIT
+- PolyForm-Shield-1.0.0
 metadata:
   source_code_uri: https://github.com/wanghailei/carson
   changelog_uri: https://github.com/wanghailei/carson/blob/main/RELEASE.md