@bookedsolid/rea 0.10.3 → 0.12.0

package/dist/cache/review-cache.js

@@ -1,200 +0,0 @@
-/**
- * Review cache (BUG-009). The push-review-gate hook (`hooks/push-review-gate.sh`)
- * has shipped since 0.3.x calling `rea cache check <sha>` to skip re-review on
- * a previously-approved diff, and `rea cache set <sha> pass ...` as the
- * operator's advertised way to complete the gate. Neither subcommand existed
- * in the CLI through 0.4.0. Once BUG-008's pre-push stdin adapter lands and
- * the gate actually fires, a protected-path push has no completion path
- * without this cache — hence "paired ship blocker."
- *
- * ## File layout
- *
- * `.rea/review-cache.jsonl` — one JSON object per line, terminated with `\n`.
- * Each entry:
- *
- *   {
- *     "sha": "<diff-sha256>",
- *     "branch": "<feature-branch>",
- *     "base": "<target-branch>",
- *     "result": "pass" | "fail",
- *     "recorded_at": "<ISO-8601>",
- *     "reason"?: "<free text>"   // optional, populated on fail or on skip
- *   }
- *
- * The `sha` is whatever the caller supplies — the hook happens to use a
- * SHA-256 of the full diff, but the cache does not interpret or validate the
- * value. Hash-chained is intentionally NOT required: this is a keyed cache,
- * not an append-only integrity log. The audit log at `.rea/audit.jsonl`
- * remains the integrity story.
- *
- * ## Concurrency
- *
- * Every write takes the same `proper-lockfile` lock on the `.rea/` parent
- * directory that the audit helpers use (`withAuditLock`). This means a
- * concurrent audit append and cache write serialize against each other — a
- * negligible cost given cache writes happen once per push gate completion.
- *
- * ## Idempotency
- *
- * `appendEntry` writes a new line unconditionally. `lookup` returns the most
- * recent entry matching `(sha, branch, base)`. This "last write wins" keeps
- * the write path O(1) and the read path O(n) over the file; n is bounded by
- * typical review frequency (dozens per week, not millions). If a future
- * operator needs a compact file, `rea cache clear <sha>` drops matching
- * entries and a separate `rea cache compact` (not in 0.5.0) could rewrite.
- *
- * ## TTL
- *
- * `lookup` honors `review.cache_max_age_seconds` (default 3600). Entries
- * older than the window are treated as a miss. Expired entries are not
- * garbage-collected on read — `rea cache clear` or `rea cache compact`
- * is the operator tool for shrinking.
- */
-import fs from 'node:fs/promises';
-import path from 'node:path';
-import { withAuditLock } from '../audit/fs.js';
-/** Default TTL when policy does not supply one. */
-export const DEFAULT_CACHE_MAX_AGE_SECONDS = 3600;
-/**
- * Tolerated clock skew for future-dated entries. A `recorded_at` more than
- * this far in the future relative to `nowMs` is treated as tampered or
- * severely-drifted and forces a miss (re-review). 60s covers NTP jitter on
- * well-synced hosts; anything beyond that is noise we do not trust.
- */
-const FUTURE_SKEW_ALLOWANCE_MS = 60_000;
-const CACHE_FILENAME = 'review-cache.jsonl';
-const REA_DIRNAME = '.rea';
-export function resolveCacheFile(baseDir) {
-    return path.join(baseDir, REA_DIRNAME, CACHE_FILENAME);
-}
-/**
- * Load every entry from the cache file. Returns `[]` when the file does not
- * exist or is empty. Malformed lines are skipped — we never throw on a
- * corrupt line, because the cache is advisory and a bad write (e.g. a
- * half-written line from a crashed host) must not block a subsequent push.
- */
-async function loadEntries(cacheFile) {
-    let raw;
-    try {
-        raw = await fs.readFile(cacheFile, 'utf8');
-    }
-    catch (err) {
-        if (err.code === 'ENOENT')
-            return [];
-        throw err;
-    }
-    if (raw.length === 0)
-        return [];
-    const entries = [];
-    for (const line of raw.split('\n')) {
-        if (line.length === 0)
-            continue;
-        try {
-            const parsed = JSON.parse(line);
-            if (typeof parsed.sha === 'string' &&
-                typeof parsed.branch === 'string' &&
-                typeof parsed.base === 'string' &&
-                (parsed.result === 'pass' || parsed.result === 'fail') &&
-                typeof parsed.recorded_at === 'string') {
-                entries.push(parsed);
-            }
-        }
-        catch {
-            // Skip malformed line.
-        }
-    }
-    return entries;
-}
-/**
- * Append an entry to the cache. Writes are serialized through the shared
- * `.rea/` directory lock so audit writes and cache writes do not interleave.
- */
-export async function appendEntry(baseDir, input) {
-    const cacheFile = resolveCacheFile(baseDir);
-    await fs.mkdir(path.dirname(cacheFile), { recursive: true });
-    const entry = {
-        sha: input.sha,
-        branch: input.branch,
-        base: input.base,
-        result: input.result,
-        recorded_at: input.timestamp ?? new Date().toISOString(),
-        ...(input.reason !== undefined && input.reason.length > 0
-            ? { reason: input.reason }
-            : {}),
-    };
-    await withAuditLock(cacheFile, async () => {
-        const line = JSON.stringify(entry) + '\n';
-        await fs.appendFile(cacheFile, line);
-    });
-    return entry;
-}
-/**
- * Find the most-recent entry matching `(sha, branch, base)` within the TTL
- * window. Idempotent and side-effect free.
- */
-export async function lookup(baseDir, input) {
-    const cacheFile = resolveCacheFile(baseDir);
-    const entries = await loadEntries(cacheFile);
-    if (entries.length === 0)
-        return { hit: false, missReason: 'empty-file' };
-    // Walk from the tail so the first match is the newest.
-    let matched;
-    for (let i = entries.length - 1; i >= 0; i--) {
-        const e = entries[i];
-        if (e.sha === input.sha && e.branch === input.branch && e.base === input.base) {
-            matched = e;
-            break;
-        }
-    }
-    if (matched === undefined)
-        return { hit: false, missReason: 'no-entry' };
-    const nowMs = input.nowMs ?? Date.now();
-    const maxAgeSeconds = input.maxAgeSeconds ?? DEFAULT_CACHE_MAX_AGE_SECONDS;
-    const recordedMs = Date.parse(matched.recorded_at);
-    if (Number.isNaN(recordedMs)) {
-        // Corrupt timestamp — treat as an expired miss so the caller re-reviews.
-        return { hit: false, missReason: 'expired', entry: matched };
-    }
-    if (recordedMs > nowMs + FUTURE_SKEW_ALLOWANCE_MS) {
-        return { hit: false, missReason: 'expired', entry: matched };
-    }
-    if ((nowMs - recordedMs) / 1000 > maxAgeSeconds) {
-        return { hit: false, missReason: 'expired', entry: matched };
-    }
-    return { hit: true, entry: matched };
-}
-/**
- * Remove every entry matching `sha`. Returns the count removed. A `0` return
- * is a valid outcome (sha not present). Writes back via the same lock as
- * `appendEntry`, so concurrent sets do not lose entries.
- *
- * Writes use temp-file + `fs.rename` (atomic within a single directory on
- * POSIX) so unlocked readers (`lookup`, `list`) can never observe a torn or
- * empty intermediate state. Codex F4 on the 0.5.0 PR1 review.
- */
-export async function clear(baseDir, sha) {
-    const cacheFile = resolveCacheFile(baseDir);
-    return withAuditLock(cacheFile, async () => {
-        const entries = await loadEntries(cacheFile);
-        const kept = entries.filter((e) => e.sha !== sha);
-        const removed = entries.length - kept.length;
-        if (removed === 0)
-            return 0;
-        const out = kept.length === 0 ? '' : kept.map((e) => JSON.stringify(e)).join('\n') + '\n';
-        const tmpFile = `${cacheFile}.tmp.${process.pid}.${Date.now()}`;
-        await fs.writeFile(tmpFile, out);
-        await fs.rename(tmpFile, cacheFile);
-        return removed;
-    });
-}
-/**
- * Return every entry, optionally filtered by branch. Entries are returned in
- * file order (oldest first). Callers that want "newest first" should reverse.
- */
-export async function list(baseDir, options = {}) {
-    const cacheFile = resolveCacheFile(baseDir);
-    const entries = await loadEntries(cacheFile);
-    if (options.branch === undefined)
-        return entries;
-    return entries.filter((e) => e.branch === options.branch);
-}

package/dist/cli/cache.d.ts

@@ -1,84 +0,0 @@
-/**
- * `rea cache` — push-review cache operator subcommands (BUG-009).
- *
- * Four verbs:
- *   - `check <sha> --branch <b> --base <b>` — JSON to stdout ONLY; never
- *     diagnostics. `hooks/push-review-gate.sh` reads this via
- *     `printf '%s' "$CACHE_RESULT" | jq -e '.hit == true'`, so any stray
- *     text on stdout would poison the hook's JSON parse.
- *   - `set <sha> pass|fail --branch <b> --base <b> [--reason <s>]` — record
- *     a review outcome.
- *   - `clear <sha>` — drop every entry for a sha (dev convenience).
- *   - `list [--branch <b>]` — pretty-print entries.
- *
- * The TTL used by `check` reads `review.cache_max_age_seconds` from
- * `.rea/policy.yaml` when present, falling back to
- * {@link DEFAULT_CACHE_MAX_AGE_SECONDS} (1 hour) when the policy file or
- * field is absent. An unreadable/malformed policy file is NOT fatal for
- * `check` — it degrades to the default so a broken policy never deadlocks
- * the push gate; other commands that don't consume the TTL ignore the policy
- * entirely.
- */
-import { type CacheResult } from '../cache/review-cache.js';
-import type { CodexVerdict } from '../audit/codex-event.js';
-export interface CacheCheckOptions {
-    sha: string;
-    branch: string;
-    base: string;
-}
-export interface CacheSetOptions {
-    sha: string;
-    result: CacheResult;
-    branch: string;
-    base: string;
-    reason?: string;
-}
-export interface CacheClearOptions {
-    sha: string;
-}
-export interface CacheListOptions {
-    branch?: string;
-}
-/**
- * Print the cache-check JSON to stdout. Hook contract: stdout is ONLY JSON.
- * On a miss we still exit 0 with `{"hit":false}` — the hook interprets
- * non-zero as "rea broken, force re-review" via its `|| echo '{"hit":false}'`
- * fallback.
- */
-export declare function runCacheCheck(options: CacheCheckOptions): Promise<void>;
-export declare function runCacheSet(options: CacheSetOptions): Promise<void>;
-export declare function runCacheClear(options: CacheClearOptions): Promise<void>;
-export declare function runCacheList(options: CacheListOptions): Promise<void>;
-/** Parse-and-validate helper for `set` — surfaces a clean error on bad input.
- *
- * Accepts the two historical cache values (`pass`, `fail`) AND the four
- * canonical Codex verdicts (`pass`, `concerns`, `blocking`, `error`) per
- * Defect D (rea#77). Codex verdicts are mapped to cache semantics at the CLI
- * boundary: `pass|concerns` → gate-satisfying `pass`; `blocking|error` →
- * gate-failing `fail`. The cache internal vocabulary stays binary
- * (`pass`/`fail` = "gate-satisfying?") while the CLI accepts the full Codex
- * vocabulary so agents can copy the `/codex-review` verdict verbatim.
- */
-export declare function parseCacheResult(raw: string): CacheResult;
-/** Shape returned by {@link codexVerdictToCacheResult}: the binary cache result
- * plus an optional machine-readable `reason` string that records the source
- * Codex verdict. `reason` is populated for non-`pass` verdicts so downstream
- * listings expose WHY a cache fail was recorded. */
-export interface CodexVerdictCacheEffect {
-    result: CacheResult;
-    reason?: string | undefined;
-}
-/** Map a Codex verdict to the binary cache result the gate compares against.
- *
- * Mapping rationale:
- *   - `pass` → cache `pass` (clean review, gate should pass)
- *   - `concerns` → cache `pass` (non-blocking findings, gate should pass;
- *     reviewer captured concerns in the audit record `metadata.summary`)
- *   - `blocking` → cache `fail` (must address findings before merge)
- *   - `error` → cache `fail` (Codex itself errored; no clean-bill-of-health)
- *
- * Kept separate from `parseCacheResult` so callers that already have a typed
- * `CodexVerdict` (e.g. `rea audit record codex-review --also-set-cache`) don't
- * round-trip through string parsing.
- */
-export declare function codexVerdictToCacheResult(verdict: CodexVerdict): CodexVerdictCacheEffect;

package/dist/cli/cache.js

@@ -1,150 +0,0 @@
-/**
- * `rea cache` — push-review cache operator subcommands (BUG-009).
- *
- * Four verbs:
- *   - `check <sha> --branch <b> --base <b>` — JSON to stdout ONLY; never
- *     diagnostics. `hooks/push-review-gate.sh` reads this via
- *     `printf '%s' "$CACHE_RESULT" | jq -e '.hit == true'`, so any stray
- *     text on stdout would poison the hook's JSON parse.
- *   - `set <sha> pass|fail --branch <b> --base <b> [--reason <s>]` — record
- *     a review outcome.
- *   - `clear <sha>` — drop every entry for a sha (dev convenience).
- *   - `list [--branch <b>]` — pretty-print entries.
- *
- * The TTL used by `check` reads `review.cache_max_age_seconds` from
- * `.rea/policy.yaml` when present, falling back to
- * {@link DEFAULT_CACHE_MAX_AGE_SECONDS} (1 hour) when the policy file or
- * field is absent. An unreadable/malformed policy file is NOT fatal for
- * `check` — it degrades to the default so a broken policy never deadlocks
- * the push gate; other commands that don't consume the TTL ignore the policy
- * entirely.
- */
-import { loadPolicy } from '../policy/loader.js';
-import { DEFAULT_CACHE_MAX_AGE_SECONDS, appendEntry, clear as clearEntries, list as listEntries, lookup, } from '../cache/review-cache.js';
-import { err, log } from './utils.js';
-function resolveMaxAgeSeconds(baseDir) {
-    try {
-        const policy = loadPolicy(baseDir);
-        const configured = policy.review?.cache_max_age_seconds;
-        if (typeof configured === 'number' && configured > 0)
-            return configured;
-        return DEFAULT_CACHE_MAX_AGE_SECONDS;
-    }
-    catch {
-        // Missing or malformed policy must not block the push gate — degrade to
-        // the default. `rea doctor` is the canonical surface for flagging a
-        // broken policy file; the cache is not the place to re-diagnose it.
-        return DEFAULT_CACHE_MAX_AGE_SECONDS;
-    }
-}
-/**
- * Print the cache-check JSON to stdout. Hook contract: stdout is ONLY JSON.
- * On a miss we still exit 0 with `{"hit":false}` — the hook interprets
- * non-zero as "rea broken, force re-review" via its `|| echo '{"hit":false}'`
- * fallback.
- */
-export async function runCacheCheck(options) {
-    const baseDir = process.cwd();
-    const maxAgeSeconds = resolveMaxAgeSeconds(baseDir);
-    const result = await lookup(baseDir, {
-        sha: options.sha,
-        branch: options.branch,
-        base: options.base,
-        maxAgeSeconds,
-    });
-    if (result.hit && result.entry !== undefined) {
-        const payload = {
-            hit: true,
-            result: result.entry.result,
-            branch: result.entry.branch,
-            base: result.entry.base,
-            recorded_at: result.entry.recorded_at,
-            ...(result.entry.reason !== undefined ? { reason: result.entry.reason } : {}),
-        };
-        process.stdout.write(JSON.stringify(payload) + '\n');
-        return;
-    }
-    process.stdout.write(JSON.stringify({ hit: false }) + '\n');
-}
-export async function runCacheSet(options) {
-    const baseDir = process.cwd();
-    const entry = await appendEntry(baseDir, {
-        sha: options.sha,
-        branch: options.branch,
-        base: options.base,
-        result: options.result,
-        ...(options.reason !== undefined && options.reason.length > 0
-            ? { reason: options.reason }
-            : {}),
-    });
-    log(`Recorded ${entry.result} for ${entry.sha.slice(0, 12)} (${entry.branch} → ${entry.base}).`);
-}
-export async function runCacheClear(options) {
-    const baseDir = process.cwd();
-    const removed = await clearEntries(baseDir, options.sha);
-    if (removed === 0) {
-        log(`No entries found for ${options.sha.slice(0, 12)}.`);
-        return;
-    }
-    log(`Cleared ${removed} entr${removed === 1 ? 'y' : 'ies'} for ${options.sha.slice(0, 12)}.`);
-}
-export async function runCacheList(options) {
-    const baseDir = process.cwd();
-    const entries = await listEntries(baseDir, {
-        ...(options.branch !== undefined ? { branch: options.branch } : {}),
-    });
-    if (entries.length === 0) {
-        log('No review-cache entries.');
-        return;
-    }
-    for (const e of entries) {
-        const shortSha = e.sha.slice(0, 12);
-        const reason = e.reason !== undefined ? `  — ${e.reason}` : '';
-        console.log(`${e.recorded_at}  ${e.result.padEnd(4)}  ${shortSha}  ${e.branch} → ${e.base}${reason}`);
-    }
-}
-/** Parse-and-validate helper for `set` — surfaces a clean error on bad input.
- *
- * Accepts the two historical cache values (`pass`, `fail`) AND the four
- * canonical Codex verdicts (`pass`, `concerns`, `blocking`, `error`) per
- * Defect D (rea#77). Codex verdicts are mapped to cache semantics at the CLI
- * boundary: `pass|concerns` → gate-satisfying `pass`; `blocking|error` →
- * gate-failing `fail`. The cache internal vocabulary stays binary
- * (`pass`/`fail` = "gate-satisfying?") while the CLI accepts the full Codex
- * vocabulary so agents can copy the `/codex-review` verdict verbatim.
- */
-export function parseCacheResult(raw) {
-    if (raw === 'pass' || raw === 'fail')
-        return raw;
-    if (raw === 'concerns')
-        return 'pass';
-    if (raw === 'blocking' || raw === 'error')
-        return 'fail';
-    err(`result must be 'pass', 'fail', 'concerns', 'blocking', or 'error'; got ${JSON.stringify(raw)}`);
-    process.exit(1);
-}
-/** Map a Codex verdict to the binary cache result the gate compares against.
- *
- * Mapping rationale:
- *   - `pass` → cache `pass` (clean review, gate should pass)
- *   - `concerns` → cache `pass` (non-blocking findings, gate should pass;
- *     reviewer captured concerns in the audit record `metadata.summary`)
- *   - `blocking` → cache `fail` (must address findings before merge)
- *   - `error` → cache `fail` (Codex itself errored; no clean-bill-of-health)
- *
- * Kept separate from `parseCacheResult` so callers that already have a typed
- * `CodexVerdict` (e.g. `rea audit record codex-review --also-set-cache`) don't
- * round-trip through string parsing.
- */
-export function codexVerdictToCacheResult(verdict) {
-    switch (verdict) {
-        case 'pass':
-            return { result: 'pass' };
-        case 'concerns':
-            return { result: 'pass', reason: 'codex:concerns' };
-        case 'blocking':
-            return { result: 'fail', reason: 'codex:blocking' };
-        case 'error':
-            return { result: 'fail', reason: 'codex:error' };
-    }
-}

package/dist/hooks/review-gate/args.d.ts

@@ -1,126 +0,0 @@
-/**
- * Refspec parsing. Two input shapes the gate must accept:
- *
- *   1. Git pre-push hook stdin — one line per refspec, fields:
- *        `<local_ref> <local_sha> <remote_ref> <remote_sha>`
- *      (https://git-scm.com/docs/githooks#_pre_push)
- *
- *   2. Claude-Code `Bash`-PreToolUse command string — parse `git push [remote]
- *      [refspec...]` out of the command, synthesize refspec records against
- *      the caller's HEAD/@{upstream}.
- *
- * Shape 1 is authoritative when present; shape 2 is a fallback for the
- * Claude-Code adapter (BUG-008 sniff). See design §3.2 for the adapter
- * split and §5.1 for the scenarios covered by unit tests.
- *
- * ## Defect J — mixed-push deletion guard
- *
- * A push like `git push origin safe:safe :main` contains both a push refspec
- * and a deletion refspec. The bash core has been burned twice by nesting the
- * deletion check inside the "no SOURCE_SHA resolved" fallback branch, which
- * lets the deletion slip through whenever a sibling refspec DID resolve.
- * This module exposes `hasDeletion()` as a separate predicate so the caller
- * can fail-closed on deletions up front, before any refspec-selection logic.
- */
-/**
- * One parsed refspec record. Either a push (local_sha != ZERO_SHA) or a
- * deletion (local_sha === ZERO_SHA). `source_is_head` flags the
- * argv-fallback case where no explicit source ref was named and the parser
- * substituted HEAD.
- */
-export interface RefspecRecord {
-    local_sha: string;
-    remote_sha: string;
-    local_ref: string;
-    remote_ref: string;
-    /** True when the parser had to fall back to HEAD for the source ref. */
-    source_is_head: boolean;
-    /** True when `local_sha === ZERO_SHA` (this refspec is a branch deletion). */
-    is_deletion: boolean;
-}
-export interface ParseStdinResult {
-    records: RefspecRecord[];
-    /** The parser accepted at least one well-formed line from stdin. */
-    matched: boolean;
-}
-/**
- * Parse the git pre-push stdin contract.
- *
- * Returns `{ records, matched: true }` when at least one refspec line
- * parsed cleanly; `{ records: [], matched: false }` otherwise.
- *
- * ## Bash-core parity (push-review-core.sh §45-69)
- *
- * The bash parser uses `read -r local_ref local_sha remote_ref remote_sha rest`
- * against each line, so:
- *   - Lines with fewer than the required fields leave some vars empty and
- *     the loop `continue`s via the `-z` check (line 54-56). Parser does NOT
- *     abort the overall parse — subsequent lines still get a chance.
- *   - Extra whitespace-separated fields collapse into `rest` and are
- *     silently dropped (line 53's `rest` capture absorbs everything past
- *     field four).
- *   - Only a 40-hex SHA failure on either sha triggers `return 1` (line
- *     57-59), aborting the whole parse — the caller falls through to argv.
- *   - If no lines accept (`accepted=0` at line 63-65), the parser also
- *     returns 1.
- *
- * We mirror that exactly. Codex pass-1 on phase 1 flagged an earlier
- * too-strict version that aborted on short/long lines and would have
- * starved the authoritative stdin path when consumer pre-push wrappers
- * emit extra trailing whitespace columns (e.g. a comment or a trailing
- * remote-url duplicate).
- *
- * Empty / whitespace-only lines are skipped silently.
- *
- * @param raw the full stdin bytes as a string
- */
-export declare function parsePrepushStdin(raw: string): ParseStdinResult;
-/**
- * Return true iff any refspec in the list is a branch deletion (defect J).
- * Callers must check this before any refspec-selection pass; the bash core
- * pre-0.9.4 nested the check inside the "no SOURCE_SHA resolved" branch and
- * let mixed pushes bypass the gate.
- */
-export declare function hasDeletion(records: RefspecRecord[]): boolean;
-/**
- * A `ResolveHead` callback returns the SHA of a source ref, or `null` when
- * the ref is unknown. Injected here (rather than shelling out to `git`
- * directly) so `args.ts` stays pure and unit-testable without a git repo.
- * The real implementation lives in `diff.ts` / `base-resolve.ts`.
- */
-export type ResolveHead = (ref: string) => string | null;
-export interface ArgvFallbackDeps {
-    /** Resolve a source ref (e.g. `feature/foo`) to a commit SHA, or null. */
-    resolveHead: ResolveHead;
-    /** Current HEAD SHA for bare `git push` with no explicit refspec. */
-    headSha: string;
-    /** `@{upstream}` short name (e.g. `origin/main`) or null. */
-    upstream: string | null;
-}
-/**
- * Parse refspecs out of a `git push [remote] [refspec...]` command string.
- * Used only when stdin-parsing returned `matched: false` (Claude-Code
- * adapter path).
- *
- * Behavior mirrors the bash core's `pr_resolve_argv_refspecs` exactly:
- *   - Bare `git push` with no explicit refspec → synthesize a single record
- *     against `@{upstream}` (or `main` when no upstream), local_sha = HEAD.
- *   - `git push origin foo` → source=foo, dest=foo.
- *   - `git push origin src:dst` → source=src, dest=dst.
- *   - `git push origin :main` → deletion record.
- *   - `git push origin --delete main` → deletion record.
- *   - `git push origin HEAD:main` → resolves via `resolveHead('HEAD')`;
- *     the bash core rejects HEAD only when it lands on the DESTINATION
- *     side of the refspec (dst == 'HEAD'), not the source side. We match.
- *   - `git push origin HEAD` → HeadRefspecBlockedError (dst resolves to
- *     HEAD because src==dst when no colon is present).
- *
- * Throws `BlockedError` subclasses for operator-error conditions so the
- * caller can translate them to exit 2 + banner identical to the bash core.
- */
-export declare function resolveArgvRefspecs(cmd: string, deps: ArgvFallbackDeps): RefspecRecord[];
-/**
- * Strip `refs/heads/` or `refs/for/` prefixes so caller-facing code sees a
- * bare branch name. Exported for unit tests in `args.test.ts`.
- */
-export declare function stripRefsPrefix(ref: string): string;