@bookedsolid/rea 0.17.0 → 0.19.0

package/hooks/attribution-advisory.sh

@@ -58,13 +58,24 @@ fi
 source "$(dirname "$0")/_lib/cmd-segments.sh"
 
 # ── 6. Check if this is a relevant command ────────────────────────────────────
+# 0.18.0 helix-020 / discord-ops Round 10 #2 fix (G4.A): use
+# `any_segment_starts_with`, not `any_segment_matches`. The pre-fix
+# matcher used the unanchored form, so a segment like
+#   gh pr edit --body "tracked: gh pr create earlier in the run"
+# triggered IS_RELEVANT=1 because the substring `gh pr create` was
+# anywhere in the segment. The downstream attribution check then
+# scanned the body for the markdown-link / Co-Authored-By patterns,
+# and ANY mention of those terms in the body's prose got blocked
+# even though the actual command was a `gh pr edit` whose intent had
+# nothing to do with structural attribution. The same anchoring fix
+# `dangerous-bash-interceptor.sh` got in 0.16.3 F5 finally lands here.
 IS_RELEVANT=0
 
-if any_segment_matches "$CMD" 'gh[[:space:]]+pr[[:space:]]+(create|edit)'; then
+if any_segment_starts_with "$CMD" 'gh[[:space:]]+pr[[:space:]]+(create|edit)'; then
   IS_RELEVANT=1
 fi
 
-if any_segment_matches "$CMD" 'git[[:space:]]+commit'; then
+if any_segment_starts_with "$CMD" 'git[[:space:]]+commit'; then
   IS_RELEVANT=1
 fi
 
@@ -77,7 +88,21 @@ fi
 FOUND=0
 
 # Co-Authored-By with noreply@ email
-if any_segment_matches "$CMD" 'Co-Authored-By:.*noreply@'; then
+# 0.18.0 helix-020 / discord-ops Round 10 #3 fix (G4.B): exclude
+# GitHub's legitimate `<user>@users.noreply.github.com` collaborator
+# footers from the noreply match. Pre-fix the regex `Co-Authored-By:.*noreply@`
+# matched both AI-tool noreply addresses (anthropic.com, openai.com,
+# github-copilot, etc.) AND GitHub's per-user noreply form, blocking
+# legitimate human collaborator credits. The new regex requires
+# `noreply@` to be followed by something that ISN'T `users.noreply.github.com`
+# — covered via a negative-lookahead simulation: match `noreply@` then
+# either end-of-line, whitespace, `>`, or a domain that does NOT begin
+# with `users.noreply.github.com`. Posix ERE has no lookarounds, so we
+# enumerate the allowed-prefix shapes explicitly. The "AI names" branch
+# below catches Co-Authored-By with named tools regardless of the email
+# domain, so dropping `users.noreply.github.com` from the noreply
+# pattern only relaxes the check for human collaborators — never for AI.
+if any_segment_matches "$CMD" 'Co-Authored-By:.*noreply@(anthropic\.com|openai\.com|github-copilot|github\.com|claude\.ai|chatgpt\.com|googlemail\.com|google\.com|cursor\.com|codeium\.com|tabnine\.com|amazon\.com|amazonaws\.com|amazon-q\.amazonaws\.com|cody\.dev|sourcegraph\.com)'; then
   FOUND=1
 fi
 

package/hooks/security-disclosure-gate.sh

@@ -171,6 +171,23 @@ _extract_body_file_paths() {
           while (i <= n) {
             ch = substr(line, i, 1)
             if (mode == 0) {
+              # 0.18.0 helix-020 G3.B fix: in plain (unquoted) mode,
+              # `\X` (any character X) is the POSIX shell escape for
+              # the literal character X — most commonly a space in
+              # paths like `path\ with\ spaces.md`. Pre-fix the
+              # tokenizer treated the `\` as an ordinary character and
+              # truncated at the following space, dropping the rest of
+              # the path. We now consume the backslash and emit the
+              # following byte as a literal part of the current token.
+              # `\<eol>` (line-continuation) is left intact — emit the
+              # `\` and let the splitter flow into the next record on
+              # the assumption that the caller already joined the line.
+              if (ch == "\\" && i < n) {
+                nxt = substr(line, i + 1, 1)
+                tok = tok nxt
+                i += 2
+                continue
+              }
               if (ch == " " || ch == "\t") {
                 if (tok != "") { emit_token(tok); tok = "" }
                 i++; continue

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bookedsolid/rea",
-  "version": "0.17.0",
+  "version": "0.19.0",
   "description": "Agentic governance layer for Claude Code — policy enforcement, hook-based safety gates, audit logging, and Codex-integrated adversarial review for AI-assisted projects",
   "license": "MIT",
   "author": "Booked Solid Technology <oss@bookedsolid.tech> (https://bookedsolid.tech)",

package/profiles/bst-internal.yaml

@@ -28,3 +28,11 @@ context_protection:
     - pnpm run test
     - pnpm run lint
   max_bash_output_lines: 100
+# 0.18.1+ helixir #9: enable audit log rotation by default for
+# bst-internal. Long sessions accumulate 100s of push_gate.reviewed
+# entries; without rotation the audit file grows unbounded. The empty
+# `rotation: {}` block opts in to the documented defaults — 50 MiB
+# OR 30 days, whichever arrives first. Rotation marker preserves the
+# hash chain across the boundary.
+audit:
+  rotation: {}

package/scripts/postinstall.mjs

@@ -116,13 +116,51 @@ try {
 
   if (manifestVersion === installedVersion) process.exit(0);
 
-  // Package-manager-agnostic message. Any of `npx rea upgrade`,
+  // 0.18.1+ helixir #3: opt-in auto-upgrade. Pre-fix the drift was
+  // detected and a "run rea upgrade" nudge printed, but consumers had
+  // to run the upgrade by hand on every install. With
+  // `REA_AUTO_UPGRADE=1` (or `--yes` semantics inferred from a
+  // package.json field), the postinstall runs `rea upgrade --yes`
+  // for them. Defaults to PRINT-ONLY for back-compat — silent
+  // mutation of the consumer's `.claude/` / `.husky/` on every
+  // install would surprise existing users.
+  const autoUpgrade =
+    process.env.REA_AUTO_UPGRADE === '1' ||
+    process.env.REA_AUTO_UPGRADE === 'true';
+
+  if (autoUpgrade) {
+    // Best-effort: invoke `rea upgrade --yes`. Failures fall through to
+    // the print path so the consumer still sees the drift advisory.
+    try {
+      const reaCli = path.join(consumerRoot, 'node_modules', '.bin', 'rea');
+      if (fs.existsSync(reaCli)) {
+        const { spawnSync } = await import('node:child_process');
+        const res = spawnSync(reaCli, ['upgrade', '--yes'], {
+          cwd: consumerRoot,
+          stdio: 'inherit',
+          env: process.env,
+        });
+        if (res.status === 0) {
+          NOTE([
+            `@bookedsolid/rea: auto-upgraded from v${manifestVersion} to v${installedVersion}.`,
+            `(REA_AUTO_UPGRADE=1; set REA_AUTO_UPGRADE=0 to opt out.)`,
+          ]);
+          process.exit(0);
+        }
+      }
+    } catch {
+      // Fall through to the manual-nudge path below.
+    }
+  }
+
+  // Package-manager-agnostic nudge. Any of `npx rea upgrade`,
   // `pnpm exec rea upgrade`, or `yarn rea upgrade` works; recommending `npx`
   // covers the widest audience without privileging pnpm in error output.
   NOTE([
     `@bookedsolid/rea v${installedVersion} installed; manifest at v${manifestVersion}.`,
     `Run  \`npx rea upgrade\`  to sync .claude/, .husky/, and managed fragments.`,
     `(Or  \`npx rea doctor --drift\`  to preview without changes.)`,
+    `(Set  \`REA_AUTO_UPGRADE=1\`  to auto-run upgrade on future installs.)`,
   ]);
 } catch {
   // Any uncaught failure → silent success. Never break the consumer's install.