@bytesbrains/pi-contrib-gate 1.6.1

package/src/config.ts

@@ -0,0 +1,80 @@
+import * as fs from "node:fs";
+import * as path from "node:path";
+import type { ContribConfig, BestPracticesConfig } from "./types";
+import { DEFAULT_CONFIG, BEST_PRACTICES_DEFAULTS } from "./types";
+
+function parseBool(val: string | undefined, def: boolean): boolean {
+  if (val === undefined) return def;
+  return val !== "false" && val !== "no" && val !== "0";
+}
+
+function loadBestPractices(result: Record<string, unknown>): BestPracticesConfig {
+  const rawGuidance = result["commits.bestPractices.guidanceText"] as string | undefined;
+  let guidanceText: string[];
+  if (rawGuidance) {
+    // Split by | for multi-line YAML block scalars or newline-separated
+    guidanceText = rawGuidance
+      .split(/\||\n/)
+      .map(s => s.trim())
+      .filter(s => s.length > 0);
+  } else {
+    guidanceText = [...BEST_PRACTICES_DEFAULTS.guidanceText];
+  }
+  return {
+    shortFrequentCommits: parseBool(
+      result["commits.bestPractices.shortFrequentCommits"] as string | undefined,
+      BEST_PRACTICES_DEFAULTS.shortFrequentCommits,
+    ),
+    maxLinesPerCommit:
+      parseInt(result["commits.bestPractices.maxLinesPerCommit"] as string) || BEST_PRACTICES_DEFAULTS.maxLinesPerCommit,
+    requireAtomic: parseBool(
+      result["commits.bestPractices.requireAtomic"] as string | undefined,
+      BEST_PRACTICES_DEFAULTS.requireAtomic,
+    ),
+    maxUnrelatedDirs:
+      parseInt(result["commits.bestPractices.maxUnrelatedDirs"] as string) || BEST_PRACTICES_DEFAULTS.maxUnrelatedDirs,
+    guidanceText,
+  };
+}
+
+export function loadConfig(cwd: string): ContribConfig {
+  const configPath = path.join(cwd, ".contribrc.yml");
+  if (!fs.existsSync(configPath)) return { ...DEFAULT_CONFIG };
+  try {
+    const content = fs.readFileSync(configPath, "utf-8");
+    const result: Record<string, unknown> = {};
+    for (const line of content.split("\n")) {
+      const m = line.match(/^\s*(\w[\w.]*):\s*(.+)$/);
+      if (m) {
+        let val = m[2].trim();
+        if ((val.startsWith('"') && val.endsWith('"')) || (val.startsWith("'") && val.endsWith("'"))) {
+          val = val.slice(1, -1);
+        }
+        result[m[1]] = val;
+      }
+    }
+    return {
+      branches: {
+        featPattern: (result["branches.featPattern"] as string) || DEFAULT_CONFIG.branches.featPattern,
+        fixPattern: (result["branches.fixPattern"] as string) || DEFAULT_CONFIG.branches.fixPattern,
+        chorePattern: (result["branches.chorePattern"] as string) || DEFAULT_CONFIG.branches.chorePattern,
+      },
+      commits: {
+        convention: ((result["commits.convention"] as string) || DEFAULT_CONFIG.commits.convention) as "conventional" | "simple",
+        maxSubjectLength: parseInt(result["commits.maxSubjectLength"] as string) || DEFAULT_CONFIG.commits.maxSubjectLength,
+        scopes: (result["commits.scopes"] as string)?.split(",").map(s => s.trim()) || [],
+        bestPractices: loadBestPractices(result),
+      },
+      quality: {
+        lint: result["quality.lint"] !== "false",
+        typeCheck: result["quality.typeCheck"] !== "false",
+        doctorAudit: result["quality.doctorAudit"] !== "false",
+        maxFilesChanged: parseInt(result["quality.maxFilesChanged"] as string) || DEFAULT_CONFIG.quality.maxFilesChanged,
+        maxLinesAdded: parseInt(result["quality.maxLinesAdded"] as string) || DEFAULT_CONFIG.quality.maxLinesAdded,
+      },
+      requireIssueValidation: parseBool(result["requireIssueValidation"] as string, DEFAULT_CONFIG.requireIssueValidation),
+    };
+  } catch {
+    return { ...DEFAULT_CONFIG };
+  }
+}

package/src/helpers.ts

@@ -0,0 +1,331 @@
+import * as cp from "node:child_process";
+import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
+
+export function exec(cmd: string, cwd?: string): { ok: boolean; stdout: string; stderr: string } {
+  try {
+    const r = cp.execSync(cmd, { cwd, encoding: "utf-8", timeout: 30000 });
+    return { ok: true, stdout: r.trim(), stderr: "" };
+  } catch (e: any) {
+    return { ok: false, stdout: e.stdout?.trim() || "", stderr: e.stderr?.trim() || e.message };
+  }
+}
+
+export function currentBranch(cwd: string): string {
+  return exec("git branch --show-current", cwd).stdout;
+}
+
+/**
+ * Extract a Gitea issue ID from a branch name.
+ * Supports: feat/issue-42, fix/issue-7, chore/issue-99, or bare issue-42.
+ */
+export function extractIssueFromBranch(branch: string): string | null {
+  const match = branch.match(/^(?:(?:feat|fix|chore)\/)?issue-(\d+)$/);
+  return match ? match[1] : null;
+}
+
+/**
+ * Get the current linked issue ID from session state or branch name.
+ */
+export function getLinkedIssueId(cwd: string): string | null {
+  return (globalThis as any).__contrib_issueId || extractIssueFromBranch(currentBranch(cwd)) || null;
+}
+
+export function isClean(cwd: string): boolean {
+  const r = exec("git status --porcelain", cwd);
+  return r.ok && r.stdout === "";
+}
+
+/** True if git merge is in progress (MERGE_HEAD exists). */
+export function isMergeInProgress(cwd: string): boolean {
+  const r = exec("git rev-parse --verify MERGE_HEAD 2>/dev/null", cwd);
+  return r.ok;
+}
+
+/** True if git rebase is in progress. */
+export function isRebaseInProgress(cwd: string): boolean {
+  const merge = exec("test -d .git/rebase-merge && echo yes || echo no", cwd);
+  const apply = exec("test -d .git/rebase-apply && echo yes || echo no", cwd);
+  return merge.stdout === "yes" || apply.stdout === "yes";
+}
+
+/** True if any conflict is in progress (merge or rebase). */
+export function isConflictInProgress(cwd: string): boolean {
+  return isMergeInProgress(cwd) || isRebaseInProgress(cwd);
+}
+
+/**
+ * Scan staged changes for unresolved conflict markers.
+ * Returns list of files containing <<<<<<< or >>>>>>> markers.
+ */
+export function scanForConflictMarkers(cwd: string): string[] {
+  const diff = exec(
+    "git diff --cached -U0 2>/dev/null | grep -nE '^\\+<<<<<<< |^\\+>>>>>>> ' || true",
+    cwd,
+  );
+  if (!diff.stdout) return [];
+
+  // Also check the working tree for any unstaged conflict markers (safety net)
+  const staged = exec("git diff --cached --name-only 2>/dev/null", cwd);
+  const stagedFiles = staged.ok ? staged.stdout.split("\n").filter(Boolean) : [];
+
+  const conflicts: string[] = [];
+  for (const file of stagedFiles) {
+    const r = exec(
+      `git show :0:${file} 2>/dev/null | grep -nE '<<<<<<< |>>>>>>> ' || true`,
+      cwd,
+    );
+    if (r.stdout) conflicts.push(file);
+  }
+  return conflicts;
+}
+
+export function hasUnpushed(cwd: string): boolean {
+  const branch = currentBranch(cwd);
+  const r = exec(`git log origin/${branch}..HEAD --oneline 2>/dev/null || git log gitea/${branch}..HEAD --oneline 2>/dev/null || echo ""`, cwd);
+  return r.ok && r.stdout.length > 0;
+}
+
+/**
+ * Get the list of staged files and their change counts.
+ * Returns { files, linesAdded }.
+ */
+export function getStagedStats(cwd: string): { files: string[]; linesAdded: number } {
+  const diff = exec("git diff --cached --name-only", cwd);
+  const files = diff.ok ? diff.stdout.split("\n").filter(Boolean) : [];
+  const loc = exec("git diff --cached --numstat | awk '{s+=$1} END {print s}'", cwd);
+  const linesAdded = loc.ok ? parseInt(loc.stdout) || 0 : 0;
+  return { files, linesAdded };
+}
+
+/**
+ * Escape a string for safe interpolation into a shell command.
+ * Wraps value in single quotes after escaping embedded single quotes.
+ */
+export function shellEscape(value: string): string {
+  return `'${value.replace(/'/g, "'\\''")}'`;
+}
+
+/**
+ * Check if the remote branch still exists (not deleted after PR merge).
+ */
+export function remoteBranchExists(
+  cwd: string,
+  branch?: string,
+): { exists: boolean; remoteName: string } {
+  const br = branch || currentBranch(cwd);
+  if (!br) return { exists: false, remoteName: "" };
+
+  for (const remote of ["origin", "gitea"]) {
+    const check = exec(`git ls-remote --heads ${remote} ${br}`, cwd);
+    if (check.ok && check.stdout.length > 0) {
+      return { exists: true, remoteName: remote };
+    }
+  }
+  return { exists: false, remoteName: "origin" };
+}
+
+/**
+ * Check PR state for the current branch. Uses gh CLI (GitHub) or Gitea API.
+ */
+export async function checkBranchPRState(
+  cwd: string,
+  branch?: string,
+): Promise<{ state: "open" | "merged" | "closed"; url: string } | null> {
+  const br = branch || currentBranch(cwd);
+  if (!br) return null;
+
+  // Try gh CLI first (GitHub)
+  const ghCheck = exec(
+    `gh pr list --head ${shellEscape(br)} --state all --json state,url --jq '.[0]'`,
+    cwd,
+  );
+  if (ghCheck.ok && ghCheck.stdout && ghCheck.stdout !== "null") {
+    try {
+      const data = JSON.parse(ghCheck.stdout);
+      const state = data.state as string;
+      return {
+        state: state === "MERGED" ? "merged" : state === "OPEN" ? "open" : "closed",
+        url: data.url || "",
+      };
+    } catch { /* fall through */ }
+  }
+
+  // Try Gitea API
+  const remote = exec("git remote get-url origin 2>/dev/null || git remote get-url gitea 2>/dev/null", cwd);
+  if (!remote.ok) return null;
+  const url = remote.stdout;
+
+  if (url.includes("gitea") || url.includes("127.0.0.1:3001")) {
+    const match = url.match(/[/:]([^/]+)\/([^/]+?)(?:\.git)?$/);
+    if (!match) return null;
+    const apiUrl = `http://127.0.0.1:3001/api/v1/repos/${match[1]}/${match[2]}`;
+    const credMatch = url.match(/:\/\/([^:]+):([^@]+)@/);
+    const token = credMatch ? credMatch[2] : "";
+
+    try {
+      const headers: Record<string, string> = { "Content-Type": "application/json" };
+      if (token) headers["Authorization"] = `token ${token}`;
+      const res = await fetch(`${apiUrl}/pulls?head=${encodeURIComponent(br)}&state=all&limit=1`, { headers });
+      const data = await res.json();
+      if (Array.isArray(data) && data.length > 0) {
+        const pr = data[0];
+        return {
+          state: pr.merged ? "merged" : pr.state === "open" ? "open" : "closed",
+          url: pr.html_url || `${apiUrl}/pulls/${pr.number}`,
+        };
+      }
+    } catch { /* ignore */ }
+  }
+
+  return null;
+}
+
+/**
+ * Escape a string for safe interpolation into a double-quoted shell context.
+ * Escapes: $, `, \, ", !, newlines
+ */
+export function shellEscapeDoubleQuoted(value: string): string {
+  return value
+    .replace(/\\/g, "\\\\")
+    .replace(/\$/g, "\\$")
+    .replace(/`/g, "\\`")
+    .replace(/"/g, '\\"')
+    .replace(/!/g, "\\!")
+    .replace(/\n/g, " ");
+}
+
+/**
+ * Count the number of distinct top-level directories touched by a list of files.
+ * Used as a heuristic for non-atomic commits (touching many unrelated areas).
+ */
+export function countUnrelatedDirs(files: string[]): number {
+  if (files.length === 0) return 0;
+
+  const dirs = new Set<string>();
+  const hasNesting = files.some(f => f.split("/").length >= 3);
+
+  for (const file of files) {
+    const parts = file.split("/");
+    if (hasNesting) {
+      // For deeply nested paths, use first two segments as directory grouping
+      const dir = parts.length >= 2 ? parts.slice(0, 2).join("/") : parts[0];
+      dirs.add(dir);
+    } else {
+      // For flat paths (dir/file.ext), first segment is the directory
+      const topDir = parts[0];
+      if (topDir && topDir !== ".") {
+        dirs.add(topDir);
+      } else {
+        dirs.add("(root)");
+      }
+    }
+  }
+  return dirs.size;
+}
+
+export async function createPR(
+  branch: string,
+  base: string,
+  title: string,
+  body: string,
+  ctx: ExtensionContext,
+  remoteName: string,
+): Promise<{ ok: true; url: string } | { ok: false; error: string }> {
+  const remote = exec(`git remote get-url ${remoteName || "origin"}`, ctx.cwd);
+  if (!remote.ok) return { ok: false, error: "No git remote found" };
+
+  const url = remote.stdout;
+  let apiUrl = "";
+  let token = "";
+
+  if (url.includes("gitea") || url.includes("127.0.0.1:3001")) {
+    const match = url.match(/[/:]([^/]+)\/([^/]+?)(?:\.git)?$/);
+    if (!match) return { ok: false, error: `Cannot parse Gitea repo from: ${url}` };
+    apiUrl = `http://127.0.0.1:3001/api/v1/repos/${match[1]}/${match[2]}`;
+    const credMatch = url.match(/:\/\/([^:]+):([^@]+)@/);
+    token = credMatch ? credMatch[2] : "";
+  } else if (url.includes("github.com")) {
+    // gh CLI handles its own argument quoting — only escape double-quotes and strip newlines
+    const safeTitle = title.replace(/"/g, '\\"').replace(/\n/g, " ");
+    const safeBody = body.replace(/"/g, '\\"').replace(/\n/g, " ");
+    const r = exec(`gh pr create --base ${shellEscape(base)} --head ${shellEscape(branch)} --title "${safeTitle}" --body "${safeBody}"`, ctx.cwd);
+    if (r.ok) {
+      const lines = r.stdout.split("\n");
+      const prUrl = lines.find(l => l.includes("github.com")) || r.stdout;
+      return { ok: true, url: prUrl.trim() };
+    }
+    return { ok: false, error: r.stderr || "gh pr create failed" };
+  }
+
+  if (!apiUrl) return { ok: false, error: "Unsupported remote. Use Gitea or GitHub." };
+
+  // Use fetch() instead of shell-executed curl — avoids token exposure in process lists
+  const fetchHeaders: Record<string, string> = { "Content-Type": "application/json" };
+  if (token) fetchHeaders["Authorization"] = `token ${token}`;
+
+  try {
+    const res = await fetch(`${apiUrl}/pulls`, {
+      method: "POST",
+      headers: fetchHeaders,
+      body: JSON.stringify({ title, head: branch, base, body }),
+    });
+    const text = await res.text();
+    if (!res.ok) return { ok: false, error: text || `HTTP ${res.status}` };
+    try {
+      const data = JSON.parse(text);
+      return { ok: true, url: data.html_url || `${apiUrl}/pulls/${data.number}` };
+    } catch {
+      return { ok: true, url: text };
+    }
+  } catch (e: any) {
+    return { ok: false, error: e.message || "Network error" };
+  }
+}
+
+// ── Gitea API Helpers ──────────────────────────────────────────────────────────
+
+/**
+ * Resolve Gitea repo path and token from git remote.
+ */
+export function resolveGitea(cwd: string): { repo: string; token: string } {
+  const remote = exec("git remote get-url gitea 2>/dev/null || git remote get-url origin", cwd);
+  const url = remote.stdout || "";
+  const match = url.match(/[/:]([^/]+)\/([^/]+?)(?:\.git)?$/);
+  const repo = match ? `${match[1]}/${match[2]}` : "";
+  const credMatch = url.match(/:\/\/([^:]+):([^@]+)@/);
+  return { repo, token: credMatch ? credMatch[2] : "" };
+}
+
+/**
+ * Call Gitea API.
+ */
+export async function giteaApi(
+  path: string,
+  method: string,
+  body: Record<string, unknown> | null,
+  opts: { repo: string; token: string },
+): Promise<{ ok: boolean; data: unknown; error?: string }> {
+  const base = `http://127.0.0.1:3001/api/v1/repos/${opts.repo}`;
+  const url = `${base}${path}`;
+  const headers: Record<string, string> = { "Content-Type": "application/json" };
+  if (opts.token) headers["Authorization"] = `token ${opts.token}`;
+
+  try {
+    const res = await fetch(url, {
+      method,
+      headers,
+      body: body ? JSON.stringify(body) : undefined,
+    });
+    const text = await res.text();
+    if (!res.ok) {
+      return { ok: false, data: null, error: text || `HTTP ${res.status}` };
+    }
+    try {
+      return { ok: true, data: JSON.parse(text) };
+    } catch {
+      return { ok: true, data: text };
+    }
+  } catch (e: any) {
+    return { ok: false, data: null, error: e.message || "Network error" };
+  }
+}

package/src/index.ts

@@ -0,0 +1,51 @@
+/**
+ * pi-contrib-gate — AI Agent Contribution Gateway
+ *
+ * Tools: contrib_start_work, contrib_propose, contrib_submit, contrib_status
+ * Config: .contribrc.yml
+ */
+import type { ExtensionAPI } from "@earendil-works/pi-coding-agent";
+import { interceptToolCall } from "./intercepts";
+import { startWorkTool } from "./tools/start_work";
+import { proposeTool } from "./tools/propose";
+import { submitTool } from "./tools/submit";
+import { statusTool } from "./tools/status";
+import { getLinkedIssueId, remoteBranchExists, checkBranchPRState, currentBranch } from "./helpers";
+
+export default function (pi: ExtensionAPI) {
+  pi.on("tool_call", interceptToolCall);
+  pi.registerTool(startWorkTool);
+  pi.registerTool(proposeTool);
+  pi.registerTool(submitTool);
+  pi.registerTool(statusTool);
+
+  // Auto-detect linked issue from branch name on session start/resume
+  pi.on("session_start", async (_event, ctx) => {
+    const issueId = getLinkedIssueId(ctx.cwd);
+    if (issueId && !(globalThis as any).__contrib_issueId) {
+      (globalThis as any).__contrib_issueId = issueId;
+    }
+
+    // Detect orphaned branch (remote deleted = PR likely merged)
+    const branch = currentBranch(ctx.cwd);
+    const isFeatureBranch = /^(feat|fix|chore)\//.test(branch);
+    if (isFeatureBranch) {
+      const remote = remoteBranchExists(ctx.cwd);
+      if (!remote.exists) {
+        const pr = await checkBranchPRState(ctx.cwd);
+        const prNote = pr
+          ? `\nPR ${pr.url} was ${pr.state}.`
+          : "";
+        ctx.ui.notify(
+          "⚠️  Orphaned branch detected",
+          `Remote branch "${branch}" no longer exists — the PR was likely merged.${prNote}\n\nDo NOT continue work on this branch. Use contrib_start_work(issue_id) to start fresh.`,
+        );
+      }
+    }
+  });
+
+  pi.on("session_shutdown", () => {
+    delete (globalThis as any).__contrib_issueId;
+    delete (globalThis as any).__contrib_lastHash;
+  });
+}

package/src/intercepts.ts

@@ -0,0 +1,153 @@
+import type { ExtensionContext } from "@earendil-works/pi-coding-agent";
+import { loadConfig } from "./config";
+import { exec, isMergeInProgress, isRebaseInProgress, isConflictInProgress, isClean, getLinkedIssueId } from "./helpers";
+import { validateConventionalCommit } from "./validate";
+
+const PROTECTED_BRANCHES = ["dev", "main", "master", "production"];
+
+function onProtectedBranch(cwd: string): boolean {
+  const branch = exec("git branch --show-current", cwd).stdout;
+  return PROTECTED_BRANCHES.includes(branch);
+}
+
+export async function interceptToolCall(event: any, ctx: ExtensionContext) {
+  const config = loadConfig(ctx.cwd);
+
+  // ═══════════════════════════════════════════
+  // Block file modifications without a linked issue
+  // ═══════════════════════════════════════════
+  if (["write", "edit"].includes(event.toolName)) {
+    const branch = exec("git branch --show-current", ctx.cwd).stdout;
+
+    // Protected branches: strict block
+    if (PROTECTED_BRANCHES.includes(branch)) {
+      return {
+        block: true,
+        reason: `Cannot modify files directly on "${branch}". Use contrib_start_work(issue_id) to create a feature branch first.`,
+      };
+    }
+
+    // Non-feature, non-protected branch with no linked issue: block early
+    const isFeatureBranch = /^(feat|fix|chore)\//.test(branch);
+    const issueId = getLinkedIssueId(ctx.cwd);
+
+    if (!issueId && !isFeatureBranch) {
+      return {
+        block: true,
+        reason: `No Gitea issue linked. Before making changes, link your work to an issue with contrib_start_work(issue_id).\n\nThis creates a properly named branch and links it to an issue so commits and PRs are traceable.`,
+      };
+    }
+
+    if (!issueId && isFeatureBranch) {
+      // Feature branch but no issue found in branch name or session state.
+      // Warn but allow — the agent may be resuming work from a branch created
+      // outside the current session.
+      ctx.ui.notify(
+        "No issue linked",
+        `You're on feature branch "${branch}" but no Gitea issue is linked.\nRun contrib_start_work(issue_id) to link an issue before committing.`,
+      );
+    }
+  }
+
+  if (event.toolName !== "bash" || typeof event.input.command !== "string") return;
+
+  const cmd = event.input.command;
+
+  // Block direct branch creation bypassing contrib_start_work
+  if (/\bgit\s+checkout\s+-b\s+/.test(cmd) || /\bgit\s+switch\s+-c\s+/.test(cmd)) {
+    const branchMatch = cmd.match(/(?:checkout\s+-b|switch\s+-c)\s+(\S+)/);
+    const branchName = branchMatch?.[1] || "";
+    const isIssueBranch = /^(feat|fix|chore)\/issue-\d+$/.test(branchName) || /^issue-\d+$/.test(branchName);
+    if (isIssueBranch) {
+      return {
+        block: true,
+        reason: `Cannot create issue branch directly. Use contrib_start_work(issue_id) instead.\n\nThis ensures the issue exists on Gitea and is in the correct state before work begins.\n\nBlocked: ${cmd}`,
+      };
+    }
+  }
+
+  if (/\bgit\s+push\b/.test(cmd)) {
+    const isProtected = /\b(main|master|dev|production)\b/.test(cmd);
+    if (isProtected) {
+      const ok = await ctx.ui.confirm("Protected branch push blocked", `Push to protected branch detected. Use contrib_submit() instead.\n\nCommand: ${cmd}\n\nAllow anyway?`);
+      if (!ok) return { block: true, reason: "Use contrib_submit() to create a PR instead of pushing directly." };
+    }
+  }
+
+  if (/\bgit\s+push\s+.*--force/.test(cmd)) {
+    const ok = await ctx.ui.confirm("Force push detected", `Force push can overwrite remote history.\n\nCommand: ${cmd}\n\nContinue?`);
+    if (!ok) return { block: true, reason: "Force push blocked by user." };
+  }
+
+  if (/\bgit\s+commit\b/.test(cmd)) {
+    // Block direct git commit on feature branches — force through contrib_propose
+    const branch = exec("git branch --show-current", ctx.cwd).stdout;
+    const isFeatureBranch = /^(feat|fix|chore)\//.test(branch);
+    if (isFeatureBranch) {
+      return {
+        block: true,
+        reason: `Cannot commit directly on feature branch "${branch}". Use contrib_propose(message) to stage, lint, typecheck, and commit with quality gates.`,
+      };
+    }
+
+    if (config.commits.convention === "conventional") {
+      const msgMatch = cmd.match(/-m\s+"([^"]+)"/);
+      if (msgMatch) {
+        const validation = validateConventionalCommit(msgMatch[1], config);
+        if (!validation.ok) ctx.ui.notify(`Conventional commit: ${validation.error}`, "warning");
+      }
+    }
+  }
+
+  // ═══════════════════════════════════════════
+  // Merge conflict safety gates
+  // ═══════════════════════════════════════════
+
+  // Gate: Require clean working tree before rebase/merge
+  if (/\bgit\s+(rebase|merge|pull)\b/.test(cmd) && !/\bgit\s+merge\s+--(abort|continue)\b/.test(cmd)) {
+    const branch = exec("git branch --show-current", ctx.cwd).stdout;
+    const isFeatureBranch = /^(feat|fix|chore)\//.test(branch);
+    if (isFeatureBranch && !isClean(ctx.cwd)) {
+      return {
+        block: true,
+        reason: `Working tree is dirty. Stash or commit changes before running:\n  ${cmd}\n\nUse contrib_propose(message) to commit first, or git stash to save work temporarily.`,
+      };
+    }
+  }
+
+  // Gate: Block destructive checkout in conflict state
+  if (/\bgit\s+checkout\s+(--theirs|--ours)\b/.test(cmd)) {
+    if (isConflictInProgress(ctx.cwd)) {
+      const pattern = /\bgit\s+checkout\s+(--theirs|--ours)\s+(\S+)/.exec(cmd);
+      const target = pattern?.[2] || "";
+      const isBroad = target === "." || target === "*" || target.includes("*") || target === "";
+      if (isBroad) {
+        const ok = await ctx.ui.confirm(
+          "Destructive conflict resolution blocked",
+          `Running \`git checkout ${pattern?.[1] || "--theirs"} ${target || "(all)"}\` will overwrite ALL conflicted files with one side.\n\nThis usually destroys work. Resolve conflicts file-by-file instead.\n\nAllow anyway?`,
+        );
+        if (!ok) return { block: true, reason: "Resolve conflicts file-by-file instead of blindly accepting one side for all files. Read each conflicted file, understand both sides, then write the correct resolution." };
+      }
+    }
+  }
+
+  // Gate: Block reset --hard during conflict (too destructive with no undo)
+  if (/\bgit\s+reset\s+--hard\b/.test(cmd)) {
+    if (isConflictInProgress(ctx.cwd)) {
+      const ok = await ctx.ui.confirm(
+        "Hard reset during conflict blocked",
+        `\`git reset --hard\` during a merge/rebase will destroy ALL in-progress conflict resolution work.\n\nPrefer:\n  git merge --abort\n  git rebase --abort\n...to cleanly exit without losing in-progress resolution.\n\nContinue with reset --hard?`,
+      );
+      if (!ok) return { block: true, reason: "Use git merge --abort or git rebase --abort instead. They cleanly exit without destroying partially-resolved work." };
+    }
+  }
+
+  // Gate: Prevent committing when conflict is still in progress
+  if (/\bgit\s+commit\b/.test(cmd) && isConflictInProgress(ctx.cwd)) {
+    const state = isMergeInProgress(ctx.cwd) ? "merge" : "rebase";
+    return {
+      block: true,
+      reason: `Cannot commit while a ${state} is in progress. Git will interpret this as completing the ${state} with unresolved conflicts.\n\nResolve ALL conflicts first (remove <<<<<<< markers from every file), stage resolved files with git add, then use contrib_propose() to commit.`,
+    };
+  }
+}

package/src/state.ts

@@ -0,0 +1,9 @@
+export let currentIssueId: string | null = null;
+export let currentBranchType: string = "feat";
+export let lastCommitHash: string | null = null;
+
+export function reset() {
+  currentIssueId = null;
+  currentBranchType = "feat";
+  lastCommitHash = null;
+}