@hominis/fireforge 0.24.0 → 0.26.0

package/CHANGELOG.md

@@ -1,5 +1,16 @@
 # Changelog
 
+## 0.26.0
+
+- Added targeted `re-export --scan --scan-file <path>` for reviewed single-patch new-file assignment without broad sibling collection.
+- Added a FireForge-owned worktree whitespace gate that excludes generated `patches/*.patch` diff syntax from repository whitespace checks.
+- Kept generated patch context lines unchanged while making release checks use the FireForge whitespace gate.
+
+## 0.25.0
+
+- Kept `MOZ_APP_VENDOR` in `browser/moz.configure` for Firefox ESR 140 project-flag trees instead of generated branding `configure.sh`.
+- Added a regression for stale xpcshell install symlink repair under shared `_tests/testing/mochitest/` harness paths.
+
 ## 0.24.0
 
 - Moved branding vendor identity into generated branding configure scripts and made `browser/moz.configure` vendor patching optional.

package/README.md

@@ -20,7 +20,7 @@ Inspired by [fern.js](https://github.com/ghostery/user-agent-desktop) and [Melon
 
 ## Requirements
 
-- Node.js 20+
+- Node.js 22.22.1+
 - Python 3
 - Git
 - The normal Firefox platform build tools: Xcode command line tools on macOS, `build-essential`-style packages on Linux, Visual Studio Build Tools on Windows (never tested on Windows tbh)

package/dist/src/commands/re-export-scan.d.ts

@@ -0,0 +1,35 @@
+import type { PatchesManifest } from '../types/commands/index.js';
+export interface ScanResult {
+    updated: string[];
+    added: string[];
+    removed: string[];
+}
+/** Normalizes repeatable `--scan-file` inputs into safe engine-relative paths. */
+export declare function normalizeScanFiles(scanFiles: readonly string[] | undefined): string[] | undefined;
+/** Scans either broad sibling directories or explicit `--scan-file` paths for re-export. */
+export declare function scanPatchFilesForReExport(args: {
+    currentFilesAffected: string[];
+    engineDir: string;
+    manifest: PatchesManifest;
+    patchFilename: string;
+    isDryRun: boolean;
+    scanFiles?: readonly string[];
+}): Promise<ScanResult>;
+/**
+ * Confirms broad directory-scan additions before a mutating re-export writes
+ * them into patch ownership.
+ */
+export declare function confirmBroadScanAdditions(args: {
+    patchFilename: string;
+    added: readonly string[];
+    isDryRun: boolean;
+    yes: boolean;
+    isInteractive: boolean;
+}): Promise<boolean>;
+/** Refuses explicit `--scan-file` additions that did not produce patch hunks. */
+export declare function assertScanFileAdditionsHaveDiffHunks(args: {
+    diffContent: string;
+    patchFilename: string;
+    previousFilesAffected: readonly string[];
+    scanFiles: readonly string[] | undefined;
+}): void;

package/dist/src/commands/re-export-scan.js

@@ -0,0 +1,139 @@
+// SPDX-License-Identifier: EUPL-1.2
+import { dirname, join } from 'node:path';
+import { confirm } from '@clack/prompts';
+import { getModifiedFilesInDir, getUntrackedFilesInDir } from '../core/git-status.js';
+import { extractAffectedFiles } from '../core/patch-apply.js';
+import { getClaimedFiles } from '../core/patch-manifest.js';
+import { GeneralError, InvalidArgumentError } from '../errors/base.js';
+import { pathExists } from '../utils/fs.js';
+import { cancel, info, isCancel, warn } from '../utils/logger.js';
+import { isContainedRelativePath, normalizePathSlashes, stripEnginePrefix, } from '../utils/paths.js';
+const SCAN_ADD_COUNT_THRESHOLD = 3;
+const SCAN_DIR_COUNT_THRESHOLD = 2;
+/** Normalizes repeatable `--scan-file` inputs into safe engine-relative paths. */
+export function normalizeScanFiles(scanFiles) {
+    const normalized = [...new Set(scanFiles ?? [])]
+        .map((file) => normalizeEngineRelativeInput(file, '--scan-file'))
+        .sort();
+    return normalized.length > 0 ? normalized : undefined;
+}
+function normalizeEngineRelativeInput(rawPath, flagName) {
+    const normalized = normalizePathSlashes(stripEnginePrefix(rawPath).trim());
+    if (normalized.length === 0) {
+        throw new InvalidArgumentError(`${flagName} requires a non-empty engine-relative path.`, flagName);
+    }
+    if (!isContainedRelativePath(normalized)) {
+        throw new InvalidArgumentError(`${flagName} path must stay within engine/: ${rawPath}`, flagName);
+    }
+    return normalized;
+}
+/** Scans either broad sibling directories or explicit `--scan-file` paths for re-export. */
+export async function scanPatchFilesForReExport(args) {
+    const { scanFiles } = args;
+    if (scanFiles !== undefined) {
+        return scanPatchFilesTargeted({ ...args, scanFiles });
+    }
+    return scanPatchFiles(args);
+}
+async function scanPatchFiles(args) {
+    const { currentFilesAffected, engineDir, manifest, patchFilename, isDryRun } = args;
+    const parentDirs = [...new Set(currentFilesAffected.map((f) => dirname(f)))];
+    const claimedByOthers = getClaimedFiles(manifest, patchFilename);
+    const discoveredFiles = new Set();
+    for (const dir of parentDirs) {
+        const modifiedFiles = await getModifiedFilesInDir(engineDir, dir);
+        const untrackedFiles = await getUntrackedFilesInDir(engineDir, dir);
+        for (const f of [...modifiedFiles, ...untrackedFiles])
+            discoveredFiles.add(f);
+    }
+    const currentSet = new Set(currentFilesAffected);
+    const added = [...discoveredFiles]
+        .filter((f) => !currentSet.has(f) && !claimedByOthers.has(f))
+        .sort();
+    const removed = await findRemovedFiles(currentFilesAffected, engineDir);
+    return reportScanResult(currentFilesAffected, patchFilename, isDryRun, added, removed);
+}
+async function scanPatchFilesTargeted(args) {
+    const { currentFilesAffected, engineDir, manifest, patchFilename, isDryRun, scanFiles } = args;
+    const currentSet = new Set(currentFilesAffected);
+    const claimedByOthers = getClaimedFiles(manifest, patchFilename);
+    const added = [];
+    for (const file of scanFiles) {
+        if (claimedByOthers.has(file)) {
+            throw new InvalidArgumentError(`--scan-file path is already claimed by another patch: ${file}`, '--scan-file');
+        }
+        if (!(await pathExists(join(engineDir, file)))) {
+            throw new InvalidArgumentError(`--scan-file path not found in engine/: ${file}`, '--scan-file');
+        }
+        if (!currentSet.has(file))
+            added.push(file);
+    }
+    const removed = await findRemovedFiles(currentFilesAffected, engineDir);
+    return reportScanResult(currentFilesAffected, patchFilename, isDryRun, added.sort(), removed);
+}
+async function findRemovedFiles(files, engineDir) {
+    const removed = [];
+    for (const file of files) {
+        if (!(await pathExists(join(engineDir, file))))
+            removed.push(file);
+    }
+    return removed.sort();
+}
+function reportScanResult(currentFilesAffected, patchFilename, isDryRun, added, removed) {
+    for (const f of added)
+        info(`  + ${f}`);
+    for (const f of removed)
+        info(`  - ${f}`);
+    if (added.length === 0 && removed.length === 0) {
+        return { updated: currentFilesAffected, added: [], removed: [] };
+    }
+    const removedSet = new Set(removed);
+    const updated = [...currentFilesAffected.filter((f) => !removedSet.has(f)), ...added].sort();
+    info(`  ${isDryRun ? 'Would update' : 'Updated'} ${patchFilename}: +${added.length} / -${removed.length} files`);
+    return { updated, added, removed };
+}
+/**
+ * Confirms broad directory-scan additions before a mutating re-export writes
+ * them into patch ownership.
+ */
+export async function confirmBroadScanAdditions(args) {
+    const { patchFilename, added, isDryRun, yes, isInteractive } = args;
+    if (isDryRun || yes || !scanAdditionsNeedConfirmation(added))
+        return true;
+    const dirCount = new Set(added.map((f) => dirname(f))).size;
+    warn(`${patchFilename}: --scan would add ${String(added.length)} file(s) that span ${String(dirCount)} director${dirCount === 1 ? 'y' : 'ies'}. ` +
+        'Broad scans can silently pull adjacent features into a patch — review the diff before continuing.');
+    if (!isInteractive) {
+        throw new GeneralError(`Refusing to broaden "${patchFilename}" via --scan in non-interactive mode. ` +
+            'Pass --yes to acknowledge the expansion, or run with --dry-run first to review.');
+    }
+    const confirmed = await confirm({
+        message: `Proceed and broaden ${patchFilename} with ${String(added.length)} newly discovered file(s)?`,
+        initialValue: false,
+    });
+    if (isCancel(confirmed) || !confirmed) {
+        cancel(`Skipped ${patchFilename}`);
+        return false;
+    }
+    return true;
+}
+function scanAdditionsNeedConfirmation(added) {
+    if (added.length === 0)
+        return false;
+    if (added.length > SCAN_ADD_COUNT_THRESHOLD)
+        return true;
+    return new Set(added.map((f) => dirname(f))).size >= SCAN_DIR_COUNT_THRESHOLD;
+}
+/** Refuses explicit `--scan-file` additions that did not produce patch hunks. */
+export function assertScanFileAdditionsHaveDiffHunks(args) {
+    const { diffContent, patchFilename, previousFilesAffected, scanFiles } = args;
+    if (scanFiles === undefined)
+        return;
+    const previous = new Set(previousFilesAffected);
+    const diffFiles = new Set(extractAffectedFiles(diffContent));
+    const noDiffScanFiles = scanFiles.filter((file) => !previous.has(file) && !diffFiles.has(file));
+    if (noDiffScanFiles.length === 0)
+        return;
+    throw new InvalidArgumentError(`Refusing to re-export ${patchFilename} with --scan-file because ${noDiffScanFiles.length} explicit added path${noDiffScanFiles.length === 1 ? '' : 's'} produced no diff hunks (${noDiffScanFiles.join(', ')}). Remove unchanged paths or modify them before retrying.`, '--scan-file');
+}
+//# sourceMappingURL=re-export-scan.js.map

package/dist/src/commands/re-export.js

@@ -1,136 +1,53 @@
 // SPDX-License-Identifier: EUPL-1.2
-import { dirname, join } from 'node:path';
-import { confirm, multiselect } from '@clack/prompts';
+import { join } from 'node:path';
+import { multiselect } from '@clack/prompts';
 import { Option } from 'commander';
 import { getProjectPaths, loadConfig } from '../core/config.js';
 import { isGitRepository } from '../core/git.js';
 import { getDiffForFilesAgainstHead } from '../core/git-diff.js';
-import { getModifiedFilesInDir, getUntrackedFilesInDir } from '../core/git-status.js';
 import { updatePatchAndMetadata } from '../core/patch-export.js';
-import { getClaimedFiles, loadPatchesManifest, resolvePatchIdentifier, stampPatchVersions, } from '../core/patch-manifest.js';
+import { loadPatchesManifest, resolvePatchIdentifier, stampPatchVersions, } from '../core/patch-manifest.js';
 import { buildProjectedManifest, enforcePatchPolicy } from '../core/patch-policy.js';
 import { GeneralError, InvalidArgumentError } from '../errors/base.js';
 import { toError } from '../utils/errors.js';
 import { pathExists } from '../utils/fs.js';
 import { cancel, info, intro, isCancel, outro, spinner, success, warn } from '../utils/logger.js';
-/**
- * Threshold above which `--scan` must be explicitly confirmed. Values were
- * picked so the common "refresh after one-or-two-file tweak" case stays
- * frictionless while catching the eval finding #13 scenario where `--scan`
- * silently pulled in an entire sibling feature (xhtml + tests + theme CSS).
- */
-const SCAN_ADD_COUNT_THRESHOLD = 3;
-const SCAN_DIR_COUNT_THRESHOLD = 2;
 import { pickDefined } from '../utils/options.js';
 import { runPatchLint } from './export-shared.js';
 import { reExportFilesInPlace } from './re-export-files.js';
-async function scanPatchFiles(currentFilesAffected, engineDir, manifest, patchFilename, isDryRun) {
-    const parentDirs = [...new Set(currentFilesAffected.map((f) => dirname(f)))];
-    const claimedByOthers = getClaimedFiles(manifest, patchFilename);
-    const discoveredFiles = new Set();
-    for (const dir of parentDirs) {
-        const modifiedFiles = await getModifiedFilesInDir(engineDir, dir);
-        const untrackedFiles = await getUntrackedFilesInDir(engineDir, dir);
-        for (const f of [...modifiedFiles, ...untrackedFiles]) {
-            discoveredFiles.add(f);
-        }
-    }
-    const currentSet = new Set(currentFilesAffected);
-    const added = [];
-    for (const f of discoveredFiles) {
-        if (!currentSet.has(f) && !claimedByOthers.has(f)) {
-            added.push(f);
-        }
-    }
-    const removed = [];
-    for (const f of currentFilesAffected) {
-        const filePath = join(engineDir, f);
-        if (!(await pathExists(filePath))) {
-            removed.push(f);
-        }
-    }
-    const sortedAdded = [...added].sort();
-    const sortedRemoved = [...removed].sort();
-    for (const f of sortedAdded) {
-        info(`  + ${f}`);
-    }
-    for (const f of sortedRemoved) {
-        info(`  - ${f}`);
-    }
-    if (added.length > 0 || removed.length > 0) {
-        const removedSet = new Set(removed);
-        const updated = [...currentFilesAffected.filter((f) => !removedSet.has(f)), ...added].sort();
-        info(`  ${isDryRun ? 'Would update' : 'Updated'} ${patchFilename}: +${added.length} / -${removed.length} files`);
-        return { updated, added: sortedAdded, removed: sortedRemoved };
-    }
-    return { updated: currentFilesAffected, added: [], removed: [] };
-}
-/**
- * Returns true when the caller-confirmed threshold is exceeded for this
- * scan's additions. The heuristic treats "small, same-directory" additions
- * as friction-free (the common refresh case) and flags larger or
- * multi-directory expansions so operators see them before they land.
- *
- * Pre-0.16.0 `--scan` silently broadened patches to include any modified or
- * untracked file that shared a parent directory with the existing
- * filesAffected — in practice, pulling adjacent feature code into a patch
- * that had nothing to do with it. The gate below turns the broadening into
- * an explicit opt-in.
- */
-function scanAdditionsNeedConfirmation(added) {
-    if (added.length === 0)
-        return false;
-    if (added.length > SCAN_ADD_COUNT_THRESHOLD)
-        return true;
-    const dirs = new Set(added.map((f) => dirname(f)));
-    return dirs.size >= SCAN_DIR_COUNT_THRESHOLD;
-}
-/**
- * Gate for broad `--scan` additions. Enforces explicit acknowledgement when
- * the scan would pull in more files than a narrow refresh. Dry-run always
- * proceeds (the preview is the whole point).
- *
- * @returns true if the caller should proceed; false if the user cancelled.
- */
-async function confirmBroadScanAdditions(args) {
-    const { patchFilename, added, isDryRun, yes, isInteractive } = args;
-    if (isDryRun)
-        return true;
-    if (!scanAdditionsNeedConfirmation(added))
-        return true;
-    if (yes)
-        return true;
-    warn(`${patchFilename}: --scan would add ${String(added.length)} file(s) that span ${String(new Set(added.map((f) => dirname(f))).size)} director${new Set(added.map((f) => dirname(f))).size === 1 ? 'y' : 'ies'}. ` +
-        'Broad scans can silently pull adjacent features into a patch — review the diff before continuing.');
-    if (!isInteractive) {
-        throw new GeneralError(`Refusing to broaden "${patchFilename}" via --scan in non-interactive mode. ` +
-            'Pass --yes to acknowledge the expansion, or run with --dry-run first to review.');
-    }
-    const confirmed = await confirm({
-        message: `Proceed and broaden ${patchFilename} with ${String(added.length)} newly discovered file(s)?`,
-        initialValue: false,
-    });
-    if (isCancel(confirmed) || !confirmed) {
-        cancel(`Skipped ${patchFilename}`);
-        return false;
+import { assertScanFileAdditionsHaveDiffHunks, confirmBroadScanAdditions, normalizeScanFiles, scanPatchFilesForReExport, } from './re-export-scan.js';
+async function findMissingFiles(engineDir, files) {
+    const missingFiles = [];
+    for (const file of files) {
+        if (!(await pathExists(join(engineDir, file))))
+            missingFiles.push(file);
     }
-    return true;
+    return missingFiles;
 }
 async function reExportSinglePatch(patch, paths, manifest, options, isDryRun, config) {
     let currentFilesAffected = [...patch.filesAffected];
     // --- Scan for new/removed files ---
     if (options.scan) {
-        const scanResult = await scanPatchFiles(currentFilesAffected, paths.engine, manifest, patch.filename, isDryRun);
-        const isInteractive = process.stdin.isTTY && process.stdout.isTTY;
-        const proceed = await confirmBroadScanAdditions({
+        const scanResult = await scanPatchFilesForReExport({
+            currentFilesAffected,
+            engineDir: paths.engine,
+            manifest,
             patchFilename: patch.filename,
-            added: scanResult.added,
             isDryRun,
-            yes: options.yes === true,
-            isInteractive,
+            ...(options.scanFiles !== undefined ? { scanFiles: options.scanFiles } : {}),
         });
-        if (!proceed) {
-            return false;
+        if (options.scanFiles === undefined) {
+            const isInteractive = process.stdin.isTTY && process.stdout.isTTY;
+            const proceed = await confirmBroadScanAdditions({
+                patchFilename: patch.filename,
+                added: scanResult.added,
+                isDryRun,
+                yes: options.yes === true,
+                isInteractive,
+            });
+            if (!proceed) {
+                return false;
+            }
         }
         currentFilesAffected = scanResult.updated;
     }
@@ -144,12 +61,7 @@ async function reExportSinglePatch(patch, paths, manifest, options, isDryRun, co
         // warning up-front when we can detect the drift cheaply, so the
         // operator has a chance to re-run with `--scan` or `--files`
         // before the stale filesAffected lands in patches.json.
-        const missingFiles = [];
-        for (const file of currentFilesAffected) {
-            if (!(await pathExists(join(paths.engine, file)))) {
-                missingFiles.push(file);
-            }
-        }
+        const missingFiles = await findMissingFiles(paths.engine, currentFilesAffected);
         if (missingFiles.length > 0) {
             warn(`${patch.filename}: some files in patches.json no longer exist on disk ` +
                 `(${missingFiles.join(', ')}). Without --scan, re-export keeps the manifest's ` +
@@ -175,13 +87,7 @@ async function reExportSinglePatch(patch, paths, manifest, options, isDryRun, co
         for (const f of removed)
             info(`  - ${f}`);
     }
-    const missingFiles = [];
-    for (const file of currentFilesAffected) {
-        const filePath = join(paths.engine, file);
-        if (!(await pathExists(filePath))) {
-            missingFiles.push(file);
-        }
-    }
+    const missingFiles = await findMissingFiles(paths.engine, currentFilesAffected);
     if (missingFiles.length === currentFilesAffected.length) {
         warn(`Skipped ${patch.filename}: all affected files missing`);
         warn(`Missing files: ${missingFiles.join(', ')}`);
@@ -193,6 +99,12 @@ async function reExportSinglePatch(patch, paths, manifest, options, isDryRun, co
     const missingSet = new Set(missingFiles);
     const existingFiles = currentFilesAffected.filter((f) => !missingSet.has(f));
     const diffContent = await getDiffForFilesAgainstHead(paths.engine, existingFiles);
+    assertScanFileAdditionsHaveDiffHunks({
+        diffContent,
+        patchFilename: patch.filename,
+        previousFilesAffected: patch.filesAffected,
+        scanFiles: options.scanFiles,
+    });
     if (!diffContent.trim()) {
         warn(`Skipped ${patch.filename}: no changes (files unchanged from HEAD)`);
         return false;
@@ -317,6 +229,15 @@ async function resolveSelectedPatches(patches, options, manifest) {
  * @param options - Re-export options
  */
 export async function reExportCommand(projectRoot, patches, options) {
+    const normalizedScanFiles = normalizeScanFiles(options.scanFiles);
+    if (normalizedScanFiles !== undefined) {
+        options = { ...options, scanFiles: normalizedScanFiles };
+    }
+    else if (options.scanFiles !== undefined) {
+        const cleanedOptions = { ...options };
+        delete cleanedOptions.scanFiles;
+        options = cleanedOptions;
+    }
     const isDryRun = options.dryRun === true;
     intro(isDryRun ? 'FireForge Re-export (dry run)' : 'FireForge Re-export');
     // --files is mutually exclusive with --scan and --all: they select
@@ -329,6 +250,14 @@ export async function reExportCommand(projectRoot, patches, options) {
             throw new InvalidArgumentError('--files operates on exactly one target patch. Pass a single patch identifier.', '--files');
         }
     }
+    if (options.scanFiles !== undefined) {
+        if (!options.scan) {
+            throw new InvalidArgumentError('--scan-file requires --scan.', '--scan-file');
+        }
+        if (options.all || patches.length !== 1) {
+            throw new InvalidArgumentError('--scan-file operates on exactly one target patch. Pass a single patch identifier.', '--scan-file');
+        }
+    }
     // --tier and --lint-ignore are per-patch metadata edits; combining them
     // with --all silently rewrites every patch's tier/ignore list, which is
     // virtually always wrong (different patches have different shapes).
@@ -434,6 +363,7 @@ export function registerReExport(program, { getProjectRoot, withErrorHandling })
         'version stamping.')
         .option('-a, --all', 'Re-export all patches')
         .option('-s, --scan', 'Scan directories for new/removed files and update filesAffected')
+        .option('--scan-file <path>', 'With --scan, add this explicit engine-relative file to one target patch without collecting adjacent files. Repeatable.', (value, prev) => [...prev, value], [])
         .option('--files <paths>', 'Restrict the re-exported filesAffected to this comma-separated list (single target patch only)', (value) => value
         .split(',')
         .map((v) => v.trim())
@@ -446,9 +376,10 @@ export function registerReExport(program, { getProjectRoot, withErrorHandling })
         .addOption(new Option('--tier <tier>', 'Force a tier override on the selected patch (only "branding" recognised). Mutually exclusive with --all.').choices(['branding']))
         .option('--lint-ignore <check-id>', 'Append a lint check ID to the patch\'s PatchMetadata.lintIgnore (union, de-duped, repeatable). Mutually exclusive with --all. Use "fireforge patch lint-ignore" for --remove / --clear.', (value, prev) => [...prev, value], [])
         .action(withErrorHandling(async (patches, options) => {
-        const { tier, lintIgnore, ...rest } = options;
+        const { tier, lintIgnore, scanFile, ...rest } = options;
         await reExportCommand(getProjectRoot(), patches, {
             ...pickDefined(rest),
+            ...(scanFile !== undefined && scanFile.length > 0 ? { scanFiles: scanFile } : {}),
             ...(tier !== undefined ? { tier: tier } : {}),
             ...(lintIgnore !== undefined && lintIgnore.length > 0 ? { lintIgnore } : {}),
         });

package/dist/src/core/branding.js

@@ -53,6 +53,7 @@ export class BrandingMozconfigMismatchError extends FireForgeError {
             'The mismatch is caught before mach builds because resolving the build against the wrong branding tree fails deep in moz.build with a confusing "path does not exist" message.');
     }
 }
+const MOZ_APP_VENDOR_IMPLY_REGEX = /imply_option\("MOZ_APP_VENDOR",\s*"[^"]*"\)/;
 /**
  * Sets up the custom branding directory for the browser.
  *
@@ -76,29 +77,30 @@ export async function setupBranding(engineDir, config) {
     if (!(await pathExists(brandingDir))) {
         await copyDir(unofficialDir, brandingDir);
     }
+    const vendorPlacement = await resolveVendorPlacement(engineDir);
     // Create/update configure.sh with custom values
-    await createConfigureScript(brandingDir, config);
+    await createConfigureScript(brandingDir, config, vendorPlacement);
     // Update localization files
     await updateBrandProperties(brandingDir, config);
     await updateBrandFtl(brandingDir, config);
     // Patch moz.configure for MOZ_APP_VENDOR
-    await patchMozConfigure(engineDir, config);
+    await patchMozConfigure(engineDir, config, vendorPlacement);
 }
 /**
  * Creates the branding configure.sh script.
  */
-async function createConfigureScript(brandingDir, config) {
+async function createConfigureScript(brandingDir, config, vendorPlacement) {
     const configureShPath = join(brandingDir, 'configure.sh');
-    await writeTextIfChanged(configureShPath, buildConfigureScriptContent(config));
+    await writeTextIfChanged(configureShPath, buildConfigureScriptContent(config, vendorPlacement));
 }
-function buildConfigureScriptContent(config) {
+function buildConfigureScriptContent(config, vendorPlacement) {
     const header = getLicenseHeader(config.license ?? DEFAULT_LICENSE, 'hash');
-    return `${header}
-
-MOZ_APP_DISPLAYNAME="${escapeShellValue(config.name)}"
-MOZ_APP_VENDOR="${escapeShellValue(config.vendor)}"
-MOZ_MACBUNDLE_ID="${escapeShellValue(config.appId)}"
-`;
+    const lines = [`MOZ_APP_DISPLAYNAME="${escapeShellValue(config.name)}"`];
+    if (vendorPlacement === 'branding-configure') {
+        lines.push(`MOZ_APP_VENDOR="${escapeShellValue(config.vendor)}"`);
+    }
+    lines.push(`MOZ_MACBUNDLE_ID="${escapeShellValue(config.appId)}"`);
+    return `${header}\n\n${lines.join('\n')}\n`;
 }
 /**
  * Updates the brand.properties localization file.
@@ -150,30 +152,66 @@ trademarkInfo = { " " }
 }
 /**
  * Patches browser/moz.configure to set custom vendor when the upstream
- * configure surface still owns an existing MOZ_APP_VENDOR imply_option.
- *
- * Newer FireForge branding writes MOZ_APP_VENDOR from the branding-owned
- * configure.sh instead, so an absent browser/moz.configure line is valid.
- * Keeping this best-effort replacement preserves compatibility for queues
- * that still carry the older process-wide registration line.
+ * configure surface owns MOZ_APP_VENDOR as a project flag. ESR 140 rejects
+ * branding configure.sh / confvars origins for that flag, so the value must
+ * come from imply_option.
  */
-async function patchMozConfigure(engineDir, config) {
+async function patchMozConfigure(engineDir, config, vendorPlacement) {
+    if (vendorPlacement !== 'moz-configure') {
+        return;
+    }
     const mozConfigurePath = join(engineDir, 'browser', 'moz.configure');
     if (!(await pathExists(mozConfigurePath))) {
         return;
     }
     let content = await readText(mozConfigurePath);
-    // Replace MOZ_APP_VENDOR imply_option
-    const vendorRegex = /imply_option\("MOZ_APP_VENDOR",\s*"[^"]*"\)/;
-    if (!vendorRegex.test(content)) {
-        return;
+    if (MOZ_APP_VENDOR_IMPLY_REGEX.test(content)) {
+        content = content.replace(MOZ_APP_VENDOR_IMPLY_REGEX, buildMozConfigureVendorLine(config));
+    }
+    else {
+        content = insertMozConfigureVendorLine(content, buildMozConfigureVendorLine(config));
     }
-    content = content.replace(vendorRegex, buildMozConfigureVendorLine(config));
     await writeTextIfChanged(mozConfigurePath, content);
 }
 function buildMozConfigureVendorLine(config) {
     return `imply_option("MOZ_APP_VENDOR", "${escapeString(config.vendor)}")`;
 }
+async function resolveVendorPlacement(engineDir) {
+    const mozConfigurePath = join(engineDir, 'browser', 'moz.configure');
+    const toolkitMozConfigurePath = join(engineDir, 'toolkit', 'moz.configure');
+    const browserMozConfigureExists = await pathExists(mozConfigurePath);
+    const browserMozConfigureContent = browserMozConfigureExists
+        ? await readText(mozConfigurePath)
+        : undefined;
+    if (browserMozConfigureContent !== undefined &&
+        MOZ_APP_VENDOR_IMPLY_REGEX.test(browserMozConfigureContent)) {
+        return 'moz-configure';
+    }
+    if (await toolkitMozConfigureUsesVendorProjectFlag(toolkitMozConfigurePath)) {
+        if (!browserMozConfigureExists) {
+            throw new BrandingError('Firefox toolkit configure declares MOZ_APP_VENDOR as a project_flag, but browser/moz.configure is missing, so FireForge cannot safely set the vendor identity.');
+        }
+        return 'moz-configure';
+    }
+    return 'branding-configure';
+}
+async function toolkitMozConfigureUsesVendorProjectFlag(filePath) {
+    if (!(await pathExists(filePath))) {
+        return false;
+    }
+    const content = await readText(filePath);
+    return /project_flag\(\s*(?:(?!\)\s*\n)[\s\S])*env\s*=\s*"MOZ_APP_VENDOR"/m.test(content);
+}
+function insertMozConfigureVendorLine(content, line) {
+    const includeRegex = /^include\((["'])\.\.\/toolkit\/moz\.configure\1\)\s*$/m;
+    const match = includeRegex.exec(content);
+    if (!match) {
+        return `${content.replace(/\s*$/, '')}\n\n${line}\n`;
+    }
+    const prefix = content.slice(0, match.index).replace(/\s*$/, '');
+    const suffix = content.slice(match.index);
+    return `${prefix}\n\n${line}\n${suffix}`;
+}
 /**
  * Escapes a string for use in Python/configure file.
  */
@@ -230,8 +268,9 @@ export async function isBrandingSetup(engineDir, config) {
     if (!(await pathExists(configureShPath))) {
         return false;
     }
+    const vendorPlacement = await resolveVendorPlacement(engineDir);
     const configureContent = await readText(configureShPath);
-    if (configureContent !== buildConfigureScriptContent(config)) {
+    if (configureContent !== buildConfigureScriptContent(config, vendorPlacement)) {
         return false;
     }
     if (await pathExists(propsPath)) {
@@ -246,7 +285,15 @@ export async function isBrandingSetup(engineDir, config) {
             return false;
         }
     }
-    return configureContent.includes(`MOZ_APP_VENDOR="${escapeShellValue(config.vendor)}"`);
+    if (vendorPlacement === 'branding-configure') {
+        return configureContent.includes(`MOZ_APP_VENDOR="${escapeShellValue(config.vendor)}"`);
+    }
+    const mozConfigurePath = join(engineDir, 'browser', 'moz.configure');
+    if (!(await pathExists(mozConfigurePath))) {
+        return false;
+    }
+    const mozConfigureContent = await readText(mozConfigurePath);
+    return mozConfigureContent.includes(buildMozConfigureVendorLine(config));
 }
 /**
  * Checks whether a file path belongs to the tool-managed branding directory.

package/dist/src/types/commands/options.d.ts

@@ -164,6 +164,12 @@ export interface ReExportOptions {
     all?: boolean;
     /** Scan directories for new/removed files and update filesAffected */
     scan?: boolean;
+    /**
+     * Explicit engine-relative files to add while scanning. Unlike broad
+     * `--scan`, this does not collect adjacent files from the same directory.
+     * Requires `--scan` and exactly one target patch.
+     */
+    scanFiles?: string[];
     /**
      * Restrict the re-exported patch's filesAffected to this explicit list.
      * Files currently in the patch but not in this list are dropped (shrink);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hominis/fireforge",
-  "version": "0.24.0",
+  "version": "0.26.0",
   "description": "FireForge — a build tool for customizing Firefox",
   "type": "module",
   "main": "./dist/src/index.js",
@@ -29,13 +29,14 @@
     "test:watch": "vitest",
     "test:coverage": "vitest run --coverage && node ./scripts/check-coverage-thresholds.mjs",
     "test:firefox-full": "node ./scripts/run-full-firefox-integration.mjs",
+    "whitespace:check": "node ./scripts/check-worktree-whitespace.mjs",
     "pack:verify": "vitest run src/__tests__/wrapper-smoke.test.ts",
     "pack:dry-run": "npm pack --dry-run --json --silent",
     "format": "prettier --write --ignore-unknown \"src/**/*.ts\" \"bin/**/*.ts\" \"scripts/**/*.mjs\" \"package.json\" \"eslint.config.js\" \"vitest.config.ts\" \"tsconfig.json\" \"tsconfig.build.json\" \".lintstagedrc.json\" \".prettierignore\" \".prettierrc\" \".gitignore\" \"README.md\" \"CHANGELOG.md\"",
     "format:check": "prettier --check --ignore-unknown \"src/**/*.ts\" \"bin/**/*.ts\" \"scripts/**/*.mjs\" \"package.json\" \"eslint.config.js\" \"vitest.config.ts\" \"tsconfig.json\" \"tsconfig.build.json\" \".lintstagedrc.json\" \".prettierignore\" \".prettierrc\" \".gitignore\" \"README.md\" \"CHANGELOG.md\"",
     "prepare": "node -e \"import('./scripts/prepare.mjs').catch((error) => { if (error && typeof error === 'object' && 'code' in error && error.code === 'ERR_MODULE_NOT_FOUND') process.exit(0); throw error; })\"",
     "prepack": "npm run build",
-    "release:check": "npm run format:check && npm run lint:ci && npm run typecheck && npm run test:coverage && npm run pack:verify && npm run pack:dry-run",
+    "release:check": "npm run format:check && npm run whitespace:check && npm run lint:ci && npm run typecheck && npm run test:coverage && npm run pack:verify && npm run pack:dry-run",
     "prepublishOnly": "npm run release:check"
   },
   "files": [
@@ -79,7 +80,7 @@
     "vitest": "^4.0.18"
   },
   "engines": {
-    "node": ">=20.0.0"
+    "node": ">=22.22.1"
   },
   "packageManager": "npm@11.12.1",
   "license": "EUPL-1.2",