@jefuriiij/synthra 0.1.19 → 0.1.20

package/CHANGELOG.md

@@ -7,6 +7,34 @@ For older versions, see [GitHub Releases](https://github.com/jefuriiij/synthra/r
 
 ---
 
+## [0.1.20] — 2026-06-06
+
+### Fixed
+
+- **Gate (Moat) no longer blocks Grep/Glob queries the graph cannot answer with a symbol.**
+  Previously, the PreToolUse gate blocked whenever retrieval confidence was `medium` or `high`,
+  but confidence is driven by keyword and path hits too — not only by symbol matches. This meant
+  literal/attribute/CSS-selector patterns (`data-tour=`, `class=`, `: 100%`, `.filter-bar`,
+  `<div>`) and path-only Globs were blocked and redirected to `graph_read`, which has no symbol
+  slice to return for those queries, so Claude fell back to Grep or a whole-file Read anyway —
+  a wasted round-trip. Found across multiple dogfood sessions including well-indexed Svelte
+  repos. Two new guards close the gap:
+  - **Query-shape pre-filter** — Grep patterns that target markup, CSS, attributes, or string
+    literals are allowed through up front, before the retrieval step runs.
+  - **Symbol-hit requirement** — the gate now only blocks when retrieval matched a symbol whose
+    name the query mentions exactly. `RetrievalResult` gained a `symbolMatched` flag; the scorer
+    exposes `exactSym`.
+
+  Net effect: genuine symbol lookups still block (verified: `fetchWith429Retry`,
+  `MAX_ROWS_PER_TABLE`, `verifyPin`, `SOCKET_AUTH_SECRET`, `seedCredentials`); queries that
+  could never have been answered by the graph now allow through without the wasted redirect.
+  No API, protocol, or policy-block change — purely server-side gate behavior.
+
+- **Gate and rank test coverage added** (`tests/gate.test.ts`, `tests/rank.test.ts`).
+  Chips at the v0.2 backlog item to fill vitest tests beyond `it.todo` placeholders.
+
+---
+
 ## [0.1.19] — 2026-06-01
 
 ### Changed

package/dist/cli/index.js

@@ -18,7 +18,7 @@ var init_package = __esm({
   "package.json"() {
     package_default = {
       name: "@jefuriiij/synthra",
-      version: "0.1.19",
+      version: "0.1.20",
       publishConfig: {
         access: "public"
       },
@@ -3623,10 +3623,12 @@ function scoreFiles(inputs) {
     }
     const symbols = symbolsByFile.get(file.path) ?? [];
     let symHits = 0;
+    let exactSym = 0;
     for (const sym of symbols) {
       const name = sym.name.toLowerCase();
       if (qTokens.has(name)) {
         symHits += 3;
+        exactSym += 1;
       } else {
         for (const t of qTokens) {
           if (name.includes(t) || t.includes(name)) {
@@ -3651,7 +3653,7 @@ function scoreFiles(inputs) {
       score2 += 5;
       reasons.push("seed");
     }
-    scored.push({ file, score: score2, reasons });
+    scored.push({ file, score: score2, reasons, symHits, exactSym });
   }
   const positivePaths = new Set(scored.filter((s) => s.score > 0).map((s) => s.file.path));
   if (positivePaths.size > 0) {
@@ -3686,7 +3688,8 @@ async function retrieve(graph, query, options = {}) {
     return {
       files: [],
       confidence: "low",
-      reason: qTokens.length === 0 ? "empty query" : "empty graph"
+      reason: qTokens.length === 0 ? "empty query" : "empty graph",
+      symbolMatched: false
     };
   }
   const rankInputs = {
@@ -3702,10 +3705,13 @@ async function retrieve(graph, query, options = {}) {
     return {
       files: [],
       confidence: "low",
-      reason: `no matches for ${JSON.stringify(qTokens)}`
+      reason: `no matches for ${JSON.stringify(qTokens)}`,
+      symbolMatched: false
     };
   }
-  const top = positive.slice(0, topK).map((s) => s.file);
+  const topScored = positive.slice(0, topK);
+  const top = topScored.map((s) => s.file);
+  const symbolMatched = topScored.some((s) => s.exactSym > 0);
   const topScore = positive[0]?.score ?? 0;
   const secondScore = positive[1]?.score ?? 0;
   let confidence;
@@ -3717,7 +3723,8 @@ async function retrieve(graph, query, options = {}) {
   return {
     files: top,
     confidence,
-    reason: `top: ${reasons}`
+    reason: `top: ${reasons}`,
+    symbolMatched
   };
 }
 
@@ -4552,6 +4559,16 @@ function extractQuery(toolName, input) {
   }
   return null;
 }
+function looksLikeNonSymbolQuery(pattern) {
+  if (/<\/?[a-zA-Z]/.test(pattern)) return true;
+  if (/[a-zA-Z][\w-]*-[\w-]*\s*=/.test(pattern)) return true;
+  if (/\{/.test(pattern)) return true;
+  if (/\\\.[a-zA-Z]/.test(pattern)) return true;
+  if (/:\s*\d/.test(pattern) || /\d(?:px|rem|em|vh|vw)\b/.test(pattern) || /\d%/.test(pattern)) {
+    return true;
+  }
+  return false;
+}
 function recentlyTouchedMatchesQuery(recentPaths, queryTokens) {
   const matches = [];
   for (const path of recentPaths) {
@@ -4593,6 +4610,14 @@ async function handleGate(req, ctx) {
     await logDecision(ctx, req.tool_name, null, res2.decision, res2.reason);
     return res2;
   }
+  if (req.tool_name === "Grep" && looksLikeNonSymbolQuery(query)) {
+    const res2 = {
+      decision: "allow",
+      reason: `"${query}" targets markup/CSS/attributes, not code symbols \u2014 letting Grep through (the graph indexes symbols).`
+    };
+    await logDecision(ctx, req.tool_name, query, res2.decision, res2.reason);
+    return res2;
+  }
   const retrieval = await retrieve(ctx.graph, query);
   if (retrieval.confidence === "low") {
     const res2 = {
@@ -4613,6 +4638,14 @@ async function handleGate(req, ctx) {
     await logDecision(ctx, req.tool_name, query, res2.decision, res2.reason);
     return res2;
   }
+  if (!retrieval.symbolMatched) {
+    const res2 = {
+      decision: "allow",
+      reason: `confidence=${retrieval.confidence} but only keyword/path matched (no symbol the query names) \u2014 graph_read can't slice it, letting ${req.tool_name} through.`
+    };
+    await logDecision(ctx, req.tool_name, query, res2.decision, res2.reason);
+    return res2;
+  }
   const top = retrieval.files.slice(0, 3).map((f) => f.path).join(", ");
   const res = {
     decision: "block",