@lcv-ideas-software/cross-review 4.0.1 → 4.0.3

package/CHANGELOG.md

@@ -7,6 +7,117 @@ standard `v00.00.00`; npm package versions remain SemVer.
 
 ## [Unreleased]
 
+## [v04.00.03] — 2026-05-15
+
+**Patch — biome integration to satisfy the 4-gate quality directive
+(operator 2026-05-15: eslint + biome + prettier + cross-review).** The
+repo had eslint + prettier covering the static gates but lacked biome.
+This release adds biome at parity with the 8 other workspace apps that
+already use it (admin-app, astrologo-frontend, calculadora-app,
+mainsite-frontend, mainsite-worker, mtasts-motor, oraculo-financeiro,
+sponsor-motor).
+
+### Added
+
+- `@biomejs/biome` (^2.4.0) devDep + `biome.json` config matching the
+  prettier conventions already in use (lineWidth 100, indent space 2,
+  double quotes, trailing commas all, semicolons always). Linter
+  enabled with `recommended` rules.
+- `npm run biome` (check-only) + `npm run biome:write` (with --write
+  auto-fix) scripts scoped to `src/` and `scripts/`.
+- `npm run check` aggregate script that runs all 4 statics:
+  `format:check && lint && biome && typecheck`. Single-command gate
+  for local + CI use.
+
+### Updated
+
+- `.github/workflows/ci.yml` adds an explicit `Biome (lint + format)`
+  step between `Lint (eslint)` and `Typecheck` for granular per-gate
+  visibility in CI logs.
+- `.github/workflows/publish.yml` adds a `Pre-publish gate (format +
+lint + biome + typecheck)` step calling `npm run check` before the
+  existing `npm test` verify step. Defense-in-depth: the publish
+  runner re-verifies the 4 statics independent of the CI workflow.
+
+### Fixed (biome --write --unsafe applied)
+
+- `scripts/smoke.ts`: 5 `lint/style/useTemplate` (prefer template
+  literals) + 1 `lint/correctness/noEmptyCharacterClassInRegex`
+  (the regex `[^]*?` flagged as negated-empty class → replaced with
+  `[\s\S]*?` which is semantically identical and lint-clean).
+- `src/peers/perplexity.ts`: 4 `lint/complexity/noUselessSwitchCase`
+  (collapsed cases that fell through to the same return).
+- `src/core/caller-tokens.ts`: 1 `lint/complexity/useOptionalChain`.
+- `src/observability/logger.ts`: 1
+  `lint/correctness/noUnusedPrivateClassMembers`.
+- 15 files received import-reorder auto-fixes (mostly grouping
+  `import type` vs `import` and sort order). Zero behavioral
+  change — typecheck + smoke + npm test all green post-fix.
+
+## [v04.00.02] — 2026-05-15
+
+**Patch — Codex second-pass audit close-out (6 findings).** v4.0.1 closed 8
+findings from the first Codex parecer; this v4.0.2 closes 6 additional
+items the second parecer flagged. None affects runtime semantics.
+
+### Fixed
+
+- **AUDIT-1 (MEDIUM) — lockfile version drift.** v4.0.1 bumped
+  `package.json` to `4.0.1` but the lockfile root `.version` and
+  `.packages[""].version` stayed at `4.0.0` (the `npm install` ran
+  during v4.0.0 captured deps, then the version bump didn't trigger a
+  re-resolve). Full reinstall this release brings the lockfile back to
+  the current `package.json` version. **Plus: new anti-drift smoke
+  marker `package_version_consistency_test`** asserts the four
+  equalities `pkg.name === pkg-lock.name`, `pkg-lock.name ===
+"@lcv-ideas-software/cross-review"`, `pkg.version === pkg-lock.version`,
+  `pkg.version === pkg-lock.packages[""].version`. Any future version
+  bump that forgets the `npm install` re-resolve fails smoke loudly
+  instead of slipping through to publish.
+- **AUDIT-2 (MEDIUM) — model-selection wording aligned with no-fallback
+  policy.** Both `docs/model-selection.md` and `src/peers/model-selection.ts`
+  were still describing "automatic model selection", "priority list",
+  and "documented fallback" — terms from the pre-v3.7.2 multi-model era.
+  The runtime has used canonical pins (one model per peer, no auto-chain)
+  since v3.7.2 (operator directive "sem fallback é sem fallback").
+  Updated docs + the `selected/candidates/reason` messages in
+  `selectFromCandidates`, `overrideSelection`, and the no-API-key
+  path to use canonical-pin language consistently. The `confidence`
+  classification logic is unchanged.
+- **AUDIT-3 (LOW) — SECURITY.md stub wording.** The doc said
+  `CROSS_REVIEW_STUB=1` alone is "ignored"; the code at
+  `src/peers/registry.ts:36-44` actually throws an explicit error
+  referencing the missing confirmation flag. Updated wording to
+  "rejected fail-fast" to match runtime behavior.
+- **AUDIT-4 (LOW) — README MCP tools list completed.** The README
+  Section listing the available tools had 22 entries; the runtime
+  exposes 28. Added the 6 missing tools:
+  `session_evidence_checklist_update`,
+  `session_evidence_judge_pass`,
+  `session_evidence_judge_consensus_pass`,
+  `session_judgment_precision_report`,
+  `contest_verdict`,
+  `regenerate_caller_tokens`.
+- **AUDIT-5 (LOW) — `docs/architecture.md` rename event.** The "Stable
+  Rename" section said the rename to `cross-review` happened at
+  `2.1.0`; the actual event is v4.0.0 on 2026-05-15 (this rename ship).
+  Rewrote the section to record v4.0.0 as the rename event and note
+  that prior names live only in dated changelog and memory.
+- **AUDIT-6 (MEDIUM) — StepSecurity post-rename detections triaged.**
+  Two new org-level suppression rules created:
+  (a) `Source-Code-Overwritten` for `*/dist/*` in
+  `.github/workflows/publish.yml` under the `Pre-publish gate (test +
+metadata)` job for repo `cross-review` (the prior cross-review-v2
+  rules no longer match after rename); (b)
+  `Action-Uses-Commit-From-Non-Default-Branch` for
+  `github/codeql-action*` (GitHub's release-branch model — tagged
+  versions cut from `releases/vN` not from default branch are
+  intended/audited by GitHub Security; rejecting would force less
+  secure tag-based usage). Plus 20 existing detections (19
+  Source-Code-Overwritten dist/\* + 1 codeql-action SHA) suppressed
+  per-detection via `update_detection_status` with rule-id citations
+  in the suppress reason.
+
 ## [v04.00.01] — 2026-05-15
 
 **Patch — close-out of post-v4.0.0 audit (eight surfaces left stale by the

package/README.md

@@ -193,7 +193,13 @@ these environment variables before running real sessions (example):
 - `session_report`
 - `session_check_convergence`
 - `session_attach_evidence`
+- `session_evidence_checklist_update`
+- `session_evidence_judge_pass`
+- `session_evidence_judge_consensus_pass`
+- `session_judgment_precision_report`
+- `contest_verdict`
 - `escalate_to_operator`
+- `regenerate_caller_tokens`
 - `session_sweep`
 - `session_finalize`
 

package/SECURITY.md

@@ -37,7 +37,7 @@ This repository employs:
 
 - **Multi-host concurrency.** Running two MCP host instances of `cross-review` against the same `CROSS_REVIEW_DATA_DIR` is **not supported**. The per-session lock has TTL + PID-liveness fallbacks that close the common cases but leave a narrow TOCTOU window when two hosts contend for the same session. If you need multi-host operation, point each instance at a distinct `CROSS_REVIEW_DATA_DIR` (introduced in v2.0; tilde expansion since v2.4.0) or share one host across all clients.
 - **API keys in memory.** `OPENAI_API_KEY`, `ANTHROPIC_API_KEY`, `GEMINI_API_KEY`, `DEEPSEEK_API_KEY` are loaded into `AppConfig.api_keys` at boot. The persistence layer redacts secrets via [`redact()`](./src/security/redact.ts) before any meta.json/event log write, but the in-memory object is not opaque — do not log `config` directly. Stack traces from SDK errors are passed through `safeErrorMessage()` which redacts known key shapes.
-- **Stub adapters.** `CROSS_REVIEW_STUB=1` alone is **ignored** since v2.4.0. To activate stubs, also set `NODE_ENV=test` OR `CROSS_REVIEW_STUB_CONFIRMED=1`. This double-confirmation prevents a stray dotenv variable from invalidating a cross-review used as a pre-commit gate.
+- **Stub adapters.** `CROSS_REVIEW_STUB=1` alone is **rejected fail-fast** since v2.4.0 — boot throws an explicit error referencing the missing confirmation flag, rather than silently demoting to real adapters. To deliberately activate stubs, set BOTH `CROSS_REVIEW_STUB=1` AND one of `NODE_ENV=test` OR `CROSS_REVIEW_STUB_CONFIRMED=1`. The double-confirmation prevents a stray dotenv variable from invalidating a cross-review used as a pre-commit gate.
 - **Dashboard HTTP.** The dashboard binds only to `127.0.0.1`. There is no authentication or rate-limit; same-machine processes can read all session metadata, costs and report markdown. Do not expose the dashboard port over a network without an authenticating reverse proxy.
 - **Untrusted callers.** The MCP `tools/list` schemas enforce per-field caps (`maxLength`, `pattern`) since v2.4.0 to defend against memory-exhaustion attempts via oversized `task`/`draft`/`prompt`. The trust boundary still assumes a cooperative caller — do not expose the stdio transport over a network socket without an authenticating proxy.
 - **Untrusted peers.** Peer streaming responses are capped at 16 MiB per call (`STREAM_TEXT_MAX_BYTES` since v2.4.0). The structured `<cross_review_status>` payload is rejected as malformed when it exceeds 64 KiB before `JSON.parse` runs.

package/dist/scripts/runtime-default-smoke.js.map

@@ -1 +1 @@
-{"version":3,"file":"runtime-default-smoke.js","sourceRoot":"","sources":["../../scripts/runtime-default-smoke.ts"],"names":[],"mappings":"AAAA,wGAAwG;AACxG,+DAA+D;AAC/D,mEAAmE;AACnE,wEAAwE;AACxE,wEAAwE;AACxE,sEAAsE;AACtE,0DAA0D;AAC1D,EAAE;AACF,gBAAgB;AAChB,0EAA0E;AAC1E,0EAA0E;AAC1E,wDAAwD;AACxD,yEAAyE;AACzE,4DAA4D;AAC5D,oEAAoE;AACpE,0EAA0E;AAC1E,2BAA2B;AAC3B,uDAAuD;AACvD,EAAE;AACF,qEAAqE;AACrE,yDAAyD;AACzD,oCAAoC;AACpC,8CAA8C;AAC9C,oCAAoC;AACpC,OAAO,OAAO,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,2BAA2B,EAAE,MAAM,sBAAsB,CAAC;AAGhF,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,2BAA2B,KAAK,GAAG,CAAC;AAChE,IAAI,CAAC,OAAO,EAAE,CAAC;IACb,OAAO,CAAC,GAAG,CACT,0FAA0F,CAC3F,CAAC;IACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,MAAM,WAAW,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;AAC1F,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;AAC5B,IAAI,QAAQ,GAAG,CAAC,CAAC;AAEjB,SAAS,IAAI,CAAC,KAAmB;IAC/B,qEAAqE;IACrE,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC;QAAE,OAAO;IACjD,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,OAAO,IAAI,EAAE,EAAE,CAAC,CAAC;AAC9D,CAAC;AAED,KAAK,UAAU,YAAY;IACzB,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC;IACjC,OAAO,CAAC,GAAG,CAAC,sCAAsC,KAAK,EAAE,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CACT,uDAAuD,KAAK,KAAK,2BAA2B,CAAC,KAAK,CAAC,EAAE,CACtG,CAAC;IACF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,MAAM,CAAC,CAAC;IACxC,MAAM,OAAO,GAAoB;QAC/B,UAAU,EAAE,sCAAsC;QAClD,KAAK,EAAE,CAAC;QACR,IAAI,EAAE,uBAAuB;QAC7B,IAAI;KACL,CAAC;IACF,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,QAAQ,CAAC,kCAAkC,EAAE,OAAO,CAAC,CAAC;QACnF,OAAO,CAAC,GAAG,CACT,+CAA+C,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,MAAM,CAAC,UAAU,KAAK,CACnG,CAAC;QACF,IAAI,CAAC,2BAA2B,CAAC,KAAK,CAAC,EAAE,CAAC;YACxC,OAAO,CAAC,GAAG,CACT,8GAA8G,CAC/G,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CACT,yFAAyF,CAC1F,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,IACE,oBAAoB,CAAC,IAAI,CAAC,OAAO,CAAC;YAClC,+CAA+C,CAAC,IAAI,CAAC,OAAO,CAAC,EAC7D,CAAC;YACD,OAAO,CAAC,GAAG,CACT,oHAAoH,OAAO,EAAE,CAC9H,CAAC;YACF,QAAQ,IAAI,CAAC,CAAC;QAChB,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CACT,sGAAsG,OAAO,EAAE,CAChH,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;IAC/B,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;QACpB,MAAM,YAAY,EAAE,CAAC;IACvB,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,gCAAgC,IAAI,4CAA4C,CAAC,CAAC;IAChG,CAAC;AACH,CAAC;AAED,IAAI,QAAQ,GAAG,CAAC,EAAE,CAAC;IACjB,OAAO,CAAC,KAAK,CAAC,2BAA2B,QAAQ,0BAA0B,CAAC,CAAC;IAC7E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AACD,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC"}
+{"version":3,"file":"runtime-default-smoke.js","sourceRoot":"","sources":["../../scripts/runtime-default-smoke.ts"],"names":[],"mappings":"AAAA,wGAAwG;AACxG,+DAA+D;AAC/D,mEAAmE;AACnE,wEAAwE;AACxE,wEAAwE;AACxE,sEAAsE;AACtE,0DAA0D;AAC1D,EAAE;AACF,gBAAgB;AAChB,0EAA0E;AAC1E,0EAA0E;AAC1E,wDAAwD;AACxD,yEAAyE;AACzE,4DAA4D;AAC5D,oEAAoE;AACpE,0EAA0E;AAC1E,2BAA2B;AAC3B,uDAAuD;AACvD,EAAE;AACF,qEAAqE;AACrE,yDAAyD;AACzD,oCAAoC;AACpC,8CAA8C;AAC9C,oCAAoC;AACpC,OAAO,OAAO,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAEnD,OAAO,EAAE,WAAW,EAAE,2BAA2B,EAAE,MAAM,sBAAsB,CAAC;AAEhF,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,2BAA2B,KAAK,GAAG,CAAC;AAChE,IAAI,CAAC,OAAO,EAAE,CAAC;IACb,OAAO,CAAC,GAAG,CACT,0FAA0F,CAC3F,CAAC;IACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,MAAM,WAAW,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;AAC1F,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;AAC5B,IAAI,QAAQ,GAAG,CAAC,CAAC;AAEjB,SAAS,IAAI,CAAC,KAAmB;IAC/B,qEAAqE;IACrE,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC;QAAE,OAAO;IACjD,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,OAAO,IAAI,EAAE,EAAE,CAAC,CAAC;AAC9D,CAAC;AAED,KAAK,UAAU,YAAY;IACzB,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC;IACjC,OAAO,CAAC,GAAG,CAAC,sCAAsC,KAAK,EAAE,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CACT,uDAAuD,KAAK,KAAK,2BAA2B,CAAC,KAAK,CAAC,EAAE,CACtG,CAAC;IACF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,MAAM,CAAC,CAAC;IACxC,MAAM,OAAO,GAAoB;QAC/B,UAAU,EAAE,sCAAsC;QAClD,KAAK,EAAE,CAAC;QACR,IAAI,EAAE,uBAAuB;QAC7B,IAAI;KACL,CAAC;IACF,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,QAAQ,CAAC,kCAAkC,EAAE,OAAO,CAAC,CAAC;QACnF,OAAO,CAAC,GAAG,CACT,+CAA+C,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,MAAM,CAAC,UAAU,KAAK,CACnG,CAAC;QACF,IAAI,CAAC,2BAA2B,CAAC,KAAK,CAAC,EAAE,CAAC;YACxC,OAAO,CAAC,GAAG,CACT,8GAA8G,CAC/G,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CACT,yFAAyF,CAC1F,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,IACE,oBAAoB,CAAC,IAAI,CAAC,OAAO,CAAC;YAClC,+CAA+C,CAAC,IAAI,CAAC,OAAO,CAAC,EAC7D,CAAC;YACD,OAAO,CAAC,GAAG,CACT,oHAAoH,OAAO,EAAE,CAC9H,CAAC;YACF,QAAQ,IAAI,CAAC,CAAC;QAChB,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CACT,sGAAsG,OAAO,EAAE,CAChH,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;IAC/B,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;QACpB,MAAM,YAAY,EAAE,CAAC;IACvB,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,gCAAgC,IAAI,4CAA4C,CAAC,CAAC;IAChG,CAAC;AACH,CAAC;AAED,IAAI,QAAQ,GAAG,CAAC,EAAE,CAAC;IACjB,OAAO,CAAC,KAAK,CAAC,2BAA2B,QAAQ,0BAA0B,CAAC,CAAC;IAC7E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AACD,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC"}

package/dist/scripts/smoke.js

@@ -3842,26 +3842,26 @@ assert.equal(Object.hasOwn(metrics.decision_quality, "undefined"), false);
     assert.equal(stripPerplexityThinkingBlock(cleanJson), cleanJson, "clean JSON without <think> blocks must be returned unchanged");
     // Scenario B: single `<think>` block followed by JSON — strip block,
     // trim whitespace, return JSON.
-    const singleThink = "<think>\nLet me reason about this carefully.\nThe evidence shows...\n</think>\n\n" + cleanJson;
+    const singleThink = `<think>\nLet me reason about this carefully.\nThe evidence shows...\n</think>\n\n${cleanJson}`;
     assert.equal(stripPerplexityThinkingBlock(singleThink), cleanJson, "single <think> block must be stripped; trailing JSON preserved");
     // Scenario C: multiple `<think>` blocks (rare but legal) — every
     // occurrence must be removed.
-    const multipleThinks = "<think>first thought</think>\nintermediate text\n<think>second thought</think>\n" + cleanJson;
+    const multipleThinks = `<think>first thought</think>\nintermediate text\n<think>second thought</think>\n${cleanJson}`;
     const strippedMultiple = stripPerplexityThinkingBlock(multipleThinks);
     assert.ok(!/<think/i.test(strippedMultiple), "multiple <think> blocks must all be stripped");
     assert.ok(strippedMultiple.includes(cleanJson), "multi-think strip must preserve trailing JSON payload");
     // Scenario D: `<think>` block spanning multiple lines with arbitrary
     // whitespace and nested-looking content (no actual nesting since
     // Perplexity never emits nested reasoning blocks).
-    const multilineThink = "<think>\n  Line 1\n    Line 2 with <b>html</b>\n  Line 3\n</think>\n" + cleanJson;
+    const multilineThink = `<think>\n  Line 1\n    Line 2 with <b>html</b>\n  Line 3\n</think>\n${cleanJson}`;
     assert.equal(stripPerplexityThinkingBlock(multilineThink), cleanJson, "multi-line <think> with arbitrary indentation must strip cleanly");
     // Scenario E: `<think>` with attribute-like content (`<think foo="bar">`)
     // — regex must allow attribute fragment before close `>`.
-    const attributedThink = '<think foo="bar">reasoning</think>\n' + cleanJson;
+    const attributedThink = `<think foo="bar">reasoning</think>\n${cleanJson}`;
     assert.equal(stripPerplexityThinkingBlock(attributedThink), cleanJson, "<think> tag with attribute fragment must still strip");
     // Scenario F: empty `<think></think>` (degenerate case) — strip + trim
     // still yields the trailing JSON.
-    const emptyThink = "<think></think>\n" + cleanJson;
+    const emptyThink = `<think></think>\n${cleanJson}`;
     assert.equal(stripPerplexityThinkingBlock(emptyThink), cleanJson, "empty <think></think> must strip cleanly");
     // Scenario G: only `<think>` block, no trailing JSON — output is empty
     // string after trim (caller's downstream parser then triggers
@@ -6015,7 +6015,7 @@ assert.equal(Object.hasOwn(metrics.decision_quality, "undefined"), false);
     // 5 sites must use `.max(PEERS.length)`.
     const maxPeersLen = serverSrcA.match(/\.max\(PEERS\.length\)/g) ?? [];
     assert.ok(maxPeersLen.length >= 5, `v3.7.0 / AUDIT-3: expected >=5 .max(PEERS.length) sites (4 peers panels + judge_peers), found ${maxPeersLen.length}`);
-    assert.ok(!/\.min\(1\)\s*\n?\s*[^]*?\.max\(5\)\s*\n?\s*\.default\(\[\.\.\.PEERS\]/.test(serverSrcA), "v3.7.0 / AUDIT-3: the peers schema must NOT keep the stale `.max(5)` against a 6-element PEERS default");
+    assert.ok(!/\.min\(1\)\s*\n?\s*[\s\S]*?\.max\(5\)\s*\n?\s*\.default\(\[\.\.\.PEERS\]/.test(serverSrcA), "v3.7.0 / AUDIT-3: the peers schema must NOT keep the stale `.max(5)` against a 6-element PEERS default");
     assert.ok(!/judge_peers: z\.array\(PeerSchema\)\.min\(2\)\.max\(5\)/.test(serverSrcA), "v3.7.0 / AUDIT-3: judge_peers must NOT keep the stale `.max(5)`");
     // AUDIT-4.
     assert.ok(/PEERS\.filter\(\(peer\) => runtime\.config\.peer_enabled\[peer\]\)/.test(serverSrcA), "v3.7.0 / AUDIT-4: server_info.financial_controls must compute readiness over the enabled peer subset");
@@ -6120,6 +6120,30 @@ assert.equal(Object.hasOwn(metrics.decision_quality, "undefined"), false);
     assert.ok(/pruneCorruptSessions\(minAgeMs: number\): \{ scanned: number; removed: number; kept: number \}/.test(storeSrcB1), "v3.7.5 / B1: store.pruneCorruptSessions must declare the {scanned, removed, kept} shape");
     console.log("[smoke] session_sweep_prune_corrupt_test: PASS");
 }
+// v4.0.2 (AUDIT-1, Codex audit close-out 2026-05-15): anti-drift check
+// that `package.json.version` === `package-lock.json.version` ===
+// `package-lock.json.packages[""].version`. The v4.0.1 ship bumped
+// package.json without re-running `npm install`, so the lockfile root
+// versions stayed at `4.0.0` while package.json said `4.0.1`. Codex's
+// audit caught it. This marker pins the consistency invariant so any
+// future bump that forgets to regenerate the lockfile fails smoke
+// loudly instead of slipping through to publish.
+{
+    const pjPath = path.join(process.cwd(), "package.json");
+    const plPath = path.join(process.cwd(), "package-lock.json");
+    const pj = JSON.parse(fs.readFileSync(pjPath, "utf8"));
+    const pl = JSON.parse(fs.readFileSync(plPath, "utf8"));
+    const pjVer = pj.version;
+    const plRootVer = pl.version;
+    const plPackagesRootVer = pl.packages?.[""]?.version;
+    assert.equal(plRootVer, pjVer, `v4.0.2 / AUDIT-1: package-lock.json root .version (${plRootVer}) must equal package.json .version (${pjVer}); run \`npm install\` after bumping the version.`);
+    assert.equal(plPackagesRootVer, pjVer, `v4.0.2 / AUDIT-1: package-lock.json packages[""].version (${plPackagesRootVer}) must equal package.json .version (${pjVer}); run \`npm install\` after bumping the version.`);
+    // Also verify package.json `name` matches the new canonical name; if
+    // the rename ever needs to happen again, this fails fast.
+    assert.equal(pj.name, "@lcv-ideas-software/cross-review", `v4.0.2 / AUDIT-1: package.json .name must be "@lcv-ideas-software/cross-review" (post-v4.0.0 rename); got "${pj.name}".`);
+    assert.equal(pl.name, "@lcv-ideas-software/cross-review", `v4.0.2 / AUDIT-1: package-lock.json .name must be "@lcv-ideas-software/cross-review"; got "${pl.name}".`);
+    console.log("[smoke] package_version_consistency_test: PASS");
+}
 // v2.6.1 NOTE: smoke coverage for `peer.fallback.budget_blocked` and
 // `peer.moderation_recovery.budget_blocked` is intentionally NOT
 // included. These two gates use the same arithmetic shape as preflight