@link-assistant/hive-mind 1.35.11 → 1.36.0

package/CHANGELOG.md

@@ -1,5 +1,30 @@
 # @link-assistant/hive-mind
 
+## 1.36.0
+
+### Minor Changes
+
+- 3adbf2b: feat: add --auto-report-issue and --disable-report-issue flags for non-interactive error reporting (Issue #1484)
+  - Add `--auto-report-issue` flag that automatically creates a GitHub issue on failure without prompting.
+    The auto-reported issue includes error details, logs, and case study analysis instructions in the body.
+    Issue is labeled as `bug`.
+  - Add `--disable-report-issue` flag that completely disables error issue creation (no prompt, no auto-creation).
+    Takes precedence over `--auto-report-issue` if both are specified.
+  - Default behavior (neither flag) preserves the existing interactive y/n prompt.
+  - Both flags are automatically available as passthrough options in hive and TELEGRAM_HIVE_OVERRIDES.
+
+## 1.35.12
+
+### Patch Changes
+
+- 05a72c3: fix: reject URLs and invalid git branch names used as --base-branch (Issue #1482)
+  - Add `validateBranchName()` function to `solve.branch.lib.mjs` that validates branch names against git-check-ref-format rules
+  - Reject URLs (https://, http://, git@, ssh://) passed as --base-branch with clear error message
+  - Reject invalid git ref characters (spaces, ~, ^, :, ?, \*, [, ], \, control chars, .., @{)
+  - Add validation in `solve.config.lib.mjs` parseArguments (early catch), `solve.branch.lib.mjs` createOrCheckoutBranch (defense-in-depth), and `hive.mjs` (before forwarding to solve)
+  - Add 19 test cases in `tests/test-base-branch-validation.mjs`
+  - Add case study documentation in `docs/case-studies/issue-1482/`
+
 ## 1.35.11
 
 ### Patch Changes

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@link-assistant/hive-mind",
-  "version": "1.35.11",
+  "version": "1.36.0",
   "description": "AI-powered issue solver and hive mind for collaborative problem solving",
   "main": "src/hive.mjs",
   "type": "module",

package/src/github-error-reporter.lib.mjs

@@ -149,7 +149,7 @@ export const formatLogForIssue = async (logContent, logFilePath) => {
  * @returns {Promise<string|null>} Issue URL or null on failure
  */
 export const createIssueForError = async options => {
-  const { error, errorType, logFile, context = {} } = options;
+  const { error, errorType, logFile, context = {}, autoReport = false } = options;
 
   try {
     const currentUser = await getCurrentGitHubUser();
@@ -159,7 +159,20 @@ export const createIssueForError = async options => {
     }
 
     const errorMessage = cleanErrorMessage(error);
-    const shouldCreateIssue = await promptUserForIssueCreation(errorMessage);
+
+    let shouldCreateIssue;
+    if (autoReport) {
+      // Auto-report mode: skip prompt, automatically create issue
+      console.log('\n❌ An error occurred:');
+      console.log(`   ${errorMessage}`);
+      if (isSentryEnabled()) {
+        console.log('\n✅ Error reported to Sentry successfully');
+      }
+      console.log('\nℹ️  --auto-report-issue enabled: automatically creating GitHub issue...');
+      shouldCreateIssue = true;
+    } else {
+      shouldCreateIssue = await promptUserForIssueCreation(errorMessage);
+    }
 
     if (!shouldCreateIssue) {
       await log('ℹ️  Issue creation cancelled by user');
@@ -199,6 +212,20 @@ export const createIssueForError = async options => {
       }
     }
 
+    if (autoReport) {
+      issueBody += '### Instructions\n\n';
+      issueBody += 'We need to download all logs and data related about the issue to this repository, ';
+      issueBody += 'make sure we compile that data to `./docs/case-studies/issue-{id}` folder, ';
+      issueBody += 'and use it to do deep case study analysis (also make sure to search online for additional facts and data), ';
+      issueBody += 'in which we will reconstruct timeline/sequence of events, find root causes of the problem, ';
+      issueBody += 'and propose possible solutions (including known existing components/libraries, ';
+      issueBody += 'that solve similar problem or can help in solutions).\n\n';
+      issueBody += 'If there is not enough data to find actual root cause, add debug output and verbose mode if not present, ';
+      issueBody += 'that will allow us to find root cause on next iteration.\n\n';
+      issueBody += 'If issue related to any other repository/project, where we can report issues on GitHub, please do so. ';
+      issueBody += 'Each issue must contain reproducible examples, workarounds and suggestions for fix the issue in code.\n\n';
+    }
+
     issueBody += '---\n';
     issueBody += `*This issue was automatically created by @${currentUser} using hive-mind error reporting*\n`;
 
@@ -239,7 +266,24 @@ export const createIssueForError = async options => {
  * @returns {Promise<string|null>} Issue URL if created, null otherwise
  */
 export const handleErrorWithIssueCreation = async options => {
-  const { error, errorType, logFile, context = {}, skipPrompt = false } = options;
+  const { error, errorType, logFile, context = {}, skipPrompt = false, autoReport = false, disableReport = false } = options;
+
+  // --disable-report-issue takes highest precedence
+  if (disableReport) {
+    await log('ℹ️  Issue reporting disabled via --disable-report-issue.');
+    return null;
+  }
+
+  // --auto-report-issue: create issue automatically without prompting
+  if (autoReport) {
+    return await createIssueForError({
+      error,
+      errorType,
+      logFile: logFile || (await getAbsoluteLogPath()),
+      context,
+      autoReport: true,
+    });
+  }
 
   if (skipPrompt) {
     return null;

package/src/hive.mjs

@@ -766,8 +766,16 @@ if (isDirectExecution) {
             const kebabToCamel = str => str.replace(/-([a-z])/g, (_, c) => c.toUpperCase());
             const args = [issueUrl, '--model', argv.model];
             // Special handling for options with different semantics in hive vs solve
-            if (argv.baseBranch) args.push('--base-branch', argv.baseBranch);
-            else if (argv.targetBranch) args.push('--base-branch', argv.targetBranch);
+            // Validate branch name before forwarding (issue #1482: reject URLs used as branch names)
+            const branchValue = argv.baseBranch || argv.targetBranch;
+            if (branchValue) {
+              const { validateBranchName } = await import('./solve.branch.lib.mjs');
+              const branchValidation = validateBranchName(branchValue);
+              if (!branchValidation.valid) {
+                throw new Error(`Invalid branch name for --base-branch/--target-branch: ${branchValidation.reason}`);
+              }
+              args.push('--base-branch', branchValue);
+            }
             if (argv.skipToolConnectionCheck || argv.toolConnectionCheck === false) args.push('--skip-tool-connection-check');
             if (argv.dryRun) args.push('--dry-run');
             if (argv.autoCleanup) args.push('--auto-cleanup'); // hive default differs from solve's auto-detect default

package/src/solve.branch.lib.mjs

@@ -100,6 +100,93 @@ export function detectBranchFormat(branchName) {
   return null;
 }
 
+/**
+ * Validates a branch name for use as --base-branch.
+ * Rejects URLs, invalid git ref characters, and enforces safe naming conventions.
+ * Based on git-check-ref-format rules: https://git-scm.com/docs/git-check-ref-format
+ *
+ * @param {string} branchName - The branch name to validate
+ * @returns {{ valid: boolean, reason?: string }} Validation result
+ */
+export function validateBranchName(branchName) {
+  if (!branchName || typeof branchName !== 'string') {
+    return { valid: false, reason: 'Branch name must be a non-empty string' };
+  }
+
+  const trimmed = branchName.trim();
+  if (trimmed !== branchName) {
+    return { valid: false, reason: 'Branch name must not have leading or trailing whitespace' };
+  }
+
+  // Reject URLs (the primary use case from issue #1482)
+  if (/^https?:\/\//i.test(branchName) || /^git@/i.test(branchName) || /^ssh:\/\//i.test(branchName)) {
+    return { valid: false, reason: `"${branchName}" looks like a URL, not a branch name. Use just the branch name (e.g. "main", "develop")` };
+  }
+
+  // Reject if it contains :// anywhere (catches other protocol-like URLs)
+  if (branchName.includes('://')) {
+    return { valid: false, reason: `"${branchName}" contains "://" which is not valid in a branch name` };
+  }
+
+  // Git ref format rules:
+  // Cannot contain ASCII control characters (bytes < 0x20) or DEL (0x7F)
+  // eslint-disable-next-line no-control-regex
+  if (/[\x00-\x1f\x7f]/.test(branchName)) {
+    return { valid: false, reason: 'Branch name must not contain control characters' };
+  }
+
+  // Cannot contain space, ~, ^, :, ?, *, [, or backslash
+  if (/[ ~^:?*[\]\\]/.test(branchName)) {
+    return { valid: false, reason: 'Branch name contains invalid characters (spaces, ~, ^, :, ?, *, [, ] or \\ are not allowed)' };
+  }
+
+  // Cannot contain ..
+  if (branchName.includes('..')) {
+    return { valid: false, reason: 'Branch name must not contain ".."' };
+  }
+
+  // Cannot start with . or -
+  if (branchName.startsWith('.') || branchName.startsWith('-')) {
+    return { valid: false, reason: 'Branch name must not start with "." or "-"' };
+  }
+
+  // Cannot end with . or .lock
+  if (branchName.endsWith('.') || branchName.endsWith('.lock')) {
+    return { valid: false, reason: 'Branch name must not end with "." or ".lock"' };
+  }
+
+  // Cannot contain @{
+  if (branchName.includes('@{')) {
+    return { valid: false, reason: 'Branch name must not contain "@{"' };
+  }
+
+  // Cannot be exactly @
+  if (branchName === '@') {
+    return { valid: false, reason: 'Branch name must not be "@"' };
+  }
+
+  // Component-level checks: no component can start with . or end with .lock
+  const components = branchName.split('/');
+  for (const component of components) {
+    if (component === '') {
+      return { valid: false, reason: 'Branch name must not contain consecutive slashes or start/end with "/"' };
+    }
+    if (component.startsWith('.')) {
+      return { valid: false, reason: `Branch name component "${component}" must not start with "."` };
+    }
+    if (component.endsWith('.lock')) {
+      return { valid: false, reason: `Branch name component "${component}" must not end with ".lock"` };
+    }
+  }
+
+  // Reasonable length limit
+  if (branchName.length > 255) {
+    return { valid: false, reason: 'Branch name must not exceed 255 characters' };
+  }
+
+  return { valid: true };
+}
+
 export async function createOrCheckoutBranch({ isContinueMode, prBranch, issueNumber, tempDir, defaultBranch, argv, log, formatAligned, $, crypto, owner, repo, prNumber }) {
   // Create a branch for the issue or checkout existing PR branch
   let branchName;
@@ -120,6 +207,13 @@ export async function createOrCheckoutBranch({ isContinueMode, prBranch, issueNu
     // Use user-specified base branch if provided, otherwise use repository default
     const baseBranch = argv.baseBranch || defaultBranch;
     const branchSource = argv.baseBranch ? 'custom' : 'default';
+
+    // Defense-in-depth: validate base branch name even if already validated at CLI parsing (issue #1482)
+    const baseBranchValidation = validateBranchName(baseBranch);
+    if (!baseBranchValidation.valid) {
+      throw new Error(`Invalid base branch "${baseBranch}": ${baseBranchValidation.reason}`);
+    }
+
     await log(`\n${formatAligned('🌿', 'Creating branch:', `${branchName} from ${baseBranch} (${branchSource})`)}`);
 
     // IMPORTANT: Don't use 2>&1 here as it can interfere with exit codes

package/src/solve.config.lib.mjs

@@ -9,6 +9,7 @@
 
 import { enhanceErrorMessage, detectMalformedFlags } from './option-suggestions.lib.mjs';
 import { defaultModels, buildModelOptionDescription } from './models/index.mjs';
+import { validateBranchName } from './solve.branch.lib.mjs';
 
 // Re-export for use by telegram-bot.mjs (avoids extra import lines there)
 export { detectMalformedFlags };
@@ -368,6 +369,16 @@ export const SOLVE_OPTION_DEFINITIONS = {
     description: 'Automatically initialize empty repositories by creating a simple README.md file. Only works when you have write access to the repository. This allows branch creation and pull request workflows to proceed on repositories that have no commits.',
     default: false,
   },
+  'auto-report-issue': {
+    type: 'boolean',
+    description: 'Automatically create a GitHub issue on failure without prompting (non-interactive mode). The issue includes error details, logs, and case study analysis instructions. Sets issue type and label to bug.',
+    default: false,
+  },
+  'disable-report-issue': {
+    type: 'boolean',
+    description: 'Disable error issue creation entirely (no prompt, no automatic creation). Overrides --auto-report-issue if both are specified.',
+    default: false,
+  },
   'attach-solution-summary': {
     type: 'boolean',
     description: 'Attach the AI solution summary (from the result field) as a comment to the PR/issue after completion. The summary is extracted from the AI tool JSON output and posted under a "Solution summary" header.',
@@ -563,6 +574,14 @@ export const parseArguments = async (yargs, hideBin) => {
     }
   }
 
+  // Validate --base-branch value (issue #1482: reject URLs and invalid git branch names)
+  if (argv.baseBranch) {
+    const branchValidation = validateBranchName(argv.baseBranch);
+    if (!branchValidation.valid) {
+      throw new Error(`Invalid --base-branch value: ${branchValidation.reason}`);
+    }
+  }
+
   if (argv.tool && !modelExplicitlyProvided && defaultModels[argv.tool]) {
     // User did not explicitly provide --model, so use the correct default for the tool
     // (Issue #1473: centralized in models/index.mjs)

package/src/solve.error-handlers.lib.mjs

@@ -30,6 +30,8 @@ export const handleFailure = async options => {
         errorType,
       },
       skipPrompt: !process.stdin.isTTY || argv.noIssueCreation,
+      autoReport: argv.autoReportIssue,
+      disableReport: argv.disableReportIssue,
     });
   } catch (issueError) {
     reportError(issueError, {