@mandipadk7/kavi 0.1.3 → 0.1.5

package/README.md

@@ -10,14 +10,14 @@ Current capabilities:
 - `kavi start`: start a managed session without attaching the TUI.
 - `kavi open`: create a managed session with separate Codex and Claude worktrees and open the full-screen operator console, even from an empty folder or a repo with no `HEAD` yet.
 - `kavi resume`: reopen the operator console for the current repo session.
-- `kavi status`: inspect session health and task counts from any terminal.
+- `kavi status`: inspect session health, task counts, and configured routing ownership rules from any terminal.
 - `kavi paths`: inspect resolved repo-local, user-local, worktree, and runtime paths.
 - `kavi task`: enqueue a task for `codex`, `claude`, or `auto` routing.
 - `kavi tasks`: inspect the session task list with summaries and artifact availability.
 - `kavi task-output`: inspect the normalized envelope and raw output for a completed task.
 - `kavi decisions`: inspect the persisted routing, approval, task, and integration decisions.
 - `kavi claims`: inspect active or historical path claims.
-- `kavi reviews`: inspect persisted operator review threads and linked follow-up tasks.
+- `kavi reviews`: inspect persisted operator review threads and linked follow-up tasks, with filters for agent, assignee, disposition, and status.
 - `kavi approvals`: inspect the approval inbox.
 - `kavi approve` and `kavi deny`: resolve a pending approval request, optionally with `--remember`.
 - `kavi events`: inspect recent daemon and task events.
@@ -32,73 +32,22 @@ Runtime model:
 - The operator surface talks to the daemon over a local control socket under the machine-local state root.
 - SQLite event mirroring is opt-in with `KAVI_ENABLE_SQLITE_HISTORY=1`; the default event log is JSONL under `.kavi/state/events.jsonl`.
 - The operator console exposes a task board, dual agent lanes, a live inspector pane, approval actions, inline task composition, worktree diff review with file and hunk navigation, and persisted operator review threads on files or hunks.
-
-Development:
-
-```bash
-# works in an empty folder; Kavi will initialize git and create the
-# bootstrap commit it needs for managed worktrees
-node bin/kavi.js init --home
-node bin/kavi.js doctor --json
-node bin/kavi.js paths
-node bin/kavi.js start --goal "Build the auth backend"
-node bin/kavi.js status
-node bin/kavi.js task --agent auto "Design the dashboard shell"
-node bin/kavi.js tasks
-node bin/kavi.js task-output latest
-node bin/kavi.js decisions
-node bin/kavi.js claims
-node bin/kavi.js reviews
-node bin/kavi.js approvals
-node bin/kavi.js open
-npm test
-```
+- Routing can now use explicit path ownership rules from `.kavi/config.toml` via `[routing].codex_paths` and `[routing].claude_paths`, so known parts of the tree can bypass looser keyword or AI routing.
+- Diff-based path claims now release older overlapping same-agent claims automatically, so the active claim set stays closer to each managed worktree's current unlanded surface.
 
 Notes:
 - `kavi init` and `kavi open` now support the "empty folder to first managed session" path. If no git repo exists, Kavi initializes one; if git exists but no `HEAD` exists yet, Kavi creates the bootstrap commit it needs for worktrees.
 - Codex runs through `codex app-server` in managed mode, so Codex-side approvals now land in the same Kavi inbox as Claude hook approvals.
 - Claude still runs through the installed `claude` CLI with Kavi-managed hooks and approval decisions.
+- `kavi doctor` now checks Claude auth readiness with `claude auth status`, and startup blocks if Claude is installed but not authenticated.
+- `kavi doctor` also validates ownership path rules for duplicates, repo escapes, and absolute-path mistakes before those rules affect routing.
 - The dashboard and operator commands now use the daemon's local RPC socket instead of editing session files directly, and the TUI stays updated from pushed daemon snapshots rather than polling.
 - The socket is machine-local rather than repo-local to avoid Unix socket path-length issues in deep repos and temp directories.
-- The console is keyboard-driven: `1-7` switch views, `j/k` move selection, `[` and `]` cycle task detail sections, `,` and `.` cycle changed files, `{` and `}` cycle patch hunks, `A/C/Q/M` add review notes, `o/O` cycle existing threads, `T` reply, `E` edit, `R` resolve or reopen, `F` queue a fix task, `H` queue a handoff task, `y/n` resolve approvals, and `c` opens the inline task composer.
+- The console is keyboard-driven: `1-7` switch views, `j/k` move selection, `[` and `]` cycle task detail sections, `,` and `.` cycle changed files, `{` and `}` cycle patch hunks, `A/C/Q/M` add review notes, `o/O` cycle existing threads, `T` reply, `E` edit, `R` resolve or reopen, `a` cycle thread assignee, `w` mark a thread as won't-fix, `x` mark it as accepted-risk, `F` queue a fix task, `H` queue a handoff task, `y/n` resolve approvals, and `c` opens the inline task composer.
+- Review filters are available both in the CLI and the TUI: `kavi reviews --assignee operator --status open`, and inside the console use `u`, `v`, and `d` to cycle assignee, status, and disposition filters for the active diff context.
+- Review threads now carry explicit assignees and richer dispositions, including `accepted risk` and `won't fix`, instead of relying only on free-form note text.
 - Successful follow-up tasks now auto-resolve linked open review threads, landed follow-up work marks those resolved threads as landed, and replying to a resolved thread reopens it.
 
-Local install options:
-
-```bash
-# Run directly from the repo
-node bin/kavi.js help
-
-# Symlink into ~/.local/bin
-./scripts/install-local.sh
-
-# Or use npm link from this repo
-npm link
-```
-
-Publishing for testers:
-
-```bash
-# interactive publish flow: prompts for version, defaults to the next patch,
-# runs release checks, then publishes the beta tag
-npm run publish
-
-# authenticate once
-npm login
-
-# verify the package before publish
-npm run release:check
-
-# prompt for version and publish beta explicitly
-npm run publish:beta
-
-# prompt for version and publish stable
-npm run publish:latest
-
-# test the publish flow without sending anything to npm
-npm run publish -- --dry-run
-```
-
 Install commands for testers:
 
 ```bash
@@ -109,13 +58,6 @@ npm install -g @mandipadk7/kavi@beta
 npx @mandipadk7/kavi@beta help
 ```
 
-Notes on publish:
-- The package name is scoped as `@mandipadk7/kavi` to match the npm user `mandipadk7`.
-- The publish flow now builds a compiled `dist/` directory first, and the installed CLI prefers `dist/main.js`. Source mode remains available for local development.
-- Hook commands now invoke the compiled entrypoint directly when `dist/` is present, and only use `--experimental-strip-types` in source mode.
-- The interactive publish script strips `repository`, `homepage`, and `bugs` from the packaged `package.json`, so the npm page uses the bundled `README.md` instead of private GitHub links.
-- `prepublishOnly` runs the release checks automatically during publish.
-
 User-local config example:
 
 ```toml

package/dist/config.js

@@ -10,6 +10,8 @@ message_limit = 6
 [routing]
 frontend_keywords = ["frontend", "ui", "ux", "design", "copy", "react", "css", "html"]
 backend_keywords = ["backend", "api", "server", "db", "schema", "migration", "auth", "test"]
+codex_paths = []
+claude_paths = []
 
 [agents.codex]
 role = "planning-backend"
@@ -77,7 +79,9 @@ export function defaultConfig() {
                 "migration",
                 "auth",
                 "test"
-            ]
+            ],
+            codexPaths: [],
+            claudePaths: []
         },
         agents: {
             codex: {
@@ -140,7 +144,9 @@ export async function loadConfig(paths) {
         messageLimit: asNumber(parsed.message_limit, 6),
         routing: {
             frontendKeywords: asStringArray(routing.frontend_keywords, defaultConfig().routing.frontendKeywords),
-            backendKeywords: asStringArray(routing.backend_keywords, defaultConfig().routing.backendKeywords)
+            backendKeywords: asStringArray(routing.backend_keywords, defaultConfig().routing.backendKeywords),
+            codexPaths: asStringArray(routing.codex_paths, defaultConfig().routing.codexPaths),
+            claudePaths: asStringArray(routing.claude_paths, defaultConfig().routing.claudePaths)
         },
         agents: {
             codex: {

package/dist/daemon.js

@@ -6,13 +6,25 @@ import { buildPeerMessages as buildClaudePeerMessages, runClaudeTask } from "./a
 import { buildPeerMessages as buildCodexPeerMessages, runCodexTask } from "./adapters/codex.js";
 import { buildDecisionReplay } from "./adapters/shared.js";
 import { listApprovalRequests, resolveApprovalRequest } from "./approvals.js";
-import { addDecisionRecord, upsertPathClaim } from "./decision-ledger.js";
+import { addDecisionRecord, releaseSupersededClaims, upsertPathClaim } from "./decision-ledger.js";
 import { getWorktreeDiffReview, listWorktreeChangedPaths } from "./git.js";
 import { nowIso } from "./paths.js";
 import { addReviewReply, addReviewNote, autoResolveReviewNotesForCompletedTask, linkReviewFollowUpTask, reviewNotesForTask, setReviewNoteStatus, updateReviewNote } from "./reviews.js";
 import { buildAdHocTask, buildKickoffTasks } from "./router.js";
 import { loadSessionRecord, readRecentEvents, recordEvent, saveSessionRecord } from "./session.js";
 import { loadTaskArtifact, saveTaskArtifact } from "./task-artifacts.js";
+function normalizeReviewDisposition(value) {
+    if (value === "approve" || value === "concern" || value === "question" || value === "accepted_risk" || value === "wont_fix") {
+        return value;
+    }
+    return "note";
+}
+function normalizeReviewAssignee(value) {
+    if (value === "codex" || value === "claude" || value === "operator") {
+        return value;
+    }
+    return null;
+}
 export class KaviDaemon {
     paths;
     session;
@@ -272,6 +284,9 @@ export class KaviDaemon {
             const taskId = `task-${commandId}`;
             const task = buildAdHocTask(owner, prompt, taskId, {
                 routeReason: typeof params.routeReason === "string" ? params.routeReason : null,
+                routeStrategy: params.routeStrategy === "manual" || params.routeStrategy === "keyword" || params.routeStrategy === "ai" || params.routeStrategy === "path-claim" || params.routeStrategy === "fallback" ? params.routeStrategy : null,
+                routeConfidence: typeof params.routeConfidence === "number" ? params.routeConfidence : null,
+                routeMetadata: params.routeMetadata && typeof params.routeMetadata === "object" && !Array.isArray(params.routeMetadata) ? params.routeMetadata : {},
                 claimedPaths: Array.isArray(params.claimedPaths) ? params.claimedPaths.map((item)=>String(item)) : []
             });
             this.session.tasks.push(task);
@@ -284,7 +299,8 @@ export class KaviDaemon {
                 metadata: {
                     strategy: typeof params.routeStrategy === "string" ? params.routeStrategy : "unknown",
                     confidence: typeof params.routeConfidence === "number" ? params.routeConfidence : null,
-                    claimedPaths: task.claimedPaths
+                    claimedPaths: task.claimedPaths,
+                    routeMetadata: params.routeMetadata && typeof params.routeMetadata === "object" && !Array.isArray(params.routeMetadata) ? params.routeMetadata : {}
                 }
             });
             upsertPathClaim(this.session, {
@@ -391,7 +407,8 @@ export class KaviDaemon {
         await this.runMutation(async ()=>{
             const agent = params.agent === "claude" ? "claude" : "codex";
             const filePath = typeof params.filePath === "string" ? params.filePath.trim() : "";
-            const disposition = params.disposition === "approve" || params.disposition === "concern" || params.disposition === "question" ? params.disposition : "note";
+            const disposition = normalizeReviewDisposition(params.disposition);
+            const assignee = normalizeReviewAssignee(params.assignee) ?? agent;
             const body = typeof params.body === "string" ? params.body.trim() : "";
             const taskId = typeof params.taskId === "string" ? params.taskId : null;
             const hunkIndex = typeof params.hunkIndex === "number" ? params.hunkIndex : null;
@@ -404,6 +421,7 @@ export class KaviDaemon {
             }
             const note = addReviewNote(this.session, {
                 agent,
+                assignee,
                 taskId,
                 filePath,
                 hunkIndex,
@@ -422,6 +440,7 @@ export class KaviDaemon {
                     hunkIndex: note.hunkIndex,
                     hunkHeader: note.hunkHeader,
                     disposition: note.disposition,
+                    assignee: note.assignee,
                     reviewNoteId: note.id
                 }
             });
@@ -435,7 +454,8 @@ export class KaviDaemon {
                 taskId: note.taskId,
                 filePath: note.filePath,
                 hunkIndex: note.hunkIndex,
-                disposition: note.disposition
+                disposition: note.disposition,
+                assignee: note.assignee
             });
             await this.publishSnapshot("review.note_added");
         });
@@ -443,15 +463,28 @@ export class KaviDaemon {
     async updateReviewNoteFromRpc(params) {
         await this.runMutation(async ()=>{
             const noteId = typeof params.noteId === "string" ? params.noteId : "";
-            const body = typeof params.body === "string" ? params.body.trim() : "";
+            const body = typeof params.body === "string" ? params.body.trim() : undefined;
+            const disposition = params.disposition === undefined ? undefined : normalizeReviewDisposition(params.disposition);
+            const assignee = params.assignee === undefined ? undefined : normalizeReviewAssignee(params.assignee);
             if (!noteId) {
                 throw new Error("updateReviewNote requires a noteId.");
             }
-            if (!body) {
-                throw new Error("updateReviewNote requires a note body.");
+            if ((body === undefined || body.length === 0) && disposition === undefined && assignee === undefined) {
+                throw new Error("updateReviewNote requires at least one body, disposition, or assignee change.");
+            }
+            if (body !== undefined && body.length === 0) {
+                throw new Error("updateReviewNote requires a non-empty note body.");
             }
             const note = updateReviewNote(this.session, noteId, {
-                body
+                ...body !== undefined ? {
+                    body
+                } : {},
+                ...disposition !== undefined ? {
+                    disposition
+                } : {},
+                ...assignee !== undefined ? {
+                    assignee
+                } : {}
             });
             if (!note) {
                 throw new Error(`Review note ${noteId} was not found.`);
@@ -465,7 +498,9 @@ export class KaviDaemon {
                 metadata: {
                     reviewNoteId: note.id,
                     filePath: note.filePath,
-                    hunkIndex: note.hunkIndex
+                    hunkIndex: note.hunkIndex,
+                    disposition: note.disposition,
+                    assignee: note.assignee
                 }
             });
             await saveSessionRecord(this.paths, this.session);
@@ -476,7 +511,9 @@ export class KaviDaemon {
                 reviewNoteId: note.id,
                 taskId: note.taskId,
                 agent: note.agent,
-                filePath: note.filePath
+                filePath: note.filePath,
+                disposition: note.disposition,
+                assignee: note.assignee
             });
             await this.publishSnapshot("review.note_updated");
         });
@@ -588,12 +625,19 @@ export class KaviDaemon {
             promptLines.push(`Focus the change in ${note.filePath} and update the managed worktree accordingly.`);
             const task = buildAdHocTask(owner, promptLines.join(" "), taskId, {
                 routeReason: mode === "handoff" ? `Operator handed off review note ${note.id} to ${owner}.` : `Operator created a follow-up task from review note ${note.id}.`,
+                routeStrategy: "manual",
+                routeConfidence: 1,
+                routeMetadata: {
+                    source: "review-follow-up",
+                    mode,
+                    reviewNoteId: note.id
+                },
                 claimedPaths: [
                     note.filePath
                 ]
             });
             this.session.tasks.push(task);
-            linkReviewFollowUpTask(this.session, note.id, taskId);
+            linkReviewFollowUpTask(this.session, note.id, taskId, owner);
             upsertPathClaim(this.session, {
                 taskId,
                 agent: owner,
@@ -612,7 +656,8 @@ export class KaviDaemon {
                     owner,
                     mode,
                     filePath: note.filePath,
-                    sourceAgent: note.agent
+                    sourceAgent: note.agent,
+                    assignee: owner
                 }
             });
             await saveSessionRecord(this.paths, this.session);
@@ -624,7 +669,8 @@ export class KaviDaemon {
                 followUpTaskId: taskId,
                 owner,
                 mode,
-                filePath: note.filePath
+                filePath: note.filePath,
+                assignee: owner
             });
             await this.publishSnapshot("review.followup_queued");
         });
@@ -751,6 +797,9 @@ export class KaviDaemon {
                 const taskId = `task-${command.id}`;
                 const task = buildAdHocTask(owner, command.payload.prompt, taskId, {
                     routeReason: typeof command.payload.routeReason === "string" ? command.payload.routeReason : null,
+                    routeStrategy: command.payload.routeStrategy === "manual" || command.payload.routeStrategy === "keyword" || command.payload.routeStrategy === "ai" || command.payload.routeStrategy === "path-claim" || command.payload.routeStrategy === "fallback" ? command.payload.routeStrategy : null,
+                    routeConfidence: typeof command.payload.routeConfidence === "number" ? command.payload.routeConfidence : null,
+                    routeMetadata: command.payload.routeMetadata && typeof command.payload.routeMetadata === "object" && !Array.isArray(command.payload.routeMetadata) ? command.payload.routeMetadata : {},
                     claimedPaths: Array.isArray(command.payload.claimedPaths) ? command.payload.claimedPaths.map((item)=>String(item)) : []
                 });
                 this.session.tasks.push(task);
@@ -763,7 +812,8 @@ export class KaviDaemon {
                     metadata: {
                         strategy: typeof command.payload.routeStrategy === "string" ? command.payload.routeStrategy : "unknown",
                         confidence: typeof command.payload.routeConfidence === "number" ? command.payload.routeConfidence : null,
-                        claimedPaths: task.claimedPaths
+                        claimedPaths: task.claimedPaths,
+                        routeMetadata: command.payload.routeMetadata && typeof command.payload.routeMetadata === "object" && !Array.isArray(command.payload.routeMetadata) ? command.payload.routeMetadata : {}
                     }
                 });
                 upsertPathClaim(this.session, {
@@ -814,18 +864,7 @@ export class KaviDaemon {
             task.summary = envelope.summary;
             task.updatedAt = new Date().toISOString();
             if (task.owner === "codex" || task.owner === "claude") {
-                const worktree = this.session.worktrees.find((item)=>item.agent === task.owner);
-                if (worktree) {
-                    const changedPaths = await listWorktreeChangedPaths(worktree.path, this.session.baseCommit);
-                    task.claimedPaths = changedPaths;
-                    upsertPathClaim(this.session, {
-                        taskId: task.id,
-                        agent: task.owner,
-                        source: "diff",
-                        paths: changedPaths,
-                        note: task.summary
-                    });
-                }
+                await this.refreshTaskClaims(task);
             }
             addDecisionRecord(this.session, {
                 kind: "task",
@@ -866,6 +905,9 @@ export class KaviDaemon {
                 status: task.status,
                 summary: task.summary,
                 routeReason: task.routeReason,
+                routeStrategy: task.routeStrategy,
+                routeConfidence: task.routeConfidence,
+                routeMetadata: task.routeMetadata,
                 claimedPaths: task.claimedPaths,
                 decisionReplay,
                 rawOutput,
@@ -897,18 +939,7 @@ export class KaviDaemon {
             task.summary = error instanceof Error ? error.message : String(error);
             task.updatedAt = new Date().toISOString();
             if (task.owner === "codex" || task.owner === "claude") {
-                const worktree = this.session.worktrees.find((item)=>item.agent === task.owner);
-                if (worktree) {
-                    const changedPaths = await listWorktreeChangedPaths(worktree.path, this.session.baseCommit);
-                    task.claimedPaths = changedPaths;
-                    upsertPathClaim(this.session, {
-                        taskId: task.id,
-                        agent: task.owner,
-                        source: "diff",
-                        paths: changedPaths,
-                        note: task.summary
-                    });
-                }
+                await this.refreshTaskClaims(task);
             }
             addDecisionRecord(this.session, {
                 kind: "task",
@@ -933,6 +964,9 @@ export class KaviDaemon {
                 status: task.status,
                 summary: task.summary,
                 routeReason: task.routeReason,
+                routeStrategy: task.routeStrategy,
+                routeConfidence: task.routeConfidence,
+                routeMetadata: task.routeMetadata,
                 claimedPaths: task.claimedPaths,
                 decisionReplay,
                 rawOutput: null,
@@ -959,6 +993,60 @@ export class KaviDaemon {
             summary
         };
     }
+    async refreshTaskClaims(task) {
+        if (task.owner !== "codex" && task.owner !== "claude") {
+            return;
+        }
+        const worktree = this.session.worktrees.find((item)=>item.agent === task.owner);
+        if (!worktree) {
+            return;
+        }
+        const changedPaths = await listWorktreeChangedPaths(worktree.path, this.session.baseCommit);
+        const hadClaimedSurface = task.claimedPaths.length > 0 || this.session.pathClaims.some((claim)=>claim.taskId === task.id && claim.status === "active");
+        task.claimedPaths = changedPaths;
+        const claim = upsertPathClaim(this.session, {
+            taskId: task.id,
+            agent: task.owner,
+            source: "diff",
+            paths: changedPaths,
+            note: task.summary
+        });
+        if (claim && changedPaths.length > 0) {
+            const releasedClaims = releaseSupersededClaims(this.session, {
+                agent: task.owner,
+                taskId: task.id,
+                paths: changedPaths,
+                note: `Superseded by newer ${task.owner} diff claim from task ${task.id}.`
+            });
+            for (const releasedClaim of releasedClaims){
+                addDecisionRecord(this.session, {
+                    kind: "route",
+                    agent: task.owner,
+                    taskId: releasedClaim.taskId,
+                    summary: `Released superseded claim ${releasedClaim.id}`,
+                    detail: releasedClaim.paths.join(", ") || "No claimed paths.",
+                    metadata: {
+                        claimId: releasedClaim.id,
+                        supersededByTaskId: task.id,
+                        supersededByPaths: changedPaths
+                    }
+                });
+            }
+            return;
+        }
+        if (changedPaths.length === 0 && hadClaimedSurface) {
+            addDecisionRecord(this.session, {
+                kind: "route",
+                agent: task.owner,
+                taskId: task.id,
+                summary: `Released empty claim surface for ${task.id}`,
+                detail: "Task finished without a remaining worktree diff for its claimed paths.",
+                metadata: {
+                    releaseReason: "empty-diff-claim"
+                }
+            });
+        }
+    }
 }
 
 

package/dist/decision-ledger.js

@@ -1,11 +1,26 @@
+import path from "node:path";
 import { randomUUID } from "node:crypto";
 import { nowIso } from "./paths.js";
 const MAX_DECISIONS = 80;
 function normalizePaths(paths) {
     return [
-        ...new Set(paths.map((item)=>item.trim()).filter(Boolean))
+        ...new Set(paths.map(normalizePath).filter(Boolean))
     ].sort();
 }
+function normalizePath(value) {
+    const trimmed = value.trim().replaceAll("\\", "/");
+    const withoutPrefix = trimmed.startsWith("./") ? trimmed.slice(2) : trimmed;
+    const normalized = path.posix.normalize(withoutPrefix);
+    return normalized === "." ? "" : normalized.replace(/^\/+/, "").replace(/\/+$/, "");
+}
+function pathOverlaps(left, right) {
+    const leftPath = normalizePath(left);
+    const rightPath = normalizePath(right);
+    if (!leftPath || !rightPath) {
+        return false;
+    }
+    return leftPath === rightPath || leftPath.startsWith(`${rightPath}/`) || rightPath.startsWith(`${leftPath}/`);
+}
 export function addDecisionRecord(session, input) {
     const record = {
         id: randomUUID(),
@@ -63,12 +78,53 @@ export function upsertPathClaim(session, input) {
 export function activePathClaims(session) {
     return session.pathClaims.filter((claim)=>claim.status === "active" && claim.paths.length > 0);
 }
+export function releasePathClaims(session, input = {}) {
+    const taskIds = input.taskIds ? new Set(input.taskIds) : null;
+    const released = [];
+    for (const claim of session.pathClaims){
+        if (claim.status !== "active") {
+            continue;
+        }
+        if (taskIds && !taskIds.has(claim.taskId)) {
+            continue;
+        }
+        claim.status = "released";
+        claim.updatedAt = nowIso();
+        if (input.note !== undefined) {
+            claim.note = input.note;
+        }
+        released.push(claim);
+    }
+    return released;
+}
+export function releaseSupersededClaims(session, input) {
+    const normalizedPaths = normalizePaths(input.paths);
+    if (normalizedPaths.length === 0) {
+        return [];
+    }
+    const released = [];
+    for (const claim of session.pathClaims){
+        if (claim.status !== "active" || claim.agent !== input.agent || claim.taskId === input.taskId) {
+            continue;
+        }
+        if (!claim.paths.some((item)=>normalizedPaths.some((candidate)=>pathOverlaps(item, candidate)))) {
+            continue;
+        }
+        claim.status = "released";
+        claim.updatedAt = nowIso();
+        if (input.note !== undefined) {
+            claim.note = input.note;
+        }
+        released.push(claim);
+    }
+    return released;
+}
 export function findClaimConflicts(session, owner, claimedPaths) {
     const normalizedPaths = normalizePaths(claimedPaths);
     if (normalizedPaths.length === 0) {
         return [];
     }
-    return activePathClaims(session).filter((claim)=>claim.agent !== owner && claim.paths.some((item)=>normalizedPaths.includes(item)));
+    return activePathClaims(session).filter((claim)=>claim.agent !== owner && claim.paths.some((item)=>normalizedPaths.some((candidate)=>pathOverlaps(item, candidate))));
 }
 
 

package/dist/doctor.js

@@ -1,12 +1,101 @@
+import path from "node:path";
+import { loadConfig } from "./config.js";
 import { fileExists } from "./fs.js";
 import { runCommand } from "./process.js";
 import { hasSupportedNode, minimumNodeMajor, resolveSessionRuntime } from "./runtime.js";
+export function parseClaudeAuthStatus(output) {
+    try {
+        const parsed = JSON.parse(output);
+        const loggedIn = parsed.loggedIn === true;
+        const authMethod = typeof parsed.authMethod === "string" ? parsed.authMethod : "unknown";
+        const apiProvider = typeof parsed.apiProvider === "string" ? parsed.apiProvider : "unknown";
+        return {
+            loggedIn,
+            detail: loggedIn ? `logged in via ${authMethod} (${apiProvider})` : `not logged in (${authMethod}, ${apiProvider})`
+        };
+    } catch  {
+        const trimmed = output.trim();
+        return {
+            loggedIn: false,
+            detail: trimmed || "unable to parse claude auth status"
+        };
+    }
+}
+function normalizeRoutingPathRule(value) {
+    const trimmed = value.trim().replaceAll("\\", "/");
+    const withoutPrefix = trimmed.startsWith("./") ? trimmed.slice(2) : trimmed;
+    const normalized = path.posix.normalize(withoutPrefix);
+    return normalized === "." ? "" : normalized.replace(/^\/+/, "").replace(/\/+$/, "");
+}
+export function validateRoutingPathRules(config) {
+    const issues = [];
+    const codexPaths = config.routing.codexPaths.map(normalizeRoutingPathRule);
+    const claudePaths = config.routing.claudePaths.map(normalizeRoutingPathRule);
+    const rawRules = [
+        ...config.routing.codexPaths.map((rule)=>({
+                owner: "codex",
+                raw: rule,
+                normalized: normalizeRoutingPathRule(rule)
+            })),
+        ...config.routing.claudePaths.map((rule)=>({
+                owner: "claude",
+                raw: rule,
+                normalized: normalizeRoutingPathRule(rule)
+            }))
+    ];
+    const blankRules = [
+        ...codexPaths,
+        ...claudePaths
+    ].filter((rule)=>!rule);
+    if (blankRules.length > 0) {
+        issues.push("Ownership path rules must not be empty.");
+    }
+    const absoluteRules = rawRules.filter(({ raw })=>{
+        const trimmed = raw.trim();
+        return trimmed.startsWith("/") || /^[A-Za-z]:[\\/]/.test(trimmed);
+    }).map(({ owner, raw })=>`${owner}:${raw}`);
+    if (absoluteRules.length > 0) {
+        issues.push(`Ownership path rules must be repo-relative, not absolute: ${absoluteRules.join(", ")}`);
+    }
+    const parentTraversalRules = rawRules.filter(({ normalized })=>normalized === ".." || normalized.startsWith("../")).map(({ owner, raw })=>`${owner}:${raw}`);
+    if (parentTraversalRules.length > 0) {
+        issues.push(`Ownership path rules must stay inside the repo root: ${parentTraversalRules.join(", ")}`);
+    }
+    const duplicateRules = (rules, owner)=>{
+        const seen = new Set();
+        const duplicates = new Set();
+        for (const rule of rules){
+            if (!rule) {
+                continue;
+            }
+            if (seen.has(rule)) {
+                duplicates.add(rule);
+            }
+            seen.add(rule);
+        }
+        if (duplicates.size > 0) {
+            issues.push(`${owner} has duplicate ownership rules: ${[
+                ...duplicates
+            ].join(", ")}`);
+        }
+    };
+    duplicateRules(codexPaths, "codex");
+    duplicateRules(claudePaths, "claude");
+    const overlappingRules = codexPaths.filter((rule)=>rule && claudePaths.includes(rule));
+    if (overlappingRules.length > 0) {
+        issues.push(`codex_paths and claude_paths overlap on the same exact rules: ${[
+            ...new Set(overlappingRules)
+        ].join(", ")}`);
+    }
+    return issues;
+}
 function normalizeVersion(output) {
     return output.trim().split(/\s+/).slice(-1)[0] ?? output.trim();
 }
 export async function runDoctor(repoRoot, paths) {
     const checks = [];
     const runtime = await resolveSessionRuntime(paths);
+    const config = await loadConfig(paths);
     const nodeVersion = await runCommand(runtime.nodeExecutable, [
         "--version"
     ], {
@@ -37,6 +126,21 @@ export async function runDoctor(repoRoot, paths) {
         ok: claudeVersion.code === 0,
         detail: claudeVersion.code === 0 ? `${claudeVersion.stdout.trim()} via ${runtime.claudeExecutable}` : claudeVersion.stderr.trim()
     });
+    const claudeAuth = await runCommand(runtime.claudeExecutable, [
+        "auth",
+        "status"
+    ], {
+        cwd: repoRoot
+    });
+    const claudeAuthStatus = claudeAuth.code === 0 ? parseClaudeAuthStatus(claudeAuth.stdout) : {
+        loggedIn: false,
+        detail: claudeAuth.stderr.trim() || claudeAuth.stdout.trim() || "claude auth status failed"
+    };
+    checks.push({
+        name: "claude-auth",
+        ok: claudeAuth.code === 0 && claudeAuthStatus.loggedIn,
+        detail: claudeAuth.code === 0 ? claudeAuthStatus.detail : claudeAuthStatus.detail
+    });
     const worktreeCheck = await runCommand("git", [
         "worktree",
         "list"
@@ -71,6 +175,12 @@ export async function runDoctor(repoRoot, paths) {
         ok: true,
         detail: homeConfigCheck ? "present" : "will be created on demand"
     });
+    const routingRuleIssues = validateRoutingPathRules(config);
+    checks.push({
+        name: "routing-path-rules",
+        ok: routingRuleIssues.length === 0,
+        detail: routingRuleIssues.length === 0 ? "valid" : routingRuleIssues.join("; ")
+    });
     return checks;
 }