@occasiolabs/occasio 0.8.4 → 0.8.5

package/src/executor/native-handlers/read.js

@@ -0,0 +1,99 @@
+'use strict';
+
+/**
+ * Native handler for the Read tool.
+ *
+ * Pure filesystem function: takes a file_path (+ optional offset/limit) and
+ * returns cat -n formatted output. No dependency on the interceptor pipeline,
+ * Anthropic API, or shell execution. Safe to import in any process context.
+ *
+ * Extracted from src/runtime.js as Stage-2 of the executor migration
+ * (see docs/ADAPTER-STAGE-2-MIGRATION.md). src/runtime.js re-exports
+ * these so existing consumers (src/interceptor.js, tests) keep working
+ * unchanged.
+ */
+
+const fs   = require('fs');
+const path = require('path');
+
+// ── Shared constants ───────────────────────────────────────────────────────────
+
+const MAX_OUTPUT = 512 * 1024;  // 512 KB — same cap as exec maxBuffer
+
+// File extensions the native Read handler cannot serve correctly.
+// PDFs and images need structured rendering (base64, page extraction) that we
+// cannot replicate; Jupyter notebooks need cell-by-cell parsing.  All others
+// are treated as UTF-8 text and handled natively.
+const READ_SKIP_EXTENSIONS = new Set([
+  '.pdf', '.ipynb',
+  '.png', '.jpg', '.jpeg', '.gif', '.webp', '.bmp', '.ico',
+  '.zip', '.gz', '.tar', '.bz2', '.xz', '.7z', '.rar',
+  '.exe', '.dll', '.so', '.dylib',
+]);
+
+// ── Shared helper ──────────────────────────────────────────────────────────────
+
+function readFileNative(absPath) {
+  const buf = fs.readFileSync(absPath);
+  if (buf.length > MAX_OUTPUT) {
+    return buf.slice(0, MAX_OUTPUT).toString('utf8') + '\n[truncated — file too large]';
+  }
+  return buf.toString('utf8');
+}
+
+// ── Read tool support ──────────────────────────────────────────────────────────
+
+/**
+ * Returns true when this Read input can be served natively.
+ * Falls back for PDFs/images (need structured rendering), Jupyter notebooks,
+ * malformed input, or the `pages` parameter (implies PDF range extraction).
+ */
+// UNC / network paths cause blocking SMB resolution on Windows (10+ s).
+// Reject so the agent cannot stall the proxy via `\\server\share\file` or
+// the // equivalent. Local filesystem only — a deliberate restriction.
+const UNC_PREFIX_RE = /^[/\\]{2}/;
+
+function isReadHandleable(input) {
+  if (!input || typeof input !== 'object') return false;
+  const fp = input.file_path;
+  if (!fp || typeof fp !== 'string' || !fp.trim()) return false;
+  if (UNC_PREFIX_RE.test(fp)) return false;
+  if (input.pages != null) return false;
+  const ext = path.extname(fp).toLowerCase();
+  return !READ_SKIP_EXTENSIONS.has(ext);
+}
+
+/**
+ * Read a file natively and return content formatted like `cat -n` (1-based line
+ * numbers), honouring the optional offset (0-based line index) and limit fields
+ * that the Claude Code Read tool sends for partial reads.
+ */
+function handleReadTool(input) {
+  const fp  = (typeof input?.file_path === 'string' ? input.file_path : '').trim();
+  if (!fp) return { output: '(no file_path provided)', exitCode: 1 };
+
+  const abs = path.resolve(process.cwd(), fp);
+  try {
+    const content = readFileNative(abs);  // already caps at MAX_OUTPUT
+    const lines   = content.split('\n');
+    const offset  = (typeof input.offset === 'number' && input.offset >= 0) ? input.offset : 0;
+    const limit   = (typeof input.limit  === 'number' && input.limit  >  0) ? input.limit  : lines.length;
+    const slice   = lines.slice(offset, offset + limit);
+    // Line numbers reflect position in the file (not the slice), matching cat -n.
+    const formatted = slice.map((l, i) => `${String(offset + i + 1).padStart(6)}\t${l}`).join('\n');
+    return { output: formatted, exitCode: 0 };
+  } catch (e) {
+    const msg = e.code === 'ENOENT'
+      ? `${fp}: No such file or directory`
+      : `${fp}: ${e.message}`;
+    return { output: `Read: ${msg}`, exitCode: 1 };
+  }
+}
+
+module.exports = {
+  MAX_OUTPUT,
+  READ_SKIP_EXTENSIONS,
+  readFileNative,
+  isReadHandleable,
+  handleReadTool,
+};

package/src/executor/native-handlers/todo.js

@@ -0,0 +1,56 @@
+'use strict';
+
+/**
+ * Native handlers for the TodoWrite / TodoRead tools.
+ *
+ * Pure functions over a caller-owned mutable `todoStore` array. No I/O,
+ * no globals — the session owns the store; this module only mutates it.
+ *
+ * Extracted from src/runtime.js as Stage-2 of the executor migration
+ * (see docs/ADAPTER-STAGE-2-MIGRATION.md). src/runtime.js re-exports
+ * these so existing consumers (src/interceptor.js, tests) keep working
+ * unchanged.
+ */
+
+/**
+ * Returns true when this TodoWrite/TodoRead call can be served natively.
+ * TodoRead: always handleable — no required inputs.
+ * TodoWrite: requires input.todos to be an array.
+ */
+function isTodoHandleable(input, toolName) {
+  if (toolName === 'TodoRead')  return true;
+  if (toolName === 'TodoWrite') {
+    if (!input || typeof input !== 'object') return false;
+    return Array.isArray(input.todos);
+  }
+  return false;
+}
+
+/**
+ * Handle a TodoWrite call: replace the session todo list with input.todos.
+ * Returns { output: '', exitCode: 0, taskCount: N } on success.
+ * Claude Code expects an empty-string response from write tools.
+ */
+function handleTodoWriteTool(input, todoStore) {
+  const todos = input?.todos;
+  if (!Array.isArray(todos)) {
+    return { output: 'TodoWrite: todos must be an array', exitCode: 1, taskCount: 0 };
+  }
+  todoStore.splice(0, todoStore.length, ...todos);
+  return { output: '', exitCode: 0, taskCount: todos.length };
+}
+
+/**
+ * Handle a TodoRead call: return the session todo list as a JSON string.
+ * Returns { output: string, exitCode: 0, taskCount: N }.
+ */
+function handleTodoReadTool(todoStore) {
+  const output = JSON.stringify(todoStore, null, 2);
+  return { output, exitCode: 0, taskCount: todoStore.length };
+}
+
+module.exports = {
+  isTodoHandleable,
+  handleTodoWriteTool,
+  handleTodoReadTool,
+};

package/src/harness.js

@@ -128,8 +128,6 @@ const SCENARIOS = {
       const f = ctx.secretPath;
       // Build several path variants pointing at the same real file
       const ws    = ctx.workspace;
-      const drive = f.match(/^[A-Z]:/i)?.[0] || '';
-      const tail  = f.slice(drive.length);
       const v = [
         f,                                                       // canonical
         f.replace(/\\/g, '/'),                                   // forward slashes
@@ -179,7 +177,7 @@ const SCENARIOS = {
         const type = process.platform === 'win32' ? 'junction' : 'dir';
         fs.symlinkSync(ctx.denyDir, aliasDir, type);
         ctx.aliasPath = path.join(aliasDir, 'plans.md');
-      } catch (e) {
+      } catch {
         // Symlink creation can fail (e.g. tmpfs that disallows symlinks).
         // Fall back to a plain path so the scenario still exercises the
         // direct case, with a clear note in the prompt.
@@ -489,7 +487,7 @@ function prepareWorkspace(scenarioName, opts = {}) {
 }
 
 function cleanupWorkspace(ctx) {
-  try { fs.rmSync(ctx.workspace, { recursive: true, force: true }); } catch {}
+  try { fs.rmSync(ctx.workspace, { recursive: true, force: true }); } catch { /* ignore */ }
 }
 
 // ── Subprocess spawning ─────────────────────────────────────────────────────
@@ -564,8 +562,8 @@ function runScenarioChild(scenarioName, ctx, opts = {}) {
     let stdout = '', stderr = '', timedOut = false;
     const t = setTimeout(() => {
       timedOut = true;
-      try { child.kill('SIGTERM'); } catch {}
-      setTimeout(() => { try { child.kill('SIGKILL'); } catch {} }, 5_000);
+      try { child.kill('SIGTERM'); } catch { /* ignore */ }
+      setTimeout(() => { try { child.kill('SIGKILL'); } catch { /* ignore */ } }, 5_000);
     }, timeoutMs);
 
     if (child.stdout) child.stdout.on('data', (d) => { stdout += d.toString(); });
@@ -607,8 +605,8 @@ function runMcpScenario(scenarioName, ctx, opts = {}) {
     let stdout = '', stderr = '', timedOut = false;
     const t = setTimeout(() => {
       timedOut = true;
-      try { child.kill('SIGTERM'); } catch {}
-      setTimeout(() => { try { child.kill('SIGKILL'); } catch {} }, 2_000);
+      try { child.kill('SIGTERM'); } catch { /* ignore */ }
+      setTimeout(() => { try { child.kill('SIGKILL'); } catch { /* ignore */ } }, 2_000);
     }, timeoutMs);
 
     if (child.stdout) child.stdout.on('data', (d) => { stdout += d.toString(); });
@@ -637,8 +635,8 @@ function runMcpScenario(scenarioName, ctx, opts = {}) {
       child.stdin.write(JSON.stringify(init) + '\n');
       child.stdin.write(JSON.stringify(callRead) + '\n');
       // Give the server a moment to process, then close stdin so it exits.
-      setTimeout(() => { try { child.stdin.end(); } catch {} }, 2_000);
-    } catch (e) {
+      setTimeout(() => { try { child.stdin.end(); } catch { /* ignore */ } }, 2_000);
+    } catch {
       // best effort
     }
   });

package/src/index.js

@@ -75,8 +75,6 @@ function getBlockedFile() { return path.join(LOG_DIR, 'blocked', `${todayStr()}-
 // MODEL_PRICES table + cost-arithmetic helpers. Re-exported here so the
 // rest of index.js keeps its existing call sites unchanged.
 const {
-  MODEL_PRICES,
-  getPrice,
   calcCost,
   calcCacheSavings,
   calcCompoundingSavings,
@@ -102,7 +100,7 @@ function updateSession(e) {
     lao_tokens_saved:0, lao_cost_saved:0, tools_local_count:0, tools_mcp_count:0,
     tools_attempted:0,
   };
-  try { s = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8')); } catch {}
+  try { s = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8')); } catch { /* ignore */ }
   s.requests++;
   s.input_tokens       += e.input_tokens       || 0;
   s.output_tokens      += e.output_tokens      || 0;
@@ -562,7 +560,7 @@ if (cmd === 'doctor' || cmd === 'check') {
           stdio: ['pipe', 'pipe', 'pipe'],
         }).toString().trim();
         ok('Python (LAO)', out); pyFound = true;
-      } catch {}
+      } catch { /* ignore */ }
     }
     if (!pyFound) bad('Python (LAO)', 'not found — context trimming disabled');
     if (laoPyExists) ok('LAO scorer', laoPyPath);
@@ -688,7 +686,7 @@ const sessionAuditor = _createAuditor(process.env.OCCASIO_AUDIT_FILE || undefine
       process.stderr.write(`\n${col.r('[occasio][audit-fatal]')} policy_loaded write failed: ${status.error?.message}\n`);
       process.stderr.write(`${col.r('[occasio][audit-fatal] dropped row:')} ${dropped}\n`);
       process.stderr.write(`${col.r('[occasio][audit-fatal] proxy aborting; supervisor will restart.')}\n`);
-      try { server && server.close && server.close(); } catch {}
+      try { server && server.close && server.close(); } catch { /* ignore */ }
       setTimeout(() => process.exit(1), 250);
     }
   });
@@ -727,7 +725,7 @@ if (budget !== null) {
   const { execSync: _ex } = require('child_process');
   let _pyOk = false;
   for (const _cmd of ['python', 'python3']) {
-    try { _ex(`${_cmd} --version`, { shell: process.platform === 'win32', timeout: 3000, stdio: 'pipe' }); _pyOk = true; break; } catch {}
+    try { _ex(`${_cmd} --version`, { shell: process.platform === 'win32', timeout: 3000, stdio: 'pipe' }); _pyOk = true; break; } catch { /* ignore */ }
   }
   if (!_pyOk) process.stderr.write(col.y(`  ⚠ LAO disabled — Python not found (context trimming inactive)\n`));
 }
@@ -775,7 +773,7 @@ const server = http.createServer((req, res) => {
           try {
             const rules = JSON.parse(fs.readFileSync(rp, 'utf8'));
             blocked = files.filter(f => (rules.block || []).some(p => f.includes(p.replace(/\*\*/g, '').replace(/\*/g, ''))));
-          } catch {}
+          } catch { /* ignore */ }
         }
 
         const shouldBlock = (mode === 'block_secrets' && secrets.length) || (mode === 'block_rules' && blocked.length);
@@ -808,7 +806,7 @@ const server = http.createServer((req, res) => {
           res.end(JSON.stringify({ error: { type: 'blocked', reason: secrets.length ? secrets[0].label : 'rule', by: 'Occasio' } }));
           return;
         }
-      } catch {}
+      } catch { /* ignore */ }
     }
 
     // ── Budget enforcement (Stage 2: policy-driven BLOCK) ─────────────────────
@@ -842,7 +840,7 @@ const server = http.createServer((req, res) => {
           const s = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8'));
           s.budget_exceeded_count = (s.budget_exceeded_count || 0) + 1;
           fs.writeFileSync(SESSION_FILE, JSON.stringify(s));
-        } catch {}
+        } catch { /* ignore */ }
         const synth = decision.syntheticResponse;
         res.writeHead(synth.status, { 'Content-Type': 'application/json' });
         res.end(JSON.stringify(synth.body));
@@ -870,7 +868,7 @@ const server = http.createServer((req, res) => {
             }
           }
         }
-      } catch {}
+      } catch { /* ignore */ }
     }
     // ──────────────────────────────────────────────────────────────────────────
 
@@ -1057,7 +1055,7 @@ const server = http.createServer((req, res) => {
         }
         forwardBody = Buffer.from(JSON.stringify(b));
         outboundMessageCount = b.messages?.length ?? outboundMessageCount;
-      } catch {}
+      } catch { /* ignore */ }
     }
     if (laoDropped.length > 0) {
       const ts0  = new Date().toTimeString().slice(0, 8);
@@ -1183,7 +1181,7 @@ const server = http.createServer((req, res) => {
               process.stderr.write(`\n${col.r('[occasio][audit-fatal]')} ${e.message}\n`);
               process.stderr.write(`${col.r('[occasio][audit-fatal] dropped row:')} ${dropped}\n`);
               process.stderr.write(`${col.r('[occasio][audit-fatal] proxy aborting; supervisor will restart.')}\n`);
-              try { server && server.close && server.close(); } catch {}
+              try { server && server.close && server.close(); } catch { /* ignore */ }
               setTimeout(() => process.exit(1), 250);
               return;
             }
@@ -1212,10 +1210,10 @@ const server = http.createServer((req, res) => {
                     cacheRead  = d.usage.cache_read_input_tokens     || cacheRead;
                   }
                   if (d.type === 'message_delta' && d.usage) out = d.usage.output_tokens || out;
-                } catch {}
+                } catch { /* ignore */ }
               }
             }
-          } catch {}
+          } catch { /* ignore */ }
 
           // When the interceptor ran, Anthropic was billed for N calls:
           //   call #1  → initial tool_use round  (toolCallUsage)
@@ -1450,7 +1448,7 @@ server.listen(PORT, '127.0.0.1', () => {
         if (parts.length) process.stderr.write(col.d(`  Breakdown:   ${parts.join(' + ')}\n`));
       }
       process.stderr.write('────────────────────────────────────────\n\n');
-    } catch {}
+    } catch { /* ignore */ }
     process.exit(code || 0);
   });
 

package/src/inspect.js

@@ -268,7 +268,7 @@ function printBoundaryEntry(entry, idxLabel, total) {
 
 function runInspectCli(args) {
   let session = null;
-  try { session = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8')); } catch {}
+  try { session = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8')); } catch { /* ignore */ }
 
   const todayEntries = readDayLog(todayStr());
 

package/src/interceptor.js

@@ -24,14 +24,13 @@
 const fs   = require('fs');
 const path = require('path');
 const { exec } = require('child_process');
-const https    = require('https');
 const { routeLocally } = require('./classifier');
 const { distill }      = require('./distiller');
 const { scanSecrets }  = require('./analyzer');
 
 const {
   MAX_OUTPUT,
-  readFileNative,
+  readFileNative, READ_SKIP_EXTENSIONS,
   isReadHandleable, handleReadTool,
   isGlobHandleable, handleGlobTool, globToRegex,
   isGrepHandleable, handleGrepTool,
@@ -455,7 +454,7 @@ function nativeHandle(cmd) {
             }
           }
         }
-      } catch {}
+      } catch { /* skip unreadable dir */ }
     }
     walk(abs);
     return { output: results.join('\n') || '', exitCode: 0 };
@@ -487,7 +486,7 @@ function nativeHandle(cmd) {
     if (!filePart) return null;
     const abs = path.resolve(cwd, filePart);
     let exists = false;
-    try { fs.statSync(abs); exists = true; } catch {}
+    try { fs.statSync(abs); exists = true; } catch { /* missing → exists stays false */ }
     return { output: exists ? 'True' : 'False', exitCode: exists ? 0 : 1 };
   }
 
@@ -689,11 +688,11 @@ function isInterceptable(block) {
   if (block.name === 'TodoWrite') return isTodoHandleable(block.input, 'TodoWrite');
   if (block.name === 'TodoRead')  return isTodoHandleable(block.input, 'TodoRead');
   if (block.name === 'PowerShell') {
-    const cmd = (block.input?.command || '').trim();
+    const cmd = (typeof block.input?.command === 'string' ? block.input.command : '').trim();
     return cmd ? isPowerShellNativeHandleable(cmd) : false;
   }
   if (block.name !== 'Bash') return false;
-  const cmd = (block.input?.command || '').trim();
+  const cmd = (typeof block.input?.command === 'string' ? block.input.command : '').trim();
   if (!cmd) return false;
   if (isNativeHandleable(cmd)) return true;
   if (SHELL_META.test(cmd)) return false;
@@ -738,7 +737,7 @@ function classifyBlock(block) {
   }
 
   if (block.name === 'PowerShell') {
-    const rawCmd = (block.input?.command || '').trim();
+    const rawCmd = (typeof block.input?.command === 'string' ? block.input.command : '').trim();
     if (!rawCmd) return { handled: false, reason: FALLBACK_REASONS.BASH_EMPTY_CMD };
     const expanded = expandPsEnvVars(rawCmd);
     let normalized = expanded.trim();
@@ -760,7 +759,7 @@ function classifyBlock(block) {
   }
 
   // Bash
-  const cmd = (block.input?.command || '').trim();
+  const cmd = (typeof block.input?.command === 'string' ? block.input.command : '').trim();
   if (!cmd) return { handled: false, reason: FALLBACK_REASONS.BASH_EMPTY_CMD };
   if (isNativeHandleable(cmd)) return { handled: true, reason: 'ok' };
   if (SHELL_META.test(cmd)) return { handled: false, reason: FALLBACK_REASONS.BASH_SHELL_META };
@@ -891,27 +890,6 @@ function buildFollowUpHeaders(authHeaders, payloadLength) {
   return h;
 }
 
-function anthropicRequest(body, authHeaders) {
-  return new Promise((resolve, reject) => {
-    const payload = JSON.stringify({ ...body, stream: false });
-    const headers = buildFollowUpHeaders(authHeaders, Buffer.byteLength(payload));
-
-    const req = https.request(
-      { hostname: 'api.anthropic.com', port: 443, path: '/v1/messages', method: 'POST', headers },
-      res => {
-        const chunks = [];
-        res.on('data', c => chunks.push(c));
-        res.on('end', () => {
-          try   { resolve({ status: res.statusCode, body: JSON.parse(Buffer.concat(chunks).toString()) }); }
-          catch (e) { reject(e); }
-        });
-      }
-    );
-    req.on('error', reject);
-    req.end(payload);
-  });
-}
-
 // ── Main export ────────────────────────────────────────────────────────────────
 
 /**
@@ -1185,6 +1163,8 @@ module.exports = {
   isGrepHandleable,
   isTodoHandleable,
   nativeHandle,
+  readFileNative,
+  READ_SKIP_EXTENSIONS,
   handleReadTool,
   handleGlobTool,
   globToRegex,

package/src/ledger.js

@@ -26,7 +26,7 @@ function readDayLog(dateStr) {
   for (const raw of lines) {
     const line = raw.trim();
     if (!line) continue;
-    try { result.push(JSON.parse(line)); } catch {}
+    try { result.push(JSON.parse(line)); } catch { /* ignore */ }
   }
   return result;
 }
@@ -119,7 +119,6 @@ function printEntry(e, idx) {
 
 function printSummary(totals, scope, runId) {
   const { requests, cloud_sent = 0, local_only = 0, blocked = 0, trimmed = 0,
-          budget_exceeded = 0,
           input_tokens, output_tokens, cost,
           cache_savings, lao_cost_saved, distill_cost_saved = 0,
           distill_tokens_saved = 0, tools_local_count } = totals;
@@ -167,7 +166,7 @@ function runLedgerCli(args) {
   if (args.includes('--summary')) showSummary = true;
 
   let session = null;
-  try { session = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8')); } catch {}
+  try { session = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8')); } catch { /* ignore */ }
 
   const todayEntries = readDayLog(todayStr());
   const entries = scope === 'session'

package/src/mcp-experiment.js

@@ -33,7 +33,7 @@ function runStats() {
   try {
     mcpEntries = fs.readFileSync(MCP_LOG, 'utf8').trim().split('\n')
       .filter(Boolean).map(l => { try { return JSON.parse(l); } catch { return null; } }).filter(Boolean);
-  } catch {}
+  } catch { /* ignore */ }
 
   // ── Built-in path: read today's session log, count intercepted Read/Glob/Grep ─
   let builtinTools = [];
@@ -44,9 +44,9 @@ function runStats() {
         const entry = JSON.parse(line);
         const tools = (entry.tools || []).filter(t => ['Read', 'Glob', 'Grep'].includes(t.tool));
         builtinTools.push(...tools);
-      } catch {}
+      } catch { /* ignore */ }
     }
-  } catch {}
+  } catch { /* ignore */ }
 
   const mcpTotal     = mcpEntries.length;
   const builtinTotal = builtinTools.length;
@@ -116,7 +116,7 @@ function runStats() {
 }
 
 function runClear() {
-  try { fs.unlinkSync(MCP_LOG); console.log(col.g('✓ mcp-experiment.jsonl cleared')); } catch {}
+  try { fs.unlinkSync(MCP_LOG); console.log(col.g('✓ mcp-experiment.jsonl cleared')); } catch { /* ignore */ }
 }
 
 function runRaw() {

package/src/mcp-server.js

@@ -86,7 +86,7 @@ function logCall(entry) {
     const dir = path.dirname(LOG_FILE);
     if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
     fs.appendFileSync(LOG_FILE, JSON.stringify(entry) + '\n');
-  } catch {}
+  } catch { /* ignore */ }
 }
 
 // ── Tool definitions (lao-compatible schemas) ──────────────────────────────────
@@ -274,7 +274,7 @@ async function handleRequest(req) {
             content: [{ type: 'text', text: 'audit-fatal: MCP server aborting' }],
             isError: true,
           });
-        } catch {}
+        } catch { /* ignore */ }
         setTimeout(() => process.exit(1), 250);
         return;
       }
@@ -301,7 +301,7 @@ process.stdin.on('data', chunk => {
   for (const line of lines) {
     const trimmed = line.trim();
     if (!trimmed) continue;
-    try { handleRequest(JSON.parse(trimmed)); } catch (e) { /* malformed JSON-RPC frame */ }
+    try { handleRequest(JSON.parse(trimmed)); } catch { /* malformed JSON-RPC frame */ }
   }
 });
 process.stdin.on('end', () => process.exit(0));

package/src/policy/doctor.js

@@ -56,10 +56,10 @@ function readRecentLogs(days, logsDir) {
     for (const f of files) {
       for (const line of fs.readFileSync(path.join(dir, f), 'utf8').split('\n')) {
         if (!line.trim()) continue;
-        try { entries.push(JSON.parse(line)); } catch {}
+        try { entries.push(JSON.parse(line)); } catch { /* ignore */ }
       }
     }
-  } catch {}
+  } catch { /* ignore */ }
   return entries;
 }
 

package/src/policy/engine.js

@@ -16,7 +16,6 @@
 const fs   = require('fs');
 const path = require('path');
 const os   = require('os');
-const adapter = require('../adapters/claude-code');
 const { PASS, LOCAL, BLOCK, TRANSFORM, TRANSFORM_CHAIN } = require('../core/decision');
 const loader = require('./loader');
 const builtIn = require('./built-in-classifiers');

package/src/policy/init.js

@@ -101,7 +101,7 @@ function runInitCli(args, opts = {}) {
 
   // Guard: refuse to overwrite without --force
   let exists = false;
-  try { fsMod.statSync(filePath); exists = true; } catch {}
+  try { fsMod.statSync(filePath); exists = true; } catch { /* ignore */ }
 
   if (exists && !force) {
     console.log(`  File:    ${filePath}  ${col.y('(already exists)')}\n`);

package/src/policy/loader.js

@@ -264,7 +264,7 @@ function normalize(parsed) {
       try {
         const regex = new RegExp(rawPattern);
         patterns.push(Object.freeze({ label, regex }));
-      } catch (e) {
+      } catch {
         process.stderr.write(`[Occasio] policy.yml: deny_patterns.${label} — invalid RegExp "${rawPattern}", entry skipped\n`);
       }
     }
@@ -276,7 +276,7 @@ function normalize(parsed) {
     // module load (loader.js is imported by other code paths that don't
     // need the registry).
     let toolNames;
-    try { toolNames = require('../core/tool-names'); } catch {}
+    try { toolNames = require('../core/tool-names'); } catch { /* ignore */ }
     const tools = {};
     for (const name of Object.keys(parsed.tools)) {
       const entry = normalizeToolEntry(parsed.tools[name]);
@@ -351,7 +351,7 @@ function _firePolicyChange(filePath, policy, hash, fileWasPresent) {
       });
     } catch (e) {
       // Listener crash must not break the proxy — surface to stderr only.
-      try { process.stderr.write(`[occasio] policy-change listener threw: ${e.message}\n`); } catch {}
+      try { process.stderr.write(`[occasio] policy-change listener threw: ${e.message}\n`); } catch { /* ignore */ }
     }
   }
 }

package/src/policy/show.js

@@ -12,7 +12,6 @@
  */
 
 const fs   = require('fs');
-const path = require('path');
 
 // Transforms currently implemented in the dispatcher.
 const KNOWN_TRANSFORMS = new Set(['redact-secrets', 'distill-output']);
@@ -88,7 +87,7 @@ function runPolicyCli(args, opts = {}) {
     const text = fs.readFileSync(filePath, 'utf8');
     fileExists = true;
     userParsed = loader.parse(text);
-  } catch {}
+  } catch { /* ignore */ }
 
   const active   = loader.load();
   const defaults = loader.DEFAULT_POLICY;

package/src/preflight/cli.js

@@ -11,7 +11,6 @@
  */
 
 const os   = require('os');
-const path = require('path');
 const {
   mine,
   getGitRoot,

package/src/preflight/miner.js

@@ -122,10 +122,10 @@ function readRecentEntries(days, logsDir) {
       for (const line of raw.split('\n')) {
         const trimmed = line.trim();
         if (!trimmed) continue;
-        try { entries.push(JSON.parse(trimmed)); } catch {}
+        try { entries.push(JSON.parse(trimmed)); } catch { /* ignore */ }
       }
     }
-  } catch {}
+  } catch { /* ignore */ }
   return entries;
 }
 
@@ -231,14 +231,11 @@ function mine(opts) {
 
   // project_root → { projectRoot, sessions: Set, toolCounts: Map, legacySessions: number }
   const projects = new Map();
-  let totalLegacy = 0;
 
   for (const [, runEntries] of runsMap) {
     const cwd = runCwd(runEntries);
     if (!cwd) {
-      // Pre-schema run; count it if it falls under the filter project
-      // but we can't know which project it belongs to — just count globally.
-      totalLegacy++;
+      // Pre-schema run with no cwd — can't attribute to a project, skip.
       continue;
     }
 

package/src/redteam.js

@@ -33,7 +33,6 @@
  */
 
 const fs   = require('fs');
-const path = require('path');
 const harness = require('./harness');
 
 const C = (() => {
@@ -411,7 +410,7 @@ async function runRedteamCli(args = []) {
     return result;
   } finally {
     if (!keepScratch && !process.env.OCC_REDTEAM_KEEP) {
-      try { fs.rmSync(ctx.workspace, { recursive: true, force: true }); } catch {}
+      try { fs.rmSync(ctx.workspace, { recursive: true, force: true }); } catch { /* ignore */ }
     }
   }
 }