@occasiolabs/occasio 0.8.4 → 0.8.6

package/src/index.js

@@ -56,10 +56,11 @@ const VERSION = (() => {
   catch { return '0.0.0-unknown'; }
 })();
 const LOG_SCHEMA_VERSION = 2;
-// Port override via env var (used by `occasio harness` and redteam to
-// run isolated proxies against scratch audit chains on free ports). Default
-// is 8081 to preserve existing user-facing behaviour.
-let PORT = parseInt(process.env.OCCASIO_PORT, 10) || 8081;
+// Port: defaults to 0 (auto-assigned by the OS) so multiple `occasio claude`
+// sessions can run in parallel. Explicit overrides via OCCASIO_PORT env or
+// --port flag still pin a fixed port (and surface EADDRINUSE if taken).
+let PORT = parseInt(process.env.OCCASIO_PORT, 10) || 0;
+let PORT_EXPLICIT = PORT !== 0;
 const ANTHROPIC_REAL = 'api.anthropic.com';
 const LOG_DIR      = path.join(os.homedir(), '.occasio');
 const SESSION_FILE = path.join(LOG_DIR, 'session.json');
@@ -75,8 +76,6 @@ function getBlockedFile() { return path.join(LOG_DIR, 'blocked', `${todayStr()}-
 // MODEL_PRICES table + cost-arithmetic helpers. Re-exported here so the
 // rest of index.js keeps its existing call sites unchanged.
 const {
-  MODEL_PRICES,
-  getPrice,
   calcCost,
   calcCacheSavings,
   calcCompoundingSavings,
@@ -102,7 +101,7 @@ function updateSession(e) {
     lao_tokens_saved:0, lao_cost_saved:0, tools_local_count:0, tools_mcp_count:0,
     tools_attempted:0,
   };
-  try { s = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8')); } catch {}
+  try { s = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8')); } catch { /* ignore */ }
   s.requests++;
   s.input_tokens       += e.input_tokens       || 0;
   s.output_tokens      += e.output_tokens      || 0;
@@ -133,6 +132,60 @@ const col = {
   d: s => `\x1b[2m${s}\x1b[0m`,  b: s => `\x1b[1m${s}\x1b[0m`,
 };
 
+// Print a compact recap banner just before claude starts — gives the user
+// (and the agent, via on-screen context) a memory anchor for the previous
+// session in this cwd. Silent if no prior data exists.
+function printSessionRecapBanner() {
+  let conv = null;
+  try { conv = require('./cli/conversation').readLastConversation(process.cwd()); }
+  catch { /* module load issue → skip */ }
+
+  // Last run summary from the audit chain.
+  let runLine = null;
+  try {
+    const chainFile = path.join(LOG_DIR, 'pipeline-events.jsonl');
+    if (fs.existsSync(chainFile)) {
+      const text = fs.readFileSync(chainFile, 'utf8');
+      const rows = [];
+      for (const line of text.split('\n')) {
+        if (!line) continue;
+        try { rows.push(JSON.parse(line)); } catch { /* skip */ }
+      }
+      const byRun = new Map();
+      for (const r of rows) {
+        const id = r.run_id || 'legacy';
+        if (!byRun.has(id)) byRun.set(id, []);
+        byRun.get(id).push(r);
+      }
+      const newest = [...byRun.entries()].map(([id, rs]) => ({
+        id, rs, end: rs[rs.length - 1]?.ts || '',
+      })).sort((a, b) => a.end < b.end ? 1 : -1)[0];
+      if (newest) {
+        const tc = newest.rs.filter(r => r.kind === 'tool_call').length;
+        const blocked = newest.rs.filter(r => r.action === 'BLOCK').length;
+        const date = newest.end ? new Date(newest.end).toISOString().slice(0, 16).replace('T', ' ') : 'unknown';
+        runLine = `${tc} tool calls, ${blocked} blocked  ·  ${date}`;
+      }
+    }
+  } catch { /* skip */ }
+
+  if (!conv && !runLine) return;
+
+  const oneLine = (s, max = 160) => {
+    const flat = String(s).replace(/\s+/g, ' ').trim();
+    return flat.length > max ? flat.slice(0, max - 1) + '…' : flat;
+  };
+  process.stderr.write('\n' + col.b('── previous session in this directory ──') + '\n');
+  if (runLine) process.stderr.write('  ' + col.d(runLine) + '\n');
+  if (conv && conv.lastUser) {
+    process.stderr.write('  ' + col.y('You: ') + oneLine(conv.lastUser) + '\n');
+  }
+  if (conv && conv.lastAssistant) {
+    process.stderr.write('  ' + col.g('Agent: ') + oneLine(conv.lastAssistant) + '\n');
+  }
+  process.stderr.write(col.d('  (enabled via --recap; suppress next time by omitting it)') + '\n\n');
+}
+
 // ── Pre-send manifest ─────────────────────────────────────────────────────────
 
 function fmtTok(n) {
@@ -286,6 +339,10 @@ if (cmd === 'replay') {
   process.exit(0);
 }
 
+if (cmd === 'recap') {
+  process.exit(require('./cli/recap').run(args.slice(1)));
+}
+
 if (cmd === 'distill') {
   runDistillCli(args.slice(1));
   process.exit(0);
@@ -406,6 +463,13 @@ if (cmd === 'demo' && (args[1] === 'anomalies' || args[1] === 'anomaly')) {
   process.exit(runAnomaliesDemoCli(args.slice(2)));
 }
 
+if (cmd === 'demo' && (args[1] === 'audit' || args[1] === 'auditor')) {
+  const { runAuditDemoCli } = require('./demo/audit-demo');
+  runAuditDemoCli(args.slice(2)).then(code => process.exit(code))
+    .catch(e => { process.stderr.write(`[demo audit] ${e.message}\n`); process.exit(1); });
+  return;
+}
+
 if (cmd === 'demo') {
   const { scanSecrets } = require('../src/analyzer');
   // Realistic-looking but synthetic credentials. Each hits exactly one pattern.
@@ -539,16 +603,22 @@ if (cmd === 'doctor' || cmd === 'check') {
       ok('log dir', LOG_DIR);
     } catch (e) { bad('log dir', e.message); }
 
-    // 4. Port availability (async)
-    await new Promise(resolve => {
-      const srv = net.createServer();
-      srv.once('error', () => {
-        bad(`port ${PORT}`, `already in use — kill it: netstat -ano | findstr :${PORT}`);
-        resolve();
+    // 4. Port availability (async) — only probe when an explicit port is pinned.
+    // With auto-assignment (default), the OS picks a free port at listen-time
+    // so there's nothing meaningful to probe in advance.
+    if (PORT_EXPLICIT) {
+      await new Promise(resolve => {
+        const srv = net.createServer();
+        srv.once('error', () => {
+          bad(`port ${PORT}`, `already in use — kill it: netstat -ano | findstr :${PORT}`);
+          resolve();
+        });
+        srv.once('listening', () => { srv.close(); ok(`port ${PORT}`, 'available'); resolve(); });
+        srv.listen(PORT, '127.0.0.1');
       });
-      srv.once('listening', () => { srv.close(); ok(`port ${PORT}`, 'available'); resolve(); });
-      srv.listen(PORT, '127.0.0.1');
-    });
+    } else {
+      ok('port', 'auto-assigned at runtime');
+    }
 
     // 5. Python + LAO scorer script
     const laoPyPath = path.join(__dirname, 'lao_prep.py');
@@ -562,7 +632,7 @@ if (cmd === 'doctor' || cmd === 'check') {
           stdio: ['pipe', 'pipe', 'pipe'],
         }).toString().trim();
         ok('Python (LAO)', out); pyFound = true;
-      } catch {}
+      } catch { /* ignore */ }
     }
     if (!pyFound) bad('Python (LAO)', 'not found — context trimming disabled');
     if (laoPyExists) ok('LAO scorer', laoPyPath);
@@ -634,8 +704,15 @@ if (prIdx >= 0) {
 const di = claudeArgs.indexOf('--dashboard');
 const useDashboard = di >= 0;
 if (di >= 0) claudeArgs.splice(di, 1);
+const recapIdx = claudeArgs.indexOf('--recap');
+const showRecap = recapIdx >= 0;
+if (recapIdx >= 0) claudeArgs.splice(recapIdx, 1);
 const pi = claudeArgs.indexOf('--port');
-if (pi >= 0) { PORT = parseInt(claudeArgs[pi+1], 10) || PORT; claudeArgs.splice(pi, 2); }
+if (pi >= 0) {
+  const parsed = parseInt(claudeArgs[pi+1], 10);
+  if (parsed > 0) { PORT = parsed; PORT_EXPLICIT = true; }
+  claudeArgs.splice(pi, 2);
+}
 
 // Budget flag: --budget <N> sets a session dollar limit.
 const bgtIdx = claudeArgs.indexOf('--budget');
@@ -688,7 +765,7 @@ const sessionAuditor = _createAuditor(process.env.OCCASIO_AUDIT_FILE || undefine
       process.stderr.write(`\n${col.r('[occasio][audit-fatal]')} policy_loaded write failed: ${status.error?.message}\n`);
       process.stderr.write(`${col.r('[occasio][audit-fatal] dropped row:')} ${dropped}\n`);
       process.stderr.write(`${col.r('[occasio][audit-fatal] proxy aborting; supervisor will restart.')}\n`);
-      try { server && server.close && server.close(); } catch {}
+      try { server && server.close && server.close(); } catch { /* ignore */ }
       setTimeout(() => process.exit(1), 250);
     }
   });
@@ -727,7 +804,7 @@ if (budget !== null) {
   const { execSync: _ex } = require('child_process');
   let _pyOk = false;
   for (const _cmd of ['python', 'python3']) {
-    try { _ex(`${_cmd} --version`, { shell: process.platform === 'win32', timeout: 3000, stdio: 'pipe' }); _pyOk = true; break; } catch {}
+    try { _ex(`${_cmd} --version`, { shell: process.platform === 'win32', timeout: 3000, stdio: 'pipe' }); _pyOk = true; break; } catch { /* ignore */ }
   }
   if (!_pyOk) process.stderr.write(col.y(`  ⚠ LAO disabled — Python not found (context trimming inactive)\n`));
 }
@@ -775,7 +852,7 @@ const server = http.createServer((req, res) => {
           try {
             const rules = JSON.parse(fs.readFileSync(rp, 'utf8'));
             blocked = files.filter(f => (rules.block || []).some(p => f.includes(p.replace(/\*\*/g, '').replace(/\*/g, ''))));
-          } catch {}
+          } catch { /* ignore */ }
         }
 
         const shouldBlock = (mode === 'block_secrets' && secrets.length) || (mode === 'block_rules' && blocked.length);
@@ -808,7 +885,7 @@ const server = http.createServer((req, res) => {
           res.end(JSON.stringify({ error: { type: 'blocked', reason: secrets.length ? secrets[0].label : 'rule', by: 'Occasio' } }));
           return;
         }
-      } catch {}
+      } catch { /* ignore */ }
     }
 
     // ── Budget enforcement (Stage 2: policy-driven BLOCK) ─────────────────────
@@ -842,7 +919,7 @@ const server = http.createServer((req, res) => {
           const s = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8'));
           s.budget_exceeded_count = (s.budget_exceeded_count || 0) + 1;
           fs.writeFileSync(SESSION_FILE, JSON.stringify(s));
-        } catch {}
+        } catch { /* ignore */ }
         const synth = decision.syntheticResponse;
         res.writeHead(synth.status, { 'Content-Type': 'application/json' });
         res.end(JSON.stringify(synth.body));
@@ -870,7 +947,7 @@ const server = http.createServer((req, res) => {
             }
           }
         }
-      } catch {}
+      } catch { /* ignore */ }
     }
     // ──────────────────────────────────────────────────────────────────────────
 
@@ -1057,7 +1134,7 @@ const server = http.createServer((req, res) => {
         }
         forwardBody = Buffer.from(JSON.stringify(b));
         outboundMessageCount = b.messages?.length ?? outboundMessageCount;
-      } catch {}
+      } catch { /* ignore */ }
     }
     if (laoDropped.length > 0) {
       const ts0  = new Date().toTimeString().slice(0, 8);
@@ -1183,7 +1260,7 @@ const server = http.createServer((req, res) => {
               process.stderr.write(`\n${col.r('[occasio][audit-fatal]')} ${e.message}\n`);
               process.stderr.write(`${col.r('[occasio][audit-fatal] dropped row:')} ${dropped}\n`);
               process.stderr.write(`${col.r('[occasio][audit-fatal] proxy aborting; supervisor will restart.')}\n`);
-              try { server && server.close && server.close(); } catch {}
+              try { server && server.close && server.close(); } catch { /* ignore */ }
               setTimeout(() => process.exit(1), 250);
               return;
             }
@@ -1212,10 +1289,10 @@ const server = http.createServer((req, res) => {
                     cacheRead  = d.usage.cache_read_input_tokens     || cacheRead;
                   }
                   if (d.type === 'message_delta' && d.usage) out = d.usage.output_tokens || out;
-                } catch {}
+                } catch { /* ignore */ }
               }
             }
-          } catch {}
+          } catch { /* ignore */ }
 
           // When the interceptor ran, Anthropic was billed for N calls:
           //   call #1  → initial tool_use round  (toolCallUsage)
@@ -1355,7 +1432,7 @@ const server = http.createServer((req, res) => {
 
 server.on('error', e => {
   if (e.code === 'EADDRINUSE') {
-    process.stderr.write(col.r(`\n❌ Port ${PORT} already in use. Kill the old process first:\n`));
+    process.stderr.write(col.r(`\n❌ Port ${PORT} already in use. Kill the old process first or omit --port / OCCASIO_PORT to let the OS auto-assign:\n`));
     process.stderr.write(col.d(`   netstat -ano | findstr :${PORT}  → then: taskkill /PID <pid> /F\n\n`));
   } else {
     process.stderr.write(col.r(`\n❌ ${e.message}\n`));
@@ -1364,6 +1441,17 @@ server.on('error', e => {
 });
 
 server.listen(PORT, '127.0.0.1', () => {
+  PORT = server.address().port;
+  process.stderr.write(col.d(`occasio proxy listening on 127.0.0.1:${PORT}\n`));
+
+  // Best-effort: print a 3-line recap of the previous session so the user
+  // (and via screen-context, the agent itself) has a memory anchor before
+  // typing the next prompt. Silent if no prior session in this cwd.
+  // Disable with --no-recap.
+  if (showRecap) {
+    try { printSessionRecapBanner(); } catch { /* never block startup */ }
+  }
+
   const env = { ...process.env, ANTHROPIC_BASE_URL: `http://localhost:${PORT}` };
   // On Windows, npm installs binaries as .cmd wrappers (claude.cmd).
   // spawn() without shell:true calls CreateProcess directly, which won't
@@ -1450,7 +1538,7 @@ server.listen(PORT, '127.0.0.1', () => {
         if (parts.length) process.stderr.write(col.d(`  Breakdown:   ${parts.join(' + ')}\n`));
       }
       process.stderr.write('────────────────────────────────────────\n\n');
-    } catch {}
+    } catch { /* ignore */ }
     process.exit(code || 0);
   });
 

package/src/inspect.js

@@ -268,7 +268,7 @@ function printBoundaryEntry(entry, idxLabel, total) {
 
 function runInspectCli(args) {
   let session = null;
-  try { session = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8')); } catch {}
+  try { session = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8')); } catch { /* ignore */ }
 
   const todayEntries = readDayLog(todayStr());
 

package/src/interceptor.js

@@ -24,14 +24,13 @@
 const fs   = require('fs');
 const path = require('path');
 const { exec } = require('child_process');
-const https    = require('https');
 const { routeLocally } = require('./classifier');
 const { distill }      = require('./distiller');
 const { scanSecrets }  = require('./analyzer');
 
 const {
   MAX_OUTPUT,
-  readFileNative,
+  readFileNative, READ_SKIP_EXTENSIONS,
   isReadHandleable, handleReadTool,
   isGlobHandleable, handleGlobTool, globToRegex,
   isGrepHandleable, handleGrepTool,
@@ -455,7 +454,7 @@ function nativeHandle(cmd) {
             }
           }
         }
-      } catch {}
+      } catch { /* skip unreadable dir */ }
     }
     walk(abs);
     return { output: results.join('\n') || '', exitCode: 0 };
@@ -487,7 +486,7 @@ function nativeHandle(cmd) {
     if (!filePart) return null;
     const abs = path.resolve(cwd, filePart);
     let exists = false;
-    try { fs.statSync(abs); exists = true; } catch {}
+    try { fs.statSync(abs); exists = true; } catch { /* missing → exists stays false */ }
     return { output: exists ? 'True' : 'False', exitCode: exists ? 0 : 1 };
   }
 
@@ -689,11 +688,11 @@ function isInterceptable(block) {
   if (block.name === 'TodoWrite') return isTodoHandleable(block.input, 'TodoWrite');
   if (block.name === 'TodoRead')  return isTodoHandleable(block.input, 'TodoRead');
   if (block.name === 'PowerShell') {
-    const cmd = (block.input?.command || '').trim();
+    const cmd = (typeof block.input?.command === 'string' ? block.input.command : '').trim();
     return cmd ? isPowerShellNativeHandleable(cmd) : false;
   }
   if (block.name !== 'Bash') return false;
-  const cmd = (block.input?.command || '').trim();
+  const cmd = (typeof block.input?.command === 'string' ? block.input.command : '').trim();
   if (!cmd) return false;
   if (isNativeHandleable(cmd)) return true;
   if (SHELL_META.test(cmd)) return false;
@@ -738,7 +737,7 @@ function classifyBlock(block) {
   }
 
   if (block.name === 'PowerShell') {
-    const rawCmd = (block.input?.command || '').trim();
+    const rawCmd = (typeof block.input?.command === 'string' ? block.input.command : '').trim();
     if (!rawCmd) return { handled: false, reason: FALLBACK_REASONS.BASH_EMPTY_CMD };
     const expanded = expandPsEnvVars(rawCmd);
     let normalized = expanded.trim();
@@ -760,7 +759,7 @@ function classifyBlock(block) {
   }
 
   // Bash
-  const cmd = (block.input?.command || '').trim();
+  const cmd = (typeof block.input?.command === 'string' ? block.input.command : '').trim();
   if (!cmd) return { handled: false, reason: FALLBACK_REASONS.BASH_EMPTY_CMD };
   if (isNativeHandleable(cmd)) return { handled: true, reason: 'ok' };
   if (SHELL_META.test(cmd)) return { handled: false, reason: FALLBACK_REASONS.BASH_SHELL_META };
@@ -891,27 +890,6 @@ function buildFollowUpHeaders(authHeaders, payloadLength) {
   return h;
 }
 
-function anthropicRequest(body, authHeaders) {
-  return new Promise((resolve, reject) => {
-    const payload = JSON.stringify({ ...body, stream: false });
-    const headers = buildFollowUpHeaders(authHeaders, Buffer.byteLength(payload));
-
-    const req = https.request(
-      { hostname: 'api.anthropic.com', port: 443, path: '/v1/messages', method: 'POST', headers },
-      res => {
-        const chunks = [];
-        res.on('data', c => chunks.push(c));
-        res.on('end', () => {
-          try   { resolve({ status: res.statusCode, body: JSON.parse(Buffer.concat(chunks).toString()) }); }
-          catch (e) { reject(e); }
-        });
-      }
-    );
-    req.on('error', reject);
-    req.end(payload);
-  });
-}
-
 // ── Main export ────────────────────────────────────────────────────────────────
 
 /**
@@ -1185,6 +1163,8 @@ module.exports = {
   isGrepHandleable,
   isTodoHandleable,
   nativeHandle,
+  readFileNative,
+  READ_SKIP_EXTENSIONS,
   handleReadTool,
   handleGlobTool,
   globToRegex,

package/src/ledger.js

@@ -26,7 +26,7 @@ function readDayLog(dateStr) {
   for (const raw of lines) {
     const line = raw.trim();
     if (!line) continue;
-    try { result.push(JSON.parse(line)); } catch {}
+    try { result.push(JSON.parse(line)); } catch { /* ignore */ }
   }
   return result;
 }
@@ -119,7 +119,6 @@ function printEntry(e, idx) {
 
 function printSummary(totals, scope, runId) {
   const { requests, cloud_sent = 0, local_only = 0, blocked = 0, trimmed = 0,
-          budget_exceeded = 0,
           input_tokens, output_tokens, cost,
           cache_savings, lao_cost_saved, distill_cost_saved = 0,
           distill_tokens_saved = 0, tools_local_count } = totals;
@@ -167,7 +166,7 @@ function runLedgerCli(args) {
   if (args.includes('--summary')) showSummary = true;
 
   let session = null;
-  try { session = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8')); } catch {}
+  try { session = JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8')); } catch { /* ignore */ }
 
   const todayEntries = readDayLog(todayStr());
   const entries = scope === 'session'

package/src/mcp-experiment.js

@@ -33,7 +33,7 @@ function runStats() {
   try {
     mcpEntries = fs.readFileSync(MCP_LOG, 'utf8').trim().split('\n')
       .filter(Boolean).map(l => { try { return JSON.parse(l); } catch { return null; } }).filter(Boolean);
-  } catch {}
+  } catch { /* ignore */ }
 
   // ── Built-in path: read today's session log, count intercepted Read/Glob/Grep ─
   let builtinTools = [];
@@ -44,9 +44,9 @@ function runStats() {
         const entry = JSON.parse(line);
         const tools = (entry.tools || []).filter(t => ['Read', 'Glob', 'Grep'].includes(t.tool));
         builtinTools.push(...tools);
-      } catch {}
+      } catch { /* ignore */ }
     }
-  } catch {}
+  } catch { /* ignore */ }
 
   const mcpTotal     = mcpEntries.length;
   const builtinTotal = builtinTools.length;
@@ -116,7 +116,7 @@ function runStats() {
 }
 
 function runClear() {
-  try { fs.unlinkSync(MCP_LOG); console.log(col.g('✓ mcp-experiment.jsonl cleared')); } catch {}
+  try { fs.unlinkSync(MCP_LOG); console.log(col.g('✓ mcp-experiment.jsonl cleared')); } catch { /* ignore */ }
 }
 
 function runRaw() {

package/src/mcp-server.js

@@ -86,7 +86,7 @@ function logCall(entry) {
     const dir = path.dirname(LOG_FILE);
     if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
     fs.appendFileSync(LOG_FILE, JSON.stringify(entry) + '\n');
-  } catch {}
+  } catch { /* ignore */ }
 }
 
 // ── Tool definitions (lao-compatible schemas) ──────────────────────────────────
@@ -274,7 +274,7 @@ async function handleRequest(req) {
             content: [{ type: 'text', text: 'audit-fatal: MCP server aborting' }],
             isError: true,
           });
-        } catch {}
+        } catch { /* ignore */ }
         setTimeout(() => process.exit(1), 250);
         return;
       }
@@ -301,7 +301,7 @@ process.stdin.on('data', chunk => {
   for (const line of lines) {
     const trimmed = line.trim();
     if (!trimmed) continue;
-    try { handleRequest(JSON.parse(trimmed)); } catch (e) { /* malformed JSON-RPC frame */ }
+    try { handleRequest(JSON.parse(trimmed)); } catch { /* malformed JSON-RPC frame */ }
   }
 });
 process.stdin.on('end', () => process.exit(0));

package/src/policy/doctor.js

@@ -56,10 +56,10 @@ function readRecentLogs(days, logsDir) {
     for (const f of files) {
       for (const line of fs.readFileSync(path.join(dir, f), 'utf8').split('\n')) {
         if (!line.trim()) continue;
-        try { entries.push(JSON.parse(line)); } catch {}
+        try { entries.push(JSON.parse(line)); } catch { /* ignore */ }
       }
     }
-  } catch {}
+  } catch { /* ignore */ }
   return entries;
 }
 

package/src/policy/engine.js

@@ -16,7 +16,6 @@
 const fs   = require('fs');
 const path = require('path');
 const os   = require('os');
-const adapter = require('../adapters/claude-code');
 const { PASS, LOCAL, BLOCK, TRANSFORM, TRANSFORM_CHAIN } = require('../core/decision');
 const loader = require('./loader');
 const builtIn = require('./built-in-classifiers');

package/src/policy/init.js

@@ -101,7 +101,7 @@ function runInitCli(args, opts = {}) {
 
   // Guard: refuse to overwrite without --force
   let exists = false;
-  try { fsMod.statSync(filePath); exists = true; } catch {}
+  try { fsMod.statSync(filePath); exists = true; } catch { /* ignore */ }
 
   if (exists && !force) {
     console.log(`  File:    ${filePath}  ${col.y('(already exists)')}\n`);

package/src/policy/loader.js

@@ -264,7 +264,7 @@ function normalize(parsed) {
       try {
         const regex = new RegExp(rawPattern);
         patterns.push(Object.freeze({ label, regex }));
-      } catch (e) {
+      } catch {
         process.stderr.write(`[Occasio] policy.yml: deny_patterns.${label} — invalid RegExp "${rawPattern}", entry skipped\n`);
       }
     }
@@ -276,7 +276,7 @@ function normalize(parsed) {
     // module load (loader.js is imported by other code paths that don't
     // need the registry).
     let toolNames;
-    try { toolNames = require('../core/tool-names'); } catch {}
+    try { toolNames = require('../core/tool-names'); } catch { /* ignore */ }
     const tools = {};
     for (const name of Object.keys(parsed.tools)) {
       const entry = normalizeToolEntry(parsed.tools[name]);
@@ -351,7 +351,7 @@ function _firePolicyChange(filePath, policy, hash, fileWasPresent) {
       });
     } catch (e) {
       // Listener crash must not break the proxy — surface to stderr only.
-      try { process.stderr.write(`[occasio] policy-change listener threw: ${e.message}\n`); } catch {}
+      try { process.stderr.write(`[occasio] policy-change listener threw: ${e.message}\n`); } catch { /* ignore */ }
     }
   }
 }

package/src/policy/show.js

@@ -12,7 +12,6 @@
  */
 
 const fs   = require('fs');
-const path = require('path');
 
 // Transforms currently implemented in the dispatcher.
 const KNOWN_TRANSFORMS = new Set(['redact-secrets', 'distill-output']);
@@ -88,7 +87,7 @@ function runPolicyCli(args, opts = {}) {
     const text = fs.readFileSync(filePath, 'utf8');
     fileExists = true;
     userParsed = loader.parse(text);
-  } catch {}
+  } catch { /* ignore */ }
 
   const active   = loader.load();
   const defaults = loader.DEFAULT_POLICY;

package/src/preflight/cli.js

@@ -11,7 +11,6 @@
  */
 
 const os   = require('os');
-const path = require('path');
 const {
   mine,
   getGitRoot,

package/src/preflight/miner.js

@@ -122,10 +122,10 @@ function readRecentEntries(days, logsDir) {
       for (const line of raw.split('\n')) {
         const trimmed = line.trim();
         if (!trimmed) continue;
-        try { entries.push(JSON.parse(trimmed)); } catch {}
+        try { entries.push(JSON.parse(trimmed)); } catch { /* ignore */ }
       }
     }
-  } catch {}
+  } catch { /* ignore */ }
   return entries;
 }
 
@@ -231,14 +231,11 @@ function mine(opts) {
 
   // project_root → { projectRoot, sessions: Set, toolCounts: Map, legacySessions: number }
   const projects = new Map();
-  let totalLegacy = 0;
 
   for (const [, runEntries] of runsMap) {
     const cwd = runCwd(runEntries);
     if (!cwd) {
-      // Pre-schema run; count it if it falls under the filter project
-      // but we can't know which project it belongs to — just count globally.
-      totalLegacy++;
+      // Pre-schema run with no cwd — can't attribute to a project, skip.
       continue;
     }
 

package/src/redteam.js

@@ -33,7 +33,6 @@
  */
 
 const fs   = require('fs');
-const path = require('path');
 const harness = require('./harness');
 
 const C = (() => {
@@ -411,7 +410,7 @@ async function runRedteamCli(args = []) {
     return result;
   } finally {
     if (!keepScratch && !process.env.OCC_REDTEAM_KEEP) {
-      try { fs.rmSync(ctx.workspace, { recursive: true, force: true }); } catch {}
+      try { fs.rmSync(ctx.workspace, { recursive: true, force: true }); } catch { /* ignore */ }
     }
   }
 }

package/src/replay.js

@@ -386,7 +386,7 @@ function runReplayCli(args) {
     for (const raw of lines) {
       const line = raw.trim();
       if (!line) continue;
-      try { entries.push(JSON.parse(line)); } catch {}
+      try { entries.push(JSON.parse(line)); } catch { /* ignore */ }
     }
   }
 

package/src/report/index.js

@@ -25,10 +25,6 @@ const LOGS_DIR    = path.join(LOG_DIR, 'logs');
 
 // ── Helpers ───────────────────────────────────────────────────────────────────
 
-function todayStr(d) {
-  return `${d.getFullYear()}-${String(d.getMonth()+1).padStart(2,'0')}-${String(d.getDate()).padStart(2,'0')}`;
-}
-
 function cutoffMs(days) {
   const d = new Date();
   d.setDate(d.getDate() - days);