@oddessentials/repo-standards 4.4.0 → 5.1.0

package/scripts/check-version-unchanged.sh

@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+if [[ "${VERSION_GUARD_ALLOW:-}" == "1" ]]; then
+  echo "Version guard: bypass enabled (VERSION_GUARD_ALLOW=1)."
+  exit 0
+fi
+
+base_ref="${1:-}"
+if [[ -z "$base_ref" ]]; then
+  echo "Usage: $0 <base-ref>"
+  echo "Example: $0 origin/main"
+  exit 2
+fi
+
+version_pattern='("version"\s*:|\bversion\s*=|<Version>|<VersionPrefix>|<VersionSuffix>|<PackageVersion>|<AssemblyVersion>|<FileVersion>)'
+
+changed_files=$(git diff --name-only "${base_ref}...HEAD")
+if [[ -z "$changed_files" ]]; then
+  echo "Version guard: no changes detected."
+  exit 0
+fi
+
+has_violation=0
+
+while IFS= read -r file; do
+  case "$file" in
+    package.json|pyproject.toml|setup.cfg|setup.py|Cargo.toml|VERSION|Directory.Build.props|*.csproj)
+      diff_output=$(git diff -U0 "${base_ref}...HEAD" -- "$file" || true)
+      if echo "$diff_output" | rg -n --pcre2 "^[+-](?![+-]).*${version_pattern}" > /dev/null; then
+        echo "Version guard: manual version change detected in $file"
+        has_violation=1
+      fi
+      ;;
+    *)
+      ;;
+  esac
+done <<< "$changed_files"
+
+if [[ "$has_violation" -eq 1 ]]; then
+  cat <<'MESSAGE'
+
+Manual version edits detected. If semantic-release or automated versioning owns
+version bumps, remove manual edits and let the release pipeline update versions.
+If this change is intentional (e.g., release automation), set VERSION_GUARD_ALLOW=1.
+MESSAGE
+  exit 1
+fi
+
+echo "Version guard: no manual version changes detected."

package/scripts/validate-schema.ts

@@ -18,11 +18,21 @@ interface ValidationResult {
 
 interface ChecklistItem {
   id: string;
+  executionStage?: string;
   appliesTo?: { stacks?: string[]; ciSystems?: string[] };
   ciHints?: Record<string, unknown>;
   stackHints?: Record<string, unknown>;
 }
 
+const VALID_EXECUTION_STAGES = new Set([
+  "pre-commit",
+  "pre-push",
+  "ci-pr",
+  "ci-main",
+  "release",
+  "nightly",
+]);
+
 interface MigrationStep {
   focusIds?: string[];
 }
@@ -196,6 +206,40 @@ function validateCoverageThreshold(config: Config): ValidationResult {
   return { valid: true, errors: [] };
 }
 
+/**
+ * Validate executionStage coverage - all items should have a valid executionStage
+ */
+function validateExecutionStageCoverage(config: Config): ValidationResult {
+  const allItems = [
+    ...config.checklist.core,
+    ...config.checklist.recommended,
+    ...config.checklist.optionalEnhancements,
+  ];
+
+  const errors: string[] = [];
+  const stageCounts: Record<string, number> = {};
+
+  for (const item of allItems) {
+    if (!item.executionStage) {
+      errors.push(`Item "${item.id}" is missing executionStage`);
+    } else if (!VALID_EXECUTION_STAGES.has(item.executionStage)) {
+      errors.push(
+        `Item "${item.id}" has invalid executionStage "${item.executionStage}"`,
+      );
+    } else {
+      stageCounts[item.executionStage] =
+        (stageCounts[item.executionStage] ?? 0) + 1;
+    }
+  }
+
+  // Log stage distribution (informational, not an error)
+  if (errors.length === 0 && Object.keys(stageCounts).length > 0) {
+    // This is just for debugging, not shown in normal output
+  }
+
+  return { valid: errors.length === 0, errors };
+}
+
 /**
  * Generate a normalized, deterministic string representation of the config.
  * Uses deep stable key ordering at all depths.
@@ -236,6 +280,7 @@ export function validateStandardsConfig(
     validateStackReferences(config),
     validateCiHintKeys(config),
     validateCoverageThreshold(config),
+    validateExecutionStageCoverage(config),
   ];
 
   const allErrors = results.flatMap((r) => r.errors);
@@ -278,6 +323,7 @@ export function validateStandardsSchema(): void {
   console.log("✓ All appliesTo.stacks reference valid stack keys");
   console.log("✓ All ciHints keys are valid ciSystems");
   console.log("✓ Coverage threshold semantics are valid");
+  console.log("✓ All items have valid executionStage");
 }
 
 // CLI entry point