@oss-autopilot/core 1.14.0 → 1.15.1

package/dist/commands/daily.js

@@ -7,7 +7,7 @@
  * orchestration layer that wires up the phases and handles I/O.
  */
 import { getStateManager, PRMonitor, IssueConversationMonitor, requireGitHubToken, CRITICAL_STATUSES, applyStatusOverrides, computeRepoSignals, groupPRsByRepo, assessCapacity, collectActionableIssues, computeActionMenu, toShelvedPRRef, formatBriefSummary, formatSummary, } from '../core/index.js';
-import { errorMessage, isRateLimitOrAuthError } from '../core/errors.js';
+import { errorMessage, isRateLimitOrAuthError, nonFatalCatch } from '../core/errors.js';
 import { warn } from '../core/logger.js';
 import { emptyPRCountsResult } from '../core/github-stats.js';
 import { createAutopilotScout } from './scout-bridge.js';
@@ -60,30 +60,21 @@ async function fetchPRData(prMonitor, token) {
     // All stats fetches are non-critical (cosmetic/scoring), so isolate their failure
     const issueMonitor = new IssueConversationMonitor(token);
     const [mergedResult, closedResult, recentlyClosedPRs, recentlyMergedPRs, issueConversationResult] = await Promise.all([
-        prMonitor.fetchUserMergedPRCounts(starFilter).catch((err) => {
-            if (isRateLimitOrAuthError(err))
-                throw err;
-            warn(MODULE, `Failed to fetch merged PR counts: ${errorMessage(err)}`);
-            return emptyPRCountsResult();
-        }),
-        prMonitor.fetchUserClosedPRCounts(starFilter).catch((err) => {
-            if (isRateLimitOrAuthError(err))
-                throw err;
-            warn(MODULE, `Failed to fetch closed PR counts: ${errorMessage(err)}`);
-            return emptyPRCountsResult();
-        }),
-        prMonitor.fetchRecentlyClosedPRs().catch((err) => {
-            if (isRateLimitOrAuthError(err))
-                throw err;
-            warn(MODULE, `Failed to fetch recently closed PRs: ${errorMessage(err)}`);
-            return [];
-        }),
-        prMonitor.fetchRecentlyMergedPRs().catch((err) => {
-            if (isRateLimitOrAuthError(err))
-                throw err;
-            warn(MODULE, `Failed to fetch recently merged PRs: ${errorMessage(err)}`);
-            return [];
-        }),
+        prMonitor.fetchUserMergedPRCounts(starFilter).catch(nonFatalCatch({
+            module: MODULE,
+            label: 'fetch merged PR counts',
+            fallback: emptyPRCountsResult(),
+        })),
+        prMonitor
+            .fetchUserClosedPRCounts(starFilter)
+            .catch(nonFatalCatch({ module: MODULE, label: 'fetch closed PR counts', fallback: emptyPRCountsResult() })),
+        prMonitor
+            .fetchRecentlyClosedPRs()
+            .catch(nonFatalCatch({ module: MODULE, label: 'fetch recently closed PRs', fallback: [] })),
+        prMonitor
+            .fetchRecentlyMergedPRs()
+            .catch(nonFatalCatch({ module: MODULE, label: 'fetch recently merged PRs', fallback: [] })),
+        // Issue conversation fetch has custom messaging based on the error content, so it keeps its bespoke catch.
         issueMonitor.fetchCommentedIssues().catch((error) => {
             if (isRateLimitOrAuthError(error))
                 throw error;

package/dist/commands/dashboard-data.d.ts

@@ -3,7 +3,8 @@
  * Handles GitHub API calls, PR grouping, stats computation, and monthly chart data.
  * Consumed by the dashboard HTTP server (dashboard-server.ts) for the SPA API.
  */
-import { type DailyDigest, type AgentState, type ClosedPR, type MergedPR, type StoredMergedPR, type StoredClosedPR, type CommentedIssue } from '../core/types.js';
+import { type DailyDigest, type AgentState, type ClosedPR, type MergedPR, type StoredMergedPR, type StoredClosedPR, type CommentedIssue, type CommentedIssueWithResponse, type FetchedPR, type ShelvedPRRef, type RepoMetadataEntry } from '../core/types.js';
+import type { ParseIssueListOutput } from '../formatters/json.js';
 export interface DashboardStats {
     activePRs: number;
     shelvedPRs: number;
@@ -12,6 +13,42 @@ export interface DashboardStats {
     mergeRate: string;
     availableIssues?: number;
 }
+/**
+ * Shape of the JSON payload served by `GET /api/data` from the dashboard
+ * HTTP server. Single source of truth (#965) — imported by
+ * dashboard-server.ts, which previously redeclared this interface inline
+ * and so silently drifted whenever this module changed shape.
+ */
+export interface DashboardJsonData {
+    stats: DashboardStats;
+    prsByRepo: Record<string, {
+        active: number;
+        merged: number;
+        closed: number;
+    }>;
+    topRepos: Array<{
+        repo: string;
+        active: number;
+        merged: number;
+        closed: number;
+    }>;
+    monthlyMerged: Record<string, number>;
+    monthlyOpened: Record<string, number>;
+    monthlyClosed: Record<string, number>;
+    activePRs: FetchedPR[];
+    shelvedPRUrls: string[];
+    recentlyMergedPRs: MergedPR[];
+    recentlyClosedPRs: ClosedPR[];
+    autoUnshelvedPRs: ShelvedPRRef[];
+    commentedIssues: CommentedIssue[];
+    issueResponses: CommentedIssueWithResponse[];
+    allMergedPRs: MergedPR[];
+    allClosedPRs: ClosedPR[];
+    repoMetadata: Record<string, RepoMetadataEntry>;
+    vettedIssues?: ParseIssueListOutput | null;
+    offline?: boolean;
+    lastUpdated?: string;
+}
 export declare function buildDashboardStats(digest: DailyDigest, state: Readonly<AgentState>, storedMergedCount?: number, storedClosedCount?: number): DashboardStats;
 /**
  * Merge fresh API counts into existing stored counts.

package/dist/commands/dashboard-data.js

@@ -4,7 +4,7 @@
  * Consumed by the dashboard HTTP server (dashboard-server.ts) for the SPA API.
  */
 import { getStateManager, PRMonitor, IssueConversationMonitor, getOctokit } from '../core/index.js';
-import { errorMessage, isRateLimitOrAuthError } from '../core/errors.js';
+import { errorMessage, isRateLimitOrAuthError, nonFatalCatch } from '../core/errors.js';
 import { warn } from '../core/logger.js';
 import { emptyPRCountsResult, fetchMergedPRsSince, fetchClosedPRsSince } from '../core/github-stats.js';
 import { parseGitHubUrl } from '../core/utils.js';
@@ -110,30 +110,21 @@ export async function fetchDashboardData(token) {
     const closedWatermark = stateManager.getClosedPRWatermark();
     const [{ prs, failures }, recentlyClosedPRs, recentlyMergedPRs, mergedResult, closedResult, fetchedIssues, newMergedPRs, newClosedPRs,] = await Promise.all([
         prMonitor.fetchUserOpenPRs(),
-        prMonitor.fetchRecentlyClosedPRs().catch((err) => {
-            if (isRateLimitOrAuthError(err))
-                throw err;
-            warn(MODULE, `Failed to fetch recently closed PRs: ${errorMessage(err)}`);
-            return [];
-        }),
-        prMonitor.fetchRecentlyMergedPRs().catch((err) => {
-            if (isRateLimitOrAuthError(err))
-                throw err;
-            warn(MODULE, `Failed to fetch recently merged PRs: ${errorMessage(err)}`);
-            return [];
-        }),
-        prMonitor.fetchUserMergedPRCounts(starFilter).catch((err) => {
-            if (isRateLimitOrAuthError(err))
-                throw err;
-            warn(MODULE, `Failed to fetch merged PR counts: ${errorMessage(err)}`);
-            return emptyPRCountsResult();
-        }),
-        prMonitor.fetchUserClosedPRCounts(starFilter).catch((err) => {
-            if (isRateLimitOrAuthError(err))
-                throw err;
-            warn(MODULE, `Failed to fetch closed PR counts: ${errorMessage(err)}`);
-            return emptyPRCountsResult();
-        }),
+        prMonitor
+            .fetchRecentlyClosedPRs()
+            .catch(nonFatalCatch({ module: MODULE, label: 'fetch recently closed PRs', fallback: [] })),
+        prMonitor
+            .fetchRecentlyMergedPRs()
+            .catch(nonFatalCatch({ module: MODULE, label: 'fetch recently merged PRs', fallback: [] })),
+        prMonitor.fetchUserMergedPRCounts(starFilter).catch(nonFatalCatch({
+            module: MODULE,
+            label: 'fetch merged PR counts',
+            fallback: emptyPRCountsResult(),
+        })),
+        prMonitor
+            .fetchUserClosedPRCounts(starFilter)
+            .catch(nonFatalCatch({ module: MODULE, label: 'fetch closed PR counts', fallback: emptyPRCountsResult() })),
+        // Issue conversation fetch has custom messaging based on the error content, so it keeps its bespoke catch.
         issueMonitor.fetchCommentedIssues().catch((error) => {
             if (isRateLimitOrAuthError(error))
                 throw error;
@@ -149,18 +140,8 @@ export async function fetchDashboardData(token) {
                 failures: [{ issueUrl: 'N/A', error: `Issue conversation fetch failed: ${msg}` }],
             };
         }),
-        fetchMergedPRsSince(octokit, config, watermark).catch((err) => {
-            if (isRateLimitOrAuthError(err))
-                throw err;
-            warn(MODULE, `Failed to fetch merged PRs for storage: ${errorMessage(err)}`);
-            return [];
-        }),
-        fetchClosedPRsSince(octokit, config, closedWatermark).catch((err) => {
-            if (isRateLimitOrAuthError(err))
-                throw err;
-            warn(MODULE, `Failed to fetch closed PRs for storage: ${errorMessage(err)}`);
-            return [];
-        }),
+        fetchMergedPRsSince(octokit, config, watermark).catch(nonFatalCatch({ module: MODULE, label: 'fetch merged PRs for storage', fallback: [] })),
+        fetchClosedPRsSince(octokit, config, closedWatermark).catch(nonFatalCatch({ module: MODULE, label: 'fetch closed PRs for storage', fallback: [] })),
     ]);
     const commentedIssues = fetchedIssues.issues;
     if (fetchedIssues.failures.length > 0) {
@@ -216,10 +197,12 @@ export async function fetchDashboardData(token) {
     return { digest, commentedIssues, allMergedPRs, allClosedPRs };
 }
 /**
- * Convert StoredMergedPR[] to MergedPR[] by deriving repo and number from URL.
- * Skips entries with unparseable URLs.
+ * Convert a stored-shape PR array (StoredMergedPR[] or StoredClosedPR[]) to
+ * its display-shape equivalent (MergedPR[] / ClosedPR[]) by deriving `repo`
+ * and `number` from the URL. Skips entries whose URL cannot be parsed.
+ * Shared by storedToMergedPRs and storedToClosedPRs (#959).
  */
-export function storedToMergedPRs(stored) {
+function storedToPRs(stored, dateField, label) {
     const results = [];
     let skipped = 0;
     for (const pr of stored) {
@@ -233,39 +216,27 @@ export function storedToMergedPRs(stored) {
             repo: `${parsed.owner}/${parsed.repo}`,
             number: parsed.number,
             title: pr.title,
-            mergedAt: pr.mergedAt,
+            [dateField]: pr[dateField],
         });
     }
     if (skipped > 0) {
-        warn(MODULE, `Skipped ${skipped} stored merged PR(s) with unparseable URLs`);
+        warn(MODULE, `Skipped ${skipped} stored ${label} PR(s) with unparseable URLs`);
     }
     return results;
 }
+/**
+ * Convert StoredMergedPR[] to MergedPR[] by deriving repo and number from URL.
+ * Skips entries with unparseable URLs.
+ */
+export function storedToMergedPRs(stored) {
+    return storedToPRs(stored, 'mergedAt', 'merged');
+}
 /**
  * Convert StoredClosedPR[] to ClosedPR[] by deriving repo and number from URL.
  * Skips entries with unparseable URLs.
  */
 export function storedToClosedPRs(stored) {
-    const results = [];
-    let skipped = 0;
-    for (const pr of stored) {
-        const parsed = parseGitHubUrl(pr.url);
-        if (!parsed) {
-            skipped++;
-            continue;
-        }
-        results.push({
-            url: pr.url,
-            repo: `${parsed.owner}/${parsed.repo}`,
-            number: parsed.number,
-            title: pr.title,
-            closedAt: pr.closedAt,
-        });
-    }
-    if (skipped > 0) {
-        warn(MODULE, `Skipped ${skipped} stored closed PR(s) with unparseable URLs`);
-    }
-    return results;
+    return storedToPRs(stored, 'closedAt', 'closed');
 }
 /**
  * Compute PRs grouped by repository from a digest and state.

package/dist/commands/dashboard-server.d.ts

@@ -5,6 +5,8 @@
  *
  * Uses Node's built-in http module — no Express/Fastify.
  */
+import { type DashboardJsonData } from './dashboard-data.js';
+import { type DailyDigest, type AgentState, type CommentedIssue, type MergedPR, type ClosedPR } from '../core/types.js';
 export { getDashboardPidPath, writeDashboardServerInfo, readDashboardServerInfo, removeDashboardServerInfo, isDashboardServerRunning, findRunningDashboardServer, type DashboardServerInfo, } from './dashboard-process.js';
 export interface DashboardServerOptions {
     port: number;
@@ -12,4 +14,12 @@ export interface DashboardServerOptions {
     token: string | null;
     open: boolean;
 }
+/**
+ * Build the JSON payload that the SPA expects from GET /api/data.
+ *
+ * Exported for unit testing of response-shape concerns that the full
+ * handler harness can't reach (it bakes a stale cachedDigest at server
+ * start-up, so tests that need a specific digest should call this directly).
+ */
+export declare function buildDashboardJson(digest: DailyDigest, state: Readonly<AgentState>, commentedIssues: CommentedIssue[], allMergedPRs?: MergedPR[], allClosedPRs?: ClosedPR[]): DashboardJsonData;
 export declare function startDashboardServer(options: DashboardServerOptions): Promise<void>;

package/dist/commands/dashboard-server.js

@@ -68,8 +68,12 @@ function getIssueListMtimeMs() {
 }
 /**
  * Build the JSON payload that the SPA expects from GET /api/data.
+ *
+ * Exported for unit testing of response-shape concerns that the full
+ * handler harness can't reach (it bakes a stale cachedDigest at server
+ * start-up, so tests that need a specific digest should call this directly).
  */
-function buildDashboardJson(digest, state, commentedIssues, allMergedPRs, allClosedPRs) {
+export function buildDashboardJson(digest, state, commentedIssues, allMergedPRs, allClosedPRs) {
     const prsByRepo = computePRsByRepo(digest, state);
     const topRepos = computeTopRepos(prsByRepo);
     const { monthlyMerged, monthlyOpened, monthlyClosed } = getMonthlyData(state);
@@ -104,7 +108,11 @@ function buildDashboardJson(digest, state, commentedIssues, allMergedPRs, allClo
         monthlyOpened,
         monthlyClosed,
         activePRs: applyStatusOverrides(digest.openPRs || [], state),
-        shelvedPRUrls: state.config.shelvedPRUrls || [],
+        // Source of truth is digest.shelvedPRs (union of explicitly-shelved URLs
+        // and dormant-non-addressing PRs auto-shelved for display). Returning
+        // only state.config.shelvedPRUrls would under-count and desync from
+        // stats.shelvedPRs, which is already derived from digest.shelvedPRs. (#981)
+        shelvedPRUrls: (digest.shelvedPRs || []).map((ref) => ref.url),
         recentlyMergedPRs: digest.recentlyMergedPRs || [],
         recentlyClosedPRs: digest.recentlyClosedPRs || [],
         autoUnshelvedPRs: digest.autoUnshelvedPRs || [],

package/dist/commands/scout-bridge.js

@@ -44,6 +44,13 @@ export function buildScoutState() {
             title: pr.title,
             closedAt: pr.closedAt,
         })),
+        // Map ephemeral openPRs (regenerated each daily run) from the last digest
+        // so oss-scout's Phase 0 also searches repos with active-but-unmerged PRs.
+        openPRs: (state.lastDigest?.openPRs ?? []).map((pr) => ({
+            url: pr.url,
+            title: pr.title,
+            openedAt: pr.createdAt,
+        })),
         savedResults: [],
         skippedIssues: [],
         lastRunAt: state.lastRunAt,

package/dist/commands/vet-list.js

@@ -6,6 +6,9 @@ import * as fs from 'fs';
 import { createAutopilotScout } from './scout-bridge.js';
 import { runParseList, pruneIssueList } from './parse-list.js';
 import { detectIssueList } from './startup.js';
+import { computeSuccessGrade, gradeFromCandidate } from '../core/issue-grading.js';
+import { getStateManager } from '../core/index.js';
+const UNKNOWN_GRADE = computeSuccessGrade({ avgResponseDays: null, mergeRate: null, daysSinceLastCommit: null });
 /**
  * Determine the list status from vetting results.
  * Maps vetting recommendation + reasons to a list-level status.
@@ -62,6 +65,11 @@ export async function runVetList(options = {}) {
             const item = items[index++];
             try {
                 const candidate = await scout.vetIssue(item.url);
+                const grade = gradeFromCandidate({
+                    repo: candidate.issue.repo,
+                    projectHealth: candidate.projectHealth,
+                    getRepoScore: (repo) => getStateManager().getRepoScore(repo),
+                });
                 const vetResult = {
                     issue: {
                         repo: candidate.issue.repo,
@@ -75,6 +83,7 @@ export async function runVetList(options = {}) {
                     reasonsToSkip: candidate.reasonsToSkip,
                     projectHealth: candidate.projectHealth,
                     vettingResult: candidate.vettingResult,
+                    grade,
                 };
                 results.push({
                     ...vetResult,
@@ -90,6 +99,7 @@ export async function runVetList(options = {}) {
                     reasonsToSkip: [`Error: ${error instanceof Error ? error.message : String(error)}`],
                     projectHealth: {},
                     vettingResult: {},
+                    grade: UNKNOWN_GRADE,
                     listStatus: 'error',
                     errorMessage: error instanceof Error ? error.message : String(error),
                 });

package/dist/commands/vet.js

@@ -4,6 +4,8 @@
  */
 import { createAutopilotScout } from './scout-bridge.js';
 import { ISSUE_URL_PATTERN, validateGitHubUrl, validateUrl } from './validation.js';
+import { gradeFromCandidate } from '../core/issue-grading.js';
+import { getStateManager } from '../core/index.js';
 /**
  * Vet a specific GitHub issue for claimability and project health.
  *
@@ -17,6 +19,11 @@ export async function runVet(options) {
     validateGitHubUrl(options.issueUrl, ISSUE_URL_PATTERN, 'issue');
     const scout = await createAutopilotScout();
     const candidate = await scout.vetIssue(options.issueUrl);
+    const grade = gradeFromCandidate({
+        repo: candidate.issue.repo,
+        projectHealth: candidate.projectHealth,
+        getRepoScore: (repo) => getStateManager().getRepoScore(repo),
+    });
     return {
         issue: {
             repo: candidate.issue.repo,
@@ -30,5 +37,6 @@ export async function runVet(options) {
         reasonsToSkip: candidate.reasonsToSkip,
         projectHealth: candidate.projectHealth,
         vettingResult: candidate.vettingResult,
+        grade,
     };
 }

package/dist/core/anti-llm-policy.d.ts

@@ -0,0 +1,32 @@
+/**
+ * Anti-LLM policy scan (#108, #911, #979).
+ *
+ * Scan concatenated repo docs (CONTRIBUTING.md, CODE_OF_CONDUCT.md,
+ * README) for language that indicates the project does not accept
+ * AI/LLM-generated contributions. Previously described as a keyword
+ * table in prose in agents/issue-scout.md.
+ *
+ * The long-term home for this logic is `@oss-scout/core`, where the
+ * relevant files are already fetched during vetting. Keeping it here
+ * for now lets the agent invoke it directly and gives scout a
+ * reference implementation + test fixtures to adopt. See #979.
+ *
+ * Precision matters more than recall. False positives (flagging a
+ * project that actually welcomes AI help) silently shrink the user's
+ * contribution surface without recourse. We only match on phrases
+ * that combine a rejection keyword (no / reject / will be closed /
+ * don't accept) with an AI/LLM noun.
+ */
+export type AntiLLMCategory = 'explicit_ban' | 'tool_ban' | 'reject_framing';
+export interface AntiLLMMatch {
+    category: AntiLLMCategory;
+    /** The exact substring from the source text that triggered the match. */
+    phrase: string;
+    /** ~80 character window around the match, for surfacing to the user. */
+    excerpt: string;
+}
+export interface AntiLLMScanResult {
+    matched: boolean;
+    matches: AntiLLMMatch[];
+}
+export declare function scanForAntiLLMPolicy(text: string): AntiLLMScanResult;

package/dist/core/anti-llm-policy.js

@@ -0,0 +1,101 @@
+/**
+ * Anti-LLM policy scan (#108, #911, #979).
+ *
+ * Scan concatenated repo docs (CONTRIBUTING.md, CODE_OF_CONDUCT.md,
+ * README) for language that indicates the project does not accept
+ * AI/LLM-generated contributions. Previously described as a keyword
+ * table in prose in agents/issue-scout.md.
+ *
+ * The long-term home for this logic is `@oss-scout/core`, where the
+ * relevant files are already fetched during vetting. Keeping it here
+ * for now lets the agent invoke it directly and gives scout a
+ * reference implementation + test fixtures to adopt. See #979.
+ *
+ * Precision matters more than recall. False positives (flagging a
+ * project that actually welcomes AI help) silently shrink the user's
+ * contribution surface without recourse. We only match on phrases
+ * that combine a rejection keyword (no / reject / will be closed /
+ * don't accept) with an AI/LLM noun.
+ */
+const PATTERNS = [
+    // Explicit "no X" bans against AI/LLM nouns.
+    { category: 'explicit_ban', regex: /\bno\s+(ai|llm)[-\s](generated|authored|written|assisted|contributions?)/i },
+    { category: 'explicit_ban', regex: /\b(ban|banned|banning)\s+(ai|llm)\b/i },
+    // Named-tool bans. Optionally match a "-generated/-authored/-…"
+    // continuation (clear ban wording), and use a negative lookahead to
+    // reject unrelated hyphen-words like "no copilot-style autocomplete"
+    // (which describes a feature, not a contribution policy).
+    {
+        category: 'tool_ban',
+        regex: /\bno\s+(copilot|chatgpt|claude|cursor)(-(generated|authored|assisted|written))?(?![a-z-])/i,
+    },
+    { category: 'tool_ban', regex: /\bno\s+ai\s+coding\s+tools?\b/i },
+    // Rejection framing. To avoid false positives like "AI PRs are closed
+    // to new comments" (closed means something else) or "AI suggestions
+    // from your IDE" (not a contribution), we require both an AI/LLM
+    // qualifier AND a contribution noun AND a rejection verb phrase. The
+    // two patterns cover "AI-generated code will be closed" (with
+    // participle) and "AI contributions will be closed" (without).
+    {
+        category: 'reject_framing',
+        regex: /\b(ai|llm)[-\s](generated|assisted|authored|written)\s+(code|prs?|contributions?)\s+(will\s+be\s+(closed|rejected)|are\s+rejected)/i,
+    },
+    {
+        category: 'reject_framing',
+        regex: /\b(ai|llm)\s+(code|prs?|contributions?)\s+(will\s+be\s+(closed|rejected)|are\s+rejected)/i,
+    },
+    // "do/does not accept AI-{noun}" / "reject AI contributions" — both
+    // require a contribution noun to avoid matching "accept AI suggestions
+    // from your IDE" or similar incidental mentions.
+    {
+        category: 'reject_framing',
+        regex: /\b(do|does)(\s+not|n't)\s+accept\s+(ai|llm)[-\s](generated|assisted|authored|written|contributions?|code|prs?)\b/i,
+    },
+    { category: 'reject_framing', regex: /\breject\s+(ai|llm)\s+contributions?\b/i },
+];
+const EXCERPT_RADIUS = 40;
+function makeExcerpt(text, matchIndex, matchLength) {
+    const start = Math.max(0, matchIndex - EXCERPT_RADIUS);
+    const end = Math.min(text.length, matchIndex + matchLength + EXCERPT_RADIUS);
+    const prefix = start > 0 ? '…' : '';
+    const suffix = end < text.length ? '…' : '';
+    return `${prefix}${text.slice(start, end).replace(/\s+/g, ' ').trim()}${suffix}`;
+}
+/**
+ * Normalize exotic whitespace and hyphens so patterns written with plain
+ * ASCII still match real-world markdown. Covers non-breaking space,
+ * non-breaking hyphen, en dash, em dash, and figure dash — all of which
+ * show up in CONTRIBUTING files authored in rich-text editors.
+ */
+function normalizeText(text) {
+    return text
+        .normalize('NFKC')
+        .replace(/[\u00A0]/g, ' ')
+        .replace(/[\u2010\u2011\u2012\u2013\u2014\u2015]/g, '-');
+}
+export function scanForAntiLLMPolicy(text) {
+    if (typeof text !== 'string') {
+        throw new TypeError(`scanForAntiLLMPolicy: expected string, received ${typeof text}`);
+    }
+    if (text === '')
+        return { matched: false, matches: [] };
+    const normalized = normalizeText(text);
+    const seenLabels = new Set();
+    const matches = [];
+    for (const pattern of PATTERNS) {
+        const hit = normalized.match(pattern.regex);
+        if (!hit || hit.index === undefined)
+            continue;
+        const phrase = hit[0];
+        const key = `${pattern.category}:${phrase.toLowerCase()}`;
+        if (seenLabels.has(key))
+            continue;
+        seenLabels.add(key);
+        matches.push({
+            category: pattern.category,
+            phrase,
+            excerpt: makeExcerpt(normalized, hit.index, phrase.length),
+        });
+    }
+    return { matched: matches.length > 0, matches };
+}

package/dist/core/errors.d.ts

@@ -45,6 +45,30 @@ export declare function getHttpStatusCode(error: unknown): number | undefined;
 export declare function isRateLimitError(error: unknown): boolean;
 /** Return true for errors that should propagate (not degrade gracefully): rate limits, auth failures, abuse detection. */
 export declare function isRateLimitOrAuthError(err: unknown): boolean;
+/**
+ * Build a `.catch()` handler for the "non-fatal parallel fetch" pattern used
+ * by daily.ts and dashboard-data.ts (#960). When a sibling fetch fails during
+ * a bulk-parallel orchestration, we want:
+ *
+ * - rate-limit / auth errors to propagate (those abort the whole run — the
+ *   user needs to see them), and
+ * - every other error to log a warning and fall back to a safe default so
+ *   the other siblings can still succeed.
+ *
+ * Inline at each call site, this is ~4 lines of boilerplate repeated 10+
+ * times. Consolidated here so the rate-limit-rethrow rule lives in exactly
+ * one place.
+ *
+ * @example
+ *   prMonitor.fetchRecentlyClosedPRs().catch(
+ *     nonFatalCatch({ module: MODULE, label: 'fetch recently closed PRs', fallback: [] as ClosedPR[] })
+ *   );
+ */
+export declare function nonFatalCatch<T>(params: {
+    module: string;
+    label: string;
+    fallback: T;
+}): (err: unknown) => T;
 /**
  * Map an unknown error to a structured ErrorCode for JSON output.
  * Checks custom error classes, HTTP status codes (Octokit errors),

package/dist/core/errors.js

@@ -7,6 +7,7 @@
  * propagate to the caller via isRateLimitError/isRateLimitOrAuthError.
  * Other errors degrade gracefully — modules return partial results and log warnings.
  */
+import { warn } from './logger.js';
 /**
  * Base error for all oss-autopilot errors.
  */
@@ -87,6 +88,33 @@ export function isRateLimitOrAuthError(err) {
     }
     return false;
 }
+/**
+ * Build a `.catch()` handler for the "non-fatal parallel fetch" pattern used
+ * by daily.ts and dashboard-data.ts (#960). When a sibling fetch fails during
+ * a bulk-parallel orchestration, we want:
+ *
+ * - rate-limit / auth errors to propagate (those abort the whole run — the
+ *   user needs to see them), and
+ * - every other error to log a warning and fall back to a safe default so
+ *   the other siblings can still succeed.
+ *
+ * Inline at each call site, this is ~4 lines of boilerplate repeated 10+
+ * times. Consolidated here so the rate-limit-rethrow rule lives in exactly
+ * one place.
+ *
+ * @example
+ *   prMonitor.fetchRecentlyClosedPRs().catch(
+ *     nonFatalCatch({ module: MODULE, label: 'fetch recently closed PRs', fallback: [] as ClosedPR[] })
+ *   );
+ */
+export function nonFatalCatch(params) {
+    return (err) => {
+        if (isRateLimitOrAuthError(err))
+            throw err;
+        warn(params.module, `Failed to ${params.label}: ${errorMessage(err)}`);
+        return params.fallback;
+    };
+}
 /**
  * Map an unknown error to a structured ErrorCode for JSON output.
  * Checks custom error classes, HTTP status codes (Octokit errors),