@oss-autopilot/core 3.13.4 → 3.14.1

package/dist/cli.js

@@ -80,13 +80,14 @@ program.hook('preAction', async (thisCommand, actionCommand) => {
         // when Gist mode is the configured persistence (#1000). Hard errors
         // still throw (#1202); the resolving degraded modes are surfaced in the
         // JSON envelope so --json consumers see them too (#1433).
-        const { ensureGistPersistence } = await import('./core/index.js');
+        const { ensureGistPersistence, renderGistWarning } = await import('./core/index.js');
         const status = await ensureGistPersistence(token);
         if (status === 'degraded' || status === 'state-unreadable') {
             const { setEnvelopeGistWarning } = await import('./formatters/json.js');
-            setEnvelopeGistWarning('Gist persistence is configured but this run is LOCAL-ONLY (' +
-                (status === 'degraded' ? 'transient network failure during init' : 'state file could not be read') +
-                '); changes may be overwritten by the next successful Gist sync.');
+            // Shared renderer (#1444). 'degraded' is ensureGistPersistence's
+            // deliberate conflation of the transient init fallback and a #1443
+            // degraded bootstrap — rendered as the init-fallback cause, as before.
+            setEnvelopeGistWarning(renderGistWarning(status === 'degraded' ? 'init-fallback' : 'state-unreadable'));
         }
     }
     else {

package/dist/commands/comments.js

@@ -7,7 +7,7 @@ import { wrapUntrustedContent } from '../core/untrusted-content.js';
 import { ValidationError, isRateLimitOrAuthError } from '../core/errors.js';
 import { warn } from '../core/logger.js';
 const MODULE = 'comments';
-import { paginateAll } from '../core/pagination.js';
+import { paginateAllDetailed } from '../core/pagination.js';
 import { buildStalenessWarning } from '../formatters/json.js';
 import { validateUrl, validateMessage, validateGitHubUrl, PR_URL_PATTERN, ISSUE_OR_PR_URL_PATTERN, ISSUE_URL_PATTERN, } from './validation.js';
 /**
@@ -35,22 +35,22 @@ export async function runComments(options) {
     // Get PR details
     const { data: pr } = await octokit.pulls.get({ owner, repo, pull_number });
     // Fetch review comments, issue comments, and reviews in parallel
-    const [reviewComments, issueComments, reviews] = await Promise.all([
-        paginateAll((page) => octokit.pulls.listReviewComments({
+    const [reviewCommentsResult, issueCommentsResult, reviewsResult] = await Promise.all([
+        paginateAllDetailed((page) => octokit.pulls.listReviewComments({
             owner,
             repo,
             pull_number,
             per_page: 100,
             page,
         })),
-        paginateAll((page) => octokit.issues.listComments({
+        paginateAllDetailed((page) => octokit.issues.listComments({
             owner,
             repo,
             issue_number: pull_number,
             per_page: 100,
             page,
         })),
-        paginateAll((page) => octokit.pulls.listReviews({
+        paginateAllDetailed((page) => octokit.pulls.listReviews({
             owner,
             repo,
             pull_number,
@@ -58,12 +58,28 @@ export async function runComments(options) {
             page,
         })),
     ]);
+    const { items: reviewComments } = reviewCommentsResult;
+    const { items: issueComments } = issueCommentsResult;
+    const { items: reviews } = reviewsResult;
+    // Pagination truncation is a data-quality signal, not a failure: these
+    // endpoints return oldest-first, so hitting the page cap drops the NEWEST
+    // comments — exactly the ones a "what needs response" consumer cares
+    // about. Thread it into the structured warnings channel (#1456).
+    const truncatedStreams = [
+        ...(reviewsResult.truncated ? ['reviews'] : []),
+        ...(reviewCommentsResult.truncated ? ['inline review comments'] : []),
+        ...(issueCommentsResult.truncated ? ['discussion comments'] : []),
+    ];
     // Filter out own comments, optionally show bots
     const username = stateManager.getState().config.githubUsername;
     const filterComment = (c) => {
         if (!c.user)
             return false;
-        if (c.user.login === username)
+        // Lowercase both sides: GitHub logins are case-insensitive, and a
+        // non-canonical-case configured username must not leak the user's own
+        // comments into "needs response" (#1456). Mirrors review-analysis.ts
+        // and issue-conversation.ts.
+        if (c.user.login?.toLowerCase() === username?.toLowerCase())
             return false;
         if (c.user.type === 'Bot' && !options.showBots)
             return false;
@@ -85,6 +101,18 @@ export async function runComments(options) {
     const fenceLabel = `${owner}/${repo}#${pull_number}`;
     const fence = (body, source, author, association) => wrapUntrustedContent(body, fenceLabel, { author, association, source });
     const staleness = stateManager.getStateStaleness();
+    const warnings = [];
+    if (truncatedStreams.length > 0) {
+        warnings.push({
+            phase: 'fetch',
+            operation: 'fetch PR comments (truncated)',
+            message: `Pagination cap reached fetching ${truncatedStreams.join(', ')} for ${owner}/${repo}#${pull_number}; ` +
+                `the newest entries in those streams may be missing.`,
+        });
+    }
+    if (staleness) {
+        warnings.push(buildStalenessWarning(staleness));
+    }
     return {
         pr: {
             title: pr.title,
@@ -116,7 +144,7 @@ export async function runComments(options) {
             inlineCommentCount: relevantReviewComments.length,
             discussionCommentCount: relevantIssueComments.length,
         },
-        ...(staleness ? { warnings: [buildStalenessWarning(staleness)] } : {}),
+        ...(warnings.length > 0 ? { warnings } : {}),
     };
 }
 /**
@@ -212,6 +240,7 @@ export async function runClaim(options) {
     });
     // Add to tracked issues — non-fatal if state save fails (comment already posted)
     let gistSyncWarning = null;
+    let stateSaveWarning;
     try {
         const stateManager = getStateManager();
         stateManager.addIssue({
@@ -232,13 +261,18 @@ export async function runClaim(options) {
         gistSyncWarning = await maybeCheckpoint(stateManager, MODULE);
     }
     catch (error) {
-        // Structured warning instead of bare console.error so the breadcrumb shows
-        // up in the plugin's log pipeline (#1056 M24).
-        warn(MODULE, `Comment posted on ${options.issueUrl} but failed to save to local state: ${error instanceof Error ? error.message : error}`);
+        // The claim comment is live on GitHub but local state never tracked it —
+        // an otherwise-clean envelope would hide an invisible untracked claim, so
+        // thread the failure into the output (#1448). Structured warning instead
+        // of bare console.error so the breadcrumb shows up in the plugin's log
+        // pipeline (#1056 M24).
+        stateSaveWarning = `Comment posted on ${options.issueUrl} but failed to save to local state: ${error instanceof Error ? error.message : error}`;
+        warn(MODULE, stateSaveWarning);
     }
     return {
         commentUrl: comment.html_url,
         issueUrl: options.issueUrl,
         ...(gistSyncWarning ? { gistSyncWarning } : {}),
+        ...(stateSaveWarning ? { stateSaveWarning } : {}),
     };
 }

package/dist/commands/config.d.ts

@@ -13,6 +13,8 @@ export interface ConfigSetOutput {
     success: true;
     key: string;
     value: string;
+    /** Set when the post-mutation Gist checkpoint failed; the local mutation succeeded (#1440). */
+    gistSyncWarning?: string;
 }
 export interface ConfigListKeysOutput {
     keys: readonly ConfigKeyDef[];

package/dist/commands/config.js

@@ -2,10 +2,11 @@
  * Config command
  * Shows or updates configuration
  */
-import { CONFIG_KEY_REGISTRY, formatUnknownKeyError, getStateManager } from '../core/index.js';
+import { CONFIG_KEY_REGISTRY, formatUnknownKeyError, getStateManager, maybeCheckpoint, } from '../core/index.js';
 import { ValidationError } from '../core/errors.js';
 import { ISSUE_SCOPES, DIFF_TOOLS } from '../core/types.js';
 import { validateGitHubUsername } from './validation.js';
+const MODULE = 'config';
 function validateScope(value) {
     if (!ISSUE_SCOPES.includes(value)) {
         throw new Error(`Invalid scope "${value}". Valid scopes: ${ISSUE_SCOPES.join(', ')}`);
@@ -115,6 +116,49 @@ export async function runConfig(options) {
             }
             break;
         }
+        case 'add-avoid-repo': {
+            // Same owner/repo shape as exclude-repo, but no cleanupExcludedData
+            // call: avoidRepos is a soft ranking penalty, not a hard exclusion,
+            // so tracked data for the repo stays intact (#1464).
+            const parts = value.split('/');
+            if (parts.length !== 2 || !parts[0] || !parts[1]) {
+                throw new Error(`Invalid repo format "${value}". Use "owner/repo" format.`);
+            }
+            const currentAvoid = currentConfig.avoidRepos ?? [];
+            const valueLower = value.toLowerCase();
+            if (!currentAvoid.some((r) => r.toLowerCase() === valueLower)) {
+                stateManager.updateConfig({ avoidRepos: [...currentAvoid, value] });
+            }
+            break;
+        }
+        case 'remove-avoid-repo': {
+            const currentAvoid = currentConfig.avoidRepos ?? [];
+            const valueLower = value.toLowerCase();
+            if (!currentAvoid.some((r) => r.toLowerCase() === valueLower)) {
+                throw new Error(`Repo "${value}" is not on the avoid list. Current avoid list: ${currentAvoid.join(', ') || '(empty)'}`);
+            }
+            stateManager.updateConfig({ avoidRepos: currentAvoid.filter((r) => r.toLowerCase() !== valueLower) });
+            break;
+        }
+        case 'add-boost-issue-type': {
+            // Scout matches boostIssueTypes against issue labels case-insensitively,
+            // so the duplicate check is case-insensitive too (#1464).
+            const currentTypes = currentConfig.boostIssueTypes ?? [];
+            const valueLower = value.toLowerCase();
+            if (!currentTypes.some((t) => t.toLowerCase() === valueLower)) {
+                stateManager.updateConfig({ boostIssueTypes: [...currentTypes, value] });
+            }
+            break;
+        }
+        case 'remove-boost-issue-type': {
+            const currentTypes = currentConfig.boostIssueTypes ?? [];
+            const valueLower = value.toLowerCase();
+            if (!currentTypes.some((t) => t.toLowerCase() === valueLower)) {
+                throw new Error(`Issue type "${value}" is not on the boost list. Current boost list: ${currentTypes.join(', ') || '(empty)'}`);
+            }
+            stateManager.updateConfig({ boostIssueTypes: currentTypes.filter((t) => t.toLowerCase() !== valueLower) });
+            break;
+        }
         case 'issueListPath': {
             stateManager.updateConfig({ issueListPath: value || undefined });
             break;
@@ -136,5 +180,9 @@ export async function runConfig(options) {
             throw new ValidationError(formatUnknownKeyError(options.key, 'config'));
         }
     }
-    return { success: true, key: options.key, value };
+    // Push the config mutation to the Gist in gist mode (no-op locally).
+    // Without this the change only hits the local cache and the next
+    // bootstrap reverts it from the Gist (#1440).
+    const gistSyncWarning = await maybeCheckpoint(stateManager, MODULE);
+    return { success: true, key: options.key, value, ...(gistSyncWarning ? { gistSyncWarning } : {}) };
 }

package/dist/commands/curated-list.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Shared line-matching helpers for the curated issue-list commands
+ * (`list-move-tier`, `list-mark-done`). Both commands locate entries in the
+ * same markdown file, so they must agree on what counts as an entry line
+ * and on URL matching semantics — they had drifted on both (#1442).
+ */
+/** Top-level list entry — `- `, `* `, `+ `, or `1.` at the start (no leading whitespace). */
+export declare const ENTRY_LINE_RE: RegExp;
+/** The entry's leading list marker, for stripping before inspecting the body. */
+export declare const ENTRY_MARKER_RE: RegExp;
+/**
+ * Match the URL only when followed by a non-digit character (or end of
+ * line). A bare `includes(issueUrl)` would match `issues/1` against a line
+ * containing `issues/10`, so acting on issue 1 would also hit issues
+ * 10/100/... (#1442).
+ */
+export declare function lineMentionsUrl(line: string, issueUrl: string): boolean;

package/dist/commands/curated-list.js

@@ -0,0 +1,25 @@
+/**
+ * Shared line-matching helpers for the curated issue-list commands
+ * (`list-move-tier`, `list-mark-done`). Both commands locate entries in the
+ * same markdown file, so they must agree on what counts as an entry line
+ * and on URL matching semantics — they had drifted on both (#1442).
+ */
+/** Top-level list entry — `- `, `* `, `+ `, or `1.` at the start (no leading whitespace). */
+export const ENTRY_LINE_RE = /^[*+-]\s|^\d+\.\s/;
+/** The entry's leading list marker, for stripping before inspecting the body. */
+export const ENTRY_MARKER_RE = /^(?:[*+-]\s+|\d+\.\s+)/;
+/**
+ * Match the URL only when followed by a non-digit character (or end of
+ * line). A bare `includes(issueUrl)` would match `issues/1` against a line
+ * containing `issues/10`, so acting on issue 1 would also hit issues
+ * 10/100/... (#1442).
+ */
+export function lineMentionsUrl(line, issueUrl) {
+    const idx = line.indexOf(issueUrl);
+    if (idx === -1)
+        return false;
+    const next = line.charCodeAt(idx + issueUrl.length);
+    // NaN (end of string) → boundary OK. Otherwise reject any digit
+    // immediately after the URL so 'issues/1' doesn't match 'issues/10'.
+    return Number.isNaN(next) || next < 48 /* '0' */ || next > 57; /* '9' */
+}

package/dist/commands/daily.d.ts

@@ -8,7 +8,7 @@
  */
 import { type AttentionSummary, type DailyDigest, type CommentedIssue, type PRCheckFailure, type RepoGroup } from '../core/index.js';
 import { type StrategyResult } from '../core/strategy.js';
-import { type DailyOutput, type DailyWarning, type CapacityAssessment, type ActionableIssue, type ActionMenu } from '../formatters/json.js';
+import { type DailyOutput, type DailyWarning, type CapacityAssessment, type ActionableIssue, type ActionMenu, type MergedPRListUpdate } from '../formatters/json.js';
 export { applyStatusOverrides, computeRepoSignals, groupPRsByRepo, assessCapacity, collectActionableIssues, computeActionMenu, toShelvedPRRef, formatBriefSummary, formatSummary, printDigest, CRITICAL_STATUSES, } from '../core/index.js';
 import { buildStarFilter } from '../core/daily-logic.js';
 export { buildStarFilter };
@@ -38,6 +38,12 @@ export interface DailyCheckResult {
      * where the gate stays silent.
      */
     strategySummary?: StrategyResult | null;
+    /**
+     * Curated-list entries auto-marked done because their PR merged (#1463).
+     * Set only when at least one entry was struck this run; merge-free runs
+     * omit it so serialized output (and contract goldens) stay unchanged.
+     */
+    listUpdates?: MergedPRListUpdate[];
 }
 /**
  * Convert a full DailyCheckResult to the compact DailyOutput for JSON serialization (#287).