@tekyzinc/gsd-t 3.29.10 → 3.29.11

package/CHANGELOG.md

@@ -2,6 +2,36 @@
 
 All notable changes to GSD-T are documented here. Updated with each release.
 
+## [3.29.11] - 2026-05-29 09:57 PDT
+
+### Fixed — CRITICAL test-data adapter data-destruction bug (M60)
+
+Found by a native-Workflow Red Team bake-off (Opus 4.8, perspective-diverse
+adversarial review) while evaluating GSD-T against native Claude Code 4.8
+capability. M58's own in-session Red Team had passed this as "6/6 defended"
+— the claim was wrong.
+
+- **Bug**: `bin/gsd-t-test-data-adapters/file-json-array.cjs` and
+  `localstorage-key-prefix.cjs` guarded with
+  `typeof taggedPrefix === 'string' && taggedPrefix.length > 0 && !id.startsWith(...)`.
+  An empty/undefined `taggedPrefix` short-circuits the whole condition, so
+  **no guard runs** — `gsd-t test-data --purge` would delete untagged
+  production records and report `errors:0` (gate GREEN). No adapter enforced
+  `projectDir` containment on the `store` path, making it a write-anywhere
+  delete primitive. Reproduced live before fixing.
+- **Fix** (additive refusal only — removes capability, never adds destructive
+  behavior): both adapters now hard-refuse empty/undefined `taggedPrefix`
+  (matching the already-correct `sqlite-table-where` adapter); `file-json-array`
+  and `sqlite-table-where` enforce the containment predicate
+  `resolved.startsWith(root + sep) && resolved !== root` when `projectDir` is
+  supplied; `purgeRunInserts` threads `projectDir` into every adapter call.
+- **Tests**: new `test/m60-redteam-regressions.test.js` (10 tests, one per
+  finding + happy-path + back-compat). M58 suite 44/44 unchanged.
+- **Contract**: `test-data-tagging-contract.md` → v1.1.0 STABLE (empty-prefix
+  refusal + path containment now normative).
+- Backward-compatible: the happy path (non-empty prefix, in-project path, or
+  no `projectDir`) is unchanged.
+
 ## [3.29.10] - 2026-05-27 10:09 PDT
 
 ### Changed — Timestamp precision in progress.md (forward-only)

package/bin/gsd-t-test-data-adapters/file-json-array.cjs

@@ -5,23 +5,47 @@
  * `store` is the file path; `id` is the value of the `id` field on the matching row.
  *
  * Refuses to delete a record whose `id` does not start with `taggedPrefix`.
- * Atomic rewrite (write-temp + rename).
+ * `taggedPrefix` is REQUIRED and non-empty — an empty/omitted prefix would
+ * disable the guard entirely (Red Team CRITICAL, M60). Atomic rewrite
+ * (write-temp + rename).
+ *
+ * When `projectDir` is supplied, `store` MUST resolve inside it — the adapter
+ * refuses paths outside-AND-equal-to projectDir (containment predicate from
+ * feedback_destructive_path_ops_containment). Prevents a tampered ledger from
+ * becoming a write-anywhere delete primitive.
  */
 const fs = require('node:fs');
 const path = require('node:path');
 
 const KIND = 'file-json-array';
 
-function purge({ store, id, taggedPrefix }) {
+function assertContained(store, projectDir) {
+  if (typeof projectDir !== 'string' || projectDir.length === 0) {
+    return; // no projectDir supplied — containment not enforceable, caller's choice
+  }
+  const root = path.resolve(projectDir);
+  const resolved = path.resolve(store);
+  if (!(resolved.startsWith(root + path.sep) && resolved !== root)) {
+    throw new Error(
+      `file-json-array: store path "${store}" resolves outside projectDir "${projectDir}" — refused (containment guard)`
+    );
+  }
+}
+
+function purge({ store, id, taggedPrefix, projectDir }) {
   if (typeof store !== 'string' || store.length === 0) {
     throw new Error('file-json-array: store must be a non-empty file path');
   }
   if (typeof id !== 'string' || id.length === 0) {
     throw new Error('file-json-array: id must be a non-empty string');
   }
-  if (typeof taggedPrefix === 'string' && taggedPrefix.length > 0 && !id.startsWith(taggedPrefix)) {
+  if (typeof taggedPrefix !== 'string' || taggedPrefix.length === 0) {
+    throw new Error('file-json-array: taggedPrefix is required and must be non-empty (guard cannot be disabled)');
+  }
+  if (!id.startsWith(taggedPrefix)) {
     throw new Error(`file-json-array: tag prefix mismatch (id="${id}", taggedPrefix="${taggedPrefix}")`);
   }
+  assertContained(store, projectDir);
 
   if (!fs.existsSync(store)) {
     return 'absent';

package/bin/gsd-t-test-data-adapters/localstorage-key-prefix.cjs

@@ -22,7 +22,12 @@ async function purge({ page, store, id, taggedPrefix }) {
   if (typeof id !== 'string' || id.length === 0) {
     throw new Error('localStorage-key-prefix: id must be a non-empty string');
   }
-  if (typeof taggedPrefix === 'string' && taggedPrefix.length > 0 && !id.startsWith(taggedPrefix)) {
+  // taggedPrefix is REQUIRED and non-empty — an empty/omitted prefix would
+  // disable the guard entirely (Red Team CRITICAL, M60).
+  if (typeof taggedPrefix !== 'string' || taggedPrefix.length === 0) {
+    throw new Error('localStorage-key-prefix: taggedPrefix is required and must be non-empty (guard cannot be disabled)');
+  }
+  if (!id.startsWith(taggedPrefix)) {
     throw new Error(`localStorage-key-prefix: tag prefix mismatch (id="${id}", taggedPrefix="${taggedPrefix}")`);
   }
 

package/bin/gsd-t-test-data-adapters/sqlite-table-where.cjs

@@ -8,11 +8,25 @@
  * still loads when the module isn't installed. Tests self-skip in that case.
  */
 const fs = require('node:fs');
+const path = require('node:path');
 
 const KIND = 'sqlite-table-where';
 
 const IDENT_RE = /^[A-Za-z_][A-Za-z0-9_]*$/;
 
+function assertContained(dbPath, projectDir) {
+  if (typeof projectDir !== 'string' || projectDir.length === 0) {
+    return; // no projectDir supplied — containment not enforceable, caller's choice
+  }
+  const root = path.resolve(projectDir);
+  const resolved = path.resolve(dbPath);
+  if (!(resolved.startsWith(root + path.sep) && resolved !== root)) {
+    throw new Error(
+      `sqlite-table-where: dbPath "${dbPath}" resolves outside projectDir "${projectDir}" — refused (containment guard)`
+    );
+  }
+}
+
 function parseStore(store) {
   if (typeof store !== 'string') {
     throw new Error('sqlite-table-where: store must be "dbPath|table|idColumn"');
@@ -34,7 +48,7 @@ function parseStore(store) {
   return { dbPath, table, idColumn };
 }
 
-function purge({ store, id, taggedPrefix }) {
+function purge({ store, id, taggedPrefix, projectDir }) {
   const { dbPath, table, idColumn } = parseStore(store);
   if (typeof id !== 'string' || id.length === 0) {
     throw new Error('sqlite-table-where: id must be a non-empty string');
@@ -45,6 +59,7 @@ function purge({ store, id, taggedPrefix }) {
   if (!id.startsWith(taggedPrefix)) {
     throw new Error(`sqlite-table-where: tag prefix mismatch (id="${id}", taggedPrefix="${taggedPrefix}")`);
   }
+  assertContained(dbPath, projectDir);
   if (!fs.existsSync(dbPath)) {
     return 'absent';
   }

package/bin/gsd-t-test-data-ledger.cjs

@@ -129,6 +129,7 @@ async function purgeRunInserts({ projectDir, runId, dryRun }) {
         store: row.store,
         id: row.id,
         taggedPrefix: row.taggedPrefix,
+        projectDir, // thread through so path adapters can enforce containment (M60)
       });
       if (result === 'purged') {
         purged.push(row);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tekyzinc/gsd-t",
-  "version": "3.29.10",
+  "version": "3.29.11",
   "description": "GSD-T: Contract-Driven Development for Claude Code — 54 slash commands with headless-by-default workflow spawning, unattended supervisor relay with event stream, graph-powered code analysis, real-time agent dashboard, task telemetry, doc-ripple enforcement, backlog management, impact analysis, test sync, milestone archival, and PRD generation",
   "author": "Tekyz, Inc.",
   "license": "MIT",