@windyroad/risk-scorer 0.11.3-preview.479 → 0.11.3

package/hooks/external-comms-gate.sh

@@ -14,14 +14,6 @@
 #   - gh api .../comments                         (any REST surface accepting prose)
 #   - npm publish                                 (README / package metadata to npm)
 #   - PreToolUse:Write|Edit on .changeset/*.md    (P073 — gates author-time)
-#   - git commit -m / --message (incl. HEREDOC)   (P082 Phase 1 — commit message
-#                                                  body reaches every reader of git
-#                                                  log, PR commits tab, release-page
-#                                                  auto-notes, CHANGELOG. Editor
-#                                                  flow is out of scope per P082 SC1
-#                                                  — message is written to
-#                                                  .git/COMMIT_EDITMSG AFTER
-#                                                  PreToolUse, nothing to read.)
 #
 # Gate behaviour:
 #   1. BYPASS_RISK_GATE=1 short-circuits the gate (consistent with git-push-gate.sh).
@@ -152,59 +144,20 @@ except Exception:
             SURFACE="gh-api-comments"
         elif echo "$COMMAND" | grep -qE '(^|;|&&|\|\|)\s*npm publish(\s|$)'; then
             SURFACE="npm-publish"
-        elif echo "$COMMAND" | grep -qE '(^|;|&&|\|\|)\s*git commit(\s|$)'; then
-            # P082 Phase 1: gate `git commit -m / --message / HEREDOC` so commit
-            # message bodies are reviewed by the voice-tone + risk evaluators
-            # before they land in git log / PR commits tab / release notes /
-            # CHANGELOG. Editor flow (bare `git commit`) is out of scope per
-            # P082 SC1 — git writes .git/COMMIT_EDITMSG AFTER PreToolUse fires,
-            # so there's no body to extract at gate time. Skip silently when
-            # neither -m nor --message is present.
-            if echo "$COMMAND" | grep -qE '(\s|^)(-m|--message)(\s|=)'; then
-                SURFACE="git-commit-message"
-            else
-                exit 0
-            fi
         else
             exit 0
         fi
 
-        # Best-effort body extraction. Order matters — most-specific first.
-        #
-        #   HEREDOC first: `git commit -m "$(cat <<'EOF'\n...\nEOF\n)"` is the
-        #     AI-dominant form. Must precede --body "..." / -m "..." because
-        #     those would otherwise match the literal `$(cat <<'EOF'...EOF)`
-        #     text as the body, defeating the marker key match against the
-        #     subagent's <draft> body.
-        #   Then --body / --field for the gh + npm + security-advisories surfaces.
-        #   Then -m / --message for git commit (single-line literal forms).
-        #
-        # When absent (npm publish, --body-file, editor flow already filtered),
-        # DRAFT="" is acceptable: the agent will be invoked with command
-        # context and read whatever body source the call uses.
+        # Best-effort body extraction: --body 'TEXT' or --body "TEXT" or --field summary='TEXT'.
+        # When absent (npm publish, --body-file), DRAFT="" is acceptable: the agent will
+        # be invoked with command context and read whatever body source the call uses.
         DRAFT=$(printf '%s' "$COMMAND" | python3 -c "
 import sys, re
 cmd = sys.stdin.read()
-# (pattern, flags) — first match wins.
-patterns = [
-    # HEREDOC body — matches a here-doc with EOF delimiter (quoted or
-    # unquoted). The literal '<<' is written as the char-class pair
-    # [<][<] so bash's command-substitution parser does NOT mis-parse
-    # this regex as a real here-doc operator (P082 implementation note).
-    # DOTALL so the body can span newlines.
-    (r\"[<][<]\s*['\\\"]?EOF['\\\"]?\s*\n(.*?)\nEOF\", re.DOTALL),
-    # gh issue/pr + npm publish --body 'TEXT' / --body \"TEXT\" (existing).
-    (r\"--body[= ]'([^']*)'\", 0),
-    (r'--body[= ]\"([^\"]*)\"', 0),
-    # gh api --field summary='TEXT' / --field summary=\"TEXT\" (existing).
-    (r\"--field [a-zA-Z_]+='([^']*)'\", 0),
-    (r'--field [a-zA-Z_]+=\"([^\"]*)\"', 0),
-    # git commit -m / --message single-line literal forms (P082 Phase 1).
-    (r\"(?:-m|--message)[= ]'([^']*)'\", 0),
-    (r'(?:-m|--message)[= ]\"([^\"]*)\"', 0),
-]
-for pat, flags in patterns:
-    m = re.search(pat, cmd, flags)
+# Match --body '...' or --body \"...\" or --field summary='...'
+for pat in [r\"--body[= ]'([^']*)'\", r'--body[= ]\"([^\"]*)\"',
+            r\"--field [a-zA-Z_]+='([^']*)'\", r'--field [a-zA-Z_]+=\"([^\"]*)\"']:
+    m = re.search(pat, cmd)
     if m:
         print(m.group(1))
         break

package/hooks/test/external-comms-gate.bats

@@ -224,95 +224,3 @@ run_hook() {
   [ "$status" -eq 0 ]
   [ -z "$output" ]
 }
-
-# ---------------------------------------------------------------------------
-# P082 Phase 1 — git commit message surface (risk evaluator).
-# Commit messages reach git log / PR commits tab / release notes /
-# CHANGELOG. The risk evaluator gates the body for leak patterns
-# (credentials, prod URLs, business-context-paired financials/user counts)
-# AND defers structured leak-free drafts to the wr-risk-scorer:external-comms
-# subagent. Editor flow (bare `git commit`) is out of scope per P082 SC1.
-# ---------------------------------------------------------------------------
-
-@test "P082: git commit -m with leak-shaped credential body denies via leak pre-filter" {
-  INPUT=$(build_bash_input "git commit -m \"docs: token=${GH_TOKEN_LIKE}\"")
-  run_hook "$INPUT"
-  [ "$status" -eq 0 ]
-  [[ "$output" == *"deny"* ]]
-  [[ "$output" == *"git-commit-message"* ]]
-  [[ "$output" == *"GitHub token"* ]] || [[ "$output" == *"credential"* ]]
-}
-
-@test "P082: git commit -m with leak-free body denies and delegates to risk evaluator" {
-  INPUT=$(build_bash_input "git commit -m \"fix(foo): handle null input\"")
-  run_hook "$INPUT"
-  [ "$status" -eq 0 ]
-  [[ "$output" == *"deny"* ]]
-  [[ "$output" == *"git-commit-message"* ]]
-  [[ "$output" == *"wr-risk-scorer:external-comms"* ]]
-}
-
-@test "P082: git commit --amend -m is intercepted (P082 SC2)" {
-  INPUT=$(build_bash_input "git commit --amend -m \"rewritten subject\"")
-  run_hook "$INPUT"
-  [ "$status" -eq 0 ]
-  [[ "$output" == *"deny"* ]]
-  [[ "$output" == *"git-commit-message"* ]]
-}
-
-@test "P082: git commit HEREDOC body is intercepted and the body becomes the marker key" {
-  # Build a HEREDOC-shaped command. The hook regex pulls the body BETWEEN
-  # the <<'EOF' opener and the closing EOF marker — the extracted DRAFT is
-  # the inner text, NOT the literal `$(cat <<'EOF' ... EOF)` wrapper.
-  BODY=$'feat(foo): add bar\n\nWe observed a build failure on Node 20.'
-  CMD=$'git commit -m "$(cat <<\'EOF\'\n'"$BODY"$'\nEOF\n)"'
-  INPUT=$(build_bash_input "$CMD")
-  run_hook "$INPUT"
-  [ "$status" -eq 0 ]
-  [[ "$output" == *"deny"* ]]
-  [[ "$output" == *"git-commit-message"* ]]
-
-  # Pre-place the per-evaluator marker keyed on the extracted HEREDOC body
-  # + the git-commit-message surface; the second run must permit silently.
-  SURFACE="git-commit-message"
-  KEY=$(printf '%s\n%s' "$BODY" "$SURFACE" | shasum -a 256 | cut -d' ' -f1)
-  touch "${RDIR}/external-comms-risk-reviewed-${KEY}"
-  run_hook "$INPUT"
-  [ "$status" -eq 0 ]
-  [ -z "$output" ]
-}
-
-@test "P082: bare git commit (editor flow) is silently allowed per SC1" {
-  # No -m / --message → .git/COMMIT_EDITMSG doesn't exist at PreToolUse
-  # time. Phase 1 skip is pragmatic; the editor flow has user-eyeballs.
-  INPUT=$(build_bash_input "git commit")
-  run_hook "$INPUT"
-  [ "$status" -eq 0 ]
-  [ -z "$output" ]
-}
-
-@test "P082: git merge is silently allowed (not a git commit verb, SC3)" {
-  INPUT=$(build_bash_input "git merge --no-ff feature-branch")
-  run_hook "$INPUT"
-  [ "$status" -eq 0 ]
-  [ -z "$output" ]
-}
-
-@test "P082: BYPASS_RISK_GATE=1 short-circuits the git commit gate" {
-  INPUT=$(build_bash_input "git commit -m \"fix(foo): handle null input\"")
-  run bash -c "cd '$TEST_PROJECT_DIR' && BYPASS_RISK_GATE=1 printf '%s' \"\$1\" | BYPASS_RISK_GATE=1 '$HOOK'" _ "$INPUT"
-  [ "$status" -eq 0 ]
-  [ -z "$output" ]
-}
-
-@test "P082: per-evaluator marker keyed on (body, git-commit-message) permits the call" {
-  BODY="docs(retro): close iter 3 ask-hygiene trail"
-  SURFACE="git-commit-message"
-  KEY=$(printf '%s\n%s' "$BODY" "$SURFACE" | shasum -a 256 | cut -d' ' -f1)
-  touch "${RDIR}/external-comms-risk-reviewed-${KEY}"
-
-  INPUT=$(build_bash_input "git commit -m \"$BODY\"")
-  run_hook "$INPUT"
-  [ "$status" -eq 0 ]
-  [ -z "$output" ]
-}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@windyroad/risk-scorer",
-  "version": "0.11.3-preview.479",
+  "version": "0.11.3",
   "description": "Pipeline risk scoring, commit/push gates, and secret leak detection",
   "bin": {
     "windyroad-risk-scorer": "./bin/install.mjs"