@windyroad/risk-scorer 0.12.4 → 0.12.5

package/.claude-plugin/plugin.json

@@ -310,5 +310,5 @@
     }
   },
   "name": "wr-risk-scorer",
-  "version": "0.12.4"
+  "version": "0.12.5"
 }

package/agents/pipeline.md

@@ -39,9 +39,18 @@ You receive structured pipeline state context with these sections:
 
 - **UNCOMMITTED CHANGES**: Diff stat, untracked files, and categories
 - **UNPUSHED CHANGES**: Commits and cumulative diff between remote and HEAD
-- **UNRELEASED CHANGES**: Changeset count and cumulative diff
+- **UNRELEASED CHANGES**: Partitioned changeset counts (Pending vs Queued — see Layer 1 contract below) and cumulative diff
 - **STALE FILES**: Modified files uncommitted for over 24h
 
+### Layer 1 changeset partition (P202)
+
+The UNRELEASED CHANGES section emits TWO distinct changeset counts:
+
+- `Pending changesets (commits unpushed): N` — changesets whose introducing commit is in `origin/<base>..HEAD` (local) OR is untracked. These ARE pending consumer-facing changes at THIS commit's surface and count toward Layer 1 release risk as before.
+- `Queued changesets (commits already on origin): N` — changesets whose introducing commit is already on `origin/<base>`. The underlying code has already been pushed (and in the maintainer pipeline, reviewed); only the release-PR merge to npm is pending. These contribute **zero** release-risk at THIS commit's surface and MUST NOT count as pending consumer-facing changes in Layer 1.
+
+When computing Layer 1 release risk, score only the Pending count (plus any unreleased diff content). A Queued count > 0 with Pending = 0 and no other unreleased diff content is a within-appetite state — the queue is awaiting a release-PR merge, not a maintainer decision. Do NOT emit `RISK_REMEDIATIONS:` lines (such as `move-to-holding`) targeting queued-on-origin changesets; their commits have already shipped and `git mv`'ing them into `docs/changesets-holding/` would fragment the release without reducing actual risk.
+
 ## Catalog Consumption Protocol (ADR-059)
 
 Before scoring, READ the standing-risk catalog at `docs/risks/` and filter to risks applicable to THIS action. The catalog is the persistent record of risk classes the project has surfaced; consuming it eliminates the wasted-effort cost of re-deriving risk classes on every assessment AND closes the missed-risk-class hazard (forgetting a class the agent surfaced before because it didn't think of it this time). Per `RISK-POLICY.md` `## Risk Catalog` section.

package/hooks/lib/pipeline-state.sh

@@ -248,10 +248,45 @@ fi
 if [ "$SHOW_UNRELEASED" = true ]; then
     echo "=== UNRELEASED CHANGES ==="
 
-    # Count pending changesets
+    # Partition changesets by introducing-commit provenance (P202):
+    #   - Queued: introducing commit is already on origin/<base>; awaiting
+    #     only the release-PR merge to npm. Zero release-risk at THIS
+    #     commit's surface — the underlying code has already shipped to
+    #     origin and (in the maintainer pipeline) been reviewed.
+    #   - Pending: introducing commit is NOT on origin/<base> (in
+    #     origin/<base>..HEAD), OR the file is untracked. Counts as a
+    #     pending consumer-facing change.
+    # Detection: for each .changeset/<name>.md (excluding README.md),
+    # run `git log <DEFAULT_BRANCH>..HEAD -- <file>`. Non-empty output OR
+    # untracked status => Pending. Empty output AND tracked => Queued.
+    # When DEFAULT_BRANCH is unset (no origin/main and no origin/master),
+    # nothing is on origin so all changesets are Pending.
     CHANGESET_COUNT=0
+    QUEUED_COUNT=0
+    PENDING_COUNT=0
     if [ -d ".changeset" ]; then
-        CHANGESET_COUNT=$(find .changeset -name '*.md' -not -name 'README.md' 2>/dev/null | wc -l | tr -d ' ')
+        CHANGESET_FILES=$(find .changeset -name '*.md' -not -name 'README.md' 2>/dev/null || true)
+        if [ -n "$CHANGESET_FILES" ]; then
+            CHANGESET_COUNT=$(echo "$CHANGESET_FILES" | wc -l | tr -d ' ')
+            while IFS= read -r CS_FILE; do
+                [ -z "$CS_FILE" ] && continue
+                CS_TRACKED=$(git ls-files --error-unmatch -- "$CS_FILE" 2>/dev/null || true)
+                if [ -z "$CS_TRACKED" ]; then
+                    PENDING_COUNT=$((PENDING_COUNT + 1))
+                    continue
+                fi
+                if [ -z "$DEFAULT_BRANCH" ]; then
+                    PENDING_COUNT=$((PENDING_COUNT + 1))
+                    continue
+                fi
+                CS_UNPUSHED=$(git log "$DEFAULT_BRANCH"..HEAD --oneline -- "$CS_FILE" 2>/dev/null || true)
+                if [ -n "$CS_UNPUSHED" ]; then
+                    PENDING_COUNT=$((PENDING_COUNT + 1))
+                else
+                    QUEUED_COUNT=$((QUEUED_COUNT + 1))
+                fi
+            done <<< "$CHANGESET_FILES"
+        fi
     fi
 
     # Check if origin/publish exists
@@ -269,7 +304,8 @@ if [ "$SHOW_UNRELEASED" = true ]; then
             echo "No unreleased changes."
         else
             if [ "$CHANGESET_COUNT" -gt 0 ]; then
-                echo "Pending changesets: ${CHANGESET_COUNT}"
+                echo "Pending changesets (commits unpushed): ${PENDING_COUNT}"
+                echo "Queued changesets (commits already on origin): ${QUEUED_COUNT}"
             fi
             if [ -n "$UNRELEASED_STAT" ]; then
                 echo "Accumulated unreleased diff (origin/publish..$DEFAULT_BRANCH):"
@@ -296,7 +332,8 @@ if [ "$SHOW_UNRELEASED" = true ]; then
     else
         echo "No publish branch (origin/publish not found)."
         if [ "$CHANGESET_COUNT" -gt 0 ]; then
-            echo "Pending changesets: ${CHANGESET_COUNT}"
+            echo "Pending changesets (commits unpushed): ${PENDING_COUNT}"
+            echo "Queued changesets (commits already on origin): ${QUEUED_COUNT}"
         fi
     fi
     echo ""

package/hooks/test/pipeline-state-changeset-partition.bats

@@ -0,0 +1,181 @@
+#!/usr/bin/env bats
+# Behavioural coverage for pipeline-state.sh --unreleased changeset partition
+# per P202: a changeset whose introducing commit is already on origin/<base>
+# is awaiting only the release-PR merge to npm and must NOT count as a
+# "pending consumer-facing change" at this commit's surface.
+#
+# Per ADR-052 (behavioural tests default) — fixture seeds two changesets
+# with distinct commit provenance and asserts pipeline-state.sh emits
+# distinct counts so the pipeline.md Layer-1 scoring contract can rely
+# on the partition without re-deriving it.
+
+setup() {
+  HOOKS_DIR="$(cd "$(dirname "$BATS_TEST_FILENAME")/.." && pwd)"
+  SCRIPT="$HOOKS_DIR/lib/pipeline-state.sh"
+
+  TEST_DIR="$(mktemp -d)"
+  REMOTE_DIR="$(mktemp -d)"
+
+  (cd "$REMOTE_DIR" && git init --bare --initial-branch=main >/dev/null 2>&1)
+
+  cd "$TEST_DIR"
+  git init --initial-branch=main >/dev/null 2>&1
+  git config user.email "test@example.com"
+  git config user.name "Test"
+  git remote add origin "$REMOTE_DIR"
+
+  echo "initial" > README.md
+  git add README.md
+  git commit -m "initial" >/dev/null 2>&1
+  git push -u origin main >/dev/null 2>&1
+
+  mkdir -p .changeset
+}
+
+teardown() {
+  cd /
+  rm -rf "$TEST_DIR" "$REMOTE_DIR"
+}
+
+# Helper: seed a changeset, commit it, and push to origin (queued state).
+seed_queued_changeset() {
+  local name="$1"
+  cat > ".changeset/${name}.md" <<EOF
+---
+"@windyroad/itil": patch
+---
+
+${name} changeset body.
+EOF
+  git add ".changeset/${name}.md"
+  git commit -m "add changeset ${name}" >/dev/null 2>&1
+  git push origin main >/dev/null 2>&1
+}
+
+# Helper: seed a changeset and commit it locally without pushing (pending state).
+seed_pending_changeset() {
+  local name="$1"
+  cat > ".changeset/${name}.md" <<EOF
+---
+"@windyroad/itil": patch
+---
+
+${name} changeset body.
+EOF
+  git add ".changeset/${name}.md"
+  git commit -m "add changeset ${name}" >/dev/null 2>&1
+}
+
+# Helper: seed a changeset file but leave it untracked (uncommitted-pending state).
+seed_untracked_changeset() {
+  local name="$1"
+  cat > ".changeset/${name}.md" <<EOF
+---
+"@windyroad/itil": patch
+---
+
+${name} changeset body.
+EOF
+}
+
+@test "emits queued+pending breakdown when changesets straddle origin" {
+  cd "$TEST_DIR"
+  seed_queued_changeset queued-one
+  seed_pending_changeset pending-one
+
+  run bash "$SCRIPT" --unreleased
+  [ "$status" -eq 0 ]
+
+  echo "$output" | grep -q "Queued changesets (commits already on origin): 1" || {
+    echo "Missing 'Queued changesets (commits already on origin): 1' line."
+    echo "Output was:"
+    echo "$output"
+    return 1
+  }
+  echo "$output" | grep -q "Pending changesets (commits unpushed): 1" || {
+    echo "Missing 'Pending changesets (commits unpushed): 1' line."
+    echo "Output was:"
+    echo "$output"
+    return 1
+  }
+}
+
+@test "all-on-origin scenario: Queued > 0, Pending = 0" {
+  cd "$TEST_DIR"
+  seed_queued_changeset on-origin-a
+  seed_queued_changeset on-origin-b
+
+  run bash "$SCRIPT" --unreleased
+  [ "$status" -eq 0 ]
+
+  echo "$output" | grep -q "Queued changesets (commits already on origin): 2" || {
+    echo "Missing 'Queued changesets (commits already on origin): 2' line."
+    echo "Output was:"
+    echo "$output"
+    return 1
+  }
+  echo "$output" | grep -q "Pending changesets (commits unpushed): 0" || {
+    echo "Missing 'Pending changesets (commits unpushed): 0' line."
+    echo "Output was:"
+    echo "$output"
+    return 1
+  }
+}
+
+@test "all-local scenario: Pending > 0, Queued = 0" {
+  cd "$TEST_DIR"
+  seed_pending_changeset local-a
+  seed_pending_changeset local-b
+
+  run bash "$SCRIPT" --unreleased
+  [ "$status" -eq 0 ]
+
+  echo "$output" | grep -q "Pending changesets (commits unpushed): 2" || {
+    echo "Missing 'Pending changesets (commits unpushed): 2' line."
+    echo "Output was:"
+    echo "$output"
+    return 1
+  }
+  echo "$output" | grep -q "Queued changesets (commits already on origin): 0" || {
+    echo "Missing 'Queued changesets (commits already on origin): 0' line."
+    echo "Output was:"
+    echo "$output"
+    return 1
+  }
+}
+
+@test "untracked changeset counts as pending" {
+  cd "$TEST_DIR"
+  seed_untracked_changeset draft-one
+
+  run bash "$SCRIPT" --unreleased
+  [ "$status" -eq 0 ]
+
+  echo "$output" | grep -q "Pending changesets (commits unpushed): 1" || {
+    echo "Untracked changeset should count as pending."
+    echo "Output was:"
+    echo "$output"
+    return 1
+  }
+}
+
+@test "no changesets emits no breakdown lines" {
+  cd "$TEST_DIR"
+  # .changeset dir exists but is empty (setup creates it).
+
+  run bash "$SCRIPT" --unreleased
+  [ "$status" -eq 0 ]
+
+  ! echo "$output" | grep -q "Queued changesets" || {
+    echo "Should not emit Queued line when no changesets present."
+    echo "Output was:"
+    echo "$output"
+    return 1
+  }
+  ! echo "$output" | grep -q "Pending changesets" || {
+    echo "Should not emit Pending line when no changesets present."
+    echo "Output was:"
+    echo "$output"
+    return 1
+  }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@windyroad/risk-scorer",
-  "version": "0.12.4",
+  "version": "0.12.5",
   "description": "Pipeline risk scoring, commit/push gates, and secret leak detection",
   "bin": {
     "windyroad-risk-scorer": "./bin/install.mjs"