@yemi33/minions 0.1.1780 → 0.1.1781

package/CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog
 
+## 0.1.1781 (2026-05-07)
+
+### Fixes
+- plug Property-1 holes + consolidate isPathInside helper
+
 ## 0.1.1780 (2026-05-07)
 
 ### Features

package/engine/cleanup.js

@@ -369,13 +369,23 @@ async function runCleanup(config, verbose = false) {
   // 2b. Detect git worktrees registered inside any linked project's working tree.
   // Nested worktrees cause glob/grep tools running with cwd=projectRoot to match
   // BOTH copies of every file; a single Edit/MultiEdit then writes the same
-  // change to both locations, producing "mirror dirty file" leaks (W-cc-doc-chat-continuity).
+  // change to both locations, producing mirror-write leaks.
   // We only WARN here — removing someone else's worktree without consent could
   // destroy in-flight work. The operator runs `git worktree remove <path>`.
   cleaned.nestedWorktrees = 0;
+  const _scannedRoots = new Set(); // dedup projects sharing localPath
   for (const project of projects) {
-    const root = project.localPath ? path.resolve(project.localPath) : null;
-    if (!root || !fs.existsSync(root)) continue;
+    if (!project.localPath) continue;
+    const root = path.resolve(project.localPath);
+    if (_scannedRoots.has(root)) continue;
+    _scannedRoots.add(root);
+    if (!fs.existsSync(root)) {
+      // Configured project whose checkout has been moved or deleted — surface
+      // it so the operator knows their config is out of sync. A missing root
+      // means we cannot scan it, leaving nested worktrees there undetectable.
+      log('warn', `Project "${project.name || root}" has localPath "${root}" which does not exist on disk — skipping worktree scan`);
+      continue;
+    }
     let raw;
     try {
       raw = String(shared.execSilent('git worktree list --porcelain', { cwd: root, timeout: 10000, windowsHide: true }) || '');
@@ -384,8 +394,7 @@ async function runCleanup(config, verbose = false) {
       if (!line.startsWith('worktree ')) continue;
       const wt = line.slice('worktree '.length).trim();
       if (!wt) continue;
-      if (path.resolve(wt) === root) continue; // main worktree — expected
-      if (!shared.isPathInsideOrEqual(wt, root)) continue;
+      if (!shared.isPathInside(wt, root)) continue; // strict — main worktree (equal path) is expected, descendants are the leak
       cleaned.nestedWorktrees++;
       log('warn', `Nested worktree in project "${project.name || root}": "${wt}" is inside "${root}". This causes glob tools to match both copies and produces mirror writes. Run: git worktree remove "${wt}"`);
     }

package/engine/copilot-models.json

@@ -1,5 +1,5 @@
 {
   "runtime": "copilot",
   "models": null,
-  "cachedAt": "2026-05-07T23:26:31.525Z"
+  "cachedAt": "2026-05-07T23:33:01.432Z"
 }

package/engine/meeting.js

@@ -155,17 +155,12 @@ function getStructuredNoteArtifacts(structuredCompletion) {
   );
 }
 
-function isPathInside(parent, child) {
-  const rel = path.relative(parent, child);
-  return Boolean(rel && !rel.startsWith('..') && !path.isAbsolute(rel));
-}
-
 function resolveMeetingNoteArtifactPath(artifactPath) {
   const raw = String(artifactPath || '').trim();
   if (!raw || raw.includes('\0')) return null;
   const resolved = path.resolve(path.isAbsolute(raw) ? raw : path.join(shared.MINIONS_DIR, raw));
   const root = path.resolve(MEETING_NOTE_ARTIFACT_ROOT);
-  if (!isPathInside(root, resolved)) return null;
+  if (!shared.isPathInside(resolved, root)) return null;
   if (path.extname(resolved).toLowerCase() !== '.md') return null;
   return resolved;
 }
@@ -179,7 +174,7 @@ function readMeetingNoteArtifact(artifactPath) {
   try {
     const realRoot = fs.realpathSync(MEETING_NOTE_ARTIFACT_ROOT);
     const realPath = fs.realpathSync(resolved);
-    if (!isPathInside(realRoot, realPath)) {
+    if (!shared.isPathInside(realPath, realRoot)) {
       log('warn', `Ignoring meeting note artifact outside notes/inbox: ${artifactPath}`);
       return '';
     }
@@ -914,7 +909,6 @@ module.exports = {
   // exported for testing — engine code MUST go through
   // getMeetings/discoverMeetingWork/collectMeetingFindings/checkMeetingTimeouts,
   // never these helpers directly.
-  isPathInside,
   resolveMeetingNoteArtifactPath,
   cleanMeetingSummaryText,
   splitMeetingSummaryFragments,

package/engine/preflight.js

@@ -275,10 +275,9 @@ function runPreflight(opts = {}) {
     // 5. worktreeRoot config check — for every linked project, verify that the
     //    configured engine.worktreeRoot resolves OUTSIDE the project's
     //    localPath. A nested worktreeRoot causes glob/grep to match both
-    //    copies of every file, producing silent mirror writes (the W-cc-doc-
-    //    chat-continuity leak class). Hard-fail at preflight so the operator
-    //    sees it before any agent dispatch — the runtime guard in spawnAgent
-    //    is the second line of defense.
+    //    copies of every file, producing silent mirror writes. Hard-fail at
+    //    preflight so the operator sees it before any agent dispatch — the
+    //    runtime guard in spawnAgent is the second line of defense.
     try {
       const path = require('path');
       const projects = shared.getProjects(opts.config) || [];

package/engine/shared.js

@@ -2143,30 +2143,40 @@ function buildWorktreeDirName({
 }
 
 /**
- * True when `childPath` is the same as or nested within `parentPath`. Uses
- * `path.relative` so it's cross-platform and resilient to mixed separators
- * (Windows worktree paths often arrive with forward slashes from git output).
- * Returns false when paths refer to different roots/drives or `childPath`
- * escapes via `..`.
- *
- * Why this helper exists: a git worktree placed inside the parent repo's
- * working tree causes glob/grep tools running with `cwd = projectRoot` to
- * match BOTH copies of every file. A single Edit/MultiEdit then writes the
- * same change to both locations, producing the "mirror dirty file" pattern.
- * Worktrees must always be siblings/cousins of the project root, never
- * descendants.
+ * True when `childPath` is strictly nested within `parentPath` (descendant,
+ * NOT the same path). Cross-platform via `path.relative`; resilient to mixed
+ * separators. Returns false for equal paths, different roots/drives, or
+ * `childPath` escapes via `..`.
  */
-function isPathInsideOrEqual(childPath, parentPath) {
+function isPathInside(childPath, parentPath) {
   if (!childPath || !parentPath) return false;
   const childAbs = path.resolve(String(childPath));
   const parentAbs = path.resolve(String(parentPath));
   const rel = path.relative(parentAbs, childAbs);
-  if (rel === '') return true;
+  if (rel === '') return false;
   if (rel.startsWith('..')) return false;
   if (path.isAbsolute(rel)) return false;
   return true;
 }
 
+/**
+ * Same as `isPathInside` but ALSO returns true when paths are equal.
+ *
+ * Why this helper exists: a git worktree placed at — or inside — the parent
+ * repo's working tree causes glob/grep tools running with `cwd = projectRoot`
+ * to match BOTH copies of every file. A single Edit/MultiEdit then writes
+ * the same change to both locations, producing the "mirror dirty file"
+ * pattern. Worktrees must always be siblings/cousins of the project root,
+ * never the root itself nor a descendant.
+ */
+function isPathInsideOrEqual(childPath, parentPath) {
+  if (!childPath || !parentPath) return false;
+  const childAbs = path.resolve(String(childPath));
+  const parentAbs = path.resolve(String(parentPath));
+  if (childAbs === parentAbs) return true;
+  return isPathInside(childAbs, parentAbs);
+}
+
 /**
  * Throws when `worktreePath` would land inside (or equal) `projectRoot`.
  * Called by the engine spawn path before `git worktree add`, and by the
@@ -3257,6 +3267,7 @@ module.exports = {
   sanitizePath,
   sanitizeBranch,
   buildWorktreeDirName, // exported for testing
+  isPathInside,
   isPathInsideOrEqual,
   assertWorktreeOutsideProject,
   isLiveCommandCenterPath,

package/engine.js

@@ -666,6 +666,7 @@ async function spawnAgent(dispatchItem, config) {
               if (eShared.message?.includes('already used by worktree') || eShared.message?.includes('already checked out')) {
                 const existingWtPath = await findExistingWorktree(rootDir, branchName);
                 if (existingWtPath && fs.existsSync(existingWtPath)) {
+                  shared.assertWorktreeOutsideProject(existingWtPath, rootDir);
                   log('info', `Shared branch ${branchName} already checked out at ${existingWtPath} — reusing`);
                   worktreePath = existingWtPath;
                 } else { throw eShared; }
@@ -723,6 +724,7 @@ async function spawnAgent(dispatchItem, config) {
                         log('warn', `Branch ${branchName} actively used by another agent at ${existingWtPath} — cannot create worktree`);
                         throw e2;
                       }
+                      shared.assertWorktreeOutsideProject(existingWtPath, rootDir);
                       log('info', `Branch ${branchName} already checked out at ${existingWtPath} — reusing`);
                       worktreePath = existingWtPath;
                     } else if (existingWtPath && !fs.existsSync(existingWtPath)) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@yemi33/minions",
-  "version": "0.1.1780",
+  "version": "0.1.1781",
   "description": "Multi-agent AI dev team that runs from ~/.minions/ — five autonomous agents share a single engine, dashboard, and knowledge base",
   "bin": {
     "minions": "bin/minions.js"