npm - create-quiver - Versions diffs - 0.12.1 → 0.13.0 - Mend

create-quiver 0.12.1 → 0.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (79) hide show

package/src/create-quiver/lib/locks.js ADDED Viewed

@@ -0,0 +1,134 @@
+const fs = require('node:fs');
+const os = require('node:os');
+const path = require('node:path');
+const { execFileSync } = require('node:child_process');
+const { quiverInternalPaths } = require('./init-layout');
+function formatError(message) {
+  return `create-quiver: ${message}`;
+}
+function toRelativePosix(root, filePath) {
+  return path.relative(root, filePath).split(path.sep).join('/');
+}
+function sanitizeLockName(value) {
+  return String(value || '')
+    .trim()
+    .replace(/[^a-zA-Z0-9._-]+/g, '-')
+    .replace(/^-+|-+$/g, '') || 'operation';
+}
+function lockPath(projectRoot, lockName) {
+  return path.join(quiverInternalPaths(projectRoot).locksDir, `${sanitizeLockName(lockName)}.lock`);
+}
+function readLock(projectRoot, lockName) {
+  const filePath = lockPath(projectRoot, lockName);
+  if (!fs.existsSync(filePath)) {
+    return null;
+  }
+  try {
+    return JSON.parse(fs.readFileSync(filePath, 'utf8'));
+  } catch {
+    return {
+      schema_version: 1,
+      lock_name: sanitizeLockName(lockName),
+      command: 'unknown',
+      created_at: 'unknown',
+      pid: 'unknown',
+    };
+  }
+}
+function appendUniqueLine(filePath, line) {
+  fs.mkdirSync(path.dirname(filePath), { recursive: true });
+  const current = fs.existsSync(filePath) ? fs.readFileSync(filePath, 'utf8') : '';
+  const lines = current.split(/\r?\n/);
+  if (!lines.includes(line)) {
+    const prefix = current.endsWith('\n') || current.length === 0 ? current : `${current}\n`;
+    fs.writeFileSync(filePath, `${prefix}${line}\n`);
+  }
+}
+function ensureQuiverStateIgnored(projectRoot) {
+  try {
+    const gitDir = execFileSync('git', ['rev-parse', '--absolute-git-dir'], {
+      cwd: projectRoot,
+      encoding: 'utf8',
+      stdio: ['ignore', 'pipe', 'ignore'],
+    }).trim();
+    if (gitDir) {
+      appendUniqueLine(path.join(gitDir, 'info', 'exclude'), '.quiver/');
+    }
+  } catch {
+    // Non-git fixtures can still use filesystem locks.
+  }
+}
+function acquireLock(projectRoot, lockName, options = {}) {
+  const filePath = lockPath(projectRoot, lockName);
+  const payload = {
+    schema_version: 1,
+    lock_name: sanitizeLockName(lockName),
+    pid: process.pid,
+    hostname: os.hostname(),
+    command: options.command || 'unknown',
+    created_at: (options.now || new Date()).toISOString(),
+    metadata: options.metadata || {},
+  };
+  ensureQuiverStateIgnored(projectRoot);
+  fs.mkdirSync(path.dirname(filePath), { recursive: true });
+  try {
+    fs.writeFileSync(filePath, `${JSON.stringify(payload, null, 2)}\n`, { flag: 'wx' });
+  } catch (error) {
+    if (error.code === 'EEXIST') {
+      const existing = readLock(projectRoot, lockName);
+      throw new Error(formatError(`operation is locked: ${toRelativePosix(projectRoot, filePath)}\nLock owner: pid=${existing?.pid || 'unknown'} command=${existing?.command || 'unknown'} created_at=${existing?.created_at || 'unknown'}\nIf this process is gone, inspect the lock and remove it intentionally.`));
+    }
+    throw error;
+  }
+  return {
+    filePath,
+    lock: payload,
+    lockName: sanitizeLockName(lockName),
+  };
+}
+function releaseLock(handle) {
+  if (handle?.filePath && fs.existsSync(handle.filePath)) {
+    fs.rmSync(handle.filePath);
+  }
+}
+function withLockSync(projectRoot, lockName, options, callback) {
+  const handle = acquireLock(projectRoot, lockName, options);
+  try {
+    return callback(handle);
+  } finally {
+    releaseLock(handle);
+  }
+}
+async function withLock(projectRoot, lockName, options, callback) {
+  const handle = acquireLock(projectRoot, lockName, options);
+  try {
+    return await callback(handle);
+  } finally {
+    releaseLock(handle);
+  }
+}
+module.exports = {
+  acquireLock,
+  lockPath,
+  readLock,
+  releaseLock,
+  sanitizeLockName,
+  withLock,
+  withLockSync,
+};

package/src/create-quiver/lib/package-safety.js CHANGED Viewed

@@ -13,6 +13,12 @@ const SAFETY_RULES = [
       return /(^|\/)\.npmrc$/.test(relativePath) || /(^|\/)\.npm(\/|$)/.test(relativePath);
     },
   },
+  {
+    code: 'ai-raw-artifact',
+    match(relativePath) {
+      return /(^|\/)\.quiver\/runs\/[^/]+\/raw(\/|$)/.test(relativePath);
+    },
+  },
   {
     code: 'ai-tool-state',
     match(relativePath) {
@@ -80,6 +86,7 @@ function collectPackageSafetyViolations(paths) {
         code: rule.code,
         path: normalizedPath,
       });
+      break;
     }
   }

package/src/create-quiver/lib/paths.js CHANGED Viewed

@@ -1,4 +1,9 @@
 const path = require('path');
+const fs = require('fs');
+function formatError(message) {
+  return `create-quiver: ${message}`;
+}
 function resolveTargetRoot(cwd, targetDir, pathLib = path) {
   return pathLib.resolve(cwd, targetDir);
@@ -71,10 +76,79 @@ function specRelativePathFromPath(filePath, pathLib = path) {
   return parts.slice(specIndex).join('/');
 }
+function realpathOrResolve(filePath, pathLib = path) {
+  try {
+    return pathLib.resolve(fs.realpathSync(filePath));
+  } catch {
+    return pathLib.resolve(normalizeGitBashDrivePath(filePath, pathLib));
+  }
+}
+function isPathInsideRoot(root, target, pathLib = path) {
+  const rootPath = realpathOrResolve(root, pathLib);
+  const targetPath = realpathOrResolve(target, pathLib);
+  const windowsPath = pathLib === path.win32 || process.platform === 'win32';
+  const comparableRoot = windowsPath ? rootPath.toLowerCase() : rootPath;
+  const comparableTarget = windowsPath ? targetPath.toLowerCase() : targetPath;
+  if (comparableTarget === comparableRoot) {
+    return true;
+  }
+  const relative = pathLib.relative(comparableRoot, comparableTarget);
+  return Boolean(relative && !relative.startsWith('..') && !pathLib.isAbsolute(relative));
+}
+function assertPathInsideRoot(root, target, label = 'path', pathLib = path) {
+  if (!isPathInsideRoot(root, target, pathLib)) {
+    throw new Error(formatError(`${label} must stay inside the project root: ${toPosixPath(target, pathLib)}`));
+  }
+}
+function getProjectRelativePathIssue(filePath, pathLib = path) {
+  const original = String(filePath || '').trim();
+  if (!original) {
+    return 'empty-path';
+  }
+  if (/^file:/i.test(original)) {
+    return 'file-url';
+  }
+  const normalized = toPosixPath(normalizeGitBashDrivePath(original, pathLib), pathLib);
+  if (normalized.startsWith('/') || /^[A-Za-z]:\//.test(normalized) || pathLib.isAbsolute(original)) {
+    return 'absolute-path';
+  }
+  const segments = normalized.split('/').filter(Boolean);
+  if (segments.some((segment) => segment === '..')) {
+    return 'path-traversal';
+  }
+  return null;
+}
+function validateProjectRelativePath(filePath, fieldName = 'path', pathLib = path) {
+  const issue = getProjectRelativePathIssue(filePath, pathLib);
+  if (issue) {
+    throw new Error(formatError(`${fieldName} must be a project-relative path without traversal (got ${String(filePath || '<empty>')}; issue=${issue}).`));
+  }
+  return toPosixPath(normalizeGitBashDrivePath(String(filePath).trim(), pathLib), pathLib);
+}
+function validateProjectRelativePaths(paths, fieldName = 'paths', pathLib = path) {
+  return (Array.isArray(paths) ? paths : []).map((filePath) => validateProjectRelativePath(filePath, fieldName, pathLib));
+}
 module.exports = {
+  assertPathInsideRoot,
+  getProjectRelativePathIssue,
+  isPathInsideRoot,
   normalizeGitBashDrivePath,
   relativePosixPath,
   resolveTargetRoot,
   specRelativePathFromPath,
   toPosixPath,
+  validateProjectRelativePath,
+  validateProjectRelativePaths,
 };

package/src/create-quiver/lib/project-scan.js CHANGED Viewed

@@ -49,6 +49,79 @@ function readProjectScanArtifact(projectRoot) {
   return null;
 }
+function statIso(filePath) {
+  try {
+    return fs.statSync(filePath).mtime.toISOString();
+  } catch {
+    return null;
+  }
+}
+function readProjectScanStatus(projectRoot) {
+  const { currentScanPath, legacyScanPath, projectMapPath } = projectScanPaths(projectRoot);
+  const projectMapExists = fs.existsSync(projectMapPath);
+  let artifact = null;
+  let artifactError = '';
+  try {
+    artifact = readProjectScanArtifact(projectRoot);
+  } catch (error) {
+    artifactError = error.message;
+  }
+  const scanPath = artifact?.path || (fs.existsSync(currentScanPath) ? currentScanPath : fs.existsSync(legacyScanPath) ? legacyScanPath : '');
+  const source = artifact?.source || (artifactError ? 'invalid' : 'missing');
+  const scanUpdatedAt = scanPath ? statIso(scanPath) : null;
+  const projectMapUpdatedAt = projectMapExists ? statIso(projectMapPath) : null;
+  const stale = Boolean(
+    scanUpdatedAt
+    && projectMapUpdatedAt
+    && Date.parse(projectMapUpdatedAt) + 1000 < Date.parse(scanUpdatedAt),
+  );
+  let status = 'missing';
+  if (artifactError) {
+    status = 'invalid';
+  } else if (artifact && projectMapExists && stale) {
+    status = 'stale';
+  } else if (artifact && projectMapExists && source === 'current') {
+    status = 'fresh';
+  } else if (artifact && projectMapExists && source === 'legacy') {
+    status = 'legacy';
+  } else if (artifact || projectMapExists) {
+    status = 'partial';
+  }
+  let summary;
+  if (status === 'fresh') {
+    summary = `${artifact.relativePath} (current, updated ${scanUpdatedAt})`;
+  } else if (status === 'legacy') {
+    summary = `${artifact.relativePath} (legacy scan, updated ${scanUpdatedAt})`;
+  } else if (status === 'stale') {
+    summary = `${artifact.relativePath} newer than docs/PROJECT_MAP.md; run analyze to refresh visible context`;
+  } else if (status === 'partial' && artifact && !projectMapExists) {
+    summary = `${artifact.relativePath} exists but docs/PROJECT_MAP.md is missing`;
+  } else if (status === 'partial' && !artifact && projectMapExists) {
+    summary = `docs/PROJECT_MAP.md exists but no scan artifact was found`;
+  } else if (status === 'invalid') {
+    summary = `scan artifact is invalid: ${artifactError}`;
+  } else {
+    summary = 'missing analysis artifacts; run npx create-quiver analyze';
+  }
+  return {
+    artifactPath: artifact?.relativePath || (scanPath ? toRelativeScanPath(projectRoot, scanPath) : null),
+    error: artifactError || null,
+    projectMapPath: projectMapExists ? PROJECT_MAP_RELATIVE_PATH : null,
+    projectMapUpdatedAt,
+    scanUpdatedAt,
+    source,
+    status,
+    stale,
+    summary,
+  };
+}
 function hasProjectScanArtifact(projectRoot) {
   const { currentScanPath, legacyScanPath } = projectScanPaths(projectRoot);
   return fs.existsSync(currentScanPath) || fs.existsSync(legacyScanPath);
@@ -61,6 +134,7 @@ module.exports = {
   hasProjectScanArtifact,
   projectScanPaths,
   readProjectScanArtifact,
+  readProjectScanStatus,
   toRelativeScanPath,
   writeProjectScanJson,
 };

package/src/create-quiver/lib/project-state-resolver.js ADDED Viewed

@@ -0,0 +1,236 @@
+const path = require('path');
+const {
+  SliceGraphError,
+  buildGraph,
+  computeLevels,
+  detectFileConflicts,
+  inferDependencies,
+  readAllSlices,
+  readSlicesForSpec,
+  topoSort,
+} = require('./slice-graph');
+const {
+  CANONICAL_STATUSES,
+  isBlockedStatus,
+  isCompletedStatus,
+  normalizeStatus,
+} = require('./statuses');
+const DEFAULT_SLICE_STATUS = 'planned';
+const DEFAULT_SPEC_STATUS = 'planned';
+const DEFAULT_RUN_STATUS = 'draft';
+const DEFAULT_AGENT_STATUS = 'idle';
+const CLOSED_SLICE_STATUSES = new Set(['completed', 'skipped']);
+const HISTORY_CLOSED_SLICE_STATUSES = new Set(['skipped']);
+function toPosix(relativePath) {
+  return String(relativePath || '').split(path.sep).join('/');
+}
+function compareRefs(left, right) {
+  return String(left || '').localeCompare(String(right || ''));
+}
+function normalizeSliceRecord(slice) {
+  const rawStatus = String(slice?.status || slice?.json?.status || 'draft').trim() || 'draft';
+  const canonicalStatus = normalizeStatus('slice', rawStatus, DEFAULT_SLICE_STATUS);
+  return {
+    ...slice,
+    raw_status: rawStatus,
+    canonical_status: canonicalStatus,
+    status: rawStatus,
+  };
+}
+function readResolverSlices(projectRoot, specSlug = '') {
+  const targetSpec = String(specSlug || '').trim();
+  const slices = targetSpec ? readSlicesForSpec(projectRoot, targetSpec) : readAllSlices(projectRoot);
+  return slices.map(normalizeSliceRecord);
+}
+function safeBuildGraph(slices, allowGraphErrors) {
+  try {
+    const graph = buildGraph(slices);
+    return {
+      ok: true,
+      nodes: graph.nodes.map(normalizeSliceRecord),
+      edges: graph.edges,
+      cycles: graph.cycles,
+      error: null,
+    };
+  } catch (error) {
+    if (!allowGraphErrors || !(error instanceof SliceGraphError)) {
+      throw error;
+    }
+    return {
+      ok: false,
+      nodes: inferDependencies(slices).map(normalizeSliceRecord),
+      edges: [],
+      cycles: [],
+      error: {
+        code: error.code,
+        message: error.message,
+      },
+    };
+  }
+}
+function resolveProjectState(projectRoot, options = {}) {
+  const specSlug = options.specSlug ? String(options.specSlug).trim() : '';
+  const rawSlices = readResolverSlices(projectRoot, specSlug);
+  const graph = safeBuildGraph(rawSlices, options.allowGraphErrors === true);
+  const orderedSlices = graph.ok ? topoSort(graph).map(normalizeSliceRecord) : graph.nodes.slice().sort((left, right) => compareRefs(left.ref, right.ref));
+  return {
+    graph,
+    orderedSlices,
+    projectRoot,
+    rawSlices,
+    specSlug,
+    specs: groupSlicesBySpec(graph.nodes),
+  };
+}
+function filterSlicesForExecution(slices, options = {}) {
+  const includeCompleted = options.includeCompleted === true;
+  const excluded = includeCompleted ? HISTORY_CLOSED_SLICE_STATUSES : CLOSED_SLICE_STATUSES;
+  return (Array.isArray(slices) ? slices : [])
+    .filter((slice) => !excluded.has(normalizeStatus('slice', slice?.canonical_status || slice?.status, DEFAULT_SLICE_STATUS)))
+    .sort((left, right) => compareRefs(left.ref, right.ref));
+}
+function progressForSlice(slice) {
+  const explicit = Number(slice?.json?.progress);
+  if (Number.isFinite(explicit)) {
+    return Math.max(0, Math.min(100, explicit));
+  }
+  const status = normalizeStatus('slice', slice?.canonical_status || slice?.status, DEFAULT_SLICE_STATUS);
+  if (status === 'completed') {
+    return 100;
+  }
+  if (status === 'in-progress' || status === 'review') {
+    return 50;
+  }
+  return 0;
+}
+function summarizeSliceProgress(items) {
+  const slices = Array.isArray(items) ? items : [];
+  const total = slices.length;
+  const completed = slices.filter((item) => isCompletedStatus('slice', item.canonical_status || item.status)).length;
+  const blocked = slices.filter((item) => isBlockedStatus('slice', item.canonical_status || item.status, item)).length;
+  const open = Math.max(0, total - completed);
+  const percent = total === 0 ? 0 : Math.round((completed / total) * 100);
+  return {
+    total,
+    completed,
+    open,
+    blocked,
+    percent,
+  };
+}
+function statusForSpec(specSlices) {
+  const slices = Array.isArray(specSlices) ? specSlices : [];
+  if (slices.length === 0) {
+    return 'draft';
+  }
+  if (slices.some((slice) => isBlockedStatus('slice', slice.canonical_status || slice.status, slice))) {
+    return 'blocked';
+  }
+  if (slices.every((slice) => isCompletedStatus('slice', slice.canonical_status || slice.status))) {
+    return 'done';
+  }
+  if (slices.some((slice) => progressForSlice(slice) > 0)) {
+    return 'in-progress';
+  }
+  return DEFAULT_SPEC_STATUS;
+}
+function groupSlicesBySpec(slices) {
+  const groups = new Map();
+  for (const slice of Array.isArray(slices) ? slices : []) {
+    const key = `${slice.specFamily || 'specs'}/${slice.specSlug || ''}`;
+    if (!groups.has(key)) {
+      groups.set(key, []);
+    }
+    groups.get(key).push(slice);
+  }
+  return Array.from(groups.entries())
+    .map(([key, specSlices]) => {
+      const [specFamily, specSlug] = key.split('/');
+      const ordered = specSlices.slice().sort((left, right) => compareRefs(left.ref, right.ref));
+      const status = statusForSpec(ordered);
+      return {
+        canonical_status: normalizeStatus('spec', status, DEFAULT_SPEC_STATUS),
+        specFamily,
+        specSlug,
+        status,
+        slices: ordered,
+      };
+    })
+    .sort((left, right) => left.specSlug.localeCompare(right.specSlug));
+}
+function summarizeGraph(graph) {
+  if (!graph?.ok) {
+    return {
+      ok: false,
+      edges: [],
+      levels: [],
+      conflicts: [],
+      error: graph?.error || null,
+      nodes: Array.isArray(graph?.nodes) ? graph.nodes : [],
+    };
+  }
+  const levels = computeLevels(graph).map((level, index) => ({
+    level: index,
+    slices: level.map((slice) => slice.ref),
+  }));
+  return {
+    ok: true,
+    edges: graph.edges.map((edge) => ({ from: edge.from, to: edge.to })),
+    levels,
+    conflicts: detectFileConflicts(graph.nodes).map((conflict) => ({
+      files: conflict.files,
+      slices: conflict.slices,
+    })),
+    error: null,
+    nodes: graph.nodes,
+  };
+}
+function relativeProjectPath(projectRoot, filePath) {
+  return toPosix(path.relative(projectRoot, filePath));
+}
+module.exports = {
+  CANONICAL_STATUSES,
+  DEFAULT_AGENT_STATUS,
+  DEFAULT_RUN_STATUS,
+  DEFAULT_SLICE_STATUS,
+  DEFAULT_SPEC_STATUS,
+  filterSlicesForExecution,
+  groupSlicesBySpec,
+  isBlockedStatus,
+  isCompletedStatus,
+  normalizeStatus,
+  progressForSlice,
+  relativeProjectPath,
+  resolveProjectState,
+  summarizeGraph,
+  summarizeSliceProgress,
+  toPosix,
+};

package/src/create-quiver/lib/readiness.js CHANGED Viewed

@@ -3,7 +3,8 @@ const path = require('path');
 const { catFileExists, currentBranch, hasLocalBranch, hasRemoteBranch, mergeBaseIsAncestor, revListCount, runGit, statusPorcelain, worktreeList } = require('./git');
 const { parseJsonWithComments } = require('./json');
 const { buildGraph, normalizeDeclaredDependencies, readAllSlices, SliceGraphError, topoSort } = require('./slice-graph');
-const { resolveSliceContext, toAlias } = require('./slice');
+const { resolveSliceContext, toAlias, validateSliceMetaForStart } = require('./slice');
+const { validateProjectRelativePaths } = require('./paths');
 function ensureExists(filePath, message) {
   if (!fs.existsSync(filePath)) {
@@ -111,6 +112,13 @@ function validateLocalSliceArtifacts(repoRoot, slice) {
     throw new Error('create-quiver: slice.json.files contiene entradas invalidas.');
   }
   console.log('PASS: slice.json declara archivos de alcance.');
+  validateSliceMetaForStart(slice);
+  console.log('PASS: slice.json declara metadata git compatible con start-slice.');
+  validateProjectRelativePaths(slice.files, 'slice.json files/allowed_write_paths');
+  validateProjectRelativePaths(slice.expectedReadPaths, 'slice.json expected_read_paths');
+  console.log('PASS: slice.json declara rutas relativas seguras dentro del proyecto.');
 }
 function baseRecoveryMessage(remote, baseBranch) {
@@ -219,6 +227,11 @@ function validateDeclaredDependencyContract(repoRoot, slice) {
   }
 }
+function localCheckSummary() {
+  console.log('INFO: Modo local: checks ejecutados: spec docs, briefs, metadata git, scope declarado, rutas seguras, dependencias y gate.');
+  console.log('INFO: Modo local: checks omitidos: existencia en base remota/local y overlap contra worktrees activos.');
+}
 function checkSliceReadiness(sliceInput, options = {}) {
   const gate = options.gate || 'execution';
   const localMode = options.local === true;
@@ -262,6 +275,9 @@ function checkSliceReadiness(sliceInput, options = {}) {
   }
   validateDeclaredDependencyContract(repoRoot, slice);
+  if (localMode) {
+    localCheckSummary();
+  }
   switch (gate) {
     case 'ready':
@@ -371,22 +387,47 @@ function checkPrReadiness(sliceInput) {
 function checkScope(sliceInput, options = {}) {
   const strict = options.strict === true;
+  const remote = options.remote || 'origin';
   const repoRoot = runGit(['rev-parse', '--show-toplevel'], process.cwd());
   const slice = resolveSliceContext(repoRoot, sliceInput);
   const declared = slice.files;
+  validateProjectRelativePaths(declared, 'slice scope path');
+  const explicitBaseBranch = typeof options.baseBranch === 'string' ? options.baseBranch.trim() : '';
+  const candidateBaseBranches = Array.from(new Set([
+    explicitBaseBranch,
+    slice.baseBranch,
+    'main',
+    'develop',
+    'master',
+  ].filter(Boolean)));
+  let baseRef = '';
+  let baseSource = '';
+  for (const candidate of candidateBaseBranches) {
+    if (hasRemoteBranch(repoRoot, candidate, remote)) {
+      baseRef = `${remote}/${candidate}`;
+      baseSource = explicitBaseBranch === candidate ? '--base' : candidate === slice.baseBranch ? 'slice.git.base_branch' : 'fallback';
+      break;
+    }
+    if (hasLocalBranch(repoRoot, candidate)) {
+      baseRef = candidate;
+      baseSource = explicitBaseBranch === candidate ? '--base' : candidate === slice.baseBranch ? 'slice.git.base_branch' : 'fallback';
+      break;
+    }
+  }
   let touchedRaw = '';
-  if (hasRemoteBranch(repoRoot, 'develop')) {
-    touchedRaw = runGit(['diff', '--name-only', 'origin/develop...HEAD'], repoRoot);
-  } else if (hasLocalBranch(repoRoot, 'develop')) {
-    touchedRaw = runGit(['diff', '--name-only', 'develop...HEAD'], repoRoot);
+  if (baseRef) {
+    touchedRaw = runGit(['diff', '--name-only', `${baseRef}...HEAD`], repoRoot);
+    console.log(`INFO: check-scope base: ${baseRef} (${baseSource}).`);
   } else {
-    console.log('WARN: No se encontro rama origin/develop ni develop. Saltando check de scope.');
+    console.log(`WARN: No se encontro base para check-scope. Probadas: ${candidateBaseBranches.join(', ')}. Usa --base <branch> o configura git.base_branch en slice.json.`);
     return;
   }
   if (!touchedRaw) {
-    console.log('WARN: No se encontraron archivos modificados respecto de develop.');
+    console.log(`WARN: No se encontraron archivos modificados respecto de ${baseRef}.`);
     return;
   }

package/src/create-quiver/lib/scope.js CHANGED Viewed

@@ -1,6 +1,7 @@
 const { statusPorcelain } = require('./git');
 const { normalizeContextPath } = require('./ai/safety');
 const { checkScope } = require('./readiness');
+const { validateProjectRelativePaths } = require('./paths');
 class ScopeValidationError extends Error {
   constructor(code, message, details = {}) {
@@ -118,7 +119,7 @@ function diffWorktreeSnapshots(beforeSnapshot, afterSnapshot) {
 function validateScopeSnapshot({ allowedFiles = [], beforeSnapshot, afterSnapshot, strict = true } = {}) {
   const normalizedAllowedFiles = Array.from(new Set(
     Array.isArray(allowedFiles)
-      ? allowedFiles.map(normalizeScopePath).filter(Boolean)
+      ? validateProjectRelativePaths(allowedFiles, 'allowed scope path').map(normalizeScopePath).filter(Boolean)
       : [],
   ));
   const changedFiles = diffWorktreeSnapshots(beforeSnapshot, afterSnapshot);