gina 0.3.5 → 0.3.6-alpha.2

package/.github/workflows/security.yml

@@ -0,0 +1,32 @@
+name: Security
+
+on:
+  push:
+    branches: [develop, master]
+  pull_request:
+    branches: [develop, master]
+
+jobs:
+  claude-leak-check:
+    name: Claude-leak scan
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v6
+
+      # #S6 — Backs up the local pre-commit hook (#S5) and the publish-boundary
+      # gate in prepare_version.js (#S3). Fails the build if any tracked path
+      # matches (^|/)(CLAUDE\.md|\.claude[a-z]*). Also retroactively catches
+      # leaks that landed before the active defenses were wired.
+      - name: Scan tracked files for Claude-related paths
+        run: |
+          matches=$(git ls-files | grep -iE '(^|/)(CLAUDE\.md|\.claude[a-z]*)' || true)
+          if [ -n "$matches" ]; then
+            echo "::error::Claude-related paths detected in git index:"
+            echo "$matches" | sed 's/^/  - /'
+            echo ""
+            echo "These paths must never be tracked. Remove with: git rm --cached <path>"
+            echo "If pushed already, scrub history with git filter-repo."
+            exit 1
+          fi
+          echo "OK: no Claude-related paths in git index."

package/AUTHORS

@@ -1,6 +1,6 @@
 # Authors (sorted alphabetically)
 
-Fabrice Delaneau <fabrice.delaneau@gina.io>
+John Doe <fabrice.delaneau@gina.io>
 Martin Luther ETOUMAN <martin-luther.etouman@gina.io>
 
 # Contributors (sorted alphabetically)

package/CONTRIBUTING.md

@@ -13,6 +13,7 @@ Gina follows a BDFL governance model — see [GOVERNANCE.md](./GOVERNANCE.md) fo
 - [Debugging](#debugging)
 - [Coding conventions](#coding-conventions)
 - [Branch model](#branch-model)
+- [Local git hooks (opt-in)](#local-git-hooks-opt-in)
 - [Commit style](#commit-style)
 - [Changelog](#changelog)
 - [Pull request checklist](#pull-request-checklist)
@@ -144,6 +145,23 @@ Always branch from `develop` and open your PR against `develop`.
 
 ---
 
+## Local git hooks (opt-in)
+
+If you have multiple git identities on one machine (work, personal, internal hostname), it is easy to commit under the wrong `user.email` and leak a private domain into the public git log. This repo ships an opt-in `pre-commit` hook that refuses commits authored under a private-domain identity.
+
+Install it once from the repo root:
+
+```bash
+cp resources/git-hooks/pre-commit .git/hooks/pre-commit
+chmod +x .git/hooks/pre-commit
+```
+
+The hook checks `git config user.email` against a short list of private-domain patterns (see the `BLOCKED_PATTERNS` regex inside `resources/git-hooks/pre-commit` for the current list) and exits with an error message if any match — letting you switch identity (`git config user.email you@public-domain.example`) before retrying.
+
+Edit `resources/git-hooks/pre-commit` and extend the `BLOCKED_PATTERNS` regex to cover any additional private domain or hostname suffix you want to guard against. The hook is local to your clone — it is not shared across contributors, so each contributor installs it independently.
+
+---
+
 ## Commit style
 
 Use imperative or gerund sentences, matching the existing log:
@@ -205,4 +223,4 @@ Open a GitHub issue describing the use case **before** writing code. Features th
 | Name | Role | Profile |
 | --- | --- | --- |
 | Martin Luther | Lead maintainer | [rhinostone.com](https://rhinostone.com) |
-| Fabrice Delaneau | Co-author | [fdelaneau.com](https://fdelaneau.com) |
+| John Doe | Co-author | [fdelaneau.com](https://fdelaneau.com) |

package/GOVERNANCE.md

@@ -2,7 +2,7 @@
 
 Gina follows the **BDFL** (Benevolent Dictator For Life) model with a commitment to transparency.
 
-Gina is co-authored by **Martin Luther** ([Rhinostone](https://rhinostone.com)) and **Fabrice Delaneau** ([fdelaneau.com](https://fdelaneau.com)). Final decisions on direction, API design, and releases rest with Martin Luther. Community contributions and RFCs are welcome and taken seriously.
+Gina is co-authored by **Martin Luther** ([Rhinostone](https://rhinostone.com)) and **John Doe** ([fdelaneau.com](https://fdelaneau.com)). Final decisions on direction, API design, and releases rest with Martin Luther. Community contributions and RFCs are welcome and taken seriously.
 
 ## How decisions are made
 

package/README.md

@@ -22,7 +22,7 @@ Node.js MVC framework with built-in HTTP/2, multi-bundle architecture, and scope
 | ORM / entities | EventEmitter-based entity system; SQL files auto-wired to entity methods |
 | Connectors | Couchbase, MySQL, PostgreSQL, Redis, SQLite, AI (LLM) — loaded from project `node_modules` |
 | AI connector | Any LLM provider via named protocol (`anthropic://`, `openai://`, `ollama://`, …) |
-| Template engine | Swig 1.4.2 built-in; streaming SSE/chunked via `renderStream()` |
+| Template engine | [`@rhinostone/swig`](https://github.com/gina-io/swig) 1.5.0 — maintained fork with CVE-2023-25345 patched; streaming SSE/chunked via `renderStream()` |
 | Hot reload | WatcherService evicts `require.cache` only on file change — zero per-request overhead in dev |
 | K8s ready | `gina-container`, `gina-init`, SIGTERM drain, JSON stdout logging |
 | Dependency injection | Mockable connectors and config for unit testing |
@@ -37,10 +37,11 @@ gina bundle:start api @myproject
 open https://localhost:3100
 ```
 
-## What's in 0.3.4
+## What's in 0.3.5
 
-- **Fixed `require('gina/gna')` explicit exports** — v0.3.3 shipped with stale framework paths in `gna.js`, causing `MODULE_NOT_FOUND` errors; release lifecycle scripts now sync `gna.js` automatically on every version change
-- See 0.3.3 for feature additions (live index introspection, `bundle:openapi`, `framework:get`, `port:set`, swig migration, internal `lib/uuid`, popin performance, validator fix, Docker fixes, requireJSON resilience)
+- **Security (CVE-2023-25345 extension)** — bumped `@rhinostone/swig` to 1.5.0, extending path-traversal guards to bracket-notation access, set-bracket assignment, for-loop variables, macro names, and import aliases
+- **Client-side parity** — updated vendored browser swig (`core/deps/swig-client/`) to the 1.5.0 build; browser-side templating now matches the server-side `__proto__`/`constructor`/`prototype` blocklist
+- See 0.3.4 for the `require('gina/gna')` stale-path fix, and 0.3.3 for feature additions (live index introspection, `bundle:openapi`, `framework:get`, `port:set`, swig migration, internal `lib/uuid`, popin performance, validator fix, Docker fixes, requireJSON resilience)
 
 See the full [Changelog](./CHANGELOG.md) and [Roadmap](./ROADMAP.md).
 
@@ -63,7 +64,7 @@ Full installation guide, tutorials, configuration reference, and API docs at **[
 
 ## Governance
 
-Gina is co-authored by **Martin Luther** ([Rhinostone](https://rhinostone.com)) and **Fabrice Delaneau** ([fdelaneau.com](https://fdelaneau.com)). Final decisions on direction, API design, and releases rest with Martin Luther. Community contributions and RFCs are welcome and taken seriously. See [GOVERNANCE.md](./GOVERNANCE.md) for details.
+Gina is co-authored by **Martin Luther** ([Rhinostone](https://rhinostone.com)) and **John Doe** ([fdelaneau.com](https://fdelaneau.com)). Final decisions on direction, API design, and releases rest with Martin Luther. Community contributions and RFCs are welcome and taken seriously. See [GOVERNANCE.md](./GOVERNANCE.md) for details.
 
 ## License (MIT)
 

package/framework/{v0.3.5 → v0.3.6-alpha.2}/AUTHORS

@@ -3,5 +3,5 @@
 #
 
 Martin Luther ETOUMAN <contact@gina.io>
-Fabrice DELANEAU <contact+gina@fdelaneau.com>
+John Doe <contact+gina@fdelaneau.com>
 Stephane HEAV <stephane.heav@gmail.com>

package/framework/v0.3.6-alpha.2/VERSION

@@ -0,0 +1 @@
+0.3.6-alpha.2

package/framework/{v0.3.5 → v0.3.6-alpha.2}/core/asset/plugin/dist/vendor/gina/js/gina.js

@@ -9015,7 +9015,7 @@ define('gina/link', [ 'require', 'lib/domain', 'lib/merge', 'lib/uuid', 'utils/e
                 // is request from same domain ?
                 //options.headers['Origin']   = window.protocol+'//'+window.location.host;
                 //options.headers['Origin']   = '*';
-                //options.headers['Host']     = 'https://freelancer-app.fr.local:3154';
+                //options.headers['Host']     = 'https://myproject.local:3154';
                 var hostRootDomain  = domainInstance.getRootDomain(window.location.hostname).value;
                 var urlRootDomain   = domainInstance.getRootDomain(url).value;
                 var isSameDomain    = (hostRootDomain === urlRootDomain) ? true : false;

package/framework/{v0.3.5 → v0.3.6-alpha.2}/core/gna.js

@@ -36,7 +36,7 @@ if (!process.env.NODE_COMPILE_CACHE) {
 
 // #P4 — V8 pointer compression detection.
 // Node.js built with --experimental-enable-pointer-compression (e.g. node-caged,
-// or a custom build like the freelancer image) caps each V8 isolate at a 4 GB heap
+// or a custom build like the example image) caps each V8 isolate at a 4 GB heap
 // in exchange for ~50% memory reduction across all pointer-heavy structures
 // (objects, arrays, linked lists). Detection: heap_size_limit ≤ 4 GB is the hard
 // ceiling imposed by 32-bit pointer offsets within a 4 GB memory cage.

package/framework/{v0.3.5 → v0.3.6-alpha.2}/core/plugins/lib/file/package.json

@@ -8,7 +8,7 @@
       "email": "contact@gina.io"
     },
     {
-      "name": "Fabrice Delaneau",
+      "name": "John Doe",
       "email": "contact@gina.io"
     }
   ],

package/framework/{v0.3.5 → v0.3.6-alpha.2}/core/plugins/lib/intl/package.json

@@ -8,7 +8,7 @@
       "email": "contact@gina.io"
     },
     {
-      "name": "Fabrice Delaneau",
+      "name": "John Doe",
       "email": "contact@gina.io"
     }
   ],

package/framework/{v0.3.5 → v0.3.6-alpha.2}/core/plugins/lib/validator/package.json

@@ -8,7 +8,7 @@
       "email": "contact@gina.io"
     },
     {
-      "name": "Fabrice Delaneau",
+      "name": "John Doe",
       "email": "contact@gina.io"
     }
   ],

package/framework/{v0.3.5 → v0.3.6-alpha.2}/package.json

@@ -2,6 +2,6 @@
   "name": "gina-framework",
   "version": "0.3.4",
   "dependencies": {
-    "@rhinostone/swig": "^1.5.0"
+    "@rhinostone/swig": "^1.6.0"
   }
 }

package/gna.js

@@ -15,14 +15,14 @@
 'use strict';
 
 // Framework core — the main gna module (lifecycle hooks, lib, etc.)
-var _gna = require('./framework/v0.3.5/core/gna');
+var _gna = require('./framework/v0.3.6-alpha.2/core/gna');
 
 // SuperController and EntitySuper — loaded from their source modules
-var SuperController = require('./framework/v0.3.5/core/controller');
-var EntitySuper     = require('./framework/v0.3.5/core/model/entity');
+var SuperController = require('./framework/v0.3.6-alpha.2/core/controller');
+var EntitySuper     = require('./framework/v0.3.6-alpha.2/core/model/entity');
 
 // uuid — from the lib registry
-var uuid = require('./framework/v0.3.5/lib/uuid');
+var uuid = require('./framework/v0.3.6-alpha.2/lib/uuid');
 
 module.exports = {
 

package/llms.txt

@@ -673,7 +673,7 @@ Dev-mode query instrumentation captures every database query tied to the current
 24. **`gina start` exits with code 1 even on success** — the startup script detaches the daemon process; the shell child exits with code 1 as part of that detachment. The process is running. Always use `gina status` to confirm rather than relying on the exit code.
 25. **Framework edits in `gina-dev` have no effect on a running bundle until the live install is also patched** — bundles always load from `~/.npm-global/lib/node_modules/gina/` (the main worktree). Editing `gina-dev/framework/…` only affects the next `git merge --ff-only` into `develop`. When testing a framework fix mid-session, apply the same edit to both `gina-dev` and `~/.npm-global/lib/node_modules/gina/` in parallel, then restart the affected bundle.
 26. **`throwError` call-signature reference** — four valid forms: `(errorObj)` (1-arg object/Error); `(res, string)` (2-arg, code inferred from `res.status || 500`); `(res, code, Error)` (3-arg with Error object); `(res, code, string)` (3-arg with string message, code preserved as of this fix). Always `return` immediately after calling `throwError` in a controller action.
-27. **freelancer/v3 `setting-get-one-design` was a latent crash** — `coreapi` routing has `"url": "/settings/get/design/:designId"` with no `requirements` block. Before the `fitsWithRequirements` fix (gotcha #20), every GET to that URL threw a 500 TypeError. The fix makes it work correctly. Worth testing that route after the next ff-only merge.
+27. **internal-bundle `setting-get-one-design` was a latent crash** — `coreapi` routing has `"url": "/settings/get/design/:designId"` with no `requirements` block. Before the `fitsWithRequirements` fix (gotcha #20), every GET to that URL threw a 500 TypeError. The fix makes it work correctly. Worth testing that route after the next ff-only merge.
 28. **Connector code is NOT hot-reloaded** — `core/connectors/*/index.js` modules are loaded once at bundle startup via entity registration, not via `lib/index.js`. `refreshCore()` does not evict them. Any change (new QI fields, `extractIndexes()`, `profile: "timings"`) requires `gina bundle:stop` + `gina bundle:start` or `docker restart <container>`.
 29. **Couchbase SDK v4 `meta.profile` is always undefined** — the C++ binding (`couchbase-cxx-client`) does not forward the `profile` field from the N1QL server response. `meta.profile` is `undefined` even with `profile: 'timings'` in the request. The EXPLAIN fallback (`explainForIndexes()`) runs `EXPLAIN <statement>` asynchronously and caches results per unique statement. First request for a new statement may show N/A; subsequent requests hit the cache. `USE KEYS` queries use `ExpressionScan`/`KeyScan` operators (no `index` field) — detected separately by `extractIndexes()`.
 30. **Test lookback constants are fragile** — `inspector.test.js` section 08 scans backward from `_devLog.push(_queryEntry)` by byte distance looking for `envIsDev`. Adding helper functions or fields between the guard and the push increases the distance. Current constant: 1800 chars. Always check after adding code near the connector QI guard.
@@ -693,3 +693,21 @@ Dev-mode query instrumentation captures every database query tied to the current
 41. **Option B is the active dispatch path in the Couchbase connector** — `register()` in `readSource()` has two paths: Option A (`self._isRegisteredFromProto === true`) and Option B (`!self._isRegisteredFromProto`). Option B is always active for all connector-generated entity methods. When adding debug logging or QI instrumentation to the query execution path, place it in Option B — Option A is dead code.
 42. **Validator touched-field-only error display** — the validator runs a global validation pass on every field blur to determine submit button state (`isFormValid`). The global pass must NOT display errors for untouched fields — only for `event.target.name` (the field the user actually touched). Two call sites in `validator/src/main.js`: ~line 3337 (within the `isFormValid && gResult.error` block) and ~line 4865 (same pattern in the second validation path). The global pass still correctly disables/enables the submit button.
 42. **Docker `node_modules` isolation** — Docker containers using `node_modules` anonymous volumes have their own copy of all npm packages. Edits to `node_modules/` on the host are invisible inside the container. To debug SDK-level behaviour, either `docker exec` and edit inside the container, or add logging to the framework connector code (which IS bind-mounted) rather than the SDK itself.
+43. **`syncDocs` misclassifies stable releases as alpha** (incident 2026-04-13, v0.3.5) — `post_publish.js → syncDocs` skipped the docs `develop → main` merge on a stable publish, logging `[syncDocs] Alpha release — skipping docs sync`. Until this bug is rooted out, every stable publish must manually execute step 12 of the Stable Release Checklist (checkout `main` in `~/Sites/gina/docs/repo`, FF-merge `develop`, push) as a blocking step — not a fallback. Likely a regex/prerelease-detection bug in `syncDocs`.
+44. **Manual `git mv framework/v<alpha>/ v<stable>/` before `npm publish` requires state-file pre-sync** — `prepare_version.js` reads `selectedVersion` from `~/.gina/main.json`, `~/.gina/<shortVersion>/settings.json`, AND `gina.db` `kv_store` (keys `main`, `settings/<shortVersion>`) — never from `package.json`. If state lags the on-disk rename, the script crashes on `require('framework/v<alpha>/helpers')`. Patch all three stores in lockstep before publish. `gina.db` is the canonical store since #CN2v3 — skipping it silently re-diverges. Use `python3 sqlite3` or `better-sqlite3` parameter binding to update `gina.db` — shell-escaping JSON into a SQL string fails on embedded quotes.
+45. **README.md is NOT auto-updated by any release script** — the "What's in X.Y.Z" heading and Features-table Swig version reference are hand-maintained. Before every `npm publish`: run `grep -nE "What's in|Swig [0-9]" README.md` to catch stale sections. Stable checklist step 5 covers this for `package.json`/`llms.txt`/etc. but does not enforce README explicitly. Add to pre-flight mental model: README needs manual bump.
+46. **Docs-repo WIP during release merge: stash, don't file-overwrite** — when merging `develop → main` in `~/Sites/gina/docs/repo` to recover from a `syncDocs` miss, the file-overwrite dance (cp to /tmp, git-show HEAD, edit, restore) only scales to 1–2 files. With significant in-flight work (e.g. Swig migration at 40+ files), use `git stash push -u -m "<purpose>"` → `git checkout main` → `git merge --ff-only develop` → `git push origin main` → `git checkout develop` → `git stash pop`. The `-u` is required for untracked files (e.g. new `.mdx` files).
+
+47. **Single try/catch around sequential git commands silently skips downstream work** — if a `try` block contains `checkout → add → commit → push → checkout main → merge → push` and the `catch` tolerates one failure mode (e.g. "nothing to commit"), every command AFTER the thrower is skipped even when the error was "tolerated". Control leaves the try block on throw. Rule: one try/catch per concern boundary. Put the commit step in its own inner try that tolerates "nothing to commit" and re-throws anything else, so outer sequential steps (push, merge) still run. Git's own commands are idempotent (`merge` on up-to-date main is a harmless no-op) — rely on their idempotency rather than tracking `needsCommit` booleans.
+
+48. **Early-returns on idempotent updates are footguns in multi-side-effect functions** — `if (updated === content) return done()` in `post_publish.js → syncDocs` looked like a harmless perf optimisation but skipped the `git checkout main → merge develop → push main` block entirely. The fix: write-if-changed (no short-circuit) + let the subsequent git steps run; they're already idempotent. Rule: early-returns are only safe in functions that do exactly one thing. If the function has N side effects, the "nothing to do" check must be scoped to just the side effect it's guarding — never to the whole function. _Fixed: 2026-04-13 · commit `c0a20c0c` (develop), `24ea8887` (master)._
+
+49. **`post_publish.js → publishAlpha` recurses into a full nested npm lifecycle** — `execSync('npm publish --tag alpha')` inside publishAlpha triggers `prepare` → `publish` → `postpublish` again. The nested postpublish sees `package.json.version` already bumped to `-alpha.X` (outer bumpVersion ran first) so `self.isAlpha === true` and it correctly skips syncDocs/tagAndMerge. The `[syncDocs] Alpha release — skipping docs sync` log line during a stable publish session is from this nested run, NOT the outer stable run misclassifying — red herring when debugging docs-deploy failures. Full detail: `.claude/architecture/state-and-config.md` § `post_publish.js` — nested `npm publish` recursion.
+
+51. **Non-fatal wrap for post-publish side effects** — the `self.*` chain in `post_publish.js` aborts via `process.exit(1)` on any thrown error (see `begin()` .catch). Every new step added between publish and the release-finalising calls (`tagAndMerge`, `bumpVersion`, `publishAlpha`) must decide: is a throw here worth leaving the release half-shipped? For recoverable polish (lockfile regen, docs sync, GitHub release creation), the answer is no — wrap in try/catch, log `console.warn('[<step>] ... failed (non-fatal — fix manually): ' + err.message)`, and let the chain continue. The `tagAndMerge` GitHub-release block (`ghErr` catch, non-fatal) and `syncDocs` `npm pkg set` + `npm install --package-lock-only` block (#R2, 2026-04-13 · commit `1cff922f`) both follow this pattern. Reserve hard throws for pre-publish gates where aborting *before* artefact push is the whole point.
+
+52. **Todo / spec text drifts from code — always diff before fixing** — `.claude/todo/release-workflow.md` #R2 claimed `syncDocs` "currently calls `npm pkg set devDependencies.gina`" when in fact the call was a manual step 10b in the stable release checklist that had never been automated. The drift came from reading the checklist's intent rather than running `grep 'npm pkg set' script/post_publish.js`. Lesson: before implementing a todo that describes "existing behaviour X", verify X exists in the source tree — intent documents and code documents diverge. The `.claude/todo/*.md` files mix aspirational ("should do Y") with factual ("does Y") entries; treat both as hypotheses until confirmed.
+
+53. **`npm install --package-lock-only --ignore-scripts` is the safe lockfile-regen primitive** — regenerates `package-lock.json` from `package.json` without fetching/installing to `node_modules` and without triggering `prepare`/`preinstall`/`postinstall` lifecycle hooks. Essential when called from inside another npm lifecycle (e.g. `syncDocs` running during gina's `postpublish`) because the docs repo's `prestart` hook (`node scripts/sync-gina-version.js`) would otherwise fire and read stale state. Always validate the command locally with a backup/restore of `package.json` + `package-lock.json` before committing a code path that runs it — `cp *.json /tmp/`, run the commands, `diff` the result, restore.
+
+50. **`package.json` `files` whitelist bypasses `.npmignore` for paths under a listed parent** — empirical audit (#S4, 2026-04-13): `files: ["framework/**", "script/", ...]` produces a 1098-file / 80 MB tarball vs. the `.npmignore`-only baseline of 409 files / 6.9 MB. When `files` lists a parent directory or globstar, nested `.npmignore` rules are bypassed for paths the glob matches — `framework/v*/node_modules` (481 leaks), `asset/plugin/{src,lib}` (incl. `compiler.jar`), `locales/src`, `*.map`, `script/{post_publish,prepare_version}.js` all re-ship. npm docs imply `.npmignore` still filters when `files` is set; in practice it does not for glob-matched paths. Only reliable shape is explicit leaf-level enumeration (one entry per subdirectory), which is fragile — every new subdir needs a `files` update or silently not ships. **Decision:** keep `.npmignore` deny-list; Claude-path leak defense relies on the five layered gates (`.gitignore` → `.npmignore` → pre-commit hook (#S5) → CI scan (#S6) → publish gate + prepack (#S3)). Any future reconsideration must begin with `npm pack --dry-run --ignore-scripts --json` against the proposed shape — reading npm docs alone is misleading.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gina",
-  "version": "0.3.5",
+  "version": "0.3.6-alpha.2",
   "description": "Node.js MVC framework with built-in HTTP/2, multi-bundle architecture, and scope-based data isolation — no Express dependency",
   "keywords": [
     "nodejs",
@@ -37,7 +37,7 @@
       "email": "martin-luther.etouman@gina.io"
     },
     {
-      "name": "Fabrice DELANEAU",
+      "name": "John Doe",
       "email": "fabrice.delaneau@gina.io",
       "url": "https://fdelaneau.com"
     }
@@ -56,7 +56,7 @@
     "gina-container": "bin/gina-container",
     "gina-init": "bin/gina-init"
   },
-  "main": "./framework/v0.3.5/core/gna",
+  "main": "./framework/v0.3.6-alpha.2/core/gna",
   "types": "./types/index.d.ts",
   "typesVersions": {
     "*": {

package/resources/git-hooks/pre-commit

@@ -0,0 +1,40 @@
+#!/usr/bin/env bash
+#
+# pre-commit — block commits authored under a private identity.
+#
+# Opt-in install (run once from the repo root):
+#
+#     cp resources/git-hooks/pre-commit .git/hooks/pre-commit
+#     chmod +x .git/hooks/pre-commit
+#
+# Purpose:
+#   Contributors sometimes have multiple git identities on one machine
+#   (work, personal, internal hostname). Committing to a public project
+#   with the wrong identity leaks private info into the public git log.
+#   This hook checks the currently-configured user.email against a list
+#   of private-domain patterns and aborts the commit if any match.
+#
+# Extend BLOCKED_PATTERNS below for any additional private domain or
+# hostname suffix you want to guard against. The default list reflects
+# the identities that have historically leaked into this repo.
+
+set -e
+
+BLOCKED_PATTERNS='freelancer\.app|\.local$|rhinostone\.com|freelancer-app\.fr'
+
+email="$(git config user.email || true)"
+
+if [ -z "$email" ]; then
+    echo "[pre-commit] No user.email configured — set one with 'git config user.email you@example.com'." >&2
+    exit 1
+fi
+
+if echo "$email" | grep -Eq "$BLOCKED_PATTERNS"; then
+    echo "[pre-commit] ERROR: commit blocked — user.email '$email' matches a private-identity pattern." >&2
+    echo "[pre-commit] Switch identity before committing:" >&2
+    echo "    git config user.email you@public-domain.example" >&2
+    echo "[pre-commit] Then retry the commit." >&2
+    exit 1
+fi
+
+exit 0

package/resources/package.json.template

@@ -34,7 +34,7 @@
       "email": "martin-luther.etouman@gina.io"
     },
     {
-      "name": "Fabrice DELANEAU",
+      "name": "John Doe",
       "email": "fabrice.delaneau@gina.io",
       "url": "https://fdelaneau.com"
     }

package/script/check_no_claude_leak.js

@@ -13,20 +13,80 @@
  *
  * Runs as the `prepack` npm lifecycle hook. Before the tarball is assembled,
  * this script re-runs `npm pack --dry-run --json --ignore-scripts` and fails
- * the publish if any path in the pack listing matches a Claude-related name
- * (`CLAUDE.md`, `.claude*`).
+ * the publish if the pack listing is dirty on either of two axes:
  *
- * `--ignore-scripts` prevents recursion into the `prepare` script (which would
- * otherwise re-invoke `prepare_version.js` and commit a "Prerelease update").
+ *   1. Path-level: any file named `CLAUDE.md` or `.claude*`.
+ *   2. Content-level: any text file containing a private-token pattern
+ *      (phone, private email, private address, private domain,
+ *      co-author legal name that should be scrubbed to the "John Doe"
+ *      pseudonym used in README/GOVERNANCE/CONTRIBUTING).
+ *
+ * `--ignore-scripts` prevents recursion into the `prepare` script (which
+ * would otherwise re-invoke `prepare_version.js` and commit a "Prerelease
+ * update").
  *
  * Exit codes:
- *   0  — pack listing is clean
- *   1  — Claude-related path detected OR check itself errored (fail closed)
+ *   0  — pack listing and contents are clean
+ *   1  — leakage detected OR check itself errored (fail closed)
  */
 
 var execSync = require('child_process').execSync;
+var fs       = require('fs');
+
+var PATH_PATTERN = /(^|\/)(CLAUDE\.md|\.claude[a-z]*)/i;
+
+// Private tokens that must not appear in published tarball contents.
+// Keep patterns narrow — bare words like "Freelancer" are too broad and
+// produce false positives on legitimate content; the domain form
+// `freelancer.app` catches the leak-relevant variant.
+var CONTENT_TOKENS = [
+    { name: 'private phone',   pattern: /0618178647/ },
+    { name: 'private email',   pattern: /[\w.+-]*etouman@rhinostone/i },
+    { name: 'private address', pattern: /Boulevard\s+Arago/i },
+    { name: 'private domain',  pattern: /freelancer\.app/i },
+    { name: 'co-author legal name (use "John Doe" pseudonym)',
+                               pattern: /Fabrice\s+Delaneau/i }
+];
 
-var PATTERN = /(^|\/)(CLAUDE\.md|\.claude[a-z]*)/i;
+// Heuristic: only read files that are likely text. Saves time on binary
+// assets (images, compiled JARs, compressed .br/.gz) and prevents
+// pattern matches from random byte sequences.
+var TEXT_EXT = /\.(md|txt|json|js|mjs|cjs|ts|tsx|jsx|html|htm|css|sass|scss|less|sh|bash|zsh|yaml|yml|xml|svg|csv|d\.ts|mapping|conf|ini|toml|env|template)$/i;
+var TEXT_BASENAME = /^(AUTHORS|LICENSE|COPYING|CHANGELOG|README|NOTICE|CONTRIBUTING|GOVERNANCE|Makefile|\.npmignore|\.gitignore|\.eslintrc|\.editorconfig)(\.[^.]+)?$/;
+
+// Scanner scripts contain the token patterns themselves — skip them to
+// avoid self-matches. Future maintainers: add any new scanner files here.
+var SELF_EXCLUDE = {
+    'script/check_no_claude_leak.js': true,
+    'script/prepare_version.js':      true
+};
+// Files larger than this are skipped — production binaries and bundles
+// don't warrant a byte-by-byte scan.
+var MAX_SCAN_BYTES = 2 * 1024 * 1024;
+
+function isTextPath(p) {
+    if (TEXT_EXT.test(p)) return true;
+    var base = p.split('/').pop();
+    if (TEXT_BASENAME.test(base)) return true;
+    return false;
+}
+
+function scanContent(path) {
+    var stat;
+    try { stat = fs.statSync(path); } catch (e) { return []; }
+    if (!stat.isFile() || stat.size > MAX_SCAN_BYTES) return [];
+
+    var content;
+    try { content = fs.readFileSync(path, 'utf8'); } catch (e) { return []; }
+
+    var hits = [];
+    for (var i = 0; i < CONTENT_TOKENS.length; i++) {
+        if (CONTENT_TOKENS[i].pattern.test(content)) {
+            hits.push(CONTENT_TOKENS[i].name);
+        }
+    }
+    return hits;
+}
 
 try {
     var raw = execSync('npm pack --dry-run --json --ignore-scripts', {
@@ -34,27 +94,53 @@ try {
     }).toString();
 
     var parsed = JSON.parse(raw);
-    var matches = [];
+    var pathMatches = [];
+    var contentMatches = [];
 
     for (var i = 0; i < parsed.length; i++) {
         var files = parsed[i].files || [];
         for (var j = 0; j < files.length; j++) {
-            if (PATTERN.test(files[j].path)) {
-                matches.push(files[j].path);
+            var p = files[j].path;
+
+            if (PATH_PATTERN.test(p)) {
+                pathMatches.push(p);
+            }
+
+            if (isTextPath(p) && !SELF_EXCLUDE[p]) {
+                var hits = scanContent(p);
+                for (var k = 0; k < hits.length; k++) {
+                    contentMatches.push(p + ' — ' + hits[k]);
+                }
             }
         }
     }
 
-    if (matches.length > 0) {
-        console.error('[prepack] ERROR: Claude-related files detected in pack listing:');
-        for (var k = 0; k < matches.length; k++) {
-            console.error('  - ' + matches[k]);
+    var failed = false;
+
+    if (pathMatches.length > 0) {
+        console.error('[prepack] ERROR: Claude-related paths in pack listing:');
+        for (var a = 0; a < pathMatches.length; a++) {
+            console.error('  - ' + pathMatches[a]);
         }
         console.error('[prepack] Fix .npmignore (or package.json "files") before publishing.');
+        failed = true;
+    }
+
+    if (contentMatches.length > 0) {
+        if (failed) console.error('');
+        console.error('[prepack] ERROR: Private tokens in pack contents:');
+        for (var b = 0; b < contentMatches.length; b++) {
+            console.error('  - ' + contentMatches[b]);
+        }
+        console.error('[prepack] Scrub these files before publishing.');
+        failed = true;
+    }
+
+    if (failed) {
         process.exit(1);
     }
 
-    console.log('[prepack] OK: pack listing contains no Claude-related paths.');
+    console.log('[prepack] OK: pack listing and contents are clean.');
     process.exit(0);
 } catch (err) {
     console.error('[prepack] Check failed: ' + (err.message || err));

package/script/post_install.js

@@ -717,6 +717,21 @@ function PostInstall() {
 
         restoreSymlinks();
 
+        // #S5 — install gina's pre-commit hook for contributor clones.
+        // `.git` exists at self.gina root only in a clone/worktree of the gina
+        // repo, not inside `node_modules/gina` on a consumer install. We gate on
+        // its presence so end-user `npm install gina` is a no-op here.
+        // `fs.existsSync(.git)` matches both main repo (.git dir) and linked
+        // worktrees (.git file pointing at ../.git/worktrees/<name>).
+        try {
+            if ( fs.existsSync( _(self.gina + '/.git', true) ) ) {
+                execSync('git -C "' + self.gina + '" config core.hooksPath .githooks');
+                console.debug('Installed gina git hooks path (core.hooksPath=.githooks)');
+            }
+        } catch (_hooksErr) {
+            console.warn('Could not install gina git hooks path: ' + (_hooksErr.message || _hooksErr));
+        }
+
         // configuring Gina
         var ginaBinanry = _(self.gina + '/bin/gina', true);
         if (!self.isCustomPrefix && self.isGlobalInstall) {

package/framework/v0.3.5/VERSION

@@ -1 +0,0 @@
-0.3.5