gsd-lite 0.5.12 → 0.5.14

package/.claude-plugin/marketplace.json

@@ -13,7 +13,7 @@
       "name": "gsd",
       "source": "./",
       "description": "AI orchestration tool — GSD management shell + Superpowers quality core. 5 commands, 4 agents, 5 workflows, MCP server, context monitoring.",
-      "version": "0.5.12",
+      "version": "0.5.14",
       "keywords": [
         "orchestration",
         "mcp",

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "gsd",
-  "version": "0.5.12",
+  "version": "0.5.14",
   "description": "AI orchestration tool for Claude Code — GSD management shell + Superpowers quality core",
   "author": {
     "name": "sdsrss",

package/README.md

@@ -17,7 +17,7 @@ GSD-Lite is an AI orchestration tool for [Claude Code](https://docs.anthropic.co
 ### Quality Discipline (Built-in, Not Optional)
 - **TDD enforcement** — "No production code without a failing test first" baked into every executor dispatch
 - **Anti-rationalization guards** — Red-flag checklists inline in every agent prompt, blocking common excuses to skip process
-- **Multi-level code review** — L0 self-review / L1 phase-batch review / L2 immediate independent review
+- **Multi-level code review** — L0 self-review / L1 phase-batch review / L2 immediate independent review / phase review retry limit
 - **Contract change propagation** — When an API contract changes, downstream tasks automatically invalidate
 
 ### Intelligent Failure Recovery
@@ -26,6 +26,12 @@ GSD-Lite is an AI orchestration tool for [Claude Code](https://docs.anthropic.co
 - **Blocked task handling** — Blocked tasks are parked; execution continues with remaining tasks
 - **Rework propagation** — Critical review issues cascade invalidation to dependent tasks
 
+### Adaptive Review & Parallel Execution
+- **Confidence-based review adjustment** — Executor self-assesses confidence (high/medium/low); orchestrator auto-adjusts review level with evidence cross-validation
+- **Impact analysis before review** — Reviewer runs impact analysis on multi-file changes to catch missed downstream effects
+- **Parallel task scheduling** — Independent tasks within the same phase are identified for concurrent dispatch
+- **Auto PR suggestion** — Phase/project completion prompts PR creation with evidence summary
+
 ### Context Protection
 - **Subagent isolation** — Each task runs in its own agent context, preventing cross-contamination
 - **StatusLine monitoring** — Real-time context health tracking via Claude Code StatusLine
@@ -243,7 +249,7 @@ gsd-lite/
 ├── references/             # 8 reference docs
 ├── hooks/                  # Session lifecycle (StatusLine + PostToolUse + SessionStart + Stop + AutoUpdate)
 │   └── lib/               # Shared hook utilities (gsd-finder)
-├── tests/                  # 804 tests (unit + simulation + E2E)
+├── tests/                  # 826 tests (unit + simulation + E2E)
 ├── cli.js                  # Install/uninstall CLI entry
 ├── install.js              # Installation script
 └── uninstall.js            # Uninstall script
@@ -252,8 +258,8 @@ gsd-lite/
 ## Testing
 
 ```bash
-npm test                    # Run all 804 tests
-npm run test:coverage       # Tests + coverage report (94%+ lines, 81%+ branches)
+npm test                    # Run all 826 tests
+npm run test:coverage       # Tests + coverage report (94%+ lines, 83%+ branches)
 npm run lint                # Biome lint
 node --test tests/file.js   # Run a single test file
 ```

package/agents/executor.md

@@ -55,6 +55,7 @@ tools: Read, Write, Edit, Bash, Grep, Glob
   "decisions": ["[DECISION] use optimistic locking by version column"],
   "blockers": [],
   "contract_changed": true,
+  "confidence": "high",
   "evidence": [
     {"id": "ev:test:users-update", "scope": "task:2.3"},
     {"id": "ev:typecheck:phase-2", "scope": "task:2.3"}
@@ -67,6 +68,13 @@ tools: Read, Write, Edit, Bash, Grep, Glob
 - 改了共享类型定义 / 接口 → true
 - 只改了内部实现逻辑、不影响外部调用方 → false
 - 拿不准时 → true (安全优先)
+
+`confidence` 判定指南 (用于审查级别自动调整):
+- "high" — 测试全通过 + 改动明确 + 无意外复杂度
+- "medium" — 测试通过但有不确定性 (边界条件、并发、外部依赖)
+- "low" — 有已知风险/跳过的测试/不确定的副作用
+- 拿不准时 → "medium"
+- 编排器会根据 confidence 自动升/降审查级别
 </result_contract>
 
 <uncertainty_handling>

package/agents/reviewer.md

@@ -58,12 +58,26 @@ L2 关键任务 → 单任务独立 review
   - 拿不准时 → 升一级处理
 </review_strategy>
 
+<impact_analysis>
+## 审查前影响分析 (多文件变更时)
+
+当 `files_changed` 包含 3+ 文件，或涉及跨模块修改时:
+1. 使用 `code-graph-mcp impact <主要变更的函数/类名>` 分析影响范围
+2. 检查调用方是否都已被修改或兼容
+3. 将未覆盖的影响范围标注为 Critical issue
+
+这能发现 executor 遗漏的下游影响，是审查增值的关键步骤。
+单文件内部修改可跳过此步骤。
+如 `code-graph-mcp` 不可用，改用 Grep/Glob 手动追踪变更函数的调用方。
+</impact_analysis>
+
 <stage_1_spec_review>
 检查代码是否符合任务规格:
 - 所有需求都实现了吗？
 - 有没有多余的实现 (YAGNI)？
 - 接口/API 是否符合计划？
 - 测试是否覆盖了需求中的每个场景？
+- 影响分析发现的调用方是否都已适配？
 结果: ✅ 通过 / ❌ 列出不符合项 (附具体代码位置)
 </stage_1_spec_review>
 

package/hooks/gsd-statusline.cjs

@@ -6,24 +6,7 @@
 const fs = require('node:fs');
 const path = require('node:path');
 const os = require('node:os');
-
-/**
- * Walk from startDir up to filesystem root looking for a .gsd directory.
- * Returns the absolute path to .gsd if found, or null.
- */
-function findGsdDir(startDir) {
-  let dir = startDir;
-  while (true) {
-    const candidate = path.join(dir, '.gsd');
-    try {
-      if (fs.statSync(candidate).isDirectory()) return candidate;
-    } catch {
-      const parent = path.dirname(dir);
-      if (parent === dir) return null; // reached filesystem root
-      dir = parent;
-    }
-  }
-}
+const { findGsdDir } = require('./lib/gsd-finder.cjs');
 
 let input = '';
 const stdinTimeout = setTimeout(() => process.exit(0), 3000);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gsd-lite",
-  "version": "0.5.12",
+  "version": "0.5.14",
   "description": "AI orchestration tool for Claude Code — GSD management shell + Superpowers quality core",
   "type": "module",
   "bin": {

package/src/schema.js

@@ -586,6 +586,10 @@ export function validateExecutorResult(r) {
   if (r.outcome === 'checkpointed' && typeof r.checkpoint_commit !== 'string') {
     errors.push('checkpointed outcome requires checkpoint_commit');
   }
+  // confidence is optional; when present must be one of the valid values
+  if ('confidence' in r && !['high', 'medium', 'low'].includes(r.confidence)) {
+    errors.push('confidence must be "high", "medium", or "low"');
+  }
   return { valid: errors.length === 0, errors };
 }
 

package/src/tools/orchestrator/debugger.js

@@ -16,6 +16,8 @@ export async function handleDebuggerResult({ result, basePath = process.cwd() }
     return { error: true, message: `Invalid debugger result: ${validation.errors.join('; ')}` };
   }
 
+  // Note: read() is outside the state lock — safe under single-session sequential execution.
+  // See executor.js for rationale.
   const state = await read({ basePath });
   if (state.error) return state;
   const { phase, task } = getPhaseAndTask(state, result.task_id);

package/src/tools/orchestrator/executor.js

@@ -20,6 +20,9 @@ export async function handleExecutorResult({ result, basePath = process.cwd() }
     return { error: true, message: `Invalid executor result: ${validation.errors.join('; ')}` };
   }
 
+  // Note: read() is outside the state lock. This is safe because the MCP server
+  // processes tool calls sequentially (single-session, promise-queue serialized).
+  // persist() below re-acquires the lock and applies changes atomically.
   const state = await read({ basePath });
   if (state.error) return state;
   const { phase, task } = getPhaseAndTask(state, result.task_id);

package/src/tools/orchestrator/helpers.js

@@ -10,6 +10,7 @@ import { getGitHead, getGsdDir } from '../../utils.js';
 const MAX_DEBUG_RETRY = 3;
 const MAX_RESUME_DEPTH = 3;
 const CONTEXT_RESUME_THRESHOLD = 40;
+const MAX_PHASE_REVIEW_RETRY = 5;
 
 // ── Result Contracts ──
 // Provided in dispatch responses so agents produce valid results on the first call.
@@ -23,6 +24,7 @@ const RESULT_CONTRACTS = {
     decisions: '{ id, title, rationale }[] — architectural decisions made',
     blockers: '{ description, type }[] — what blocked progress (when outcome="blocked")',
     contract_changed: 'boolean — true if external API/behavior contract changed',
+    confidence: '"high" | "medium" | "low" (optional) — executor self-assessed confidence; affects review level',
     evidence: '{ type, detail }[] — verification evidence (test results, lint, etc.)',
   },
   reviewer: {
@@ -423,6 +425,7 @@ export {
   MAX_DEBUG_RETRY,
   MAX_RESUME_DEPTH,
   CONTEXT_RESUME_THRESHOLD,
+  MAX_PHASE_REVIEW_RETRY,
   RESULT_CONTRACTS,
   isTerminalWorkflowMode,
   parseTimestamp,

package/src/tools/orchestrator/researcher.js

@@ -1,6 +1,5 @@
 import { storeResearch } from '../state/index.js';
 import { validateResearcherResult } from '../../schema.js';
-import { resumeWorkflow } from './resume.js';
 
 export async function handleResearcherResult({ result, artifacts, decision_index, basePath = process.cwd() } = {}) {
   if (!result || typeof result !== 'object' || Array.isArray(result)) {
@@ -15,11 +14,10 @@ export async function handleResearcherResult({ result, artifacts, decision_index
   const persisted = await storeResearch({ result, artifacts, decision_index, basePath });
   if (persisted.error) return persisted;
 
-  const resumed = await resumeWorkflow({ basePath });
-  if (resumed.error) return resumed;
-
   return {
-    ...resumed,
+    success: true,
+    action: 'research_stored',
+    workflow_mode: persisted.workflow_mode,
     stored_files: persisted.stored_files,
     decision_ids: persisted.decision_ids,
     research_warnings: persisted.warnings,

package/src/tools/orchestrator/resume.js

@@ -118,7 +118,16 @@ async function resumeExecutingTask(state, basePath) {
       }],
     });
     if (persistError) return persistError;
-    return buildExecutorDispatch(state, phase, task);
+    const dispatch = buildExecutorDispatch(state, phase, task);
+    // Expose parallel-available tasks so callers can dispatch multiple subagents
+    if (selection.parallel_available?.length > 0) {
+      dispatch.parallel_available = selection.parallel_available.map(t => ({
+        id: t.id,
+        name: t.name,
+        level: t.level || 'L1',
+      }));
+    }
+    return dispatch;
   }
 
   if (selection.mode === 'trigger_review') {
@@ -179,12 +188,20 @@ async function resumeExecutingTask(state, basePath) {
       });
       if (advanceError) return advanceError;
     }
+    // Check if this is the last phase — suggest PR creation
+    const isLastPhase = phase.id === state.total_phases;
     return {
       success: true,
       action: 'complete_phase',
       workflow_mode: 'executing_task',
       phase_id: phase.id,
       message: 'All tasks accepted and review passed; phase ready for completion',
+      ...(isLastPhase ? {
+        pr_suggestion: {
+          recommended: true,
+          message: 'All phases complete. Consider creating a PR with `gh pr create`.',
+        },
+      } : {}),
     };
   }
 
@@ -366,6 +383,10 @@ export async function resumeWorkflow({ basePath = process.cwd(), _depth = 0, unb
         completed_phases: (state.phases || []).filter((phase) => phase.lifecycle === 'accepted').length,
         total_phases: state.total_phases,
         message: 'Workflow already completed',
+        pr_suggestion: {
+          recommended: true,
+          message: 'Project complete. Consider creating a PR with `gh pr create` if not already done.',
+        },
       };
     case 'failed': {
       const failedPhases = [];

package/src/tools/orchestrator/reviewer.js

@@ -1,6 +1,7 @@
 import { read } from '../state/index.js';
 import { validateReviewerResult } from '../../schema.js';
 import {
+  MAX_PHASE_REVIEW_RETRY,
   getCurrentPhase,
   getTaskById,
   persist,
@@ -15,6 +16,8 @@ export async function handleReviewerResult({ result, basePath = process.cwd() }
     return { error: true, message: `Invalid reviewer result: ${validation.errors.join('; ')}` };
   }
 
+  // Note: read() is outside the state lock — safe under single-session sequential execution.
+  // See executor.js for rationale.
   const state = await read({ basePath });
   if (state.error) return state;
 
@@ -70,6 +73,40 @@ export async function handleReviewerResult({ result, basePath = process.cwd() }
   const specFailed = result.spec_passed === false;
   const qualityFailed = result.quality_passed === false;
   const needsRework = hasCritical || specFailed || qualityFailed;
+
+  // Compute retry count once for both exhaustion check and state update
+  const currentRetryCount = phase.phase_review?.retry_count || 0;
+  const nextRetryCount = needsRework ? currentRetryCount + 1 : 0;
+
+  // Phase review retry limit: prevent infinite reviewing↔active cycles
+  if (needsRework && nextRetryCount > MAX_PHASE_REVIEW_RETRY) {
+    const persistError = await persist(basePath, {
+      workflow_mode: 'awaiting_user',
+      current_task: null,
+      current_review: {
+        scope: 'phase',
+        scope_id: phase.id,
+        stage: 'review_retry_exhausted',
+        retry_count: nextRetryCount,
+      },
+      phases: [{
+        id: phase.id,
+        lifecycle: phase.lifecycle === 'reviewing' ? 'active' : phase.lifecycle,
+        phase_review: { status: 'rework_required', retry_count: nextRetryCount },
+      }],
+    });
+    if (persistError) return persistError;
+
+    return {
+      success: true,
+      action: 'review_retry_exhausted',
+      workflow_mode: 'awaiting_user',
+      phase_id: phase.id,
+      retry_count: nextRetryCount,
+      message: `Phase ${phase.id} review failed ${nextRetryCount} times (limit: ${MAX_PHASE_REVIEW_RETRY}). User intervention required.`,
+    };
+  }
+
   const reviewStatus = needsRework ? 'rework_required' : 'accepted';
 
   // done is auto-recomputed by update() — no manual tracking needed
@@ -77,9 +114,7 @@ export async function handleReviewerResult({ result, basePath = process.cwd() }
     id: phase.id,
     phase_review: {
       status: reviewStatus,
-      ...(needsRework
-        ? { retry_count: (phase.phase_review?.retry_count || 0) + 1 }
-        : { retry_count: 0 }),
+      retry_count: nextRetryCount,
     },
     todo: taskPatches,
   };

package/src/tools/state/crud.js

@@ -12,7 +12,6 @@ import {
   createInitialState,
   migrateState,
 } from '../../schema.js';
-import { runAll } from '../verify.js';
 import {
   ERROR_CODES,
   MAX_EVIDENCE_ENTRIES,
@@ -29,6 +28,11 @@ export async function init({ project, phases, research, force = false, basePath
   if (!project || typeof project !== 'string') {
     return { error: true, code: ERROR_CODES.INVALID_INPUT, message: 'project must be a non-empty string' };
   }
+  // Sanitize: strip HTML comment delimiters (could break marker-based CLAUDE.md injection) and cap length
+  project = project.replace(/<!--|-->/g, '').trim().slice(0, 200);
+  if (!project) {
+    return { error: true, code: ERROR_CODES.INVALID_INPUT, message: 'project name is empty after sanitization' };
+  }
   if (!Array.isArray(phases)) {
     return { error: true, code: ERROR_CODES.INVALID_INPUT, message: 'phases must be an array' };
   }
@@ -420,7 +424,14 @@ export async function phaseComplete({
       };
     }
 
-    const verificationResult = verification || (run_verify ? await runAll(basePath) : null);
+    if (run_verify && !verification) {
+      return {
+        error: true,
+        code: ERROR_CODES.INVALID_INPUT,
+        message: 'run_verify requires verification results to be passed via the verification parameter; the state layer does not execute external tools',
+      };
+    }
+    const verificationResult = verification || null;
     const testsPassed = verificationResult
       ? verificationPassed(verificationResult)
       : phase.phase_handoff.tests_passed === true;

package/src/tools/state/logic.js

@@ -66,7 +66,10 @@ export function selectRunnableTask(phase, state, { maxRetry = DEFAULT_MAX_RETRY
   }
 
   if (runnableTasks.length > 0) {
-    return { task: runnableTasks[0] };
+    return {
+      task: runnableTasks[0],
+      ...(runnableTasks.length > 1 ? { parallel_available: runnableTasks.slice(1) } : {}),
+    };
   }
 
   const awaitingReview = phase.todo.filter(t => t.lifecycle === 'checkpointed');
@@ -236,8 +239,9 @@ const SENSITIVE_KEYWORDS = /\b(auth|payment|security|public.?api|login|token|cre
 
 /**
  * Reclassify review level at runtime based on executor results.
- * Upgrades L1->L2 when contract_changed + sensitive keywords or [LEVEL-UP].
- * Never downgrades.
+ * Upgrades L1->L2 when: contract_changed + sensitive keywords, [LEVEL-UP], or low confidence.
+ * Downgrades L1->L0 when: confidence is high and no contract change.
+ * Never downgrades L2/L3.
  */
 export function reclassifyReviewLevel(task, executorResult) {
   const currentLevel = task.level || 'L1';
@@ -259,6 +263,25 @@ export function reclassifyReviewLevel(task, executorResult) {
     return 'L2';
   }
 
+  // Confidence-based adjustment: low confidence upgrades L1 → L2
+  if (executorResult.confidence === 'low' && currentLevel === 'L1') {
+    return 'L2';
+  }
+
+  // High confidence on non-sensitive L1 tasks → downgrade to L0 (self-review sufficient)
+  // Cross-validate: require objective evidence before trusting self-reported confidence.
+  // Without evidence or with failed tests, confidence claim is not credible.
+  if (executorResult.confidence === 'high' && currentLevel === 'L1'
+      && !executorResult.contract_changed) {
+    const hasEvidence = Array.isArray(executorResult.evidence) && executorResult.evidence.length > 0;
+    const hasTestFailure = Array.isArray(executorResult.evidence)
+      && executorResult.evidence.some(e => e && e.type === 'test' && e.passed === false);
+    if (hasEvidence && !hasTestFailure) {
+      return 'L0';
+    }
+    // Insufficient evidence or test failure — stay at L1 despite high confidence claim
+  }
+
   return currentLevel;
 }
 

package/src/utils.js

@@ -65,6 +65,7 @@ const LOCK_MAX_RETRIES = 100; // 5 seconds total
  */
 export async function withFileLock(lockPath, fn) {
   let acquired = false;
+  let nonLockError = false;
   for (let i = 0; i < LOCK_MAX_RETRIES; i++) {
     try {
       await writeFile(lockPath, String(process.pid), { flag: 'wx' });
@@ -84,11 +85,21 @@ export async function withFileLock(lockPath, fn) {
         }
         await new Promise(r => setTimeout(r, LOCK_RETRY_MS));
       } else {
-        break; // Non-EEXIST error — proceed without lock
+        // Non-EEXIST error (e.g., read-only fs) — proceed without lock
+        nonLockError = true;
+        break;
       }
     }
   }
 
+  // Lock exhaustion (retries depleted while another process held the lock):
+  // throw to prevent concurrent unlocked writes that cause data corruption.
+  // Non-EEXIST errors (read-only fs, permission denied) still proceed without lock
+  // since locking is physically impossible in those environments.
+  if (!acquired && !nonLockError) {
+    throw new Error(`Lock acquisition timeout: could not acquire ${lockPath} after ${LOCK_MAX_RETRIES} retries (${LOCK_MAX_RETRIES * LOCK_RETRY_MS}ms)`);
+  }
+
   try {
     return await fn();
   } finally {