gsd-pi 2.31.0 → 2.31.1-dev.d338017

package/dist/resources/extensions/gsd/auto-dispatch.ts

@@ -104,25 +104,6 @@ const DISPATCH_RULES: DispatchRule[] = [
       };
     },
   },
-  {
-    name: "run-uat (post-completion)",
-    match: async ({ state, mid, basePath, prefs }) => {
-      const needsRunUat = await checkNeedsRunUat(basePath, mid, state, prefs);
-      if (!needsRunUat) return null;
-      const { sliceId, uatType } = needsRunUat;
-      const uatFile = resolveSliceFile(basePath, mid, sliceId, "UAT")!;
-      const uatContent = await loadFile(uatFile);
-      return {
-        action: "dispatch",
-        unitType: "run-uat",
-        unitId: `${mid}/${sliceId}`,
-        prompt: await buildRunUatPrompt(
-          mid, sliceId, relSliceFile(basePath, mid, sliceId, "UAT"), uatContent ?? "", basePath,
-        ),
-        pauseAfterDispatch: uatType !== "artifact-driven",
-      };
-    },
-  },
   {
     name: "uat-verdict-gate (non-PASS blocks progression)",
     match: async ({ mid, basePath, prefs }) => {
@@ -152,6 +133,25 @@ const DISPATCH_RULES: DispatchRule[] = [
       return null;
     },
   },
+  {
+    name: "run-uat (post-completion)",
+    match: async ({ state, mid, basePath, prefs }) => {
+      const needsRunUat = await checkNeedsRunUat(basePath, mid, state, prefs);
+      if (!needsRunUat) return null;
+      const { sliceId, uatType } = needsRunUat;
+      const uatFile = resolveSliceFile(basePath, mid, sliceId, "UAT")!;
+      const uatContent = await loadFile(uatFile);
+      return {
+        action: "dispatch",
+        unitType: "run-uat",
+        unitId: `${mid}/${sliceId}`,
+        prompt: await buildRunUatPrompt(
+          mid, sliceId, relSliceFile(basePath, mid, sliceId, "UAT"), uatContent ?? "", basePath,
+        ),
+        pauseAfterDispatch: uatType !== "artifact-driven",
+      };
+    },
+  },
   {
     name: "reassess-roadmap (post-completion)",
     match: async ({ state, mid, midTitle, basePath, prefs }) => {

package/dist/resources/extensions/gsd/auto-prompts.ts

@@ -530,21 +530,14 @@ export async function checkNeedsRunUat(
   const uatContent = await loadFile(uatFile);
   if (!uatContent) return null;
 
-  // If UAT result already exists with a PASS verdict, skip (idempotent).
-  // Non-PASS verdicts (FAIL, surfaced-for-human-review) should block slice
-  // progression — return the slice for re-evaluation (#1231).
+  // If a UAT result already exists, the UAT unit has already run and must not
+  // be re-dispatched. PASS means progression can continue; any non-PASS verdict
+  // must be handled by the dispatch table's verdict gate, which stops progression
+  // with a human-action message instead of replaying the same run-uat unit.
   const uatResultFile = resolveSliceFile(base, mid, sid, "UAT-RESULT");
   if (uatResultFile) {
     const resultContent = await loadFile(uatResultFile);
-    if (resultContent) {
-      const verdictMatch = resultContent.match(/verdict:\s*([\w-]+)/i);
-      const verdict = verdictMatch?.[1]?.toLowerCase();
-      if (verdict === "pass" || verdict === "passed") return null; // PASS — skip
-      // Non-PASS verdict exists — don't re-run UAT, but don't advance either.
-      // Return null here since the UAT already ran; the dispatch table's
-      // complete-slice rule should check the verdict before advancing.
-      // For now, returning the slice signals it still needs attention.
-    }
+    if (resultContent) return null;
   }
 
   // Classify UAT type; unknown type → treat as human-experience (human review)

package/dist/resources/extensions/gsd/auto-supervisor.ts

@@ -5,6 +5,7 @@
  */
 
 import { clearLock } from "./crash-recovery.js";
+import { releaseSessionLock } from "./session-lock.js";
 import { nativeHasChanges } from "./native-git-bridge.js";
 
 // ─── SIGTERM Handling ─────────────────────────────────────────────────────────
@@ -23,6 +24,7 @@ export function registerSigtermHandler(
 ): () => void {
   if (previousHandler) process.off("SIGTERM", previousHandler);
   const handler = () => {
+    releaseSessionLock(currentBasePath);
     clearLock(currentBasePath);
     process.exit(0);
   };

package/dist/resources/extensions/gsd/session-lock.ts

@@ -51,6 +51,9 @@ let _lockedPath: string | null = null;
 /** Our PID at lock acquisition time. */
 let _lockPid: number = 0;
 
+/** Set to true when proper-lockfile fires onCompromised (mtime drift, sleep, etc.). */
+let _lockCompromised: boolean = false;
+
 const LOCK_FILE = "auto.lock";
 
 function lockPath(basePath: string): string {
@@ -102,13 +105,22 @@ export function acquireSessionLock(basePath: string): SessionLockResult {
 
     const release = lockfile.lockSync(gsdDir, {
       realpath: false,
-      stale: 300_000, // 5 minutes — consider lock stale if holder hasn't updated
+      stale: 1_800_000, // 30 minutes — safe for laptop sleep / long event loop stalls
       update: 10_000, // Update lock mtime every 10s to prove liveness
+      onCompromised: () => {
+        // proper-lockfile detected mtime drift (system sleep, event loop stall, etc.).
+        // Default handler throws inside setTimeout — an uncaught exception that crashes
+        // or corrupts process state. Instead, set a flag so validateSessionLock() can
+        // detect the compromise gracefully on the next dispatch cycle.
+        _lockCompromised = true;
+        _releaseFunction = null;
+      },
     });
 
     _releaseFunction = release;
     _lockedPath = basePath;
     _lockPid = process.pid;
+    _lockCompromised = false;
 
     // Safety net: clean up lock dir on process exit if _releaseFunction
     // wasn't called (e.g., normal exit after clean completion) (#1245).
@@ -233,6 +245,11 @@ export function updateSessionLock(
  * This is called periodically during the dispatch loop.
  */
 export function validateSessionLock(basePath: string): boolean {
+  // Lock was compromised by proper-lockfile (mtime drift from sleep, stall, etc.)
+  if (_lockCompromised) {
+    return false;
+  }
+
   // If we have an OS-level lock, we're still the owner
   if (_releaseFunction && _lockedPath === basePath) {
     return true;
@@ -284,6 +301,7 @@ export function releaseSessionLock(basePath: string): void {
 
   _lockedPath = null;
   _lockPid = 0;
+  _lockCompromised = false;
 }
 
 /**

package/dist/resources/extensions/gsd/tests/run-uat.test.ts

@@ -6,6 +6,7 @@
 //   (a)–(j)  extractUatType classification (17 assertions from T01)
 //   (k)      run-uat prompt template loading and content integrity (8 assertions)
 //   (l)      dispatch precondition assertions via resolveSliceFile (4 assertions)
+//   (m)      stale replay guard: existing UAT-RESULT never re-dispatches (2 assertions)
 
 import { mkdtempSync, mkdirSync, readFileSync, rmSync, writeFileSync } from 'node:fs';
 import { join, dirname } from 'node:path';
@@ -14,6 +15,7 @@ import { fileURLToPath } from 'node:url';
 
 import { extractUatType } from '../files.ts';
 import { resolveSliceFile } from '../paths.ts';
+import { checkNeedsRunUat } from '../auto-prompts.ts';
 import { createTestContext } from './test-helpers.ts';
 
 // ─── Worktree-aware prompt loader ──────────────────────────────────────────
@@ -308,6 +310,54 @@ async function main(): Promise<void> {
     }
   }
 
+  // ─── (m) stale replay guard: existing UAT-RESULT never re-dispatches ─────
+  console.log('\n── (m) stale replay guard');
+
+  {
+    const base = createFixtureBase();
+    try {
+      const roadmapDir = join(base, '.gsd', 'milestones', 'M001');
+      mkdirSync(roadmapDir, { recursive: true });
+      writeFileSync(
+        join(roadmapDir, 'M001-ROADMAP.md'),
+        [
+          '# M001: Test roadmap',
+          '',
+          '## Slices',
+          '',
+          '- [x] **S01: First slice** `risk:low` `depends:[]`',
+          '- [ ] **S02: Next slice** `risk:low` `depends:[S01]`',
+          '',
+          '## Boundary Map',
+          '',
+        ].join('\n'),
+      );
+
+      writeSliceFile(base, 'M001', 'S01', 'UAT', makeUatContent('artifact-driven'));
+      writeSliceFile(base, 'M001', 'S01', 'UAT-RESULT', '---\nverdict: surfaced-for-human-review\n---\n');
+
+      const state = {
+        activeMilestone: { id: 'M001', title: 'Test roadmap' },
+        activeSlice: { id: 'S02', title: 'Next slice' },
+        activeTask: null,
+        phase: 'planning',
+        recentDecisions: [],
+        blockers: [],
+        nextAction: 'Plan S02',
+        registry: [],
+      } as const;
+
+      const result = await checkNeedsRunUat(base, 'M001', state as any, { uat_dispatch: true } as any);
+      assertEq(
+        result,
+        null,
+        'existing UAT-RESULT with non-PASS verdict does not re-dispatch run-uat; verdict gate owns blocking',
+      );
+    } finally {
+      cleanup(base);
+    }
+  }
+
   report();
 }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gsd-pi",
-  "version": "2.31.0",
+  "version": "2.31.1-dev.d338017",
   "description": "GSD — Get Shit Done coding agent",
   "license": "MIT",
   "repository": {

package/packages/pi-coding-agent/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gsd/pi-coding-agent",
-  "version": "2.31.0",
+  "version": "2.31.1",
   "description": "Coding agent CLI (vendored from pi-mono)",
   "type": "module",
   "piConfig": {

package/pkg/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@glittercowboy/gsd",
-  "version": "2.31.0",
+  "version": "2.31.1",
   "piConfig": {
     "name": "gsd",
     "configDir": ".gsd"

package/src/resources/extensions/gsd/auto-dispatch.ts

@@ -104,25 +104,6 @@ const DISPATCH_RULES: DispatchRule[] = [
       };
     },
   },
-  {
-    name: "run-uat (post-completion)",
-    match: async ({ state, mid, basePath, prefs }) => {
-      const needsRunUat = await checkNeedsRunUat(basePath, mid, state, prefs);
-      if (!needsRunUat) return null;
-      const { sliceId, uatType } = needsRunUat;
-      const uatFile = resolveSliceFile(basePath, mid, sliceId, "UAT")!;
-      const uatContent = await loadFile(uatFile);
-      return {
-        action: "dispatch",
-        unitType: "run-uat",
-        unitId: `${mid}/${sliceId}`,
-        prompt: await buildRunUatPrompt(
-          mid, sliceId, relSliceFile(basePath, mid, sliceId, "UAT"), uatContent ?? "", basePath,
-        ),
-        pauseAfterDispatch: uatType !== "artifact-driven",
-      };
-    },
-  },
   {
     name: "uat-verdict-gate (non-PASS blocks progression)",
     match: async ({ mid, basePath, prefs }) => {
@@ -152,6 +133,25 @@ const DISPATCH_RULES: DispatchRule[] = [
       return null;
     },
   },
+  {
+    name: "run-uat (post-completion)",
+    match: async ({ state, mid, basePath, prefs }) => {
+      const needsRunUat = await checkNeedsRunUat(basePath, mid, state, prefs);
+      if (!needsRunUat) return null;
+      const { sliceId, uatType } = needsRunUat;
+      const uatFile = resolveSliceFile(basePath, mid, sliceId, "UAT")!;
+      const uatContent = await loadFile(uatFile);
+      return {
+        action: "dispatch",
+        unitType: "run-uat",
+        unitId: `${mid}/${sliceId}`,
+        prompt: await buildRunUatPrompt(
+          mid, sliceId, relSliceFile(basePath, mid, sliceId, "UAT"), uatContent ?? "", basePath,
+        ),
+        pauseAfterDispatch: uatType !== "artifact-driven",
+      };
+    },
+  },
   {
     name: "reassess-roadmap (post-completion)",
     match: async ({ state, mid, midTitle, basePath, prefs }) => {

package/src/resources/extensions/gsd/auto-prompts.ts

@@ -530,21 +530,14 @@ export async function checkNeedsRunUat(
   const uatContent = await loadFile(uatFile);
   if (!uatContent) return null;
 
-  // If UAT result already exists with a PASS verdict, skip (idempotent).
-  // Non-PASS verdicts (FAIL, surfaced-for-human-review) should block slice
-  // progression — return the slice for re-evaluation (#1231).
+  // If a UAT result already exists, the UAT unit has already run and must not
+  // be re-dispatched. PASS means progression can continue; any non-PASS verdict
+  // must be handled by the dispatch table's verdict gate, which stops progression
+  // with a human-action message instead of replaying the same run-uat unit.
   const uatResultFile = resolveSliceFile(base, mid, sid, "UAT-RESULT");
   if (uatResultFile) {
     const resultContent = await loadFile(uatResultFile);
-    if (resultContent) {
-      const verdictMatch = resultContent.match(/verdict:\s*([\w-]+)/i);
-      const verdict = verdictMatch?.[1]?.toLowerCase();
-      if (verdict === "pass" || verdict === "passed") return null; // PASS — skip
-      // Non-PASS verdict exists — don't re-run UAT, but don't advance either.
-      // Return null here since the UAT already ran; the dispatch table's
-      // complete-slice rule should check the verdict before advancing.
-      // For now, returning the slice signals it still needs attention.
-    }
+    if (resultContent) return null;
   }
 
   // Classify UAT type; unknown type → treat as human-experience (human review)

package/src/resources/extensions/gsd/auto-supervisor.ts

@@ -5,6 +5,7 @@
  */
 
 import { clearLock } from "./crash-recovery.js";
+import { releaseSessionLock } from "./session-lock.js";
 import { nativeHasChanges } from "./native-git-bridge.js";
 
 // ─── SIGTERM Handling ─────────────────────────────────────────────────────────
@@ -23,6 +24,7 @@ export function registerSigtermHandler(
 ): () => void {
   if (previousHandler) process.off("SIGTERM", previousHandler);
   const handler = () => {
+    releaseSessionLock(currentBasePath);
     clearLock(currentBasePath);
     process.exit(0);
   };

package/src/resources/extensions/gsd/session-lock.ts

@@ -51,6 +51,9 @@ let _lockedPath: string | null = null;
 /** Our PID at lock acquisition time. */
 let _lockPid: number = 0;
 
+/** Set to true when proper-lockfile fires onCompromised (mtime drift, sleep, etc.). */
+let _lockCompromised: boolean = false;
+
 const LOCK_FILE = "auto.lock";
 
 function lockPath(basePath: string): string {
@@ -102,13 +105,22 @@ export function acquireSessionLock(basePath: string): SessionLockResult {
 
     const release = lockfile.lockSync(gsdDir, {
       realpath: false,
-      stale: 300_000, // 5 minutes — consider lock stale if holder hasn't updated
+      stale: 1_800_000, // 30 minutes — safe for laptop sleep / long event loop stalls
       update: 10_000, // Update lock mtime every 10s to prove liveness
+      onCompromised: () => {
+        // proper-lockfile detected mtime drift (system sleep, event loop stall, etc.).
+        // Default handler throws inside setTimeout — an uncaught exception that crashes
+        // or corrupts process state. Instead, set a flag so validateSessionLock() can
+        // detect the compromise gracefully on the next dispatch cycle.
+        _lockCompromised = true;
+        _releaseFunction = null;
+      },
     });
 
     _releaseFunction = release;
     _lockedPath = basePath;
     _lockPid = process.pid;
+    _lockCompromised = false;
 
     // Safety net: clean up lock dir on process exit if _releaseFunction
     // wasn't called (e.g., normal exit after clean completion) (#1245).
@@ -233,6 +245,11 @@ export function updateSessionLock(
  * This is called periodically during the dispatch loop.
  */
 export function validateSessionLock(basePath: string): boolean {
+  // Lock was compromised by proper-lockfile (mtime drift from sleep, stall, etc.)
+  if (_lockCompromised) {
+    return false;
+  }
+
   // If we have an OS-level lock, we're still the owner
   if (_releaseFunction && _lockedPath === basePath) {
     return true;
@@ -284,6 +301,7 @@ export function releaseSessionLock(basePath: string): void {
 
   _lockedPath = null;
   _lockPid = 0;
+  _lockCompromised = false;
 }
 
 /**

package/src/resources/extensions/gsd/tests/run-uat.test.ts

@@ -6,6 +6,7 @@
 //   (a)–(j)  extractUatType classification (17 assertions from T01)
 //   (k)      run-uat prompt template loading and content integrity (8 assertions)
 //   (l)      dispatch precondition assertions via resolveSliceFile (4 assertions)
+//   (m)      stale replay guard: existing UAT-RESULT never re-dispatches (2 assertions)
 
 import { mkdtempSync, mkdirSync, readFileSync, rmSync, writeFileSync } from 'node:fs';
 import { join, dirname } from 'node:path';
@@ -14,6 +15,7 @@ import { fileURLToPath } from 'node:url';
 
 import { extractUatType } from '../files.ts';
 import { resolveSliceFile } from '../paths.ts';
+import { checkNeedsRunUat } from '../auto-prompts.ts';
 import { createTestContext } from './test-helpers.ts';
 
 // ─── Worktree-aware prompt loader ──────────────────────────────────────────
@@ -308,6 +310,54 @@ async function main(): Promise<void> {
     }
   }
 
+  // ─── (m) stale replay guard: existing UAT-RESULT never re-dispatches ─────
+  console.log('\n── (m) stale replay guard');
+
+  {
+    const base = createFixtureBase();
+    try {
+      const roadmapDir = join(base, '.gsd', 'milestones', 'M001');
+      mkdirSync(roadmapDir, { recursive: true });
+      writeFileSync(
+        join(roadmapDir, 'M001-ROADMAP.md'),
+        [
+          '# M001: Test roadmap',
+          '',
+          '## Slices',
+          '',
+          '- [x] **S01: First slice** `risk:low` `depends:[]`',
+          '- [ ] **S02: Next slice** `risk:low` `depends:[S01]`',
+          '',
+          '## Boundary Map',
+          '',
+        ].join('\n'),
+      );
+
+      writeSliceFile(base, 'M001', 'S01', 'UAT', makeUatContent('artifact-driven'));
+      writeSliceFile(base, 'M001', 'S01', 'UAT-RESULT', '---\nverdict: surfaced-for-human-review\n---\n');
+
+      const state = {
+        activeMilestone: { id: 'M001', title: 'Test roadmap' },
+        activeSlice: { id: 'S02', title: 'Next slice' },
+        activeTask: null,
+        phase: 'planning',
+        recentDecisions: [],
+        blockers: [],
+        nextAction: 'Plan S02',
+        registry: [],
+      } as const;
+
+      const result = await checkNeedsRunUat(base, 'M001', state as any, { uat_dispatch: true } as any);
+      assertEq(
+        result,
+        null,
+        'existing UAT-RESULT with non-PASS verdict does not re-dispatch run-uat; verdict gate owns blocking',
+      );
+    } finally {
+      cleanup(base);
+    }
+  }
+
   report();
 }