npm - gsd-pi - Versions diffs - 2.50.0-dev.d210a87 → 2.51.0-dev.7d435fe - Mend

gsd-pi 2.50.0-dev.d210a87 → 2.51.0-dev.7d435fe

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (302) hide show

package/src/resources/extensions/gsd/tests/worktree-preferences-sync.test.ts ADDED Viewed

@@ -0,0 +1,130 @@
+/**
+ * worktree-preferences-sync.test.ts — Regression test for #2684.
+ *
+ * Verifies that preferences.md is seeded into auto-mode worktrees:
+ *
+ *   1. copyPlanningArtifacts() copies preferences.md on initial worktree creation
+ *   2. syncGsdStateToWorktree() forward-syncs preferences.md (additive only)
+ *   3. syncWorktreeStateBack() does NOT overwrite project root preferences.md
+ */
+import test from "node:test";
+import assert from "node:assert/strict";
+import {
+  existsSync,
+  mkdirSync,
+  mkdtempSync,
+  readFileSync,
+  rmSync,
+  writeFileSync,
+} from "node:fs";
+import { join } from "node:path";
+import { tmpdir } from "node:os";
+import {
+  syncGsdStateToWorktree,
+  syncWorktreeStateBack,
+} from "../auto-worktree.ts";
+// ─── Helpers ─────────────────────────────────────────────────────────
+function makeTempDir(prefix: string): string {
+  return mkdtempSync(join(tmpdir(), `gsd-prefs-test-${prefix}-`));
+}
+function cleanup(...dirs: string[]): void {
+  for (const dir of dirs) {
+    rmSync(dir, { recursive: true, force: true });
+  }
+}
+function writeFile(dir: string, relativePath: string, content: string): void {
+  const fullPath = join(dir, relativePath);
+  mkdirSync(join(fullPath, ".."), { recursive: true });
+  writeFileSync(fullPath, content, "utf-8");
+}
+// ─── Tests ───────────────────────────────────────────────────────────
+const PREFS_CONTENT = [
+  "# Preferences",
+  "",
+  "post_unit_hooks:",
+  "  - npm run lint",
+  "",
+  "skill_rules:",
+  '  - use: "frontend-design"',
+].join("\n");
+test("#2684: syncGsdStateToWorktree forward-syncs preferences.md when missing from worktree", (t) => {
+  const mainBase = makeTempDir("main");
+  const wtBase = makeTempDir("wt");
+  t.after(() => cleanup(mainBase, wtBase));
+  // Project root has preferences.md
+  writeFile(mainBase, ".gsd/preferences.md", PREFS_CONTENT);
+  // Worktree has .gsd/ but no preferences.md
+  mkdirSync(join(wtBase, ".gsd"), { recursive: true });
+  const result = syncGsdStateToWorktree(mainBase, wtBase);
+  assert.ok(
+    existsSync(join(wtBase, ".gsd", "preferences.md")),
+    "preferences.md should be copied to worktree",
+  );
+  assert.equal(
+    readFileSync(join(wtBase, ".gsd", "preferences.md"), "utf-8"),
+    PREFS_CONTENT,
+    "preferences.md content should match source",
+  );
+  assert.ok(
+    result.synced.includes("preferences.md"),
+    "preferences.md should appear in synced list",
+  );
+});
+test("#2684: syncGsdStateToWorktree does NOT overwrite existing worktree preferences.md", (t) => {
+  const mainBase = makeTempDir("main");
+  const wtBase = makeTempDir("wt");
+  t.after(() => cleanup(mainBase, wtBase));
+  const rootPrefs = "# Root preferences\nold: true";
+  const wtPrefs = "# Worktree preferences\nmodified: true";
+  writeFile(mainBase, ".gsd/preferences.md", rootPrefs);
+  writeFile(wtBase, ".gsd/preferences.md", wtPrefs);
+  syncGsdStateToWorktree(mainBase, wtBase);
+  assert.equal(
+    readFileSync(join(wtBase, ".gsd", "preferences.md"), "utf-8"),
+    wtPrefs,
+    "existing worktree preferences.md must not be overwritten",
+  );
+});
+test("#2684: syncWorktreeStateBack does NOT overwrite project root preferences.md", (t) => {
+  const mainBase = makeTempDir("main");
+  const wtBase = makeTempDir("wt");
+  const mid = "M001";
+  t.after(() => cleanup(mainBase, wtBase));
+  const rootPrefs = "# Root preferences\nauthoritative: true";
+  const wtPrefs = "# Worktree preferences\nstale-copy: true";
+  writeFile(mainBase, ".gsd/preferences.md", rootPrefs);
+  writeFile(wtBase, ".gsd/preferences.md", wtPrefs);
+  // Worktree needs at least a milestone dir for the function to proceed
+  mkdirSync(join(wtBase, ".gsd", "milestones", mid), { recursive: true });
+  mkdirSync(join(mainBase, ".gsd", "milestones"), { recursive: true });
+  syncWorktreeStateBack(mainBase, wtBase, mid);
+  assert.equal(
+    readFileSync(join(mainBase, ".gsd", "preferences.md"), "utf-8"),
+    rootPrefs,
+    "project root preferences.md must NOT be overwritten by worktree copy",
+  );
+});

package/src/resources/extensions/gsd/tools/complete-milestone.ts CHANGED Viewed

@@ -14,7 +14,7 @@ import {
   getMilestone,
   getMilestoneSlices,
   getSliceTasks,
-  _getAdapter,
+  updateMilestoneStatus,
 } from "../gsd-db.js";
 import { resolveMilestonePath, clearPathCache } from "../paths.js";
 import { saveFile, clearParseCache } from "../files.js";
@@ -165,13 +165,7 @@ export async function handleCompleteMilestone(
     }
     // All guards passed — perform write
-    const adapter = _getAdapter()!;
-    adapter.prepare(
-      `UPDATE milestones SET status = 'complete', completed_at = :completed_at WHERE id = :mid`,
-    ).run({
-      ":completed_at": completedAt,
-      ":mid": params.milestoneId,
-    });
+    updateMilestoneStatus(params.milestoneId, 'complete', completedAt);
   });
   if (guardError) {
@@ -199,12 +193,7 @@ export async function handleCompleteMilestone(
     process.stderr.write(
       `gsd-db: complete_milestone — disk render failed, rolling back DB status: ${(renderErr as Error).message}\n`,
     );
-    const rollbackAdapter = _getAdapter();
-    if (rollbackAdapter) {
-      rollbackAdapter.prepare(
-        `UPDATE milestones SET status = 'active', completed_at = NULL WHERE id = :mid`,
-      ).run({ ":mid": params.milestoneId });
-    }
+    updateMilestoneStatus(params.milestoneId, 'active', null);
     invalidateStateCache();
     return { error: `disk render failed: ${(renderErr as Error).message}` };
   }

package/src/resources/extensions/gsd/tools/complete-slice.ts CHANGED Viewed

@@ -19,7 +19,7 @@ import {
   getSliceTasks,
   getMilestone,
   updateSliceStatus,
-  _getAdapter,
+  setSliceSummaryMd,
 } from "../gsd-db.js";
 import { resolveSliceFile, resolveSlicePath, clearPathCache } from "../paths.js";
 import { checkOwnership, sliceUnitKey } from "../unit-ownership.js";
@@ -299,31 +299,13 @@ export async function handleCompleteSlice(
     process.stderr.write(
       `gsd-db: complete_slice — disk render failed, rolling back DB status: ${(renderErr as Error).message}\n`,
     );
-    const rollbackAdapter = _getAdapter();
-    if (rollbackAdapter) {
-      rollbackAdapter.prepare(
-        `UPDATE slices SET status = 'pending' WHERE milestone_id = :mid AND id = :sid`,
-      ).run({
-        ":mid": params.milestoneId,
-        ":sid": params.sliceId,
-      });
-    }
+    updateSliceStatus(params.milestoneId, params.sliceId, 'pending');
     invalidateStateCache();
     return { error: `disk render failed: ${(renderErr as Error).message}` };
   }
   // Store rendered markdown in DB for D004 recovery
-  const adapter = _getAdapter();
-  if (adapter) {
-    adapter.prepare(
-      `UPDATE slices SET full_summary_md = :summary_md, full_uat_md = :uat_md WHERE milestone_id = :mid AND id = :sid`,
-    ).run({
-      ":summary_md": summaryMd,
-      ":uat_md": uatMd,
-      ":mid": params.milestoneId,
-      ":sid": params.sliceId,
-    });
-  }
+  setSliceSummaryMd(params.milestoneId, params.sliceId, summaryMd, uatMd);
   // Invalidate all caches
   invalidateStateCache();

package/src/resources/extensions/gsd/tools/complete-task.ts CHANGED Viewed

@@ -20,7 +20,9 @@ import {
   getMilestone,
   getSlice,
   getTask,
-  _getAdapter,
+  updateTaskStatus,
+  setTaskSummaryMd,
+  deleteVerificationEvidence,
 } from "../gsd-db.js";
 import { resolveSliceFile, resolveTasksDir, clearPathCache } from "../paths.js";
 import { checkOwnership, taskUnitKey } from "../unit-ownership.js";
@@ -248,32 +250,17 @@ export async function handleCompleteTask(
     process.stderr.write(
       `gsd-db: complete_task — disk render failed, rolling back DB status: ${(renderErr as Error).message}\n`,
     );
-    const rollbackAdapter = _getAdapter();
-    if (rollbackAdapter) {
-      rollbackAdapter.prepare(
-        `UPDATE tasks SET status = 'pending' WHERE milestone_id = :mid AND slice_id = :sid AND id = :tid`,
-      ).run({
-        ":mid": params.milestoneId,
-        ":sid": params.sliceId,
-        ":tid": params.taskId,
-      });
-    }
+    // Delete orphaned verification_evidence rows first (FK constraint
+    // references tasks, so evidence must go before status change).
+    // Without this, retries accumulate duplicate evidence rows (#2724).
+    deleteVerificationEvidence(params.milestoneId, params.sliceId, params.taskId);
+    updateTaskStatus(params.milestoneId, params.sliceId, params.taskId, 'pending');
     invalidateStateCache();
     return { error: `disk render failed: ${(renderErr as Error).message}` };
   }
   // Store rendered markdown in DB for D004 recovery
-  const adapter = _getAdapter();
-  if (adapter) {
-    adapter.prepare(
-      `UPDATE tasks SET full_summary_md = :md WHERE milestone_id = :mid AND slice_id = :sid AND id = :tid`,
-    ).run({
-      ":md": summaryMd,
-      ":mid": params.milestoneId,
-      ":sid": params.sliceId,
-      ":tid": params.taskId,
-    });
-  }
+  setTaskSummaryMd(params.milestoneId, params.sliceId, params.taskId, summaryMd);
   // Invalidate all caches
   invalidateStateCache();

package/src/resources/extensions/gsd/tools/plan-milestone.ts CHANGED Viewed

@@ -6,7 +6,6 @@ import {
   insertSlice,
   upsertMilestonePlanning,
   upsertSlicePlanning,
-  _getAdapter,
 } from "../gsd-db.js";
 import { invalidateStateCache } from "../state.js";
 import { renderRoadmapFromDb } from "../markdown-renderer.js";
@@ -189,27 +188,34 @@ export async function handlePlanMilestone(
     return { error: `validation failed: ${(err as Error).message}` };
   }
-  // ── State machine preconditions ─────────────────────────────────────────
-  const existingMilestone = getMilestone(params.milestoneId);
-  if (existingMilestone && (existingMilestone.status === "complete" || existingMilestone.status === "done")) {
-    return { error: `cannot re-plan milestone ${params.milestoneId}: it is already complete` };
-  }
+  // ── Guards + DB writes inside a single transaction (prevents TOCTOU) ───
+  // Guards must be inside the transaction so the state they check cannot
+  // change between the read and the write (#2723).
+  let guardError: string | null = null;
-  // Validate depends_on: all dependencies must exist and be complete
-  if (params.dependsOn && params.dependsOn.length > 0) {
-    for (const depId of params.dependsOn) {
-      const dep = getMilestone(depId);
-      if (!dep) {
-        return { error: `depends_on references unknown milestone: ${depId}` };
+  try {
+    transaction(() => {
+      const existingMilestone = getMilestone(params.milestoneId);
+      if (existingMilestone && (existingMilestone.status === "complete" || existingMilestone.status === "done")) {
+        guardError = `cannot re-plan milestone ${params.milestoneId}: it is already complete`;
+        return;
       }
-      if (dep.status !== "complete" && dep.status !== "done") {
-        return { error: `depends_on milestone ${depId} is not yet complete (status: ${dep.status})` };
+      // Validate depends_on: all dependencies must exist and be complete
+      if (params.dependsOn && params.dependsOn.length > 0) {
+        for (const depId of params.dependsOn) {
+          const dep = getMilestone(depId);
+          if (!dep) {
+            guardError = `depends_on references unknown milestone: ${depId}`;
+            return;
+          }
+          if (dep.status !== "complete" && dep.status !== "done") {
+            guardError = `depends_on milestone ${depId} is not yet complete (status: ${dep.status})`;
+            return;
+          }
+        }
       }
-    }
-  }
-  try {
-    transaction(() => {
       insertMilestone({
         id: params.milestoneId,
         title: params.title,
@@ -254,6 +260,10 @@ export async function handlePlanMilestone(
     return { error: `db write failed: ${(err as Error).message}` };
   }
+  if (guardError) {
+    return { error: guardError };
+  }
   let roadmapPath: string;
   try {
     const renderResult = await renderRoadmapFromDb(basePath, params.milestoneId);

package/src/resources/extensions/gsd/tools/plan-slice.ts CHANGED Viewed

@@ -7,7 +7,6 @@ import {
   upsertSlicePlanning,
   upsertTaskPlanning,
   insertGateRow,
-  _getAdapter,
 } from "../gsd-db.js";
 import type { GateId } from "../types.js";
 import { invalidateStateCache } from "../state.js";
@@ -146,24 +145,33 @@ export async function handlePlanSlice(
     return { error: `validation failed: ${(err as Error).message}` };
   }
-  const parentMilestone = getMilestone(params.milestoneId);
-  if (!parentMilestone) {
-    return { error: `milestone not found: ${params.milestoneId}` };
-  }
-  if (parentMilestone.status === "complete" || parentMilestone.status === "done") {
-    return { error: `cannot plan slice in a closed milestone: ${params.milestoneId} (status: ${parentMilestone.status})` };
-  }
-  const parentSlice = getSlice(params.milestoneId, params.sliceId);
-  if (!parentSlice) {
-    return { error: `missing parent slice: ${params.milestoneId}/${params.sliceId}` };
-  }
-  if (parentSlice.status === "complete" || parentSlice.status === "done") {
-    return { error: `cannot re-plan slice ${params.sliceId}: it is already complete — use gsd_slice_reopen first` };
-  }
+  // ── Guards + DB writes inside a single transaction (prevents TOCTOU) ───
+  // Guards must be inside the transaction so the state they check cannot
+  // change between the read and the write (#2723).
+  let guardError: string | null = null;
   try {
     transaction(() => {
+      const parentMilestone = getMilestone(params.milestoneId);
+      if (!parentMilestone) {
+        guardError = `milestone not found: ${params.milestoneId}`;
+        return;
+      }
+      if (parentMilestone.status === "complete" || parentMilestone.status === "done") {
+        guardError = `cannot plan slice in a closed milestone: ${params.milestoneId} (status: ${parentMilestone.status})`;
+        return;
+      }
+      const parentSlice = getSlice(params.milestoneId, params.sliceId);
+      if (!parentSlice) {
+        guardError = `missing parent slice: ${params.milestoneId}/${params.sliceId}`;
+        return;
+      }
+      if (parentSlice.status === "complete" || parentSlice.status === "done") {
+        guardError = `cannot re-plan slice ${params.sliceId}: it is already complete — use gsd_slice_reopen first`;
+        return;
+      }
       upsertSlicePlanning(params.milestoneId, params.sliceId, {
         goal: params.goal,
         successCriteria: params.successCriteria,
@@ -211,6 +219,10 @@ export async function handlePlanSlice(
     return { error: `db write failed: ${(err as Error).message}` };
   }
+  if (guardError) {
+    return { error: guardError };
+  }
   try {
     const renderResult = await renderPlanFromDb(basePath, params.milestoneId, params.sliceId);
     invalidateStateCache();

package/src/resources/extensions/gsd/tools/plan-task.ts CHANGED Viewed

@@ -77,21 +77,29 @@ export async function handlePlanTask(
     return { error: `validation failed: ${(err as Error).message}` };
   }
-  const parentSlice = getSlice(params.milestoneId, params.sliceId);
-  if (!parentSlice) {
-    return { error: `missing parent slice: ${params.milestoneId}/${params.sliceId}` };
-  }
-  if (parentSlice.status === "complete" || parentSlice.status === "done") {
-    return { error: `cannot plan task in a closed slice: ${params.sliceId} (status: ${parentSlice.status})` };
-  }
-  const existingTask = getTask(params.milestoneId, params.sliceId, params.taskId);
-  if (existingTask && (existingTask.status === "complete" || existingTask.status === "done")) {
-    return { error: `cannot re-plan task ${params.taskId}: it is already complete — use gsd_task_reopen first` };
-  }
+  // ── Guards + DB writes inside a single transaction (prevents TOCTOU) ───
+  // Guards must be inside the transaction so the state they check cannot
+  // change between the read and the write (#2723).
+  let guardError: string | null = null;
   try {
     transaction(() => {
+      const parentSlice = getSlice(params.milestoneId, params.sliceId);
+      if (!parentSlice) {
+        guardError = `missing parent slice: ${params.milestoneId}/${params.sliceId}`;
+        return;
+      }
+      if (parentSlice.status === "complete" || parentSlice.status === "done") {
+        guardError = `cannot plan task in a closed slice: ${params.sliceId} (status: ${parentSlice.status})`;
+        return;
+      }
+      const existingTask = getTask(params.milestoneId, params.sliceId, params.taskId);
+      if (existingTask && (existingTask.status === "complete" || existingTask.status === "done")) {
+        guardError = `cannot re-plan task ${params.taskId}: it is already complete — use gsd_task_reopen first`;
+        return;
+      }
       if (!existingTask) {
         insertTask({
           id: params.taskId,
@@ -117,6 +125,10 @@ export async function handlePlanTask(
     return { error: `db write failed: ${(err as Error).message}` };
   }
+  if (guardError) {
+    return { error: guardError };
+  }
   try {
     const renderResult = await renderTaskPlanFromDb(basePath, params.milestoneId, params.sliceId, params.taskId);
     invalidateStateCache();

package/src/resources/extensions/gsd/tools/reassess-roadmap.ts CHANGED Viewed

@@ -104,47 +104,6 @@ export async function handleReassessRoadmap(
     return { error: `validation failed: ${(err as Error).message}` };
   }
-  // ── Verify milestone exists and is active ────────────────────────
-  const milestone = getMilestone(params.milestoneId);
-  if (!milestone) {
-    return { error: `milestone not found: ${params.milestoneId}` };
-  }
-  if (milestone.status === "complete" || milestone.status === "done") {
-    return { error: `cannot reassess a closed milestone: ${params.milestoneId} (status: ${milestone.status})` };
-  }
-  // ── Verify completedSliceId is actually complete ──────────────────
-  const completedSlice = getSlice(params.milestoneId, params.completedSliceId);
-  if (!completedSlice) {
-    return { error: `completedSliceId not found: ${params.milestoneId}/${params.completedSliceId}` };
-  }
-  if (completedSlice.status !== "complete" && completedSlice.status !== "done") {
-    return { error: `completedSliceId ${params.completedSliceId} is not complete (status: ${completedSlice.status}) — reassess can only be called after a slice finishes` };
-  }
-  // ── Structural enforcement ────────────────────────────────────────
-  const existingSlices = getMilestoneSlices(params.milestoneId);
-  const completedSliceIds = new Set<string>();
-  for (const slice of existingSlices) {
-    if (slice.status === "complete" || slice.status === "done") {
-      completedSliceIds.add(slice.id);
-    }
-  }
-  // Reject modifications to completed slices
-  for (const modifiedSlice of params.sliceChanges.modified) {
-    if (completedSliceIds.has(modifiedSlice.sliceId)) {
-      return { error: `cannot modify completed slice ${modifiedSlice.sliceId}` };
-    }
-  }
-  // Reject removal of completed slices
-  for (const removedId of params.sliceChanges.removed) {
-    if (completedSliceIds.has(removedId)) {
-      return { error: `cannot remove completed slice ${removedId}` };
-    }
-  }
   // ── Compute assessment artifact path ──────────────────────────────
   // Assessment lives in the completed slice's directory
   const assessmentRelPath = join(
@@ -153,9 +112,58 @@ export async function handleReassessRoadmap(
     `${params.completedSliceId}-ASSESSMENT.md`,
   );
-  // ── Transaction: DB mutations ─────────────────────────────────────
+  // ── Guards + DB writes inside a single transaction (prevents TOCTOU) ───
+  // Guards must be inside the transaction so the state they check cannot
+  // change between the read and the write (#2723).
+  let guardError: string | null = null;
   try {
     transaction(() => {
+      // Verify milestone exists and is active
+      const milestone = getMilestone(params.milestoneId);
+      if (!milestone) {
+        guardError = `milestone not found: ${params.milestoneId}`;
+        return;
+      }
+      if (milestone.status === "complete" || milestone.status === "done") {
+        guardError = `cannot reassess a closed milestone: ${params.milestoneId} (status: ${milestone.status})`;
+        return;
+      }
+      // Verify completedSliceId is actually complete
+      const completedSlice = getSlice(params.milestoneId, params.completedSliceId);
+      if (!completedSlice) {
+        guardError = `completedSliceId not found: ${params.milestoneId}/${params.completedSliceId}`;
+        return;
+      }
+      if (completedSlice.status !== "complete" && completedSlice.status !== "done") {
+        guardError = `completedSliceId ${params.completedSliceId} is not complete (status: ${completedSlice.status}) — reassess can only be called after a slice finishes`;
+        return;
+      }
+      // Structural enforcement — reject modifications/removal of completed slices
+      const existingSlices = getMilestoneSlices(params.milestoneId);
+      const completedSliceIds = new Set<string>();
+      for (const slice of existingSlices) {
+        if (slice.status === "complete" || slice.status === "done") {
+          completedSliceIds.add(slice.id);
+        }
+      }
+      for (const modifiedSlice of params.sliceChanges.modified) {
+        if (completedSliceIds.has(modifiedSlice.sliceId)) {
+          guardError = `cannot modify completed slice ${modifiedSlice.sliceId}`;
+          return;
+        }
+      }
+      for (const removedId of params.sliceChanges.removed) {
+        if (completedSliceIds.has(removedId)) {
+          guardError = `cannot remove completed slice ${removedId}`;
+          return;
+        }
+      }
       // Record assessment
       insertAssessment({
         path: assessmentRelPath,
@@ -198,6 +206,10 @@ export async function handleReassessRoadmap(
     return { error: `db write failed: ${(err as Error).message}` };
   }
+  if (guardError) {
+    return { error: guardError };
+  }
   // ── Render artifacts ──────────────────────────────────────────────
   try {
     const roadmapResult = await renderRoadmapFromDb(basePath, params.milestoneId);