hypomnema 1.2.0 → 1.3.0

package/hooks/hypo-auto-commit.mjs

@@ -43,9 +43,9 @@ if (staged) {
 }
 
 if (hasRemote()) {
-  // fix #9: pull/push failures must not stop the session, but they can no
-  // longer be swallowed silently — record each to .cache/sync-state.json so
-  // session-start (#10) and doctor (#11) can surface them next session.
+  // pull/push failures must not stop the session, but they can no longer be
+  // swallowed silently — record each to .cache/sync-state.json so session-start
+  // and doctor can surface them next session.
   const pull = git('pull', '--no-rebase', '-q');
   if (pull.status !== 0) appendSyncFailure(HYPO_DIR, 'pull', pull.stderr || pull.stdout);
   const push = git('push');

package/hooks/hypo-auto-minimal-crystallize.mjs

@@ -54,12 +54,17 @@ function emitContinue() {
   console.log(JSON.stringify({ continue: true, suppressOutput: true }));
 }
 
-function emitBlock(sessionId) {
+function emitBlock(sessionId, transcriptPath) {
   // One-line, skill-first. /hypo:crystallize is the documented session-close
   // alias; passing --session-id there writes the per-session marker that clears
   // this block. CLI fallback + bypass live in commands/crystallize.md, not here
   // — keep the Stop reason terse so the actionable instruction stands out.
-  const reason = `[WIKI_AUTOCLOSE] session-close 미완료 — /hypo:crystallize 실행으로 마무리 (session_id=${sessionId}).`;
+  // Surface the transcript path so the close can pass --transcript-path=<path>,
+  // which scopes the marker's lint gate to this session's own files (Bug A
+  // coherence: a marker written without lint would only let Stop pass for
+  // /compact to immediately re-block on the same errors).
+  const transcriptHint = transcriptPath ? ` --transcript-path=${transcriptPath}` : '';
+  const reason = `[WIKI_AUTOCLOSE] session-close 미완료 — /hypo:crystallize 실행으로 마무리 (session_id=${sessionId}${transcriptHint}).`;
   console.log(
     JSON.stringify({
       decision: 'block',
@@ -136,7 +141,7 @@ process.stdin.on('end', () => {
       return;
     }
 
-    emitBlock(sessionId);
+    emitBlock(sessionId, transcriptPath);
   } catch (err) {
     // Fail-open on any unexpected error.
     process.stderr.write(`[hypo-auto-minimal-crystallize] error: ${err?.message ?? String(err)}\n`);

package/hooks/hypo-cwd-change.mjs

@@ -18,6 +18,7 @@ import {
   shouldSuggestProjectCreation,
   buildProjectSuggestionLine,
   recordSuggestionCooldown,
+  sanitizeProjForPrompt,
 } from './hypo-shared.mjs';
 
 const PROJECTS_DIR = join(HYPO_DIR, 'projects');
@@ -98,11 +99,11 @@ process.stdin.on('end', () => {
     if (newHit) {
       const fromFile = readIfNotIgnored(newHit.hotPath, ignorePatterns);
       const content = fromFile ?? '(no hot.md yet — will be created at session close)';
-      // fix #13: arm the first-prompt marker so the NEXT user prompt re-triggers
+      // arm the first-prompt marker so the NEXT user prompt re-triggers
       // hypo-first-prompt, which forces a "Resuming <project>" summary line.
       // Only arm when real hot content was actually injected — if hot.md is
       // missing or .hypoignore'd (fromFile null), there is nothing for the LLM
-      // to summarize, so forcing "Resuming" would be empty noise (codex review).
+      // to summarize, so forcing "Resuming" would be empty noise.
       if (fromFile) {
         try {
           writeFileSync(
@@ -124,10 +125,13 @@ process.stdin.on('end', () => {
       }
       console.log(
         JSON.stringify(
-          buildOutput(`[WIKI: cwd changed → project=${newHit.proj}]\n\n${content}`, {
-            continue: true,
-            suppressOutput: true,
-          }),
+          buildOutput(
+            `[WIKI: cwd changed → project=${sanitizeProjForPrompt(newHit.proj)}]\n\n${content}`,
+            {
+              continue: true,
+              suppressOutput: true,
+            },
+          ),
         ),
       );
       return;

package/hooks/hypo-first-prompt.mjs

@@ -15,7 +15,7 @@
  */
 
 import { readFileSync, unlinkSync, existsSync } from 'fs';
-import { buildOutput, sessionMarkerPath } from './hypo-shared.mjs';
+import { buildOutput, sessionMarkerPath, sanitizeProjForPrompt } from './hypo-shared.mjs';
 
 const MARKER_TTL = 10 * 60 * 1000; // 10 min
 
@@ -49,19 +49,51 @@ process.stdin.on('end', () => {
 
     const hasSnapshot = marker.hasSnapshot ?? (marker.hotPath && existsSync(marker.hotPath));
     const snapshotNote = hasSnapshot ? '' : ' (no snapshot yet — first session)';
-    // fix #13: a cwd-change re-trigger says "Resuming"; a fresh session start
+    // a cwd-change re-trigger says "Resuming"; a fresh session start
     // (default source) says "Previously working on".
     const verb = marker.source === 'cwd-change' ? 'Resuming' : 'Previously working on';
+    // marker.proj originates from a wiki directory name read by findProjectFiles;
+    // sanitize via the shared helper so a hand-crafted project name cannot close
+    // the wrapper tag, smuggle newlines/control chars, or inject conflicting
+    // directives into the resume contract (codex v2 review 2026-05-26).
+    const projSafe = sanitizeProjForPrompt(marker.proj);
+    // When there is no snapshot, the [HOT] / [SESSION STATE] context has nothing
+    // for the model to fill the placeholders with. Provide a concrete fallback
+    // line so the model doesn't leak literal `[one-line summary]` text on a
+    // first-ever session (codex v2 review 2026-05-26).
+    const exampleLine = hasSnapshot
+      ? `${verb} ${projSafe}: [one-line summary]. Continue with [next task]?`
+      : `${verb} ${projSafe}: no prior snapshot yet — first session. What would you like to start with?`;
+    const fillNote = hasSnapshot
+      ? `Replace the bracketed placeholders using the [HOT] / [SESSION STATE] ` +
+        `context already injected this session — do NOT emit the literal brackets.`
+      : `Use the line above verbatim — there is no prior snapshot to summarize.`;
 
     console.log(
       JSON.stringify(
         buildOutput(
-          `[WIKI SESSION START: project=${marker.proj}${snapshotNote}]\n` +
-            `Before addressing the user's message, lead your FIRST reply with exactly one line:\n` +
-            `"${verb} ${marker.proj}: <one-line summary>. Continue with <next task>?"\n` +
-            `Draw <one-line summary> and <next task> from the [HOT] / [SESSION STATE] ` +
-            `context already injected this session. Inject this line unconditionally — ` +
-            `even if the user's first message is unrelated or a simple question — then answer normally.`,
+          `<hypomnema-session-resume>\n` +
+            `[WIKI SESSION START: project=${projSafe}${snapshotNote}]\n` +
+            `\n` +
+            `Lead your FIRST reply this session with exactly one line in this shape:\n` +
+            `\n` +
+            `${exampleLine}\n` +
+            `\n` +
+            `${fillNote}\n` +
+            `\n` +
+            `Emit this line unconditionally on the first prompt, including when the ` +
+            `user's message is:\n` +
+            `  • a simple greeting ("안녕", "hi", "hello")\n` +
+            `  • a trivial question or unrelated topic\n` +
+            `  • a one-word reply\n` +
+            `\n` +
+            `Do not skip it, do not decide it is "not relevant", do not shorten the ` +
+            `reply to omit it. After the line, answer the user's actual message on the ` +
+            `following line(s) as normal.\n` +
+            `\n` +
+            `This is the Hypomnema session-resume contract — the user relies on this ` +
+            `line to confirm which project context is loaded.\n` +
+            `</hypomnema-session-resume>`,
           { continue: true, suppressOutput: true },
         ),
       ),

package/hooks/hypo-personal-check.mjs

@@ -33,6 +33,9 @@ import {
   isGateSkipped,
   isClosePattern,
   extractUserMessages,
+  extractTouchedWikiFiles,
+  closeFileTargets,
+  partitionLintScope,
 } from './hypo-shared.mjs';
 
 const WARNING_FILE = join(homedir(), '.claude', 'state', 'wiki-context-warning.json');
@@ -92,7 +95,7 @@ process.stdin.on('end', () => {
 
   const gitStatus = hypoIsClean();
   const hotStatus = hotMdIsClean();
-  // fix #17: strict session-close (steps 1~6 of the 11-step crystallize
+  // strict session-close (steps 1~6 of the 11-step crystallize
   // checklist). closeFiles gates the 5 mandatory files (steps 1-4 + log.md);
   // open-questions.md (step 5) is conditional ("변경 시") and intentionally
   // ungated — see hypo-shared.mjs sessionCloseFileStatus and spec §5.2.7.
@@ -107,6 +110,7 @@ process.stdin.on('end', () => {
   const lintPath = PKG_ROOT ? join(PKG_ROOT, 'scripts', 'lint.mjs') : null;
   let lintBlockers = [];
   let lintW8 = [];
+  let lintNotices = []; // pre-existing debt in files this session did not touch
   let lintSkipped = false;
   if (!lintPath || !existsSync(lintPath)) {
     lintSkipped = true;
@@ -118,8 +122,35 @@ process.stdin.on('end', () => {
         timeout: 30000,
       });
       const parsed = JSON.parse(r.stdout || '{}');
-      lintBlockers = parsed.errors || [];
-      lintW8 = (parsed.warns || []).filter((w) => w.id === 'W8');
+      const allErrors = parsed.errors || [];
+      const allW8 = (parsed.warns || []).filter((w) => w.id === 'W8');
+      // Bug B: judge this session on the files IT touched, not the whole vault.
+      // A readable transcript lets us scope (edited files ∪ mandatory close
+      // files); a missing/unreadable transcript falls back to the conservative
+      // global gate (never weaker than before).
+      const haveTranscript = !!(transcriptPath && existsSync(transcriptPath));
+      if (haveTranscript) {
+        const scope = new Set([
+          ...extractTouchedWikiFiles(transcriptPath, HYPO_DIR),
+          ...closeFileTargets(HYPO_DIR),
+        ]);
+        const part = partitionLintScope(allErrors, scope);
+        lintBlockers = part.blocking;
+        lintNotices = part.notice;
+        // W8 (design-history stale) is the CURRENT project's close
+        // responsibility, not cross-project debt — block on the active
+        // project's, surface others' as notices.
+        if (closeFiles.project) {
+          const mine = `projects/${closeFiles.project}/design-history.md`;
+          lintW8 = allW8.filter((w) => w.file === mine);
+          lintNotices.push(...allW8.filter((w) => w.file !== mine));
+        } else {
+          lintW8 = allW8;
+        }
+      } else {
+        lintBlockers = allErrors;
+        lintW8 = allW8;
+      }
     } catch (err) {
       /* fail-open */
       process.stderr.write(`[hypo-personal-check] error: ${err?.message ?? String(err)}\n`);
@@ -128,6 +159,16 @@ process.stdin.on('end', () => {
 
   const lintOk = lintBlockers.length === 0;
   const designHistoryOk = lintW8.length === 0;
+  // Non-blocking heads-up about pre-existing lint debt in untouched files (other
+  // projects / shared pages). Surfaced so it is visible but never blocks compact.
+  const noticeText =
+    lintNotices.length > 0
+      ? `[WIKI CHECK] ${lintNotices.length} pre-existing lint issue(s) in files this session did not touch (not blocking): ${[
+          ...new Set(lintNotices.map((b) => b.file)),
+        ]
+          .slice(0, 5)
+          .join(', ')}${lintNotices.length > 5 ? ', …' : ''} — clean up when convenient.`
+      : '';
 
   // ── fix #37 Phase C: feedback projection drift (ADR 0031) ──
   // Single blocking gate invariant (spec §7.5): integrate into THIS hook, never
@@ -169,8 +210,8 @@ process.stdin.on('end', () => {
         // ONLY when some target has a genuine, actionable issue (drift,
         // conflict, over-cap, or a malformed managed region). buildError is
         // never actionable here, so any mix that lacks a real issue fails open
-        // — including memory:clean + claude:buildError (codex review: the prior
-        // `every(buildError)` predicate wrongly blocked that case). Mirrors
+        // — including memory:clean + claude:buildError, where the prior
+        // `every(buildError)` predicate wrongly blocked that case. Mirrors
         // doctor's buildError→warn (non-fatal) handling.
         let report = null;
         try {
@@ -210,7 +251,13 @@ process.stdin.on('end', () => {
     closeFiles.ok &&
     feedbackOk
   ) {
-    console.log(JSON.stringify({ continue: true, suppressOutput: true }));
+    console.log(
+      JSON.stringify(
+        noticeText
+          ? { continue: true, systemMessage: noticeText }
+          : { continue: true, suppressOutput: true },
+      ),
+    );
     return;
   }
 
@@ -241,7 +288,9 @@ process.stdin.on('end', () => {
     !gitStatus.clean ? gitStatus.reason : '',
     !hotStatus.clean ? hotStatus.reason : '',
     !closeFiles.ok ? closeFilesReason : '',
-    !lintOk ? `lint blockers: ${lintBlockers.map((b) => b.id).join(', ')}` : '',
+    !lintOk
+      ? `lint blockers: ${[...new Set(lintBlockers.map((b) => b.id || b.file))].join(', ')}`
+      : '',
     !designHistoryOk
       ? `design-history stale: ${lintW8.map((w) => w.file.split('/')[1]).join(', ')}`
       : '',
@@ -265,7 +314,9 @@ process.stdin.on('end', () => {
       `  [ ] 9. hot.md    — update projects/<name>/hot.md (no exceptions)`,
       `  [ ] 10. root hot.md — update ~/hypomnema/hot.md active project table`,
       `  [ ] 11. updated: field — verify today's date on all touched .md files`,
-      `  [ ] 12. git commit & push`,
+      `  [ ] 12. lint — run scripts/lint.mjs; fix errors in files YOU touched`,
+      `           (other projects' / shared-page debt is reported as non-blocking notice)`,
+      `  [ ] 13. git commit & push`,
     ].join('\n');
 
   const closeIntentNote = hasCloseIntent
@@ -280,6 +331,7 @@ process.stdin.on('end', () => {
         `Run the checklist below in order, then retry /compact:`,
         ``,
         checklistText,
+        ...(noticeText ? ['', noticeText] : []),
         ``,
         `Trivial session? Bypass with HYPO_SKIP_GATE=1`,
       ].join('\n'),

package/hooks/hypo-session-start.mjs

@@ -27,6 +27,7 @@ import {
   shouldSuggestProjectCreation,
   buildProjectSuggestionLine,
   recordSuggestionCooldown,
+  sanitizeProjForPrompt,
 } from './hypo-shared.mjs';
 import {
   defaultCachePath,
@@ -36,6 +37,10 @@ import {
   computeNotice,
   markNotified,
   isOptedOut,
+  resolveCliOnPath,
+  computeSiblingNotice,
+  siblingAlreadyNotified,
+  markSiblingNotified,
 } from './version-check.mjs';
 
 // Privacy guard: refuse to read+inject .hypoignore-matched
@@ -118,6 +123,45 @@ function buildUpdateNotice() {
   }
 }
 
+/**
+ * Stale-sibling notice (ADR 0038, D3). The update-notifier above only knows
+ * whether the ACTIVE install is behind latest — it is blind to an OLDER sibling
+ * that owns the `hypomnema` bin on PATH. That sibling is the live footgun:
+ * running `hypomnema init`/`upgrade` through it downgrades the active hooks.
+ *
+ * This is the ONLY surface that reaches a user already in that state, because it
+ * runs from the (newer) active hook — `doctor` invoked via the stale CLI would
+ * run the stale doctor. fs-only (no npm/which spawn). Throttled via the cache so
+ * it nags once per (cliPath@cliVersion → activeVersion) tuple. Best-effort.
+ */
+function buildSiblingNotice() {
+  try {
+    if (isOptedOut()) return '';
+    // Active install identity = hypo-pkg.json (what init/upgrade write). This is
+    // the authoritative pkgRoot+version; ACTIVE_ROOT (~/.claude) has no package.json.
+    let active = null;
+    try {
+      active = JSON.parse(readFileSync(join(homedir(), '.claude', 'hypo-pkg.json'), 'utf-8'));
+    } catch {
+      return ''; // no active metadata → nothing to compare a sibling against
+    }
+    if (!active || !active.pkgVersion) return '';
+    const cli = resolveCliOnPath('hypomnema');
+    const notice = computeSiblingNotice(cli, {
+      pkgRoot: active.pkgRoot,
+      version: active.pkgVersion,
+    });
+    if (!notice) return '';
+    const cachePath = defaultCachePath();
+    const cache = readCache(cachePath);
+    if (siblingAlreadyNotified(cache, notice.key)) return '';
+    markSiblingNotified(cachePath, notice.key);
+    return notice.line;
+  } catch {
+    return '';
+  }
+}
+
 const PROJECTS_DIR = join(HYPO_DIR, 'projects');
 const GROWTH_CACHE = join(HYPO_DIR, '.cache', 'last-session-growth.json');
 
@@ -169,7 +213,7 @@ function gitPull(dir) {
 
 /**
  * fix #10: surface unresolved sync failures recorded by a prior session's
- * Stop hook (#9). The entry is cleared only once this session's pull has
+ * Stop hook (fix #9). The entry is cleared only once this session's pull has
  * succeeded AND there is no unpushed commit left behind by a failed push
  * (`[ahead N]`).
  *
@@ -288,23 +332,27 @@ process.stdin.on('end', () => {
     const pullOk = gitPull(HYPO_DIR);
     const syncLine = syncStateNotice(pullOk);
     const growthLine = readLastGrowthLine();
-    // fix #25 PR-A2 (ADR 0022 amendment): on source='clear', surface the dying
+    // ADR 0022 amendment: on source='clear', surface the dying
     // session's identity that hypo-session-end stashed so Claude can recover
     // session-close work that /clear skipped. One-shot: marker is unlinked
     // immediately after read.
     const clearRecoveryLine = buildClearRecoveryLine(data.source);
     const updateLine = buildUpdateNotice();
+    const siblingLine = buildSiblingNotice();
     // Intentional dual emit: stderr (yellow/cyan) is the human-visible nudge in
     // the terminal; noticePrefix injects the same plain-text lines into the
     // LLM's additionalContext so model and user start the session looking at
     // the same state. ANSI escapes are kept out of additionalContext on purpose.
-    const notices = [syncLine, growthLine, clearRecoveryLine, updateLine].filter(Boolean);
+    const notices = [syncLine, growthLine, clearRecoveryLine, updateLine, siblingLine].filter(
+      Boolean,
+    );
     let noticePrefix = notices.length ? `${notices.join('\n\n')}\n\n` : '';
     if (syncLine) process.stderr.write(`\n\x1b[33m${syncLine}\x1b[0m\n`);
     if (growthLine) process.stderr.write(`\n\x1b[36m${growthLine}\x1b[0m\n`);
     if (clearRecoveryLine)
       process.stderr.write(`\n\x1b[33m${clearRecoveryLine.split('\n')[0]}\x1b[0m\n`);
     if (updateLine) process.stderr.write(`\n\x1b[33m${updateLine}\x1b[0m\n`);
+    if (siblingLine) process.stderr.write(`\n\x1b[33m${siblingLine}\x1b[0m\n`);
     const cwd = data.cwd || data.directory || process.cwd();
     const sessionId = data.session_id || 'default';
     const MARKER_FILE = sessionMarkerPath(sessionId);
@@ -334,7 +382,7 @@ process.stdin.on('end', () => {
         console.log(
           JSON.stringify(
             buildOutput(
-              `${noticePrefix}[WIKI HOT CACHE: project=${hit.proj}]\n\n${parts.join('\n\n')}`,
+              `${noticePrefix}[WIKI HOT CACHE: project=${sanitizeProjForPrompt(hit.proj)}]\n\n${parts.join('\n\n')}`,
               { continue: true, suppressOutput: true },
             ),
           ),
@@ -349,10 +397,13 @@ process.stdin.on('end', () => {
         );
         console.log(
           JSON.stringify(
-            buildOutput(`${noticePrefix}[WIKI HOT CACHE: project=${hit.proj}, no snapshot yet]`, {
-              continue: true,
-              suppressOutput: true,
-            }),
+            buildOutput(
+              `${noticePrefix}[WIKI HOT CACHE: project=${sanitizeProjForPrompt(hit.proj)}, no snapshot yet]`,
+              {
+                continue: true,
+                suppressOutput: true,
+              },
+            ),
           ),
         );
       }
@@ -385,7 +436,7 @@ process.stdin.on('end', () => {
     if (!globalContent) {
       // GLOBAL_HOT exists but is empty or .hypoignore'd — still surface any
       // pending notices (sync state, growth, AND the auto-project offer), which
-      // would otherwise be silently dropped here (codex review 2026-05-22).
+      // would otherwise be silently dropped here.
       const notice = notices.join('\n\n');
       if (notice) {
         console.log(JSON.stringify(buildOutput(notice, { continue: true, suppressOutput: true })));

package/hooks/hypo-shared.mjs

@@ -17,13 +17,35 @@ const HOME = homedir();
 // hypo-session-start / hypo-cwd-change WRITE this marker; hypo-first-prompt
 // READS + unlinks it. The session_id comes from the Claude Code runtime (a
 // UUID), but we sanitize defensively so a malformed id with path separators or
-// `..` can never escape tmpdir or collide on an empty value (codex review
-// 2026-05-21, fix #3/#13). Non-alphanumeric chars collapse to `_`.
+// `..` can never escape tmpdir or collide on an empty value. Non-alphanumeric
+// chars collapse to `_`.
 export function sessionMarkerPath(sessionId) {
   const safe = String(sessionId || 'default').replace(/[^A-Za-z0-9._-]/g, '_') || 'default';
   return join(tmpdir(), `hypo-session-marker-${safe}.json`);
 }
 
+// ── project name sanitizer for prompt-facing interpolation ─────────────────
+// marker.proj is read from a wiki directory name (findProjectFiles) and
+// interpolated into LLM-facing additionalContext strings by multiple hooks.
+// A manually-crafted directory name could otherwise close a wrapping tag,
+// smuggle a newline, or inject conflicting instructions. Centralized so the
+// three injection sites stay in lock-step (codex v2 review 2026-05-26 —
+// addresses shared-helper concern across hypo-first-prompt / hypo-session-start
+// / hypo-cwd-change).
+//
+// Strips: angle brackets, control chars (C0 + C1), Unicode line separators
+// (U+2028 / U+2029), then collapses whitespace and caps length.
+export function sanitizeProjForPrompt(raw, fallback = 'unknown') {
+  const cleaned = String(raw || fallback)
+    .replace(/[<>\[\]]/g, '_')
+    // eslint-disable-next-line no-control-regex
+    .replace(/[\u0000-\u001F\u007F-\u009F\u2028\u2029]/g, ' ')
+    .replace(/\s+/g, ' ')
+    .trim()
+    .slice(0, 80);
+  return cleaned || fallback;
+}
+
 // ── wiki root resolution ────────────────────────────────────────────────────
 
 function expandHome(p) {
@@ -185,8 +207,8 @@ export function hasSessionLogHeading(content, date) {
  * "foo-bar" (hyphen is non-word). The canonical log format always separates the
  * project slug from anything that follows by whitespace or end-of-line, so the
  * lookahead correctly rejects "session | foo-bar" when looking for "foo".
- * (Reported by codex review of fix #38 — was a pre-existing bug in
- * sessionCloseFileStatus that the helper extraction inherited.)
+ * (Was a pre-existing bug in sessionCloseFileStatus that the helper extraction
+ * inherited.)
  */
 export function hasLogEntry(content, date, project) {
   return new RegExp(
@@ -221,7 +243,9 @@ export function resolveActiveProject(hypoDir) {
   if (!existsSync(hotPath)) return null;
   let content;
   try {
-    content = readFileSync(hotPath, 'utf-8');
+    // Strip HTML comments before parsing so the canonical-format example row
+    // in templates/hot.md (`<!-- Row format: ... -->`) is not picked up as data.
+    content = readFileSync(hotPath, 'utf-8').replace(/<!--[\s\S]*?-->/g, '');
   } catch {
     return null;
   }
@@ -334,9 +358,9 @@ export function sessionCloseFileStatus(hypoDir) {
 
 // ── sync-state ────────────────────────────────────────────
 // `.cache/sync-state.json` is JSONL: one {timestamp, op, error, host} entry per
-// line. hypo-auto-commit (#9) appends on pull/push failure; hypo-session-start
-// (#10) surfaces open entries and clears them once sync is healthy again;
-// doctor (#11) warns while entries remain. Keep the schema defined here only.
+// line. hypo-auto-commit (fix #9) appends on pull/push failure; hypo-session-start
+// (fix #10) surfaces open entries and clears them once sync is healthy again;
+// doctor (fix #11) warns while entries remain. Keep the schema defined here only.
 
 /** @returns {string} path to the sync-state JSONL file for a wiki root. */
 function syncStatePath(hypoDir) {
@@ -503,14 +527,12 @@ export function shouldSuggestProjectCreation(cwd, hypoDir = HYPO_DIR, now = Date
  * Build the §8.11 auto-project offer line for a cwd. The display name is the
  * cwd basename, which is attacker-influenced (a directory name can contain
  * newlines/control chars on Unix). Strip control characters and length-cap it
- * so a crafted dir name cannot spoof extra instructions in additionalContext
- * (codex review 2026-05-22).
+ * so a crafted dir name cannot spoof extra instructions in additionalContext.
  */
 export function buildProjectSuggestionLine(cwd) {
   // Replace any control char (code < 0x20 or === 0x7F) with a space so a
-  // crafted dir name cannot inject newlines/instructions into additionalContext
-  // (codex review 2026-05-22). Done by codepoint to keep control bytes out of
-  // this source file.
+  // crafted dir name cannot inject newlines/instructions into additionalContext.
+  // Done by codepoint to keep control bytes out of this source file.
   const sanitized = Array.from(basename(cwd))
     .map((ch) => {
       const code = ch.codePointAt(0);
@@ -779,6 +801,133 @@ export function hasMutatingTranscriptActivity(transcriptPath) {
   return false;
 }
 
+// ── session-scoped lint classification ──────────────────────────────────────
+// Bug A/B fix: the close gate must judge a session on the files IT touched, not
+// the whole vault. Lint debt from another project/session (often in shared
+// pages/) must not block this session's close/compact. Two scope builders feed
+// one shared classifier: transcript-derived (hooks + standalone marker) and
+// close-file/payload-derived (the documented apply path writes via Bash, so its
+// files never appear as Edit/Write file_paths and must be seeded explicitly).
+
+const MUTATING_FILE_TOOLS = new Set(['Edit', 'Write', 'MultiEdit', 'NotebookEdit']);
+
+/** Pull file_path/notebook_path args from mutating tool_use blocks in one
+ *  transcript entry. Mirrors extractTranscriptToolNames' shape handling
+ *  (top-level tool_use + nested message.content[] blocks). */
+function extractTranscriptToolFilePaths(entry) {
+  const paths = [];
+  if (!entry || typeof entry !== 'object') return paths;
+  const pull = (name, input) => {
+    if (!name || !MUTATING_FILE_TOOLS.has(name) || !input || typeof input !== 'object') return;
+    const fp = input.file_path || input.notebook_path;
+    if (typeof fp === 'string' && fp) paths.push(fp);
+  };
+  if (entry.type === 'tool_use') pull(entry.name || entry.tool_name, entry.input);
+  const content = entry.message?.content ?? (Array.isArray(entry.content) ? entry.content : null);
+  if (Array.isArray(content)) {
+    for (const block of content) {
+      if (block && typeof block === 'object' && block.type === 'tool_use') {
+        pull(block.name || block.tool_name, block.input);
+      }
+    }
+  }
+  return paths;
+}
+
+/** Normalize an absolute path to a repo-relative POSIX path under hypoDir, or
+ *  null if it resolves outside the wiki. */
+function toHypoRel(absPath, hypoDir) {
+  let rel;
+  try {
+    rel = relative(hypoDir, absPath);
+  } catch {
+    return null;
+  }
+  if (!rel || rel.startsWith('..') || rel.startsWith('/')) return null;
+  return rel.split('\\').join('/');
+}
+
+/**
+ * Repo-relative POSIX paths of wiki files this session edited via direct
+ * Edit/Write/MultiEdit/NotebookEdit tool_use. Returns a Set; empty when the
+ * transcript is missing/unreadable (callers decide the fallback). A per-line
+ * JSON parse error skips that line only (transcripts occasionally truncate).
+ */
+export function extractTouchedWikiFiles(transcriptPath, hypoDir) {
+  const out = new Set();
+  if (!transcriptPath || typeof transcriptPath !== 'string' || !existsSync(transcriptPath)) {
+    return out;
+  }
+  let raw;
+  try {
+    raw = readFileSync(transcriptPath, 'utf-8');
+  } catch {
+    return out;
+  }
+  for (const line of raw.split('\n')) {
+    const t = line.trim();
+    if (!t) continue;
+    let entry;
+    try {
+      entry = JSON.parse(t);
+    } catch {
+      continue;
+    }
+    for (const fp of extractTranscriptToolFilePaths(entry)) {
+      const rel = toHypoRel(fp, hypoDir);
+      if (rel) out.add(rel);
+    }
+  }
+  return out;
+}
+
+/**
+ * The mandatory session-close files (repo-relative POSIX). The documented close
+ * path `crystallize.mjs --apply-session-close` writes these from inside a Bash
+ * call, so they never surface as Edit/Write file_paths — they must seed the
+ * scoped-lint set explicitly or a close-introduced error would escape the gate.
+ * Mirrors the file list in sessionCloseFileStatus.
+ */
+export function closeFileTargets(hypoDir) {
+  const out = new Set(['hot.md', 'log.md']);
+  const project = resolveActiveProject(hypoDir);
+  if (project) {
+    out.add(`projects/${project}/session-state.md`);
+    out.add(`projects/${project}/hot.md`);
+    const month = freshDates()[0].slice(0, 7);
+    out.add(`projects/${project}/session-log/${month}.md`);
+  }
+  return out;
+}
+
+/** Normalize a path's separators to POSIX so scope membership is OS-independent.
+ *  lint.mjs emits `file` via path.relative (back-slashes on Windows) while the
+ *  scope builders produce forward-slash paths — normalize both sides. */
+function posixPath(p) {
+  return (p || '').split('\\').join('/');
+}
+
+/**
+ * Partition lint findings into `blocking` (a file this session is accountable
+ * for) vs `notice` (pre-existing debt elsewhere — surfaced, not blocking).
+ *
+ * `scope` = iterable of repo-relative paths the session is accountable for.
+ * Membership is exact on the normalized path. Only findings passed in are
+ * classified — callers pass lint ERRORS; broken wikilinks (lint W4 warnings) are
+ * intentionally warn-only (forward references to planned pages are normal in a
+ * wiki) and are NOT promoted to blocking by this gate.
+ */
+export function partitionLintScope(findings, scope) {
+  const normScope = new Set([...scope].map(posixPath));
+  const blocking = [];
+  const notice = [];
+  for (const f of findings || []) {
+    if (normScope.has(posixPath(f.file))) blocking.push(f);
+    else notice.push(f);
+  }
+  return { blocking, notice };
+}
+
 // ── session-close checklist ────────────────────────────────────────────────
 
 /**