npm - leerness - Versions diffs - 1.9.3 → 1.9.5 - Mend

leerness 1.9.3 → 1.9.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,37 @@
 # Changelog
+## 1.9.5 — 2026-05-08
+1.9.4 운영 중 발견된 한계 2건 + 추가 디버그 사항을 패치합니다.
+### Fixed
+- **F. `task fix-evidence --set` link 보존**: 기존 evidence의 `plan:M-XXXX` 링크를 새 텍스트에 자동으로 `(plan:M-XXXX)` 형태로 부착. `--no-preserve-link`로 끌 수 있음. 이전엔 링크가 사라져 audit이 milestone 미연결로 잡았음.
+- **G. `impact` 동적 참조 (medium)**: `path.join`, `path.resolve`, `readFile`, `writeFile`, `fs.*`, `new URL` 등이 base 파일명을 인자로 받는 패턴을 별도 카테고리(medium)로 분리. default 출력에 strong + medium 모두 표시. site-cli의 `build.js`처럼 동적으로 컴포넌트를 읽는 빌더가 더 이상 weak로만 잡히지 않음.
+### Migration
+기존 1.9.x 사용자는 `npx leerness@latest update . --yes`로 즉시 자동 마이그레이션됩니다.
+## 1.9.4 — 2026-05-08
+1.9.3 운영 중 발견된 5개 한계점을 모두 패치합니다.
+### Fixed
+- **A. impact 정확도**: 강한 참조(`import / require / @import / href / src / url / include`)와 약한 참조(식별자 등장)를 분리해 default는 강한 참조만 출력. word boundary 추가로 `cards` 안의 `card`가 false positive로 잡히던 문제 해결. `--all`로 약한 참조까지 표시.
+- **B. cross-platform 종료 코드**: main이 끝난 뒤 `process.exit(process.exitCode)`을 명시. 셸 wrapper나 npx 파이프라인에서 `$?`이 0으로 보이던 문제 해결. `ui consistency --fail-on-violation`은 `--strict-exit`로 즉시 `process.exit(1)`도 가능.
+- **C. lazy detect string literal 휴리스틱**: 매치 위치가 `'…'`/`"…"`/`` `…` `` 안이면 카운트에서 제외. leerness CLI 자기 자신(bin/harness.js)도 자동 skip. 메인 디렉토리에서 30개 잡히던 false positive 사실상 0.
+### Added
+- **D. `leerness task fix-evidence`** — `done` 상태이면서 evidence가 비어있거나 `user-request` / `plan:M-XXXX` 단독인 row를 일괄 점검. `--set "<텍스트>"`로 일괄 갱신, 또는 row별 `task update` 명령을 출력해 가이드.
+- **E. `.leerness-skip-dirs` 파일** — 프로젝트 루트에 두면 추가 skip 디렉토리(예: `_apps/`, `leerness-pkg/`)가 모든 walk에서 적용됨. 1줄당 1개 디렉토리, `#` 주석 지원. 기본 skip 셋에도 `out`, `tmp`, `temp`, `.svelte-kit`, `.parcel-cache` 추가.
+### Migration
+기존 1.9.x 사용자는 `npx leerness@latest update . --yes`로 즉시 자동 마이그레이션됩니다.
 ## 1.9.3 — 2026-05-08
 이번 릴리스는 "이전 작업과 새 작업의 인과관계·재귀 안내·디자인 일관성"을 자동화합니다.

package/bin/harness.js CHANGED Viewed

@@ -6,7 +6,7 @@ const path = require('path');
 const cp = require('child_process');
 const readline = require('readline');
-const VERSION = '1.9.3';
+const VERSION = '1.9.5';
 const MARK = '<!-- leerness:managed -->';
 const README_START = '<!-- leerness:project-readme:start -->';
 const README_END = '<!-- leerness:project-readme:end -->';
@@ -679,6 +679,50 @@ function taskDrop(root, id) {
   ok(`task dropped: ${id}`);
 }
+// 1.9.4 D: evidence가 placeholder인 done row를 일괄 점검.
+function taskFixEvidence(root) {
+  root = absRoot(root);
+  const rows = readProgressRows(root);
+  const candidates = rows.filter(r =>
+    r.status === 'done' && (
+      !r.evidence ||
+      /^\s*$/.test(r.evidence) ||
+      /^(user-request|-)$/.test(r.evidence) ||
+      /^plan:M-\d{4}\s*$/.test(r.evidence)
+    )
+  );
+  if (!candidates.length) return ok('갱신 후보 없음 (모든 done row가 검증 키워드 보유)');
+  const setAll = arg('--set', null);
+  if (setAll) {
+    // 1.9.5 F: 기존 evidence의 plan:M-XXXX 링크를 새 텍스트에 자동 보존 (--no-preserve-link로 끄기)
+    const preserveLink = !has('--no-preserve-link');
+    let preserved = 0;
+    for (const r of candidates) {
+      let newEv = setAll;
+      if (preserveLink) {
+        const m = (r.evidence || '').match(/plan:M-\d{4}/);
+        if (m && !newEv.includes(m[0])) {
+          newEv = `${setAll} (${m[0]})`;
+          preserved++;
+        }
+      }
+      upsertProgress(root, { id: r.id, evidence: newEv });
+    }
+    ok(`${candidates.length}개 row의 evidence를 일괄 갱신${preserveLink ? ` (link 보존: ${preserved}건)` : ''}`);
+    return;
+  }
+  log(`# task fix-evidence — ${candidates.length}개 후보`);
+  log(`아래 row들은 evidence가 검증 키워드(테스트/명령/결과)를 포함하지 않습니다.`);
+  log(`각각 다음 명령으로 갱신하거나, --set "<공통 텍스트>"로 일괄 갱신하세요.\n`);
+  for (const r of candidates) {
+    log(`leerness task update ${r.id} --evidence "검증 결과 (e.g., npm test 통과)"`);
+    log(`  요청: ${r.request}`);
+    log(`  현재 evidence: "${r.evidence || ''}"`);
+    log('');
+  }
+  if (has('--fail-on-candidates')) process.exit(1);
+}
 function route(name) {
   const r = routes[name];
   if (!r) { fail('Unknown route'); log('Available: ' + Object.keys(routes).join(', ')); return; }
@@ -771,15 +815,26 @@ const SECRET_PATTERNS = [
   { name: 'Generic private key', re: /-----BEGIN (?:RSA |OPENSSH |EC |DSA |PGP )?PRIVATE KEY-----/g },
   { name: 'Hardcoded password assignment', re: /\b(?:password|passwd|pwd|secret|api_key|apikey)\s*[:=]\s*["'][^"'\s]{6,}["']/gi },
 ];
-const SCAN_SKIP_DIRS = new Set(['.git','node_modules','.harness/archive','.viewwork','dist','build','.next','.turbo','.cache','coverage','_pkg-source']);
+const SCAN_SKIP_DIRS = new Set(['.git','node_modules','.harness/archive','.viewwork','dist','build','.next','.turbo','.cache','coverage','_pkg-source','out','tmp','temp','.svelte-kit','.parcel-cache']);
+// 1.9.4 E: .leerness-skip-dirs 파일에서 추가 skip 디렉토리 읽기
+function getExtraSkipDirs(root) {
+  const f = path.join(absRoot(root || '.'), '.leerness-skip-dirs');
+  if (!exists(f)) return [];
+  return read(f).split('\n').map(s => s.trim().replace(/\/+$/, '')).filter(s => s && !s.startsWith('#'));
+}
+function isSkippedRel(rel, extras = []) {
+  const all = [...SCAN_SKIP_DIRS, ...extras];
+  return all.some(d => rel === d || rel.startsWith(d + '/'));
+}
 const SCAN_TEXT_EXT = new Set(['.js','.ts','.jsx','.tsx','.mjs','.cjs','.json','.md','.txt','.env','.bash','.sh','.yml','.yaml','.toml','.ini','.cfg','.py','.rb','.go','.rs','.java','.kt','.swift','.cs','.php','.sql','.html','.css','.scss','.less','.xml','.bat','.ps1','']);
-function* walk(root, base = root, depth = 0) {
+function* walk(root, base = root, depth = 0, extras = null) {
   if (depth > 12) return;
+  if (extras === null) extras = getExtraSkipDirs(root);
   for (const e of fs.readdirSync(base, { withFileTypes: true })) {
     const p = path.join(base, e.name);
     const r = path.relative(root, p).replace(/\\/g, '/');
-    if (Array.from(SCAN_SKIP_DIRS).some(d => r === d || r.startsWith(d + '/'))) continue;
-    if (e.isDirectory()) yield* walk(root, p, depth + 1);
+    if (isSkippedRel(r, extras)) continue;
+    if (e.isDirectory()) yield* walk(root, p, depth + 1, extras);
     else yield p;
   }
 }
@@ -871,12 +926,32 @@ function lazyDetect(root) {
   const ev = exists(evidencePath(root)) ? read(evidencePath(root)) : '';
   const hasTestRun = /\b(npm test|pnpm test|yarn test|pytest|jest|vitest|tsc|eslint|playwright|cypress)\b/i.test(ev);
   if (!hasTestRun) { issues++; warn('review-evidence.md has no recorded test/typecheck/lint run'); }
+  // 1.9.4 C: TODO/FIXME가 string literal 안에 있으면 제외 (정규식 패턴 자체 등 false positive).
+  function isInsideQuote(line, idx) {
+    const pre = line.slice(0, idx);
+    const sq = (pre.match(/(?<!\\)'/g) || []).length;
+    const dq = (pre.match(/(?<!\\)"/g) || []).length;
+    const bq = (pre.match(/(?<!\\)`/g) || []).length;
+    return (sq % 2 === 1) || (dq % 2 === 1) || (bq % 2 === 1);
+  }
   let todoCount = 0;
+  const cliSelf = path.resolve(__filename);
   for (const file of walk(root)) {
     const ext = path.extname(file).toLowerCase();
-    if (!SCAN_TEXT_EXT.has(ext) || file.includes('.harness') || file.includes('harness.js')) continue;
+    if (!SCAN_TEXT_EXT.has(ext)) continue;
+    if (file.includes('.harness')) continue;
+    if (path.resolve(file) === cliSelf) continue;
+    if (/[\\/]bin[\\/]harness\.js$/.test(file)) continue;
     let text; try { text = read(file); } catch { continue; }
-    todoCount += (text.match(/\bTODO\b|\bFIXME\b|\bXXX\b/g) || []).length;
+    const lines = text.split('\n');
+    const tre = /\bTODO\b|\bFIXME\b|\bXXX\b/g;
+    for (const line of lines) {
+      tre.lastIndex = 0;
+      let m;
+      while ((m = tre.exec(line))) {
+        if (!isInsideQuote(line, m.index)) todoCount++;
+      }
+    }
   }
   if (todoCount > 0) {
     const hasTodoTask = rows.some(r => /TODO|FIXME|XXX/.test(r.request) || /TODO|FIXME|XXX/i.test(r.evidence));
@@ -1064,13 +1139,14 @@ function gate(root) {
 // ===== 1.9.3: Causal / reuse / consistency =====
 const CODE_EXT = new Set(['.js','.ts','.jsx','.tsx','.mjs','.cjs','.css','.scss','.sass','.less','.html','.htm','.vue','.svelte','.md','.json','.py','.rb','.go','.rs','.java','.kt','.swift','.cs','.php']);
-function* walkCode(root, base = root, depth = 0) {
+function* walkCode(root, base = root, depth = 0, extras = null) {
   if (depth > 12) return;
+  if (extras === null) extras = getExtraSkipDirs(root);
   for (const e of fs.readdirSync(base, { withFileTypes: true })) {
     const p = path.join(base, e.name);
     const r = path.relative(root, p).replace(/\\/g, '/');
-    if (Array.from(SCAN_SKIP_DIRS).some(d => r === d || r.startsWith(d + '/'))) continue;
-    if (e.isDirectory()) yield* walkCode(root, p, depth + 1);
+    if (isSkippedRel(r, extras)) continue;
+    if (e.isDirectory()) yield* walkCode(root, p, depth + 1, extras);
     else if (CODE_EXT.has(path.extname(p).toLowerCase())) yield p;
   }
 }
@@ -1082,25 +1158,59 @@ function impactCmd(root, target) {
   const abs = path.isAbsolute(target) ? target : path.resolve(root, target);
   const base = path.basename(target);
   const noext = path.basename(target, path.extname(target));
-  const direct = [];
   const targetRel = rel(root, abs);
+  const eb = escapeRegex(base);
+  // 1.9.5 G: strong (정적 import) / medium (동적 path 함수) / weak (식별자 등장) 3단계.
+  const strongRe = new RegExp(
+    `(?:` +
+    `import\\s+[^;\\n]*?from\\s+['"][^'"]*${eb}` +
+    `|require\\(\\s*['"][^'"]*${eb}` +
+    `|@import\\s+['"][^'"]*${eb}` +
+    `|href=["'][^"']*${eb}` +
+    `|src=["'][^"']*${eb}` +
+    `|url\\(\\s*['"]?[^'")]*${eb}` +
+    `|include\\(\\s*['"][^'"]*${eb}` +
+    `)`
+  );
+  // 동적 path 조합 / 파일 시스템 호출과 함께 base 파일명이 등장하는 경우.
+  const mediumRe = new RegExp(
+    `(?:` +
+    `path\\.(?:join|resolve|relative|parse|format|normalize)\\s*\\([^)]*['"][^'"]*${eb}[^'"]*['"]` +
+    `|(?:readFile|writeFile|stat|access|open|createReadStream|createWriteStream|readFileSync|writeFileSync|statSync|accessSync|openSync)\\s*\\([^)]*['"][^'"]*${eb}[^'"]*['"]` +
+    `|fs\\.[a-zA-Z]+\\s*\\([^)]*['"][^'"]*${eb}[^'"]*['"]` +
+    `|new\\s+URL\\s*\\([^)]*['"][^'"]*${eb}[^'"]*['"]` +
+    `)`
+  );
+  const weakRe = new RegExp(`(?<![A-Za-z0-9_])${escapeRegex(noext)}(?![A-Za-z0-9_])`);
+  const high = []; const medium = []; const low = [];
   for (const f of walkCode(root)) {
     if (path.resolve(f) === path.resolve(abs)) continue;
     let text; try { text = read(f); } catch { continue; }
-    const patterns = [
-      new RegExp(`(?:import\\s+[^;\\n]*?from\\s+['"]|require\\(['"]|@import\\s+['"]|href=["']|src=["']|url\\(\\s*['"]?|include\\(['"]?)[^'")\\s]*${escapeRegex(base)}`),
-      // bare reference to filename without extension (e.g., 'card' alias)
-      new RegExp(`['"][^'"\\n]*${escapeRegex(noext)}\\b[^'"\\n]*['"]`)
-    ];
-    if (patterns.some(re => re.test(text))) direct.push(rel(root, f));
+    if (strongRe.test(text)) high.push(rel(root, f));
+    else if (mediumRe.test(text)) medium.push(rel(root, f));
+    else if (weakRe.test(text)) low.push(rel(root, f));
   }
   log(`# impact: ${targetRel}`);
-  if (direct.length === 0) ok('영향 범위 없음 (참조하는 파일 없음)');
+  const showAll = has('--all');
+  const totalEffective = high.length + medium.length;
+  if (totalEffective === 0 && (low.length === 0 || !showAll)) ok('영향 범위 없음 (강한/중간 참조 없음)');
   else {
-    log(`참조하는 파일 ${direct.length}개:`);
-    direct.forEach(d => log('- ' + d));
+    if (high.length) {
+      log(`강한 참조 ${high.length}개 (import/require/href/src/@import/url/include):`);
+      high.forEach(d => log('  - ' + d));
+    } else log('강한 참조: 없음');
+    if (medium.length) {
+      log(`\n중간 참조 ${medium.length}개 (path.join/readFile/fs 등 동적 path):`);
+      medium.forEach(d => log('  ~ ' + d));
+    }
+    if (showAll && low.length) {
+      log(`\n약한 참조 ${low.length}개 (식별자 등장 — false positive 가능):`);
+      low.forEach(d => log('  · ' + d));
+    } else if (low.length && !showAll) {
+      log(`\n💡 약한 참조 ${low.length}개 (--all 로 표시)`);
+    }
   }
-  return { target: targetRel, direct };
+  return { target: targetRel, high, medium, low };
 }
 function reuseMapPath(root) { return path.join(root, '.harness/reuse-map.md'); }
@@ -1206,7 +1316,8 @@ function uiConsistency(root) {
   warn(`토큰 외 값 ${findings.length}개:`);
   for (const f of findings.slice(0, 30)) log(`  ${f.file}:${f.line}  ${f.value}  (${f.type})`);
   if (findings.length > 30) log(`  ... +${findings.length - 30}개`);
-  if (has('--fail-on-violation')) process.exitCode = 1;
+  // 1.9.4 B: cross-platform 종료 코드 명시
+  if (has('--fail-on-violation')) { process.exitCode = 1; if (has('--strict-exit')) process.exit(1); }
 }
 function graphCmd(root) {
@@ -1428,7 +1539,7 @@ function viewworkInstall(root) {
 }
 function help() {
-  log(`Leerness v${VERSION}\n\nUsage:\n  leerness init [path] [--language auto|ko|en] [--skills recommended|all|a,b]\n  leerness migrate [path] [--dry-run] [--force]\n  leerness update [path] [--check|--yes|--force|--from <tarball>]\n  leerness auto-update install [path]\n  leerness status [path]\n  leerness verify [path]\n  leerness debug [path]\n  leerness audit [path]\n  leerness check [path]\n  leerness scan secrets [path]\n  leerness encoding check [path]\n  leerness lazy detect [path]\n  leerness memory search "query" [--limit 5]\n  leerness handoff [path]\n  leerness session close [path]\n  leerness viewwork install [path]\n  leerness viewwork emit [path] [--action a] [--note n] [--agent x] [--tool t]\n  leerness route <task-type>\n  leerness self check [path]\n  leerness readme sync [path]\n  leerness consistency check [path]\n  leerness consistency merge-design-guide [path]\n  leerness plan show|init|add|drop|progress|sync [args]\n  leerness task list|add|update|drop [args]\n  leerness skill list|info <name>\n  leerness skill learn <id> --doc <url> --command "..." --capability "..." [--note ...]\n  leerness skill use <id> [--note ...]\n  leerness skill optimize <id> --before "..." --after "..." [--note ...]\n  leerness skill remove <id>\n  leerness skill consolidate [--threshold 0.3]\n  leerness gate [path]                       # verify+audit+scan+encoding+lazy\n  leerness impact <target>                   # 변경 전 영향 분석\n  leerness reuse find <query>                # 기존 자원 검색 (재귀 안내)\n  leerness reuse register <name> --where <p> --kind component|hook|util|api [--note ...]\n  leerness ui consistency [path] [--strict] [--fail-on-violation]\n  leerness graph [path] [--out <file>]       # mermaid 의존성 그래프\n  leerness guide [target]                    # impact + reuse + ui consistency 통합 가이드\n`);
+  log(`Leerness v${VERSION}\n\nUsage:\n  leerness init [path] [--language auto|ko|en] [--skills recommended|all|a,b]\n  leerness migrate [path] [--dry-run] [--force]\n  leerness update [path] [--check|--yes|--force|--from <tarball>]\n  leerness auto-update install [path]\n  leerness status [path]\n  leerness verify [path]\n  leerness debug [path]\n  leerness audit [path]\n  leerness check [path]\n  leerness scan secrets [path]\n  leerness encoding check [path]\n  leerness lazy detect [path]\n  leerness memory search "query" [--limit 5]\n  leerness handoff [path]\n  leerness session close [path]\n  leerness viewwork install [path]\n  leerness viewwork emit [path] [--action a] [--note n] [--agent x] [--tool t]\n  leerness route <task-type>\n  leerness self check [path]\n  leerness readme sync [path]\n  leerness consistency check [path]\n  leerness consistency merge-design-guide [path]\n  leerness plan show|init|add|drop|progress|sync [args]\n  leerness task list|add|update|drop|fix-evidence [args]\n  leerness skill list|info <name>\n  leerness skill learn <id> --doc <url> --command "..." --capability "..." [--note ...]\n  leerness skill use <id> [--note ...]\n  leerness skill optimize <id> --before "..." --after "..." [--note ...]\n  leerness skill remove <id>\n  leerness skill consolidate [--threshold 0.3]\n  leerness gate [path]                       # verify+audit+scan+encoding+lazy\n  leerness impact <target> [--all]           # 변경 전 영향 분석 (기본 strong, --all로 weak 포함)\n  leerness reuse find <query>                # 기존 자원 검색 (재귀 안내)\n  leerness reuse register <name> --where <p> --kind component|hook|util|api [--note ...]\n  leerness ui consistency [path] [--strict] [--fail-on-violation]\n  leerness graph [path] [--out <file>]       # mermaid 의존성 그래프\n  leerness guide [target]                    # impact + reuse + ui consistency 통합 가이드\n`);
 }
 async function main() {
@@ -1491,8 +1602,12 @@ async function main() {
     if (sub==='add')    return taskAdd(root, args.slice(2).join(' ') || '새 작업');
     if (sub==='update') return taskUpdate(root, args[2]);
     if (sub==='drop')   return taskDrop(root, args[2]);
+    if (sub==='fix-evidence') return taskFixEvidence(root);
   }
   return help();
 }
-main().catch(err => { fail(err && err.message ? err.message : String(err)); process.exitCode = 1; });
+// 1.9.4 B: main 종료 후 exitCode를 명시적으로 process.exit으로 강제 (셸/wrapper 차 무시).
+main()
+  .then(() => { if (process.exitCode && process.exitCode !== 0) process.exit(process.exitCode); })
+  .catch(err => { fail(err && err.message ? err.message : String(err)); process.exit(1); });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "leerness",
-  "version": "1.9.3",
+  "version": "1.9.5",
   "description": "Leerness: 비파괴 마이그레이션, 자동 버전 감지·업데이트, 계획/진행/핸드오프 자동화, 게으름·시크릿·인코딩 자동 가드, Claude Code 슬래시 통합을 갖춘 한국어 우선 AI 개발 하네스.",
   "keywords": [
     "leerness",

package/scripts/e2e.js CHANGED Viewed

@@ -223,6 +223,125 @@ total++;
 run('graph: mermaid 출력',             ['graph', tmp]);
 run('guide: 통합 가이드',               ['guide', 'src/components/Card.html', '--path', tmp]);
+// 1.9.4 회귀: impact strong/weak 구분
+total++;
+{
+  // home.html에 "Card"라는 식별자가 plain text로 들어가도록 (false positive 시드)
+  fs.appendFileSync(path.join(tmp, 'src/pages/home.html'), '\n<!-- 카드 콘텐츠는 Cards 배열로 -->\n');
+  const r = cp.spawnSync(process.execPath, [CLI, 'impact', 'src/components/Card.html', '--path', tmp], { encoding: 'utf8' });
+  const strongOK = /강한 참조 \d+개/.test(r.stdout);
+  const weakHint = /약한 참조|영향 범위 없음/.test(r.stdout);
+  console.log(strongOK && weakHint ? '✓ B(A) impact: strong/weak 구분 출력' : '✗ B(A) impact 구분 실패');
+  if (!(strongOK && weakHint)) failed++;
+}
+// 1.9.5 G 회귀: impact medium 카테고리 — 동적 path 패턴
+total++;
+{
+  // builder.js에서 path.join + readFileSync + Card.html을 동적 사용
+  fs.writeFileSync(path.join(tmp, 'src/builder.js'),
+    `const fs = require('fs'); const path = require('path');\n` +
+    `const tpl = fs.readFileSync(path.join(__dirname, 'components', 'Card.html'), 'utf8');\n` +
+    `module.exports = { tpl };\n`);
+  const r = cp.spawnSync(process.execPath, [CLI, 'impact', 'src/components/Card.html', '--path', tmp], { encoding: 'utf8' });
+  const ok = /중간 참조 \d+개/.test(r.stdout) && /src\/builder\.js/.test(r.stdout);
+  console.log(ok ? '✓ B(G) impact medium: builder.js (path.join + readFileSync) 검출' : `✗ B(G) medium 검출 실패\n${r.stdout}`);
+  if (!ok) failed++;
+}
+// 1.9.4 회귀: --fail-on-violation cross-platform 종료
+total++;
+{
+  fs.appendFileSync(path.join(tmp, 'src/pages/home.html'), '\n<style>.x{color:#cafe00;}</style>\n');
+  const r = cp.spawnSync(process.execPath, [CLI, 'ui', 'consistency', tmp, '--fail-on-violation'], { encoding: 'utf8' });
+  const ok = r.status === 1;
+  console.log(ok ? '✓ B(B) ui consistency --fail-on-violation: exit=1' : `✗ B(B) exit=${r.status}`);
+  if (!ok) failed++;
+}
+// 1.9.4 회귀: lazy detect string literal 무시
+total++;
+{
+  // false positive 시드: TODO 단어가 string literal 안에 있는 코드
+  fs.writeFileSync(path.join(tmp, 'src/regex-helper.js'), `module.exports = { TODO_RE: /\\bTODO\\b/g, label: 'TODO list' };\n`);
+  // 다른 한편 진짜 TODO 주석
+  fs.writeFileSync(path.join(tmp, 'src/real-todo.js'), `// TODO: 실제 미완료 작업\nconst x = 1;\n`);
+  const r = cp.spawnSync(process.execPath, [CLI, 'lazy', 'detect', tmp], { encoding: 'utf8' });
+  // string literal 안의 TODO는 무시되고, 주석 안의 진짜 TODO만 카운트되어야 함
+  const todosLine = (r.stdout.match(/code has (\d+) TODO/) || [0,'-'])[1];
+  const ok = todosLine === '1' || todosLine === '-' || /lazy detect passed/.test(r.stdout);
+  console.log(ok ? `✓ B(C) lazy detect: string literal 무시 (count=${todosLine})` : `✗ B(C) count=${todosLine}`);
+  if (!ok) failed++;
+  fs.unlinkSync(path.join(tmp, 'src/regex-helper.js'));
+  fs.unlinkSync(path.join(tmp, 'src/real-todo.js'));
+}
+// 1.9.4 회귀: task fix-evidence 표시
+total++;
+{
+  // T-0001 evidence를 placeholder로 (test before가 'review-evidence:e2e' 였음 → 'user-request'로 바꿈)
+  const trackerPath = path.join(tmp, '.harness/progress-tracker.md');
+  let cur = fs.readFileSync(trackerPath, 'utf8');
+  cur = cur.replace(/^\| T-0001 \|.*$/m, '| T-0001 | done | mile A | user-request | next | 2026-05-08 |');
+  fs.writeFileSync(trackerPath, cur);
+  const r = cp.spawnSync(process.execPath, [CLI, 'task', 'fix-evidence', '--path', tmp], { encoding: 'utf8' });
+  const ok = r.status === 0 && /T-0001/.test(r.stdout) && /후보/.test(r.stdout);
+  console.log(ok ? '✓ B(D) task fix-evidence: 후보 표시' : '✗ B(D) 후보 표시 실패');
+  if (!ok) { failed++; console.log(r.stdout); }
+}
+// 1.9.4 회귀: --set 일괄 갱신
+total++;
+{
+  // T-0001 evidence를 plan:M-0002 링크 포함한 placeholder로 (1.9.5 link 보존 검증용 시드)
+  const trackerPath2 = path.join(tmp, '.harness/progress-tracker.md');
+  let cur = fs.readFileSync(trackerPath2, 'utf8');
+  cur = cur.replace(/^\| T-0001 \|.*$/m, '| T-0001 | done | mile A | plan:M-0002 | next | 2026-05-08 |');
+  fs.writeFileSync(trackerPath2, cur);
+  const r = cp.spawnSync(process.execPath, [CLI, 'task', 'fix-evidence', '--set', 'npm test 통과 (e2e)', '--path', tmp], { encoding: 'utf8' });
+  const tracker = fs.readFileSync(trackerPath2, 'utf8');
+  const ok = r.status === 0 && /npm test 통과 \(e2e\)/.test(tracker);
+  console.log(ok ? '✓ B(D2) task fix-evidence --set: 일괄 갱신' : '✗ B(D2) 일괄 갱신 실패');
+  if (!ok) failed++;
+}
+// 1.9.5 F 회귀: --set 시 plan:M-XXXX 링크 자동 보존
+total++;
+{
+  const tracker = fs.readFileSync(path.join(tmp, '.harness/progress-tracker.md'), 'utf8');
+  const ok = /npm test 통과 \(e2e\) \(plan:M-0002\)/.test(tracker);
+  console.log(ok ? '✓ B(F) fix-evidence --set: link 자동 보존' : `✗ B(F) link 손실\n${tracker}`);
+  if (!ok) failed++;
+}
+// 1.9.5 F neg: --no-preserve-link
+total++;
+{
+  // T-0002 같은 row를 placeholder로 시드
+  const trackerPath3 = path.join(tmp, '.harness/progress-tracker.md');
+  let cur = fs.readFileSync(trackerPath3, 'utf8');
+  // T-0001을 다시 plan:M-0099로 교체
+  cur = cur.replace(/^\| T-0001 \|.*$/m, '| T-0001 | done | mile A | plan:M-0099 | next | 2026-05-08 |');
+  fs.writeFileSync(trackerPath3, cur);
+  cp.spawnSync(process.execPath, [CLI, 'task', 'fix-evidence', '--set', 'npm test only', '--no-preserve-link', '--path', tmp], { encoding: 'utf8' });
+  const tracker = fs.readFileSync(trackerPath3, 'utf8');
+  const ok = /\| T-0001 \| done \| mile A \| npm test only \|/.test(tracker) && !/M-0099/.test(tracker);
+  console.log(ok ? '✓ B(F neg) fix-evidence --no-preserve-link: 링크 제거' : `✗ B(F neg) 동작 이상`);
+  if (!ok) failed++;
+}
+// 1.9.4 회귀: .leerness-skip-dirs 적용
+total++;
+{
+  fs.mkdirSync(path.join(tmp, '_devspace'), { recursive: true });
+  fs.writeFileSync(path.join(tmp, '_devspace/secret-config.js'), `const k = "ghp_${'a'.repeat(36)}";\n`);
+  fs.writeFileSync(path.join(tmp, '.leerness-skip-dirs'), '_devspace/\n# 주석은 무시\n');
+  const r = cp.spawnSync(process.execPath, [CLI, 'scan', 'secrets', tmp], { encoding: 'utf8' });
+  const ok = r.status === 0 && /no obvious secret patterns/.test(r.stdout);
+  console.log(ok ? '✓ B(E) .leerness-skip-dirs: _devspace 자동 skip' : `✗ B(E) skip 실패\n${r.stdout}`);
+  if (!ok) failed++;
+}
 run('gate (all checks)',   ['gate', tmp]);
 run('self check (= update --check)', ['self', 'check', tmp], { });