mstro-app 0.3.7 → 0.3.9

package/server/mcp/security-patterns.ts

@@ -14,6 +14,8 @@
  * - The question is: "Does this operation make sense given user intent?"
  */
 
+import { resolve } from 'node:path';
+
 export interface SecurityPattern {
   pattern: RegExp;
   reason?: string;
@@ -83,7 +85,16 @@ export const CRITICAL_THREATS: SecurityPattern[] = [
   {
     pattern: /chmod\s+000\s+\//i,
     reason: 'Attempting to make system directories inaccessible'
-  }
+  },
+  // Reverse shells - never legitimate in a dev workflow
+  {
+    pattern: /\/dev\/tcp\//i,
+    reason: 'Reverse shell via /dev/tcp - classic backdoor technique'
+  },
+  {
+    pattern: /\bnc\b.*-[elp].*\b\d+\b/i,
+    reason: 'Netcat listener/reverse shell - common backdoor technique'
+  },
   // NOTE: curl|bash is NOT here - it goes to Haiku for context review
   // The question is "did a bad actor inject this?" not "is curl|bash dangerous?"
 ];
@@ -158,12 +169,104 @@ export const NEEDS_AI_REVIEW: SecurityPattern[] = [
     reason: 'Recursive deletion - verify target matches user intent'
   },
 
+  // Data exfiltration patterns — piping data to network tools
+  {
+    pattern: /\|\s*(nc|netcat|ncat)\b/i,
+    reason: 'Pipe to netcat - potential data exfiltration'
+  },
+  {
+    pattern: /\bscp\b.*@/i,
+    reason: 'SCP to remote host - potential data exfiltration'
+  },
+  {
+    pattern: /\|\s*curl\b/i,
+    reason: 'Pipe to curl - potential data exfiltration'
+  },
+  {
+    pattern: /curl\b.*-d\s*@/i,
+    reason: 'Curl with file upload - potential data exfiltration'
+  },
+
   // ALL Write/Edit operations that aren't to /tmp go through context review
   // This is the key change: we review based on context, not blanket allow/deny
   {
     pattern: /^(Write|Edit):\s*(?!\/tmp\/|\/var\/tmp\/)/i,
     reason: 'File modification - verify aligns with user request'
   },
+
+  // Reverse shells and bind shells — network-connected interactive shells
+  {
+    pattern: /\/dev\/tcp\//i,
+    reason: 'Potential reverse shell via /dev/tcp'
+  },
+  {
+    pattern: /\b(nc|netcat|ncat)\b.*-e\s/i,
+    reason: 'Netcat with -e flag - potential reverse shell'
+  },
+  {
+    pattern: /\bsocket\b.*\bconnect\b.*\b(dup2|subprocess|exec)\b/i,
+    reason: 'Programmatic reverse shell pattern (socket+connect+exec)'
+  },
+  {
+    pattern: /\bperl\b.*\bsocket\b.*\bexec\b/i,
+    reason: 'Perl reverse shell pattern'
+  },
+
+  // Encoded/obfuscated payloads piped to shell or eval
+  {
+    pattern: /\b(base64|base32)\b.*-d.*\|\s*(bash|sh)\b/i,
+    reason: 'Decoded payload piped to shell - obfuscated command execution'
+  },
+  {
+    pattern: /\\x[0-9a-f]{2}.*\|\s*(bash|sh)\b/i,
+    reason: 'Hex-encoded payload piped to shell'
+  },
+  {
+    pattern: /\bexec\b.*\b(base64|b64decode)\b/i,
+    reason: 'Exec with base64 decoding - obfuscated code execution'
+  },
+  {
+    pattern: /\bprintf\b.*\\x[0-9a-f].*\|\s*(bash|sh)\b/i,
+    reason: 'Printf hex payload piped to shell'
+  },
+
+  // Cloud metadata / SSRF — accessing cloud instance credentials
+  {
+    pattern: /169\.254\.169\.254/i,
+    reason: 'AWS/Azure IMDS access - potential credential theft'
+  },
+  {
+    pattern: /metadata\.google\.internal/i,
+    reason: 'GCP metadata access - potential credential theft'
+  },
+
+  // Persistence — writing to shell profiles, cron, authorized_keys via echo/append
+  {
+    pattern: />>\s*~?\/?.*\/(authorized_keys|\.bashrc|\.bash_profile|\.zshrc|\.profile)/i,
+    reason: 'Appending to sensitive file - potential persistence mechanism'
+  },
+  {
+    pattern: /\bld\.so\.preload\b/i,
+    reason: 'LD_PRELOAD injection - shared library hijacking'
+  },
+
+  // wget with file upload
+  {
+    pattern: /wget\b.*--post-file/i,
+    reason: 'wget file upload - potential data exfiltration'
+  },
+
+  // pip install from custom index (supply chain attack)
+  {
+    pattern: /pip\b.*--index-url\s+https?:\/\/(?!pypi\.org)/i,
+    reason: 'pip install from non-PyPI index - potential supply chain attack'
+  },
+
+  // MCP server manipulation
+  {
+    pattern: /\bclaude\b.*\bmcp\b.*\badd\b/i,
+    reason: 'Adding MCP server - verify source is trusted'
+  },
 ];
 
 /**
@@ -178,11 +281,70 @@ export function matchesPattern(operation: string, patterns: SecurityPattern[]):
   return null;
 }
 
+/**
+ * Normalize file paths in Write/Edit/Read operations to resolve .. traversal.
+ * Prevents path traversal attacks like "Write: /home/user/../../etc/passwd"
+ * from matching safe home-directory patterns.
+ */
+export function normalizeOperation(operation: string): string {
+  const match = operation.match(/^(Write|Edit|Read):\s*(\S+)/i);
+  if (match?.[2].includes('..')) {
+    const [, tool, rawPath] = match;
+    const normalizedPath = resolve(rawPath);
+    return `${tool}: ${normalizedPath}`;
+  }
+  return operation;
+}
+
+/** Check if a Bash command contains chain operators that could hide dangerous ops after a safe prefix. */
+function containsChainOperators(operation: string): boolean {
+  const commandPart = operation.replace(/^Bash:\s*/i, '');
+  return /;|&&|\|\||\n/.test(commandPart);
+}
+
+/** Check if a Bash command pipes output to known exfiltration/network tools or shells. */
+function containsDangerousPipe(operation: string): boolean {
+  const commandPart = operation.replace(/^Bash:\s*/i, '');
+  return /\|\s*(nc|netcat|ncat|curl|wget|scp|bash|sh)\b/i.test(commandPart);
+}
+
+/** Check if a Bash command redirects output to sensitive paths (append or overwrite). */
+function containsSensitiveRedirect(operation: string): boolean {
+  const commandPart = operation.replace(/^Bash:\s*/i, '');
+  return />>?\s*~?\/?.*\/(authorized_keys|\.bashrc|\.bash_profile|\.zshrc|\.profile|\.ssh\/|\.aws\/|\.gnupg\/|ld\.so\.preload|crontab|sudoers)/i.test(commandPart)
+    || />>?\s*\/etc\//i.test(commandPart);
+}
+
+/** Check if a Bash command contains subshell or backtick expansion (not simple ${VAR}). */
+function containsBashExpansion(operation: string): boolean {
+  const commandPart = operation.replace(/^Bash:\s*/i, '');
+  return /`[^`]+`/.test(commandPart) || /\$\([^)]+\)/.test(commandPart);
+}
+
+/** Check if a Bash command contains any form of shell expansion: ${VAR}, $(...), or backticks. */
+function containsAnyExpansion(operation: string): boolean {
+  const cmd = operation.replace(/^Bash:\s*/i, '');
+  return /\$\{[^}]+\}/.test(cmd) || /\$\([^)]+\)/.test(cmd) || /`[^`]+`/.test(cmd);
+}
+
+/** Check if expansion is safely used as an argument to a known-safe command prefix.
+ *  e.g., "echo ${HOME}" or "cat ${FILE}" — the expansion can't change the command itself. */
+function isSafeExpansionUse(operation: string): boolean {
+  const cmd = operation.replace(/^Bash:\s*/i, '').trim();
+  // If the expansion IS the command (first token), it's never safe
+  if (/^(\$\{|\$\(|`)/.test(cmd)) return false;
+  // Safe command prefixes where expansion as an argument is harmless
+  const safePrefix = /^(echo|printf|cat|ls|pwd|whoami|date|env|printenv|test|true|false)\s/i;
+  return safePrefix.test(cmd);
+}
+
 /**
  * Determine if operation requires AI context review
  *
  * The philosophy here is:
- * - SAFE_OPERATIONS: No review needed (read-only, temp files, build artifact cleanup)
+ * - SENSITIVE_PATHS: Always require review (credentials, system configs)
+ * - SAFE_OPERATIONS: No review needed, UNLESS the bash command contains
+ *   chain operators, dangerous pipes, or subshell/backtick expansion
  * - CRITICAL_THREATS: Auto-deny, no review (catastrophic operations)
  * - Everything else: AI reviews context to determine if it matches user intent
  */
@@ -197,17 +359,48 @@ const SAFE_RM_PATTERNS = [
 ];
 
 export function requiresAIReview(operation: string): boolean {
-  if (matchesPattern(operation, SAFE_OPERATIONS)) return false;
-  if (matchesPattern(operation, CRITICAL_THREATS)) return false;
+  // Normalize paths to prevent .. traversal bypass
+  const op = normalizeOperation(operation);
+
+  // Check sensitive paths BEFORE safe operations — prevents home-dir
+  // safe pattern from masking .ssh, .aws, .bashrc, etc.
+  if (matchesPattern(op, SENSITIVE_PATHS)) return true;
+
+  // Bash commands with any shell expansion (${VAR}, $(...), backticks) are
+  // opaque — the bouncer can't predict what they expand to at runtime.
+  // Route to AI review BEFORE checking CRITICAL_THREATS or SAFE_OPERATIONS,
+  // UNLESS the command is clearly safe (expansion is just an argument to a
+  // known-safe prefix like "echo ${HOME}").
+  if (/^Bash:/i.test(op) && containsAnyExpansion(op) && !isSafeExpansionUse(op)) {
+    return true;
+  }
+
+  if (matchesPattern(op, SAFE_OPERATIONS)) {
+    // Safe bash commands must not contain chain operators, dangerous pipes,
+    // or subshell/backtick expansion that could hide dangerous operations.
+    // A safe prefix (e.g., "git clone") with chain operators (&&, ;, ||)
+    // means the full command isn't necessarily safe — route to AI review.
+    if (/^Bash:/i.test(op) && (
+      containsChainOperators(op) ||
+      containsDangerousPipe(op) ||
+      containsBashExpansion(op) ||
+      containsSensitiveRedirect(op)
+    )) {
+      return true;
+    }
+    return false;
+  }
+
+  if (matchesPattern(op, CRITICAL_THREATS)) return false;
 
-  if (matchesPattern(operation, NEEDS_AI_REVIEW)) {
-    return !SAFE_RM_PATTERNS.some(p => p.test(operation));
+  if (matchesPattern(op, NEEDS_AI_REVIEW)) {
+    return !SAFE_RM_PATTERNS.some(p => p.test(op));
   }
 
-  // Variable expansion and glob patterns are only concerning in Bash commands
-  if (/^Bash:/.test(operation)) {
-    if (/\$\{.*\}|\$\(.*\)/.test(operation) || /\*\*?/.test(operation)) return true;
-    if (/^Bash:\s*\.\//.test(operation)) return true;
+  // Glob patterns and script execution are concerning in Bash commands
+  if (/^Bash:/.test(op)) {
+    if (/\*\*?/.test(op)) return true;
+    if (/^Bash:\s*\.\//.test(op)) return true;
   }
 
   return false;
@@ -262,6 +455,9 @@ export function classifyRisk(operation: string): {
     { pattern: /chmod\s+777/i, reason: 'Dangerous permissions' },
     { pattern: /(curl|wget).*\|.*(bash|sh)/i, reason: 'Remote code execution' },
     { pattern: /pkill|killall/i, reason: 'Process termination' },
+    { pattern: /\|\s*(nc|netcat|ncat)\b/i, reason: 'Data exfiltration via netcat' },
+    { pattern: /\bscp\b.*@/i, reason: 'Data exfiltration via SCP' },
+    { pattern: /curl\b.*-d\s*@/i, reason: 'Data exfiltration via curl file upload' },
   ];
 
   for (const pattern of elevatedPatterns) {

package/server/services/plan/composer.ts

@@ -0,0 +1,199 @@
+// Copyright (c) 2025-present Mstro, Inc. All rights reserved.
+// Licensed under the MIT License. See LICENSE file for details.
+
+/**
+ * Plan Composer — Handles natural language prompts for PPS creation/editing.
+ *
+ * When a planPrompt message arrives, this builds a context-enriched prompt
+ * against the .pm/ (or legacy .plan/) directory and spawns a scoped
+ * HeadlessRunner session to execute it.
+ */
+
+import { existsSync, readFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { runWithFileLogger } from '../../cli/headless/headless-logger.js';
+import { HeadlessRunner, type ToolUseEvent } from '../../cli/headless/index.js';
+import type { HandlerContext } from '../websocket/handler-context.js';
+import type { WSContext } from '../websocket/types.js';
+import { getNextId, parsePlanDirectory, resolvePmDir } from './parser.js';
+
+const PROMPT_TOOL_MESSAGES: Record<string, string> = {
+  Glob: 'Discovering project files...',
+  Read: 'Reading project structure...',
+  Grep: 'Searching codebase...',
+  Write: 'Creating project files...',
+  Edit: 'Updating project files...',
+  Bash: 'Running commands...',
+};
+
+function getPromptToolCompleteMessage(event: ToolUseEvent): string | null {
+  const input = event.completeInput;
+  if (!input) return null;
+  if (event.toolName === 'Write' && input.file_path) {
+    const filename = String(input.file_path).split('/').pop() ?? '';
+    return `Created ${filename}`;
+  }
+  if (event.toolName === 'Edit' && input.file_path) {
+    const filename = String(input.file_path).split('/').pop() ?? '';
+    return `Updated ${filename}`;
+  }
+  if (event.toolName === 'Read' && input.file_path) {
+    return `Read ${String(input.file_path).split('/').slice(-2).join('/')}`;
+  }
+  return null;
+}
+
+function createPromptProgressTracker() {
+  const seenToolStarts = new Set<string>();
+
+  return (event: ToolUseEvent): string | null => {
+    if (event.type === 'tool_start' && event.toolName) {
+      if (seenToolStarts.has(event.toolName)) return null;
+      seenToolStarts.add(event.toolName);
+      return PROMPT_TOOL_MESSAGES[event.toolName] ?? null;
+    }
+    if (event.type === 'tool_complete') return getPromptToolCompleteMessage(event);
+    return null;
+  };
+}
+
+function readFileOrEmpty(path: string): string {
+  try {
+    if (existsSync(path)) return readFileSync(path, 'utf-8');
+  } catch { /* skip */ }
+  return '';
+}
+
+export async function handlePlanPrompt(
+  ctx: HandlerContext,
+  ws: WSContext,
+  userPrompt: string,
+  workingDir: string,
+): Promise<void> {
+  const pmDir = resolvePmDir(workingDir) ?? join(workingDir, '.pm');
+  const stateContent = readFileOrEmpty(join(pmDir, 'STATE.md'));
+  const projectContent = readFileOrEmpty(join(pmDir, 'project.md'));
+
+  // Compute next available IDs
+  const fullState = parsePlanDirectory(workingDir);
+  let idInfo = '';
+  if (fullState) {
+    const nextIS = getNextId(fullState.issues, 'IS');
+    const nextBG = getNextId(fullState.issues, 'BG');
+    const nextEP = getNextId(fullState.issues, 'EP');
+    idInfo = `Next available IDs: ${nextIS}, ${nextBG}, ${nextEP}`;
+  }
+
+  // Read existing epic files to provide context
+  let epicContext = '';
+  if (fullState) {
+    const existingEpics = fullState.issues.filter((i: { type: string }) => i.type === 'epic');
+    if (existingEpics.length > 0) {
+      epicContext = `\nExisting epics:\n${existingEpics.map((e: { id: string; title: string; path: string; children: string[] }) => `- ${e.id}: ${e.title} (${e.path}, children: ${e.children.length})`).join('\n')}\n`;
+    }
+  }
+
+  const enrichedPrompt = `You are managing a project in the .pm/ directory format (Project Plan Spec).
+The project's current state is:
+
+<state>
+${stateContent || 'No STATE.md exists yet'}
+</state>
+
+<project>
+${projectContent || 'No project.md yet'}
+</project>
+
+${idInfo}
+${epicContext}
+
+Follow these rules:
+- When creating .pm/ files, use YAML front matter + markdown body
+- When modifying issues, preserve all existing YAML fields you don't change
+- After any state change, update STATE.md to reflect the new status
+- Use the next available ID for new entities
+- Respond briefly describing what you did
+
+Issue scoping rules (critical for execution quality):
+- Each issue is executed by a single AI agent with its own context window
+- Issues estimated at 1-3 story points execute well (focused, single concern)
+- Issues at 5 story points are viable if scoped to one subsystem
+- Issues at 8+ story points MUST be decomposed into smaller sub-issues
+- Issues at 13+ story points MUST become an epic with child issues
+- Each issue should touch one logical concern (one component, one service, one data flow)
+- If an issue requires work across multiple subsystems, split it into one issue per subsystem with blocked_by edges between them
+- Research/investigation issues should be separate from implementation issues
+
+Epic creation rules (when user asks for a feature with sub-tasks or an epic):
+- Create an EP-*.md file in .pm/backlog/ with type: epic and a children: [] field in front matter
+- Create individual IS-*.md (or BG-*.md) files for each child issue
+- Each child issue must have epic: backlog/EP-XXX.md in its front matter
+- The epic's children field must list all child paths: [backlog/IS-001.md, backlog/IS-002.md, ...]
+- Set blocked_by between child issues where there are natural dependencies
+- Give each child issue clear acceptance criteria and files to modify when possible
+- Set appropriate priorities (P0-P3) based on the issue's importance within the epic
+
+User request: ${userPrompt}`;
+
+  try {
+    ctx.broadcastToAll({
+      type: 'planPromptProgress',
+      data: { message: 'Starting project planning...' },
+    });
+
+    const runner = new HeadlessRunner({
+      workingDir,
+      directPrompt: enrichedPrompt,
+      outputCallback: (text: string) => {
+        ctx.send(ws, {
+          type: 'planPromptStreaming',
+          data: { token: text },
+        });
+      },
+      toolUseCallback: (() => {
+        const getProgressMessage = createPromptProgressTracker();
+        return (event: ToolUseEvent) => {
+          const message = getProgressMessage(event);
+          if (message) {
+            ctx.broadcastToAll({
+              type: 'planPromptProgress',
+              data: { message },
+            });
+          }
+        };
+      })(),
+    });
+
+    ctx.broadcastToAll({
+      type: 'planPromptProgress',
+      data: { message: 'Claude is planning your project...' },
+    });
+
+    const result = await runWithFileLogger('pm-compose', () => runner.run());
+
+    ctx.broadcastToAll({
+      type: 'planPromptProgress',
+      data: { message: 'Finalizing project plan...' },
+    });
+
+    ctx.send(ws, {
+      type: 'planPromptResponse',
+      data: {
+        response: result.completed ? 'Prompt executed successfully.' : (result.error || 'Unknown error'),
+        success: result.completed,
+        error: result.error || null,
+      },
+    });
+
+    // Re-parse and broadcast updated state
+    const updatedState = parsePlanDirectory(workingDir);
+    if (updatedState) {
+      ctx.broadcastToAll({ type: 'planStateUpdated', data: updatedState });
+    }
+  } catch (error) {
+    ctx.send(ws, {
+      type: 'planError',
+      data: { error: error instanceof Error ? error.message : String(error) },
+    });
+  }
+}

package/server/services/plan/dependency-resolver.ts

@@ -0,0 +1,179 @@
+// Copyright (c) 2025-present Mstro, Inc. All rights reserved.
+// Licensed under the MIT License. See LICENSE file for details.
+
+/**
+ * Dependency Resolver — Validates and computes the dependency DAG.
+ *
+ * Builds adjacency list from blocked_by/blocks fields, detects cycles,
+ * and computes the "ready to work" set.
+ */
+
+import type { Issue } from './types.js';
+
+/**
+ * Detect cycles in the dependency graph.
+ * Returns the first cycle found as an array of issue IDs, or null if acyclic.
+ */
+export function detectCycles(issues: Issue[]): string[] | null {
+  const issueByPath = new Map<string, Issue>();
+  for (const issue of issues) {
+    issueByPath.set(issue.path, issue);
+  }
+
+  // DFS with coloring: 0=white, 1=gray, 2=black
+  const color = new Map<string, number>();
+  const parent = new Map<string, string>();
+
+  for (const issue of issues) {
+    color.set(issue.path, 0);
+  }
+
+  for (const issue of issues) {
+    if (color.get(issue.path) === 0) {
+      const cycle = dfs(issue.path, issueByPath, color, parent);
+      if (cycle) return cycle;
+    }
+  }
+
+  return null;
+}
+
+function dfs(
+  path: string,
+  issueByPath: Map<string, Issue>,
+  color: Map<string, number>,
+  parent: Map<string, string>,
+): string[] | null {
+  color.set(path, 1); // Gray
+  const issue = issueByPath.get(path);
+  if (!issue) {
+    color.set(path, 2);
+    return null;
+  }
+
+  for (const dep of issue.blocks) {
+    if (!issueByPath.has(dep)) continue;
+    const depColor = color.get(dep);
+    if (depColor === 1) {
+      // Found cycle — reconstruct
+      const cycle = [dep, path];
+      let cur = path;
+      while (parent.has(cur) && parent.get(cur) !== dep) {
+        cur = parent.get(cur)!;
+        cycle.push(cur);
+      }
+      return cycle.map(p => issueByPath.get(p)?.id || p);
+    }
+    if (depColor === 0) {
+      parent.set(dep, path);
+      const cycle = dfs(dep, issueByPath, color, parent);
+      if (cycle) return cycle;
+    }
+  }
+
+  color.set(path, 2); // Black
+  return null;
+}
+
+/**
+ * Compute the set of issues that are ready to work on.
+ * An issue is ready if:
+ * - It's not an epic
+ * - Its status is backlog or todo (not started, done, or cancelled)
+ * - All its blocked_by items are done or cancelled
+ *
+ * If epicScope is provided, only returns issues belonging to that epic.
+ */
+export function resolveReadyToWork(issues: Issue[], epicScope?: string): Issue[] {
+  const issueByPath = new Map<string, Issue>();
+  for (const issue of issues) {
+    issueByPath.set(issue.path, issue);
+  }
+
+  const readyStatuses = new Set(['backlog', 'todo']);
+  const doneStatuses = new Set(['done', 'cancelled']);
+
+  const priorityOrder: Record<string, number> = { P0: 0, P1: 1, P2: 2, P3: 3 };
+
+  // Build set of child paths for epic scoping
+  let epicChildPaths: Set<string> | null = null;
+  if (epicScope) {
+    const epic = issueByPath.get(epicScope);
+    if (epic) {
+      epicChildPaths = new Set(epic.children);
+      // Also include issues that reference this epic via their epic field
+      for (const issue of issues) {
+        if (issue.epic === epicScope) epicChildPaths.add(issue.path);
+      }
+    }
+  }
+
+  return issues
+    .filter(issue => {
+      if (issue.type === 'epic') return false;
+      if (!readyStatuses.has(issue.status)) return false;
+
+      // If scoped to an epic, only include that epic's children
+      if (epicChildPaths && !epicChildPaths.has(issue.path)) return false;
+
+      // Check all blockers are resolved
+      if (issue.blockedBy.length > 0) {
+        const allResolved = issue.blockedBy.every(bp => {
+          const blocker = issueByPath.get(bp);
+          return blocker && doneStatuses.has(blocker.status);
+        });
+        if (!allResolved) return false;
+      }
+
+      return true;
+    })
+    .sort((a, b) => {
+      // Sort by priority (P0 first)
+      return (priorityOrder[a.priority] ?? 9) - (priorityOrder[b.priority] ?? 9);
+    });
+}
+
+/**
+ * Compute the critical path through incomplete issues.
+ * Returns the longest chain of dependent issues.
+ */
+export function computeCriticalPath(issues: Issue[]): Issue[] {
+  const issueByPath = new Map<string, Issue>();
+  for (const issue of issues) {
+    issueByPath.set(issue.path, issue);
+  }
+
+  const doneStatuses = new Set(['done', 'cancelled']);
+  const incompleteIssues = issues.filter(i => !doneStatuses.has(i.status) && i.type !== 'epic');
+
+  // Compute longest path using DFS with memoization
+  const longestFrom = new Map<string, Issue[]>();
+
+  function getLongest(path: string): Issue[] {
+    if (longestFrom.has(path)) return longestFrom.get(path)!;
+
+    const issue = issueByPath.get(path);
+    if (!issue || doneStatuses.has(issue.status)) {
+      longestFrom.set(path, []);
+      return [];
+    }
+
+    let best: Issue[] = [];
+    for (const dep of issue.blocks) {
+      const sub = getLongest(dep);
+      if (sub.length > best.length) best = sub;
+    }
+
+    const result = [issue, ...best];
+    longestFrom.set(path, result);
+    return result;
+  }
+
+  let criticalPath: Issue[] = [];
+  for (const issue of incompleteIssues) {
+    const path = getLongest(issue.path);
+    if (path.length > criticalPath.length) criticalPath = path;
+  }
+
+  return criticalPath;
+}