npm - pumuki - Versions diffs - 6.3.101 → 6.3.103 - Mend

pumuki 6.3.101 → 6.3.103

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/CHANGELOG.md +16 -0
package/VERSION +1 -1
package/docs/operations/RELEASE_NOTES.md +13 -0
package/integrations/gate/stagePolicies.ts +43 -6
package/integrations/git/aiGateRepoPolicyFindings.ts +81 -1
package/integrations/git/runPlatformGateOutput.ts +22 -2
package/integrations/lifecycle/hookBlock.ts +2 -6
package/integrations/lifecycle/policyReconcile.ts +6 -0
package/integrations/policy/policyAsCode.ts +43 -6
package/package.json +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -6,6 +6,22 @@ This project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 ## [Unreleased]
+## [6.3.103] - 2026-04-22
+### Fixed
+- **Diagnóstico accionable del tracking canónico en consumers:** `status`, `doctor` y el gate repo-policy ya incluyen `TRACKING_CANONICAL_IN_PROGRESS_INVALID` junto con referencias a entradas activas y al board canónico del repo consumidor cuando existe.
+- **Separación explícita entre blocker y warning secundario:** la salida de `PRE_WRITE` conserva un `block-summary` primario y añade `warning-summary` para warnings de higiene (`EVIDENCE_PREWRITE_WORKTREE_WARN`) cuando conviven con un bloqueo duro de tracking.
+- **Cobertura de regresión del hotfix:** nuevas pruebas fijan el parsing de boards tabulares `🚧 reported activo` y la impresión del resumen jerárquico con warning secundario.
+## [6.3.102] - 2026-04-22
+### Fixed
+- **`strict` efectivo alineado con el contrato firmado:** `policyAsCode` y `stagePolicies` dejan de publicar `validation.strict` desde el entorno cuando el contrato persistido ya declara el valor por stage.
+- **`policy reconcile --strict --apply` materializa el contrato completo:** el archivo `.pumuki/policy-as-code.json` pasa a persistir el mapa `strict` por stage para que `status`, `doctor` y runtime converjan sobre la misma fuente.
+- **Wiring robusto de `pre-push` con hooks previos terminados en `exec`:** el bloque gestionado de Pumuki se recoloca antes del `exec` también en `pre-push`, evitando que el enforcement quede detrás de código muerto.
 ## [6.3.101] - 2026-04-22
 ### Fixed

package/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- v6.3.~~100~~
1	+ v6.3.103

package/docs/operations/RELEASE_NOTES.md CHANGED Viewed

@@ -6,6 +6,19 @@ This file keeps only the operational highlights and rollout notes that matter wh
 ## 2026-04 (CLI stability and macOS notifications)
+### 2026-04-22 (v6.3.103)
+- **Tracking canónico accionable:** `status`, `doctor` y el gate repo-policy enriquecen `TRACKING_CANONICAL_IN_PROGRESS_INVALID` con referencias a las entradas activas detectadas en el board del consumer.
+- **PRE_WRITE menos ambiguo:** cuando un warning de higiene de worktree convive con un bloqueo duro, el runtime imprime `warning-summary` separado del `block-summary`.
+- **Rollout recomendado:** publicar `pumuki@6.3.103`, repin inmediato en `RuralGo` y revalidar `status` / `doctor` / `git commit` sobre un board con varias filas `🚧 reported activo`.
+### 2026-04-22 (v6.3.102)
+- **Convergencia de policy efectiva:** `strict` deja de depender solo de `PUMUKI_POLICY_STRICT` cuando el contrato firmado ya lo declara por stage; `status`, `doctor` y runtime vuelven a hablar el mismo idioma.
+- **Autofix persistente de contrato:** `policy reconcile --strict --apply` escribe el mapa `strict` completo en `.pumuki/policy-as-code.json`, cerrando la deriva entre reconcile y lectura posterior.
+- **Wiring fiable en `pre-push`:** el hook gestionado se antepone también cuando el hook previo termina en `exec`, evitando bloques inalcanzables.
+- **Rollout recomendado:** publicar `pumuki@6.3.102`, repin inmediato en `RuralGo` y revalidar `status` / `doctor` / `pre-push` para cerrar `PUMUKI-INC-080`.
 ### 2026-04-22 (v6.3.101)
 - **Hotfix de ruta bloqueante:** `gate.blocked` deja de lanzar `ReferenceError: options is not defined` al construir la remediación visible en `PRE_WRITE`.

package/integrations/gate/stagePolicies.ts CHANGED Viewed

@@ -234,6 +234,7 @@ type PolicyAsCodeContract = {
   source: 'default' | 'skills.policy' | 'hard-mode';
   signatures: Partial<Record<SkillsStage, string>> & Record<'PRE_COMMIT' | 'PRE_PUSH' | 'CI', string>;
   expires_at?: string;
+  strict?: Partial<Record<SkillsStage, boolean>>;
 };
 const resolveContractSignatureForStage = (
@@ -264,6 +265,23 @@ const isIsoDateString = (value: unknown): value is string => {
   return Number.isFinite(Date.parse(value));
 };
+const isPolicyStrictRecord = (
+  value: unknown
+): value is Partial<Record<SkillsStage, boolean>> => {
+  if (!isObject(value)) {
+    return false;
+  }
+  return Object.entries(value).every(([stage, strict]) => {
+    return (
+      (stage === 'PRE_WRITE' ||
+        stage === 'PRE_COMMIT' ||
+        stage === 'PRE_PUSH' ||
+        stage === 'CI') &&
+      typeof strict === 'boolean'
+    );
+  });
+};
 const policyStrictModeFromEnv = (): boolean => {
   const raw = process.env.PUMUKI_POLICY_STRICT?.trim().toLowerCase();
   if (!raw) {
@@ -292,6 +310,9 @@ const isPolicyAsCodeContract = (value: unknown): value is PolicyAsCodeContract =
   if (typeof value.expires_at !== 'undefined' && !isIsoDateString(value.expires_at)) {
     return false;
   }
+  if (typeof value.strict !== 'undefined' && !isPolicyStrictRecord(value.strict)) {
+    return false;
+  }
   return (
     (typeof value.signatures.PRE_WRITE === 'undefined' || isSha256Hex(value.signatures.PRE_WRITE)) &&
     isSha256Hex(value.signatures.PRE_COMMIT) &&
@@ -300,6 +321,17 @@ const isPolicyAsCodeContract = (value: unknown): value is PolicyAsCodeContract =
   );
 };
+const resolvePolicyAsCodeStrict = (params: {
+  contract?: PolicyAsCodeContract;
+  stage: SkillsStage;
+}): boolean => {
+  const declared = params.contract?.strict?.[params.stage];
+  if (typeof declared === 'boolean') {
+    return declared;
+  }
+  return policyStrictModeFromEnv();
+};
 const createPolicyAsCodeSignature = (params: {
   stage: SkillsStage;
   source: 'default' | 'skills.policy' | 'hard-mode';
@@ -332,7 +364,7 @@ const resolvePolicyAsCodeTraceMetadata = (params: {
   policySource: string;
   validation: NonNullable<ResolvedStagePolicy['trace']['validation']>;
 } => {
-  const strict = policyStrictModeFromEnv();
+  const envStrict = policyStrictModeFromEnv();
   const computedVersion = `policy-as-code/${params.source}@${POLICY_AS_CODE_VERSION}`;
   const computedSignature = createPolicyAsCodeSignature({
     stage: params.stage,
@@ -344,7 +376,7 @@ const resolvePolicyAsCodeTraceMetadata = (params: {
   const contractPath = join(params.repoRoot, POLICY_AS_CODE_CONTRACT_PATH);
   if (!existsSync(contractPath)) {
-    if (strict) {
+    if (envStrict) {
       return {
         version: computedVersion,
         signature: computedSignature,
@@ -354,7 +386,7 @@ const resolvePolicyAsCodeTraceMetadata = (params: {
           code: 'POLICY_AS_CODE_UNSIGNED',
           message:
             'Policy-as-code contract is missing; runtime policy metadata is unsigned.',
-          strict,
+          strict: envStrict,
         },
       };
     }
@@ -367,7 +399,7 @@ const resolvePolicyAsCodeTraceMetadata = (params: {
         status: 'valid',
         code: 'POLICY_AS_CODE_VALID',
         message: 'Policy-as-code metadata generated from active runtime policy.',
-        strict,
+        strict: envStrict,
       },
     };
   }
@@ -383,11 +415,16 @@ const resolvePolicyAsCodeTraceMetadata = (params: {
           status: 'invalid',
           code: 'POLICY_AS_CODE_CONTRACT_INVALID',
           message: 'Policy-as-code contract is malformed.',
-          strict,
+          strict: envStrict,
         },
       };
     }
+    const strict = resolvePolicyAsCodeStrict({
+      contract: raw,
+      stage: params.stage,
+    });
     if (raw.source !== params.source) {
       return {
         version: `policy-as-code/${raw.source}@${raw.version}`,
@@ -465,7 +502,7 @@ const resolvePolicyAsCodeTraceMetadata = (params: {
         status: 'invalid',
         code: 'POLICY_AS_CODE_CONTRACT_INVALID',
         message: 'Policy-as-code contract cannot be parsed as JSON.',
-        strict,
+        strict: envStrict,
       },
     };
   }

package/integrations/git/aiGateRepoPolicyFindings.ts CHANGED Viewed

@@ -1,3 +1,5 @@
+import { existsSync, readFileSync } from 'node:fs';
+import { resolve } from 'node:path';
 import type { Finding } from '../../core/gate/Finding';
 import type { GateStage } from '../../core/gate/GateStage';
 import { evaluateAiGate, type AiGateStage } from '../gate/evaluateAiGate';
@@ -6,10 +8,82 @@ const AI_GATE_STAGES = new Set<AiGateStage>(['PRE_WRITE', 'PRE_COMMIT', 'PRE_PUS
 const REPO_POLICY_CODES = new Set<string>([
   'GITFLOW_PROTECTED_BRANCH',
+  'TRACKING_CANONICAL_IN_PROGRESS_INVALID',
   'EVIDENCE_PREWRITE_WORKTREE_OVER_LIMIT',
   'EVIDENCE_PREWRITE_WORKTREE_WARN',
 ]);
+const TRACKING_CANDIDATE_FILES = [
+  'docs/technical/08-validation/refactor/pumuki-integration-feedback.md',
+  'docs/pumuki/PUMUKI_BUGS_MEJORAS.md',
+  'docs/BUGS_Y_MEJORAS_PUMUKI.md',
+  'PUMUKI-RESET-MASTER-PLAN.md',
+  'RURALGO_SEGUIMIENTO.md',
+] as const;
+type TrackingActiveEntry = {
+  taskId: string | null;
+  lineNumber: number;
+};
+export const collectTrackingActiveEntriesFromMarkdown = (
+  markdown: string
+): ReadonlyArray<TrackingActiveEntry> => {
+  const entries: TrackingActiveEntry[] = [];
+  const lines = markdown.split(/\r?\n/u);
+  for (const [index, line] of lines.entries()) {
+    const tableMatch = line.match(
+      /^\|\s*\d+\s*\|\s*`([^`]+)`\s*\|.*\|\s*🚧(?:\s+reported\s+activo|\s+En construcción|\s+En construccion)?\s*\|/u
+    );
+    if (tableMatch) {
+      entries.push({
+        taskId: tableMatch[1]!.trim(),
+        lineNumber: index + 1,
+      });
+      continue;
+    }
+    const bulletMatch = line.match(/^- 🚧 (`?P[0-9A-Za-z.-]+`?)/u);
+    if (bulletMatch) {
+      entries.push({
+        taskId: bulletMatch[1]!.replaceAll('`', '').trim(),
+        lineNumber: index + 1,
+      });
+      continue;
+    }
+    if (/^- Estado:\s*🚧/u.test(line)) {
+      entries.push({
+        taskId: null,
+        lineNumber: index + 1,
+      });
+    }
+  }
+  return entries;
+};
+const formatTrackingEntry = (entry: TrackingActiveEntry): string =>
+  entry.taskId ? `${entry.taskId}@L${entry.lineNumber}` : `line_${entry.lineNumber}`;
+export const appendTrackingActionableContext = (params: {
+  repoRoot: string;
+  message: string;
+}): string => {
+  for (const candidate of TRACKING_CANDIDATE_FILES) {
+    const candidatePath = resolve(params.repoRoot, candidate);
+    if (!existsSync(candidatePath)) {
+      continue;
+    }
+    const source = readFileSync(candidatePath, 'utf8');
+    const entries = collectTrackingActiveEntriesFromMarkdown(source);
+    if (entries.length === 0) {
+      continue;
+    }
+    const preview = entries.slice(0, 3).map(formatTrackingEntry).join(', ');
+    const overflow = entries.length > 3 ? ` (+${entries.length - 3} more)` : '';
+    return `${params.message} active_entries=${preview}${overflow} tracking_source=${candidate}`;
+  }
+  return params.message;
+};
 const toRepoPolicyFinding = (params: {
   code: string;
   message: string;
@@ -39,7 +113,13 @@ export const collectAiGateRepoPolicyFindings = (params: {
     .map((v) =>
       toRepoPolicyFinding({
         code: v.code,
-        message: v.message,
+        message:
+          v.code === 'TRACKING_CANONICAL_IN_PROGRESS_INVALID'
+            ? appendTrackingActionableContext({
+              repoRoot: params.repoRoot,
+              message: v.message,
+            })
+            : v.message,
         severity: v.severity === 'ERROR' ? 'ERROR' : 'WARN',
       })
     );

package/integrations/git/runPlatformGateOutput.ts CHANGED Viewed

@@ -52,6 +52,15 @@ const resolvePrimaryFinding = (findings: ReadonlyArray<Finding>): Finding => {
   return primary ?? findings[0]!;
 };
+const sortFindingsBySeverity = (findings: ReadonlyArray<Finding>): ReadonlyArray<Finding> =>
+  [...findings].sort((left, right) => {
+    const severityDelta = severityWeight(right.severity) - severityWeight(left.severity);
+    if (severityDelta !== 0) {
+      return severityDelta;
+    }
+    return left.ruleId.localeCompare(right.ruleId);
+  });
 const normalizeAnchorLine = (lines: Finding['lines']): number => {
   if (Array.isArray(lines)) {
     const candidates = lines
@@ -98,7 +107,8 @@ export const printGateFindings = (findings: ReadonlyArray<Finding>): void => {
   if (findings.length === 0) {
     return;
   }
-  const primary = resolvePrimaryFinding(findings);
+  const orderedFindings = sortFindingsBySeverity(findings);
+  const primary = resolvePrimaryFinding(orderedFindings);
   const nextAction =
     BLOCK_NEXT_ACTION_BY_CODE[primary.code]
     ?? 'Corrige el bloqueante primario y vuelve a ejecutar el mismo comando.';
@@ -106,7 +116,17 @@ export const printGateFindings = (findings: ReadonlyArray<Finding>): void => {
     `[pumuki][block-summary] primary=${primary.code} severity=${primary.severity.toUpperCase()} rule=${primary.ruleId}\n`
   );
   process.stdout.write(`[pumuki][block-summary] next_action=${nextAction}\n`);
-  for (const finding of findings) {
+  const secondaryWarnings = orderedFindings.filter(
+    (finding) =>
+      finding !== primary &&
+      severityWeight(finding.severity) < severityWeight(primary.severity)
+  );
+  for (const finding of secondaryWarnings) {
+    process.stdout.write(
+      `[pumuki][warning-summary] secondary=${finding.code} severity=${finding.severity.toUpperCase()} rule=${finding.ruleId}\n`
+    );
+  }
+  for (const finding of orderedFindings) {
     process.stdout.write(`${formatFinding(finding)}\n`);
   }
 };

package/integrations/lifecycle/hookBlock.ts CHANGED Viewed

@@ -104,7 +104,7 @@ const ensureExecutableHeader = (contents: string): string => {
   return contents;
 };
-const isPreCommitFrameworkWithExecTerminator = (contents: string): boolean => {
+const isFrameworkHookWithExecTerminator = (contents: string): boolean => {
   if (!contents.includes('pre-commit.com') && !contents.includes('pre_commit')) {
     return false;
   }
@@ -141,11 +141,7 @@ export const upsertPumukiManagedBlock = (params: {
     )
   );
-  if (
-    params.hook === 'pre-commit' &&
-    core.length > 0 &&
-    isPreCommitFrameworkWithExecTerminator(core)
-  ) {
+  if (core.length > 0 && isFrameworkHookWithExecTerminator(core)) {
     const merged = prependManagedBlockAfterShebang({ contents: core, block });
     return `${trimTrailingWhitespace(merged)}\n`;
   }

package/integrations/lifecycle/policyReconcile.ts CHANGED Viewed

@@ -148,6 +148,12 @@ const tryApplyPolicyAutofix = (params: {
       PRE_PUSH: signatures.PRE_PUSH,
       CI: signatures.CI,
     },
+    strict: {
+      PRE_WRITE: params.report.stages.PRE_WRITE.strict,
+      PRE_COMMIT: params.report.stages.PRE_COMMIT.strict,
+      PRE_PUSH: params.report.stages.PRE_PUSH.strict,
+      CI: params.report.stages.CI.strict,
+    },
     expires_at: '2999-01-01T00:00:00.000Z',
   };

package/integrations/policy/policyAsCode.ts CHANGED Viewed

@@ -32,6 +32,7 @@ type PolicyAsCodeContract = {
   source: PolicyProfileSource;
   signatures: Record<SkillsStage, string>;
   expires_at?: string;
+  strict?: Partial<Record<SkillsStage, boolean>>;
 };
 const isObject = (value: unknown): value is Record<string, unknown> => {
@@ -49,6 +50,23 @@ const isIsoDateString = (value: unknown): value is string => {
   return Number.isFinite(Date.parse(value));
 };
+const isPolicyStrictRecord = (
+  value: unknown
+): value is Partial<Record<SkillsStage, boolean>> => {
+  if (!isObject(value)) {
+    return false;
+  }
+  return Object.entries(value).every(([stage, strict]) => {
+    return (
+      (stage === 'PRE_WRITE' ||
+        stage === 'PRE_COMMIT' ||
+        stage === 'PRE_PUSH' ||
+        stage === 'CI') &&
+      typeof strict === 'boolean'
+    );
+  });
+};
 const policyStrictModeFromEnv = (): boolean => {
   const raw = process.env.PUMUKI_POLICY_STRICT?.trim().toLowerCase();
   if (!raw) {
@@ -77,6 +95,9 @@ const isPolicyAsCodeContract = (value: unknown): value is PolicyAsCodeContract =
   if (typeof value.expires_at !== 'undefined' && !isIsoDateString(value.expires_at)) {
     return false;
   }
+  if (typeof value.strict !== 'undefined' && !isPolicyStrictRecord(value.strict)) {
+    return false;
+  }
   return (
     isSha256Hex(value.signatures.PRE_COMMIT) &&
     isSha256Hex(value.signatures.PRE_PUSH) &&
@@ -84,6 +105,17 @@ const isPolicyAsCodeContract = (value: unknown): value is PolicyAsCodeContract =
   );
 };
+const resolvePolicyAsCodeStrict = (params: {
+  contract?: PolicyAsCodeContract;
+  stage: SkillsStage;
+}): boolean => {
+  const declared = params.contract?.strict?.[params.stage];
+  if (typeof declared === 'boolean') {
+    return declared;
+  }
+  return policyStrictModeFromEnv();
+};
 export const createPolicyAsCodeSignature = (params: {
   stage: SkillsStage;
   source: PolicyProfileSource;
@@ -111,7 +143,7 @@ export const resolvePolicyAsCodeTraceMetadata = (params: {
   hash: string;
   repoRoot: string;
 }): PolicyAsCodeTraceMetadata => {
-  const strict = policyStrictModeFromEnv();
+  const envStrict = policyStrictModeFromEnv();
   const computedVersion = `policy-as-code/${params.source}@${POLICY_AS_CODE_VERSION}`;
   const computedSignature = createPolicyAsCodeSignature({
     stage: params.stage,
@@ -123,7 +155,7 @@ export const resolvePolicyAsCodeTraceMetadata = (params: {
   const contractPath = join(params.repoRoot, POLICY_AS_CODE_CONTRACT_PATH);
   if (!existsSync(contractPath)) {
-    if (strict) {
+    if (envStrict) {
       return {
         version: computedVersion,
         signature: computedSignature,
@@ -133,7 +165,7 @@ export const resolvePolicyAsCodeTraceMetadata = (params: {
           code: 'POLICY_AS_CODE_UNSIGNED',
           message:
             'Policy-as-code contract is missing; runtime policy metadata is unsigned.',
-          strict,
+          strict: envStrict,
         },
       };
     }
@@ -146,7 +178,7 @@ export const resolvePolicyAsCodeTraceMetadata = (params: {
         status: 'valid',
         code: 'POLICY_AS_CODE_VALID',
         message: 'Policy-as-code metadata generated from active runtime policy.',
-        strict,
+        strict: envStrict,
       },
     };
   }
@@ -162,11 +194,16 @@ export const resolvePolicyAsCodeTraceMetadata = (params: {
           status: 'invalid',
           code: 'POLICY_AS_CODE_CONTRACT_INVALID',
           message: 'Policy-as-code contract is malformed.',
-          strict,
+          strict: envStrict,
         },
       };
     }
+    const strict = resolvePolicyAsCodeStrict({
+      contract: raw,
+      stage: params.stage,
+    });
     if (raw.source !== params.source) {
       return {
         version: `policy-as-code/${raw.source}@${raw.version}`,
@@ -243,7 +280,7 @@ export const resolvePolicyAsCodeTraceMetadata = (params: {
         status: 'invalid',
         code: 'POLICY_AS_CODE_CONTRACT_INVALID',
         message: 'Policy-as-code contract cannot be parsed as JSON.',
-        strict,
+        strict: envStrict,
       },
     };
   }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "pumuki",
-  "version": "6.3.101",
+  "version": "6.3.103",
   "description": "Enterprise-grade AST Intelligence System with multi-platform support (iOS, Android, Backend, Frontend) and Feature-First + DDD + Clean Architecture enforcement. Includes dynamic violations API for intelligent querying.",
   "main": "index.js",
   "bin": {