npm - pumuki - Versions diffs - 6.3.133 → 6.3.135 - Mend

pumuki 6.3.133 → 6.3.135

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/CHANGELOG.md +14 -0
package/docs/operations/RELEASE_NOTES.md +11 -0
package/docs/product/CONFIGURATION.md +1 -2
package/integrations/gate/evaluateAiGate.ts +24 -0
package/integrations/gate/governanceActionCatalog.ts +22 -1
package/integrations/gate/remediationCatalog.ts +4 -2
package/integrations/git/resolveGitRefs.ts +35 -6
package/integrations/git/runPlatformGateOutput.ts +13 -8
package/integrations/lifecycle/audit.ts +1 -1
package/integrations/lifecycle/cli.ts +6 -4
package/integrations/lifecycle/doctor.ts +1 -1
package/integrations/lifecycle/governanceNextAction.ts +10 -0
package/integrations/lifecycle/governanceObservationSnapshot.ts +6 -0
package/integrations/mcp/alignedPlatformGate.ts +20 -4
package/integrations/mcp/autoExecuteAiStart.ts +2 -2
package/integrations/mcp/preFlightCheck.ts +18 -5
package/integrations/policy/skillsEnforcement.ts +0 -6
package/package.json +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -6,6 +6,20 @@ This project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 ## [Unreleased]
+## [6.3.135] - 2026-05-03
+### Fixed
+- **Bootstrap de pre-push por delta real:** cuando una rama no tiene upstream, el bootstrap de `PRE_PUSH` elige la base con menor delta real entre `main` y `develop`, evitando falsos positivos de atomicidad en branches nacidas de `main`.
+- **Repin desbloqueable:** esta versión corrige el bloqueo que impedía publicar el repin de `Flux_training` aunque el diff efectivo del cambio fuese mínimo.
+## [6.3.134] - 2026-05-03
+### Fixed
+- **Policy hash drift accionable:** `governanceObservationSnapshot`, `governanceNextAction` y el catálogo de remediación ya convierten la divergencia entre stages en una acción estricta y aplicable.
+- **Release publicada y lista para repin:** esta versión ya está en npm y queda lista para repinear consumers activos como RuralGo con el fix real distribuido.
 ## [6.3.133] - 2026-05-03
 ### Fixed

package/docs/operations/RELEASE_NOTES.md CHANGED Viewed

@@ -4,6 +4,17 @@ This file tracks the active deterministic framework line used in this repository
 Canonical release chronology lives in `CHANGELOG.md`.
 This file keeps only the operational highlights and rollout notes that matter while running the framework.
+### 2026-05-03 (v6.3.135)
+- **Bootstrap de pre-push por delta real:** en ramas sin upstream, `PRE_PUSH` elige la base con menor delta real entre `main` y `develop`, evitando que un rollout nacido de `main` se bloquee como si heredara todo `develop`.
+- **Repin desbloqueable:** esta release corrige el falso positivo que impedía publicar el repin de `Flux_training` aunque el diff efectivo fuese mínimo.
+### 2026-05-03 (v6.3.134)
+- **Policy hash drift accionable:** `governanceObservationSnapshot`, `governanceNextAction` y el catálogo de remediación ya convierten la divergencia entre stages en una acción estricta y aplicable.
+- **Repin recomendado:** publicar `pumuki@6.3.134`, repinear RuralGo y revalidar `status`, `doctor`, `audit --stage=PRE_WRITE --json` y hooks gestionados.
+- **Contrato de release estable:** no hace falta cerrar más gaps funcionales para este fix; la solución ya quedó validada localmente y la distribución de `6.3.134` ya está publicada.
 ### 2026-05-03 (v6.3.133)
 - **Skills hard-blocking end-to-end:** `skillsEnforcement`, `evaluateAiGate`, `runPlatformGate` y el flujo CLI ya no dejan pasar advisory para violations de skills.

package/docs/product/CONFIGURATION.md CHANGED Viewed

@@ -66,8 +66,7 @@ Current enforcement scope:
 - curated template compilation (`skills.sources.json` -> `skills.lock.json`)
 - stage-aware policy resolution via `resolvePolicyForStage`
 - additive skills-derived rules merged through the shared gate runner
-- strict skills enforcement by default; `PUMUKI_SKILLS_ENFORCEMENT=advisory`
-  is an explicit opt-in escape hatch, not the product baseline
+- strict skills enforcement by default; advisory values are ignored by design
 - strict heuristics, TDD/BDD evidence, SDD completeness, and Git atomicity by
   default; their `advisory`/`0` env values are explicit legacy overrides, not
   the product baseline

package/integrations/gate/evaluateAiGate.ts CHANGED Viewed

@@ -1338,6 +1338,26 @@ const collectEvidencePolicyThresholdViolations = (params: {
   return [];
 };
+const collectTddBddBaselineViolations = (params: {
+  evidenceResult: EvidenceReadResult;
+}): AiGateViolation[] => {
+  if (params.evidenceResult.kind !== 'valid') {
+    return [];
+  }
+  const tddBdd = params.evidenceResult.evidence.snapshot.tdd_bdd;
+  if (tddBdd?.status !== 'blocked') {
+    return [];
+  }
+  return [
+    toErrorViolation(
+      'TDD_BDD_BASELINE_BLOCKED',
+      'TDD/BDD baseline snapshot is blocked. Fix the failing baseline tests and refresh evidence before continuing.'
+    ),
+  ];
+};
 const toEvidenceSourceDescriptor = (
   result: EvidenceReadResult,
   repoRoot: string
@@ -1688,9 +1708,13 @@ export const evaluateAiGate = (
     evidenceResult,
     policy: resolvedPolicy.policy,
   });
+  const tddBddBaselineViolations = collectTddBddBaselineViolations({
+    evidenceResult,
+  });
   const violations = [
     ...evidenceAssessment.violations,
     ...policyThresholdViolations,
+    ...tddBddBaselineViolations,
     ...stageSkillsContractViolations,
     ...gitflowViolations,
     ...trackingViolations,

package/integrations/gate/governanceActionCatalog.ts CHANGED Viewed

@@ -19,7 +19,7 @@ export const buildGovernanceValidateCommand = (stage: AiGateStage): string =>
   PRE_WRITE_VALIDATE_COMMAND.replace('PRE_WRITE', stage);
 export const buildGovernancePolicyReconcileCommand = (stage: AiGateStage): string =>
-  `npx --yes --package pumuki@latest pumuki policy reconcile --strict --json && ${buildGovernanceValidateCommand(stage)}`;
+  `npx --yes --package pumuki@latest pumuki policy reconcile --strict --apply --json && ${buildGovernanceValidateCommand(stage)}`;
 const buildFallbackAction = (code: string): GovernanceCatalogAction => ({
   reason_code: code,
@@ -174,6 +174,17 @@ export const resolveGovernanceCatalogAction = (params: {
           command: buildGovernancePolicyReconcileCommand(stage),
         },
       };
+    case 'POLICY_HASH_DIVERGENCE':
+      return {
+        reason_code: 'POLICY_HASH_DIVERGENCE',
+        instruction: 'Reconcilia policy/skills y aplica el contrato canónico para reducir el drift entre stages.',
+        next_action: {
+          kind: 'run_command',
+          message:
+            'Los hashes de policy difieren entre stages. Ejecuta reconcile estricto con apply y vuelve a validar.',
+          command: buildGovernancePolicyReconcileCommand(stage),
+        },
+      };
     case 'SKILLS_CONTRACT_SURFACE_INCOMPLETE':
     case 'EVIDENCE_SKILLS_CONTRACT_INCOMPLETE':
       return {
@@ -207,6 +218,16 @@ export const resolveGovernanceCatalogAction = (params: {
           command: validateCommand,
         },
       };
+    case 'TDD_BDD_BASELINE_BLOCKED':
+      return {
+        reason_code: 'TDD_BDD_BASELINE_BLOCKED',
+        instruction: 'Corrige el baseline TDD/BDD roto y regenera la evidencia antes de seguir.',
+        next_action: {
+          kind: 'run_command',
+          message: 'Revalida el stage actual tras reparar el baseline TDD/BDD y refrescar la evidencia.',
+          command: validateCommand,
+        },
+      };
     case 'ACTIVE_RULE_IDS_EMPTY_FOR_CODE_CHANGES_HIGH':
     case 'EVIDENCE_ACTIVE_RULE_IDS_EMPTY_FOR_CODE_CHANGES':
       return {

package/integrations/gate/remediationCatalog.ts CHANGED Viewed

@@ -10,12 +10,14 @@ export const REMEDIATION_HINT_BY_CODE: Readonly<Record<string, string>> = {
   EVIDENCE_STALE: 'Refresca evidencia antes de continuar.',
   EVIDENCE_REPO_ROOT_MISMATCH: 'Regenera evidencia desde este mismo repositorio.',
   EVIDENCE_BRANCH_MISMATCH: 'Regenera evidencia en la rama actual y reintenta.',
+  TDD_BDD_BASELINE_BLOCKED:
+    'Corrige el baseline TDD/BDD roto y regenera la evidencia antes de continuar.',
   EVIDENCE_RULES_COVERAGE_MISSING: 'Ejecuta auditoría completa para recalcular rules_coverage.',
   EVIDENCE_RULES_COVERAGE_INCOMPLETE: 'Asegura coverage_ratio=1 y unevaluated=0.',
   ACTIVE_RULE_IDS_EMPTY_FOR_CODE_CHANGES_HIGH:
-    'Reconcilia policy/skills y reintenta PRE_COMMIT: npx --yes --package pumuki@latest pumuki policy reconcile --strict --json && npx --yes --package pumuki@latest pumuki-pre-commit',
+    'Reconcilia policy/skills y reintenta PRE_COMMIT: npx --yes --package pumuki@latest pumuki policy reconcile --strict --apply --json && npx --yes --package pumuki@latest pumuki-pre-commit',
   EVIDENCE_ACTIVE_RULE_IDS_EMPTY_FOR_CODE_CHANGES:
-    'Reconcilia policy/skills y revalida PRE_WRITE: npx --yes --package pumuki@latest pumuki policy reconcile --strict --json && npx --yes --package pumuki@latest pumuki sdd validate --stage=PRE_WRITE --json',
+    'Reconcilia policy/skills y revalida PRE_WRITE: npx --yes --package pumuki@latest pumuki policy reconcile --strict --apply --json && npx --yes --package pumuki@latest pumuki sdd validate --stage=PRE_WRITE --json',
   GITFLOW_PROTECTED_BRANCH: 'Trabaja en feature/* y evita ramas protegidas.',
   GITFLOW_BRANCH_NAMING_INVALID:
     'Renombra o recrea la rama con un prefijo GitFlow válido (feature/*, bugfix/*, hotfix/*, release/*, chore/*, refactor/* o docs/*).',

package/integrations/git/resolveGitRefs.ts CHANGED Viewed

@@ -26,6 +26,37 @@ const resolveDefaultCiBaseRef = (): string => {
   return 'HEAD';
 };
+const resolveDiffFileCount = (fromRef: string): number | null => {
+  try {
+    return runGit(['diff', '--name-only', '--diff-filter=ACMR', `${fromRef}..HEAD`])
+      .split('\n')
+      .map((line) => line.trim())
+      .filter((line) => line.length > 0).length;
+  } catch {
+    return null;
+  }
+};
+const resolveBestBootstrapBaseRef = (): string | null => {
+  const candidates = ['origin/main', 'main', 'origin/develop', 'develop'];
+  let best: { ref: string; changedFiles: number } | undefined;
+  for (const candidate of candidates) {
+    if (!isResolvableRef(candidate)) {
+      continue;
+    }
+    const changedFiles = resolveDiffFileCount(candidate);
+    if (changedFiles === null) {
+      continue;
+    }
+    if (!best || changedFiles < best.changedFiles) {
+      best = { ref: candidate, changedFiles };
+    }
+  }
+  return best?.ref ?? null;
+};
 export const resolveUpstreamRef = (): string | null => {
   try {
     return runGit(['rev-parse', '@{u}']);
@@ -88,12 +119,10 @@ export const resolveCiBaseRef = (): string => {
 };
 export const resolvePrePushBootstrapBaseRef = (): string => {
-  const candidates = ['origin/develop', 'develop', resolveCiBaseRef()];
-  for (const candidate of candidates) {
-    if (isResolvableRef(candidate)) {
-      return candidate;
-    }
+  const best = resolveBestBootstrapBaseRef();
+  if (best) {
+    return best;
   }
-  return 'HEAD';
+  return resolveDefaultCiBaseRef();
 };

package/integrations/git/runPlatformGateOutput.ts CHANGED Viewed

@@ -9,20 +9,19 @@ const BLOCK_NEXT_ACTION_BY_CODE: Readonly<Record<string, string>> = {
     'git push --set-upstream origin <branch>',
   PRE_PUSH_UPSTREAM_MISALIGNED:
     'git branch --unset-upstream && git push --set-upstream origin <branch>',
-  EVIDENCE_STALE:
-    'npx --yes --package pumuki@latest pumuki-pre-commit',
-  EVIDENCE_BRANCH_MISMATCH:
-    'npx --yes --package pumuki@latest pumuki-pre-commit',
   GIT_ATOMICITY_TOO_MANY_FILES:
     'git restore --staged . && separa cambios en commits más pequeños',
   GIT_ATOMICITY_TOO_MANY_SCOPES:
     'Revisa scope_files del bloqueo y aplica: git restore --staged . && git add <scope>/ && git commit -m "<tipo>: <scope>"',
   ACTIVE_RULE_IDS_EMPTY_FOR_CODE_CHANGES_HIGH:
-    'Reconcilia policy/skills y reintenta PRE_COMMIT: npx --yes --package pumuki@latest pumuki policy reconcile --strict --json && npx --yes --package pumuki@latest pumuki-pre-commit',
+    'Reconcilia policy/skills y reintenta PRE_COMMIT: npx --yes --package pumuki@latest pumuki policy reconcile --strict --apply --json && npx --yes --package pumuki@latest pumuki-pre-commit',
   SKILLS_SKILLS_FRONTEND_NO_SOLID_VIOLATIONS:
     'Aplica refactor incremental: extrae 1 componente/hook por commit y vuelve a ejecutar PRE_COMMIT.',
 };
+const buildStageValidateCommand = (stage: 'PRE_COMMIT' | 'PRE_PUSH' | 'CI' | 'PRE_WRITE'): string =>
+  `npx --yes --package pumuki@latest pumuki sdd validate --stage=${stage} --json`;
 const severityWeight = (severity: string): number => {
   switch (severity.toUpperCase()) {
     case 'CRITICAL':
@@ -103,15 +102,21 @@ const formatFinding = (finding: Finding): string => {
   return `[${severity}] ${finding.ruleId}: ${finding.message} -> ${location}`;
 };
-export const printGateFindings = (findings: ReadonlyArray<Finding>): void => {
+export const printGateFindings = (
+  findings: ReadonlyArray<Finding>,
+  params?: { stage?: 'PRE_WRITE' | 'PRE_COMMIT' | 'PRE_PUSH' | 'CI' }
+): void => {
   if (findings.length === 0) {
     return;
   }
   const orderedFindings = sortFindingsBySeverity(findings);
   const primary = resolvePrimaryFinding(orderedFindings);
+  const stage = params?.stage ?? 'PRE_COMMIT';
   const nextAction =
-    BLOCK_NEXT_ACTION_BY_CODE[primary.code]
-    ?? 'Corrige el bloqueante primario y vuelve a ejecutar el mismo comando.';
+    primary.code === 'EVIDENCE_STALE' || primary.code === 'EVIDENCE_BRANCH_MISMATCH'
+      ? buildStageValidateCommand(stage)
+      : BLOCK_NEXT_ACTION_BY_CODE[primary.code]
+        ?? 'Corrige el bloqueante primario y vuelve a ejecutar el mismo comando.';
   process.stdout.write(
     `[pumuki][block-summary] primary=${primary.code} severity=${primary.severity.toUpperCase()} rule=${primary.ruleId}\n`
   );

package/integrations/lifecycle/audit.ts CHANGED Viewed

@@ -55,7 +55,7 @@ type LifecycleAuditDependencies = {
 };
 const POLICY_RECONCILE_HINT =
-  'If .pumuki/policy-as-code.json signatures drift after a pumuki upgrade, run: pumuki policy reconcile --apply';
+  'If .pumuki/policy-as-code.json signatures drift after a pumuki upgrade, run: pumuki policy reconcile --strict --apply --json';
 const countUntrackedMatchingExtensions = (
   git: Pick<IGitService, 'resolveRepoRoot' | 'runGit'>,

package/integrations/lifecycle/cli.ts CHANGED Viewed

@@ -1650,7 +1650,7 @@ const buildPreWriteValidateCommand = (params: {
 const buildPreWritePolicyReconcileCommand = (repoRoot?: string): string =>
   `${buildPinnedPumukiNpxCommand({
     repoRoot,
-    executableAndArgs: 'pumuki policy reconcile --strict --json',
+    executableAndArgs: 'pumuki policy reconcile --strict --apply --json',
   })} && ${buildPreWriteValidateCommand({ repoRoot, stage: 'PRE_WRITE' })}`;
 type PreWriteValidationEnvelope = {
@@ -1838,11 +1838,13 @@ const PRE_WRITE_HINTS_BY_CODE: Readonly<Record<string, string>> = {
   EVIDENCE_RULES_COVERAGE_MISSING: 'Ejecuta auditoría completa para recalcular rules_coverage.',
   EVIDENCE_RULES_COVERAGE_INCOMPLETE: 'Asegura unevaluated=0 y coverage_ratio=1.',
   EVIDENCE_ACTIVE_RULE_IDS_EMPTY_FOR_CODE_CHANGES:
-    'No hay active_rule_ids para plataforma de código detectada. Reconcilia policy/skills en modo estricto y revalida PRE_WRITE.',
+    'No hay active_rule_ids para plataforma de código detectada. Reconcilia policy/skills en modo estricto con apply y revalida PRE_WRITE.',
   EVIDENCE_PLATFORM_CRITICAL_SKILLS_RULES_MISSING:
-    'Reconcilia policy/skills en modo estricto y materializa reglas críticas (p.ej. skills.ios.critical-test-quality).',
+    'Reconcilia policy/skills en modo estricto con apply y materializa reglas críticas (p.ej. skills.ios.critical-test-quality).',
   EVIDENCE_CROSS_PLATFORM_CRITICAL_ENFORCEMENT_INCOMPLETE:
-    'Reconcilia policy/skills en modo estricto para completar enforcement crítico transversal.',
+    'Reconcilia policy/skills en modo estricto con apply para completar enforcement crítico transversal.',
+  TDD_BDD_BASELINE_BLOCKED:
+    'Corrige el baseline TDD/BDD roto y regenera la evidencia antes de continuar.',
   EVIDENCE_SKILLS_CONTRACT_INCOMPLETE:
     'Completa contrato skills/policy para el stage actual y vuelve a validar.',
   EVIDENCE_PREWRITE_WORKTREE_OVER_LIMIT:

package/integrations/lifecycle/doctor.ts CHANGED Viewed

@@ -834,7 +834,7 @@ const buildPolicySignatureRemediation = (
   const mismatch = Object.values(policyValidation.stages).some(
     (stage) => stage.validationCode === 'POLICY_AS_CODE_SIGNATURE_MISMATCH'
   );
-  return mismatch ? 'pumuki policy reconcile --apply' : undefined;
+  return mismatch ? 'pumuki policy reconcile --strict --apply --json' : undefined;
 };
 export const runLifecycleDoctor = (params?: {

package/integrations/lifecycle/governanceNextAction.ts CHANGED Viewed

@@ -91,6 +91,16 @@ const resolveBlockedAction = (
       message: 'La política efectiva todavía no es estricta en todos los stages requeridos.',
     };
   }
+  if (snapshot.attention_codes.includes('POLICY_HASH_DIVERGENCE')) {
+    return {
+      stage,
+      phase: 'RED',
+      action: 'ask',
+      confidence_pct: 58,
+      ...resolveGovernanceCatalogAction({ code: 'POLICY_HASH_DIVERGENCE', stage }),
+      message: 'Los hashes de policy difieren entre stages; reconcilia y aplica el contrato canónico.',
+    };
+  }
   if (!snapshot.contract_surface.skills_lock_json || !snapshot.contract_surface.skills_sources_json) {
     return {
       stage,

package/integrations/lifecycle/governanceObservationSnapshot.ts CHANGED Viewed

@@ -263,6 +263,12 @@ export const readGovernanceObservationSnapshot = (params: {
   if (!policyValidation.stages.CI.strict) {
     attention.push('POLICY_CI_NOT_STRICT');
   }
+  const policyHashes = new Set(
+    Object.values(policyValidation.stages).map((stage) => stage.hash)
+  );
+  if (policyHashes.size > 1) {
+    attention.push('POLICY_HASH_DIVERGENCE');
+  }
   if (onProtected) {
     attention.push('GITFLOW_PROTECTED_BRANCH_CONTEXT');
   }

package/integrations/mcp/alignedPlatformGate.ts CHANGED Viewed

@@ -44,14 +44,30 @@ const resolveCiBaseRefInRepo = (repoRoot: string): string => {
 };
 const resolvePrePushBootstrapBaseRefInRepo = (repoRoot: string): string => {
-  const candidates = ['origin/develop', 'develop', resolveCiBaseRefInRepo(repoRoot)];
+  const candidates = ['origin/main', 'main', 'origin/develop', 'develop'];
+  let best: { ref: string; changedFiles: number } | undefined;
   for (const candidate of candidates) {
-    if (runGit(repoRoot, ['rev-parse', '--verify', candidate])) {
-      return candidate;
+    if (!runGit(repoRoot, ['rev-parse', '--verify', candidate])) {
+      continue;
+    }
+    try {
+      const changedFiles = runGit(
+        repoRoot,
+        ['diff', '--name-only', '--diff-filter=ACMR', `${candidate}..HEAD`]
+      )
+        .split('\n')
+        .map((line) => line.trim())
+        .filter((line) => line.length > 0).length;
+      if (!best || changedFiles < best.changedFiles) {
+        best = { ref: candidate, changedFiles };
+      }
+    } catch {
+      continue;
     }
   }
-  return 'HEAD';
+  return best?.ref ?? resolveCiBaseRefInRepo(repoRoot);
 };
 const shouldAllowBootstrapPrePush = (rawInput: string): boolean => {

package/integrations/mcp/autoExecuteAiStart.ts CHANGED Viewed

@@ -94,7 +94,7 @@ const nextActionFromViolation = (
         command:
           `${buildPinnedPumukiNpxCommand({
             repoRoot,
-            executableAndArgs: 'pumuki policy reconcile --strict --json',
+            executableAndArgs: 'pumuki policy reconcile --strict --apply --json',
           })} && ${buildPinnedPumukiNpxCommand({
             repoRoot,
             executableAndArgs: 'pumuki sdd validate --stage=PRE_WRITE --json',
@@ -121,7 +121,7 @@ const nextActionFromViolation = (
         command:
           `${buildPinnedPumukiNpxCommand({
             repoRoot,
-            executableAndArgs: 'pumuki policy reconcile --strict --json',
+            executableAndArgs: 'pumuki policy reconcile --strict --apply --json',
           })} && ${buildPinnedPumukiNpxCommand({
             repoRoot,
             executableAndArgs: 'pumuki sdd validate --stage=PRE_WRITE --json',

package/integrations/mcp/preFlightCheck.ts CHANGED Viewed

@@ -3,19 +3,30 @@ import {
   type GovernanceCatalogNextAction,
 } from '../gate/governanceActionCatalog';
 import { evaluateAiGate, type AiGateStage, type AiGateViolation } from '../gate/evaluateAiGate';
+import { readEvidenceResult } from '../evidence/readEvidence';
 import { collectWorktreeAtomicSlices } from '../git/worktreeAtomicSlices';
 import { readLifecyclePolicyValidationSnapshot } from '../lifecycle/policyValidationSnapshot';
 import { resolveLearningContextExperimentalFeature } from '../policy/experimentalFeatures';
 import { resolvePreWriteEnforcement } from '../policy/preWriteEnforcement';
 import { readSddLearningContext, type SddLearningContext } from '../sdd/learningInsights';
+const resolveTddStatus = (
+  repoRoot: string
+): 'skipped' | 'passed' | 'advisory' | 'blocked' | 'waived' | null => {
+  const evidenceResult = readEvidenceResult(repoRoot);
+  if (evidenceResult.kind !== 'valid') {
+    return null;
+  }
+  return evidenceResult.evidence.snapshot.tdd_bdd?.status ?? null;
+};
 const ACTIONABLE_HINTS_BY_CODE: Readonly<Record<string, string>> = {
   EVIDENCE_MISSING:
     'Ejecuta una auditoría (1/2/3/4 u opciones de motor 11–14) para regenerar .ai_evidence.json.',
   EVIDENCE_INVALID: 'Regenera .ai_evidence.json desde una opción de auditoría.',
   EVIDENCE_INTEGRITY_MISSING: 'Refresca evidencia para regenerar metadatos de integridad.',
   EVIDENCE_ACTIVE_RULE_IDS_EMPTY_FOR_CODE_CHANGES:
-    'No hay active_rule_ids para plataforma de código detectada. Ejecuta reconcile --strict y revalida PRE_WRITE.',
+    'No hay active_rule_ids para plataforma de código detectada. Ejecuta reconcile --strict --apply y revalida PRE_WRITE.',
   EVIDENCE_STALE: 'Refresca evidencia antes de continuar con commit/push.',
   EVIDENCE_TIMESTAMP_INVALID: 'Regenera evidencia para obtener un timestamp válido.',
   EVIDENCE_GATE_BLOCKED: 'Corrige primero las violaciones bloqueantes y vuelve a auditar.',
@@ -32,9 +43,11 @@ const ACTIONABLE_HINTS_BY_CODE: Readonly<Record<string, string>> = {
   EVIDENCE_PLATFORM_SKILLS_BUNDLES_MISSING:
     'Carga los bundles de skills requeridos por plataforma detectada y regenera evidencia.',
   EVIDENCE_PLATFORM_CRITICAL_SKILLS_RULES_MISSING:
-    'Ejecuta `pumuki policy reconcile --strict --json`, materializa reglas críticas (p.ej. skills.ios.critical-test-quality) y revalida PRE_WRITE.',
+    'Ejecuta `pumuki policy reconcile --strict --apply --json`, materializa reglas críticas (p.ej. skills.ios.critical-test-quality) y revalida PRE_WRITE.',
   EVIDENCE_CROSS_PLATFORM_CRITICAL_ENFORCEMENT_INCOMPLETE:
-    'Reconcilia policy/skills en modo estricto para enforcement crítico transversal y vuelve a validar PRE_WRITE.',
+    'Reconcilia policy/skills en modo estricto con apply para enforcement crítico transversal y vuelve a validar PRE_WRITE.',
+  TDD_BDD_BASELINE_BLOCKED:
+    'Corrige el baseline TDD/BDD roto y regenera la evidencia antes de continuar.',
   EVIDENCE_SKILLS_CONTRACT_INCOMPLETE:
     'Completa el contrato skills/policy para el stage solicitado y vuelve a validar.',
   EVIDENCE_PREWRITE_WORKTREE_OVER_LIMIT:
@@ -161,7 +174,7 @@ export type EnterprisePreFlightCheckResult = {
     hints: ReadonlyArray<string>;
     learning_context: SddLearningContext | null;
     ast_analysis: null;
-    tdd_status: null;
+    tdd_status: 'skipped' | 'passed' | 'advisory' | 'blocked' | 'waived' | null;
   };
 };
@@ -246,7 +259,7 @@ export const runEnterprisePreFlightCheck = (params: {
       hints,
       learning_context: learningContext,
       ast_analysis: null,
-      tdd_status: null,
+      tdd_status: resolveTddStatus(params.repoRoot),
     },
   };
 };

package/integrations/policy/skillsEnforcement.ts CHANGED Viewed

@@ -1,15 +1,9 @@
-export type SkillsEnforcementMode = 'advisory' | 'strict';
 export type SkillsEnforcementResolution = {
-  mode: SkillsEnforcementMode;
-  source: 'default' | 'env';
   blocking: boolean;
 };
 export const resolveSkillsEnforcement = (): SkillsEnforcementResolution => {
   return {
-    mode: 'strict',
-    source: 'default',
     blocking: true,
   };
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "pumuki",
-  "version": "6.3.133",
+  "version": "6.3.135",
   "description": "Enterprise-grade AST Intelligence System with multi-platform support (iOS, Android, Backend, Frontend) and Feature-First + DDD + Clean Architecture enforcement. Includes dynamic violations API for intelligent querying.",
   "main": "index.js",
   "bin": {