pumuki 6.3.135 → 6.3.136

package/CHANGELOG.md

@@ -6,6 +6,14 @@ This project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
+## [6.3.136] - 2026-05-05
+
+### Fixed
+
+- **PUMUKI-INC-059 all-severities blocking:** `PRE_WRITE`, `PRE_COMMIT`, `PRE_PUSH` y `CI` bloquean cualquier finding de reglas/skills AST Intelligence, incluyendo `WARN/MEDIUM` e `INFO/LOW`.
+- **Políticas no relajables:** `skills.policy`, perfiles hard-mode y `PRE_WRITE=advisory` ya no pueden rebajar el threshold efectivo por debajo de `INFO`.
+- **Replay RuralGo:** validado con binario local contra RuralGo: PRE_WRITE `115/115` findings bloqueantes y PRE_COMMIT `118/118` findings bloqueantes.
+
 ## [6.3.135] - 2026-05-03
 
 ### Fixed

package/core/facts/detectors/text/ios.test.ts

@@ -37,6 +37,7 @@ import {
   hasSwiftOperationQueueUsage,
   hasSwiftContainsUserFilterUsage,
   hasSwiftPassedValueStateWrapperUsage,
+  hasSwiftStateWrapperWithoutPrivateUsage,
   hasSwiftPreconcurrencyUsage,
   hasSwiftSheetIsPresentedUsage,
   hasSwiftScrollViewShowsIndicatorsUsage,
@@ -425,6 +426,24 @@ struct DetailView: View {
   assert.equal(hasSwiftPassedValueStateWrapperUsage(validOwnership), false);
 });
 
+test('hasSwiftStateWrapperWithoutPrivateUsage detecta @State y @StateObject sin private en SwiftUI Views', () => {
+  const positive = `
+struct DetailView: View {
+  @State var filter: String = ""
+  @StateObject var viewModel = DetailViewModel()
+}
+`;
+  const negative = `
+struct DetailView: View {
+  @State private var filter: String = ""
+  @StateObject private var viewModel = DetailViewModel()
+}
+`;
+
+  assert.equal(hasSwiftStateWrapperWithoutPrivateUsage(positive), true);
+  assert.equal(hasSwiftStateWrapperWithoutPrivateUsage(negative), false);
+});
+
 test('hasSwiftModernizableXCTestSuiteUsage detecta suites legacy y excluye mixed/UI', () => {
   const legacySuite = `
 import XCTest

package/core/facts/detectors/text/ios.ts

@@ -527,6 +527,36 @@ export const hasSwiftLegacySwiftUiObservableWrapperUsage = (source: string): boo
   return hasSwiftSanitizedRegexMatch(source, /@\s*(?:StateObject|ObservedObject)\b/);
 };
 
+export const hasSwiftStateWrapperWithoutPrivateUsage = (source: string): boolean => {
+  const typeDeclarations = parseSwiftTypeDeclarations(source);
+  if (typeDeclarations.length === 0) {
+    return false;
+  }
+
+  const sourceLines = source.split(/\r?\n/);
+  const stateWrapperPattern = /@\s*(?:State|StateObject)\b/;
+
+  for (const typeDeclaration of typeDeclarations) {
+    if (!typeDeclaration.conformances.includes('View')) {
+      continue;
+    }
+
+    const hasViolation = visitSwiftTopLevelTypeBodyLines(sourceLines, typeDeclaration, ({ line }) => {
+      if (!stateWrapperPattern.test(line)) {
+        return false;
+      }
+
+      return !/\bprivate\b/.test(line);
+    });
+
+    if (hasViolation) {
+      return true;
+    }
+  }
+
+  return false;
+};
+
 const hasSwiftPassedValueWrapperInitialization = (
   source: string,
   options: {

package/core/facts/extractHeuristicFacts.ts

@@ -711,6 +711,7 @@ const textDetectorRegistry: ReadonlyArray<TextDetectorRegistryEntry> = [
   { platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftObservableObjectUsage, ruleId: 'heuristics.ios.observable-object.ast', code: 'HEURISTICS_IOS_OBSERVABLE_OBJECT_AST', message: 'AST heuristic detected ObservableObject usage.' },
   { platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftLegacySwiftUiObservableWrapperUsage, ruleId: 'heuristics.ios.legacy-swiftui-observable-wrapper.ast', code: 'HEURISTICS_IOS_LEGACY_SWIFTUI_OBSERVABLE_WRAPPER_AST', message: 'AST heuristic detected @StateObject/@ObservedObject usage in a modern SwiftUI path.' },
   { platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftPassedValueStateWrapperUsage, ruleId: 'heuristics.ios.passed-value-state-wrapper.ast', code: 'HEURISTICS_IOS_PASSED_VALUE_STATE_WRAPPER_AST', message: 'AST heuristic detected a passed value stored as @State/@StateObject via init wrapper ownership.' },
+  { platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftStateWrapperWithoutPrivateUsage, ruleId: 'heuristics.ios.swiftui.state-wrapper-private.ast', code: 'HEURISTICS_IOS_SWIFTUI_STATE_WRAPPER_PRIVATE_AST', message: 'AST heuristic detected @State/@StateObject usage in a SwiftUI View without private visibility.' },
   { platform: 'ios', pathCheck: isIOSPresentationPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftForEachIndicesUsage, ruleId: 'heuristics.ios.foreach-indices.ast', code: 'HEURISTICS_IOS_FOREACH_INDICES_AST', message: 'AST heuristic detected ForEach(...indices...) usage where stable element identity may be preferred.' },
   { platform: 'ios', pathCheck: isIOSApplicationOrPresentationPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftContainsUserFilterUsage, ruleId: 'heuristics.ios.contains-user-filter.ast', code: 'HEURISTICS_IOS_CONTAINS_USER_FILTER_AST', message: 'AST heuristic detected contains() in a user-facing filter where localizedStandardContains() may be preferred.' },
   { platform: 'ios', pathCheck: isIOSPresentationPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftGeometryReaderUsage, ruleId: 'heuristics.ios.geometryreader.ast', code: 'HEURISTICS_IOS_GEOMETRYREADER_AST', message: 'AST heuristic detected GeometryReader usage that may be replaceable with modern layout APIs.' },

package/core/gate/evaluateRules.test.ts

@@ -38,8 +38,15 @@ test('evaluateRules genera finding cuando la condicion coincide y usa code expli
     code: 'BACKEND_FILE_MODIFIED',
     message: 'Backend file modified.',
     filePath: 'apps/backend/src/main.ts',
+    lines: undefined,
     matchedBy: 'FileChange',
     source: 'git',
+    blocking: true,
+    primary_node: undefined,
+    related_nodes: undefined,
+    why: undefined,
+    impact: undefined,
+    expected_fix: undefined,
   });
 });
 

package/core/gate/evaluateRules.ts

@@ -23,8 +23,7 @@ type FindingTarget = {
   expected_fix?: string;
 };
 
-const isBlockingSeverity = (severity: RuleDefinition['severity']): boolean =>
-  severity === 'CRITICAL' || severity === 'ERROR';
+const isBlockingSeverity = (_severity: RuleDefinition['severity']): boolean => true;
 
 export type EvaluateRulesCoverageResult = {
   findings: ReadonlyArray<Finding>;

package/docs/operations/RELEASE_NOTES.md

@@ -4,6 +4,12 @@ This file tracks the active deterministic framework line used in this repository
 Canonical release chronology lives in `CHANGELOG.md`.
 This file keeps only the operational highlights and rollout notes that matter while running the framework.
 
+### 2026-05-05 (v6.3.136)
+
+- **All-severities blocking para consumers:** `PRE_WRITE`, `PRE_COMMIT`, `PRE_PUSH` y `CI` bloquean por cualquier violación de skills/reglas AST Intelligence, sin permitir rebajas por `skills.policy`, hard-mode `critical-high` ni `PRE_WRITE=advisory`.
+- **RuralGo primero:** replay local previo a publicación confirma PRE_WRITE `115/115` bloqueantes y PRE_COMMIT `118/118` bloqueantes, con iOS y Android visibles en la auditoría.
+- **Rollout recomendado:** publicar `pumuki@6.3.136`, repinear RuralGo antes que cualquier otro consumer y revalidar `status`, `doctor`, `audit --stage=PRE_WRITE --json`, `audit --stage=PRE_COMMIT --json` y hooks gestionados.
+
 ### 2026-05-03 (v6.3.135)
 
 - **Bootstrap de pre-push por delta real:** en ramas sin upstream, `PRE_PUSH` elige la base con menor delta real entre `main` y `develop`, evitando que un rollout nacido de `main` se bloquee como si heredara todo `develop`.

package/docs/validation/ios-avdlee-parity-matrix.md

@@ -20,7 +20,7 @@ Artefacto contractual de `phase10-avdlee-parity-closure`.
 | skill avdlee | bundle Pumuki | rule ids canónicos | tests contractuales | evidence runtime |
 | --- | --- | --- | --- | --- |
 | `swift-concurrency` | `ios-concurrency-guidelines` | `skills.ios.no-dispatchqueue`, `skills.ios.no-dispatchgroup`, `skills.ios.no-dispatchsemaphore`, `skills.ios.no-operation-queue`, `skills.ios.no-task-detached`, `skills.ios.no-unchecked-sendable`, `skills.ios.no-preconcurrency`, `skills.ios.no-nonisolated-unsafe`, `skills.ios.no-assume-isolated` | `integrations/config/__tests__/iosAvdleeParity.test.ts`, `core/facts/detectors/text/ios.test.ts`, `core/facts/__tests__/extractHeuristicFacts.test.ts`, `core/rules/presets/heuristics/ios.test.ts`, `integrations/config/__tests__/skillsDetectorRegistry.test.ts`, `integrations/config/__tests__/skillsMarkdownRules.test.ts` | `skills.sources.json`, `skills.lock.json`, `integrations/config/skillsCompilerTemplates.ts`, `integrations/config/skillsDetectorRegistry.ts`, `integrations/evidence/buildEvidence.ts` |
-| `swiftui-expert-skill` | `ios-swiftui-expert-guidelines` | `skills.ios.no-observable-object`, `skills.ios.no-legacy-swiftui-observable-wrapper`, `skills.ios.no-passed-value-state-wrapper`, `skills.ios.no-navigation-view`, `skills.ios.no-foreground-color`, `skills.ios.no-corner-radius`, `skills.ios.no-tab-item`, `skills.ios.no-on-tap-gesture`, `skills.ios.no-string-format`, `skills.ios.no-foreach-indices`, `skills.ios.no-contains-user-filter`, `skills.ios.no-geometryreader`, `skills.ios.no-font-weight-bold`, `skills.ios.no-scrollview-shows-indicators`, `skills.ios.no-sheet-is-presented`, `skills.ios.no-legacy-onchange`, `skills.ios.no-uiscreen-main-bounds` | `integrations/config/__tests__/iosAvdleeParity.test.ts`, `core/facts/detectors/text/ios.test.ts`, `core/facts/detectors/text/iosSwiftUiModernizationSnapshot.test.ts`, `core/facts/__tests__/extractHeuristicFacts.test.ts`, `core/rules/presets/heuristics/ios.test.ts`, `integrations/config/__tests__/skillsDetectorRegistry.test.ts`, `integrations/config/__tests__/skillsMarkdownRules.test.ts` | `skills.sources.json`, `skills.lock.json`, `assets/rule-packs/ios-swiftui-modernization-v1.json`, `assets/rule-packs/ios-swiftui-modernization-v2.json`, `integrations/config/skillsCompilerTemplates.ts`, `integrations/config/skillsDetectorRegistry.ts`, `integrations/evidence/buildEvidence.ts` |
+| `swiftui-expert-skill` | `ios-swiftui-expert-guidelines` | `skills.ios.no-observable-object`, `skills.ios.no-legacy-swiftui-observable-wrapper`, `skills.ios.no-passed-value-state-wrapper`, `skills.ios.guideline.ios-swiftui-expert.always-mark-state-and-stateobject-as-private-makes-dependencies-clear`, `skills.ios.no-navigation-view`, `skills.ios.no-foreground-color`, `skills.ios.no-corner-radius`, `skills.ios.no-tab-item`, `skills.ios.no-on-tap-gesture`, `skills.ios.no-string-format`, `skills.ios.no-foreach-indices`, `skills.ios.no-contains-user-filter`, `skills.ios.no-geometryreader`, `skills.ios.no-font-weight-bold`, `skills.ios.no-scrollview-shows-indicators`, `skills.ios.no-sheet-is-presented`, `skills.ios.no-legacy-onchange`, `skills.ios.no-uiscreen-main-bounds` | `integrations/config/__tests__/iosAvdleeParity.test.ts`, `core/facts/detectors/text/ios.test.ts`, `core/facts/detectors/text/iosSwiftUiModernizationSnapshot.test.ts`, `core/facts/__tests__/extractHeuristicFacts.test.ts`, `core/rules/presets/heuristics/ios.test.ts`, `integrations/config/__tests__/skillsDetectorRegistry.test.ts`, `integrations/config/__tests__/skillsMarkdownRules.test.ts` | `skills.sources.json`, `skills.lock.json`, `assets/rule-packs/ios-swiftui-modernization-v1.json`, `assets/rule-packs/ios-swiftui-modernization-v2.json`, `integrations/config/skillsCompilerTemplates.ts`, `integrations/config/skillsDetectorRegistry.ts`, `integrations/evidence/buildEvidence.ts` |
 | `swift-testing-expert` | `ios-swift-testing-guidelines` | `skills.ios.prefer-swift-testing`, `skills.ios.no-xctassert`, `skills.ios.no-xctunwrap`, `skills.ios.no-wait-for-expectations`, `skills.ios.no-legacy-expectation-description`, `skills.ios.no-mixed-testing-frameworks` | `integrations/config/__tests__/iosAvdleeParity.test.ts`, `core/facts/detectors/text/ios.test.ts`, `core/facts/__tests__/extractHeuristicFacts.test.ts`, `core/rules/presets/heuristics/ios.test.ts`, `integrations/config/__tests__/skillsDetectorRegistry.test.ts`, `integrations/config/__tests__/skillsMarkdownRules.test.ts` | `skills.sources.json`, `skills.lock.json`, `integrations/config/skillsCompilerTemplates.ts`, `integrations/config/skillsDetectorRegistry.ts`, `integrations/evidence/buildEvidence.ts` |
 | `core-data-expert` | `ios-core-data-guidelines` | `skills.ios.no-nsmanagedobject-boundary`, `skills.ios.no-nsmanagedobject-async-boundary`, `skills.ios.no-core-data-layer-leak`, `skills.ios.no-nsmanagedobject-state-leak` | `integrations/config/__tests__/iosAvdleeParity.test.ts`, `core/facts/detectors/text/ios.test.ts`, `core/facts/__tests__/extractHeuristicFacts.test.ts`, `core/rules/presets/heuristics/ios.test.ts`, `integrations/config/__tests__/skillsDetectorRegistry.test.ts`, `integrations/config/__tests__/skillsMarkdownRules.test.ts` | `skills.sources.json`, `skills.lock.json`, `integrations/config/skillsCompilerTemplates.ts`, `integrations/config/skillsDetectorRegistry.ts`, `integrations/evidence/buildEvidence.ts` |
 

package/integrations/config/skillsCompilerTemplates.ts

@@ -183,6 +183,16 @@ export const skillsCompilerTemplates: Record<string, SkillsCompilerTemplate> = {
         stage: 'PRE_PUSH',
         locked: true,
       },
+      {
+        id: 'skills.ios.guideline.ios-swiftui-expert.always-mark-state-and-stateobject-as-private-makes-dependencies-clear',
+        description:
+          'Always mark @State and @StateObject as private (makes dependencies clear).',
+        severity: 'WARN',
+        platform: 'ios',
+        confidence: 'MEDIUM',
+        stage: 'PRE_PUSH',
+        locked: true,
+      },
       {
         id: 'skills.ios.no-navigation-view',
         description: 'Avoid NavigationView in modern iOS code; prefer NavigationStack.',

package/integrations/config/skillsDetectorRegistry.ts

@@ -69,6 +69,10 @@ const registryByRuleId: Record<string, SkillsDetectorBinding> = {
   'skills.ios.no-passed-value-state-wrapper': heuristicDetector('ios.passed-value-state-wrapper', [
     'heuristics.ios.passed-value-state-wrapper.ast',
   ]),
+  'skills.ios.guideline.ios-swiftui-expert.always-mark-state-and-stateobject-as-private-makes-dependencies-clear':
+    heuristicDetector('ios.swiftui.state-wrapper-private', [
+      'heuristics.ios.swiftui.state-wrapper-private.ast',
+    ]),
   'skills.ios.no-navigation-view': heuristicDetector('ios.navigation-view', [
     'heuristics.ios.navigation-view.ast',
   ]),

package/integrations/config/skillsMarkdownRules.ts

@@ -346,6 +346,13 @@ const normalizeKnownRuleTarget = (
     ) {
       return 'skills.ios.no-passed-value-state-wrapper';
     }
+    if (
+      (includes('always mark') && includes('state') && includes('stateobject') && includes('private')) ||
+      (includes('state and stateobject as private') && includes('dependencies clear')) ||
+      (includes('mark state and stateobject as private') && includes('makes dependencies clear'))
+    ) {
+      return 'skills.ios.guideline.ios-swiftui-expert.always-mark-state-and-stateobject-as-private-makes-dependencies-clear';
+    }
     if (includes('navigationview') || includes('navigation view')) {
       return 'skills.ios.no-navigation-view';
     }

package/integrations/evidence/buildEvidence.ts

@@ -282,6 +282,10 @@ const equivalentRuleFamilies: ReadonlyArray<ReadonlyArray<string>> = [
     'skills.ios.no-passed-value-state-wrapper',
     'heuristics.ios.passed-value-state-wrapper.ast',
   ],
+  [
+    'skills.ios.guideline.ios-swiftui-expert.always-mark-state-and-stateobject-as-private-makes-dependencies-clear',
+    'heuristics.ios.swiftui.state-wrapper-private.ast',
+  ],
   ['skills.ios.no-navigation-view', 'heuristics.ios.navigation-view.ast'],
   ['skills.ios.no-foreground-color', 'heuristics.ios.foreground-color.ast'],
   ['skills.ios.no-corner-radius', 'heuristics.ios.corner-radius.ast'],
@@ -581,10 +585,7 @@ const normalizeAndDedupeFindings = (
 };
 
 const toGateOutcome = (findings: ReadonlyArray<SnapshotFinding>): GateOutcome => {
-  if (findings.some((finding) => finding.severity === 'CRITICAL')) {
-    return 'BLOCK';
-  }
-  return findings.length > 0 ? 'WARN' : 'PASS';
+  return findings.length > 0 ? 'BLOCK' : 'PASS';
 };
 
 const bySeverity = (findings: ReadonlyArray<SnapshotFinding>): Record<Severity, number> => {

package/integrations/gate/stagePolicies.ts

@@ -93,15 +93,21 @@ type EnterpriseStageThresholds = {
   warnOnOrAbove: EnterpriseSeverity;
 };
 
+const enforceAllSeverityBlockingPolicy = (policy: GatePolicy): GatePolicy => ({
+  ...policy,
+  blockOnOrAbove: 'INFO',
+  warnOnOrAbove: 'INFO',
+});
+
 const toGatePolicyFromEnterpriseThresholds = (
   stage: SkillsStage,
   thresholds: EnterpriseStageThresholds
 ): GatePolicy => {
-  return {
+  return enforceAllSeverityBlockingPolicy({
     stage,
     blockOnOrAbove: mapEnterpriseSeverityToGateSeverity(thresholds.blockOnOrAbove),
     warnOnOrAbove: mapEnterpriseSeverityToGateSeverity(thresholds.warnOnOrAbove),
-  };
+  });
 };
 
 const toGatePolicyRecordFromEnterpriseThresholds = (
@@ -127,41 +133,41 @@ const toGatePolicyRecordFromEnterpriseThresholds = (
 const defaultPolicyByStage: Record<SkillsStage, GatePolicy> = {
   PRE_WRITE: {
     stage: 'PRE_WRITE',
-    blockOnOrAbove: 'ERROR',
-    warnOnOrAbove: 'WARN',
+    blockOnOrAbove: 'INFO',
+    warnOnOrAbove: 'INFO',
   },
   PRE_COMMIT: {
     stage: 'PRE_COMMIT',
-    blockOnOrAbove: 'ERROR',
-    warnOnOrAbove: 'WARN',
+    blockOnOrAbove: 'INFO',
+    warnOnOrAbove: 'INFO',
   },
   PRE_PUSH: {
     stage: 'PRE_PUSH',
-    blockOnOrAbove: 'ERROR',
-    warnOnOrAbove: 'WARN',
+    blockOnOrAbove: 'INFO',
+    warnOnOrAbove: 'INFO',
   },
   CI: {
     stage: 'CI',
-    blockOnOrAbove: 'ERROR',
-    warnOnOrAbove: 'WARN',
+    blockOnOrAbove: 'INFO',
+    warnOnOrAbove: 'INFO',
   },
 };
 
 const hardModeEnterpriseThresholdsByStage: Record<SkillsStage, EnterpriseStageThresholds> = {
   PRE_WRITE: {
-    blockOnOrAbove: 'MEDIUM',
+    blockOnOrAbove: 'LOW',
     warnOnOrAbove: 'LOW',
   },
   PRE_COMMIT: {
-    blockOnOrAbove: 'MEDIUM',
+    blockOnOrAbove: 'LOW',
     warnOnOrAbove: 'LOW',
   },
   PRE_PUSH: {
-    blockOnOrAbove: 'MEDIUM',
+    blockOnOrAbove: 'LOW',
     warnOnOrAbove: 'LOW',
   },
   CI: {
-    blockOnOrAbove: 'MEDIUM',
+    blockOnOrAbove: 'LOW',
     warnOnOrAbove: 'LOW',
   },
 };
@@ -624,7 +630,7 @@ export const resolvePolicyForStage = (
     const profilePolicy = profileName
       ? hardModePolicyProfileByStage[profileName][stage]
       : null;
-    const hardModePolicy = profilePolicy ?? hardModePolicyByStage[stage];
+    const hardModePolicy = enforceAllSeverityBlockingPolicy(profilePolicy ?? hardModePolicyByStage[stage]);
     const bundle = profileName
       ? `gate-policy.hard-mode.${profileName}.${stage}`
       : `gate-policy.hard-mode.${stage}`;
@@ -657,7 +663,7 @@ export const resolvePolicyForStage = (
     };
   }
 
-  const defaults = defaultPolicyByStage[stage];
+  const defaults = enforceAllSeverityBlockingPolicy(defaultPolicyByStage[stage]);
   const loadedPolicy = loadSkillsPolicy(repoRoot);
   const stageOverride = loadedPolicy?.stages[stage];
 
@@ -691,11 +697,11 @@ export const resolvePolicyForStage = (
     };
   }
 
-  const resolvedPolicy: GatePolicy = {
+  const resolvedPolicy: GatePolicy = enforceAllSeverityBlockingPolicy({
     stage: defaults.stage,
     blockOnOrAbove: stageOverride.blockOnOrAbove,
     warnOnOrAbove: stageOverride.warnOnOrAbove,
-  };
+  });
 
   const bundle = `gate-policy.skills.policy.${stage}`;
   const hash = createPolicyTraceHash({

package/integrations/git/stageRunners.ts

@@ -530,6 +530,7 @@ const patchOperationalHintsAfterDocumentationOnlyEvidenceSync = (repoRoot: strin
 const syncTrackedEvidenceAfterSuccessfulPreCommit = (params: {
   dependencies: StageRunnerDependencies;
   repoRoot: string;
+  gateBlocked: boolean;
 }): boolean => {
   const evidenceAbsolutePath = join(params.repoRoot, EVIDENCE_FILE_PATH);
   if (!existsSync(evidenceAbsolutePath)) {
@@ -562,6 +563,9 @@ const syncTrackedEvidenceAfterSuccessfulPreCommit = (params: {
     process.stderr.write(
       `[pumuki][evidence-sync] unable to restage tracked ${EVIDENCE_FILE_PATH}: ${details}\n`
     );
+    if (params.gateBlocked) {
+      return false;
+    }
     params.dependencies.notifyGateBlocked({
       repoRoot: params.repoRoot,
       stage: 'PRE_COMMIT',
@@ -824,10 +828,10 @@ export async function runPreCommitStage(
     return 1;
   }
   if (
-    result.exitCode === 0 &&
     syncTrackedEvidenceAfterSuccessfulPreCommit({
       dependencies: activeDependencies,
       repoRoot,
+      gateBlocked: result.exitCode !== 0,
     })
   ) {
     return 1;

package/integrations/lifecycle/audit.ts

@@ -71,10 +71,10 @@ const countUntrackedMatchingExtensions = (
 };
 
 const isFindingBlocking = (finding: SnapshotFinding): boolean => {
-  if (typeof finding.blocking === 'boolean') {
-    return finding.blocking;
-  }
-  return finding.severity === 'CRITICAL' || finding.severity === 'ERROR';
+  return finding.severity === 'CRITICAL' ||
+    finding.severity === 'ERROR' ||
+    finding.severity === 'WARN' ||
+    finding.severity === 'INFO';
 };
 
 const toLifecycleAuditFinding = (finding: SnapshotFinding): LifecycleAuditFinding => ({

package/integrations/lifecycle/cli.ts

@@ -220,8 +220,8 @@ Pumuki lifecycle commands:
 
 const LOOP_RUN_POLICY: GatePolicy = {
   stage: 'STAGED',
-  blockOnOrAbove: 'ERROR',
-  warnOnOrAbove: 'WARN',
+  blockOnOrAbove: 'INFO',
+  warnOnOrAbove: 'INFO',
 };
 
 const isLifecycleCommand = (value: string): value is LifecycleCommand =>

package/integrations/lifecycle/policyReconcile.ts

@@ -117,6 +117,9 @@ const tryApplyPolicyAutofix = (params: {
   }
 
   const preWriteStage = params.report.stages.PRE_WRITE;
+  const preCommitStage = params.report.stages.PRE_COMMIT;
+  const prePushStage = params.report.stages.PRE_PUSH;
+  const ciStage = params.report.stages.CI;
   const signatures = {
     PRE_WRITE: createPolicyAsCodeSignature({
       stage: 'PRE_COMMIT',
@@ -125,9 +128,27 @@ const tryApplyPolicyAutofix = (params: {
       hash: preWriteStage.hash,
       version: '1.0',
     }),
-    PRE_COMMIT: params.report.stages.PRE_COMMIT.signature,
-    PRE_PUSH: params.report.stages.PRE_PUSH.signature,
-    CI: params.report.stages.CI.signature,
+    PRE_COMMIT: createPolicyAsCodeSignature({
+      stage: 'PRE_COMMIT',
+      source: toContractSource(preCommitStage.source),
+      bundle: preCommitStage.bundle,
+      hash: preCommitStage.hash,
+      version: '1.0',
+    }),
+    PRE_PUSH: createPolicyAsCodeSignature({
+      stage: 'PRE_PUSH',
+      source: toContractSource(prePushStage.source),
+      bundle: prePushStage.bundle,
+      hash: prePushStage.hash,
+      version: '1.0',
+    }),
+    CI: createPolicyAsCodeSignature({
+      stage: 'CI',
+      source: toContractSource(ciStage.source),
+      bundle: ciStage.bundle,
+      hash: ciStage.hash,
+      version: '1.0',
+    }),
   };
   if (!signatures.PRE_COMMIT || !signatures.PRE_PUSH || !signatures.CI) {
     return {

package/integrations/lifecycle/preWriteAutomation.ts

@@ -112,8 +112,8 @@ export const buildPreWriteAutomationTrace = async (params: {
       const gateExitCode = await params.runPlatformGate({
         policy: {
           stage: 'PRE_COMMIT',
-          blockOnOrAbove: 'ERROR',
-          warnOnOrAbove: 'WARN',
+          blockOnOrAbove: 'INFO',
+          warnOnOrAbove: 'INFO',
         },
         scope: {
           kind: 'workingTree',
@@ -148,8 +148,8 @@ export const buildPreWriteAutomationTrace = async (params: {
       const gateExitCode = await params.runPlatformGate({
         policy: {
           stage: 'PRE_PUSH',
-          blockOnOrAbove: 'ERROR',
-          warnOnOrAbove: 'WARN',
+          blockOnOrAbove: 'INFO',
+          warnOnOrAbove: 'INFO',
         },
         scope: {
           kind: 'workingTree',

package/integrations/policy/policyProfiles.ts

@@ -32,6 +32,12 @@ type EnterpriseStageThresholds = {
   warnOnOrAbove: EnterpriseSeverity;
 };
 
+const enforceAllSeverityBlockingPolicy = (policy: GatePolicy): GatePolicy => ({
+  ...policy,
+  blockOnOrAbove: 'INFO',
+  warnOnOrAbove: 'INFO',
+});
+
 const mapEnterpriseSeverityToGateSeverity = (
   severity: EnterpriseSeverity
 ): GatePolicy['blockOnOrAbove'] => {
@@ -51,7 +57,7 @@ const toGatePolicyFromEnterpriseThresholds = (
   stage: SkillsStage,
   thresholds: EnterpriseStageThresholds
 ): GatePolicy => {
-  return {
+  return enforceAllSeverityBlockingPolicy({
     stage,
     blockOnOrAbove: mapEnterpriseSeverityToGateSeverity(
       thresholds.blockOnOrAbove
@@ -59,7 +65,7 @@ const toGatePolicyFromEnterpriseThresholds = (
     warnOnOrAbove: mapEnterpriseSeverityToGateSeverity(
       thresholds.warnOnOrAbove
     ),
-  };
+  });
 };
 
 const toGatePolicyRecordFromEnterpriseThresholds = (
@@ -88,23 +94,23 @@ const toGatePolicyRecordFromEnterpriseThresholds = (
 const defaultPolicyByStage: Record<SkillsStage, GatePolicy> = {
   PRE_WRITE: {
     stage: 'PRE_WRITE',
-    blockOnOrAbove: 'ERROR',
-    warnOnOrAbove: 'WARN',
+    blockOnOrAbove: 'INFO',
+    warnOnOrAbove: 'INFO',
   },
   PRE_COMMIT: {
     stage: 'PRE_COMMIT',
-    blockOnOrAbove: 'ERROR',
-    warnOnOrAbove: 'WARN',
+    blockOnOrAbove: 'INFO',
+    warnOnOrAbove: 'INFO',
   },
   PRE_PUSH: {
     stage: 'PRE_PUSH',
-    blockOnOrAbove: 'ERROR',
-    warnOnOrAbove: 'WARN',
+    blockOnOrAbove: 'INFO',
+    warnOnOrAbove: 'INFO',
   },
   CI: {
     stage: 'CI',
-    blockOnOrAbove: 'ERROR',
-    warnOnOrAbove: 'WARN',
+    blockOnOrAbove: 'INFO',
+    warnOnOrAbove: 'INFO',
   },
 };
 
@@ -113,19 +119,19 @@ const hardModeEnterpriseThresholdsByStage: Record<
   EnterpriseStageThresholds
 > = {
   PRE_WRITE: {
-    blockOnOrAbove: 'MEDIUM',
+    blockOnOrAbove: 'LOW',
     warnOnOrAbove: 'LOW',
   },
   PRE_COMMIT: {
-    blockOnOrAbove: 'MEDIUM',
+    blockOnOrAbove: 'LOW',
     warnOnOrAbove: 'LOW',
   },
   PRE_PUSH: {
-    blockOnOrAbove: 'MEDIUM',
+    blockOnOrAbove: 'LOW',
     warnOnOrAbove: 'LOW',
   },
   CI: {
-    blockOnOrAbove: 'MEDIUM',
+    blockOnOrAbove: 'LOW',
     warnOnOrAbove: 'LOW',
   },
 };
@@ -374,7 +380,7 @@ export const resolveExplicitPolicyProfileForStage = (
     const profilePolicy = profileName
       ? hardModePolicyProfileByStage[profileName][stage]
       : null;
-    const hardModePolicy = profilePolicy ?? hardModePolicyByStage[stage];
+    const hardModePolicy = enforceAllSeverityBlockingPolicy(profilePolicy ?? hardModePolicyByStage[stage]);
     return {
       policy: hardModePolicy,
       source: 'hard-mode',
@@ -388,15 +394,15 @@ export const resolveExplicitPolicyProfileForStage = (
     };
   }
 
-  const defaults = resolveCorePolicyForStage(stage);
+  const defaults = enforceAllSeverityBlockingPolicy(resolveCorePolicyForStage(stage));
   const stageOverride = explicitPack.policy.stages[stage];
 
   return {
-    policy: {
+    policy: enforceAllSeverityBlockingPolicy({
       stage: defaults.stage,
       blockOnOrAbove: stageOverride.blockOnOrAbove,
       warnOnOrAbove: stageOverride.warnOnOrAbove,
-    },
+    }),
     source: 'skills.policy',
     layer: 'policy-pack',
     activation: 'explicit',

package/integrations/policy/preWriteEnforcement.ts

@@ -21,7 +21,7 @@ export const resolvePreWriteEnforcement = (): PreWriteEnforcementResolution => {
   return {
     mode: experimentalFeature.mode,
     source: experimentalFeature.source,
-    blocking: experimentalFeature.blocking,
+    blocking: experimentalFeature.mode !== 'off',
     layer: experimentalFeature.layer,
     activationVariable: experimentalFeature.activationVariable,
     legacyActivationVariable: experimentalFeature.legacyActivationVariable,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pumuki",
-  "version": "6.3.135",
+  "version": "6.3.136",
   "description": "Enterprise-grade AST Intelligence System with multi-platform support (iOS, Android, Backend, Frontend) and Feature-First + DDD + Clean Architecture enforcement. Includes dynamic violations API for intelligent querying.",
   "main": "index.js",
   "bin": {

package/skills.lock.json

@@ -1,7 +1,7 @@
 {
   "version": "1.0",
   "compilerVersion": "1.0.0",
-  "generatedAt": "2026-05-03T12:45:29.960Z",
+  "generatedAt": "2026-05-03T20:19:41.600Z",
   "bundles": [
     {
       "name": "android-guidelines",
@@ -8299,18 +8299,19 @@
       "name": "ios-swiftui-expert-guidelines",
       "version": "1.0.0",
       "source": "file:vendor/skills/swiftui-expert-skill/SKILL.md",
-      "hash": "33a19bd25ca8546d49f2070956784e4fe3f653a25365c8a9734af5cd46b8ec60",
+      "hash": "59dcc140ff7423c1ec320af0389139183571ca2a61afc7272d773727432cba17",
       "rules": [
         {
           "id": "skills.ios.guideline.ios-swiftui-expert.always-mark-state-and-stateobject-as-private-makes-dependencies-clear",
-          "description": "Always mark @State and @StateObject as private (makes dependencies clear)",
+          "description": "Always mark @State and @StateObject as private (makes dependencies clear).",
           "severity": "WARN",
           "platform": "ios",
-          "sourceSkill": "ios-swiftui-expert-guidelines",
-          "sourcePath": "vendor/skills/swiftui-expert-skill/SKILL.md",
           "confidence": "MEDIUM",
+          "stage": "PRE_PUSH",
           "locked": true,
-          "evaluationMode": "DECLARATIVE",
+          "sourceSkill": "ios-swiftui-expert-guidelines",
+          "sourcePath": "vendor/skills/swiftui-expert-skill/SKILL.md",
+          "evaluationMode": "AUTO",
           "origin": "core"
         },
         {