pumuki 6.3.137 → 6.3.139

package/CHANGELOG.md

@@ -6,6 +6,19 @@ This project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
+## [6.3.139] - 2026-05-05
+
+### Fixed
+
+- **PUMUKI-INC-060 baseline test gate:** la evidencia TDD/BDD exige ahora un baseline test `passed` por slice antes del evento `red`; si falta o falla, el gate bloquea con `TDD_BASELINE_TEST_REQUIRED` o `TDD_BASELINE_TEST_MUST_PASS`.
+- **Alineación all-severities en evidencia:** los tests de evidencia quedan sincronizados con el contrato publicado de bloqueo por cualquier severidad (`BLOCK` / `BLOCKED`), incluyendo findings `WARN`.
+
+## [6.3.138] - 2026-05-05
+
+### Fixed
+
+- **Doc-only evidence hygiene:** en commits documentales, `.ai_evidence.json` trackeado queda restaurado a `HEAD` y no deja modificaciones de hook que hagan fallar integraciones `pre-commit` con `files were modified by this hook`.
+
 ## [6.3.137] - 2026-05-05
 
 ### Fixed

package/docs/operations/RELEASE_NOTES.md

@@ -4,6 +4,17 @@ This file tracks the active deterministic framework line used in this repository
 Canonical release chronology lives in `CHANGELOG.md`.
 This file keeps only the operational highlights and rollout notes that matter while running the framework.
 
+### 2026-05-05 (v6.3.139)
+
+- **Baseline tests antes de editar:** Pumuki bloquea cambios TDD/BDD in-scope si cada slice no registra un baseline test pasado antes de RED.
+- **RuralGo INC060:** cierra el gap por el que una regresión de test preexistente en un componente relacionado podía pasar desapercibida antes de iterar.
+- **Rollout:** publicar `pumuki@6.3.139`, repinear RuralGo primero y revalidar `PRE_WRITE`, `PRE_COMMIT`, `PRE_PUSH` y `CI`.
+
+### 2026-05-05 (v6.3.138)
+
+- **Doc-only sin worktree sucio:** cuando el índice solo contiene `*.md` / `*.mdx`, Pumuki restaura `.ai_evidence.json` trackeado a `HEAD` tras refrescar el gate, evitando el fallo del framework `pre-commit` por “files were modified by this hook”.
+- **RuralGo follow-up:** corrige el bloqueo observado al commitear el feedback `docs/technical/08-validation/refactor/pumuki-integration-feedback.md` después del repin.
+
 ### 2026-05-05 (v6.3.137)
 
 - **Atomicidad compatible con evidencia gestionada:** `.ai_evidence.json` / `.AI_EVIDENCE.json` ya no cuentan como scope o fichero funcional en `git-atomicity`, de modo que un commit de repin no queda bloqueado solo porque el hook refresque evidencia trackeada.

package/integrations/evidence/writeEvidence.test.ts

@@ -346,6 +346,7 @@ test('writeEvidence preserva snapshot.tdd_bdd cuando viene en evidencia', async
           slices_invalid: 0,
           integrity_ok: true,
           errors: [],
+          baseline: { required: true, passed: 0, missing: 0, failed: 0 },
         },
         waiver: {
           applied: true,

package/integrations/evidence/writeEvidence.ts

@@ -272,6 +272,12 @@ const normalizeTddBddSnapshot = (snapshot: TddBddSnapshot | undefined): TddBddSn
       slices_invalid: snapshot.evidence.slices_invalid,
       integrity_ok: snapshot.evidence.integrity_ok,
       errors: [...snapshot.evidence.errors],
+      baseline: {
+        required: snapshot.evidence.baseline.required,
+        passed: snapshot.evidence.baseline.passed,
+        missing: snapshot.evidence.baseline.missing,
+        failed: snapshot.evidence.baseline.failed,
+      },
     },
     waiver: {
       applied: snapshot.waiver.applied,

package/integrations/git/stageRunners.ts

@@ -20,9 +20,7 @@ import {
 } from '../notifications/emitAuditSummaryNotification';
 import { existsSync, readFileSync, unlinkSync, writeFileSync } from 'node:fs';
 import { join } from 'node:path';
-import { buildEvidenceOperationalHints } from '../evidence/operationalHints';
 import { readEvidence, readEvidenceResult } from '../evidence/readEvidence';
-import { writeEvidence } from '../evidence/writeEvidence';
 import type { EvidenceReadResult } from '../evidence/readEvidence';
 import type { SnapshotFinding } from '../evidence/schema';
 import { ensureRuntimeArtifactsIgnored } from '../lifecycle/artifacts';
@@ -135,6 +133,7 @@ type StageRunnerDependencies = {
   isPathTracked: (repoRoot: string, relativePath: string) => boolean;
   listStagedIndexPaths: (repoRoot: string) => ReadonlyArray<string>;
   stagePath: (repoRoot: string, relativePath: string) => void;
+  restorePathFromHead: (repoRoot: string, relativePath: string) => void;
   resolveHeadOid: (repoRoot: string) => string | null;
   resolveGitAtomicityEnforcement: () => GitAtomicityEnforcementResolution;
 };
@@ -223,6 +222,9 @@ const defaultDependencies: StageRunnerDependencies = {
   stagePath: (repoRoot, relativePath) => {
     new GitService().runGit(['add', '--', relativePath], repoRoot);
   },
+  restorePathFromHead: (repoRoot, relativePath) => {
+    new GitService().runGit(['checkout', '--', relativePath], repoRoot);
+  },
   resolveHeadOid: (repoRoot) => {
     try {
       return new GitService().runGit(['rev-parse', 'HEAD'], repoRoot).trim();
@@ -507,26 +509,6 @@ const runHookGateWithPolicyRetry = async (params: {
   }
 };
 
-const patchOperationalHintsAfterDocumentationOnlyEvidenceSync = (repoRoot: string): void => {
-  const evidenceRead = readEvidenceResult(repoRoot);
-  if (evidenceRead.kind !== 'valid') {
-    return;
-  }
-  const evidence = evidenceRead.evidence;
-  const hints = buildEvidenceOperationalHints({
-    stage: evidence.snapshot.stage,
-    outcome: evidence.snapshot.outcome,
-    findings: evidence.snapshot.findings,
-    rulesCoverage: evidence.snapshot.rules_coverage,
-    evaluationMetrics: evidence.snapshot.evaluation_metrics,
-    extra: {
-      requires_second_pass: true,
-      second_pass_reason: 'tracked_evidence_refreshed_on_disk_not_staged_documentation_only_commit',
-    },
-  });
-  writeEvidence({ ...evidence, operational_hints: hints }, { repoRoot });
-};
-
 const syncTrackedEvidenceAfterSuccessfulPreCommit = (params: {
   dependencies: StageRunnerDependencies;
   repoRoot: string;
@@ -547,12 +529,11 @@ const syncTrackedEvidenceAfterSuccessfulPreCommit = (params: {
   ) {
     if (!params.dependencies.isQuietMode()) {
       process.stderr.write(
-        `[pumuki][evidence-sync] tracked ${EVIDENCE_FILE_PATH} updated on disk but not auto-staged (documentation-only staged paths: *.md / *.mdx). ` +
-          `Include in this commit if needed: git add -- ${EVIDENCE_FILE_PATH}. ` +
+        `[pumuki][evidence-sync] tracked ${EVIDENCE_FILE_PATH} left unchanged for documentation-only staged paths (*.md / *.mdx). ` +
           `Force previous behavior: PUMUKI_PRE_COMMIT_ALWAYS_RESTAGE_TRACKED_EVIDENCE=1\n`
       );
     }
-    patchOperationalHintsAfterDocumentationOnlyEvidenceSync(params.repoRoot);
+    params.dependencies.restorePathFromHead(params.repoRoot, EVIDENCE_FILE_PATH);
     return false;
   }
   try {

package/integrations/tdd/contract.ts

@@ -14,6 +14,7 @@ const tddEventSchema = z.object({
 const tddSliceSchema = z.object({
   id: z.string().min(1),
   scenario_ref: z.string().min(1),
+  baseline: tddEventSchema.optional(),
   red: tddEventSchema,
   green: tddEventSchema,
   refactor: tddEventSchema,

package/integrations/tdd/enforcement.ts

@@ -104,6 +104,12 @@ export const enforceTddBddPolicy = (params: {
       slices_invalid: 0,
       integrity_ok: true,
       errors: [],
+      baseline: {
+        required: scope.inScope,
+        passed: 0,
+        missing: 0,
+        failed: 0,
+      },
     },
     waiver: {
       applied: false,
@@ -207,6 +213,9 @@ export const enforceTddBddPolicy = (params: {
   const sliceFindings: Finding[] = [];
   const seenSliceIds = new Set<string>();
   let validSlices = 0;
+  let baselinePassed = 0;
+  let baselineMissing = 0;
+  let baselineFailed = 0;
 
   if (evidenceRead.evidence.slices.length === 0) {
     sliceFindings.push(
@@ -257,6 +266,30 @@ export const enforceTddBddPolicy = (params: {
       );
     }
 
+    if (!slice.baseline) {
+      baselineMissing += 1;
+      sliceFindings.push(
+        buildFinding({
+          ruleId: 'generic_tdd_baseline_required',
+          code: 'TDD_BASELINE_TEST_REQUIRED',
+          message: `Slice ${slice.id} must include passing baseline test evidence before RED.`,
+          filePath: evidenceRead.path,
+        })
+      );
+    } else if (slice.baseline.status !== 'passed') {
+      baselineFailed += 1;
+      sliceFindings.push(
+        buildFinding({
+          ruleId: 'generic_tdd_baseline_required',
+          code: 'TDD_BASELINE_TEST_MUST_PASS',
+          message: `Slice ${slice.id} baseline test evidence must pass before editing related code.`,
+          filePath: evidenceRead.path,
+        })
+      );
+    } else {
+      baselinePassed += 1;
+    }
+
     if (slice.red.status !== 'failed') {
       sliceFindings.push(
         buildFinding({
@@ -281,6 +314,7 @@ export const enforceTddBddPolicy = (params: {
 
     if (
       !isTimelineOrdered([
+        slice.baseline?.timestamp,
         slice.red.timestamp,
         slice.green.timestamp,
         slice.refactor.timestamp,
@@ -320,6 +354,12 @@ export const enforceTddBddPolicy = (params: {
         slices_invalid: invalidSlices,
         integrity_ok: evidenceRead.integrity.valid,
         errors: sliceFindings.map((finding) => finding.code),
+        baseline: {
+          required: true,
+          passed: baselinePassed,
+          missing: baselineMissing,
+          failed: baselineFailed,
+        },
       },
       waiver: {
         applied: false,

package/integrations/tdd/types.ts

@@ -21,6 +21,12 @@ export type TddBddSnapshot = {
     slices_invalid: number;
     integrity_ok: boolean;
     errors: string[];
+    baseline: {
+      required: boolean;
+      passed: number;
+      missing: number;
+      failed: number;
+    };
   };
   waiver: {
     applied: boolean;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pumuki",
-  "version": "6.3.137",
+  "version": "6.3.139",
   "description": "Enterprise-grade AST Intelligence System with multi-platform support (iOS, Android, Backend, Frontend) and Feature-First + DDD + Clean Architecture enforcement. Includes dynamic violations API for intelligent querying.",
   "main": "index.js",
   "bin": {