pumuki 6.3.170 → 6.3.172

package/core/facts/detectors/text/ios.ts

@@ -840,14 +840,6 @@ const hasSwiftXCTestOnlyBrownfieldSuiteUsage = (source: string): boolean => {
   return !hasSwiftTestingImportUsage(source) && !hasSwiftTestingSuiteAttributeUsage(source);
 };
 
-const hasSwiftXCTestHelperOrFactoryUsage = (source: string): boolean => {
-  return (
-    hasSwiftXCTestImportUsage(source) &&
-    !hasSwiftXCTestCaseSubclassUsage(source) &&
-    !hasSwiftLegacyXCTestMethodUsage(source)
-  );
-};
-
 export const hasSwiftLegacyXCTestImportUsage = (source: string): boolean => {
   if (!hasSwiftXCTestImportUsage(source)) {
     return false;
@@ -893,10 +885,6 @@ export const hasSwiftXCTestAssertionUsage = (source: string): boolean => {
     return false;
   }
 
-  if (hasSwiftXCTestHelperOrFactoryUsage(source)) {
-    return false;
-  }
-
   if (hasSwiftXCTestOnlyBrownfieldSuiteUsage(source)) {
     return false;
   }
@@ -912,10 +900,6 @@ export const hasSwiftXCTUnwrapUsage = (source: string): boolean => {
     return false;
   }
 
-  if (hasSwiftXCTestHelperOrFactoryUsage(source)) {
-    return false;
-  }
-
   if (hasSwiftXCTestOnlyBrownfieldSuiteUsage(source)) {
     return false;
   }
@@ -932,10 +916,6 @@ const hasSwiftConfirmationUsage = (source: string): boolean => {
 };
 
 export const hasSwiftWaitForExpectationsUsage = (source: string): boolean => {
-  if (hasSwiftXCTestHelperOrFactoryUsage(source)) {
-    return false;
-  }
-
   const legacyWaitPattern = /\bwait\s*\(\s*for\s*:|\bwaitForExpectations\s*\(/;
   return collectSwiftFunctionDeclarations(source).some((declaration) => {
     if (!/\basync\b/.test(declaration.signature)) {
@@ -947,10 +927,6 @@ export const hasSwiftWaitForExpectationsUsage = (source: string): boolean => {
 };
 
 export const hasSwiftLegacyExpectationDescriptionUsage = (source: string): boolean => {
-  if (hasSwiftXCTestHelperOrFactoryUsage(source)) {
-    return false;
-  }
-
   return collectSwiftFunctionDeclarations(source).some((declaration) => {
     if (!/\basync\b/.test(declaration.signature)) {
       return false;

package/core/facts/detectors/typescript/index.ts

@@ -340,10 +340,7 @@ type AstNodeWithAncestors = {
   ancestors: readonly AstNode[];
 };
 
-const toPositiveLine = (node: unknown): number | null => {
-  if (!isObject(node)) {
-    return null;
-  }
+const toPositiveLine = (node: AstNode): number | null => {
   const loc = node.loc;
   if (!isObject(loc)) {
     return null;
@@ -748,18 +745,15 @@ const toSemanticMemberNode = (
   };
 };
 
-const toSingleLineArray = (line: number | null | undefined): readonly number[] | undefined => {
+const toSingleLineArray = (line: number | null): readonly number[] | undefined => {
   return typeof line === 'number' ? [line] : undefined;
 };
 
 const dedupeSemanticNodes = (
-  nodes: ReadonlyArray<TypeScriptSemanticNode | undefined>
+  nodes: ReadonlyArray<TypeScriptSemanticNode>
 ): readonly TypeScriptSemanticNode[] => {
   const unique = new Map<string, TypeScriptSemanticNode>();
   for (const node of nodes) {
-    if (!node) {
-      continue;
-    }
     const key = `${node.kind}:${node.name}:${(node.lines ?? []).join(',')}`;
     if (!unique.has(key)) {
       unique.set(key, node);
@@ -3361,10 +3355,7 @@ const buildDtoBoundaryMatch = (node: unknown): TypeScriptDtoBoundaryMatch | unde
 
   const classNode = match.node;
   const className = methodNameFromNode(classNode.id);
-  const classBody =
-    isObject(classNode.body) && classNode.body.type === 'ClassBody' && Array.isArray(classNode.body.body)
-      ? classNode.body.body
-      : [];
+  const classBody = isObject(classNode.body) && classNode.body.type === 'ClassBody' ? classNode.body.body : [];
   const classLine = toPositiveLine(classNode);
 
   const propertyEntries = classBody.filter((member) => {
@@ -3734,12 +3725,12 @@ const buildBackendTransactionsMatch = (
     return undefined;
   }
 
-  const ownerNode: TypeScriptSemanticNode = semanticOwnerFromAncestors(match.ancestors) ?? {
+  const ownerNode = semanticOwnerFromAncestors(match.ancestors) ?? {
     kind: 'member',
     name: `${boundaryObjectName}.${boundaryName}`,
     lines: toSingleLineArray(callLine),
   };
-  const primaryNode: TypeScriptSemanticNode =
+  const primaryNode =
     ownerNode.kind === 'class' || ownerNode.kind === 'member'
       ? ownerNode
       : {
@@ -4163,7 +4154,7 @@ const buildRateLimitingThrottlerMatch = (
     ...(calleeName === 'Throttle'
       ? [
           {
-            kind: 'member' as const,
+            kind: 'member',
             name: '@nestjs/throttler',
             lines: toSingleLineArray(callLine),
           },
@@ -4172,7 +4163,7 @@ const buildRateLimitingThrottlerMatch = (
     ...(calleeName === 'UseGuards'
       ? [
           {
-            kind: 'member' as const,
+            kind: 'member',
             name: 'ThrottlerGuard',
             lines: toSingleLineArray(callLine),
           },
@@ -4181,7 +4172,7 @@ const buildRateLimitingThrottlerMatch = (
     ...(calleeName === 'forRoot' || calleeName === 'forRootAsync'
       ? [
           {
-            kind: 'member' as const,
+            kind: 'member',
             name: 'ThrottlerModule',
             lines: toSingleLineArray(callLine),
           },
@@ -4566,7 +4557,7 @@ const buildCallbackHellPatternMatch = (
             lines: toSingleLineArray(toPositiveLine(nestedCall)),
           }
         : undefined,
-    ]
+    ].filter((entry): entry is TypeScriptSemanticNode => entry !== undefined)
   );
   const lines = sortedUniqueLines([
     ...(primaryNode.lines ?? []),
@@ -4854,12 +4845,7 @@ const isRuntimeApiLiteral = (node: AstNode): boolean => {
 };
 
 const isNeutralHardcodedNumericLiteral = (node: AstNode): boolean => {
-  return (
-    node.type === 'NumericLiteral' &&
-    (node.value === 0 ||
-      node.value === 1 ||
-      (typeof node.value === 'number' && node.value >= -32768 && node.value <= -32000))
-  );
+  return node.type === 'NumericLiteral' && (node.value === 0 || node.value === 1);
 };
 
 const isBenignHardcodedConfigLiteral = (node: AstNode): boolean => {
@@ -5055,12 +5041,7 @@ const buildEnvDefaultFallbackPatternMatch = (
       if (value.operator !== '||' && value.operator !== '??') {
         return false;
       }
-      const leftNode = value.left;
-      return (
-        isObject(leftNode) &&
-        typeof memberExpressionPropertyName(leftNode) === 'string' &&
-        isProcessEnvBaseAccess(leftNode.object)
-      );
+      return typeof memberExpressionPropertyName(value.left) === 'string' && isProcessEnvBaseAccess(value.left.object);
     }
 
     if (value.type !== 'AssignmentPattern') {
@@ -5507,7 +5488,6 @@ const buildProductionMockMatch = (
     return (
       isObject(objectNode) &&
       objectNode.type === 'Identifier' &&
-      typeof objectNode.name === 'string' &&
       productionMockLibraryPattern.test(objectNode.name) &&
       isObject(propertyNode) &&
       propertyNode.type === 'Identifier' &&
@@ -5664,7 +5644,7 @@ const buildExceptionFilterMatch = (
     return methodNameFromNode(expression) === 'Catch';
   });
 
-  const primaryNode: TypeScriptSemanticNode = {
+  const primaryNode = {
     kind: 'class',
     name: className,
     lines: typeof classLine === 'number' ? [classLine] : [],
@@ -5679,7 +5659,7 @@ const buildExceptionFilterMatch = (
     ...(hasCatchDecorator
       ? [
           {
-            kind: 'member' as const,
+            kind: 'member',
             name: '@Catch',
             lines: typeof classLine === 'number' ? [classLine] : [],
           },
@@ -5755,8 +5735,7 @@ const buildGuardMatch = (node: unknown): TypeScriptGuardMatch | undefined => {
       ? classOrMemberNode.lines[0]
       : toPositiveLine(classOrMemberNode ?? decoratorNode);
   const decoratorLine = toPositiveLine(decoratorNode);
-  const expressionArguments = Array.isArray(expression.arguments) ? expression.arguments : [];
-  const guardArgument = expressionArguments.find((argument) => methodNameFromNode(argument) === 'JwtAuthGuard');
+  const guardArgument = expression.arguments.find((argument) => methodNameFromNode(argument) === 'JwtAuthGuard');
   const guardLine = toPositiveLine(guardArgument) ?? decoratorLine;
   const ownerName =
     classOrMemberNode?.kind === 'class' || classOrMemberNode?.kind === 'member'
@@ -5861,8 +5840,7 @@ const buildInterceptorMatch = (node: unknown): TypeScriptInterceptorMatch | unde
       ? classOrMemberNode.lines[0]
       : toPositiveLine(classOrMemberNode ?? decoratorNode);
   const decoratorLine = toPositiveLine(decoratorNode);
-  const expressionArguments = Array.isArray(expression.arguments) ? expression.arguments : [];
-  const interceptorArgument = expressionArguments.find((argument) => {
+  const interceptorArgument = expression.arguments.find((argument) => {
     const name = interceptorNameFromNode(argument);
     return typeof name === 'string' && /Interceptor$/u.test(name);
   });
@@ -6191,7 +6169,7 @@ const buildReactClassComponentMatch = (
           lines: toSingleLineArray(reactImportInfo.importLines[0]),
         }
       : undefined,
-  ]);
+  ].filter((entry): entry is TypeScriptSemanticNode => entry !== undefined));
 
   const lines = sortedUniqueLines([
     ...(typeof classLine === 'number' ? [classLine] : []),
@@ -6384,7 +6362,7 @@ const buildSingletonPatternMatch = (
             lines: toSingleLineArray(toPositiveLine(singletonFactoryMethodMember)),
           }
         : undefined,
-    ]
+    ].filter((entry): entry is TypeScriptSemanticNode => entry !== undefined)
   );
 
   const lines = sortedUniqueLines([

package/core/facts/extractHeuristicFacts.ts

@@ -460,7 +460,6 @@ type ASTDetectorRegistryEntry = {
   readonly code: string;
   readonly message: string;
   readonly pathCheck?: (path: string) => boolean;
-  readonly excludePaths?: ReadonlyArray<(path: string) => boolean>;
   readonly includeTestPaths?: boolean;
 };
 

package/docs/operations/RELEASE_NOTES.md

@@ -4,12 +4,6 @@ This file tracks the active deterministic framework line used in this repository
 Canonical release chronology lives in `CHANGELOG.md`.
 This file keeps only the operational highlights and rollout notes that matter while running the framework.
 
-### 2026-05-07 (v6.3.170)
-
-- **npm README entrypoint:** la ficha pública de npm pasa a mostrar el README premium real, con capturas actuales de menú/auditoría, límites explícitos de hooks/CI, binarios MCP stdio y cobertura AUTO vs DECLARATIVE de skills.
-- **Release typecheck:** la línea publicada recupera `npm run typecheck` con fixes conservadores en detectores TypeScript y helpers lifecycle/MCP, sin cambiar semántica de detección.
-- **Rollout:** publicar `pumuki@6.3.170` para sustituir el README antiguo visible en `pumuki@6.3.169` sin degradar la línea de paquete ya publicada.
-
 ### 2026-05-05 (v6.3.150)
 
 - **RuralGo PUMUKI-INC-061:** las notificaciones de bloqueo ya recomiendan `policy reconcile --strict --apply --json` cuando la remediación real requiere converger policy-as-code.

package/integrations/config/coreSkillsLock.ts

@@ -8,15 +8,6 @@ const PACKAGE_ROOT = resolve(__dirname, '..', '..');
 
 let cachedCoreSkillsLock: SkillsLockV1 | undefined;
 
-const writeDebugFallback = (error: unknown): void => {
-  if (process.env.PUMUKI_DEBUG !== '1') {
-    return;
-  }
-
-  const message = error instanceof Error ? error.message : String(error);
-  process.stderr.write(`[pumuki][skills-lock] compile fallback: ${message}\n`);
-};
-
 export const resolveCoreSkillsLockForPackageRoot = (
   packageRoot: string
 ): SkillsLockV1 | undefined => {
@@ -29,8 +20,7 @@ export const resolveCoreSkillsLockForPackageRoot = (
     if (compiledLock.bundles.length > 0) {
       return compiledLock;
     }
-  } catch (error) {
-    writeDebugFallback(error);
+  } catch {
   }
 
   return loadSkillsLock(packageRoot);

package/integrations/config/skillsRuleSet.ts

@@ -603,6 +603,7 @@ export const loadSkillsRuleSetForStage = (
         continue;
       }
       if (evaluationMode !== 'AUTO') {
+        unsupportedDetectorRuleIds.add(compiledRule.id);
         continue;
       }
       stageApplicableAutoRuleIds.add(compiledRule.id);

package/integrations/git/stageRunners.ts

@@ -77,9 +77,6 @@ const shouldSkipRestagingTrackedEvidenceForDocumentationOnlyScope = (params: {
   return paths.every(isDocumentationOnlyStagedPath);
 };
 
-const hasStagedEvidencePath = (paths: ReadonlyArray<string>): boolean =>
-  paths.some((path) => path === '.ai_evidence.json' || path === '.AI_EVIDENCE.json');
-
 const PRE_COMMIT_EVIDENCE_MAX_AGE_SECONDS = 900;
 const PRE_PUSH_EVIDENCE_MAX_AGE_SECONDS = 1800;
 const HOOK_GATE_PROGRESS_REMINDER_MS = 2000;
@@ -523,7 +520,6 @@ const syncTrackedEvidenceAfterSuccessfulPreCommit = (params: {
   dependencies: StageRunnerDependencies;
   repoRoot: string;
   gateBlocked: boolean;
-  evidenceWasStagedAtStart: boolean;
 }): boolean => {
   const evidenceAbsolutePath = join(params.repoRoot, EVIDENCE_FILE_PATH);
   if (!existsSync(evidenceAbsolutePath)) {
@@ -547,20 +543,6 @@ const syncTrackedEvidenceAfterSuccessfulPreCommit = (params: {
     params.dependencies.restorePathFromHead(params.repoRoot, EVIDENCE_FILE_PATH);
     return false;
   }
-  if (
-    !params.gateBlocked &&
-    !params.evidenceWasStagedAtStart &&
-    !isTruthyEnvFlag(process.env.PUMUKI_PRE_COMMIT_ALWAYS_RESTAGE_TRACKED_EVIDENCE)
-  ) {
-    if (!params.dependencies.isQuietMode()) {
-      process.stderr.write(
-        `[pumuki][evidence-sync] tracked ${EVIDENCE_FILE_PATH} restored because it was not staged before PRE_COMMIT. ` +
-          `Force previous behavior: PUMUKI_PRE_COMMIT_ALWAYS_RESTAGE_TRACKED_EVIDENCE=1\n`
-      );
-    }
-    params.dependencies.restorePathFromHead(params.repoRoot, EVIDENCE_FILE_PATH);
-    return false;
-  }
   try {
     params.dependencies.stagePath(params.repoRoot, EVIDENCE_FILE_PATH);
     return false;
@@ -805,7 +787,6 @@ export async function runPreCommitStage(
   const activeDependencies = getDependencies(dependencies);
   const repoRoot = activeDependencies.resolveRepoRoot();
   const manifestSnapshot = captureManifestGuardSnapshot(repoRoot);
-  const initiallyStagedPaths = activeDependencies.listStagedIndexPaths(repoRoot);
   activeDependencies.ensureRuntimeArtifactsIgnored(repoRoot);
   if (
     enforceGitAtomicityGate({
@@ -839,7 +820,6 @@ export async function runPreCommitStage(
       dependencies: activeDependencies,
       repoRoot,
       gateBlocked: result.exitCode !== 0,
-      evidenceWasStagedAtStart: hasStagedEvidencePath(initiallyStagedPaths),
     })
   ) {
     return 1;

package/integrations/lifecycle/audit.ts

@@ -4,7 +4,7 @@ import { GitService, type IGitService } from '../git/GitService';
 import { hasAllowedExtension } from '../git/gitDiffUtils';
 import { runPlatformGate } from '../git/runPlatformGate';
 import { evaluatePlatformGateFindings } from '../git/runPlatformGateEvaluation';
-import { DEFAULT_FACT_FILE_EXTENSIONS } from '../git/runPlatformGateFacts';
+import { DEFAULT_FACT_FILE_EXTENSIONS, type GateScope } from '../git/runPlatformGateFacts';
 import { resolvePolicyForStage, type ResolvedStagePolicy } from '../gate/stagePolicies';
 
 export type LifecycleAuditStage = 'PRE_WRITE' | 'PRE_COMMIT' | 'PRE_PUSH' | 'CI';
@@ -23,7 +23,7 @@ export type LifecycleAuditResult = {
   command: 'pumuki audit';
   repo_root: string;
   stage: LifecycleAuditStage;
-  scope: { kind: 'repo' };
+  scope: { kind: 'repo' | 'staged'; staged_matching_extensions_count: number };
   audit_mode: 'gate' | 'engine';
   gate_exit_code: number;
   files_scanned: number | null;
@@ -70,6 +70,28 @@ const countUntrackedMatchingExtensions = (
     .filter((path) => hasAllowedExtension(path, extensions)).length;
 };
 
+const collectStagedMatchingExtensions = (
+  git: Pick<IGitService, 'resolveRepoRoot' | 'runGit'>,
+  extensions: ReadonlyArray<string>
+): string[] => {
+  const repoRoot = git.resolveRepoRoot();
+  return git.runGit(['diff', '--cached', '--name-only'], repoRoot)
+    .split('\n')
+    .map((line) => line.trim())
+    .filter((line) => line.length > 0)
+    .filter((path) => hasAllowedExtension(path, extensions));
+};
+
+const resolveLifecycleAuditScope = (params: {
+  stage: LifecycleAuditStage;
+  stagedMatchingExtensions: ReadonlyArray<string>;
+}): GateScope => {
+  if (params.stage === 'PRE_WRITE' && params.stagedMatchingExtensions.length > 0) {
+    return { kind: 'staged' };
+  }
+  return { kind: 'repo' };
+};
+
 const isFindingBlocking = (finding: SnapshotFinding): boolean => {
   return finding.severity === 'CRITICAL' ||
     finding.severity === 'ERROR' ||
@@ -159,6 +181,30 @@ const buildRuleIdNormalization = (params: {
   };
 };
 
+const isScopedPreWriteGlobalEnforcementOnly = (params: {
+  stage: LifecycleAuditStage;
+  scope: GateScope;
+  findings: ReadonlyArray<LifecycleAuditFinding>;
+}): boolean =>
+  params.stage === 'PRE_WRITE' &&
+  params.scope.kind === 'staged' &&
+  params.findings.length > 0 &&
+  params.findings.every(
+    (finding) => finding.code === 'SKILLS_GLOBAL_ENFORCEMENT_INCOMPLETE_CRITICAL'
+  );
+
+const toScopedAuditAdvisoryFinding = (
+  finding: LifecycleAuditFinding
+): LifecycleAuditFinding => ({
+  ...finding,
+  severity: 'INFO',
+  code: 'AUDIT_SCOPED_GLOBAL_ENFORCEMENT_ADVISORY',
+  message:
+    'Scoped PRE_WRITE audit evaluated only the staged supported files; global skills enforcement debt is retained as advisory for repo-wide work. ' +
+    finding.message,
+  blocking: false,
+});
+
 export const runLifecycleAudit = async (params: {
   stage: LifecycleAuditStage;
   auditMode: 'gate' | 'engine';
@@ -179,13 +225,18 @@ export const runLifecycleAudit = async (params: {
   );
   const extensions = DEFAULT_FACT_FILE_EXTENSIONS;
   const untrackedMatchingExtensionsCount = countUntrackedMatchingExtensions(git, extensions);
+  const stagedMatchingExtensions = collectStagedMatchingExtensions(git, extensions);
+  const scope = resolveLifecycleAuditScope({
+    stage: params.stage,
+    stagedMatchingExtensions,
+  });
 
   const gateParams =
     params.auditMode === 'engine'
       ? {
           policy: resolved.policy,
           policyTrace: resolved.trace,
-          scope: { kind: 'repo' as const },
+          scope,
           silent: true,
           auditMode: 'engine' as const,
           dependencies: {
@@ -204,12 +255,12 @@ export const runLifecycleAudit = async (params: {
       : {
           policy: resolved.policy,
           policyTrace: resolved.trace,
-          scope: { kind: 'repo' as const },
+          scope,
           silent: true,
           auditMode: 'gate' as const,
         };
 
-  const gateExitCode = await activeDependencies.runPlatformGate(gateParams);
+  const rawGateExitCode = await activeDependencies.runPlatformGate(gateParams);
   const evidence = activeDependencies.readEvidence(repoRoot);
   const filesScanned =
     typeof evidence?.snapshot.files_scanned === 'number' &&
@@ -220,29 +271,41 @@ export const runLifecycleAudit = async (params: {
     typeof evidence?.snapshot.outcome === 'string' ? evidence.snapshot.outcome : null;
   const findings = extractAuditFindings({
     evidence,
-    gateExitCode,
+    gateExitCode: rawGateExitCode,
     stage: params.stage,
     snapshotOutcome,
   });
+  const scopedPreWriteGlobalEnforcementOnly = isScopedPreWriteGlobalEnforcementOnly({
+    stage: params.stage,
+    scope,
+    findings,
+  });
+  const effectiveFindings = scopedPreWriteGlobalEnforcementOnly
+    ? findings.map(toScopedAuditAdvisoryFinding)
+    : findings;
+  const gateExitCode = scopedPreWriteGlobalEnforcementOnly ? 0 : rawGateExitCode;
 
   return {
     command: 'pumuki audit',
     repo_root: repoRoot,
     stage: params.stage,
-    scope: { kind: 'repo' },
+    scope: {
+      kind: scope.kind === 'staged' ? 'staged' : 'repo',
+      staged_matching_extensions_count: stagedMatchingExtensions.length,
+    },
     audit_mode: params.auditMode,
     gate_exit_code: gateExitCode,
     files_scanned: filesScanned,
     untracked_matching_extensions_count: untrackedMatchingExtensionsCount,
     snapshot_outcome: snapshotOutcome,
-    findings_count: findings.length,
-    blocking_findings_count: findings.filter((finding) => finding.blocking).length,
+    findings_count: effectiveFindings.length,
+    blocking_findings_count: effectiveFindings.filter((finding) => finding.blocking).length,
     rules_coverage: evidence?.snapshot.rules_coverage ?? null,
     rule_id_normalization: buildRuleIdNormalization({
-      findings,
+      findings: effectiveFindings,
       rulesCoverage: evidence?.snapshot.rules_coverage,
     }),
-    findings,
+    findings: effectiveFindings,
     policy_reconcile_hint: POLICY_RECONCILE_HINT,
   };
 };

package/integrations/lifecycle/bootstrapManifest.ts

@@ -1,6 +1,5 @@
 import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs'
 import { dirname, join } from 'node:path'
-import type { AiGateStage } from '../gate/evaluateAiGate'
 import { getPumukiHooksStatus, resolvePumukiHooksDirectory } from './hookManager'
 import { LifecycleGitService, type ILifecycleGitService } from './gitService'
 import {
@@ -16,15 +15,6 @@ import { readLifecycleState } from './state'
 
 export const BOOTSTRAP_MANIFEST_RELATIVE_PATH = '.pumuki/bootstrap-manifest.json'
 
-const JSON_PRETTY_PRINT_SPACES = 2
-
-const toAiGateStage = (stage: string | undefined): AiGateStage => {
-  if (stage === 'PRE_WRITE' || stage === 'PRE_COMMIT' || stage === 'PRE_PUSH' || stage === 'CI') {
-    return stage
-  }
-  return 'PRE_WRITE'
-}
-
 type AdapterCommandContract = {
   path: string
   present: boolean
@@ -184,7 +174,7 @@ export const buildLifecycleBootstrapManifest = (params: {
   })
   const governanceNextAction = readGovernanceNextAction({
     repoRoot,
-    stage: toAiGateStage(governanceObservation.evidence.snapshot_stage),
+    stage: governanceObservation.evidence.snapshot_stage ?? 'PRE_WRITE',
     governanceObservation,
   })
   const hooksDirectory = resolvePumukiHooksDirectory(repoRoot)
@@ -233,7 +223,7 @@ export const buildLifecycleBootstrapManifest = (params: {
 }
 
 const serializeManifest = (manifest: LifecycleBootstrapManifest): string =>
-  `${JSON.stringify(manifest, null, JSON_PRETTY_PRINT_SPACES)}\n`
+  `${JSON.stringify(manifest, null, 2)}\n`
 
 export const writeLifecycleBootstrapManifest = (params: {
   repoRoot: string

package/integrations/lifecycle/governanceObservationSnapshot.ts

@@ -10,6 +10,7 @@ import type { ILifecycleGitService } from './gitService';
 import { LifecycleGitService } from './gitService';
 import type { LifecyclePolicyValidationSnapshot } from './policyValidationSnapshot';
 import { writeInfo } from './cliOutputs';
+import { formatTrackingActionableContext } from './trackingState';
 
 const DEFAULT_PROTECTED_BRANCHES = new Set(['main', 'master', 'develop', 'dev']);
 const STRICT_ENV_VALUE = 'strict';
@@ -205,8 +206,9 @@ const buildHints = (
     hints.push(`Falta el tracking canónico declarado (${tracking.canonical_path ?? 'sin resolver'}).`);
   }
   if (tracking.enforced && tracking.single_in_progress_valid === false) {
+    const actionableContext = formatTrackingActionableContext(tracking);
     hints.push(
-      `El tracking canónico debe dejar exactamente una 🚧 (actual=${tracking.in_progress_count ?? 'n/a'}).`
+      `El tracking canónico debe dejar exactamente una 🚧 (actual=${tracking.in_progress_count ?? 'n/a'}${actionableContext ? `, ${actionableContext}` : ''}).`
     );
   }
   hints.push('SDD/OpenSpec: usa PUMUKI_EXPERIMENTAL_SDD=advisory|strict cuando el loop SDD esté activo.');
@@ -349,8 +351,9 @@ export const buildGovernanceObservationSummaryLines = (
     lines.push(`Attention: ${snapshot.attention_codes.join(', ')}`);
   }
   if (snapshot.tracking.enforced && snapshot.tracking.single_in_progress_valid === false) {
+    const actionableContext = formatTrackingActionableContext(snapshot.tracking);
     lines.push(
-      `Tracking: canonical=${snapshot.tracking.canonical_path ?? 'unknown'} in_progress_count=${snapshot.tracking.in_progress_count ?? 'n/a'}`
+      `Tracking: canonical=${snapshot.tracking.canonical_path ?? 'unknown'} in_progress_count=${snapshot.tracking.in_progress_count ?? 'n/a'}${actionableContext ? ` ${actionableContext}` : ''}`
     );
   }
   return lines;

package/integrations/lifecycle/install.ts

@@ -13,7 +13,6 @@ import { createEmptyEvaluationMetrics } from '../evidence/evaluationMetrics';
 import { readOpenSpecManagedArtifacts, writeLifecycleState } from './state';
 import { ensureRuntimeArtifactsIgnored } from './artifacts';
 import { runLifecycleAdapterInstall } from './adapter';
-import { writeLifecycleBootstrapManifest } from './bootstrapManifest';
 import { runPolicyReconcile } from './policyReconcile';
 import { emitGateBlockedNotification } from '../notifications/emitAuditSummaryNotification';
 
@@ -21,10 +20,6 @@ export type LifecycleInstallResult = {
   repoRoot: string;
   version: string;
   changedHooks: ReadonlyArray<string>;
-  bootstrapManifest: {
-    path: string;
-    changed: boolean;
-  };
   openSpecBootstrap?: OpenSpecBootstrapResult;
   degradedDoctorBypass?: boolean;
 };
@@ -132,18 +127,10 @@ export const runLifecycleInstall = (params?: {
       });
       ensureRepoBaselineAdapter(report.repoRoot);
       materializeStrictPolicyAsCode(report.repoRoot);
-      const bootstrapManifest = writeLifecycleBootstrapManifest({
-        git,
-        repoRoot: report.repoRoot,
-      });
       return {
         repoRoot: report.repoRoot,
         version,
         changedHooks,
-        bootstrapManifest: {
-          path: bootstrapManifest.path,
-          changed: bootstrapManifest.changed,
-        },
         openSpecBootstrap: undefined,
         degradedDoctorBypass: true,
       };
@@ -192,19 +179,11 @@ export const runLifecycleInstall = (params?: {
   });
   ensureRepoBaselineAdapter(report.repoRoot);
   materializeStrictPolicyAsCode(report.repoRoot);
-  const bootstrapManifest = writeLifecycleBootstrapManifest({
-    git,
-    repoRoot: report.repoRoot,
-  });
 
   return {
     repoRoot: report.repoRoot,
     version,
     changedHooks,
-    bootstrapManifest: {
-      path: bootstrapManifest.path,
-      changed: bootstrapManifest.changed,
-    },
     openSpecBootstrap,
   };
 };

package/integrations/mcp/alignedPlatformGate.ts

@@ -52,14 +52,10 @@ const resolvePrePushBootstrapBaseRefInRepo = (repoRoot: string): string => {
       continue;
     }
     try {
-      const diffOutput = runGit(
+      const changedFiles = runGit(
         repoRoot,
         ['diff', '--name-only', '--diff-filter=ACMR', `${candidate}..HEAD`]
-      );
-      if (diffOutput === null) {
-        continue;
-      }
-      const changedFiles = diffOutput
+      )
         .split('\n')
         .map((line) => line.trim())
         .filter((line) => line.length > 0).length;