pumuki 6.3.173 → 6.3.175
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
v6.3.
|
|
1
|
+
v6.3.175
|
|
@@ -20,9 +20,7 @@ import {
|
|
|
20
20
|
} from '../notifications/emitAuditSummaryNotification';
|
|
21
21
|
import { existsSync, readFileSync, unlinkSync, writeFileSync } from 'node:fs';
|
|
22
22
|
import { join } from 'node:path';
|
|
23
|
-
import { buildEvidenceOperationalHints } from '../evidence/operationalHints';
|
|
24
23
|
import { readEvidence, readEvidenceResult } from '../evidence/readEvidence';
|
|
25
|
-
import { writeEvidence } from '../evidence/writeEvidence';
|
|
26
24
|
import type { EvidenceReadResult } from '../evidence/readEvidence';
|
|
27
25
|
import type { SnapshotFinding } from '../evidence/schema';
|
|
28
26
|
import { ensureRuntimeArtifactsIgnored } from '../lifecycle/artifacts';
|
|
@@ -142,6 +140,7 @@ type StageRunnerDependencies = {
|
|
|
142
140
|
isPathTracked: (repoRoot: string, relativePath: string) => boolean;
|
|
143
141
|
listStagedIndexPaths: (repoRoot: string) => ReadonlyArray<string>;
|
|
144
142
|
stagePath: (repoRoot: string, relativePath: string) => void;
|
|
143
|
+
restorePathFromHead: (repoRoot: string, relativePath: string) => void;
|
|
145
144
|
resolveHeadOid: (repoRoot: string) => string | null;
|
|
146
145
|
resolveGitAtomicityEnforcement: () => GitAtomicityEnforcementResolution;
|
|
147
146
|
};
|
|
@@ -230,6 +229,9 @@ const defaultDependencies: StageRunnerDependencies = {
|
|
|
230
229
|
stagePath: (repoRoot, relativePath) => {
|
|
231
230
|
new GitService().runGit(['add', '--', relativePath], repoRoot);
|
|
232
231
|
},
|
|
232
|
+
restorePathFromHead: (repoRoot, relativePath) => {
|
|
233
|
+
new GitService().runGit(['restore', '--worktree', '--source=HEAD', '--', relativePath], repoRoot);
|
|
234
|
+
},
|
|
233
235
|
resolveHeadOid: (repoRoot) => {
|
|
234
236
|
try {
|
|
235
237
|
return new GitService().runGit(['rev-parse', 'HEAD'], repoRoot).trim();
|
|
@@ -514,26 +516,6 @@ const runHookGateWithPolicyRetry = async (params: {
|
|
|
514
516
|
}
|
|
515
517
|
};
|
|
516
518
|
|
|
517
|
-
const patchOperationalHintsAfterDocumentationOnlyEvidenceSync = (repoRoot: string): void => {
|
|
518
|
-
const evidenceRead = readEvidenceResult(repoRoot);
|
|
519
|
-
if (evidenceRead.kind !== 'valid') {
|
|
520
|
-
return;
|
|
521
|
-
}
|
|
522
|
-
const evidence = evidenceRead.evidence;
|
|
523
|
-
const hints = buildEvidenceOperationalHints({
|
|
524
|
-
stage: evidence.snapshot.stage,
|
|
525
|
-
outcome: evidence.snapshot.outcome,
|
|
526
|
-
findings: evidence.snapshot.findings,
|
|
527
|
-
rulesCoverage: evidence.snapshot.rules_coverage,
|
|
528
|
-
evaluationMetrics: evidence.snapshot.evaluation_metrics,
|
|
529
|
-
extra: {
|
|
530
|
-
requires_second_pass: true,
|
|
531
|
-
second_pass_reason: 'tracked_evidence_refreshed_on_disk_not_staged_documentation_only_commit',
|
|
532
|
-
},
|
|
533
|
-
});
|
|
534
|
-
writeEvidence({ ...evidence, operational_hints: hints }, { repoRoot });
|
|
535
|
-
};
|
|
536
|
-
|
|
537
519
|
const syncTrackedEvidenceAfterSuccessfulPreCommit = (params: {
|
|
538
520
|
dependencies: StageRunnerDependencies;
|
|
539
521
|
repoRoot: string;
|
|
@@ -551,14 +533,33 @@ const syncTrackedEvidenceAfterSuccessfulPreCommit = (params: {
|
|
|
551
533
|
listStagedIndexPaths: params.dependencies.listStagedIndexPaths,
|
|
552
534
|
})
|
|
553
535
|
) {
|
|
554
|
-
|
|
536
|
+
try {
|
|
537
|
+
params.dependencies.restorePathFromHead(params.repoRoot, EVIDENCE_FILE_PATH);
|
|
538
|
+
if (!params.dependencies.isQuietMode()) {
|
|
539
|
+
process.stderr.write(
|
|
540
|
+
`[pumuki][evidence-sync] tracked ${EVIDENCE_FILE_PATH} was refreshed but restored because it was not part of the staged set. ` +
|
|
541
|
+
`Stage it before committing if this commit must update evidence: git add -- ${EVIDENCE_FILE_PATH}. ` +
|
|
542
|
+
`Force previous behavior: PUMUKI_PRE_COMMIT_ALWAYS_RESTAGE_TRACKED_EVIDENCE=1\n`
|
|
543
|
+
);
|
|
544
|
+
}
|
|
545
|
+
} catch (error) {
|
|
546
|
+
const details = error instanceof Error ? error.message : String(error);
|
|
555
547
|
process.stderr.write(
|
|
556
|
-
`[pumuki][evidence-sync] tracked ${EVIDENCE_FILE_PATH}
|
|
557
|
-
`Include in this commit if needed: git add -- ${EVIDENCE_FILE_PATH}. ` +
|
|
558
|
-
`Force previous behavior: PUMUKI_PRE_COMMIT_ALWAYS_RESTAGE_TRACKED_EVIDENCE=1\n`
|
|
548
|
+
`[pumuki][evidence-sync] unable to restore unstaged tracked ${EVIDENCE_FILE_PATH}: ${details}\n`
|
|
559
549
|
);
|
|
550
|
+
params.dependencies.notifyGateBlocked({
|
|
551
|
+
repoRoot: params.repoRoot,
|
|
552
|
+
stage: 'PRE_COMMIT',
|
|
553
|
+
totalViolations: 1,
|
|
554
|
+
causeCode: 'EVIDENCE_STAGE_SYNC_FAILED',
|
|
555
|
+
causeMessage:
|
|
556
|
+
`Unable to restore unstaged tracked ${EVIDENCE_FILE_PATH} after successful PRE_COMMIT gate.`,
|
|
557
|
+
remediation: BLOCKED_REMEDIATION_BY_CODE.EVIDENCE_STAGE_SYNC_FAILED
|
|
558
|
+
?? DEFAULT_BLOCKED_REMEDIATION,
|
|
559
|
+
});
|
|
560
|
+
notifyAuditSummaryForStage(params.dependencies, 'PRE_COMMIT');
|
|
561
|
+
return true;
|
|
560
562
|
}
|
|
561
|
-
patchOperationalHintsAfterDocumentationOnlyEvidenceSync(params.repoRoot);
|
|
562
563
|
return false;
|
|
563
564
|
}
|
|
564
565
|
try {
|
|
@@ -117,6 +117,9 @@ const tryApplyPolicyAutofix = (params: {
|
|
|
117
117
|
}
|
|
118
118
|
|
|
119
119
|
const preWriteStage = params.report.stages.PRE_WRITE;
|
|
120
|
+
const preCommitStage = params.report.stages.PRE_COMMIT;
|
|
121
|
+
const prePushStage = params.report.stages.PRE_PUSH;
|
|
122
|
+
const ciStage = params.report.stages.CI;
|
|
120
123
|
const signatures = {
|
|
121
124
|
PRE_WRITE: createPolicyAsCodeSignature({
|
|
122
125
|
stage: 'PRE_COMMIT',
|
|
@@ -125,9 +128,27 @@ const tryApplyPolicyAutofix = (params: {
|
|
|
125
128
|
hash: preWriteStage.hash,
|
|
126
129
|
version: '1.0',
|
|
127
130
|
}),
|
|
128
|
-
PRE_COMMIT:
|
|
129
|
-
|
|
130
|
-
|
|
131
|
+
PRE_COMMIT: createPolicyAsCodeSignature({
|
|
132
|
+
stage: 'PRE_COMMIT',
|
|
133
|
+
source: toContractSource(preCommitStage.source),
|
|
134
|
+
bundle: preCommitStage.bundle,
|
|
135
|
+
hash: preCommitStage.hash,
|
|
136
|
+
version: '1.0',
|
|
137
|
+
}),
|
|
138
|
+
PRE_PUSH: createPolicyAsCodeSignature({
|
|
139
|
+
stage: 'PRE_PUSH',
|
|
140
|
+
source: toContractSource(prePushStage.source),
|
|
141
|
+
bundle: prePushStage.bundle,
|
|
142
|
+
hash: prePushStage.hash,
|
|
143
|
+
version: '1.0',
|
|
144
|
+
}),
|
|
145
|
+
CI: createPolicyAsCodeSignature({
|
|
146
|
+
stage: 'CI',
|
|
147
|
+
source: toContractSource(ciStage.source),
|
|
148
|
+
bundle: ciStage.bundle,
|
|
149
|
+
hash: ciStage.hash,
|
|
150
|
+
version: '1.0',
|
|
151
|
+
}),
|
|
131
152
|
};
|
|
132
153
|
if (!signatures.PRE_COMMIT || !signatures.PRE_PUSH || !signatures.CI) {
|
|
133
154
|
return {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "pumuki",
|
|
3
|
-
"version": "6.3.
|
|
3
|
+
"version": "6.3.175",
|
|
4
4
|
"description": "Enterprise-grade AST Intelligence System with multi-platform support (iOS, Android, Backend, Frontend) and Feature-First + DDD + Clean Architecture enforcement. Includes dynamic violations API for intelligent querying.",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"bin": {
|