pumuki 6.3.249 → 6.3.251

package/CHANGELOG.md

@@ -6,12 +6,19 @@ This project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
-## [6.3.249] - 2026-05-14
+## [6.3.251] - 2026-05-14
+
+### Fixed
+
+- **SDD session refresh tracking parity:** `pumuki sdd session --refresh` now realigns the session with the single active task in `docs/RURALGO_SEGUIMIENTO.md` when the matching OpenSpec change exists, and blocks with an actionable error instead of silently refreshing a stale task.
+
+## [6.3.250] - 2026-05-14
 
 ### Fixed
 
 - **Zero-violation gate contract:** runtime findings are blocking regardless of severity; `pumuki audit` no longer degrades findings to non-blocking warnings just because the runner returned exit 0.
 - **AST-actionable findings contract:** scoped `skills.*` and `heuristics.*` matches without line, range or semantic node attribution are no longer emitted as advisory findings. A runtime finding must be actionable by AST/location evidence or it is not a gate finding.
+- **Synthetic coverage findings removed from runtime gates:** cross-platform critical coverage gaps are no longer emitted as `.ai_evidence.json` findings. Coverage remains diagnostic metadata; runtime findings must be source-actionable.
 
 ## [6.3.248] - 2026-05-14
 

package/docs/operations/RELEASE_NOTES.md

@@ -6,13 +6,20 @@ This file keeps only the operational highlights and rollout notes that matter wh
 
 ## 2026-04 (CLI stability and macOS notifications)
 
-### 2026-05-14 (v6.3.249)
+### 2026-05-14 (v6.3.251)
+
+- **Refresh SDD alineado con tracking activo:** `pumuki sdd session --refresh` deja de reutilizar silenciosamente una sesión antigua cuando `docs/RURALGO_SEGUIMIENTO.md` ya marca otra task activa.
+- **Bloqueo accionable si falta OpenSpec:** si el tracking activo no existe en `openspec/changes`, el refresh falla con causa concreta en vez de producir una sesión válida pero semánticamente stale.
+- **Rollout recomendado:** publicar `pumuki@6.3.251`, repinear RuralGo y revalidar `pumuki sdd session --refresh --ttl-minutes=90` sobre el slice Android activo.
+
+### 2026-05-14 (v6.3.250)
 
 - **Normalización iOS mode-aware:** la línea activa conserva reglas iOS automatizables con evidencia concreta y deja como declarativas las reglas greenfield/brownfield que requieren contexto de adopción, baseline o migración.
 - **Package smoke estable para fixtures Git:** los commits y pushes internos de preparación del consumer smoke no disparan hooks del paquete bajo prueba; el gate real sigue validándose en los pasos explícitos del smoke.
 - **Smokes no interactivos sin diálogos macOS:** `PUMUKI_SYSTEM_NOTIFICATIONS=0` y `PUMUKI_NOTIFICATIONS=0` vuelven a apagar el canal de sistema, evitando bloqueos por Swift dialog en validaciones de release.
 - **Zero-violation real:** cualquier finding runtime emitido por regla activa bloquea; los matches scoped sin línea/rango/nodo AST dejan de publicarse como findings advisory.
-- **Rollout recomendado:** publicar `pumuki@6.3.249` tras el test suite global verde; `validation:package-smoke`, metadata local y `PRE_WRITE` strict/advisory quedan alineados para esta versión.
+- **AST accionable obligatorio:** los gaps sintéticos de cobertura cross-platform dejan de emitirse como findings sobre `.ai_evidence.json`; la cobertura queda como metadato diagnóstico y las findings runtime deben apuntar a código accionable.
+- **Rollout recomendado:** publicar `pumuki@6.3.250` tras el test suite global verde; `validation:package-smoke`, metadata local y `PRE_WRITE` strict/advisory quedan alineados para esta versión.
 
 ### 2026-04-25 (v6.3.116)
 

package/integrations/gate/evaluateAiGate.ts

@@ -693,13 +693,7 @@ const collectPreWriteCrossPlatformCriticalViolations = (params: {
     return [];
   }
 
-  return [
-    toSkillsViolation(
-      params.skillsEnforcement,
-      'EVIDENCE_CROSS_PLATFORM_CRITICAL_ENFORCEMENT_INCOMPLETE',
-      `Cross-platform critical enforcement incomplete in PRE_WRITE: ${missingCriticalCoverage.join(' | ')}.`
-    ),
-  ];
+  return [];
 };
 
 const toSkillsContractAssessment = (params: {
@@ -945,15 +939,6 @@ const toSkillsContractAssessment = (params: {
         )
       );
     }
-    if (!transversalCriticalCovered && requiredAnyTransversalCriticalRuleIds.length > 0) {
-      violations.push(
-        toSkillsViolation(
-          params.skillsEnforcement,
-          'EVIDENCE_CROSS_PLATFORM_CRITICAL_ENFORCEMENT_INCOMPLETE',
-          `Skills contract missing transversal critical coverage for ${platform}: required_any=[${requiredAnyTransversalCriticalRuleIds.join(', ')}].`
-        )
-      );
-    }
   }
 
   return {

package/integrations/git/runPlatformGate.ts

@@ -794,50 +794,7 @@ const toCrossPlatformCriticalEnforcementBlockingFinding = (params: {
     return undefined;
   }
 
-  const evaluatedRuleIds = new Set(params.evaluatedRuleIds);
-  const gaps: string[] = [];
-
-  for (const platform of detectedPlatformKeys) {
-    const rulePrefix = PLATFORM_SKILLS_RULE_PREFIXES[platform];
-    const criticalSkillRules = params.skillsRules
-      .filter(
-        (rule) =>
-          rule.id.startsWith(rulePrefix) &&
-          isCriticalProfileSeverity(rule.severity)
-      )
-      .map((rule) => rule.id)
-      .sort();
-
-    if (criticalSkillRules.length === 0) {
-      gaps.push(`${platform}{critical_profile_rules=missing}`);
-      continue;
-    }
-
-    const evaluatedCriticalSkillRules = criticalSkillRules.filter((ruleId) =>
-      evaluatedRuleIds.has(ruleId)
-    );
-    if (evaluatedCriticalSkillRules.length === 0) {
-      gaps.push(
-        `${platform}{critical_profile_rules=${criticalSkillRules.length}; evaluated=0}`
-      );
-    }
-  }
-
-  if (gaps.length === 0) {
-    return undefined;
-  }
-
-  return {
-    ruleId: 'governance.skills.cross-platform-critical.incomplete',
-    severity: 'ERROR',
-    code: 'SKILLS_CROSS_PLATFORM_CRITICAL_INCOMPLETE_S0',
-    message:
-      `Cross-platform critical enforcement incomplete at ${params.stage}: ${gaps.join(' | ')}. ` +
-      'Ensure each detected platform has critical-profile skill rules active and evaluated.',
-    filePath: '.ai_evidence.json',
-    matchedBy: 'SkillsCrossPlatformCriticalGuard',
-    source: 'skills-cross-platform-critical',
-  };
+  return undefined;
 };
 
 const shouldBlockFromFinding = (finding: Finding | undefined): boolean => {

package/integrations/lifecycle/update.ts

@@ -8,6 +8,7 @@ import {
   type OpenSpecCompatibilityMigrationResult,
 } from './openSpecBootstrap';
 import { getCurrentPumukiPackageName } from './packageInfo';
+import { emitGateBlockedNotification } from '../notifications/emitAuditSummaryNotification';
 
 export type LifecycleUpdateResult = {
   repoRoot: string;
@@ -28,6 +29,7 @@ export const runLifecycleUpdate = (params?: {
   targetSpec?: string;
   git?: ILifecycleGitService;
   npm?: ILifecycleNpmService;
+  notifyGateBlocked?: typeof emitGateBlockedNotification;
 }): LifecycleUpdateResult => {
   const git = params?.git ?? new LifecycleGitService();
   const npm = params?.npm ?? new LifecycleNpmService();
@@ -61,6 +63,7 @@ export const runLifecycleUpdate = (params?: {
       cwd: doctorReport.repoRoot,
       git,
       bootstrapOpenSpec: false,
+      notifyGateBlocked: params?.notifyGateBlocked,
     });
     return {
       repoRoot: installResult.repoRoot,

package/integrations/sdd/sessionStore.ts

@@ -1,4 +1,4 @@
-import { existsSync, readdirSync } from 'node:fs';
+import { existsSync, readFileSync, readdirSync } from 'node:fs';
 import { resolve } from 'node:path';
 import {
   LifecycleGitService,
@@ -16,6 +16,11 @@ const SDD_KEYS = {
 
 const DEFAULT_TTL_MINUTES = 45;
 
+const TRACKING_CANDIDATE_FILES = [
+  'docs/RURALGO_SEGUIMIENTO.md',
+  'RURALGO_SEGUIMIENTO.md',
+] as const;
+
 const resolveRepoRoot = (cwd: string, git: ILifecycleGitService): string =>
   git.resolveRepoRoot(cwd);
 
@@ -32,6 +37,51 @@ const parsePositiveMinutes = (value?: number): number =>
 const normalizeChangeId = (value: string): string =>
   value.trim().toLowerCase();
 
+const collectActiveTrackingChangeIds = (markdown: string): ReadonlyArray<string> => {
+  const changeIds: string[] = [];
+  const lines = markdown.split(/\r?\n/u);
+  for (const line of lines) {
+    const boardRowMatch = line.match(/^\|\s*🚧\s*\|\s*([A-Z0-9-]+)\s*\|/u);
+    if (boardRowMatch?.[1]) {
+      changeIds.push(normalizeChangeId(boardRowMatch[1]));
+      continue;
+    }
+    const tableMatch = line.match(
+      /^\|\s*\d+\s*\|\s*`([^`]+)`\s*\|.*\|\s*🚧(?:\s+reported\s+activo|\s+En construcción|\s+En construccion)?\s*\|/u
+    );
+    if (tableMatch?.[1]) {
+      changeIds.push(normalizeChangeId(tableMatch[1]));
+      continue;
+    }
+    const bulletMatch = line.match(/^- 🚧 (`?[A-Z0-9][0-9A-Za-z.-]*`?)/u);
+    if (bulletMatch?.[1]) {
+      changeIds.push(normalizeChangeId(bulletMatch[1].replace(/`/gu, '')));
+    }
+  }
+  return changeIds.filter((changeId) => changeId.length > 0);
+};
+
+const resolveSingleActiveTrackingChangeId = (repoRoot: string): string | undefined => {
+  for (const candidate of TRACKING_CANDIDATE_FILES) {
+    const candidatePath = resolve(repoRoot, candidate);
+    if (!existsSync(candidatePath)) {
+      continue;
+    }
+    const changeIds = collectActiveTrackingChangeIds(readFileSync(candidatePath, 'utf8'));
+    const uniqueChangeIds = [...new Set(changeIds)];
+    if (uniqueChangeIds.length === 1) {
+      return uniqueChangeIds[0];
+    }
+    if (uniqueChangeIds.length > 1) {
+      throw new Error(
+        `Multiple active tracking changes found in ${candidate}: ${uniqueChangeIds.join(', ')}. ` +
+        'Keep exactly one active task before refreshing the SDD session.'
+      );
+    }
+  }
+  return undefined;
+};
+
 export const listActiveOpenSpecChangeIds = (repoRoot: string): ReadonlyArray<string> => {
   const changesRoot = resolve(repoRoot, 'openspec', 'changes');
   if (!existsSync(changesRoot)) {
@@ -178,6 +228,24 @@ export const refreshSddSession = (params?: {
   if (!current.changeId) {
     throw new Error('No active SDD session to refresh. Run `pumuki sdd session --open --change=<id>` first.');
   }
+  const trackingChangeId = resolveSingleActiveTrackingChangeId(repoRoot);
+  if (trackingChangeId && trackingChangeId !== current.changeId) {
+    const trackingChangeState = ensureChangePath(repoRoot, trackingChangeId);
+    if (!trackingChangeState.exists) {
+      throw new Error(
+        `Active tracking change "${trackingChangeId}" does not exist in openspec/changes. ` +
+        `Current SDD session points to "${current.changeId}". ` +
+        `Create openspec/changes/${trackingChangeId} or run ` +
+        `\`pumuki sdd session --open --change=${trackingChangeId}\` after creating it.`
+      );
+    }
+    if (trackingChangeState.archived) {
+      throw new Error(
+        `Active tracking change "${trackingChangeId}" is archived and cannot refresh the SDD session.`
+      );
+    }
+    git.applyLocalConfig(repoRoot, SDD_KEYS.change, trackingChangeId);
+  }
   const ttlMinutes = parsePositiveMinutes(params?.ttlMinutes ?? current.ttlMinutes);
   git.applyLocalConfig(repoRoot, SDD_KEYS.updatedAt, nowIso());
   git.applyLocalConfig(repoRoot, SDD_KEYS.expiresAt, addMinutesIso(ttlMinutes));

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pumuki",
-  "version": "6.3.249",
+  "version": "6.3.251",
   "description": "Enterprise-grade AST Intelligence System with multi-platform support (iOS, Android, Backend, Frontend) and Feature-First + DDD + Clean Architecture enforcement. Includes dynamic violations API for intelligent querying.",
   "main": "index.js",
   "bin": {