npm - pumuki - Versions diffs - 6.3.286 → 6.3.288 - Mend

pumuki 6.3.286 → 6.3.288

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/VERSION +1 -1
package/integrations/evidence/blockingCauses.ts +7 -2
package/integrations/lifecycle/audit.ts +51 -6
package/package.json +1 -1

package/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 6.3.~~286~~
1	+ 6.3.288

package/integrations/evidence/blockingCauses.ts CHANGED Viewed

@@ -55,7 +55,8 @@ export const extractEvidenceBlockingCauses = (
   const seen = new Set<string>();
   for (const finding of evidence.snapshot.findings) {
-    if (finding.blocking === false || !isBlockingSeverity(finding.severity)) {
+    const explicitlyBlocking = finding.blocking === true;
+    if (finding.blocking === false || (!explicitlyBlocking && !isBlockingSeverity(finding.severity))) {
       continue;
     }
     const cause = toFindingBlockingCause(finding);
@@ -67,7 +68,11 @@ export const extractEvidenceBlockingCauses = (
   }
   for (const violation of evidence.ai_gate.violations) {
-    if (violation.blocking === false || !isBlockingSeverity(resolveViolationSeverity(violation))) {
+    const explicitlyBlocking = violation.blocking === true;
+    if (
+      violation.blocking === false ||
+      (!explicitlyBlocking && !isBlockingSeverity(resolveViolationSeverity(violation)))
+    ) {
       continue;
     }
     const cause = toViolationBlockingCause(violation);

package/integrations/lifecycle/audit.ts CHANGED Viewed

@@ -6,6 +6,7 @@ import { runPlatformGate } from '../git/runPlatformGate';
 import { evaluatePlatformGateFindings } from '../git/runPlatformGateEvaluation';
 import { DEFAULT_FACT_FILE_EXTENSIONS } from '../git/runPlatformGateFacts';
 import { resolvePolicyForStage, type ResolvedStagePolicy } from '../gate/stagePolicies';
+import { writePreWriteLease } from './preWriteLease';
 export type LifecycleAuditStage = 'PRE_WRITE' | 'PRE_COMMIT' | 'PRE_PUSH' | 'CI';
@@ -59,6 +60,7 @@ type LifecycleAuditDependencies = {
   readEvidence: typeof readEvidence;
   resolvePolicyForStage: typeof resolvePolicyForStage;
   runPlatformGate: typeof runPlatformGate;
+  writePreWriteLease: typeof writePreWriteLease;
 };
 type LifecycleAuditScope =
@@ -435,6 +437,7 @@ export const runLifecycleAudit = async (params: {
     readEvidence,
     resolvePolicyForStage,
     runPlatformGate,
+    writePreWriteLease,
     ...params.dependencies,
   };
   const git = activeDependencies.git;
@@ -525,13 +528,55 @@ export const runLifecycleAudit = async (params: {
     : stagedWithoutSupportedCode
       ? findings.map(toStagedNoSupportedCodeAuditAdvisoryFinding)
       : findings;
-  const hasBlockingFinding = effectiveFindings.some((finding) => finding.blocking);
-  const gateExitCode =
+  let mutableEffectiveFindings = effectiveFindings;
+  const hasBlockingFinding = mutableEffectiveFindings.some((finding) => finding.blocking);
+  let gateExitCode =
     scopedGlobalEnforcementOnly || rangePrePushWithoutSupportedCodeSddOnly || stagedWithoutSupportedCode
       ? 0
       : hasBlockingFinding
         ? 1
         : originalGateExitCode;
+  if (params.stage === 'PRE_WRITE' && params.auditMode === 'gate' && gateExitCode === 0) {
+    try {
+      const lease = activeDependencies.writePreWriteLease({
+        repoRoot,
+        git,
+        allowExistingCodeChanges: true,
+      });
+      if (!lease.valid) {
+        mutableEffectiveFindings = [
+          ...mutableEffectiveFindings,
+          {
+            ruleId: 'governance.prewrite.lease-write-failed',
+            severity: 'ERROR',
+            code: lease.code,
+            message: lease.message,
+            file: lease.path,
+            blocking: true,
+          },
+        ];
+        gateExitCode = 1;
+      }
+    } catch (error) {
+      mutableEffectiveFindings = [
+        ...mutableEffectiveFindings,
+        {
+          ruleId: 'governance.prewrite.lease-write-failed',
+          severity: 'ERROR',
+          code: 'PRE_WRITE_LEASE_WRITE_FAILED',
+          message:
+            error instanceof Error
+              ? `PRE_WRITE audit passed but could not write the required lease: ${error.message}`
+              : 'PRE_WRITE audit passed but could not write the required lease.',
+          file: '.pumuki/prewrite-lease.json',
+          blocking: true,
+        },
+      ];
+      gateExitCode = 1;
+    }
+  }
   const effectiveSnapshotOutcome =
     gateExitCode === 0 && snapshotOutcome === 'BLOCK' ? 'PASS' : snapshotOutcome;
@@ -545,14 +590,14 @@ export const runLifecycleAudit = async (params: {
     files_scanned: filesScanned,
     untracked_matching_extensions_count: untrackedMatchingExtensionsCount,
     snapshot_outcome: effectiveSnapshotOutcome,
-    findings_count: effectiveFindings.length,
-    blocking_findings_count: effectiveFindings.filter((finding) => finding.blocking).length,
+    findings_count: mutableEffectiveFindings.length,
+    blocking_findings_count: mutableEffectiveFindings.filter((finding) => finding.blocking).length,
     rules_coverage: evidence?.snapshot.rules_coverage ?? null,
     rule_id_normalization: buildRuleIdNormalization({
-      findings: effectiveFindings,
+      findings: mutableEffectiveFindings,
       rulesCoverage: evidence?.snapshot.rules_coverage,
     }),
-    findings: effectiveFindings,
+    findings: mutableEffectiveFindings,
     policy_reconcile_hint: POLICY_RECONCILE_HINT,
   };
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "pumuki",
-  "version": "6.3.286",
+  "version": "6.3.288",
   "description": "Enterprise-grade AST Intelligence System with multi-platform support (iOS, Android, Backend, Frontend) and Feature-First + DDD + Clean Architecture enforcement. Includes dynamic violations API for intelligent querying.",
   "main": "index.js",
   "bin": {