pumuki 6.3.97 → 6.3.98

package/integrations/evidence/buildEvidence.ts

@@ -687,16 +687,6 @@ const normalizeRepoState = (repoState?: RepoState): RepoState | undefined => {
   if (!repoState) {
     return undefined;
   }
-  const tracking = repoState.lifecycle.tracking ?? {
-    enforced: false,
-    canonical_path: null,
-    canonical_present: false,
-    source_file: null,
-    in_progress_count: null,
-    single_in_progress_valid: null,
-    conflict: false,
-    declarations: [],
-  };
   return {
     repo_root: repoState.repo_root,
     git: {
@@ -726,20 +716,6 @@ const normalizeRepoState = (repoState?: RepoState): RepoState | undefined => {
           config_path: repoState.lifecycle.hard_mode.config_path,
         }
         : undefined,
-      tracking: {
-        enforced: tracking.enforced,
-        canonical_path: tracking.canonical_path,
-        canonical_present: tracking.canonical_present,
-        source_file: tracking.source_file,
-        in_progress_count: tracking.in_progress_count,
-        single_in_progress_valid: tracking.single_in_progress_valid,
-        conflict: tracking.conflict,
-        declarations: tracking.declarations.map((entry) => ({
-          source_file: entry.source_file,
-          declared_path: entry.declared_path,
-          resolved_path: entry.resolved_path,
-        })),
-      },
     },
   };
 };

package/integrations/evidence/repoState.ts

@@ -5,7 +5,6 @@ import { readLifecycleStatus } from '../lifecycle/status';
 import { resolvePumukiVersionMetadata } from '../lifecycle/packageInfo';
 import { readPersistedHardModeConfig } from '../policy/policyProfiles';
 import type { RepoHardModeState, RepoHookState, RepoState } from './schema';
-import { readRepoTrackingState } from './trackingContract';
 
 type HookStateShape = { exists: boolean; managedBlockPresent: boolean };
 
@@ -124,7 +123,6 @@ export const captureRepoState = (repoRoot: string): RepoState => {
   const consumerFacingVersion = versionMetadata.resolvedVersion;
   const installedVersion = versionMetadata.consumerInstalledVersion;
   const hardModeState = readHardModeState(repoRoot);
-  const trackingState = readRepoTrackingState(repoRoot);
 
   return {
     repo_root: repoRoot,
@@ -152,7 +150,6 @@ export const captureRepoState = (repoRoot: string): RepoState => {
         pre_push: toHookState(lifecycle.hookStatus['pre-push']),
       },
       hard_mode: hardModeState,
-      tracking: trackingState,
     },
   };
 };

package/integrations/evidence/schema.ts

@@ -171,23 +171,6 @@ export type RepoHardModeState = {
   config_path: string;
 };
 
-export type RepoTrackingDeclaration = {
-  source_file: string;
-  declared_path: string;
-  resolved_path: string;
-};
-
-export type RepoTrackingState = {
-  enforced: boolean;
-  canonical_path: string | null;
-  canonical_present: boolean;
-  source_file: string | null;
-  in_progress_count: number | null;
-  single_in_progress_valid: boolean | null;
-  conflict: boolean;
-  declarations: ReadonlyArray<RepoTrackingDeclaration>;
-};
-
 export type RepoState = {
   repo_root: string;
   git: {
@@ -213,7 +196,6 @@ export type RepoState = {
       pre_push: RepoHookState;
     };
     hard_mode?: RepoHardModeState;
-    tracking: RepoTrackingState;
   };
 };
 

package/integrations/evidence/writeEvidence.ts

@@ -188,16 +188,6 @@ const normalizeRepoState = (
   if (!repoState) {
     return undefined;
   }
-  const tracking = repoState.lifecycle.tracking ?? {
-    enforced: false,
-    canonical_path: null,
-    canonical_present: false,
-    source_file: null,
-    in_progress_count: null,
-    single_in_progress_valid: null,
-    conflict: false,
-    declarations: [],
-  };
   return {
     repo_root: toRelativeRepoPath(repoRoot, repoState.repo_root),
     git: {
@@ -227,20 +217,6 @@ const normalizeRepoState = (
           config_path: toRelativeRepoPath(repoRoot, repoState.lifecycle.hard_mode.config_path),
         }
         : undefined,
-      tracking: {
-        enforced: tracking.enforced,
-        canonical_path: tracking.canonical_path,
-        canonical_present: tracking.canonical_present,
-        source_file: tracking.source_file,
-        in_progress_count: tracking.in_progress_count,
-        single_in_progress_valid: tracking.single_in_progress_valid,
-        conflict: tracking.conflict,
-        declarations: tracking.declarations.map((entry) => ({
-          source_file: entry.source_file,
-          declared_path: entry.declared_path,
-          resolved_path: entry.resolved_path,
-        })),
-      },
     },
   };
 };

package/integrations/gate/evaluateAiGate.ts

@@ -1,21 +1,16 @@
 import type { EvidenceReadResult } from '../evidence/readEvidence';
 import { readEvidenceResult } from '../evidence/readEvidence';
 import { captureRepoState } from '../evidence/repoState';
-import type { RepoState, RepoTrackingState } from '../evidence/schema';
+import type { RepoState } from '../evidence/schema';
 import { resolvePolicyForStage } from './stagePolicies';
 import { execFileSync } from 'node:child_process';
 import { existsSync, realpathSync } from 'node:fs';
 import { resolve } from 'node:path';
-import { isSeverityAtLeast } from '../../core/rules/Severity';
 import type { SkillsLockV1, SkillsStage } from '../config/skillsLock';
 import {
   loadEffectiveSkillsLock,
   loadRequiredSkillsLock,
 } from '../config/skillsEffectiveLock';
-import {
-  resolveSkillImportSourcesWithDiagnostics,
-  type SkillImportSourceDiagnostic,
-} from '../config/skillsCustomRules';
 import {
   resolveSkillsEnforcement,
   type SkillsEnforcementResolution,
@@ -60,7 +55,6 @@ export type AiGateSkillsContractAssessment = {
   status: 'PASS' | 'FAIL' | 'NOT_APPLICABLE';
   detected_platforms: ReadonlyArray<PreWriteSkillsPlatform>;
   requirements: ReadonlyArray<AiGateSkillsContractPlatformRequirement>;
-  source_diagnostics: ReadonlyArray<SkillImportSourceDiagnostic>;
   violations: ReadonlyArray<AiGateViolation>;
 };
 
@@ -138,10 +132,6 @@ const PREWRITE_WORKTREE_HYGIENE_WARN_THRESHOLD_ENV = 'PUMUKI_PREWRITE_WORKTREE_W
 const PREWRITE_WORKTREE_HYGIENE_BLOCK_THRESHOLD_ENV = 'PUMUKI_PREWRITE_WORKTREE_BLOCK_THRESHOLD';
 
 const DEFAULT_PROTECTED_BRANCHES = new Set(['main', 'master', 'develop', 'dev']);
-const DEFAULT_GITFLOW_BRANCH_PATTERNS = [
-  /^(?:feature|bugfix|hotfix|chore|refactor|docs)\/[a-z0-9]+(?:-[a-z0-9]+)*$/,
-  /^release\/\d+\.\d+\.\d+(?:[-+][0-9A-Za-z.-]+)?$/,
-] as const;
 const PREWRITE_SKILLS_PLATFORMS = ['ios', 'android', 'backend', 'frontend'] as const;
 type PreWriteSkillsPlatform = (typeof PREWRITE_SKILLS_PLATFORMS)[number];
 const PLATFORM_SKILLS_RULE_PREFIXES: Readonly<Record<PreWriteSkillsPlatform, string>> = {
@@ -467,27 +457,6 @@ const hasWorktreeCodePlatforms = (params: {
   );
 };
 
-const toWorktreeDetectedPlatforms = (params: {
-  repoRoot: string;
-  requiredPlatforms: ReadonlyArray<PreWriteSkillsPlatform>;
-}): ReadonlyArray<PreWriteSkillsPlatform> => {
-  const changedPaths = collectWorktreeChangedPaths(params.repoRoot);
-  if (changedPaths.length === 0) {
-    return [];
-  }
-
-  const detected = new Set<PreWriteSkillsPlatform>();
-  for (const filePath of changedPaths) {
-    for (const platform of params.requiredPlatforms) {
-      if (isPlatformPath(platform, filePath)) {
-        detected.add(platform);
-      }
-    }
-  }
-
-  return PREWRITE_SKILLS_PLATFORMS.filter((platform) => detected.has(platform));
-};
-
 const toLockRequiredPlatforms = (
   requiredLock: SkillsLockV1 | undefined
 ): ReadonlyArray<PreWriteSkillsPlatform> => {
@@ -730,20 +699,6 @@ const collectPreWriteCrossPlatformCriticalViolations = (params: {
   ];
 };
 
-const toRequiredSkillSourceViolations = (
-  diagnostics: ReadonlyArray<SkillImportSourceDiagnostic>,
-  skillsEnforcement: SkillsEnforcementResolution
-): AiGateViolation[] =>
-  diagnostics.map((diagnostic) =>
-    toSkillsViolation(
-      skillsEnforcement,
-      diagnostic.issue === 'missing'
-        ? 'SKILLS_REQUIRED_SOURCE_MISSING'
-        : 'SKILLS_REQUIRED_SOURCE_UNREADABLE',
-      `La skill requerida "${diagnostic.skillName}" no está disponible en ${diagnostic.sourcePath}. ${diagnostic.resolution}`
-    )
-  );
-
 const toSkillsContractAssessment = (params: {
   stage: AiGateStage;
   repoRoot: string;
@@ -753,22 +708,12 @@ const toSkillsContractAssessment = (params: {
   skillsEnforcement: SkillsEnforcementResolution;
 }): AiGateSkillsContractAssessment => {
   const requiredPlatforms = toLockRequiredPlatforms(params.requiredLock);
-  const sourceDiagnostics = resolveSkillImportSourcesWithDiagnostics({
-    repoRoot: params.repoRoot,
-  }).diagnostics;
 
   if (params.evidenceResult.kind !== 'valid') {
-    const sourceViolations = toRequiredSkillSourceViolations(
-      sourceDiagnostics,
-      params.skillsEnforcement
-    );
     return {
       stage: params.stage,
-      enforced: requiredPlatforms.length > 0 || sourceDiagnostics.length > 0,
-      status:
-        requiredPlatforms.length > 0 || sourceDiagnostics.length > 0
-          ? 'FAIL'
-          : 'NOT_APPLICABLE',
+      enforced: requiredPlatforms.length > 0,
+      status: requiredPlatforms.length > 0 ? 'FAIL' : 'NOT_APPLICABLE',
       detected_platforms: [],
       requirements: requiredPlatforms.map((platform) => ({
         platform,
@@ -787,10 +732,8 @@ const toSkillsContractAssessment = (params: {
           ...PREWRITE_TRANSVERSAL_CRITICAL_SKILLS_RULES[platform],
         ],
       })),
-      source_diagnostics: sourceDiagnostics,
-      violations: [
-        ...sourceViolations,
-        ...(requiredPlatforms.length > 0
+      violations:
+        requiredPlatforms.length > 0
           ? [
               toSkillsViolation(
                 params.skillsEnforcement,
@@ -798,21 +741,13 @@ const toSkillsContractAssessment = (params: {
                 `Required repo skills exist, but active platforms could not be detected for ${params.stage}.`
               ),
             ]
-          : []),
-      ],
+          : [],
     };
   }
 
   const coverage = params.evidenceResult.evidence.snapshot.rules_coverage;
   const explicitlyDetectedPlatforms = toDetectedSkillsPlatforms(params.evidenceResult.evidence.platforms);
   const inferredPlatforms = toCoverageInferredPlatforms(coverage);
-  const worktreeDetectedPlatforms =
-    params.stage === 'PRE_WRITE' && requiredPlatforms.length > 0
-      ? toWorktreeDetectedPlatforms({
-          repoRoot: params.repoRoot,
-          requiredPlatforms,
-        })
-      : [];
   const repoTreeDetectedPlatforms =
     params.stage !== 'PRE_WRITE' && requiredPlatforms.length > 0
       ? toRepoTreeDetectedPlatforms({
@@ -832,8 +767,6 @@ const toSkillsContractAssessment = (params: {
       ? explicitlyDetectedEffectivePlatforms
       : inferredPlatforms.length > 0
         ? inferredPlatforms
-        : worktreeDetectedPlatforms.length > 0
-          ? worktreeDetectedPlatforms
         : repoTreeDetectedPlatforms;
   const pendingChanges = resolvePendingChanges(params.repoState);
   const detectedPlatformSet = new Set(detectedPlatforms);
@@ -857,15 +790,11 @@ const toSkillsContractAssessment = (params: {
     ) {
       return {
         stage: params.stage,
-        enforced: sourceDiagnostics.length > 0,
-        status: sourceDiagnostics.length > 0 ? 'FAIL' : 'NOT_APPLICABLE',
+        enforced: false,
+        status: 'NOT_APPLICABLE',
         detected_platforms: [],
         requirements: [],
-        source_diagnostics: sourceDiagnostics,
-        violations: toRequiredSkillSourceViolations(
-          sourceDiagnostics,
-          params.skillsEnforcement
-        ),
+        violations: [],
       };
     }
     const requirements: AiGateSkillsContractPlatformRequirement[] = requiredPlatforms.map((platform) => ({
@@ -892,12 +821,7 @@ const toSkillsContractAssessment = (params: {
       status: 'FAIL',
       detected_platforms: [],
       requirements,
-      source_diagnostics: sourceDiagnostics,
       violations: [
-        ...toRequiredSkillSourceViolations(
-          sourceDiagnostics,
-          params.skillsEnforcement
-        ),
         toSkillsViolation(
           params.skillsEnforcement,
           'EVIDENCE_SKILLS_PLATFORMS_UNDETECTED',
@@ -909,15 +833,11 @@ const toSkillsContractAssessment = (params: {
   if (assessmentPlatforms.length === 0) {
     return {
       stage: params.stage,
-      enforced: sourceDiagnostics.length > 0,
-      status: sourceDiagnostics.length > 0 ? 'FAIL' : 'NOT_APPLICABLE',
+      enforced: false,
+      status: 'NOT_APPLICABLE',
       detected_platforms: [],
       requirements: [],
-      source_diagnostics: sourceDiagnostics,
-      violations: toRequiredSkillSourceViolations(
-        sourceDiagnostics,
-        params.skillsEnforcement
-      ),
+      violations: [],
     };
   }
 
@@ -929,10 +849,7 @@ const toSkillsContractAssessment = (params: {
   );
 
   const requirements: AiGateSkillsContractPlatformRequirement[] = [];
-  const violations: AiGateViolation[] = toRequiredSkillSourceViolations(
-    sourceDiagnostics,
-    params.skillsEnforcement
-  );
+  const violations: AiGateViolation[] = [];
   if (requiredPlatforms.length > 0 && detectedPlatforms.length === 0) {
     violations.push(
       toSkillsViolation(
@@ -1043,7 +960,6 @@ const toSkillsContractAssessment = (params: {
     status: violations.length === 0 ? 'PASS' : 'FAIL',
     detected_platforms: detectedPlatforms,
     requirements,
-    source_diagnostics: sourceDiagnostics,
     violations,
   };
 };
@@ -1248,63 +1164,6 @@ const collectEvidenceViolations = (
   return { violations, ageSeconds };
 };
 
-const severityOrder: ReadonlyArray<'CRITICAL' | 'ERROR' | 'WARN' | 'INFO'> = [
-  'CRITICAL',
-  'ERROR',
-  'WARN',
-  'INFO',
-];
-
-const toHighestTriggeredSeverity = (
-  severityCounts: Readonly<Record<'INFO' | 'WARN' | 'ERROR' | 'CRITICAL', number>>,
-  threshold: 'INFO' | 'WARN' | 'ERROR' | 'CRITICAL'
-): 'INFO' | 'WARN' | 'ERROR' | 'CRITICAL' | null => {
-  for (const severity of severityOrder) {
-    if (severityCounts[severity] > 0 && isSeverityAtLeast(severity, threshold)) {
-      return severity;
-    }
-  }
-  return null;
-};
-
-const collectEvidencePolicyThresholdViolations = (params: {
-  evidenceResult: EvidenceReadResult;
-  policy: ReturnType<typeof resolvePolicyForStage>['policy'];
-}): AiGateViolation[] => {
-  if (params.evidenceResult.kind !== 'valid') {
-    return [];
-  }
-
-  const severityCounts = params.evidenceResult.evidence.severity_metrics.by_severity;
-  const blockSeverity = toHighestTriggeredSeverity(
-    severityCounts,
-    params.policy.blockOnOrAbove
-  );
-  if (blockSeverity && params.evidenceResult.evidence.ai_gate.status !== 'BLOCKED') {
-    return [
-      toErrorViolation(
-        'EVIDENCE_POLICY_THRESHOLD_BLOCK',
-        `Evidence severities exceed block_on_or_above=${params.policy.blockOnOrAbove} (highest=${blockSeverity}).`
-      ),
-    ];
-  }
-
-  const warnSeverity = toHighestTriggeredSeverity(
-    severityCounts,
-    params.policy.warnOnOrAbove
-  );
-  if (warnSeverity && params.evidenceResult.evidence.ai_gate.status === 'ALLOWED') {
-    return [
-      toWarnViolation(
-        'EVIDENCE_POLICY_THRESHOLD_WARN',
-        `Evidence severities exceed warn_on_or_above=${params.policy.warnOnOrAbove} (highest=${warnSeverity}).`
-      ),
-    ];
-  }
-
-  return [];
-};
-
 const toEvidenceSourceDescriptor = (
   result: EvidenceReadResult,
   repoRoot: string
@@ -1334,81 +1193,17 @@ const collectGitflowViolations = (
   if (!repoState.git.available) {
     return violations;
   }
-  const branch = repoState.git.branch?.trim() ?? null;
-  const normalizedBranch = branch?.toLowerCase() ?? null;
-  if (branch && normalizedBranch && protectedBranches.has(normalizedBranch)) {
+  if (repoState.git.branch && protectedBranches.has(repoState.git.branch)) {
     violations.push(
       toErrorViolation(
         'GITFLOW_PROTECTED_BRANCH',
-        `Direct work on protected branch "${branch}" is not allowed.`
-      )
-    );
-    return violations;
-  }
-  if (
-    branch
-    && !DEFAULT_GITFLOW_BRANCH_PATTERNS.some((pattern) => pattern.test(branch))
-  ) {
-    violations.push(
-      toErrorViolation(
-        'GITFLOW_BRANCH_NAMING_INVALID',
-        `Branch "${branch}" does not comply with GitFlow naming. Use feature/*, bugfix/*, hotfix/*, release/*, chore/*, refactor/* or docs/*.`
+        `Direct work on protected branch "${repoState.git.branch}" is not allowed.`
       )
     );
   }
   return violations;
 };
 
-const DEFAULT_TRACKING_STATE: RepoTrackingState = {
-  enforced: false,
-  canonical_path: null,
-  canonical_present: false,
-  source_file: null,
-  in_progress_count: null,
-  single_in_progress_valid: null,
-  conflict: false,
-  declarations: [],
-};
-
-const collectTrackingViolations = (repoState: RepoState): AiGateViolation[] => {
-  const tracking = repoState.lifecycle.tracking ?? DEFAULT_TRACKING_STATE;
-  if (!tracking.enforced) {
-    return [];
-  }
-
-  if (tracking.conflict) {
-    const declaredPaths = tracking.declarations
-      .map((entry) => `${entry.source_file}:${entry.resolved_path}`)
-      .join(', ');
-    return [
-      toErrorViolation(
-        'TRACKING_CANONICAL_SOURCE_CONFLICT',
-        `Se ha detectado un conflicto entre fuentes canónicas de tracking (${declaredPaths}).`
-      ),
-    ];
-  }
-
-  if (!tracking.canonical_path || !tracking.canonical_present) {
-    return [
-      toErrorViolation(
-        'TRACKING_CANONICAL_FILE_MISSING',
-        `Falta el archivo canónico de tracking (${tracking.canonical_path ?? 'sin-declarar'}).`
-      ),
-    ];
-  }
-
-  if (tracking.single_in_progress_valid === false) {
-    return [
-      toErrorViolation(
-        'TRACKING_CANONICAL_IN_PROGRESS_INVALID',
-        `El archivo canónico de tracking debe contener exactamente una tarea o fase en construcción (conteo=${tracking.in_progress_count ?? 'n/d'}).`
-      ),
-    ];
-  }
-
-  return [];
-};
-
 const resolvePendingChanges = (repoState: RepoState): number | null => {
   if (!repoState.git.available) {
     return null;
@@ -1627,7 +1422,6 @@ export const evaluateAiGate = (
     readMcpAiGateReceipt: activeDependencies.readMcpAiGateReceipt,
   });
   const gitflowViolations = collectGitflowViolations(repoState, protectedBranches);
-  const trackingViolations = collectTrackingViolations(repoState);
   const skillsContract = toSkillsContractAssessment({
     stage: params.stage,
     repoRoot: params.repoRoot,
@@ -1645,27 +1439,16 @@ export const evaluateAiGate = (
     || (params.stage === 'PRE_WRITE' && requiredSkillsPlatforms.length === 0)
         ? []
       : [
-          ...skillsContract.violations.filter(
-            (violation) =>
-              violation.code === 'SKILLS_REQUIRED_SOURCE_MISSING'
-              || violation.code === 'SKILLS_REQUIRED_SOURCE_UNREADABLE'
-          ),
           toSkillsViolation(
             skillsEnforcement,
             'EVIDENCE_SKILLS_CONTRACT_INCOMPLETE',
             `Skills contract incomplete for ${params.stage}: ${skillsContract.violations.map((violation) => violation.code).join(', ')}.`
           ),
         ];
-  const policyThresholdViolations = collectEvidencePolicyThresholdViolations({
-    evidenceResult,
-    policy: resolvedPolicy.policy,
-  });
   const violations = [
     ...evidenceAssessment.violations,
-    ...policyThresholdViolations,
     ...stageSkillsContractViolations,
     ...gitflowViolations,
-    ...trackingViolations,
     ...mcpReceiptAssessment.violations,
   ];
   const blocked = violations.some((violation) => violation.severity === 'ERROR');

package/integrations/gate/remediationCatalog.ts

@@ -17,14 +17,6 @@ export const REMEDIATION_HINT_BY_CODE: Readonly<Record<string, string>> = {
   EVIDENCE_ACTIVE_RULE_IDS_EMPTY_FOR_CODE_CHANGES:
     'Reconcilia policy/skills y revalida PRE_WRITE: npx --yes --package pumuki@latest pumuki policy reconcile --strict --json && npx --yes --package pumuki@latest pumuki sdd validate --stage=PRE_WRITE --json',
   GITFLOW_PROTECTED_BRANCH: 'Trabaja en feature/* y evita ramas protegidas.',
-  GITFLOW_BRANCH_NAMING_INVALID:
-    'Renombra o recrea la rama con un prefijo GitFlow válido (feature/*, bugfix/*, hotfix/*, release/*, chore/*, refactor/* o docs/*).',
-  TRACKING_CANONICAL_SOURCE_CONFLICT:
-    'Alinea AGENTS.md y los README canónicos para que todos apunten al mismo MD de seguimiento.',
-  TRACKING_CANONICAL_FILE_MISSING:
-    'Crea o restaura el archivo canónico de tracking declarado por el repo.',
-  TRACKING_CANONICAL_IN_PROGRESS_INVALID:
-    'Deja exactamente una tarea o fase `🚧` en el MD canónico de seguimiento antes de continuar.',
   EVIDENCE_PREWRITE_WORKTREE_OVER_LIMIT:
     'Reduce archivos staged/unstaged por debajo del umbral (o ajusta PUMUKI_PREWRITE_WORKTREE_*); divide el trabajo en commits más pequeños.',
   EVIDENCE_PREWRITE_WORKTREE_WARN:

package/integrations/git/GitService.ts

@@ -9,12 +9,19 @@ export { parseNameStatus } from './gitDiffUtils';
 export interface IGitService {
   runGit(args: ReadonlyArray<string>, cwd?: string): string;
   getStagedFacts(extensions: ReadonlyArray<string>): ReadonlyArray<Fact>;
+  getUnstagedFacts(
+    extensions: ReadonlyArray<string>,
+    includeUntracked?: boolean
+  ): ReadonlyArray<Fact>;
   getRepoFacts(extensions: ReadonlyArray<string>): ReadonlyArray<Fact>;
   getRepoAndStagedFacts(extensions: ReadonlyArray<string>): ReadonlyArray<Fact>;
   getStagedAndUnstagedFacts(extensions: ReadonlyArray<string>): ReadonlyArray<Fact>;
   resolveRepoRoot(): string;
 }
 
+const shouldIncludeUntrackedFacts = (env = process.env) =>
+  env.PUMUKI_INCLUDE_UNTRACKED_WORKTREE === '1';
+
 const assertSafeGitArgs = (args: ReadonlyArray<string>): void => {
   for (const arg of args) {
     if (arg.includes('\u0000') || arg.includes('\n') || arg.includes('\r')) {
@@ -44,6 +51,35 @@ export class GitService implements IGitService {
     );
   }
 
+  getUnstagedFacts(
+    extensions: ReadonlyArray<string>,
+    includeUntracked = shouldIncludeUntrackedFacts()
+  ): ReadonlyArray<Fact> {
+    const nameStatus = this.runGit(['diff', '--name-status']);
+    const changes = parseNameStatus(nameStatus).filter((change) =>
+      hasAllowedExtension(change.path, extensions)
+    );
+    const untrackedPaths = includeUntracked
+      ? this.runGit(['ls-files', '--others', '--exclude-standard'])
+          .split('\n')
+          .map((line) => line.trim())
+          .filter((line) => line.length > 0)
+          .filter((path) => hasAllowedExtension(path, extensions))
+      : [];
+    const unstagedPaths = new Set(changes.map((change) => change.path));
+    const untrackedChanges = untrackedPaths
+      .filter((path) => !unstagedPaths.has(path))
+      .map((path) => ({
+        path,
+        changeType: 'added' as const,
+      }));
+    const mergedChanges = [...changes, ...untrackedChanges];
+    const repoRoot = this.resolveRepoRoot();
+    return buildFactsFromChanges(mergedChanges, 'git:unstaged', (filePath) =>
+      this.readWorkingTreeFile(repoRoot, filePath)
+    );
+  }
+
   getRepoFacts(extensions: ReadonlyArray<string>): ReadonlyArray<Fact> {
     const trackedFiles = this.runGit(['ls-files'])
       .split('\n')
@@ -83,6 +119,7 @@ export class GitService implements IGitService {
 
   getStagedAndUnstagedFacts(extensions: ReadonlyArray<string>): ReadonlyArray<Fact> {
     const hasHeadCommit = this.hasHeadCommit();
+    const includeUntracked = shouldIncludeUntrackedFacts();
     const trackedNameStatus = hasHeadCommit
       ? this.runGit(['diff', '--name-status', 'HEAD'])
       : [
@@ -93,11 +130,13 @@ export class GitService implements IGitService {
         .join('\n');
     const trackedChanges = this.deduplicateChangesByPath(parseNameStatus(trackedNameStatus))
       .filter((change) => hasAllowedExtension(change.path, extensions));
-    const untrackedPaths = this.runGit(['ls-files', '--others', '--exclude-standard'])
-      .split('\n')
-      .map((line) => line.trim())
-      .filter((line) => line.length > 0)
-      .filter((path) => hasAllowedExtension(path, extensions));
+    const untrackedPaths = includeUntracked
+      ? this.runGit(['ls-files', '--others', '--exclude-standard'])
+          .split('\n')
+          .map((line) => line.trim())
+          .filter((line) => line.length > 0)
+          .filter((path) => hasAllowedExtension(path, extensions))
+      : [];
     const existingTracked = new Set(trackedChanges.map((change) => change.path));
     const repoRoot = this.resolveRepoRoot();
 

package/integrations/git/aiGateRepoPolicyFindings.ts

@@ -6,10 +6,6 @@ const AI_GATE_STAGES = new Set<AiGateStage>(['PRE_WRITE', 'PRE_COMMIT', 'PRE_PUS
 
 const REPO_POLICY_CODES = new Set<string>([
   'GITFLOW_PROTECTED_BRANCH',
-  'GITFLOW_BRANCH_NAMING_INVALID',
-  'TRACKING_CANONICAL_SOURCE_CONFLICT',
-  'TRACKING_CANONICAL_FILE_MISSING',
-  'TRACKING_CANONICAL_IN_PROGRESS_INVALID',
   'EVIDENCE_PREWRITE_WORKTREE_OVER_LIMIT',
   'EVIDENCE_PREWRITE_WORKTREE_WARN',
 ]);

package/integrations/git/runPlatformGate.ts

@@ -1372,15 +1372,7 @@ export async function runPlatformGate(params: {
 
   if (gateOutcome === 'BLOCK') {
     if (params.silent !== true) {
-      const renderStage =
-        params.policy.stage === 'PRE_PUSH'
-          ? 'PRE_PUSH'
-          : params.policy.stage === 'CI'
-            ? 'CI'
-            : 'PRE_COMMIT';
-      dependencies.printGateFindings(findingsWithWaiver, {
-        stage: renderStage,
-      });
+    dependencies.printGateFindings(findingsWithWaiver);
     }
     return 1;
   }