shipwright-cli 2.3.1 → 3.0.0

package/scripts/lib/daemon-state.sh

@@ -3,6 +3,10 @@
 [[ -n "${_DAEMON_STATE_LOADED:-}" ]] && return 0
 _DAEMON_STATE_LOADED=1
 
+# SQLite persistence (DB as primary read path)
+_DAEMON_STATE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+[[ -f "${_DAEMON_STATE_DIR}/../sw-db.sh" ]] && source "${_DAEMON_STATE_DIR}/../sw-db.sh"
+
 daemon_log() {
     local level="$1"
     shift
@@ -58,8 +62,8 @@ notify() {
             -d "$payload" "$SLACK_WEBHOOK" >/dev/null 2>&1 || true
     fi
 
-    # Custom webhook (env var SHIPWRIGHT_WEBHOOK_URL, with CCT_WEBHOOK_URL fallback)
-    local _webhook_url="${SHIPWRIGHT_WEBHOOK_URL:-${CCT_WEBHOOK_URL:-}}"
+    # Custom webhook (env var SHIPWRIGHT_WEBHOOK_URL)
+    local _webhook_url="${SHIPWRIGHT_WEBHOOK_URL:-}"
     if [[ -n "$_webhook_url" ]]; then
         local payload
         payload=$(jq -n \
@@ -123,7 +127,7 @@ daemon_preflight_auth_check() {
 
     # gh auth check
     if [[ "${NO_GITHUB:-false}" != "true" ]]; then
-        if ! gh auth status &>/dev/null 2>&1; then
+        if ! gh auth status >/dev/null 2>&1; then
             daemon_log ERROR "GitHub auth check failed — auto-pausing daemon"
             local pause_json
             pause_json=$(jq -n --arg reason "gh_auth_failure" --arg ts "$(now_iso)" \
@@ -189,7 +193,7 @@ preflight_checks() {
     local optional_tools=("tmux" "curl")
 
     for tool in "${required_tools[@]}"; do
-        if command -v "$tool" &>/dev/null; then
+        if command -v "$tool" >/dev/null 2>&1; then
             echo -e "  ${GREEN}✓${RESET} $tool"
         else
             echo -e "  ${RED}✗${RESET} $tool ${RED}(required)${RESET}"
@@ -198,7 +202,7 @@ preflight_checks() {
     done
 
     for tool in "${optional_tools[@]}"; do
-        if command -v "$tool" &>/dev/null; then
+        if command -v "$tool" >/dev/null 2>&1; then
             echo -e "  ${GREEN}✓${RESET} $tool"
         else
             echo -e "  ${DIM}○${RESET} $tool ${DIM}(optional — some features disabled)${RESET}"
@@ -207,7 +211,7 @@ preflight_checks() {
 
     # 2. Git state
     echo ""
-    if git rev-parse --is-inside-work-tree &>/dev/null; then
+    if git rev-parse --is-inside-work-tree >/dev/null 2>&1; then
         echo -e "  ${GREEN}✓${RESET} Inside git repo"
     else
         echo -e "  ${RED}✗${RESET} Not inside a git repository"
@@ -215,7 +219,7 @@ preflight_checks() {
     fi
 
     # Check base branch exists
-    if git rev-parse --verify "$BASE_BRANCH" &>/dev/null; then
+    if git rev-parse --verify "$BASE_BRANCH" >/dev/null 2>&1; then
         echo -e "  ${GREEN}✓${RESET} Base branch: $BASE_BRANCH"
     else
         echo -e "  ${RED}✗${RESET} Base branch not found: $BASE_BRANCH"
@@ -224,7 +228,7 @@ preflight_checks() {
 
     # 3. GitHub auth (required for daemon — it needs to poll issues)
     if [[ "$NO_GITHUB" != "true" ]]; then
-        if gh auth status &>/dev/null 2>&1; then
+        if gh auth status >/dev/null 2>&1; then
             echo -e "  ${GREEN}✓${RESET} GitHub authenticated"
         else
             echo -e "  ${RED}✗${RESET} GitHub not authenticated (required for daemon)"
@@ -286,15 +290,48 @@ atomic_write_state() {
     }
 }
 
+# Sync active_jobs from state JSON to DB (dual-write, best-effort)
+_sync_state_to_db() {
+    local state_json="$1"
+    [[ -z "$state_json" ]] && return 0
+    if ! type db_save_job >/dev/null 2>&1 || ! db_available 2>/dev/null; then
+        return 0
+    fi
+    local start_epoch job_id
+    while IFS= read -r job; do
+        [[ -z "$job" || "$job" == "null" ]] && continue
+        local issue title pid worktree branch template goal started_at
+        issue=$(echo "$job" | jq -r '.issue // 0' 2>/dev/null)
+        title=$(echo "$job" | jq -r '.title // ""' 2>/dev/null)
+        pid=$(echo "$job" | jq -r '.pid // 0' 2>/dev/null)
+        worktree=$(echo "$job" | jq -r '.worktree // ""' 2>/dev/null)
+        branch=$(echo "$job" | jq -r '.branch // ""' 2>/dev/null)
+        template=$(echo "$job" | jq -r '.template // "autonomous"' 2>/dev/null)
+        goal=$(echo "$job" | jq -r '.goal // ""' 2>/dev/null)
+        started_at=$(echo "$job" | jq -r '.started_at // ""' 2>/dev/null)
+        if [[ -z "$issue" || "$issue" == "0" ]] || [[ ! "$issue" =~ ^[0-9]+$ ]]; then
+            continue
+        fi
+        start_epoch=0
+        if [[ -n "$started_at" ]]; then
+            start_epoch=$(TZ=UTC date -j -f "%Y-%m-%dT%H:%M:%SZ" "$started_at" +%s 2>/dev/null || date -d "$started_at" +%s 2>/dev/null || echo "0")
+        fi
+        [[ -z "$start_epoch" ]] && start_epoch=0
+        job_id="daemon-${issue}-${start_epoch}"
+        db_save_job "$job_id" "$issue" "$title" "$pid" "$worktree" "$branch" "$template" "$goal" 2>/dev/null || true
+    done < <(echo "$state_json" | jq -c '.active_jobs[]? // empty' 2>/dev/null || true)
+}
+
 # Locked read-modify-write: prevents TOCTOU race on state file.
 # Usage: locked_state_update '.queued += [42]'
 # The jq expression is applied to the current state file atomically.
+# Dual-write: also syncs active_jobs to DB when available.
 locked_state_update() {
     local jq_expr="$1"
     shift
     local lock_file="${STATE_FILE}.lock"
     (
-        if command -v flock &>/dev/null; then
+        if command -v flock >/dev/null 2>&1; then
             flock -w 5 200 2>/dev/null || {
                 daemon_log ERROR "locked_state_update: lock acquisition timed out — aborting"
                 return 1
@@ -309,6 +346,7 @@ locked_state_update() {
             daemon_log ERROR "locked_state_update: atomic_write_state failed"
             return 1
         }
+        _sync_state_to_db "$tmp" 2>/dev/null || true
     ) 200>"$lock_file"
 }
 
@@ -343,7 +381,7 @@ init_state() {
             }')
         local lock_file="${STATE_FILE}.lock"
         (
-            if command -v flock &>/dev/null; then
+            if command -v flock >/dev/null 2>&1; then
                 flock -w 5 200 2>/dev/null || {
                     daemon_log ERROR "init_state: lock acquisition timed out"
                     return 1
@@ -358,6 +396,11 @@ init_state() {
             --arg started "$(now_iso)" \
             '.pid = ($pid | tonumber) | .started_at = $started'
     fi
+
+    # Ensure DB schema is initialized when available
+    if type migrate_schema >/dev/null 2>&1 && db_available 2>/dev/null; then
+        migrate_schema 2>/dev/null || true
+    fi
 }
 
 update_state_field() {
@@ -369,13 +412,15 @@ update_state_field() {
 # ─── Inflight Check ─────────────────────────────────────────────────────────
 
 daemon_is_inflight() {
-    local issue_num="$1"
+    local issue_key="$1"
+    local issue_num="$issue_key"
+    [[ "$issue_key" == *:* ]] && issue_num="${issue_key##*:}"
 
     if [[ ! -f "$STATE_FILE" ]]; then
         return 1
     fi
 
-    # Check active_jobs
+    # Check active_jobs (stored with numeric .issue)
     local active_match
     active_match=$(jq -r --argjson num "$issue_num" \
         '.active_jobs[] | select(.issue == $num) | .issue' \
@@ -384,10 +429,10 @@ daemon_is_inflight() {
         return 0
     fi
 
-    # Check queued
+    # Check queued (stores full key e.g. "owner/repo:42" or "42")
     local queued_match
-    queued_match=$(jq -r --argjson num "$issue_num" \
-        '.queued[] | select(. == $num)' \
+    queued_match=$(jq -r --arg key "$issue_key" \
+        '.queued[] | select(. == $key)' \
         "$STATE_FILE" 2>/dev/null || true)
     if [[ -n "$queued_match" ]]; then
         return 0
@@ -417,7 +462,7 @@ locked_get_active_count() {
     local count
     count=$(
         (
-            if command -v flock &>/dev/null; then
+            if command -v flock >/dev/null 2>&1; then
                 flock -w 5 200 2>/dev/null || {
                     daemon_log WARN "locked_get_active_count: lock timeout — returning MAX_PARALLEL as safe default" >&2
                     echo "$MAX_PARALLEL"
@@ -433,13 +478,30 @@ locked_get_active_count() {
 # ─── Queue Management ───────────────────────────────────────────────────────
 
 enqueue_issue() {
-    local issue_num="$1"
-    locked_state_update --argjson num "$issue_num" \
-        '.queued += [$num] | .queued |= unique'
-    daemon_log INFO "Queued issue #${issue_num} (at capacity)"
+    local issue_key="$1"
+    locked_state_update --arg key "$issue_key" \
+        '.queued += [$key] | .queued |= unique'
+    if type db_enqueue_issue >/dev/null 2>&1; then
+        db_enqueue_issue "$issue_key" 2>/dev/null || true
+    fi
+    daemon_log INFO "Queued issue ${issue_key} (at capacity)"
 }
 
 dequeue_next() {
+    # Try DB first when available
+    if type db_dequeue_next >/dev/null 2>&1 && db_available 2>/dev/null; then
+        local next
+        next=$(db_dequeue_next 2>/dev/null || true)
+        if [[ -n "$next" ]]; then
+            # Also update JSON file for backward compat
+            if [[ -f "$STATE_FILE" ]]; then
+                locked_state_update --arg key "$next" '.queued = [.queued[] | select(. != $key)]'
+            fi
+            echo "$next"
+            return
+        fi
+    fi
+
     if [[ ! -f "$STATE_FILE" ]]; then
         return
     fi
@@ -447,8 +509,10 @@ dequeue_next() {
     local next
     next=$(jq -r '.queued[0] // empty' "$STATE_FILE" 2>/dev/null || true)
     if [[ -n "$next" ]]; then
-        # Remove from queue (locked to prevent race with enqueue)
         locked_state_update '.queued = .queued[1:]'
+        if type db_remove_from_queue >/dev/null 2>&1; then
+            db_remove_from_queue "$next" 2>/dev/null || true
+        fi
         echo "$next"
     fi
 }
@@ -496,6 +560,22 @@ untrack_priority_job() {
 
 # ─── Distributed Issue Claiming ───────────────────────────────────────────
 
+# Verify we have exclusive claim: exactly one claimed:* label matching our machine
+_verify_claim_exclusive() {
+    local issue_num="$1" machine_name="$2"
+    local claimed_labels
+    claimed_labels=$(gh issue view "$issue_num" --json labels --jq \
+        '[.labels[].name | select(startswith("claimed:"))]' 2>/dev/null || echo "[]")
+    local count
+    count=$(echo "$claimed_labels" | jq 'length' 2>/dev/null || echo "0")
+    if [[ "$count" != "1" ]]; then
+        return 1  # Competing claims (multiple or none)
+    fi
+    local sole_claim
+    sole_claim=$(echo "$claimed_labels" | jq -r '.[0]' 2>/dev/null || echo "")
+    [[ "$sole_claim" == "claimed:${machine_name}" ]]
+}
+
 claim_issue() {
     local issue_num="$1"
     local machine_name="$2"
@@ -509,9 +589,15 @@ claim_issue() {
         -d "$(jq -n --argjson issue "$issue_num" --arg machine "$machine_name" \
             '{issue: $issue, machine: $machine}')" 2>/dev/null || echo "")
 
-    if [[ -n "$resp" ]] && echo "$resp" | jq -e '.approved == true' &>/dev/null; then
+    if [[ -n "$resp" ]] && echo "$resp" | jq -e '.approved == true' >/dev/null 2>&1; then
+        # VERIFY: re-read labels, ensure only our claim exists
+        if ! _verify_claim_exclusive "$issue_num" "$machine_name"; then
+            daemon_log INFO "Issue #${issue_num} claim race lost (competing claim) — removing our label"
+            gh issue edit "$issue_num" --remove-label "claimed:${machine_name}" 2>/dev/null || true
+            return 1
+        fi
         return 0
-    elif [[ -n "$resp" ]] && echo "$resp" | jq -e '.approved == false' &>/dev/null; then
+    elif [[ -n "$resp" ]] && echo "$resp" | jq -e '.approved == false' >/dev/null 2>&1; then
         local claimed_by
         claimed_by=$(echo "$resp" | jq -r '.claimed_by // "another machine"')
         daemon_log INFO "Issue #${issue_num} claimed by ${claimed_by} (via dashboard)"
@@ -530,6 +616,12 @@ claim_issue() {
     fi
 
     gh issue edit "$issue_num" --add-label "claimed:${machine_name}" 2>/dev/null || return 1
+    # VERIFY: re-read labels, ensure only our claim exists
+    if ! _verify_claim_exclusive "$issue_num" "$machine_name"; then
+        daemon_log INFO "Issue #${issue_num} claim race lost (competing claim) — removing our label"
+        gh issue edit "$issue_num" --remove-label "claimed:${machine_name}" 2>/dev/null || true
+        return 1
+    fi
     return 0
 }
 

package/scripts/lib/daemon-triage.sh

@@ -21,7 +21,7 @@ triage_score_issue() {
     issue_body=$(echo "$issue_json" | jq -r '.body // ""')
 
     # ── Intelligence-powered triage (if enabled) ──
-    if [[ "${INTELLIGENCE_ENABLED:-false}" == "true" ]] && type intelligence_analyze_issue &>/dev/null 2>&1; then
+    if [[ "${INTELLIGENCE_ENABLED:-false}" == "true" ]] && type intelligence_analyze_issue >/dev/null 2>&1; then
         daemon_log INFO "Intelligence: using AI triage (intelligence enabled)" >&2
         local analysis
         analysis=$(intelligence_analyze_issue "$issue_json" 2>/dev/null || echo "")
@@ -143,10 +143,14 @@ triage_score_issue() {
     # Check if this issue blocks others (search issue references)
     if [[ "$NO_GITHUB" != "true" ]]; then
         local mentions
-        mentions=$(gh api "repos/{owner}/{repo}/issues/${issue_num}/timeline" --paginate -q '
-            [.[] | select(.event == "cross-referenced") | .source.issue.body // ""] |
-            map(select(test("blocked by #'"${issue_num}"'|depends on #'"${issue_num}"'"; "i"))) | length
-        ' 2>/dev/null || echo "0")
+        local repo_nwo
+        repo_nwo=$(gh repo view --json nameWithOwner --jq '.nameWithOwner' 2>/dev/null || echo "")
+        if [[ -n "$repo_nwo" ]]; then
+            mentions=$(gh api "repos/${repo_nwo}/issues/${issue_num}/timeline" --paginate -q '
+                [.[] | select(.event == "cross-referenced") | .source.issue.body // ""] |
+                map(select(test("blocked by #'"${issue_num}"'|depends on #'"${issue_num}"'"; "i"))) | length
+            ' 2>/dev/null || echo "0")
+        fi
         mentions=${mentions:-0}
         if [[ "$mentions" -gt 0 ]]; then
             dep_score=15
@@ -212,7 +216,7 @@ select_pipeline_template() {
     fi
 
     # ── Intelligence-composed pipeline (if enabled) ──
-    if [[ "${COMPOSER_ENABLED:-false}" == "true" ]] && type composer_create_pipeline &>/dev/null 2>&1; then
+    if [[ "${COMPOSER_ENABLED:-false}" == "true" ]] && type composer_create_pipeline >/dev/null 2>&1; then
         daemon_log INFO "Intelligence: using AI pipeline composition (composer enabled)" >&2
         local analysis="${INTELLIGENCE_ANALYSIS:-{}}"
         local repo_context=""
@@ -301,8 +305,8 @@ select_pipeline_template() {
     fi
 
     # ── Branch protection escalation (highest priority) ──
-    if type gh_branch_protection &>/dev/null 2>&1 && [[ "${NO_GITHUB:-false}" != "true" ]]; then
-        if type _gh_detect_repo &>/dev/null 2>&1; then
+    if type gh_branch_protection >/dev/null 2>&1 && [[ "${NO_GITHUB:-false}" != "true" ]]; then
+        if type _gh_detect_repo >/dev/null 2>&1; then
             _gh_detect_repo 2>/dev/null || true
         fi
         local gh_owner="${GH_OWNER:-}" gh_repo="${GH_REPO:-}"
@@ -386,6 +390,24 @@ select_pipeline_template() {
         fi
     fi
 
+    # ── Thompson sampling (outcome-based learning, when DB available) ──
+    if type thompson_select_template >/dev/null 2>&1; then
+        local _complexity="medium"
+        [[ "$score" -ge 70 ]] && _complexity="low"
+        [[ "$score" -lt 40 ]] && _complexity="high"
+        local _thompson_result
+        _thompson_result=$(thompson_select_template "$_complexity" 2>/dev/null || echo "")
+        if [[ -n "${_thompson_result:-}" && "${_thompson_result:-}" != "standard" ]]; then
+            daemon_log INFO "Thompson sampling: $_thompson_result (complexity=$_complexity)" >&2
+            echo "$_thompson_result"
+            return
+        fi
+        if [[ -n "${_thompson_result:-}" ]]; then
+            echo "$_thompson_result"
+            return
+        fi
+    fi
+
     # ── Learned template weights ──
     local _tw_file="${HOME}/.shipwright/optimization/template-weights.json"
     if [[ -f "$_tw_file" ]]; then

package/scripts/lib/fleet-failover.sh

@@ -0,0 +1,63 @@
+# fleet-failover.sh — Re-queue work from offline fleet machines
+# When a machine goes offline, release its claimed issues so they can be picked up again.
+# Source from daemon-poll or sw-fleet. Works standalone with gh + jq.
+[[ -n "${_FLEET_FAILOVER_LOADED:-}" ]] && return 0
+_FLEET_FAILOVER_LOADED=1
+
+fleet_failover_check() {
+    local health_file="$HOME/.shipwright/machine-health.json"
+    [[ ! -f "$health_file" ]] && return 0
+
+    [[ "${NO_GITHUB:-false}" == "true" ]] && return 0
+    command -v gh >/dev/null 2>&1 || return 0
+    command -v jq >/dev/null 2>&1 || return 0
+
+    # Find offline machines (health file: .[machine_name] = {status, checked_at})
+    local offline_machines
+    offline_machines=$(jq -r 'to_entries[] | select(.value.status == "offline") | .key' "$health_file" 2>/dev/null)
+    [[ -z "$offline_machines" ]] && return 0
+
+    while IFS= read -r machine; do
+        [[ -z "$machine" ]] && continue
+
+        # Find issues claimed by this offline machine via GitHub label
+        local orphaned_issues
+        orphaned_issues=$(gh search issues \
+            "label:claimed:${machine}" \
+            is:open \
+            --json number,repository \
+            --limit 100 2>/dev/null | jq -r '.[] | "\(.repository.nameWithOwner):\(.number)"' 2>/dev/null)
+        [[ -z "$orphaned_issues" ]] && continue
+
+        while IFS= read -r issue_key; do
+            [[ -z "$issue_key" ]] && continue
+
+            local issue_num="${issue_key##*:}"
+            local repo="${issue_key%:*}"
+            [[ "$repo" == "$issue_key" ]] && repo=""
+
+            # Log and emit
+            if [[ "$(type -t info 2>/dev/null)" == "function" ]]; then
+                info "Failover: re-queuing issue #${issue_num} from offline machine ${machine}"
+            fi
+            if [[ "$(type -t emit_event 2>/dev/null)" == "function" ]]; then
+                emit_event "fleet.failover" "{\"issue\":\"$issue_num\",\"from_machine\":\"$machine\"}"
+            fi
+
+            # Release the claim (remove label) — idempotent
+            if [[ -n "$repo" ]]; then
+                gh issue edit "$issue_num" --repo "$repo" --remove-label "claimed:${machine}" 2>/dev/null || true
+            else
+                gh issue edit "$issue_num" --remove-label "claimed:${machine}" 2>/dev/null || true
+            fi
+
+            # When running in daemon context: enqueue so we pick it up if we watch this repo
+            # In org mode WATCH_MODE=org, enqueue uses owner/repo:num; in repo mode just num
+            if [[ -f "${STATE_FILE:-$HOME/.shipwright/daemon-state.json}" ]] && type enqueue_issue >/dev/null 2>&1; then
+                local queue_key="$issue_num"
+                [[ -n "$repo" ]] && queue_key="${repo}:${issue_num}"
+                enqueue_issue "$queue_key" 2>/dev/null || true
+            fi
+        done <<< "$orphaned_issues"
+    done <<< "$offline_machines"
+}

package/scripts/lib/helpers.sh

@@ -64,7 +64,7 @@ emit_event() {
     shift
 
     # Try SQLite first (via sw-db.sh's db_add_event)
-    if type db_add_event &>/dev/null; then
+    if type db_add_event >/dev/null 2>&1; then
         db_add_event "$event_type" "$@" 2>/dev/null || true
     fi
 
@@ -76,7 +76,10 @@ emit_event() {
         if [[ "$val" =~ ^-?[0-9]+\.?[0-9]*$ ]]; then
             json_fields="${json_fields},\"${key}\":${val}"
         else
-            val="${val//\"/\\\"}"
+            val="${val//\\/\\\\}"       # escape backslashes first
+            val="${val//\"/\\\"}"       # then quotes
+            val="${val//$'\n'/\\n}"     # then newlines
+            val="${val//$'\t'/\\t}"     # then tabs
             json_fields="${json_fields},\"${key}\":\"${val}\""
         fi
     done
@@ -85,11 +88,20 @@ emit_event() {
     # Use flock to prevent concurrent write corruption
     local _lock_file="${EVENTS_FILE}.lock"
     (
-        if command -v flock &>/dev/null; then
+        if command -v flock >/dev/null 2>&1; then
             flock -w 2 200 2>/dev/null || true
         fi
         echo "$_event_line" >> "$EVENTS_FILE"
     ) 200>"$_lock_file"
+
+    # Optional schema validation (dev mode only)
+    if [[ -n "${SHIPWRIGHT_DEV:-}" && -n "${_CONFIG_REPO_DIR:-}" && -f "${_CONFIG_REPO_DIR}/config/event-schema.json" ]]; then
+        local known_types
+        known_types=$(jq -r '.event_types | keys[]' "${_CONFIG_REPO_DIR}/config/event-schema.json" 2>/dev/null || true)
+        if [[ -n "$known_types" ]] && ! echo "$known_types" | grep -qx "$event_type"; then
+            echo "WARN: Unknown event type '$event_type'" >&2
+        fi
+    fi
 }
 
 # Rotate a JSONL file to keep it within max_lines.
@@ -103,9 +115,7 @@ with_retry() {
     local attempt=1
     local delay=1
     while [[ "$attempt" -le "$max_attempts" ]]; do
-        if "$@"; then
-            return 0
-        fi
+        "$@" && return 0
         local exit_code=$?
         if [[ "$attempt" -lt "$max_attempts" ]]; then
             warn "Attempt $attempt/$max_attempts failed (exit $exit_code), retrying in ${delay}s..."
@@ -187,3 +197,17 @@ _sw_github_url() {
     repo="$(_sw_github_repo)"
     echo "https://github.com/${repo}"
 }
+
+# ─── Network Safe Wrappers (config-aware timeouts) ─────────────────────────────
+# Use SHIPWRIGHT_* env vars if set; otherwise _config_get_int when config.sh is loaded
+# Usage: _curl_safe [curl args...]  |  _gh_safe [gh args...]
+_curl_safe() {
+    local ct="${SHIPWRIGHT_CONNECT_TIMEOUT:-$(_config_get_int "network.connect_timeout" 10 2>/dev/null || echo 10)}"
+    local mt="${SHIPWRIGHT_MAX_TIME:-$(_config_get_int "network.max_time" 60 2>/dev/null || echo 60)}"
+    curl --connect-timeout "$ct" --max-time "$mt" "$@"
+}
+
+_gh_safe() {
+    local gh_timeout="${SHIPWRIGHT_GH_TIMEOUT:-$(_config_get_int "network.gh_timeout" 30 2>/dev/null || echo 30)}"
+    GH_HTTP_TIMEOUT="$gh_timeout" _timeout "$gh_timeout" gh "$@"
+}

package/scripts/lib/pipeline-detection.sh

@@ -101,7 +101,7 @@ detect_project_lang() {
     fi
 
     # Intelligence: holistic analysis for polyglot/monorepo detection
-    if [[ "$detected" == "unknown" ]] && type intelligence_search_memory &>/dev/null 2>&1 && command -v claude &>/dev/null; then
+    if [[ "$detected" == "unknown" ]] && type intelligence_search_memory >/dev/null 2>&1 && command -v claude >/dev/null 2>&1; then
         local config_files
         config_files=$(ls "$root" 2>/dev/null | grep -E '\.(json|toml|yaml|yml|xml|gradle|lock|mod)$' | head -15)
         if [[ -n "$config_files" ]]; then
@@ -221,7 +221,7 @@ detect_task_type() {
     local goal="$1"
 
     # Intelligence: Claude classification with confidence score
-    if type intelligence_search_memory &>/dev/null 2>&1 && command -v claude &>/dev/null; then
+    if type intelligence_search_memory >/dev/null 2>&1 && command -v claude >/dev/null 2>&1; then
         local ai_result
         ai_result=$(claude --print --output-format text -p "Classify this task into exactly ONE category. Reply in format: CATEGORY|CONFIDENCE (0-100)
 

package/scripts/lib/pipeline-github.sh

@@ -9,14 +9,14 @@ gh_init() {
         return
     fi
 
-    if ! command -v gh &>/dev/null; then
+    if ! command -v gh >/dev/null 2>&1; then
         GH_AVAILABLE=false
         warn "gh CLI not found — GitHub integration disabled"
         return
     fi
 
     # Check if authenticated
-    if ! gh auth status &>/dev/null 2>&1; then
+    if ! gh auth status >/dev/null 2>&1; then
         GH_AVAILABLE=false
         warn "gh not authenticated — GitHub integration disabled"
         return
@@ -46,7 +46,7 @@ gh_init() {
 gh_comment_issue() {
     [[ "$GH_AVAILABLE" != "true" ]] && return 0
     local issue_num="$1" body="$2"
-    gh issue comment "$issue_num" --body "$body" 2>/dev/null || true
+    _timeout 30 gh issue comment "$issue_num" --body "$body" 2>/dev/null || true
 }
 
 # Post a progress-tracking comment and save its ID for later updates
@@ -56,7 +56,7 @@ gh_post_progress() {
     local issue_num="$1" body="$2"
     local result
     result=$(gh api "repos/${REPO_OWNER}/${REPO_NAME}/issues/${issue_num}/comments" \
-        -f body="$body" --jq '.id' 2>/dev/null) || true
+        -f body="$body" --jq '.id' --timeout 30 2>/dev/null) || true
     if [[ -n "$result" && "$result" != "null" ]]; then
         PROGRESS_COMMENT_ID="$result"
     fi
@@ -68,7 +68,7 @@ gh_update_progress() {
     [[ "$GH_AVAILABLE" != "true" || -z "$PROGRESS_COMMENT_ID" ]] && return 0
     local body="$1"
     gh api "repos/${REPO_OWNER}/${REPO_NAME}/issues/comments/${PROGRESS_COMMENT_ID}" \
-        -X PATCH -f body="$body" 2>/dev/null || true
+        -X PATCH -f body="$body" --timeout 30 2>/dev/null || true
 }
 
 # Add labels to an issue or PR
@@ -77,7 +77,7 @@ gh_add_labels() {
     [[ "$GH_AVAILABLE" != "true" ]] && return 0
     local issue_num="$1" labels="$2"
     [[ -z "$labels" ]] && return 0
-    gh issue edit "$issue_num" --add-label "$labels" 2>/dev/null || true
+    _timeout 30 gh issue edit "$issue_num" --add-label "$labels" 2>/dev/null || true
 }
 
 # Remove a label from an issue
@@ -85,7 +85,7 @@ gh_add_labels() {
 gh_remove_label() {
     [[ "$GH_AVAILABLE" != "true" ]] && return 0
     local issue_num="$1" label="$2"
-    gh issue edit "$issue_num" --remove-label "$label" 2>/dev/null || true
+    _timeout 30 gh issue edit "$issue_num" --remove-label "$label" 2>/dev/null || true
 }
 
 # Self-assign an issue
@@ -93,7 +93,7 @@ gh_remove_label() {
 gh_assign_self() {
     [[ "$GH_AVAILABLE" != "true" ]] && return 0
     local issue_num="$1"
-    gh issue edit "$issue_num" --add-assignee "@me" 2>/dev/null || true
+    _timeout 30 gh issue edit "$issue_num" --add-assignee "@me" 2>/dev/null || true
 }
 
 # Get full issue metadata as JSON
@@ -101,7 +101,7 @@ gh_assign_self() {
 gh_get_issue_meta() {
     [[ "$GH_AVAILABLE" != "true" ]] && return 0
     local issue_num="$1"
-    gh issue view "$issue_num" --json title,body,labels,milestone,assignees,comments,number,state 2>/dev/null || true
+    _timeout 30 gh issue view "$issue_num" --json title,body,labels,milestone,assignees,comments,number,state 2>/dev/null || true
 }
 
 # Build a progress table for GitHub comment