thumbgate 1.12.0 → 1.12.1

package/.claude-plugin/marketplace.json

@@ -1,6 +1,6 @@
 {
   "name": "thumbgate-marketplace",
-  "version": "1.12.0",
+  "version": "1.12.1",
   "owner": {
     "name": "Igor Ganapolsky",
     "email": "ig5973700@gmail.com"
@@ -13,7 +13,7 @@
         "source": "npm",
         "package": "thumbgate"
       },
-      "version": "1.12.0",
+      "version": "1.12.1",
       "author": {
         "name": "Igor Ganapolsky"
       },

package/.claude-plugin/plugin.json

@@ -1,7 +1,7 @@
 {
   "name": "thumbgate",
   "description": "Type 👍 or 👎 on any agent action. ThumbGate captures it, distills a lesson, and blocks the pattern from repeating. One thumbs-down = the agent physically cannot make that mistake again. 33 pre-action gates, budget enforcement, self-protection, and NIST/SOC2 compliance tags.",
-  "version": "1.12.0",
+  "version": "1.12.1",
   "author": {
     "name": "Igor Ganapolsky"
   },

package/.well-known/mcp/server-card.json

@@ -1,6 +1,6 @@
 {
   "name": "thumbgate",
-  "version": "1.12.0",
+  "version": "1.12.1",
   "description": "ThumbGate — 👍👎 feedback that teaches your AI agent. Thumbs down a mistake, it never happens again.",
   "homepage": "https://thumbgate-production.up.railway.app",
   "transport": "stdio",

package/adapters/README.md

@@ -3,7 +3,7 @@
 - `chatgpt/openapi.yaml`: import into GPT Actions.
 - `gemini/function-declarations.json`: Gemini function-calling definitions.
 - `mcp/server-stdio.js`: underlying local MCP stdio server implementation.
-- `claude/.mcp.json`: example Claude Code MCP config using `npx --yes --package thumbgate@1.12.0 thumbgate serve`.
+- `claude/.mcp.json`: example Claude Code MCP config using `npx --yes --package thumbgate@1.12.1 thumbgate serve`.
 - `codex/config.toml`: example Codex MCP profile section using the same version-pinned portable launcher.
 - `amp/skills/thumbgate-feedback/SKILL.md`: Amp skill template.
 - `opencode/opencode.json`: portable OpenCode MCP profile using the same version-pinned portable launcher.

package/adapters/claude/.mcp.json

@@ -2,13 +2,13 @@
   "mcpServers": {
     "thumbgate": {
       "command": "npx",
-      "args": ["--yes", "--package", "thumbgate@1.12.0", "thumbgate", "serve"]
+      "args": ["--yes", "--package", "thumbgate@1.12.1", "thumbgate", "serve"]
     }
   },
   "hooks": {
     "preToolUse": {
       "command": "npx",
-      "args": ["--yes", "--package", "thumbgate@1.12.0", "thumbgate", "gate-check"]
+      "args": ["--yes", "--package", "thumbgate@1.12.1", "thumbgate", "gate-check"]
     }
   }
 }

package/adapters/mcp/server-stdio.js

@@ -153,7 +153,7 @@ const {
   finalizeSession: finalizeFeedbackSession,
 } = require('../../scripts/feedback-session');
 
-const SERVER_INFO = { name: 'thumbgate-mcp', version: '1.12.0' };
+const SERVER_INFO = { name: 'thumbgate-mcp', version: '1.12.1' };
 const COMMERCE_CATEGORIES = [
   'product_recommendation',
   'brand_compliance',

package/adapters/opencode/opencode.json

@@ -7,7 +7,7 @@
         "npx",
         "--yes",
         "--package",
-        "thumbgate@1.12.0",
+        "thumbgate@1.12.1",
         "thumbgate",
         "serve"
       ],

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "thumbgate",
-  "version": "1.12.0",
+  "version": "1.12.1",
   "description": "Self-improving agent governance: type thumbs-up or thumbs-down on any AI agent action. ThumbGate turns every mistake into a prevention rule and blocks the pattern from repeating. One thumbs-down, never again. 33 pre-action gates, budget enforcement, and self-protection for Claude Code, Cursor, Codex, Gemini CLI, and Amp.",
   "homepage": "https://thumbgate-production.up.railway.app",
   "repository": {
@@ -566,7 +566,7 @@
     "node": ">=18.18.0"
   },
   "dependencies": {
-    "@anthropic-ai/sdk": "^0.88.0",
+    "@anthropic-ai/sdk": "^0.90.0",
     "@google/genai": "^1.49.0",
     "@huggingface/transformers": "^4.0.1",
     "@lancedb/lancedb": "^0.27.2",
@@ -574,7 +574,7 @@
     "better-sqlite3": "^12.9.0",
     "dotenv": "^17.4.2",
     "playwright-core": "^1.59.1",
-    "stripe": "^22.0.1"
+    "stripe": "^22.0.2"
   },
   "overrides": {
     "express@4.22.1": {

package/public/index.html

@@ -974,7 +974,7 @@ __GA_BOOTSTRAP__
 <!-- HOW IT WORKS -->
 <section class="how-it-works" id="how-it-works">
   <div class="container">
-    <div class="section-label">New in v1.12.0</div>
+    <div class="section-label">New in v1.12.1</div>
     <h2 class="section-title">Three steps to stop repeated AI failures</h2>
     <div class="steps">
       <div class="step">
@@ -1330,7 +1330,7 @@ __GA_BOOTSTRAP__
       <a href="https://www.linkedin.com/in/igorganapolsky" target="_blank" rel="noopener">LinkedIn</a>
       <a href="/blog">Blog</a>
     </div>
-    <span class="footer-copy">© 2026 Max Smith KDP LLC · MIT License · v1.12.0</span>
+    <span class="footer-copy">© 2026 Max Smith KDP LLC · MIT License · v1.12.1</span>
   </div>
 </footer>
 

package/scripts/gates-engine.js

@@ -83,6 +83,7 @@ const DEFAULT_PROTECTED_FILE_GLOBS = [
 ];
 const EDIT_LIKE_TOOLS = new Set(['Edit', 'Write', 'MultiEdit']);
 const HIGH_RISK_BASH_PATTERN = /\b(?:git\s+(?:add|commit|push)|gh\s+pr\s+(?:create|merge)|npm\s+publish|yarn\s+publish|pnpm\s+publish|rm\s+-rf)\b/i;
+const REMOTE_SIDE_EFFECT_BASH_PATTERN = /\b(?:git\s+push\b|gh\s+pr\s+(?:create|merge|close|reopen|ready|edit)\b|gh\s+release\s+(?:create|delete|edit|upload)\b|npm\s+publish\b|yarn\s+publish\b|pnpm\s+publish\b)\b/i;
 const BOOSTED_RISK_BLOCK_SCORE = 0.8;
 const BOOSTED_RISK_MIN_EXAMPLES = 3;
 const PR_THREAD_RESOLUTION_ACTION = 'pr_thread_resolution_verified_after_commit';
@@ -826,6 +827,59 @@ function evaluatePendingPrThreadResolutionGate(toolName, toolInput = {}) {
   };
 }
 
+function getLocalOnlyScopeSources(governanceState = {}, constraints = {}) {
+  const sources = [];
+  if (governanceState.taskScope && governanceState.taskScope.localOnly) {
+    sources.push('task scope');
+  }
+  if (governanceState.branchGovernance && governanceState.branchGovernance.localOnly) {
+    sources.push('branch governance');
+  }
+  if (constraints.local_only && constraints.local_only.value === true) {
+    sources.push('local_only constraint');
+  }
+  return sources;
+}
+
+function isRemoteSideEffectCommand(toolName, toolInput = {}) {
+  if (toolName !== 'Bash') return false;
+  return REMOTE_SIDE_EFFECT_BASH_PATTERN.test(String(toolInput.command || ''));
+}
+
+function evaluateLocalOnlyRemoteSideEffectGate(toolName, toolInput = {}, governanceState = {}, constraints = {}) {
+  if (!isRemoteSideEffectCommand(toolName, toolInput)) return null;
+  const sources = getLocalOnlyScopeSources(governanceState, constraints);
+  if (sources.length === 0) return null;
+
+  const command = String(toolInput.command || '').trim();
+  return {
+    decision: 'deny',
+    gate: 'local-only-remote-side-effect',
+    message: 'Task scope is local-only; remote git, PR, release, and publish actions are blocked until the local-only scope is cleared or explicitly changed.',
+    severity: 'critical',
+    reasoning: [
+      `Local-only source: ${sources.join(', ')}`,
+      `Blocked command: ${command.slice(0, 160)}`,
+      'Remote side effects are denied before configurable gates so wrapped commands cannot bypass local-only work boundaries',
+    ],
+  };
+}
+
+function recordStructuralGateBlock(toolName, toolInput, result) {
+  recordStat(result.gate, 'block');
+  const auditRecord = recordAuditEvent({
+    toolName,
+    toolInput,
+    decision: 'deny',
+    gateId: result.gate,
+    message: result.message,
+    severity: result.severity,
+    source: 'gates-engine',
+  });
+  auditToFeedback(auditRecord);
+  return result;
+}
+
 function isScopeEnforcedAction(toolName, toolInput = {}, affectedFiles = []) {
   if (EDIT_LIKE_TOOLS.has(toolName) && affectedFiles.length > 0) return true;
   if (toolName !== 'Bash') return false;
@@ -1333,7 +1387,18 @@ async function evaluateGatesAsync(toolName, toolInput, configPath) {
   }
 
   const constraints = loadConstraints();
+  const governanceState = loadGovernanceState();
   registerPrThreadResolutionClaimGate(toolName, toolInput);
+  const localOnlyRemoteSideEffectGate = evaluateLocalOnlyRemoteSideEffectGate(
+    toolName,
+    toolInput,
+    governanceState,
+    constraints,
+  );
+  if (localOnlyRemoteSideEffectGate) {
+    return recordStructuralGateBlock(toolName, toolInput, localOnlyRemoteSideEffectGate);
+  }
+
   const pendingThreadResolutionGate = evaluatePendingPrThreadResolutionGate(toolName, toolInput);
   if (pendingThreadResolutionGate) {
     recordStat(pendingThreadResolutionGate.gate, 'block');
@@ -1445,7 +1510,7 @@ async function evaluateGatesAsync(toolName, toolInput, configPath) {
   }
 
   const sentinelReport = evaluateWorkflowSentinel(toolName, toolInput, {
-    governanceState: loadGovernanceState(),
+    governanceState,
   });
   const sentinelDecision = recordSentinelDecision(sentinelReport, toolName, toolInput);
   const memoryGuard = evaluateMemoryGuard(toolName, toolInput);
@@ -1503,7 +1568,18 @@ function evaluateGates(toolName, toolInput, configPath) {
   }
 
   const constraints = loadConstraints();
+  const governanceState = loadGovernanceState();
   registerPrThreadResolutionClaimGate(toolName, toolInput);
+  const localOnlyRemoteSideEffectGate = evaluateLocalOnlyRemoteSideEffectGate(
+    toolName,
+    toolInput,
+    governanceState,
+    constraints,
+  );
+  if (localOnlyRemoteSideEffectGate) {
+    return recordStructuralGateBlock(toolName, toolInput, localOnlyRemoteSideEffectGate);
+  }
+
   const pendingThreadResolutionGate = evaluatePendingPrThreadResolutionGate(toolName, toolInput);
   if (pendingThreadResolutionGate) {
     recordStat(pendingThreadResolutionGate.gate, 'block');
@@ -1587,7 +1663,7 @@ function evaluateGates(toolName, toolInput, configPath) {
   }
 
   const sentinelReport = evaluateWorkflowSentinel(toolName, toolInput, {
-    governanceState: loadGovernanceState(),
+    governanceState,
   });
   const sentinelDecision = recordSentinelDecision(sentinelReport, toolName, toolInput);
   const memoryGuard = evaluateMemoryGuard(toolName, toolInput);
@@ -2250,6 +2326,9 @@ module.exports = {
   evaluateBoostedRiskTagGuard,
   registerPrThreadResolutionClaimGate,
   evaluatePendingPrThreadResolutionGate,
+  getLocalOnlyScopeSources,
+  isRemoteSideEffectCommand,
+  evaluateLocalOnlyRemoteSideEffectGate,
   PR_THREAD_RESOLUTION_ACTION,
 };
 

package/scripts/mcp-config.js

@@ -189,13 +189,13 @@ function publishedCliAvailable(pkgVersion) {
 
 function resolveMcpEntry({ pkgRoot, pkgVersion, scope = 'project', targetDir = pkgRoot }) {
   if (!isSourceCheckout(pkgRoot)) {
-    return portableMcpEntry(pkgVersion);
+    return codexAutoUpdateMcpEntry();
   }
   if (scope === 'home' && publishedCliAvailable(pkgVersion)) {
-    return portableMcpEntry(pkgVersion);
+    return codexAutoUpdateMcpEntry();
   }
   if (scope === 'project' && !isSameCheckoutFamily(pkgRoot, targetDir) && publishedCliAvailable(pkgVersion)) {
-    return portableMcpEntry(pkgVersion);
+    return codexAutoUpdateMcpEntry();
   }
   return localMcpEntry(pkgRoot, scope);
 }