thumbgate 1.26.2 → 1.26.4

package/scripts/gates-engine.js

@@ -109,9 +109,21 @@ const DEFAULT_PROTECTED_FILE_GLOBS = [
 const EDIT_LIKE_TOOLS = new Set(['Edit', 'Write', 'MultiEdit']);
 const HIGH_RISK_BASH_PATTERN = /\b(?:git\s+(?:add|commit|push)|gh\s+pr\s+(?:create|merge)|npm\s+publish|yarn\s+publish|pnpm\s+publish|rm\s+-rf)\b/i;
 const REMOTE_SIDE_EFFECT_BASH_PATTERN = /\b(?:git\s+push\b|gh\s+pr\s+(?:create|merge|close|reopen|ready|edit)\b|gh\s+release\s+(?:create|delete|edit|upload)\b|npm\s+publish\b|yarn\s+publish\b|pnpm\s+publish\b)\b/i;
+const GH_API_PR_CREATE_PATTERN = /\bgh\s+api\b(?=.*(?:\/pulls\b|repos\/[^\s]+\/[^\s]+\/pulls\b))(?=.*(?:-f\b|--field\b|-F\b|--raw-field\b|--method\s+POST\b|-X\s+POST\b))/i;
 const BOOSTED_RISK_BLOCK_SCORE = 0.8;
 const BOOSTED_RISK_MIN_EXAMPLES = 3;
 const PR_THREAD_RESOLUTION_ACTION = 'pr_thread_resolution_verified_after_commit';
+const KNOWLEDGE_ENTROPY_THRESHOLD = 0.7;
+const KNOWLEDGE_CONFLICT_STRICT_BASH_PATTERN = /\b(?:git\s+push\b|gh\s+pr\s+merge\b|gh\s+release\s+(?:create|delete|edit|upload)\b|(?:npm|yarn|pnpm)\s+publish\b|rm\s+-rf\b|git\s+reset\s+--hard\b|git\s+clean\s+-f|railway\s+(?:deploy|up)\b|gcloud\s+(?:run\s+deploy|app\s+deploy)\b|firebase\s+deploy\b|vercel\s+--prod\b|kubectl\s+(?:apply|delete)\b|terraform\s+(?:apply|destroy)\b)\b/i;
+const BREAK_GLASS_CONDITION = 'thumbgate_break_glass';
+const BREAK_GLASS_SETTINGS_GLOBS = [
+  '.claude/settings.local.json',
+  '.claude/settings.json',
+  '**/.claude/settings.local.json',
+  '**/.claude/settings.json',
+  '.codex/config.toml',
+  '**/.codex/config.toml',
+];
 
 function isRuntimePlanGateEnabled() {
   return process.env.THUMBGATE_PLAN_GATE === '1' || process.env.THUMBGATE_PLAN_GATE === 'true';
@@ -360,6 +372,38 @@ function approveProtectedAction(input = {}) {
   return entry;
 }
 
+function breakGlassEmergency(input = {}) {
+  const reason = String(input.reason || '').trim();
+  if (!reason) {
+    throw new Error('reason is required');
+  }
+
+  const ttlMs = Math.min(clampTtlMs(input.ttlMs, TTL_MS), TTL_MS);
+  const evidence = `BREAK GLASS: ${reason}`;
+  const gates = ['pr_create_allowed', 'pr_threads_checked', BREAK_GLASS_CONDITION];
+  const satisfied = {};
+  for (const gateId of gates) {
+    satisfied[gateId] = satisfyCondition(gateId, evidence);
+  }
+
+  const approval = approveProtectedAction({
+    pathGlobs: BREAK_GLASS_SETTINGS_GLOBS,
+    reason: evidence,
+    evidence,
+    ttlMs,
+  });
+
+  return {
+    ok: true,
+    reason,
+    ttlMs,
+    expiresAt: new Date(Date.now() + ttlMs).toISOString(),
+    satisfied,
+    approval,
+    settingsGlobs: BREAK_GLASS_SETTINGS_GLOBS.slice(),
+  };
+}
+
 function setBranchGovernance(input = {}) {
   if (input && input.clear === true) {
     const state = loadGovernanceState();
@@ -693,7 +737,7 @@ function extractAffectedFiles(toolName, toolInput = {}) {
       }
     }
 
-    if (/\bgit\s+push\b/i.test(command) || /\bgh\s+pr\s+(?:create|merge)\b/i.test(command)) {
+    if (/\bgit\s+push\b/i.test(command) || /\bgh\s+pr\s+(?:create|merge)\b/i.test(command) || GH_API_PR_CREATE_PATTERN.test(command)) {
       for (const filePath of getBranchDiffFiles(repoRoot)) {
         files.add(normalizePosix(filePath));
       }
@@ -712,6 +756,7 @@ function isHighRiskAction(toolName, toolInput = {}, affectedFiles = []) {
   const command = String(toolInput.command || '');
   // Original high-risk pattern (git writes, publishes, destructive ops)
   if (HIGH_RISK_BASH_PATTERN.test(command)) return true;
+  if (GH_API_PR_CREATE_PATTERN.test(command)) return true;
   // Broadened: any Bash command that modifies files or has side effects.
   // Excludes pure read/analysis commands (node --test, cat, ls, echo, etc.)
   // to avoid false positives on benign operations.
@@ -949,7 +994,8 @@ function getLocalOnlyScopeSources(governanceState = {}, constraints = {}) {
 
 function isRemoteSideEffectCommand(toolName, toolInput = {}) {
   if (toolName !== 'Bash') return false;
-  return REMOTE_SIDE_EFFECT_BASH_PATTERN.test(String(toolInput.command || ''));
+  const command = String(toolInput.command || '');
+  return REMOTE_SIDE_EFFECT_BASH_PATTERN.test(command) || GH_API_PR_CREATE_PATTERN.test(command);
 }
 
 function evaluateLocalOnlyRemoteSideEffectGate(toolName, toolInput = {}, governanceState = {}, constraints = {}) {
@@ -1003,6 +1049,25 @@ function shouldEnforceTaskScope(gate, governanceState, toolName, toolInput = {},
   return isScopeEnforcedAction(toolName, toolInput, affectedFiles);
 }
 
+function isAgentHookSettingsFile(filePath) {
+  return matchesAnyGlob(filePath, BREAK_GLASS_SETTINGS_GLOBS);
+}
+
+function isBreakGlassSettingsBypass(gate, affectedFiles) {
+  if (!gate || !['task-scope-edit-boundary', 'protected-file-approval-required'].includes(gate.id)) {
+    return false;
+  }
+  if (!isConditionSatisfied(BREAK_GLASS_CONDITION)) return false;
+  return Array.isArray(affectedFiles) && affectedFiles.length > 0 && affectedFiles.every(isAgentHookSettingsFile);
+}
+
+function isBreakGlassSettingsRecoveryAction(toolName, toolInput = {}) {
+  if (!EDIT_LIKE_TOOLS.has(toolName)) return false;
+  if (!isConditionSatisfied(BREAK_GLASS_CONDITION)) return false;
+  const affectedFiles = extractAffectedFiles(toolName, toolInput).files;
+  return affectedFiles.length > 0 && affectedFiles.every(isAgentHookSettingsFile);
+}
+
 function formatFileList(files, limit = 5) {
   const items = Array.isArray(files) ? files.filter(Boolean) : [];
   if (items.length === 0) return 'none';
@@ -1234,6 +1299,12 @@ function matchGate(gate, toolName, toolInput = {}) {
     try {
       const regex = new RegExp(gate.pattern);
       if (!regex.test(matchText)) return { matched: false, matchText, affectedFiles };
+      if (gate.id === 'permission-change-approval' && isSafeLocalCredentialHardeningCommand(toolName, toolInput)) {
+        return { matched: false, matchText, affectedFiles };
+      }
+      if (isBreakGlassSettingsBypass(gate, affectedFiles)) {
+        return { matched: false, matchText, affectedFiles };
+      }
     } catch {
       return { matched: false, matchText, affectedFiles };
     }
@@ -1251,6 +1322,9 @@ function matchGate(gate, toolName, toolInput = {}) {
 
   let taskScopeViolation = null;
   if (gate.requireTaskScope) {
+    if (isBreakGlassSettingsBypass(gate, affectedFiles)) {
+      return { matched: false, matchText, affectedFiles };
+    }
     if (!shouldEnforceTaskScope(gate, governanceState, toolName, toolInput, affectedFiles)) {
       return { matched: false, matchText, affectedFiles };
     }
@@ -1260,6 +1334,9 @@ function matchGate(gate, toolName, toolInput = {}) {
 
   let protectedApprovalViolation = null;
   if (gate.requireProtectedApproval) {
+    if (isBreakGlassSettingsBypass(gate, affectedFiles)) {
+      return { matched: false, matchText, affectedFiles };
+    }
     const protectedGlobs = sanitizeGlobList(
       Array.isArray(gate.protectedGlobs) && gate.protectedGlobs.length > 0
         ? gate.protectedGlobs
@@ -1299,6 +1376,27 @@ function matchesGate(gate, toolName, toolInput) {
   return matchGate(gate, toolName, toolInput).matched;
 }
 
+function isSafeLocalCredentialHardeningCommand(toolName, toolInput = {}) {
+  if (toolName !== 'Bash') return false;
+  const command = String(toolInput.command || '').trim();
+  if (!command || /(?:^|\s)chmod\s+[^&;|]*\s+-R\b/i.test(command)) return false;
+  if (/[;&|`$()<>*?[\]{}]/.test(command)) return false;
+
+  const match = command.match(/(?:^|\s)chmod\s+(?:-[fv]\s+)?0?([46]00)\s+(['"]?)(\S+)\2\s*$/i);
+  if (!match) return false;
+
+  const target = match[3];
+  if (!target || target === '/' || target === '~') return false;
+  if (/^\.\.?(?:\/|$)/.test(target)) return false;
+
+  const normalized = target.replace(/^['"]|['"]$/g, '').toLowerCase();
+  const looksLikeCredentialPath = /(?:^|\/)(?:\.config|\.ssh|\.gnupg|\.aws|\.gcloud|\.gemini|\.resume_secrets|\.thumbgate|secrets?|credentials?)(?:\/|$)/.test(normalized)
+    || /(?:key|secret|token|credential|gemini|gcloud|google|operator).*\.(?:json|pem|key|env)$/i.test(normalized)
+    || /\.(?:pem|key)$/i.test(normalized);
+
+  return looksLikeCredentialPath;
+}
+
 function evaluateMemoryGuard(toolName, toolInput = {}) {
   const affected = extractAffectedFiles(toolName, toolInput);
   const affectedFiles = affected.files;
@@ -1315,7 +1413,10 @@ function evaluateMemoryGuard(toolName, toolInput = {}) {
   }
 
   const command = String(toolInput.command || '');
-  if (toolName === 'Bash' && /\bgh\s+pr\s+create\b/i.test(command) && isConditionSatisfied('pr_create_allowed')) {
+  const isPrCreateCommand = toolName === 'Bash' && (
+    /\bgh\s+pr\s+create\b/i.test(command) || GH_API_PR_CREATE_PATTERN.test(command)
+  );
+  if (isPrCreateCommand && isConditionSatisfied('pr_create_allowed')) {
     const branchGovernanceViolation = buildBranchGovernanceViolation(
       governanceState,
       toolInput,
@@ -1328,7 +1429,10 @@ function evaluateMemoryGuard(toolName, toolInput = {}) {
     }
   }
 
-  if (toolName === 'Bash' && /\b(?:gh\s+pr\s+(?:create|merge)|gh\s+release\s+create|git\s+tag\b|(?:npm|yarn|pnpm)\s+publish\b)\b/i.test(command)) {
+  if (toolName === 'Bash' && (
+    /\b(?:gh\s+pr\s+(?:create|merge)|gh\s+release\s+create|git\s+tag\b|(?:npm|yarn|pnpm)\s+publish\b)\b/i.test(command) ||
+    GH_API_PR_CREATE_PATTERN.test(command)
+  )) {
     const branchGovernanceViolation = buildBranchGovernanceViolation(
       governanceState,
       toolInput,
@@ -1504,6 +1608,18 @@ async function evaluateGatesAsync(toolName, toolInput, configPath) {
   if (localOnlyRemoteSideEffectGate) {
     return recordStructuralGateBlock(toolName, toolInput, localOnlyRemoteSideEffectGate);
   }
+  if (isBreakGlassSettingsRecoveryAction(toolName, toolInput)) {
+    recordAuditEvent({
+      toolName,
+      toolInput,
+      decision: 'allow',
+      gateId: BREAK_GLASS_CONDITION,
+      message: 'Break-glass recovery allowed hook settings edit',
+      severity: 'high',
+      source: 'gates-engine',
+    });
+    return null;
+  }
 
   const pendingThreadResolutionGate = evaluatePendingPrThreadResolutionGate(toolName, toolInput);
   if (pendingThreadResolutionGate) {
@@ -1718,6 +1834,18 @@ function evaluateGates(toolName, toolInput, configPath) {
   if (localOnlyRemoteSideEffectGate) {
     return recordStructuralGateBlock(toolName, toolInput, localOnlyRemoteSideEffectGate);
   }
+  if (isBreakGlassSettingsRecoveryAction(toolName, toolInput)) {
+    recordAuditEvent({
+      toolName,
+      toolInput,
+      decision: 'allow',
+      gateId: BREAK_GLASS_CONDITION,
+      message: 'Break-glass recovery allowed hook settings edit',
+      severity: 'high',
+      source: 'gates-engine',
+    });
+    return null;
+  }
 
   const pendingThreadResolutionGate = evaluatePendingPrThreadResolutionGate(toolName, toolInput);
   if (pendingThreadResolutionGate) {
@@ -1989,12 +2117,19 @@ function isApprovalGatesEnabled() {
 // PreToolUse hook interface (stdin/stdout JSON)
 // ---------------------------------------------------------------------------
 
-function buildReminderOutput(context) {
+function buildPreToolUseOutput(fields = {}) {
   return {
+    hookEventName: 'PreToolUse',
+    ...fields,
+  };
+}
+
+function buildReminderOutput(context) {
+  return buildPreToolUseOutput({
     additionalContext: context,
     systemReminder: context,
     thumbgateSystemReminder: context,
-  };
+  });
 }
 
 // ---------------------------------------------------------------------------
@@ -2047,6 +2182,7 @@ function formatOutput(result, behavioralContext) {
     const proCta = buildBlockActionProCta() || '';
     return JSON.stringify({
       hookSpecificOutput: {
+        hookEventName: 'PreToolUse',
         ...reminder,
         permissionDecision: 'deny',
         permissionDecisionReason: `[GATE:${result.gate}] ${result.message}${reasoningSuffix}${reminderSuffix}${proCta}`,
@@ -2059,6 +2195,7 @@ function formatOutput(result, behavioralContext) {
     const reminderSuffix = behavioralContext ? `\n\nSystem reminder:\n${behavioralContext}` : '';
     return JSON.stringify({
       hookSpecificOutput: {
+        hookEventName: 'PreToolUse',
         ...reminder,
         permissionDecision: 'deny',
         permissionDecisionReason: `[GATE:${result.gate}] APPROVAL REQUIRED: ${result.message} — Ask the human to confirm this action before proceeding.${reasoningSuffix}${reminderSuffix}`,
@@ -2071,6 +2208,7 @@ function formatOutput(result, behavioralContext) {
     const context = `[GATE:${result.gate}] WARNING: ${result.message}${reasoningSuffix}${extra}`;
     return JSON.stringify({
       hookSpecificOutput: {
+        hookEventName: 'PreToolUse',
         additionalContext: context,
         ...(behavioralContext ? {
           systemReminder: behavioralContext,
@@ -2204,9 +2342,8 @@ function buildRelevantLessonContext(toolName, toolInput) {
     const lessons = retrieveRelevantLessons(toolName, actionContext, { maxResults: 3 });
 
     const entropy = calculateRetrievalEntropy(lessons);
-    if (entropy > 0.7) {
-      recordStat("retrieval_entropy_high", "block");
-      return { decision: "deny", gate: "knowledge-conflict-gate", message: "✗ THUMBGATE: Action blocked due to high Knowledge Entropy (conflicting past lessons).", severity: "high" };
+    if (entropy > KNOWLEDGE_ENTROPY_THRESHOLD) {
+      return buildKnowledgeConflictContext(toolName, toolInput, lessons, entropy);
     }
     return formatNegativeLessonContext(lessons);
   } catch {
@@ -2237,16 +2374,11 @@ async function buildRelevantLessonContextAsync(toolName, toolInput) {
       : retrieveRelevantLessons(toolName, actionContext, { maxResults: 3 });
     
     // Knowledge Conflict Detection: if retrieved lessons have high sentiment entropy,
-    // it indicates conflicting past evidence. Block and require human disambiguation.
+    // it indicates conflicting past evidence. Warn by default; hard-block only in
+    // strict mode for external/destructive side-effect commands.
     const entropy = calculateRetrievalEntropy(lessons);
-    if (entropy > 0.7) {
-      recordStat('retrieval_entropy_high', 'block');
-      return {
-        decision: 'deny',
-        gate: 'knowledge-conflict-gate',
-        message: '✗ THUMBGATE: Action blocked due to high Knowledge Entropy (conflicting past lessons). Please disambiguate your instructions or verify the intended behavior manually.',
-        severity: 'high',
-      };
+    if (entropy > KNOWLEDGE_ENTROPY_THRESHOLD) {
+      return buildKnowledgeConflictContext(toolName, toolInput, lessons, entropy);
     }
 
     return formatNegativeLessonContext(lessons);
@@ -2273,6 +2405,36 @@ function formatNegativeLessonContext(lessons) {
   return `[ThumbGate] Past mistakes relevant to this action — read before proceeding:\n${formatted.join('\n')}`;
 }
 
+function isStrictKnowledgeConflictMode() {
+  return process.env.THUMBGATE_STRICT_KNOWLEDGE_CONFLICT === '1'
+    || process.env.THUMBGATE_STRICT_KNOWLEDGE_CONFLICT === 'true';
+}
+
+function isKnowledgeConflictHardBlockAction(toolName, toolInput = {}) {
+  if (!isStrictKnowledgeConflictMode()) return false;
+  if (EDIT_LIKE_TOOLS.has(toolName)) return true;
+  if (toolName !== 'Bash') return false;
+  return KNOWLEDGE_CONFLICT_STRICT_BASH_PATTERN.test(String(toolInput.command || ''));
+}
+
+function buildKnowledgeConflictContext(toolName, toolInput, lessons, entropy) {
+  const lessonContext = formatNegativeLessonContext(lessons);
+  const message = `Knowledge conflict warning: retrieved lessons disagree for this action (entropy ${entropy}). Treat the reminders below as cautionary context, but do not stop unrelated work solely because memory is noisy.`;
+
+  if (isKnowledgeConflictHardBlockAction(toolName, toolInput)) {
+    recordStat('retrieval_entropy_high', 'block');
+    return {
+      decision: 'deny',
+      gate: 'knowledge-conflict-gate',
+      message: `✗ THUMBGATE: ${message} Strict mode is enabled for destructive or external side-effect actions; verify intent or narrow the task before proceeding.`,
+      severity: 'high',
+    };
+  }
+
+  recordStat('retrieval_entropy_high', 'warn');
+  return mergeContextStrings(`[ThumbGate] ${message}`, lessonContext);
+}
+
 function extractActionContext(toolName, toolInput) {
   if (!toolInput) return toolName;
   const parts = [toolName];
@@ -2659,6 +2821,7 @@ module.exports = {
   setTaskScope,
   setBranchGovernance,
   approveProtectedAction,
+  breakGlassEmergency,
   getScopeState,
   getBranchGovernanceState,
   isConditionSatisfied,
@@ -2717,6 +2880,8 @@ module.exports = {
   getLocalOnlyScopeSources,
   isRemoteSideEffectCommand,
   evaluateLocalOnlyRemoteSideEffectGate,
+  isAgentHookSettingsFile,
+  isBreakGlassSettingsRecoveryAction,
   PR_THREAD_RESOLUTION_ACTION,
   buildBlockActionProCta,
   applyDailyBlockCap,

package/scripts/install-shim.js

@@ -3,13 +3,12 @@
 /**
  * install-shim.js — Install a stable shim at ~/.thumbgate/bin/thumbgate-hook
  *
- * The shim is a tiny shell script that always resolves thumbgate@latest,
- * so hook commands in settings.local.json never go stale. This is the
- * Volta-style pattern: a version-agnostic indirection layer that survives
- * across thumbgate upgrades.
+ * The shim is a tiny shell script that resolves the cached ThumbGate runtime
+ * first, so hook commands in settings.local.json stay stable across projects
+ * and agent restarts.
  *
  * The shim checks for a cached runtime binary first (fast path), and falls
- * back to `npx --yes thumbgate@latest` (slow path, self-installs).
+ * back to `npx --yes thumbgate@latest` (slow path, first-time self-install).
  */
 
 const fs = require('fs');
@@ -24,9 +23,10 @@ const RUNTIME_BIN = path.join(os.homedir(), '.thumbgate', 'runtime', 'node_modul
  * The shim script. Key design choices:
  * - Uses `exec` to replace the shell process (no zombie processes)
  * - Fast path: if cached runtime binary exists, exec it directly
- * - Slow path: npx --yes thumbgate@latest (auto-installs)
- * - Background upgrade: after the fast path succeeds once, spawn a
- *   detached npm install to refresh the cache for next time
+ * - Slow path: npx --yes thumbgate@latest (first-time auto-installs)
+ * - No default self-mutation: background upgrades are opt-in via
+ *   THUMBGATE_SHIM_AUTO_UPDATE=1 so source checkouts, enterprise pins, and
+ *   dogfood runtimes cannot be overwritten by a hook side effect.
  */
 function shimContent() {
   const escapedRuntimeBin = JSON.stringify(RUNTIME_BIN);
@@ -35,7 +35,7 @@ function shimContent() {
   return `#!/usr/bin/env bash
 # ThumbGate hook shim — DO NOT EDIT
 # Installed by: thumbgate init
-# Purpose: version-agnostic hook entry point that always runs latest ThumbGate
+# Purpose: stable hook entry point that runs the cached ThumbGate runtime
 # Pattern: Volta-style stable shim (see https://volta.sh)
 
 set -euo pipefail
@@ -45,8 +45,11 @@ RUNTIME_DIR=${escapedRuntimeDir}
 
 # Fast path: cached runtime binary exists and is executable
 if [ -x "$RUNTIME_BIN" ]; then
-  # Spawn background upgrade (detached, no stdout/stderr, won't block hook)
-  ( nohup npm install --prefix "$RUNTIME_DIR" --no-save --omit=dev thumbgate@latest >/dev/null 2>&1 & ) 2>/dev/null || true
+  # Optional background upgrade. Disabled by default so hooks never mutate a
+  # source checkout, enterprise pin, or dogfood runtime behind the operator's back.
+  if [ "\${THUMBGATE_SHIM_AUTO_UPDATE:-0}" = "1" ]; then
+    ( nohup npm install --prefix "$RUNTIME_DIR" --no-save --omit=dev thumbgate@latest >/dev/null 2>&1 & ) 2>/dev/null || true
+  fi
   exec "$RUNTIME_BIN" "$@"
 fi
 

package/src/api/server.js

@@ -418,34 +418,18 @@ const TRACKED_LINK_TARGETS = Object.freeze({
     },
     allowCustomerEmail: true,
   },
-  // 2026-05-19: Team is intake-led. Keep the tracked shortlink alive for
-  // marketplaces and old outreach, but route it to workflow scope first
-  // instead of blind 3-seat checkout.
+  // 2026-06-02: Teams/Aiventyx deprecated. Redirect legacy links to Pro.
   teams: {
-    path: '/#workflow-sprint-intake',
-    ctaId: 'go_teams',
+    path: '/go/pro?utm_source=legacy_teams&utm_medium=redirect',
+    ctaId: 'go_pro',
     ctaPlacement: 'link_router',
-    eventType: 'team_intake_started',
-    defaults: {
-      utm_source: 'website',
-      utm_medium: 'link_router',
-      utm_campaign: 'team_intake',
-      plan_id: 'team',
-    },
+    eventType: 'cta_click',
   },
-  // Aliases: /go/team → same as /go/teams, /go/checkout → same as /go/pro,
-  // /go/trial → install guide (trial starts on init)
   team: {
-    path: '/#workflow-sprint-intake',
-    ctaId: 'go_team',
+    path: '/go/pro?utm_source=legacy_teams&utm_medium=redirect',
+    ctaId: 'go_pro',
     ctaPlacement: 'link_router',
-    eventType: 'team_intake_started',
-    defaults: {
-      utm_source: 'website',
-      utm_medium: 'link_router',
-      utm_campaign: 'team_intake',
-      plan_id: 'team',
-    },
+    eventType: 'cta_click',
   },
   checkout: {
     path: '/checkout/pro',
@@ -6405,30 +6389,7 @@ ${hidden}
 <h1>Case Studies</h1>
 <p class="lede">Real integrations. No fabricated logos, no aspirational numbers — every claim below is reproducible.</p>
 
-<article>
-<h2>Aiventyx marketplace — Teams listing intake recovery</h2>
-<p class="meta">Integration partner: <a href="https://www.aiventyx.com">Aiventyx</a> · Reported by: Qaiser Mehdi · Verified: 2026-05-13</p>
-
-<h3>The problem</h3>
-<p>Aiventyx is a marketplace for AI tools. ThumbGate's Teams listing was their highest-CTR external surface — <span class="metric">62% CTR</span> (5 clicks on 8 views, May 7–9 window). When their integrator rolled out canonical tracked URLs, every Teams click started landing on:</p>
-<p><code>{"error":"Tracked link not found","allowed":["gpt","pro","install","reddit","linkedin","x","github"]}</code></p>
-<p>The <code>/go/teams</code> slug wasn't registered in our redirector — a 404 was eating every paid-intent click from their strongest external surface.</p>
-
-<h3>The fix</h3>
-<p>Added <code>teams</code> to <code>TRACKED_LINK_TARGETS</code> and now routes it to <code>/?plan_id=team#workflow-sprint-intake</code>. Caller-supplied UTMs flow through to the intake path so the workflow, owner, and proof boundary are explicit before any Team checkout.</p>
-
-<h3>The verification</h3>
-<p>Qaiser's own incognito test, May 13 6:04 AM (full email on record):</p>
-<p><code>https://thumbgate.ai/go/teams?utm_source=aiventyx</code><br>
-→ 302 to the Team workflow intake<br>
-→ pricing source, campaign, and plan metadata preserved<br>
-→ buyer sees the scope-first path before any subscription decision</p>
-
-<h3>What this proves</h3>
-<p>End-to-end attribution from a third-party marketplace through ThumbGate's redirector into the Team intake path, with the caller's UTM chain preserved. Regression tests pin the redirect contract so it can't silently break or regress into a blind Team checkout.</p>
-
-<p><a href="/go/teams?utm_source=case-study">Try the live redirect →</a></p>
-</article>
+<p><em>New case studies for individual Pro operators coming soon.</em></p>
 
 <footer>
 <p>Want to be the next case study? The product is real, the integration is 30 seconds: <code>npx thumbgate init</code>. If you ship something with ThumbGate and want it documented here, email <a href="mailto:igor.ganapolsky@gmail.com">igor.ganapolsky@gmail.com</a>.</p>

package/scripts/operational-dashboard.js

@@ -1,160 +0,0 @@
-'use strict';
-
-const { resolveAnalyticsWindow } = require('./analytics-window');
-const { getBillingSummaryLive } = require('./billing');
-const { generateDashboard } = require('./dashboard');
-const { getFeedbackPaths } = require('./feedback-loop');
-const { resolveHostedBillingConfig } = require('./hosted-config');
-const { loadOperatorConfig } = require('./operational-summary');
-
-function normalizeText(value) {
-  if (value === undefined || value === null) return null;
-  const text = String(value).trim();
-  return text || null;
-}
-
-function shouldPreferHostedDashboard() {
-  return String(process.env.THUMBGATE_METRICS_SOURCE || '').trim().toLowerCase() !== 'local';
-}
-
-function resolveHostedDashboardConfig() {
-  const runtimeConfig = resolveHostedBillingConfig();
-  const operatorConfig = loadOperatorConfig();
-  // Match operational-summary's key priority chain so north-star and cfo
-  // authenticate against the same hosted deployment consistently. Prior to
-  // this change, north-star only read THUMBGATE_API_KEY, silently 401'ing
-  // on machines configured via operator.json or THUMBGATE_OPERATOR_KEY.
-  const apiKey = normalizeText(process.env.THUMBGATE_OPERATOR_KEY)
-    || operatorConfig.operatorKey
-    || normalizeText(process.env.THUMBGATE_API_KEY);
-  const apiBaseUrl = normalizeText(process.env.THUMBGATE_BILLING_API_BASE_URL)
-    || operatorConfig.baseUrl
-    || runtimeConfig.billingApiBaseUrl;
-  return {
-    apiBaseUrl,
-    apiKey,
-  };
-}
-
-async function buildOperationalDashboard(options = {}) {
-  const analyticsWindow = resolveAnalyticsWindow(options);
-  const feedbackDir = options.feedbackDir || getFeedbackPaths().FEEDBACK_DIR;
-  const billingSummary = await getBillingSummaryLive(analyticsWindow);
-
-  return generateDashboard(feedbackDir, {
-    analyticsWindow,
-    billingSummary,
-    billingSource: 'live',
-    billingFallbackReason: null,
-  });
-}
-
-async function fetchHostedDashboard(options = {}, config = resolveHostedDashboardConfig()) {
-  const analyticsWindow = resolveAnalyticsWindow(options);
-  if (!shouldPreferHostedDashboard()) {
-    const err = new Error('Hosted operational dashboard is disabled.');
-    err.code = 'hosted_dashboard_disabled';
-    throw err;
-  }
-  if (!config.apiBaseUrl || !config.apiKey) {
-    const err = new Error('Hosted operational dashboard is not configured.');
-    err.code = 'hosted_dashboard_unconfigured';
-    throw err;
-  }
-
-  const requestUrl = new URL('/v1/dashboard', config.apiBaseUrl);
-  requestUrl.searchParams.set('window', analyticsWindow.window);
-  requestUrl.searchParams.set('timezone', analyticsWindow.timeZone);
-  requestUrl.searchParams.set('now', analyticsWindow.now);
-
-  const response = await fetch(requestUrl, {
-    method: 'GET',
-    headers: {
-      authorization: `Bearer ${config.apiKey}`,
-      accept: 'application/json',
-    },
-  });
-
-  if (!response.ok) {
-    const detail = await response.text().catch(() => '');
-    const err = new Error(`Hosted operational dashboard request failed (${response.status}): ${detail || 'unknown error'}`);
-    err.code = 'hosted_dashboard_http_error';
-    err.status = response.status;
-    throw err;
-  }
-
-  return response.json();
-}
-
-async function getOperationalDashboard(options = {}) {
-  const analyticsWindow = resolveAnalyticsWindow(options);
-  try {
-    const data = await fetchHostedDashboard(analyticsWindow);
-    return {
-      source: 'hosted',
-      data,
-      fallbackReason: null,
-      hostedStatus: 200,
-    };
-  } catch (err) {
-    const reason = err && err.message ? err.message : 'hosted_dashboard_unavailable';
-    const status = err && typeof err.status === 'number' ? err.status : null;
-    const code = err && err.code ? err.code : null;
-
-    // Hosted deliberately disabled or never configured — local fallback is
-    // intentional, not a degraded state. Tag as plain 'local'.
-    if (code === 'hosted_dashboard_disabled' || code === 'hosted_dashboard_unconfigured') {
-      return {
-        source: 'local',
-        data: await buildOperationalDashboard(analyticsWindow),
-        fallbackReason: reason,
-        hostedStatus: null,
-      };
-    }
-
-    // Mirror operational-summary: auth failure is the dangerous case. A
-    // dashboard that silently shows $0 revenue (from the local ledger) when
-    // Stripe actually has paid customers is a lie the operator acts on.
-    // Refuse to guess — surface an actionable error.
-    if (status === 401 || status === 403) {
-      const authErr = new Error(
-        `Hosted operational dashboard rejected credentials (HTTP ${status}). ` +
-        `The operator key on this machine does not match the one on the ` +
-        `hosted deployment. Fix: set THUMBGATE_OPERATOR_KEY in this shell, ` +
-        `or update the operatorKey field in ~/.config/thumbgate/operator.json, ` +
-        `to match Railway's THUMBGATE_OPERATOR_KEY. ` +
-        `Running north-star without hosted auth would report local-only ` +
-        `data as ground truth, which may not reflect actual Stripe revenue. ` +
-        `Original response: ${reason}`
-      );
-      authErr.code = 'hosted_dashboard_unauthorized';
-      authErr.status = status;
-      throw authErr;
-    }
-
-    // Non-auth failure — local fallback is still useful for dev workflows,
-    // but tag the source so downstream renderers do not mistake it for
-    // verified hosted truth.
-    //
-    // Log only the status code (trusted) — the full reason contains upstream
-    // response text and is only returned structurally via fallbackReason.
-    console.warn(
-      `[operational-dashboard] Hosted dashboard unreachable (status=${status ?? 'network'}); ` +
-      `falling back to LOCAL-UNVERIFIED state. Numbers below may not reflect actual Stripe revenue.`
-    );
-    return {
-      source: 'local-unverified',
-      data: await buildOperationalDashboard(analyticsWindow),
-      fallbackReason: reason,
-      hostedStatus: status,
-    };
-  }
-}
-
-module.exports = {
-  buildOperationalDashboard,
-  fetchHostedDashboard,
-  getOperationalDashboard,
-  resolveHostedDashboardConfig,
-  shouldPreferHostedDashboard,
-};