thumbgate 1.27.11 → 1.27.13

package/scripts/gate-stats.js

@@ -11,11 +11,6 @@ const PROJECT_ROOT = path.join(__dirname, '..');
 const MANUAL_GATES_PATH = path.join(PROJECT_ROOT, 'config', 'gates', 'default.json');
 const STATS_PATH = path.join(process.env.HOME || '/tmp', '.thumbgate', 'gate-stats.json');
 
-function safeOccurrenceCount(value) {
-  const n = Number(value);
-  return Number.isFinite(n) && n > 0 ? n : 0;
-}
-
 function loadGatesFile(filePath) {
   if (!fs.existsSync(filePath)) return [];
   try {
@@ -44,16 +39,16 @@ function calculateStats() {
   // Count total blocks/warns from occurrences in auto-promoted gates
   const totalBlocked = autoGates
     .filter((g) => g.action === 'block')
-    .reduce((sum, g) => sum + safeOccurrenceCount(g.occurrences), 0);
+    .reduce((sum, g) => sum + (g.occurrences || 0), 0);
   const totalWarned = autoGates
     .filter((g) => g.action === 'warn')
-    .reduce((sum, g) => sum + safeOccurrenceCount(g.occurrences), 0);
+    .reduce((sum, g) => sum + (g.occurrences || 0), 0);
 
   // Top blocked gate. A configured block rule with zero occurrences is not a
   // "top blocker"; only recorded block events should appear here.
   const topBlocked = [...allGates]
-    .filter((g) => g.action === 'block' && safeOccurrenceCount(g.occurrences) > 0)
-    .sort((a, b) => safeOccurrenceCount(b.occurrences) - safeOccurrenceCount(a.occurrences))
+    .filter((g) => g.action === 'block' && Number(g.occurrences || 0) > 0)
+    .sort((a, b) => (b.occurrences || 0) - (a.occurrences || 0))
     .at(0) || null;
 
   // Last promotion event
@@ -110,7 +105,7 @@ function computeCalibration(gates) {
   const calibration = [];
   for (const gate of gates || []) {
     if (!gate || !gate.id) continue;
-    const occurrences = safeOccurrenceCount(gate.occurrences);
+    const occurrences = Number(gate.occurrences || 0);
     const action = gate.action || 'unknown';
     // Only annotate gates with recorded occurrence data
     if (occurrences === 0) continue;
@@ -263,7 +258,6 @@ module.exports = {
   loadGatesFile,
   tryComputeBayesErrorRate,
   computeCalibration,
-  safeOccurrenceCount,
   MANUAL_GATES_PATH,
   STATS_PATH,
 };

package/scripts/gemini-embedding-policy.js

@@ -122,7 +122,7 @@ function resolveGeminiEmbeddingConfig(env = process.env) {
 
   return {
     enabled,
-    provider: enabled ? 'gemini' : 'local',
+    provider: provider === 'coreai' ? 'coreai' : (enabled ? 'gemini' : 'local'),
     model: String(env.THUMBGATE_GEMINI_EMBED_MODEL || GEMINI_EMBEDDING_2_MODEL).trim() || GEMINI_EMBEDDING_2_MODEL,
     apiKey,
     apiBaseUrl: trimTrailingSlashes(env.THUMBGATE_GEMINI_API_BASE_URL || 'https://generativelanguage.googleapis.com/v1beta'),
@@ -171,6 +171,7 @@ function buildGeminiEmbeddingRolloutPlan(args = {}) {
     },
     rolloutSteps: [
       'Keep local embeddings as the default offline path.',
+      'For Apple Silicon developers, route local queries through Core AI (AOT compiled models) to bypass CPU overhead.',
       'Enable Gemini Embedding 2 only when a Gemini API key is present.',
       'Use task-specific query/document prefixes at index and retrieval time.',
       'Start at 768 dimensions, then benchmark 1536 only if recall misses show up.',

package/scripts/hook-stop-anti-claim.js

@@ -16,11 +16,10 @@
  * ThumbGate dogfood — we are the prevention-rule generator and a perfect
  * customer for our own gate.
  *
- * Wires through .claude/settings.json Stop hooks list. Always exits 0 and
- * emits a Claude-hook `decision:"block"` JSON payload when a final-response
- * violation can be evaluated before the response is accepted. Transcript-only
- * runs still surface a reminder for the next turn when the host has already
- * written the assistant response.
+ * Wires through .claude/settings.json Stop hooks list. Always exits 0
+ * (informational): the goal is to surface a system reminder in the next
+ * turn so the agent corrects mid-conversation rather than to hard-block
+ * the turn that already happened.
  *
  * Stdin: Claude Code passes the hook payload as JSON on stdin. We read
  * `transcript_path` to locate the JSONL session log and scan the last
@@ -44,8 +43,20 @@ const CLAIM_PATTERNS = [
   /\beverything\s+(?:is\s+)?(?:done|working|ready)\b/i,
   /\b(?:github|repo|repository)\s+(?:about|metadata|description|topics?)\b.*\b(?:updated|verified|fixed|match(?:es|ed)?)\b/i,
   /\b(?:about|metadata|description|topics?)\b.*\b(?:updated|verified|fixed|match(?:es|ed)?)\b.*\b(?:github|repo|repository)\b/i,
-  /\b(?:money|payment|charge|checkout|revenue|price|pricing|invoice|billing|tax|sales tax|inventory|stock|permission|access|customer[-\s]facing)\b.*\b(?:correct|accurate|verified|valid|matches|working|fixed|resolved|calculated|configured)\b/i,
-  /\b(?:correct|accurate|verified|valid|matches|working|fixed|resolved|calculated|configured)\b.*\b(?:money|payment|charge|checkout|revenue|price|pricing|invoice|billing|tax|sales tax|inventory|stock|permission|access|customer[-\s]facing)\b/i,
+  // Added 2026-06-11 after a cross-project failure analysis: these completion
+  // claims ("all green / stable / verified / race over / tests pass") were
+  // asserted without proof and slipped past the original set. The proof-gate
+  // below suppresses them whenever the SAME turn ran a verification tool, so a
+  // "verified" claim backed by a test/curl/Read stays silent.
+  /\b(?:all\s+)?(?:tests?|checks?|ci)\s+(?:are\s+)?(?:now\s+)?passing\b/i,
+  /\ball\s+(?:tests?|checks?)\s+pass(?:ed)?\b/i,
+  /\bverified\b/i,
+  /\bconfirmed\b/i,
+  /\b(?:is|are|it'?s|now)\s+stable\b/i,
+  /\ball\s+clear\b/i,
+  /\bgood\s+to\s+go\b/i,
+  /\brace\s+(?:is\s+)?over\b/i,
+  /\bno\s+longer\s+racing\b/i,
 ];
 
 // Proof-of-verification patterns. If the SAME turn included one of these
@@ -69,63 +80,97 @@ const PROOF_PATTERNS = [
   /\bshopify\b/,
   /\bsquare\b/,
   /\bquickbooks\b/,
-  /\bgh\s+api\b/,
-  /\bls\b/,
-  /\bcat\b/,
   /Read\s*\(/, // Claude Code Read tool call
   /Bash\s*\(/, // Claude Code Bash tool call
 ];
 
-const POSITIVE_FEEDBACK_PATTERNS = [
-  /\bthumbs?\s*up\b/i,
-  /👍/,
-  /\bthank(s| you)\b/i,
-  /\bgood\b/i,
-  /\bgreat\b/i,
-  /\bperfect\b/i,
-  /\bok(?:ay)?\b/i,
+const COMMERCIAL_CLAIM_SUBJECTS = [
+  'money',
+  'payment',
+  'charge',
+  'checkout',
+  'revenue',
+  'price',
+  'pricing',
+  'invoice',
+  'billing',
+  'tax',
+  'sales tax',
+  'inventory',
+  'stock',
+  'permission',
+  'access',
+  'customer facing',
 ];
 
-const LOW_VALUE_CLOSEOUT_PATTERNS = [
-  /^(?:good|great|perfect|ok(?:ay)?|thanks?|thank you)[.!,\s-]*(?:$|\b)/i,
-  /\buse\s+\w+\s*\/\s*\w+\b/i,
-  /\bsounds good\b/i,
+const COMMERCIAL_CLAIM_STATES = [
+  'correct',
+  'accurate',
+  'verified',
+  'valid',
+  'matches',
+  'working',
+  'fixed',
+  'resolved',
+  'calculated',
+  'configured',
 ];
 
-const SUBSTANTIVE_CLOSEOUT_PATTERNS = [
-  /\b(?:evidence|verified|tested|proof|result|residual risk|next state|next action|timestamp|source|url|file|line|passed|failed|blocked|unknown)\b/i,
-  /\b(?:node --test|npm run|curl|gh |git |pytest|playwright|screenshot|diff --check)\b/i,
-  /https?:\/\//i,
-  /\/[\w.-]+\/[\w./-]+/,
-  /`[^`]+`/,
+const GREEN_CLAIM_PHRASES = [
+  'all green',
+  'all tests green',
+  'all checks green',
+  'all the tests green',
+  'all the checks green',
+  'all tests are green',
+  'all checks are green',
 ];
 
-function readTranscriptEntries(transcriptPath) {
-  if (!transcriptPath || !fs.existsSync(transcriptPath)) return [];
+function normalizeClaimText(text) {
+  return String(text || '')
+    .toLowerCase()
+    .replace(/[-_]+/g, ' ')
+    .replace(/[^a-z0-9]+/g, ' ')
+    .replace(/\s+/g, ' ')
+    .trim();
+}
+
+function containsPhrase(normalizedText, phrase) {
+  return ` ${normalizedText} `.includes(` ${phrase} `);
+}
+
+function findTokenListClaim(text, subjects, states, label) {
+  const normalized = normalizeClaimText(text);
+  if (!normalized) return null;
+  const subject = subjects.find((candidate) => containsPhrase(normalized, candidate));
+  const state = states.find((candidate) => containsPhrase(normalized, candidate));
+  return subject && state ? `${label}: ${subject} ${state}` : null;
+}
+
+function findGreenClaim(text) {
+  const normalized = normalizeClaimText(text);
+  return GREEN_CLAIM_PHRASES.find((phrase) => containsPhrase(normalized, phrase)) || null;
+}
+
+function readLastAssistantTurn(transcriptPath) {
+  if (!transcriptPath || !fs.existsSync(transcriptPath)) return null;
   let content;
   try {
     content = fs.readFileSync(transcriptPath, 'utf8');
   } catch {
-    return [];
+    return null;
   }
-  return content
-    .trim()
-    .split('\n')
-    .map((raw) => {
-      try {
-        return JSON.parse(raw);
-      } catch {
-        return null;
-      }
-    })
-    .filter(Boolean);
-}
-
-function readLastAssistantTurn(transcriptPath) {
-  const entries = readTranscriptEntries(transcriptPath);
+  const lines = content.trim().split('\n');
   // Walk backwards to find the last assistant message
-  for (let i = entries.length - 1; i >= 0; i--) {
-    const entry = entries[i];
+  for (let i = lines.length - 1; i >= 0; i--) {
+    const raw = lines[i].trim();
+    if (!raw) continue;
+    let entry;
+    try {
+      entry = JSON.parse(raw);
+    } catch {
+      continue;
+    }
     if (entry.type === 'assistant' && entry.message) {
       return entry.message;
     }
@@ -133,22 +178,6 @@ function readLastAssistantTurn(transcriptPath) {
   return null;
 }
 
-function readPreviousUserText(transcriptPath) {
-  const entries = readTranscriptEntries(transcriptPath);
-  let seenAssistant = false;
-  for (let i = entries.length - 1; i >= 0; i--) {
-    const entry = entries[i];
-    if (!seenAssistant && entry.type === 'assistant') {
-      seenAssistant = true;
-      continue;
-    }
-    if (seenAssistant && entry.type === 'user' && entry.message) {
-      return extractText(entry.message);
-    }
-  }
-  return '';
-}
-
 function extractText(message) {
   if (!message || !Array.isArray(message.content)) return '';
   return message.content
@@ -175,24 +204,16 @@ function extractToolUseSummary(message) {
     .join('\n');
 }
 
-function wordCount(text) {
-  return String(text || '').trim().split(/\s+/).filter(Boolean).length;
-}
-
-function hasPositiveFeedback(text) {
-  return POSITIVE_FEEDBACK_PATTERNS.some((p) => p.test(text || ''));
-}
-
-function isLowValueCloseout(text, toolUseSummary = '') {
-  const normalized = String(text || '').trim();
-  if (!normalized) return false;
-  if (toolUseSummary.trim()) return false;
-  if (wordCount(normalized) > 45) return false;
-  if (SUBSTANTIVE_CLOSEOUT_PATTERNS.some((p) => p.test(normalized))) return false;
-  return LOW_VALUE_CLOSEOUT_PATTERNS.some((p) => p.test(normalized));
-}
-
 function findClaim(text) {
+  const commercialClaim = findTokenListClaim(
+    text,
+    COMMERCIAL_CLAIM_SUBJECTS,
+    COMMERCIAL_CLAIM_STATES,
+    'commercial truth',
+  );
+  if (commercialClaim) return commercialClaim;
+  const greenClaim = findGreenClaim(text);
+  if (greenClaim) return greenClaim;
   for (const p of CLAIM_PATTERNS) {
     const m = text.match(p);
     if (m) return m[0];
@@ -204,79 +225,6 @@ function hasProof(combined) {
   return PROOF_PATTERNS.some((p) => p.test(combined));
 }
 
-function extractPayloadText(payload) {
-  if (!payload || typeof payload !== 'object') return '';
-  const candidates = [
-    payload.response,
-    payload.assistant_response,
-    payload.assistantResponse,
-    payload.final_response,
-    payload.finalResponse,
-    payload.text,
-    payload.output,
-    payload.message,
-  ];
-  for (const candidate of candidates) {
-    if (typeof candidate === 'string' && candidate.trim()) return candidate;
-    if (candidate && typeof candidate === 'object') {
-      const extracted = extractText(candidate);
-      if (extracted.trim()) return extracted;
-    }
-  }
-  return '';
-}
-
-function extractPayloadPreviousUserText(payload) {
-  if (!payload || typeof payload !== 'object') return '';
-  const candidates = [
-    payload.previous_user_text,
-    payload.previousUserText,
-    payload.user_prompt,
-    payload.userPrompt,
-    payload.prompt,
-  ];
-  for (const candidate of candidates) {
-    if (typeof candidate === 'string' && candidate.trim()) return candidate;
-    if (candidate && typeof candidate === 'object') {
-      const extracted = extractText(candidate);
-      if (extracted.trim()) return extracted;
-    }
-  }
-  return '';
-}
-
-function buildResponseQualityReason() {
-  return [
-    'ThumbGate response-quality gate: final response answered positive feedback',
-    'with a low-value social closeout instead of silence-level brevity or an evidence checkpoint.',
-    'Positive feedback after operational work should trigger either no extra noise,',
-    'a compact evidence checkpoint, or a concrete next-state update.',
-    'Do not reply with generic "Good / Great / Use X/Y" filler.',
-  ].join(' ');
-}
-
-function buildResponseQualityReminder() {
-  return [
-    '⚠️ ThumbGate response-quality gate: previous turn answered positive feedback',
-    '   with a low-value social closeout instead of silence-level brevity or an evidence checkpoint.',
-    '   Positive feedback after operational work should trigger either no extra noise,',
-    '   a compact evidence checkpoint, or a concrete next-state update.',
-    '   Do not reply with generic "Good / Great / Use X/Y" filler.',
-  ].join('\n');
-}
-
-function writeBlock(reason) {
-  process.stdout.write(JSON.stringify({
-    decision: 'block',
-    reason,
-    hookSpecificOutput: {
-      hookEventName: 'Stop',
-      permissionDecision: 'deny',
-      permissionDecisionReason: reason,
-    },
-  }) + '\n');
-}
-
 function readStdinSync() {
   try {
     return fs.readFileSync(0, 'utf8');
@@ -295,42 +243,34 @@ function main() {
   }
 
   const transcriptPath = payload.transcript_path || process.env.CLAUDE_TRANSCRIPT_PATH;
-  const directText = extractPayloadText(payload) || process.env.CLAUDE_RESPONSE || '';
-  const directPreviousUserText = extractPayloadPreviousUserText(payload)
-    || process.env.CLAUDE_PREVIOUS_USER_TEXT
-    || process.env.CLAUDE_PREVIOUS_USER
-    || '';
-
-  if (directText && hasPositiveFeedback(directPreviousUserText) && isLowValueCloseout(directText, '')) {
-    writeBlock(buildResponseQualityReason());
-    return;
-  }
-
   const message = readLastAssistantTurn(transcriptPath);
   if (!message) return; // no transcript visible; nothing to check
 
   const text = extractText(message);
   const toolUseSummary = extractToolUseSummary(message);
-  const previousUserText = readPreviousUserText(transcriptPath);
-
-  if (hasPositiveFeedback(previousUserText) && isLowValueCloseout(text, toolUseSummary)) {
-    process.stdout.write(buildResponseQualityReminder() + '\n');
-    return;
-  }
-
   const claim = findClaim(text);
   if (!claim) return; // no completion claim made; silent
 
   const proofText = `${text}\n${toolUseSummary}`;
   if (hasProof(proofText)) return; // claim backed by proof in same turn
 
-  // Surface a system reminder for the NEXT turn. Do not hard-block.
+  // Strict mode (THUMBGATE_STRICT_ENFORCEMENT=1): hard-block the stop. Emit a
+  // Stop-hook block decision so Claude Code does NOT end the turn — the agent
+  // must run the verification (or retract) before it can stop. Default mode
+  // stays soft (a reminder for the next turn) so we don't break existing wiring.
+  if (process.env.THUMBGATE_STRICT_ENFORCEMENT === '1') {
+    const reason = `ThumbGate anti-claim gate (strict): you claimed completion ("${claim}") without a proof tool call in the same message. Run the verification (curl / grep / test / Read) and restate with the proof, or retract — do not end the turn on an unverified claim.`;
+    process.stdout.write(JSON.stringify({ decision: 'block', reason }) + '\n');
+    return;
+  }
+
+  // Default (soft): surface a system reminder for the NEXT turn. Do not hard-block.
   const reminder = [
     '⚠️ ThumbGate anti-claim gate: previous turn claimed completion',
     `   ("${claim}") without a proof tool call in the same message.`,
-    '   Per CLAUDE.md anti-lying: never claim "done / live / deployed / fixed"',
-    '   or commercial truth (money / tax / inventory / permissions / customer-facing state)',
-    '   without curl / grep / test / source-of-truth output in the SAME turn.',
+    '   Per CLAUDE.md anti-lying: never claim "done / live / deployed / fixed /',
+    '   verified / all green / stable" or commercial truth (money / tax / inventory /',
+    '   permissions / customer-facing state) without curl / grep / test / source-of-truth output in the SAME turn.',
     '   If the work really is verified, re-state the claim with the proof.',
     '   If not, retract and run the verification before re-asserting.',
   ].join('\n');
@@ -354,16 +294,8 @@ if (path.resolve(process.argv[1] || '') === path.resolve(__filename)) {
 module.exports = {
   CLAIM_PATTERNS,
   PROOF_PATTERNS,
-  POSITIVE_FEEDBACK_PATTERNS,
-  LOW_VALUE_CLOSEOUT_PATTERNS,
   findClaim,
   hasProof,
-  hasPositiveFeedback,
-  isLowValueCloseout,
-  extractPayloadText,
-  extractPayloadPreviousUserText,
-  buildResponseQualityReason,
   extractText,
   extractToolUseSummary,
-  readPreviousUserText,
 };

package/scripts/hosted-config.js

@@ -13,7 +13,6 @@ const DEFAULT_PRO_PRICE_DOLLARS = PRO_MONTHLY_PRICE_DOLLARS;
 const DEFAULT_PRO_PRICE_LABEL = PRO_PRICE_LABEL;
 const DEFAULT_SPRINT_DIAGNOSTIC_PRICE_DOLLARS = 499;
 const DEFAULT_WORKFLOW_SPRINT_PRICE_DOLLARS = 1500;
-const DEFAULT_SNAPSHOT_PRICE_DOLLARS = 97;
 const GA_MEASUREMENT_ID_PATTERN = /^G-[A-Z0-9]+$/i;
 
 function normalizeOrigin(value) {
@@ -130,10 +129,6 @@ function resolveHostedBillingConfig({ requestOrigin } = {}, env = process.env) {
   const googleSiteVerification = normalizeTrackingId(env.THUMBGATE_GOOGLE_SITE_VERIFICATION);
   const sprintDiagnosticCheckoutUrl = normalizeAbsoluteUrl(env.THUMBGATE_SPRINT_DIAGNOSTIC_CHECKOUT_URL);
   const workflowSprintCheckoutUrl = normalizeAbsoluteUrl(env.THUMBGATE_WORKFLOW_SPRINT_CHECKOUT_URL);
-  const paypalDiagnosticCheckoutUrl = normalizeAbsoluteUrl(env.THUMBGATE_PAYPAL_DIAGNOSTIC_CHECKOUT_URL);
-  const paypalWorkflowSprintCheckoutUrl = normalizeAbsoluteUrl(env.THUMBGATE_PAYPAL_WORKFLOW_SPRINT_CHECKOUT_URL);
-  const morSnapshotCheckoutUrl = normalizeAbsoluteUrl(env.THUMBGATE_MOR_SNAPSHOT_CHECKOUT_URL);
-  const morProvider = String(env.THUMBGATE_MOR_PROVIDER || '').trim();
 
   return {
     appOrigin,
@@ -147,16 +142,10 @@ function resolveHostedBillingConfig({ requestOrigin } = {}, env = process.env) {
     proPriceLabel,
     sprintDiagnosticCheckoutUrl,
     workflowSprintCheckoutUrl,
-    paypalDiagnosticCheckoutUrl,
-    paypalWorkflowSprintCheckoutUrl,
-    morSnapshotCheckoutUrl,
-    morProvider,
     sprintDiagnosticPriceDollars: normalizePriceDollars(env.THUMBGATE_SPRINT_DIAGNOSTIC_PRICE_DOLLARS)
       || DEFAULT_SPRINT_DIAGNOSTIC_PRICE_DOLLARS,
     workflowSprintPriceDollars: normalizePriceDollars(env.THUMBGATE_WORKFLOW_SPRINT_PRICE_DOLLARS)
       || DEFAULT_WORKFLOW_SPRINT_PRICE_DOLLARS,
-    snapshotPriceDollars: normalizePriceDollars(env.THUMBGATE_SNAPSHOT_PRICE_DOLLARS)
-      || DEFAULT_SNAPSHOT_PRICE_DOLLARS,
     gaMeasurementId,
     googleSiteVerification,
     posthogApiKey,
@@ -170,7 +159,6 @@ module.exports = {
   DEFAULT_PRO_PRICE_LABEL,
   DEFAULT_SPRINT_DIAGNOSTIC_PRICE_DOLLARS,
   DEFAULT_WORKFLOW_SPRINT_PRICE_DOLLARS,
-  DEFAULT_SNAPSHOT_PRICE_DOLLARS,
   GA_MEASUREMENT_ID_PATTERN,
   normalizeAbsoluteUrl,
   normalizeOrigin,