thumbgate 1.3.0 → 1.4.1

package/bin/postinstall.js

@@ -15,7 +15,9 @@ if (isCI || isQuiet) process.exit(0);
 const {
   PRO_MONTHLY_PAYMENT_LINK,
   PRO_PRICE_LABEL,
+  TEAM_PRICE_LABEL,
 } = require('../scripts/commercial-offer');
+const WORKFLOW_SPRINT_URL = 'https://thumbgate-production.up.railway.app/#workflow-sprint-intake';
 
 process.stderr.write(`
   ┌─────────────────────────────────────────────────────┐
@@ -26,9 +28,13 @@ process.stderr.write(`
   │     npx thumbgate init                     │
   │     npx thumbgate stats                    │
   │                                                     │
-  │   Unlock Pro (personal local dashboard, DPO export, │
-  │   optional hosted API key) — ${PRO_PRICE_LABEL}:      │
+  │   Team rollout starts with the Workflow Hardening   │
+  │   Sprint: ${WORKFLOW_SPRINT_URL} │
+  │                                                     │
+  │   Solo side lane: Pro (personal local dashboard,    │
+  │   DPO export) — ${PRO_PRICE_LABEL}: │
   │     ${PRO_MONTHLY_PAYMENT_LINK}       │
+  │   Team: ${TEAM_PRICE_LABEL} after intake. │
   │                                                     │
   │   Or run: npx thumbgate pro                │
   │                                                     │

package/config/budget.json

@@ -0,0 +1,18 @@
+{
+  "max_actions": 2000,
+  "max_time_minutes": 600,
+  "profiles": {
+    "strict": {
+      "max_actions": 500,
+      "max_time_minutes": 150
+    },
+    "guided": {
+      "max_actions": 2000,
+      "max_time_minutes": 600
+    },
+    "autonomous": {
+      "max_actions": 5000,
+      "max_time_minutes": 1200
+    }
+  }
+}

package/config/gates/code-edit.json

@@ -0,0 +1,61 @@
+{
+  "version": 1,
+  "harness": "code-edit",
+  "description": "Specialized gates for code editing operations. Loaded when tool context involves Edit, Write, or MultiEdit tools.",
+  "gates": [
+    {
+      "id": "edit-env-direct",
+      "layer": "Execution",
+      "toolNames": ["Edit", "Write", "MultiEdit"],
+      "pattern": "\\.env$|\\.env\\.local$|\\.env\\.production$",
+      "action": "warn",
+      "severity": "high",
+      "message": "Editing a .env file directly. Ensure you are editing .env.example instead, and that no real secrets are committed."
+    },
+    {
+      "id": "edit-lockfile-manual",
+      "layer": "Execution",
+      "toolNames": ["Edit", "Write"],
+      "pattern": "package-lock\\.json$|yarn\\.lock$|pnpm-lock\\.yaml$",
+      "action": "warn",
+      "severity": "medium",
+      "message": "Manually editing a lockfile is not recommended. Run npm install / yarn / pnpm install to regenerate it."
+    },
+    {
+      "id": "edit-generated-file",
+      "layer": "Execution",
+      "toolNames": ["Edit", "Write"],
+      "pattern": "dist/|build/|\\.min\\.js$|\\.min\\.css$",
+      "action": "warn",
+      "severity": "medium",
+      "message": "Editing a generated/built file. Edit the source instead and rebuild."
+    },
+    {
+      "id": "edit-test-skip",
+      "layer": "Execution",
+      "toolNames": ["Edit", "Write", "MultiEdit"],
+      "pattern": "\\.skip\\(|test\\.skip|describe\\.skip|it\\.skip|xit\\(|xdescribe\\(",
+      "action": "warn",
+      "severity": "high",
+      "message": "Skipping a test. Only skip tests intentionally and document why — never skip to pass CI."
+    },
+    {
+      "id": "edit-console-log-commit",
+      "layer": "Execution",
+      "toolNames": ["Edit", "Write"],
+      "pattern": "console\\.log\\(.*password|console\\.log\\(.*secret|console\\.log\\(.*token|console\\.log\\(.*api.?key",
+      "action": "block",
+      "severity": "critical",
+      "message": "Logging a secret value to console is blocked. Remove the log or redact the value."
+    },
+    {
+      "id": "edit-version-file-without-sync",
+      "layer": "Execution",
+      "toolNames": ["Edit", "Write"],
+      "pattern": "\"version\"\\s*:\\s*\"",
+      "action": "warn",
+      "severity": "medium",
+      "message": "Editing a version field. Run node scripts/sync-version.js after changing package.json version to propagate to all targets."
+    }
+  ]
+}

package/config/gates/db-write.json

@@ -0,0 +1,61 @@
+{
+  "version": 1,
+  "harness": "db-write",
+  "description": "Specialized gates for database write operations. Loaded when tool context involves SQL mutations, SQLite writes, or ORM model changes.",
+  "gates": [
+    {
+      "id": "db-drop-table-production",
+      "layer": "Execution",
+      "pattern": "DROP\\s+TABLE(?!.*test|.*tmp|.*temp|.*_test|.*staging)",
+      "toolNames": ["Bash"],
+      "action": "block",
+      "severity": "critical",
+      "message": "DROP TABLE on a non-test table is blocked. Use a migration with a rollback path or confirm this is against a test/staging database."
+    },
+    {
+      "id": "db-delete-without-where",
+      "layer": "Execution",
+      "pattern": "DELETE\\s+FROM\\s+\\w+\\s*;|DELETE\\s+FROM\\s+\\w+\\s*$",
+      "toolNames": ["Bash"],
+      "action": "block",
+      "severity": "critical",
+      "message": "DELETE without a WHERE clause deletes all rows. Add a WHERE clause or use TRUNCATE deliberately."
+    },
+    {
+      "id": "db-truncate-production",
+      "layer": "Execution",
+      "pattern": "TRUNCATE\\s+(?!.*test|.*tmp|.*temp)",
+      "toolNames": ["Bash"],
+      "action": "warn",
+      "severity": "critical",
+      "message": "TRUNCATE detected. Confirm this is against a test or staging table, not production data."
+    },
+    {
+      "id": "db-raw-sql-no-migration",
+      "layer": "Execution",
+      "pattern": "ALTER\\s+TABLE|ADD\\s+COLUMN|DROP\\s+COLUMN|RENAME\\s+COLUMN",
+      "toolNames": ["Bash"],
+      "action": "warn",
+      "severity": "high",
+      "message": "Schema change detected outside a migration file. Create a versioned migration instead of running raw DDL."
+    },
+    {
+      "id": "db-sqlite-delete-runtime",
+      "layer": "Execution",
+      "pattern": "rm\\s+.*\\.sqlite|unlink\\s+.*\\.sqlite|fs\\.rmSync.*\\.sqlite",
+      "toolNames": ["Bash"],
+      "action": "warn",
+      "severity": "high",
+      "message": "Deleting a SQLite database file. Confirm this is not the production lesson DB (.claude/memory/lessons.sqlite)."
+    },
+    {
+      "id": "db-lancedb-wipe",
+      "layer": "Execution",
+      "pattern": "rm\\s+-rf\\s+.*lancedb|rmSync.*lancedb",
+      "toolNames": ["Bash"],
+      "action": "warn",
+      "severity": "high",
+      "message": "Wiping the LanceDB vector store. This deletes all embedded feedback memories. Confirm intent."
+    }
+  ]
+}

package/config/gates/default.json

@@ -10,6 +10,15 @@
       "message": "User requested local-only work. Git writes, PR operations, and release actions are blocked.",
       "severity": "critical"
     },
+    {
+      "id": "raw-gh-auto-merge-blocked",
+      "layer": "Execution",
+      "toolNames": ["Bash"],
+      "pattern": "gh\\s+pr\\s+merge\\b[^\\n]*--auto",
+      "action": "block",
+      "message": "Raw GitHub auto-merge is blocked. Use npm run pr:manage after all critical quality checks have terminal success.",
+      "severity": "critical"
+    },
     {
       "id": "task-scope-required",
       "layer": "Decisions",
@@ -134,7 +143,8 @@
       "pattern": "git\\s+push\\s+(--force|-f)",
       "action": "block",
       "message": "Force push blocked. This is destructive and irreversible.",
-      "severity": "critical"
+      "severity": "critical",
+      "compliance": ["NIST-CM-5", "SOC2-CC8.1", "CWE-863"]
     },
     {
       "id": "protected-branch-push",
@@ -152,7 +162,8 @@
       "pattern": "\\.env",
       "action": "warn",
       "message": "Editing .env file — verify you are not deleting existing tokens",
-      "severity": "medium"
+      "severity": "medium",
+      "compliance": ["NIST-IA-5", "SOC2-CC6.1", "CWE-798"]
     },
     {
       "id": "deny-network-egress",
@@ -161,7 +172,8 @@
       "action": "warn",
       "unless": "egress_approved",
       "message": "Potential unauthorized network egress detected.",
-      "severity": "medium"
+      "severity": "medium",
+      "compliance": ["NIST-SC-7", "SOC2-CC6.6", "OWASP-A10"]
     },
     {
       "id": "unverified-skill-use",
@@ -174,6 +186,16 @@
       "message": "Skill provenance check failed. Run 'npm run skill:verify' or satisfy 'skill_verified' with a valid signature to proceed.",
       "severity": "high"
     },
+    {
+      "id": "supply-chain-dep-add",
+      "layer": "Supply Chain",
+      "toolNames": ["Edit", "Write"],
+      "pattern": "package\\.json$",
+      "action": "warn",
+      "message": "Dependency mutation detected in package.json. Security scanner will audit for typosquatting, wildcard versions, and suspicious install scripts.",
+      "severity": "high",
+      "compliance": ["NIST-SA-12", "OWASP-A06", "CWE-1357"]
+    },
     {
       "id": "blocked-npx-content",
       "layer": "Supply Chain",
@@ -184,6 +206,135 @@
       "action": "block",
       "message": "Blocked npx execution by content hash. Renaming the binary does not bypass this gate.",
       "severity": "critical"
+    },
+    {
+      "id": "production-deploy-approval",
+      "layer": "Execution",
+      "toolNames": ["Bash"],
+      "pattern": "(?:railway|fly|heroku|vercel|render|kubectl|helm)\\s+(?:deploy|up|apply|release|push|rollout)",
+      "action": "approve",
+      "message": "Production deploy detected. Human approval required before this action can proceed.",
+      "severity": "high",
+      "compliance": ["NIST-CM-3", "SOC2-CC8.1", "OWASP-A05"]
+    },
+    {
+      "id": "schema-migration-approval",
+      "layer": "Execution",
+      "toolNames": ["Bash"],
+      "pattern": "(?:npx\\s+(?:sequelize|typeorm|prisma|knex|drizzle|flyway|liquibase)|alembic\\s+upgrade|rails\\s+db:migrate|php\\s+artisan\\s+migrate)\\b",
+      "action": "approve",
+      "message": "Database schema migration detected. Human approval required before this action can proceed.",
+      "severity": "high",
+      "compliance": ["NIST-CM-3", "SOC2-CC8.1", "CWE-89"]
+    },
+    {
+      "id": "permission-change-approval",
+      "layer": "Execution",
+      "toolNames": ["Bash"],
+      "pattern": "(?:chmod|chown|setfacl|iam|policy|role|grant|revoke)\\s+",
+      "action": "approve",
+      "message": "Permission or IAM change detected. Human approval required before this action can proceed.",
+      "severity": "high",
+      "compliance": ["NIST-AC-6", "SOC2-CC6.1", "CWE-732"]
+    },
+    {
+      "id": "style-violation-log",
+      "layer": "Decisions",
+      "toolNames": ["Edit", "Write", "MultiEdit"],
+      "pattern": ".*",
+      "action": "log",
+      "when": { "constraints": { "THUMBGATE_STYLE_AUDIT": true } },
+      "message": "Style audit mode active. Action recorded for review but allowed to proceed.",
+      "severity": "low"
+    },
+    {
+      "id": "large-file-creation-log",
+      "layer": "Execution",
+      "toolNames": ["Write"],
+      "pattern": ".*",
+      "action": "log",
+      "when": { "constraints": { "THUMBGATE_LARGE_FILE_AUDIT": true } },
+      "message": "Large file write detected. Action recorded for audit trail but allowed to proceed.",
+      "severity": "low"
+    },
+    {
+      "id": "non-critical-warning-log",
+      "layer": "Decisions",
+      "toolNames": ["Bash"],
+      "pattern": "(?:console\\.log|debugger|TODO|FIXME|HACK|XXX)",
+      "action": "log",
+      "message": "Non-critical code pattern detected. Action recorded for audit trail but allowed to proceed.",
+      "severity": "low"
+    },
+    {
+      "id": "mcp-sql-delete-block",
+      "layer": "Execution",
+      "toolNames": ["delete_record"],
+      "pattern": ".*",
+      "requireTaskScope": true,
+      "action": "block",
+      "message": "SQL MCP delete_record requires explicit task scope. Destructive database operations must be scoped to prevent accidental data loss.",
+      "severity": "critical",
+      "compliance": ["NIST-AC-3", "SOC2-CC6.1", "CWE-89"]
+    },
+    {
+      "id": "mcp-sql-execute-warn",
+      "layer": "Execution",
+      "toolNames": ["execute_entity"],
+      "pattern": "(?:drop|truncate|alter|grant|revoke)",
+      "action": "warn",
+      "message": "SQL MCP execute_entity matches a potentially destructive DDL pattern. Review before proceeding.",
+      "severity": "high"
+    },
+    {
+      "id": "mcp-sql-bulk-update-warn",
+      "layer": "Execution",
+      "toolNames": ["update_record"],
+      "pattern": "(?:WHERE\\s+1\\s*=\\s*1|WHERE\\s+true|WITHOUT\\s+WHERE)",
+      "action": "block",
+      "message": "SQL MCP bulk update without a safe WHERE clause. This could modify all records in the table.",
+      "severity": "critical",
+      "compliance": ["NIST-AC-3", "CWE-89"]
+    },
+    {
+      "id": "self-protect-config",
+      "layer": "Execution",
+      "toolNames": ["Edit", "Write", "MultiEdit"],
+      "pattern": "(?:config/gates/|config/budget\\.json|\\.thumbgate/|thumbgate\\.json)",
+      "action": "block",
+      "message": "Self-protection: agent cannot modify ThumbGate configuration, gate rules, or budget settings.",
+      "severity": "critical",
+      "compliance": ["NIST-AC-3", "OWASP-A01", "SOC2-CC6.1"]
+    },
+    {
+      "id": "self-protect-kill",
+      "layer": "Execution",
+      "toolNames": ["Bash"],
+      "pattern": "(?:kill|pkill|killall)\\s+.*(?:thumbgate|gates-engine|budget-enforcer)",
+      "action": "block",
+      "message": "Self-protection: agent cannot terminate ThumbGate processes.",
+      "severity": "critical",
+      "compliance": ["NIST-AC-3", "OWASP-A01"]
+    },
+    {
+      "id": "self-protect-env-override",
+      "layer": "Execution",
+      "toolNames": ["Bash"],
+      "pattern": "(?:export|unset)\\s+(?:THUMBGATE_|LANEKEEP_)",
+      "action": "block",
+      "message": "Self-protection: agent cannot modify ThumbGate environment variables.",
+      "severity": "critical",
+      "compliance": ["NIST-AC-3", "SOC2-CC6.1"]
+    },
+    {
+      "id": "self-protect-hooks-disable",
+      "layer": "Execution",
+      "toolNames": ["Edit", "Write", "Bash"],
+      "pattern": "(?:settings\\.json|settings\\.local\\.json).*(?:hooks|PreToolUse|PostToolUse)",
+      "action": "block",
+      "message": "Self-protection: agent cannot modify hook registrations.",
+      "severity": "critical",
+      "compliance": ["NIST-AC-3", "OWASP-A01", "SOC2-CC6.1"]
     }
   ]
 }

package/config/gates/deploy.json

@@ -0,0 +1,61 @@
+{
+  "version": 1,
+  "harness": "deploy",
+  "description": "Specialized gates for deployment operations. Loaded when tool context matches deploy patterns (Railway, Docker, npm publish, git push to main).",
+  "gates": [
+    {
+      "id": "deploy-unverified-claim",
+      "layer": "Execution",
+      "pattern": "(?:deployed|live|shipped|pushed to prod)",
+      "toolNames": ["Bash"],
+      "action": "warn",
+      "severity": "critical",
+      "message": "Deployment claim detected. Run the verification gate first: curl -s $PROD_URL/health | grep version"
+    },
+    {
+      "id": "deploy-force-push-main",
+      "layer": "Execution",
+      "pattern": "git\\s+push\\s+.*--force(?!-with-lease)|git\\s+push\\s+--force(?!-with-lease).*main|git\\s+push\\s+--force(?!-with-lease).*master",
+      "toolNames": ["Bash"],
+      "action": "block",
+      "severity": "critical",
+      "message": "Force-push to a protected branch is blocked. Use --force-with-lease if you need to force-push a feature branch."
+    },
+    {
+      "id": "deploy-skip-ci",
+      "layer": "Execution",
+      "pattern": "--no-verify|--no-gpg-sign|-c\\s+commit\\.gpgsign=false",
+      "toolNames": ["Bash"],
+      "action": "block",
+      "severity": "critical",
+      "message": "Bypassing commit hooks or signing is blocked. Fix the underlying issue instead."
+    },
+    {
+      "id": "deploy-publish-without-test",
+      "layer": "Execution",
+      "pattern": "npm\\s+publish|yarn\\s+publish|pnpm\\s+publish",
+      "toolNames": ["Bash"],
+      "action": "warn",
+      "severity": "high",
+      "message": "Publishing to npm. Confirm tests pass (npm test) and version is synced (node scripts/sync-version.js --check) before proceeding."
+    },
+    {
+      "id": "deploy-version-drift-risk",
+      "layer": "Execution",
+      "pattern": "railway\\s+(deploy|up|run)|docker\\s+(push|build\\s+.*&&\\s*.*push)",
+      "toolNames": ["Bash"],
+      "action": "warn",
+      "severity": "medium",
+      "message": "Deploying to Railway/Docker. Verify version sync: node scripts/sync-version.js --check"
+    },
+    {
+      "id": "deploy-env-secret-exposure",
+      "layer": "Execution",
+      "pattern": "(?:ANTHROPIC_API_KEY|STRIPE_SECRET|JWT_SECRET|DATABASE_URL|RAILWAY_TOKEN)\\s*=",
+      "toolNames": ["Bash", "Edit", "Write"],
+      "action": "block",
+      "severity": "critical",
+      "message": "Secret value detected in command or file edit. Use environment variables or secret managers instead."
+    }
+  ]
+}

package/config/github-about.json

@@ -2,7 +2,8 @@
   "repo": "IgorGanapolsky/ThumbGate",
   "repositoryUrl": "https://github.com/IgorGanapolsky/ThumbGate",
   "homepageUrl": "https://thumbgate-production.up.railway.app",
-  "description": "Pre-action gates, a learned intervention policy, and workflow governance for self-improving AI coding agents. 👎 Thumbs down distills history-aware lessons from up to 8 prior entries and stays linked to a 60-second feedback session. 👍 Thumbs up reinforces safe patterns. Team adds shared lessons and org visibility.",
+  "githubDescription": "CLI-first agent governance for AI coding workflows: pre-action gates, shared lessons, and team safeguards that stop repeated agent mistakes.",
+  "metaDescription": "CLI-first agent governance for teams shipping AI-generated changes. \ud83d\udc4e Thumbs down distills history-aware lessons from up to 8 prior entries and stays linked to a 60-second feedback session. \ud83d\udc4d Thumbs up reinforces safe patterns. Pre-action gates, workflow governance, shared lessons and org visibility, release confidence, and isolated execution guidance turn vibe coding mistakes into shared enforcement and proof-ready rollout.",
   "topics": [
     "thumbgate",
     "pre-action-gates",

package/config/merge-quality-checks.json

@@ -0,0 +1,23 @@
+{
+  "requiredStatusCheckContexts": [
+    "test",
+    "CodeQL",
+    "Analyze JavaScript (javascript-typescript)",
+    "Verify changeset",
+    "SonarCloud Code Analysis",
+    "GitGuardian Security Checks",
+    "Socket Security: Project Report",
+    "Socket Security: Pull Request Alerts"
+  ],
+  "passingBuckets": [
+    "pass",
+    "skipping"
+  ],
+  "pendingBuckets": [
+    "pending"
+  ],
+  "failingBuckets": [
+    "fail",
+    "cancel"
+  ]
+}

package/openapi/openapi.yaml

@@ -814,6 +814,98 @@ paths:
           description: Invalid dashboard render view or query
         '401':
           description: Unauthorized
+  /v1/decisions/evaluate:
+    post:
+      operationId: evaluateDecision
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required: [toolName]
+              properties:
+                toolName:
+                  type: string
+                command:
+                  type: string
+                filePath:
+                  type: string
+                changedFiles:
+                  type: array
+                  items:
+                    type: string
+                repoPath:
+                  type: string
+                baseBranch:
+                  type: string
+                requirePrForReleaseSensitive:
+                  type: boolean
+                requireVersionNotBehindBase:
+                  type: boolean
+      responses:
+        '200':
+          description: Persisted workflow-sentinel recommendation with decision-control metadata and actionId
+          content:
+            application/json:
+              schema:
+                type: object
+                additionalProperties: true
+        '400':
+          description: Invalid decision evaluation request
+        '401':
+          description: Unauthorized
+  /v1/decisions/outcome:
+    post:
+      operationId: recordDecisionOutcome
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              required: [actionId, outcome]
+              properties:
+                actionId:
+                  type: string
+                outcome:
+                  type: string
+                actualDecision:
+                  type: string
+                actor:
+                  type: string
+                notes:
+                  type: string
+                latencyMs:
+                  type: number
+                metadata:
+                  type: object
+                  additionalProperties: true
+      responses:
+        '200':
+          description: Recorded a decision override, rollback, completion, or block outcome
+          content:
+            application/json:
+              schema:
+                type: object
+                additionalProperties: true
+        '400':
+          description: Invalid decision outcome request
+        '401':
+          description: Unauthorized
+  /v1/decisions/metrics:
+    get:
+      operationId: getDecisionMetrics
+      responses:
+        '200':
+          description: Decision-loop metrics derived from recorded evaluations and outcomes
+          content:
+            application/json:
+              schema:
+                type: object
+                additionalProperties: true
+        '401':
+          description: Unauthorized
   /v1/settings/status:
     get:
       operationId: getSettingsStatus
@@ -1115,6 +1207,82 @@ paths:
           description: DPO export accepted as a hosted background job
         '401':
           description: Unauthorized
+  /v1/documents:
+    get:
+      operationId: listImportedDocuments
+      parameters:
+        - in: query
+          name: query
+          schema:
+            type: string
+        - in: query
+          name: q
+          schema:
+            type: string
+        - in: query
+          name: tag
+          schema:
+            type: string
+        - in: query
+          name: limit
+          schema:
+            type: integer
+            default: 20
+      responses:
+        '200':
+          description: Imported policy and runbook documents
+        '401':
+          description: Unauthorized
+  /v1/documents/import:
+    post:
+      operationId: importDocument
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                filePath:
+                  type: string
+                content:
+                  type: string
+                title:
+                  type: string
+                sourceFormat:
+                  type: string
+                  enum: [markdown, text, yaml, json, html]
+                sourceUrl:
+                  type: string
+                tags:
+                  type: array
+                  items:
+                    type: string
+                proposeGates:
+                  type: boolean
+      responses:
+        '201':
+          description: Document imported
+        '400':
+          description: Invalid document import request
+        '401':
+          description: Unauthorized
+  /v1/documents/{documentId}:
+    get:
+      operationId: getImportedDocument
+      parameters:
+        - in: path
+          name: documentId
+          required: true
+          schema:
+            type: string
+      responses:
+        '200':
+          description: Imported document with proposed gates
+        '401':
+          description: Unauthorized
+        '404':
+          description: Imported document not found
   /v1/jobs:
     get:
       operationId: listHostedJobs