wogiflow 2.1.3 → 2.3.0

package/scripts/flow-scanner-base.js

@@ -36,6 +36,7 @@ class BaseScanner {
 
     this.config = {
       directories: registryConfig.directories || options.directories || [],
+      globPatterns: registryConfig.globPatterns || options.globPatterns || [],
       filePatterns: options.filePatterns || ['**/*.ts', '**/*.js', '**/*.tsx', '**/*.jsx'],
       excludePatterns: options.excludePatterns || [
         '**/*.test.*',
@@ -50,11 +51,13 @@ class BaseScanner {
     };
 
     // Pre-compile exclude patterns to avoid per-file RegExp allocation
+    // Use placeholder to prevent ** and * from interfering during replacement
     this._excludeRegexps = this.config.excludePatterns.map(pattern => {
       const regexPattern = pattern
-        .replace(/\*\*/g, '.*')
-        .replace(/\*/g, '[^/]*')
-        .replace(/\./g, '\\.');
+        .replace(/\*\*/g, '\0GLOBSTAR\0')   // Placeholder for **
+        .replace(/\./g, '\\.')              // Escape dots
+        .replace(/\*/g, '[^/]*')            // Single * → non-slash wildcard
+        .replace(/\0GLOBSTAR\0/g, '.*');    // Restore ** → any path
       return new RegExp('^' + regexPattern + '$');
     });
 
@@ -70,18 +73,96 @@ class BaseScanner {
   }
 
   /**
-   * Find existing directories from config
+   * Find existing directories from config (explicit + glob-discovered)
    * @returns {string[]} Array of full paths to existing directories
    */
   findDirectories() {
-    const found = [];
+    const found = new Set();
+
+    // 1. Explicit directories from config
     for (const dir of this.config.directories) {
       const fullPath = path.join(PROJECT_ROOT, dir);
       if (fs.existsSync(fullPath) && fs.statSync(fullPath).isDirectory()) {
-        found.push(fullPath);
+        found.add(fullPath);
+      }
+    }
+
+    // 2. Glob-discovered directories (e.g. "src/**/hooks", "src/**/utils")
+    for (const pattern of this.config.globPatterns) {
+      for (const dir of this._expandGlobPattern(pattern)) {
+        found.add(dir);
       }
     }
-    return found;
+
+    return [...found];
+  }
+
+  /**
+   * Expand a glob pattern like "src/** /hooks" into matching directories.
+   * Supports ** (any depth) and * (single segment). No external dependencies.
+   * @param {string} pattern - Glob pattern relative to project root
+   * @returns {string[]} Array of full paths to matching directories
+   */
+  _expandGlobPattern(pattern) {
+    const results = [];
+    const segments = pattern.split('/');
+    const MAX_DEPTH = 20;
+    const MAX_DIRS = 5000;
+    let dirsVisited = 0;
+    const SKIP_DIRS = new Set(['node_modules', '.git', 'dist', 'build', '.cache', '.yarn', '.pnpm']);
+
+    const walk = (currentPath, segIdx, depth) => {
+      if (depth > MAX_DEPTH || dirsVisited > MAX_DIRS) return;
+      dirsVisited++;
+
+      if (segIdx >= segments.length) {
+        if (fs.existsSync(currentPath) && fs.statSync(currentPath).isDirectory()) {
+          results.push(currentPath);
+        }
+        return;
+      }
+
+      const seg = segments[segIdx];
+
+      if (seg === '**') {
+        // Zero levels: skip this segment
+        walk(currentPath, segIdx + 1, depth);
+
+        // One+ levels: recurse into subdirectories
+        if (!fs.existsSync(currentPath) || !fs.statSync(currentPath).isDirectory()) return;
+        try {
+          const entries = fs.readdirSync(currentPath, { withFileTypes: true });
+          for (const entry of entries) {
+            if (!entry.isDirectory() || entry.isSymbolicLink()) continue;
+            if (SKIP_DIRS.has(entry.name) || entry.name.startsWith('.')) continue;
+            walk(path.join(currentPath, entry.name), segIdx, depth + 1);
+          }
+        } catch (_err) {
+          // Permission error — skip
+        }
+      } else if (seg.includes('*')) {
+        if (!fs.existsSync(currentPath) || !fs.statSync(currentPath).isDirectory()) return;
+        // Escape regex metacharacters except *, then convert * to [^/]*
+        const escaped = seg.replace(/[.+?^${}()|[\]\\]/g, '\\$&').replace(/\*/g, '[^/]*');
+        const segRegex = new RegExp('^' + escaped + '$');
+        try {
+          const entries = fs.readdirSync(currentPath, { withFileTypes: true });
+          for (const entry of entries) {
+            if (!entry.isDirectory()) continue;
+            if (segRegex.test(entry.name)) {
+              walk(path.join(currentPath, entry.name), segIdx + 1, depth + 1);
+            }
+          }
+        } catch (_err) {
+          // Permission error — skip
+        }
+      } else {
+        walk(path.join(currentPath, seg), segIdx + 1, depth + 1);
+      }
+    };
+
+    walk(PROJECT_ROOT, 0, 0);
+    return results;
   }
 
   /**
@@ -268,6 +349,118 @@ class BaseScanner {
     });
   }
 
+  /**
+   * Two-pass AST: collect all top-level declarations and all exported names.
+   * Returns { declarations: Map<name, {node, kind}>, exported: Map<name, {isDefault}> }
+   * Subclasses call this then intersect with their own registration logic.
+   * @param {string} content - File content
+   * @returns {Object|null} { declarations, exported } or null if parse fails
+   */
+  collectExportedDeclarations(content) {
+    if (!this.parser) return null;
+
+    try {
+      const ast = this.parser.parse(content, {
+        sourceType: 'module',
+        plugins: ['typescript', 'jsx', 'decorators-legacy']
+      });
+
+      // Pass 1: Collect all top-level function-like declarations
+      const declarations = new Map();
+
+      this.traverse(ast, {
+        FunctionDeclaration: (nodePath) => {
+          const parent = nodePath.parent.type;
+          if (!nodePath.node.id) return;
+          if (parent === 'Program' || parent === 'ExportNamedDeclaration' || parent === 'ExportDefaultDeclaration') {
+            declarations.set(nodePath.node.id.name, { node: nodePath.node, kind: 'func' });
+          }
+        },
+        VariableDeclaration: (nodePath) => {
+          const parent = nodePath.parent.type;
+          if (parent !== 'Program' && parent !== 'ExportNamedDeclaration') return;
+          for (const decl of nodePath.node.declarations) {
+            if (decl.id?.name && decl.init &&
+                (decl.init.type === 'ArrowFunctionExpression' ||
+                 decl.init.type === 'FunctionExpression')) {
+              declarations.set(decl.id.name, { node: decl, kind: 'var' });
+            }
+          }
+        }
+      });
+
+      // Pass 2: Collect all exported names
+      const exported = new Map();
+
+      this.traverse(ast, {
+        ExportNamedDeclaration: (nodePath) => {
+          const decl = nodePath.node.declaration;
+          if (decl) {
+            if (decl.type === 'FunctionDeclaration' && decl.id) {
+              exported.set(decl.id.name, { isDefault: false });
+            } else if (decl.type === 'VariableDeclaration') {
+              for (const d of decl.declarations) {
+                if (d.id?.name) exported.set(d.id.name, { isDefault: false });
+              }
+            }
+          }
+          for (const spec of nodePath.node.specifiers || []) {
+            if (spec.local?.name) {
+              exported.set(spec.local.name, { isDefault: false });
+            }
+          }
+        },
+        ExportDefaultDeclaration: (nodePath) => {
+          const decl = nodePath.node.declaration;
+          if (decl.type === 'FunctionDeclaration' && decl.id) {
+            exported.set(decl.id.name, { isDefault: true });
+          } else if (decl.type === 'Identifier') {
+            exported.set(decl.name, { isDefault: true });
+          }
+        }
+      });
+
+      return { declarations, exported };
+    } catch (_err) {
+      return null;
+    }
+  }
+
+  /**
+   * Two-pass regex: collect all exported names from file content.
+   * Shared across scanners for consistent export detection.
+   * @param {string} content - File content
+   * @returns {Set<string>} Set of exported names
+   */
+  collectExportedNamesRegex(content) {
+    const exported = new Set();
+    let match;
+
+    // export function / export const / export default function
+    const exportedDeclRegex = /export\s+(?:default\s+)?(?:async\s+)?(?:function|const)\s+(\w+)/g;
+    while ((match = exportedDeclRegex.exec(content)) !== null) {
+      exported.add(match[1]);
+    }
+
+    // export default Name (identifier)
+    const exportDefaultIdRegex = /export\s+default\s+([A-Za-z_$]\w*)\s*;/g;
+    while ((match = exportDefaultIdRegex.exec(content)) !== null) {
+      exported.add(match[1]);
+    }
+
+    // export { Name, Name2 as Alias }
+    const exportSpecRegex = /export\s*\{([^}]+)\}/g;
+    while ((match = exportSpecRegex.exec(content)) !== null) {
+      const specifiers = match[1].split(',');
+      for (const spec of specifiers) {
+        const name = spec.trim().split(/\s+as\s+/)[0].trim();
+        if (name) exported.add(name);
+      }
+    }
+
+    return exported;
+  }
+
   /**
    * Parse params from string (regex fallback)
    * @param {string} paramsStr - Parameter string

package/scripts/flow-skill-generator.js

@@ -8,6 +8,7 @@
 const fs = require('node:fs');
 const path = require('node:path');
 const { ensureDir, getConfig, invalidateConfigCache, writeJson, PATHS, success } = require('./flow-utils');
+const { getTodayDate } = require('./flow-output');
 
 // Import helper functions from tech options
 let _techOptions = null;

package/scripts/flow-standards-learner.js

@@ -18,8 +18,10 @@ const {
   readFile,
   writeFile,
   getConfig,
-  color
+  color,
+  escapeRegex
 } = require('./flow-utils');
+const { getTodayDate } = require('./flow-output');
 
 // ============================================================================
 // Constants
@@ -101,6 +103,158 @@ const VIOLATION_LEARNING_MAP = {
   }
 };
 
+// ============================================================================
+// Enforcement Gap Detection
+// ============================================================================
+
+/**
+ * Check if a pattern has an existing rule in decisions.md
+ * @param {string} patternId - kebab-case pattern identifier
+ * @param {string} [description] - description to also search for
+ * @returns {{ exists: boolean, ruleText: string|null, section: string|null }}
+ */
+function checkEnforcementGap(patternId, description) {
+  if (!fileExists(DECISIONS_PATH)) {
+    return { exists: false, ruleText: null, section: null };
+  }
+
+  const content = readFile(DECISIONS_PATH, '');
+
+  // Extract description words for fuzzy matching (separate from patternId)
+  const STOPWORDS = new Set(['code', 'file', 'data', 'type', 'that', 'this', 'with', 'from', 'have', 'been', 'each', 'when', 'should', 'must', 'function', 'class', 'module']);
+  const descriptionWords = description
+    ? description.split(/\s+/)
+        .filter(w => w.length >= 4 && !STOPWORDS.has(w.toLowerCase()))
+        .map(w => w.toLowerCase())
+        .slice(0, 5)
+    : [];
+
+  // Find which section contains the match
+  const sections = content.split(/^## /m).slice(1);
+  for (const section of sections) {
+    const sectionTitle = section.split('\n')[0].trim();
+    const sectionLower = section.toLowerCase();
+
+    // Check if pattern ID appears in this section (exact match — most reliable)
+    if (sectionLower.includes(patternId.toLowerCase())) {
+      // Extract the rule block (from ### to next ### or end of section)
+      // escapeRegex prevents ReDoS from patternId with regex metacharacters
+      const escapedId = escapeRegex(patternId).replace(/-/g, '[\\s-]');
+      const ruleMatch = section.match(new RegExp(
+        `### [^\\n]*${escapedId}[^\\n]*\\n([\\s\\S]*?)(?=###|$)`,
+        'i'
+      ));
+      return {
+        exists: true,
+        ruleText: ruleMatch ? ruleMatch[0].trim().slice(0, 2000) : section.trim().slice(0, 2000),
+        section: `## ${sectionTitle}`
+      };
+    }
+
+    // Fuzzy fallback: check description words ONLY (patternId excluded to avoid weak matches)
+    // Proportional threshold: at least 50% of words must match, minimum 3
+    if (descriptionWords.length >= 3) {
+      const matchCount = descriptionWords.filter(word => sectionLower.includes(word)).length;
+      const threshold = Math.max(3, Math.ceil(descriptionWords.length * 0.5));
+      if (matchCount >= threshold) {
+        return {
+          exists: true,
+          ruleText: section.trim().slice(0, 2000),
+          section: `## ${sectionTitle}`
+        };
+      }
+    }
+  }
+
+  return { exists: false, ruleText: null, section: null };
+}
+
+/**
+ * Record a pattern from an audit finding (wraps recordViolationPattern with audit-specific logic).
+ * Creates a synthetic learning object from audit cluster data.
+ *
+ * @param {Object} cluster - Clustered audit pattern
+ * @param {string} cluster.patternId - kebab-case canonical name
+ * @param {string} cluster.category - architecture, code-style, security, etc.
+ * @param {string} cluster.description - one-sentence description
+ * @param {number} cluster.instanceCount - number of files affected
+ * @param {Object[]} [cluster.instances] - array of { file, detail }
+ * @returns {Object} Result with status, count, shouldPromote
+ */
+function recordAuditPattern(cluster) {
+  const safeDesc = sanitizeForMarkdown(cluster.description, 100);
+  // Build a synthetic learning object compatible with recordViolationPattern
+  const learning = {
+    canLearn: true,
+    violationType: cluster.category,
+    category: mapAuditCategoryToLearnerCategory(cluster.category),
+    subcategory: cluster.patternId,
+    patternName: safeDesc,
+    preventionPrompt: `Avoid: ${safeDesc}`,
+    ruleTemplate: buildAuditRuleTemplate(cluster),
+    message: `${cluster.instanceCount} instances found across project (audit source)`,
+    source: 'audit'
+  };
+
+  return recordViolationPattern(learning);
+}
+
+/**
+ * Map audit category names to learner category names
+ */
+function mapAuditCategoryToLearnerCategory(auditCategory) {
+  const map = {
+    'architecture': 'architecture',
+    'code-style': 'code-style',
+    'security': 'security',
+    'performance': 'code-style',
+    'consistency': 'code-style',
+    'dependencies': 'architecture',
+    'tech-debt': 'architecture',
+    'modernization': 'code-style'
+  };
+  return map[auditCategory] || 'code-style';
+}
+
+/**
+ * Sanitize a value for safe interpolation into markdown state files.
+ * Strips heading markers, pipe chars (break tables), and newlines.
+ * Prevents prompt injection via decisions.md or feedback-patterns.md.
+ *
+ * @param {string} value - Raw string
+ * @param {number} [maxLen=200] - Maximum length
+ * @returns {string} Sanitized string
+ */
+function sanitizeForMarkdown(value, maxLen = 200) {
+  return String(value)
+    .replace(/^#+\s/gm, '')    // strip heading markers
+    .replace(/\|/g, '-')       // replace pipes (break table formatting)
+    .replace(/`{3,}/g, '')     // strip code fence markers (prevent breakout)
+    .replace(/[<>]/g, '')      // strip angle brackets (prevent HTML injection)
+    .replace(/[\r\n]+/g, ' ')  // collapse newlines
+    .slice(0, maxLen)
+    .trim();
+}
+
+/**
+ * Build a rule template from an audit cluster
+ */
+function buildAuditRuleTemplate(cluster) {
+  const safeDesc = sanitizeForMarkdown(cluster.description, 200);
+  const files = (cluster.instances || [])
+    .slice(0, 5)
+    .map(i => `\`${sanitizeForMarkdown(i.file, 100)}\``)
+    .join(', ');
+
+  const moreCount = (cluster.instanceCount || 0) - 5;
+  const filesList = moreCount > 0 ? `${files}, and ${moreCount} more` : files;
+
+  return `### ${safeDesc}
+**Source**: Audit pattern promotion (${cluster.instanceCount} instances)
+**Files**: ${filesList || 'Multiple files'}
+**Rule**: ${safeDesc}`;
+}
+
 // ============================================================================
 // Pattern Analysis
 // ============================================================================
@@ -223,7 +377,10 @@ function recordViolationPattern(learning) {
 
   // Check if pattern already exists in table
   const dateStr = getTodayDate();
-  const patternRegex = new RegExp(`\\|\\s*[\\d-]+\\s*\\|\\s*${patternKey.replace(/[-]/g, '[-]?')}\\s*\\|\\s*(\\d+)\\s*\\|`, 'i');
+  // escapeRegex prevents ReDoS from patternKey with regex metacharacters
+  // Hyphens are required (not optional) — patternKey is kebab-case and must match exactly
+  const escapedKey = escapeRegex(patternKey);
+  const patternRegex = new RegExp(`\\|\\s*[\\d-]+\\s*\\|\\s*${escapedKey}\\s*\\|\\s*(\\d+)\\s*\\|`, 'i');
 
   if (patternRegex.test(content)) {
     // Update existing count
@@ -362,8 +519,10 @@ ${learning.ruleTemplate}
   try {
     let patternsContent = readFile(FEEDBACK_PATTERNS_PATH, '');
     const patternKey = `${learning.violationType}-${learning.patternName}`.replace(/\s+/g, '-').toLowerCase();
+    // escapeRegex prevents ReDoS from patternKey with regex metacharacters
+    const escapedPromoteKey = escapeRegex(patternKey);
     patternsContent = patternsContent.replace(
-      new RegExp(`(\\|\\s*[\\d-]+\\s*\\|\\s*${patternKey}\\s*\\|\\s*\\d+\\s*\\|)\\s*-\\s*\\|\\s*Monitor\\s*\\|`, 'i'),
+      new RegExp(`(\\|\\s*[\\d-]+\\s*\\|\\s*${escapedPromoteKey}\\s*\\|\\s*\\d+\\s*\\|)\\s*-\\s*\\|\\s*Monitor\\s*\\|`, 'i'),
       `$1 decisions.md | **PROMOTED** |`
     );
     fs.writeFileSync(FEEDBACK_PATTERNS_PATH, patternsContent, 'utf-8');
@@ -680,8 +839,13 @@ Examples:
 module.exports = {
   analyzeViolationForLearning,
   recordViolationPattern,
+  recordAuditPattern,
   promoteToDecisions,
   syncToRulesDir,
+  checkEnforcementGap,
+  mapAuditCategoryToLearnerCategory,
+  buildAuditRuleTemplate,
+  sanitizeForMarkdown,
   getPreventionPrompts,
   formatPreventionPrompts,
   learnFromViolations,

package/scripts/flow-task-checkpoint.js

@@ -72,6 +72,7 @@ function getDefaultCheckpoint() {
       currentIndex: -1
     },
     changedFiles: [],
+    criteria: [],
     verificationResults: [],
     explorationSummary: null,
     completedPhases: [],
@@ -129,6 +130,7 @@ async function saveCheckpoint(params) {
         specPath: params.specPath || existing.specPath,
         scenarios: params.scenarios || existing.scenarios,
         changedFiles: params.changedFiles || existing.changedFiles,
+        criteria: params.criteria || existing.criteria,
         verificationResults: params.verificationResults || existing.verificationResults,
         explorationSummary: params.explorationSummary || existing.explorationSummary,
         lastUpdated: new Date().toISOString(),

package/scripts/flow-template-extractor.js

@@ -77,7 +77,7 @@ const IGNORE_PATTERNS = [
 ];
 
 // Colors for CLI
-const { colors: c } = require('./flow-output');
+const { colors: c, getTodayDate } = require('./flow-output');
 
 // ============================================================================
 // File Classification

package/scripts/flow-version-check.js

@@ -124,6 +124,7 @@ function checkClaudeCodeVersionOnce() {
     { version: [2, 1, 50], features: 'worktree hooks, agent isolation' },
     { version: [2, 1, 72], features: 'ConfigChange/InstructionsLoaded hooks, effort levels' },
     { version: [2, 1, 76], features: 'PostCompact hook (state recovery after compaction)' },
+    { version: [2, 1, 77], features: 'Elicitation hooks, worktree sparse checkout, 128k output tokens, compaction circuit breaker' },
   ];
 
   const disabledFeatures = SOFT_GATES

package/scripts/hooks/core/commit-log-gate.js

@@ -0,0 +1,146 @@
+#!/usr/bin/env node
+
+/**
+ * Wogi Flow - Commit Log Gate (Core Module)
+ *
+ * Blocks git commit when there's an active task but request-log.md
+ * hasn't been staged. Mechanical enforcement — same pattern as routing gate.
+ *
+ * Whitelist (commit allowed without log entry):
+ * - No active task in ready.json
+ * - Merge commits
+ * - State-only commits (all files under .workflow/ or .claude/)
+ * - Gate disabled via config.enforcement.commitLogGate.enabled: false
+ *
+ * v1.0: Initial implementation — pre-commit blocking gate
+ */
+
+const { execFileSync } = require('node:child_process');
+const { getConfig, getReadyData } = require('../../flow-utils');
+
+/**
+ * Check if a Bash command contains a git commit
+ * @param {string} command - The Bash command string
+ * @returns {boolean}
+ */
+function isGitCommit(command) {
+  if (!command || typeof command !== 'string') return false;
+  // Match git commit at start or after chain operators (&&, ;, ||)
+  return /(?:^|&&\s*|;\s*|\|\|\s*)git\s+commit\b/.test(command.trim());
+}
+
+/**
+ * Check if the command is a merge-related commit (whitelisted)
+ * @param {string} command - The Bash command string
+ * @returns {boolean}
+ */
+function isMergeCommit(command) {
+  // git merge --continue or similar
+  if (/git\s+merge/.test(command)) return true;
+  // Commit message starts with "Merge" (from -m flag)
+  const msgMatch = command.match(/-m\s+["']([^"']*)/);
+  if (msgMatch && /^Merge\b/i.test(msgMatch[1])) return true;
+  return false;
+}
+
+/**
+ * Get list of staged file paths (relative to repo root)
+ * @returns {string[]}
+ */
+function getStagedFiles() {
+  try {
+    const output = execFileSync('git', ['diff', '--cached', '--name-only'], {
+      encoding: 'utf-8',
+      timeout: 3000,
+      stdio: ['pipe', 'pipe', 'pipe']
+    });
+    return output.trim().split('\n').filter(Boolean);
+  } catch (err) {
+    if (process.env.DEBUG) {
+      console.error(`[commit-log-gate] getStagedFiles error: ${err.message}`);
+    }
+    return [];
+  }
+}
+
+/**
+ * Check if a git commit should be blocked due to missing request-log entry.
+ *
+ * @param {string} command - The Bash command being executed
+ * @param {Object} [config] - Pre-loaded config (optional)
+ * @returns {{ allowed: boolean, blocked: boolean, reason?: string, message?: string }}
+ */
+function checkCommitLogGate(command, config) {
+  // Only check git commit commands
+  if (!isGitCommit(command)) {
+    return { allowed: true, blocked: false };
+  }
+
+  // Load config if not provided
+  if (!config) {
+    try { config = getConfig(); } catch (err) { config = {}; }
+  }
+
+  // Check if gate is enabled (default: enabled when enforcement section exists)
+  if (config.enforcement?.commitLogGate?.enabled === false) {
+    return { allowed: true, blocked: false };
+  }
+
+  // Check for active task in ready.json
+  let readyData;
+  try {
+    readyData = getReadyData();
+  } catch (err) {
+    // Can't read ready.json → fail-open (don't block work)
+    return { allowed: true, blocked: false };
+  }
+
+  if (!readyData.inProgress || readyData.inProgress.length === 0) {
+    // No active task → allow (non-task commit)
+    return { allowed: true, blocked: false };
+  }
+
+  // Whitelist merge commits
+  if (isMergeCommit(command)) {
+    return { allowed: true, blocked: false };
+  }
+
+  // Get staged files to check
+  const stagedFiles = getStagedFiles();
+  if (stagedFiles.length === 0) {
+    // No staged files → commit will fail on its own, don't add noise
+    return { allowed: true, blocked: false };
+  }
+
+  // Whitelist state-only commits (e.g., pre-compact, wogi-pre-compact state saves)
+  const allStateOrConfig = stagedFiles.every(f =>
+    f.startsWith('.workflow/') || f.startsWith('.claude/')
+  );
+  if (allStateOrConfig) {
+    return { allowed: true, blocked: false };
+  }
+
+  // Check if request-log.md is in staged changes
+  const hasLogEntry = stagedFiles.some(f => f.endsWith('request-log.md'));
+  if (hasLogEntry) {
+    return { allowed: true, blocked: false };
+  }
+
+  // Block: active task + code changes but no log entry
+  const task = readyData.inProgress[0];
+  const taskId = (typeof task === 'string' ? task : task.id) || 'unknown';
+
+  return {
+    allowed: false,
+    blocked: true,
+    reason: 'commit_without_log_entry',
+    message: [
+      `BLOCKED: Active task ${taskId} but request-log.md is not staged.`,
+      'Add a request-log entry before committing.',
+      'Append a ### R-[N] entry to .workflow/state/request-log.md following the existing format,',
+      'then stage it: git add .workflow/state/request-log.md'
+    ].join(' ')
+  };
+}
+
+module.exports = { checkCommitLogGate, isGitCommit, isMergeCommit };