feat(audit-ufs): add --staged pre-commit lens#20
Merged
Conversation
…dits) ufs.sh was the lone full-codebase audit without a --staged mode; its siblings (design-tokens, error-codes, logging, deinit-pairs, spec-template) and msid-ui already have one. A pre-commit harness should judge what is being committed, not the whole tree. --staged narrows the per-file checks (string-dup-file, numeric-suspect) to `git diff --cached`. cross-runtime-orphan (ERR_* parity) stays full-codebase — it needs cross-runtime visibility. Full-codebase remains the default, so `make lint` / harness-verify-all keep canonical enforcement; --diff stays retired (exit 2). --staged reads the index, so it is not blind to staged-but- uncommitted fixes — the exact concern M70 cited when it retired --diff. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
audits/ufs.shwas the only full-codebase audit without a--stagedmode. Its siblings (design-tokens,error-codes,logging,deinit-pairs,spec-template) andmsid-uialready have one. This adds parity so a product repo's pre-commit harness can scope UFS to the commit instead of the whole tree.Why
usezombie's
make harness-verify(pre-commit) runs each gate full-codebase. With 410 pre-existingstring-dup-fileviolations in untouched files, every commit that stages a code file is blocked — even when the staged files are clean.--stagedlets the pre-commit lens judge only what's being committed;make lint/harness-verify-allkeep canonical full-codebase enforcement.How
--stagednarrows the per-file checks (string-dup-file,numeric-suspect) togit diff --cached --name-only --diff-filter=ACMRT.cross-runtime-orphan(ERR_* parity) stays full-codebase — it needs cross-runtime visibility to compare Zig ↔ TS/JS.--allalias unchanged) → invariants 22.1/22.2 hold, M70 semantics intact.--diffstays retired (exit 2).--stagedreads the index, so it is not blind to staged-but-uncommitted fixes — the exact concern M70 cited.Verification
bash -nclean · 279 lines (< 350) ·make auditRC=0 (dispatch evals 10/10)--diff→exit 2 ·--staged→exit 0 (nothing staged) ·--all→full scanshellcheckSC2221/SC2222 on line 64 (is_sourcetest-pattern overlap) is not touched by this diff — out of scope.Consumer
usezombie
make/harness.mkcallsaudits/ufs.sh --staged(separate PR on itschore/dispatch-syncbranch). This PR must merge for that symlink call to resolve permanently.🤖 Generated with Claude Code