fix: audit remediation — P0 correctness/security fixes + P1 product hardening#71
Merged
Merged
Conversation
…separation - P0-01: mergeSettings refuses to overwrite a present-but-unparseable settings file (was silently treated as empty); backs up the existing file and writes atomically (temp + rename); only writes when something actually changed. - P0-02: resolve template hook/statusline commands from the installed package (~/.forge/ -> <pkg>/global/) so npm-global installs don't reference an unmaterialized ~/.forge. - P0-03: recall default store moves to the XDG state dir (never the source tree); install.sh separates read-only assets (~/.forge) from mutable state (FORGE_HOME) and migrates any personal recall out of global/recall/facts. - S-02: installer runs argv directly instead of eval "$*". Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…ication language Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…dicts, resolvable ledger refs Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…hter perms - P0-04: drop broad default Bash read allows so secret-file reads prompt; move dependency installs to ask. protect-paths now blocks a reader command aimed at a protected path (anchored to a command boundary to avoid prose false positives). - P0-05: secret redaction reimplemented in Node (secret-redact.mjs), no jq dependency; emits a visible DEGRADED warning instead of a silent no-op. forge doctor now treats a missing node runtime as a hard failure. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
P0-08: writeIfChanged and doctor drift detection compare the full expected body against the canonical source, so a hand-edited managed file with an intact forge:sync marker is detected and restored instead of reported in-sync. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…esolvable ledger refs
Two files were reformatted by the format-on-edit hook under a transient worktree biome config (different line width); re-apply the canonical root formatting. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…ers; wire honest labels - P0-06: remove context7 from the default MCP set; add `forge integrations [add <name>]` that shows package/network/files and writes only with --yes. JSON emitters now refresh a drifted forge-owned server instead of leaving a stale entry (user servers untouched). - Wire the CLI to skillgate's honest verdict (S-01) and relabel the deep-verify output (defectRiskScore / remainingUncheckedWeight); align the ledger command description. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…lity gate before publish
- P0-12: model prices support scheduled {effectiveFrom,effectiveUntil} windows resolved by
priceOf(model,date). Sonnet 5 carries its $2/$10 intro rate (through 2026-08-31) and the
$3/$15 successor; `forge route` shows the current effective price; docs check accepts any
scheduled price.
- P0-11: new reusable quality-gate workflow (tests, biome, typecheck, shellcheck, zero-dep
assertion, version-drift, docs check, npm pack) is required by CI, bump, and release — a
tag/publish can no longer proceed on `npm test` alone.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…stem health, labs grouping - P1-02/P1-03: `forge init --profile` + `.forge/forge.config.json` with explicit profile/disableSections/rules override semantics; `minimal` profile ships only the five core-safety rules. - P1-04: replace the "make chain-of-thought visible" UI rule with safe-rationale guidance. - P1-05: completion gate spells out change-type obligations (code -> docs + test; config -> config docs; test-only owes nothing) instead of accepting any doc/state touch. - P1-06: `forge doctor` reports subsystem health as ACTIVE|DEGRADED|UNAVAILABLE|FAILED. - P1-01: group experimental commands under "Labs (experimental)" in help. - Also fix a protect-paths false positive (.keys()/.environment no longer read as secrets). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
|
Preview deployment for your docs. Learn more about Mintlify Previews.
💡 Tip: Enable Workflows to automatically generate PRs for you. |
…rktree-bugs-gqrxp8 # Conflicts: # CHANGELOG.md # README.md # docs/GUIDE.md # install.sh # src/cli.js # src/commands.js # src/doctor.js # src/init.js # src/verify.js # test/init.test.js
The secret-redact test uses an obviously-fake sequential-hex ghp_ token as a fixture to prove redaction works; gitleaks flagged it as a github-pat. Narrowly allowlist that exact placeholder so real-secret detection stays intact everywhere. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
CodeWithJuber
marked this pull request as ready for review
July 17, 2026 18:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What & why
Implements the fixes from the brutal repository audit. The audit flagged 12 P0 critical bugs, several P1 product concerns, security items, and honesty/wording gaps; each was re-verified against the current tree before fixing. Work was split into isolated workstreams (some in parallel git worktrees), each with its own tests, then integrated behind the full quality gate.
P0 — correctness & safety
forge initrefuses to overwrite a present-but-unparseable~/.claude/settings.json, backs it up, and writes atomically (temp + rename); hook/statusline commands resolve to the installed package instead of an unmaterialized~/.forge; personal recall moved to the XDG state dir;install.shseparates read-only assets from mutable state, migrates old recall, and dropseval.cat/head/tail/rg/git show/git log) so secret reads prompt; dependency installs moved toask;protect-pathsblocks reading a protected path via Bash (boundary-anchored to avoid false positives); secret redaction reimplemented in Node with nojqdependency and a visible DEGRADED warning instead of a silent no-op.context7is no longer a default MCP server — newforge integrationscommand adds it opt-in after showing package/network/files; JSON emitters refresh a drifted forge-owned entry;writeIfChanged/doctorcompare the full body, not just the marker.forge verifyreturnsPASS|FAIL|INCOMPLETE|NOT_CONFIGURED(never pass when nothing ran), drives real test commands off the stack detector, includes untracked files in provenance; ledger evidence refs are validated (git:<sha>must resolve).priceOf(model,date); Sonnet 5 intro $2/$10 → $3/$15); reusablequality-gateworkflow required by CI, bump, and release so a publish can't proceed onnpm testalone.P1 — product hardening
.forge/forge.config.jsonoverride semantics (P1-02/03); change-type obligation guidance in the completion gate (P1-05);ACTIVE|DEGRADED|UNAVAILABLE|FAILEDsubsystem health inforge doctor(P1-06); "Labs (experimental)" help grouping (P1-01); replaced the "make chain-of-thought visible" UI rule with safe-rationale guidance (P1-04).Honesty/wording (S-01, docs): dropped scanner "ok to install" certification language; renamed
P(defect)→defectRiskScoreandresidual→remainingUncheckedWeight; reframed the preflight score and "proof-carrying"/"zero-config" claims; added a beta status block and per-benchmark sample sizes. Seedocs/audit/REMEDIATION.mdfor what shipped vs. deferred.Checklist
npm testpasses (880 tests, 0 fail, 2 pre-existing skips)npm run checkpasses (Biome lint + format)feat:/fix:/docs:…)CHANGELOG.mdupdated under## [Unreleased]forge impact/verify/gate/MCP;forge docs checkgreen)Risk & rollback
Extra checks
npm run typecheckpasses🤖 Generated with Claude Code
https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
Generated by Claude Code