Skip to content

fix: audit remediation — P0 correctness/security fixes + P1 product hardening#71

Merged
CodeWithJuber merged 13 commits into
masterfrom
claude/loop-goal-worktree-bugs-gqrxp8
Jul 17, 2026
Merged

fix: audit remediation — P0 correctness/security fixes + P1 product hardening#71
CodeWithJuber merged 13 commits into
masterfrom
claude/loop-goal-worktree-bugs-gqrxp8

Conversation

@CodeWithJuber

Copy link
Copy Markdown
Owner

What & why

Implements the fixes from the brutal repository audit. The audit flagged 12 P0 critical bugs, several P1 product concerns, security items, and honesty/wording gaps; each was re-verified against the current tree before fixing. Work was split into isolated workstreams (some in parallel git worktrees), each with its own tests, then integrated behind the full quality gate.

P0 — correctness & safety

  • Onboarding & state (P0-01/02/03, S-02): forge init refuses to overwrite a present-but-unparseable ~/.claude/settings.json, backs it up, and writes atomically (temp + rename); hook/statusline commands resolve to the installed package instead of an unmaterialized ~/.forge; personal recall moved to the XDG state dir; install.sh separates read-only assets from mutable state, migrates old recall, and drops eval.
  • Security defaults (P0-04/05): removed broad default Bash read allows (cat/head/tail/rg/git show/git log) so secret reads prompt; dependency installs moved to ask; protect-paths blocks reading a protected path via Bash (boundary-anchored to avoid false positives); secret redaction reimplemented in Node with no jq dependency and a visible DEGRADED warning instead of a silent no-op.
  • MCP & managed files (P0-06/08): context7 is no longer a default MCP server — new forge integrations command adds it opt-in after showing package/network/files; JSON emitters refresh a drifted forge-owned entry; writeIfChanged/doctor compare the full body, not just the marker.
  • Core loop (P0-07/09/10): inventory-aware atlas staleness (new/removed files invalidate it) with honest "impact unavailable"; forge verify returns PASS|FAIL|INCOMPLETE|NOT_CONFIGURED (never pass when nothing ran), drives real test commands off the stack detector, includes untracked files in provenance; ledger evidence refs are validated (git:<sha> must resolve).
  • Pricing & release (P0-11/12): effective-date model pricing (priceOf(model,date); Sonnet 5 intro $2/$10 → $3/$15); reusable quality-gate workflow required by CI, bump, and release so a publish can't proceed on npm test alone.

P1 — product hardening

  • Policy profiles + .forge/forge.config.json override semantics (P1-02/03); change-type obligation guidance in the completion gate (P1-05); ACTIVE|DEGRADED|UNAVAILABLE|FAILED subsystem health in forge doctor (P1-06); "Labs (experimental)" help grouping (P1-01); replaced the "make chain-of-thought visible" UI rule with safe-rationale guidance (P1-04).

Honesty/wording (S-01, docs): dropped scanner "ok to install" certification language; renamed P(defect)defectRiskScore and residualremainingUncheckedWeight; reframed the preflight score and "proof-carrying"/"zero-config" claims; added a beta status block and per-benchmark sample sizes. See docs/audit/REMEDIATION.md for what shipped vs. deferred.

Checklist

  • npm test passes (880 tests, 0 fail, 2 pre-existing skips)
  • npm run check passes (Biome lint + format)
  • New public functions have a test
  • Conventional commit messages (feat:/fix:/docs: …)
  • CHANGELOG.md updated under ## [Unreleased]
  • No new runtime dependency (dev deps only)
  • Substrate/docs updated (touches forge impact/verify/gate/MCP; forge docs check green)

Risk & rollback

  • Risk level: medium — changes default permissions, MCP defaults, and the settings-merge/verify/atlas behaviors. All covered by new tests; behavior changes were the ones explicitly approved.
  • Rollback plan: revert per-workstream commits (each is self-contained) or the whole branch; no data migrations beyond the opt-in recall move, which only relocates state and leaves the original in place on conflict.

Extra checks

  • npm run typecheck passes
  • Input validated at boundaries; errors handled (settings-merge refuses corrupt input; guards fail-open where advisory, fail-visible where security)
  • Logs contain no secrets/PII (redaction strengthened)
  • AI-assisted: changes are understood, tested, and verified against the current code

🤖 Generated with Claude Code

https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i


Generated by Claude Code

claude added 11 commits July 17, 2026 14:43
…separation

- P0-01: mergeSettings refuses to overwrite a present-but-unparseable settings
  file (was silently treated as empty); backs up the existing file and writes
  atomically (temp + rename); only writes when something actually changed.
- P0-02: resolve template hook/statusline commands from the installed package
  (~/.forge/ -> <pkg>/global/) so npm-global installs don't reference an
  unmaterialized ~/.forge.
- P0-03: recall default store moves to the XDG state dir (never the source
  tree); install.sh separates read-only assets (~/.forge) from mutable state
  (FORGE_HOME) and migrates any personal recall out of global/recall/facts.
- S-02: installer runs argv directly instead of eval "$*".

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…ication language

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…dicts, resolvable ledger refs

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…hter perms

- P0-04: drop broad default Bash read allows so secret-file reads prompt; move
  dependency installs to ask. protect-paths now blocks a reader command aimed at
  a protected path (anchored to a command boundary to avoid prose false positives).
- P0-05: secret redaction reimplemented in Node (secret-redact.mjs), no jq
  dependency; emits a visible DEGRADED warning instead of a silent no-op. forge
  doctor now treats a missing node runtime as a hard failure.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
P0-08: writeIfChanged and doctor drift detection compare the full expected body
against the canonical source, so a hand-edited managed file with an intact
forge:sync marker is detected and restored instead of reported in-sync.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
Two files were reformatted by the format-on-edit hook under a transient worktree
biome config (different line width); re-apply the canonical root formatting.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…ers; wire honest labels

- P0-06: remove context7 from the default MCP set; add `forge integrations [add <name>]`
  that shows package/network/files and writes only with --yes. JSON emitters now refresh
  a drifted forge-owned server instead of leaving a stale entry (user servers untouched).
- Wire the CLI to skillgate's honest verdict (S-01) and relabel the deep-verify output
  (defectRiskScore / remainingUncheckedWeight); align the ledger command description.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…lity gate before publish

- P0-12: model prices support scheduled {effectiveFrom,effectiveUntil} windows resolved by
  priceOf(model,date). Sonnet 5 carries its $2/$10 intro rate (through 2026-08-31) and the
  $3/$15 successor; `forge route` shows the current effective price; docs check accepts any
  scheduled price.
- P0-11: new reusable quality-gate workflow (tests, biome, typecheck, shellcheck, zero-dep
  assertion, version-drift, docs check, npm pack) is required by CI, bump, and release — a
  tag/publish can no longer proceed on `npm test` alone.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
…stem health, labs grouping

- P1-02/P1-03: `forge init --profile` + `.forge/forge.config.json` with explicit
  profile/disableSections/rules override semantics; `minimal` profile ships only the five
  core-safety rules.
- P1-04: replace the "make chain-of-thought visible" UI rule with safe-rationale guidance.
- P1-05: completion gate spells out change-type obligations (code -> docs + test; config ->
  config docs; test-only owes nothing) instead of accepting any doc/state touch.
- P1-06: `forge doctor` reports subsystem health as ACTIVE|DEGRADED|UNAVAILABLE|FAILED.
- P1-01: group experimental commands under "Labs (experimental)" in help.
- Also fix a protect-paths false positive (.keys()/.environment no longer read as secrets).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
@mintlify

mintlify Bot commented Jul 17, 2026

Copy link
Copy Markdown

Preview deployment for your docs. Learn more about Mintlify Previews.

Project Status Preview Updated (UTC)
forgekit-docs 🟢 Ready View Preview Jul 17, 2026, 5:13 PM

💡 Tip: Enable Workflows to automatically generate PRs for you.

claude added 2 commits July 17, 2026 17:30
…rktree-bugs-gqrxp8

# Conflicts:
#	CHANGELOG.md
#	README.md
#	docs/GUIDE.md
#	install.sh
#	src/cli.js
#	src/commands.js
#	src/doctor.js
#	src/init.js
#	src/verify.js
#	test/init.test.js
The secret-redact test uses an obviously-fake sequential-hex ghp_ token as a
fixture to prove redaction works; gitleaks flagged it as a github-pat. Narrowly
allowlist that exact placeholder so real-secret detection stays intact everywhere.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AbJ3efKguNwyi5tMghvy8i
@CodeWithJuber
CodeWithJuber marked this pull request as ready for review July 17, 2026 18:08
@CodeWithJuber
CodeWithJuber merged commit db125ae into master Jul 17, 2026
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants