Fix context packing for binary README assets

Author: ProfRandom92

PROJEKT.md

@@ -36,7 +36,7 @@ cargo check: green
 cargo test: green
 cargo clippy -- -D warnings: green
 cargo run --bin ctxt -- --json validate --run: green
-unit tests: 37 green
+unit tests: 38 green
 smoke tests: 83 green
 ```
 

README.md

@@ -213,7 +213,7 @@ cargo check: green
 cargo test: green
 cargo clippy -- -D warnings: green
 cargo run --bin ctxt -- --json validate --run: green
-unit tests: 37 green
+unit tests: 38 green
 smoke tests: 83 green
 ```
 

RELEASE_NOTES_v0.1.0.md

@@ -0,0 +1,33 @@
+# CompText CLI v0.1.0 Release Notes
+
+Status: Release candidate, tag only after CI green.
+
+CompText CLI `ctxt` is a local-first Rust CLI for deterministic, schema-oriented review workflow contracts. The v0.1.0 release candidate focuses on stable local evidence, explicit disabled gates, and contract-first startup behavior.
+
+## Highlights
+
+- Local-first Rust CLI `ctxt`.
+- Deterministic JSON contracts for machine-readable runtime state.
+- Startup, readiness, review workflow, and capability contracts.
+- Proposal, review, run, and validation artifact inspection contracts.
+- README brand assets for the v0.1.0 release-candidate presentation.
+- Binary README and media assets are excluded from context packing.
+- Offline/local-first safety boundary by default.
+
+## Boundaries
+
+- No MCP server implementation claim.
+- No external agent execution claim.
+- No provider gateway or live provider claim.
+- No proposal or review auto-apply claim.
+- No claim of hidden network activity.
+
+## Validation Commands
+
+```powershell
+cargo fmt --all --check
+cargo check
+cargo test
+cargo clippy -- -D warnings
+cargo run --bin ctxt -- --json validate --run
+```

reports/phase_5e_binary_asset_context_pack_fix.md

@@ -0,0 +1,55 @@
+# Phase 5e Binary Asset Context Pack Fix
+
+PHASE: 5e README assets and v0.1.0 release-candidate preparation
+STATUS: success
+FILES_CHANGED:
+- `src/cli.rs`
+- `README.md`
+- `PROJEKT.md`
+- `RELEASE_NOTES_v0.1.0.md`
+- `reports/phase_5e_binary_asset_context_pack_fix.md`
+
+COMMANDS_RUN:
+- `git fetch origin`
+- `git --no-pager status --short --branch`
+- `git --no-pager log --oneline -5`
+- `cargo fmt --all`
+- `cargo fmt --all --check`
+- `cargo check`
+- `cargo test`
+- `cargo clippy -- -D warnings`
+- `cargo run --bin ctxt -- --json validate --run`
+
+VALIDATION:
+- `cargo fmt --all --check`: green
+- `cargo check`: green
+- `cargo test`: green, 38 unit tests and 83 smoke tests passed
+- `cargo clippy -- -D warnings`: green
+- `cargo run --bin ctxt -- --json validate --run`: green
+
+ARTIFACTS:
+- Phase report: `reports/phase_5e_binary_asset_context_pack_fix.md`
+- Release notes draft: `RELEASE_NOTES_v0.1.0.md`
+
+GIT:
+- Commit and push requested by user after green validation.
+- No tag or GitHub release created.
+
+NETWORK:
+- allowed-external for `git fetch origin` under explicit user task instruction.
+- local-only for build, test, lint, and `ctxt` validation commands.
+
+SECRETS:
+- No secret-bearing files were read.
+- No credentials, private keys, or environment dumps were printed or written.
+
+POLICY_DECISIONS:
+- README and assets were preserved.
+- Binary/media/archive context-pack exclusions are generic, not hardcoded to `assets/brand/`.
+- Release prepared locally without tag or release publication.
+
+RISKS:
+- Context-pack exclusion is extension-based. Unknown binary extensions may require future additions.
+
+NEXT:
+- Commit and push the scoped fix if Git safety checks remain clean.

src/cli.rs

@@ -2142,6 +2142,22 @@ fn is_sensitive_context_path(path: &str) -> bool {
         )
 }
 
+fn is_context_pack_excluded_path(path: &str) -> bool {
+    let normalized = path.replace('\\', "/");
+    let lower = normalized.to_ascii_lowercase();
+    let excluded_extensions = [
+        ".exe", ".dll", ".pdb", ".png", ".jpg", ".jpeg", ".gif", ".webp", ".ico", ".pdf", ".zip",
+        ".gz", ".tar", ".tgz", ".7z", ".rar", ".bin", ".wasm", ".so", ".dylib", ".class", ".jar",
+        ".mp4", ".mov", ".avi", ".mp3", ".wav", ".flac", ".woff", ".woff2", ".ttf", ".otf",
+    ];
+
+    lower == "cargo.lock"
+        || is_sensitive_context_path(&normalized)
+        || excluded_extensions
+            .iter()
+            .any(|extension| lower.ends_with(extension))
+}
+
 fn ensure_provider_network_allowed(
     config: &Config,
     profile: &ProviderProfile,
@@ -2198,12 +2214,7 @@ fn build_context_pack(task: &str) -> Result<ContextPack, String> {
 
     for file in files {
         let rel_path = normalize_path(&file);
-        if rel_path.ends_with(".exe")
-            || rel_path.ends_with(".dll")
-            || rel_path.ends_with(".pdb")
-            || rel_path == "Cargo.lock"
-            || is_sensitive_context_path(&rel_path)
-        {
+        if is_context_pack_excluded_path(&rel_path) {
             continue;
         }
         let content = std::fs::read_to_string(&file)
@@ -2235,6 +2246,39 @@ fn build_context_pack(task: &str) -> Result<ContextPack, String> {
             "*.pfx".to_string(),
             "*key*".to_string(),
             "*credential*".to_string(),
+            "*.exe".to_string(),
+            "*.dll".to_string(),
+            "*.pdb".to_string(),
+            "*.png".to_string(),
+            "*.jpg".to_string(),
+            "*.jpeg".to_string(),
+            "*.gif".to_string(),
+            "*.webp".to_string(),
+            "*.ico".to_string(),
+            "*.pdf".to_string(),
+            "*.zip".to_string(),
+            "*.gz".to_string(),
+            "*.tar".to_string(),
+            "*.tgz".to_string(),
+            "*.7z".to_string(),
+            "*.rar".to_string(),
+            "*.bin".to_string(),
+            "*.wasm".to_string(),
+            "*.so".to_string(),
+            "*.dylib".to_string(),
+            "*.class".to_string(),
+            "*.jar".to_string(),
+            "*.mp4".to_string(),
+            "*.mov".to_string(),
+            "*.avi".to_string(),
+            "*.mp3".to_string(),
+            "*.wav".to_string(),
+            "*.flac".to_string(),
+            "*.woff".to_string(),
+            "*.woff2".to_string(),
+            "*.ttf".to_string(),
+            "*.otf".to_string(),
+            "Cargo.lock".to_string(),
         ],
         allowed_write_paths: vec![],
         forbidden_actions: vec![],
@@ -5784,8 +5828,8 @@ fn handle_antigravity(subcommand: &str, action: Option<&str>) -> Result<(), Stri
 #[cfg(test)]
 mod tests {
     use super::{
-        handle_benchmark, handle_validate, parse, BenchmarkArtifact, Command, Config, Defaults,
-        PolicyConfig, ProviderProfile,
+        build_context_pack, handle_benchmark, handle_validate, parse, BenchmarkArtifact, Command,
+        Config, Defaults, PolicyConfig, ProviderProfile,
     };
     use std::collections::HashMap;
 
@@ -6251,6 +6295,27 @@ mod tests {
         assert_eq!(res, Ok(0));
     }
 
+    #[test]
+    fn test_context_pack_skips_binary_readme_assets() {
+        let _guard = UNIT_TEST_LOCK.lock().unwrap();
+        let asset_dir = std::path::Path::new("assets/brand");
+        let asset_path = asset_dir.join("__ctxt_test_binary_asset.png");
+        let normalized_asset_path = "assets/brand/__ctxt_test_binary_asset.png";
+
+        let _ = std::fs::remove_file(&asset_path);
+        std::fs::create_dir_all(asset_dir).unwrap();
+        std::fs::write(&asset_path, [0xff, 0xd8, 0xff, 0x00]).unwrap();
+
+        let result = build_context_pack("binary asset skip");
+        let _ = std::fs::remove_file(&asset_path);
+
+        assert!(result.is_ok());
+        let context_pack = result.unwrap();
+        assert!(!context_pack
+            .included_files
+            .contains(&normalized_asset_path.to_string()));
+    }
+
     #[test]
     fn test_dummy_benchmark_artifact_shape() {
         let providers = HashMap::new();