📋 v1.11 review umbrella follow-ups — codex P2/P3 from PR #81~#94

[sgwannabe]

Context

13 issues (#58~#79 in-scope subset) were closed via PRs #81~#94 in waves W1-W4. Each PR ran codex review with the policy: apply only P1 before push, defer P2/P3 to follow-up. This umbrella tracks those deferred items so they don't decay in PR description archaeology.

Convention

• All items here are non-blocking (the parent PR shipped without them).
• Each line: [Source PR] <topic> — <one-line rationale>.
• Open a single follow-up PR per cluster (don't reopen 16 PRs); group by file or theme.

Items

Layered enforcement / defense in depth (S-3 / I-3 follow-up)

• fix: hygiene bundle — verify-plugin schema count + idea_summary cap + macOS dup gitignore (#63 #65 #68) #83 hygiene — Reject/normalize /pf:new ideas above 5000 chars on the input path (commands/new.md), beyond schema validation. Defense layer 1.
• fix: hygiene bundle — verify-plugin schema count + idea_summary cap + macOS dup gitignore (#63 #65 #68) #83 hygiene — Enforce the 5000-char cap on the cache replay loader read path. Defense layer 3.

Security (factory-policy / regex)

• fix(security): SHELL_BYPASSES coverage + regex weakening probes (#64 #69) #85 security — Broaden eval regex coverage; current r"\beval\s+" may miss subtle forms.
• fix(security): SHELL_BYPASSES coverage + regex weakening probes (#64 #69) #85 security — url-injection-positives.json loop opens real browser tabs on developer workstations during local verify. Either gate behind CI=true or replace with assertion-only mode.

Lint / fixture polish

• docs: CHANGELOG/PROGRESS sync + commit-prefix convention (#60 #71) #82 docs — Minor wording drift in CONTRIBUTING semantic-scope examples.
• refactor(advocates): re-sync boilerplate + lint guard (#61) #87 boilerplate — tests/test-advocate-boilerplate.sh masking-gap on description: and H1 lines (mixed-line ranges); failure-hint diff command not directly runnable as printed (P3).
• feat(ideation,meta): A-6 framework lint + C-5 spec-anchor audit (#59 #62) #88 audit — _advocate_parsing.py framework regex tightening: prose tokens like "...Vue, ..." can false-positive.
• feat(ideation,meta): A-4 filled-ratio gate + A-5 H1 modal helper (#59) #89 A-4/A-5 — Markdown wording drift in I_LEAD/A-4 enforcement section; A-5 error-path coverage gap in h1-modal-helper.sh fixture.
• test(e2e): T-7 mock bootstrap harness — 3-profile e2e validation (#79) #91 T-7 — Canned _filled_ratio precision drift on pro profile; tighten step-2 numeric assertion in mock-bootstrap.sh.
• test(e2e): C-1 clean-room evidence — 3-profile artifact commit (#58) #92 e2e — Monitor workspace gate (e2e harness should refuse to run from a non-pf workspace); gallery.html lang="ko" (gemini medium, requires scripts/generate-gallery.sh change — out of W4.10 scope).
• test(panels): LESSON 0.7 panel-bias regression fixture (#72 #78) #93 panels — Case A could ranking-shape stronger so panel-bias guard catches more mutation patterns.
• docs(readme): gallery-first hero shot above the fold (#67) #94 readme — Pin Playwright dev dependency in a requirements.txt / pyproject.toml so tools/capture-gallery-hero.py is reproducible without ambient playwright install.

Suggested clustering for follow-up PRs

Cluster	Items	Files
Defense in depth (input/read-path caps)	#83×2	commands/new.md, cache replay loader
Security regex polish	#85×2	factory-policy.py, url-injection-positives.json
Fixture asserts strengthening	#87, #88, #89, #91, #93	various tests/fixtures/
Workspace + locale hardening	#92×2	mock-bootstrap.sh, generate-gallery.sh
Dev tooling pinning	#94	new requirements.txt or pyproject.toml
Wording fixes	#82, #89	docs

Status

• Defense in depth cluster
• Security regex polish
• Fixture strengthening
• Workspace hardening
• Dev tooling pinning
• Wording fixes

References

• Parent umbrella: 📋 v1.11.0 5×3 Review — 22-issue master index (#58~#79) #80
• v1.12 backlog (Nice-to-have N-1~N-5): 🟢 N-1: generate-gallery.sh inline CSS spaghetti — extract assets/gallery.css recommended #73 🟢 N-2: preview-cache.sh 20+ inline version markers — changelog interleaved code #74 🟢 N-3: idea-drift-detector.py find_run_root has unbounded depth + symlink follow #75 🟢 N-4: idea-drift-detector.py / cost-regression.py — unbounded stdin/JSON read (DoS) #76 🟢 N-5: escalation-ledger.py Windows fallback drops lock + O_NOFOLLOW #77

[sgwannabe]

Status update — 4 of 6 clusters processed and merged

✅ Done (4 clusters → 5 PRs merged)

• Defense in depth (PR fix(security): defense in depth — input-path cap + cache read-path size check (#95 / #83 follow-up) #96) — validate-idea-input.sh input-path cap + cache read-path size check.
• Security regex polish (PR fix(security): broader eval regex + fake-shim for positive URL loop (#95 / #85 follow-up) #97) — broader eval regex + positive-URL fake-shim (no more local browser tabs).
• Fixture asserts strengthening (PR test: strengthen 5 fixture assertions across boilerplate/parsing/A-4/T-7/panel-bias (#95) #98) — 5 items: boilerplate yaml-aware lint, vue regex tightening, A-4 wording aligned, h1-modal error-mode coverage, T-7 dynamic _filled_ratio, panel-bias Case A stronger.
• Dev tooling pinning (PR chore(deps): pin Playwright + jsonschema as dev dependencies (#95 / #94 follow-up) #100) — requirements-dev.txt pinning Playwright + jsonschema; CONTRIBUTING Python dev section.
• Wording fixes (PR docs: CONTRIBUTING + ideation-lead wording cleanup (#95 / #82 #89 follow-up) #101) — CONTRIBUTING bug-fix checklist refresh + ideation-lead.md A-4 cascade table aligned with filled-ratio-gate.sh canonical output.

release-please auto-bumped v1.12.1 (#99) covering #98 #97 #96.

🟢 Deferred to v1.13 backlog (2 items, both from #92)

• Monitor workspace gate in tests/e2e/mock-bootstrap.sh — refuse to run when cwd is not the pf workspace; provide --skip-workspace-check flag for CI/installed-plugin contexts. Untouched by this batch — would require ~30 min and additional regression coverage.
• Gallery lang="ko" heuristic in scripts/generate-gallery.sh — auto-detect Korean from idea_summary (default en, switch to ko on hangul). Same status — untouched.

These two are quality-of-life follow-ups; not blocking any release. Re-evaluate after v1.13 planning.

📝 Lesson for the next umbrella

Each follow-up PR spawns its own bot review with new P2/P3 items. To avoid endless iteration:

• Treat only the original umbrella items (the ones extracted at the time of this issue's creation) as in-scope.
• Do NOT chase new P2/P3 surfaced by bots reviewing the follow-up PRs — those go to a NEW umbrella for the next sprint.
• Apply codex P1 only on the follow-up PR itself; defer everything else.

This umbrella stops here. Closing as partially complete; remaining 2 items move to a fresh tracker when v1.13 starts.