You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Post-refactor cleanup: security fixes, skill restructure, stale reference removal (#28)
* fix: security hardening, code quality, and freshness review fixes
Security (3 medium-severity):
- Block find -exec/-execdir/-delete/-ok in ExecTool (injection risk)
- Add "--" before grep pattern to prevent flag injection
- Replace ad-hoc path validation in MCP handlers with safepath.SafeJoin
- Use safepath.SafeJoin in policy builtins resolvePath (traversal risk)
- Change crash log permissions from 0644 to 0600
Code quality:
- Add rows.Err() checks after all 8 rows.Next() loops in codeintel/repository.go
- Replace err == io.EOF with errors.Is(err, io.EOF) in 3 files
- Fix out.Close() error handling in memory_export.go (named return)
Freshness review fixes (Greptile PR #26 feedback):
- Fix decay discontinuity: unified formula (1.0 - ratio * 0.8) replaces
hardcoded 0.2 all-missing + 0.4 formula partial-missing
- Add cache eviction (purge entries >2x TTL when cache exceeds 1000)
- Convert global cache to struct-based statCache (testable, bounded)
- Add TODO(freshness-level2) comments for dead code paths
- Mark freshness plan doc as "implemented with deviations"
- Add TestDecaySmoothCurve test verifying no discontinuities
* Refactor migration tests and enhance TUI error handling
- Updated migration tests to clarify directory structure and improve comments for better understanding.
- Enhanced error handling in the TUI by treating agent completion warnings as non-fatal, allowing for smoother user experience.
- Improved list view rendering by adding workspace checks and refactoring header rendering for better clarity.
- Introduced new skills for TaskWing, including detailed SKILL.md files for various commands to enhance project knowledge and workflow.
- Added functionality to simplify code while preserving behavior, ensuring that optimization does not bypass necessary gates.
- Implemented status command to provide current task progress and acceptance criteria, improving user awareness of task status.
* refactor(plan): remove CLI commands, keep MCP-only planning
- Remove cmd/plan.go, cmd/goal.go, and plan TUI (1,982 lines deleted)
- MCP plan tool (clarify/generate/decompose/expand/finalize/audit) unchanged
- Planning prompt now scales task count dynamically to goal complexity
- Tasks include self-contained context (files, patterns, constraints, tech stack)
- Task enricher always provides baseline project context (constraints + decisions)
- Fix stop hook reliability: sync TasksCompleted from DB on each invocation
- Add session save retry logic to prevent stale state from failed writes
- Clear stale CurrentTaskID when DB lookup fails
* fix: address PR review comments (security + cache + path handling)
- policy/builtins.go: use safepath.ValidateAbsPath for absolute paths,
fixes prefix collision bypass (e.g. /project-evil matching /project)
- freshness/freshness.go: add evictOldest fallback when all cache entries
are fresh but cache exceeds max size during burst scenarios
- mcp/handlers.go: restore absolute path support in validateAndResolvePath
via safepath.ValidateAbsPath, fixing regression for MCP clients
- agents/impl/analysis_deps.go: use filepath.Join instead of string concat
- bootstrap/factory.go: use safepath.SafeJoin for dependency file checks
* feat: unified context API, bootstrap UX polish, model updates, skill improvements
- Unified GetProjectContext replaces 3 separate retrieval paths (ContextRetriever, TaskEnricher, buildTaskContext)
- Bootstrap: fix duplicate "Bootstrap complete!" in multi-repo, batch link warnings into single summary, clean verification output
- Bootstrap: per-service project context in workspace mode, progress callbacks, repo count accuracy
- Models: add gpt-5.4/5.4-mini/5.4-nano, claude-opus-4-6/sonnet-4-6, gemini-3.1, remove deprecated models
- Models: newest-first ordering in selection UI
- UI: grouped knowledge output, freshness indicators, consistent header boxes across all commands
- UI: markdown rendering in ask --answer output, adaptive width
- Skills: add /taskwing:context, remove /taskwing:debug and /taskwing:simplify, fix stale file pruning
- Skills: clarify questions presented to user (not auto-answered), auto-start first task after plan creation
- Hooks: stop hook syncs TasksCompleted from DB, session save retry, verbose logs gated behind --debug
- MCP: behavioral CLAUDE.md instructions tell AI tools when to use TaskWing
- Prompts: generic and directive (no hardcoded tech stack examples), dynamic task count scaling
- Fix: read_file tool returns helpful message for directories instead of crashing ReAct agent
- Fix: auto-regenerate slash commands on MCP server start after brew upgrade
- Fix: truncateString consolidated to utils.Truncate, nil guards in context.go, brief.go pluralization
- Remove: CLI plan/goal/slash commands, docs/_partials, sync-docs scripts, stale doc references
* fix: remove stale references to removed slash commands
Update CLI output, hints, comments, and docs to reflect the 8->4 skill
restructure. Replace references to /taskwing:ask, /taskwing:status,
/taskwing:explain, and /taskwing:remember with their current equivalents
(MCP tools or /taskwing:context).
* docs: update marketing materials for post-refactor state
Replace removed taskwing goal references, rewrite CHANGELOG unreleased
section to reflect consolidated slash commands and MCP-first planning.
* fix: address remaining PR review comments
- Save task ID before clearing so debug log prints actual value
- Use safepath.SafeJoin for tw-* directory cleanup to prevent traversal
- Log wave 1 agent errors instead of silently discarding them
- Remove dead legacy marker check (duplicate of primary path)
- Fix plan_id -> clarify_session_id reference in plan skill
* fix: address second round of PR review comments
- Propagate critical error from GetProjectContext when constraint DB fetch fails
- Resolve ARCHITECTURE.md from basePath directly instead of raw .. traversal
- Add TOCTOU re-check in stat cache to prevent stale overwrites under concurrency
- Use filepath.Join instead of hardcoded "/" for monorepo subdirectory paths
- Replace legacy log.Printf with slog.Debug in doc analysis agent
- Prompt reliability tests for slash command contracts.
15
+
- Kill tables and operating principles in skill prompts.
16
+
- Workflow contract injection via SessionStart hook.
18
17
19
18
### Changed
20
19
21
-
- Updated product messaging to the focused motto:
22
-
- "TaskWing helps turn a goal into executed tasks with persistent context across AI sessions."
23
-
- Updated slash and MCP prompt contracts to unified `task` and `plan` action-based interfaces.
24
-
- Purged stale/outdated architecture documentation that no longer matches shipped behavior.
25
-
- Reworked `/taskwing:plan`, `/taskwing:next`, `/taskwing:done`, and `/taskwing:debug` prompts as explicit process contracts with hard gates and refusal fallbacks.
26
-
- Updated slash command descriptions to trigger-focused "Use when ..." phrasing across assistant command generation.
27
-
- Session initialization output now injects TaskWing Workflow Contract v1 for hook-enabled assistants.
20
+
- Consolidated slash commands from 8 to 4: `plan`, `next`, `done`, `context`.
21
+
- Planning is now MCP-tool-only (removed `taskwing plan` and `taskwing goal` CLI commands).
22
+
- Unified context API replaces separate status/ask workflows.
23
+
- Updated slash command and MCP prompt contracts to match reduced surface.
24
+
- Product messaging focused: "TaskWing helps turn a goal into executed tasks with persistent context across AI sessions."
25
+
26
+
### Removed
27
+
28
+
-`taskwing goal` and `taskwing plan` CLI commands (use `/taskwing:plan` or `plan` MCP tool).
- Interactive plan TUI (`internal/ui/plan_tui.go`).
31
+
- Net reduction of ~1,100 lines.
28
32
29
33
### Fixed
30
34
31
-
-**RootPath resolution**: Reject `MarkerNone` contexts in `GetMemoryBasePath` to prevent accidental writes to `~/.taskwing/memory.db`. Also reject `.taskwing` markers above multi-repo workspaces during detection walk-up. (`TestRootPathResolution`, `TestBootstrapRepro_RootPathResolvesToHome`)
32
-
-**FK constraint failures**: `LinkNodes` now pre-checks node existence before INSERT to avoid SQLite error 787. Duplicate edges handled gracefully. (`TestKnowledgeLinking_NoFK`)
33
-
-**IsMonorepo misclassification**: `Detect()` now checks `hasNestedProjects()` in the `MarkerNone` fallback, so multi-repo workspaces are correctly classified. Resolves disagreement between `Detect()` and `DetectWorkspace()`. (`TestIsMonorepoDetection`, `TestBootstrapRepro_IsMonorepoMisclassification`)
34
-
-**Zero docs loaded**: Added `LoadForServices` to `DocLoader` for multi-repo workspaces. Wired into `RunDeterministicBootstrap` via workspace auto-detection. (`TestDocIngestion`, `TestSubrepoMetadataExtraction`)
35
-
-**Sub-repo metadata**: Verified per-repo workspace context in node storage with proper isolation and cross-workspace linking. (`TestSubrepoMetadataPresent`)
36
-
-**Claude MCP drift**: Added filesystem-based drift detection tests with evidence traceability and Gate 3 consent enforcement for global mutations. (`TestClaudeDriftDetection`)
37
-
-**Hallucinated findings**: Gate 3 enforcement in `NewFindingWithEvidence` — findings without evidence start as "skipped". Added `HasEvidence()` and `NeedsHumanVerification()` to `Finding`. (`TestGate3_Enforcement`, `TestParseJSONResponse_Hallucination`)
0 commit comments