mirror of
https://github.com/garrytan/gstack.git
synced 2026-05-09 05:59:48 +08:00
c3bee68a60
Claude adversarial subagent surfaced three correctness risks in the Step 12 state machine: - CURRENT_VERSION and BASE_VERSION were not stripped of CR/whitespace on read. A CRLF VERSION file would mismatch the clean package.json version, falsely classify as DRIFT_STALE_PKG, then propagate the carriage return into package.json via the repair path. - REPAIR_VERSION was unvalidated. The bump path validates NEW_VERSION against the 4-digit semver pattern, but the drift-repair path wrote whatever cat VERSION returned directly into package.json. A manually-corrupted VERSION file would silently poison the repair. - Empty-string CURRENT_VERSION (0-byte VERSION, directory-at-VERSION) fell through to "not equal to base" and misclassified as ALREADY_BUMPED. Template fix strips \r/newlines/whitespace on every VERSION read, guards against empty-string results, and applies the same semver regex gate in the repair path that already protects the bump path. Adds two regression tests (trailing-CR idempotency + invalid-semver repair rejection). Total Step 12 coverage: 14 tests, 14/14 pass. Opens two follow-up TODOs flagged but not fixed in this branch: test/template drift risk (the tests still reimplement template bash) and BASE_VERSION silent fallback on git-show failure. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>