chore(wheelhouse): cascade template@360e4aa4

jdalton · jdalton · commit dfd39d38506a · 2026-06-01T13:35:22.000-04:00
Auto-applied by socket-wheelhouse sync-scaffolding into socket-bin.
9 file(s) touched:
  - .claude/hooks/fleet/no-non-fleet-push-guard/index.mts
  - .claude/hooks/fleet/non-fleet-pr-issue-ask-guard/index.mts
  - .claude/hooks/fleet/paths-mts-inherit-guard/README.md
  - .claude/hooks/fleet/paths-mts-inherit-guard/index.mts
  - .claude/hooks/fleet/paths-mts-inherit-guard/test/index.test.mts
  - .gitattributes
  - docs/claude.md/fleet/bypass-phrases.md
  - pnpm-workspace.yaml
  - scripts/fleet/paths.mts
diff --git a/.claude/hooks/fleet/no-non-fleet-push-guard/index.mts b/.claude/hooks/fleet/no-non-fleet-push-guard/index.mts
@@ -42,7 +42,21 @@ import { bypassPhrasePresent } from '../_shared/transcript.mts'
 
 const logger = getDefaultLogger()
 
+// Bare, session-wide form (kept as a fallback). The scoped form below
+// is preferred — it names the exact repo so the authorization can't
+// leak to an unrelated non-fleet push later in the session.
 const BYPASS_PHRASE = 'Allow non-fleet-push bypass'
+const BYPASS_PHRASE_PREFIX = 'Allow non-fleet-push bypass:'
+
+// Build the phrases that authorize a push to `slug`. Accept the full
+// `owner/repo` slug and its bare repo basename, so the user can write
+// whichever feels natural (e.g. `SocketDev/socket-bin` or `socket-bin`).
+// The bare session-wide phrase stays accepted for back-compat.
+export function acceptedBypassPhrases(slug: string): string[] {
+  const basename = slug.includes('/') ? slug.slice(slug.indexOf('/') + 1) : slug
+  const targets = basename === slug ? [slug] : [slug, basename]
+  return [BYPASS_PHRASE, ...targets.map(t => `${BYPASS_PHRASE_PREFIX} ${t}`)]
+}
 
 export function originSlug(dir: string): string | undefined {
   let out: string
@@ -85,7 +99,7 @@ await withBashGuard((command, payload) => {
 
   if (
     payload.transcript_path &&
-    bypassPhrasePresent(payload.transcript_path, BYPASS_PHRASE)
+    bypassPhrasePresent(payload.transcript_path, acceptedBypassPhrases(slug))
   ) {
     return
   }
@@ -107,7 +121,13 @@ await withBashGuard((command, payload) => {
       `    git -C ${dir} remote get-url origin`,
       '',
       `  If the push is genuinely intended (a personal / non-fleet repo`,
-      `  you own), type "${BYPASS_PHRASE}" in a new message, then retry.`,
+      `  you own), type the scoped phrase for THIS repo in a new message,`,
+      '  then retry:',
+      `    ${BYPASS_PHRASE_PREFIX} ${slug}`,
+      '',
+      `  The scoped form authorizes ${slug} only — it can’t leak to an`,
+      '  unrelated non-fleet push later. (The bare, session-wide',
+      `  "${BYPASS_PHRASE}" is still accepted as a fallback.)`,
       '',
     ].join('\n'),
   )
diff --git a/.claude/hooks/fleet/non-fleet-pr-issue-ask-guard/index.mts b/.claude/hooks/fleet/non-fleet-pr-issue-ask-guard/index.mts
@@ -47,7 +47,19 @@ import { bypassPhrasePresent } from '../_shared/transcript.mts'
 
 const logger = getDefaultLogger()
 
+// Bare, session-wide form (kept as a fallback). The scoped form is
+// preferred — it names the exact repo so authorization can't leak to an
+// unrelated non-fleet publish later in the session.
 const BYPASS_PHRASE = 'Allow non-fleet-publish bypass'
+const BYPASS_PHRASE_PREFIX = 'Allow non-fleet-publish bypass:'
+
+// Phrases that authorize a publish to `slug`: the bare fallback plus the
+// scoped form against the full `owner/repo` slug and its bare basename.
+export function acceptedBypassPhrases(slug: string): string[] {
+  const basename = slug.includes('/') ? slug.slice(slug.indexOf('/') + 1) : slug
+  const targets = basename === slug ? [slug] : [slug, basename]
+  return [BYPASS_PHRASE, ...targets.map(t => `${BYPASS_PHRASE_PREFIX} ${t}`)]
+}
 
 const GH_DASH_REPO_RE = /--repo[\s=]+("([^"]+)"|'([^']+)'|(\S+))/
 
@@ -142,7 +154,7 @@ await withBashGuard((command, payload) => {
   // Non-fleet target. Check bypass phrase.
   if (
     payload.transcript_path &&
-    bypassPhrasePresent(payload.transcript_path, BYPASS_PHRASE)
+    bypassPhrasePresent(payload.transcript_path, acceptedBypassPhrases(slug))
   ) {
     return
   }
@@ -159,9 +171,13 @@ await withBashGuard((command, payload) => {
       `  submit without explicit per-action user confirmation —`,
       `  captured plans + "do all N tasks" directives do NOT count.`,
       '',
-      `  If you really want to submit: type the canonical phrase`,
-      `  in your next message, then re-run:`,
-      `    ${BYPASS_PHRASE}`,
+      `  If you really want to submit: type the scoped phrase for THIS`,
+      `  repo in your next message, then re-run:`,
+      `    ${BYPASS_PHRASE_PREFIX} ${slug}`,
+      '',
+      `  The scoped form authorizes ${slug} only — it can’t leak to an`,
+      `  unrelated non-fleet publish later. (The bare, session-wide`,
+      `  "${BYPASS_PHRASE}" is still accepted as a fallback.)`,
       '',
       '  Otherwise: draft locally, share for review, get explicit',
       '  yes/no before re-attempting.',
diff --git a/.claude/hooks/fleet/paths-mts-inherit-guard/README.md b/.claude/hooks/fleet/paths-mts-inherit-guard/README.md
@@ -20,17 +20,19 @@ The fleet rule from CLAUDE.md (1 path, 1 reference):
 
 ## Allowed shapes
 
-Repo-root `scripts/paths.mts` — no ancestor exists; nothing to
-inherit from. Skipped.
+Repo-root paths module — no ancestor exists; nothing to inherit from.
+Skipped. The canonical location is `scripts/fleet/paths.mts` after the
+`scripts/{fleet,repo}` segmentation; the pre-segmentation `scripts/paths.mts`
+is also recognized for repos that haven't moved yet.
 
 Sub-package `packages/foo/scripts/paths.mts`:
 
 ```ts
-export * from '../../../scripts/paths.mts'
+export * from '../../../scripts/fleet/paths.mts'
 
 // Local overrides below — package-specific paths.
 import path from 'node:path'
-import { REPO_ROOT } from '../../../scripts/paths.mts'
+import { REPO_ROOT } from '../../../scripts/fleet/paths.mts'
 export const FOO_DIST = path.join(REPO_ROOT, 'packages', 'foo', 'dist')
 ```
 
diff --git a/.claude/hooks/fleet/paths-mts-inherit-guard/index.mts b/.claude/hooks/fleet/paths-mts-inherit-guard/index.mts
@@ -69,22 +69,37 @@ const PATHS_MTS_RE = /(?:^|\/)paths\.(?:cts|mts)$/
 const EXPORT_STAR_RE =
   /^\s*export\s+\*\s+from\s+['"](?:[^'"]+\/paths\.m?ts)['"];?\s*$/m
 
+// Ancestor paths.mts can live at `scripts/paths.{mts,cts}` (per-package
+// convention) OR `scripts/fleet/paths.{mts,cts}` (the repo-root canonical
+// module after the scripts/{fleet,repo} segmentation moved it under fleet/).
+// Probe both, in directory-depth order, so the walk finds the nearest ancestor
+// whether or not a given repo has been segmented yet.
+const ANCESTOR_REL_CANDIDATES: readonly string[] = [
+  'scripts/paths.mts',
+  'scripts/paths.cts',
+  'scripts/fleet/paths.mts',
+  'scripts/fleet/paths.cts',
+]
+
 /**
- * Walk up from `filePath` looking for an ancestor `scripts/paths.mts` or
- * `scripts/paths.cts`. Returns the absolute path of the nearest one, or
- * `undefined` if there's no ancestor (i.e. this IS the repo- root paths.mts).
+ * Walk up from `filePath` looking for an ancestor paths module —
+ * `scripts/paths.{mts,cts}` or `scripts/fleet/paths.{mts,cts}` (the post-
+ * segmentation repo-root location). Returns the absolute path of the nearest
+ * one, or `undefined` if there's no ancestor (i.e. this IS the repo-root
+ * paths.mts).
  *
  * Stops at the first ancestor found OR at the filesystem root.
  */
 export function findAncestorPathsMts(filePath: string): string | undefined {
-  const fileDir = path.dirname(path.resolve(filePath))
+  const resolvedSelf = path.resolve(filePath)
+  const fileDir = path.dirname(resolvedSelf)
   // Skip the current file's own dir — we want a STRICT ancestor.
   let cur = path.dirname(fileDir)
   const root = path.parse(cur).root
   while (cur && cur !== root) {
-    for (const ext of ['mts', 'cts']) {
-      const candidate = path.join(cur, 'scripts', `paths.${ext}`)
-      if (existsSync(candidate) && candidate !== path.resolve(filePath)) {
+    for (let i = 0, { length } = ANCESTOR_REL_CANDIDATES; i < length; i += 1) {
+      const candidate = path.join(cur, ANCESTOR_REL_CANDIDATES[i]!)
+      if (existsSync(candidate) && candidate !== resolvedSelf) {
         return candidate
       }
     }
diff --git a/.claude/hooks/fleet/paths-mts-inherit-guard/test/index.test.mts b/.claude/hooks/fleet/paths-mts-inherit-guard/test/index.test.mts
@@ -34,10 +34,13 @@ let tmpRoot: string
 
 beforeEach(() => {
   tmpRoot = mkdtempSync(path.join(os.tmpdir(), 'paths-mts-inherit-guard-'))
-  // Repo-root scripts/fleet/paths.mts — ancestor exists for sub-packages.
-  mkdirSync(path.join(tmpRoot, 'scripts'), { recursive: true })
+  // Repo-root scripts/fleet/paths.mts — the canonical ancestor after the
+  // scripts/{fleet,repo} segmentation. findAncestorPathsMts must discover this
+  // (not just the pre-segmentation scripts/paths.mts) so sub-packages stay
+  // enforced.
+  mkdirSync(path.join(tmpRoot, 'scripts', 'fleet'), { recursive: true })
   writeFileSync(
-    path.join(tmpRoot, 'scripts', 'paths.mts'),
+    path.join(tmpRoot, 'scripts', 'fleet', 'paths.mts'),
     "export const REPO_ROOT = '/tmp/fake'\n",
   )
 })
@@ -70,7 +73,7 @@ describe('paths-mts-inherit-guard', () => {
     const r = runHook({
       tool_name: 'Write',
       tool_input: {
-        file_path: path.join(tmpRoot, 'scripts', 'paths.mts'),
+        file_path: path.join(tmpRoot, 'scripts', 'fleet', 'paths.mts'),
         content: "export const X = 'no inheritance needed at root'\n",
       },
     })
@@ -99,6 +102,32 @@ describe('paths-mts-inherit-guard', () => {
     assert.match(r.stderr, /export \* from/)
   })
 
+  test('discovers the ancestor at scripts/fleet/paths.mts (post-segmentation)', () => {
+    // Regression: before findAncestorPathsMts learned the scripts/fleet/
+    // location, a sub-package whose only ancestor lives at
+    // scripts/fleet/paths.mts (the segmented repo-root module) was wrongly
+    // treated as having NO ancestor → silently exempt. The block must fire,
+    // and the suggested re-export must point at the fleet location.
+    mkdirSync(path.join(tmpRoot, 'packages', 'seg', 'scripts'), {
+      recursive: true,
+    })
+    const r = runHook({
+      tool_name: 'Write',
+      tool_input: {
+        file_path: path.join(
+          tmpRoot,
+          'packages',
+          'seg',
+          'scripts',
+          'paths.mts',
+        ),
+        content: "export const REDERIVED = 'wrong'\n",
+      },
+    })
+    assert.equal(r.code, 2)
+    assert.match(r.stderr, /scripts\/fleet\/paths\.mts/)
+  })
+
   test('allows sub-package paths.mts WITH export *', () => {
     mkdirSync(path.join(tmpRoot, 'packages', 'foo', 'scripts'), {
       recursive: true,
@@ -114,7 +143,7 @@ describe('paths-mts-inherit-guard', () => {
           'paths.mts',
         ),
         content:
-          "export * from '../../../scripts/paths.mts'\nexport const FOO_DIST = '/x'\n",
+          "export * from '../../../scripts/fleet/paths.mts'\nexport const FOO_DIST = '/x'\n",
       },
     })
     assert.equal(r.code, 0)
@@ -133,7 +162,7 @@ describe('paths-mts-inherit-guard', () => {
     )
     writeFileSync(
       subPath,
-      "export * from '../../../scripts/paths.mts'\nexport const OLD = '/x'\n",
+      "export * from '../../../scripts/fleet/paths.mts'\nexport const OLD = '/x'\n",
     )
     const r = runHook({
       tool_name: 'Edit',
@@ -147,7 +176,11 @@ describe('paths-mts-inherit-guard', () => {
     assert.equal(r.code, 0)
   })
 
-  test('allows paths.cts variant', () => {
+  test('allows paths.cts variant (and the pre-segmentation export * target)', () => {
+    // The guard checks the textual export * line; it does NOT resolve the
+    // target to disk. So a sub-package re-exporting the OLD pre-segmentation
+    // path string still satisfies inheritance — un-migrated repos aren't
+    // suddenly blocked. (The on-disk ancestor here is scripts/fleet/paths.mts.)
     mkdirSync(path.join(tmpRoot, 'packages', 'cjs', 'scripts'), {
       recursive: true,
     })
diff --git a/.gitattributes b/.gitattributes
@@ -190,6 +190,6 @@ scripts/fleet/util/source-allowlist.mts linguist-generated=true
 scripts/fleet/validate-bundle-deps.mts linguist-generated=true
 
 # Vendored binary blobs (no diff, no merge, no text-mode).
-.claude/hooks/fleet/_shared/acorn/acorn.wasm binary
-template/.claude/hooks/fleet/_shared/acorn/acorn.wasm binary
+.claude/hooks/_shared/acorn/acorn.wasm binary
+template/.claude/hooks/_shared/acorn/acorn.wasm binary
 # ─── END fleet-canonical ────────────────────────────────────────
diff --git a/docs/claude.md/fleet/bypass-phrases.md b/docs/claude.md/fleet/bypass-phrases.md
diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml
@@ -140,6 +140,8 @@ minimumReleaseAgeExclude:
   # published: 2026-05-26 | removable: 2026-06-02
   - '@oxc-project/types@0.133.0'
   - 'shell-quote'
+  - '@ultrathink/*'
+  - '@yuku-parser/*'
 
 pmOnFail: error
 resolutionMode: highest
diff --git a/scripts/fleet/paths.mts b/scripts/fleet/paths.mts
@@ -8,7 +8,7 @@
  *   re-audited. Per-package, like package.json: every package that has its own
  *   `scripts/` directory has its own `paths.mts`. A sub-package can inherit
  *   from a parent's paths.mts by re-exporting: // packages/foo/bar/paths.mts
- *   export * from '../../../scripts/paths.mts' // Add sub-package-specific
+ *   export * from '../../../scripts/fleet/paths.mts' // Add sub-package-specific
  *   overrides below the export line. export const FOO_BAR_DIST =
  *   path.join(REPO_ROOT, 'packages', 'foo', 'bar', 'dist') Consumers resolve
  *   `paths.mts` the same way Node resolves `package.json` — relative to the
