hygiene: guard shell-family bash-retirement drift#5526
Merged
AceHack merged 3 commits intoMay 27, 2026
Conversation
Co-Authored-By: Codex <noreply@openai.com>
Extend the bash-retirement inventory guard beyond .sh files so newly tracked non-Lean shell-family entrypoints cannot bypass the retained-shell allowlist. Co-Authored-By: Codex <noreply@openai.com>
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
There was a problem hiding this comment.
Pull request overview
This PR widens the bash-retirement inventory guard from tracking only .sh files to tracking a broader shell-family surface, adds a regression test to ensure enumeration works while Lean vendor scripts stay excluded, and updates the TypeScript/Bun migration trajectory to reflect the new scope.
Changes:
- Expand tracked shell inventory from
*.shto a shell-family glob set (*.sh,*.bash,*.zsh,*.ksh,*.command) in the hygiene guard. - Add a temp-repo unit test proving shell-family enumeration works and
tools/lean4/remains excluded. - Update the TypeScript/Bun migration resume text to match the widened guard surface.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| tools/hygiene/check-bash-retirement-inventory.ts | Tracks additional shell-family extensions via git pathspec globs and updates messaging accordingly. |
| tools/hygiene/check-bash-retirement-inventory.test.ts | Adds a temp-repo test exercising the expanded enumeration and Lean exclusion behavior. |
| docs/trajectories/typescript-bun-migration/RESUME.md | Updates trajectory prose to describe shell-family drift instead of .sh-only drift. |
| docs/claims/codex-loop-bash-retirement-drift-guard-20260527.md | Adds a live claim file related to this work (needs release handling before merge). |
Handle git spawn failures in the temp-repo test helper, align the migration resume wording and timestamp with the shell-family guard surface, and release the live claim file before merge. Co-Authored-By: Codex <noreply@openai.com>
This was referenced May 27, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
.shonly to shell-family globs:.sh,.bash,.zsh,.ksh,.commandtools/lean4/vendor scripts remain excludedChecks
bun test tools/hygiene/check-bash-retirement-inventory.test.tsbun tools/hygiene/check-bash-retirement-inventory.ts --enforcegit diff --check