bug: leak-sweep regex was case-blind to lowercase Sage-memo IDs in shipped src/#225
Open
Antawari wants to merge 1 commit into
Open
Conversation
…insensitive The internal Sage-memo filename was hard-cited in 9 docstrings/comments across 7 src/bonfire files. These ship inside the bonfire-ai wheel (packages=['src/bonfire']); CLAUDE.md + CONTRIBUTING.md forbid internal-tracker references in this public PyPI tree. The guard test test_no_bon_ref_in_src_sweep.py compiled re.compile(r'BON-\d+'), which is case-SENSITIVE: an oracle running that regex over the lowercase memo filename returns no match, so the leak passed the gate. Made the sweep regex case-insensitive (re.IGNORECASE) so any [Bb][Oo][Nn]-<digits> ref in shipped source costs an explicit allowlist entry. Design rationale in each docstring is preserved; only the internal filename + section/line pointers are removed. The tests/unit package stays at its frozen shrink-only budget (net line delta 0). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Antawari
force-pushed
the
catrina/2026-06-13/w1-bonfire-public-sage-memo-id-leak-case-blind-sweep
branch
from
a895fdc to
10d47a5
Compare
Antawari
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
DO-NOT-MERGE — fleet quality burn. Builder PR; the operator gates merge.
Unit
bug: internal Sage-memo ID leaks in shipped
src/that the leak-sweep regex is blind to.The problem
An internal Sage-memo filename was hard-cited in 9 docstrings/comments across 7
src/bonfirefiles:handlers/__init__.py,handlers/merge_preflight.py(×2)git/scratch.pyengine/gates.pyworkflow/standard.pygithub/client.py(×2),github/mock.pyThese files ship inside the
bonfire-aiwheel via[tool.hatch.build.targets.wheel] packages=['src/bonfire'].CLAUDE.md+CONTRIBUTING.mdforbid internal-tracker references in this public PyPI tree.Why the guard missed it
The guard test
tests/unit/test_no_bon_ref_in_src_sweep.pycompiled the sweep regex case-sensitively. An oracle running that regex over a lowercase tracker filename returns no match, so the leak passed the gate — even with the allowlist empty of these entries.Falsifiable claim this PR satisfies
grep -rE 'bon-[0-9]+-sage' src/bonfirereturned 9 hits, AND the case-sensitive sweep regex matched that string asNone.Change
[Bb][Oo][Nn]-<digits>ref in shipped source costs an explicit allowlist entry (TDD: this turned the guard RED against the 9 leaks).Verification
ruff check+ruff format --check: clean.noqa.🤖 Generated with Claude Code