fix(have:review-cycle): operational discipline — Copilot non-optional, loop convergence, blocker docs

.github/workflows/commitlint.yml

@@ -5,8 +5,11 @@ on:
     types: [opened, synchronize, reopened]
 
 permissions:
+  # Only contents:read is needed — the job does `actions/checkout`
+  # + `git log` over commit SHAs from the event payload. No PR API
+  # calls or PR metadata reads, so `pull-requests:read` would be
+  # dead scope. Per least-privilege, drop it.
   contents: read
-  pull-requests: read
 
 jobs:
   commitlint:
@@ -27,17 +30,49 @@ jobs:
           # GitHub Actions injection-defense guidance.
           COMMITS=$(git log --format=%s "$BASE_SHA".."$HEAD_SHA")
 
+          # Escape `%`, CR, LF in user-controlled commit messages
+          # before printing inside `::error::` workflow commands. Per
+          # GitHub's workflow-commands docs, unescaped event-payload
+          # strings can corrupt the command payload or inject
+          # additional workflow commands via `%`, `\r`, or `\n` in
+          # the source string.
+          escape_wc() {
+            local s="$1"
+            s="${s//%/%25}"
+            s="${s//$'\r'/%0D}"
+            s="${s//$'\n'/%0A}"
+            printf '%s' "$s"
+          }
+
           FAILED=0
           while IFS= read -r msg; do
             [[ -z "$msg" ]] && continue
             # Allow merge commits
             if [[ "$msg" =~ ^Merge\  ]]; then
               continue
             fi
-            if ! echo "$msg" | grep -qE '^(feat|fix|docs|style|refactor|perf|test|chore|ci|build|revert)(\([a-z0-9-]+\))?!?: .+'; then
-              echo "::error::Invalid commit message: $msg"
+            # Scope grammar:
+            #   scope    = segment ("," segment)*
+            #   segment  = "@"? alpha-run ( ("/" | "-") alpha-run )*
+            #   alpha-run = [a-z0-9]+
+            # Each comma-separated segment is:
+            # - optional leading "@" (for scoped npm packages like
+            #   "@happyvertical/sql")
+            # - one or more alphanumeric runs separated by single
+            #   "/" or "-" characters (no repeated separators like
+            #   "a//b" or "a--b", no trailing separators like "a/"
+            #   or "a-", no leading separators after the optional "@")
+            # Examples that pass: fix(release), fix(review-cycle,ship),
+            #   chore(tibdex/github-app-token), feat(@happyvertical/sql)
+            # Examples that fail: fix(a,), fix(a/), fix(a-), fix(a,,b),
+            #   fix(a//b), fix(a--b), fix(,b), fix(/foo), fix(Foo),
+            #   fix(have:review-cycle)
+            if ! printf '%s' "$msg" | grep -qE '^(feat|fix|docs|style|refactor|perf|test|chore|ci|build|revert)(\(@?[a-z0-9]+([/-][a-z0-9]+)*(,@?[a-z0-9]+([/-][a-z0-9]+)*)*\))?!?: .+'; then
+              msg_escaped=$(escape_wc "$msg")
+              echo "::error::Invalid commit message: $msg_escaped"
               echo "  Expected format: type(scope?): subject"
               echo "  Valid types: feat, fix, docs, style, refactor, perf, test, chore, ci, build, revert"
+              echo "  Scope chars: alphanumeric, hyphen, comma (multi-scope), forward slash (e.g. dep names), optional leading @ (scoped npm packages)"
               FAILED=1
             fi
           done <<< "$COMMITS"

.gitignore

@@ -2,3 +2,31 @@
 *.swp
 *.swo
 node_modules/
+
+# Copilot CLI session transcripts can leak into the working dir if
+# probe prompts reference filenames. Per `gh copilot -- --help`:
+# - `--share[=path]` writes `copilot-session-<id>.md` (markdown) in
+#   cwd by default
+# - `--output-format json` writes JSONL to stdout (not a file)
+# - `--log-dir <dir>` defaults to `~/.copilot/logs/` (outside repo)
+#
+# We ignore both `.md` (the current documented file leak vector
+# from `--share`) and `.jsonl` (for any future CLI version that
+# writes session output as JSONL to a file).
+#
+# NOTE: These narrow patterns DO NOT cover the prior 1fc8677
+# incident filenames (`.deny-test.jsonl`, `.revparse-test.jsonl`),
+# which came from internal Copilot tool-permission probes that
+# don't match `copilot-session-*`. A wildcard like `*-test.jsonl`
+# would catch them but would also hide legitimate fixtures
+# (e.g. `fixtures/payment-test.jsonl`) — the round-7 walkback
+# (commit ab01756) chose narrow-correct over broad-defense.
+#
+# The PRIMARY prevention is the review-cycle docs' rule: review
+# outputs go to /tmp, not the repo. These patterns catch only the
+# documented `copilot-session-*` file shapes; for arbitrary
+# Copilot-internal probe filenames the structural defense is /tmp.
+copilot-session-*.md
+.copilot-session-*.md
+copilot-session-*.jsonl
+.copilot-session-*.jsonl