Source of truth for active work. Translates SPEC.md §16 (bash — shipped)
and SPEC.POWERSHELL.md §16 (PowerShell — v0.2.0) into NOW / NEXT / LATER
buckets. Park items aggressively — autonomous loops will otherwise bulldoze
priorities.
Hard rule: every PR ends with this file updated (item moved / completed / parked) so the plan reflects reality.
Spec:
SPEC.POWERSHELL.md(v0.2.0). The PowerShell parser is implemented — phases 1–14 ofSPEC.POWERSHELL.md§16 are complete (see below). What remains is the release flow and the downstream Netclaw integration, both of which need actions outside this repository.
- 1. Public-API surface —
ShellParserOptionsbase;BashParserOptionsreparented;PwshParserOptions+PwshParser; additiveVerbChain.CanonicalVerb/IsDynamic;Clause.IsBashCWrapped→IsCommandStringWrapped.PublicApiSnapshotTests, corpus DTOs, and the bash corpus JSON key all updated. - 2. Verb & binding tables —
PwshApprovedVerbs,PwshAliases(complete default set),PwshVerbs,PwshBindingTables,PwshPerVerbRules. - 3.
PwshLexer— quoting, backtick escape,$var/$env:/${name}, parameters, stream redirects, statement separators, comments, opaque regions,--%;OpaqueRegionScannerbacktick mode. - 4–10.
PwshCommandParser— pipeline / statement splitting, verb-chain extraction, the §6.5 binding model,PwshResolver(§8), per-verb path rules (§7),Set-Locationpropagation (§9),pwsh -Command/-EncodedCommandrecursion (§10), anomaly safe-fail and the 64 KiB cap (§11). - 11. Multi-shell corpus runner + PII audit — directory-routed by
Corpus/<shell>/. - 12. PowerShell corpus — 211 entries under
Corpus/powershell/, every §13 category minimum exceeded. - 13.
pwshvalidation gate +tools/PwshCorpusTool—PwshOracleTestsenforces the §13 oracle matrix + thePwshAliasescompleteness[Fact]; the tool is registered inTOOLING.md. - 14.
SPEC.mdedits + CI + version bump —SPEC.md§1 / §2 / §3 / §6.4 / §15 updated;VersionPrefix→0.2.0,VersionSuffix→alpha; CI verifiespwshand runs both corpora on Linux + Windows;RELEASE_NOTES.mdv0.2.0 section; CLI + Web samples gain a shell selector;README.mdupdated.
- Tag
0.2.0-alpha;publish_nuget.ymlproducedShellSyntaxTree.0.2.0-alpha.nupkgand it is live on nuget.org (released 2026-05-20). -
0.2.0-betaso Netclaw validates the parser + the breaking rename - Promote to stable
0.2.0after Netclaw validation
- Netclaw consumes the v0.2.0 package; absorbs the
Clauserename (separate repository — cannot be done here) - ≥1 Netclaw integration test exercises a real PowerShell corpus entry through the live matcher and gets the expected gate decision
- Seed corpus entries from sanitized real-world dogfood logs (SPEC §14 workflow) — both shells.
- Expand verb / cmdlet / alias tables as the corpus surfaces real commands.
- Document the "consumer's algorithm" — given a
ParsedCommand, how a security gate walks it (adocs/CONSUMER_GUIDE.mdorSPEC.mdappendix). - Performance sanity check (~1 ms typical) with a tiny BenchmarkDotNet harness — only if anything in the daemon hot path complains.
- v0.2.x candidates from
SPEC.POWERSHELL.md§18 — lossless redirect-stream identity (grow theRedirectDirectionenum), per-element comma-array path extraction (-Path a,b,c). - PowerShell script-level constructs — control flow,
function/class/enumdefinitions,param()/begin/process/endblocks,.ps1file parsing (SPEC.POWERSHELL.md§18). - Extract a shared lexer/parser core now that two parsers exist — the seam
can be designed from real duplication (
SPEC.POWERSHELL.md§18); the path-normalization helpers duplicated betweenBashResolverandPwshResolverare the first candidate. - Windows
cmdparser. - Source-mapping (line/column on AST nodes) — only if an IDE consumer asks.
- Heredoc body extraction, process substitution, bash function definitions — only if a real consumer need surfaces.
(empty; move items here when scope changes rather than deleting them)