TAP-1881 epic: .gitignore allowlist + idempotent upgrade backfill#22
Merged
Conversation
templates/.gitignore moves from a hand-maintained denylist (which has already drifted 14 patterns behind what Ralph writes under .ralph/) to `.ralph/*` plus `!` exceptions for the small known-good committed set (PROMPT.md, AGENT.md, fix_plan.md, hooks/, .gitkeep). New state files under .ralph/ are absorbed automatically — no template churn each time a feature lands. lib/enable_core.sh loses its duplicate hardcoded list and its marker-skip merge. Both are replaced by merge_gitignore_block — a top-level helper that reads canonical pattern lines straight from templates/.gitignore and appends only those missing in the target via `grep -qxF` (exact whole-line). The helper is the single source of truth: it is reused by ralph_upgrade_project.sh in TAP-1883 (next commit) so install-time and upgrade-time backfill share one code path. User-added .gitignore entries above or below the Ralph block are preserved byte-for-byte; second run is a no-op (sha256 stable). Coverage: 12 new BATS cases in tests/unit/test_gitignore_merge.bats (fresh install, old-denylist backfill, no-op re-run, user-content preservation, missing-template error, get_templates_dir default, template-contract assertions). Existing test_enable_core.bats merge tests rewritten against the new helper. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…red helper Wire ralph_upgrade_project.sh's Tier-2 merge into the same merge_gitignore_block helper TAP-1882 introduced. Running `ralph upgrade` on a stale consumer repo (e.g. tapps-brain pre-ba09360 with the 14-pattern leak) now backfills the missing entries automatically — no more hand-patching per repo as new state files land. merge_gitignore_block gains a dry_run="true" mode that publishes the would-be-appended count via GITIGNORE_MERGE_APPENDED without writing, so DRY_RUN=true in the upgrader still surfaces the operator-visible "would merge N lines" / "already current" diff. upgrade_gitignore lives in ralph_upgrade_project.sh and lazily sources lib/enable_core.sh on first call. Idempotent — second run is a no-op. User-added entries before/after the Ralph block are preserved byte-for-byte; backups go through the existing create_backup helper. Honors --dry-run, fresh-project (no .gitignore) is created from template. ralph_upgrade_project.sh gets a `BASH_SOURCE` guard at the bottom so its functions are now sourceable from tests without running main() — the pattern matches every other script in the repo and was the only thing blocking realistic upgrade smoke tests. Coverage: 9 new BATS cases in tests/unit/test_gitignore_merge.bats (dry-run mode, GITIGNORE_MERGE_APPENDED publishing, upgrade_gitignore on stale repo / current repo / missing target / user-content preservation / DRY_RUN paths). Full unit suite remains green at 1772 tests (was 1763 before TAP-1882+1883). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
wtthornton
added a commit
that referenced
this pull request
May 17, 2026
… BETA, branch hygiene) Bumps RALPH_VERSION + package.json to 2.15.2. CHANGELOG entry covers the seven tickets shipped via PRs #22, #23, #24: * TAP-1881 / TAP-1882 / TAP-1883 — .gitignore allowlist + idempotent upgrade backfill, single source-of-truth helper, 14-pattern leak fix originating from TAP-1682 (Fixed) * TAP-1988 — Tool Search BETA opt-in via ANTHROPIC_BETA header (Added) * TAP-1878 / TAP-1879 / TAP-1880 — branch hygiene epic (prompt-side delete + harness-side janitor with git cherry detection) (Added) Unit suite: 1751 → 1778 cases (+27) across 4 new BATS files. All green; full suite still 100% pass. Real-world post-merge validation of the new janitor (TAP-1880): deleted 2 stale tap-1838-* branches in this repo on first run with no manual intervention. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes the
.gitignoreaudit epic (TAP-1881). Two stories:templates/.gitignoreswitches from a hand-maintained per-file denylist (already 14 patterns behind what Ralph writes under.ralph/) to.ralph/*+!allowlist exceptions for the committed set (PROMPT.md,AGENT.md,fix_plan.md,hooks/,.gitkeep). The duplicate hardcoded list inlib/enable_core.sh:884-897and its marker-skip merge are removed;merge_gitignore_blockbecomes the single source-of-truth helper, doing line-by-linegrep -qxFmembership checks and appending only missing patterns.ralph_upgrade_project.shcalls the same helper as a Tier-2 merge.ralph upgradeon a stale consumer repo now backfills missing entries automatically (tapps-brain commitba09360on 2026-05-16 was the worked example we're automating away). Newdry_run=truemode in the helper publishes the would-be-appended count viaGITIGNORE_MERGE_APPENDEDso--dry-runstill surfaces the diff. ABASH_SOURCEguard at the bottom ofralph_upgrade_project.shmakes its functions sourceable from tests without runningmain().User-added
.gitignoreentries above and below the Ralph block are preserved byte-for-byte across both install and upgrade. Second run is a no-op (sha256stable).Test plan
bats tests/unit/test_gitignore_merge.bats— 21 cases pass (12 from TAP-1882: fresh install, missing-line backfill, no-op re-run, user-content preservation, template-contract assertions; 9 from TAP-1883: dry-run mode,GITIGNORE_MERGE_APPENDEDpublishing,upgrade_gitignoreon stale repo / current repo / missing target / user-content preservation / DRY_RUN paths)bats tests/unit/test_enable_core.bats— 44 cases pass (existing.gitignoretests rewritten against the new helper, ENABLE-4 marker-simulation tests rewritten to callmerge_gitignore_blockdirectly)ralph_upgrade_project.sh: stale repo withnode_modules/+.ralph/.call_count→ 24 entries merged on first run, "already current" on second run, usernode_modules/line preserved at top byte-for-byteralph-upgrade-project --all --dry-runagainst a real consumer repo and confirm the "Would merge N missing Ralph entries" log line appears🤖 Generated with Claude Code