#!/bin/sh
# milestone-commit-hook.sh — PostToolUse:Bash hook (RULE 0.14).
#
# On `git commit -m "feat..."` / `refactor:` / `git merge`: call
# `kei-memory analyze --last 1 --summary` and append to audit-backlog.md.
# NEVER blocks: every exit path is `exit 0`. Silent-first: prompts only
# activate after 10 sessions are in the memory store.

command -v jq >/dev/null 2>&1 || exit 0

# --- RUNTIME CONTROLS (v0.15.1) ---
# KEI_DISABLED_HOOKS: tokenized exact-match list (comma- or space-separated).
# Repro of pre-v0.15.1 substring bypass (CVE-class): KEI_DISABLED_HOOKS="foo-all-bar"
# previously disabled every hook via `*all*`. v0.15.1 requires token equality.
_hook_name="$(basename "$0" .sh)"
_disabled=" $(printf '%s' "${KEI_DISABLED_HOOKS:-}" | tr ',' ' ') "
case "$_disabled" in
  *" $_hook_name "*|*" all "*) unset _disabled; exit 0 ;;
esac
unset _disabled
case "${KEI_HOOK_PROFILE:-full}" in
  off) exit 0 ;;
  minimal)
    case "$_hook_name" in
      no-hand-edit-agents|assemble-validate|agent-fork-logger|session-end-dump) ;;
      *) exit 0 ;;
    esac
    ;;
  advisory-off)
    case "$_hook_name" in
      recurrence-suggest|citation-verify|error-spike-detector|milestone-commit-hook) exit 0 ;;
    esac
    ;;
  full|*) ;;
esac
# --- end runtime controls ---

set -eu

input="$(cat)"

cmd=$(printf '%s' "$input" | jq -r '.tool_input.command // empty' 2>/dev/null || true)
[ -z "$cmd" ] && exit 0

# Detect milestone commits — feat: / refactor: / merge commits. Case-sensitive
# on the conventional-commit prefix so we don't false-fire on "feature-" docs.
case "$cmd" in
    *"git commit"*"-m"*"\"feat"[:\ ]*|\
    *"git commit"*"-m"*"\"refactor"[:\ ]*|\
    *"git merge"*)
        ;;
    *)
        exit 0
        ;;
esac

backlog="${HOME}/.claude/memory/audit-backlog.md"
mkdir -p "$(dirname "$backlog")" 2>/dev/null || exit 0

# Ensure the header + session_count counter exist.
if [ ! -f "$backlog" ]; then
    {
        printf '# Audit Backlog\n\n'
        printf '<!-- session_count: 0 -->\n\n'
    } > "$backlog"
fi

# Read current session_count (silent-first threshold).
session_count=$(grep -Eo 'session_count: [0-9]+' "$backlog" 2>/dev/null | head -1 | awk '{print $2}')
session_count=${session_count:-0}

# Append the summary line if kei-memory is present.
ts=$(date -u +%Y-%m-%dT%H:%M)
if command -v kei-memory >/dev/null 2>&1; then
    summary=$(kei-memory analyze --last 1 --summary 2>/dev/null || true)
    if [ -n "$summary" ]; then
        printf -- '- [MILESTONE %s] %s' "$ts" "$summary" >> "$backlog"
    fi
fi

# Advisory stderr reminder only after silent-first threshold.
if [ "$session_count" -ge 10 ]; then
    printf 'kei-memory: audit backlog has unreviewed items (%s)\n' "$backlog" >&2
fi

exit 0