chore: finish PowerShell script audit for issue #25 by EnmaJim · Pull Request #447 · andresharpe/dotbot

EnmaJim · 2026-05-25T20:25:05Z

Linked issue

Closes #25

Summary of changes

Completes the three remaining acceptance criteria on the script audit:
error handling, UTF-8 file encoding, and logging-helper consistency.

Error handling standardised. Every .ps1 entry-point now sets
Set-StrictMode -Version 3.0 and $ErrorActionPreference = 'Stop',
variables are initialised before try blocks so strict-mode reads
on early throw no longer surface as "property cannot be found",
optional JSON-RPC and workflow-manifest fields are guarded under
strict mode, and empty/silent-discard catch blocks have been
replaced with Write-BotLog calls (atlassian-download, InboxWatcher
worker log, ui/server port probe, etc.).
UTF-8 handling verified. Every Set-Content / Add-Content /
Out-File call now declares -Encoding utf8NoBOM, and
.gitattributes pins LF line endings for *.ps1, *.psm1,
*.psd1.
Logging helpers consistent. Write-Warning and bare error
prints in long-running paths are routed through Write-BotLog, and
the strict-mode leak that broke /api/state (dot-sourcing a script
with top-level Set-StrictMode from Get-BotState) is fixed at
source: dot-sourceable scripts keep strict mode inside function
bodies.
Regression guards. Three new Layer-1 test files lock the rules
in place so the audit cannot silently regress:
- tests/Test-ErrorHandling.ps1 - entry-point directives + no
  empty / silent-discard catch blocks.
- tests/Test-FileEncoding.ps1 - no BOM, explicit -Encoding,
  .gitattributes LF declarations.
- tests/Test-DotSourceIsolation.ps1 - dot-sourced .ps1 files
  must not leak strict mode into the caller (runtime probe + AST
  lint).
Workflow + Claude CLI robustness. Surfacing exit code/stderr on
stdin write failure, regenerating the Claude session ID per retry
attempt, cleaning session artefacts between retries, and a
background stderr drain so worktree git chatter no longer leaks
into pipelines.

Screenshots / recordings

Not applicable - no UI changes.

Testing notes

pwsh tests/Test-ErrorHandling.ps1 - all rules pass.
pwsh tests/Test-FileEncoding.ps1 - all rules pass.
pwsh tests/Run-Tests.ps1 - full Layer-1 + component + workflow
suites green, including the new Test-WorkflowSessionRetry,
Test-RuntimeHelpers, Test-RouteHandlerSmoke, and
Test-McpHelpers.

Checklist

Tests added or updated
Docs updated (if behaviour changed) - none required, behaviour
unchanged
Linked issue exists
Follows the contribution guide

…ints

…-25-script-audit

EnmaJim added 28 commits May 20, 2026 19:11

chore: add Set-StrictMode and $ErrorActionPreference to .ps1 entry-po…

6ee9285

…ints

chore: add -Encoding utf8NoBOM to Set-Content/Add-Content/Out-File calls

c7c5b21

refactor(atlassian-download): replace Write-Warning with Write-BotLog

40631ae

refactor(ui/server): log port-probe cleanup errors via Write-BotLog

310baa5

refactor: log empty-catch suppressions via Write-BotLog

1e44ac2

refactor(InboxWatcher): log worker-log append errors via Write-BotLog

d5ccc1a

test: add error-handling and file-encoding enforcement gates

7a6671c

fix: stop Set-StrictMode leak when dot-sourcing helper scripts

bbf7ca6

fix(runtime): guard optional property reads in workflow exec path

97b5a26

test: add regression guards for strict-mode dot-source leak

7f63920

fix(claude-cli): surface exit code and stderr on stdin write failure

9316143

fix(workflow): regenerate Claude session ID per retry attempt

91318fe

fix(workflow): clean session artefacts per retry and log session id

3ec2de4

fix(mcp): guard optional JSON-RPC fields under strict mode

f89106a

fix(strict-mode): init vars to avoid unset reads on early throw

da3216a

refactor: initialize local variables before try blocks

97968bf

style: remove extra empty lines after set-strictmode

e6b2fee

fix: safeguard object property access under strict mode

9d48149

fix: cast dynamic values to string before method calls

a9009b8

test: support dictionary task shapes in manifest tests

3dcfa75

fix: ensure strict mode 3.0 compatibility across tools and tests

b265481

fix: resolve ps strict mode issues and background stderr drain

9f5fab5

test: fix response dictionary validation in session-get-stats tests

29ce8bf

fix(worktree): suppress git command output leaking into pipelines

b9dbd43

style: collapse extra blank lines from strict-mode audit

da8d4ec

style: tighten blank lines inside strict-mode directive block

3401bf1

style: drop redundant strict-mode leak-guard comments

a91611f

style: drop comments added without modifying a prior comment

516f9ca

EnmaJim requested a review from andresharpe as a code owner May 25, 2026 20:25

github-project-automation Bot added this to Dotbot v4 Roadmap May 25, 2026

github-project-automation Bot moved this to Inbox in Dotbot v4 Roadmap May 25, 2026

EnmaJim added 4 commits May 25, 2026 17:44

fix(test): make session-retry mock cross-platform on windows

bed32f8

fix(test): use POSIX [[:space:]] in dot-source git grep for macos

bbeb12f

fix(ui): invalidate workflows cache when processes dir changes

d59b156

Merge branch 'main' of github.com:andresharpe/dotbot into chore/issue…

91094ad

…-25-script-audit

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: finish PowerShell script audit for issue #25#447

chore: finish PowerShell script audit for issue #25#447
EnmaJim wants to merge 32 commits into
andresharpe:mainfrom
EnmaJim:chore/issue-25-script-audit

EnmaJim commented May 25, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

EnmaJim commented May 25, 2026

Linked issue

Summary of changes

Screenshots / recordings

Testing notes

Checklist

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant