Skip to content

grill-stage: add /pharn-grill product command and spec→plan hash-chain gate#21

Merged
PrzemekGalarowicz merged 2 commits into
mainfrom
grill-stage
Jun 30, 2026
Merged

grill-stage: add /pharn-grill product command and spec→plan hash-chain gate#21
PrzemekGalarowicz merged 2 commits into
mainfrom
grill-stage

Conversation

@PrzemekGalarowicz

@PrzemekGalarowicz PrzemekGalarowicz commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Add /pharn-grill, the product-pipeline grill stage (spec → plan → grill → build → …) with two explicit natures: a floor spec→plan hash-chain re-verification and an advisory plan interrogation that never gates.
  • Introduce .dev/floor/check-plan-spec-agree.mjs (+ tests), a thin deterministic checker that shells check-spec-approved.mjs and check-spec.mjs --hash, then compares the PLAN frontmatter spec_content_hash to the current Approved SPEC body hash — the first downstream enforcement of /pharn-spec's pin after /pharn-plan.
  • Record the build-loop audit trail under .dev/features/grill-stage/ (PLAN, GRILL, REVIEW, REGRESSION, VERIFY, SHIP artifacts).

Test plan

  • node .dev/floor/check-plan-spec-agree.test.mjs — chain GREEN/RED cases pass
  • npm test — full hook + floor suite green
  • node .dev/floor/validate.mjs . — still GREEN (floor capability count unchanged at 1)
  • Manual: run /pharn-grill against a feature with matching PLAN+SPEC hashes → GRILL.md emitted; against a stale/mismatched chain → deterministic RED halt

Made with Cursor

Summary by CodeRabbit

  • New Features

    • Added a new grill-stage workflow with advisory review, verification, regression, and ship logs for clearer release tracking.
    • Introduced a deterministic check that confirms plan and spec stay in sync before continuing.
  • Bug Fixes

    • Improved handling for missing, malformed, or stale plan/spec hashes by failing closed instead of proceeding.
    • Strengthened validation so untrusted text in plans or specs does not affect results.
  • Documentation

    • Added supporting release artifacts and reports that summarize outcomes and limitations more clearly.

…n gate

Introduce the product grill stage with floor checker check-plan-spec-agree.mjs to re-verify the plan's carried spec_content_hash against the approved spec before advisory plan interrogation.

Co-authored-by: Cursor <cursoragent@cursor.com>
@coderabbitai

coderabbitai Bot commented Jun 30, 2026

Copy link
Copy Markdown

Review Change Stack

Warning

Review limit reached

@PrzemekGalarowicz, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 50 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ade98860-9c8f-4460-bfb2-dc28888a5964

📥 Commits

Reviewing files that changed from the base of the PR and between 5f63620 and 1a25254.

📒 Files selected for processing (3)
  • .claude/commands/pharn-grill.md
  • .dev/features/grill-stage/PLAN.md
  • .dev/features/grill-stage/SHIP.md
📝 Walkthrough

Walkthrough

Introduces the /pharn-grill pipeline stage. Adds check-plan-spec-agree.mjs, a deterministic CLI that re-verifies the spec→plan SHA-256 hash chain by shelling existing spec gates and comparing the PLAN frontmatter's spec_content_hash to the computed SPEC body hash. Adds black-box tests for the checker and the /pharn-grill command spec, plus all grill-stage audit artifacts (PLAN, GRILL, REVIEW, VERIFY, REGRESSION, SHIP, and report JSONs).

Changes

pharn-grill stage: hash-chain floor gate + advisory interrogation

Layer / File(s) Summary
check-plan-spec-agree.mjs hash-chain floor gate
.dev/floor/check-plan-spec-agree.mjs
New Node.js CLI shells check-spec-approved.mjs and check-spec.mjs --hash via spawnSync, extracts spec_content_hash from PLAN frontmatter with a 64-hex regex, and enforces strict hash equality; exits 0 (GREEN) or 1 (RED), surfacing subprocess output on failure.
Black-box exit-code tests
.dev/floor/check-plan-spec-agree.test.mjs
Dependency-free subprocess test suite covering: GREEN baseline, stale plan, Draft SPEC, drifted body, missing/malformed carried hash, no frontmatter, and three P0/P2 injection-needle cases proving prose cannot influence the verdict.
/pharn-grill command spec
.claude/commands/pharn-grill.md
Four-step command definition: writes-scope lock to features/<name>/GRILL.md, live discovery of PLAN/SPEC/finding-shape, floor gate branching only on checker exit code, advisory PLAN interrogation across six axes, and GRILL.md output format; includes guarantee/trust/determinism audit sections.
grill-stage PLAN.md
.dev/features/grill-stage/PLAN.md
Records the build plan: two-nature behavior split (floor vs advisory), checker contract with fail-closed frontmatter parsing, eval cases (stale/Draft/drifted/missing hash/injection), and guarantee/trust/determinism audit results.
grill-stage audit trail
.dev/features/grill-stage/GRILL.md, .dev/features/grill-stage/REVIEW.md, .dev/features/grill-stage/VERIFY.md, .dev/features/grill-stage/REGRESSION.md, .dev/features/grill-stage/SHIP.md, .dev/features/grill-stage/regression-report.json, .dev/features/grill-stage/verify-report.json
Advisory run logs and machine-readable reports: GRILL (5 findings, 0 blocking), REVIEW (GREEN, 2 advisory findings), VERIFY (all FLOOR gates PASS, 0 advisory verifiers), REGRESSION (no regressions vs base 21583b0), and SHIP (gate-2 roll-up, no merge/push actions).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

  • pharn-dev/pharn-oss#9: Introduces the same grill stage pattern (features/<name>/GRILL.md, spec_content_hash verification, and finding-shaped advisory output) that this PR formalizes into the floor-gate checker.

Poem

🐇 Hop hop! The hashes must agree,
A SHA-256 chain, precise as can be.
RED means halt — no writing today,
GREEN means the GRILL has had its say.
Advisory findings, never a block,
The rabbit checks plans 'round the clock! 🔍

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 55.56% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the main change: adding /pharn-grill and the spec-to-plan hash-chain gate.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch grill-stage

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.dev/floor/check-plan-spec-agree.mjs:
- Around line 66-74: The carried-hash parsing in readCarriedHash currently
accepts the first spec_content_hash it sees, which can let duplicate frontmatter
keys slip through; update this path to detect repeated spec_content_hash entries
and reject the PLAN before comparing. Use the existing readCarriedHash helper
and the SPEC/frontmatter parsing logic around it to fail closed on duplicates,
rather than returning a value when more than one matching key is present.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2409bc21-ac3b-4439-bb52-218338bba4de

📥 Commits

Reviewing files that changed from the base of the PR and between 21583b0 and 5f63620.

📒 Files selected for processing (11)
  • .claude/commands/pharn-grill.md
  • .dev/features/grill-stage/GRILL.md
  • .dev/features/grill-stage/PLAN.md
  • .dev/features/grill-stage/REGRESSION.md
  • .dev/features/grill-stage/REVIEW.md
  • .dev/features/grill-stage/SHIP.md
  • .dev/features/grill-stage/VERIFY.md
  • .dev/features/grill-stage/regression-report.json
  • .dev/features/grill-stage/verify-report.json
  • .dev/floor/check-plan-spec-agree.mjs
  • .dev/floor/check-plan-spec-agree.test.mjs

Comment on lines +66 to +74
function readCarriedHash(text) {
const m = text.match(FM_RE);
if (!m) return undefined;
for (const line of m[1].split(/\r?\n/)) {
const kv = line.match(/^([A-Za-z_][\w-]*):[ \t]*(.*)$/);
if (kv && kv[1] === "spec_content_hash") return stripQuotes(kv[2].trim());
}
return undefined;
}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

Reject duplicate spec_content_hash entries before comparing.

Line 71 returns the first matching key, while the reused SPEC parser’s object assignment gives later duplicate keys precedence. A PLAN with two carried hashes can therefore pass using the first value while a later frontmatter value is stale or malformed. Fail closed on duplicates.

Proposed fix
 function readCarriedHash(text) {
   const m = text.match(FM_RE);
-  if (!m) return undefined;
+  if (!m) return { hash: undefined, duplicate: false };
+  let hash;
   for (const line of m[1].split(/\r?\n/)) {
     const kv = line.match(/^([A-Za-z_][\w-]*):[ \t]*(.*)$/);
-    if (kv && kv[1] === "spec_content_hash") return stripQuotes(kv[2].trim());
+    if (kv && kv[1] === "spec_content_hash") {
+      if (hash !== undefined) return { hash, duplicate: true };
+      hash = stripQuotes(kv[2].trim());
+    }
   }
-  return undefined;
+  return { hash, duplicate: false };
 }
...
-  const planHash = readCarriedHash(planText);
+  const { hash: planHash, duplicate } = readCarriedHash(planText);
+  if (duplicate) {
+    return red(`PLAN.md carries multiple spec_content_hash entries (${planPath}) — re-plan via /pharn-plan`);
+  }
   if (planHash === undefined) {

Also applies to: 122-130

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.dev/floor/check-plan-spec-agree.mjs around lines 66 - 74, The carried-hash
parsing in readCarriedHash currently accepts the first spec_content_hash it
sees, which can let duplicate frontmatter keys slip through; update this path to
detect repeated spec_content_hash entries and reject the PLAN before comparing.
Use the existing readCarriedHash helper and the SPEC/frontmatter parsing logic
around it to fail closed on duplicates, rather than returning a value when more
than one matching key is present.

…lent

Address GATE-2 review finding by writing the grill-log on both chain outcomes — RED records the broken-chain verdict without interrogating; GREEN records findings as before.

Co-authored-by: Cursor <cursoragent@cursor.com>
@PrzemekGalarowicz PrzemekGalarowicz merged commit 61b79df into main Jun 30, 2026
6 checks passed
@PrzemekGalarowicz PrzemekGalarowicz deleted the grill-stage branch June 30, 2026 18:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant