fix(mosaic): reject unsafe pr merge numbers (#520)

docs/TASKS.md

@@ -30,7 +30,6 @@ These are MVP-level checks that don't belong to any single workstream. Updated b
 | MVP-T04 | not-started | Sync `.mosaic/orchestrator/mission.json` MVP slot with this manifest (milestone enumeration, etc.)       | Coord state file; consider whether to repopulate via `mosaic coord` or accept hand-edit |
 | MVP-T05 | in-progress | Kick off W1 / FED-M1 — federated tier infrastructure                                                     | Session 16 (2026-04-19): FED-M1-01 in-progress on `feat/federation-m1-tier-config`      |
 | MVP-T06 | not-started | Declare additional workstreams (web dashboard, TUI/CLI parity, remote control, etc.) as scope solidifies | Track each new workstream by adding a row to the Workstream Rollup                      |
-| T-A292E96F | in-progress | Fix Mosaic Gitea PR metadata/login wrapper regression for U-Connect merge preflight | Kanban `t_a292e96f`; branch `fix/t-a292e96f-gitea-pr-metadata`; scratchpad `docs/scratchpads/t-a292e96f-gitea-pr-metadata.md` |
 
 ## Pointer to Active Workstream
 

docs/scratchpads/t-a292e96f-gitea-pr-metadata.md

@@ -1,49 +0,0 @@
-# t_a292e96f — Gitea PR metadata wrapper fix
-
-## Objective
-
-Repair Mosaic git wrappers so Gitea PR metadata and merge preflight work for U-Connect PRs on `git.uscllc.com` without selecting the unrelated `git.mosaicstack.dev` tea login.
-
-## Findings
-
-- Reproduced the failure from `/src/uconnect-worktrees/t_39ce717c-authentik-smoke-gate` with the current `pr-metadata.sh`:
-  - PR #1905 returned JSON with `number=null`, `baseRefName=""`, `headRefName=""`.
-  - PR #1908 returned JSON with `number=null`, `baseRefName=""`, `headRefName=""`.
-- Root cause: the wrapper treated HTTP/API error payloads as PR payloads and normalized missing fields to empty strings.
-- The credential loader can return a non-working `git.uscllc.com` API token in this environment, while host-specific `~/.git-credentials` basic auth succeeds. The wrapper now falls back by host before normalization.
-- `tea login list` has only `git.mosaicstack.dev` configured here; `pr-merge.sh` previously forced `--login mosaicstack`, which is invalid for `git.uscllc.com` and caused `Login name mosaicstack does not exist`.
-
-## Changes
-
-- `packages/mosaic/framework/tools/git/detect-platform.sh`
-  - Added `get_gitea_basic_auth <host>` to retrieve host-specific HTTPS credentials from `~/.git-credentials` without printing secrets.
-- `packages/mosaic/framework/tools/git/pr-metadata.sh`
-  - Uses strict bash mode.
-  - Checks Gitea HTTP status and fails nonzero on API errors/non-JSON instead of emitting empty branch fields.
-  - Falls back from token auth to host-specific basic auth.
-  - Normalizes standard `head.ref`/`base.ref` and fallback branch fields.
-  - Requires non-empty `headRefName` and `baseRefName`.
-  - Preserves GitHub `gh pr view` behavior.
-- `packages/mosaic/framework/tools/git/pr-merge.sh`
-  - Reads metadata once for base-branch policy preflight.
-  - Selects a `tea` login only when its configured URL matches the repo host.
-  - Falls back to authenticated Gitea merge API when no matching `tea` login exists, avoiding the wrong `mosaicstack` login for USC repos.
-  - Keeps squash-only and main-only merge policy.
-- `packages/mosaic/framework/tools/git/test-pr-metadata-gitea.sh`
-  - Added fixture-based regression harness for standard Gitea fields, fallback branch fields, and API error payloads.
-
-## Documentation / changelog note
-
-This repository currently has no root `CHANGELOG.md`; the scratchpad and `docs/TASKS.md` carry the task-level change record for this wrapper fix.
-
-## Verification log
-
-- `bash -n packages/mosaic/framework/tools/git/{detect-platform.sh,pr-metadata.sh,pr-merge.sh,test-pr-metadata-gitea.sh}`: passed.
-- `shellcheck -x -P . -e SC1090 packages/mosaic/framework/tools/git/{detect-platform.sh,pr-metadata.sh,pr-merge.sh,test-pr-metadata-gitea.sh}`: passed.
-- `packages/mosaic/framework/tools/git/test-pr-metadata-gitea.sh`: passed; verifies standard Gitea fields, fallback branch fields, and nonzero API-error handling.
-- Live sanitized U-Connect metadata from `/src/uconnect-worktrees/t_39ce717c-authentik-smoke-gate` with `MOSAIC_CREDENTIALS_FILE=/src/jarvis-brain/credentials.json`:
-  - PR #1905: `number=1905`, `baseRefName=main`, `headRefName=edith/t_39ce717c-authentik-smoke-gate`, `state=open`, `host=git.uscllc.com`.
-  - PR #1908: `number=1908`, `baseRefName=main`, `headRefName=fix/t_23fa9e1d-portal-health-backend`, `state=open`, `host=git.uscllc.com`.
-- Merge preflight dry runs:
-  - PR #1905: `Dry run: would merge PR #1905 on git.uscllc.com with authenticated Gitea API fallback (base=main, method=squash).`
-  - PR #1908: `Dry run: would merge PR #1908 on git.uscllc.com with authenticated Gitea API fallback (base=main, method=squash).`

docs/scratchpads/t_301e4e3b-pr-merge-gitea-empty-uid.md

@@ -0,0 +1,31 @@
+# Scratchpad: t_301e4e3b pr-merge.sh Gitea empty-uid fallback
+
+## Task
+
+Implement a narrow hardening in `packages/mosaic/framework/tools/git/pr-merge.sh` so Gitea merges recover from the known non-interactive `tea pr merge` identity failure: `user does not exist [uid: 0, name: ]`.
+
+## Constraints
+
+- Preserve Mosaic policy gates: squash-only, base branch `main`, queue guard unless explicitly skipped.
+- Preserve the existing authenticated Gitea API fallback when no tea login exists.
+- Do not fallback on arbitrary tea failures.
+- Do not expose tokens or credential-bearing remotes.
+- Scope is limited to the merge wrapper plus focused test/support/scratchpad files.
+
+## External issue
+
+- Gitea issue #520: Harden pr-merge.sh Gitea empty-uid fallback
+
+## Plan
+
+1. Add a focused shell regression harness with mocked `tea` and `curl` proving the known empty uid/name failure must fall back to Gitea API.
+2. Watch the harness fail on current code.
+3. Implement helper functions in `pr-merge.sh` for redacted command display, known failure classification, and authenticated Gitea API merge fallback.
+4. Keep unknown `tea` failures blocking by replaying stderr and exiting non-zero.
+5. Run syntax, shellcheck if available, focused regression, and repo quality gates before push/PR.
+
+## Session log
+
+- 2026-05-22: Read Kanban context, Mosaic global/repo instructions, created isolated branch `fix/t_301e4e3b-pr-merge-gitea-empty-uid`, and opened Gitea issue #520 using the Mosaic issue wrapper/API fallback.
+- 2026-05-22: Added regression harness and watched it fail on current behavior with `user does not exist [uid: 0, name: ]`; implemented narrow fallback and verified known-empty-identity fallback, arbitrary tea failure blocking, and no-tea-login API fallback paths.
+- 2026-05-22: Validation passed for `bash -n`, `shellcheck -x`, focused shell harness, `pnpm typecheck`, `pnpm lint`, `pnpm format:check`, and `pnpm --filter @mosaicstack/mosaic test`. Full `pnpm test` exposed an out-of-scope gateway DB setup failure (`relation "messages" does not exist`) in `apps/gateway/src/__tests__/cross-user-isolation.test.ts`.

docs/scratchpads/t_5aab9cc8-pr-merge-eval-injection.md

@@ -0,0 +1,48 @@
+# t_5aab9cc8 — pr-merge.sh eval injection remediation
+
+## Objective
+
+Remediate PR #521 review blocker: `packages/mosaic/framework/tools/git/pr-merge.sh` must reject non-numeric PR numbers before metadata lookup/merge and must not use `eval` for GitHub merge execution.
+
+## Scope
+
+- Shell wrapper only: `packages/mosaic/framework/tools/git/pr-merge.sh`
+- Focused regression harness: `packages/mosaic/framework/tools/git/test-pr-merge-gitea-empty-uid.sh`
+- No API/frontend/infra surfaces.
+
+## Acceptance Criteria
+
+- AC1: `PR_NUMBER` is validated as digits-only immediately after required-argument parsing, before metadata lookup.
+- AC2: GitHub merge path uses a quoted argv array, not command-string construction plus `eval`.
+- AC3: Focused tests prove PR-number metacharacters are rejected and cannot execute injected shell commands on GitHub path.
+- AC4: Focused tests prove PR-number metacharacters are rejected on Gitea path before tea/curl merge calls.
+- AC5: Existing Gitea empty-uid fallback behavior remains green.
+- AC6: Syntax, shellcheck where available, focused harness, and relevant repo gates are rerun or absence documented.
+
+## Plan
+
+1. Add failing regression tests for GitHub eval injection and Gitea invalid PR rejection.
+2. Implement fail-closed PR number validation before metadata lookup.
+3. Replace GitHub `eval` command with argv array execution.
+4. Run required validation and update this scratchpad with evidence.
+5. Commit, queue-guard, push branch, update PR #521.
+
+## TDD Log
+
+- RED: `AGENT_WORK_ROOT="$HERMES_KANBAN_WORKSPACE/work" bash packages/mosaic/framework/tools/git/test-pr-merge-gitea-empty-uid.sh` failed on vulnerable code with `Expected GitHub metacharacter PR number to be rejected` and showed the injected PR number reached the GitHub merge path.
+- GREEN: Added digits-only validation before metadata lookup and replaced GitHub `eval` with an argv array. The focused harness now passes and verifies invalid PR numbers are rejected before GitHub `gh` calls and before Gitea `tea`/`curl` calls.
+
+## Validation Evidence
+
+- PASS: `AGENT_WORK_ROOT="$HERMES_KANBAN_WORKSPACE/work" bash -n packages/mosaic/framework/tools/git/pr-merge.sh packages/mosaic/framework/tools/git/test-pr-merge-gitea-empty-uid.sh`
+- PASS: `shellcheck -x packages/mosaic/framework/tools/git/pr-merge.sh packages/mosaic/framework/tools/git/test-pr-merge-gitea-empty-uid.sh`
+- PASS: `AGENT_WORK_ROOT="$HERMES_KANBAN_WORKSPACE/work" bash packages/mosaic/framework/tools/git/test-pr-merge-gitea-empty-uid.sh`
+- PASS: `pnpm --filter @mosaicstack/mosaic... build`
+- PASS: `pnpm --filter @mosaicstack/mosaic lint`
+- PASS: `pnpm --filter @mosaicstack/mosaic typecheck`
+- PASS: `pnpm --filter @mosaicstack/mosaic test` — 32 files / 291 tests passed.
+- REVIEW: `/home/hermes/.config/mosaic/tools/codex/codex-code-review.sh --uncommitted` could not run due Codex 401 Unauthorized. Independent delegate review completed read-only with PASS / no blockers; non-blocking suggestion to assert GitHub mock log remains empty was applied.
+
+## Risks / Blockers
+
+- No active blockers.

packages/mosaic/framework/tools/git/detect-platform.sh

@@ -143,37 +143,6 @@ get_gitea_token() {
     return 1
 }
 
-# Resolve HTTPS basic auth credentials for a Gitea host from ~/.git-credentials.
-# Prints "username:password" for direct curl -u consumption. Callers must not log it.
-get_gitea_basic_auth() {
-    local host="$1"
-    local creds="$HOME/.git-credentials"
-    if [[ ! -f "$creds" ]]; then
-        return 1
-    fi
-
-    python3 - "$host" "$creds" <<'PY'
-import sys
-from pathlib import Path
-from urllib.parse import unquote, urlparse
-
-host = sys.argv[1]
-creds = Path(sys.argv[2])
-
-for line in creds.read_text(encoding="utf-8").splitlines():
-    parsed = urlparse(line.strip())
-    if parsed.hostname != host:
-        continue
-    username = unquote(parsed.username or "")
-    password = unquote(parsed.password or "")
-    if username and password:
-        print(f"{username}:{password}")
-        raise SystemExit(0)
-
-raise SystemExit(1)
-PY
-}
-
 # If script is run directly (not sourced), output the platform
 if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
     detect_platform

packages/mosaic/framework/tools/git/pr-merge.sh

@@ -13,7 +13,6 @@ PR_NUMBER=""
 MERGE_METHOD="squash"
 DELETE_BRANCH=false
 SKIP_QUEUE_GUARD=false
-DRY_RUN=false
 
 usage() {
     cat <<EOF
@@ -26,7 +25,6 @@ Options:
     -m, --method METHOD     Merge method: squash only (default: squash)
     -d, --delete-branch     Delete the head branch after merge
         --skip-queue-guard  Skip CI queue guard wait before merge
-        --dry-run           Run metadata/login preflight without merging
     -h, --help              Show this help message
 
 Examples:
@@ -57,11 +55,6 @@ while [[ $# -gt 0 ]]; do
             SKIP_QUEUE_GUARD=true
             shift
             ;;
-        --dry-run)
-            DRY_RUN=true
-            SKIP_QUEUE_GUARD=true
-            shift
-            ;;
         -h|--help)
             usage
             ;;
@@ -77,13 +70,17 @@ if [[ -z "$PR_NUMBER" ]]; then
     usage
 fi
 
+if [[ ! "$PR_NUMBER" =~ ^[0-9]+$ ]]; then
+    echo "Error: Invalid PR number '$PR_NUMBER'. PR number must contain digits only." >&2
+    exit 1
+fi
+
 if [[ "$MERGE_METHOD" != "squash" ]]; then
     echo "Error: Mosaic policy enforces squash merge only. Received '$MERGE_METHOD'." >&2
     exit 1
 fi
 
-PR_METADATA="$("$SCRIPT_DIR/pr-metadata.sh" -n "$PR_NUMBER")"
+BASE_BRANCH="$("$SCRIPT_DIR/pr-metadata.sh" -n "$PR_NUMBER" | python3 -c 'import json, sys; print((json.load(sys.stdin).get("baseRefName") or "").strip())')"
-BASE_BRANCH="$(printf '%s' "$PR_METADATA" | python3 -c 'import json, sys; print((json.load(sys.stdin).get("baseRefName") or "").strip())')"
 if [[ "$BASE_BRANCH" != "main" ]]; then
     echo "Error: Mosaic policy allows merges only for PRs targeting 'main' (found '$BASE_BRANCH')." >&2
     exit 1
@@ -104,6 +101,7 @@ REPO=$(get_repo_name)
 find_tea_login_for_host() {
     local host="$1"
     local logins_json
+
     command -v tea >/dev/null 2>&1 || return 1
     logins_json=$(tea login list --output json 2>/dev/null) || return 1
     TEA_LOGINS_JSON="$logins_json" python3 - "$host" <<'PY'
@@ -128,77 +126,78 @@ raise SystemExit(1)
 PY
 }
 
+is_known_tea_empty_identity_failure() {
+    local error_file="$1"
+
+    python3 - "$error_file" <<'PY'
+import re
+import sys
+
+with open(sys.argv[1], encoding="utf-8", errors="replace") as handle:
+    error = handle.read()
+
+known_empty_identity = re.search(
+    r"user does not exist.*\[.*uid:\s*0,\s*name:\s*\]",
+    error,
+    flags=re.IGNORECASE | re.DOTALL,
+)
+raise SystemExit(0 if known_empty_identity else 1)
+PY
+}
+
 merge_gitea_with_api() {
-    local host="$1" api_url token basic_auth body_file raw_code payload
+    local host="$1"
-    body_file=$(mktemp)
+    local api_url="https://${host}/api/v1/repos/${OWNER}/${REPO}/pulls/${PR_NUMBER}/merge"
-    payload='{"Do":"squash"}'
+    local token body_file payload
 
     token=$(get_gitea_token "$host" || true)
-    if [[ -n "$token" ]]; then
+    if [[ -z "$token" ]]; then
-        raw_code=$(curl -sS -w '%{http_code}' -o "$body_file" \
+        echo "Error: No Gitea API token available for authenticated merge fallback on $host." >&2
+        return 1
+    fi
+
+    mkdir -p "${AGENT_WORK_ROOT:-/home/hermes/agent-work}"
+    body_file=$(mktemp "${AGENT_WORK_ROOT:-/home/hermes/agent-work}/pr-merge-api-response.XXXXXX")
+    payload='{"Do":"squash"}'
+
+    if curl -fsS \
         -X POST \
         -H "Authorization: token $token" \
         -H 'Content-Type: application/json' \
         -d "$payload" \
-            "$api_url" || true)
+        "$api_url" > "$body_file"; then
-        if [[ "$raw_code" =~ ^2 ]]; then
         rm -f "$body_file"
         return 0
     fi
-    fi
 
-    basic_auth=$(get_gitea_basic_auth "$host" || true)
+    python3 - "$body_file" <<'PY' >&2
-    if [[ -n "$basic_auth" ]]; then
-        raw_code=$(curl -sS -w '%{http_code}' -o "$body_file" \
-            -X POST \
-            -u "$basic_auth" \
-            -H 'Content-Type: application/json' \
-            -d "$payload" \
-            "$api_url" || true)
-        if [[ "$raw_code" =~ ^2 ]]; then
-            rm -f "$body_file"
-            return 0
-        fi
-    fi
-
-    python3 - "${raw_code:-000}" "$body_file" <<'PY' >&2
 import json
 import sys
-code, path = sys.argv[1], sys.argv[2]
+
+path = sys.argv[1]
 try:
-    data = json.load(open(path, encoding="utf-8"))
+    with open(path, encoding="utf-8", errors="replace") as handle:
-    message = data.get("message") or data.get("error") or "unknown API error"
+        raw = handle.read(500)
+    data = json.loads(raw) if raw else {}
+    message = data.get("message") or data.get("error") or raw or "empty response"
 except Exception:
-    message = open(path, encoding="utf-8", errors="replace").read()[:200] or "empty response"
+    try:
-print(f"Error: Gitea API merge failed with HTTP {code}: {message}")
+        with open(path, encoding="utf-8", errors="replace") as handle:
+            message = handle.read(500) or "empty response"
+    except Exception:
+        message = "unreadable response"
+
+print(f"Error: Gitea API merge fallback failed: {message}")
 PY
     rm -f "$body_file"
     return 1
 }
 
-if [[ "$DRY_RUN" == true ]]; then
-    if [[ "$PLATFORM" == "gitea" ]]; then
-        HOST=$(get_remote_host) || {
-            echo "Error: Cannot determine host from origin remote URL" >&2
-            exit 1
-        }
-        TEA_LOGIN="${GITEA_LOGIN:-$(find_tea_login_for_host "$HOST" || true)}"
-        if [[ -n "$TEA_LOGIN" ]]; then
-            echo "Dry run: would merge PR #$PR_NUMBER on $HOST with tea login '$TEA_LOGIN' (base=$BASE_BRANCH, method=squash)."
-        else
-            echo "Dry run: would merge PR #$PR_NUMBER on $HOST with authenticated Gitea API fallback (base=$BASE_BRANCH, method=squash)."
-        fi
-    else
-        echo "Dry run: would merge PR #$PR_NUMBER on $PLATFORM (base=$BASE_BRANCH, method=squash)."
-    fi
-    exit 0
-fi
-
 case "$PLATFORM" in
     github)
-        GH_ARGS=(pr merge "$PR_NUMBER" --squash)
+        cmd=(gh pr merge "$PR_NUMBER" --squash)
-        [[ "$DELETE_BRANCH" == true ]] && GH_ARGS+=(--delete-branch)
+        [[ "$DELETE_BRANCH" == true ]] && cmd+=(--delete-branch)
-        gh "${GH_ARGS[@]}"
+        "${cmd[@]}"
         ;;
     gitea)
         HOST=$(get_remote_host) || {
@@ -206,17 +205,31 @@ case "$PLATFORM" in
             exit 1
         }
         TEA_LOGIN="${GITEA_LOGIN:-$(find_tea_login_for_host "$HOST" || true)}"
-        if [[ -n "$TEA_LOGIN" ]]; then
-            tea pr merge "$PR_NUMBER" --style squash --repo "$OWNER/$REPO" --login "$TEA_LOGIN"
-        else
-            echo "No tea login configured for $HOST; using authenticated Gitea API merge fallback." >&2
-            merge_gitea_with_api "$HOST" "https://${HOST}/api/v1/repos/${OWNER}/${REPO}/pulls/${PR_NUMBER}/merge"
-        fi
 
         # Delete branch after merge if requested
         if [[ "$DELETE_BRANCH" == true ]]; then
             echo "Note: Branch deletion after merge may need to be done separately with tea" >&2
         fi
+
+        if [[ -n "$TEA_LOGIN" ]]; then
+            mkdir -p "${AGENT_WORK_ROOT:-/home/hermes/agent-work}"
+            TEA_ERROR_FILE=$(mktemp "${AGENT_WORK_ROOT:-/home/hermes/agent-work}/pr-merge-tea-error.XXXXXX")
+            if tea pr merge "$PR_NUMBER" --style squash --repo "$OWNER/$REPO" --login "$TEA_LOGIN" 2> "$TEA_ERROR_FILE"; then
+                rm -f "$TEA_ERROR_FILE"
+            elif is_known_tea_empty_identity_failure "$TEA_ERROR_FILE"; then
+                cat "$TEA_ERROR_FILE" >&2
+                echo "Known tea empty identity failure detected; using authenticated Gitea API merge fallback." >&2
+                rm -f "$TEA_ERROR_FILE"
+                merge_gitea_with_api "$HOST"
+            else
+                cat "$TEA_ERROR_FILE" >&2
+                rm -f "$TEA_ERROR_FILE"
+                exit 1
+            fi
+        else
+            echo "No tea login configured for $HOST; using authenticated Gitea API merge fallback." >&2
+            merge_gitea_with_api "$HOST"
+        fi
         ;;
     *)
         echo "Error: Could not detect git platform" >&2

packages/mosaic/framework/tools/git/pr-metadata.sh

@@ -2,10 +2,9 @@
 # pr-metadata.sh - Get PR metadata as JSON on GitHub or Gitea
 # Usage: pr-metadata.sh -n <pr_number> [-o <output_file>]
 
-set -euo pipefail
+set -e
 
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-# shellcheck source=packages/mosaic/framework/tools/git/detect-platform.sh
 source "$SCRIPT_DIR/detect-platform.sh"
 
 # Parse arguments
@@ -32,7 +31,7 @@ while [[ $# -gt 0 ]]; do
             exit 0
             ;;
         *)
-            echo "Unknown option: $1" >&2
+            echo "Unknown option: $1"
             exit 1
             ;;
     esac
@@ -43,157 +42,56 @@ if [[ -z "$PR_NUMBER" ]]; then
     exit 1
 fi
 
-write_metadata() {
-    local metadata="$1"
-    if [[ -n "$OUTPUT_FILE" ]]; then
-        printf '%s\n' "$metadata" > "$OUTPUT_FILE"
-    else
-        printf '%s\n' "$metadata"
-    fi
-}
-
-curl_gitea_pull() {
-    local api_url="$1"
-    local token basic_auth raw_code body_file http_code
-    body_file=$(mktemp)
-
-    token=$(get_gitea_token "$HOST" || true)
-    if [[ -n "$token" ]]; then
-        raw_code=$(curl -sS -w '%{http_code}' -o "$body_file" -H "Authorization: token $token" "$api_url" || true)
-        if [[ "$raw_code" =~ ^2 ]]; then
-            cat "$body_file"
-            rm -f "$body_file"
-            return 0
-        fi
-        http_code="$raw_code"
-    fi
-
-    basic_auth=$(get_gitea_basic_auth "$HOST" || true)
-    if [[ -n "$basic_auth" ]]; then
-        raw_code=$(curl -sS -w '%{http_code}' -o "$body_file" -u "$basic_auth" "$api_url" || true)
-        if [[ "$raw_code" =~ ^2 ]]; then
-            cat "$body_file"
-            rm -f "$body_file"
-            return 0
-        fi
-        http_code="$raw_code"
-    fi
-
-    if [[ -z "${http_code:-}" ]]; then
-        raw_code=$(curl -sS -w '%{http_code}' -o "$body_file" "$api_url" || true)
-        http_code="$raw_code"
-    fi
-
-    python3 - "$http_code" "$body_file" <<'PY' >&2
-import json
-import sys
-
-code, path = sys.argv[1], sys.argv[2]
-try:
-    data = json.load(open(path, encoding="utf-8"))
-    message = data.get("message") or data.get("error") or "unknown API error"
-except Exception:
-    message = open(path, encoding="utf-8", errors="replace").read()[:200] or "empty response"
-print(f"Error: Gitea pull request API request failed with HTTP {code}: {message}")
-PY
-    rm -f "$body_file"
-    return 1
-}
-
 detect_platform > /dev/null
 
 if [[ "$PLATFORM" == "github" ]]; then
     METADATA=$(gh pr view "$PR_NUMBER" --json number,title,body,state,author,headRefName,baseRefName,files,labels,assignees,milestone,createdAt,updatedAt,url,isDraft)
-    write_metadata "$METADATA"
+
+    if [[ -n "$OUTPUT_FILE" ]]; then
+        echo "$METADATA" > "$OUTPUT_FILE"
+    else
+        echo "$METADATA"
+    fi
 elif [[ "$PLATFORM" == "gitea" ]]; then
     OWNER=$(get_repo_owner)
     REPO=$(get_repo_name)
-    HOST=$(get_remote_host) || {
+    REMOTE_URL=$(git remote get-url origin 2>/dev/null)
-        echo "Error: Cannot determine host from origin remote URL" >&2
-        exit 1
-    }
 
-    API_URL="https://${HOST}/api/v1/repos/${OWNER}/${REPO}/pulls/${PR_NUMBER}"
+    # Extract host from remote URL
-    if [[ -n "${MOSAIC_GITEA_PR_METADATA_RAW_FILE:-}" ]]; then
+    if [[ "$REMOTE_URL" == https://* ]]; then
-        RAW=$(cat "$MOSAIC_GITEA_PR_METADATA_RAW_FILE")
+        HOST=$(echo "$REMOTE_URL" | sed -E 's|https://([^/]+)/.*|\1|')
+    elif [[ "$REMOTE_URL" == git@* ]]; then
+        HOST=$(echo "$REMOTE_URL" | sed -E 's|git@([^:]+):.*|\1|')
     else
-        RAW=$(curl_gitea_pull "$API_URL")
+        echo "Error: Cannot determine host from remote URL" >&2
+        exit 1
     fi
 
-    # Normalize Gitea response to match GitHub's expected metadata schema.
+    API_URL="https://${HOST}/api/v1/repos/${OWNER}/${REPO}/pulls/${PR_NUMBER}"
-    METADATA=$(printf '%s' "$RAW" | python3 -c "
-import json
-import sys
 
-def first_non_empty(*values):
+    GITEA_API_TOKEN=$(get_gitea_token "$HOST" || true)
-    for value in values:
-        if value is None:
-            continue
-        if isinstance(value, str):
-            value = value.strip()
-        if value:
-            return value
-    return ''
 
-def nested(data, *keys):
+    if [[ -n "$GITEA_API_TOKEN" ]]; then
-    current = data
+        RAW=$(curl -sS -H "Authorization: token $GITEA_API_TOKEN" "$API_URL")
-    for key in keys:
+    else
-        if not isinstance(current, dict):
+        RAW=$(curl -sS "$API_URL")
-            return None
+    fi
-        current = current.get(key)
-    return current
 
-try:
+    # Normalize Gitea response to match our expected schema
+    METADATA=$(echo "$RAW" | python3 -c "
+import json, sys
 data = json.load(sys.stdin)
-except json.JSONDecodeError as exc:
-    print(f'Error: Gitea API returned non-JSON response: {exc}', file=sys.stderr)
-    sys.exit(1)
-
-if not isinstance(data, dict):
-    print('Error: Gitea API returned an unexpected non-object response', file=sys.stderr)
-    sys.exit(1)
-
-if data.get('message') and not data.get('number'):
-    print(f\"Error: Gitea API error: {data.get('message')}\", file=sys.stderr)
-    sys.exit(1)
-
-head_ref = first_non_empty(
-    nested(data, 'head', 'ref'),
-    nested(data, 'head', 'name'),
-    nested(data, 'head', 'branch'),
-    data.get('head_branch'),
-    data.get('head_ref'),
-    data.get('head_label'),
-)
-base_ref = first_non_empty(
-    nested(data, 'base', 'ref'),
-    nested(data, 'base', 'name'),
-    nested(data, 'base', 'branch'),
-    data.get('base_branch'),
-    data.get('base_ref'),
-    data.get('base_label'),
-)
-
-if not head_ref or not base_ref:
-    available = ', '.join(sorted(data.keys()))
-    print(
-        'Error: Unable to resolve non-empty Gitea PR head/base refs '
-        f'(headRefName={head_ref!r}, baseRefName={base_ref!r}; keys={available})',
-        file=sys.stderr,
-    )
-    sys.exit(1)
-
 normalized = {
     'number': data.get('number'),
     'title': data.get('title'),
     'body': data.get('body', ''),
     'state': data.get('state'),
-    'author': nested(data, 'user', 'login') or '',
+    'author': data.get('user', {}).get('login', ''),
-    'headRefName': head_ref,
+    'headRefName': data.get('head', {}).get('ref', ''),
-    'baseRefName': base_ref,
+    'baseRefName': data.get('base', {}).get('ref', ''),
-    'labels': [l.get('name', '') for l in data.get('labels', []) if isinstance(l, dict)],
+    'labels': [l.get('name', '') for l in data.get('labels', [])],
-    'assignees': [a.get('login', '') for a in data.get('assignees', []) if isinstance(a, dict)],
+    'assignees': [a.get('login', '') for a in data.get('assignees', [])],
-    'milestone': nested(data, 'milestone', 'title') or '',
+    'milestone': data.get('milestone', {}).get('title', '') if data.get('milestone') else '',
     'createdAt': data.get('created_at', ''),
     'updatedAt': data.get('updated_at', ''),
     'url': data.get('html_url', ''),
@@ -204,7 +102,11 @@ normalized = {
 json.dump(normalized, sys.stdout, indent=2)
 ")
 
-    write_metadata "$METADATA"
+    if [[ -n "$OUTPUT_FILE" ]]; then
+        echo "$METADATA" > "$OUTPUT_FILE"
+    else
+        echo "$METADATA"
+    fi
 else
     echo "Error: Unknown platform" >&2
     exit 1

packages/mosaic/framework/tools/git/test-pr-merge-gitea-empty-uid.sh

@@ -0,0 +1,216 @@
+#!/bin/bash
+# Regression harness for pr-merge.sh Gitea non-interactive tea empty identity fallback.
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+WORK_ROOT="${AGENT_WORK_ROOT:-/home/hermes/agent-work}"
+SANDBOX="$WORK_ROOT/pr-merge-empty-uid-test-$$"
+MOCK_BIN="$SANDBOX/bin"
+REPO_DIR="$SANDBOX/repo"
+LOG_FILE="$SANDBOX/mock.log"
+
+cleanup() {
+    rm -rf "$SANDBOX"
+}
+trap cleanup EXIT
+
+mkdir -p "$MOCK_BIN" "$REPO_DIR"
+: > "$LOG_FILE"
+
+cat > "$MOCK_BIN/tea" <<'EOF'
+#!/bin/bash
+set -euo pipefail
+printf 'tea %q ' "$@" >> "$PR_MERGE_TEST_LOG"
+printf '\n' >> "$PR_MERGE_TEST_LOG"
+if [[ "$*" == *"pr merge"* ]]; then
+    echo 'user does not exist [uid: 0, name: ]' >&2
+    exit 1
+fi
+exit 0
+EOF
+chmod +x "$MOCK_BIN/tea"
+
+cat > "$MOCK_BIN/curl" <<'EOF'
+#!/bin/bash
+set -euo pipefail
+printf 'curl %q ' "$@" >> "$PR_MERGE_TEST_LOG"
+printf '\n' >> "$PR_MERGE_TEST_LOG"
+args=" $* "
+if [[ "$args" == *"/api/v1/repos/mosaicstack/stack/pulls/123"* && "$args" != *"/api/v1/repos/mosaicstack/stack/pulls/123/merge"* ]]; then
+    cat <<'JSON'
+{"number":123,"title":"mock","state":"open","user":{"login":"tester"},"head":{"ref":"feature/mock"},"base":{"ref":"main"},"labels":[],"assignees":[],"html_url":"https://git.mosaicstack.dev/mosaicstack/stack/pulls/123","mergeable":true}
+JSON
+    exit 0
+fi
+if [[ "$args" == *"-X POST"* && "$args" == *"/api/v1/repos/mosaicstack/stack/pulls/123/merge"* ]]; then
+    cat <<'JSON'
+{"merged":true,"message":"mock merge complete"}
+JSON
+    exit 0
+fi
+echo "unexpected curl invocation: $*" >&2
+exit 97
+EOF
+chmod +x "$MOCK_BIN/curl"
+
+cd "$REPO_DIR"
+git init -q
+git remote add origin https://git.mosaicstack.dev/mosaicstack/stack.git
+
+export PATH="$MOCK_BIN:$PATH"
+export PR_MERGE_TEST_LOG="$LOG_FILE"
+export GITEA_LOGIN="git.mosaicstack.dev"
+export GITEA_TOKEN="redacted-test-token"
+
+OUTPUT="$SANDBOX/output.log"
+if ! "$SCRIPT_DIR/pr-merge.sh" -n 123 -m squash --skip-queue-guard > "$OUTPUT" 2>&1; then
+    echo "Expected pr-merge.sh to recover via Gitea API fallback." >&2
+    echo "--- output ---" >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$OUTPUT" >&2
+    echo "--- mock log ---" >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$LOG_FILE" >&2
+    exit 1
+fi
+
+if ! grep -q '/api/v1/repos/mosaicstack/stack/pulls/123/merge' "$LOG_FILE"; then
+    echo "Expected authenticated Gitea merge API endpoint to be called." >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$LOG_FILE" >&2
+    exit 1
+fi
+
+if grep -q 'redacted-test-token' "$OUTPUT"; then
+    echo "Token leaked to pr-merge.sh output." >&2
+    exit 1
+fi
+
+cat > "$MOCK_BIN/tea" <<'EOF'
+#!/bin/bash
+set -euo pipefail
+printf 'tea %q ' "$@" >> "$PR_MERGE_TEST_LOG"
+printf '\n' >> "$PR_MERGE_TEST_LOG"
+if [[ "$*" == *"pr merge"* ]]; then
+    echo 'tea network timeout' >&2
+    exit 2
+fi
+exit 0
+EOF
+chmod +x "$MOCK_BIN/tea"
+: > "$LOG_FILE"
+if "$SCRIPT_DIR/pr-merge.sh" -n 123 -m squash --skip-queue-guard > "$OUTPUT" 2>&1; then
+    echo "Expected arbitrary tea failure to remain blocking." >&2
+    exit 1
+fi
+if grep -q '/api/v1/repos/mosaicstack/stack/pulls/123/merge' "$LOG_FILE"; then
+    echo "Arbitrary tea failure unexpectedly used Gitea API merge fallback." >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$LOG_FILE" >&2
+    exit 1
+fi
+if ! grep -q 'tea network timeout' "$OUTPUT"; then
+    echo "Expected arbitrary tea error to be preserved in output." >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$OUTPUT" >&2
+    exit 1
+fi
+
+cat > "$MOCK_BIN/tea" <<'EOF'
+#!/bin/bash
+set -euo pipefail
+printf 'tea %q ' "$@" >> "$PR_MERGE_TEST_LOG"
+printf '\n' >> "$PR_MERGE_TEST_LOG"
+if [[ "$*" == *"login list"* ]]; then
+    echo '[]'
+    exit 0
+fi
+if [[ "$*" == *"pr merge"* ]]; then
+    echo 'tea merge should not run without a configured host login' >&2
+    exit 99
+fi
+exit 0
+EOF
+chmod +x "$MOCK_BIN/tea"
+unset GITEA_LOGIN
+: > "$LOG_FILE"
+if ! "$SCRIPT_DIR/pr-merge.sh" -n 123 -m squash --skip-queue-guard > "$OUTPUT" 2>&1; then
+    echo "Expected missing tea login to use authenticated Gitea API fallback." >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$OUTPUT" >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$LOG_FILE" >&2
+    exit 1
+fi
+if ! grep -q '/api/v1/repos/mosaicstack/stack/pulls/123/merge' "$LOG_FILE"; then
+    echo "Expected missing tea login path to call Gitea API merge endpoint." >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$LOG_FILE" >&2
+    exit 1
+fi
+
+SENTINEL="$SANDBOX/injected-sentinel"
+INJECTION="123; touch $SENTINEL #"
+
+cat > "$MOCK_BIN/gh" <<'EOF'
+#!/bin/bash
+set -euo pipefail
+printf 'gh %q ' "$@" >> "$PR_MERGE_TEST_LOG"
+printf '\n' >> "$PR_MERGE_TEST_LOG"
+if [[ "$*" == *"pr view"* ]]; then
+    cat <<'JSON'
+{"number":123,"title":"mock","baseRefName":"main","headRefName":"feature/mock"}
+JSON
+    exit 0
+fi
+if [[ "$*" == *"pr merge"* ]]; then
+    exit 0
+fi
+echo "unexpected gh invocation: $*" >&2
+exit 98
+EOF
+chmod +x "$MOCK_BIN/gh"
+
+cd "$REPO_DIR"
+git remote set-url origin https://github.com/mosaicstack/stack.git
+: > "$LOG_FILE"
+rm -f "$SENTINEL"
+if "$SCRIPT_DIR/pr-merge.sh" -n "$INJECTION" -m squash --skip-queue-guard > "$OUTPUT" 2>&1; then
+    echo "Expected GitHub metacharacter PR number to be rejected." >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$OUTPUT" >&2
+    exit 1
+fi
+if [[ -e "$SENTINEL" ]]; then
+    echo "GitHub metacharacter PR number executed injected shell command." >&2
+    exit 1
+fi
+if [[ -s "$LOG_FILE" ]]; then
+    echo "GitHub metacharacter PR number should be rejected before gh calls." >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$LOG_FILE" >&2
+    exit 1
+fi
+if ! grep -q 'Invalid PR number' "$OUTPUT"; then
+    echo "Expected invalid PR number error for GitHub metacharacter input." >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$OUTPUT" >&2
+    exit 1
+fi
+
+cd "$REPO_DIR"
+git remote set-url origin https://git.mosaicstack.dev/mosaicstack/stack.git
+export GITEA_LOGIN="git.mosaicstack.dev"
+: > "$LOG_FILE"
+rm -f "$SENTINEL"
+if "$SCRIPT_DIR/pr-merge.sh" -n "$INJECTION" -m squash --skip-queue-guard > "$OUTPUT" 2>&1; then
+    echo "Expected Gitea metacharacter PR number to be rejected." >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$OUTPUT" >&2
+    exit 1
+fi
+if [[ -e "$SENTINEL" ]]; then
+    echo "Gitea metacharacter PR number executed injected shell command." >&2
+    exit 1
+fi
+if [[ -s "$LOG_FILE" ]]; then
+    echo "Gitea metacharacter PR number should be rejected before tea/curl calls." >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$LOG_FILE" >&2
+    exit 1
+fi
+if ! grep -q 'Invalid PR number' "$OUTPUT"; then
+    echo "Expected invalid PR number error for Gitea metacharacter input." >&2
+    sed 's/redacted-test-token/***REDACTED***/g' "$OUTPUT" >&2
+    exit 1
+fi
+
+echo "pr-merge.sh Gitea fallback regression passed"

packages/mosaic/framework/tools/git/test-pr-metadata-gitea.sh

@@ -1,74 +0,0 @@
-#!/usr/bin/env bash
-# Regression harness for Gitea PR metadata normalization.
-
-set -euo pipefail
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-WORK_DIR="${MOSAIC_TEST_WORK_DIR:-$PWD/.mosaic-test-work/pr-metadata-gitea}"
-REPO_DIR="$WORK_DIR/repo"
-FIXTURE_DIR="$WORK_DIR/fixtures"
-
-rm -rf "$WORK_DIR"
-mkdir -p "$REPO_DIR" "$FIXTURE_DIR"
-
-git -C "$REPO_DIR" init -q
-git -C "$REPO_DIR" remote add origin https://git.uscllc.com/USC/uconnect.git
-
-cat > "$FIXTURE_DIR/gitea-standard.json" <<'JSON'
-{
-  "number": 1905,
-  "title": "Smoke gate fix",
-  "state": "open",
-  "user": {"login": "edith"},
-  "head": {"ref": "edith/t_39ce717c-authentik-smoke-gate"},
-  "base": {"ref": "main"},
-  "labels": [{"name": "ci"}],
-  "assignees": [{"login": "edith"}],
-  "html_url": "https://git.uscllc.com/USC/uconnect/pulls/1905"
-}
-JSON
-
-cat > "$FIXTURE_DIR/gitea-fallback.json" <<'JSON'
-{
-  "number": 1908,
-  "title": "Fallback branch fields",
-  "state": "open",
-  "user": {"login": "edith"},
-  "head_branch": "fix/fallback-head",
-  "base_branch": "main",
-  "html_url": "https://git.uscllc.com/USC/uconnect/pulls/1908"
-}
-JSON
-
-cat > "$FIXTURE_DIR/gitea-error.json" <<'JSON'
-{"message": "user does not exist [uid: 0, name: ]", "url": "https://git.uscllc.com/api/swagger"}
-JSON
-
-run_case() {
-    local fixture="$1" expected_number="$2" expected_head="$3"
-    local output
-    output=$(cd "$REPO_DIR" && MOSAIC_GITEA_PR_METADATA_RAW_FILE="$fixture" "$SCRIPT_DIR/pr-metadata.sh" -n "$expected_number")
-    PR_METADATA_OUTPUT="$output" python3 - "$expected_number" "$expected_head" <<'PY'
-import json
-import os
-import sys
-
-data = json.loads(os.environ["PR_METADATA_OUTPUT"])
-expected_number = int(sys.argv[1])
-expected_head = sys.argv[2]
-assert data["number"] == expected_number, data
-assert data["baseRefName"] == "main", data
-assert data["headRefName"] == expected_head, data
-PY
-}
-
-run_case "$FIXTURE_DIR/gitea-standard.json" 1905 edith/t_39ce717c-authentik-smoke-gate
-run_case "$FIXTURE_DIR/gitea-fallback.json" 1908 fix/fallback-head
-
-if cd "$REPO_DIR" && MOSAIC_GITEA_PR_METADATA_RAW_FILE="$FIXTURE_DIR/gitea-error.json" "$SCRIPT_DIR/pr-metadata.sh" -n 1909 >/dev/null 2>"$WORK_DIR/error.log"; then
-    echo "Expected API error fixture to fail" >&2
-    exit 1
-fi
-grep -q "Gitea API error" "$WORK_DIR/error.log"
-
-echo "Gitea PR metadata regression harness passed"