Merge pull request #222

- Add log() function with info|warn|error|debug levels
- Log format: timestamp level component message
- Sensitive values (tokens, passwords, secrets) are masked automatically
- Fix mask_sensitive_vars to handle empty input gracefully

Implements: shoko/kugetsu#118

.pre-commit-config.yaml

@@ -0,0 +1,18 @@
+repos:
+  - repo: https://github.com/shellcheck-py/shellcheck-py
+    rev: v0.9.0.6
+    hooks:
+      - id: shellcheck
+
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    rev: v0.1.8
+    hooks:
+      - id: ruff
+        args: [--fix]
+      - id: ruff-format
+
+  - repo: https://github.com/commitizen-tools/commitizen
+    rev: v3.2.0
+    hooks:
+      - id: commitizen
+        stages: [commit-msg]

CONTRIBUTING.md

@@ -16,6 +16,38 @@
 - Test changes before submitting
 - See [VERSIONING.md](VERSIONING.md) for backport compatibility rules
 
+## Pre-commit Hooks
+
+This repository uses [pre-commit](https://pre-commit.com/) for linting and commit message enforcement.
+
+### Setup
+
+```bash
+pip install pre-commit
+pre-commit install
+```
+
+### Hooks
+
+- **shellcheck** — Lints bash scripts
+- **ruff** — Lints and formats Python
+- **commitizen** — Enforces [Conventional Commits](https://www.conventionalcommits.org/) format
+
+### Commit Message Format
+
+Use Conventional Commits format:
+
+```
+type(scope): message
+
+# Examples
+fix(session): handle missing session gracefully
+feat(pm): add queue daemon for task delegation
+docs: update contributing guide
+```
+
+Types: `fix`, `feat`, `docs`, `refactor`, `chore`, `test`
+
 ## Branches
 
 ### Primary Branches

skills/kugetsu/scripts/kugetsu-log.sh

@@ -1,6 +1,40 @@
 #!/bin/bash
 set -euo pipefail
 
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+source "$SCRIPT_DIR/kugetsu-config.sh"
+
+log() {
+    local level="${1:-}"
+    local component="${2:-}"
+    local message="${3:-}"
+    local timestamp
+    timestamp=$(date -Iseconds)
+
+    case "$level" in
+        info|warn|error|debug) ;;
+        *)
+            echo "Error: log level must be info|warn|error|debug" >&2
+            return 1
+            ;;
+    esac
+
+    if [ -z "$message" ]; then
+        message="$component"
+        component="${level}"
+        level="info"
+    fi
+
+    local masked
+    masked=$(mask_sensitive_vars "$message")
+    echo "[$timestamp] $level $component $masked"
+}
+
+log_debug() { log "debug" "$1" "${2:-}"; }
+log_info()  { log "info"  "$1" "${2:-}"; }
+log_warn()  { log "warn"  "$1" "${2:-}"; }
+log_error() { log "error" "$1" "${2:-}"; }
+
 cmd_logs() {
     local count="${1:-10}"
     

skills/kugetsu/scripts/kugetsu-session.sh

@@ -270,7 +270,35 @@ build_dev_agent_message() {
     local number=$(echo "$issue_ref" | grep -oE '#[0-9]+$' | tr -d '#')
     local worktree_path=$(issue_ref_to_worktree_path "$issue_ref")
     
-    local base_message="You are assigned to work on $issue_ref.
+    if [ -n "$user_message" ]; then
+        cat <<EOF
+You are continuing work on $issue_ref. A PR likely already exists.
+
+IMPORTANT - Review workflow:
+1. First, check if PR exists: curl -s "https://$instance/api/v1/repos/$owner/$repo/pulls?state=open" -H "Authorization: Bearer \$GITEA_TOKEN" | grep -i "$number"
+2. Get PR comments: curl -s "https://$instance/api/v1/repos/$owner/$repo/issues/$number/comments" -H "Authorization: Bearer \$GITEA_TOKEN"
+3. Get PR reviews: curl -s "https://$instance/api/v1/repos/$owner/$repo/pulls/$number/reviews" -H "Authorization: Bearer \$GITEA_TOKEN"
+
+You may need to:
+- Make code changes and push to the same branch
+- Reply to PR comments using: curl -X POST "https://$instance/api/v1/repos/$owner/$repo/issues/$number/comments" -H "Authorization: Bearer \$GITEA_TOKEN" -H "Content-Type: application/json" -d '{"body":"Your reply here"}'
+- Or do both
+
+MERGING: If instructed to merge, you MUST confirm approval first before merging:
+- Check for PR approval via: curl -s "https://$instance/api/v1/repos/$owner/$repo/pulls/$number/reviews" -H "Authorization: Bearer \$GITEA_TOKEN"
+- Check for "lgtm" or "approved" in comments: curl -s "https://$instance/api/v1/repos/$owner/$repo/issues/$number/comments" -H "Authorization: Bearer \$GITEA_TOKEN"
+- Only merge if you see approval OR the instruction explicitly says to merge (e.g., "merge the PR", "please merge", "go ahead and merge")
+- To merge: tea pr merge --repo $owner/$repo $number --style merge
+- If no approval yet, reply asking for review/approval first
+
+Delegator's message:
+$user_message
+
+Work directory: $worktree_path (already on the fix branch)
+EOF
+    else
+        cat <<EOF
+You are assigned to work on $issue_ref.
 
 Workflow:
 1. Read the issue at $instance/$owner/$repo/issues/$number AND all comments on that issue
@@ -285,17 +313,20 @@ Workflow:
 6. If anything is unclear, post a comment on the issue asking for clarification before implementing
 7. Implement the solution
 8. Create a branch named fix/issue-$number and implement the fix
-9. Create a PR when the implementation is complete
+9. Create a PR when the implementation is complete using: tea pr create --repo $owner/$repo --title "Your PR title" --body "PR description"
+   - Make sure you are logged in with: tea login add --name gitea --token \$GITEA_TOKEN --url https://$instance
+   - If tea is not available, use: curl -X POST "https://$instance/api/v1/repos/$owner/$repo/pulls" -H "Authorization: Bearer \$GITEA_TOKEN" -H "Content-Type: application/json" -d '{"title":"PR Title","head":"branch-name","base":"main","body":"PR description"}'
 
-Work directory: $worktree_path"
+Tools for PR interaction:
-    
+- Post issue/PR comment: curl -X POST "https://$instance/api/v1/repos/$owner/$repo/issues/$number/comments" -H "Authorization: Bearer \$GITEA_TOKEN" -H "Content-Type: application/json" -d '{"body":"Your comment"}'
-    if [ -n "$user_message" ]; then
+- List PR comments: curl -s "https://$instance/api/v1/repos/$owner/$repo/issues/$number/comments" -H "Authorization: Bearer \$GITEA_TOKEN"
-        echo "$base_message
+- List PR reviews: curl -s "https://$instance/api/v1/repos/$owner/$repo/pulls/$number/reviews" -H "Authorization: Bearer \$GITEA_TOKEN"
+- Merge PR (only with approval): tea pr merge --repo $owner/$repo $number --style merge
+  - MERGING requires approval first! Check for: approval in reviews, OR "lgtm"/"approved" in comments
+  - If no approval, ask reviewer to approve first before merging
 
-Additional instructions from delegator:
+Work directory: $worktree_path
-$user_message"
+EOF
-    else
-        echo "$base_message"
     fi
 }
 
@@ -378,7 +409,11 @@ cmd_start() {
     
     cd "$worktree_path"
     local sanitized_id=$(echo "$new_session_id" | sed 's/[^a-zA-Z0-9_-]/_/g')
-    local msg_file="$worktree_path/.kugetsu-msg.txt"
+    mkdir -p "$worktree_path/.kugetsu"
+    if [ ! -f "$worktree_path/.gitignore" ] || ! grep -q "^.kugetsu/" "$worktree_path/.gitignore"; then
+        echo ".kugetsu/" >> "$worktree_path/.gitignore" 2>/dev/null || true
+    fi
+    local msg_file="$worktree_path/.kugetsu/msg.txt"
     printf '%s' "$dev_message" > "$msg_file"
     nohup sh -c "GITEA_TOKEN='${GITEA_TOKEN:-}' opencode run '@$msg_file' --session '$new_session_id'" >> "$LOGS_DIR/dev-$sanitized_id.log" 2>&1 &
     
@@ -444,7 +479,11 @@ cmd_continue() {
     
     cd "$worktree_path"
     local sanitized_id=$(echo "$opencode_session_id" | sed 's/[^a-zA-Z0-9_-]/_/g')
-    local msg_file="$worktree_path/.kugetsu-msg.txt"
+    mkdir -p "$worktree_path/.kugetsu"
+    if [ ! -f "$worktree_path/.gitignore" ] || ! grep -q "^.kugetsu/" "$worktree_path/.gitignore"; then
+        echo ".kugetsu/" >> "$worktree_path/.gitignore" 2>/dev/null || true
+    fi
+    local msg_file="$worktree_path/.kugetsu/msg.txt"
     printf '%s' "$message" > "$msg_file"
     nohup sh -c "GITEA_TOKEN='${GITEA_TOKEN:-}' opencode run '@$msg_file' --session '$opencode_session_id'" >> "$LOGS_DIR/dev-$sanitized_id.log" 2>&1 &
 }