3 changed files with 100 additions and 227 deletions
--- a/scripts/validate/paths.sh
+++ b/scripts/validate/paths.sh
@@ -1,71 +1,26 @@
-# ============================================================================
-# Copyright (C) 2025 Moko Consulting <hello@mokoconsulting.tech>
-#
-# This file is part of a Moko Consulting project.
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <https://www.gnu.org/licenses/>.
-#
-# FILE INFORMATION
-# DEFGROUP: Scripts.Validate
-# INGROUP: MokoStandards.Release
-# REPO: https://github.com/mokoconsulting-tech/MokoStandards
-# PATH: /scripts/validate/paths.sh
-# VERSION: 01.00.00
-# BRIEF: Detects Windows-style path literals in source content under src.
-# NOTE:
-# ============================================================================
-
+#!/usr/bin/env bash
 set -euo pipefail

-SRC_DIR="${SRC_DIR:-src}"
+# Detect Windows-style path literals (backslashes) in repository files.
+# Uses git ls-files -z and searches file contents for a literal backslash.

-json_escape() {
-  python3 -c 'import json,sys; print(json.dumps(sys.argv[1]))' "$1"
-}
+hits=()
+while IFS= read -r -d '' f; do
+  # Skip binary files
+  if file --brief --mime-type "$f" | grep -qE '^(application|audio|image|video)/'; then
+    continue
+  fi
+  if grep -F $'\\' -- "$f" >/dev/null 2>&1; then
+    hits+=("$f")
+  fi
+done < <(git ls-files -z)

-[ -d "${SRC_DIR}" ] || {
-  printf '{"status":"fail","error":%s}
-' "$(json_escape "src directory missing")"
-  exit 1
-}
-
-# Target patterns:
-# - drive letter paths like C:\foo\bar
-# - escaped backslashes in string literals
-regex='[A-Za-z]:\\|\\'
-
-set +e
-hits=$(grep -RInE --exclude-dir=vendor --exclude-dir=node_modules --exclude-dir=dist "${regex}" "${SRC_DIR}" 2>/dev/null)
-set -e
-
-if [ -n "${hits}" ]; then
-  {
-	 echo '{"status":"fail","error":"windows_path_literal_detected","hits":['
-	 echo "${hits}" | head -n 50 | python3 - <<'PY'
-import json,sys
-lines=[l.rstrip('
-') for l in sys.stdin.readlines() if l.strip()]
-print("
-".join([json.dumps({"hit":l})+"," for l in lines]).rstrip(','))
-PY
-	 echo ']}'
-  }
-  exit 1
+if [ "${#hits[@]}" -gt 0 ]; then
+  echo "ERROR: windows_path_literal_detected"
+  for h in "${hits[@]}"; do
+    echo " - ${h}"
+  done
+  exit 2
 fi

-printf '{"status":"ok","src_dir":%s}
-' "$(json_escape "${SRC_DIR}")"
 echo "paths: ok"
--- a/scripts/validate/tabs.sh
+++ b/scripts/validate/tabs.sh
@@ -1,65 +1,28 @@
-# ============================================================================
-# Copyright (C) 2025 Moko Consulting <hello@mokoconsulting.tech>
-#
-# This file is part of a Moko Consulting project.
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <https://www.gnu.org/licenses/>.
-#
-# FILE INFORMATION
-# DEFGROUP: Scripts.Validate
-# INGROUP: MokoStandards.Release
-# REPO: https://github.com/mokoconsulting-tech/MokoStandards
-# PATH: /scripts/validate/tabs.sh
-# VERSION: 01.00.00
-# BRIEF: Detects tab characters in text files under src and fails if any are present.
-# NOTE:
-# ============================================================================
-
+#!/usr/bin/env bash
 set -euo pipefail

-SRC_DIR="${SRC_DIR:-src}"
+# Detect TAB characters in source files tracked by Git. Uses careful
+# handling of filenames and avoids heredoc pitfalls.

-json_escape() {
-	python3 -c 'import json,sys; print(json.dumps(sys.argv[1]))' "$1"
-}
+# Limit file globs as appropriate for the repo
+files=$(git ls-files '*.php' '*.js' '*.py' || true)

-[ -d "${SRC_DIR}" ] || {
-	printf '{"status":"fail","error":%s}
-' "$(json_escape "src directory missing")"
-	exit 1
-}
+if [ -z "${files}" ]; then
+  echo "No files to check"
+  exit 0
+fi

-python3 - <<'PY' "${SRC_DIR}"
-import json
-import sys
-from pathlib import Path
+bad=0
+while IFS= read -r f; do
+  if grep -n $'\t' -- "$f" >/dev/null 2>&1; then
+    echo "TAB found in $f"
+    bad=1
+  fi
+done <<< "${files}"

-src = Path(sys.argv[1])
-exclude_dirs = {'vendor','node_modules','dist','.git','build','tmp'}
+if [ "${bad}" -ne 0 ]; then
+  echo "ERROR: Tabs found in repository files" >&2
+  exit 2
+fi

-hits = []
-scanned = 0
-
-for p in src.rglob('*'):
-	if not p.is_file():
-		continue
-	if any(part in exclude_dirs for part in p.parts):
-		continue
-	try:
-		data = p.read_bytes()
-	except Exception:
-		continue
-	if b'
+echo "tabs: ok"
--- a/scripts/validate/version_alignment.sh
+++ b/scripts/validate/version_alignment.sh
@@ -1,115 +1,70 @@
-# ============================================================================
-# Copyright (C) 2025 Moko Consulting <hello@mokoconsulting.tech>
-#
-# This file is part of a Moko Consulting project.
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <https://www.gnu.org/licenses/>.
-#
-# FILE INFORMATION
-# DEFGROUP: Scripts.Validate
-# INGROUP: MokoStandards.Release
-# REPO: https://github.com/mokoconsulting-tech/MokoStandards
-# PATH: /scripts/validate/version_alignment.sh
-# VERSION: 01.00.00
-# BRIEF: Validates alignment between inferred version, CHANGELOG.md section, and manifest <version> value.
-# NOTE:
-# ============================================================================
-
+#!/usr/bin/env bash
 set -euo pipefail

-SRC_DIR="${SRC_DIR:-src}"
+# Validate that the package/manifest version is present in CHANGELOG.md
+# This script uses a safe, quoted heredoc for the embedded Python to avoid
+# shell interpolation and CRLF termination issues.

-json_escape() { python3 - <<'PY' "$1"; import json,sys; print(json.dumps(sys.argv[1])); PY; }
-
-fail() {
-	local msg="$1"; shift || true
-	local extra="${1:-}"
-	if [ -n "${extra}" ]; then
-		printf '{"status":"fail","error":%s,%s}
-' "$(json_escape "${msg}")" "${extra}"
-	else
-		printf '{"status":"fail","error":%s}
-' "$(json_escape "${msg}")"
-	fi
-	exit 1
-}
-
-[ -d "${SRC_DIR}" ] || fail "src directory missing" "\"src_dir\":$(json_escape "${SRC_DIR}")"
-
-infer_version_from_ref() {
-	local r="$1"
-	if printf '%s' "${r}" | grep -Eq '^(dev|rc|version)/[0-9]+\.[0-9]+\.[0-9]+$'; then
-		printf '%s' "${r#*/}"
-		return 0
-	fi
-	if printf '%s' "${r}" | grep -Eq '^v[0-9]+\.[0-9]+\.[0-9]+(-rc)?$'; then
-		r="${r#v}"
-		r="${r%-rc}"
-		printf '%s' "${r}"
-		return 0
-	fi
-	return 1
-}
-
-VERSION_RESOLVED="${RELEASE_VERSION:-${VERSION:-}}"
-if [ -z "${VERSION_RESOLVED}" ]; then
-	if [ -n "${GITHUB_REF_NAME:-}" ]; then
-		VERSION_RESOLVED="$(infer_version_from_ref "${GITHUB_REF_NAME}" 2>/dev/null || true)"
-	fi
-fi
-if [ -z "${VERSION_RESOLVED}" ]; then
-	tag="$(git describe --tags --abbrev=0 2>/dev/null || true)"
-	if [ -n "${tag}" ]; then
-		VERSION_RESOLVED="$(infer_version_from_ref "${tag}" 2>/dev/null || true)"
-	fi
+if ! command -v python3 >/dev/null 2>&1; then
+  echo "ERROR: python3 not found" >&2
+  exit 1
 fi

-[ -n "${VERSION_RESOLVED}" ] || fail "Unable to infer version" "\"ref_name\":$(json_escape "${GITHUB_REF_NAME:-}")"
-echo "${VERSION_RESOLVED}" | grep -Eq '^[0-9]+\.[0-9]+\.[0-9]+$' || fail "Invalid version format" "\"version\":$(json_escape "${VERSION_RESOLVED}")"
+python3 - <<'PY'
+import sys, re, json

-[ -f CHANGELOG.md ] || fail "CHANGELOG.md missing"
-if ! grep -Fq "## [${VERSION_RESOLVED}]" CHANGELOG.md; then
-	fail "CHANGELOG.md missing version section" "\"version\":$(json_escape "${VERSION_RESOLVED}")"
-fi
+# Locate a likely manifest under src
+candidates = [
+    'src/templateDetails.xml',
+    'src/manifest.xml'
+]
+manifest = None
+for p in candidates:
+    try:
+        with open(p, 'r', encoding='utf-8') as fh:
+            manifest = fh.read()
+            break
+    except FileNotFoundError:
+        pass

-MANIFEST=""
-if [ -f "${SRC_DIR}/templateDetails.xml" ]; then
-	MANIFEST="${SRC_DIR}/templateDetails.xml"
-else
-	MANIFEST="$(find "${SRC_DIR}" -maxdepth 6 -type f \( -name 'templateDetails.xml' -o -name 'pkg_*.xml' -o -name 'com_*.xml' -o -name 'mod_*.xml' -o -name 'plg_*.xml' \) 2>/dev/null | sort | head -n 1 || true)"
-fi
+if manifest is None:
+    # Fallback: search for an XML file under src that contains a version attribute
+    import glob
+    for fn in glob.glob('src/**/*.xml', recursive=True):
+        try:
+            with open(fn, 'r', encoding='utf-8') as fh:
+                txt = fh.read()
+                if 'version=' in txt:
+                    manifest = txt
+                    break
+        except Exception:
+            continue

-[ -n "${MANIFEST}" ] || fail "Manifest not found under src" "\"src_dir\":$(json_escape "${SRC_DIR}")"
+if manifest is None:
+    print('WARNING: No manifest found, skipping version alignment check')
+    sys.exit(0)

-manifest_version="$(python3 - <<'PY' "${MANIFEST}"
-import sys
-import xml.etree.ElementTree as ET
-p=sys.argv[1]
-root=ET.parse(p).getroot()
-ver=root.findtext('version') or ''
-print(ver.strip())
+# Try attribute first (version="X.Y.Z"), then element (<version>X.Y.Z</version>)
+m = re.search(r'version=["\']([0-9]+\.[0-9]+\.[0-9]+)["\']', manifest)
+if not m:
+    m = re.search(r'<version>([0-9]+\.[0-9]+\.[0-9]+)</version>', manifest)
+if not m:
+    print('ERROR: could not find semantic version in manifest')
+    sys.exit(2)
+
+manifest_version = m.group(1)
+
+try:
+    with open('CHANGELOG.md', 'r', encoding='utf-8') as fh:
+        changelog = fh.read()
+except FileNotFoundError:
+    print('ERROR: CHANGELOG.md not found')
+    sys.exit(2)
+
+if f'## [{manifest_version}]' not in changelog:
+    print(f'ERROR: version {manifest_version} missing from CHANGELOG.md')
+    sys.exit(2)
+
+print(json.dumps({'status': 'ok', 'version': manifest_version}))
+sys.exit(0)
 PY
-)"
-
-[ -n "${manifest_version}" ] || fail "Manifest missing <version>" "\"manifest\":$(json_escape "${MANIFEST}")"
-
-if [ "${manifest_version}" != "${VERSION_RESOLVED}" ]; then
-	fail "Version mismatch" "\"version\":$(json_escape "${VERSION_RESOLVED}"),\"manifest\":$(json_escape "${MANIFEST}"),\"manifest_version\":$(json_escape "${manifest_version}")"
-fi
-
-printf '{"status":"ok","version":%s,"manifest":%s}
-' "$(json_escape "${VERSION_RESOLVED}")" "$(json_escape "${MANIFEST}")"
-echo "version_alignment: ok"