A 12-PR sprint: copilot/codex data-loss, gain accuracy, diff compat, security pass

[YOMXXX]

Hi RTK community 👋

Sharing a batch of contributions I just pushed for develop. Goal was to land the most user-visible bugs and the secret-bearing surfaces in one focused pass. Twelve PRs total — three groups.

Group 1 · P0 data-loss / config-poisoning (2 PRs)

Both were silently destroying user files on every rtk init. Sticky and bad enough to lead the batch.

• fix(hooks/init): preserve user content in copilot-instructions.md #1976 — fix(hooks/init): preserve user content in copilot-instructions.md (Fixes copilot-instructions.md overwrite #1964, URGENT : rtk overwrite the copilot / claude.md #1891)
  Routes the Copilot path through the same <!-- rtk-instructions --> marker-block helper already used for CLAUDE.md / AGENTS.md. User content outside the block is preserved byte-for-byte; malformed pre-existing blocks are refused with a remediation message instead of silently rewritten.
• fix(hooks/codex): write RTK reference to AGENTS.override.md, not AGENTS.md #1977 — fix(hooks/codex): write RTK reference to AGENTS.override.md, not AGENTS.md (Fixes Codex rtk init edits .codex/AGENTS.md instead of .codex/AGENTS.override.md #1943)
  Codex's layering convention: tools should write to the local-override layer (AGENTS.override.md), not the base layer. Legacy installs with RTK content already in AGENTS.md are migrated cleanly; uninstall scrubs both files.

Group 2 · P1 analytics, discover, diff (3 PRs)

• fix(analytics/gain): cap per-call saved tokens at Claude tool-result ceiling #1978 — fix(analytics/gain): cap per-call saved tokens at Claude tool-result ceiling (Fixes Misleading analytics: gain over-counts "tokens saved"; discover under-counts adoption when hook rewrites are in play #1973, rtk gain hallucinates massive token usage and savings on one day using rtk gain --daily #1935)
  Per-call "saved" attribution is capped at CLAUDE_TOOL_RESULT_CAP = 25_000. Write-side caps new rows; read-side migration clamps historical rows in place. The "saved 12M tokens on one rtk read" hallucination goes away — the dashboard now reflects actual Claude-quota savings rather than local processing volume.
• fix(discover): reclassify universal-passthrough git subcommands and flag pre-hook nature #1979 — fix(discover): reclassify universal-passthrough git subcommands and flag pre-hook nature (Fixes rtk discover: false positives for git subcommands (checkout, clone, remote) #1897, refs Misleading analytics: gain over-counts "tokens saved"; discover under-counts adoption when hook rewrites are in play #1973 / rtk discover reports false missed savings — reads pre-hook transcript commands, not executed ones #1929)
  ~30 git subcommands (checkout, clone, remote, reset, merge, rebase, etc.) move from "Unsupported" to "Supported + Passthrough". And when the RTK PreToolUse hook is detected, the report now warns that transcripts capture the pre-hook command (the full post-hook fix needs upstream Claude Code coordination).
• fix(cmds/git/diff): preserve POSIX/git contract for programmatic consumers #1981 — fix(cmds/git/diff): preserve POSIX/git contract for programmatic consumers (Fixes rtk diff and rtk git diff produce output that breaks programmatic consumers (patch, git apply, --name-only, exit codes) #1918, rtk diff produces cascading false positives on insertions/deletions #1869; refs rtk git diff prepends diffstat, breaking git apply #1081)
  Non-TTY stdout + ~12 machine-friendly flags (--name-only, --check, --exit-code, -z, --raw, etc.) trigger byte-for-byte passthrough so git apply, patch, and shell loops round-trip again. rtk diff (file compare) now follows GNU exit-code convention (0 / 1 / 2).

Group 3 · P2 ecosystem polish (4 PRs)

• fix(cmds/ruby): accept version-only JSON from rubocop/rspec --version #1982 — fix(cmds/ruby): accept version-only JSON from rubocop/rspec --version (Fixes rubocop/rspec --version parser rejects pure version JSON #1946)
• fix(hooks/rewrite): restore php passthrough rewrite #1983 — fix(hooks/rewrite): restore php → rtk php rewrite rule (Fixes php command is no longer rewritten to rtk php #1892, regression)
• fix(cmds/go): surface failure context inline instead of hiding in tee file #1984 — fix(cmds/go): surface failure context inline instead of hiding in tee file (Fixes go test filter hides failure details, shows only summary + tee file path #1882)
• fix(hooks/exclude): match multi-token entries against command prefix #1985 — fix(hooks/exclude): match multi-token entries against command prefix (Fixes [hooks] exclude_commands does not cover subcommands (e.g. "git diff") #1919)

Group 4 · Security & privacy (3 PRs, stacked) — Refs #1875

A focused three-PR pass on the four findings in #1875. Findings 2 + 3 share a call site and ship together.

• fix(aws): redact secretsmanager get-secret-value payload #1986 — fix(aws): redact secretsmanager get-secret-value payload (Finding 1)
  Default output emits Name + 8-hex SHA-256 prefix + (for JSON) top-level keys. Escape hatches: RTK_REVEAL_SECRETS=1 env / --reveal-secret flag. One-shot stderr warning on first redaction so the change isn't silent.
• feat(tracking): honour tracking.enabled and redact sensitive args #1987 — feat(tracking): honour tracking.enabled and redact sensitive args (Findings 2 + 3)
  Introduces src/core/redact.rs with a lazy_static-cached regex bundle (URL userinfo, Bearer, --token=, inline env, ghp_/sk-/AKIA… heuristics). Tracker::record is now gated on tracking.enabled + RTK_TRACK=0. Project paths default to <basename>#<8-hex-sha256>. One-shot migration via PRAGMA user_version 0→2 rewrites the last 90 days of rows.
• feat(tee): redact sensitive output and add per-command opt-out #1988 — feat(tee): redact sensitive output and add per-command opt-out (Finding 4, stacked on feat(tracking): honour tracking.enabled and redact sensitive args #1987)
  Three layers: (1) slug blocklist (aws_secretsmanager*, kubectl_get_secret*, gh_secret*, op_*, vault_*, git_config*, etc. refuse to persist), (2) content redactor reuses the regex bundle from feat(tracking): honour tracking.enabled and redact sensitive args #1987 and prepends --- rtk: N credential-like patterns redacted --- when matches found, (3) tee_and_hint_sensitive variant forces redaction at 9 call sites in aws/curl/psql.

Merge order matters: #1987 before #1988 (stacked).

Outside reviews

Also left LGTM / coordination comments on six in-flight community PRs:

• fix(golangci-lint): accept null source lines #1969 (golangci-lint null SourceLines) — LGTM, ready
• fix(ccusage): accept period field emitted by ccusage ≥19.0 for all granularities #1968 (ccusage period field) — LGTM, ready
• fix(grep): preserve filename for single-file matches with colons #1965 (grep filename preservation) — LGTM with a small rg-version-compat nit for the author
• fix(gradlew): anchor 'e:' in ERROR_LINE to avoid mid-line false positives #1939, fix(gradlew): collapse consecutive blank lines in build filter output #1940 (gradlew anchor + blank collapse) — both LGTM
• feat(mvn): add mvn test filter with broadened goal matching #1921 — flagged the three overlapping mvn PRs (feat(mvn): add mvn test filter with broadened goal matching #1921 / feat(mvn)!: Rust module replacing TOML filter, adds test phase support #1956 / feat(jvm): add rtk mvn with Surefire/Failsafe XML test summarization #1974) so reviewers can pick a base before any of them gets approved
• fix(kubectl): stop dropping resource data in get filters (TOON output) #1931 — left a rebase nudge (CONFLICTING)

Numbers

• ~3500 LOC added (production ~1400, tests ~2100)
• 60+ new tests; per-PR worktree counts 1905 → 1930
• Every PR: cargo fmt --check, cargo clippy --all-targets (zero warnings), cargo test --bin rtk -- --test-threads=8 (clean)
• Zero Cargo.lock changes committed (the existing 0.34.3 ↔ 0.36.0 toml/lock drift is unrelated and left for whoever does the next release bump)

Heads-up on the current state

The 12 PRs are all currently blocked at CLA Assistant — the bot doesn't recognise my commit author name. I'll be sorting that out shortly (adding the commit email as a verified secondary on my GitHub account); once signed, all 12 should clear in one go. No code-level blockers as of writing — every PR is MERGEABLE against develop, no failing CI checks, no requested changes.

What's deliberately not in this batch

Listed in the spec for #1875 §6 (full design doc lives locally, can share if useful):

• AWS KMS / SSM get-parameter --with-decryption / kubectl get secret -o yaml (file persistence is covered by the tee blocklist in feat(tee): redact sensitive output and add per-command opt-out #1988; the stdout-redaction parallel needs a per-filter pass)
• Encrypting the tracking DB at rest (out of proportion to threat)
• A rtk privacy meta-command (users can still nuke ~/.local/share/rtk/ manually)
• Server-side telemetry redaction (telemetry already gates on consent + only ships aggregates)

Happy to split any of these into follow-up PRs once the current batch lands. Open to feedback on direction, scope, or anything that should be re-shaped.

Thanks!

[YOMXXX]

Update — 2026-05-21

Quick status pulse on the sprint plus a second batch landed this morning.

Sprint 1 status

• fix(hooks/init): preserve user content in copilot-instructions.md #1976 merged 🎉 — @aeppling left LGTM after I addressed the three review points (shared write_rtk_block dispatcher, unified bail-on-malformed across CLAUDE.md / copilot-instructions, reordered run_copilot_at so a malformed upsert aborts before any hook file is written). Dropped the inadvertent Cargo.lock resync on a force-push; final delta was src/hooks/init.rs only.
• CLA: cleared across all 12 — the rest of the original sprint is MERGEABLE, waiting on review bandwidth.
• fix(hooks/rewrite): restore php passthrough rewrite #1983: my push originally tripped a cargo fmt regression on src/discover/registry.rs:3925; pushed a one-line rustfmt cleanup (style(discover): rustfmt single-line if let in php regression test). CI on this PR is now action_required (fork PRs need a maintainer to approve the run).

Sprint 2 — five smaller PRs landed today

Each is independent, no stacking. Quality bar identical to sprint 1 (fmt / clippy --all-targets zero warnings / test --bin rtk -- --test-threads=8 green on each branch).

• chore(cargo): declare MSRV via rust-version = "1.91" #2002 — chore(cargo): declare MSRV via rust-version = "1.91" (Fixes Add rust-version to Cargo.toml (MSRV = 1.91) #1402)
  rtk uses str::floor_char_boundary() (stabilised 1.91). Without rust-version in Cargo.toml, packagers on older toolchains hit a confusing use of unstable library feature rustc error. One-line declaration so cargo gives a clean MSRV diagnostic instead.

• fix(read): strip ANSI from rtk read output on non-TTY stdout #2003 — fix(read): strip ANSI from rtk read output on non-TTY stdout (Fixes cat (via rtk) emits ANSI color codes to non-TTY stdout, corrupting command substitution #1409, P0)
  cat foo (rewritten to rtk read foo) was embedding default 256-colour ANSI into stdout even when destination was a pipe — gh pr create --body "$(cat body.md)" landed [38;5;231m## Summary[0m in the PR body. New should_strip_color() honours NO_COLOR / CLICOLOR=0 / !is_terminal(stdout) (standard Unix convention shared by ls / grep / git / rg). Policy is separate from action (sanitize_for_stdout(s, strip)) so unit tests don't race on process-global env vars.

• fix(discover): register ssh in the rewrite rule table so hook routes it #2004 — fix(discover): register ssh in the rewrite rule table so hook routes it (Fixes SSH filter passes verify (3/3) but rtk rewrite returns exit 1 — ssh commands unintercepted on Claude Code hook path #1654)
  rtk verify --filter ssh reported 3/3 passing but rtk rewrite "ssh …" returned exit 1 for every shape — the verify path consults the TOML filter registry, the hook rewrite path consults the hard-coded RULES table in src/discover/rules.rs, and RULES didn't list ssh. One RtkRule next to curl/wget closes the gap; main.rs's TOML dispatch picks up src/filters/ssh.toml unchanged. Reporter saw ssh as the Release v0.2.1 #1 unhandled command in 30 days of rtk discover.

• feat(discover): rewrite bunx prisma → rtk prisma #2005 — feat(discover): rewrite bunx prisma → rtk prisma (Fixes feat: rewrite bunx prisma → rtk prisma (bun runner for Prisma CLI) #1401)
  bunx prisma <sub> is semantically equivalent to npx prisma <sub> (same CLI, same output) but the existing Prisma rule's regex didn't include bunx. One alternation branch + one entry in rewrite_prefixes; no new output-handling logic.

• fix(pytest): surface diagnostic context when no tests are collected #2006 — fix(pytest): surface diagnostic context when no tests are collected (Fixes pytest collection fails with no-args invocation #1417)
  rtk pytest (no args) collapsed pytest's collection output to a single terse Pytest: No tests collected whenever the summary parser couldn't find a counted summary. Reporter couldn't tell whether it was cwd, pytest config, or rtk. New diagnose_no_tests helper surfaces rootdir: / configfile: / testpaths: / collected N items / collection-error lines / the no tests ran summary verbatim under the verdict header — capped at 15 lines, falls back to the terse default when no marker is recognisable.

What I deliberately did not PR

• bug(dotnet): build/test summary line at top of output is cut off by | tail -N #1574 (dotnet build/test/restore status-line position) — while triaging it I traced develop and found the issue body's main scope already shipped via ed161b0 fix(dotnet): move build/test/restore status line to the bottom plus the follow-up 271bc53. Left a comment on the issue confirming that and flagging one adjacent surface (format_dotnet_format_output for dotnet format --check) that still has the verdict-at-top shape, in case maintainers want a tight follow-up scoped just to that function. No PR — didn't want to step on the existing fix.
• Hook matcher: leading backslash-newline defeats command rewrite #1564 / [Bug] rtk hook copilot does not trigger for VS Code Copilot Chat — "run_in_terminal" not recognized in detect_format() #1425 / bug: "rtk init -g --agent cursor" errors due to expecting $HOME/.claude #1465 — all P1 / effort-small candidates, but each already has an active community PR (#1572 @SAY-5 / #1800 @devmasa / #1488 @nhamtrieu). Skipped to avoid stepping on contributor work.

Numbers (sprint 2)

• ~280 LOC added (production ~140, tests ~140)
• 13 new tests; per-PR worktree counts 1909 → 1910–1913 depending on PR
• Each PR's Cargo.lock left untouched (the same toml/lock drift mentioned in the original post applies; I'm being careful not to bundle it in).

Happy to split or rework any of these if the direction looks off. Thanks!

[YOMXXX]

Final update — 2026-05-21 (later)

Closing the loop on this sprint with two threads of additional work, then standing down.

Community PR review batch

Five rtk PRs that had been sitting in the queue without an outside review — I went through each, traced the diff against current develop, and left a substantive review (not just LGTM). Goal was to give maintainers a head start so they can prioritise rather than evaluate from scratch.

• Fixes #823 : standalone rtk init for Copilot #1953 (@alexcellierst) — ✅ approved. README quickstart row was misleading; verified the actual rtk init -g vs rtk init -g --copilot behaviour in a scratch dir before signing off.

• fix(golangci-lint): accept null source lines #1969 (@NgoQuocViet2001) — ✅ approved. The Option::<Vec<String>>::deserialize(d)?.unwrap_or_default() shape is the canonical serde idiom for "treat absent and null the same"; checked downstream .iter() paths handle an empty vec the same way.

• fix(ccusage): accept period field emitted by ccusage ≥19.0 for all granularities #1968 (@bjanssen11) — ✅ approved on the ccusage period-vs-month core. Flagged a non-blocking scope nit: the diff also lands #[allow(dead_code)] on FILTERS_TOML / TomlFilterRegistry::load, unrelated to the rename — suggested splitting that out so a reviewer skimming the title isn't surprised.

• fix(init): honor GEMINI_CLI_HOME for Gemini directory resolution #1963 (@DeepChirp) — ✅ approved. Clean testable refactor (resolve_gemini_dir_from(env, home)); verified resolve_home_subdir still has three live callers so this isn't accidentally dead-coding it. Noted the same shape could naturally extend to other agents (CLAUDE_CONFIG_HOME, CURSOR_CONFIG_HOME, etc.) but called it a follow-up rather than blocking.

• fix(grep): preserve filename for single-file matches with colons #1965 (@zhiwuyazhe-fjr) — found a real bug, author fixed it in 45 min, then ✅ approved.

  The parse_rg_line helper had a subtle destructure mismatch in the line:content fallback branch — test_parse_rg_line_no_filename_fallback was actually failing locally (content was bound to "" instead of the rest of the line). I traced the variable bindings step-by-step in the review, offered two equivalent fix options (one that also drops a redundant degenerate-input branch by relying on ? propagation), and verified the author's resulting commit 91b48c8 passes 8/8 parse tests + 1918 total tests on the branch before upgrading to APPROVED.

  Worth flagging this one specifically because the contributor's PR body had claimed cargo test was green — the suite as a whole passed because the single regression test that failed didn't gate the rest, so the test failure was hidden in the noise. Easy mistake to make, easier to catch from an outside review than from CI.

All five are MERGEABLE today and have at least one outside APPROVED review.

One more sprint-2-style fix landed

While triaging the active issue list one more time, #2009 turned out to be a real data-correctness P0 that nobody else had picked up yet — and the diagnosis pointed straight at code I'd just been working in.

#2016 — fix(git/log): stop dropping merge commits when user pins a selection (Fixes #2009)

run_log was unconditionally injecting --no-merges as a token-saving default. When the user pins to a specific commit (-1 HEAD, explicit SHA, annotated tag, --graph, --format=%H HEAD), git log walks past the dropped merge to the next non-merge commit — the second parent of a --no-ff merge — and returns a real, recent, wrong SHA. The caller can't tell because P2 is a plausible commit. Release scripts asking "what's the SHA of the merge I just landed?" silently got the branch tip of the merged-in branch instead.

Fix is a pure helper should_add_no_merges_default(args, has_format, has_limit) that returns true only when none of --format / --pretty / --oneline / -N / -n N / --max-count / --graph / a positional ref-or-pathspec / explicit --merges / --min-parents=2 are present. 11 new tests pin every shape from the issue's reproduction (-1 HEAD, --format=%H HEAD, <sha>, --graph, --graph --oneline) plus the deliberate non-fixes (--author=foo is a filter not a pin → token-saving default stays).

cargo fmt --all clean / cargo clippy --all-targets zero warnings / cargo test --bin rtk -- --test-threads=8 → 1920 passed (was 1909).

Status snapshot

• 1 merged: fix(hooks/init): preserve user content in copilot-instructions.md #1976 ✅
• 17 open: fix(hooks/codex): write RTK reference to AGENTS.override.md, not AGENTS.md #1977, fix(analytics/gain): cap per-call saved tokens at Claude tool-result ceiling #1978, fix(discover): reclassify universal-passthrough git subcommands and flag pre-hook nature #1979, fix(cmds/git/diff): preserve POSIX/git contract for programmatic consumers #1981, fix(cmds/ruby): accept version-only JSON from rubocop/rspec --version #1982, fix(hooks/rewrite): restore php passthrough rewrite #1983, fix(cmds/go): surface failure context inline instead of hiding in tee file #1984, fix(hooks/exclude): match multi-token entries against command prefix #1985, fix(aws): redact secretsmanager get-secret-value payload #1986, feat(tracking): honour tracking.enabled and redact sensitive args #1987, feat(tee): redact sensitive output and add per-command opt-out #1988 (sprint 1); chore(cargo): declare MSRV via rust-version = "1.91" #2002, fix(read): strip ANSI from rtk read output on non-TTY stdout #2003, fix(discover): register ssh in the rewrite rule table so hook routes it #2004, feat(discover): rewrite bunx prisma → rtk prisma #2005, fix(pytest): surface diagnostic context when no tests are collected #2006 (sprint 2); fix(git/log): stop dropping merge commits when user pins a selection #2016 (data-correctness follow-up).
• 5 community reviews: Fixes #823 : standalone rtk init for Copilot #1953 / fix(golangci-lint): accept null source lines #1969 / fix(ccusage): accept period field emitted by ccusage ≥19.0 for all granularities #1968 / fix(init): honor GEMINI_CLI_HOME for Gemini directory resolution #1963 / fix(grep): preserve filename for single-file matches with colons #1965 all APPROVED.
• All 17 of my PRs are MERGEABLE against develop, CLA cleared, CI green on the runs that have been approved-to-run.

Standing down

Going to stop opening new PRs and let the queue settle. The merge cadence on develop is ~1 PR/day this week, and 17 open + 5 reviews is already more queue weight than is helpful — adding more right now risks dispersing reviewer attention rather than concentrating it. Happy to keep doing outside reviews on incoming community PRs, address feedback on the in-flight 17 as it comes in, and pick up #1574 follow-up (format_dotnet_format_output verdict-at-bottom) or other ecosystem follow-ups if maintainers signal that direction.

Thanks for the time, and for the LGTM on #1976 — that one alone was satisfying to ship.