theagenticguy · theagenticguy · May 29, 2026 · May 29, 2026
@@ -5,6 +5,7 @@ python = "3.12"
 uv = "latest"
 "npm:node-gyp" = "latest"  # fallback native build for @duckdb/node-api / onnxruntime-node when a platform prebuild is missing (parsing is WASM-only — ADR 0015)
 "aqua:betterleaks/betterleaks" = "1.2.0"  # secret scanner — used by analyze + pre-release gate
+lefthook = "2.1.8"  # git hooks — must satisfy lefthook.yml min_version (2.1.6); matches root devDep so a stale global mise install can't shadow it
 
 [env]
 # Python venv used to be anchored at packages/eval/.venv while the eval

@@ -66,14 +66,21 @@ fail=0
 # and a first-class product name in docs); kept as a hook for future
 # situational allowlists.
 #
-# Indexed by literal. A line is only forgiven if EVERY banned-literal match
-# on that line is covered by the tolerated pattern.
-declare -A LITERAL_ALLOWLIST_REGEX=()
+# Returns a regex of tolerated substrings for the given literal, or empty. A
+# line is only forgiven if EVERY banned-literal match on it is covered. This
+# is a `case` function rather than an associative array (`declare -A`) so the
+# script runs on stock macOS bash 3.2; add `LITERAL) printf '<regex>' ;;`
+# arms here as future allowlists arise.
+literal_allowlist_regex() {
+  case "$1" in
+    *) printf '' ;;
+  esac
+}
 
 # Literal-string sweep (case-insensitive).
 for pat in "${BANNED_LITERALS[@]}"; do
   if matches=$(git grep -I -n -i -e "$pat" --untracked -- "${EXCLUDES[@]}" 2>/dev/null); then
-    allow="${LITERAL_ALLOWLIST_REGEX[$pat]:-}"
+    allow="$(literal_allowlist_regex "$pat")"
     if [ -n "$allow" ]; then
       # Strip every allow-listed occurrence from each hit; if the line still
       # contains the banned literal, it's a real fail.