BUILD PR: add shared extraction enforcement guard and block alias usage/regression.

Author: DavidQ

docs/dev/CODEX_COMMANDS.md

@@ -1,10 +1,9 @@
 MODEL: GPT-5.3-codex
 REASONING: high
 COMMAND:
-Execute docs/pr/BUILD_PR_SHARED_EXTRACTION_16_ALIAS_IMPORTS_NETWORK_SAMPLE_C.md exactly.
-Edit only these files:
-- games/network_sample_c/game/ReconciliationLayerAdapter.js
-- games/network_sample_c/game/StateTimelineBuffer.js
-Fail fast if jsconfig.json is missing, the @shared alias is not present, or required shared target files are missing.
+Execute docs/pr/BUILD_PR_SHARED_EXTRACTION_17_ENFORCEMENT_GUARD.md exactly.
+Edit only these repo files:
+- tools/dev/checkSharedExtractionGuard.mjs (new file)
+- package.json (only if it already exists and already has a scripts section; add only the one script if missing)
 Do not expand scope.
-Package the delta output to <project folder>/tmp/BUILD_PR_SHARED_EXTRACTION_16_ALIAS_IMPORTS_NETWORK_SAMPLE_C_delta.zip
+Package the delta output to <project folder>/tmp/BUILD_PR_SHARED_EXTRACTION_17_ENFORCEMENT_GUARD_delta.zip

docs/dev/COMMIT_COMMENT.txt

@@ -1 +1 @@
-BUILD PR: switch network_sample_c shared helper imports to @shared alias only.
+BUILD PR: add shared extraction enforcement guard and block alias usage/regression.

docs/dev/reports/change_summary.txt

@@ -1 +1 @@
-Built the next executable alias rollout step, limited to network_sample_c only and assuming the existing @shared alias bootstrap.
+Built an enforcement guard step that protects the shared-extraction work, blocks reintroduced local helpers, blocks fragile relative shared imports, and blocks further @shared alias usage.

docs/dev/reports/file_tree.txt

@@ -1,6 +1,6 @@
 docs/
   pr/
-    BUILD_PR_SHARED_EXTRACTION_16_ALIAS_IMPORTS_NETWORK_SAMPLE_C.md
+    BUILD_PR_SHARED_EXTRACTION_17_ENFORCEMENT_GUARD.md
   dev/
     codex_commands.md
     commit_comment.txt

docs/dev/reports/validation_checklist.txt

@@ -2,7 +2,7 @@ SESSION VALIDATION GATE
 - Bundle type: BUILD
 - One PR purpose only: yes
 - Exact target files listed: yes
-- Config untouched by design: yes
-- Fail-fast gate explicit: yes
+- Exact guard behavior listed: yes
+- Alias usage explicitly treated as disallowed: yes
 - Scope minimized: yes
 - ZIP repo-structured and execution-ready: yes

docs/pr/BUILD_PR_SHARED_EXTRACTION_17_ENFORCEMENT_GUARD.md

@@ -0,0 +1,131 @@
+# BUILD_PR_SHARED_EXTRACTION_17_ENFORCEMENT_GUARD
+
+## Purpose
+Add a narrow regression guard that protects the completed shared-extraction work and prevents future drift.
+
+## Single PR Purpose
+Create one lightweight repo-local enforcement script that checks for these regressions only:
+
+1. reintroduction of local helper definitions for:
+   - `asFiniteNumber`
+   - `asPositiveInteger`
+   - `isPlainObject`
+
+2. reintroduction of fragile direct shared relative imports like:
+   - `../shared/`
+   - `../../shared/`
+   - `../../../src/shared/`
+
+3. accidental `@shared/` alias usage in repo source files
+
+This BUILD intentionally treats alias usage as disallowed technical debt and prevents further expansion of it.
+
+## Exact Files Allowed
+Edit only these 4 files:
+
+1. `tools/dev/checkSharedExtractionGuard.mjs` **(new file)**
+2. `package.json` **only if a minimal script entry is needed**
+3. `docs/dev/commit_comment.txt` **inside this BUILD bundle only**
+4. `docs/dev/next_command.txt` **inside this BUILD bundle only**
+
+Do not edit any source/runtime file other than the one new guard script.
+Do not edit any other repo file.
+
+## Exact New File
+Create:
+
+`tools/dev/checkSharedExtractionGuard.mjs`
+
+## Exact Script Requirements
+The script must:
+
+### 1) Scan only these repo roots if they exist
+- `src/`
+- `games/`
+- `samples/`
+- `tools/`
+
+### 2) Inspect only source-like files with these extensions
+- `.js`
+- `.mjs`
+
+### 3) Ignore:
+- `node_modules/`
+- `.git/`
+- `tmp/`
+- generated ZIP outputs
+- binary assets
+
+### 4) Report failure if any file contains a local helper definition matching any of these patterns
+- `function asFiniteNumber(`
+- `function asPositiveInteger(`
+- `function isPlainObject(`
+- `const asFiniteNumber =`
+- `const asPositiveInteger =`
+- `const isPlainObject =`
+
+### 5) Report failure if any file contains direct shared relative imports matching any of these substrings
+- `../shared/`
+- `../../shared/`
+- `../../../src/shared/`
+- `../../../../shared/`
+
+### 6) Report failure if any file contains alias imports using:
+- `@shared/`
+
+### 7) Exit behavior
+- exit code `0` when no violations are found
+- exit code `1` when one or more violations are found
+
+### 8) Output behavior
+Print:
+- a short success message when clean
+- for failures:
+  - file path
+  - matched violation type
+  - matched text snippet or rule name
+
+## package.json Rule
+Only if `package.json` already exists and already has a `scripts` section:
+
+Add exactly one script entry if missing:
+```json
+"check:shared-extraction-guard": "node tools/dev/checkSharedExtractionGuard.mjs"
+```
+
+Rules:
+- make the minimum edit only
+- do not reformat the whole file
+- do not add unrelated scripts
+- if `package.json` does not exist, do not create it
+- if `scripts` does not exist, do not invent broader package metadata in this PR
+
+## Hard Constraints
+- do not modify application logic
+- do not edit engine files
+- do not edit advanced files
+- do not edit sample files
+- do not edit network_sample_c source files
+- do not create CI config
+- do not add lint tooling
+- do not add alias support
+- keep one PR purpose only
+
+## Validation Checklist
+1. Confirm only the allowed files changed
+2. Confirm `tools/dev/checkSharedExtractionGuard.mjs` exists
+3. Confirm the guard fails on:
+   - local helper reintroduction
+   - direct shared relative import strings
+   - `@shared/` alias strings
+4. Confirm the guard exits `0` when clean
+5. Confirm no runtime/source logic changed
+6. Confirm no CI/lint/toolchain config was added beyond the optional minimal `package.json` script entry
+
+## Non-Goals
+- no alias rollout
+- no alias cleanup in this PR
+- no repo-wide source edits
+- no CI integration
+- no ESLint rule creation
+- no refactor beyond the new guard script

package.json

@@ -2,6 +2,7 @@
   "type": "module",
   "scripts": {
     "test": "node ./scripts/run-node-tests.mjs",
-    "build:manifest": "node ./scripts/generate-sample-manifest.mjs"
+    "build:manifest": "node ./scripts/generate-sample-manifest.mjs",
+    "check:shared-extraction-guard": "node tools/dev/checkSharedExtractionGuard.mjs"
   }
 }

tools/dev/checkSharedExtractionGuard.mjs

@@ -0,0 +1,127 @@
+import fs from "node:fs/promises";
+import path from "node:path";
+
+const SCAN_ROOTS = ["src", "games", "samples", "tools"];
+const ALLOWED_EXTENSIONS = new Set([".js", ".mjs"]);
+const IGNORED_DIRS = new Set(["node_modules", ".git", "tmp"]);
+
+const LOCAL_HELPER_RULES = [
+  { rule: "local-helper-definition", regex: /function\s+asFiniteNumber\s*\(/g, label: "rule:helper-fn-asFiniteNumber" },
+  { rule: "local-helper-definition", regex: /function\s+asPositiveInteger\s*\(/g, label: "rule:helper-fn-asPositiveInteger" },
+  { rule: "local-helper-definition", regex: /function\s+isPlainObject\s*\(/g, label: "rule:helper-fn-isPlainObject" },
+  { rule: "local-helper-definition", regex: /const\s+asFiniteNumber\s*=/g, label: "rule:helper-const-asFiniteNumber" },
+  { rule: "local-helper-definition", regex: /const\s+asPositiveInteger\s*=/g, label: "rule:helper-const-asPositiveInteger" },
+  { rule: "local-helper-definition", regex: /const\s+isPlainObject\s*=/g, label: "rule:helper-const-isPlainObject" }
+];
+
+const DIRECT_SHARED_IMPORT_RULES = [
+  { rule: "direct-shared-relative-import", regex: /\.\.\/shared\//g, label: "rule:relative-shared-depth-1" },
+  { rule: "direct-shared-relative-import", regex: /\.\.\/\.\.\/shared\//g, label: "rule:relative-shared-depth-2" },
+  { rule: "direct-shared-relative-import", regex: /\.\.\/\.\.\/\.\.\/src\/shared\//g, label: "rule:relative-shared-src-depth-3" },
+  { rule: "direct-shared-relative-import", regex: /\.\.\/\.\.\/\.\.\/\.\.\/shared\//g, label: "rule:relative-shared-depth-4" }
+];
+
+const ALIAS_RULE = { rule: "shared-alias-import-disallowed", regex: /@shared\//g, label: "rule:shared-alias-marker" };
+
+async function pathExists(targetPath) {
+  try {
+    await fs.access(targetPath);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+async function collectSourceFiles(startDir, outFiles) {
+  const entries = await fs.readdir(startDir, { withFileTypes: true });
+  for (const entry of entries) {
+    const entryPath = path.join(startDir, entry.name);
+    if (entry.isDirectory()) {
+      if (IGNORED_DIRS.has(entry.name)) continue;
+      await collectSourceFiles(entryPath, outFiles);
+      continue;
+    }
+
+    if (!entry.isFile()) continue;
+    if (entry.name.toLowerCase().endsWith(".zip")) continue;
+
+    const ext = path.extname(entry.name);
+    if (!ALLOWED_EXTENSIONS.has(ext)) continue;
+
+    outFiles.push(entryPath);
+  }
+}
+
+function findViolations(fileContent, filePathFromRoot) {
+  const violations = [];
+
+  for (const check of LOCAL_HELPER_RULES) {
+    const matches = fileContent.match(check.regex) || [];
+    for (const _match of matches) {
+      violations.push({
+        file: filePathFromRoot,
+        type: check.rule,
+        match: check.label
+      });
+    }
+  }
+
+  for (const check of DIRECT_SHARED_IMPORT_RULES) {
+    const matches = fileContent.match(check.regex) || [];
+    for (const _match of matches) {
+      violations.push({
+        file: filePathFromRoot,
+        type: check.rule,
+        match: check.label
+      });
+    }
+  }
+
+  const aliasMatches = fileContent.match(ALIAS_RULE.regex) || [];
+  for (const _match of aliasMatches) {
+    violations.push({
+      file: filePathFromRoot,
+      type: ALIAS_RULE.rule,
+      match: ALIAS_RULE.label
+    });
+  }
+
+  return violations;
+}
+
+async function run() {
+  const repoRoot = process.cwd();
+  const filesToScan = [];
+
+  for (const root of SCAN_ROOTS) {
+    const rootPath = path.join(repoRoot, root);
+    if (!(await pathExists(rootPath))) continue;
+    await collectSourceFiles(rootPath, filesToScan);
+  }
+
+  const violations = [];
+  for (const filePath of filesToScan) {
+    const content = await fs.readFile(filePath, "utf8");
+    const relPath = path.relative(repoRoot, filePath).replaceAll("\\", "/");
+    violations.push(...findViolations(content, relPath));
+  }
+
+  if (violations.length === 0) {
+    console.log("Shared extraction guard passed. No violations found.");
+    process.exit(0);
+  }
+
+  console.error(`Shared extraction guard failed with ${violations.length} violation(s).`);
+  for (const violation of violations) {
+    console.error(
+      `${violation.file} | ${violation.type} | ${violation.match}`
+    );
+  }
+  process.exit(1);
+}
+
+run().catch((error) => {
+  console.error("Shared extraction guard encountered an unexpected error.");
+  console.error(error && error.stack ? error.stack : String(error));
+  process.exit(1);
+});

tools/shared/powerShell/find_dupes_called.ps1

@@ -7,17 +7,21 @@
 # .\find_dupes_called.ps1 | Out-File -FilePath "found_dupes_called.txt" -Encoding utf8
 
 # Goes up 3 levels to reach HTML-JavaScript-Gaming from tools\shared\powerShell\
-Get-ChildItem -Path "$PSScriptRoot\..\..\..\" -Recurse -Filter *.js | 
+# Get the root path (3 levels up)
+$rootPath = Resolve-Path "$PSScriptRoot\..\..\..\"
+
+Get-ChildItem -Path $rootPath -Recurse -Filter *.js | 
     Select-String -Pattern "function\s+[a-zA-Z0-9_]*\(", "[a-zA-Z0-9_]*\s*=\s*function", "[a-zA-Z0-9_]*:\s*function" |
     Group-Object Line | 
     Where-Object { $_.Count -gt 1 } | 
     ForEach-Object {
-        # Print the duplicate line and the count
         "($($_.Count)) Duplicate line: $($_.Name.Trim())"
 
-        # Loop through each occurrence in the group to show where it is
         $_.Group | ForEach-Object {
-            "   -> Line $($_.LineNumber): $($_.Path)"
+            # Replace the absolute root path with a single backslash
+            $relativePath = $_.Path -replace [regex]::Escape($rootPath), ""
+            "   -> Line $($_.LineNumber): \$relativePath"
         }
-        "" # Adds a blank line for better readability
+        "" 
     }
+