v0.3.6policy-scout2026-06-11

Data Cleanup Deletion Path

Replaced dry-run-only planning with an explicit --apply flag for actual deletion. Default behaviour (no --apply) is unchanged — plan preview only.

v0.3.62026-06-11
  • ·execute_cleanup() re-validates every item path under data root at execution time — TOCTOU defence, not just plan time
  • ·--apply triggers: show plan → confirmation prompt → execute; --yes skips the prompt for scripting
  • ·shutil.rmtree for directories, Path.unlink for files and symlinks; already-gone items count as success
  • ·DataCleanupExecuted audit event written on execution
  • ·--dry-run flag removed from CLI (was always-True in v1); --apply is the new explicit opt-in
  • ·Tauri adapter unchanged — it always omits --apply, so the UI remains dry-run-only by design
  • ·21 new tests covering dry-run guard, deletion, path traversal safety, and formatters
  • ·9 existing tests updated: --dry-run removed from invocations, help assertion updated to --apply