feat: add TestNoVariableShadowing, rename 70 bare err sites

Catches functions with multiple err := assignments. Convention
requires descriptive names (readErr, writeErr, parseErr) so each
error site is independently identifiable. General shadowing is
handled by golangci-lint's shadow checker.

Renamed 70 bare err := across 12 files in journal/parser/copilot*,
cli/setup/core/copilot_cli/, cli/trace/core/, and cli/trace/cmd/.

Signed-off-by: Jose Alekhinne <jose@ctx.ist>

Author: josealekhine

internal/audit/variable_shadowing_test.go

@@ -0,0 +1,123 @@
+//   /    ctx:                         https://ctx.ist
+// ,'`./    do you remember?
+// `.,'\
+//   \    Copyright 2026-present Context contributors.
+//                 SPDX-License-Identifier: Apache-2.0
+
+package audit
+
+import (
+	"go/ast"
+	"go/token"
+	"testing"
+)
+
+// TestNoVariableShadowing detects two forms of variable
+// shadowing in non-test Go files:
+//
+// (a) Bare "err" reuse: multiple := assignments to
+// the unadorned name "err" in the same function body.
+// The convention requires descriptive names (readErr,
+// writeErr, parseErr) so each error site is
+// independently identifiable.
+//
+// (b) General inner-scope shadowing (any variable):
+// already caught by golangci-lint's shadow checker,
+// which is enabled in .golangci.yml.
+//
+// Test files are exempt.
+func TestNoVariableShadowing(t *testing.T) {
+	pkgs := loadPackages(t)
+	var violations []string
+
+	for _, pkg := range pkgs {
+		for _, file := range pkg.Syntax {
+			fpath := pkg.Fset.Position(file.Pos()).Filename
+			if isTestFile(fpath) {
+				continue
+			}
+
+			for _, decl := range file.Decls {
+				fn, ok := decl.(*ast.FuncDecl)
+				if !ok || fn.Body == nil {
+					continue
+				}
+
+				sites := collectBareErrDefines(
+					pkg.Fset, fn.Body,
+				)
+
+				if len(sites) > 1 {
+					for _, pos := range sites {
+						violations = append(
+							violations,
+							pos+
+								": bare err := in "+
+								fn.Name.Name+
+								" (use descriptive "+
+								"name)",
+						)
+					}
+				}
+			}
+		}
+	}
+
+	if len(violations) > 0 {
+		t.Errorf(
+			"%d bare err := reuses found:",
+			len(violations),
+		)
+	}
+	limit := 30
+	if len(violations) < limit {
+		limit = len(violations)
+	}
+	for _, v := range violations[:limit] {
+		t.Error(v)
+	}
+	if len(violations) > 30 {
+		t.Errorf(
+			"... and %d more",
+			len(violations)-30,
+		)
+	}
+}
+
+// collectBareErrDefines walks a function body and
+// returns positions of := assignments where "err" is
+// on the LHS.
+func collectBareErrDefines(
+	fset *token.FileSet, body *ast.BlockStmt,
+) []string {
+	var sites []string
+
+	ast.Inspect(body, func(n ast.Node) bool {
+		assign, ok := n.(*ast.AssignStmt)
+		if !ok {
+			return true
+		}
+
+		if assign.Tok != token.DEFINE {
+			return true
+		}
+
+		for _, lhs := range assign.Lhs {
+			ident, ok := lhs.(*ast.Ident)
+			if !ok {
+				continue
+			}
+
+			if ident.Name == "err" {
+				sites = append(sites,
+					posString(fset, assign.Pos()),
+				)
+				break
+			}
+		}
+
+		return true
+	})
+
+	return sites
+}

internal/cli/setup/core/copilot_cli/agent.go

@@ -31,13 +31,13 @@ func deployAgent(cmd *cobra.Command) error {
 	agentsDir := filepath.Join(cfgHook.DirGitHub, cfgHook.DirGitHubAgents)
 	target := filepath.Join(agentsDir, cfgHook.FileAgentsCtxMd)
 
-	if _, err := os.Stat(target); err == nil {
+	if _, statErr := os.Stat(target); statErr == nil {
 		writeSetup.InfoCopilotCLISkipped(cmd, target)
 		return nil
 	}
 
-	if err := ctxIo.SafeMkdirAll(agentsDir, fs.PermExec); err != nil {
-		return err
+	if mkErr := ctxIo.SafeMkdirAll(agentsDir, fs.PermExec); mkErr != nil {
+		return mkErr
 	}
 
 	content, readErr := agent.AgentsCtxMd()

internal/cli/setup/core/copilot_cli/copilot_cli.go

@@ -41,14 +41,14 @@ func Deploy(cmd *cobra.Command) error {
 	targetJSON := filepath.Join(hooksDir, cfgHook.FileCopilotCLIHooksJSON)
 
 	// Check if ctx-hooks.json already exists
-	if _, err := os.Stat(targetJSON); err == nil {
+	if _, statErr := os.Stat(targetJSON); statErr == nil {
 		writeSetup.InfoCopilotCLISkipped(cmd, targetJSON)
 		return nil
 	}
 
 	// Create directories
-	if err := ctxIo.SafeMkdirAll(scriptsDir, fs.PermExec); err != nil {
-		return errFs.Mkdir(scriptsDir, err)
+	if mkErr := ctxIo.SafeMkdirAll(scriptsDir, fs.PermExec); mkErr != nil {
+		return errFs.Mkdir(scriptsDir, mkErr)
 	}
 
 	// Write ctx-hooks.json
@@ -76,23 +76,27 @@ func Deploy(cmd *cobra.Command) error {
 	}
 
 	// Write .github/agents/ctx.md
-	if err := deployAgent(cmd); err != nil {
-		writeErr.WarnFile(cmd, cfgHook.DirGitHubAgents, err)
+	if agentErr := deployAgent(cmd); agentErr != nil {
+		writeErr.WarnFile(cmd, cfgHook.DirGitHubAgents, agentErr)
 	}
 
 	// Write .github/instructions/context.instructions.md
-	if err := deployInstructions(cmd); err != nil {
-		writeErr.WarnFile(cmd, cfgHook.DirGitHubInstructions, err)
+	if instrErr := deployInstructions(cmd); instrErr != nil {
+		writeErr.WarnFile(
+			cmd, cfgHook.DirGitHubInstructions, instrErr,
+		)
 	}
 
 	// Register ctx MCP server in ~/.copilot/mcp-config.json
-	if err := ensureMCPConfig(cmd); err != nil {
-		writeErr.WarnFile(cmd, cfgHook.FileMCPConfigJSON, err)
+	if mcpErr := ensureMCPConfig(cmd); mcpErr != nil {
+		writeErr.WarnFile(
+			cmd, cfgHook.FileMCPConfigJSON, mcpErr,
+		)
 	}
 
 	// Write .github/skills/<name>/SKILL.md for Copilot CLI skills
-	if err := deploySkills(cmd); err != nil {
-		writeErr.WarnFile(cmd, cfgHook.DirGitHubSkills, err)
+	if skillErr := deploySkills(cmd); skillErr != nil {
+		writeErr.WarnFile(cmd, cfgHook.DirGitHubSkills, skillErr)
 	}
 
 	writeSetup.InfoCopilotCLISummary(cmd)

internal/cli/setup/core/copilot_cli/instructions.go

@@ -32,13 +32,13 @@ func deployInstructions(cmd *cobra.Command) error {
 	instrDir := filepath.Join(cfgHook.DirGitHub, cfgHook.DirGitHubInstructions)
 	target := filepath.Join(instrDir, cfgHook.FileInstructionsCtxMd)
 
-	if _, err := os.Stat(target); err == nil {
+	if _, statErr := os.Stat(target); statErr == nil {
 		writeSetup.InfoCopilotCLISkipped(cmd, target)
 		return nil
 	}
 
-	if err := ctxIo.SafeMkdirAll(instrDir, fs.PermExec); err != nil {
-		return err
+	if mkErr := ctxIo.SafeMkdirAll(instrDir, fs.PermExec); mkErr != nil {
+		return mkErr
 	}
 
 	content, readErr := agent.InstructionsCtxMd()

internal/cli/setup/core/copilot_cli/skills.go

@@ -38,13 +38,13 @@ func deploySkills(cmd *cobra.Command) error {
 		skillDir := filepath.Join(skillsBase, name)
 		target := filepath.Join(skillDir, cfgHook.FileSKILLMd)
 
-		if _, err := os.Stat(target); err == nil {
+		if _, statErr := os.Stat(target); statErr == nil {
 			writeSetup.InfoCopilotCLISkipped(cmd, target)
 			continue
 		}
 
-		if err := ctxIo.SafeMkdirAll(skillDir, fs.PermExec); err != nil {
-			return err
+		if mkErr := ctxIo.SafeMkdirAll(skillDir, fs.PermExec); mkErr != nil {
+			return mkErr
 		}
 		if wErr := ctxIo.SafeWriteFile(target, content, fs.PermFile); wErr != nil {
 			return wErr

internal/cli/trace/cmd/tag/run.go

@@ -36,9 +36,9 @@ func Run(cmd *cobra.Command, commitRef, note string) error {
 		return errTrace.NoteRequired()
 	}
 
-	hash, err := trace.ResolveCommitHash(commitRef)
-	if err != nil {
-		return errTrace.ResolveCommit(commitRef, err)
+	hash, resolveErr := trace.ResolveCommitHash(commitRef)
+	if resolveErr != nil {
+		return errTrace.ResolveCommit(commitRef, resolveErr)
 	}
 
 	traceDir := filepath.Join(rc.ContextDir(), dir.Trace)
@@ -48,8 +48,8 @@ func Run(cmd *cobra.Command, commitRef, note string) error {
 		Refs:   []string{fmt.Sprintf("%q", note)},
 	}
 
-	if err := trace.WriteOverride(entry, traceDir); err != nil {
-		return errTrace.WriteOverride(err)
+	if writeErr := trace.WriteOverride(entry, traceDir); writeErr != nil {
+		return errTrace.WriteOverride(writeErr)
 	}
 
 	writeTrace.Tagged(cmd, trace.ShortHash(hash), note)

internal/cli/trace/core/collect/collect.go

@@ -47,9 +47,9 @@ func RecordCommit(commitHash string) error {
 		return nil
 	}
 
-	message, err := trace.CommitMessage(commitHash)
-	if err != nil {
-		return errTrace.GitLog(err)
+	message, msgErr := trace.CommitMessage(commitHash)
+	if msgErr != nil {
+		return errTrace.GitLog(msgErr)
 	}
 
 	traceDir := filepath.Join(contextDir, dir.Trace)
@@ -58,8 +58,8 @@ func RecordCommit(commitHash string) error {
 		Refs:    refs,
 		Message: message,
 	}
-	if err := trace.WriteHistory(entry, traceDir); err != nil {
-		return errTrace.WriteHistory(err)
+	if histErr := trace.WriteHistory(entry, traceDir); histErr != nil {
+		return errTrace.WriteHistory(histErr)
 	}
 
 	stateDir := filepath.Join(contextDir, dir.State)

internal/cli/trace/core/hook/hook.go

@@ -73,15 +73,15 @@ func Enable(cmd *cobra.Command) error {
 // Returns:
 //   - error: non-nil on removal failure
 func Disable(cmd *cobra.Command) error {
-	prepPath, err := FilePath(cfgGit.HookPrepareCommitMsg)
-	if err != nil {
-		return err
+	prepPath, prepErr := FilePath(cfgGit.HookPrepareCommitMsg)
+	if prepErr != nil {
+		return prepErr
 	}
 	Remove(prepPath)
 
-	postPath, err := FilePath(cfgGit.HookPostCommit)
-	if err != nil {
-		return err
+	postPath, postErr := FilePath(cfgGit.HookPostCommit)
+	if postErr != nil {
+		return postErr
 	}
 	Remove(postPath)
 
@@ -99,18 +99,18 @@ func Disable(cmd *cobra.Command) error {
 // Returns:
 //   - error: non-nil if a non-ctx hook already exists or write fails
 func Install(path, script, name string) error {
-	if _, err := io.SafeStat(path); err == nil {
+	if _, statErr := io.SafeStat(path); statErr == nil {
 		existing, readErr := io.SafeReadUserFile(path)
 		if readErr == nil && !strings.Contains(
 			string(existing), cfgTrace.CtxTraceMarker,
 		) {
 			return errTrace.HookExists(name, path)
 		}
 	}
-	if err := io.SafeWriteFile(
+	if writeErr := io.SafeWriteFile(
 		path, []byte(script), cfgFs.PermExec,
-	); err != nil {
-		return errTrace.HookWrite(name, err)
+	); writeErr != nil {
+		return errTrace.HookWrite(name, writeErr)
 	}
 	return nil
 }