feat: bug squash and docs updates

[GingerGraham]

This pull request introduces several improvements and new features across the codebase, with a focus on enhanced configuration parsing, stricter validation, improved logging controls, and developer tooling. The most significant addition is a new script for creating GitHub issues from markdown files. Several changes in logging.sh improve configuration safety, input validation, and logging flexibility.

New tooling:

• Added scripts/create-issues.sh, a script that reads YAML frontmatter from markdown files and creates GitHub issues using the gh CLI. It supports dry-run mode, label parsing, and robust error handling.

Configuration and input validation improvements:

• Introduced _parse_bool_value() to standardize boolean parsing, and refactored all boolean configuration handling (including INI config parsing and setter functions like set_unsafe_allow_newlines, set_unsafe_allow_ansi_codes, and set_color_mode) to use this function, ensuring consistent and user-friendly error messages for invalid values. [1] [2] [3] [4] [5]
• Added _validate_journal_tag() to check journal tag values for length and dangerous shell metacharacters, and enforced this validation in set_journal_tag(). [1] [2]

Logging and error handling enhancements:

• Improved log level handling: added a dedicated LOG_LEVEL_INIT for initialization messages, and updated log_init() to always display messages regardless of the current log level. All log helper functions now pass log level values as quoted arguments for consistency. [1] [2]
• Improved deduplication flag handling by unsetting error reporting flags on each new source, preventing environment leakage from suppressing error messages.

Security and sanitization:

• Enhanced ANSI escape sequence removal in _strip_ansi_codes() to cover DCS, PM, and APC sequences, further mitigating risks of terminal manipulation attacks.

Other notable changes:

• Updated the security support table in SECURITY.md to mark 2.2.x as unsupported and add 2.4.x.
• Improved the trap command in demo_unsafe_newlines.sh for safer cleanup of temporary directories.
• Clarified and corrected logic for logger discovery and syslog facility validation. [1] [2]
• Added detailed comments and improved error messages throughout for maintainability and clarity.

These changes collectively improve the reliability, safety, and developer experience of the project.

Tickets: #58 #88 #93 #100 #101 #102 #103 #104 #105 #106

[Copilot]

Pull request overview

This PR enhances the bash-logger project’s security posture and runtime configurability, adds regression coverage for previously reported issues, and introduces a new developer tool for creating GitHub issues from Markdown files.

Changes:

• Hardened and standardized runtime/config parsing (boolean normalization, journal tag validation, INIT logging behavior, logger rediscovery, and improved ANSI stripping).
• Added/updated test coverage for the above behaviors and for install-script download fallback logic.
• Added a new scripts/create-issues.sh helper to create GitHub issues from Markdown frontmatter via gh.

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
logging.sh	Adds boolean parsing helper, journal tag validation, INIT-level handling, rediscovery behavior, dedup-flag env hardening, and expanded ANSI stripping.
scripts/create-issues.sh	New tool to parse YAML frontmatter and create GitHub issues via gh (supports dry-run, labels, repo override).
tests/test_runtime_config.sh	Adds tests for journal tag validation, color mode validation, and boolean normalization for unsafe toggles.
tests/test_output.sh	Adds regression tests ensuring log_init bypasses level filtering but respects stderr routing thresholds.
tests/test_journal_logging.sh	Adds regression tests for rediscovering logger when it becomes available mid-session.
tests/test_environment_security.sh	Adds tests ensuring pre-set deduplication flags are cleared at source time.
tests/test_ansi_injection.sh	Adds tests covering DCS/PM/APC stripping behavior in _strip_ansi_codes.
tests/test_install.sh	Improves fallback tests to correctly validate curl (3-attempt) vs wget (4-attempt) retry chains.
install.sh	Documents wget’s 4-attempt fallback chain to match updated tests/behavior.
demo-scripts/demo_unsafe_newlines.sh	Fixes cleanup trap quoting to avoid expansion/globbing hazards.
SECURITY.md	Updates supported versions table (adds 2.4.x; marks 2.2.x unsupported).
docs/security-reviews/2026-04-18-claude-security-audit-v2.4.0.md	Adds a security audit report documenting findings and recommendations.

[GingerGraham]

🎉 This PR is included in version 2.5.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀