@clue-ai/cli 0.0.10 → 0.0.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/lifecycle-init.mjs +4 -2
- package/src/setup-check.mjs +4 -1
- package/src/setup-help.mjs +3 -2
- package/src/setup-tool.mjs +8 -4
package/package.json
CHANGED
package/src/lifecycle-init.mjs
CHANGED
|
@@ -567,13 +567,15 @@ const buildLifecyclePrompt = ({ request, files }) =>
|
|
|
567
567
|
"Do not send raw email, raw person names, tokens, workspace names, organization names, or tenant names as lifecycle traits unless the repository already has an explicit Clue privacy policy allowing them.",
|
|
568
568
|
"Prefer stable ids and non-PII booleans/counts for ClueIdentify and ClueSetAccount traits.",
|
|
569
569
|
"Use environment variable names for Clue configuration values.",
|
|
570
|
-
"For Python/FastAPI code, read CLUE_PROJECT_KEY, CLUE_ENVIRONMENT, CLUE_API_KEY, and CLUE_INGEST_ENDPOINT from
|
|
570
|
+
"For Python/FastAPI code, read CLUE_PROJECT_KEY, CLUE_ENVIRONMENT, CLUE_API_KEY, and CLUE_INGEST_ENDPOINT from the backend env block.",
|
|
571
|
+
"CLUE_API_BASE_URL is for Clue CLI and semantic snapshot CI configuration, not backend SDK runtime configuration. Do not add it to application config unless existing non-Clue code already requires it.",
|
|
571
572
|
"For browser code, read CLUE_PROJECT_KEY, CLUE_ENVIRONMENT, CLUE_SERVICE_KEY, and CLUE_INGEST_ENDPOINT from environment variables through the target framework's safe client config mechanism. Do not hard-code a Next.js-only prefix.",
|
|
572
573
|
"Never place CLUE_API_KEY in frontend code, frontend env files, browser bundles, or client-readable config.",
|
|
573
574
|
"When browser SDK ingest is configured, implement a backend-owned browser token endpoint that reads server-side CLUE_API_KEY and requests POST /api/v1/ingest/browser-tokens from Clue.",
|
|
574
575
|
"Configure frontend ClueInit with browserTokenProvider that calls the local backend token endpoint and returns the token string.",
|
|
575
576
|
"The browser token request must include project key, environment, service key, and the current browser origin; the backend must attach x-clue-api-key server-side when calling Clue.",
|
|
576
577
|
"Prefer minimal edits that engineers can review in one PR.",
|
|
578
|
+
"Do not run broad formatters, import sorters, cleanup tools, or style-only edits. Whitespace-only changes are allowed only on lines directly changed for Clue SDK wiring.",
|
|
577
579
|
"If a lifecycle point is unclear, skip that edit and include a warning.",
|
|
578
580
|
"Return status ready only when edits are safe to apply. Return status blocked when required SDKs or lifecycle points cannot be verified.",
|
|
579
581
|
"If status is blocked, return no edits and no lifecycle_insertions, and list blockers. Do not encode blockers as warnings.",
|
|
@@ -585,8 +587,8 @@ const buildLifecyclePrompt = ({ request, files }) =>
|
|
|
585
587
|
browser_project_key_env: "CLUE_PROJECT_KEY",
|
|
586
588
|
environment_env: "CLUE_ENVIRONMENT",
|
|
587
589
|
browser_environment_env: "CLUE_ENVIRONMENT",
|
|
588
|
-
clue_api_base_url_env: "CLUE_API_BASE_URL",
|
|
589
590
|
clue_ingest_endpoint_env: "CLUE_INGEST_ENDPOINT",
|
|
591
|
+
tooling_api_base_url_env: "CLUE_API_BASE_URL",
|
|
590
592
|
browser_ingest_endpoint_env: "CLUE_INGEST_ENDPOINT",
|
|
591
593
|
browser_token_endpoint_path: "/api/v1/ingest/browser-tokens",
|
|
592
594
|
service_key: request.service_key,
|
package/src/setup-check.mjs
CHANGED
|
@@ -27,7 +27,7 @@ const SETUP_SKILLS = [
|
|
|
27
27
|
"clue-local-verification",
|
|
28
28
|
"clue-setup-report",
|
|
29
29
|
];
|
|
30
|
-
const SETUP_SKILL_CONTENT_VERSION = "2026-05-10.lifecycle-placement-only.
|
|
30
|
+
const SETUP_SKILL_CONTENT_VERSION = "2026-05-10.lifecycle-placement-only.v2";
|
|
31
31
|
const REQUIRED_SETUP_SKILL_PHRASES = {
|
|
32
32
|
"clue-sdk-instrumentation": [
|
|
33
33
|
"Do not create no-op wrappers",
|
|
@@ -35,12 +35,15 @@ const REQUIRED_SETUP_SKILL_PHRASES = {
|
|
|
35
35
|
"add the real `@clue-ai/browser-sdk` dependency",
|
|
36
36
|
"Do not invent `clue-js-sdk`",
|
|
37
37
|
"The implementation scope is only ClueInit, ClueIdentify, ClueSetAccount, and ClueLogout placement",
|
|
38
|
+
"CLUE_API_BASE_URL` is for Clue CLI and semantic snapshot CI configuration",
|
|
39
|
+
"Whitespace-only changes are allowed only on lines directly changed for Clue SDK wiring",
|
|
38
40
|
"For Django code, use `clue-django-sdk` only after package-manager or registry verification confirms it is installable",
|
|
39
41
|
],
|
|
40
42
|
"clue-setup-audit": [
|
|
41
43
|
"Reject wrong SDK package names",
|
|
42
44
|
"Reject Django SDK setup when `clue-django-sdk` installability has not been verified",
|
|
43
45
|
"Reject ClueTrack instrumentation unless the user explicitly requested product event tracking",
|
|
46
|
+
"Reject whitespace-only edits, import sorting, formatter churn",
|
|
44
47
|
"Reject unrelated refactors, renames, file moves",
|
|
45
48
|
"Execution agents must not approve, certify, or mark their own work complete",
|
|
46
49
|
],
|
package/src/setup-help.mjs
CHANGED
|
@@ -3,7 +3,7 @@ import {
|
|
|
3
3
|
clueCliCommand,
|
|
4
4
|
} from "./cli-invocation.mjs";
|
|
5
5
|
|
|
6
|
-
export const AI_SETUP_HELP_VERSION = "2026-05-10.lifecycle-placement-only.
|
|
6
|
+
export const AI_SETUP_HELP_VERSION = "2026-05-10.lifecycle-placement-only.v2";
|
|
7
7
|
|
|
8
8
|
export const buildAiSetupHelp = () => ({
|
|
9
9
|
name: "@clue-ai/cli AI setup help",
|
|
@@ -23,7 +23,7 @@ export const buildAiSetupHelp = () => ({
|
|
|
23
23
|
],
|
|
24
24
|
lifecycle_apis_out_of_scope_by_default: ["ClueTrack"],
|
|
25
25
|
allowed_change_scope: {
|
|
26
|
-
rule: "Only changes required to place ClueInit, ClueIdentify, ClueSetAccount, and ClueLogout are allowed.",
|
|
26
|
+
rule: "Only exact changes required to place ClueInit, ClueIdentify, ClueSetAccount, and ClueLogout are allowed.",
|
|
27
27
|
allowed: [
|
|
28
28
|
"Clue SDK dependency declarations and lockfile changes needed to install those SDKs",
|
|
29
29
|
"Clue SDK imports, bootstrap adapters, and single initialization points",
|
|
@@ -40,6 +40,7 @@ export const buildAiSetupHelp = () => ({
|
|
|
40
40
|
"UI layout, styling, copy, or navigation changes unrelated to Clue setup",
|
|
41
41
|
"dependency upgrades unrelated to Clue SDK installability",
|
|
42
42
|
"hand-authored semantic snapshot artifacts or runtime request files",
|
|
43
|
+
"whitespace-only edits, import sorting, formatter churn, or comment/style cleanup outside the exact Clue SDK wiring lines",
|
|
43
44
|
],
|
|
44
45
|
},
|
|
45
46
|
setup_watch: {
|
package/src/setup-tool.mjs
CHANGED
|
@@ -17,7 +17,7 @@ const SKILL_NAMES = [
|
|
|
17
17
|
"clue-local-verification",
|
|
18
18
|
"clue-setup-report",
|
|
19
19
|
];
|
|
20
|
-
const SETUP_SKILL_CONTENT_VERSION = "2026-05-10.lifecycle-placement-only.
|
|
20
|
+
const SETUP_SKILL_CONTENT_VERSION = "2026-05-10.lifecycle-placement-only.v2";
|
|
21
21
|
|
|
22
22
|
const TARGETS = new Set(["codex", "claude_code"]);
|
|
23
23
|
|
|
@@ -271,13 +271,15 @@ const skillBody = (name) => {
|
|
|
271
271
|
"When browser SDK ingest is configured, implement a backend-owned browser token endpoint that reads server-side `CLUE_API_KEY` and requests `POST /api/v1/ingest/browser-tokens` from Clue.",
|
|
272
272
|
"Configure frontend `ClueInit` with `browserTokenProvider` that calls the local backend token endpoint and returns the token string.",
|
|
273
273
|
"The browser token request must include project key, environment, service key, and the current browser origin; the backend must attach `x-clue-api-key` server-side when calling Clue.",
|
|
274
|
-
"For FastAPI code, add `clue-fastapi-sdk` to the backend dependency file when missing, import `clue_init_fastapi` plus `ClueIdentify`, `ClueSetAccount`, and `ClueLogout` where needed, and use `CLUE_PROJECT_KEY`, `CLUE_ENVIRONMENT`, `CLUE_API_KEY`, and `CLUE_INGEST_ENDPOINT
|
|
274
|
+
"For FastAPI code, add `clue-fastapi-sdk` to the backend dependency file when missing, import `clue_init_fastapi` plus `ClueIdentify`, `ClueSetAccount`, and `ClueLogout` where needed, and use `CLUE_PROJECT_KEY`, `CLUE_ENVIRONMENT`, `CLUE_API_KEY`, and `CLUE_INGEST_ENDPOINT` from the backend env block.",
|
|
275
|
+
"`CLUE_API_BASE_URL` is for Clue CLI and semantic snapshot CI configuration, not backend SDK runtime configuration. Do not add it to application config unless existing non-Clue code already requires it.",
|
|
275
276
|
"Use `CLUE_SERVICE_KEY` as the canonical local service identifier. Do not ask the user to manage a separate producer id; SDKs should send producer id as the service key for setup verification compatibility.",
|
|
276
277
|
"For frontend code, pass `serviceKey` from `CLUE_SERVICE_KEY` to `ClueInit`. Do not require a separate producer id unless the repository already has one for compatibility.",
|
|
277
278
|
"For Django code, use `clue-django-sdk` only after package-manager or registry verification confirms it is installable; if it is not published or cannot be verified, report a blocker instead of adding a guessed dependency or import.",
|
|
278
279
|
"For other backend frameworks, use the matching Clue backend SDK if one exists; if no backend SDK exists, report a blocker instead of silently frontend-only setup.",
|
|
279
280
|
"Do not send raw email, raw person names, tokens, workspace names, organization names, or tenant names as lifecycle traits unless the repository already has an explicit Clue privacy policy allowing them.",
|
|
280
281
|
"Prefer stable ids and non-PII booleans/counts for ClueIdentify and ClueSetAccount traits.",
|
|
282
|
+
"Do not run broad formatters, import sorters, cleanup tools, or style-only edits. Whitespace-only changes are allowed only on lines directly changed for Clue SDK wiring.",
|
|
281
283
|
"Find the app/bootstrap entrypoint and add ClueInit only when the location is clear.",
|
|
282
284
|
"Place ClueInit in a stable app bootstrap, SDK adapter, or client singleton; do not place ClueInit inside React component lifecycle hooks, page components, sidebars, login/register success callbacks, or other paths that can run repeatedly.",
|
|
283
285
|
"If the repository needs lifecycle calls from UI hooks, import a shared initialized Clue adapter instead of calling ClueInit again.",
|
|
@@ -305,6 +307,7 @@ const skillBody = (name) => {
|
|
|
305
307
|
"Reject ClueTrack instrumentation unless the user explicitly requested product event tracking.",
|
|
306
308
|
"Confirm no project key, API key, secret, or env value appears in diff or report.",
|
|
307
309
|
"Confirm lifecycle insertions are minimal and reviewable.",
|
|
310
|
+
"Reject whitespace-only edits, import sorting, formatter churn, or comment/style cleanup outside the exact Clue SDK wiring lines.",
|
|
308
311
|
"Reject unrelated refactors, renames, file moves, formatting churn, broad cleanup, business logic rewrites, auth/session rewrites beyond minimal Clue hook insertion, and UI changes unrelated to Clue setup.",
|
|
309
312
|
],
|
|
310
313
|
"clue-local-verification": [
|
|
@@ -340,7 +343,7 @@ const skillBody = (name) => {
|
|
|
340
343
|
"List skills used for each workstream.",
|
|
341
344
|
"List execution agent and monitoring agents, or named review passes if subagents were unavailable.",
|
|
342
345
|
"List blockers with exact file or environment names when available.",
|
|
343
|
-
"List required env names without values.",
|
|
346
|
+
"List required env names without values and group them by scope: service runtime env blocks versus GitHub Secrets/Variables. Do not report `CLUE_API_BASE_URL` as a backend SDK runtime env; it belongs to Clue CLI and semantic snapshot CI configuration.",
|
|
344
347
|
"List P0/P1 monitoring findings and fixes.",
|
|
345
348
|
"State that commit and push were not performed.",
|
|
346
349
|
],
|
|
@@ -379,8 +382,9 @@ const skillBody = (name) => {
|
|
|
379
382
|
`- Before editing a customer repository, run \`${clueCliCommand("help --json")}\` and follow its setup_execution_contract.`,
|
|
380
383
|
`- Do not search for a global \`${CLUE_CLI_BINARY_NAME}\` binary or block on \`which ${CLUE_CLI_BINARY_NAME}\`; missing global binary is normal.`,
|
|
381
384
|
"- The AI implementation task is only to decide where ClueInit, ClueIdentify, ClueSetAccount, and ClueLogout belong in existing code and apply the minimal SDK wiring for those calls.",
|
|
382
|
-
"- Only changes required to place ClueInit, ClueIdentify, ClueSetAccount, and ClueLogout are allowed. Do not perform ClueTrack instrumentation unless the user explicitly requested product event tracking.",
|
|
385
|
+
"- Only exact changes required to place ClueInit, ClueIdentify, ClueSetAccount, and ClueLogout are allowed. Do not perform ClueTrack instrumentation unless the user explicitly requested product event tracking.",
|
|
383
386
|
"- Do not perform unrelated refactors, renames, file moves, formatting churn, broad cleanup, business logic rewrites, auth/session rewrites beyond minimal Clue hook insertion, UI changes unrelated to Clue setup, or unrelated dependency upgrades.",
|
|
387
|
+
"- Do not run broad formatters or make whitespace-only cleanup. Keep formatting changes limited to lines directly touched for Clue SDK wiring.",
|
|
384
388
|
"- Do not implement or refresh semantic snapshot CI during lifecycle placement; report a blocker if generated semantic artifacts are missing or stale.",
|
|
385
389
|
`- Do not run \`${clueCliCommand("setup-watch --local")}\` automatically. setup-watch and the Clue setup screen are user-operated verification steps, not implementation-agent responsibility.`,
|
|
386
390
|
"- The full setup must start with `clue-setup-orchestrator`.",
|