npm - @codedrifters/configulator - Versions diffs - 0.0.166 → 0.0.167 - Mend

@codedrifters/configulator 0.0.166 → 0.0.167

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/lib/index.d.mts CHANGED Viewed

@@ -394,6 +394,15 @@ interface AgentRuleBundle {
     readonly skills?: ReadonlyArray<AgentSkill>;
     /** Sub-agents included in this bundle. */
     readonly subAgents?: ReadonlyArray<AgentSubAgent>;
+    /**
+     * Claude Code permission entries contributed by this bundle.
+     * Allow and deny entries are merged with the default and user-supplied
+     * permissions when the bundle is active.
+     */
+    readonly claudePermissions?: {
+        readonly allow?: ReadonlyArray<string>;
+        readonly deny?: ReadonlyArray<string>;
+    };
 }
 /*******************************************************************************
  *
@@ -815,6 +824,13 @@ declare class AgentConfig extends Component {
      * Find the AgentConfig component on a project.
      */
     static of(project: Project$1): AgentConfig | undefined;
+    /**
+     * Merges default Claude permissions with bundle and user-supplied settings.
+     *
+     * Merge order: defaults → bundle permissions → user-supplied entries.
+     * `defaultMode` defaults to `"dontAsk"` unless overridden.
+     */
+    private static mergeClaudeDefaults;
     private readonly options;
     constructor(project: Project$1, options?: AgentConfigOptions);
     preSynthesize(): void;
@@ -835,6 +851,10 @@ declare class AgentConfig extends Component {
      * Resolves template variables in sub-agent prompts using project metadata.
      */
     private resolveSubAgentTemplates;
+    /**
+     * Collects Claude permission entries from all active bundles.
+     */
+    private resolveBundlePermissions;
 }
 /**

package/lib/index.d.ts CHANGED Viewed

@@ -443,6 +443,15 @@ interface AgentRuleBundle {
     readonly skills?: ReadonlyArray<AgentSkill>;
     /** Sub-agents included in this bundle. */
     readonly subAgents?: ReadonlyArray<AgentSubAgent>;
+    /**
+     * Claude Code permission entries contributed by this bundle.
+     * Allow and deny entries are merged with the default and user-supplied
+     * permissions when the bundle is active.
+     */
+    readonly claudePermissions?: {
+        readonly allow?: ReadonlyArray<string>;
+        readonly deny?: ReadonlyArray<string>;
+    };
 }
 /*******************************************************************************
  *
@@ -864,6 +873,13 @@ declare class AgentConfig extends Component {
      * Find the AgentConfig component on a project.
      */
     static of(project: Project): AgentConfig | undefined;
+    /**
+     * Merges default Claude permissions with bundle and user-supplied settings.
+     *
+     * Merge order: defaults → bundle permissions → user-supplied entries.
+     * `defaultMode` defaults to `"dontAsk"` unless overridden.
+     */
+    private static mergeClaudeDefaults;
     private readonly options;
     constructor(project: Project, options?: AgentConfigOptions);
     preSynthesize(): void;
@@ -884,6 +900,10 @@ declare class AgentConfig extends Component {
      * Resolves template variables in sub-agent prompts using project metadata.
      */
     private resolveSubAgentTemplates;
+    /**
+     * Collects Claude permission entries from all active bundles.
+     */
+    private resolveBundlePermissions;
 }
 /**

package/lib/index.js CHANGED Viewed

@@ -678,6 +678,17 @@ var baseBundle = {
         "| `release:` | Release preparation, version bumps |",
         "| `hotfix:` | Urgent production fixes |",
         "",
+        "## GitHub Issue Type",
+        "",
+        "When creating issues, always assign the appropriate **GitHub issue type** based on the title prefix:",
+        "",
+        "| Prefix | GitHub Issue Type |",
+        "|--------|------------------|",
+        "| `epic:` | Epic |",
+        "| `feat:` | Feature |",
+        "| `fix:` | Bug |",
+        "| `chore:`, `docs:`, `refactor:`, `release:`, `hotfix:` | Task |",
+        "",
         "## Prerequisite Issues",
         "",
         "Include any prerequisite (blocking) issues in the issue body when they exist.",
@@ -706,18 +717,20 @@ var githubWorkflowBundle = {
         "",
         "When the user says **work on issue X** (or similar), follow these steps exactly:",
         "",
-        "1. **Fetch issue details** \u2014 use `gh issue view <number>` to get the title, body, and labels",
-        "2. **Determine branch type** from the issue title prefix:",
+        "1. **Ensure you have the latest code** \u2014 switch to the default branch and pull:",
+        "   - `git checkout {{repository.defaultBranch}} && git pull origin {{repository.defaultBranch}}`",
+        "2. **Fetch issue details** \u2014 use `gh issue view <number>` to get the title, body, and labels",
+        "3. **Determine branch type** from the issue title prefix:",
         "   - `feat:` / `feature:` \u2192 `feat/`",
         "   - `fix:` / `bug:` \u2192 `fix/`",
         "   - `docs:` \u2192 `docs/`",
         "   - `chore:` / `refactor:` \u2192 `chore/`",
         "   - `test:` \u2192 `test/`",
         "   - No prefix \u2192 `feat/`",
-        "3. **Create a branch** following the naming convention: `<type>/<short-slug>-<issue-number>` (e.g., `feat/add-login-42`)",
-        "4. **Checkout the branch** locally",
-        "5. **Link the branch to the issue** by posting a comment: `gh issue comment <number> --body 'Branch: \\`<branch-name>\\`'`",
-        "6. **Stop and wait** for user instructions \u2014 do **NOT** start implementing",
+        "4. **Create a branch** following the naming convention: `<type>/<short-slug>-<issue-number>` (e.g., `feat/add-login-42`)",
+        "5. **Checkout the branch** locally",
+        "6. **Link the branch to the issue** by posting a comment: `gh issue comment <number> --body 'Branch: \\`<branch-name>\\`'`",
+        "7. **Stop and wait** for user instructions \u2014 do **NOT** start implementing",
         "",
         "### Important",
         "",
@@ -834,7 +847,10 @@ var jestBundle = {
       ].join("\n"),
       tags: ["testing"]
     }
-  ]
+  ],
+  claudePermissions: {
+    allow: ["Bash(npx jest:*)"]
+  }
 };
 // src/pnpm/pnpm-workspace.ts
@@ -1337,7 +1353,10 @@ var turborepoBundle = {
       ].join("\n"),
       tags: ["workflow"]
     }
-  ]
+  ],
+  claudePermissions: {
+    allow: ["Bash(npx turbo:*)"]
+  }
 };
 // src/agent/bundles/typescript.ts
@@ -1412,7 +1431,10 @@ var typescriptBundle = {
       ].join("\n"),
       tags: ["coding"]
     }
-  ]
+  ],
+  claudePermissions: {
+    allow: ["Bash(npx tsc:*)"]
+  }
 };
 // src/vitest/vitest-component.ts
@@ -1604,7 +1626,10 @@ var vitestBundle = {
       ].join("\n"),
       tags: ["testing"]
     }
-  ]
+  ],
+  claudePermissions: {
+    allow: ["Bash(npx vitest:*)"]
+  }
 };
 // src/agent/bundles/index.ts
@@ -2229,6 +2254,110 @@ function resolveTemplateVariables(template, metadata) {
 }
 // src/agent/agent-config.ts
+var DEFAULT_CLAUDE_ALLOW = [
+  // ── Git ──────────────────────────────────────────────────────────────
+  "Bash(git add *)",
+  "Bash(git branch *)",
+  "Bash(git checkout *)",
+  "Bash(git commit *)",
+  "Bash(git diff *)",
+  "Bash(git fetch *)",
+  "Bash(git log *)",
+  "Bash(git merge *)",
+  "Bash(git mv *)",
+  "Bash(git pull *)",
+  "Bash(git push *)",
+  "Bash(git rebase *)",
+  "Bash(git rm *)",
+  "Bash(git stash *)",
+  "Bash(git status *)",
+  "Bash(git show *)",
+  "Bash(git rev-parse *)",
+  // ── GitHub CLI ───────────────────────────────────────────────────────
+  "Bash(gh issue *)",
+  "Bash(gh pr *)",
+  "Bash(gh repo *)",
+  "Bash(gh api *)",
+  "Bash(gh label *)",
+  "Bash(gh run *)",
+  "Bash(gh search *)",
+  "Bash(gh browse *)",
+  "Bash(gh status *)",
+  // ── Package manager ──────────────────────────────────────────────────
+  "Bash(pnpm *)",
+  // ── Read-only shell utilities ────────────────────────────────────────
+  "Bash(ls *)",
+  "Bash(find *)",
+  "Bash(cat *)",
+  "Bash(head *)",
+  "Bash(tail *)",
+  "Bash(wc *)",
+  "Bash(grep *)",
+  "Bash(sort *)",
+  "Bash(uniq *)",
+  "Bash(dirname *)",
+  "Bash(basename *)",
+  "Bash(which *)",
+  "Bash(diff *)",
+  "Bash(jq *)",
+  "Bash(date *)",
+  // ── Safe output / test utilities ─────────────────────────────────────
+  "Bash(echo *)",
+  "Bash(printf *)",
+  "Bash(test *)",
+  "Bash([ *)",
+  "Bash(true *)",
+  "Bash(false *)",
+  // ── Safe directory operations ────────────────────────────────────────
+  "Bash(mkdir *)",
+  "Bash(rmdir *)",
+  // ── Built-in tools ───────────────────────────────────────────────────
+  "Read(/**)",
+  "Edit(/**)",
+  "Write(/**)",
+  "WebFetch",
+  "WebSearch"
+];
+var DEFAULT_CLAUDE_DENY = [
+  // ── Destructive git ──────────────────────────────────────────────────
+  "Bash(git push --force *)",
+  "Bash(git push -f *)",
+  "Bash(git push origin --force *)",
+  "Bash(git push origin -f *)",
+  "Bash(git reset --hard *)",
+  "Bash(git clean -f *)",
+  "Bash(git remote *)",
+  // ── Destructive file operations ──────────────────────────────────────
+  "Bash(rm -rf *)",
+  "Bash(rm -r *)",
+  "Bash(rm *)",
+  // ── Network / remote access ──────────────────────────────────────────
+  "Bash(curl *)",
+  "Bash(wget *)",
+  "Bash(ssh *)",
+  "Bash(scp *)",
+  // ── System administration ────────────────────────────────────────────
+  "Bash(sudo *)",
+  "Bash(chmod *)",
+  "Bash(chown *)",
+  "Bash(kill *)",
+  "Bash(killall *)",
+  "Bash(pkill *)",
+  // ── Code execution / shell spawning ──────────────────────────────────
+  "Bash(eval *)",
+  "Bash(exec *)",
+  "Bash(source *)",
+  "Bash(. *)",
+  "Bash(bash *)",
+  "Bash(sh *)",
+  "Bash(zsh *)",
+  // ── App launching ────────────────────────────────────────────────────
+  "Bash(open *)",
+  "Bash(xdg-open *)",
+  // ── Environment manipulation ─────────────────────────────────────────
+  "Bash(export *)",
+  "Bash(env *)"
+];
 var AgentConfig = class _AgentConfig extends import_projen8.Component {
   /**
    * Find the AgentConfig component on a project.
@@ -2237,6 +2366,27 @@ var AgentConfig = class _AgentConfig extends import_projen8.Component {
     const isAgentConfig = (c) => c instanceof _AgentConfig;
     return project.components.find(isAgentConfig);
   }
+  /**
+   * Merges default Claude permissions with bundle and user-supplied settings.
+   *
+   * Merge order: defaults → bundle permissions → user-supplied entries.
+   * `defaultMode` defaults to `"dontAsk"` unless overridden.
+   */
+  static mergeClaudeDefaults(userSettings, bundlePermissions) {
+    const bundleAllow = bundlePermissions?.allow ?? [];
+    const bundleDeny = bundlePermissions?.deny ?? [];
+    const userAllow = userSettings?.permissions?.allow ?? [];
+    const userDeny = userSettings?.permissions?.deny ?? [];
+    return {
+      ...userSettings,
+      defaultMode: userSettings?.defaultMode ?? "dontAsk",
+      permissions: {
+        ...userSettings?.permissions,
+        allow: [...DEFAULT_CLAUDE_ALLOW, ...bundleAllow, ...userAllow],
+        deny: [...DEFAULT_CLAUDE_DENY, ...bundleDeny, ...userDeny]
+      }
+    };
+  }
   constructor(project, options = {}) {
     super(project);
     this.options = options;
@@ -2267,13 +2417,17 @@ var AgentConfig = class _AgentConfig extends import_projen8.Component {
       );
     }
     if (platforms.includes(AGENT_PLATFORM.CLAUDE)) {
+      const bundlePermissions = this.resolveBundlePermissions();
       ClaudeRenderer.render(
         this,
         resolvedRules,
         resolvedSkills,
         resolvedSubAgents,
         mcpServers,
-        this.options.claudeSettings
+        _AgentConfig.mergeClaudeDefaults(
+          this.options.claudeSettings,
+          bundlePermissions
+        )
       );
     }
     if (platforms.includes(AGENT_PLATFORM.CODEX)) {
@@ -2445,6 +2599,40 @@ ${extra}`
       return resolved !== agent.prompt ? { ...agent, prompt: resolved } : agent;
     });
   }
+  /**
+   * Collects Claude permission entries from all active bundles.
+   */
+  resolveBundlePermissions() {
+    const allow = [];
+    const deny = [];
+    if (this.options.autoDetectBundles !== false) {
+      for (const bundle of BUILT_IN_BUNDLES) {
+        if (this.options.excludeBundles?.includes(bundle.name)) continue;
+        if (bundle.appliesWhen(this.project) && bundle.claudePermissions) {
+          if (bundle.claudePermissions.allow) {
+            allow.push(...bundle.claudePermissions.allow);
+          }
+          if (bundle.claudePermissions.deny) {
+            deny.push(...bundle.claudePermissions.deny);
+          }
+        }
+      }
+    }
+    if (this.options.includeBundles) {
+      for (const bundleName of this.options.includeBundles) {
+        const bundle = BUILT_IN_BUNDLES.find((b) => b.name === bundleName);
+        if (bundle?.claudePermissions) {
+          if (bundle.claudePermissions.allow) {
+            allow.push(...bundle.claudePermissions.allow);
+          }
+          if (bundle.claudePermissions.deny) {
+            deny.push(...bundle.claudePermissions.deny);
+          }
+        }
+      }
+    }
+    return { allow, deny };
+  }
 };
 // src/aws/aws-deployment-config.ts