@hopla/claude-setup 1.17.0 → 1.19.0

package/skills/hook-audit/tests/fixtures/use-bad.ts.example

@@ -0,0 +1,53 @@
+// SYNTHETIC FIXTURE — triggers all 4 hook-audit rules.
+// Filename is *.example so TypeScript ignores it. This file is read as text by the hook-audit skill.
+
+import { useState, useRef } from 'react';
+
+// Rule D-1: module-level cache without companion inFlight map. BUG.
+const cache = new Map<string, FooResult>();
+
+type FooResult = { ok: boolean; value: string };
+
+export function useFooLookup(fooId: string) {
+  const [data, setData] = useState<FooResult | null>(null);
+  const [loading, setLoading] = useState(false);
+  const currentFooRef = useRef<string>(fooId);
+
+  async function load(id: string) {
+    setLoading(true);
+    currentFooRef.current = id;
+    try {
+      const cached = cache.get(id);
+      if (cached) {
+        setData(cached);
+        return;
+      }
+      const result = await fakeFetch(id);
+      cache.set(id, result);
+      if (currentFooRef.current === id) {
+        setData(result);
+      }
+    } catch (error: any) {
+      // Rule E-1: substring match — too permissive. BUG.
+      if (error.message.includes('imei')) {
+        setData({ ok: false, value: 'imei-error' });
+      }
+    } finally {
+      // Rule S-8: setLoading(false) inside stale-id guard. BUG.
+      if (currentFooRef.current === id) {
+        setLoading(false);
+      }
+    }
+  }
+
+  // Rule P-5: object literal return without useMemo. BUG.
+  return {
+    data,
+    loading,
+    load,
+  };
+}
+
+async function fakeFetch(id: string): Promise<FooResult> {
+  return { ok: true, value: id };
+}

package/skills/hook-audit/tests/fixtures/use-good.ts.example

@@ -0,0 +1,64 @@
+// SYNTHETIC FIXTURE — clean hook that passes all 4 rules.
+// Mirrors the well-formed consumer-project shape (e.g. useGradingDefinitions.ts).
+
+import { useState, useRef, useMemo } from 'react';
+
+// Rule D-1: cache + companion inFlight map. CLEAN.
+const cache = new Map<string, BarResult>();
+const inFlight = new Map<string, Promise<BarResult>>();
+
+type BarResult = { ok: boolean; value: string };
+
+export function useBarLookup(barId: string) {
+  const [data, setData] = useState<BarResult | null>(null);
+  const [loading, setLoading] = useState(false);
+  const currentBarRef = useRef<string>(barId);
+
+  async function load(id: string) {
+    setLoading(true);
+    currentBarRef.current = id;
+    try {
+      const cached = cache.get(id);
+      if (cached) {
+        setData(cached);
+        return;
+      }
+      const inflight = inFlight.get(id);
+      const promise = inflight ?? fakeFetch(id).then((result) => {
+        cache.set(id, result);
+        inFlight.delete(id);
+        return result;
+      });
+      if (!inflight) inFlight.set(id, promise);
+      const result = await promise;
+      if (currentBarRef.current === id) {
+        setData(result);
+      }
+    } catch (error: any) {
+      // Rule E-1: anchored regex — precise. CLEAN.
+      if (/^(invalid )?bar( format)?\b/i.test(error.message)) {
+        setData({ ok: false, value: 'bar-error' });
+      }
+    } finally {
+      if (currentBarRef.current === id) {
+        setData((prev) => prev);
+      }
+      // Rule S-8: setLoading(false) OUTSIDE the stale-id guard. CLEAN.
+      setLoading(false);
+    }
+  }
+
+  // Rule P-5: return wrapped in useMemo with full deps. CLEAN.
+  return useMemo(
+    () => ({
+      data,
+      loading,
+      load,
+    }),
+    [data, loading, load],
+  );
+}
+
+async function fakeFetch(id: string): Promise<BarResult> {
+  return { ok: true, value: id };
+}

package/skills/hook-audit/tests/manual-test.sh

@@ -0,0 +1,73 @@
+#!/bin/bash
+#
+# Manual sanity test for the hook-audit skill's detection layer.
+#
+# The skill itself is markdown — an agent (Claude) interprets it. This script
+# cannot exercise the full agent flow. What it CAN do is verify that the
+# grep-based detection commands from `checklist.md` produce the expected
+# candidate matches against the bundled fixtures.
+#
+# Rules covered by this script:
+#   - E-1 (substring error matching) — exact match count
+#   - D-1 (cache + inFlight)         — presence check
+#
+# Rules requiring agent-level structural verification (NOT covered here, by design):
+#   - P-5 (return-not-memoized)      — needs hook-scope + useMemo-wrapper filter
+#   - S-8 (setLoading inside guard)  — needs brace-balance / above-context filter
+# Their grep stage is exercised below but only as a "candidates exist" assertion.
+#
+# Usage:  bash skills/hook-audit/tests/manual-test.sh
+# Exits 0 on success, 1 on the first failed assertion.
+
+set -e
+set -u
+
+DIR="$(cd "$(dirname "$0")" && pwd)"
+BAD="$DIR/fixtures/use-bad.ts.example"
+GOOD="$DIR/fixtures/use-good.ts.example"
+PASS=0
+FAIL=0
+
+run() {
+    local label="$1"
+    local expected="$2"
+    local actual="$3"
+    if [ "$expected" = "$actual" ]; then
+        echo "  ✓ $label"
+        PASS=$((PASS + 1))
+    else
+        echo "  ✗ $label — expected '$expected', got '$actual'"
+        FAIL=$((FAIL + 1))
+    fi
+}
+
+count() {
+    # `grep -c` already outputs the match count (0 if none). Its exit code is
+    # 1 on no matches; the `|| true` keeps `set -e` happy without duplicating
+    # output via an explicit `echo 0` fallback.
+    grep -cE "$1" "$2" 2>/dev/null || true
+}
+
+echo "=== hook-audit detection sanity test ==="
+echo
+
+[ -f "$BAD" ]  || { echo "Missing fixture: $BAD"; exit 1; }
+[ -f "$GOOD" ] || { echo "Missing fixture: $GOOD"; exit 1; }
+
+echo "BAD fixture ($BAD):"
+run "P-5 — return literal candidate present"      "yes" "$([ $(count 'return[[:space:]]*\{' "$BAD") -ge 1 ] && echo yes || echo no)"
+run "S-8 — setLoading(false) candidate present"   "yes" "$([ $(count 'setLoading\(false\)' "$BAD") -ge 1 ] && echo yes || echo no)"
+run "E-1 — substring matcher detected exactly 1"  "1"   "$(count "\.message\??\.includes\([\"'][a-z]+[\"']\)" "$BAD")"
+run "D-1 — module cache present"                  "yes" "$([ $(count '^const cache[[:space:]]*=[[:space:]]*new Map' "$BAD") -ge 1 ] && echo yes || echo no)"
+run "D-1 — inFlight ABSENT"                       "yes" "$([ $(count '^const inFlight[[:space:]]*=[[:space:]]*new Map' "$BAD") -eq 0 ] && echo yes || echo no)"
+
+echo
+echo "GOOD fixture ($GOOD):"
+run "E-1 — no substring matcher (count is 0)"     "0"   "$(count "\.message\??\.includes\([\"'][a-z]+[\"']\)" "$GOOD")"
+run "D-1 — module cache present"                  "yes" "$([ $(count '^const cache[[:space:]]*=[[:space:]]*new Map' "$GOOD") -ge 1 ] && echo yes || echo no)"
+run "D-1 — inFlight present"                      "yes" "$([ $(count '^const inFlight[[:space:]]*=[[:space:]]*new Map' "$GOOD") -ge 1 ] && echo yes || echo no)"
+
+echo
+echo "=== Summary: $PASS passed, $FAIL failed ==="
+[ "$FAIL" -eq 0 ] || exit 1
+echo "All hook-audit detection tests pass."

package/skills/prime/SKILL.md

@@ -14,14 +14,14 @@ Use the Glob tool to list project files (up to 60):
 - Pattern: `**/*` with head_limit: 60
 
 Use the Glob tool to find key config files:
-- `**/CLAUDE.md`
 - `**/AGENTS.md`
+- `**/CLAUDE.md`
 - `**/README.md`
 
 ## Step 2: Read Key Files
 
 Read in this order:
-1. `CLAUDE.md` or `AGENTS.md` at project root (project-specific rules)
+1. `AGENTS.md` or `CLAUDE.md` at project root (project-specific rules — AGENTS.md is canonical when both exist; CLAUDE.md may be a thin `@AGENTS.md` alias)
 2. `README.md` (project overview)
 3. `package.json` or `pyproject.toml` (dependencies and scripts)
 

package/skills/refactoring/SKILL.md

@@ -23,7 +23,7 @@ If the answers reveal a missing test covering the target, **write the test first
 
 ## Step 2: Capture the Baseline
 
-Run the project's validation commands from `CLAUDE.md` (or use `/hopla:validate`). Record:
+Run the project's validation commands from `AGENTS.md` (or `CLAUDE.md` as fallback, or use `/hopla:validate`). Record:
 
 - Lint / format — current state
 - Types — current state

package/skills/subagent-execution/SKILL.md

@@ -19,7 +19,7 @@ Instead of executing all tasks in one conversation (where context degrades), dis
 1. **Dispatch implementer agent** with:
    - The specific task spec (not the full plan)
    - Relevant file paths from the plan
-   - Project CLAUDE.md for conventions
+   - Project AGENTS.md (or CLAUDE.md as fallback) for conventions
    - Clear success criteria
 
 2. **Agent implements, tests, and reports** with status:
@@ -48,7 +48,7 @@ Implement this task from the plan:
 **Tests**: [tests to write]
 **Validation**: [command to verify]
 
-Project conventions are in CLAUDE.md. Follow them strictly.
+Project conventions are in AGENTS.md (or CLAUDE.md for legacy projects). Follow them strictly.
 Report your status as DONE, DONE_WITH_CONCERNS, NEEDS_CONTEXT, or BLOCKED.
 ```
 

package/skills/worktree/SKILL.md

@@ -44,7 +44,7 @@ Use `../git/flow-detection.md` (Steps 1–2) to resolve the base branch from the
 Check in order:
 
 1. Existing `.worktrees/` or `worktrees/` directory
-2. `CLAUDE.md` preference (if configured)
+2. `AGENTS.md` / `CLAUDE.md` preference (if configured)
 3. Ask the user (default: `worktrees/<kebab-name>`)
 
 ### Step 3: Ensure the worktree directory is gitignored
@@ -91,7 +91,7 @@ If none match, skip.
 
 ### Step 6: Verify clean baseline (optional)
 
-If `CLAUDE.md` or `package.json` defines a test command, run it once inside the worktree to confirm the baseline is green. If no test command is defined, skip.
+If `AGENTS.md` / `CLAUDE.md` or `package.json` defines a test command, run it once inside the worktree to confirm the baseline is green. If no test command is defined, skip.
 
 If tests fail **before any changes**, STOP and report — the baseline is broken.