@luanpdd/kit-mcp 1.5.3 → 1.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +34 -0
- package/kit/agents/planner.md +113 -635
- package/kit/hooks/sidecar-tool-publisher.js +182 -0
- package/package.json +3 -2
- package/src/core/kit.js +25 -4
- package/src/core/reverse-sync.js +2 -1
- package/src/core/sync.js +40 -13
- package/src/ui/lockfile.js +50 -10
- package/src/ui/server.js +21 -3
- package/src/ui/static/index.html +41 -1
- package/src/ui/wrapper.js +14 -4
package/CHANGELOG.md
CHANGED
|
@@ -6,6 +6,40 @@ Format: [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) · Versioning:
|
|
|
6
6
|
|
|
7
7
|
## [Unreleased]
|
|
8
8
|
|
|
9
|
+
## [1.6.0] - 2026-05-05
|
|
10
|
+
|
|
11
|
+
Milestone v1.6 — perf+lean: 16 itens de auditoria de codebase entregues em 3 fases (Phase 19 quick wins, Phase 20 hardening, Phase 21 token economy) + observability hook (Phase 19.5).
|
|
12
|
+
|
|
13
|
+
### Adicionado
|
|
14
|
+
|
|
15
|
+
- **Hook PostToolUse para sidecar** (`kit/hooks/sidecar-tool-publisher.js`). Publica `tool_invocation` events no sidecar a cada tool use do Claude Code. Source detection (claude-code/cursor/vscode/jetbrains) + pid para multi-IDE. UI ganha `.tl-source` pill com cor por IDE e `renderArgsSummary` com hint de file_path/command. Resolve "sidecar não viu o que Claude estava fazendo".
|
|
16
|
+
- **Sidecar `/state` aceita `?offset=N&limit=M`** para paginação (PERF-05). Comportamento default (ring inteiro) preservado.
|
|
17
|
+
- **`prepublishOnly` script** (INF-01) — `npm publish` agora roda unit + integration tests como preflight.
|
|
18
|
+
- **Node 24 no CI matrix** (INF-03) — 3 OS × 3 Node = 9 combos.
|
|
19
|
+
- **`npm audit --audit-level=high --omit=dev` no CI** (SEC-04) — falha em CVEs Alto+ na única dep runtime (open@11).
|
|
20
|
+
- **`.npmignore` explícito** (INF-02) — belt-and-braces alongside `package.json` files allowlist.
|
|
21
|
+
|
|
22
|
+
### Corrigido
|
|
23
|
+
|
|
24
|
+
- **listKit cache TTL 30s** (PERF-01) — repeated `mcp__kit__kit list-*` calls no longer re-walk 60+ files.
|
|
25
|
+
- **Frontmatter regex top-level** (PERF-02) — was recompiled 60x per listKit.
|
|
26
|
+
- **`opts.kit` em sync/reverse-sync** (PERF-03) — sequential sync+reverse-sync agora 1 walk em vez de 2.
|
|
27
|
+
- **healthz probe timeout 500ms** (PERF-04) — sidecar travado não bloqueia mais startup de novo sidecar.
|
|
28
|
+
- **TOCTOU re-probe em acquireLockOrReclaim** (SEC-01) — race entre releaseLock e retry-acquire fechado.
|
|
29
|
+
- **walkTree path traversal block** (SEC-02) — `isSafeRel()` rejeita `../`, abs, drive-prefixed em mode=copy.
|
|
30
|
+
- **redactPath case-insensitive + separator-agnostic** (SEC-03) — Windows paths com casing/slash variantes agora redatam.
|
|
31
|
+
- **deps-budget message dinâmico** (INF-04) — "Runtime deps: $CURRENT / $BUDGET" em vez de baseline obsoleta.
|
|
32
|
+
|
|
33
|
+
### Tokens
|
|
34
|
+
|
|
35
|
+
- **`planner.md` compactado de 53 KB → 35 KB** (TOK-01) — -34%, mantendo specs core (anatomia, checkpoints, TDD, frontmatter).
|
|
36
|
+
- **CLAUDE.md gerado por `kit sync` slim** (TOK-02) — descrições truncadas a 80 chars; 10.4 → 8.5 KB.
|
|
37
|
+
- **planner.md headers de 72 → 47** (TOK-03 parcial) — meta era ≤25; consolidação adicional risco de perder navegação.
|
|
38
|
+
|
|
39
|
+
### Sem mudanças de API runtime
|
|
40
|
+
|
|
41
|
+
Stable API v1.0+ preservada. `mcp__kit__kit action=get` ainda retorna content/absPath completos. Hook é opt-in via `~/.claude/settings.json`.
|
|
42
|
+
|
|
9
43
|
## [1.5.3] - 2026-05-05
|
|
10
44
|
|
|
11
45
|
Patch bundle de auditoria — 4 melhorias quick-win (1 segurança, 1 infra, 2 token-economy).
|