@mcptoolshop/claude-hook-debug 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +41 -0
  2. package/README.md +21 -6
  3. package/dist/cli.js +38 -2
  4. package/package.json +4 -2
package/CHANGELOG.md ADDED
@@ -0,0 +1,41 @@
1
+ # Changelog
2
+
3
+ All notable changes to this project will be documented in this file.
4
+
5
+ The format is based on [Keep a Changelog](https://keepachangelog.com/),
6
+ and this project adheres to [Semantic Versioning](https://semver.org/).
7
+
8
+ ## 1.0.1 (2026-03-20)
9
+
10
+ ### Added
11
+
12
+ - CI workflow with vitest coverage + codecov upload
13
+ - Landing page (site-theme) + Starlight handbook (5 pages)
14
+ - Coverage badge in README
15
+ - `--help` and `--version` CLI flags
16
+ - vitest.config.ts scoping coverage to src/
17
+
18
+ ### Fixed
19
+
20
+ - Exit code logic moved outside format branch so JSON mode also returns exit code 1 on errors
21
+
22
+ ## 1.0.0 (2026-03-19)
23
+
24
+ ### Added
25
+
26
+ - Settings scanner — reads all 4 Claude Code settings scopes (managed, user, project, local)
27
+ - Plugin state extraction — tracks enabled/disabled state across scopes with merge resolution
28
+ - Hook extraction — maps all user-defined hooks by event type with provenance
29
+ - 8 diagnostic rules detecting known Claude Code bugs:
30
+ - `GHOST_HOOK_PREVIEW` — disabled claude-preview plugin still fires hooks (#19893)
31
+ - `GHOST_HOOK_GENERIC` — any disabled plugin with potential ghost hooks
32
+ - `LOCAL_ONLY_PLUGINS` — enabledPlugins in local-only settings silently dropped (#25086)
33
+ - `SCOPE_CONFLICT` — plugin enabled/disabled conflict across scopes
34
+ - `STOP_CONTINUE_LOOP` — Stop hook with continue:true causes infinite loop (#1288)
35
+ - `DISABLE_ALL_HOOKS_ACTIVE` — disableAllHooks suppresses all hooks including managed
36
+ - `BROKEN_SETTINGS_JSON` — invalid JSON silently disables all settings from that file
37
+ - `LARGE_SETTINGS_FILE` — settings file >100KB may cause slow startup
38
+ - `PLUGIN_HOOKS_INVISIBLE` — no user hooks but plugins enabled
39
+ - CLI with ANSI table and JSON output formats
40
+ - Library API (`debug()` function) for programmatic use
41
+ - 24 tests across 2 test suites
package/README.md CHANGED
@@ -1,4 +1,16 @@
1
- # claude-hook-debug
1
+ <p align="center">
2
+ <a href="https://mcp-tool-shop-org.github.io/claude-hook-debug/">
3
+ <img src="https://raw.githubusercontent.com/mcp-tool-shop-org/brand/main/logos/claude-hook-debug/readme.png" width="400" alt="claude-hook-debug" />
4
+ </a>
5
+ </p>
6
+
7
+ <p align="center">
8
+ <a href="https://github.com/mcp-tool-shop-org/claude-hook-debug/actions/workflows/ci.yml"><img src="https://github.com/mcp-tool-shop-org/claude-hook-debug/actions/workflows/ci.yml/badge.svg" alt="CI" /></a>
9
+ <a href="https://codecov.io/gh/mcp-tool-shop-org/claude-hook-debug"><img src="https://codecov.io/gh/mcp-tool-shop-org/claude-hook-debug/branch/main/graph/badge.svg" alt="Coverage" /></a>
10
+ <a href="https://www.npmjs.com/package/@mcptoolshop/claude-hook-debug"><img src="https://img.shields.io/npm/v/@mcptoolshop/claude-hook-debug" alt="npm" /></a>
11
+ <a href="https://github.com/mcp-tool-shop-org/claude-hook-debug/blob/main/LICENSE"><img src="https://img.shields.io/badge/license-MIT-blue" alt="MIT License" /></a>
12
+ <a href="https://mcp-tool-shop-org.github.io/claude-hook-debug/"><img src="https://img.shields.io/badge/Landing_Page-live-blue" alt="Landing Page" /></a>
13
+ </p>
2
14
 
3
15
  Diagnostic CLI for Claude Code hook issues. Detects ghost hooks from disabled plugins, scope conflicts, misconfigured settings, and known Claude Code bugs.
4
16
 
@@ -68,12 +80,15 @@ console.log(report.plugins);
68
80
  // [{ pluginId: 'claude-preview@...', mergedEnabled: false, scopes: [...] }]
69
81
  ```
70
82
 
71
- ## Security
83
+ ## Security & Threat Model
72
84
 
73
- - **Read-only.** Reads settings files, never modifies them.
74
- - **No network.** No API calls, no telemetry, no phone-home.
75
- - **No secrets.** Does not read or log env var values, API keys, or tokens.
76
- - **Zero dependencies.** Only Node.js built-ins.
85
+ **What it touches:** Claude Code settings files (`~/.claude/settings.json`, `.claude/settings.json`, `.claude/settings.local.json`, `~/.claude/managed-settings.json`). All reads are read-only the tool never modifies any file.
86
+
87
+ **What it does NOT touch:** No API keys, tokens, env var values, or credentials are read or logged. The `env` block in settings is completely ignored. No files outside Claude Code settings paths are accessed.
88
+
89
+ **Permissions required:** Filesystem read access to `~/.claude/` and the project's `.claude/` directory. No elevated permissions, no network access, no shell execution.
90
+
91
+ **No telemetry.** No analytics. No phone-home. No data collection of any kind. Zero production dependencies.
77
92
 
78
93
  ---
79
94
 
package/dist/cli.js CHANGED
@@ -448,6 +448,42 @@ function debug(opts) {
448
448
 
449
449
  // src/cli.ts
450
450
  var args = process.argv.slice(2);
451
+ if (args.includes("--help") || args.includes("-h")) {
452
+ console.log(`claude-hook-debug \u2014 Diagnostic CLI for Claude Code hook issues
453
+
454
+ Usage:
455
+ claude-hook-debug [project-path] [flags]
456
+
457
+ Flags:
458
+ --json Output as JSON (for piping/scripting)
459
+ --help, -h Show this help message
460
+ --version Show version
461
+
462
+ Examples:
463
+ claude-hook-debug # Scan current workspace
464
+ claude-hook-debug /path/to/project # Scan specific project
465
+ claude-hook-debug --json # JSON output
466
+
467
+ Exit codes:
468
+ 0 No errors found
469
+ 1 One or more diagnostic errors detected
470
+
471
+ Built by MCP Tool Shop \u2014 https://mcp-tool-shop.github.io/`);
472
+ process.exit(0);
473
+ }
474
+ if (args.includes("--version")) {
475
+ try {
476
+ const { readFileSync: readFileSync2 } = await import("fs");
477
+ const { dirname, join: join2 } = await import("path");
478
+ const { fileURLToPath } = await import("url");
479
+ const __dirname = dirname(fileURLToPath(import.meta.url));
480
+ const pkg = JSON.parse(readFileSync2(join2(__dirname, "..", "package.json"), "utf-8"));
481
+ console.log(pkg.version);
482
+ } catch {
483
+ console.log("unknown");
484
+ }
485
+ process.exit(0);
486
+ }
451
487
  var useJson = args.includes("--json");
452
488
  var projectRoot = args.find((a) => !a.startsWith("-"));
453
489
  var report = debug({ projectRoot: projectRoot ?? process.cwd() });
@@ -455,6 +491,6 @@ if (useJson) {
455
491
  console.log(formatReportJson(report));
456
492
  } else {
457
493
  console.log(formatReport(report));
458
- const hasErrors = report.diagnostics.some((d) => d.severity === "error");
459
- process.exit(hasErrors ? 1 : 0);
460
494
  }
495
+ var hasErrors = report.diagnostics.some((d) => d.severity === "error");
496
+ process.exit(hasErrors ? 1 : 0);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@mcptoolshop/claude-hook-debug",
3
- "version": "1.0.0",
3
+ "version": "1.0.1",
4
4
  "description": "Diagnostic CLI for Claude Code hook issues — detects ghost hooks, scope conflicts, and plugin lifecycle bugs",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",
@@ -19,13 +19,14 @@
19
19
  "files": [
20
20
  "dist",
21
21
  "README.md",
22
+ "CHANGELOG.md",
22
23
  "LICENSE"
23
24
  ],
24
25
  "scripts": {
25
26
  "build": "tsup",
26
27
  "test": "vitest run",
27
28
  "test:watch": "vitest",
28
- "verify": "npm run build && node dist/cli.js",
29
+ "verify": "npm run build && npm test -- --coverage && node dist/cli.js",
29
30
  "prepublishOnly": "npm run build"
30
31
  },
31
32
  "keywords": [
@@ -48,6 +49,7 @@
48
49
  },
49
50
  "devDependencies": {
50
51
  "@types/node": "^22.0.0",
52
+ "@vitest/coverage-v8": "^3.2.4",
51
53
  "tsup": "^8.0.0",
52
54
  "typescript": "^5.4.0",
53
55
  "vitest": "^3.0.0"