@paths.design/caws-cli 10.2.0 → 11.0.0

package/templates/.claude/hooks/worktree-guard.sh

@@ -1,220 +0,0 @@
-#!/bin/bash
-# CAWS Worktree Safety Guard for Claude Code
-# Blocks dangerous operations when parallel worktrees are active
-# @author @darianrosebrook
-
-set -euo pipefail
-
-# Read JSON input from Claude Code
-INPUT=$(cat)
-
-# Extract tool info
-TOOL_NAME=$(echo "$INPUT" | jq -r '.tool_name // ""')
-COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // ""')
-HOOK_CWD=$(echo "$INPUT" | jq -r '.cwd // ""')
-
-# Only check Bash tool
-if [[ "$TOOL_NAME" != "Bash" ]] || [[ -z "$COMMAND" ]]; then
-  exit 0
-fi
-
-# --- Resolve main repo root ---
-# When running inside a worktree, CLAUDE_PROJECT_DIR points to the
-# worktree directory, but .caws/worktrees.json only exists in the main
-# repo. Use git's common dir to find the true repo root.
-PROJECT_DIR="${CLAUDE_PROJECT_DIR:-.}"
-
-if command -v git >/dev/null 2>&1; then
-  GIT_COMMON_DIR=$(cd "$PROJECT_DIR" && git rev-parse --git-common-dir 2>/dev/null || echo "")
-  if [[ -n "$GIT_COMMON_DIR" ]] && [[ "$GIT_COMMON_DIR" != ".git" ]]; then
-    # Inside a worktree: --git-common-dir returns the main repo's .git path
-    # (e.g., /path/to/repo/.git or /path/to/repo/.git/worktrees/<name>/..)
-    CANDIDATE=$(cd "$PROJECT_DIR" && cd "$GIT_COMMON_DIR/.." 2>/dev/null && pwd || echo "")
-    if [[ -n "$CANDIDATE" ]] && [[ -d "$CANDIDATE/.caws" ]]; then
-      PROJECT_DIR="$CANDIDATE"
-    fi
-  fi
-fi
-
-# --- Gap 2: Block sparse checkout before the git-only filter ---
-# This must run before the "only check git commands" early-exit
-if echo "$COMMAND" | grep -qE 'caws\s+(worktree\s+create|parallel\s+setup).*--scope'; then
-  echo "BLOCKED: --scope (sparse checkout) is not allowed." >&2
-  echo "Sparse checkout breaks cross-module imports in most projects." >&2
-  echo "Use full worktrees without --scope. Scope enforcement comes from" >&2
-  echo "CAWS feature specs and lane discipline, not from hiding files." >&2
-  exit 2
-fi
-
-# --- Gap 5: Block cross-boundary file copies ---
-# Only block copies FROM a worktree back to the main repo (defeats isolation).
-# Copies INTO a worktree are fine — the agent is working there and the files
-# live on the worktree branch, disappearing on merge.
-WORKTREE_BASE="$PROJECT_DIR/.caws/worktrees"
-if [[ -d "$WORKTREE_BASE" ]]; then
-  if echo "$COMMAND" | grep -qE '\b(cp|mv)\b'; then
-    # If the agent is working inside a worktree, allow all copies — they're
-    # in their own workspace
-    AGENT_IN_WORKTREE=false
-    if [[ -n "$HOOK_CWD" ]] && [[ "$HOOK_CWD" == "$WORKTREE_BASE"/* ]]; then
-      AGENT_IN_WORKTREE=true
-    fi
-
-    if [[ "$AGENT_IN_WORKTREE" != "true" ]]; then
-      if echo "$COMMAND" | grep -qF ".caws/worktrees/" || echo "$COMMAND" | grep -qF "$WORKTREE_BASE"; then
-        # Check if the command references both a worktree path and the main repo
-        HAS_WT_PATH=false
-        HAS_MAIN_PATH=false
-        if echo "$COMMAND" | grep -qE '\.caws/worktrees/|'"$(echo "$WORKTREE_BASE" | sed 's/[\/&]/\\&/g')"''; then
-          HAS_WT_PATH=true
-        fi
-        # Check if destination/source is outside the worktree
-        if echo "$COMMAND" | grep -qE "(^|\s)$PROJECT_DIR/[^.]|core/|src/|tests/|packages/" && [[ "$HAS_WT_PATH" == "true" ]]; then
-          HAS_MAIN_PATH=true
-        fi
-        if [[ "$HAS_WT_PATH" == "true" ]] && [[ "$HAS_MAIN_PATH" == "true" ]]; then
-          echo "BLOCKED: Copying files from a worktree to the main repo is forbidden." >&2
-          echo "This bypasses worktree isolation. Work entirely within your worktree." >&2
-          echo "If tests need the main repo's venv, activate it with:" >&2
-          echo "  source $PROJECT_DIR/.venv/bin/activate" >&2
-          exit 2
-        fi
-      fi
-    fi
-  fi
-fi
-
-# Only check git commands from here on
-if ! echo "$COMMAND" | grep -qE '(^|\s|&&|\|)git\s'; then
-  exit 0
-fi
-
-# --- Determine if worktrees are active ---
-WORKTREES_ACTIVE=false
-PARALLEL_BASE=""
-
-# Check .caws/parallel.json
-if [[ -f "$PROJECT_DIR/.caws/parallel.json" ]] && command -v node >/dev/null 2>&1; then
-  PARALLEL_INFO=$(node -e "
-    try {
-      var reg = JSON.parse(require('fs').readFileSync('$PROJECT_DIR/.caws/parallel.json', 'utf8'));
-      var agents = (reg.agents || []).length;
-      console.log(agents + ':' + (reg.baseBranch || ''));
-    } catch(e) { console.log('0:'); }
-  " 2>/dev/null || echo "0:")
-
-  AGENT_COUNT=$(echo "$PARALLEL_INFO" | cut -d: -f1)
-  PARALLEL_BASE=$(echo "$PARALLEL_INFO" | cut -d: -f2)
-
-  if [[ "$AGENT_COUNT" -gt 0 ]] 2>/dev/null; then
-    WORKTREES_ACTIVE=true
-  fi
-fi
-
-# Check .caws/worktrees.json
-if [[ "$WORKTREES_ACTIVE" != "true" ]] && [[ -f "$PROJECT_DIR/.caws/worktrees.json" ]] && command -v node >/dev/null 2>&1; then
-  ACTIVE_COUNT=$(node -e "
-    try {
-      var reg = JSON.parse(require('fs').readFileSync('$PROJECT_DIR/.caws/worktrees.json', 'utf8'));
-      var active = Object.values(reg.worktrees || {}).filter(function(w) { return w.status === 'active' || w.status === 'fresh' || w.status === 'merged'; });
-      console.log(active.length);
-    } catch(e) { console.log('0'); }
-  " 2>/dev/null || echo "0")
-
-  if [[ "$ACTIVE_COUNT" -gt 0 ]] 2>/dev/null; then
-    WORKTREES_ACTIVE=true
-  fi
-fi
-
-# If no worktrees are active, allow everything
-if [[ "$WORKTREES_ACTIVE" != "true" ]]; then
-  exit 0
-fi
-
-# --- Block dangerous git operations when worktrees are active ---
-
-# Block git commit --amend
-if echo "$COMMAND" | grep -qE 'git\s+commit\s+.*--amend'; then
-  echo "BLOCKED: git commit --amend is not allowed while worktrees are active." >&2
-  echo "Amending commits risks rewriting another agent's work." >&2
-  echo "Create a new commit instead." >&2
-  exit 2
-fi
-
-# Block git stash (shared across worktrees)
-if echo "$COMMAND" | grep -qE 'git\s+stash' && ! echo "$COMMAND" | grep -qE 'git\s+stash\s+list'; then
-  echo "BLOCKED: git stash is not allowed while worktrees are active." >&2
-  echo "Stash is shared across all worktrees and can capture or destroy another agent's work." >&2
-  echo "Commit your changes to your branch instead." >&2
-  exit 2
-fi
-
-# Block git reset --hard
-if echo "$COMMAND" | grep -qE 'git\s+reset\s+--hard'; then
-  echo "BLOCKED: git reset --hard is not allowed while worktrees are active." >&2
-  echo "This could discard work that other agents depend on." >&2
-  exit 2
-fi
-
-# Block git push --force
-if echo "$COMMAND" | grep -qE 'git\s+push\s+.*(--force|-f\s)'; then
-  echo "BLOCKED: Force push is not allowed while worktrees are active." >&2
-  echo "This could rewrite history that other agents have based work on." >&2
-  exit 2
-fi
-
-# --- Base branch protections ---
-# Use the hook input's cwd (where the git command will actually execute), not
-# CLAUDE_PROJECT_DIR (which always points to the main repo root, even when the
-# agent has cd'd into a worktree at .caws/worktrees/<name>/).
-AGENT_DIR="${HOOK_CWD:-${CLAUDE_PROJECT_DIR:-.}}"
-CURRENT_BRANCH=$(cd "$AGENT_DIR" && git rev-parse --abbrev-ref HEAD 2>/dev/null || echo "unknown")
-
-# Determine the base branch to protect
-BASE_BRANCH="$PARALLEL_BASE"
-if [[ -z "$BASE_BRANCH" ]] && [[ -f "$PROJECT_DIR/.caws/worktrees.json" ]] && command -v node >/dev/null 2>&1; then
-  BASE_BRANCH=$(node -e "
-    try {
-      var reg = JSON.parse(require('fs').readFileSync('$PROJECT_DIR/.caws/worktrees.json', 'utf8'));
-      var active = Object.values(reg.worktrees || {}).filter(function(w) { return w.status === 'active' || w.status === 'fresh' || w.status === 'merged'; });
-      if (active.length > 0) console.log(active[0].baseBranch || '');
-      else console.log('');
-    } catch(e) { console.log(''); }
-  " 2>/dev/null || echo "")
-fi
-
-if [[ -n "$BASE_BRANCH" ]] && [[ "$CURRENT_BRANCH" == "$BASE_BRANCH" ]]; then
-  # Block push from base branch
-  if echo "$COMMAND" | grep -qE 'git\s+push'; then
-    echo "BLOCKED: Pushing from the base branch ($BASE_BRANCH) while worktrees are active." >&2
-    echo "You should be working in a worktree, not on the base branch." >&2
-    echo "Use: cd .caws/worktrees/<name>/" >&2
-    exit 2
-  fi
-
-  # Allow git merge into base branch (merging completed worktree branches back)
-  # The commit-msg hook enforces the merge(worktree): message format
-  if echo "$COMMAND" | grep -qE 'git\s+merge\b'; then
-    echo '{
-      "hookSpecificOutput": {
-        "hookEventName": "PreToolUse",
-        "additionalContext": "Merging into base branch ('"$BASE_BRANCH"') while worktrees are active. The commit-msg hook will enforce the merge(worktree): message format. Make sure the worktree for this branch has been destroyed first."
-      }
-    }'
-    exit 0
-  fi
-
-  # Warn (but don't block) commits on base branch — the pre-commit + commit-msg hooks handle blocking
-  if echo "$COMMAND" | grep -qE 'git\s+commit\b' && ! echo "$COMMAND" | grep -qE '--amend'; then
-    echo '{
-      "hookSpecificOutput": {
-        "hookEventName": "PreToolUse",
-        "additionalContext": "WARNING: You are committing to the base branch ('"$BASE_BRANCH"') while worktrees are active. Only merge commits with the format merge(worktree): <description> are allowed. The pre-commit hook will block direct commits."
-      }
-    }'
-    exit 0
-  fi
-fi
-
-# Allow the command
-exit 0

package/templates/.claude/hooks/worktree-write-guard.sh

@@ -1,190 +0,0 @@
-#!/bin/bash
-# CAWS Worktree Write Guard for Claude Code
-# Blocks Write/Edit on the base branch while worktrees are active.
-# This prevents agents from modifying files on main and then trying to
-# create worktrees retroactively to commit them.
-# @author @darianrosebrook
-
-set -euo pipefail
-
-# Read JSON input from Claude Code
-INPUT=$(cat)
-
-# Extract tool info
-TOOL_NAME=$(echo "$INPUT" | jq -r '.tool_name // ""')
-FILE_PATH=$(echo "$INPUT" | jq -r '.tool_input.file_path // ""')
-HOOK_CWD=$(echo "$INPUT" | jq -r '.cwd // ""')
-
-# Only check Write and Edit tools
-case "$TOOL_NAME" in
-  Write|Edit) ;;
-  *) exit 0 ;;
-esac
-
-# --- Resolve main repo root ---
-PROJECT_DIR="${CLAUDE_PROJECT_DIR:-.}"
-
-if command -v git >/dev/null 2>&1; then
-  GIT_COMMON_DIR=$(cd "$PROJECT_DIR" && git rev-parse --git-common-dir 2>/dev/null || echo "")
-  if [[ -n "$GIT_COMMON_DIR" ]] && [[ "$GIT_COMMON_DIR" != ".git" ]]; then
-    CANDIDATE=$(cd "$PROJECT_DIR" && cd "$GIT_COMMON_DIR/.." 2>/dev/null && pwd || echo "")
-    if [[ -n "$CANDIDATE" ]] && [[ -d "$CANDIDATE/.caws" ]]; then
-      PROJECT_DIR="$CANDIDATE"
-    fi
-  fi
-fi
-
-# --- Check for active worktrees ---
-if [[ ! -f "$PROJECT_DIR/.caws/worktrees.json" ]]; then
-  exit 0
-fi
-
-if ! command -v node >/dev/null 2>&1; then
-  exit 0
-fi
-
-# Use the hook input's cwd (where the agent is actually working), not
-# CLAUDE_PROJECT_DIR (which always points to the main repo root, even when the
-# agent has cd'd into a worktree at .caws/worktrees/<name>/).
-AGENT_DIR="${HOOK_CWD:-${CLAUDE_PROJECT_DIR:-.}}"
-CURRENT_BRANCH=$(cd "$AGENT_DIR" && git rev-parse --abbrev-ref HEAD 2>/dev/null || echo "unknown")
-
-WT_INFO=$(node -e "
-  try {
-    var reg = JSON.parse(require('fs').readFileSync('$PROJECT_DIR/.caws/worktrees.json', 'utf8'));
-    var active = Object.values(reg.worktrees || {}).filter(function(w) {
-      return (w.status === 'active' || w.status === 'fresh' || w.status === 'merged') && w.baseBranch === '$CURRENT_BRANCH';
-    });
-    console.log(active.length + ':' + active.map(function(w) { return w.name; }).join(', '));
-  } catch(e) { console.log('0:'); }
-" 2>/dev/null || echo "0:")
-
-WT_COUNT=$(echo "$WT_INFO" | cut -d: -f1)
-WT_NAMES=$(echo "$WT_INFO" | cut -d: -f2)
-
-if [[ "$WT_COUNT" -le 0 ]] 2>/dev/null; then
-  exit 0
-fi
-
-# Main is blocked during active worktree work because shared unstaged state makes
-# agents stash, checkpoint, or explain each other's edits. Keep direct main edits
-# limited to coordination/docs/scratch paths, then use active spec scope below to
-# permit only files no worktree claims.
-if [[ -n "$FILE_PATH" ]]; then
-  case "$FILE_PATH" in
-    .caws/*|*/.caws/*) exit 0 ;;
-    .claude/*|*/.claude/*) exit 0 ;;
-    .gitignore|*/.gitignore) exit 0 ;;
-    .tmp/*|*/.tmp/*) exit 0 ;;
-    tmp/*|*/tmp/*) exit 0 ;;
-    .archive/*|*/.archive/*) exit 0 ;;
-    .githooks/*|*/.githooks/*) exit 0 ;;
-    .github/*|*/.github/*) exit 0 ;;
-    docs/*|*/docs/*) exit 0 ;;
-  esac
-fi
-
-if [[ -n "$FILE_PATH" ]]; then
-  REL_PATH="$FILE_PATH"
-  if [[ "$FILE_PATH" == "$PROJECT_DIR"/* ]]; then
-    REL_PATH="${FILE_PATH#$PROJECT_DIR/}"
-  fi
-
-  SPEC_CONTENTION_CHECK=$(PROJECT_DIR="$PROJECT_DIR" CURRENT_BRANCH="$CURRENT_BRANCH" REL_PATH="$REL_PATH" node -e "
-    var fs = require('fs');
-    var path = require('path');
-    var yaml;
-
-    try {
-      yaml = require('js-yaml');
-    } catch (_) {
-      console.log('unknown:no-js-yaml');
-      process.exit(0);
-    }
-
-    function globToRegExp(pattern) {
-      return new RegExp(String(pattern).replace(/\\*/g, '.*').replace(/\\?/g, '.'));
-    }
-
-    try {
-      var projectDir = process.env.PROJECT_DIR;
-      var currentBranch = process.env.CURRENT_BRANCH;
-      var relPath = process.env.REL_PATH;
-      var registryPath = path.join(projectDir, '.caws', 'worktrees.json');
-      var registry = JSON.parse(fs.readFileSync(registryPath, 'utf8'));
-      var worktrees = Object.values(registry.worktrees || {}).filter(function(w) {
-        return (w.status === 'active' || w.status === 'fresh' || w.status === 'merged') && w.baseBranch === currentBranch;
-      });
-
-      if (worktrees.length === 0) {
-        console.log('unknown:no-registry-worktrees');
-        process.exit(0);
-      }
-
-      for (var wi = 0; wi < worktrees.length; wi++) {
-        var wt = worktrees[wi];
-        if (!wt.specId) {
-          console.log('unknown:missing-specId:' + (wt.name || 'unnamed'));
-          process.exit(0);
-        }
-
-        var specPath = path.join(projectDir, '.caws', 'specs', wt.specId + '.yaml');
-        if (!fs.existsSync(specPath)) {
-          specPath = path.join(projectDir, '.caws', 'specs', wt.specId + '.yml');
-        }
-        if (!fs.existsSync(specPath)) {
-          console.log('unknown:missing-spec:' + wt.specId);
-          process.exit(0);
-        }
-
-        var spec = yaml.load(fs.readFileSync(specPath, 'utf8')) || {};
-        var scope = spec.scope || {};
-        var patterns = []
-          .concat(Array.isArray(scope.in) ? scope.in : [])
-          .concat(Array.isArray(scope.out) ? scope.out : []);
-
-        if (patterns.length === 0) {
-          console.log('unknown:missing-scope:' + wt.specId);
-          process.exit(0);
-        }
-
-        for (var pi = 0; pi < patterns.length; pi++) {
-          if (globToRegExp(patterns[pi]).test(relPath)) {
-            console.log('claimed:' + (wt.name || wt.specId) + ':' + patterns[pi]);
-            process.exit(0);
-          }
-        }
-      }
-
-      console.log('clear');
-    } catch (error) {
-      console.log('unknown:' + error.message);
-    }
-  " 2>/dev/null || echo "unknown:node-error")
-
-  if [[ "$SPEC_CONTENTION_CHECK" == "clear" ]]; then
-    exit 0
-  fi
-fi
-
-# Allow edits during an active merge (conflict resolution).
-# The worktree-isolation rules explicitly permit merge commits on the base branch.
-# Conflict resolution requires Write/Edit on the conflicted files.
-MERGE_HEAD_PATH=$(cd "$AGENT_DIR" && git rev-parse --git-dir 2>/dev/null || echo ".git")
-if [[ -f "$MERGE_HEAD_PATH/MERGE_HEAD" ]]; then
-  exit 0
-fi
-
-# Block: we're on the base branch with active worktrees
-echo "BLOCKED: Cannot write/edit files on '$CURRENT_BRANCH' while $WT_COUNT worktree(s) are active: $WT_NAMES" >&2
-echo "" >&2
-echo "You MUST work in a worktree, not on the base branch." >&2
-echo "  To use an existing worktree: cd $PROJECT_DIR/.caws/worktrees/<name>/" >&2
-echo "  To create a new worktree:    caws worktree create <name>" >&2
-echo "" >&2
-echo "Do NOT make changes on main and create a worktree retroactively." >&2
-echo "The worktree must exist BEFORE you start making changes." >&2
-echo "" >&2
-echo "If you are merging a worktree branch, use: caws worktree merge <name>" >&2
-echo "Or start the merge first (git merge --no-ff <branch>), then resolve conflicts." >&2
-exit 2

package/templates/.claude/rules/git-safety.md

@@ -1,26 +0,0 @@
----
-description: Git safety rules for all agents
-globs:
----
-
-# Git Safety
-
-## Commit discipline
-
-- Commit after each logical unit of work (a module + its tests, a bugfix, a refactor pass)
-- Use conventional commits: `feat:`, `fix:`, `refactor:`, `docs:`, `chore:`, `test:`, `perf:`
-- Never accumulate uncommitted changes across multiple unrelated concerns
-- Never leave uncommitted changes at session end; commit as `wip(<scope>): <description>` if incomplete
-
-## Forbidden operations
-
-- `git push --force` or `git push -f` -- never rewrite remote history
-- `git reset --hard` -- use `git stash` or `git checkout -- <file>` for targeted reverts (but not during parallel work)
-- `git clean -f` -- may delete another agent's untracked files
-- `git checkout .` or `git restore .` -- bulk discard is dangerous
-
-## Branch hygiene
-
-- Work on feature branches, not directly on main/master
-- One concern per branch
-- Delete branches after merging

package/templates/.claude/rules/worktree-isolation.md

@@ -1,101 +0,0 @@
----
-description: Rules for safe multi-agent git worktree isolation
-globs:
----
-
-# Multi-Agent Worktree Safety
-
-When multiple agents are working on this project, each agent MUST work in its own git worktree. Never have two agents committing to the same branch.
-
-## Before starting work
-
-1. Check if worktrees exist: `caws worktree list` shows all active worktrees with last commit time and owner
-2. Check who's actually working: `caws agents list` shows registered sessions and their bound worktree/spec, formatted as `<sessionId>:<platform>`
-3. If you're inside a worktree, run `caws status` — the Claim panel shows the current owner, last heartbeat, and any session-log path under `tmp/<sessionId>/`
-4. If worktrees are active and you are on the base branch, switch to your assigned worktree
-5. If no worktree exists for you, create one with `caws worktree create <name>` or `caws parallel setup <plan-file>`
-6. **Never touch a worktree you did not create.** Do not destroy, prune, stash, or "clean up" another agent's worktree — even if it looks stale. Another agent may be actively working in it. If you think a worktree is abandoned, leave it alone and let the user decide.
-
-## Foreign-claim soft-block
-
-`caws worktree bind`, `merge`, and `claim` refuse to mutate a worktree whose `worktrees.json:owner` is a session id different from the current session — unless `--takeover` is supplied. The refusal prints a structured warning naming the claimer, the heartbeat age, any session-log pointer under `tmp/<sessionId>/`, and the exact `--takeover` command:
-
-```
-Worktree 'wt-foo' is claimed by 8be65780-...:claude-code
-   Last heartbeat: 2026-04-27T17:04:00Z (23 min ago)
-   Session log:    tmp/8be65780-72e0-4fc7-a989-4ebac148c18d
-                   15 turns, last turn 2026-04-27T17:26:49Z
-   To proceed:     caws worktree claim wt-foo --takeover
-```
-
-**Decision-gating uses session-id equality only.** A stale heartbeat is NOT authorization to take over — paused sessions are not ended sessions. Read the session log under `tmp/<sessionId>/` for context first. Take over only when you have explicit user authorization.
-
-`--takeover` writes a durable `prior_owners` audit on the worktree entry (sessionId, platform, lastSeen-at-takeover, takenOver_at) so the handoff is traceable in `worktrees.json`, not just in agent memory.
-
-## Forbidden operations when worktrees are active
-
-- `git commit --amend` -- rewrites history that other agents depend on
-- `git rebase` -- rewrites branch history; the hook blocks this automatically while worktrees are active. If you need code from main, create a new worktree from current main instead
-- `git cherry-pick` -- replays commits across branches; blocked while worktrees are active to prevent cross-boundary contamination
-- `git stash` / `git stash pop` -- stash is shared across all worktrees; using it can destroy another agent's uncommitted work
-- `git reset --hard` -- discards work that other agents may depend on
-- `git push --force` -- rewrites remote history
-- Direct commits to the base branch -- only `merge(worktree):` and `wip(checkpoint):` formats are allowed
-- Copying files between your worktree and the main repo directory -- defeats isolation
-- Destroying another agent's worktree -- even with `--force`. If you did not create it, do not destroy it. Period.
-
-## Merging worktree branches back to base
-
-Merge commits ARE allowed on the base branch while other worktrees are active. This lets you incrementally merge completed work without waiting for all agents to finish.
-
-### Recommended: use `caws worktree merge`
-
-The `merge` command handles the full sequence (conflict check, destroy, merge, cleanup):
-
-```bash
-# Preview conflicts before merging
-caws worktree merge <name> --dry-run
-
-# Merge (destroys worktree, merges branch, deletes branch)
-caws worktree merge <name>
-
-# Merge with custom commit message
-caws worktree merge <name> --message "merge(worktree): description of changes"
-```
-
-### Manual merge (if you need more control)
-
-1. Destroy the worktree first: `caws worktree destroy <name>`
-2. Switch to the base branch: `git checkout main`
-3. Merge with: `git merge --no-ff <worktree-branch>`
-4. The commit-msg hook enforces the `merge(worktree): <description>` format for non-FF merges
-5. For manual merge commits: `git commit -m "merge(worktree): integrate scenarios work"`
-
-### Conflict resolution during merge
-
-The write guard allows edits on the base branch while a merge is in progress (MERGE_HEAD exists). This lets you resolve merge conflicts without needing to abort and retry. After resolving, commit with the `merge(worktree):` format.
-
-## What the write guard allows on the base branch
-
-Even when worktrees are active, the following edits are allowed on the base branch:
-
-- `.claude/` and `.caws/` configuration files
-- `docs/` directory (documentation changes are benign)
-- Any file while a merge is in progress (conflict resolution)
-
-## Virtual environment in worktrees
-
-Do NOT create a new virtual environment in your worktree. Use the main repo's venv:
-
-```bash
-source <main-repo-path>/.venv/bin/activate
-```
-
-If your project uses `.caws/scope.json`, the `designatedVenvPath` field specifies the correct venv location.
-
-## When your work is done
-
-1. Commit all changes to your worktree branch
-2. Run tests in your worktree to verify
-3. Merge: `caws worktree merge <name>` (handles destroy + merge + branch cleanup)
-4. Or manually: destroy worktree, then `git merge --no-ff <branch>`, then delete branch

package/templates/.claude/settings.json

@@ -1,141 +0,0 @@
-{
-  "hooks": {
-    "PreToolUse": [
-      {
-        "matcher": "Bash",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/block-dangerous.sh",
-            "timeout": 10
-          },
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/worktree-guard.sh",
-            "timeout": 10
-          }
-        ]
-      },
-      {
-        "matcher": "Read",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/scan-secrets.sh",
-            "timeout": 10
-          }
-        ]
-      },
-      {
-        "matcher": "Write|Edit",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/protected-paths.sh",
-            "timeout": 5
-          },
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/worktree-write-guard.sh",
-            "timeout": 10
-          },
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/scope-guard.sh",
-            "timeout": 10
-          }
-        ]
-      }
-    ],
-    "PostToolUse": [
-      {
-        "matcher": "Write|Edit",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/quality-check.sh",
-            "timeout": 30
-          },
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/validate-spec.sh",
-            "timeout": 15
-          },
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/naming-check.sh",
-            "timeout": 10
-          },
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/doc-frontmatter-check.sh",
-            "timeout": 10
-          },
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/audit.sh tool-use",
-            "timeout": 5
-          }
-        ]
-      },
-      {
-        "matcher": "Bash",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/audit.sh tool-use",
-            "timeout": 5
-          }
-        ]
-      }
-    ],
-    "SessionStart": [
-      {
-        "hooks": [
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/audit.sh session-start",
-            "timeout": 5
-          },
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/session-log.sh",
-            "timeout": 5
-          }
-        ]
-      }
-    ],
-    "Stop": [
-      {
-        "hooks": [
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/audit.sh stop",
-            "timeout": 5
-          },
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/stop-worktree-check.sh",
-            "timeout": 10
-          },
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/session-log.sh",
-            "timeout": 5
-          }
-        ]
-      }
-    ],
-    "PreCompact": [
-      {
-        "hooks": [
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/session-log.sh",
-            "timeout": 10
-          }
-        ]
-      }
-    ]
-  }
-}