@paths.design/caws-cli 8.0.1 → 8.2.0

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@paths.design/caws-cli",
-  "version": "8.0.1",
-  "description": "CAWS CLI - Coding Agent Workflow System command line tools",
+  "version": "8.2.0",
+  "description": "CAWS CLI - Coding Agent Workflow System command-line tools for spec management, quality gates, and AI-assisted development",
   "main": "dist/index.js",
   "bin": {
     "caws": "dist/index.js"
@@ -33,7 +33,8 @@
     "format": "prettier --write src/**/*.js tests/**/*.js",
     "validate": "echo 'CLI package validation not required'",
     "caws:validate": "node ../../.caws/validate.js ../../.caws/working-spec.yaml",
-    "clean": "rm -rf dist test-caws-project .agent && npm run test:cleanup"
+    "clean": "rm -rf dist test-caws-project .agent && npm run test:cleanup",
+    "prepare": "husky"
   },
   "keywords": [
     "caws",
@@ -50,6 +51,10 @@
     "url": "https://github.com/Paths-Design/coding-agent-working-standard.git",
     "directory": "packages/caws-cli"
   },
+  "publishConfig": {
+    "registry": "https://registry.npmjs.org/",
+    "access": "public"
+  },
   "dependencies": {
     "chalk": "4.1.2",
     "commander": "^11.0.0",
@@ -69,6 +74,7 @@
     "ajv": "8.17.1",
     "esbuild": "0.25.10",
     "eslint": "^9.0.0",
+    "husky": "9.1.7",
     "jest": "30.1.3",
     "js-yaml": "4.1.0",
     "lint-staged": "15.5.2",

package/templates/.caws/schemas/scope.schema.json

@@ -0,0 +1,52 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "title": "CAWS Lite Scope Configuration",
+  "description": "Scope configuration for CAWS lite mode — guardrails without YAML specs",
+  "type": "object",
+  "required": ["version", "allowedDirectories"],
+  "properties": {
+    "version": {
+      "type": "integer",
+      "const": 1,
+      "description": "Schema version"
+    },
+    "allowedDirectories": {
+      "type": "array",
+      "items": { "type": "string" },
+      "minItems": 1,
+      "description": "Directories the agent is allowed to modify (e.g., src/, tests/)"
+    },
+    "bannedPatterns": {
+      "type": "object",
+      "properties": {
+        "files": {
+          "type": "array",
+          "items": { "type": "string" },
+          "description": "Glob patterns for banned file names (e.g., *-enhanced.*, *-final.*)"
+        },
+        "directories": {
+          "type": "array",
+          "items": { "type": "string" },
+          "description": "Glob patterns for banned directory names (e.g., *venv*, .venv)"
+        },
+        "docs": {
+          "type": "array",
+          "items": { "type": "string" },
+          "description": "Glob patterns for banned doc file names (e.g., *-summary.md)"
+        }
+      },
+      "additionalProperties": false
+    },
+    "maxNewFilesPerCommit": {
+      "type": "integer",
+      "minimum": 1,
+      "maximum": 100,
+      "description": "Maximum number of new files allowed per commit (prevents file sprawl)"
+    },
+    "designatedVenvPath": {
+      "type": "string",
+      "description": "The only allowed virtual environment path (e.g., .venv)"
+    }
+  },
+  "additionalProperties": false
+}

package/templates/.caws/schemas/working-spec.schema.json

@@ -16,7 +16,7 @@
     "contracts"
   ],
   "properties": {
-    "id": { "type": "string", "pattern": "^(PROJ|FEAT|FIX|ARCH)-\\d{4}$" },
+    "id": { "type": "string", "pattern": "^[A-Z]{2,6}-\\d{3,4}$" },
     "title": { "type": "string", "minLength": 10, "maxLength": 200 },
     "risk_tier": { "type": ["integer", "string"], "enum": [1, 2, 3, "1", "2", "3"] },
     "mode": { "type": "string", "enum": ["feature", "refactor", "fix", "doc", "chore"] },

package/templates/.caws/schemas/worktrees.schema.json

@@ -0,0 +1,36 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "title": "CAWS Worktree Registry",
+  "description": "Registry of git worktrees managed by CAWS for agent scope isolation",
+  "type": "object",
+  "required": ["version", "worktrees"],
+  "properties": {
+    "version": {
+      "type": "integer",
+      "const": 1
+    },
+    "worktrees": {
+      "type": "object",
+      "additionalProperties": {
+        "type": "object",
+        "required": ["name", "path", "branch", "baseBranch", "createdAt", "status"],
+        "properties": {
+          "name": { "type": "string", "pattern": "^[a-zA-Z0-9_-]+$" },
+          "path": { "type": "string" },
+          "branch": { "type": "string" },
+          "baseBranch": { "type": "string" },
+          "scope": { "type": ["string", "null"] },
+          "specId": { "type": ["string", "null"] },
+          "createdAt": { "type": "string", "format": "date-time" },
+          "destroyedAt": { "type": "string", "format": "date-time" },
+          "status": {
+            "type": "string",
+            "enum": ["active", "orphaned", "missing", "destroyed"]
+          }
+        },
+        "additionalProperties": false
+      }
+    }
+  },
+  "additionalProperties": false
+}

package/templates/.claude/README.md

@@ -0,0 +1,190 @@
+# Claude Code Integration for CAWS
+
+This directory contains Claude Code hooks and configuration for CAWS (Coding Agent Working Standard) integration.
+
+## Overview
+
+CAWS hooks for Claude Code provide:
+
+- **Safety Gates**: Block dangerous commands and scan for secrets
+- **Quality Gates**: Run CAWS quality checks after file edits
+- **Scope Guards**: Validate edits against the working spec's scope
+- **Audit Logging**: Track agent actions for compliance
+
+## Directory Structure
+
+```
+.claude/
+├── settings.json      # Claude Code settings with hooks configuration
+├── hooks/             # Hook scripts
+│   ├── audit.sh           # Session and action logging
+│   ├── block-dangerous.sh # Block destructive commands
+│   ├── scan-secrets.sh    # Warn when reading sensitive files
+│   ├── quality-check.sh   # Run CAWS quality gates
+│   ├── validate-spec.sh   # Validate spec files
+│   ├── scope-guard.sh     # Check scope boundaries
+│   └── naming-check.sh    # Validate file naming conventions
+├── logs/              # Audit logs (gitignored)
+└── README.md          # This file
+```
+
+## Hook Events
+
+### PreToolUse Hooks
+
+Run before Claude executes a tool:
+
+| Hook | Matcher | Purpose |
+|------|---------|---------|
+| `block-dangerous.sh` | `Bash` | Block destructive shell commands |
+| `scan-secrets.sh` | `Read` | Warn when reading sensitive files |
+| `scope-guard.sh` | `Write\|Edit` | Check scope boundaries before edits |
+
+### PostToolUse Hooks
+
+Run after Claude executes a tool:
+
+| Hook | Matcher | Purpose |
+|------|---------|---------|
+| `quality-check.sh` | `Write\|Edit` | Run CAWS quality gates |
+| `validate-spec.sh` | `Write\|Edit` | Validate spec file changes |
+| `naming-check.sh` | `Write` | Check file naming conventions |
+| `audit.sh` | `Write\|Edit\|Bash` | Log tool usage |
+
+### Session Hooks
+
+| Hook | Event | Purpose |
+|------|-------|---------|
+| `audit.sh session-start` | `SessionStart` | Log session start |
+| `audit.sh stop` | `Stop` | Log session end |
+
+## Configuration
+
+### Enable/Disable Hooks
+
+Edit `settings.json` to enable or disable specific hooks. Remove entries from the `hooks` object to disable them.
+
+### Hook Levels
+
+The scaffold supports four hook levels:
+
+- **safety**: Block dangerous commands, scan for secrets
+- **quality**: Run quality gates on file edits
+- **scope**: Validate edits against spec scope
+- **audit**: Log all agent actions
+
+Run `caws init --hooks=safety,quality` to enable specific levels.
+
+## Audit Logs
+
+Audit logs are written to `.claude/logs/`:
+
+- `audit.log` - All-time log (appended)
+- `audit-YYYY-MM-DD.log` - Daily logs
+
+Logs are JSON-formatted for easy parsing:
+
+```json
+{
+  "timestamp": "2024-01-15T10:30:00Z",
+  "session_id": "abc123",
+  "event": "tool_use",
+  "tool": "Write",
+  "file": "src/index.ts",
+  "cwd": "/project"
+}
+```
+
+## Customization
+
+### Adding Custom Hooks
+
+1. Create a new script in `.claude/hooks/`
+2. Make it executable: `chmod +x .claude/hooks/my-hook.sh`
+3. Add it to `settings.json`:
+
+```json
+{
+  "hooks": {
+    "PostToolUse": [
+      {
+        "matcher": "Write|Edit",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/my-hook.sh",
+            "timeout": 10
+          }
+        ]
+      }
+    ]
+  }
+}
+```
+
+### Hook Input/Output
+
+Hooks receive JSON input via stdin:
+
+```json
+{
+  "session_id": "abc123",
+  "hook_event_name": "PostToolUse",
+  "tool_name": "Write",
+  "tool_input": {
+    "file_path": "/path/to/file.ts",
+    "content": "..."
+  },
+  "tool_response": { "success": true }
+}
+```
+
+Hooks can output JSON to control Claude's behavior:
+
+```json
+{
+  "decision": "block",
+  "reason": "Quality gate failed: ..."
+}
+```
+
+Or add context:
+
+```json
+{
+  "hookSpecificOutput": {
+    "hookEventName": "PostToolUse",
+    "additionalContext": "Remember to update the tests."
+  }
+}
+```
+
+## Troubleshooting
+
+### Hooks Not Running
+
+1. Check `settings.json` syntax: `cat .claude/settings.json | jq .`
+2. Verify scripts are executable: `ls -la .claude/hooks/`
+3. Test hooks manually: `echo '{}' | .claude/hooks/audit.sh`
+
+### Permission Errors
+
+Make all hook scripts executable:
+
+```bash
+chmod +x .claude/hooks/*.sh
+```
+
+### Debug Hooks
+
+Run Claude Code with `--debug` to see hook execution details:
+
+```bash
+claude --debug
+```
+
+## Further Reading
+
+- [Claude Code Hooks Documentation](https://code.claude.com/docs/en/hooks)
+- [CAWS Quality Gates](../../docs/quality-gates.md)
+- [CAWS Scope Management](../../docs/scope-management.md)

package/templates/.claude/hooks/audit.sh

@@ -0,0 +1,96 @@
+#!/bin/bash
+# CAWS Audit Hook for Claude Code
+# Logs agent actions for compliance and debugging
+# @author @darianrosebrook
+
+set -euo pipefail
+
+# Get event type from argument or input
+EVENT_TYPE="${1:-tool-use}"
+
+# Read JSON input from stdin
+INPUT=$(cat)
+
+# Parse common fields from Claude Code hook input
+SESSION_ID=$(echo "$INPUT" | jq -r '.session_id // "unknown"')
+CWD=$(echo "$INPUT" | jq -r '.cwd // "."')
+HOOK_EVENT=$(echo "$INPUT" | jq -r '.hook_event_name // "unknown"')
+TOOL_NAME=$(echo "$INPUT" | jq -r '.tool_name // ""')
+PERMISSION_MODE=$(echo "$INPUT" | jq -r '.permission_mode // "default"')
+
+# Ensure log directory exists
+LOG_DIR="${CLAUDE_PROJECT_DIR:-.}/.claude/logs"
+mkdir -p "$LOG_DIR"
+
+# Log file path
+LOG_FILE="$LOG_DIR/audit.log"
+DATE_LOG_FILE="$LOG_DIR/audit-$(date +%Y-%m-%d).log"
+
+# Timestamp
+TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+
+# Build log entry based on event type
+case "$EVENT_TYPE" in
+  session-start)
+    SOURCE=$(echo "$INPUT" | jq -r '.source // "unknown"')
+    MODEL=$(echo "$INPUT" | jq -r '.model // "unknown"')
+    LOG_ENTRY=$(jq -n \
+      --arg ts "$TIMESTAMP" \
+      --arg sid "$SESSION_ID" \
+      --arg event "session_start" \
+      --arg source "$SOURCE" \
+      --arg model "$MODEL" \
+      --arg cwd "$CWD" \
+      '{timestamp: $ts, session_id: $sid, event: $event, source: $source, model: $model, cwd: $cwd}')
+    ;;
+
+  stop)
+    STOP_HOOK_ACTIVE=$(echo "$INPUT" | jq -r '.stop_hook_active // false')
+    LOG_ENTRY=$(jq -n \
+      --arg ts "$TIMESTAMP" \
+      --arg sid "$SESSION_ID" \
+      --arg event "session_stop" \
+      --arg cwd "$CWD" \
+      --argjson hook_active "$STOP_HOOK_ACTIVE" \
+      '{timestamp: $ts, session_id: $sid, event: $event, cwd: $cwd, stop_hook_active: $hook_active}')
+    ;;
+
+  tool-use)
+    # Extract tool-specific info
+    TOOL_INPUT=$(echo "$INPUT" | jq -c '.tool_input // {}')
+    TOOL_RESPONSE=$(echo "$INPUT" | jq -c '.tool_response // {}')
+    TOOL_USE_ID=$(echo "$INPUT" | jq -r '.tool_use_id // ""')
+
+    # For file operations, extract the path
+    FILE_PATH=$(echo "$TOOL_INPUT" | jq -r '.file_path // ""')
+    COMMAND=$(echo "$TOOL_INPUT" | jq -r '.command // ""')
+
+    LOG_ENTRY=$(jq -n \
+      --arg ts "$TIMESTAMP" \
+      --arg sid "$SESSION_ID" \
+      --arg event "tool_use" \
+      --arg tool "$TOOL_NAME" \
+      --arg file "$FILE_PATH" \
+      --arg cmd "$COMMAND" \
+      --arg cwd "$CWD" \
+      --arg mode "$PERMISSION_MODE" \
+      '{timestamp: $ts, session_id: $sid, event: $event, tool: $tool, file: $file, command: $cmd, cwd: $cwd, permission_mode: $mode}')
+    ;;
+
+  *)
+    LOG_ENTRY=$(jq -n \
+      --arg ts "$TIMESTAMP" \
+      --arg sid "$SESSION_ID" \
+      --arg event "$EVENT_TYPE" \
+      --arg hook "$HOOK_EVENT" \
+      --arg cwd "$CWD" \
+      '{timestamp: $ts, session_id: $sid, event: $event, hook_event: $hook, cwd: $cwd}')
+    ;;
+esac
+
+# Append to log files
+echo "$LOG_ENTRY" >> "$LOG_FILE"
+echo "$LOG_ENTRY" >> "$DATE_LOG_FILE"
+
+# Success - allow operation to continue
+exit 0

package/templates/.claude/hooks/block-dangerous.sh

@@ -0,0 +1,123 @@
+#!/bin/bash
+# CAWS Dangerous Command Blocker for Claude Code
+# Blocks potentially destructive shell commands
+# @author @darianrosebrook
+
+set -euo pipefail
+
+# Read JSON input from Claude Code
+INPUT=$(cat)
+
+# Extract tool info
+TOOL_NAME=$(echo "$INPUT" | jq -r '.tool_name // ""')
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // ""')
+
+# Only check Bash tool
+if [[ "$TOOL_NAME" != "Bash" ]] || [[ -z "$COMMAND" ]]; then
+  exit 0
+fi
+
+# Dangerous command patterns
+DANGEROUS_PATTERNS=(
+  # Destructive file operations
+  'rm -rf /'
+  'rm -rf ~'
+  'rm -rf \*'
+  'rm -rf \.'
+  'rm -rf /\*'
+  'dd if=/dev/zero'
+  'dd if=/dev/random'
+  'mkfs\.'
+  'fdisk'
+  '> /dev/sd'
+
+  # Fork bombs and resource exhaustion
+  ':\(\)\{:\|:\&\};:'
+  'while true.*fork'
+
+  # Credential/secret exposure
+  'cat.*\.env'
+  'cat.*/etc/passwd'
+  'cat.*/etc/shadow'
+  'cat.*id_rsa'
+  'cat.*\.ssh/'
+  'cat.*credentials'
+  'cat.*\.aws/'
+
+  # Network exfiltration
+  'curl.*\|.*sh'
+  'wget.*\|.*sh'
+  'curl.*\|.*bash'
+  'wget.*\|.*bash'
+
+  # Permission escalation
+  'chmod 777'
+  'chmod -R 777'
+  'chmod.*\+s'
+
+  # History manipulation
+  'history -c'
+  'rm.*\.bash_history'
+  'rm.*\.zsh_history'
+
+  # System modification
+  'shutdown'
+  'reboot'
+  'init 0'
+  'init 6'
+
+  # Git destructive operations
+  'git init'
+  'git reset --hard'
+  'git push --force'
+  'git push -f '
+  'git push --force-with-lease'
+  'git clean -f'
+  'git checkout \.'
+  'git restore \.'
+
+  # Virtual environment creation (prevents venv sprawl)
+  'python -m venv'
+  'python3 -m venv'
+  'virtualenv '
+  'conda create'
+)
+
+# Check command against dangerous patterns
+for pattern in "${DANGEROUS_PATTERNS[@]}"; do
+  if echo "$COMMAND" | grep -qiE "$pattern"; then
+    # Allow git init in worktree context
+    if [[ "$pattern" == "git init" ]] && [[ "${CAWS_WORKTREE_CONTEXT:-0}" == "1" ]]; then
+      continue
+    fi
+
+    # Allow venv commands if target matches designated venv path from scope.json
+    if echo "$pattern" | grep -qE '(python.*venv|virtualenv|conda create)'; then
+      PROJECT_DIR="${CLAUDE_PROJECT_DIR:-.}"
+      SCOPE_FILE="$PROJECT_DIR/.caws/scope.json"
+      if [[ -f "$SCOPE_FILE" ]] && command -v node >/dev/null 2>&1; then
+        DESIGNATED_VENV=$(node -e "try { const s = JSON.parse(require('fs').readFileSync('$SCOPE_FILE','utf8')); console.log(s.designatedVenvPath || ''); } catch(e) { console.log(''); }" 2>/dev/null || echo "")
+        if [[ -n "$DESIGNATED_VENV" ]] && echo "$COMMAND" | grep -qF "$DESIGNATED_VENV"; then
+          continue
+        fi
+      fi
+    fi
+
+    # Output to stderr for Claude to see
+    echo "BLOCKED: Command matches dangerous pattern: $pattern" >&2
+    echo "Command was: $COMMAND" >&2
+
+    # Exit code 2 blocks the tool and shows stderr to Claude
+    exit 2
+  fi
+done
+
+# Check for sudo without specific allowed commands
+if echo "$COMMAND" | grep -qE '^sudo\s' && ! echo "$COMMAND" | grep -qE 'sudo (npm|yarn|pnpm|brew|apt-get|apt|dnf|yum)'; then
+  echo "BLOCKED: sudo commands require explicit approval" >&2
+  echo "If this command is safe, please run it manually in your terminal" >&2
+  exit 2
+fi
+
+# Allow the command
+exit 0

package/templates/.claude/hooks/lite-sprawl-check.sh

@@ -0,0 +1,117 @@
+#!/bin/bash
+# CAWS Lite-Mode Sprawl Check Hook
+# Checks for file sprawl patterns (banned names, venv dirs, doc sprawl)
+# @author @darianrosebrook
+
+set -euo pipefail
+
+# Read JSON input from Claude Code
+INPUT=$(cat)
+
+# Extract tool info
+TOOL_NAME=$(echo "$INPUT" | jq -r '.tool_name // ""')
+FILE_PATH=$(echo "$INPUT" | jq -r '.tool_input.file_path // ""')
+
+# Only check Write operations (new file creation)
+if [[ "$TOOL_NAME" != "Write" ]]; then
+  exit 0
+fi
+
+if [[ -z "$FILE_PATH" ]]; then
+  exit 0
+fi
+
+PROJECT_DIR="${CLAUDE_PROJECT_DIR:-.}"
+SCOPE_FILE="$PROJECT_DIR/.caws/scope.json"
+
+# Only active in lite mode (scope.json present, no working-spec.yaml)
+if [[ ! -f "$SCOPE_FILE" ]]; then
+  exit 0
+fi
+
+# Get relative path
+# Get relative path (portable — macOS realpath lacks --relative-to)
+if [[ "$FILE_PATH" == "$PROJECT_DIR"/* ]]; then
+  REL_PATH="${FILE_PATH#$PROJECT_DIR/}"
+else
+  REL_PATH="$FILE_PATH"
+fi
+BASENAME=$(basename "$REL_PATH")
+
+# Use Node.js to check banned patterns
+if command -v node >/dev/null 2>&1; then
+  SPRAWL_CHECK=$(node -e "
+    const fs = require('fs');
+    const path = require('path');
+    try {
+      const scope = JSON.parse(fs.readFileSync('$SCOPE_FILE', 'utf8'));
+      const filePath = '$REL_PATH';
+      const basename = '$BASENAME';
+      const banned = scope.bannedPatterns || {};
+
+      function matchGlob(str, pattern) {
+        const regex = new RegExp('^' + pattern.replace(/\\*/g, '.*').replace(/\\?/g, '.') + '$');
+        return regex.test(str);
+      }
+
+      // Check banned file patterns
+      for (const p of (banned.files || [])) {
+        if (matchGlob(basename, p)) {
+          console.log('banned_file:' + p);
+          process.exit(0);
+        }
+      }
+
+      // Check banned doc patterns
+      for (const p of (banned.docs || [])) {
+        if (matchGlob(basename, p)) {
+          console.log('banned_doc:' + p);
+          process.exit(0);
+        }
+      }
+
+      // Check banned directory patterns
+      const parts = filePath.split('/');
+      for (const part of parts) {
+        for (const p of (banned.directories || [])) {
+          if (matchGlob(part, p)) {
+            console.log('banned_dir:' + p + ':' + part);
+            process.exit(0);
+          }
+        }
+      }
+
+      console.log('ok');
+    } catch (error) {
+      console.log('error:' + error.message);
+    }
+  " 2>&1)
+
+  if [[ "$SPRAWL_CHECK" == banned_file:* ]]; then
+    PATTERN="${SPRAWL_CHECK#banned_file:}"
+    echo "BLOCKED: File name matches banned sprawl pattern: $PATTERN" >&2
+    echo "File: $REL_PATH" >&2
+    echo "Banned patterns prevent shadow files like *-enhanced.*, *-final.*, *-v2.*, *-copy.*" >&2
+    echo "Instead, modify the original file directly." >&2
+    exit 2
+  fi
+
+  if [[ "$SPRAWL_CHECK" == banned_doc:* ]]; then
+    PATTERN="${SPRAWL_CHECK#banned_doc:}"
+    echo "BLOCKED: Doc file matches banned sprawl pattern: $PATTERN" >&2
+    echo "File: $REL_PATH" >&2
+    echo "Avoid creating many summary/recap/plan files. Update existing documentation instead." >&2
+    exit 2
+  fi
+
+  if [[ "$SPRAWL_CHECK" == banned_dir:* ]]; then
+    IFS=':' read -r _ PATTERN DIR_NAME <<< "$SPRAWL_CHECK"
+    echo "BLOCKED: Directory matches banned pattern: $PATTERN (directory: $DIR_NAME)" >&2
+    echo "File: $REL_PATH" >&2
+    echo "Use the designated venv path instead of creating new virtual environments." >&2
+    exit 2
+  fi
+fi
+
+# Allow the operation
+exit 0