@pugi/cli 0.1.0-alpha.9 → 0.1.0-beta.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +33 -0
- package/THIRD_PARTY_NOTICES.md +40 -0
- package/assets/pugi-mascot.ansi +16 -0
- package/dist/commands/deploy.js +439 -0
- package/dist/core/agents/loader.js +104 -0
- package/dist/core/agents/registry.js +1 -1
- package/dist/core/consensus/anvil-fanout.js +276 -0
- package/dist/core/consensus/diff-capture.js +382 -0
- package/dist/core/consensus/rubric.js +233 -0
- package/dist/core/context/index.js +21 -0
- package/dist/core/context/pugiignore.js +316 -0
- package/dist/core/context/repo-skeleton.js +533 -0
- package/dist/core/context/watcher.js +342 -0
- package/dist/core/context/working-set.js +165 -0
- package/dist/core/edits/dispatch.js +185 -0
- package/dist/core/edits/index.js +15 -0
- package/dist/core/edits/layer-a-apply.js +217 -0
- package/dist/core/edits/layer-b-apply.js +211 -0
- package/dist/core/edits/layer-c-apply.js +160 -0
- package/dist/core/edits/layer-d-ast.js +29 -0
- package/dist/core/edits/marker-parser.js +401 -0
- package/dist/core/edits/security-gate.js +223 -0
- package/dist/core/edits/worktree.js +322 -0
- package/dist/core/engine/native-pugi.js +6 -1
- package/dist/core/engine/prompts.js +8 -0
- package/dist/core/engine/tool-bridge.js +33 -1
- package/dist/core/lsp/client.js +719 -0
- package/dist/core/repl/ask.js +512 -0
- package/dist/core/repl/cancellation.js +98 -0
- package/dist/core/repl/dispatch-fsm.js +220 -0
- package/dist/core/repl/privacy-banner.js +71 -0
- package/dist/core/repl/session.js +1908 -13
- package/dist/core/repl/slash-commands.js +92 -32
- package/dist/core/repl/store/index.js +12 -0
- package/dist/core/repl/store/jsonl-log.js +321 -0
- package/dist/core/repl/store/lockfile.js +155 -0
- package/dist/core/repl/store/session-store.js +792 -0
- package/dist/core/repl/store/types.js +44 -0
- package/dist/core/repl/store/uuid-v7.js +68 -0
- package/dist/core/repl/workspace-context.js +72 -1
- package/dist/core/skills/defaults.js +457 -0
- package/dist/core/skills/loader.js +454 -0
- package/dist/core/skills/sources.js +480 -0
- package/dist/core/skills/trust.js +172 -0
- package/dist/runtime/cli.js +998 -12
- package/dist/runtime/commands/agents.js +385 -0
- package/dist/runtime/commands/config.js +338 -8
- package/dist/runtime/commands/delegate.js +289 -0
- package/dist/runtime/commands/lsp.js +206 -0
- package/dist/runtime/commands/patch.js +128 -0
- package/dist/runtime/commands/review-consensus.js +399 -0
- package/dist/runtime/commands/roster.js +117 -0
- package/dist/runtime/commands/skills.js +401 -0
- package/dist/runtime/commands/worktree.js +177 -0
- package/dist/runtime/plan-decompose.js +531 -0
- package/dist/tools/apply-patch.js +495 -0
- package/dist/tools/file-tools.js +90 -0
- package/dist/tools/lsp-tools.js +189 -0
- package/dist/tools/registry.js +26 -0
- package/dist/tools/web-fetch.js +1 -1
- package/dist/tui/agent-tree-pane.js +9 -0
- package/dist/tui/ask-cli.js +52 -0
- package/dist/tui/ask-modal.js +211 -0
- package/dist/tui/conversation-pane.js +48 -3
- package/dist/tui/input-box.js +48 -5
- package/dist/tui/markdown-render.js +266 -0
- package/dist/tui/repl-render.js +319 -3
- package/dist/tui/repl-splash-mascot.js +130 -0
- package/dist/tui/repl-splash.js +7 -1
- package/dist/tui/repl.js +96 -12
- package/dist/tui/status-bar.js +63 -3
- package/dist/tui/tool-stream-pane.js +91 -0
- package/docs/examples/codegraph.mcp.json +10 -0
- package/package.json +14 -6
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Persistent REPL session store — Sprint α6.4 (PR-PUGI-CLI-SESSION-STORE).
|
|
3
|
+
*
|
|
4
|
+
* Public types consumed by the REPL session module + the `pugi sessions`
|
|
5
|
+
* / `pugi resume` dispatchers. Wire format is stable:
|
|
6
|
+
*
|
|
7
|
+
* - `SessionRow` mirrors the SQLite `sessions` table one-to-one and is
|
|
8
|
+
* also the JSON shape returned by `pugi sessions --json`. Field names
|
|
9
|
+
* are camelCase (PascalCase types, camelCase fields per CLAUDE.md
|
|
10
|
+
* conventions). The SQL columns themselves stay snake_case because
|
|
11
|
+
* they originate from raw SQL.
|
|
12
|
+
*
|
|
13
|
+
* - `SessionEvent` is the on-disk shape of one line in
|
|
14
|
+
* `events.<n>.jsonl`. `kind` is a closed union; `payload` is an
|
|
15
|
+
* opaque JSON value so the producer can attach whatever fields the
|
|
16
|
+
* event type requires without forcing the store to change.
|
|
17
|
+
*
|
|
18
|
+
* - `SessionListOptions` / `SessionLoadEventsOptions` /
|
|
19
|
+
* `SessionSearchOptions` are inputs the store accepts. Defaults are
|
|
20
|
+
* spec'd inline so the test plan can pin them without reading the
|
|
21
|
+
* implementation.
|
|
22
|
+
*
|
|
23
|
+
* The blob store + `pugi undo` + named checkpoints are α6.4b follow-ups
|
|
24
|
+
* — out of scope for THIS PR per spec. The types here intentionally do
|
|
25
|
+
* NOT model blob refs so a future blob-store landing can extend without
|
|
26
|
+
* a wire break.
|
|
27
|
+
*/
|
|
28
|
+
/**
|
|
29
|
+
* Concrete shape of the lock detection error so the caller can branch
|
|
30
|
+
* on `error.code === 'EBUSY_SESSION_LOCK'` rather than parsing the
|
|
31
|
+
* message. The store is the only thrower of this error.
|
|
32
|
+
*/
|
|
33
|
+
export class SessionLockBusyError extends Error {
|
|
34
|
+
code = 'EBUSY_SESSION_LOCK';
|
|
35
|
+
holderPid;
|
|
36
|
+
lockPath;
|
|
37
|
+
constructor(holderPid, lockPath) {
|
|
38
|
+
super(`Another pugi process (pid ${holderPid}) holds the session lock at ${lockPath}.`);
|
|
39
|
+
this.name = 'SessionLockBusyError';
|
|
40
|
+
this.holderPid = holderPid;
|
|
41
|
+
this.lockPath = lockPath;
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
//# sourceMappingURL=types.js.map
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* UUID v7 generator — Sprint α6.4 (PR-PUGI-CLI-SESSION-STORE).
|
|
3
|
+
*
|
|
4
|
+
* uuid v7 (RFC 9562 draft) is a time-sortable 128-bit identifier whose
|
|
5
|
+
* first 48 bits are the unix-epoch milliseconds, the next 4 bits are
|
|
6
|
+
* the version (0b0111), the next 12 bits are sub-millisecond random
|
|
7
|
+
* entropy, the next 2 bits are the IETF variant (0b10), and the last
|
|
8
|
+
* 62 bits are random.
|
|
9
|
+
*
|
|
10
|
+
* Why v7 and not v4 (random) or v6 (gregorian time):
|
|
11
|
+
*
|
|
12
|
+
* - The session id IS the primary key of the SQLite table. We want
|
|
13
|
+
* inserts to land at the end of the b-tree to keep page fanout
|
|
14
|
+
* small. v4 fragments the tree (uniformly random keys); v7 sorts
|
|
15
|
+
* in time order so inserts are append-only.
|
|
16
|
+
* - `pugi sessions` sorts by `updated_at DESC` for display, but the
|
|
17
|
+
* pagination cursor uses the session id directly — a v7 id IS the
|
|
18
|
+
* creation timestamp, so the cursor is a single column compare
|
|
19
|
+
* instead of (updated_at, id) tuple.
|
|
20
|
+
* - Operators see ids in `/resume` picker; v7 prefix is monotonically
|
|
21
|
+
* increasing so the most recent session lands at the bottom of an
|
|
22
|
+
* id sort, matching the human expectation of "newest last".
|
|
23
|
+
*
|
|
24
|
+
* Node 22 does not ship a v7 generator (`crypto.randomUUID()` is v4
|
|
25
|
+
* only). We implement it inline with `crypto.randomBytes(10)` for the
|
|
26
|
+
* entropy bits — 10 bytes covers the 12-bit random + 62-bit random
|
|
27
|
+
* fields with one syscall.
|
|
28
|
+
*
|
|
29
|
+
* Format: `xxxxxxxx-xxxx-7xxx-yxxx-xxxxxxxxxxxx` where `y` is 8/9/a/b.
|
|
30
|
+
*/
|
|
31
|
+
import { randomBytes } from 'node:crypto';
|
|
32
|
+
/**
|
|
33
|
+
* Mint a fresh uuid v7. The `now` parameter is injectable for tests so
|
|
34
|
+
* the generated id is deterministic when the test fixes the clock.
|
|
35
|
+
* Production callers pass `Date.now`.
|
|
36
|
+
*/
|
|
37
|
+
export function uuidV7(now = Date.now) {
|
|
38
|
+
const ms = Math.floor(now());
|
|
39
|
+
// 48-bit timestamp (6 bytes).
|
|
40
|
+
const tsHex = ms.toString(16).padStart(12, '0');
|
|
41
|
+
// 10 bytes of entropy: 12 random bits go into octet 6 (after the 4
|
|
42
|
+
// version bits), 2 variant bits go into octet 8 (high nibble 8/9/a/b),
|
|
43
|
+
// the remaining 62 bits fill octets 9..15.
|
|
44
|
+
const rand = randomBytes(10);
|
|
45
|
+
// Set version (high nibble of octet 6) to 7.
|
|
46
|
+
rand[0] = ((rand[0] ?? 0) & 0x0f) | 0x70;
|
|
47
|
+
// Set IETF variant (high two bits of octet 8) to 0b10.
|
|
48
|
+
rand[2] = ((rand[2] ?? 0) & 0x3f) | 0x80;
|
|
49
|
+
const hex = Array.from(rand, (b) => b.toString(16).padStart(2, '0')).join('');
|
|
50
|
+
// Assemble: 8-4-4-4-12.
|
|
51
|
+
return (`${tsHex.slice(0, 8)}-${tsHex.slice(8, 12)}-${hex.slice(0, 4)}-`
|
|
52
|
+
+ `${hex.slice(4, 8)}-${hex.slice(8, 20)}`);
|
|
53
|
+
}
|
|
54
|
+
/**
|
|
55
|
+
* Extract the unix-ms timestamp from a uuid v7. Returns null when the
|
|
56
|
+
* input is not a v7 id (wrong version nibble, wrong shape). Used by
|
|
57
|
+
* `pugi sessions` to render "created N seconds ago" without reading
|
|
58
|
+
* the SQLite row.
|
|
59
|
+
*/
|
|
60
|
+
export function uuidV7Timestamp(id) {
|
|
61
|
+
if (!/^[0-9a-f]{8}-[0-9a-f]{4}-7[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i
|
|
62
|
+
.test(id)) {
|
|
63
|
+
return null;
|
|
64
|
+
}
|
|
65
|
+
const hex = id.slice(0, 8) + id.slice(9, 13);
|
|
66
|
+
return Number.parseInt(hex, 16);
|
|
67
|
+
}
|
|
68
|
+
//# sourceMappingURL=uuid-v7.js.map
|
|
@@ -29,6 +29,16 @@ import { basename, resolve as resolvePath } from 'node:path';
|
|
|
29
29
|
import { slugForCwd } from './history.js';
|
|
30
30
|
/** Cap on the PUGI.md head we forward. Mirrors the admin-api clamp. */
|
|
31
31
|
const PUGI_MD_HEAD_LIMIT = 200;
|
|
32
|
+
/**
|
|
33
|
+
* Workspace label shown when the cwd has no project markers (no .git,
|
|
34
|
+
* no package.json, no PUGI.md). Per CEO 2026-05-25 dogfood, the
|
|
35
|
+
* previous behaviour leaked the parent directory basename (e.g.
|
|
36
|
+
* `codeforge-io`) into the splash as if it were a real workspace,
|
|
37
|
+
* confusing Mira/Pugi about what repo she was looking at. The
|
|
38
|
+
* unbound label is a single explicit string so the splash + status bar
|
|
39
|
+
* read the same warning. (α6.14.2 wave 5.)
|
|
40
|
+
*/
|
|
41
|
+
export const UNBOUND_WORKSPACE_LABEL = '(not bound - run /init OR cd into project)';
|
|
32
42
|
/**
|
|
33
43
|
* Resolve a `ReplWorkspaceContext` from the operator's working directory.
|
|
34
44
|
* Returns a bundle with at least `workspaceCwd` + `workspaceSlug` +
|
|
@@ -38,13 +48,74 @@ const PUGI_MD_HEAD_LIMIT = 200;
|
|
|
38
48
|
export function resolveWorkspaceContext(cwd) {
|
|
39
49
|
const normalised = resolvePath(cwd);
|
|
40
50
|
const slug = slugForCwd(normalised);
|
|
41
|
-
|
|
51
|
+
// α6.14.2 wave 5: when the cwd has no project markers, prefer the
|
|
52
|
+
// explicit "not bound" summary so admin-api's prompt builder knows
|
|
53
|
+
// not to fabricate a workspace context for Mira/Pugi. The cwd +
|
|
54
|
+
// slug still travel so the server can record where the operator
|
|
55
|
+
// launched from for telemetry, but the summary no longer leaks a
|
|
56
|
+
// stray parent-dir basename as if it were a real workspace.
|
|
57
|
+
const summary = isBoundWorkspace(normalised)
|
|
58
|
+
? (readPugiSummary(normalised) ?? basename(normalised) ?? 'workspace')
|
|
59
|
+
: UNBOUND_WORKSPACE_LABEL;
|
|
42
60
|
return {
|
|
43
61
|
workspaceCwd: normalised,
|
|
44
62
|
workspaceSlug: slug,
|
|
45
63
|
workspaceSummary: summary,
|
|
46
64
|
};
|
|
47
65
|
}
|
|
66
|
+
/**
|
|
67
|
+
* Project-marker probe used by the REPL splash + status bar to decide
|
|
68
|
+
* whether the cwd is a real workspace or a stray parent dir the
|
|
69
|
+
* operator wandered into. The probe is intentionally cheap — three
|
|
70
|
+
* `existsSync` calls — and the order matches the brand convention:
|
|
71
|
+
*
|
|
72
|
+
* 1. `.git` — any clone of a real repo
|
|
73
|
+
* 2. `package.json` — JS/TS workspace root
|
|
74
|
+
* 3. `PUGI.md` — a Pugi-initialised workspace (root or
|
|
75
|
+
* `.pugi/PUGI.md`)
|
|
76
|
+
*
|
|
77
|
+
* Hitting any one of these counts the cwd as "bound" — the operator
|
|
78
|
+
* intentionally landed in a project. Hitting none means they ran
|
|
79
|
+
* `pugi` from `$HOME` or from the parent of a checkout; in that case
|
|
80
|
+
* the splash surfaces an explicit "not bound" label instead of leaking
|
|
81
|
+
* the parent-dir basename as if it were a workspace. The check
|
|
82
|
+
* mirrors the Claude Code "no CLAUDE.md → silent context" rule —
|
|
83
|
+
* never fake-bind. (α6.14.2 wave 5 — CEO dogfood fix.)
|
|
84
|
+
*/
|
|
85
|
+
export function isBoundWorkspace(cwd) {
|
|
86
|
+
const normalised = resolvePath(cwd);
|
|
87
|
+
// Case-sensitive checks; the resolver lower-cases PUGI.md when it
|
|
88
|
+
// reads the head, but the existence probe stays strict so a stray
|
|
89
|
+
// `pugi.md` does not accidentally pass without `pugi init` having
|
|
90
|
+
// run.
|
|
91
|
+
if (existsSync(resolvePath(normalised, '.git')))
|
|
92
|
+
return true;
|
|
93
|
+
if (existsSync(resolvePath(normalised, 'package.json')))
|
|
94
|
+
return true;
|
|
95
|
+
if (existsSync(resolvePath(normalised, 'PUGI.md')))
|
|
96
|
+
return true;
|
|
97
|
+
if (existsSync(resolvePath(normalised, '.pugi', 'PUGI.md')))
|
|
98
|
+
return true;
|
|
99
|
+
return false;
|
|
100
|
+
}
|
|
101
|
+
/**
|
|
102
|
+
* Resolve the workspace label shown on the splash + the REPL header.
|
|
103
|
+
* When the cwd has project markers, returns the directory basename;
|
|
104
|
+
* otherwise returns the explicit "not bound" warning so the operator
|
|
105
|
+
* understands no real workspace was detected. The label is the only
|
|
106
|
+
* string the splash and status bar agree on, so we centralise the
|
|
107
|
+
* decision here instead of re-deriving in two places.
|
|
108
|
+
* (α6.14.2 wave 5.)
|
|
109
|
+
*/
|
|
110
|
+
export function resolveWorkspaceLabel(cwd) {
|
|
111
|
+
if (!isBoundWorkspace(cwd))
|
|
112
|
+
return UNBOUND_WORKSPACE_LABEL;
|
|
113
|
+
const normalised = resolvePath(cwd);
|
|
114
|
+
const segment = basename(normalised);
|
|
115
|
+
if (!segment || segment.length === 0)
|
|
116
|
+
return 'workspace';
|
|
117
|
+
return segment;
|
|
118
|
+
}
|
|
48
119
|
/**
|
|
49
120
|
* Read the first ~200 chars of `.pugi/PUGI.md` if the file exists. The
|
|
50
121
|
* project's own description is the highest-signal one-line summary we
|
|
@@ -0,0 +1,457 @@
|
|
|
1
|
+
import { existsSync, mkdtempSync, rmSync, writeFileSync } from 'node:fs';
|
|
2
|
+
import { tmpdir } from 'node:os';
|
|
3
|
+
import { join } from 'node:path';
|
|
4
|
+
import { installSkill, workspaceSkillDir, } from './loader.js';
|
|
5
|
+
import { hashSkillDir, recordTrust } from './trust.js';
|
|
6
|
+
/**
|
|
7
|
+
* Static catalog of the three bundled defaults. Exported so the tests
|
|
8
|
+
* (and any future `pugi skills install --bundled` opt-in path) can
|
|
9
|
+
* iterate over the canonical list without re-listing skill names.
|
|
10
|
+
*/
|
|
11
|
+
export const DEFAULT_SKILLS = [
|
|
12
|
+
{
|
|
13
|
+
name: 'brand-voice',
|
|
14
|
+
description: 'Pugi brand voice: English in code/commits, terse in chat, no AI attribution, no emoji slop.',
|
|
15
|
+
version: '1.0.0',
|
|
16
|
+
source: 'pugi-original',
|
|
17
|
+
sourceUrl: 'https://github.com/pugi-io/pugi/blob/main/apps/pugi-cli/src/core/skills/defaults.ts',
|
|
18
|
+
license: 'MIT',
|
|
19
|
+
body: [
|
|
20
|
+
'# Brand voice',
|
|
21
|
+
'',
|
|
22
|
+
'Apply this rule set to every commit message, PR body, code comment,',
|
|
23
|
+
'generated docstring, and chat reply Pugi produces on this workspace.',
|
|
24
|
+
'',
|
|
25
|
+
'## Language split',
|
|
26
|
+
'',
|
|
27
|
+
'- Code, comments, commit messages, PR titles + bodies, technical docs,',
|
|
28
|
+
" generated tests, log strings: **English**. Do not switch mid-line.",
|
|
29
|
+
'- Operator-facing chat replies follow the workspace `settings.json`',
|
|
30
|
+
' `workflow.chatLang` (defaults to English when unset).',
|
|
31
|
+
'',
|
|
32
|
+
'## No AI attribution',
|
|
33
|
+
'',
|
|
34
|
+
'- Never add `Co-Authored-By: Claude` (or Codex, Gemini, Cursor) trailers',
|
|
35
|
+
' to commits or PR bodies.',
|
|
36
|
+
'- Never write "Generated with Claude Code", "Made with AI", or any',
|
|
37
|
+
' variant in PR descriptions, README content, or release notes.',
|
|
38
|
+
'- Pugi itself is the byline; the underlying model is implementation',
|
|
39
|
+
' detail and stays out of customer-visible text.',
|
|
40
|
+
'',
|
|
41
|
+
'## No emoji decoration',
|
|
42
|
+
'',
|
|
43
|
+
'- Skip decorative emoji in commit messages, PR bodies, code comments,',
|
|
44
|
+
' log lines, and chat replies.',
|
|
45
|
+
'- Functional unicode that carries meaning (math symbols, currency,',
|
|
46
|
+
' language scripts) is fine.',
|
|
47
|
+
'',
|
|
48
|
+
'## No em dashes',
|
|
49
|
+
'',
|
|
50
|
+
'- Prefer regular hyphens or restructure the sentence. The em dash',
|
|
51
|
+
' character reads as ChatGPT-flavoured and we keep our voice distinct.',
|
|
52
|
+
'',
|
|
53
|
+
'## Verb grammar',
|
|
54
|
+
'',
|
|
55
|
+
'Pugi exposes four customer verbs: `idea`, `plan`, `build`, `review`.',
|
|
56
|
+
'When generating help text, READMEs, or onboarding docs reference these',
|
|
57
|
+
'exact verbs in this exact order. Do not invent synonyms like "scaffold",',
|
|
58
|
+
'"draft", "ship", or "execute" for the same surface.',
|
|
59
|
+
'',
|
|
60
|
+
].join('\n'),
|
|
61
|
+
},
|
|
62
|
+
{
|
|
63
|
+
name: 'endpoint-probe',
|
|
64
|
+
description: 'Verify every URL with a HEAD probe before codegen writes it so Pugi never ships a fabricated endpoint.',
|
|
65
|
+
version: '1.0.0',
|
|
66
|
+
source: 'pugi-original',
|
|
67
|
+
sourceUrl: 'https://github.com/pugi-io/pugi/blob/main/apps/pugi-cli/src/core/skills/defaults.ts',
|
|
68
|
+
license: 'MIT',
|
|
69
|
+
body: [
|
|
70
|
+
'# Endpoint probe',
|
|
71
|
+
'',
|
|
72
|
+
'When the model is about to write a URL into source code, configuration,',
|
|
73
|
+
'documentation, or a generated README, treat that URL as unverified',
|
|
74
|
+
'until a real HTTP probe confirms it resolves.',
|
|
75
|
+
'',
|
|
76
|
+
'## Rule',
|
|
77
|
+
'',
|
|
78
|
+
'1. Before any tool call that writes a URL (`write`, `edit`, `patch`),',
|
|
79
|
+
' enumerate the URLs the diff introduces.',
|
|
80
|
+
'2. For each URL whose host is reachable from the workspace, issue a',
|
|
81
|
+
' `HEAD` request (or `GET` when the host blocks `HEAD`).',
|
|
82
|
+
'3. Treat the URL as **valid** only when the response is 2xx, 3xx, or',
|
|
83
|
+
' a documented 401/403 (auth-gated endpoint we expect).',
|
|
84
|
+
'4. Treat the URL as **invalid** on `ENOTFOUND`, `ECONNREFUSED`,',
|
|
85
|
+
' timeout, or 4xx/5xx other than the documented auth codes. In that',
|
|
86
|
+
' case do not write the URL; ask the operator for the correct one or',
|
|
87
|
+
' pull it from `.pugi/settings.json` / `.env`.',
|
|
88
|
+
'',
|
|
89
|
+
'## Why this matters',
|
|
90
|
+
'',
|
|
91
|
+
'Pugi has historically shipped READMEs with installer URLs that 404,',
|
|
92
|
+
'API base URLs that point at deprecated tunnels, and "see docs at X"',
|
|
93
|
+
'links to pages that never existed. Each is a trust event: the next',
|
|
94
|
+
'operator pastes the URL, hits the 404, and assumes the whole CLI is',
|
|
95
|
+
'broken. A HEAD probe costs one round-trip and closes that class.',
|
|
96
|
+
'',
|
|
97
|
+
'## Skip cases',
|
|
98
|
+
'',
|
|
99
|
+
'- Localhost URLs (`http://127.0.0.1:*`, `http://localhost:*`): skip',
|
|
100
|
+
' the probe; verify visually that the port matches the workspace dev',
|
|
101
|
+
' server config instead.',
|
|
102
|
+
'- Example URLs in comments explicitly marked `// example:` or',
|
|
103
|
+
' `# example:`: skip the probe; the operator has flagged the URL as',
|
|
104
|
+
' illustrative.',
|
|
105
|
+
'',
|
|
106
|
+
].join('\n'),
|
|
107
|
+
},
|
|
108
|
+
{
|
|
109
|
+
name: 'readme-sync',
|
|
110
|
+
description: 'When package.json bin/name/scripts change, cross-check README install + usage so shipped docs never drift from the binary.',
|
|
111
|
+
version: '1.0.0',
|
|
112
|
+
source: 'pugi-original',
|
|
113
|
+
sourceUrl: 'https://github.com/pugi-io/pugi/blob/main/apps/pugi-cli/src/core/skills/defaults.ts',
|
|
114
|
+
license: 'MIT',
|
|
115
|
+
body: [
|
|
116
|
+
'# README sync',
|
|
117
|
+
'',
|
|
118
|
+
'Whenever a `build` task renames a package or its binary, the README',
|
|
119
|
+
'must move with it. Stale install snippets are the most common Pugi',
|
|
120
|
+
'regression: the binary ships as `@pugi/cli` but the README still',
|
|
121
|
+
'tells the operator to `npm i -g @codeforge/cli`, and the install',
|
|
122
|
+
"fails before they ever see `pugi --version`.",
|
|
123
|
+
'',
|
|
124
|
+
'## Rule',
|
|
125
|
+
'',
|
|
126
|
+
'Whenever a diff touches `package.json` and changes any of:',
|
|
127
|
+
'',
|
|
128
|
+
' - `name`',
|
|
129
|
+
' - `bin`',
|
|
130
|
+
' - `scripts.start` / `scripts.dev`',
|
|
131
|
+
' - top-level `homepage` / `repository.url`',
|
|
132
|
+
'',
|
|
133
|
+
'then the same diff MUST also update the corresponding sections of the',
|
|
134
|
+
"package's `README.md` (and, when the package has a docs landing page,",
|
|
135
|
+
'the install snippet on that landing page too).',
|
|
136
|
+
'',
|
|
137
|
+
'## Verification snippet',
|
|
138
|
+
'',
|
|
139
|
+
'Before marking a `build` step done, run this check on every touched',
|
|
140
|
+
'package directory:',
|
|
141
|
+
'',
|
|
142
|
+
'```',
|
|
143
|
+
'pkg_name=$(jq -r .name package.json)',
|
|
144
|
+
'bin_name=$(jq -r ".bin | if type==\\"string\\" then \\"unknown\\" else keys[0] end" package.json)',
|
|
145
|
+
'grep -F "npm i -g $pkg_name" README.md || echo "MISMATCH: README missing install for $pkg_name"',
|
|
146
|
+
'grep -F "$bin_name " README.md || echo "MISMATCH: README missing usage for $bin_name"',
|
|
147
|
+
'```',
|
|
148
|
+
'',
|
|
149
|
+
'When either grep prints `MISMATCH`, fix the README before the commit',
|
|
150
|
+
'is considered ready for `review`.',
|
|
151
|
+
'',
|
|
152
|
+
'## Idempotence',
|
|
153
|
+
'',
|
|
154
|
+
'This rule applies to every package in the workspace, not just the',
|
|
155
|
+
"first one the operator mentions. A monorepo-wide rename (`@codeforge/*`",
|
|
156
|
+
"to `@pugi/*`) has to sync every README, not just the customer-facing",
|
|
157
|
+
'CLI README.',
|
|
158
|
+
'',
|
|
159
|
+
].join('\n'),
|
|
160
|
+
},
|
|
161
|
+
{
|
|
162
|
+
name: 'zoom-out',
|
|
163
|
+
description: 'Ask Pugi to zoom out and give broader context or a higher-level perspective. Use when the model is unfamiliar with a section of code or needs to understand how it fits into the bigger picture.',
|
|
164
|
+
version: '1.0.0',
|
|
165
|
+
source: 'mattpocock/skills',
|
|
166
|
+
sourceUrl: 'https://github.com/mattpocock/skills/blob/main/skills/engineering/zoom-out/SKILL.md',
|
|
167
|
+
license: 'MIT',
|
|
168
|
+
body: [
|
|
169
|
+
'# Zoom out',
|
|
170
|
+
'',
|
|
171
|
+
'**Source:** [mattpocock/skills](https://github.com/mattpocock/skills/blob/main/skills/engineering/zoom-out/SKILL.md) - MIT licensed, authored by Matt Pocock. Ported verbatim into the Pugi bundle on 2026-05-26.',
|
|
172
|
+
'',
|
|
173
|
+
'I do not know this area of code well. Go up a layer of abstraction.',
|
|
174
|
+
'Give me a map of all the relevant modules and callers, using the',
|
|
175
|
+
"project's domain glossary vocabulary.",
|
|
176
|
+
'',
|
|
177
|
+
].join('\n'),
|
|
178
|
+
},
|
|
179
|
+
{
|
|
180
|
+
name: 'diagnose',
|
|
181
|
+
description: 'Disciplined six-phase diagnosis loop for hard bugs and performance regressions: build feedback loop, reproduce, hypothesise, instrument, fix + regression-test, cleanup + post-mortem. Use when the operator reports a bug, a flake, or a perf regression.',
|
|
182
|
+
version: '1.0.0',
|
|
183
|
+
source: 'mattpocock/skills',
|
|
184
|
+
sourceUrl: 'https://github.com/mattpocock/skills/blob/main/skills/engineering/diagnose/SKILL.md',
|
|
185
|
+
license: 'MIT',
|
|
186
|
+
body: [
|
|
187
|
+
'# Diagnose',
|
|
188
|
+
'',
|
|
189
|
+
'**Source:** [mattpocock/skills](https://github.com/mattpocock/skills/blob/main/skills/engineering/diagnose/SKILL.md) - MIT licensed, authored by Matt Pocock. Ported into the Pugi bundle on 2026-05-26 with minor de-namespacing (cross-skill links rewritten, project-glossary references generalised).',
|
|
190
|
+
'',
|
|
191
|
+
'A discipline for hard bugs. Skip phases only when explicitly justified.',
|
|
192
|
+
'',
|
|
193
|
+
'When exploring the codebase, use the project domain glossary (if one',
|
|
194
|
+
'exists) to build a clear mental model of the relevant modules, and',
|
|
195
|
+
'check ADRs in the area you are touching.',
|
|
196
|
+
'',
|
|
197
|
+
'## Phase 1 - Build a feedback loop',
|
|
198
|
+
'',
|
|
199
|
+
'**This is the skill.** Everything else is mechanical. If you have a',
|
|
200
|
+
'fast, deterministic, agent-runnable pass/fail signal for the bug, you',
|
|
201
|
+
'will find the cause - bisection, hypothesis-testing, and instrumentation',
|
|
202
|
+
'all just consume that signal. If you do not have one, no amount of',
|
|
203
|
+
'staring at code will save you.',
|
|
204
|
+
'',
|
|
205
|
+
'Spend disproportionate effort here. **Be aggressive. Be creative.',
|
|
206
|
+
'Refuse to give up.**',
|
|
207
|
+
'',
|
|
208
|
+
'### Ways to construct one, in roughly this order',
|
|
209
|
+
'',
|
|
210
|
+
'1. **Failing test** at whatever seam reaches the bug - unit, integration, e2e.',
|
|
211
|
+
'2. **Curl / HTTP script** against a running dev server.',
|
|
212
|
+
'3. **CLI invocation** with a fixture input, diffing stdout against a known-good snapshot.',
|
|
213
|
+
'4. **Headless browser script** (Playwright / Puppeteer) - drives the UI, asserts on DOM/console/network.',
|
|
214
|
+
'5. **Replay a captured trace.** Save a real network request / payload / event log to disk; replay it through the code path in isolation.',
|
|
215
|
+
'6. **Throwaway harness.** Spin up a minimal subset of the system (one service, mocked deps) that exercises the bug code path with a single function call.',
|
|
216
|
+
'7. **Property / fuzz loop.** If the bug is "sometimes wrong output", run 1000 random inputs and look for the failure mode.',
|
|
217
|
+
'8. **Bisection harness.** If the bug appeared between two known states (commit, dataset, version), automate "boot at state X, check, repeat" so you can `git bisect run` it.',
|
|
218
|
+
'9. **Differential loop.** Run the same input through old-version vs new-version (or two configs) and diff outputs.',
|
|
219
|
+
'10. **HITL bash script.** Last resort. If a human must click, drive _them_ with a templated loop script so the loop is still structured. Captured output feeds back to you.',
|
|
220
|
+
'',
|
|
221
|
+
'Build the right feedback loop, and the bug is 90% fixed.',
|
|
222
|
+
'',
|
|
223
|
+
'### Iterate on the loop itself',
|
|
224
|
+
'',
|
|
225
|
+
'Treat the loop as a product. Once you have _a_ loop, ask:',
|
|
226
|
+
'',
|
|
227
|
+
'- Can I make it faster? (Cache setup, skip unrelated init, narrow the test scope.)',
|
|
228
|
+
'- Can I make the signal sharper? (Assert on the specific symptom, not "did not crash".)',
|
|
229
|
+
'- Can I make it more deterministic? (Pin time, seed RNG, isolate filesystem, freeze network.)',
|
|
230
|
+
'',
|
|
231
|
+
'A 30-second flaky loop is barely better than no loop. A 2-second',
|
|
232
|
+
'deterministic loop is a debugging superpower.',
|
|
233
|
+
'',
|
|
234
|
+
'### Non-deterministic bugs',
|
|
235
|
+
'',
|
|
236
|
+
'The goal is not a clean repro but a **higher reproduction rate**. Loop',
|
|
237
|
+
'the trigger 100x, parallelise, add stress, narrow timing windows, inject',
|
|
238
|
+
'sleeps. A 50% flake is debuggable; 1% is not - keep raising the rate',
|
|
239
|
+
'until it is debuggable.',
|
|
240
|
+
'',
|
|
241
|
+
'### When you genuinely cannot build a loop',
|
|
242
|
+
'',
|
|
243
|
+
'Stop and say so explicitly. List what you tried. Ask the operator for:',
|
|
244
|
+
'(a) access to whatever environment reproduces it, (b) a captured artifact',
|
|
245
|
+
'(HAR file, log dump, core dump, screen recording with timestamps), or',
|
|
246
|
+
'(c) permission to add temporary production instrumentation. Do **not**',
|
|
247
|
+
'proceed to hypothesise without a loop.',
|
|
248
|
+
'',
|
|
249
|
+
'Do not proceed to Phase 2 until you have a loop you believe in.',
|
|
250
|
+
'',
|
|
251
|
+
'## Phase 2 - Reproduce',
|
|
252
|
+
'',
|
|
253
|
+
'Run the loop. Watch the bug appear.',
|
|
254
|
+
'',
|
|
255
|
+
'Confirm:',
|
|
256
|
+
'',
|
|
257
|
+
'- The loop produces the failure mode the **operator** described - not a different failure that happens to be nearby. Wrong bug = wrong fix.',
|
|
258
|
+
'- The failure is reproducible across multiple runs (or, for non-deterministic bugs, reproducible at a high enough rate to debug against).',
|
|
259
|
+
'- You have captured the exact symptom (error message, wrong output, slow timing) so later phases can verify the fix actually addresses it.',
|
|
260
|
+
'',
|
|
261
|
+
'Do not proceed until you reproduce the bug.',
|
|
262
|
+
'',
|
|
263
|
+
'## Phase 3 - Hypothesise',
|
|
264
|
+
'',
|
|
265
|
+
'Generate **3-5 ranked hypotheses** before testing any of them.',
|
|
266
|
+
'Single-hypothesis generation anchors on the first plausible idea.',
|
|
267
|
+
'',
|
|
268
|
+
'Each hypothesis must be **falsifiable**: state the prediction it makes.',
|
|
269
|
+
'',
|
|
270
|
+
'> Format: "If <X> is the cause, then <changing Y> will make the bug disappear / <changing Z> will make it worse."',
|
|
271
|
+
'',
|
|
272
|
+
'If you cannot state the prediction, the hypothesis is a vibe - discard',
|
|
273
|
+
'or sharpen it.',
|
|
274
|
+
'',
|
|
275
|
+
'**Show the ranked list to the operator before testing.** They often',
|
|
276
|
+
'have domain knowledge that re-ranks instantly ("we just deployed a',
|
|
277
|
+
'change to #3"), or know hypotheses they have already ruled out. Cheap',
|
|
278
|
+
'checkpoint, big time saver. Do not block on it - proceed with your',
|
|
279
|
+
'ranking if the operator is AFK.',
|
|
280
|
+
'',
|
|
281
|
+
'## Phase 4 - Instrument',
|
|
282
|
+
'',
|
|
283
|
+
'Each probe must map to a specific prediction from Phase 3. **Change',
|
|
284
|
+
'one variable at a time.**',
|
|
285
|
+
'',
|
|
286
|
+
'Tool preference:',
|
|
287
|
+
'',
|
|
288
|
+
'1. **Debugger / REPL inspection** if the env supports it. One breakpoint beats ten logs.',
|
|
289
|
+
'2. **Targeted logs** at the boundaries that distinguish hypotheses.',
|
|
290
|
+
'3. Never "log everything and grep".',
|
|
291
|
+
'',
|
|
292
|
+
'**Tag every debug log** with a unique prefix, e.g. `[DEBUG-a4f2]`.',
|
|
293
|
+
'Cleanup at the end becomes a single grep. Untagged logs survive;',
|
|
294
|
+
'tagged logs die.',
|
|
295
|
+
'',
|
|
296
|
+
'**Perf branch.** For performance regressions, logs are usually wrong.',
|
|
297
|
+
'Instead: establish a baseline measurement (timing harness,',
|
|
298
|
+
'`performance.now()`, profiler, query plan), then bisect. Measure first,',
|
|
299
|
+
'fix second.',
|
|
300
|
+
'',
|
|
301
|
+
'## Phase 5 - Fix + regression test',
|
|
302
|
+
'',
|
|
303
|
+
'Write the regression test **before the fix** - but only if there is a',
|
|
304
|
+
'**correct seam** for it.',
|
|
305
|
+
'',
|
|
306
|
+
'A correct seam is one where the test exercises the **real bug pattern**',
|
|
307
|
+
'as it occurs at the call site. If the only available seam is too',
|
|
308
|
+
'shallow (single-caller test when the bug needs multiple callers, unit',
|
|
309
|
+
'test that cannot replicate the chain that triggered the bug), a',
|
|
310
|
+
'regression test there gives false confidence.',
|
|
311
|
+
'',
|
|
312
|
+
'**If no correct seam exists, that itself is the finding.** Note it. The',
|
|
313
|
+
'codebase architecture is preventing the bug from being locked down.',
|
|
314
|
+
'Flag this for the next phase.',
|
|
315
|
+
'',
|
|
316
|
+
'If a correct seam exists:',
|
|
317
|
+
'',
|
|
318
|
+
'1. Turn the minimised repro into a failing test at that seam.',
|
|
319
|
+
'2. Watch it fail.',
|
|
320
|
+
'3. Apply the fix.',
|
|
321
|
+
'4. Watch it pass.',
|
|
322
|
+
'5. Re-run the Phase 1 feedback loop against the original (un-minimised) scenario.',
|
|
323
|
+
'',
|
|
324
|
+
'## Phase 6 - Cleanup + post-mortem',
|
|
325
|
+
'',
|
|
326
|
+
'Required before declaring done:',
|
|
327
|
+
'',
|
|
328
|
+
'- Original repro no longer reproduces (re-run the Phase 1 loop)',
|
|
329
|
+
'- Regression test passes (or absence of seam is documented)',
|
|
330
|
+
'- All `[DEBUG-...]` instrumentation removed (`grep` the prefix)',
|
|
331
|
+
'- Throwaway prototypes deleted (or moved to a clearly-marked debug location)',
|
|
332
|
+
'- The hypothesis that turned out correct is stated in the commit / PR message - so the next debugger learns',
|
|
333
|
+
'',
|
|
334
|
+
'**Then ask: what would have prevented this bug?** If the answer',
|
|
335
|
+
'involves architectural change (no good test seam, tangled callers,',
|
|
336
|
+
'hidden coupling) note the specifics for a follow-up refactor. Make the',
|
|
337
|
+
'recommendation **after** the fix is in, not before - you have more',
|
|
338
|
+
'information now than when you started.',
|
|
339
|
+
'',
|
|
340
|
+
].join('\n'),
|
|
341
|
+
},
|
|
342
|
+
{
|
|
343
|
+
name: 'grill-me',
|
|
344
|
+
description: 'Interview the operator relentlessly about a plan or design until reaching shared understanding, resolving each branch of the decision tree. Use when the operator wants to stress-test a plan or says "grill me".',
|
|
345
|
+
version: '1.0.0',
|
|
346
|
+
source: 'mattpocock/skills',
|
|
347
|
+
sourceUrl: 'https://github.com/mattpocock/skills/blob/main/skills/productivity/grill-me/SKILL.md',
|
|
348
|
+
license: 'MIT',
|
|
349
|
+
body: [
|
|
350
|
+
'# Grill me',
|
|
351
|
+
'',
|
|
352
|
+
'**Source:** [mattpocock/skills](https://github.com/mattpocock/skills/blob/main/skills/productivity/grill-me/SKILL.md) - MIT licensed, authored by Matt Pocock. Ported verbatim into the Pugi bundle on 2026-05-26 (terminology swap: "user" -> "operator" to match Pugi vocabulary).',
|
|
353
|
+
'',
|
|
354
|
+
'Interview the operator relentlessly about every aspect of this plan',
|
|
355
|
+
'until we reach a shared understanding. Walk down each branch of the',
|
|
356
|
+
'design tree, resolving dependencies between decisions one-by-one. For',
|
|
357
|
+
'each question, provide your recommended answer.',
|
|
358
|
+
'',
|
|
359
|
+
'Ask the questions one at a time.',
|
|
360
|
+
'',
|
|
361
|
+
'If a question can be answered by exploring the codebase, explore the',
|
|
362
|
+
'codebase instead.',
|
|
363
|
+
'',
|
|
364
|
+
].join('\n'),
|
|
365
|
+
},
|
|
366
|
+
];
|
|
367
|
+
/**
|
|
368
|
+
* Build the canonical `SKILL.md` text for a bundled default. We hand-roll
|
|
369
|
+
* the frontmatter (instead of going through a YAML library) so the file
|
|
370
|
+
* round-trips byte-identical for the same `DEFAULT_SKILLS` entry. Stable
|
|
371
|
+
* bytes means a stable sha256: re-running `pugi init` against a clean
|
|
372
|
+
* workspace produces the same trust signature.
|
|
373
|
+
*/
|
|
374
|
+
function renderSkillMarkdown(spec) {
|
|
375
|
+
const frontmatter = [
|
|
376
|
+
'---',
|
|
377
|
+
`name: ${spec.name}`,
|
|
378
|
+
`description: ${spec.description}`,
|
|
379
|
+
'metadata:',
|
|
380
|
+
' type: skill',
|
|
381
|
+
` version: ${spec.version}`,
|
|
382
|
+
'---',
|
|
383
|
+
'',
|
|
384
|
+
].join('\n');
|
|
385
|
+
return `${frontmatter}${spec.body}`;
|
|
386
|
+
}
|
|
387
|
+
/**
|
|
388
|
+
* Install every bundled default skill into the workspace `.pugi/skills/`
|
|
389
|
+
* directory. Idempotent: a skill whose target directory already exists
|
|
390
|
+
* (i.e. operator has customised it) is left untouched.
|
|
391
|
+
*
|
|
392
|
+
* Trust records are written under the workspace scope with
|
|
393
|
+
* `signedBy: pugi-bundled` so `pugi skills list` reports them as
|
|
394
|
+
* `[trusted]` without the operator having to run `pugi skills trust`
|
|
395
|
+
* manually after init.
|
|
396
|
+
*/
|
|
397
|
+
export async function installDefaultSkills(input) {
|
|
398
|
+
const summaries = [];
|
|
399
|
+
const scope = 'workspace';
|
|
400
|
+
for (const spec of DEFAULT_SKILLS) {
|
|
401
|
+
const targetDir = workspaceSkillDir(input.workspaceRoot, spec.name);
|
|
402
|
+
if (existsSync(targetDir)) {
|
|
403
|
+
// Idempotent: never overwrite a skill the operator has already
|
|
404
|
+
// edited. The `init` command is re-runnable by design.
|
|
405
|
+
summaries.push({ name: spec.name, status: 'skipped-existing', dir: targetDir });
|
|
406
|
+
input.log?.(`[pugi init] skill "${spec.name}" already present, leaving as-is.\n`);
|
|
407
|
+
continue;
|
|
408
|
+
}
|
|
409
|
+
// Materialise the bundled body in a tmp dir so `installSkill` can copy
|
|
410
|
+
// it through its standard payload path (includes its own SKILL.md
|
|
411
|
+
// existence check + symlink hardening via verbatimSymlinks).
|
|
412
|
+
const payloadDir = mkdtempSync(join(tmpdir(), 'pugi-default-skill-'));
|
|
413
|
+
try {
|
|
414
|
+
writeFileSync(join(payloadDir, 'SKILL.md'), renderSkillMarkdown(spec), {
|
|
415
|
+
encoding: 'utf8',
|
|
416
|
+
mode: 0o600,
|
|
417
|
+
});
|
|
418
|
+
const installedDir = installSkill({
|
|
419
|
+
payloadDir,
|
|
420
|
+
name: spec.name,
|
|
421
|
+
scope,
|
|
422
|
+
workspaceRoot: input.workspaceRoot,
|
|
423
|
+
});
|
|
424
|
+
const sha256 = hashSkillDir(installedDir);
|
|
425
|
+
await recordTrust({
|
|
426
|
+
kind: 'skill',
|
|
427
|
+
scope,
|
|
428
|
+
name: spec.name,
|
|
429
|
+
sha256,
|
|
430
|
+
// Source records the provenance for the trust ledger so a future
|
|
431
|
+
// `pugi skills info brand-voice` shows where it came from without
|
|
432
|
+
// pointing at a URL that never existed.
|
|
433
|
+
source: 'pugi-bundled-default',
|
|
434
|
+
signedBy: 'pugi-bundled',
|
|
435
|
+
});
|
|
436
|
+
summaries.push({ name: spec.name, status: 'installed', dir: installedDir });
|
|
437
|
+
input.log?.(`[pugi init] installed default skill "${spec.name}" -> ${installedDir}\n`);
|
|
438
|
+
}
|
|
439
|
+
finally {
|
|
440
|
+
rmSync(payloadDir, { recursive: true, force: true });
|
|
441
|
+
}
|
|
442
|
+
}
|
|
443
|
+
return summaries;
|
|
444
|
+
}
|
|
445
|
+
/**
|
|
446
|
+
* Internal helper used by tests to keep parity with the runtime. Exposed
|
|
447
|
+
* so a test fixture can write a SKILL.md byte-for-byte matching what the
|
|
448
|
+
* installer would have produced.
|
|
449
|
+
*/
|
|
450
|
+
export function renderDefaultSkillMarkdown(name) {
|
|
451
|
+
const spec = DEFAULT_SKILLS.find((entry) => entry.name === name);
|
|
452
|
+
if (!spec) {
|
|
453
|
+
throw new Error(`renderDefaultSkillMarkdown: no bundled default named "${name}"`);
|
|
454
|
+
}
|
|
455
|
+
return renderSkillMarkdown(spec);
|
|
456
|
+
}
|
|
457
|
+
//# sourceMappingURL=defaults.js.map
|