@shahboura/harness 3.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.opencode/agents/developer.md +60 -0
- package/.opencode/agents/planner.md +51 -0
- package/.opencode/agents/reviewer.md +53 -0
- package/.opencode/commands/add-repo.md +26 -0
- package/.opencode/commands/dev-workflow.md +40 -0
- package/.opencode/commands/init-workspace.md +22 -0
- package/.opencode/commands/migrate-workspace.md +28 -0
- package/.opencode/commands/repo-map-refresh.md +23 -0
- package/.opencode/commands/story-workflow.md +24 -0
- package/.opencode/commands/workflow-status.md +23 -0
- package/.opencode/commands/workspace-config.md +27 -0
- package/.opencode/package.json +9 -0
- package/.opencode/plugins/harness-guards.ts +290 -0
- package/.opencode/skills/add-repo/SKILL.md +96 -0
- package/.opencode/skills/dev-workflow/SKILL.md +105 -0
- package/.opencode/skills/dev-workflow/shared/diagram-styling.md +65 -0
- package/.opencode/skills/dev-workflow/shared/engineering.md +14 -0
- package/.opencode/skills/dev-workflow/shared/status-block.md +29 -0
- package/.opencode/skills/dev-workflow/steps/analyze-comments.md +32 -0
- package/.opencode/skills/dev-workflow/steps/apply-fixes.md +24 -0
- package/.opencode/skills/dev-workflow/steps/comment-analysis.md +11 -0
- package/.opencode/skills/dev-workflow/steps/create-pr.md +39 -0
- package/.opencode/skills/dev-workflow/steps/develop-task.md +54 -0
- package/.opencode/skills/dev-workflow/steps/develop.md +60 -0
- package/.opencode/skills/dev-workflow/steps/fetch.md +34 -0
- package/.opencode/skills/dev-workflow/steps/fixup-task.md +12 -0
- package/.opencode/skills/dev-workflow/steps/gate.md +53 -0
- package/.opencode/skills/dev-workflow/steps/harden-task.md +12 -0
- package/.opencode/skills/dev-workflow/steps/harden.md +30 -0
- package/.opencode/skills/dev-workflow/steps/intake.md +52 -0
- package/.opencode/skills/dev-workflow/steps/metrics.md +21 -0
- package/.opencode/skills/dev-workflow/steps/plan-task.md +108 -0
- package/.opencode/skills/dev-workflow/steps/plan.md +80 -0
- package/.opencode/skills/dev-workflow/steps/pre-pr-fixes.md +16 -0
- package/.opencode/skills/dev-workflow/steps/pre-pr-review.md +14 -0
- package/.opencode/skills/dev-workflow/steps/pre-pr.md +14 -0
- package/.opencode/skills/dev-workflow/steps/preflight.md +32 -0
- package/.opencode/skills/dev-workflow/steps/quick-recheck.md +14 -0
- package/.opencode/skills/dev-workflow/steps/reconcile.md +27 -0
- package/.opencode/skills/dev-workflow/steps/review-task.md +32 -0
- package/.opencode/skills/dev-workflow/steps/security.md +18 -0
- package/.opencode/skills/dev-workflow/steps/triage-request.md +15 -0
- package/.opencode/skills/init-workspace/SKILL.md +155 -0
- package/.opencode/skills/migrate-workspace/SKILL.md +122 -0
- package/.opencode/skills/repo-map-refresh/SKILL.md +43 -0
- package/.opencode/skills/story-workflow/SKILL.md +78 -0
- package/.opencode/skills/story-workflow/commands/analyze.md +40 -0
- package/.opencode/skills/story-workflow/commands/groom.md +58 -0
- package/.opencode/skills/story-workflow/commands/improve.md +47 -0
- package/.opencode/skills/story-workflow/commands/refine.md +44 -0
- package/.opencode/skills/story-workflow/shared/context.md +22 -0
- package/.opencode/skills/story-workflow/shared/provider-io.md +73 -0
- package/.opencode/skills/story-workflow/templates/readiness-report.md +57 -0
- package/.opencode/skills/story-workflow/templates/story-template.md +51 -0
- package/.opencode/skills/story-workflow/templates/technical-notes.md +48 -0
- package/.opencode/skills/workflow-status/SKILL.md +30 -0
- package/.opencode/skills/workspace-config/SKILL.md +97 -0
- package/.opencode/tsconfig.json +11 -0
- package/CHANGELOG.md +396 -0
- package/LICENSE +21 -0
- package/README.md +351 -0
- package/package.json +32 -0
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
# shared/provider-io.md — fetch a work item, post a result back
|
|
2
|
+
|
|
3
|
+
The configured work-item provider is resolved by the harness from
|
|
4
|
+
`.claude/context/provider.yaml`; you never name it. There are two transports,
|
|
5
|
+
and the recipe differs slightly between them. This file is the single source —
|
|
6
|
+
every command cites it.
|
|
7
|
+
|
|
8
|
+
## Fetch a work item
|
|
9
|
+
|
|
10
|
+
Run:
|
|
11
|
+
|
|
12
|
+
```
|
|
13
|
+
bin/harness provider --op work_item.fetch --id <id>
|
|
14
|
+
```
|
|
15
|
+
|
|
16
|
+
**CLI / file transport** (`local-markdown`, `github`, `gitlab`, `ado`) prints
|
|
17
|
+
the normalized item directly:
|
|
18
|
+
|
|
19
|
+
```
|
|
20
|
+
{"ok": true, "result": {"id": "...", "title": "...", "type": "...",
|
|
21
|
+
"state": "...", "description": "...", "acceptance_criteria": ["…", "…"],
|
|
22
|
+
"provider_ref": "…"}}
|
|
23
|
+
```
|
|
24
|
+
|
|
25
|
+
Work from those fields. For `local-markdown`, `<id>` is the file **stem** inside
|
|
26
|
+
`provider.stories_dir` (`WORK-7`, not `stories/WORK-7.md`) — the harness refuses
|
|
27
|
+
an id that escapes the stories dir.
|
|
28
|
+
|
|
29
|
+
**MCP transport** (`ado-mcp`, `jira`, `zoho`): a script cannot call an MCP tool,
|
|
30
|
+
so the same command **exits non-zero** and prints the exact MCP tool + args to
|
|
31
|
+
invoke — that refusal *is* the instruction. Invoke that tool yourself, capture
|
|
32
|
+
its raw JSON, then normalize it to the shape above:
|
|
33
|
+
|
|
34
|
+
```
|
|
35
|
+
printf '%s' '<raw-json>' | bin/harness provider-normalize --op work_item.fetch
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
⚠️ That refusal message ends by telling you to pipe the raw result into the
|
|
39
|
+
`--from-raw` bootstrap. That is the **/dev-workflow** path — it starts a dev run
|
|
40
|
+
and seeds `state.yaml`. story-workflow must never start a run, so ignore that
|
|
41
|
+
last line and use `provider-normalize` (above), which runs the identical
|
|
42
|
+
normalize with no run side-effects.
|
|
43
|
+
|
|
44
|
+
If the fetch fails or the item isn't found, tell the user plainly and stop.
|
|
45
|
+
|
|
46
|
+
## Post a result back (only after the user approves)
|
|
47
|
+
|
|
48
|
+
Story-quality output goes back as a **comment** — never by editing the item's
|
|
49
|
+
Description or Acceptance-Criteria fields:
|
|
50
|
+
|
|
51
|
+
```
|
|
52
|
+
bin/harness provider --op work_item.add_comment --id <id> --text '<markdown>'
|
|
53
|
+
```
|
|
54
|
+
|
|
55
|
+
- **CLI / file transport** posts directly (`local-markdown` appends under a
|
|
56
|
+
`## Comments` section in the story file; ADO renders the markdown; GitHub and
|
|
57
|
+
GitLab post native markdown).
|
|
58
|
+
- **MCP transport**: as with fetch, the command exits non-zero and names the
|
|
59
|
+
comment tool + args — invoke that MCP tool yourself with the same `<text>`.
|
|
60
|
+
|
|
61
|
+
Always show the artifact in the conversation and get an explicit yes before
|
|
62
|
+
posting. If the user wants changes, iterate first, then post once.
|
|
63
|
+
|
|
64
|
+
## local-markdown: rewriting a story in place
|
|
65
|
+
|
|
66
|
+
`add_comment` is non-destructive (a comment bullet), which is exactly what
|
|
67
|
+
`analyze` and `groom` want. For `improve` / `refine`, the user may instead want
|
|
68
|
+
the refined story to **replace** the source file. That is the one sanctioned
|
|
69
|
+
direct write: with the user's explicit go-ahead, use the `Write` tool on the
|
|
70
|
+
story's `provider_ref` path (returned by the fetch) to overwrite it with the
|
|
71
|
+
refined markdown. If the user declines both a comment and an overwrite, leave
|
|
72
|
+
the output in the conversation for them to copy — never overwrite silently, and
|
|
73
|
+
never overwrite for `analyze` / `groom` (that would destroy the story).
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
# Readiness Report Template
|
|
2
|
+
|
|
3
|
+
The output format for `analyze`, and the internal rubric `improve` scores
|
|
4
|
+
against. A qualitative assessment of story readiness with actionable flags.
|
|
5
|
+
|
|
6
|
+
```markdown
|
|
7
|
+
## Story Readiness Report
|
|
8
|
+
**Work Item:** #[ID] — [Title]
|
|
9
|
+
**Assessed:** [date]
|
|
10
|
+
|
|
11
|
+
### Flags
|
|
12
|
+
|
|
13
|
+
🔴 **[Flag Name]**
|
|
14
|
+
[What's missing or problematic, with a specific suggestion for improvement.]
|
|
15
|
+
|
|
16
|
+
🟡 **[Flag Name]**
|
|
17
|
+
[A concern that isn't blocking but should be addressed.]
|
|
18
|
+
|
|
19
|
+
🟢 **[Flag Name]**
|
|
20
|
+
[Something done well — reinforces good practice.]
|
|
21
|
+
|
|
22
|
+
### Suggested Improvements
|
|
23
|
+
|
|
24
|
+
[Concrete, story-specific suggestions — draft acceptance criteria, proposed
|
|
25
|
+
scope boundaries, or questions to raise in refinement. Not generic advice.]
|
|
26
|
+
|
|
27
|
+
### Summary
|
|
28
|
+
|
|
29
|
+
[2–3 sentence overall assessment. Ready for a refinement discussion, or does it
|
|
30
|
+
need pre-work from the PO first?]
|
|
31
|
+
```
|
|
32
|
+
|
|
33
|
+
## Flag catalog
|
|
34
|
+
|
|
35
|
+
The readiness dimensions to evaluate. Not every flag applies to every story —
|
|
36
|
+
use judgment.
|
|
37
|
+
|
|
38
|
+
**Context & Motivation** — 🔴 Missing Context (no "why") · 🟡 Vague Context
|
|
39
|
+
(present but not tied to a business need) · 🟢 Clear Context.
|
|
40
|
+
|
|
41
|
+
**Description Quality** — 🔴 No User-Story Format (no persona/capability/outcome)
|
|
42
|
+
· 🟡 Ambiguous Persona ("as a user" is too generic) · 🟢 Well-Formed.
|
|
43
|
+
|
|
44
|
+
**Acceptance Criteria** — 🔴 Missing ACs · 🔴 Untestable ACs ("should work
|
|
45
|
+
well") · 🟡 Incomplete ACs (obvious error/edge cases missing) · 🟡 Too Many ACs
|
|
46
|
+
(>7 suggests a split) · 🟢 Solid ACs.
|
|
47
|
+
|
|
48
|
+
**Scope** — 🔴 Unbounded Scope · 🟡 Implicit Assumptions · 🟡 No Out-of-Scope ·
|
|
49
|
+
🟢 Well-Bounded.
|
|
50
|
+
|
|
51
|
+
**Dependencies & Risks** — 🟡 Implicit Dependencies · 🟡 Cross-Team Dependency ·
|
|
52
|
+
🟢 Self-Contained.
|
|
53
|
+
|
|
54
|
+
## Tone
|
|
55
|
+
|
|
56
|
+
Constructive and specific. Every 🔴/🟡 carries a concrete fix. 🟢 flags matter
|
|
57
|
+
too — they reinforce what the PO and team are doing well.
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
# Story Template
|
|
2
|
+
|
|
3
|
+
The canonical format for user stories. All four commands produce output that
|
|
4
|
+
follows this structure.
|
|
5
|
+
|
|
6
|
+
```markdown
|
|
7
|
+
## Context
|
|
8
|
+
[Why does this story exist? What business problem or user need does it address?
|
|
9
|
+
Background that helps developers understand the motivation.]
|
|
10
|
+
|
|
11
|
+
## Description
|
|
12
|
+
As a [persona], I want [capability], so that [outcome].
|
|
13
|
+
|
|
14
|
+
## Acceptance Criteria
|
|
15
|
+
- [ ] Given [precondition], When [action], Then [expected result]
|
|
16
|
+
- [ ] Given [precondition], When [action], Then [expected result]
|
|
17
|
+
- [ ] ...
|
|
18
|
+
|
|
19
|
+
## Out of Scope
|
|
20
|
+
[Explicitly what this story does NOT cover. Prevents scope creep and sets clear
|
|
21
|
+
boundaries for the implementation.]
|
|
22
|
+
|
|
23
|
+
## Open Questions
|
|
24
|
+
[Anything unresolved, each prefixed with who answers it. Cleared during
|
|
25
|
+
refinement or grooming — remove items as they get answered.]
|
|
26
|
+
|
|
27
|
+
## Technical Notes
|
|
28
|
+
[Added during or after grooming. Per-repo breakdown of affected components,
|
|
29
|
+
migration concerns, testing strategy, and risk flags. See technical-notes.md.]
|
|
30
|
+
```
|
|
31
|
+
|
|
32
|
+
## Section guidelines
|
|
33
|
+
|
|
34
|
+
**Context** — 2–4 sentences on the "why," not the "what." A developer reading
|
|
35
|
+
only this should understand the business motivation. No implementation detail.
|
|
36
|
+
|
|
37
|
+
**Description** — one sentence in user-story format. Needing multiple `As a…`
|
|
38
|
+
statements usually means the story is too large and should be split.
|
|
39
|
+
|
|
40
|
+
**Acceptance Criteria** — each AC independently testable, in Given/When/Then.
|
|
41
|
+
Aim for 3–7. Fewer than 3 usually means missing edge cases; more than 7 usually
|
|
42
|
+
means the story is too large.
|
|
43
|
+
|
|
44
|
+
**Out of Scope** — 1–3 items someone might reasonably assume are included but
|
|
45
|
+
aren't. If nothing is ambiguous, write "No explicit exclusions identified."
|
|
46
|
+
|
|
47
|
+
**Open Questions** — prefix each with `[PO]`, `[Tech]`, or `[Team]`. Example:
|
|
48
|
+
`[PO] Should existing users be migrated automatically or opt-in?`
|
|
49
|
+
|
|
50
|
+
**Technical Notes** — only populated during grooming; left empty or absent
|
|
51
|
+
before. See `technical-notes.md` for the per-repo format.
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
# Technical Notes Template
|
|
2
|
+
|
|
3
|
+
The output format for the Technical Notes produced by `groom` — a per-repo
|
|
4
|
+
breakdown of technical impact.
|
|
5
|
+
|
|
6
|
+
```markdown
|
|
7
|
+
## Technical Notes
|
|
8
|
+
|
|
9
|
+
### [repo-name]
|
|
10
|
+
- **Affected Components:** [specific files, classes, services, or modules]
|
|
11
|
+
- **What Changes:** [brief description of the changes needed in this repo]
|
|
12
|
+
- **Database/Migration:** [schema changes / migrations, additive vs breaking; "None" if N/A]
|
|
13
|
+
- **API Contract:** [new/changed endpoints, request/response models; "None" if N/A]
|
|
14
|
+
- **Testing Strategy:** [test types + specific areas to cover]
|
|
15
|
+
- **Risk:** [Low / Medium / High — with a brief why]
|
|
16
|
+
|
|
17
|
+
### [another-repo-name]
|
|
18
|
+
- ...
|
|
19
|
+
|
|
20
|
+
### Cross-Repo Considerations
|
|
21
|
+
[Only when the story spans multiple repos: deployment order, shared contracts,
|
|
22
|
+
feature flags needed for safe independent rollout.]
|
|
23
|
+
```
|
|
24
|
+
|
|
25
|
+
## Guidelines
|
|
26
|
+
|
|
27
|
+
**Affected Components** — name the actual classes/services/config files.
|
|
28
|
+
`AuthenticationService.cs`, `SamlConfigurationProvider.cs` — not "the auth
|
|
29
|
+
module."
|
|
30
|
+
|
|
31
|
+
**What Changes** — 1–3 sentences on the nature of the change, not the
|
|
32
|
+
implementation steps. Developers work out the how; they need the what.
|
|
33
|
+
|
|
34
|
+
**Database/Migration** — note additive (safe to deploy independently) vs
|
|
35
|
+
breaking (needs coordinated deploy), and any data-migration concern.
|
|
36
|
+
|
|
37
|
+
**API Contract** — new endpoint, modified contract (breaking vs non-breaking),
|
|
38
|
+
or deprecation.
|
|
39
|
+
|
|
40
|
+
**Testing Strategy** — specific, not "add unit tests." e.g. "Unit-test the new
|
|
41
|
+
validation; integration-test the full feature flow against the test env."
|
|
42
|
+
|
|
43
|
+
**Risk** — Low = straightforward, well-understood. Medium = some complexity or
|
|
44
|
+
uncertainty. High = significant regression/data/cross-system risk. Always
|
|
45
|
+
explain the rating.
|
|
46
|
+
|
|
47
|
+
**Cross-Repo Considerations** — deployment order, shared models/contracts to
|
|
48
|
+
align, feature flags for independent deploys.
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: workflow-status
|
|
3
|
+
version: "3.0.0"
|
|
4
|
+
author: "Mostafa Ashraf"
|
|
5
|
+
description: >
|
|
6
|
+
Read-only dashboard of ai-sdlc-harness runs in this workspace. USER-ENTRY —
|
|
7
|
+
invoke only when the user explicitly runs /workflow-status; never
|
|
8
|
+
---
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
# workflow-status (read-only)
|
|
12
|
+
|
|
13
|
+
1. `bin/harness status` — every run: cursor, mode, work item, task statuses,
|
|
14
|
+
decided gates, flagged-event count. An `aborted` field marks a run ended
|
|
15
|
+
by the abort verb (terminal); an `error` field marks a run whose state
|
|
16
|
+
failed integrity verification (its `remediation` names the reseal
|
|
17
|
+
command) — the rest of the dashboard still renders.
|
|
18
|
+
2. Render it as a compact table for the user; for a run they ask about,
|
|
19
|
+
drill in with `bin/harness show --run <run>` plus the ledgers
|
|
20
|
+
(`events.ndjson` — the "what happened" trail; `tokens.ndjson` — spend)
|
|
21
|
+
and compose the per-task timeline: status + review rounds + stalls +
|
|
22
|
+
flagged events + gate evidence.
|
|
23
|
+
3. Offer `bin/harness metrics --run <run>` — regenerates
|
|
24
|
+
`reports/metrics.md`, the human-readable table view of the same ledgers
|
|
25
|
+
(timings, tasks, verdicts, aggregated tokens, flagged events). Works at
|
|
26
|
+
any live step, not just the terminal metrics step; it's a deterministic
|
|
27
|
+
projection, so regenerating is always safe.
|
|
28
|
+
4. Otherwise STRICTLY read-only: no state changes, no cursor moves, no
|
|
29
|
+
ledger writes — the report above is the one derived, regenerable output;
|
|
30
|
+
everything else only reads what the authority already records.
|
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: workspace-config
|
|
3
|
+
version: "3.0.0"
|
|
4
|
+
author: "Mostafa Ashraf"
|
|
5
|
+
description: >
|
|
6
|
+
Change one config section (overrides / provider / language / repos) on an
|
|
7
|
+
already-bootstrapped workspace, without re-running the full /init-workspace
|
|
8
|
+
interview. USER-ENTRY — invoke only when the user explicitly runs
|
|
9
|
+
/workspace-config; never autonomously, never from a subagent
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
|
|
13
|
+
# workspace-config
|
|
14
|
+
|
|
15
|
+
Every command below is `bin/harness <verb> …` — run it
|
|
16
|
+
yourself via Bash. Never ask the user to type a `harness` command; the user
|
|
17
|
+
only answers the questions below.
|
|
18
|
+
|
|
19
|
+
Not this skill's job: **registering a brand-new repo** (that's `/add-repo` —
|
|
20
|
+
discovery, duplicate-name/path refusal, permission-allowlist refresh; this
|
|
21
|
+
skill only *changes* an already-registered repo's path/name/`test_cmd`), and
|
|
22
|
+
**first-time setup** (`/init-workspace`'s interview).
|
|
23
|
+
|
|
24
|
+
## 0 · Confirm the workspace is actually bootstrapped
|
|
25
|
+
|
|
26
|
+
Read `.claude/context/overrides.yaml`. Missing, or no `bootstrap_completed`
|
|
27
|
+
key: `/init-workspace` never finished — stop and send the user there.
|
|
28
|
+
Proceeding anyway reports "the change is live," and the user only learns
|
|
29
|
+
otherwise later, at a confusing `bootstrap incomplete` refusal the next
|
|
30
|
+
time `/dev-workflow` runs.
|
|
31
|
+
|
|
32
|
+
## 1 · Ask which section, and what's changing
|
|
33
|
+
|
|
34
|
+
- `overrides` — any top-level key in `config/defaults/*.yaml` other than
|
|
35
|
+
`provider`/`repos`/`language` (`status_mapping`, `subagent_models`,
|
|
36
|
+
`quick_mode`, `naming` + `change_types`, `review_rounds`, `stall`,
|
|
37
|
+
`repo_map` staleness N, `review_policy`, `security.scan_cmd`/
|
|
38
|
+
`severity_order`, …). Most single-setting changes land here.
|
|
39
|
+
- `provider` — work-item/git provider + specifics (`stories_dir`,
|
|
40
|
+
`github_repo`, `ado_org`, `ado_project`, …).
|
|
41
|
+
- `language` — per-repo `test_cmd`, under `language.repos.<name>` (not the
|
|
42
|
+
whole-workspace `test_paths`/`test_closure`).
|
|
43
|
+
- `repos` — repointing or renaming an *existing* entry's path.
|
|
44
|
+
|
|
45
|
+
## 2 · Read the current section before writing it
|
|
46
|
+
|
|
47
|
+
`overrides` deep-merges — a call only needs the keys actually changing:
|
|
48
|
+
`init-section --section overrides --json '{"quick_mode": {"loc_max": 50}}'`.
|
|
49
|
+
Exception: a **list**-valued key (`review_policy` is the only shipped one)
|
|
50
|
+
still replaces wholesale — dicts recurse, list items don't — so resend the
|
|
51
|
+
whole list, including entries you're not changing, or one silently vanishes.
|
|
52
|
+
|
|
53
|
+
`provider`/`language`/`repos` are full-**replace**: the write IS the whole
|
|
54
|
+
file. Read `.claude/context/<section>.yaml` first (Read tool, never a Bash
|
|
55
|
+
one-liner), splice in the change, resend the **complete** set — a partial
|
|
56
|
+
payload, or a forgotten self-nesting (`{"repos": {...}}` — `overrides` is
|
|
57
|
+
the one flat, non-nested exception), silently drops every entry you didn't
|
|
58
|
+
restate. For `repos`/`language` this is NOT caught by `init-verify` if it
|
|
59
|
+
zeroes the whole map (step 4 covers what verify does check).
|
|
60
|
+
|
|
61
|
+
**Known gap**: `overrides` only adds/updates keys, never unsets — removing
|
|
62
|
+
one needs a direct edit to `overrides.yaml`; say so rather than improvising.
|
|
63
|
+
|
|
64
|
+
## 3 · Confirm a `test_cmd` change by running it, and mind two risks
|
|
65
|
+
|
|
66
|
+
Confirm any `test_cmd` change by actually running it in that repo — same
|
|
67
|
+
rule `/add-repo`/`/init-workspace` follow, never accept it unconfirmed.
|
|
68
|
+
|
|
69
|
+
**Known risks**: (1) `init-section --section repos` has none of `/add-repo`'s
|
|
70
|
+
collision checks — a duplicate name (case-insensitive: collides on-disk on
|
|
71
|
+
a case-insensitive filesystem) or a path under two names (misattributes
|
|
72
|
+
`test_cmd`/`scan_cmd`) writes cleanly; check the full map yourself before
|
|
73
|
+
sending it. Renaming also orphans `language.repos.<old-name>`,
|
|
74
|
+
`security.scan_cmd.<old-name>`, and `.claude/context/repo-map/<old-name>/`
|
|
75
|
+
— carry them to the new name or tell the user to. (2) Avoid repointing a
|
|
76
|
+
path or changing a `test_cmd` while a `/dev-workflow` run has in-flight
|
|
77
|
+
tasks against that repo — resolution is by exact registered path, so a
|
|
78
|
+
run mid-flight can start failing with a confusing "no test command" error.
|
|
79
|
+
|
|
80
|
+
## 4 · Re-verify if the section could affect verify or permissions
|
|
81
|
+
|
|
82
|
+
`init-verify` covers `provider`, `repos` (≥1 registered, each a real git
|
|
83
|
+
checkout), and `language` (`test_cmd` runnability) — **not** `overrides`.
|
|
84
|
+
|
|
85
|
+
- `provider` only: re-run `init-verify`, fix any failure.
|
|
86
|
+
- `repos` (a path) or `language` (a `test_cmd` binary): re-run `init-verify`,
|
|
87
|
+
**then** `init-finalize` too — that's what refreshes the permission
|
|
88
|
+
allowlist (`Read` on the repo path, `Bash` on the `test_cmd` binary) to
|
|
89
|
+
the new value; skip it and the OLD path/binary stays allow-listed while
|
|
90
|
+
the new one doesn't, so a background/`mode:auto` run hits an unprompted
|
|
91
|
+
permission stall the first time it touches the changed repo.
|
|
92
|
+
- `overrides` only: no re-verify/re-finalize needed.
|
|
93
|
+
|
|
94
|
+
## 5 · Tell the user what changed
|
|
95
|
+
|
|
96
|
+
State the section, the exact keys written, and (if re-verified/re-finalized)
|
|
97
|
+
the result.
|