@simplium/hive 4.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +225 -0
- package/LICENSE +190 -0
- package/README.md +148 -0
- package/bin/hive-init.mjs +82 -0
- package/dist/claude/agents/ai-ml-engineer.md +3252 -0
- package/dist/claude/agents/api-designer.md +2425 -0
- package/dist/claude/agents/architecture-planner.md +3275 -0
- package/dist/claude/agents/backend-developer.md +1498 -0
- package/dist/claude/agents/billing-payments.md +2057 -0
- package/dist/claude/agents/competitive-intelligence.md +2695 -0
- package/dist/claude/agents/cost-optimization.md +1340 -0
- package/dist/claude/agents/customer-success.md +3382 -0
- package/dist/claude/agents/data-analyst.md +1764 -0
- package/dist/claude/agents/database-engineer.md +1758 -0
- package/dist/claude/agents/frontend-developer.md +3427 -0
- package/dist/claude/agents/incident-response.md +1777 -0
- package/dist/claude/agents/legal-compliance.md +2974 -0
- package/dist/claude/agents/orchestrator.md +1839 -0
- package/dist/claude/agents/product-manager.md +1247 -0
- package/dist/claude/agents/security-auditor.md +333 -0
- package/dist/claude/agents/test-engineer.md +1607 -0
- package/dist/claude/agents/ux-research.md +2563 -0
- package/dist/claude/hooks/hive-log.mjs +108 -0
- package/dist/claude/skills/accessibility.md +2973 -0
- package/dist/claude/skills/analytics-implementation.md +2810 -0
- package/dist/claude/skills/brand-design-system.md +1791 -0
- package/dist/claude/skills/cloud-infrastructure.md +1743 -0
- package/dist/claude/skills/devops-engineer.md +956 -0
- package/dist/claude/skills/documentation-writer.md +3243 -0
- package/dist/claude/skills/email-deliverability.md +2875 -0
- package/dist/claude/skills/growth-analytics.md +3187 -0
- package/dist/claude/skills/landing-page-cro.md +1844 -0
- package/dist/claude/skills/marketing-communications.md +2552 -0
- package/dist/claude/skills/mobile-development.md +1947 -0
- package/dist/claude/skills/observability.md +1550 -0
- package/dist/claude/skills/release-manager.md +1467 -0
- package/dist/claude/skills/search.md +1961 -0
- package/dist/claude/skills/seo-aeo-geo.md +878 -0
- package/dist/claude/skills/translator-i18n.md +1630 -0
- package/dist/claude/skills/voice-ai.md +554 -0
- package/dist/claude/skills/web-performance.md +1088 -0
- package/hooks/hive-log.mjs +108 -0
- package/package.json +77 -0
package/CHANGELOG.md
ADDED
|
@@ -0,0 +1,225 @@
|
|
|
1
|
+
# Changelog
|
|
2
|
+
|
|
3
|
+
All notable changes to this project will be documented in this file.
|
|
4
|
+
|
|
5
|
+
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
|
|
6
|
+
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
|
+
|
|
8
|
+
---
|
|
9
|
+
|
|
10
|
+
## [Unreleased]
|
|
11
|
+
|
|
12
|
+
Remaining work: npm publish (`@simplium/hive` — org verification + `npm publish`, package is pack-tested); OpenCode adapter (Q4 access pending); GDPR/DPA with Anthropic (R7, external action); Phase 3 public docs.
|
|
13
|
+
|
|
14
|
+
---
|
|
15
|
+
|
|
16
|
+
## [4.0.0] - 2026-07-02
|
|
17
|
+
|
|
18
|
+
HIVE becomes a **pure agent governance layer**: the Layer 2 runtime is gone, traceability is automatic, the capability pack is distributable via npm, and definitions are empirically evaluable. All claims verified by command.
|
|
19
|
+
|
|
20
|
+
### BREAKING — Removed
|
|
21
|
+
- **Layer 2 NestJS runtime removed** (`apps/hive-runtime`, `packages/hive-core`, Turborepo). Preserved intact in the [`legacy/layer2-runtime`](https://github.com/marcablanca/hive-framework/tree/legacy/layer2-runtime) branch. The `hive` CLI (`run`/`stats`/`learn`) no longer exists; per ADR-000 the host runtime executes agents
|
|
22
|
+
- With it goes its entire dependency surface: **`npm audit` now reports 0 vulnerabilities** (was 8 moderate, all in the NestJS/express chain)
|
|
23
|
+
|
|
24
|
+
### Added
|
|
25
|
+
- **Automatic traceability hook** (`hooks/hive-log.mjs`) — zero-dep PostToolUse hook: every HIVE agent invoked via the Task tool is logged to `HIVE-LOG.md` (ISO 42001 A.9) and `.claude/hive-events.jsonl` (machine-readable stream for external observability, e.g. Argos). Replaces the honor-system self-logging footer; never blocks tool flow; ignores non-HIVE subagents. Installed by `init-project` in consumers and dogfooded in this repo
|
|
26
|
+
- **npm package** — `@simplium/hive` with `npx hive-init <dir>` zero-dep installer; `prepack` renders the consumer payload into `dist/claude` (aborts unless 18+18). Pack-tested end to end (tarball → install → bin). `private: true` kept as publish guard until the npm org is verified
|
|
27
|
+
- **Layer 1 evals** (`npm run eval`) — 5 golden tasks against the live API using the real adapter body + assigned model per agent; structural checks, cost from API usage fields, `HIVE_EVAL_BUDGET_USD` cap, stale model IDs surface as findings; honest SKIP without `ANTHROPIC_API_KEY`
|
|
28
|
+
- **`scripts/lib/adapter-render.ts`** — single source of truth for permission translation and adapter rendering (was duplicated across both generators)
|
|
29
|
+
- **Typecheck gate** (`npm run typecheck`) in CI, replacing the removed build step
|
|
30
|
+
- 7 new tests (6 hook + 1 eval skip-path); suite total 15, now 100% aimed at the live surface
|
|
31
|
+
|
|
32
|
+
### Changed
|
|
33
|
+
- README rewritten around the **agent governance layer / capability pack** positioning (explicitly not an AgentOS)
|
|
34
|
+
- `@hive/core` types/schemas inlined into `scripts/lib/` (runtime-only types dropped)
|
|
35
|
+
- CI actions bumped to v5 (Node 24 runners); repo is flat — no workspaces, no turbo
|
|
36
|
+
- `.env.example` reduced to eval configuration
|
|
37
|
+
- `audit_prompt.md` moved to `docs/auditorias/`
|
|
38
|
+
|
|
39
|
+
---
|
|
40
|
+
|
|
41
|
+
## [3.2.0] - 2026-07-02
|
|
42
|
+
|
|
43
|
+
Post-audit remediation (forensic audit 2026-07-02 verified the declared state as reliable; this release closes the P2/P3/P4 findings). All claims verified by command.
|
|
44
|
+
|
|
45
|
+
### Added
|
|
46
|
+
- **Root test suite for Layer 1 generator/ops scripts** (`scripts/scripts.spec.ts`, 8 tests): validate, reindex determinism, adapter contract (18+18 files, `human_approval` ⇒ `disallowedTools: Bash`, version stamp), init-project install + dry-run, log-session append/reject, cost-report. Closes the coverage gap where all 161 tests lived in the ADR-000-superseded runtime layer. Total suite: 169
|
|
47
|
+
- **`log-session --file <path>`** — target log override (testability; default unchanged)
|
|
48
|
+
- **CI gate: generated files in sync** — `reindex` + `adapters` + `git diff --exit-code` fails the build if `AGENT_INDEX.yaml` or `.claude/` adapters drift from sources
|
|
49
|
+
|
|
50
|
+
### Changed
|
|
51
|
+
- **Package manager: pnpm → npm** per the ecosystem mandate (npm in all environments): npm workspaces replace `pnpm-workspace.yaml`, `package-lock.json` tracked (3.0.3 lockfile lesson applied), CI runs `npm ci` and npm-form gates, live docs / agent sources / Golden Path B / generated adapters use npm command forms (`npm run X -- <args>`). Historical audit records under `audit/` kept verbatim
|
|
52
|
+
- **`reindex` is deterministic** — keeps the existing `AGENT_INDEX.yaml` untouched when only generation dates would change (no more date churn)
|
|
53
|
+
- **Quickstart restructured** — Layer 1 `init-project` is the primary path; the Layer 2 runtime is explicitly marked as reference (ADR-000) and its live-API/DB end-to-end flow declared out of release verification
|
|
54
|
+
- `--max-warnings 0` enforced inside each workspace `lint` script (was a fragile CI passthrough arg)
|
|
55
|
+
- `hive.config.ts` monorepo root detection now keys on `turbo.json` (was `pnpm-workspace.yaml`, removed in this release)
|
|
56
|
+
|
|
57
|
+
### Fixed
|
|
58
|
+
- README version badge said 3.0.3 while package.json was 3.1.0
|
|
59
|
+
- Last live v2 model reference (`GEMINI` in documentation-writer footer) removed; agent history table kept as record
|
|
60
|
+
- RISK-REGISTER R6 stamp wording made version-agnostic (was frozen at v3.0.3)
|
|
61
|
+
|
|
62
|
+
---
|
|
63
|
+
|
|
64
|
+
## [3.1.0] - 2026-06-22
|
|
65
|
+
|
|
66
|
+
Post-audit implementation. All claims in this entry are verified; no aspirational items. Tests: 161/161.
|
|
67
|
+
|
|
68
|
+
### Added
|
|
69
|
+
- **Claude Code Layer 1 discovery** — `.claude/agents/` (18 agents) and `.claude/skills/` (18 skills) generated from HIVE source definitions; agents carry native `disallowedTools` translated from the HIVE abstract permission model
|
|
70
|
+
- **`pnpm adapters`** (`scripts/generate-adapters.ts`) — regenerates Claude Code adapters for this repo; idempotent; includes HIVE version stamp per file
|
|
71
|
+
- **`pnpm init-project <dir>`** (`scripts/init-project.ts`) — installs Layer 1 adapters in any consumer project without forking; run again after `git pull` to update
|
|
72
|
+
- **`pnpm log-session`** (`scripts/log-session.ts`) — appends an agent invocation row to `HIVE-LOG.md`; covers ISO 42001 A.9 traceability for Layer 1 usage
|
|
73
|
+
- **`pnpm cost-report`** (`scripts/cost-report.ts`) — reads `HIVE-LOG.md`, infers model from adapters, calculates estimated cost (75%/25% in/out ratio) per agent; alerts when average session cost exceeds `max_cost_per_task`
|
|
74
|
+
- **`HIVE-LOG.md`** — append-only session log tracked in git; `git log` of the file is the audit trail
|
|
75
|
+
- **ESLint flat config** (`eslint.config.mjs`) — `typescript-eslint` + `eslint-config-prettier`; 0 errors, 0 warnings; `pnpm lint` now executes (was phantom since 3.0.0)
|
|
76
|
+
- **CI: lint gate** — `pnpm lint -- --max-warnings 0` added before build
|
|
77
|
+
- **CI: security audit gate** — `pnpm audit --audit-level=high` (0 current high vulns; gate catches regressions)
|
|
78
|
+
- **Prompt injection guard** — `[Security — Prompt Injection Guard]` block inserted into all 36 agent/skill definitions (LLM01/OWASP)
|
|
79
|
+
|
|
80
|
+
### Fixed
|
|
81
|
+
- **Pricing** (`hive.config.ts`): opus input 15→5, output 75→25; haiku input 0.25→1, output 1.25→5 — all prior cost trail in USD was wrong
|
|
82
|
+
- **JIT savings** (README): "~85%" corrected to "over 90% (measured: 93–98%, see `scripts/measure-jit.ts`)"
|
|
83
|
+
- **Test count** (README, docs): 153→161 (was wrong since 3.0.0)
|
|
84
|
+
- **Human approval enforcement**: `human_approval: true` now maps to `disallowedTools: [Bash]` in Claude Code adapters; 7 blocking agents cannot execute shell commands without the host session surfacing them for approval — replaces the phantom gate that was never implemented in the harness
|
|
85
|
+
- Removed `REDIS_URL` from `.env.example` (Redis never used in runtime)
|
|
86
|
+
- Removed unused `fileURLToPath` import (`hive.config.ts`) and `loadAgent` import (`agent-loader.service.ts`)
|
|
87
|
+
- Gemini v2 fields (`fallback_to_gemini_when`, `gemini-3-pro` entries) removed from 7 definition bodies — HIVE v3 is Anthropic-only
|
|
88
|
+
- `claude-3-5-sonnet-20241022` → `claude-sonnet-4-6` in ai-ml-engineer code examples
|
|
89
|
+
- Antigravity runtime commands labeled `[Runtime: Antigravity — v2 legacy]` in web-performance, seo-aeo-geo, documentation-writer skills
|
|
90
|
+
|
|
91
|
+
### Changed
|
|
92
|
+
- **vitest** 2.1.0 → 3.2.6 (eliminates critical vulnerability; 161/161 tests pass on v3)
|
|
93
|
+
- **@nestjs/config** 3.x → 4.x (drops lodash dependency, eliminates high vulnerability)
|
|
94
|
+
- **pnpm overrides**: `multer ≥2.1.1`, `form-data ≥4.0.6`, `vite ≥6.4.2` — force patched versions of transitive deps not directly upgradable
|
|
95
|
+
- **ADR-000** status: direction decided (A2) and implemented for Claude Code; OpenCode pending
|
|
96
|
+
- **IMPLEMENTATION-PLAN**: D1.2 BullMQ/Redis, D1.6 WebSocket, D3.1-D3.4 MCP marked with honest status (not shipped / partial)
|
|
97
|
+
- **`[Unreleased]`**: Phase 2 scope superseded by ADR-000 A2 decision
|
|
98
|
+
|
|
99
|
+
### Security
|
|
100
|
+
- Vulnerabilities: 17 (1 critical dev-only, 4 high) → 10 (0 critical, 0 high) via dep updates and pnpm overrides
|
|
101
|
+
- Prompt injection: 0/36 → 36/36 definitions with explicit injection guard
|
|
102
|
+
|
|
103
|
+
---
|
|
104
|
+
|
|
105
|
+
## [3.0.3] - 2026-04-21
|
|
106
|
+
|
|
107
|
+
### Fixed
|
|
108
|
+
- CI was failing because `pnpm-lock.yaml` was excluded by `.gitignore`; lockfile now tracked so `pnpm install --frozen-lockfile` resolves on the runner
|
|
109
|
+
- Prisma client was never generated during build, breaking typecheck for `PrismaService`; `build` script now runs `prisma generate && tsc`, and a `postinstall` hook keeps local dev in sync
|
|
110
|
+
- `learn.command.ts` typed `entries` parameters with `ReturnType<ErrorCaptureService["parseJournal"]>`, but `parseJournal` is async; wrapped with `Awaited<...>` to unwrap the Promise
|
|
111
|
+
|
|
112
|
+
### Added
|
|
113
|
+
- `db:migrate` and `db:generate` scripts in `@hive/runtime` for local Prisma workflows
|
|
114
|
+
|
|
115
|
+
---
|
|
116
|
+
|
|
117
|
+
## [3.0.2] - 2026-04-20
|
|
118
|
+
|
|
119
|
+
### Added
|
|
120
|
+
- `README.md` rewritten in English: reflects the v3 runtime, CLI, validation pipeline, MCP bridge; removes stale v2.x content
|
|
121
|
+
- `CHANGELOG.md` (this file) following Keep a Changelog + SemVer
|
|
122
|
+
- `package.json` metadata: `description`, `license`, `author`, `repository`, `homepage`, `bugs`, `keywords`, `engines`
|
|
123
|
+
|
|
124
|
+
---
|
|
125
|
+
|
|
126
|
+
## [3.0.1] - 2026-04-05
|
|
127
|
+
|
|
128
|
+
### Fixed
|
|
129
|
+
- Corrected Anthropic model IDs used by the executor
|
|
130
|
+
- Made ErrorCapture I/O async to avoid blocking the event loop
|
|
131
|
+
- Downgraded missing-MCP warning to nominal severity when a server is optional
|
|
132
|
+
|
|
133
|
+
---
|
|
134
|
+
|
|
135
|
+
## [3.0.0] - 2026-04-05
|
|
136
|
+
|
|
137
|
+
Phase 0 + Phase 1 complete. Full rewrite introducing the NestJS runtime, Turborepo monorepo, and the v3 agent/skill format.
|
|
138
|
+
|
|
139
|
+
### Added
|
|
140
|
+
- **v3 agent/skill format** — YAML frontmatter + Markdown body; all 36 entries live in per-directory `AGENT.md` / `SKILL.md` files
|
|
141
|
+
- **36 agents/skills migrated** — all entries from v2.x converted to v3 format with required frontmatter fields (`type`, `tier`, `known_failure_modes`, `stacks`, `mcp_required`)
|
|
142
|
+
- **Turborepo monorepo** — `hive-framework` root with `apps/hive-runtime` and `packages/hive-core` workspaces; managed with pnpm
|
|
143
|
+
- **`hive-core` package** — shared types, validation schemas, and utilities
|
|
144
|
+
- **`hive-runtime` NestJS application** — bootstraps as both HTTP gateway and CLI context; no global HTTP server needed for CLI use
|
|
145
|
+
- **Agent loader** — reads `AGENT_INDEX.yaml` at runtime for JIT agent resolution
|
|
146
|
+
- **Agent selector** — keyword + tier + stack matching to pick the best agent for a task
|
|
147
|
+
- **Executor** — calls Claude API with the resolved agent prompt and task description
|
|
148
|
+
- **Prisma + PostgreSQL persistence** — task records, token usage, cost, and event log stored via Prisma ORM
|
|
149
|
+
- **Task queue + TaskRouter** — priority-aware routing with dependency resolution
|
|
150
|
+
- **MCP bridge with fallback** — health-check nominal; no active MCP connections in this release *(corrected 3.1.0)*
|
|
151
|
+
- **Validation pipeline** — four stages: structural validation → evidence checking → confidence scoring → escalation routing
|
|
152
|
+
- **Confidence scoring** — per-output score; low-confidence results escalate or request human approval
|
|
153
|
+
- **Human approval gate** — `human_approval` field validated by schema; runtime enforcement was not implemented in this release *(corrected 3.1.0: enforcement added via `disallowedTools` in Claude Code adapters)*
|
|
154
|
+
- **Event system** — typed event bus for task lifecycle events
|
|
155
|
+
- **Cost tracking** — per-task token count and estimated cost persisted and queryable; pricing had errors corrected in 3.1.0
|
|
156
|
+
- **Structured logging** — Pino installed; used in one code path in this release *(corrected 3.1.0)*
|
|
157
|
+
- **CLI (`hive run` / `hive stats` / `hive learn`)** — thin CLI wrapper over the NestJS app context
|
|
158
|
+
- **Gateway API** — REST endpoints (3 endpoints); WebSocket not implemented in this release *(corrected 3.1.0)*
|
|
159
|
+
- **Evals + golden tests** — regression suite covering golden-path scenarios for both stacks
|
|
160
|
+
- **CI workflow** — GitHub Actions pipeline running build and test; lint gate was not functional in this release *(corrected 3.1.0)*
|
|
161
|
+
- **Error capture hook** — structured error recording with full task context
|
|
162
|
+
- **`hive learn` command** — processes recent outcomes to update confidence baselines
|
|
163
|
+
- **161 tests** — unit and integration tests (Vitest) *(was documented as 153; actual count verified 3.1.0)*
|
|
164
|
+
- **Apache 2.0 license**
|
|
165
|
+
|
|
166
|
+
### Changed
|
|
167
|
+
- `AGENT_INDEX.yaml` is now auto-generated by `pnpm reindex` from frontmatter; do not edit manually
|
|
168
|
+
- Replaced flat agent directory with tiered structure (`00-orchestrator` through `07-support`)
|
|
169
|
+
- Modularized large agents exceeding the 25K token limit; extracted reference material to per-agent `references/` directories (45 module files relocated)
|
|
170
|
+
|
|
171
|
+
---
|
|
172
|
+
|
|
173
|
+
## [2.3.0] - 2026-01-XX
|
|
174
|
+
|
|
175
|
+
### Added
|
|
176
|
+
- Golden Paths for Stack A (Laravel) and Stack B (Next.js) with clear directory architecture
|
|
177
|
+
- MCP documentation: global vs project-level MCP configuration
|
|
178
|
+
- Improved `CLAUDE.md` templates with explicit stack declarations
|
|
179
|
+
|
|
180
|
+
### Changed
|
|
181
|
+
- Security rules updated to define production boundaries more precisely
|
|
182
|
+
- MCPs categorized and documented in `docs/protocols/mcp-registry.md`
|
|
183
|
+
|
|
184
|
+
---
|
|
185
|
+
|
|
186
|
+
## [2.2.0] - 2026-01-XX
|
|
187
|
+
|
|
188
|
+
### Added
|
|
189
|
+
- PRP (Product Requirements Prompt) system integrated into the Orchestrator
|
|
190
|
+
- `PRPValidator` — validates PRP completeness before task decomposition
|
|
191
|
+
- `PRPToTasksConverter` — converts a PRP into routable sub-tasks
|
|
192
|
+
- Full PRP template with annotated example
|
|
193
|
+
|
|
194
|
+
---
|
|
195
|
+
|
|
196
|
+
## [2.1.0] - 2026-01-XX
|
|
197
|
+
|
|
198
|
+
### Added
|
|
199
|
+
- **JIT Mapping** — `AGENT_INDEX.yaml` for agent discovery; only the selected agent's definition is loaded per task (~85% token context reduction)
|
|
200
|
+
- `pnpm reindex` script to regenerate the index from agent frontmatter
|
|
201
|
+
|
|
202
|
+
---
|
|
203
|
+
|
|
204
|
+
## [2.0.0] - 2026-01-XX
|
|
205
|
+
|
|
206
|
+
### Added
|
|
207
|
+
- 36th agent: `brand-design-system`
|
|
208
|
+
- Multi-model assignment per agent: Opus for blocking tiers, Sonnet for critical, Gemini for content/support
|
|
209
|
+
- Tier system with three levels: Blocking / Critical / Support
|
|
210
|
+
- `human_approval: true` flag on 7 critical agents
|
|
211
|
+
- `upgrade_to_opus_when` field for Sonnet agents that may need escalation
|
|
212
|
+
- `known_failure_modes` field required for Tier 0 and Tier 1 agents
|
|
213
|
+
|
|
214
|
+
### Changed
|
|
215
|
+
- All agent definitions updated with tier, model, and escalation metadata
|
|
216
|
+
|
|
217
|
+
---
|
|
218
|
+
|
|
219
|
+
## [1.0.0] - 2026-01-XX
|
|
220
|
+
|
|
221
|
+
### Added
|
|
222
|
+
- Initial release: 35 specialized agents covering orchestration, development, quality, infrastructure, intelligence, growth, and support
|
|
223
|
+
- Central Orchestrator agent with task routing logic
|
|
224
|
+
- Anti-fabrication system: `[AF-v2]` footer requirement and evidence checks
|
|
225
|
+
- Initial `CLAUDE.md` with framework conventions
|
package/LICENSE
ADDED
|
@@ -0,0 +1,190 @@
|
|
|
1
|
+
Apache License
|
|
2
|
+
Version 2.0, January 2004
|
|
3
|
+
http://www.apache.org/licenses/
|
|
4
|
+
|
|
5
|
+
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
6
|
+
|
|
7
|
+
1. Definitions.
|
|
8
|
+
|
|
9
|
+
"License" shall mean the terms and conditions for use, reproduction,
|
|
10
|
+
and distribution as defined by Sections 1 through 9 of this document.
|
|
11
|
+
|
|
12
|
+
"Licensor" shall mean the copyright owner or entity authorized by
|
|
13
|
+
the copyright owner that is granting the License.
|
|
14
|
+
|
|
15
|
+
"Legal Entity" shall mean the union of the acting entity and all
|
|
16
|
+
other entities that control, are controlled by, or are under common
|
|
17
|
+
control with that entity. For the purposes of this definition,
|
|
18
|
+
"control" means (i) the power, direct or indirect, to cause the
|
|
19
|
+
direction or management of such entity, whether by contract or
|
|
20
|
+
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
|
21
|
+
outstanding shares, or (iii) beneficial ownership of such entity.
|
|
22
|
+
|
|
23
|
+
"You" (or "Your") shall mean an individual or Legal Entity
|
|
24
|
+
exercising permissions granted by this License.
|
|
25
|
+
|
|
26
|
+
"Source" form shall mean the preferred form for making modifications,
|
|
27
|
+
including but not limited to software source code, documentation
|
|
28
|
+
source, and configuration files.
|
|
29
|
+
|
|
30
|
+
"Object" form shall mean any form resulting from mechanical
|
|
31
|
+
transformation or translation of a Source form, including but
|
|
32
|
+
not limited to compiled object code, generated documentation,
|
|
33
|
+
and conversions to other media types.
|
|
34
|
+
|
|
35
|
+
"Work" shall mean the work of authorship, whether in Source or
|
|
36
|
+
Object form, made available under the License, as indicated by a
|
|
37
|
+
copyright notice that is included in or attached to the work
|
|
38
|
+
(an example is provided in the Appendix below).
|
|
39
|
+
|
|
40
|
+
"Derivative Works" shall mean any work, whether in Source or Object
|
|
41
|
+
form, that is based on (or derived from) the Work and for which the
|
|
42
|
+
editorial revisions, annotations, elaborations, or other modifications
|
|
43
|
+
represent, as a whole, an original work of authorship. For the purposes
|
|
44
|
+
of this License, Derivative Works shall not include works that remain
|
|
45
|
+
separable from, or merely link (or bind by name) to the interfaces of,
|
|
46
|
+
the Work and Derivative Works thereof.
|
|
47
|
+
|
|
48
|
+
"Contribution" shall mean any work of authorship, including
|
|
49
|
+
the original version of the Work and any modifications or additions
|
|
50
|
+
to that Work or Derivative Works thereof, that is intentionally
|
|
51
|
+
submitted to the Licensor for inclusion in the Work by the copyright owner
|
|
52
|
+
or by an individual or Legal Entity authorized to submit on behalf of
|
|
53
|
+
the copyright owner. For the purposes of this definition, "submitted"
|
|
54
|
+
means any form of electronic, verbal, or written communication sent
|
|
55
|
+
to the Licensor or its representatives, including but not limited to
|
|
56
|
+
communication on electronic mailing lists, source code control systems,
|
|
57
|
+
and issue tracking systems that are managed by, or on behalf of, the
|
|
58
|
+
Licensor for the purpose of discussing and improving the Work, but
|
|
59
|
+
excluding communication that is conspicuously marked or otherwise
|
|
60
|
+
designated in writing by the copyright owner as "Not a Contribution."
|
|
61
|
+
|
|
62
|
+
"Contributor" shall mean Licensor and any individual or Legal Entity
|
|
63
|
+
on behalf of whom a Contribution has been received by the Licensor and
|
|
64
|
+
subsequently incorporated within the Work.
|
|
65
|
+
|
|
66
|
+
2. Grant of Copyright License. Subject to the terms and conditions of
|
|
67
|
+
this License, each Contributor hereby grants to You a perpetual,
|
|
68
|
+
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
69
|
+
copyright license to reproduce, prepare Derivative Works of,
|
|
70
|
+
publicly display, publicly perform, sublicense, and distribute the
|
|
71
|
+
Work and such Derivative Works in Source or Object form.
|
|
72
|
+
|
|
73
|
+
3. Grant of Patent License. Subject to the terms and conditions of
|
|
74
|
+
this License, each Contributor hereby grants to You a perpetual,
|
|
75
|
+
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
76
|
+
(except as stated in this section) patent license to make, have made,
|
|
77
|
+
use, offer to sell, sell, import, and otherwise transfer the Work,
|
|
78
|
+
where such license applies only to those patent claims licensable
|
|
79
|
+
by such Contributor that are necessarily infringed by their
|
|
80
|
+
Contribution(s) alone or by combination of their Contribution(s)
|
|
81
|
+
with the Work to which such Contribution(s) was submitted. If You
|
|
82
|
+
institute patent litigation against any entity (including a
|
|
83
|
+
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
|
84
|
+
or a Contribution incorporated within the Work constitutes direct
|
|
85
|
+
or contributory patent infringement, then any patent licenses
|
|
86
|
+
granted to You under this License for that Work shall terminate
|
|
87
|
+
as of the date such litigation is filed.
|
|
88
|
+
|
|
89
|
+
4. Redistribution. You may reproduce and distribute copies of the
|
|
90
|
+
Work or Derivative Works thereof in any medium, with or without
|
|
91
|
+
modifications, and in Source or Object form, provided that You
|
|
92
|
+
meet the following conditions:
|
|
93
|
+
|
|
94
|
+
(a) You must give any other recipients of the Work or
|
|
95
|
+
Derivative Works a copy of this License; and
|
|
96
|
+
|
|
97
|
+
(b) You must cause any modified files to carry prominent notices
|
|
98
|
+
stating that You changed the files; and
|
|
99
|
+
|
|
100
|
+
(c) You must retain, in the Source form of any Derivative Works
|
|
101
|
+
that You distribute, all copyright, patent, trademark, and
|
|
102
|
+
attribution notices from the Source form of the Work,
|
|
103
|
+
excluding those notices that do not pertain to any part of
|
|
104
|
+
the Derivative Works; and
|
|
105
|
+
|
|
106
|
+
(d) If the Work includes a "NOTICE" text file as part of its
|
|
107
|
+
distribution, then any Derivative Works that You distribute must
|
|
108
|
+
include a readable copy of the attribution notices contained
|
|
109
|
+
within such NOTICE file, excluding any notices that do not
|
|
110
|
+
pertain to any part of the Derivative Works, in at least one
|
|
111
|
+
of the following places: within a NOTICE text file distributed
|
|
112
|
+
as part of the Derivative Works; within the Source form or
|
|
113
|
+
documentation, if provided along with the Derivative Works; or,
|
|
114
|
+
within a display generated by the Derivative Works, if and
|
|
115
|
+
wherever such third-party notices normally appear. The contents
|
|
116
|
+
of the NOTICE file are for informational purposes only and
|
|
117
|
+
do not modify the License. You may add Your own attribution
|
|
118
|
+
notices within Derivative Works that You distribute, alongside
|
|
119
|
+
or as an addendum to the NOTICE text from the Work, provided
|
|
120
|
+
that such additional attribution notices cannot be construed
|
|
121
|
+
as modifying the License.
|
|
122
|
+
|
|
123
|
+
You may add Your own copyright statement to Your modifications and
|
|
124
|
+
may provide additional or different license terms and conditions
|
|
125
|
+
for use, reproduction, or distribution of Your modifications, or
|
|
126
|
+
for any such Derivative Works as a whole, provided Your use,
|
|
127
|
+
reproduction, and distribution of the Work otherwise complies with
|
|
128
|
+
the conditions stated in this License.
|
|
129
|
+
|
|
130
|
+
5. Submission of Contributions. Unless You explicitly state otherwise,
|
|
131
|
+
any Contribution intentionally submitted for inclusion in the Work
|
|
132
|
+
by You to the Licensor shall be under the terms and conditions of
|
|
133
|
+
this License, without any additional terms or conditions.
|
|
134
|
+
Notwithstanding the above, nothing herein shall supersede or modify
|
|
135
|
+
the terms of any separate license agreement you may have executed
|
|
136
|
+
with Licensor regarding such Contributions.
|
|
137
|
+
|
|
138
|
+
6. Trademarks. This License does not grant permission to use the trade
|
|
139
|
+
names, trademarks, service marks, or product names of the Licensor,
|
|
140
|
+
except as required for reasonable and customary use in describing the
|
|
141
|
+
origin of the Work and reproducing the content of the NOTICE file.
|
|
142
|
+
|
|
143
|
+
7. Disclaimer of Warranty. Unless required by applicable law or
|
|
144
|
+
agreed to in writing, Licensor provides the Work (and each
|
|
145
|
+
Contributor provides its Contributions) on an "AS IS" BASIS,
|
|
146
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
147
|
+
implied, including, without limitation, any warranties or conditions
|
|
148
|
+
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
|
149
|
+
PARTICULAR PURPOSE. You are solely responsible for determining the
|
|
150
|
+
appropriateness of using or redistributing the Work and assume any
|
|
151
|
+
risks associated with Your exercise of permissions under this License.
|
|
152
|
+
|
|
153
|
+
8. Limitation of Liability. In no event and under no legal theory,
|
|
154
|
+
whether in tort (including negligence), contract, or otherwise,
|
|
155
|
+
unless required by applicable law (such as deliberate and grossly
|
|
156
|
+
negligent acts) or agreed to in writing, shall any Contributor be
|
|
157
|
+
liable to You for damages, including any direct, indirect, special,
|
|
158
|
+
incidental, or consequential damages of any character arising as a
|
|
159
|
+
result of this License or out of the use or inability to use the
|
|
160
|
+
Work (including but not limited to damages for loss of goodwill,
|
|
161
|
+
work stoppage, computer failure or malfunction, or any and all
|
|
162
|
+
other commercial damages or losses), even if such Contributor
|
|
163
|
+
has been advised of the possibility of such damages.
|
|
164
|
+
|
|
165
|
+
9. Accepting Warranty or Additional Liability. While redistributing
|
|
166
|
+
the Work or Derivative Works thereof, You may choose to offer,
|
|
167
|
+
and charge a fee for, acceptance of support, warranty, indemnity,
|
|
168
|
+
or other liability obligations and/or rights consistent with this
|
|
169
|
+
License. However, in accepting such obligations, You may act only
|
|
170
|
+
on Your own behalf and on Your sole responsibility, not on behalf
|
|
171
|
+
of any other Contributor, and only if You agree to indemnify,
|
|
172
|
+
defend, and hold each Contributor harmless for any liability
|
|
173
|
+
incurred by, or claims asserted against, such Contributor by reason
|
|
174
|
+
of your accepting any such warranty or additional liability.
|
|
175
|
+
|
|
176
|
+
END OF TERMS AND CONDITIONS
|
|
177
|
+
|
|
178
|
+
Copyright 2024-2026 Jose de Vivar / Simplium
|
|
179
|
+
|
|
180
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
|
181
|
+
you may not use this file except in compliance with the License.
|
|
182
|
+
You may obtain a copy of the License at
|
|
183
|
+
|
|
184
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
|
185
|
+
|
|
186
|
+
Unless required by applicable law or agreed to in writing, software
|
|
187
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
|
188
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
189
|
+
See the License for the specific language governing permissions and
|
|
190
|
+
limitations under the License.
|
package/README.md
ADDED
|
@@ -0,0 +1,148 @@
|
|
|
1
|
+
# HIVE Framework
|
|
2
|
+
|
|
3
|
+
**Agent governance layer — 36 curated agent & skill definitions with a portable permission model, traceability, and evidence-based discipline. Installs into any Claude Code project.**
|
|
4
|
+
|
|
5
|
+
[](https://github.com/marcablanca/hive-framework/actions/workflows/ci.yml)
|
|
6
|
+
[](LICENSE)
|
|
7
|
+
[](CHANGELOG.md)
|
|
8
|
+
[](package.json)
|
|
9
|
+
[](package.json)
|
|
10
|
+
|
|
11
|
+
---
|
|
12
|
+
|
|
13
|
+
## What is HIVE
|
|
14
|
+
|
|
15
|
+
HIVE is an **agent governance layer**, not an AgentOS: the operating system is provided by the host runtime (Claude Code today; others via adapter generators). HIVE supplies the workforce and the policy — a **capability pack** of 36 definitions (18 agents + 18 skills) covering the full software development lifecycle, each with:
|
|
16
|
+
|
|
17
|
+
- an **abstract permission model** (`file_system` / `network` / `database` / `human_approval`) translated to each runtime's native enforcement (Claude Code: `disallowedTools`)
|
|
18
|
+
- **tiers and `known_failure_modes`** — criticality-aware routing metadata
|
|
19
|
+
- **anti-fabrication discipline** — evidence requirements and prompt-injection guards baked into every definition
|
|
20
|
+
- **traceability** — automatic invocation logging to `HIVE-LOG.md` (ISO 42001 A.9) plus a JSONL event stream for external observability
|
|
21
|
+
|
|
22
|
+
Definitions target two stacks: **Stack A** (PHP 8.3 / Laravel / MySQL / Plesk) and **Stack B** (Next.js 15 / NestJS / Prisma / PostgreSQL).
|
|
23
|
+
|
|
24
|
+
> The former Layer 2 NestJS runtime was retired per [ADR-000](audit/ADR-000-rearchitecture-options.md) and removed in v4. It is preserved in the [`legacy/layer2-runtime`](https://github.com/marcablanca/hive-framework/tree/legacy/layer2-runtime) branch.
|
|
25
|
+
|
|
26
|
+
---
|
|
27
|
+
|
|
28
|
+
## Quickstart
|
|
29
|
+
|
|
30
|
+
```bash
|
|
31
|
+
git clone https://github.com/marcablanca/hive-framework.git
|
|
32
|
+
cd hive-framework
|
|
33
|
+
npm install
|
|
34
|
+
npm run init-project -- /path/to/your-project
|
|
35
|
+
```
|
|
36
|
+
|
|
37
|
+
This installs 18 agents + 18 skills into the target project's `.claude/` (with native permission translation and version stamps) plus the auto-logging hook. Open the project in Claude Code — everything is discovered natively. Re-run after pulling a new HIVE version to update.
|
|
38
|
+
|
|
39
|
+
---
|
|
40
|
+
|
|
41
|
+
## Architecture
|
|
42
|
+
|
|
43
|
+
```
|
|
44
|
+
0*-*/AGENT.md · SKILL.md 36 source definitions (frontmatter + body)
|
|
45
|
+
│
|
|
46
|
+
├── npm run validate schema gate (Zod) — 0 errors required
|
|
47
|
+
├── npm run reindex AGENT_INDEX.yaml (JIT index, deterministic)
|
|
48
|
+
│
|
|
49
|
+
├── npm run adapters .claude/agents + .claude/skills (this repo)
|
|
50
|
+
└── npm run init-project same, into any consumer project
|
|
51
|
+
│
|
|
52
|
+
▼
|
|
53
|
+
Host runtime (Claude Code)
|
|
54
|
+
native discovery · disallowedTools enforcement · hooks
|
|
55
|
+
│
|
|
56
|
+
├── HIVE-LOG.md automatic invocation log (ISO 42001 A.9)
|
|
57
|
+
└── hive-events.jsonl event stream for external observability
|
|
58
|
+
```
|
|
59
|
+
|
|
60
|
+
### Tier System
|
|
61
|
+
|
|
62
|
+
Agents and skills are organized into 8 tiers (00–07), from highest criticality to support roles:
|
|
63
|
+
|
|
64
|
+
| Tier | Name | Description |
|
|
65
|
+
|------|------|-------------|
|
|
66
|
+
| 00 | Orchestrator | Central coordinator; routes and manages all tasks |
|
|
67
|
+
| 01 | Foundation | Architecture, product, legal/compliance, brand |
|
|
68
|
+
| 02 | Core Development | Backend, frontend, API, database |
|
|
69
|
+
| 03 | Quality & Security | Testing, security auditing, performance, accessibility |
|
|
70
|
+
| 04 | Infrastructure | DevOps, cloud, billing, incident response, search |
|
|
71
|
+
| 05 | Intelligence | AI/ML, data analysis, analytics, observability, voice |
|
|
72
|
+
| 06 | Growth | SEO, marketing, CRO, email, mobile |
|
|
73
|
+
| 07 | Support | Docs, releases, i18n, UX research, competitive intel |
|
|
74
|
+
|
|
75
|
+
7 agents in blocking tiers carry `human_approval: true`, translated to `disallowedTools: [Bash]` in Claude Code so shell actions surface through the host approval flow.
|
|
76
|
+
|
|
77
|
+
---
|
|
78
|
+
|
|
79
|
+
## Agents & Skills Catalog
|
|
80
|
+
|
|
81
|
+
36 total = 18 agents + 18 skills. Sourced from `AGENT_INDEX.yaml`.
|
|
82
|
+
|
|
83
|
+
| Tier | Focus | Agents | Skills |
|
|
84
|
+
|------|-------|--------|--------|
|
|
85
|
+
| 00 — Orchestrator | Task routing, coordination | orchestrator | — |
|
|
86
|
+
| 01 — Foundation | Architecture, product, legal | architecture-planner, legal-compliance, product-manager | brand-design-system |
|
|
87
|
+
| 02 — Core Development | Backend, frontend, API, DB | backend-developer, frontend-developer, api-designer, database-engineer | — |
|
|
88
|
+
| 03 — Quality & Security | Tests, security, perf, a11y | test-engineer, security-auditor | web-performance, accessibility |
|
|
89
|
+
| 04 — Infrastructure | DevOps, cloud, billing, search | billing-payments, incident-response | cloud-infrastructure, devops-engineer, search |
|
|
90
|
+
| 05 — Intelligence | AI/ML, data, analytics, voice | ai-ml-engineer, data-analyst | analytics-implementation, observability, voice-ai |
|
|
91
|
+
| 06 — Growth | SEO, marketing, CRO, email, mobile | — | email-deliverability, growth-analytics, landing-page-cro, marketing-communications, mobile-development, seo-aeo-geo |
|
|
92
|
+
| 07 — Support | Docs, releases, i18n, UX, research | competitive-intelligence, cost-optimization, customer-success, ux-research | documentation-writer, release-manager, translator-i18n |
|
|
93
|
+
|
|
94
|
+
Model distribution: 7 opus / 28 sonnet / 1 haiku. JIT index reduces per-task context by 93–98% vs loading all definitions (`npx tsx scripts/measure-jit.ts`).
|
|
95
|
+
|
|
96
|
+
---
|
|
97
|
+
|
|
98
|
+
## Scripts Reference
|
|
99
|
+
|
|
100
|
+
| Command | Description |
|
|
101
|
+
|---------|-------------|
|
|
102
|
+
| `npm run init-project -- <dir>` | Install/update Layer 1 (adapters + hook) in a consumer project |
|
|
103
|
+
| `npm run adapters` | Regenerate this repo's `.claude/` adapters from sources |
|
|
104
|
+
| `npm run validate` | Validate all 36 definitions against the frontmatter schema |
|
|
105
|
+
| `npm run reindex` | Regenerate `AGENT_INDEX.yaml` (deterministic — no date churn) |
|
|
106
|
+
| `npm run log-session -- --agent <n> --task "..." --outcome <O>` | Manually append an invocation to `HIVE-LOG.md` |
|
|
107
|
+
| `npm run cost-report` | Estimated cost per agent from `HIVE-LOG.md`, with budget alerts |
|
|
108
|
+
| `npm run secrets-audit` | Scan definitions for hardcoded secrets |
|
|
109
|
+
| `npm run eval` | Layer 1 evals against the live API (needs `ANTHROPIC_API_KEY`; skips honestly without it) |
|
|
110
|
+
| `npm test` / `npm run lint` / `npm run typecheck` | Offline quality gates (also in CI) |
|
|
111
|
+
|
|
112
|
+
---
|
|
113
|
+
|
|
114
|
+
## Golden Paths
|
|
115
|
+
|
|
116
|
+
Step-by-step walkthroughs for common workflows on each stack:
|
|
117
|
+
|
|
118
|
+
- [Golden Path — Stack A (Laravel)](docs/GOLDEN-PATH-STACK-A.md) — PHP / Laravel / Filament / MySQL
|
|
119
|
+
- [Golden Path — Stack B (Next.js)](docs/GOLDEN-PATH-STACK-B.md) — Next.js / NestJS / Prisma / PostgreSQL
|
|
120
|
+
|
|
121
|
+
---
|
|
122
|
+
|
|
123
|
+
## Roadmap
|
|
124
|
+
|
|
125
|
+
| Phase | Status | Scope |
|
|
126
|
+
|-------|--------|-------|
|
|
127
|
+
| Phase 0 — Agent migration | Complete | 36 definitions in v3 YAML frontmatter format |
|
|
128
|
+
| Phase 1 — Core runtime | Retired | NestJS runtime built, then superseded by ADR-000; preserved in `legacy/layer2-runtime` |
|
|
129
|
+
| Phase 2 — Governance layer | Complete | Adapter generators, permission translation, traceability hook, Layer 1 evals, distribution without fork |
|
|
130
|
+
| Phase 3 — Ecosystem | In progress | npm publish (`npx @simplium/hive`, package ready — org verification pending), OpenCode adapter, public docs |
|
|
131
|
+
|
|
132
|
+
---
|
|
133
|
+
|
|
134
|
+
## Documentation
|
|
135
|
+
|
|
136
|
+
- [HIVE Rules & Conventions](docs/HIVE-RULES.md)
|
|
137
|
+
- [Changelog](CHANGELOG.md)
|
|
138
|
+
- [Audit trail (2026)](audit/AUDIT-REPORT.md)
|
|
139
|
+
|
|
140
|
+
---
|
|
141
|
+
|
|
142
|
+
## License
|
|
143
|
+
|
|
144
|
+
Licensed under [Apache 2.0](LICENSE).
|
|
145
|
+
|
|
146
|
+
## Author
|
|
147
|
+
|
|
148
|
+
Built by José at [Simplium.io](https://simplium.io).
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* HIVE Layer 1 installer (npm package bin).
|
|
4
|
+
*
|
|
5
|
+
* Usage:
|
|
6
|
+
* npx @simplium/hive <target-dir> # install/update into a project
|
|
7
|
+
* npx @simplium/hive . # install into current dir
|
|
8
|
+
*
|
|
9
|
+
* Copies the pre-rendered adapters shipped in the package (dist/claude/)
|
|
10
|
+
* into <target>/.claude/ and wires the traceability hook into settings.json.
|
|
11
|
+
* Zero runtime dependencies. Idempotent: re-run after upgrading the package.
|
|
12
|
+
*/
|
|
13
|
+
|
|
14
|
+
import { readFileSync, writeFileSync, mkdirSync, copyFileSync, readdirSync, existsSync } from "node:fs";
|
|
15
|
+
import { join, dirname, resolve } from "node:path";
|
|
16
|
+
import { fileURLToPath } from "node:url";
|
|
17
|
+
|
|
18
|
+
const PKG_ROOT = resolve(dirname(fileURLToPath(import.meta.url)), "..");
|
|
19
|
+
const PAYLOAD = join(PKG_ROOT, "dist", "claude");
|
|
20
|
+
const HOOK_COMMAND = 'node "$CLAUDE_PROJECT_DIR/.claude/hooks/hive-log.mjs"';
|
|
21
|
+
|
|
22
|
+
function fail(msg) {
|
|
23
|
+
console.error(`✖ ${msg}`);
|
|
24
|
+
process.exit(1);
|
|
25
|
+
}
|
|
26
|
+
|
|
27
|
+
const rawTarget = process.argv[2];
|
|
28
|
+
if (!rawTarget) {
|
|
29
|
+
console.error("Usage: npx @simplium/hive <target-directory>");
|
|
30
|
+
process.exit(1);
|
|
31
|
+
}
|
|
32
|
+
const target = resolve(process.cwd(), rawTarget);
|
|
33
|
+
if (!existsSync(target)) fail(`Target directory does not exist: ${target}`);
|
|
34
|
+
if (!existsSync(PAYLOAD)) fail("Package payload missing (dist/claude) — was the package built with prepack?");
|
|
35
|
+
|
|
36
|
+
const version = JSON.parse(readFileSync(join(PKG_ROOT, "package.json"), "utf-8")).version;
|
|
37
|
+
|
|
38
|
+
function copyDir(fromDir, toDir) {
|
|
39
|
+
mkdirSync(toDir, { recursive: true });
|
|
40
|
+
let n = 0;
|
|
41
|
+
for (const f of readdirSync(fromDir)) {
|
|
42
|
+
copyFileSync(join(fromDir, f), join(toDir, f));
|
|
43
|
+
n++;
|
|
44
|
+
}
|
|
45
|
+
return n;
|
|
46
|
+
}
|
|
47
|
+
|
|
48
|
+
const agents = copyDir(join(PAYLOAD, "agents"), join(target, ".claude", "agents"));
|
|
49
|
+
const skills = copyDir(join(PAYLOAD, "skills"), join(target, ".claude", "skills"));
|
|
50
|
+
copyDir(join(PAYLOAD, "hooks"), join(target, ".claude", "hooks"));
|
|
51
|
+
|
|
52
|
+
// Wire the hook into settings.json (merge; never clobber unrelated config)
|
|
53
|
+
const settingsPath = join(target, ".claude", "settings.json");
|
|
54
|
+
let hookNote = "settings.json wired (PostToolUse → Task)";
|
|
55
|
+
let settings = {};
|
|
56
|
+
if (existsSync(settingsPath)) {
|
|
57
|
+
try {
|
|
58
|
+
settings = JSON.parse(readFileSync(settingsPath, "utf-8"));
|
|
59
|
+
} catch {
|
|
60
|
+
settings = null;
|
|
61
|
+
hookNote = `settings.json is not valid JSON — add the PostToolUse hook manually (command: ${HOOK_COMMAND})`;
|
|
62
|
+
}
|
|
63
|
+
}
|
|
64
|
+
if (settings !== null) {
|
|
65
|
+
const hooks = settings.hooks ?? {};
|
|
66
|
+
const post = hooks.PostToolUse ?? [];
|
|
67
|
+
const wired = post.some(m => (m.hooks ?? []).some(h => (h.command ?? "").includes("hive-log.mjs")));
|
|
68
|
+
if (wired) {
|
|
69
|
+
hookNote = "settings.json already wired";
|
|
70
|
+
} else {
|
|
71
|
+
post.push({ matcher: "Task", hooks: [{ type: "command", command: HOOK_COMMAND }] });
|
|
72
|
+
hooks.PostToolUse = post;
|
|
73
|
+
settings.hooks = hooks;
|
|
74
|
+
writeFileSync(settingsPath, JSON.stringify(settings, null, 2) + "\n", "utf-8");
|
|
75
|
+
}
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
console.log(`\nHIVE Framework v${version}`);
|
|
79
|
+
console.log(`✅ Installed: ${agents} agents + ${skills} skills + hook → ${target}/.claude/`);
|
|
80
|
+
console.log(` ${hookNote}`);
|
|
81
|
+
console.log(`\n Next: open ${target} in Claude Code — agents and skills are discovered natively.`);
|
|
82
|
+
console.log(` Update: npx @simplium/hive@latest ${rawTarget} after a new HIVE release.\n`);
|