@starlein/paperclip-plugin-company-wizard 0.4.6 → 0.4.9

package/CHANGELOG.md

@@ -4,6 +4,84 @@ All notable changes to the Company Wizard plugin are documented here.
 
 The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 
+## [0.4.9] - 2026-06-22
+
+### Fixed
+
+**Roles — structural gaps in secondary and C-suite roles**
+- `devops`, `cto`, `cmo`, `ux-researcher` AGENTS.md: added Working Rules, Collaboration and Handoffs, and Done Bar sections (previously used a thin "Core Principles"-only pattern with no actionable workflow guidance).
+- `code-reviewer` HEARTBEAT.md step 5: replaced generic "move to in_review" with the correct role-specific flow — merge the PR, archive worktree, record `approved`; or on rejection set `in_progress` and reassign to engineer.
+- `qa` HEARTBEAT.md step 5: replaced generic step with pass → mark done / fail → reassign to engineer with reproduction steps.
+- `code-reviewer` AGENTS.md: added rejection flow in step 8; removed duplicate procedure paragraph from `## Principles`.
+- `security-engineer` AGENTS.md: added missing `## Safety Considerations` section.
+- `product-owner` SOUL.md: renamed section heading and added product ownership bullets.
+- `technical-writer` AGENTS.md step 7: clarified that executionPolicy overrides the direct self-close.
+- HEARTBEAT.md title casing fixed: CEO, CTO, CMO, QA Engineer, UI Designer, UX Researcher, DevOps.
+
+**Operational modules — heartbeat-scan anti-pattern, bar/skill mismatches, missing fallbacks**
+- `dependency-management` and `release-management`: converted heartbeat-scan "Ongoing" sections to routine-triggered procedures; added `routines[]` to both `module.meta.json` files.
+- `release-management`: added CEO fallback skill scoped to documentation only — explicitly forbids `git push --tags`, `gh release create`, and version bumps.
+- `ci-cd` shared skill: added SHA pinning rule, rollback documentation step, and `## Ongoing Health Checks` section for recurring routine runs.
+- `monitoring` shared skill: added dashboard setup step and runbook requirement rule.
+- `ci-cd` engineer fallback: marked output as provisional; added explicit `docs/CI-CD.md` reference.
+- `monitoring` engineer fallback: "liveness probe" → "liveness and readiness probes".
+- `triage` CEO fallback: `gh issue list` now uses full `--json` form; added `executionWorkspaceSettings` note.
+- `codebase-onboarding` CEO fallback: added "Health Check Refresh" section for follow-up runs.
+
+**Product/design modules — critical missing files, duplicate issues, bar gaps**
+- `architecture-plan`: added missing shared `skills/design-system.md` — without it, an engineer acting as primary was silently installed with no design-system skill.
+- `architecture-plan`: added CEO-specific `agents/ceo/skills/architecture-plan.bar.md` with reduced done bar (the shared bar set engineer-level requirements the CEO fallback cannot meet).
+- `architecture-plan` ui-designer contribution skill: added guard clause — wait for `docs/ARCHITECTURE.md` before contributing the UI layer.
+- `architecture-plan` ui-designer design-system skill: added conditional `docs/BRAND-IDENTITY.md` reference.
+- `website-relaunch` module.meta.json: removed 3 duplicate issues (each appeared twice; would have provisioned duplicate board items).
+- `competitive-intel`: added missing `agents/product-owner/skills/competitive-tracking.fallback.md`.
+- Added new bar files: `competitive-intel/skills/competitive-tracking.bar.md`, `documentation/skills/project-docs.bar.md`, `game-design/skills/game-design.bar.md`.
+- `market-analysis` template: added `## User Segments` section.
+- `brand-identity` CEO fallback: fixed inconsistent role name ("designer or PO" → "ui-designer or CMO").
+- `brand-identity` primary skill: added explicit file path for template reference.
+
+---
+
+## [0.4.8] - 2026-06-22
+
+### Fixed
+
+- **Merge conflicts no longer leave PRs dangling forever.** When `gh pr merge` fails due to a merge conflict, or `gh pr view` reports `mergeable: CONFLICTING` / `mergeStateStatus: DIRTY`, agents previously had no concrete instructions and left the PR in `in_review` indefinitely. All three relevant skills now include an explicit *Resolving merge conflicts* section: `git fetch && git rebase origin/<base-ref>`, resolve conflict markers, `git push --force-with-lease`, verify `mergeable: MERGEABLE`, retry `gh pr merge`. (`git-workflow.md` skill, `pr-workflow.md` skill, `docs/git-workflow.md`.)
+- **Code Reviewer checks for conflicts before attempting to merge.** The merge gate now runs `gh pr view <number> --json mergeable,mergeStateStatus` before calling `gh pr merge`. If the PR is conflicting or dirty, it immediately records `changes_requested` with a comment routing the issue back to the engineer to rebase — instead of attempting the merge and silently leaving the issue stranded. (`code-review.md`.)
+- **PR Self-Merge flow also guards against dirty merges.** The engineer's self-merge path now checks mergeability before `gh pr merge` and follows the same rebase procedure when conflicting. (`pr-workflow.md`, `git-workflow.md` skill.)
+- **Never leave a conflicting PR without an explicit action.** All skills now state: either resolve the conflict and retry, or leave an issue comment with the exact blocker and (for complex conflicts) escalate to the CEO — do not silently abandon the branch.
+
+---
+
+## [0.4.7] - 2026-06-22
+
+### Fixed
+
+- **Stall-safe PR merge workflow rules (`executionPolicy` + roles).** Fixes the long-standing defect where companies without a Code Reviewer would create endless branches without ever merging them into the base ref, or open PRs that never got merged. Two modes, chosen automatically from the roles present:
+  - **PR-Gate mode** (Code Reviewer present): Paperclip-native gate flow via `executionPolicy` — QA (review, when present) → Security Engineer (review, only on security-relevant changes) → Product Owner (approval, when present) → **Code Reviewer as the non-author merge gate** (last stage, merges via `gh pr merge <N> --merge` and only then records `approved`, which closes the issue).
+  - **PR-Self-Merge mode** (no Code Reviewer): no `executionPolicy` stages — the engineer opens the PR and merges it themselves via `gh pr merge <N> --merge`. Other review roles leave advisory PR comments but do not block.
+- **`resolveReviewGate` no longer renders an `executionPolicy` sketch without a merge gate (CRITICAL).** Previously, for `engineer + product-owner` (no Code Reviewer), a gate with an approver (PO) but no merge gate was rendered — the PO approval would then auto-close the issue to `done` while the PR was still open on GitHub. Now `null` is returned whenever no non-author merge gate is resolvable (self-merge path). (`src/logic/assemble.js`, `resolveReviewGate`.)
+- **The merge gate can never be the issue executor (guard).** `resolveReviewGate` discards a `mergeGate` that equals the issue's `assignTo` (the executor/author). Because Paperclip excludes the original executor from every stage, a self-stage would stall forever with `422 No eligible approval participant`. The guard prevents this — including for hand-edited presets or future modules. (`src/logic/assemble.js`.)
+- **No more role fallback for the merge gate.** Previously, when the Code Reviewer was absent, another role (DevOps, QA, …) was substituted as a static gate stage — rendering an `executionPolicy` sketch the engineer is explicitly told never to set. Now the rule is consistent: no Code Reviewer → self-merge, no substitution. (`src/logic/assemble.js`.)
+- **Product Owner stage is consistently tied to presence.** The PO approval stage was marked as "always" in four files (skill, conventions, module meta, BOOTSTRAP guardrail) while QA/Security were already conditional. With `pr-review + code-reviewer` but no PO, this produced a stage with no eligible participant → 422. The PO stage now reads "when present" / "when one is on the team" everywhere. (`pr-workflow.md`, `pr-conventions.md`, `module.meta.json`, `assemble.js` guardrail.)
+- **Domain reviewers (UI/UX/DevOps) are consistently advisory.** Previously the skills ("Record your verdict … approved/changes_requested" = blocking stage) contradicted `pr-conventions.md` ("advisory, never gate"). Domain reviewers now post advisory PR comments only and escalate blockers to QA/Security/merge gate — they are never a stage themselves. `infra-review` routes security blockers to the Security Engineer stage instead of blocking directly. (`design-review.md`, `ux-review.md`, `infra-review.md`, `pr-workflow.md`, `pr-conventions.md`.)
+- **`code-reviewer` AGENTS.md is self-consistent.** "Post your review as advisory" + "Your review does not gate the merge" contradicted the merge-gate principle (Principles + `code-review.md`). Line 18 now separates the GitHub comment (advisory — no GitHub-native approval because all agents share one account) from the `executionPolicy` stage (the real gate). Step 8 branches: in pr-review mode the Code Reviewer merges via `gh pr merge` and records `approved`; otherwise it leaves an advisory comment only. (`templates/roles/code-reviewer/AGENTS.md`.)
+- **Product Owner review skill is role-correct.** "Final approver / last gate before merge" was wrong — the PO is the product sign-off *before* the Code Reviewer merge gate, not the final stage. The PO is also not a merge owner (in self-merge mode the engineer merges). (`product-review.md`.)
+- **`docs/git-workflow.md` uses PR self-merge instead of `git merge`+push.** The "Direct-to-Base-Ref Workflow" used `git checkout base → git merge → git push`, which the skill forbids and branch protection (same module) would reject. Replaced with a "PR Self-Merge Flow" using `gh pr create` + `gh pr merge <N> --merge`. (`templates/modules/github-repo/docs/git-workflow.md`.)
+- **Branch protection with `enforce_admins: true`.** Previously `enforce_admins: false` let the shared admin account bypass the PR requirement with a direct push to the base ref — exactly what the protection is meant to prevent. With `required_approving_review_count: 0` the admin can still open a PR and merge it with zero approvals (self-merge stays functional); only the direct-push bypass is closed. Added the "distinct non-author GitHub reviewer credentials" qualifier and a note on `restrictions: null`. (`preset.meta.json`, `git-workflow.md` skill.)
+- **Work-product POST includes the `Authorization` header.** `pr-workflow.md` documented the POST without `Authorization: Bearer $PAPERCLIP_API_KEY`; in authenticated deployments this yielded 401. Header added, matching the `git-workflow.md` skill. (`pr-workflow.md`.)
+- **`worker.ts` typecheck errors fixed.** Seven `Cannot find name` errors occurred because `allRoleNames`, `existingManifest`, `existingByTemplateRole`, and `routines` were declared inside the `try` block but referenced after the `try`/`catch` in the manifest-save and governance-cleanup blocks. The declarations were hoisted before the `try` block; `tsc --noEmit` now passes cleanly. (`src/worker.ts`.)
+
+### Changed
+
+- **README/docs: the merge gate is the Code Reviewer, not the engineer.** The PR-review description in `README.md` had the roles inverted ("merge gate owned by the Engineer") — exactly the 422-stall bug. Corrected to Code Reviewer (non-author) as the merge gate, engineer as the executor (never a stage participant), domain reviewers advisory, and a self-merge path when no Code Reviewer is present. (`README.md`.)
+
+### Tests
+
+- Replaced/augmented static JSON-only tests with behavioral `assembleCompany` calls: no `executionPolicy` sketch + installed self-merge skill when no Code Reviewer is present (C1); guard prevents executor-as-mergeGate (I16); PO stage is omitted when no Product Owner is present (M8); ordered stages QA → PO → Code Reviewer (M9). (`assemble.test.js`, `assemble.integration.test.js`.)
+
+---
+
 ## [0.4.6] - 2026-06-18
 
 ### Changed

package/README.md

@@ -17,6 +17,8 @@
 
 > **Fork:** This is a community-maintained fork of [yesterday-AI/paperclip-plugin-company-wizard](https://github.com/yesterday-AI/paperclip-plugin-company-wizard), updated for the current Paperclip API (`>=2026.529.0`) with substantial bug fixes. End-to-end company setup is governed through current Paperclip workflows as of v0.4.6.
 
+**Update Company:** If you have provisioned your company before with some older version of this plugin or you have an existing company, since version 0.4.6 you can update your existing company by providing the company ID in the wizard summary page. It will make a soft update of agent instructions and workflow/instruction documents. 
+
 <details>
 <summary><strong>What changed vs. upstream</strong></summary>
 
@@ -163,7 +165,7 @@ Start with just a CEO. Everything works. Add roles and responsibilities shift au
 | `tech-stack` | Engineer | CEO | tech-stack |
 | `architecture-plan` | Engineer | CEO | architecture-plan |
 | `design-system` | UI Designer | Engineer | architecture-plan |
-| `pr-review` | QA (gate) / Security Engineer (security-relevant) / Product Owner (approval) / Engineer (merge); Code Reviewer / UI / UX / DevOps advisory | — | pr-review |
+| `pr-review` | QA (review) / Security Engineer (review, security-relevant) / Product Owner (approval, when present) / Code Reviewer (merge gate, non-author); UI / UX / DevOps advisory | — | pr-review |
 | `threat-model` | Security Engineer → DevOps | Engineer | security-audit |
 | `security-review` | Security Engineer → DevOps | Engineer | security-audit |
 | `project-docs` | Technical Writer → Engineer | CEO | documentation |
@@ -279,7 +281,7 @@ Modules are composable capabilities you layer on top of the base team. Each modu
 | Module | What it does | Kickoff task |
 | :----- | :----------- | :----------- |
 | **`github-repo`** | Git workflow and commit conventions | Engineer initializes repo |
-| **`pr-review`** | PR-based review workflow | Engineer sets up branch protection |
+| **`pr-review`** | PR-based review workflow | Engineer configures PR workflow and branch protection (requires PRs, no approval gate) |
 | **`backlog`** | Auto-generate issues from goals when backlog runs low | Primary owner creates initial backlog |
 | **`auto-assign`** | Assign unassigned issues to idle agents | — |
 | **`stall-detection`** | Detect stuck handovers, nudge or escalate | — |
@@ -340,9 +342,9 @@ Git workflow and commit conventions.
 
 PR-based review workflow. Requires `github-repo`. Activates with `code-reviewer`, `product-owner`, `ui-designer`, `ux-researcher`, `qa`, or `devops`.
 
-Reviews run through the issue's native `executionPolicy` (stages), not child issues: a `review` stage for the Code Reviewer (plus relevant domain reviewers), an `approval` stage for the Product Owner, then a final `approval` **merge gate** owned by the Engineer — who is woken last to merge the PR before recording the verdict that closes the issue. The merge gate is deliberately the last stage so the Product Owner's approval does not auto-close the issue with the PR still open.
+Reviews run through the issue's native `executionPolicy` (stages), not child issues: a `review` stage for QA when present, a `review` stage for the Security Engineer only on security-relevant changes, an `approval` stage for the Product Owner when present, then a final `approval` **merge gate** owned by the Code Reviewer (a non-author) — who is woken last to merge the PR before recording the verdict that closes the issue. The merge gate is deliberately the last stage so the Product Owner's approval does not auto-close the issue with the PR still open. The engineer (the issue's executor) is never a stage participant — Paperclip excludes the original executor, so a self-stage stalls with `422 No eligible approval participant`; this is why the merge gate is the Code Reviewer, not the engineer. Domain reviewers (UI Designer, UX Researcher, DevOps) are advisory — they post PR comments and escalate concerns to a blocking reviewer; they are never themselves a stage. When no Code Reviewer is on the team, no `executionPolicy` stages are set and the engineer self-merges via `gh pr merge <N> --merge` (PR Self-Merge Flow).
 
-- **Task:** Engineer sets up branch protection
+- **Task:** Engineer configures PR workflow and branch protection (requires PRs, no approval gate)
 - **Doc:** `docs/pr-conventions.md`
 
 #### backlog

package/dist/manifest.js

@@ -2,7 +2,7 @@
 var manifest = {
   id: "starlein.paperclip-plugin-company-wizard",
   apiVersion: 1,
-  version: "0.4.6",
+  version: "0.4.9",
   displayName: "Company Wizard",
   description: "AI-powered wizard to bootstrap agent companies from composable templates",
   author: "Sascha Pietrowski <sp@speednetwork.de>",

package/dist/manifest.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../src/manifest.ts"],
-  "sourcesContent": ["import type { PaperclipPluginManifestV1 } from '@paperclipai/plugin-sdk';\n\nconst manifest: PaperclipPluginManifestV1 = {\n  id: 'starlein.paperclip-plugin-company-wizard',\n  apiVersion: 1,\n  version: '0.4.6',\n  displayName: 'Company Wizard',\n  description: 'AI-powered wizard to bootstrap agent companies from composable templates',\n  author: 'Sascha Pietrowski <sp@speednetwork.de>',\n  categories: ['workspace', 'ui'],\n  capabilities: [\n    'companies.read',\n    'issues.create',\n    'issues.read',\n    'issues.update',\n    'goals.create',\n    'goals.read',\n    'agents.read',\n    'projects.read',\n    'plugin.state.read',\n    'plugin.state.write',\n    'secrets.read-ref',\n    'events.subscribe',\n    'ui.page.register',\n    'ui.sidebar.register',\n  ],\n  instanceConfigSchema: {\n    type: 'object',\n    properties: {\n      companiesDir: {\n        type: 'string',\n        description:\n          'Directory where assembled company workspaces are written. Auto-detected: ~/instances/default/companies in Docker setups, ~/.paperclip/instances/default/companies otherwise. Rarely needs manual override.',\n      },\n      templatesPath: {\n        type: 'string',\n        description:\n          'Path to the templates directory. Auto-detected: ~/plugin-templates in Docker setups, ~/.paperclip/plugin-templates otherwise. Rarely needs manual override.',\n      },\n      templatesRepoUrl: {\n        type: 'string',\n        default: 'https://github.com/starlein/paperclip-plugin-company-wizard/tree/main/templates',\n        description:\n          'GitHub tree URL for template downloads. The default is correct for most setups \u2014 only change this if using a custom fork.',\n      },\n      anthropicApiKey: {\n        type: 'string',\n        description:\n          'Anthropic API key for the AI wizard (e.g. sk-ant-...). Required to use the AI-powered company setup path.',\n      },\n      paperclipUrl: {\n        type: 'string',\n        description:\n          'Paperclip instance URL. Defaults to http://localhost:3100 or the PAPERCLIP_PUBLIC_URL env var.',\n      },\n      paperclipEmail: {\n        type: 'string',\n        description: 'Board login email (for authenticated instances).',\n      },\n      paperclipPassword: {\n        type: 'string',\n        description: 'Board login password (for authenticated instances).',\n      },\n    },\n  },\n  entrypoints: {\n    worker: './dist/worker.js',\n    ui: './dist/ui',\n  },\n  ui: {\n    slots: [\n      {\n        type: 'page',\n        id: 'company-wizard',\n        displayName: 'Company Wizard',\n        exportName: 'WizardPage',\n        routePath: 'company-creator',\n      },\n      {\n        type: 'sidebar',\n        id: 'company-wizard-link',\n        displayName: 'Create Company',\n        exportName: 'SidebarLink',\n      },\n    ],\n  },\n};\n\nexport default manifest;\n"],
+  "sourcesContent": ["import type { PaperclipPluginManifestV1 } from '@paperclipai/plugin-sdk';\n\nconst manifest: PaperclipPluginManifestV1 = {\n  id: 'starlein.paperclip-plugin-company-wizard',\n  apiVersion: 1,\n  version: '0.4.9',\n  displayName: 'Company Wizard',\n  description: 'AI-powered wizard to bootstrap agent companies from composable templates',\n  author: 'Sascha Pietrowski <sp@speednetwork.de>',\n  categories: ['workspace', 'ui'],\n  capabilities: [\n    'companies.read',\n    'issues.create',\n    'issues.read',\n    'issues.update',\n    'goals.create',\n    'goals.read',\n    'agents.read',\n    'projects.read',\n    'plugin.state.read',\n    'plugin.state.write',\n    'secrets.read-ref',\n    'events.subscribe',\n    'ui.page.register',\n    'ui.sidebar.register',\n  ],\n  instanceConfigSchema: {\n    type: 'object',\n    properties: {\n      companiesDir: {\n        type: 'string',\n        description:\n          'Directory where assembled company workspaces are written. Auto-detected: ~/instances/default/companies in Docker setups, ~/.paperclip/instances/default/companies otherwise. Rarely needs manual override.',\n      },\n      templatesPath: {\n        type: 'string',\n        description:\n          'Path to the templates directory. Auto-detected: ~/plugin-templates in Docker setups, ~/.paperclip/plugin-templates otherwise. Rarely needs manual override.',\n      },\n      templatesRepoUrl: {\n        type: 'string',\n        default: 'https://github.com/starlein/paperclip-plugin-company-wizard/tree/main/templates',\n        description:\n          'GitHub tree URL for template downloads. The default is correct for most setups \u2014 only change this if using a custom fork.',\n      },\n      anthropicApiKey: {\n        type: 'string',\n        description:\n          'Anthropic API key for the AI wizard (e.g. sk-ant-...). Required to use the AI-powered company setup path.',\n      },\n      paperclipUrl: {\n        type: 'string',\n        description:\n          'Paperclip instance URL. Defaults to http://localhost:3100 or the PAPERCLIP_PUBLIC_URL env var.',\n      },\n      paperclipEmail: {\n        type: 'string',\n        description: 'Board login email (for authenticated instances).',\n      },\n      paperclipPassword: {\n        type: 'string',\n        description: 'Board login password (for authenticated instances).',\n      },\n    },\n  },\n  entrypoints: {\n    worker: './dist/worker.js',\n    ui: './dist/ui',\n  },\n  ui: {\n    slots: [\n      {\n        type: 'page',\n        id: 'company-wizard',\n        displayName: 'Company Wizard',\n        exportName: 'WizardPage',\n        routePath: 'company-creator',\n      },\n      {\n        type: 'sidebar',\n        id: 'company-wizard-link',\n        displayName: 'Create Company',\n        exportName: 'SidebarLink',\n      },\n    ],\n  },\n};\n\nexport default manifest;\n"],
   "mappings": ";AAEA,IAAM,WAAsC;AAAA,EAC1C,IAAI;AAAA,EACJ,YAAY;AAAA,EACZ,SAAS;AAAA,EACT,aAAa;AAAA,EACb,aAAa;AAAA,EACb,QAAQ;AAAA,EACR,YAAY,CAAC,aAAa,IAAI;AAAA,EAC9B,cAAc;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAAA,EACA,sBAAsB;AAAA,IACpB,MAAM;AAAA,IACN,YAAY;AAAA,MACV,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,aACE;AAAA,MACJ;AAAA,MACA,eAAe;AAAA,QACb,MAAM;AAAA,QACN,aACE;AAAA,MACJ;AAAA,MACA,kBAAkB;AAAA,QAChB,MAAM;AAAA,QACN,SAAS;AAAA,QACT,aACE;AAAA,MACJ;AAAA,MACA,iBAAiB;AAAA,QACf,MAAM;AAAA,QACN,aACE;AAAA,MACJ;AAAA,MACA,cAAc;AAAA,QACZ,MAAM;AAAA,QACN,aACE;AAAA,MACJ;AAAA,MACA,gBAAgB;AAAA,QACd,MAAM;AAAA,QACN,aAAa;AAAA,MACf;AAAA,MACA,mBAAmB;AAAA,QACjB,MAAM;AAAA,QACN,aAAa;AAAA,MACf;AAAA,IACF;AAAA,EACF;AAAA,EACA,aAAa;AAAA,IACX,QAAQ;AAAA,IACR,IAAI;AAAA,EACN;AAAA,EACA,IAAI;AAAA,IACF,OAAO;AAAA,MACL;AAAA,QACE,MAAM;AAAA,QACN,IAAI;AAAA,QACJ,aAAa;AAAA,QACb,YAAY;AAAA,QACZ,WAAW;AAAA,MACb;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,IAAI;AAAA,QACJ,aAAa;AAAA,QACb,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AACF;AAEA,IAAO,mBAAQ;",
   "names": []
 }

package/dist/ui/index.css

@@ -66,6 +66,9 @@
       "Liberation Mono",
       "Courier New",
       monospace;
+    --color-red-400:oklch(70.4% .191 22.216);
+    --color-red-500:oklch(63.7% .237 25.331);
+    --color-red-700:oklch(50.5% .213 27.518);
     --color-amber-200:oklch(92.4% .12 95.746);
     --color-amber-300:oklch(87.9% .169 91.605);
     --color-amber-400:oklch(82.8% .189 84.429);
@@ -73,10 +76,14 @@
     --color-amber-700:oklch(55.5% .163 48.998);
     --color-amber-800:oklch(47.3% .137 46.201);
     --color-yellow-600:oklch(68.1% .162 75.834);
+    --color-green-400:oklch(79.2% .209 151.711);
+    --color-green-500:oklch(72.3% .219 149.579);
     --color-green-600:oklch(62.7% .194 149.214);
+    --color-green-700:oklch(52.7% .154 150.069);
     --color-blue-400:oklch(70.7% .165 254.624);
     --color-blue-500:oklch(62.3% .214 259.815);
     --color-blue-600:oklch(54.6% .245 262.881);
+    --color-blue-700:oklch(48.8% .243 264.376);
     --color-white:#fff;
     --spacing:.25rem;
     --container-xs:20rem;
@@ -812,6 +819,14 @@
       border-color: color-mix(in oklab, var(--color-blue-400) 60%, transparent);
     }
   }
+  .border-blue-500\/20 {
+    border-color: #3080ff33;
+  }
+  @supports (color:color-mix(in lab, red, red)) {
+    .border-blue-500\/20 {
+      border-color: color-mix(in oklab, var(--color-blue-500) 20%, transparent);
+    }
+  }
   .border-border {
     border-color: var(--border);
   }
@@ -856,9 +871,25 @@
       border-color: color-mix(in oklab, var(--foreground) 30%, transparent);
     }
   }
+  .border-green-500\/20 {
+    border-color: #00c75833;
+  }
+  @supports (color:color-mix(in lab, red, red)) {
+    .border-green-500\/20 {
+      border-color: color-mix(in oklab, var(--color-green-500) 20%, transparent);
+    }
+  }
   .border-input {
     border-color: var(--input);
   }
+  .border-red-500\/20 {
+    border-color: #fb2c3633;
+  }
+  @supports (color:color-mix(in lab, red, red)) {
+    .border-red-500\/20 {
+      border-color: color-mix(in oklab, var(--color-red-500) 20%, transparent);
+    }
+  }
   .border-transparent {
     border-color: #0000;
   }
@@ -893,6 +924,14 @@
   .bg-background {
     background-color: var(--background);
   }
+  .bg-blue-500\/10 {
+    background-color: #3080ff1a;
+  }
+  @supports (color:color-mix(in lab, red, red)) {
+    .bg-blue-500\/10 {
+      background-color: color-mix(in oklab, var(--color-blue-500) 10%, transparent);
+    }
+  }
   .bg-border {
     background-color: var(--border);
   }
@@ -936,6 +975,14 @@
       background-color: color-mix(in oklab, var(--foreground) 10%, transparent);
     }
   }
+  .bg-green-500\/10 {
+    background-color: #00c7581a;
+  }
+  @supports (color:color-mix(in lab, red, red)) {
+    .bg-green-500\/10 {
+      background-color: color-mix(in oklab, var(--color-green-500) 10%, transparent);
+    }
+  }
   .bg-muted {
     background-color: var(--muted);
   }
@@ -961,6 +1008,14 @@
   .bg-primary {
     background-color: var(--primary);
   }
+  .bg-red-500\/10 {
+    background-color: #fb2c361a;
+  }
+  @supports (color:color-mix(in lab, red, red)) {
+    .bg-red-500\/10 {
+      background-color: color-mix(in oklab, var(--color-red-500) 10%, transparent);
+    }
+  }
   .bg-secondary {
     background-color: var(--secondary);
   }
@@ -1145,9 +1200,15 @@
   .text-background {
     color: var(--background);
   }
+  .text-blue-500 {
+    color: var(--color-blue-500);
+  }
   .text-blue-600 {
     color: var(--color-blue-600);
   }
+  .text-blue-700 {
+    color: var(--color-blue-700);
+  }
   .text-card-foreground {
     color: var(--card-foreground);
   }
@@ -1179,9 +1240,15 @@
       color: color-mix(in oklab, var(--foreground) 80%, transparent);
     }
   }
+  .text-green-500 {
+    color: var(--color-green-500);
+  }
   .text-green-600 {
     color: var(--color-green-600);
   }
+  .text-green-700 {
+    color: var(--color-green-700);
+  }
   .text-muted-foreground,
   .text-muted-foreground\/40 {
     color: var(--muted-foreground);
@@ -1213,6 +1280,12 @@
   .text-primary-foreground {
     color: var(--primary-foreground);
   }
+  .text-red-500 {
+    color: var(--color-red-500);
+  }
+  .text-red-700 {
+    color: var(--color-red-700);
+  }
   .text-secondary-foreground {
     color: var(--secondary-foreground);
   }
@@ -1534,6 +1607,9 @@
     .sm\:grid-cols-2 {
       grid-template-columns: repeat(2, minmax(0, 1fr));
     }
+    .sm\:grid-cols-3 {
+      grid-template-columns: repeat(3, minmax(0, 1fr));
+    }
   }
   .dark\:border-blue-500\/50:is(.dark *) {
     border-color: #3080ff80;
@@ -1563,6 +1639,12 @@
   .dark\:text-blue-400:is(.dark *) {
     color: var(--color-blue-400);
   }
+  .dark\:text-green-400:is(.dark *) {
+    color: var(--color-green-400);
+  }
+  .dark\:text-red-400:is(.dark *) {
+    color: var(--color-red-400);
+  }
   .\[\&_svg\]\:pointer-events-none svg {
     pointer-events: none;
   }