@ulpi/cli 0.1.1 → 0.1.3

package/dist/skills/ulpi-generate-guardian/SKILL.md

@@ -140,7 +140,43 @@ Scan for indicator files in priority order:
 | `pnpm-workspace.yaml` | pnpm workspaces |
 | `"workspaces"` in package.json | Yarn/npm workspaces |
 
-For monorepos: Generate root-level rules that apply to all packages.
+**If a monorepo is detected, you MUST proceed to Step 2b (Map Monorepo Topology) before continuing.**
+
+## Step 2b: Map Monorepo Topology (Monorepos Only)
+
+**Gate: Full workspace topology mapped before proceeding to Step 3.**
+
+When a monorepo is detected, do NOT treat it as a flat project. You must:
+
+1. **Read the workspace config** — `pnpm-workspace.yaml`, `lerna.json`, or `package.json` workspaces field to find all workspace globs
+2. **List all packages** — Resolve workspace globs to actual directories (e.g., `apps/*`, `packages/*`)
+3. **Read each package's `package.json`** — Identify name, dependencies, devDependencies, scripts
+4. **Map the dependency graph** — Which packages depend on which? Identify the direction of dependency flow
+5. **Read the task runner config** — `turbo.json` task definitions, dependency chains (`^` prefix = depends on upstream)
+6. **Identify build characteristics** — Does the package have a build step? Is it consumed as source? Does it have its own tsconfig?
+
+### Topology Output Format
+
+Record the topology as a YAML comment in the header:
+
+```yaml
+# Workspace Topology:
+#   {package-a} → {package-b} (one-way dependency)
+#   {package-c} (standalone)
+#
+# Task Graph (turbo.json):
+#   build: depends on ^build
+#   type-check: depends on ^type-check
+```
+
+### What Monorepo Topology Enables
+
+- **Package boundary enforcement** — Prevent imports in the wrong direction
+- **Per-package postconditions** — Type-check only the affected package using `turbo --filter=`
+- **Turbo-first commands** — Use `turbo run` instead of direct package manager for tasks defined in turbo.json
+- **Critical file cautions** — Barrel exports, shared configs, workspace manifests
+
+See `references/framework-rules.md` → Turborepo section for complete rule templates.
 
 ## Step 3: Extract Commands from Config
 
@@ -152,6 +188,11 @@ For Node.js projects, read package.json scripts to identify:
 - `lint_command` (from "lint" script)
 - `format_command` (from "format" script)
 
+**For monorepos:** Read BOTH the root `package.json` AND `turbo.json`:
+- If root scripts delegate to turbo (e.g., `"build": "turbo run build"`), the real commands are turbo tasks
+- Read each workspace's `package.json` scripts to understand what turbo invokes per-package
+- Postconditions and pipelines should use `turbo run <task> --filter=<package>`, NOT direct `pnpm <script>`
+
 For Python projects, check pyproject.toml for tool configurations.
 
 For Rust projects, use standard cargo commands.
@@ -193,6 +234,7 @@ preconditions:
 
 ```yaml
 permissions:
+  # --- Auto-approvals ---
   auto-approve-reads:
     enabled: true
     trigger: PermissionRequest
@@ -200,16 +242,120 @@ permissions:
     decision: allow
     priority: 100
 
+  auto-approve-git-readonly:
+    enabled: true
+    trigger: PermissionRequest
+    matcher: Bash
+    command_pattern: "git (status|log|diff|branch|show|stash list|remote -v|rev-parse)"
+    decision: allow
+    priority: 90
+
+  auto-approve-gh-cli:
+    enabled: true
+    trigger: PermissionRequest
+    matcher: Bash
+    command_pattern: "gh"
+    decision: allow
+    priority: 80
+
+  auto-approve-prettier:
+    enabled: true
+    trigger: PermissionRequest
+    matcher: Bash
+    command_pattern: "prettier"
+    decision: allow
+    priority: 80
+
+  auto-approve-shell-inspection:
+    enabled: true
+    trigger: PermissionRequest
+    matcher: Bash
+    command_pattern: "(ls|cat|head|tail|wc|file|which|echo|pwd|whoami)"
+    decision: allow
+    priority: 80
+
+  # --- Git destructive blocks (comprehensive) ---
   no-force-push:
     enabled: true
     trigger: PreToolUse
     matcher: Bash
-    command_pattern: "git push --force"
+    command_pattern: "git push.*(--force|-f)"
     decision: deny
     message: "Force push blocked. Use --force-with-lease."
     locked: true
     priority: 1
 
+  no-git-checkout-dot:
+    enabled: true
+    trigger: PreToolUse
+    matcher: Bash
+    command_pattern: "git checkout \\."
+    decision: deny
+    message: "git checkout . discards all unstaged changes."
+    locked: true
+    priority: 1
+
+  no-git-restore-dot:
+    enabled: true
+    trigger: PreToolUse
+    matcher: Bash
+    command_pattern: "git restore \\."
+    decision: deny
+    message: "git restore . discards all unstaged changes."
+    locked: true
+    priority: 1
+
+  no-git-reset-hard:
+    enabled: true
+    trigger: PreToolUse
+    matcher: Bash
+    command_pattern: "git reset --hard"
+    decision: deny
+    message: "git reset --hard destroys uncommitted work."
+    locked: true
+    priority: 1
+
+  no-git-clean-force:
+    enabled: true
+    trigger: PreToolUse
+    matcher: Bash
+    command_pattern: "git clean.* -f"
+    decision: deny
+    message: "git clean -f permanently deletes untracked files."
+    locked: true
+    priority: 1
+
+  no-git-branch-delete-force:
+    enabled: true
+    trigger: PreToolUse
+    matcher: Bash
+    command_pattern: "git branch -D"
+    decision: deny
+    message: "git branch -D force-deletes branches. Use -d for safe delete."
+    locked: true
+    priority: 1
+
+  no-skip-hooks:
+    enabled: true
+    trigger: PreToolUse
+    matcher: Bash
+    command_pattern: "--no-verify"
+    decision: deny
+    message: "Do not skip git hooks."
+    locked: true
+    priority: 1
+
+  no-rm-rf:
+    enabled: true
+    trigger: PreToolUse
+    matcher: Bash
+    command_pattern: "rm -rf"
+    decision: deny
+    message: "rm -rf is destructive. Remove specific files instead."
+    locked: true
+    priority: 1
+
+  # --- File protection ---
   block-env-files:
     enabled: true
     trigger: PreToolUse
@@ -238,6 +384,8 @@ permissions:
     priority: 1
 ```
 
+**Important:** `git push` is intentionally NOT auto-approved. Pushes affect shared state and should always require confirmation.
+
 ### Language-Specific Rules
 
 Add based on detected language. See `references/language-rules.md`.
@@ -246,6 +394,32 @@ Add based on detected language. See `references/language-rules.md`.
 
 Add based on detected framework. See `references/framework-rules.md`.
 
+### Pipelines (Required Fields)
+
+Every pipeline MUST include `on_failure`. It is a **required field** — omitting it causes a validation error.
+
+```yaml
+pipelines:
+  pre-commit-checks:
+    enabled: true
+    trigger: "PreToolUse"
+    matcher: "Bash"
+    command_pattern: "git commit"
+    steps:
+      - name: "type-check"
+        run: "{type_check_command}"
+        timeout: 60000
+      - name: "lint"
+        run: "{lint_command}"
+        timeout: 60000
+    on_failure: "block"          # REQUIRED — "block" or "warn"
+    message: "Pre-commit checks failed."
+    locked: true
+    priority: 5
+```
+
+Valid `on_failure` values: `"block"` (prevent the action) or `"warn"` (show warning but allow).
+
 ## Step 5: Write Configuration
 
 **Gate: File written before proceeding to Step 6.**
@@ -292,16 +466,48 @@ Postconditions are **disabled by default** because they run automatically after
 
 **To enable:** User should manually set `enabled: true` for desired postconditions after reviewing them.
 
+## About Pipelines
+
+Pipelines define multi-step checks (e.g., pre-commit). Every pipeline **MUST** include the `on_failure` field — it is required. Valid values: `"block"` (stop the action) or `"warn"` (show warning but proceed).
+
+```yaml
+pipelines:
+  pre-commit-checks:
+    enabled: true
+    trigger: "PreToolUse"
+    matcher: "Bash"
+    command_pattern: "git commit"
+    steps:
+      - name: "type-check"
+        run: "{type_check_command}"
+        timeout: 60000
+      - name: "lint"
+        run: "{lint_command}"
+        timeout: 60000
+    on_failure: "block"    # REQUIRED — omitting this causes validation error
+    message: "Pre-commit checks."
+    locked: true
+    priority: 5
+```
+
 ## Safety Rules
 
 | Rule | Reason |
 |------|--------|
 | Always include read-before-write | Prevents editing files without reading first |
-| Always block force push | Prevents history destruction |
+| Always block force push (--force AND -f) | Prevents history destruction |
+| Always block all git destructive ops | checkout ., restore ., reset --hard, clean -f, branch -D |
+| Always block --no-verify | Never skip git hooks |
+| Always block rm -rf | Prevents catastrophic deletions |
 | Always block .env edits | Protects secrets |
 | Always block node_modules/dist | Build artifacts should not be edited |
 | Auto-approve reads | Safe operations should not prompt |
-| Auto-approve detected package manager | Reduces friction |
+| Auto-approve ONLY the detected package manager | Do not auto-approve all package managers |
+| Never auto-approve git push | Pushes affect shared state, always confirm |
+| Never generate state-tracking rules | ULPI has no state; rules like "track last N" are non-functional |
+| Never generate redundant rules | If a rule duplicates another, remove the weaker one |
+| Always include `on_failure` in pipelines | Required field — omitting causes validation error |
+| Always map monorepo topology when detected | Flat treatment of monorepos produces wrong rules |
 | Never overwrite without asking | Preserves existing configuration |
 | Always verify directory exists | Prevents errors |
 
@@ -371,6 +577,10 @@ These are excuses. Don't fall for them:
 - **"The user wants it fast"** → STILL show detected stack first
 - **"These are standard rules"** → STILL customize for detected stack
 - **"Postconditions are disabled anyway"** → STILL generate them correctly
+- **"It's a monorepo but I'll just use global commands"** → Map the topology and use per-package `--filter`
+- **"git push is just like other git commands"** → Push affects shared state, NEVER auto-approve it
+- **"I'll add a rule to track recent actions"** → ULPI has no state between invocations, this won't work
+- **"All Node.js package managers should be auto-approved"** → Only approve the DETECTED one
 
 ---
 
@@ -396,6 +606,21 @@ These are excuses. Don't fall for them:
 **Symptom:** ULPI fails to parse guards.yml
 **Fix:** Validate YAML structure before writing
 
+### Failure Mode 5: Flat Treatment of Monorepo
+
+**Symptom:** Postconditions run `tsc --noEmit` globally instead of `turbo --filter=<pkg>`, package boundaries not enforced, no topology in header
+**Fix:** Always run Step 2b when monorepo is detected. Map the full workspace dependency graph. Generate per-package postconditions with `--filter`.
+
+### Failure Mode 6: Non-Functional State-Tracking Rules
+
+**Symptom:** Rules reference "last N actions" or "track recent commands" — ULPI has no state between invocations
+**Fix:** Only generate rules that use ULPI's actual capabilities: matchers, patterns, triggers. No stateful tracking.
+
+### Failure Mode 7: Redundant Rules
+
+**Symptom:** Multiple rules block the same thing (e.g., separate `block-dist` and `block-build-output` when only one output dir exists)
+**Fix:** Audit generated rules for overlap. Each rule should block a distinct concern.
+
 ---
 
 ## Quick Workflow Summary
@@ -417,17 +642,31 @@ STEP 2: DETECT TECHNOLOGY
 ├── Announce detected stack (informational, no question)
 └── Gate: Stack detected
 
+STEP 2b: MAP MONOREPO TOPOLOGY (if monorepo detected)
+├── Read workspace config (pnpm-workspace.yaml, etc.)
+├── List all packages in workspace
+├── Read each package's package.json
+├── Map dependency graph (who depends on whom)
+├── Read turbo.json / lerna.json task definitions
+├── Identify build characteristics per package
+└── Gate: Full topology mapped
+
 STEP 3: EXTRACT COMMANDS
-├── Read package.json scripts
+├── Read package.json scripts (root + per-package for monorepos)
+├── Read turbo.json tasks (monorepos)
 ├── Read pyproject.toml tools
 ├── Identify test/build/lint commands
+├── For monorepos: note turbo --filter commands per package
 └── Gate: Commands extracted
 
 STEP 4: GENERATE RULES
-├── Start with universal rules
-├── Add language-specific rules
+├── Start with universal rules (comprehensive git blocks, no push auto-approve)
+├── Add language-specific rules (only detected pkg manager)
 ├── Add framework-specific rules
+├── Add monorepo rules (boundaries, per-pkg postconditions, prefer-turbo)
+├── Add project-specific critical file cautions
 ├── Add tooling rules
+├── Audit for redundancy (no duplicate rules)
 └── Gate: Complete rules generated
 
 STEP 5: WRITE CONFIGURATION

package/dist/skills/ulpi-generate-guardian/references/framework-rules.md

@@ -663,7 +663,26 @@ preconditions:
     priority: 60
 ```
 
-## Turborepo
+## Turborepo (Monorepo)
+
+When Turborepo is detected, the skill MUST map the full workspace topology (Step 2b in SKILL.md) and generate monorepo-aware rules. The rules below are templates — replace placeholders with actual package names and paths from the detected topology.
+
+### Header — Workspace Topology Comment
+
+Always include a topology diagram in the YAML header:
+
+```yaml
+# Workspace Topology:
+#   {app-package} → {lib-package} (one-way dependency)
+#   {standalone-package} (no internal deps)
+#
+# Task Graph (from turbo.json):
+#   build: depends on ^build
+#   type-check: depends on ^type-check
+#   lint: depends on ^lint
+```
+
+### Permissions
 
 ```yaml
 permissions:
@@ -681,12 +700,150 @@ permissions:
     decision: deny
     message: "Do not edit .turbo/ cache. Run `turbo` to regenerate."
     locked: true
+```
+
+### Preconditions — Package Boundary Enforcement
 
+Generate one rule per dependency boundary. The `file_pattern` and `import_pattern` should reflect the actual package names.
+
+```yaml
 preconditions:
-  warn-turbo-config:
+  # Package boundary: {lib-package} must NOT import from {app-package}
+  # Generate one rule per forbidden import direction
+  no-{lib-short}-imports-{app-short}:
+    enabled: true
+    trigger: PreToolUse
+    matcher: "Write|Edit"
+    file_pattern: "{lib-package-path}/**"
+    message: "{lib-package} must not import from {app-package}. Dependency flows {app} → {lib}, never reverse."
+    priority: 80
+
+  # Prefer turbo over direct package manager for tasks defined in turbo.json
+  prefer-turbo-over-direct:
+    enabled: true
+    trigger: PreToolUse
+    matcher: Bash
+    command_pattern: "{package_manager} (build|lint|type-check|test)"
+    message: "Use `turbo run <task>` or `turbo run <task> --filter=<package>` instead of running {package_manager} directly for tasks defined in turbo.json."
+    priority: 70
+
+  # Critical config cautions
+  caution-turbo-config:
+    enabled: true
     trigger: PreToolUse
     matcher: "Write|Edit"
     file_pattern: "turbo.json"
-    message: "Turbo config changes affect build pipeline and caching across all packages."
-    priority: 60
+    message: "turbo.json defines the task graph and caching for ALL packages. Changes affect the entire monorepo build pipeline."
+    priority: 90
+
+  caution-root-package-json:
+    enabled: true
+    trigger: PreToolUse
+    matcher: "Write|Edit"
+    file_pattern: "package.json"
+    message: "Root package.json defines workspace scripts and shared devDependencies. Changes affect all packages."
+    priority: 80
+
+  caution-workspace-config:
+    enabled: true
+    trigger: PreToolUse
+    matcher: "Write|Edit"
+    file_pattern: "pnpm-workspace.yaml"  # or package.json workspaces field
+    message: "Workspace config defines which directories are packages. Changes affect monorepo structure."
+    priority: 90
 ```
+
+### Preconditions — Project-Specific Critical Files
+
+Generate caution rules for files identified as architecturally critical during topology mapping. Examples:
+
+```yaml
+  # Barrel exports (index.ts files that re-export from a package)
+  caution-barrel-exports:
+    enabled: true
+    trigger: PreToolUse
+    matcher: "Write|Edit"
+    file_pattern: "{lib-package-path}/src/index.ts"
+    message: "Barrel export for {lib-package}. Adding/removing exports affects all consumers."
+    priority: 80
+
+  # Framework middleware, adapters, or other high-impact files
+  # Customize based on what you find during topology mapping
+  caution-{critical-file}:
+    enabled: true
+    trigger: PreToolUse
+    matcher: "Write|Edit"
+    file_pattern: "{path-to-critical-file}"
+    message: "{Explanation of why this file is critical}"
+    priority: 80
+```
+
+### Postconditions — Per-Package Type Checking
+
+Generate one postcondition per package. Use `turbo run --filter=` to scope to the affected package.
+
+```yaml
+postconditions:
+  # Per-package type checking — one rule per workspace package
+  type-check-{package-short}-on-change:
+    enabled: false  # postconditions disabled by default
+    trigger: PostToolUse
+    matcher: "Write|Edit"
+    file_pattern: "{package-path}/**/*.{ts,tsx}"
+    run: "turbo run type-check --filter={package-name}"
+    timeout: 30000
+    block_on_failure: true
+
+  # Example for a package with no build step (consumed as source):
+  # type-check-ui-on-change:
+  #   file_pattern: "packages/ui/**/*.{ts,tsx}"
+  #   run: "turbo run type-check --filter=@maya/ui"
+
+  # Example for an app package:
+  # type-check-web-on-change:
+  #   file_pattern: "apps/web/**/*.{ts,tsx}"
+  #   run: "turbo run type-check --filter=@maya/web"
+```
+
+### Pipelines — Use Turbo Directly
+
+**IMPORTANT:** Every pipeline MUST include `on_failure`. It is a required field. Omitting it causes a validation error.
+
+```yaml
+pipelines:
+  pre-commit-checks:
+    enabled: true
+    trigger: "PreToolUse"
+    matcher: "Bash"
+    command_pattern: "git commit"
+    steps:
+      - name: "type-check"
+        run: "turbo run type-check"
+        timeout: 60000
+      - name: "lint"
+        run: "turbo run lint"
+        timeout: 60000
+    on_failure: "block"          # REQUIRED — "block" or "warn"
+    message: "Pre-commit checks via turbo."
+    locked: true
+    priority: 5
+
+  full-check:
+    enabled: false
+    steps:
+      - run: "turbo run type-check"
+        label: "Type-check all packages"
+        timeout: 60000
+      - run: "turbo run lint"
+        label: "Lint all packages"
+        timeout: 60000
+    on_failure: "warn"           # REQUIRED — "block" or "warn"
+```
+
+### What NOT to Generate for Turborepo
+
+- **Do NOT use `pnpm build` / `pnpm lint` in postconditions** — use `turbo run <task> --filter=<pkg>` instead
+- **Do NOT generate global `tsc --noEmit` postconditions** — each package has its own tsconfig; use turbo to respect the task graph
+- **Do NOT omit the topology comment** — it documents the workspace structure for humans
+- **Do NOT skip package boundary rules** — they prevent the most common monorepo mistake (reverse imports)
+- **Do NOT auto-approve git push** — even in monorepos, pushes affect shared state

package/dist/skills/ulpi-generate-guardian/references/language-rules.md

@@ -2,31 +2,26 @@
 
 ## Node.js / TypeScript
 
+**IMPORTANT:** Only auto-approve the DETECTED package manager, not all of them. If the project uses pnpm, only include the pnpm rule. Do not include npm/yarn/bun rules for a pnpm project.
+
 ```yaml
 permissions:
-  auto-approve-npm:
-    trigger: PermissionRequest
-    matcher: Bash
-    command_pattern: "npm"
-    decision: allow
-
+  # Include ONLY the detected package manager — pick ONE of these:
+  # If pnpm detected (pnpm-lock.yaml):
   auto-approve-pnpm:
     trigger: PermissionRequest
     matcher: Bash
     command_pattern: "pnpm"
     decision: allow
-
-  auto-approve-yarn:
-    trigger: PermissionRequest
-    matcher: Bash
-    command_pattern: "yarn"
-    decision: allow
-
-  auto-approve-bun:
-    trigger: PermissionRequest
-    matcher: Bash
-    command_pattern: "bun"
-    decision: allow
+  # If npm detected (package-lock.json):
+  # auto-approve-npm:
+  #   command_pattern: "npm"
+  # If yarn detected (yarn.lock):
+  # auto-approve-yarn:
+  #   command_pattern: "yarn"
+  # If bun detected (bun.lockb):
+  # auto-approve-bun:
+  #   command_pattern: "bun"
 
   auto-approve-node:
     trigger: PermissionRequest

package/dist/{ui-L7UAWXDY.js → ui-OWXZ3YSR.js}

@@ -1,7 +1,7 @@
 import {
   createApiServer,
   setUiServerPort
-} from "./chunk-Q4HIY43N.js";
+} from "./chunk-2VYFVYJL.js";
 import {
   attachWebSocket
 } from "./chunk-7AL4DOEJ.js";
@@ -15,7 +15,7 @@ import "./chunk-2CLNOKPA.js";
 import "./chunk-SPOI23SB.js";
 import "./chunk-6OCEY7JY.js";
 import "./chunk-SIAQVRKG.js";
-import "./chunk-NNUWU6CV.js";
+import "./chunk-JGBXM5NC.js";
 import "./chunk-YM2HV4IA.js";
 import "./chunk-KIKPIH6N.js";
 import {
@@ -55,7 +55,7 @@ async function main() {
   const projectDir = process.argv[2] || process.cwd();
   const secret = generateApiSecret2();
   setApiSecret2(secret);
-  const { createApiServer: createApiServer2 } = await import("./server-MOYPE4SM-N7SE2AN7.js");
+  const { createApiServer: createApiServer2 } = await import("./server-USLHY6GH-AEOJC5ST.js");
   const { attachWebSocket: attachWebSocket2 } = await import("./server-X5P6WH2M-7K2RY34N.js");
   const server = createApiServer2(projectDir);
   const wss = attachWebSocket2(server, projectDir);