@ulysses-ai/create-workspace 0.15.0-beta.0 → 0.15.0-beta.2

package/template/.claude/scripts/migrate-canonical-priority.mjs

@@ -0,0 +1,108 @@
+#!/usr/bin/env node
+// Idempotent migrator: back-fill `priority: critical` on locked workspace-context
+// files that lack the field. Default-to-critical preserves existing behavior —
+// no surprise drops on upgrade.
+//
+// Usage:
+//   node migrate-canonical-priority.mjs [--root <path>]
+//
+// Walks <root>/workspace-context/shared/locked/*.md. For each file:
+//   - Skip non-.md files and files without parseable frontmatter (warn to stderr).
+//   - If `priority` is already set (any value), leave the file untouched.
+//   - Otherwise add `priority: critical` losslessly via updateSessionContent.
+//
+// Returns { status, files: { applied, unchanged } } where status is 'applied'
+// when at least one file was modified, else 'noop'. Always exits 0 — idempotent
+// migrations don't fail.
+
+import {
+  existsSync,
+  readFileSync,
+  writeFileSync,
+  readdirSync,
+  statSync,
+  realpathSync,
+} from 'node:fs';
+import { join, resolve } from 'node:path';
+import { fileURLToPath } from 'node:url';
+import { parseSessionContent, updateSessionContent } from '../lib/session-frontmatter.mjs';
+
+function isMainModule(metaUrl) {
+  if (!process.argv[1]) return false;
+  try {
+    return realpathSync(fileURLToPath(metaUrl)) === realpathSync(process.argv[1]);
+  } catch { return false; }
+}
+
+function parseArgs(argv) {
+  const args = { root: process.cwd() };
+  for (let i = 2; i < argv.length; i++) {
+    const a = argv[i];
+    if (a === '--root') args.root = argv[++i];
+    else throw new Error(`Unknown arg: ${a}`);
+  }
+  return args;
+}
+
+export function migrateCanonicalPriority({ root }) {
+  const absRoot = resolve(root);
+  const lockedDir = join(absRoot, 'workspace-context', 'shared', 'locked');
+  const files = { applied: [], unchanged: [] };
+
+  if (!existsSync(lockedDir)) {
+    return { status: 'noop', files };
+  }
+
+  let entries;
+  try {
+    entries = readdirSync(lockedDir).sort();
+  } catch {
+    return { status: 'noop', files };
+  }
+
+  for (const name of entries) {
+    if (!name.endsWith('.md')) continue;
+    const full = join(lockedDir, name);
+    let st;
+    try { st = statSync(full); } catch { continue; }
+    if (!st.isFile()) continue;
+
+    const raw = readFileSync(full, 'utf-8');
+    let parsed;
+    try {
+      parsed = parseSessionContent(raw);
+    } catch {
+      console.error(`warning: skipping ${full}: no parseable frontmatter`);
+      continue;
+    }
+
+    if (parsed?.fields?.priority !== undefined) {
+      files.unchanged.push(name);
+      continue;
+    }
+
+    const updated = updateSessionContent(raw, { priority: 'critical' });
+    writeFileSync(full, updated);
+    files.applied.push(name);
+  }
+
+  return {
+    status: files.applied.length > 0 ? 'applied' : 'noop',
+    files,
+  };
+}
+
+function main() {
+  const args = parseArgs(process.argv);
+  const result = migrateCanonicalPriority({ root: args.root });
+  process.stdout.write(JSON.stringify(result) + '\n');
+}
+
+if (isMainModule(import.meta.url)) {
+  try {
+    main();
+  } catch (err) {
+    process.stderr.write(`migrate-canonical-priority: ${err.message}\n`);
+    process.exit(1);
+  }
+}

package/template/.claude/skills/complete-work/SKILL.md

@@ -249,6 +249,94 @@ cd repos/{repo} && git pull origin {repo-branch}
 cd {main-workspace-root} && git pull origin main
 ```
 
+**Step 10a.1: Tag the merge commit (release sessions only, project repos with `package.json`)**
+
+The next three sub-substeps run only when the session branch starts with `release/` — the convention for release sessions (e.g., `release/v0.15.0-beta.0`). For feature, bugfix, and chore sessions, skip 10a.1, 10a.2, and 10a.3 entirely; non-release sessions don't trigger publishes. Detection is purely by branch prefix.
+
+Derive the version tag from the branch name by stripping the `release/` prefix (so `release/v0.15.0-beta.0` yields `v0.15.0-beta.0`). For each project repo whose `package.json` declares a `version` field, verify that version matches the derived tag. The workspace repo is **never** tagged — only project repos with publishable `package.json` files get tagged, since the tag triggers `.github/workflows/publish.yml` in that project repo. If a project repo's `package.json` version doesn't match the release tag, skip that repo with a warning rather than failing the whole completion flow — the mismatch usually means `/release` was run against a different version than the branch name suggests, and the user needs to investigate before publishing.
+
+Before tagging, preflight against origin: if `v{version}` already exists remotely, surface the conflict to the user with three explicit recovery options — **Reuse** (skip to 10a.2 if the existing tag points at the right commit), **Replace** (`git push origin --delete v{version}` then re-run 10a.1), or **Investigate** (`gh release view v{version}` to see what shipped). Do **not** silently force-push the tag; an existing tag means a published artifact, and overwriting it without confirmation can corrupt the npm registry's view of the release history.
+
+If the tag is absent on origin, tag the merge commit (HEAD on `{default-branch}` after the prior `git pull origin {default-branch}`) and push the tag. The tag push triggers `.github/workflows/publish.yml`.
+
+```bash
+# Detect: only run for release sessions.
+if [[ ! "$branch" =~ ^release/ ]]; then
+  # Not a release session — skip 10a.1, 10a.2, 10a.3.
+  return
+fi
+
+# Extract the version from the branch name (release/v{X} → v{X}).
+version_tag="${branch#release/}"   # e.g. "v0.15.0-beta.0"
+
+# For each project repo with a package.json containing a version field:
+for repo in {project-repos-with-package-json}; do
+  cd repos/{repo}
+
+  # Verify package.json version matches the tag.
+  pkg_version=$(node -p "require('./package.json').version")
+  expected_version="${version_tag#v}"
+  if [ "$pkg_version" != "$expected_version" ]; then
+    echo "Skipping {repo}: package.json version ($pkg_version) does not match release tag ($expected_version)."
+    continue
+  fi
+
+  # Preflight: does the tag already exist on origin?
+  if git ls-remote --exit-code origin "refs/tags/$version_tag" >/dev/null 2>&1; then
+    # Tag exists. Surface to user with three options:
+    # 1. Reuse — skip to 10a.2 if the existing tag points at the right commit.
+    # 2. Replace — `git push origin --delete $version_tag` then re-run 10a.1.
+    # 3. Investigate — `gh release view $version_tag` to see what shipped.
+    # Do NOT silently force-push.
+    echo "Tag $version_tag already exists on origin. Aborting with recovery options."
+    return 1
+  fi
+
+  # Tag the merge commit (HEAD on default branch after the prior `git pull`).
+  git tag "$version_tag"
+  git push origin "$version_tag"   # Triggers .github/workflows/publish.yml
+done
+```
+
+**Step 10a.2: Watch the publish workflow (release sessions only)**
+
+For each project repo tagged in 10a.1, find and follow the `publish.yml` workflow run on GitHub. The workflow takes a moment to register against the new tag — poll `gh run list` up to 5 times with a 3-second backoff before giving up. Once the run is found, attach with `gh run watch` so the maintainer sees progress live alongside the unified summary. Append `|| true` to the watch command so a workflow failure does **not** abort the rest of `/complete-work`: the maintainer still needs to see the unified summary, including the failure URL, to decide whether to rerun, redo the release, or roll the tag back. If no run registers within the retry window, log a warning with the manual investigation command and continue.
+
+```bash
+# Retry up to 5 times with 3-second backoff — the run takes a moment to register.
+for i in 1 2 3 4 5; do
+  run_id=$(gh run list \
+    --repo {org}/{repo} \
+    --workflow publish.yml \
+    --branch "$version_tag" \
+    --limit 1 \
+    --json databaseId \
+    --jq '.[0].databaseId')
+  if [ -n "$run_id" ]; then break; fi
+  sleep 3
+done
+
+if [ -z "$run_id" ]; then
+  echo "Warning: no publish workflow run found for $version_tag after 15s. Investigate via 'gh run list'."
+else
+  gh run watch "$run_id" --exit-status --repo {org}/{repo} || true
+fi
+```
+
+**Step 10a.3: Update the unified summary (release sessions only)**
+
+The unified summary block presented earlier in Step 10a already has a section per project repo. For release sessions, append a `PUBLISH` section per tagged project repo to the same summary — this goes inside the existing summary, not in a new location, so the maintainer sees one consolidated report covering merges, tags, and npm publishes:
+
+```
+PUBLISH ({repo}):
+  Tag: v{version}
+  Workflow: {run-url}
+  Status: success | failure
+  Published: {dist-tag}@{version} on npm
+```
+
+Pull `Status` from the `gh run watch` exit code (success when the watch returned 0, failure otherwise). Pull `Published: {dist-tag}@{version}` from the workflow's published-package output if available; if the workflow failed before publishing, omit the `Published:` line and rely on `Status: failure` plus the workflow URL to point the maintainer at the failure.
+
 #### Step 10b: Local / bare / other remotes — local merge flow
 
 No PRs are created — these remotes don't have a PR concept (or we don't have a client wired up for them). Present an adjusted summary:

package/template/.claude/skills/maintenance/SKILL.md

@@ -53,13 +53,33 @@ For each workspace-context `.md` file and each `work-sessions/*/workspace/sessio
 node .claude/scripts/build-workspace-context.mjs --check --root .
 ```
 
-The script exits 1 if any of the three artifact types is missing or stale, and reports per-file status as JSON:
+The script reports per-artifact status as JSON and uses three exit codes to distinguish what's wrong:
+
+- `0` — all artifacts current and the rendered canonical fits inside `workspace.canonicalBudgetBytes`.
+- `1` — at least one artifact is `missing` or `stale`. Run `--write` to regenerate. `missing` means the artifact does not exist yet; `stale` means it exists but no longer matches its sources (a file was added or deleted, a `description:` changed, a `shared/locked/` file was edited, an `.indexignore` rule was added).
+- `2` — artifacts are current but canonical body bytes exceed the budget after the trim and stub stages have already run. Regeneration cannot fix this; the locked content itself needs triage. Stale wins over over-budget when both apply, so a `1` can hide an over-budget condition until you regen.
+
+The JSON payload always includes a `canonical` block summarizing the budget outcome:
+
+```json
+{
+  "status": "current",
+  "missing": [],
+  "stale": [],
+  "canonical": {
+    "budget": 40960,
+    "current": 47802,
+    "overBy": 6842,
+    "selectionStatus": "stubbed",
+    "trimmedFiles": ["post-release-discipline"],
+    "stubbedFiles": ["project-status", "release-flow-recipes"]
+  }
+}
+```
 
-- `missing` — `workspace-context/` exists but the artifact does not. Run `--write` to create.
-- `stale` — the artifact exists but no longer matches the filesystem. Causes: a file was added or deleted, a `description:` was changed, a `shared/locked/` file was edited, an `.indexignore` rule was added. Run `--write` to regenerate.
-- `current` — everything matches.
+`selectionStatus` walks `ok` → `trimmed` → `stubbed` → `over-budget` as the script gives up progressively more reference content trying to fit the budget. `trimmedFiles` lists reference files whose `<!-- canonical:trim --> ... <!-- canonical:end-trim -->` spans were dropped; `stubbedFiles` lists reference files whose entire body was replaced with a one-line breadcrumb. `overBy` is present only when `selectionStatus === 'over-budget'` and reports the bytes still over after stubbing.
 
-Audit mode reports the status. Cleanup mode runs `--write` if stale or missing, then re-checks.
+Audit mode reports the status verbatim. When `selectionStatus` is `over-budget`, audit emits the budget violation and recommends `/maintenance cleanup` to triage — regeneration will not resolve it. Cleanup mode runs `--write` when `missing` or `stale`, re-checks, and then enters the budget triage flow described in cleanup step 9 if the post-regen check still reports `over-budget`.
 
 While the indexes are being read, also flag entries with weak fallbacks: filename-slug-only descriptions (e.g., "project status" with no period) usually indicate the underlying file is missing a `description:` or has no usable opening sentence. Suggest adding `description:` to those source files — the index will pick it up on the next regeneration.
 
@@ -101,8 +121,55 @@ Active recommendations. Flags problems and suggests fixes, but asks before actin
 - Surface: "{file} says X but {newer-file} now says Y. Update {file}?"
 - This is the capture-time cross-check, run retroactively instead of inline
 
-### 9. Health metrics
-- Size of `workspace-context/shared/locked/` relative to the active model's context window — flag if over 5% (yellow) or 15% (red). Absolute byte count is a weak proxy; contradictions, stale references, and duplicated coverage across files matter more than total size.
+### 9. Canonical budget triage
+
+This step runs only when the post-regen `--check` from step 8 still reports `selectionStatus: 'over-budget'`. If the regular regen pass cleared the budget — or if `--check` was already `ok`, `trimmed`, or `stubbed` after step 8 — skip this step entirely.
+
+The rest of cleanup is suggestion-list-with-confirmation: surface a candidate, ask before applying, move on. Triage is the one meaningfully more interactive surface in `/maintenance`. It runs as a small REPL: present the budget state and a triage menu, take one action, re-run `--check`, present the menu again with the new state. No suggestion is auto-applied; every action is the user's choice.
+
+Inputs to gather before the first menu render:
+
+- The `canonical` block from the `--check` JSON: `budget`, `current`, `overBy`, `selectionStatus`, `trimmedFiles`, `stubbedFiles`.
+- Each `workspace-context/shared/locked/*.md` file with its on-disk byte size and frontmatter `priority`.
+- Per file, a list of `## Section heading` spans with byte sizes — use a simple `^## ` boundary scan, not a full markdown AST. Locked files are short and shallow enough that the naive split is sufficient; if a file ever has nested headings that confuse it, fall back to opening the file in an editor (option `[c]` below).
+
+Render the state and present this menu:
+
+```
+Canonical budget: 40960 bytes. Current: 47802 bytes. Over by 6842 bytes.
+
+Locked files by size:
+  1. project-status.md           (priority: reference, 18432 bytes)  ← stubbed in canonical
+  2. post-release-discipline.md  (priority: critical, 12104 bytes)
+  3. naming-conventions.md       (priority: critical,  4218 bytes)
+  4. cross-platform.md           (priority: critical,   702 bytes)
+  5. product-bias-risk.md        (priority: critical,  1346 bytes)
+
+Largest sections in priority:critical files (eligible for promotion to reference or trim markers):
+  - project-status.md > "What's Built" (5120 bytes)
+  - post-release-discipline.md > "Backstop: branch protection" (3892 bytes)
+  - post-release-discipline.md > "Why" (2104 bytes)
+
+Triage (one at a time):
+  [a] Demote a file from critical to reference
+  [b] Add canonical:trim markers around a specific section
+  [c] Open a locked file in the editor for manual edits
+  [d] Skip — accept the over-budget warning
+  [q] Done
+```
+
+For each chosen action:
+
+- **`[a]` Demote.** Ask which file. Rewrite its frontmatter `priority: critical` → `priority: reference`. No body changes. Re-run `--check`, re-render the menu with the new state.
+- **`[b]` Add trim markers.** Ask which `file > section`. Wrap the section by inserting `<!-- canonical:trim -->` on its own line just before the section heading and `<!-- canonical:end-trim -->` on its own line just after the section's last line (the line before the next `^## ` heading or EOF). Re-run `--check`, re-render.
+- **`[c]` Open in editor.** Print the file path and pause. The user edits manually, returns, and confirms — then re-run `--check` and re-render.
+- **`[d]` Skip.** Accept the over-budget state for this run; record the acknowledgement in the run summary. Audit will continue to surface the warning on subsequent runs.
+- **`[q]` Done.** Exit triage. Report the final `--check` status as the run result.
+
+Trim markers and demotions only matter for `priority: reference` files — `<!-- canonical:trim -->` spans on a `priority: critical` file are inert until the file is demoted. The triage flow never auto-decides which file to demote or which section to wrap; it surfaces the data, presents options, and waits.
+
+### 10. Health metrics
+- Canonical budget — read from the same `--check` invocation as step 5. Reported as `current / budget` bytes with the selection status (e.g., `full`, `2 reference files trimmed`). Over-budget cases are deferred to the cleanup triage flow rather than re-reported here.
 - Number of ephemeral files — flag if accumulating without resolution
 - Session log stats (if `workspace-scratchpad/session-log.jsonl` exists):
   - Sessions without capture
@@ -118,7 +185,8 @@ Issues (3):
   ✗ workspace-context/team-member/alice/old-handoff.md references branch feature/old
     but that branch was deleted
   ✗ 2 inflight files exist but no active work session (orphaned?)
-  ✗ Locked context is 18% of model context window (red threshold: 15%)
+  ✗ Canonical exceeds budget: 47 KB / 40 KB. 2 reference files were stubbed;
+    canonical is still 6.8 KB over. Run /maintenance cleanup to triage.
 
 Warnings (2):
   ⚠ workspace-context/team-member/alice/workspace-analytics.md not updated in 8 days
@@ -134,7 +202,7 @@ OK (5):
   ✓ All CLAUDE.md skill references valid
   ✓ Workspace structure matches rule
   ✓ workspace.json repos all present
-  ✓ No frontmatter errors
+  ✓ Canonical: 17 KB / 40 KB (full)
   ✓ Template is up to date (v0.14.0)
 ```
 
@@ -145,9 +213,9 @@ OK (5):
 3. Read workspace.json — extract repo manifest
 4. Check `.claude/rules/`, `.claude/skills/`, `.claude/agents/` against references
 5. Check git state (worktrees, branches, remotes)
-6. Run `node .claude/scripts/build-workspace-context.mjs --check --root .` — capture status
+6. Run `node .claude/scripts/build-workspace-context.mjs --check --root .` — capture status. Exit `0` = clean and within budget, `1` = artifact missing or stale, `2` = artifacts current but canonical body over budget. The `canonical` block in the JSON output drives both the audit budget line and the cleanup triage decision.
 7. Read session-log.jsonl if it exists
-8. If cleanup mode: regenerate the workspace-context auto-files if stale (index.md, canonical.md, per-user team-member indexes); compare files pairwise for overlap; scan for stale cross-references
+8. If cleanup mode: regenerate the workspace-context auto-files if stale (index.md, canonical.md, per-user team-member indexes); compare files pairwise for overlap; scan for stale cross-references. If post-regen `--check` reports `over-budget`, enter the canonical-budget triage flow described in cleanup step 9.
 9. Compile and present findings grouped by severity
 
 ## Notes

package/template/.claude/skills/release/SKILL.md

@@ -144,3 +144,6 @@ Process ephemeral workspace-context entries:
 - Context synthesis happens in the WORKSPACE repo — Step 7c (consumed-notes) and Step 9 (workspace-context synthesis) are separate workspace commits.
 - Per-repo is the default — each project repo has its own release cadence.
 - The coherent-revisions rule applies: write the CHANGELOG entry from scratch, don't concatenate branch notes.
+- Tagging happens in `/complete-work`, not here. When the session branch starts with `release/`, `/complete-work` tags the merge commit on the project repo's default branch and pushes the tag, which triggers `.github/workflows/publish.yml` to publish to npm. `/release` produces the synthesis (CHANGELOG entry + version bump + consumed-notes deletion); `/complete-work` does the push, PR, merge, and tag.
+- Do not run `npm publish` locally. The publish workflow is the only path that exercises OIDC trusted publishing — local publish requires 2FA OTP and bypasses that. If the workflow fails, investigate via `gh run view`; do not fall back to local publish.
+- Recovery from a failed publish. Transient failure: rerun via `gh run rerun {run_id}`. Content failure: delete the tag (`git push origin --delete v{version} && git tag -d v{version}`), then redo the release in a new release session — `/start-work`, then `/release v{version}`, then `/complete-work`. Once a version is published to npm, that version is committed on the registry; bump and start a new release.

package/template/.claude/skills/workspace-update/SKILL.md

@@ -77,7 +77,7 @@ Read `toVersion` from `.workspace-update/.manifest.json` and update `templateVer
 
 ### Step 4a: Run idempotent migrators
 
-The payload may include migrator scripts at `.workspace-update/.claude/scripts/migrate-*.mjs` that bring older workspaces forward in shape. They are idempotent — safe to re-run on already-migrated workspaces. Run each one and surface its action in the upgrade summary.
+The payload may include migrator scripts at `.workspace-update/.claude/scripts/migrate-*.mjs` that bring older workspaces forward in shape. They are idempotent — safe to re-run on already-migrated workspaces. Run each one in document order and surface its action in the upgrade summary.
 
 ```bash
 node .workspace-update/.claude/scripts/migrate-claude-md-freshness-include.mjs
@@ -89,6 +89,12 @@ Output is JSON: `{"action":"appended"|"unchanged"|"skipped"}`.
 - `unchanged` — the line was already present.
 - `skipped` — no `CLAUDE.md` exists at the workspace root (rare; surface to the user).
 
+```bash
+node .workspace-update/.claude/scripts/migrate-canonical-priority.mjs --root .
+```
+
+Output is JSON: `{"status":"applied"|"noop","files":[...]}`. Back-fills `priority: critical` on every `workspace-context/shared/locked/*.md` that lacks the field, preserving today's full-load behavior until the user explicitly demotes a file. Idempotent — safe to re-run on already-migrated workspaces.
+
 Add other migrators here as the template ships them.
 
 ### Step 5: Post-update verification

package/template/workspace.json.tmpl

@@ -7,6 +7,7 @@
     "workSessionsDir": "work-sessions",
     "workspaceContextDir": "workspace-context",
     "releaseNotesDir": "workspace-context/release-notes",
+    "canonicalBudgetBytes": 40960,
     "subagentContextMaxBytes": 10240,
     "greeting": "Welcome back to {{project-name}}.",
     "releaseMode": "per-repo",

package/template/.claude/hooks/_bash-output-advisory.test.mjs

@@ -1,88 +0,0 @@
-#!/usr/bin/env node
-// Unit tests for bash-output-advisory.mjs pattern detection.
-// Run: node .claude/hooks/_bash-output-advisory.test.mjs
-import { detectNoisyPattern } from './bash-output-advisory.mjs';
-
-let failed = 0;
-let passed = 0;
-
-function shouldWarn(command, label) {
-  const result = detectNoisyPattern(command);
-  if (result) {
-    passed++;
-  } else {
-    failed++;
-    console.error(`  FAIL: ${label}\n    command: ${command}\n    expected an advisory, got null`);
-  }
-}
-
-function shouldNotWarn(command, label) {
-  const result = detectNoisyPattern(command);
-  if (!result) {
-    passed++;
-  } else {
-    failed++;
-    console.error(`  FAIL: ${label}\n    command: ${command}\n    expected null, got: ${result}`);
-  }
-}
-
-// === Test runners ===
-shouldWarn('npm test', 'bare npm test');
-shouldWarn('npm run test', 'bare npm run test');
-shouldWarn('yarn test', 'bare yarn test');
-shouldWarn('pnpm test', 'bare pnpm test');
-shouldWarn('bun test', 'bare bun test');
-shouldWarn('cargo test', 'bare cargo test');
-shouldWarn('npm test --coverage', 'npm test with non-scoping flag');
-
-shouldNotWarn('npm test path/to/file.test.mjs', 'npm test with file path');
-shouldNotWarn('npm test src/', 'npm test with directory');
-shouldNotWarn('npm test -- --grep auth', 'npm test with -- args');
-shouldNotWarn('npm test myFile.test.js', 'npm test with bare filename');
-shouldNotWarn('npm test | grep FAIL', 'npm test piped to grep');
-shouldNotWarn('npm test | head -50', 'npm test piped to head');
-shouldNotWarn('cargo test auth_module', 'cargo test with module filter');
-
-// === grep -r ===
-shouldWarn('grep -r "pattern" .', 'bare grep -r');
-shouldWarn('grep --recursive "pattern" src/', 'grep --recursive long form');
-shouldWarn('grep -rn "TODO" .', 'grep -rn (recursive + line numbers)');
-
-shouldNotWarn('grep -r --include="*.js" pattern .', 'grep -r with --include');
-shouldNotWarn('grep -r pattern . --exclude="*.log"', 'grep -r with --exclude');
-shouldNotWarn('grep "pattern" file.txt', 'non-recursive grep');
-
-// === find on broad anchors ===
-shouldWarn('find /', 'find on root');
-shouldWarn('find ~', 'find on home tilde');
-shouldWarn('find $HOME', 'find on $HOME');
-
-shouldNotWarn('find / -name "*.log"', 'find / with -name');
-shouldNotWarn('find ~ -path "*node_modules*" -prune', 'find ~ with -path');
-shouldNotWarn('find . -type f', 'find on cwd');
-shouldNotWarn('find ./src -name "*.ts"', 'find on relative subdir');
-
-// === cat on log-shaped files ===
-shouldWarn('cat server.log', 'cat .log file');
-shouldWarn('cat events.jsonl', 'cat .jsonl file');
-shouldWarn('cat trace.ndjson', 'cat .ndjson file');
-shouldWarn('cat path/to/big.log', 'cat .log in subdir');
-
-shouldNotWarn('cat package.json', 'cat package.json');
-shouldNotWarn('cat README.md', 'cat README');
-shouldNotWarn('cat src/index.ts', 'cat source file');
-shouldNotWarn('cat server.log | tail -50', 'cat .log piped to tail');
-
-// === redirected output (always allowed) ===
-shouldNotWarn('npm test > /tmp/test-output.txt', 'npm test redirected to file');
-shouldNotWarn('grep -r foo . > out.txt', 'grep -r redirected to file');
-shouldNotWarn('find / 2>&1 | tee /tmp/find.txt', 'find piped to tee');
-
-// === unrelated commands ===
-shouldNotWarn('git status', 'git status');
-shouldNotWarn('ls -la', 'ls');
-shouldNotWarn('echo hello', 'echo');
-shouldNotWarn('node --version', 'node version');
-
-console.log(`Passed: ${passed}, Failed: ${failed}`);
-if (failed > 0) process.exit(1);

package/template/.claude/hooks/_utils.test.mjs

@@ -1,99 +0,0 @@
-#!/usr/bin/env node
-// Unit tests for _utils.mjs tracker path helpers.
-// Run: node .claude/hooks/_utils.test.mjs
-import { mkdtempSync, mkdirSync, writeFileSync, rmSync } from 'fs';
-import { tmpdir } from 'os';
-import { join } from 'path';
-import {
-  sessionFilePath,
-  sessionWorktreePath,
-  sessionFolderPath,
-  getSessionTrackers,
-} from './_utils.mjs';
-
-let failed = 0;
-let passed = 0;
-
-function assertEq(actual, expected, msg) {
-  const a = JSON.stringify(actual);
-  const e = JSON.stringify(expected);
-  if (a === e) {
-    passed++;
-  } else {
-    failed++;
-    console.error(`  FAIL: ${msg}\n    expected: ${e}\n    actual:   ${a}`);
-  }
-}
-
-function fixture() {
-  const root = mkdtempSync(join(tmpdir(), 'utils-test-'));
-  writeFileSync(
-    join(root, 'workspace.json'),
-    JSON.stringify({
-      workspace: { workSessionsDir: 'work-sessions', scratchpadDir: 'workspace-scratchpad' },
-    })
-  );
-  mkdirSync(join(root, 'work-sessions', 'demo', 'workspace'), { recursive: true });
-  writeFileSync(
-    join(root, 'work-sessions', 'demo', 'workspace', 'session.md'),
-    '---\ntype: session-tracker\nname: demo\nstatus: active\n---\n\nbody\n'
-  );
-  return root;
-}
-
-// sessionFilePath points inside the worktree
-{
-  const root = fixture();
-  try {
-    assertEq(
-      sessionFilePath(root, 'demo'),
-      join(root, 'work-sessions', 'demo', 'workspace', 'session.md'),
-      'sessionFilePath resolves to in-worktree tracker'
-    );
-  } finally {
-    rmSync(root, { recursive: true, force: true });
-  }
-}
-
-// sessionWorktreePath returns the workspace worktree root
-{
-  const root = fixture();
-  try {
-    assertEq(
-      sessionWorktreePath(root, 'demo'),
-      join(root, 'work-sessions', 'demo', 'workspace'),
-      'sessionWorktreePath returns worktree root'
-    );
-  } finally {
-    rmSync(root, { recursive: true, force: true });
-  }
-}
-
-// sessionFolderPath still returns the session parent folder
-{
-  const root = fixture();
-  try {
-    assertEq(
-      sessionFolderPath(root, 'demo'),
-      join(root, 'work-sessions', 'demo'),
-      'sessionFolderPath unchanged'
-    );
-  } finally {
-    rmSync(root, { recursive: true, force: true });
-  }
-}
-
-// getSessionTrackers walks the in-worktree path
-{
-  const root = fixture();
-  try {
-    const trackers = getSessionTrackers(root);
-    assertEq(trackers.length, 1, 'getSessionTrackers finds demo session');
-    assertEq(trackers[0].name, 'demo', 'tracker name parsed');
-  } finally {
-    rmSync(root, { recursive: true, force: true });
-  }
-}
-
-console.log(`Passed: ${passed}, Failed: ${failed}`);
-if (failed > 0) process.exit(1);