@vyuhlabs/dxkit 2.12.0 → 2.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +42 -0
- package/README.md +192 -279
- package/dist/baseline/check.d.ts +7 -0
- package/dist/baseline/check.d.ts.map +1 -1
- package/dist/baseline/check.js +3 -1
- package/dist/baseline/check.js.map +1 -1
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +81 -1
- package/dist/cli.js.map +1 -1
- package/dist/generator.d.ts.map +1 -1
- package/dist/generator.js +5 -0
- package/dist/generator.js.map +1 -1
- package/dist/loop/demo.d.ts +11 -0
- package/dist/loop/demo.d.ts.map +1 -0
- package/dist/loop/demo.js +156 -0
- package/dist/loop/demo.js.map +1 -0
- package/dist/loop/doctor.d.ts +37 -0
- package/dist/loop/doctor.d.ts.map +1 -0
- package/dist/loop/doctor.js +294 -0
- package/dist/loop/doctor.js.map +1 -0
- package/dist/loop/ledger-cli.d.ts +7 -0
- package/dist/loop/ledger-cli.d.ts.map +1 -0
- package/dist/loop/ledger-cli.js +95 -0
- package/dist/loop/ledger-cli.js.map +1 -0
- package/dist/loop/ledger.d.ts +95 -0
- package/dist/loop/ledger.d.ts.map +1 -0
- package/dist/loop/ledger.js +201 -0
- package/dist/loop/ledger.js.map +1 -0
- package/dist/loop/policy.d.ts +35 -0
- package/dist/loop/policy.d.ts.map +1 -0
- package/dist/loop/policy.js +151 -0
- package/dist/loop/policy.js.map +1 -0
- package/dist/loop/scaffold.d.ts +26 -0
- package/dist/loop/scaffold.d.ts.map +1 -0
- package/dist/loop/scaffold.js +221 -0
- package/dist/loop/scaffold.js.map +1 -0
- package/dist/loop/stop-gate.d.ts +71 -0
- package/dist/loop/stop-gate.d.ts.map +1 -0
- package/dist/loop/stop-gate.js +295 -0
- package/dist/loop/stop-gate.js.map +1 -0
- package/dist/types.d.ts +4 -0
- package/dist/types.d.ts.map +1 -1
- package/dist/update.d.ts.map +1 -1
- package/dist/update.js +9 -0
- package/dist/update.js.map +1 -1
- package/package.json +1 -1
- package/templates/.claude/skills/dxkit-config/SKILL.md +17 -0
- package/templates/.claude/skills/dxkit-init/SKILL.md +1 -0
- package/templates/.claude/skills/dxkit-learn/SKILL.md +17 -0
- package/templates/.claude/skills/dxkit-loop/SKILL.md +114 -0
- package/templates/.claude/skills/dxkit-onboard/SKILL.md +2 -0
- package/templates/.claude/skills/dxkit-update/SKILL.md +3 -0
package/dist/update.js
CHANGED
|
@@ -44,6 +44,7 @@ const generator_1 = require("./generator");
|
|
|
44
44
|
const ship_installers_1 = require("./ship-installers");
|
|
45
45
|
const logger = __importStar(require("./logger"));
|
|
46
46
|
const migrate_1 = require("./baseline/migrate");
|
|
47
|
+
const scaffold_1 = require("./loop/scaffold");
|
|
47
48
|
/**
|
|
48
49
|
* Workspace-derived flag detection. Used in two cases:
|
|
49
50
|
* 1. The manifest doesn't carry `installFlags` (pre-2.5.2 manifests
|
|
@@ -63,6 +64,7 @@ function detectInstallFlags(cwd) {
|
|
|
63
64
|
withCiGuardrails: fs.existsSync(path.join(cwd, '.github', 'workflows', 'dxkit-guardrails.yml')),
|
|
64
65
|
withBaselineRefresh: fs.existsSync(path.join(cwd, '.github', 'workflows', 'dxkit-baseline-refresh.yml')),
|
|
65
66
|
withPrReview: fs.existsSync(path.join(cwd, '.github', 'workflows', 'pr-review.yml')),
|
|
67
|
+
withClaudeLoop: (0, scaffold_1.isClaudeLoopInstalled)(cwd),
|
|
66
68
|
};
|
|
67
69
|
}
|
|
68
70
|
/**
|
|
@@ -217,6 +219,13 @@ async function runUpdate(cwd, force, rescan = false) {
|
|
|
217
219
|
if (flags.withPrReview) {
|
|
218
220
|
mergeShipResult(aggregate, (0, ship_installers_1.installPrReview)(cwd, { force }));
|
|
219
221
|
}
|
|
222
|
+
// Loop pack: refresh the Stop hook + CLAUDE.md loop block on repos that
|
|
223
|
+
// opted in. Additive + idempotent — re-running picks up loop-norm prose
|
|
224
|
+
// changes without disturbing the user's other hooks. Preset is read from
|
|
225
|
+
// the existing .dxkit/policy.json (preserved), so this never resets it.
|
|
226
|
+
if (flags.withClaudeLoop) {
|
|
227
|
+
mergeShipResult(aggregate, (0, scaffold_1.installClaudeLoop)(cwd));
|
|
228
|
+
}
|
|
220
229
|
// Ignore files (.gitignore + .dxkit-ignore) — always refresh because
|
|
221
230
|
// their content can grow with new dxkit features (e.g. graphify-out/
|
|
222
231
|
// entry added in 2.5.1).
|
package/dist/update.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"update.js","sourceRoot":"","sources":["../src/update.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"update.js","sourceRoot":"","sources":["../src/update.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqCA,gDAaC;AAWD,kDAQC;AAWD,8CAWC;AAsBD,8BAwJC;AAzQD,uCAAyB;AACzB,2CAA6B;AAE7B,qCAAkC;AAClC,2CAAuC;AACvC,uDAU2B;AAC3B,iDAAmC;AACnC,gDAAwE;AACxE,8CAA2E;AAS3E;;;;;;;;;GASG;AACH,SAAgB,kBAAkB,CAAC,GAAW;IAC5C,OAAO;QACL,eAAe,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;QAClF,SAAS,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;QACjE,aAAa,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC;QACvE,gBAAgB,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,eAAe,EAAE,mBAAmB,CAAC,CAAC;QACrF,gBAAgB,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,EAAE,sBAAsB,CAAC,CAAC;QAC/F,mBAAmB,EAAE,EAAE,CAAC,UAAU,CAChC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,EAAE,4BAA4B,CAAC,CACrE;QACD,YAAY,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC;QACpF,cAAc,EAAE,IAAA,gCAAqB,EAAC,GAAG,CAAC;KAC3C,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,mBAAmB,CACjC,QAAkB,EAClB,GAAW;IAEX,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;QAC1B,OAAO,EAAE,KAAK,EAAE,QAAQ,CAAC,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;IAC9D,CAAC;IACD,OAAO,EAAE,KAAK,EAAE,kBAAkB,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;AACzE,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,iBAAiB,CAAC,GAAW,EAAE,KAAmB;IAChE,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC;IACxD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC;QAAE,OAAO,KAAK,CAAC;IAC/C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAa,CAAC;QAChF,QAAQ,CAAC,YAAY,GAAG,KAAK,CAAC;QAC9B,EAAE,CAAC,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QACzE,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AASD,SAAS,eAAe,CAAC,GAA0B,EAAE,MAAyB;IAC5E,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;IACtC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;IACpC,2EAA2E;IAC3E,sEAAsE;IACtE,sEAAsE;IACtE,uEAAuE;IACvE,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,sBAAsB,OAAO,kDAAkD,CAAC,CAAC;IAClG,CAAC;IACD,IAAI,MAAM,CAAC,KAAK;QAAE,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;AACpD,CAAC;AAEM,KAAK,UAAU,SAAS,CAAC,GAAW,EAAE,KAAc,EAAE,MAAM,GAAG,KAAK;IACzE,MAAM,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;IAEnC,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC;IACxD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,MAAM,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;QACxE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,QAAkB,CAAC;IACvB,IAAI,CAAC;QACH,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;IAChE,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QAChD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,kBAAkB,QAAQ,CAAC,WAAW,WAAW,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC;IAE/E,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,mBAAmB,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IAC7D,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC;SACtC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;SACpB,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;SACf,IAAI,CAAC,IAAI,CAAC,CAAC;IACd,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,SAAS,GAAG,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,yBAAyB,CAAC;QACjF,MAAM,CAAC,IAAI,CAAC,qBAAqB,SAAS,MAAM,WAAW,EAAE,CAAC,CAAC;IACjE,CAAC;IAED,kEAAkE;IAClE,iEAAiE;IACjE,kEAAkE;IAClE,IAAI,MAAM,KAAK,mBAAmB,EAAE,CAAC;QACnC,IAAI,iBAAiB,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,CAAC,GAAG,CAAC,6DAA6D,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC;IAE7B,MAAM,MAAM,GAAG;QACb,GAAG,QAAQ;QACX,iBAAiB,EAAE,QAAQ,CAAC,MAAM,CAAC,iBAAiB;QACpD,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,UAAU;KACvC,CAAC;IAEF,yEAAyE;IACzE,qEAAqE;IACrE,6CAA6C;IAC7C,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAsC,EAAE,CAAC;QACtF,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACrF,CAAC;IAED,mEAAmE;IACnE,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;QACrE,IAAI,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YAChC,EAAE,CAAC,MAAM,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7C,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED,MAAM,SAAS,GAA0B;QACvC,OAAO,EAAE,EAAE;QACX,OAAO,EAAE,EAAE;QACX,WAAW,EAAE,EAAE;QACf,KAAK,EAAE,EAAE;KACV,CAAC;IAEF,2EAA2E;IAC3E,qEAAqE;IACrE,qEAAqE;IACrE,sEAAsE;IACtE,qEAAqE;IACrE,0EAA0E;IAC1E,MAAM,SAAS,GAAG,MAAM,IAAA,oBAAQ,EAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,eAAe,CAAC,CAAC;IAClG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC;IAC7C,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC;IAC7C,SAAS,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;IAErD,2EAA2E;IAC3E,sEAAsE;IACtE,sEAAsE;IACtE,kEAAkE;IAClE,yEAAyE;IACzE,IAAI,KAAK,CAAC,gBAAgB,EAAE,CAAC;QAC3B,eAAe,CAAC,SAAS,EAAE,IAAA,qCAAmB,EAAC,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAClE,CAAC;IACD,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;QACpB,eAAe,CAAC,SAAS,EAAE,IAAA,8BAAY,EAAC,GAAG,EAAE,EAAE,KAAK,EAAE,aAAa,EAAE,KAAK,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;QAC7F,gEAAgE;QAChE,2DAA2D;QAC3D,eAAe,CAAC,SAAS,EAAE,IAAA,yCAAuB,EAAC,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IACtE,CAAC;IACD,IAAI,KAAK,CAAC,gBAAgB,EAAE,CAAC;QAC3B,eAAe,CAAC,SAAS,EAAE,IAAA,qCAAmB,EAAC,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAClE,CAAC;IACD,sEAAsE;IACtE,sEAAsE;IACtE,uEAAuE;IACvE,qEAAqE;IACrE,gEAAgE;IAChE,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,gBAAgB,EAAE,CAAC;QAC9C,eAAe,CAAC,SAAS,EAAE,IAAA,2CAAyB,EAAC,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IACxE,CAAC;IACD,IAAI,KAAK,CAAC,mBAAmB,EAAE,CAAC;QAC9B,eAAe,CAAC,SAAS,EAAE,IAAA,0CAAwB,EAAC,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IACvE,CAAC;IACD,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;QACvB,eAAe,CAAC,SAAS,EAAE,IAAA,iCAAe,EAAC,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAC9D,CAAC;IACD,wEAAwE;IACxE,wEAAwE;IACxE,yEAAyE;IACzE,wEAAwE;IACxE,IAAI,KAAK,CAAC,cAAc,EAAE,CAAC;QACzB,eAAe,CAAC,SAAS,EAAE,IAAA,4BAAiB,EAAC,GAAG,CAAC,CAAC,CAAC;IACrD,CAAC;IAED,qEAAqE;IACrE,qEAAqE;IACrE,yBAAyB;IACzB,eAAe,CAAC,SAAS,EAAE,IAAA,oCAAkB,EAAC,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAE/D,0EAA0E;IAC1E,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU;IAC3B,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;IAChC,IAAI,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QAC7B,MAAM,CAAC,OAAO,CAAC,YAAY,SAAS,CAAC,OAAO,CAAC,MAAM,cAAc,CAAC,CAAC;IACrE,CAAC;IACD,IAAI,SAAS,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;QACjC,MAAM,CAAC,IAAI,CAAC,YAAY,SAAS,CAAC,WAAW,CAAC,MAAM,UAAU,CAAC,CAAC;IAClE,CAAC;IACD,IAAI,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CACT,YAAY,SAAS,CAAC,OAAO,CAAC,MAAM,kDAAkD,CACvF,CAAC;IACJ,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,SAAS,CAAC,KAAK;QAAE,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAErD,2EAA2E;IAC3E,uEAAuE;IACvE,uEAAuE;IACvE,wEAAwE;IACxE,yEAAyE;IACzE,0EAA0E;IAC1E,6BAA6B;IAC7B,MAAM,sBAAsB,CAAC,GAAG,CAAC,CAAC;IAElC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU;IAC3B,MAAM,CAAC,OAAO,CAAC,kEAAkE,CAAC,CAAC;AACrF,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,sBAAsB,CAAC,GAAW;IAC/C,IAAI,IAAI,CAAC;IACT,IAAI,CAAC;QACH,IAAI,GAAG,IAAA,2BAAiB,EAAC,GAAG,CAAC,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,2DAA2D;IACrE,CAAC;IACD,IAAI,CAAC,IAAI;QAAE,OAAO;IAElB,MAAM,CAAC,IAAI,CAAC,mFAAmF,CAAC,CAAC;IACjG,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,IAAA,yBAAe,EAAC,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;QACpD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACxB,MAAM,CAAC,OAAO,CAAC,qCAAqC,MAAM,CAAC,QAAQ,GAAG,CAAC,CAAC;QAC1E,CAAC;QACD,IAAI,MAAM,CAAC,cAAc,GAAG,CAAC,EAAE,CAAC;YAC9B,MAAM,CAAC,OAAO,CACZ,uBAAuB,MAAM,CAAC,iBAAiB,gBAAgB;gBAC7D,GAAG,MAAM,CAAC,kBAAkB,aAAa,CAC5C,CAAC;QACJ,CAAC;QACD,IAAI,MAAM,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxC,MAAM,CAAC,IAAI,CACT,GAAG,MAAM,CAAC,iBAAiB,CAAC,MAAM,kBAChC,MAAM,CAAC,iBAAiB,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAChD,gFAAgF,CACjF,CAAC;YACF,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,iBAAiB,EAAE,CAAC;gBACzC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,WAAW,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,8EAA8E,CAAC,CAAC;IAC7F,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,CAAC,IAAI,CACT,0CAA2C,GAAa,CAAC,OAAO,IAAI;YAClE,oFAAoF;YACpF,mBAAmB,CACtB,CAAC;IACJ,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -109,6 +109,23 @@ Each finding-kind has `block` (exit 1) and `warn` (log only) lists. Adjust to yo
|
|
|
109
109
|
|
|
110
110
|
Run `npx vyuh-dxkit guardrail check --policy=.dxkit/policy.json` to test the new policy. If no `policy.json` exists, dxkit uses the built-in defaults.
|
|
111
111
|
|
|
112
|
+
### Switching the loop posture (`loop.preset`)
|
|
113
|
+
|
|
114
|
+
A repo running autonomous coding loops behind the dxkit Stop-gate has a **loop-only** blocking posture under `loop.preset` in the same file:
|
|
115
|
+
|
|
116
|
+
```json
|
|
117
|
+
{
|
|
118
|
+
"loop": { "preset": "security-only" }
|
|
119
|
+
}
|
|
120
|
+
```
|
|
121
|
+
|
|
122
|
+
| Preset | Loop blocks on |
|
|
123
|
+
|---|---|
|
|
124
|
+
| `security-only` (default) | net-new secrets + crit/high security + crit/high reachable dependency vulns; test-gap + quality only warn |
|
|
125
|
+
| `full-debt` | every net-new finding, including test-gap + quality |
|
|
126
|
+
|
|
127
|
+
This key is read **only by the Stop-gate** (`vyuh-dxkit hook stop-gate`) — your CI / PR guardrail always uses the full policy above, so changing the loop posture never weakens your CI gate. Edit it here, or run `npx vyuh-dxkit init --claude-loop --loop-preset full-debt`. Use `full-debt` only when you deliberately want an unattended loop to also close test/quality gaps (it can drive a long repair). For setting up or operating the loop, hand off to the **dxkit-loop** skill.
|
|
128
|
+
|
|
112
129
|
## Configuring deep-SAST ingestion (`.vyuh-dxkit.json:deepSast`)
|
|
113
130
|
|
|
114
131
|
dxkit's bundled SAST is intraprocedural; interprocedural findings (path traversal, info exposure, SSRF, injection) come from an external engine (Snyk Code or CodeQL) ingested via the `dxkit-ingest` skill. Persist the engine + Snyk project once so `ingest --from-snyk` needs no flags:
|
|
@@ -28,6 +28,7 @@ Ask the user what they want, then pick the right invocation:
|
|
|
28
28
|
| `--with-ci` | `.github/workflows/dxkit-guardrails.yml` (PR gate) | Yes |
|
|
29
29
|
| `--with-baseline-refresh` | `.github/workflows/dxkit-baseline-refresh.yml` (post-merge regen) | Yes |
|
|
30
30
|
| `--with-pr-review` | `.github/workflows/pr-review.yml` (AI PR review; needs `ANTHROPIC_API_KEY`) | No (still opt-in) |
|
|
31
|
+
| `--claude-loop` | Stop-gate hook for autonomous loops (additive merge into `.claude/settings.json` + CLAUDE.md); implies the dxkit skills. Pair with `--loop-preset security-only\|full-debt` | No (opt-in — registers a hook that blocks the agent from stopping) |
|
|
31
32
|
|
|
32
33
|
`--yes` accepts all prompts; `--force` overwrites existing files instead of writing `.dxkit` sidecars on conflict.
|
|
33
34
|
|
|
@@ -74,6 +74,23 @@ Two hooks ship under `.githooks/`:
|
|
|
74
74
|
|
|
75
75
|
Activation is wired via `npm postinstall` so `npm install` after `git clone` sets `core.hooksPath = .githooks` automatically.
|
|
76
76
|
|
|
77
|
+
## The loop pack (Stop-gate for autonomous loops)
|
|
78
|
+
|
|
79
|
+
When Claude Code runs in an autonomous loop (it keeps working until it decides to stop), the loop pack adds a **Stop hook** that runs the guardrail every time the agent tries to stop. The same baseline + guardrail logic above, applied at a new moment:
|
|
80
|
+
|
|
81
|
+
- **net-new findings → the gate blocks the stop** and feeds the findings back to the model to repair, then it tries to stop again;
|
|
82
|
+
- **clean → the stop is allowed** (optionally after a configured test command passes);
|
|
83
|
+
- **gate can't run (no baseline) → it surfaces that to the operator** once, then allows, so it never thrashes.
|
|
84
|
+
|
|
85
|
+
Every Stop event is recorded in an append-only ledger at `.dxkit/loop/ledger.jsonl`.
|
|
86
|
+
|
|
87
|
+
Two ideas worth understanding:
|
|
88
|
+
|
|
89
|
+
- **Posture is loop-scoped.** `loop.preset` in `.dxkit/policy.json` (`security-only` default vs `full-debt`) decides what blocks the loop, and **only the Stop-gate reads it** — your CI / PR guardrail is unaffected. `security-only` is the default because in a loop a block tells the model to *fix* the finding; blocking on open-ended debt (write tests / refactor until clear) would make an unattended agent grind for a long time, while security findings are bounded and must-fix.
|
|
90
|
+
- **The value is predictability, not new detection.** The gate bounds the "loop declared done with net-new debt" failure mode to zero using the findings dxkit already computes. It is not a new scanner.
|
|
91
|
+
|
|
92
|
+
To set this up or operate it (register the hook, run the preflight, explain a block, read the ledger, switch posture), hand off to the **dxkit-loop** skill. `npx vyuh-dxkit init --claude-loop` wires it; `npx vyuh-dxkit loop doctor` verifies it's safe to run unattended.
|
|
93
|
+
|
|
77
94
|
## How to learn more
|
|
78
95
|
|
|
79
96
|
- `npx vyuh-dxkit <subcommand> --help` — flag reference
|
|
@@ -0,0 +1,114 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: dxkit-loop
|
|
3
|
+
description: Set up and operate the dxkit Stop-gate for autonomous coding loops — register the hook, run the preflight, explain why a loop was blocked, read the loop ledger, and switch the blocking posture (security-only vs full-debt). Use when the user says "set up the loop gate", "why did the loop get blocked", "stop the agent from shipping debt", "run a safe agent loop", "show the loop ledger", "switch the loop to full-debt", or anything about running an unattended Claude Code loop behind dxkit.
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# dxkit-loop
|
|
7
|
+
|
|
8
|
+
This skill owns the **loop pack**: the deterministic preflight/postflight layer that keeps an autonomous coding loop from declaring "done" while it has introduced net-new findings. Reach for it to set the gate up, to explain a block, or to tune the posture.
|
|
9
|
+
|
|
10
|
+
## What the loop pack is
|
|
11
|
+
|
|
12
|
+
When Claude Code runs in a loop (it keeps working until it decides to stop), a **Stop hook** runs `vyuh-dxkit hook stop-gate` every time the agent tries to stop. The gate re-runs the guardrail check against the baseline and:
|
|
13
|
+
|
|
14
|
+
- **net-new findings → blocks the stop** and feeds the exact findings back to the model so it repairs them, then tries to stop again;
|
|
15
|
+
- **clean → allows the stop** (optionally after a configured test command passes);
|
|
16
|
+
- **gate can't run (no baseline / config error) → blocks once for the operator** (a problem the model can't fix), then allows on the next attempt to avoid thrashing.
|
|
17
|
+
|
|
18
|
+
Every Stop event is appended to an audit trail at `.dxkit/loop/ledger.jsonl`.
|
|
19
|
+
|
|
20
|
+
The value is **predictability, not a new scanner**: the gate bounds the "loop shipped debt and never fixed it" failure mode to zero. It uses the same findings, baseline, and identity contract as the rest of dxkit — it does not detect anything new.
|
|
21
|
+
|
|
22
|
+
## See it first (no setup)
|
|
23
|
+
|
|
24
|
+
```bash
|
|
25
|
+
# No API key, no Claude Code, no scanners — runs the real gate over an example
|
|
26
|
+
# finding and shows the block → repair → clean flow offline.
|
|
27
|
+
npx vyuh-dxkit demo loop-guardrail
|
|
28
|
+
```
|
|
29
|
+
|
|
30
|
+
## Setup
|
|
31
|
+
|
|
32
|
+
```bash
|
|
33
|
+
# Register the Stop hook + CLAUDE.md loop norm + default preset.
|
|
34
|
+
# Additive: merges into existing .claude/settings.json + CLAUDE.md,
|
|
35
|
+
# never clobbering your hooks or prose.
|
|
36
|
+
npx vyuh-dxkit init --claude-loop
|
|
37
|
+
|
|
38
|
+
# Pick the posture up front (default is security-only):
|
|
39
|
+
npx vyuh-dxkit init --claude-loop --loop-preset full-debt
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
A loop is only safe if a baseline exists, the hook is registered, and the guardrail can run. **Always verify before an unattended run:**
|
|
43
|
+
|
|
44
|
+
```bash
|
|
45
|
+
npx vyuh-dxkit loop doctor
|
|
46
|
+
```
|
|
47
|
+
|
|
48
|
+
It checks: git repo, baseline present/resolvable, Stop hook registered, active preset, optional postflight test command, graph freshness. Exit non-zero = not safe to run unattended yet — each failing check carries a fix command. The most important one it catches is the **silent failure**: an unregistered hook never fires, so the loop would run with no gate and no error. If `loop doctor` says the baseline is missing, capture one first (`npx vyuh-dxkit baseline create`).
|
|
49
|
+
|
|
50
|
+
## Posture: the two presets
|
|
51
|
+
|
|
52
|
+
The preset decides which net-new findings BLOCK the loop. It is **loop-scoped** — it lives under `loop.preset` in `.dxkit/policy.json` and only the Stop-gate reads it. Your CI / PR guardrail is unaffected (it always uses the full policy), so switching the loop posture never weakens your CI gate.
|
|
53
|
+
|
|
54
|
+
| Preset | Blocks on | When |
|
|
55
|
+
|---|---|---|
|
|
56
|
+
| **`security-only`** (default) | net-new secrets, crit/high SAST, crit/high reachable dependency vulns | The safe unattended default. Cheap, unambiguous, must-fix. test-gap + quality only **warn**. |
|
|
57
|
+
| **`full-debt`** | everything net-new — adds test-gap + quality | When you deliberately want the loop to also close test/quality gaps. Can drive a long, expensive repair. |
|
|
58
|
+
|
|
59
|
+
**Why security-only is the default:** in a loop a block doesn't just fail a check — it tells the model to fix the finding. Blocking on open-ended debt (write tests until the gap closes, refactor until the quality issue clears) makes an unattended agent grind for a very long time. Security findings are bounded and must-fix; debt is an opt-in.
|
|
60
|
+
|
|
61
|
+
### Switch the posture
|
|
62
|
+
|
|
63
|
+
```bash
|
|
64
|
+
# Switch to full-debt (or back):
|
|
65
|
+
npx vyuh-dxkit init --claude-loop --loop-preset full-debt
|
|
66
|
+
```
|
|
67
|
+
|
|
68
|
+
Or hand off to **dxkit-config** to edit `loop.preset` directly. Either way, only `loop.preset` changes; the rest of the policy is preserved. A one-off override for a single run: `DXKIT_LOOP_PRESET=full-debt`.
|
|
69
|
+
|
|
70
|
+
## Explain a block
|
|
71
|
+
|
|
72
|
+
When a loop is blocked, the model receives a message listing each net-new finding and the rule **don't refresh the baseline, don't fix unrelated debt — fix only what this branch introduced**. The full machine-readable verdict is written to `.dxkit/loop/last-guardrail.json`.
|
|
73
|
+
|
|
74
|
+
To explain a block to the user:
|
|
75
|
+
|
|
76
|
+
1. Read `.dxkit/loop/last-guardrail.json` — the blocking findings with file/line/severity.
|
|
77
|
+
2. Confirm each is genuinely net-new (introduced by this branch), not pre-existing debt the gate is correctly ignoring.
|
|
78
|
+
3. To actually fix them, hand off to **dxkit-action** (the fix loop). The gate re-checks on the next stop.
|
|
79
|
+
|
|
80
|
+
**Two anti-patterns to refuse:** never clear a block by re-baselining (that launders the regression into the accepted set), and never let the loop wander off to fix unrelated grandfathered debt. The gate only asks for what the branch introduced.
|
|
81
|
+
|
|
82
|
+
## Read the ledger
|
|
83
|
+
|
|
84
|
+
The ledger answers "what did the loop actually do?"
|
|
85
|
+
|
|
86
|
+
```bash
|
|
87
|
+
npx vyuh-dxkit loop ledger summarize # blocked vs allowed, repaired-after-block, net-new totals
|
|
88
|
+
npx vyuh-dxkit loop ledger show # raw event lines (add --json for machine output)
|
|
89
|
+
npx vyuh-dxkit loop ledger clear # reset the audit trail
|
|
90
|
+
```
|
|
91
|
+
|
|
92
|
+
`summarize` is the headline: how many stops were blocked, how many sessions repaired after a block, and how many were blocked and never repaired. A healthy loop shows blocks followed by repairs — that IS the gate working.
|
|
93
|
+
|
|
94
|
+
## Optional postflight tests
|
|
95
|
+
|
|
96
|
+
Set `DXKIT_LOOP_TEST_COMMAND` and the gate runs it after the guardrail passes — a failing suite blocks the stop too, with the failure tail fed back for repair. Unset, the gate is findings-only (`loop doctor` warns about this). Use it to make "tests must pass" part of the stop condition.
|
|
97
|
+
|
|
98
|
+
## Troubleshooting
|
|
99
|
+
|
|
100
|
+
| Symptom | Cause / fix |
|
|
101
|
+
|---|---|
|
|
102
|
+
| Loop stops with debt still present | Stop hook not registered → `npx vyuh-dxkit loop doctor`, then `init --claude-loop`. |
|
|
103
|
+
| Gate blocks the operator every stop | No baseline (gate can't diff) → `npx vyuh-dxkit baseline create`. |
|
|
104
|
+
| Loop blocks on test/quality you didn't want | Posture is `full-debt` → switch to `security-only`. |
|
|
105
|
+
| Gate can't run and you want stops anyway | `DXKIT_LOOP_FAIL_OPEN=1` allows stops with a loud warning (use only when you accept an ungated run). |
|
|
106
|
+
| Hook fires but errors | Broken install (vyuh-dxkit not resolvable) → hand off to **dxkit-fix**. |
|
|
107
|
+
|
|
108
|
+
## Hand-offs
|
|
109
|
+
|
|
110
|
+
- Fixing the findings a block surfaced → **dxkit-action**
|
|
111
|
+
- Editing `loop.preset` / other policy → **dxkit-config**
|
|
112
|
+
- Broken install (hook not firing, command not found) → **dxkit-fix**
|
|
113
|
+
- What a baseline is / how guardrails work conceptually → **dxkit-learn**
|
|
114
|
+
- Capturing or refreshing the baseline → **dxkit-init**
|
|
@@ -234,6 +234,8 @@ Report the results:
|
|
|
234
234
|
- **All green** → "You're fully set up. dxkit will guard your next push. Run `vyuh-dxkit health` whenever you want to see scores."
|
|
235
235
|
- **Remaining fixable gaps** → hand off to `dxkit-fix` for each one. Don't end with broken signals.
|
|
236
236
|
|
|
237
|
+
If the customer plans to run **autonomous Claude Code loops** (the agent works unattended until it decides to stop), mention the loop pack as an optional add-on: `npx vyuh-dxkit init --claude-loop` registers a Stop-gate that won't let a loop finish while it has introduced net-new findings. It's opt-in (it registers a hook that blocks the agent from stopping), so offer it rather than installing it by default — and hand off to **dxkit-loop** to set it up and pick a posture.
|
|
238
|
+
|
|
237
239
|
## What dxkit-onboard can NOT do
|
|
238
240
|
|
|
239
241
|
- **Auto-decide values-laden questions** — baseline lock-in (step 5), pre-commit opt-in (step 6), postinstall chaining (step 7), branch protection (step 8) all require explicit customer confirmation. Never silently execute these.
|
|
@@ -181,6 +181,9 @@ Iterate optional steps in the plan:
|
|
|
181
181
|
| "Configure dxkit" | `dxkit-config` |
|
|
182
182
|
| "Set up hooks" | `dxkit-hooks` |
|
|
183
183
|
| "Explain dxkit" | `dxkit-learn` |
|
|
184
|
+
| "Set up / operate the loop gate" | `dxkit-loop` |
|
|
185
|
+
|
|
186
|
+
**Loop pack on upgrade:** if the repo opted into the loop pack (`init --claude-loop`), `vyuh-dxkit update` refreshes its Stop hook + CLAUDE.md loop block automatically — additive and idempotent, and it never resets the chosen `loop.preset`. No separate step. For setting it up on a repo that doesn't have it yet, or operating it, hand off to **dxkit-loop**.
|
|
184
187
|
|
|
185
188
|
If the customer asks something that spans skills (e.g. "update dxkit and then fix the new issues"), chain: dxkit-update first, then auto-invoke dxkit-fix on the post-upgrade doctor output.
|
|
186
189
|
|