@winspan/claude-forge 8.39.0 → 8.50.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/CLAUDE.md +17 -0
- package/.eslintrc.js +23 -0
- package/.prettierrc +8 -0
- package/ARCHITECTURE_ISSUES.md +249 -0
- package/CLAUDE.md +265 -0
- package/CLAUDE.md.backup +488 -0
- package/DEVELOPMENT.md +310 -0
- package/dist/claudemd/claudemd-generator.d.ts +38 -3
- package/dist/claudemd/claudemd-generator.d.ts.map +1 -1
- package/dist/claudemd/claudemd-generator.js +629 -11
- package/dist/claudemd/claudemd-generator.js.map +1 -1
- package/dist/claudemd/index.d.ts +2 -2
- package/dist/claudemd/index.d.ts.map +1 -1
- package/dist/claudemd/index.js.map +1 -1
- package/dist/claudemd/resume-manager.d.ts.map +1 -1
- package/dist/claudemd/resume-manager.js +5 -2
- package/dist/claudemd/resume-manager.js.map +1 -1
- package/dist/claudemd/tech-detector.d.ts +1 -0
- package/dist/claudemd/tech-detector.d.ts.map +1 -1
- package/dist/claudemd/tech-detector.js +53 -0
- package/dist/claudemd/tech-detector.js.map +1 -1
- package/dist/cli/commands/claudemd.js +2 -2
- package/dist/cli/commands/claudemd.js.map +1 -1
- package/dist/cli/commands/daemon.d.ts +28 -0
- package/dist/cli/commands/daemon.d.ts.map +1 -1
- package/dist/cli/commands/daemon.js +200 -8
- package/dist/cli/commands/daemon.js.map +1 -1
- package/dist/cli/commands/init.d.ts.map +1 -1
- package/dist/cli/commands/init.js +3 -35
- package/dist/cli/commands/init.js.map +1 -1
- package/dist/cli/commands/menu.js +10 -10
- package/dist/cli/commands/menu.js.map +1 -1
- package/dist/cli/commands/skills.d.ts.map +1 -1
- package/dist/cli/commands/skills.js +8 -2
- package/dist/cli/commands/skills.js.map +1 -1
- package/dist/cli/commands/stats.d.ts.map +1 -1
- package/dist/cli/commands/stats.js +0 -17
- package/dist/cli/commands/stats.js.map +1 -1
- package/dist/cli/commands/trace.d.ts +9 -0
- package/dist/cli/commands/trace.d.ts.map +1 -0
- package/dist/cli/commands/trace.js +137 -0
- package/dist/cli/commands/trace.js.map +1 -0
- package/dist/cli/index.js +2 -4
- package/dist/cli/index.js.map +1 -1
- package/dist/core/ai/provider.d.ts +10 -2
- package/dist/core/ai/provider.d.ts.map +1 -1
- package/dist/core/ai/provider.js.map +1 -1
- package/dist/core/ai/types.d.ts +1 -19
- package/dist/core/ai/types.d.ts.map +1 -1
- package/dist/core/ai/types.js +1 -1
- package/dist/core/config.d.ts +2 -1
- package/dist/core/config.d.ts.map +1 -1
- package/dist/core/config.js +30 -6
- package/dist/core/config.js.map +1 -1
- package/dist/core/constants.d.ts +2 -2
- package/dist/core/constants.js +2 -2
- package/dist/core/constants.js.map +1 -1
- package/dist/core/queue/index.d.ts +52 -0
- package/dist/core/queue/index.d.ts.map +1 -0
- package/dist/core/queue/index.js +176 -0
- package/dist/core/queue/index.js.map +1 -0
- package/dist/core/storage/base.d.ts +33 -0
- package/dist/core/storage/base.d.ts.map +1 -0
- package/dist/core/storage/base.js +211 -0
- package/dist/core/storage/base.js.map +1 -0
- package/dist/core/storage/events.d.ts +52 -0
- package/dist/core/storage/events.d.ts.map +1 -0
- package/dist/core/storage/events.js +201 -0
- package/dist/core/storage/events.js.map +1 -0
- package/dist/core/storage/injections.d.ts +27 -0
- package/dist/core/storage/injections.d.ts.map +1 -0
- package/dist/core/storage/injections.js +51 -0
- package/dist/core/storage/injections.js.map +1 -0
- package/dist/core/storage/maintenance.d.ts +21 -0
- package/dist/core/storage/maintenance.d.ts.map +1 -0
- package/dist/core/storage/maintenance.js +52 -0
- package/dist/core/storage/maintenance.js.map +1 -0
- package/dist/core/storage/routing.d.ts +71 -0
- package/dist/core/storage/routing.d.ts.map +1 -0
- package/dist/core/storage/routing.js +141 -0
- package/dist/core/storage/routing.js.map +1 -0
- package/dist/core/storage/rows.d.ts +0 -47
- package/dist/core/storage/rows.d.ts.map +1 -1
- package/dist/core/storage/schema.sql +74 -136
- package/dist/core/storage/sessions.d.ts +34 -0
- package/dist/core/storage/sessions.d.ts.map +1 -0
- package/dist/core/storage/sessions.js +78 -0
- package/dist/core/storage/sessions.js.map +1 -0
- package/dist/core/storage/skills.d.ts +40 -0
- package/dist/core/storage/skills.d.ts.map +1 -0
- package/dist/core/storage/skills.js +107 -0
- package/dist/core/storage/skills.js.map +1 -0
- package/dist/core/storage/sqlite.d.ts +63 -265
- package/dist/core/storage/sqlite.d.ts.map +1 -1
- package/dist/core/storage/sqlite.js +102 -759
- package/dist/core/storage/sqlite.js.map +1 -1
- package/dist/core/storage/tasks.d.ts +64 -0
- package/dist/core/storage/tasks.d.ts.map +1 -0
- package/dist/core/storage/tasks.js +134 -0
- package/dist/core/storage/tasks.js.map +1 -0
- package/dist/core/storage/token-usage.d.ts +36 -0
- package/dist/core/storage/token-usage.d.ts.map +1 -0
- package/dist/core/storage/token-usage.js +59 -0
- package/dist/core/storage/token-usage.js.map +1 -0
- package/dist/core/types.d.ts +70 -4
- package/dist/core/types.d.ts.map +1 -1
- package/dist/core/types.js +24 -1
- package/dist/core/types.js.map +1 -1
- package/dist/core/utils/format.d.ts +28 -0
- package/dist/core/utils/format.d.ts.map +1 -0
- package/dist/core/utils/format.js +68 -0
- package/dist/core/utils/format.js.map +1 -0
- package/dist/core/utils/logger.d.ts +6 -1
- package/dist/core/utils/logger.d.ts.map +1 -1
- package/dist/core/utils/logger.js +72 -2
- package/dist/core/utils/logger.js.map +1 -1
- package/dist/core/utils/session.d.ts +16 -0
- package/dist/core/utils/session.d.ts.map +1 -0
- package/dist/core/utils/session.js +25 -0
- package/dist/core/utils/session.js.map +1 -0
- package/dist/core/utils/time.d.ts +22 -0
- package/dist/core/utils/time.d.ts.map +1 -0
- package/dist/core/utils/time.js +38 -0
- package/dist/core/utils/time.js.map +1 -0
- package/dist/daemon/handlers/history-exporter.d.ts.map +1 -1
- package/dist/daemon/handlers/history-exporter.js +6 -4
- package/dist/daemon/handlers/history-exporter.js.map +1 -1
- package/dist/daemon/handlers/post-tool-use.d.ts +5 -12
- package/dist/daemon/handlers/post-tool-use.d.ts.map +1 -1
- package/dist/daemon/handlers/post-tool-use.js +21 -79
- package/dist/daemon/handlers/post-tool-use.js.map +1 -1
- package/dist/daemon/handlers/stop.d.ts +24 -12
- package/dist/daemon/handlers/stop.d.ts.map +1 -1
- package/dist/daemon/handlers/stop.js +141 -42
- package/dist/daemon/handlers/stop.js.map +1 -1
- package/dist/daemon/handlers/user-prompt.d.ts +18 -19
- package/dist/daemon/handlers/user-prompt.d.ts.map +1 -1
- package/dist/daemon/handlers/user-prompt.js +103 -227
- package/dist/daemon/handlers/user-prompt.js.map +1 -1
- package/dist/daemon/index.d.ts +6 -2
- package/dist/daemon/index.d.ts.map +1 -1
- package/dist/daemon/index.js +76 -120
- package/dist/daemon/index.js.map +1 -1
- package/dist/daemon/launchd/com.claude-forge.daemon.plist.template +47 -0
- package/dist/daemon/launchd-installer.d.ts +61 -0
- package/dist/daemon/launchd-installer.d.ts.map +1 -0
- package/dist/daemon/launchd-installer.js +182 -0
- package/dist/daemon/launchd-installer.js.map +1 -0
- package/dist/daemon/lifecycle.d.ts +11 -0
- package/dist/daemon/lifecycle.d.ts.map +1 -1
- package/dist/daemon/lifecycle.js +44 -0
- package/dist/daemon/lifecycle.js.map +1 -1
- package/dist/daemon/router.d.ts +9 -2
- package/dist/daemon/router.d.ts.map +1 -1
- package/dist/daemon/router.js +27 -3
- package/dist/daemon/router.js.map +1 -1
- package/dist/daemon/server.d.ts.map +1 -1
- package/dist/daemon/server.js +6 -5
- package/dist/daemon/server.js.map +1 -1
- package/dist/daemon/services/anti-pattern-detector.d.ts +50 -0
- package/dist/daemon/services/anti-pattern-detector.d.ts.map +1 -0
- package/dist/daemon/services/anti-pattern-detector.js +357 -0
- package/dist/daemon/services/anti-pattern-detector.js.map +1 -0
- package/dist/daemon/services/drift-detector.d.ts +64 -0
- package/dist/daemon/services/drift-detector.d.ts.map +1 -0
- package/dist/daemon/services/drift-detector.js +201 -0
- package/dist/daemon/services/drift-detector.js.map +1 -0
- package/dist/{intelligence → daemon/services}/task-segmenter.d.ts +7 -1
- package/dist/daemon/services/task-segmenter.d.ts.map +1 -0
- package/dist/{intelligence → daemon/services}/task-segmenter.js +29 -6
- package/dist/daemon/services/task-segmenter.js.map +1 -0
- package/dist/daemon/services/weekly-report.d.ts +91 -0
- package/dist/daemon/services/weekly-report.d.ts.map +1 -0
- package/dist/daemon/services/weekly-report.js +327 -0
- package/dist/daemon/services/weekly-report.js.map +1 -0
- package/dist/hooks/hook-lib.sh +81 -0
- package/dist/hooks/notification.sh +7 -3
- package/dist/hooks/post-tool-use.sh +8 -4
- package/dist/hooks/pre-tool-use.sh +7 -4
- package/dist/hooks/stop.sh +1 -1
- package/dist/hooks/user-prompt-submit.sh +8 -9
- package/dist/mcp/server.d.ts +2 -2
- package/dist/mcp/server.d.ts.map +1 -1
- package/dist/mcp/server.js +71 -11
- package/dist/mcp/server.js.map +1 -1
- package/dist/skills/invocation-guard.d.ts +20 -0
- package/dist/skills/invocation-guard.d.ts.map +1 -1
- package/dist/skills/invocation-guard.js +63 -0
- package/dist/skills/invocation-guard.js.map +1 -1
- package/dist/skills/matcher.d.ts.map +1 -1
- package/dist/skills/matcher.js +12 -3
- package/dist/skills/matcher.js.map +1 -1
- package/dist/skills/official/code-simplifier.md +16 -0
- package/dist/skills/official/find-skills.md +23 -0
- package/dist/skills/official/official-api-design.md +17 -0
- package/dist/skills/official/official-architecture-decision.md +20 -0
- package/dist/skills/official/official-bmad.md +118 -0
- package/dist/skills/official/official-db-schema-design.md +16 -0
- package/dist/skills/official/official-debug.md +17 -0
- package/dist/skills/official/official-doc-driven.md +31 -0
- package/dist/skills/official/official-harness-engineering.md +108 -0
- package/dist/skills/official/official-performance-optimization.md +30 -0
- package/dist/skills/official/official-pr-review.md +35 -0
- package/dist/skills/official/official-release-checklist.md +30 -0
- package/dist/skills/official/official-security-hardening.md +26 -0
- package/dist/skills/official/official-spec-driven-design.md +31 -0
- package/dist/skills/official/planning-with-files.md +37 -0
- package/dist/skills/official/ui-ux-pro-max.md +18 -0
- package/dist/skills/official/webapp-testing.md +12 -0
- package/dist/skills/official-skills.d.ts +8 -4
- package/dist/skills/official-skills.d.ts.map +1 -1
- package/dist/skills/official-skills.js +48 -704
- package/dist/skills/official-skills.js.map +1 -1
- package/dist/skills/registry.d.ts +5 -0
- package/dist/skills/registry.d.ts.map +1 -1
- package/dist/skills/registry.js +48 -15
- package/dist/skills/registry.js.map +1 -1
- package/dist/skills/tools/pipeline-suggest.d.ts +30 -0
- package/dist/skills/tools/pipeline-suggest.d.ts.map +1 -0
- package/dist/skills/tools/pipeline-suggest.js +178 -0
- package/dist/skills/tools/pipeline-suggest.js.map +1 -0
- package/dist/skills/tools/skill-invoke.d.ts +2 -0
- package/dist/skills/tools/skill-invoke.d.ts.map +1 -1
- package/dist/skills/tools/skill-invoke.js +5 -2
- package/dist/skills/tools/skill-invoke.js.map +1 -1
- package/dist/web/routes/ai.d.ts.map +1 -1
- package/dist/web/routes/ai.js +16 -22
- package/dist/web/routes/ai.js.map +1 -1
- package/dist/web/routes/drift.d.ts +10 -0
- package/dist/web/routes/drift.d.ts.map +1 -0
- package/dist/web/routes/drift.js +21 -0
- package/dist/web/routes/drift.js.map +1 -0
- package/dist/web/routes/error-handler.d.ts +43 -0
- package/dist/web/routes/error-handler.d.ts.map +1 -0
- package/dist/web/routes/error-handler.js +99 -0
- package/dist/web/routes/error-handler.js.map +1 -0
- package/dist/web/routes/insights.d.ts +9 -0
- package/dist/web/routes/insights.d.ts.map +1 -0
- package/dist/web/routes/insights.js +34 -0
- package/dist/web/routes/insights.js.map +1 -0
- package/dist/web/routes/patch.js +2 -2
- package/dist/web/routes/patch.js.map +1 -1
- package/dist/web/routes/reports.d.ts +10 -0
- package/dist/web/routes/reports.d.ts.map +1 -0
- package/dist/web/routes/reports.js +27 -0
- package/dist/web/routes/reports.js.map +1 -0
- package/dist/web/routes/rules.d.ts +10 -3
- package/dist/web/routes/rules.d.ts.map +1 -1
- package/dist/web/routes/rules.js +80 -95
- package/dist/web/routes/rules.js.map +1 -1
- package/dist/web/routes/sessions.d.ts +1 -2
- package/dist/web/routes/sessions.d.ts.map +1 -1
- package/dist/web/routes/sessions.js +27 -39
- package/dist/web/routes/sessions.js.map +1 -1
- package/dist/web/routes/skill-stats.d.ts.map +1 -1
- package/dist/web/routes/skill-stats.js +38 -0
- package/dist/web/routes/skill-stats.js.map +1 -1
- package/dist/web/routes/skills.d.ts.map +1 -1
- package/dist/web/routes/skills.js +34 -0
- package/dist/web/routes/skills.js.map +1 -1
- package/dist/web/routes/stats.d.ts +7 -0
- package/dist/web/routes/stats.d.ts.map +1 -0
- package/dist/web/routes/stats.js +44 -0
- package/dist/web/routes/stats.js.map +1 -0
- package/dist/web/routes/status.js +1 -1
- package/dist/web/routes/status.js.map +1 -1
- package/dist/web/routes/tasks.d.ts +4 -0
- package/dist/web/routes/tasks.d.ts.map +1 -0
- package/dist/web/routes/tasks.js +181 -0
- package/dist/web/routes/tasks.js.map +1 -0
- package/dist/web/routes/trace.d.ts +10 -0
- package/dist/web/routes/trace.d.ts.map +1 -0
- package/dist/web/routes/trace.js +123 -0
- package/dist/web/routes/trace.js.map +1 -0
- package/dist/web/routes/types.d.ts +1 -14
- package/dist/web/routes/types.d.ts.map +1 -1
- package/dist/web/routes/types.js +8 -17
- package/dist/web/routes/types.js.map +1 -1
- package/dist/web/server.d.ts +1 -9
- package/dist/web/server.d.ts.map +1 -1
- package/dist/web/server.js +28 -28
- package/dist/web/server.js.map +1 -1
- package/dist/web/static/assets/AIConfig-BQCAQE9D.js +2 -0
- package/dist/web/static/assets/AIConfig-BQCAQE9D.js.map +1 -0
- package/dist/web/static/assets/Dashboard-D7Bo6Kan.js +2 -0
- package/dist/web/static/assets/Dashboard-D7Bo6Kan.js.map +1 -0
- package/dist/web/static/assets/{Drawer-DcU3ln98.js → Drawer-BeHRQxUS.js} +2 -2
- package/dist/web/static/assets/{Drawer-DcU3ln98.js.map → Drawer-BeHRQxUS.js.map} +1 -1
- package/dist/web/static/assets/Events-K_tCY2ti.js +2 -0
- package/dist/web/static/assets/Events-K_tCY2ti.js.map +1 -0
- package/dist/web/static/assets/Reports-BJCmBnc_.js +2 -0
- package/dist/web/static/assets/Reports-BJCmBnc_.js.map +1 -0
- package/dist/web/static/assets/SearchInput-BX2KhMkw.js +2 -0
- package/dist/web/static/assets/SearchInput-BX2KhMkw.js.map +1 -0
- package/dist/web/static/assets/SessionDetail-Bkr-kC7V.js +2 -0
- package/dist/web/static/assets/SessionDetail-Bkr-kC7V.js.map +1 -0
- package/dist/web/static/assets/Sessions-Chx9OCLH.js +2 -0
- package/dist/web/static/assets/Sessions-Chx9OCLH.js.map +1 -0
- package/dist/web/static/assets/Skills-O0GT1i7m.js +2 -0
- package/dist/web/static/assets/Skills-O0GT1i7m.js.map +1 -0
- package/dist/web/static/assets/TaskDetail-5SR8zGzv.js +2 -0
- package/dist/web/static/assets/TaskDetail-5SR8zGzv.js.map +1 -0
- package/dist/web/static/assets/Tasks-DCgDqvOZ.js +2 -0
- package/dist/web/static/assets/Tasks-DCgDqvOZ.js.map +1 -0
- package/dist/web/static/assets/export-L_VBD2p1.js +4 -0
- package/dist/web/static/assets/export-L_VBD2p1.js.map +1 -0
- package/dist/web/static/assets/index-D8AKj26b.css +1 -0
- package/dist/web/static/assets/index-DxIbmNmr.js +3 -0
- package/dist/web/static/assets/index-DxIbmNmr.js.map +1 -0
- package/dist/web/static/assets/{lucide-53bR2rki.js → lucide-fJlPI3H7.js} +68 -38
- package/dist/web/static/assets/lucide-fJlPI3H7.js.map +1 -0
- package/dist/web/static/assets/time-Bxuk0M-C.js +2 -0
- package/dist/web/static/assets/time-Bxuk0M-C.js.map +1 -0
- package/dist/web/static/index.html +3 -3
- package/docs/concurrent-agents.md +129 -0
- package/docs/design/architecture-review-20260516.md +232 -0
- package/docs/design/fix-skills-data-and-set-leak-spec-20260516-1300.md +219 -0
- package/docs/design/hook-failure-queue-spec-20260516-1530.md +204 -0
- package/docs/design/refactor-phase1-spec-20260515-1600.md +543 -0
- package/docs/design/refactor-phase2-spec-20260515-1700.md +424 -0
- package/docs/design/tasks-list-filter-pagination-spec-20260518-0930.md +208 -0
- package/docs/implementation/fix-skills-data-and-set-leak-changelog-20260516-1300.md +104 -0
- package/docs/implementation/hook-failure-queue-changelog-20260516-1530.md +196 -0
- package/docs/implementation/hotfix-daemon-event-reject-20260516-1430.md +56 -0
- package/docs/implementation/refactor-phase1-changelog-20260515-1630.md +354 -0
- package/docs/implementation/refactor-phase2-changelog-20260515-1705.md +421 -0
- package/docs/implementation/tasks-list-filter-pagination-changelog-20260518-0930.md +72 -0
- package/docs/reviews/claudemd-template-sync.md +54 -0
- package/docs/reviews/tasks-filter-pagination.md +80 -0
- package/docs/ruflo-learning-strategy.md +322 -0
- package/docs/skills-deduplication-analysis.md +83 -0
- package/docs/skills-multiformat-support.md +177 -0
- package/docs/skills-third-party.md +183 -0
- package/docs/testing/tasks-filter-pagination-test-report.md +86 -0
- package/forge +321 -0
- package/package.json +28 -62
- package/playwright.config.ts +40 -0
- package/scripts/demo-v2.ts +91 -0
- package/scripts/dev-daemon.sh +232 -0
- package/scripts/dev-web.ts +109 -0
- package/scripts/e2e-mcp-link.ts +423 -0
- package/scripts/e2e-methodology-quality.ts +253 -0
- package/scripts/e2e-routing.ts +456 -0
- package/scripts/e2e-user-methodology.ts +326 -0
- package/scripts/e2e-web-workflows.ts +299 -0
- package/scripts/migrate-legacy-to-dynamic.sql +108 -0
- package/scripts/regenerate-execution-docs.ts +116 -0
- package/scripts/sync-agent-skills.ts +193 -0
- package/scripts/test-hook.sh +71 -0
- package/scripts/verify-skill-loading.ts +62 -0
- package/src/claudemd/claudemd-generator.ts +777 -0
- package/src/claudemd/convention-extractor.ts +69 -0
- package/src/claudemd/index.ts +35 -0
- package/src/claudemd/persona-manager.ts +88 -0
- package/src/claudemd/resume-manager.ts +236 -0
- package/src/claudemd/tech-detector.ts +220 -0
- package/src/cli/commands/claudemd.ts +84 -0
- package/src/cli/commands/config.ts +46 -0
- package/src/cli/commands/daemon.ts +310 -0
- package/src/cli/commands/executions.ts +114 -0
- package/src/cli/commands/init.ts +204 -0
- package/src/cli/commands/logs.ts +181 -0
- package/src/cli/commands/mcp.ts +244 -0
- package/src/cli/commands/menu.ts +356 -0
- package/src/cli/commands/skills.ts +185 -0
- package/src/cli/commands/stats.ts +74 -0
- package/src/cli/commands/status.ts +69 -0
- package/src/cli/commands/template.ts +77 -0
- package/src/cli/commands/trace.ts +164 -0
- package/src/cli/index.ts +42 -0
- package/src/cli/init/hook-manager.ts +132 -0
- package/src/core/ai/provider.ts +308 -0
- package/src/core/ai/types.ts +51 -0
- package/src/core/config.ts +124 -0
- package/src/core/constants.ts +45 -0
- package/src/core/queue/index.ts +193 -0
- package/src/core/storage/base.ts +226 -0
- package/src/core/storage/events.ts +255 -0
- package/src/core/storage/injections.ts +78 -0
- package/src/core/storage/maintenance.ts +59 -0
- package/src/core/storage/migrations/002_add_skill_tracking.sql +6 -0
- package/src/core/storage/migrations/003_add_skill_invocations.sql +23 -0
- package/src/core/storage/performance-indexes.sql +23 -0
- package/src/core/storage/routing.ts +194 -0
- package/src/core/storage/rows.ts +112 -0
- package/src/core/storage/schema.sql +214 -0
- package/src/core/storage/sessions.ts +104 -0
- package/src/core/storage/skills.ts +164 -0
- package/src/core/storage/sqlite.ts +194 -0
- package/src/core/storage/tasks.ts +170 -0
- package/src/core/storage/token-usage.ts +93 -0
- package/src/core/types.ts +154 -0
- package/src/core/utils/error-handler.ts +256 -0
- package/src/core/utils/forge-resume-block.ts +74 -0
- package/src/core/utils/format.ts +69 -0
- package/src/core/utils/logger.ts +119 -0
- package/src/core/utils/lru-cache.ts +50 -0
- package/src/core/utils/path.ts +19 -0
- package/src/core/utils/session.ts +26 -0
- package/src/core/utils/time.ts +37 -0
- package/src/core/utils/token-tracker.ts +97 -0
- package/src/daemon/event-parser.ts +35 -0
- package/src/daemon/handlers/history-exporter.ts +117 -0
- package/src/daemon/handlers/post-tool-use.ts +50 -0
- package/src/daemon/handlers/stop.ts +215 -0
- package/src/daemon/handlers/user-prompt.ts +188 -0
- package/src/daemon/index.ts +278 -0
- package/src/daemon/launchd/com.claude-forge.daemon.plist.template +47 -0
- package/src/daemon/launchd-installer.ts +260 -0
- package/src/daemon/lifecycle.ts +128 -0
- package/src/daemon/router.ts +40 -0
- package/src/daemon/server.ts +209 -0
- package/src/daemon/services/anti-pattern-detector.ts +412 -0
- package/src/daemon/services/drift-detector.ts +232 -0
- package/src/daemon/services/task-segmenter.ts +112 -0
- package/src/daemon/services/weekly-report.ts +454 -0
- package/src/hooks/hook-lib.sh +81 -0
- package/src/hooks/notification.sh +35 -0
- package/src/hooks/post-tool-use.sh +61 -0
- package/src/hooks/pre-tool-use.sh +63 -0
- package/src/hooks/stop.sh +40 -0
- package/src/hooks/user-prompt-submit.sh +69 -0
- package/src/mcp/server.ts +322 -0
- package/src/skills/index.ts +2 -0
- package/src/skills/invocation-guard.ts +177 -0
- package/src/skills/matcher.ts +148 -0
- package/src/skills/official/code-simplifier.md +16 -0
- package/src/skills/official/find-skills.md +23 -0
- package/src/skills/official/official-api-design.md +17 -0
- package/src/skills/official/official-architecture-decision.md +20 -0
- package/src/skills/official/official-bmad.md +118 -0
- package/src/skills/official/official-db-schema-design.md +16 -0
- package/src/skills/official/official-debug.md +17 -0
- package/src/skills/official/official-doc-driven.md +31 -0
- package/src/skills/official/official-harness-engineering.md +108 -0
- package/src/skills/official/official-performance-optimization.md +30 -0
- package/src/skills/official/official-pr-review.md +35 -0
- package/src/skills/official/official-release-checklist.md +30 -0
- package/src/skills/official/official-security-hardening.md +26 -0
- package/src/skills/official/official-spec-driven-design.md +31 -0
- package/src/skills/official/planning-with-files.md +37 -0
- package/src/skills/official/ui-ux-pro-max.md +18 -0
- package/src/skills/official/webapp-testing.md +12 -0
- package/src/skills/official-skills.ts +89 -0
- package/src/skills/registry.ts +355 -0
- package/src/skills/semantic-matcher.ts +231 -0
- package/src/skills/tools/pipeline-suggest.ts +226 -0
- package/src/skills/tools/skill-invoke.ts +168 -0
- package/src/skills/tools/skill-list.ts +59 -0
- package/src/templates/go.yaml +53 -0
- package/src/templates/python.yaml +59 -0
- package/src/templates/react.yaml +55 -0
- package/src/templates/template-manager.ts +170 -0
- package/src/web/auth-middleware.ts +55 -0
- package/src/web/routes/ai.ts +204 -0
- package/src/web/routes/auth.ts +22 -0
- package/src/web/routes/drift.ts +25 -0
- package/src/web/routes/error-handler.ts +120 -0
- package/src/web/routes/events.ts +47 -0
- package/src/web/routes/insights.ts +43 -0
- package/src/web/routes/patch.ts +117 -0
- package/src/web/routes/reports.ts +34 -0
- package/src/web/routes/rules.ts +101 -0
- package/src/web/routes/sessions.ts +262 -0
- package/src/web/routes/skill-stats.ts +132 -0
- package/src/web/routes/skills.ts +349 -0
- package/src/web/routes/static.ts +67 -0
- package/src/web/routes/stats.ts +60 -0
- package/src/web/routes/status.ts +30 -0
- package/src/web/routes/tasks.ts +218 -0
- package/src/web/routes/token-usage.ts +20 -0
- package/src/web/routes/trace.ts +138 -0
- package/src/web/routes/types.ts +56 -0
- package/src/web/server.ts +134 -0
- package/src/web/ssrf-guard.ts +112 -0
- package/src/web/static/index.html +3251 -0
- package/src/web/static/vendor/chart.umd.min.js +20 -0
- package/tests/e2e/dashboard.spec.ts +205 -0
- package/tests/e2e/routing-skill-e2e.test.ts +39 -0
- package/tests/helpers/mock-ai.ts +92 -0
- package/tests/helpers/mock-storage.ts +159 -0
- package/tests/integration/queue-replay.integration.test.ts +193 -0
- package/tests/integration/tasks-filter.integration.test.ts +154 -0
- package/tests/performance/database.benchmark.ts +161 -0
- package/tests/semantic-matcher.test.ts +99 -0
- package/tests/skill-matcher.test.ts +110 -0
- package/tests/unit/ai-provider-retry.test.ts +194 -0
- package/tests/unit/ai-provider-vision.test.ts +224 -0
- package/tests/unit/claudemd-generator.test.ts +68 -0
- package/tests/unit/cli-mcp.test.ts +141 -0
- package/tests/unit/handlers.test.ts +171 -0
- package/tests/unit/invocation-guard.test.ts +125 -0
- package/tests/unit/queue.test.ts +272 -0
- package/tests/unit/router.test.ts +138 -0
- package/tests/unit/security.test.ts +128 -0
- package/tests/unit/skill-invocations-workflow.test.ts +495 -0
- package/tests/unit/skill-registry.test.ts +94 -0
- package/tests/unit/skills/invocation-guard-ttl.test.ts +211 -0
- package/tests/unit/skills/official-skills-loader.test.ts +126 -0
- package/tests/unit/skills/registry-multiformat.test.ts +92 -0
- package/tests/unit/storage/sessions-aggregate.test.ts +435 -0
- package/tests/unit/storage/sqlite-refactor-harness.test.ts +314 -0
- package/tests/unit/storage.test.ts +172 -0
- package/tests/unit/token-usage.test.ts +144 -0
- package/tests/unit/type-guards.test.ts +201 -0
- package/tests/unit/utils/format.test.ts +189 -0
- package/tests/unit/utils/session.test.ts +89 -0
- package/tests/unit/utils/time.test.ts +112 -0
- package/tests/unit/web/routes-auth.test.ts +93 -0
- package/tests/unit/web/routes-events.test.ts +101 -0
- package/tests/unit/web/routes-sessions.test.ts +181 -0
- package/tests/unit/web/routes-skill-stats.test.ts +179 -0
- package/tests/unit/web/routes-stats.test.ts +92 -0
- package/tests/unit/web/routes-tasks.test.ts +351 -0
- package/tsconfig.json +22 -0
- package/vitest.config.ts +21 -0
- package/vitest.integration.config.ts +16 -0
- package/web/CLAUDE.md +20 -0
- package/web/index.html +13 -0
- package/web/package-lock.json +4854 -0
- package/web/package.json +35 -0
- package/web/postcss.config.js +6 -0
- package/web/src/App.tsx +110 -0
- package/web/src/components/CodeBlock.tsx +31 -0
- package/web/src/components/Confirm.tsx +96 -0
- package/web/src/components/Drawer.tsx +60 -0
- package/web/src/components/Layout.tsx +145 -0
- package/web/src/components/MarkdownRenderer.tsx +77 -0
- package/web/src/components/SearchInput.tsx +31 -0
- package/web/src/components/SessionDetailContent.tsx +157 -0
- package/web/src/components/Toast.tsx +92 -0
- package/web/src/index.css +19 -0
- package/web/src/main.tsx +31 -0
- package/web/src/pages/AIConfig.tsx +233 -0
- package/web/src/pages/Dashboard.tsx +572 -0
- package/web/src/pages/Events.tsx +271 -0
- package/web/src/pages/Reports.tsx +428 -0
- package/web/src/pages/SessionDetail.tsx +162 -0
- package/web/src/pages/Sessions.tsx +205 -0
- package/web/src/pages/Skills.tsx +180 -0
- package/web/src/pages/TaskDetail.tsx +511 -0
- package/web/src/pages/Tasks.tsx +150 -0
- package/web/src/utils/auth.ts +59 -0
- package/web/src/utils/export.ts +54 -0
- package/web/src/utils/time.ts +13 -0
- package/web/tailwind.config.js +11 -0
- package/web/tsconfig.json +21 -0
- package/web/tsconfig.node.json +10 -0
- package/web/vite.config.ts +76 -0
- package/winspan-claude-forge-8.43.0.tgz +0 -0
- package/dist/agents/definition.d.ts +0 -62
- package/dist/agents/definition.d.ts.map +0 -1
- package/dist/agents/definition.js +0 -27
- package/dist/agents/definition.js.map +0 -1
- package/dist/agents/distributor.d.ts +0 -23
- package/dist/agents/distributor.d.ts.map +0 -1
- package/dist/agents/distributor.js +0 -85
- package/dist/agents/distributor.js.map +0 -1
- package/dist/agents/index.d.ts +0 -5
- package/dist/agents/index.d.ts.map +0 -1
- package/dist/agents/index.js +0 -5
- package/dist/agents/index.js.map +0 -1
- package/dist/agents/methodologies/agent-builder.d.ts +0 -21
- package/dist/agents/methodologies/agent-builder.d.ts.map +0 -1
- package/dist/agents/methodologies/agent-builder.js +0 -124
- package/dist/agents/methodologies/agent-builder.js.map +0 -1
- package/dist/agents/methodologies/phases/bmad/analyze.d.ts +0 -3
- package/dist/agents/methodologies/phases/bmad/analyze.d.ts.map +0 -1
- package/dist/agents/methodologies/phases/bmad/analyze.js +0 -18
- package/dist/agents/methodologies/phases/bmad/analyze.js.map +0 -1
- package/dist/agents/methodologies/phases/bmad/design.d.ts +0 -3
- package/dist/agents/methodologies/phases/bmad/design.d.ts.map +0 -1
- package/dist/agents/methodologies/phases/bmad/design.js +0 -17
- package/dist/agents/methodologies/phases/bmad/design.js.map +0 -1
- package/dist/agents/methodologies/phases/bmad/implement.d.ts +0 -3
- package/dist/agents/methodologies/phases/bmad/implement.d.ts.map +0 -1
- package/dist/agents/methodologies/phases/bmad/implement.js +0 -16
- package/dist/agents/methodologies/phases/bmad/implement.js.map +0 -1
- package/dist/agents/methodologies/phases/bmad/index.d.ts +0 -6
- package/dist/agents/methodologies/phases/bmad/index.d.ts.map +0 -1
- package/dist/agents/methodologies/phases/bmad/index.js +0 -6
- package/dist/agents/methodologies/phases/bmad/index.js.map +0 -1
- package/dist/agents/methodologies/phases/bmad/review.d.ts +0 -3
- package/dist/agents/methodologies/phases/bmad/review.d.ts.map +0 -1
- package/dist/agents/methodologies/phases/bmad/review.js +0 -16
- package/dist/agents/methodologies/phases/bmad/review.js.map +0 -1
- package/dist/agents/methodologies/phases/bmad/test.d.ts +0 -3
- package/dist/agents/methodologies/phases/bmad/test.d.ts.map +0 -1
- package/dist/agents/methodologies/phases/bmad/test.js +0 -20
- package/dist/agents/methodologies/phases/bmad/test.js.map +0 -1
- package/dist/agents/methodologies/phases/harness/fix.d.ts +0 -3
- package/dist/agents/methodologies/phases/harness/fix.d.ts.map +0 -1
- package/dist/agents/methodologies/phases/harness/fix.js +0 -16
- package/dist/agents/methodologies/phases/harness/fix.js.map +0 -1
- package/dist/agents/methodologies/phases/harness/index.d.ts +0 -6
- package/dist/agents/methodologies/phases/harness/index.d.ts.map +0 -1
- package/dist/agents/methodologies/phases/harness/index.js +0 -6
- package/dist/agents/methodologies/phases/harness/index.js.map +0 -1
- package/dist/agents/methodologies/phases/harness/reproduce.d.ts +0 -3
- package/dist/agents/methodologies/phases/harness/reproduce.d.ts.map +0 -1
- package/dist/agents/methodologies/phases/harness/reproduce.js +0 -19
- package/dist/agents/methodologies/phases/harness/reproduce.js.map +0 -1
- package/dist/agents/methodologies/phases/harness/root-cause.d.ts +0 -3
- package/dist/agents/methodologies/phases/harness/root-cause.d.ts.map +0 -1
- package/dist/agents/methodologies/phases/harness/root-cause.js +0 -20
- package/dist/agents/methodologies/phases/harness/root-cause.js.map +0 -1
- package/dist/agents/methodologies/phases/harness/safety-net.d.ts +0 -3
- package/dist/agents/methodologies/phases/harness/safety-net.d.ts.map +0 -1
- package/dist/agents/methodologies/phases/harness/safety-net.js +0 -16
- package/dist/agents/methodologies/phases/harness/safety-net.js.map +0 -1
- package/dist/agents/methodologies/phases/harness/verify.d.ts +0 -3
- package/dist/agents/methodologies/phases/harness/verify.d.ts.map +0 -1
- package/dist/agents/methodologies/phases/harness/verify.js +0 -21
- package/dist/agents/methodologies/phases/harness/verify.js.map +0 -1
- package/dist/agents/methodologies/presets.d.ts +0 -10
- package/dist/agents/methodologies/presets.d.ts.map +0 -1
- package/dist/agents/methodologies/presets.js +0 -79
- package/dist/agents/methodologies/presets.js.map +0 -1
- package/dist/agents/methodologies/types.d.ts +0 -43
- package/dist/agents/methodologies/types.d.ts.map +0 -1
- package/dist/agents/methodologies/types.js +0 -10
- package/dist/agents/methodologies/types.js.map +0 -1
- package/dist/agents/methodologies/user-config-loader.d.ts +0 -30
- package/dist/agents/methodologies/user-config-loader.d.ts.map +0 -1
- package/dist/agents/methodologies/user-config-loader.js +0 -159
- package/dist/agents/methodologies/user-config-loader.js.map +0 -1
- package/dist/agents/official-agents.d.ts +0 -4
- package/dist/agents/official-agents.d.ts.map +0 -1
- package/dist/agents/official-agents.js +0 -559
- package/dist/agents/official-agents.js.map +0 -1
- package/dist/agents/registry.d.ts +0 -57
- package/dist/agents/registry.d.ts.map +0 -1
- package/dist/agents/registry.js +0 -271
- package/dist/agents/registry.js.map +0 -1
- package/dist/capability/index.d.ts +0 -10
- package/dist/capability/index.d.ts.map +0 -1
- package/dist/capability/index.js +0 -10
- package/dist/capability/index.js.map +0 -1
- package/dist/capability/types.d.ts +0 -10
- package/dist/capability/types.d.ts.map +0 -1
- package/dist/capability/types.js +0 -10
- package/dist/capability/types.js.map +0 -1
- package/dist/cli/commands/agents.d.ts +0 -3
- package/dist/cli/commands/agents.d.ts.map +0 -1
- package/dist/cli/commands/agents.js +0 -62
- package/dist/cli/commands/agents.js.map +0 -1
- package/dist/cli/commands/rules.d.ts +0 -8
- package/dist/cli/commands/rules.d.ts.map +0 -1
- package/dist/cli/commands/rules.js +0 -89
- package/dist/cli/commands/rules.js.map +0 -1
- package/dist/daemon/auto-disable-scheduler.d.ts +0 -53
- package/dist/daemon/auto-disable-scheduler.d.ts.map +0 -1
- package/dist/daemon/auto-disable-scheduler.js +0 -114
- package/dist/daemon/auto-disable-scheduler.js.map +0 -1
- package/dist/daemon/handlers/pre-tool-use.d.ts +0 -30
- package/dist/daemon/handlers/pre-tool-use.d.ts.map +0 -1
- package/dist/daemon/handlers/pre-tool-use.js +0 -173
- package/dist/daemon/handlers/pre-tool-use.js.map +0 -1
- package/dist/daemon/routing-observer.d.ts +0 -42
- package/dist/daemon/routing-observer.d.ts.map +0 -1
- package/dist/daemon/routing-observer.js +0 -264
- package/dist/daemon/routing-observer.js.map +0 -1
- package/dist/daemon/routing-state.d.ts +0 -63
- package/dist/daemon/routing-state.d.ts.map +0 -1
- package/dist/daemon/routing-state.js +0 -223
- package/dist/daemon/routing-state.js.map +0 -1
- package/dist/engine/agent-router.d.ts +0 -142
- package/dist/engine/agent-router.d.ts.map +0 -1
- package/dist/engine/agent-router.js +0 -276
- package/dist/engine/agent-router.js.map +0 -1
- package/dist/engine/context-builder.d.ts +0 -23
- package/dist/engine/context-builder.d.ts.map +0 -1
- package/dist/engine/context-builder.js +0 -63
- package/dist/engine/context-builder.js.map +0 -1
- package/dist/engine/conventions/basic-security.yaml +0 -109
- package/dist/engine/conventions/code-quality.yaml +0 -123
- package/dist/engine/conventions/database-safety.yaml +0 -74
- package/dist/engine/conventions/dependency-safety.yaml +0 -132
- package/dist/engine/conventions/docker-safety.yaml +0 -69
- package/dist/engine/conventions/git-safety.yaml +0 -118
- package/dist/engine/conventions/go-best-practices.yaml +0 -84
- package/dist/engine/conventions/python-best-practices.yaml +0 -96
- package/dist/engine/conventions/react-best-practices.yaml +0 -96
- package/dist/engine/conventions/routing.yaml +0 -378
- package/dist/engine/conventions/strict-security.yaml +0 -30
- package/dist/engine/conventions/ts-quality.yaml +0 -49
- package/dist/engine/dsl/compiler.d.ts +0 -34
- package/dist/engine/dsl/compiler.d.ts.map +0 -1
- package/dist/engine/dsl/compiler.js +0 -702
- package/dist/engine/dsl/compiler.js.map +0 -1
- package/dist/engine/dsl/parser.d.ts +0 -25
- package/dist/engine/dsl/parser.d.ts.map +0 -1
- package/dist/engine/dsl/parser.js +0 -208
- package/dist/engine/dsl/parser.js.map +0 -1
- package/dist/engine/dsl/runtime.d.ts +0 -46
- package/dist/engine/dsl/runtime.d.ts.map +0 -1
- package/dist/engine/dsl/runtime.js +0 -173
- package/dist/engine/dsl/runtime.js.map +0 -1
- package/dist/engine/dsl/types.d.ts +0 -139
- package/dist/engine/dsl/types.d.ts.map +0 -1
- package/dist/engine/dsl/types.js +0 -11
- package/dist/engine/dsl/types.js.map +0 -1
- package/dist/engine/evidence-store.d.ts +0 -44
- package/dist/engine/evidence-store.d.ts.map +0 -1
- package/dist/engine/evidence-store.js +0 -109
- package/dist/engine/evidence-store.js.map +0 -1
- package/dist/engine/experiment-router.d.ts +0 -102
- package/dist/engine/experiment-router.d.ts.map +0 -1
- package/dist/engine/experiment-router.js +0 -289
- package/dist/engine/experiment-router.js.map +0 -1
- package/dist/engine/recommender.d.ts +0 -52
- package/dist/engine/recommender.d.ts.map +0 -1
- package/dist/engine/recommender.js +0 -162
- package/dist/engine/recommender.js.map +0 -1
- package/dist/engine/rule-engine.d.ts +0 -33
- package/dist/engine/rule-engine.d.ts.map +0 -1
- package/dist/engine/rule-engine.js +0 -250
- package/dist/engine/rule-engine.js.map +0 -1
- package/dist/intelligence/classifier.d.ts +0 -75
- package/dist/intelligence/classifier.d.ts.map +0 -1
- package/dist/intelligence/classifier.js +0 -352
- package/dist/intelligence/classifier.js.map +0 -1
- package/dist/intelligence/context-gatherer.d.ts +0 -101
- package/dist/intelligence/context-gatherer.d.ts.map +0 -1
- package/dist/intelligence/context-gatherer.js +0 -417
- package/dist/intelligence/context-gatherer.js.map +0 -1
- package/dist/intelligence/cot-classifier.d.ts +0 -95
- package/dist/intelligence/cot-classifier.d.ts.map +0 -1
- package/dist/intelligence/cot-classifier.js +0 -391
- package/dist/intelligence/cot-classifier.js.map +0 -1
- package/dist/intelligence/distiller.d.ts +0 -22
- package/dist/intelligence/distiller.d.ts.map +0 -1
- package/dist/intelligence/distiller.js +0 -108
- package/dist/intelligence/distiller.js.map +0 -1
- package/dist/intelligence/execution-doc-builder.d.ts +0 -151
- package/dist/intelligence/execution-doc-builder.d.ts.map +0 -1
- package/dist/intelligence/execution-doc-builder.js +0 -1018
- package/dist/intelligence/execution-doc-builder.js.map +0 -1
- package/dist/intelligence/intent-types.d.ts +0 -13
- package/dist/intelligence/intent-types.d.ts.map +0 -1
- package/dist/intelligence/intent-types.js +0 -19
- package/dist/intelligence/intent-types.js.map +0 -1
- package/dist/intelligence/multimodal-parser.d.ts +0 -105
- package/dist/intelligence/multimodal-parser.d.ts.map +0 -1
- package/dist/intelligence/multimodal-parser.js +0 -425
- package/dist/intelligence/multimodal-parser.js.map +0 -1
- package/dist/intelligence/quality-gate.d.ts +0 -45
- package/dist/intelligence/quality-gate.d.ts.map +0 -1
- package/dist/intelligence/quality-gate.js +0 -193
- package/dist/intelligence/quality-gate.js.map +0 -1
- package/dist/intelligence/task-segmenter.d.ts.map +0 -1
- package/dist/intelligence/task-segmenter.js.map +0 -1
- package/dist/web/routes/agents.d.ts +0 -7
- package/dist/web/routes/agents.d.ts.map +0 -1
- package/dist/web/routes/agents.js +0 -209
- package/dist/web/routes/agents.js.map +0 -1
- package/dist/web/routes/execution-trace.d.ts +0 -21
- package/dist/web/routes/execution-trace.d.ts.map +0 -1
- package/dist/web/routes/execution-trace.js +0 -353
- package/dist/web/routes/execution-trace.js.map +0 -1
- package/dist/web/routes/experiments.d.ts +0 -15
- package/dist/web/routes/experiments.d.ts.map +0 -1
- package/dist/web/routes/experiments.js +0 -187
- package/dist/web/routes/experiments.js.map +0 -1
- package/dist/web/routes/routing.d.ts +0 -17
- package/dist/web/routes/routing.d.ts.map +0 -1
- package/dist/web/routes/routing.js +0 -592
- package/dist/web/routes/routing.js.map +0 -1
- package/dist/web/routes/workflows.d.ts +0 -19
- package/dist/web/routes/workflows.d.ts.map +0 -1
- package/dist/web/routes/workflows.js +0 -86
- package/dist/web/routes/workflows.js.map +0 -1
- package/dist/web/static/assets/AIConfig-R5wZ3ZKT.js +0 -2
- package/dist/web/static/assets/AIConfig-R5wZ3ZKT.js.map +0 -1
- package/dist/web/static/assets/Agents-Beg34V1g.js +0 -2
- package/dist/web/static/assets/Agents-Beg34V1g.js.map +0 -1
- package/dist/web/static/assets/CodeBlock--H53gk46.js +0 -2
- package/dist/web/static/assets/CodeBlock--H53gk46.js.map +0 -1
- package/dist/web/static/assets/Dashboard-Cy1xsj1J.js +0 -2
- package/dist/web/static/assets/Dashboard-Cy1xsj1J.js.map +0 -1
- package/dist/web/static/assets/Events-mFhXl4zI.js +0 -2
- package/dist/web/static/assets/Events-mFhXl4zI.js.map +0 -1
- package/dist/web/static/assets/ExecutionTrace-DG901hLR.js +0 -3
- package/dist/web/static/assets/ExecutionTrace-DG901hLR.js.map +0 -1
- package/dist/web/static/assets/MarkdownRenderer-CCIz1MOz.js +0 -2
- package/dist/web/static/assets/MarkdownRenderer-CCIz1MOz.js.map +0 -1
- package/dist/web/static/assets/Routing-B7BFLfjh.js +0 -2
- package/dist/web/static/assets/Routing-B7BFLfjh.js.map +0 -1
- package/dist/web/static/assets/SessionDetail-BT0l4RrK.js +0 -2
- package/dist/web/static/assets/SessionDetail-BT0l4RrK.js.map +0 -1
- package/dist/web/static/assets/Sessions-C6J_HQ_u.js +0 -2
- package/dist/web/static/assets/Sessions-C6J_HQ_u.js.map +0 -1
- package/dist/web/static/assets/Skills-4DQWLaTv.js +0 -2
- package/dist/web/static/assets/Skills-4DQWLaTv.js.map +0 -1
- package/dist/web/static/assets/WorkflowDetail-zhNqUkBE.js +0 -2
- package/dist/web/static/assets/WorkflowDetail-zhNqUkBE.js.map +0 -1
- package/dist/web/static/assets/Workflows-Btvi-lGw.js +0 -2
- package/dist/web/static/assets/Workflows-Btvi-lGw.js.map +0 -1
- package/dist/web/static/assets/export-BQQZLaHV.js +0 -4
- package/dist/web/static/assets/export-BQQZLaHV.js.map +0 -1
- package/dist/web/static/assets/index-Cgr9qMtq.js +0 -3
- package/dist/web/static/assets/index-Cgr9qMtq.js.map +0 -1
- package/dist/web/static/assets/index-CngWb5gC.css +0 -1
- package/dist/web/static/assets/lucide-53bR2rki.js.map +0 -1
|
@@ -1,74 +0,0 @@
|
|
|
1
|
-
id: "database-safety"
|
|
2
|
-
name: "数据库安全规范"
|
|
3
|
-
version: "1.0.0"
|
|
4
|
-
description: "数据库操作安全规则,防止 SQL 注入、数据丢失和性能问题"
|
|
5
|
-
triggers: ["sql", "database", "mysql", "postgres", "mongodb", "数据库", "查询"]
|
|
6
|
-
|
|
7
|
-
variables:
|
|
8
|
-
sql_file_patterns: [".sql"]
|
|
9
|
-
dangerous_sql_keywords: ["DROP", "TRUNCATE", "DELETE", "UPDATE"]
|
|
10
|
-
orm_patterns: ["execute", "raw", "query"]
|
|
11
|
-
|
|
12
|
-
forbidden:
|
|
13
|
-
- id: "no-sql-injection"
|
|
14
|
-
when: |
|
|
15
|
-
tool.in(["Write", "Edit"])
|
|
16
|
-
&& (args.content ?? args.new_string ?? "").match(/(?:execute|query|raw)\s*\([^)]*\+[^)]*\)/).ok()
|
|
17
|
-
level: block
|
|
18
|
-
message: "检测到 SQL 字符串拼接,存在 SQL 注入风险"
|
|
19
|
-
suggestion: "使用参数化查询或 ORM 的安全 API"
|
|
20
|
-
operator_guidance: "字符串拼接无法防止 SQL 注入;使用 ? 占位符或 ORM 的参数绑定。"
|
|
21
|
-
doc_ref: "https://owasp.org/www-community/attacks/SQL_Injection"
|
|
22
|
-
tags: ["database", "sql-injection", "security"]
|
|
23
|
-
|
|
24
|
-
- id: "warn-delete-without-where"
|
|
25
|
-
when: |
|
|
26
|
-
tool.in(["Write", "Edit", "Bash"])
|
|
27
|
-
&& (args.content ?? args.new_string ?? args.command ?? "").lower().match(/delete\s+from\s+\w+\s*;/).ok()
|
|
28
|
-
level: block
|
|
29
|
-
message: "检测到无 WHERE 条件的 DELETE,会删除全表数据"
|
|
30
|
-
suggestion: "添加 WHERE 条件限定删除范围,或使用 TRUNCATE"
|
|
31
|
-
operator_guidance: "无条件 DELETE 是不可逆操作;先用 SELECT 验证条件,再执行 DELETE。"
|
|
32
|
-
tags: ["database", "data-loss"]
|
|
33
|
-
|
|
34
|
-
- id: "warn-update-without-where"
|
|
35
|
-
when: |
|
|
36
|
-
tool.in(["Write", "Edit", "Bash"])
|
|
37
|
-
&& (args.content ?? args.new_string ?? args.command ?? "").lower().match(/update\s+\w+\s+set\s+[^;]*;/).ok()
|
|
38
|
-
&& !(args.content ?? args.new_string ?? args.command ?? "").lower().match(/where/).ok()
|
|
39
|
-
level: block
|
|
40
|
-
message: "检测到无 WHERE 条件的 UPDATE,会修改全表数据"
|
|
41
|
-
suggestion: "添加 WHERE 条件限定更新范围"
|
|
42
|
-
operator_guidance: "无条件 UPDATE 会覆盖所有行;先用 SELECT 验证条件,确认影响行数。"
|
|
43
|
-
tags: ["database", "data-loss"]
|
|
44
|
-
|
|
45
|
-
- id: "warn-select-star"
|
|
46
|
-
when: |
|
|
47
|
-
tool.in(["Write", "Edit"])
|
|
48
|
-
&& (args.content ?? args.new_string ?? "").match(/SELECT\s+\*\s+FROM/i).ok()
|
|
49
|
-
level: warn
|
|
50
|
-
message: "检测到 SELECT *,可能影响性能和可维护性"
|
|
51
|
-
suggestion: "显式列出需要的字段,避免传输不必要的数据"
|
|
52
|
-
operator_guidance: "SELECT * 传输所有列,增加网络开销;显式列出字段提升性能和可读性。"
|
|
53
|
-
tags: ["database", "performance"]
|
|
54
|
-
|
|
55
|
-
- id: "no-drop-production"
|
|
56
|
-
when: |
|
|
57
|
-
tool == "Bash"
|
|
58
|
-
&& args.command.lower().match(/drop\s+(database|table)/).ok()
|
|
59
|
-
&& (args.command.includes("prod") || args.command.includes("production"))
|
|
60
|
-
level: block
|
|
61
|
-
message: "禁止在生产环境执行 DROP 操作"
|
|
62
|
-
operator_guidance: "生产环境的 DROP 操作必须经过审批和备份;先在测试环境验证。"
|
|
63
|
-
tags: ["database", "production", "destructive"]
|
|
64
|
-
|
|
65
|
-
escalation: []
|
|
66
|
-
|
|
67
|
-
deliverables: []
|
|
68
|
-
|
|
69
|
-
principles: |
|
|
70
|
-
## 数据库安全规范
|
|
71
|
-
- 禁止 SQL 字符串拼接,使用参数化查询
|
|
72
|
-
- DELETE/UPDATE 必须带 WHERE 条件
|
|
73
|
-
- 避免 SELECT *,显式列出字段
|
|
74
|
-
- 生产环境禁止 DROP 操作
|
|
@@ -1,132 +0,0 @@
|
|
|
1
|
-
id: "dependency-safety"
|
|
2
|
-
name: "依赖安全规范"
|
|
3
|
-
version: "1.0.0"
|
|
4
|
-
description: "第三方依赖管理的安全规则,覆盖版本锁定、漏洞检测和供应链风险"
|
|
5
|
-
triggers: ["npm install", "pip install", "yarn add", "pnpm add", "依赖", "安装", "package", "upgrade", "更新依赖"]
|
|
6
|
-
|
|
7
|
-
variables:
|
|
8
|
-
package_managers: ["npm", "yarn", "pnpm", "pip", "gem", "cargo", "go"]
|
|
9
|
-
known_vulnerable_packages: ["event-stream@3.3.6", "eslint-scope@3.7.2"]
|
|
10
|
-
dev_only_packages: ["webpack", "vite", "eslint", "prettier", "jest", "vitest", "typescript"]
|
|
11
|
-
|
|
12
|
-
forbidden:
|
|
13
|
-
- id: "no-unversioned-install"
|
|
14
|
-
when: |
|
|
15
|
-
tool == "Bash"
|
|
16
|
-
&& args.command.match(/(?:npm|yarn|pnpm)\s+(?:add|install)\s+[a-z@][a-z0-9-/@]*(?:\s|$)/).ok()
|
|
17
|
-
&& !args.command.match(/@[\d.]+/).ok()
|
|
18
|
-
&& !args.command.includes("--save-dev")
|
|
19
|
-
&& !args.command.includes("-D")
|
|
20
|
-
level: warn
|
|
21
|
-
message: "安装依赖时未指定版本号,可能引入不兼容更新"
|
|
22
|
-
suggestion: "使用 npm install package@version 锁定版本,或在 package.json 中使用精确版本"
|
|
23
|
-
|
|
24
|
-
- id: "warn-global-install"
|
|
25
|
-
when: |
|
|
26
|
-
tool == "Bash"
|
|
27
|
-
&& args.command.match(/(?:npm|yarn|pnpm)\s+(?:install|add)\s+-g/).ok()
|
|
28
|
-
level: warn
|
|
29
|
-
message: "全局安装依赖可能导致版本冲突"
|
|
30
|
-
suggestion: "优先使用项目本地依赖或 npx 执行"
|
|
31
|
-
|
|
32
|
-
- id: "no-known-vulnerable"
|
|
33
|
-
when: |
|
|
34
|
-
tool == "Bash"
|
|
35
|
-
&& vars.known_vulnerable_packages.any(pkg => args.command.includes(pkg))
|
|
36
|
-
level: block
|
|
37
|
-
message: "尝试安装已知存在漏洞的包版本"
|
|
38
|
-
suggestion: "升级到安全版本或寻找替代方案"
|
|
39
|
-
|
|
40
|
-
- id: "warn-dev-in-prod"
|
|
41
|
-
when: |
|
|
42
|
-
tool.in(["Write", "Edit"])
|
|
43
|
-
&& file_path.endsWith("package.json")
|
|
44
|
-
&& (args.content ?? args.new_string ?? "").match(/"dependencies":\s*\{[^}]*(?:webpack|vite|eslint|prettier|jest|vitest|typescript)/).ok()
|
|
45
|
-
level: warn
|
|
46
|
-
message: "检测到开发工具出现在 dependencies 中"
|
|
47
|
-
suggestion: "将开发工具移至 devDependencies,减小生产包体积"
|
|
48
|
-
|
|
49
|
-
- id: "warn-npm-audit-skip"
|
|
50
|
-
when: |
|
|
51
|
-
tool == "Bash"
|
|
52
|
-
&& args.command.match(/npm\s+install.*--no-audit/).ok()
|
|
53
|
-
level: warn
|
|
54
|
-
message: "跳过了 npm audit 安全检查"
|
|
55
|
-
suggestion: "移除 --no-audit 以启用漏洞扫描"
|
|
56
|
-
|
|
57
|
-
- id: "warn-package-lock-delete"
|
|
58
|
-
when: |
|
|
59
|
-
tool == "Bash"
|
|
60
|
-
&& args.command.match(/rm\s+.*(?:package-lock\.json|yarn\.lock|pnpm-lock\.yaml)/).ok()
|
|
61
|
-
level: confirm
|
|
62
|
-
message: "删除锁文件会导致依赖版本不确定"
|
|
63
|
-
suggestion: "只在解决依赖冲突时删除,删除后需重新生成并提交"
|
|
64
|
-
|
|
65
|
-
- id: "no-npm-install-root"
|
|
66
|
-
when: |
|
|
67
|
-
tool == "Bash"
|
|
68
|
-
&& args.command.match(/sudo\s+npm\s+install/).ok()
|
|
69
|
-
level: block
|
|
70
|
-
message: "禁止使用 sudo npm install,存在权限风险"
|
|
71
|
-
suggestion: "修复 npm 权限配置或使用 nvm 管理 Node.js"
|
|
72
|
-
|
|
73
|
-
- id: "warn-wildcard-version"
|
|
74
|
-
when: |
|
|
75
|
-
tool.in(["Write", "Edit"])
|
|
76
|
-
&& file_path.endsWith("package.json")
|
|
77
|
-
&& (args.content ?? args.new_string ?? "").match(/"[^"]+"\s*:\s*"\*"/).ok()
|
|
78
|
-
level: warn
|
|
79
|
-
message: "依赖版本使用通配符 *,可能引入破坏性更新"
|
|
80
|
-
suggestion: "使用语义化版本范围(如 ^1.2.3)或精确版本"
|
|
81
|
-
|
|
82
|
-
- id: "warn-outdated-major"
|
|
83
|
-
when: |
|
|
84
|
-
tool == "Bash"
|
|
85
|
-
&& args.command.match(/npm\s+(?:install|update).*@\d+\./).ok()
|
|
86
|
-
&& args.command.match(/@[0-4]\./).ok()
|
|
87
|
-
level: warn
|
|
88
|
-
message: "安装的依赖版本可能过旧(主版本 < 5)"
|
|
89
|
-
suggestion: "检查是否有更新的稳定版本"
|
|
90
|
-
|
|
91
|
-
escalation:
|
|
92
|
-
- id: "dependency-churn-alert"
|
|
93
|
-
when: |
|
|
94
|
-
history.last(10).filter(e =>
|
|
95
|
-
e.tool == "Bash"
|
|
96
|
-
&& e.args.command.match(/npm\s+(?:install|uninstall|update)/).ok()
|
|
97
|
-
).length >= 5
|
|
98
|
-
action: warn
|
|
99
|
-
message: "短时间内频繁变更依赖(10 次操作中 5+ 次)"
|
|
100
|
-
suggestion: "建议整理依赖变更计划,避免反复试错"
|
|
101
|
-
|
|
102
|
-
- id: "audit-reminder"
|
|
103
|
-
when: |
|
|
104
|
-
history.file_changes.any(f => f.endsWith("package.json"))
|
|
105
|
-
&& !history.last(5).any(e =>
|
|
106
|
-
e.tool == "Bash"
|
|
107
|
-
&& e.args.command.includes("npm audit")
|
|
108
|
-
)
|
|
109
|
-
action: warn
|
|
110
|
-
message: "修改了 package.json 但未运行安全审计"
|
|
111
|
-
suggestion: "运行 npm audit 检查已知漏洞"
|
|
112
|
-
|
|
113
|
-
deliverables:
|
|
114
|
-
- name: "依赖安全审计"
|
|
115
|
-
command: "npm audit --audit-level=moderate"
|
|
116
|
-
required: true
|
|
117
|
-
check_at: "before_commit"
|
|
118
|
-
|
|
119
|
-
- name: "锁文件一致性"
|
|
120
|
-
command: "npm ci"
|
|
121
|
-
required: false
|
|
122
|
-
check_at: "ci"
|
|
123
|
-
|
|
124
|
-
principles: |
|
|
125
|
-
## 依赖安全规范
|
|
126
|
-
- 安装依赖时锁定版本号,避免隐式升级
|
|
127
|
-
- 禁止安装已知漏洞包
|
|
128
|
-
- 开发工具放在 devDependencies
|
|
129
|
-
- 保留锁文件,确保依赖可复现
|
|
130
|
-
- 定期运行 npm audit 检查漏洞
|
|
131
|
-
- 避免使用 sudo npm install
|
|
132
|
-
- 依赖变更后运行安全审计
|
|
@@ -1,69 +0,0 @@
|
|
|
1
|
-
id: "docker-safety"
|
|
2
|
-
name: "Docker/容器安全规范"
|
|
3
|
-
version: "1.0.0"
|
|
4
|
-
description: "容器化应用安全规则,覆盖镜像构建、运行时安全和资源管理"
|
|
5
|
-
triggers: ["docker", "dockerfile", "container", "镜像", "容器"]
|
|
6
|
-
|
|
7
|
-
variables:
|
|
8
|
-
dockerfile_patterns: ["Dockerfile", ".dockerfile"]
|
|
9
|
-
dangerous_base_images: ["latest", "alpine:latest"]
|
|
10
|
-
|
|
11
|
-
forbidden:
|
|
12
|
-
- id: "no-latest-tag"
|
|
13
|
-
when: |
|
|
14
|
-
tool.in(["Write", "Edit"])
|
|
15
|
-
&& file_path != null
|
|
16
|
-
&& (file_path.endsWith("Dockerfile") || file_path.includes("Dockerfile"))
|
|
17
|
-
&& (args.content ?? args.new_string ?? "").match(/FROM\s+[^:]+:latest/).ok()
|
|
18
|
-
level: warn
|
|
19
|
-
message: "Dockerfile 使用 :latest 标签,可能导致构建不可复现"
|
|
20
|
-
suggestion: "使用具体版本号,如 node:18.20.0-alpine"
|
|
21
|
-
operator_guidance: "latest 标签会随时间变化;固定版本号确保构建可复现。"
|
|
22
|
-
tags: ["docker", "reproducibility"]
|
|
23
|
-
|
|
24
|
-
- id: "warn-run-as-root"
|
|
25
|
-
when: |
|
|
26
|
-
tool.in(["Write", "Edit"])
|
|
27
|
-
&& file_path != null
|
|
28
|
-
&& (file_path.endsWith("Dockerfile") || file_path.includes("Dockerfile"))
|
|
29
|
-
&& !(args.content ?? args.new_string ?? "").match(/USER\s+\w+/).ok()
|
|
30
|
-
level: warn
|
|
31
|
-
message: "Dockerfile 未指定 USER,容器将以 root 运行"
|
|
32
|
-
suggestion: "添加 USER 指令切换到非 root 用户"
|
|
33
|
-
operator_guidance: "以 root 运行容器增加攻击面;创建专用用户并切换:RUN adduser -D appuser && USER appuser"
|
|
34
|
-
tags: ["docker", "security"]
|
|
35
|
-
|
|
36
|
-
- id: "no-apt-get-without-cleanup"
|
|
37
|
-
when: |
|
|
38
|
-
tool.in(["Write", "Edit"])
|
|
39
|
-
&& file_path != null
|
|
40
|
-
&& (file_path.endsWith("Dockerfile") || file_path.includes("Dockerfile"))
|
|
41
|
-
&& (args.content ?? args.new_string ?? "").match(/apt-get\s+install/).ok()
|
|
42
|
-
&& !(args.content ?? args.new_string ?? "").match(/rm\s+-rf\s+\/var\/lib\/apt\/lists/).ok()
|
|
43
|
-
level: warn
|
|
44
|
-
message: "apt-get install 后未清理缓存,会增大镜像体积"
|
|
45
|
-
suggestion: "在同一 RUN 层添加清理命令:&& rm -rf /var/lib/apt/lists/*"
|
|
46
|
-
operator_guidance: "每个 RUN 层都会保留文件系统快照;在同一层安装和清理可减小镜像体积。"
|
|
47
|
-
tags: ["docker", "optimization"]
|
|
48
|
-
|
|
49
|
-
- id: "warn-expose-sensitive-port"
|
|
50
|
-
when: |
|
|
51
|
-
tool.in(["Write", "Edit"])
|
|
52
|
-
&& file_path != null
|
|
53
|
-
&& (file_path.endsWith("Dockerfile") || file_path.includes("Dockerfile"))
|
|
54
|
-
&& (args.content ?? args.new_string ?? "").match(/EXPOSE\s+(22|3306|5432|6379|27017)/).ok()
|
|
55
|
-
level: warn
|
|
56
|
-
message: "Dockerfile 暴露敏感端口(SSH/数据库),可能存在安全风险"
|
|
57
|
-
suggestion: "确认是否需要暴露该端口,生产环境应通过网络策略限制访问"
|
|
58
|
-
tags: ["docker", "security"]
|
|
59
|
-
|
|
60
|
-
escalation: []
|
|
61
|
-
|
|
62
|
-
deliverables: []
|
|
63
|
-
|
|
64
|
-
principles: |
|
|
65
|
-
## Docker/容器安全规范
|
|
66
|
-
- 使用具体版本号而非 :latest 标签
|
|
67
|
-
- 容器应以非 root 用户运行
|
|
68
|
-
- apt-get install 后清理缓存减小镜像体积
|
|
69
|
-
- 避免暴露敏感端口(SSH、数据库)
|
|
@@ -1,118 +0,0 @@
|
|
|
1
|
-
id: "git-safety"
|
|
2
|
-
name: "Git 操作安全规范"
|
|
3
|
-
version: "1.0.0"
|
|
4
|
-
description: "Git 版本控制操作的安全规则,防止误操作导致代码丢失"
|
|
5
|
-
triggers: ["git", "push", "commit", "merge", "rebase", "reset", "branch", "提交", "推送", "合并"]
|
|
6
|
-
|
|
7
|
-
variables:
|
|
8
|
-
protected_branches: ["main", "master", "production", "staging", "release"]
|
|
9
|
-
dangerous_git_commands: ["reset --hard", "clean -fd", "clean -fdx", "branch -D"]
|
|
10
|
-
|
|
11
|
-
forbidden:
|
|
12
|
-
- id: "no-force-push-main"
|
|
13
|
-
when: |
|
|
14
|
-
tool == "Bash"
|
|
15
|
-
&& args.command.match(/git\s+push.*--force/).ok()
|
|
16
|
-
&& git.branch.in(vars.protected_branches)
|
|
17
|
-
level: block
|
|
18
|
-
message: "禁止强制推送到受保护分支 {{git.branch}}"
|
|
19
|
-
suggestion: "使用 --force-with-lease 或创建新分支后提交 PR"
|
|
20
|
-
operator_guidance: "公共分支改写历史会影响他人协作;优先通过新分支和 PR 完成修复。"
|
|
21
|
-
doc_ref: "CLAUDE.md#Git 操作安全规范"
|
|
22
|
-
tags: ["git", "protected-branch", "history-rewrite"]
|
|
23
|
-
|
|
24
|
-
- id: "warn-force-push-feature"
|
|
25
|
-
when: |
|
|
26
|
-
tool == "Bash"
|
|
27
|
-
&& args.command.match(/git\s+push.*--force(?!-with-lease)/).ok()
|
|
28
|
-
&& !git.branch.in(vars.protected_branches)
|
|
29
|
-
level: warn
|
|
30
|
-
message: "检测到 git push --force,这会覆盖远程历史"
|
|
31
|
-
suggestion: "考虑使用 --force-with-lease 以避免覆盖他人提交"
|
|
32
|
-
operator_guidance: "只有在确认远端无人基于该提交继续工作时,才考虑 force push。"
|
|
33
|
-
doc_ref: "CLAUDE.md#Git 操作安全规范"
|
|
34
|
-
tags: ["git", "force-push"]
|
|
35
|
-
|
|
36
|
-
- id: "no-reset-hard-uncommitted"
|
|
37
|
-
when: |
|
|
38
|
-
tool == "Bash"
|
|
39
|
-
&& args.command.match(/git\s+reset\s+--hard/).ok()
|
|
40
|
-
&& git.has_uncommitted_changes
|
|
41
|
-
level: block
|
|
42
|
-
message: "禁止在有未提交更改时执行 git reset --hard"
|
|
43
|
-
suggestion: "先使用 git stash 保存更改,或提交后再 reset"
|
|
44
|
-
operator_guidance: "先用 git status 确认工作区,再 stash 或提交,避免本地未保存改动丢失。"
|
|
45
|
-
doc_ref: "CLAUDE.md#Git 操作安全规范"
|
|
46
|
-
tags: ["git", "reset-hard", "uncommitted-changes"]
|
|
47
|
-
|
|
48
|
-
- id: "warn-reset-hard"
|
|
49
|
-
when: |
|
|
50
|
-
tool == "Bash"
|
|
51
|
-
&& args.command.match(/git\s+reset\s+--hard/).ok()
|
|
52
|
-
level: confirm
|
|
53
|
-
message: "git reset --hard 会丢弃所有未提交的更改"
|
|
54
|
-
suggestion: "确认这是有意为之,或使用 git stash 保存更改"
|
|
55
|
-
operator_guidance: "执行前先确认 HEAD 目标和工作区状态,必要时先创建临时分支保存现场。"
|
|
56
|
-
doc_ref: "CLAUDE.md#Git 操作安全规范"
|
|
57
|
-
tags: ["git", "reset-hard"]
|
|
58
|
-
|
|
59
|
-
- id: "warn-clean-fd"
|
|
60
|
-
when: |
|
|
61
|
-
tool == "Bash"
|
|
62
|
-
&& args.command.match(/git\s+clean\s+-[^\s]*f[^\s]*d/).ok()
|
|
63
|
-
level: confirm
|
|
64
|
-
message: "git clean -fd 会删除所有未跟踪的文件和目录"
|
|
65
|
-
suggestion: "确认不会误删重要文件,或先使用 git clean -n 预览"
|
|
66
|
-
|
|
67
|
-
- id: "no-delete-git-dir"
|
|
68
|
-
when: |
|
|
69
|
-
tool == "Bash"
|
|
70
|
-
&& args.command.match(/rm\s+-[^\s]*r[^\s]*.*\.git/).ok()
|
|
71
|
-
level: block
|
|
72
|
-
message: "禁止删除 .git 目录,这会导致版本历史丢失"
|
|
73
|
-
|
|
74
|
-
- id: "warn-branch-delete-unmerged"
|
|
75
|
-
when: |
|
|
76
|
-
tool == "Bash"
|
|
77
|
-
&& args.command.match(/git\s+branch\s+-D/).ok()
|
|
78
|
-
level: confirm
|
|
79
|
-
message: "git branch -D 会强制删除分支,即使未合并"
|
|
80
|
-
suggestion: "使用 git branch -d 以确保分支已合并,或确认这是有意为之"
|
|
81
|
-
|
|
82
|
-
- id: "warn-rebase-public-branch"
|
|
83
|
-
when: |
|
|
84
|
-
tool == "Bash"
|
|
85
|
-
&& args.command.match(/git\s+rebase/).ok()
|
|
86
|
-
&& git.branch.in(vars.protected_branches)
|
|
87
|
-
level: block
|
|
88
|
-
message: "禁止在公共分支上执行 rebase"
|
|
89
|
-
suggestion: "rebase 会改写历史,只应在本地分支使用"
|
|
90
|
-
|
|
91
|
-
- id: "warn-amend-pushed-commit"
|
|
92
|
-
when: |
|
|
93
|
-
tool == "Bash"
|
|
94
|
-
&& args.command.match(/git\s+commit\s+--amend/).ok()
|
|
95
|
-
&& git.last_commit_pushed
|
|
96
|
-
level: warn
|
|
97
|
-
message: "修改已推送的提交需要 force push"
|
|
98
|
-
suggestion: "如果他人已拉取该提交,考虑创建新提交而非修改"
|
|
99
|
-
|
|
100
|
-
escalation:
|
|
101
|
-
- id: "repeated-git-failures"
|
|
102
|
-
when: |
|
|
103
|
-
history.last(5).filter(e =>
|
|
104
|
-
e.tool == "Bash"
|
|
105
|
-
&& e.args.command.startsWith("git")
|
|
106
|
-
&& e.failed
|
|
107
|
-
).length >= 3
|
|
108
|
-
action: confirm
|
|
109
|
-
message: "Git 操作连续失败 3 次,可能需要调整策略"
|
|
110
|
-
suggestion: "检查分支状态、远程连接或权限配置"
|
|
111
|
-
|
|
112
|
-
principles: |
|
|
113
|
-
## Git 操作安全规范
|
|
114
|
-
- 受保护分支禁止强制推送和 rebase
|
|
115
|
-
- 危险操作(reset --hard、clean -fd)需要确认
|
|
116
|
-
- 禁止删除 .git 目录
|
|
117
|
-
- 强制删除分支前确认已合并
|
|
118
|
-
- 修改已推送的提交需谨慎
|
|
@@ -1,84 +0,0 @@
|
|
|
1
|
-
id: "go-best-practices"
|
|
2
|
-
name: "Go 最佳实践"
|
|
3
|
-
version: "1.0.0"
|
|
4
|
-
description: "Go 开发规范,覆盖错误处理、并发安全、资源管理和性能"
|
|
5
|
-
triggers: ["go", "golang", "goroutine", "channel", "defer", "panic"]
|
|
6
|
-
|
|
7
|
-
variables:
|
|
8
|
-
go_file_patterns: [".go"]
|
|
9
|
-
dangerous_packages: ["unsafe", "reflect"]
|
|
10
|
-
max_function_lines: 50
|
|
11
|
-
|
|
12
|
-
forbidden:
|
|
13
|
-
- id: "no-panic-in-library"
|
|
14
|
-
when: |
|
|
15
|
-
tool.in(["Write", "Edit"])
|
|
16
|
-
&& file_ext == ".go"
|
|
17
|
-
&& !file_path.includes("_test.go")
|
|
18
|
-
&& (args.content ?? args.new_string ?? "").match(/\bpanic\(/).ok()
|
|
19
|
-
level: warn
|
|
20
|
-
message: "库代码中检测到 panic,应返回 error 而非 panic"
|
|
21
|
-
suggestion: "将 panic 改为返回 error,让调用方决定如何处理"
|
|
22
|
-
operator_guidance: "panic 应只用于不可恢复的错误;库代码应返回 error,由调用方处理。"
|
|
23
|
-
doc_ref: "https://go.dev/blog/error-handling-and-go"
|
|
24
|
-
tags: ["go", "error-handling"]
|
|
25
|
-
|
|
26
|
-
- id: "warn-goroutine-leak"
|
|
27
|
-
when: |
|
|
28
|
-
tool.in(["Write", "Edit"])
|
|
29
|
-
&& file_ext == ".go"
|
|
30
|
-
&& (args.content ?? args.new_string ?? "").match(/go\s+func\s*\(/).ok()
|
|
31
|
-
&& !(args.content ?? args.new_string ?? "").match(/context\./).ok()
|
|
32
|
-
level: warn
|
|
33
|
-
message: "检测到 goroutine 但未使用 context,可能导致泄漏"
|
|
34
|
-
suggestion: "传入 context.Context 参数,监听 ctx.Done() 以优雅退出"
|
|
35
|
-
operator_guidance: "goroutine 泄漏会耗尽资源;用 context 控制生命周期,监听 Done() 信号退出。"
|
|
36
|
-
doc_ref: "https://go.dev/blog/context"
|
|
37
|
-
tags: ["go", "concurrency", "resource-leak"]
|
|
38
|
-
|
|
39
|
-
- id: "no-defer-in-loop"
|
|
40
|
-
when: |
|
|
41
|
-
tool.in(["Write", "Edit"])
|
|
42
|
-
&& file_ext == ".go"
|
|
43
|
-
&& (args.content ?? args.new_string ?? "").match(/for\s+[^{]*\{[^}]*defer\s+/).ok()
|
|
44
|
-
level: warn
|
|
45
|
-
message: "检测到循环中使用 defer,会延迟到函数结束才执行"
|
|
46
|
-
suggestion: "将循环体提取为独立函数,或手动调用清理函数"
|
|
47
|
-
operator_guidance: "defer 在函数返回时执行,不是循环迭代结束;循环中的 defer 会累积,可能导致资源耗尽。"
|
|
48
|
-
doc_ref: "https://go.dev/ref/spec#Defer_statements"
|
|
49
|
-
tags: ["go", "defer", "resource-leak"]
|
|
50
|
-
|
|
51
|
-
- id: "warn-error-ignored"
|
|
52
|
-
when: |
|
|
53
|
-
tool.in(["Write", "Edit"])
|
|
54
|
-
&& file_ext == ".go"
|
|
55
|
-
&& (args.content ?? args.new_string ?? "").match(/\w+\([^)]*\)\s*$/).ok()
|
|
56
|
-
&& (args.content ?? args.new_string ?? "").match(/,\s*err\s*:=/).ok()
|
|
57
|
-
level: warn
|
|
58
|
-
message: "检测到可能未检查的 error 返回值"
|
|
59
|
-
suggestion: "显式检查 error:if err != nil { return err }"
|
|
60
|
-
operator_guidance: "Go 的错误处理依赖显式检查;忽略 error 会掩盖问题,用 if err != nil 立即处理。"
|
|
61
|
-
tags: ["go", "error-handling"]
|
|
62
|
-
|
|
63
|
-
- id: "no-unsafe-package"
|
|
64
|
-
when: |
|
|
65
|
-
tool.in(["Write", "Edit"])
|
|
66
|
-
&& file_ext == ".go"
|
|
67
|
-
&& (args.content ?? args.new_string ?? "").match(/import\s+.*"unsafe"/).ok()
|
|
68
|
-
level: warn
|
|
69
|
-
message: "检测到 unsafe 包,会绕过 Go 的类型安全"
|
|
70
|
-
suggestion: "除非性能关键场景,避免使用 unsafe"
|
|
71
|
-
operator_guidance: "unsafe 绕过类型安全和内存安全;只在性能瓶颈且充分测试后使用。"
|
|
72
|
-
tags: ["go", "safety"]
|
|
73
|
-
|
|
74
|
-
escalation: []
|
|
75
|
-
|
|
76
|
-
deliverables: []
|
|
77
|
-
|
|
78
|
-
principles: |
|
|
79
|
-
## Go 最佳实践
|
|
80
|
-
- 库代码返回 error 而非 panic
|
|
81
|
-
- goroutine 使用 context 控制生命周期
|
|
82
|
-
- 避免在循环中使用 defer
|
|
83
|
-
- 显式检查所有 error 返回值
|
|
84
|
-
- 谨慎使用 unsafe 包
|
|
@@ -1,96 +0,0 @@
|
|
|
1
|
-
id: "python-best-practices"
|
|
2
|
-
name: "Python 最佳实践"
|
|
3
|
-
version: "1.0.0"
|
|
4
|
-
description: "Python 开发规范,覆盖代码风格、类型安全、安全性和性能"
|
|
5
|
-
triggers: ["python", "py", "pip", "django", "flask", "fastapi", "虚拟环境"]
|
|
6
|
-
|
|
7
|
-
variables:
|
|
8
|
-
python_file_patterns: [".py"]
|
|
9
|
-
dangerous_imports: ["pickle", "eval", "exec", "compile", "__import__"]
|
|
10
|
-
max_function_lines: 50
|
|
11
|
-
max_class_lines: 300
|
|
12
|
-
|
|
13
|
-
forbidden:
|
|
14
|
-
- id: "no-pickle-untrusted"
|
|
15
|
-
when: |
|
|
16
|
-
tool.in(["Write", "Edit"])
|
|
17
|
-
&& file_ext == ".py"
|
|
18
|
-
&& (args.content ?? args.new_string ?? "").match(/pickle\.loads?\(/).ok()
|
|
19
|
-
level: warn
|
|
20
|
-
message: "检测到 pickle.load/loads,反序列化不可信数据存在代码执行风险"
|
|
21
|
-
suggestion: "使用 JSON 或其他安全的序列化格式,避免 pickle 处理外部数据"
|
|
22
|
-
operator_guidance: "pickle 可以执行任意代码;只用于可信数据,外部数据优先用 JSON/MessagePack。"
|
|
23
|
-
doc_ref: "https://docs.python.org/3/library/pickle.html#module-pickle"
|
|
24
|
-
tags: ["python", "security", "deserialization"]
|
|
25
|
-
|
|
26
|
-
- id: "no-eval-exec"
|
|
27
|
-
when: |
|
|
28
|
-
tool.in(["Write", "Edit"])
|
|
29
|
-
&& file_ext == ".py"
|
|
30
|
-
&& (args.content ?? args.new_string ?? "").match(/\b(eval|exec)\s*\(/).ok()
|
|
31
|
-
level: block
|
|
32
|
-
message: "禁止使用 eval() 或 exec(),存在代码注入风险"
|
|
33
|
-
suggestion: "使用 ast.literal_eval() 解析字面量,或重新设计避免动态执行"
|
|
34
|
-
operator_guidance: "eval/exec 可执行任意代码;用 ast.literal_eval 安全解析,或用字典映射替代动态执行。"
|
|
35
|
-
doc_ref: "https://docs.python.org/3/library/ast.html#ast.literal_eval"
|
|
36
|
-
tags: ["python", "security", "code-injection"]
|
|
37
|
-
|
|
38
|
-
- id: "warn-bare-except"
|
|
39
|
-
when: |
|
|
40
|
-
tool.in(["Write", "Edit"])
|
|
41
|
-
&& file_ext == ".py"
|
|
42
|
-
&& (args.content ?? args.new_string ?? "").match(/except\s*:/).ok()
|
|
43
|
-
level: warn
|
|
44
|
-
message: "检测到裸 except:,会捕获所有异常包括 KeyboardInterrupt"
|
|
45
|
-
suggestion: "使用 except Exception: 或捕获具体异常类型"
|
|
46
|
-
operator_guidance: "裸 except 会捕获系统退出信号;用 except Exception 或具体异常类型。"
|
|
47
|
-
tags: ["python", "error-handling"]
|
|
48
|
-
|
|
49
|
-
- id: "warn-mutable-default-arg"
|
|
50
|
-
when: |
|
|
51
|
-
tool.in(["Write", "Edit"])
|
|
52
|
-
&& file_ext == ".py"
|
|
53
|
-
&& (args.content ?? args.new_string ?? "").match(/def\s+\w+\([^)]*=\s*(\[\]|\{\})\s*[,)]/).ok()
|
|
54
|
-
level: warn
|
|
55
|
-
message: "检测到可变默认参数([] 或 {}),会在调用间共享"
|
|
56
|
-
suggestion: "使用 None 作为默认值,在函数内部初始化"
|
|
57
|
-
operator_guidance: "可变默认参数只创建一次,多次调用会共享同一对象;用 None 并在函数内 if arg is None: arg = []"
|
|
58
|
-
doc_ref: "https://docs.python-guide.org/writing/gotchas/#mutable-default-arguments"
|
|
59
|
-
tags: ["python", "correctness"]
|
|
60
|
-
|
|
61
|
-
- id: "no-shell-injection"
|
|
62
|
-
when: |
|
|
63
|
-
tool.in(["Write", "Edit"])
|
|
64
|
-
&& file_ext == ".py"
|
|
65
|
-
&& (args.content ?? args.new_string ?? "").match(/subprocess\.(call|run|Popen)\([^)]*shell\s*=\s*True/).ok()
|
|
66
|
-
level: warn
|
|
67
|
-
message: "检测到 subprocess 使用 shell=True,存在命令注入风险"
|
|
68
|
-
suggestion: "使用列表形式传递参数,避免 shell=True"
|
|
69
|
-
operator_guidance: "shell=True 会通过 shell 解析命令,存在注入风险;用列表传参:['ls', '-la']"
|
|
70
|
-
doc_ref: "https://docs.python.org/3/library/subprocess.html#security-considerations"
|
|
71
|
-
tags: ["python", "security", "command-injection"]
|
|
72
|
-
|
|
73
|
-
- id: "warn-requirements-no-version"
|
|
74
|
-
when: |
|
|
75
|
-
tool.in(["Write", "Edit"])
|
|
76
|
-
&& file_path != null
|
|
77
|
-
&& file_path.endsWith("requirements.txt")
|
|
78
|
-
&& (args.content ?? args.new_string ?? "").match(/^\w+\s*$/m).ok()
|
|
79
|
-
level: warn
|
|
80
|
-
message: "requirements.txt 中存在未固定版本的依赖"
|
|
81
|
-
suggestion: "使用 == 固定版本号,确保构建可复现"
|
|
82
|
-
operator_guidance: "未固定版本会导致不同环境安装不同版本;用 pip freeze 生成精确版本。"
|
|
83
|
-
tags: ["python", "dependency", "reproducibility"]
|
|
84
|
-
|
|
85
|
-
escalation: []
|
|
86
|
-
|
|
87
|
-
deliverables: []
|
|
88
|
-
|
|
89
|
-
principles: |
|
|
90
|
-
## Python 最佳实践
|
|
91
|
-
- 禁止 pickle 反序列化不可信数据
|
|
92
|
-
- 禁止 eval/exec 动态执行代码
|
|
93
|
-
- 使用 except Exception 而非裸 except
|
|
94
|
-
- 避免可变默认参数
|
|
95
|
-
- subprocess 避免 shell=True
|
|
96
|
-
- requirements.txt 固定依赖版本
|