@wpmoo/toolkit 0.9.24 → 0.9.26

package/dist/environment-policy.js

@@ -0,0 +1,219 @@
+export const dailyActionPolicyCommands = [
+    'start',
+    'stop',
+    'logs',
+    'restart',
+    'shell',
+    'psql',
+    'install',
+    'update',
+    'test',
+    'resetdb',
+    'snapshot',
+    'restore-snapshot',
+    'lint',
+    'pot',
+];
+function normalizeFlag(value) {
+    return value?.trim() ?? '';
+}
+function parseFlag(value) {
+    return normalizeFlag(value) === '1';
+}
+export const dailyActionPolicyTable = {
+    start: {
+        isDestructive: () => false,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: false,
+        requiresProdLifecycleApproval: false,
+        isAuditWorthy: () => false,
+    },
+    stop: {
+        isDestructive: () => false,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: false,
+        requiresProdLifecycleApproval: false,
+        isAuditWorthy: () => false,
+    },
+    logs: {
+        isDestructive: () => false,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: false,
+        requiresProdLifecycleApproval: false,
+        isAuditWorthy: () => false,
+    },
+    restart: {
+        isDestructive: () => false,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: false,
+        requiresProdLifecycleApproval: false,
+        isAuditWorthy: () => false,
+    },
+    shell: {
+        isDestructive: () => false,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: false,
+        requiresProdLifecycleApproval: false,
+        isAuditWorthy: () => false,
+    },
+    psql: {
+        isDestructive: () => false,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: false,
+        requiresProdLifecycleApproval: false,
+        isAuditWorthy: () => false,
+    },
+    install: {
+        isDestructive: () => false,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: true,
+        requiresProdLifecycleApproval: true,
+        isAuditWorthy: () => true,
+    },
+    update: {
+        isDestructive: () => false,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: true,
+        requiresProdLifecycleApproval: true,
+        isAuditWorthy: () => true,
+    },
+    test: {
+        isDestructive: () => false,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: false,
+        requiresProdLifecycleApproval: true,
+        isAuditWorthy: () => true,
+    },
+    resetdb: {
+        isDestructive: () => true,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: false,
+        requiresProdLifecycleApproval: false,
+        isAuditWorthy: () => true,
+    },
+    snapshot: {
+        isDestructive: () => false,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: false,
+        requiresProdLifecycleApproval: false,
+        isAuditWorthy: () => false,
+    },
+    'restore-snapshot': {
+        isDestructive: (args) => args[0] !== '--dry-run',
+        isDryRunAllowed: true,
+        requiresStageLifecycleApproval: false,
+        requiresProdLifecycleApproval: false,
+        isAuditWorthy: (args) => args[0] !== '--dry-run',
+    },
+    lint: {
+        isDestructive: () => false,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: false,
+        requiresProdLifecycleApproval: false,
+        isAuditWorthy: () => false,
+    },
+    pot: {
+        isDestructive: () => false,
+        isDryRunAllowed: false,
+        requiresStageLifecycleApproval: false,
+        requiresProdLifecycleApproval: false,
+        isAuditWorthy: () => false,
+    },
+};
+export function parseEnvironmentKind(rawEnvName) {
+    const normalized = rawEnvName?.trim().toLowerCase();
+    if (normalized === 'stage' || normalized === 'prod') {
+        return normalized;
+    }
+    return 'dev';
+}
+export function isDailyActionPolicyCommand(value) {
+    return dailyActionPolicyCommands.includes(value);
+}
+export function isRestoreSnapshotDryRun(args) {
+    return args[0] === '--dry-run';
+}
+function denyMessage(kind, command, env) {
+    if (kind === 'destructive') {
+        return `Refusing destructive command '${command}' in WPMOO_ENV=${env}. Set WPMOO_ALLOW_DESTRUCTIVE=1 to run it intentionally.`;
+    }
+    if (kind === 'stage-lifecycle') {
+        return `Refusing stage lifecycle command '${command}' in WPMOO_ENV=stage. Set WPMOO_ALLOW_STAGE_LIFECYCLE=1 to run it intentionally.`;
+    }
+    return `Refusing production lifecycle command '${command}' in WPMOO_ENV=prod. Set WPMOO_ALLOW_PROD_LIFECYCLE=1 to run it intentionally.`;
+}
+export function renderPolicyDenyMessage(deny) {
+    return denyMessage(deny.kind, deny.command, deny.env);
+}
+export function evaluateDailyActionPolicy(command, args, flags) {
+    const env = parseEnvironmentKind(flags.envName);
+    const policy = dailyActionPolicyTable[command];
+    const isDestructive = policy.isDestructive(args);
+    const isDryRunPreview = command === 'restore-snapshot' && isRestoreSnapshotDryRun(args);
+    const isAuditWorthy = policy.isAuditWorthy(args);
+    if (policy.requiresStageLifecycleApproval && env === 'stage' && !parseFlag(flags.allowStageLifecycle)) {
+        const deny = {
+            kind: 'stage-lifecycle',
+            command,
+            env,
+            requiredFlag: 'WPMOO_ALLOW_STAGE_LIFECYCLE',
+            requiredValue: '1',
+        };
+        return {
+            allowed: false,
+            command,
+            env,
+            isDestructive,
+            isDryRunPreview,
+            isAuditWorthy,
+            deny,
+            message: renderPolicyDenyMessage(deny),
+        };
+    }
+    if (policy.requiresProdLifecycleApproval && env === 'prod' && !parseFlag(flags.allowProdLifecycle)) {
+        const deny = {
+            kind: 'prod-lifecycle',
+            command,
+            env,
+            requiredFlag: 'WPMOO_ALLOW_PROD_LIFECYCLE',
+            requiredValue: '1',
+        };
+        return {
+            allowed: false,
+            command,
+            env,
+            isDestructive,
+            isDryRunPreview,
+            isAuditWorthy,
+            deny,
+            message: renderPolicyDenyMessage(deny),
+        };
+    }
+    if (isDestructive && (env === 'stage' || env === 'prod') && !parseFlag(flags.allowDestructive)) {
+        const deny = {
+            kind: 'destructive',
+            command,
+            env,
+            requiredFlag: 'WPMOO_ALLOW_DESTRUCTIVE',
+            requiredValue: '1',
+        };
+        return {
+            allowed: false,
+            command,
+            env,
+            isDestructive,
+            isDryRunPreview,
+            isAuditWorthy,
+            deny,
+            message: renderPolicyDenyMessage(deny),
+        };
+    }
+    return {
+        allowed: true,
+        command,
+        env,
+        isDestructive,
+        isDryRunPreview,
+        isAuditWorthy,
+    };
+}

package/dist/help.js

@@ -24,7 +24,7 @@ Usage:
   npx @wpmoo/toolkit doctor --json [--postgres]
   npx @wpmoo/toolkit start
   npx @wpmoo/toolkit stop
-  npx @wpmoo/toolkit logs [service]
+  npx @wpmoo/toolkit logs [service] [tail-lines]
   npx @wpmoo/toolkit restart
   npx @wpmoo/toolkit shell
   npx @wpmoo/toolkit psql [db]
@@ -148,7 +148,7 @@ Task recipes:
     npx @wpmoo/toolkit status
     npx @wpmoo/toolkit doctor
     npx @wpmoo/toolkit doctor --fix
-    npx @wpmoo/toolkit logs [service]
+    npx @wpmoo/toolkit logs [service] [tail-lines]
     npx @wpmoo/toolkit restart
 
 Machine-readable JSON output:

package/dist/migrations.js

@@ -0,0 +1,112 @@
+import { lstat, readdir } from 'node:fs/promises';
+import { resolve, join } from 'node:path';
+const sourceRepoTypes = ['private', 'oca', 'external'];
+const sourceRepoBase = ['odoo', 'custom', 'src'];
+const migrationFolders = ['migrations', 'migration'];
+const versionedMigrationFiles = ['pre-migration.py', 'post-migration.py', 'end-migration.py'];
+const scriptMigrationFiles = ['migrate.py', 'migration.py'];
+async function isDirectory(path) {
+    try {
+        const entry = await lstat(path);
+        return entry.isDirectory() && !entry.isSymbolicLink();
+    }
+    catch (error) {
+        if (error.code === 'ENOENT' || error.code === 'ENOTDIR') {
+            return false;
+        }
+        throw error;
+    }
+}
+async function isFile(path) {
+    try {
+        const entry = await lstat(path);
+        return entry.isFile() && !entry.isSymbolicLink();
+    }
+    catch (error) {
+        if (error.code === 'ENOENT' || error.code === 'ENOTDIR') {
+            return false;
+        }
+        throw error;
+    }
+}
+async function listDirectoryNames(path) {
+    try {
+        const entries = await readdir(path, { withFileTypes: true });
+        const filtered = entries.filter((entry) => entry.isDirectory() && !entry.isSymbolicLink() && !entry.name.startsWith('.'));
+        return filtered.map((entry) => entry.name).sort();
+    }
+    catch (error) {
+        if (error.code === 'ENOENT' || error.code === 'ENOTDIR') {
+            return [];
+        }
+        throw error;
+    }
+}
+async function listMigrationFiles(modulePath, migrationFolder) {
+    const found = [];
+    const versionRoot = join(modulePath, migrationFolder);
+    if (!(await isDirectory(versionRoot))) {
+        return found;
+    }
+    const versions = await listDirectoryNames(versionRoot);
+    for (const version of versions) {
+        const versionPath = join(versionRoot, version);
+        if (!(await isDirectory(versionPath))) {
+            continue;
+        }
+        for (const file of versionedMigrationFiles) {
+            const path = join(versionPath, file);
+            if (await isFile(path)) {
+                found.push(path);
+            }
+        }
+    }
+    return found;
+}
+async function scanModule(modulePath) {
+    const found = [];
+    for (const folder of migrationFolders) {
+        found.push(...(await listMigrationFiles(modulePath, folder)));
+    }
+    const scriptsPath = join(modulePath, 'scripts');
+    if (!(await isDirectory(scriptsPath))) {
+        return found.sort();
+    }
+    for (const migrationScript of scriptMigrationFiles) {
+        const candidate = join(scriptsPath, migrationScript);
+        if (await isFile(candidate)) {
+            found.push(candidate);
+        }
+    }
+    return found;
+}
+export async function scanMigrationRisks(target) {
+    const root = resolve(target);
+    const foundPaths = [];
+    const srcRoot = join(root, ...sourceRepoBase);
+    for (const sourceType of sourceRepoTypes) {
+        const typeRoot = join(srcRoot, sourceType);
+        if (!(await isDirectory(typeRoot))) {
+            continue;
+        }
+        const repoNames = await listDirectoryNames(typeRoot);
+        for (const repoName of repoNames) {
+            const repoPath = join(typeRoot, repoName);
+            if (!(await isDirectory(repoPath))) {
+                continue;
+            }
+            const moduleNames = await listDirectoryNames(repoPath);
+            for (const moduleName of moduleNames) {
+                const modulePath = join(repoPath, moduleName);
+                const modulePaths = await scanModule(modulePath);
+                foundPaths.push(...modulePaths);
+            }
+        }
+    }
+    foundPaths.sort();
+    return {
+        foundPaths,
+        count: foundPaths.length,
+        risk: foundPaths.length > 0,
+    };
+}

package/dist/safe-reset.js

@@ -1,3 +1,5 @@
+import { execFileSync } from 'node:child_process';
+import { readFileSync } from 'node:fs';
 import { chmod, mkdir, readFile, stat, writeFile } from 'node:fs/promises';
 import { basename, join } from 'node:path';
 import { environmentMetadata, readEnvironmentMetadata } from './environment.js';
@@ -29,35 +31,258 @@ const safeResetProtectedGeneratedReadmes = new Set([
 function isProtectedGeneratedFile(filePath) {
     return safeResetProtectedGeneratedReadmes.has(filePath);
 }
-function mergeEnvironmentMetadata(target, options) {
+function mergeEnvironmentMetadataSync(target, options) {
     const generated = environmentMetadata(options);
-    return readFile(join(target, '.wpmoo/odoo.json'), 'utf8')
-        .then((content) => JSON.parse(content))
-        .then((existing) => {
+    try {
+        const existing = parseMetadataFromPath(target);
         if (!existing || typeof existing !== 'object' || Array.isArray(existing)) {
             return `${JSON.stringify(generated, null, 2)}\n`;
         }
         return `${JSON.stringify({ ...existing, ...generated, sourceRepos: generated.sourceRepos }, null, 2)}\n`;
+    }
+    catch {
+        return `${JSON.stringify(generated, null, 2)}\n`;
+    }
+}
+function parseMetadataFromPath(target) {
+    try {
+        const raw = readFileSync(join(target, '.wpmoo/odoo.json'), 'utf8');
+        const parsed = JSON.parse(raw);
+        if (!parsed || typeof parsed !== 'object' || Array.isArray(parsed)) {
+            return undefined;
+        }
+        return parsed;
+    }
+    catch {
+        return undefined;
+    }
+}
+function parseAddonsFile(target) {
+    try {
+        return readFileSync(join(target, 'odoo/custom/src/addons.yaml'), 'utf8');
+    }
+    catch {
+        return '';
+    }
+}
+function parseGitmodules(target) {
+    try {
+        const gitmodules = readFileSync(join(target, '.gitmodules'), 'utf8');
+        const sections = gitmodules.split(/\n(?=\[submodule )/);
+        return sections.flatMap((section) => {
+            const pathMatch = section.match(/^\s*path\s*=\s*odoo\/custom\/src\/(private|oca|external)\/([^\s]+)\s*$/m);
+            if (!pathMatch) {
+                return [];
+            }
+            const source = section.match(/^\s*url\s*=\s*(.+)\s*$/m)?.[1]?.trim();
+            if (!source) {
+                return [];
+            }
+            const sourceType = pathMatch[1];
+            return [{ path: pathMatch[2], sourceType, url: source }];
+        });
+    }
+    catch {
+        return [];
+    }
+}
+function inferOptionsForPreviewSync(target) {
+    const metadata = parseMetadataFromPath(target);
+    const addonsYaml = parseAddonsFile(target);
+    const gitmoduleSources = parseGitmodules(target);
+    const addonRepos = parseRepoPathsFromAddonsYaml(addonsYaml);
+    const sourceByKey = new Map();
+    const sourceReposFromMetadata = Array.isArray(metadata?.sourceRepos)
+        ? metadata.sourceRepos
+        : [];
+    for (const repo of sourceReposFromMetadata) {
+        if (!repo?.path || !isValidPathSegment(repo.path)) {
+            continue;
+        }
+        sourceByKey.set(`${repo.sourceType ?? 'private'}:${repo.path}`, {
+            sourceType: repo.sourceType ?? 'private',
+            path: validateRepoPath(repo.path),
+        });
+    }
+    for (const repo of gitmoduleSources) {
+        sourceByKey.set(`${repo.sourceType}:${repo.path}`, repo);
+    }
+    for (const repoPath of addonRepos) {
+        sourceByKey.set(`private:${repoPath}`, {
+            sourceType: 'private',
+            path: repoPath,
+        });
+    }
+    const sourceLocations = [...sourceByKey.values()].sort((left, right) => {
+        if (left.sourceType !== right.sourceType) {
+            return left.sourceType.localeCompare(right.sourceType);
+        }
+        return left.path.localeCompare(right.path);
+    });
+    const productFromMetadata = typeof metadata?.product === 'string' ? metadata.product : undefined;
+    const composeTemplateUrl = typeof metadata?.composeTemplateUrl === 'string' ? metadata.composeTemplateUrl : undefined;
+    const composeTemplateRef = typeof metadata?.composeTemplateRef === 'string' ? metadata.composeTemplateRef : undefined;
+    const agentSkillsTemplateUrl = typeof metadata?.agentSkillsTemplateUrl === 'string'
+        ? metadata.agentSkillsTemplateUrl
+        : undefined;
+    const agentSkillsTemplateRef = typeof metadata?.agentSkillsTemplateRef === 'string'
+        ? metadata.agentSkillsTemplateRef
+        : undefined;
+    const odooVersion = typeof metadata?.odooVersion === 'string' ? metadata.odooVersion : undefined;
+    const devRepo = typeof metadata?.devRepo === 'string' ? metadata.devRepo : undefined;
+    const devRepoUrl = typeof metadata?.devRepoUrl === 'string' ? metadata.devRepoUrl : undefined;
+    const postgresVersion = typeof metadata?.postgresVersion === 'string' ? metadata.postgresVersion : undefined;
+    const httpPort = typeof metadata?.httpPort === 'string' ? metadata.httpPort : undefined;
+    const geventPort = typeof metadata?.geventPort === 'string' ? metadata.geventPort : undefined;
+    const product = productFromMetadata && isValidPathSegment(productFromMetadata) ? productFromMetadata
+        : sourceLocations[0]?.path ?? titleFromTarget(target);
+    return {
+        product,
+        odooVersion: odooVersion ?? '19.0',
+        devRepo: devRepo ?? basename(target),
+        devRepoUrl: devRepoUrl ?? target,
+        sourceRepos: sourceLocations.map(({ sourceType, path }) => {
+            const metadataMatch = sourceReposFromMetadata.find((repo) => isValidPathSegment(repo.path ?? '') && validateRepoPath(repo.path ?? '') === path && (repo.sourceType ?? 'private') === sourceType);
+            const gitmoduleMatch = gitmoduleSources.find((repo) => repo.path === path && repo.sourceType === sourceType);
+            return {
+                sourceType,
+                path,
+                url: metadataMatch?.url?.trim() ||
+                    gitmoduleMatch?.url ||
+                    readSubmoduleUrlFromPath(target, path, sourceType),
+                addons: parseAddonsForRepo(addonsYaml, path),
+            };
+        }),
+        engine: 'compose',
+        composeTemplateUrl,
+        composeTemplateRef,
+        agentSkillsTemplateUrl,
+        agentSkillsTemplateRef,
+        postgresVersion,
+        httpPort,
+        geventPort,
+        target,
+        dryRun: false,
+        initEmptyRepos: false,
+        stage: false,
+        skipSubmodules: true,
+    };
+}
+function readSubmoduleUrlFromPath(target, repoPath, sourceType) {
+    try {
+        const gitmodules = readFileSync(join(target, '.gitmodules'), 'utf8');
+        const escapedPath = `odoo/custom/src/${sourceType}/${repoPath}`;
+        const sections = gitmodules.split(/\n(?=\[submodule )/);
+        const section = sections.find((value) => value.includes(`path = ${escapedPath}`));
+        const url = section?.match(/^\s*url\s*=\s*(.+)$/m)?.[1]?.trim();
+        return url || `odoo/custom/src/${sourceType}/${repoPath}`;
+    }
+    catch {
+        return `odoo/custom/src/${sourceType}/${repoPath}`;
+    }
+}
+function safeResetTargetFileDiffs(scaffoldOptions, target) {
+    const files = generatedFiles(scaffoldOptions);
+    const candidates = [
+        ...files,
+        { path: '.env.example', content: renderComposeEnvExample(scaffoldOptions) },
+        { path: '.wpmoo/odoo.json', content: mergeEnvironmentMetadataSync(target, scaffoldOptions) },
+    ];
+    const changedPaths = candidates
+        .filter((file) => {
+        if (file.path === 'odoo/custom/src/addons.yaml' || isProtectedGeneratedFile(file.path)) {
+            return false;
+        }
+        const existing = readTextForPreview(target, file.path);
+        if (existing === undefined) {
+            return true;
+        }
+        return existing !== file.content;
     })
-        .catch(() => `${JSON.stringify(generated, null, 2)}\n`);
+        .map((file) => file.path);
+    return [...new Set(changedPaths)].sort();
+}
+function buildSafeResetSourceRepoLines(sourceRepos) {
+    const lines = [...new Set(sourceRepos.map((repo) => `${repo.sourceType ?? 'private'}/${repo.path}`))].sort();
+    if (lines.length === 0) {
+        return ['- (none detected)'];
+    }
+    return lines.map((repo) => `- ${repo}`);
+}
+function detectDirtyGeneratedFiles(target, candidatePaths) {
+    try {
+        const status = execFileSync('git', ['status', '--porcelain'], {
+            cwd: target,
+            encoding: 'utf8',
+            stdio: ['ignore', 'pipe', 'ignore'],
+        });
+        if (!status.trim()) {
+            return [];
+        }
+        const dirty = new Set();
+        const trackedCandidates = [...candidatePaths];
+        for (const entry of status.split(/\r?\n/)) {
+            if (!entry.trim()) {
+                continue;
+            }
+            const pathSection = entry.slice(3).trim();
+            const normalized = pathSection.includes(' -> ') ? pathSection.split(' -> ')[1] ?? '' : pathSection;
+            if (!normalized) {
+                continue;
+            }
+            if (trackedCandidates.some((candidate) => normalized === candidate || normalized.startsWith(`${candidate}/`))) {
+                dirty.add(normalized);
+            }
+        }
+        return [...dirty].sort();
+    }
+    catch {
+        return [];
+    }
+}
+function describeDirtyWarning(target, candidatePaths) {
+    const dirtyFiles = detectDirtyGeneratedFiles(target, candidatePaths);
+    if (dirtyFiles.length === 0) {
+        return [];
+    }
+    return [
+        'Warning: the following generated files are dirty and may be overwritten by safe reset:',
+        ...dirtyFiles.map((path) => `- ${path}`),
+    ];
+}
+function readTextForPreview(target, path) {
+    try {
+        return readFileSync(join(target, path), 'utf8');
+    }
+    catch {
+        return undefined;
+    }
 }
 export function renderSafeResetPreview(target, stage) {
+    const options = inferOptionsForPreviewSync(target);
+    const externalAssets = safeResetExternalAssetOptions(options);
+    const changedPaths = safeResetTargetFileDiffs(options, target);
+    const externalAssetLines = [];
+    if (externalAssets.some((asset) => asset.label === 'compose')) {
+        externalAssetLines.push('- External compose template assets');
+    }
+    if (externalAssets.some((asset) => asset.label === 'agent-skills')) {
+        externalAssetLines.push('- External agent skill assets when configured');
+    }
+    const generatedSection = changedPaths.length
+        ? ['Generated files that would change:', ...changedPaths.map((file) => `- ${file}`)]
+        : ['Generated files that would change:', '- No generated files differ from the rendered safe-reset output.'];
     return [
-        'Safe reset will refresh generated WPMoo environment files.',
+        'Safe reset preview (dry-run): generated WPMoo files and source repo protections are listed.',
         '',
         'Target:',
         target,
         '',
-        'Will update:',
-        '- .wpmoo/odoo.json',
-        '- moo',
-        '- .gitignore',
-        '- .env.example',
-        '- README.md',
-        '- AGENTS.md',
-        '- docs/appstore-release.md',
-        '- External compose template assets',
-        '- External agent skill assets when configured',
+        ...generatedSection,
+        ...externalAssetLines,
+        '',
+        'Source repositories that will remain untouched:',
+        ...buildSafeResetSourceRepoLines(options.sourceRepos),
         '',
         'Will not touch:',
         '- source repo folders under odoo/custom/src/private',
@@ -67,6 +292,8 @@ export function renderSafeResetPreview(target, stage) {
         '- custom source layout directories (oca, external, patches, manifests)',
         '- Legacy compose template files may remain until manually removed: docs/assets/, test/, .github/',
         '',
+        ...describeDirtyWarning(target, changedPaths),
+        '',
         'Preview-only output; files are not changed until reset is executed.',
         '',
         stage ? 'Generated changes will be staged with git add .' : 'Generated changes will not be staged.',
@@ -209,7 +436,7 @@ export async function safeResetEnvironment(options, git = realGit) {
     for (const assetOptions of externalAssets) {
         await applyExternalAsset(assetOptions, git);
     }
-    await writeTextFile(join(options.target, '.wpmoo/odoo.json'), await mergeEnvironmentMetadata(options.target, scaffoldOptions));
+    await writeTextFile(join(options.target, '.wpmoo/odoo.json'), mergeEnvironmentMetadataSync(options.target, scaffoldOptions));
     await writeTextFile(join(options.target, '.env.example'), renderComposeEnvExample(scaffoldOptions));
     if (options.stage) {
         await stageAll(git, options.target);

package/dist/scaffold.js

@@ -4,7 +4,7 @@ import { applyExternalAsset, renderExternalAssetCommand, writeTextFile } from '.
 import { markerPath, renderEnvironmentMetadata } from './environment.js';
 import { plannedExternalAssetOptions, renderComposeEnvExample } from './external-templates.js';
 import { cloneRepository, ensureSubmodule, ensureRemoteHasBranch, realGit, stageAll, syncSubmodules, } from './git.js';
-import { renderAgents, renderAppstoreRelease, renderGitignore, renderMooDelegationScript, renderPlaceholder, renderReadme, renderStatusScript, } from './templates.js';
+import { renderAgents, renderAppstoreRelease, renderDoctorScript, renderGitignore, renderMooDelegationScript, renderPlaceholder, renderReadme, renderStatusScript, } from './templates.js';
 import { validateAddonName, validateRepoPath } from './path-validation.js';
 import { renderSourceManifest, sourceManifestEntriesFromMetadata } from './source-manifest.js';
 function validateSourceRepo(repo) {
@@ -58,6 +58,7 @@ export function generatedFiles(options) {
         { path: markerPath, content: renderEnvironmentMetadata(safeOptions) },
         { path: 'moo', content: renderMooDelegationScript(), mode: 0o755 },
         { path: 'scripts/status.sh', content: renderStatusScript(), mode: 0o755 },
+        { path: 'scripts/doctor.sh', content: renderDoctorScript(), mode: 0o755 },
         { path: '.gitignore', content: renderGitignore() },
         { path: 'README.md', content: renderReadme(safeOptions) },
         { path: 'AGENTS.md', content: renderAgents(safeOptions) },