agentic-sdlc-wizard 1.46.1 → 1.47.0

package/.claude-plugin/marketplace.json

@@ -13,7 +13,7 @@
       "name": "sdlc-wizard",
       "source": ".",
       "description": "SDLC enforcement for AI agents — TDD, planning, self-review, CI shepherd",
-      "version": "1.46.1",
+      "version": "1.47.0",
       "author": {
         "name": "Stefan Ayala"
       },

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "sdlc-wizard",
-  "version": "1.46.1",
+  "version": "1.47.0",
   "description": "SDLC enforcement for AI agents — TDD, planning, self-review, CI shepherd",
   "author": {
     "name": "Stefan Ayala",

package/CHANGELOG.md

@@ -4,6 +4,29 @@ All notable changes to the SDLC Wizard.
 
 > **Note:** This changelog is for humans to read. Don't manually apply these changes - just run the wizard ("Check for SDLC wizard updates") and it handles everything automatically.
 
+## [1.47.0] - 2026-04-27
+
+### Added
+
+- **Codex review progress wrapper** (closes #259). Consumer reported `codex exec` running opaquely during 1-5 minute xhigh reviews — no signal whether Codex is "still thinking" or "crashed silently". New `scripts/codex-review-with-progress.sh` backgrounds `codex exec` with the same default flags (`xhigh`, `danger-full-access`, `-o`) and emits a heartbeat to stderr every N seconds (`SDLC_CODEX_HEARTBEAT_INTERVAL`, default 10s):
+  ```
+  [codex 0m10s elapsed, 0 bytes written to .reviews/latest-review.md] still running...
+  [codex 0m20s elapsed, 1342 bytes written to .reviews/latest-review.md] still running...
+  [codex finished in 47s with rc=0]
+  ```
+  - **Signal-safe**: uses interruptible `sleep & wait` pattern (plain `sleep` blocks bash signal delivery for up to INTERVAL seconds). SIGTERM/INT/HUP propagates to the child codex within ~1s via TERM-then-KILL cleanup. No orphan codex processes after wrapper kill.
+  - **Preflight binary check**: missing/typoed `codex` binary exits 127 with a clear error before backgrounding anything.
+  - **No spurious heartbeats**: loop rechecks liveness after each sleep, so a fast-exiting codex doesn't print one final "still running..." after it has already finished.
+  - 11 quality tests (`tests/test-codex-progress-wrapper.sh`) using a stub codex binary — no real OpenAI tokens burned. Codex round 3 CERTIFIED 10/10 (rounds 1-2 surfaced subprocess management bugs: missing trap cleanup, sleep blocking signal delivery, missing-binary not exiting 127 — all fixed with regression tests).
+- `skills/sdlc/SKILL.md` Step 2 documents the wrapper as the recommended invocation for long reviews, alongside the bare `codex exec` form.
+
+### Files
+
+- `scripts/codex-review-with-progress.sh` (new, ~80 lines)
+- `tests/test-codex-progress-wrapper.sh` (new, 11 tests)
+- `.github/workflows/ci.yml` — wires the new test step
+- `skills/sdlc/SKILL.md` — Step 2 documents the wrapper
+
 ## [1.46.1] - 2026-04-27
 
 ### Fixed

package/CLAUDE_CODE_SDLC_WIZARD.md

@@ -2967,7 +2967,7 @@ If deployment fails or post-deploy verification catches issues:
 
 **SDLC.md:**
 ```markdown
-<!-- SDLC Wizard Version: 1.46.1 -->
+<!-- SDLC Wizard Version: 1.47.0 -->
 <!-- Setup Date: [DATE] -->
 <!-- Completed Steps: step-0.1, step-0.2, step-0.4, step-1, step-2, step-3, step-4, step-5, step-6, step-7, step-8, step-9 -->
 <!-- Git Workflow: [PRs or Solo] -->
@@ -4032,7 +4032,7 @@ Walk through updates? (y/n)
 Store wizard state in `SDLC.md` as metadata comments (invisible to readers, parseable by Claude):
 
 ```markdown
-<!-- SDLC Wizard Version: 1.46.1 -->
+<!-- SDLC Wizard Version: 1.47.0 -->
 <!-- Setup Date: 2026-01-24 -->
 <!-- Completed Steps: step-0.1, step-0.2, step-1, step-2, step-3, step-4, step-5, step-6, step-7, step-8, step-9 -->
 <!-- Git Workflow: PRs -->

package/README.md

@@ -45,7 +45,7 @@ npm install -g agentic-sdlc-wizard
 sdlc-wizard init
 ```
 
-**Manual:** Download `CLAUDE_CODE_SDLC_WIZARD.md` to your project and tell Claude `Run the SDLC wizard setup`.
+**Manual (advanced — escape hatch only):** Download `CLAUDE_CODE_SDLC_WIZARD.md` to your project and tell Claude `Run the SDLC wizard setup`. This skips the live-session auto-invoke and is only intended for environments where `npx`, `curl`, `brew`, and `gh` are all unavailable. The default human path is `npx init` → restart CC → first-prompt auto-setup, not this manual flow.
 </details>
 
 <details>

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agentic-sdlc-wizard",
-  "version": "1.46.1",
+  "version": "1.47.0",
   "description": "SDLC enforcement for Claude Code — hooks, skills, and wizard setup in one command",
   "bin": {
     "sdlc-wizard": "cli/bin/sdlc-wizard.js"

package/skills/sdlc/SKILL.md

@@ -299,6 +299,24 @@ codex exec \
 
 **Always use `xhigh` reasoning effort.** Lower settings miss subtle errors (wrong-generation references, stale pricing, cross-file inconsistencies).
 
+**Progress visibility (#259):** Reviews at `xhigh` routinely take 1-5 minutes. Without a heartbeat the user can't distinguish "still thinking" from "crashed silently". For long reviews, swap the bare invocation for `scripts/codex-review-with-progress.sh`:
+
+```bash
+scripts/codex-review-with-progress.sh \
+  .reviews/latest-review.md \
+  "You are an independent code reviewer ..."
+```
+
+The wrapper passes the same default flags (`xhigh`, `danger-full-access`, `-o`) and emits a heartbeat to stderr every 10s (`SDLC_CODEX_HEARTBEAT_INTERVAL` to tune):
+
+```
+[codex 0m10s elapsed, 0 bytes written to .reviews/latest-review.md] still running...
+[codex 0m20s elapsed, 1342 bytes written to .reviews/latest-review.md] still running...
+[codex finished in 47s with rc=0]
+```
+
+The output file growth is the closest signal to "Codex is producing tokens". Empty + long elapsed = stuck; growing = working.
+
 **Sandbox note:** Codex's Rust binary requires access to macOS system configuration APIs (`SCDynamicStore`) during sandbox initialization. Claude Code's sandbox blocks this access, causing `codex exec` to crash with `system-configuration panicked: Attempted to create a NULL object`. When running `codex exec` from within Claude Code, you MUST use `dangerouslyDisableSandbox: true` on the Bash tool call. This is safe — Codex has its own sandbox (`-s danger-full-access` is already specified), and the CC sandbox bypass only affects the Codex process. This is a known Codex issue ([#15640](https://github.com/openai/codex/issues/15640)).
 
 If CERTIFIED → proceed to CI. If NOT CERTIFIED → go to dialogue loop.

package/skills/update/SKILL.md

@@ -131,9 +131,10 @@ Parse all CHANGELOG entries between the user's installed version and the latest.
 
 ```
 Installed: 1.24.0
-Latest:    1.46.1
+Latest:    1.47.0
 
 What changed:
+- [1.47.0] Codex review progress wrapper — closes #259. New `scripts/codex-review-with-progress.sh` wraps `codex exec` with a heartbeat (every 10s by default) showing elapsed time + output file growth. Distinguishes "still thinking" from "crashed silently" during long xhigh reviews. Signal-safe: SIGTERM/INT/HUP cleanly kills the child codex within ~1s (uses interruptible `sleep & wait` pattern instead of plain `sleep`); preflight check on the binary so missing `codex` exits 127 with a clear error; loop rechecks liveness after sleep so a fast-exit codex doesn't print spurious heartbeats. 11 quality tests using a stub codex (no real API calls). Codex round 3 CERTIFIED 10/10.
 - [1.46.1] `npx check` surfaces dangling+enabled plugin state — closes #266. Consumer disabled the wizard plugin via directory rename without flipping `enabledPlugins[sdlc-wizard@sdlc-wizard-local]` in `~/.claude/settings.json`. CC's plugin loader tried to resolve the missing path and crashed UserPromptSubmit on every prompt for **3 days** before the consumer noticed. The wizard's `check` subcommand now cross-references `enabledPlugins` against DANGLING marketplace paths: when both hold (path missing AND plugin enabled), prints a loud `CRASH RISK` block with the exact remediation (flip the boolean to false OR run `/plugin uninstall`). 3 new tests, Codex round 1 CERTIFIED 10/10.
 - [1.46.0] PreCompact dry-run env vars — closes #240. Smoke-testing PreCompact previously required cp'ing real `.reviews/handoff.json` and `.git/` aside, fabricating fake state, restoring — error-prone (consumer clobbered real handoff.json mid-test). Two new env vars: `SDLC_DRY_RUN_HANDOFF_STATUS=PENDING_RECHECK|CERTIFIED|...` simulates handoff status (overrides the real file read); `SDLC_DRY_RUN_GIT_STATE=rebase|merge|cherry-pick` simulates an in-flight git op (no real .git/ needed). Empty/unset → real-state checks (no behavior change). Unknown values (typos) → fall back to real check, NOT silent bypass — Codex round 1 caught the bypass risk and we fixed it with a DRY_RUN_GIT_HANDLED flag. 7 new test-hooks tests. Codex round 2 CERTIFIED 10/10.
 - [1.45.0] PreCompact path (c) — SHA-ancestry self-heal — closes #257. Solo-developer pattern: write fixes, commit them, run targeted Codex recheck, see CERTIFIED in `.reviews/latest-review.md`, ship the feature. Forgetting to bump `handoff.json status` from `PENDING_RECHECK` → `CERTIFIED` is realistic — the file is buried and the visible signals (commits + review file) already say "done". PreCompact hook now self-heals silently when: (a) handoff is `PENDING_*` with no `pr_number`, (b) every SHA cited in `fixes_applied[]` is reachable from HEAD via `git merge-base --is-ancestor`, AND (c) `.reviews/latest-review.md` contains CERTIFIED without `NOT CERTIFIED`. Bracket extraction is escape-aware (depth counter + JSON `\\\"` handling) so `]` inside string literals doesn't terminate the array early. UUIDs (8-4-4-4-12 hex) stripped before SHA extraction so ticket IDs in fixes_applied don't false-block the heal. 9 new tests, Codex round 3 CERTIFIED 10/10.