agileflow 2.90.7 → 2.92.0

package/tools/cli/commands/setup.js

@@ -7,6 +7,7 @@
 
 const chalk = require('chalk');
 const path = require('node:path');
+const fs = require('node:fs');
 const { spawnSync } = require('node:child_process');
 const semver = require('semver');
 const { Installer } = require('../installers/core/installer');
@@ -90,6 +91,7 @@ module.exports = {
           agileflowFolder: '.agileflow',
           docsFolder: 'docs',
           updateGitignore: true,
+          claudeMdReinforcement: true,
         };
       } else {
         // Interactive prompts
@@ -110,6 +112,16 @@ module.exports = {
       success(`Installed ${coreResult.counts.commands} commands`);
       success(`Installed ${coreResult.counts.skills} skills`);
 
+      // Report shell alias setup
+      if (coreResult.shellAliases) {
+        if (coreResult.shellAliases.configured.length > 0) {
+          success(`Added 'af' alias to: ${coreResult.shellAliases.configured.join(', ')}`);
+        }
+        if (coreResult.shellAliases.skipped.length > 0) {
+          info(`Shell aliases skipped: ${coreResult.shellAliases.skipped.join(', ')}`);
+        }
+      }
+
       // Setup IDE configurations
       displaySection('Configuring IDEs');
 
@@ -133,6 +145,73 @@ module.exports = {
         }
       }
 
+      // CLAUDE.md reinforcement for /babysit AskUserQuestion rules
+      if (config.claudeMdReinforcement) {
+        const claudeMdPath = path.join(config.directory, 'CLAUDE.md');
+        const claudeMdMarker = '<!-- AGILEFLOW_BABYSIT_RULES -->';
+        const claudeMdContent = `
+
+${claudeMdMarker}
+## AgileFlow /babysit Context Preservation Rules
+
+When \`/agileflow:babysit\` is active (check session-state.json), these rules are MANDATORY:
+
+1. **ALWAYS end responses with the AskUserQuestion tool** - Not text like "What next?" but the ACTUAL TOOL CALL
+2. **Use Plan Mode for non-trivial tasks** - Call \`EnterPlanMode\` before complex implementations
+3. **Delegate complex work to domain experts** - Use \`Task\` tool with appropriate \`subagent_type\`
+4. **Track progress with TodoWrite** - For any task with 3+ steps
+
+These rules persist across conversation compaction. Check \`docs/09-agents/session-state.json\` for active commands.
+${claudeMdMarker}
+`;
+
+        try {
+          let existingContent = '';
+          if (fs.existsSync(claudeMdPath)) {
+            existingContent = fs.readFileSync(claudeMdPath, 'utf8');
+          }
+
+          // Only append if marker doesn't exist
+          if (!existingContent.includes(claudeMdMarker)) {
+            fs.appendFileSync(claudeMdPath, claudeMdContent);
+            success('Added /babysit rules to CLAUDE.md');
+          } else {
+            info('CLAUDE.md already has /babysit rules');
+          }
+        } catch (err) {
+          warning(`Could not update CLAUDE.md: ${err.message}`);
+        }
+      }
+
+      // Update metadata with config tracking
+      try {
+        const metadataPath = path.join(config.directory, config.docsFolder, '00-meta', 'agileflow-metadata.json');
+        if (fs.existsSync(metadataPath)) {
+          const metadata = JSON.parse(fs.readFileSync(metadataPath, 'utf8'));
+          const packageJson = require(path.join(__dirname, '..', '..', '..', 'package.json'));
+
+          // Track config schema version and profile
+          metadata.config_schema_version = packageJson.version;
+          metadata.active_profile = options.yes ? 'default' : null; // null = custom
+
+          // Track config options that were configured
+          if (!metadata.agileflow) metadata.agileflow = {};
+          if (!metadata.agileflow.config_options) metadata.agileflow.config_options = {};
+
+          metadata.agileflow.config_options.claudeMdReinforcement = {
+            available_since: '2.92.0',
+            configured: true,
+            enabled: config.claudeMdReinforcement,
+            configured_at: new Date().toISOString(),
+            description: 'Add /babysit AskUserQuestion rules to CLAUDE.md',
+          };
+
+          fs.writeFileSync(metadataPath, JSON.stringify(metadata, null, 2) + '\n');
+        }
+      } catch (err) {
+        // Silently fail - metadata tracking is non-critical
+      }
+
       // Final summary
       console.log(chalk.green('\n✨ Setup complete!\n'));
 
@@ -141,6 +220,13 @@ module.exports = {
       info(`Run 'npx agileflow status' to check setup`);
       info(`Run 'npx agileflow update' to get updates`);
 
+      // Shell alias reload reminder
+      if (coreResult.shellAliases?.configured?.length > 0) {
+        console.log(chalk.bold('\nShell aliases:'));
+        info(`Reload shell to use: ${chalk.cyan('source ~/.bashrc')} or ${chalk.cyan('source ~/.zshrc')}`);
+        info(`Then run ${chalk.cyan('af')} to start Claude in tmux (or ${chalk.cyan('claude')} for normal)`);
+      }
+
       console.log(chalk.dim(`\nInstalled to: ${coreResult.path}\n`));
 
       process.exit(0);

package/tools/cli/installers/core/installer.js

@@ -164,6 +164,10 @@ class Installer {
       spinner.text = 'Installing changelog...';
       await this.installChangelog(agileflowDir, { force: effectiveForce });
 
+      // Set up shell aliases for claude command
+      spinner.text = 'Setting up shell aliases...';
+      const aliasResult = await this.setupShellAliases(directory, { force: effectiveForce });
+
       // Create config.yaml
       spinner.text = 'Creating configuration...';
       await this.createConfig(agileflowDir, userName, agileflowFolder, { force: effectiveForce });
@@ -191,6 +195,7 @@ class Installer {
         projectDir: directory,
         counts,
         fileOps,
+        shellAliases: aliasResult,
       };
     } catch (error) {
       spinner.fail('Installation failed');
@@ -813,6 +818,95 @@ class Installer {
     }
   }
 
+  /**
+   * Set up shell aliases for the claude command
+   * Adds aliases to ~/.bashrc and/or ~/.zshrc so 'claude' auto-spawns tmux
+   * @param {string} directory - Project directory (used for relative path in alias)
+   * @param {Object} options - Setup options
+   * @param {boolean} options.force - Overwrite existing aliases
+   * @returns {Promise<Object>} Result with shells configured
+   */
+  async setupShellAliases(directory, options = {}) {
+    const os = require('os');
+    const result = {
+      configured: [],
+      skipped: [],
+      error: null,
+    };
+
+    // Only set up aliases on Unix-like systems
+    if (process.platform === 'win32') {
+      result.skipped.push('Windows (not supported)');
+      return result;
+    }
+
+    const homeDir = os.homedir();
+    const aliasBlock = `
+# AgileFlow tmux wrapper
+# Use 'af' or 'agileflow' for tmux, 'claude' stays normal
+alias af="bash .agileflow/scripts/af"
+alias agileflow="bash .agileflow/scripts/af"
+`;
+
+    const marker = '# AgileFlow tmux wrapper';
+    const rcFiles = [
+      { name: 'bash', path: path.join(homeDir, '.bashrc') },
+      { name: 'zsh', path: path.join(homeDir, '.zshrc') },
+    ];
+
+    for (const rc of rcFiles) {
+      try {
+        // Check if RC file exists
+        if (!(await fs.pathExists(rc.path))) {
+          result.skipped.push(`${rc.name} (no ${path.basename(rc.path)})`);
+          continue;
+        }
+
+        const content = await fs.readFile(rc.path, 'utf8');
+
+        // Check if aliases already exist
+        if (content.includes(marker)) {
+          if (options.force) {
+            // Remove existing block and re-add
+            const lines = content.split('\n');
+            const filteredLines = [];
+            let inBlock = false;
+
+            for (const line of lines) {
+              if (line.includes(marker)) {
+                inBlock = true;
+                continue;
+              }
+              if (inBlock && line.startsWith('alias ')) {
+                continue;
+              }
+              if (inBlock && line.trim() === '') {
+                inBlock = false;
+                continue;
+              }
+              inBlock = false;
+              filteredLines.push(line);
+            }
+
+            await fs.writeFile(rc.path, filteredLines.join('\n') + aliasBlock, 'utf8');
+            result.configured.push(rc.name);
+          } else {
+            result.skipped.push(`${rc.name} (already configured)`);
+          }
+          continue;
+        }
+
+        // Append aliases to RC file
+        await fs.appendFile(rc.path, aliasBlock);
+        result.configured.push(rc.name);
+      } catch (err) {
+        result.skipped.push(`${rc.name} (error: ${err.message})`);
+      }
+    }
+
+    return result;
+  }
+
   /**
    * Get installation status
    * @param {string} directory - Project directory

package/tools/cli/installers/ide/_base-ide.js

@@ -15,6 +15,11 @@ const {
   ContentInjectionError,
   withPermissionHandling,
 } = require('../../lib/ide-errors');
+const {
+  replaceReferences,
+  createDocsReplacements,
+  injectContent: injectDynamicContentHelper,
+} = require('../../lib/content-transformer');
 
 /**
  * Base class for IDE-specific setup
@@ -48,6 +53,7 @@ class BaseIdeSetup {
 
   /**
    * Replace docs/ references in content with custom folder name
+   * Uses content-transformer module for consistent replacements
    * @param {string} content - File content
    * @returns {string} Updated content
    */
@@ -56,28 +62,31 @@ class BaseIdeSetup {
       return content; // No replacement needed
     }
 
-    // Replace all variations of docs/ references
-    return content
-      .replace(/docs\//g, `${this.docsFolder}/`)
-      .replace(/`docs\//g, `\`${this.docsFolder}/`)
-      .replace(/"docs\//g, `"${this.docsFolder}/`)
-      .replace(/'docs\//g, `'${this.docsFolder}/`)
-      .replace(/\(docs\//g, `(${this.docsFolder}/`)
-      .replace(/docs\/\)/g, `${this.docsFolder}/)`)
-      .replace(/\bdocs\b(?!\.)/g, this.docsFolder); // Replace standalone "docs" word
+    // Use content-transformer for standard replacements
+    let result = replaceReferences(content, createDocsReplacements(this.docsFolder));
+
+    // Additional patterns not covered by standard replacements
+    result = replaceReferences(result, {
+      'docs/)': `${this.docsFolder}/)`,
+    });
+
+    // Replace standalone "docs" word (not followed by .)
+    result = result.replace(/\bdocs\b(?!\.)/g, this.docsFolder);
+
+    return result;
   }
 
   /**
    * Inject dynamic content into template (agent lists, command lists)
+   * Uses content-transformer module for consistent injection
    * @param {string} content - Template file content
    * @param {string} agileflowDir - AgileFlow installation directory
    * @returns {string} Content with placeholders replaced
    */
   injectDynamicContent(content, agileflowDir) {
-    const { injectContent } = require('../../lib/content-injector');
     // agileflowDir is the user's .agileflow installation directory
     // which has agents/, commands/, skills/ at the root level
-    return injectContent(content, {
+    return injectDynamicContentHelper(content, {
       coreDir: agileflowDir,
       agileflowFolder: this.agileflowFolder,
       version: this.getVersion(),

package/tools/cli/installers/ide/codex.js

@@ -14,9 +14,14 @@ const path = require('node:path');
 const os = require('node:os');
 const fs = require('fs-extra');
 const chalk = require('chalk');
-const { safeLoad, yaml } = require('../../../../lib/yaml-utils');
+const { yaml } = require('../../../../lib/yaml-utils');
 const { BaseIdeSetup } = require('./_base-ide');
-const { parseFrontmatter } = require('../../../../scripts/lib/frontmatter-parser');
+const {
+  getFrontmatter,
+  stripFrontmatter,
+  replaceReferences,
+  IDE_REPLACEMENTS,
+} = require('../../lib/content-transformer');
 
 /**
  * OpenAI Codex CLI setup handler
@@ -55,24 +60,15 @@ class CodexSetup extends BaseIdeSetup {
 
   /**
    * Convert an AgileFlow agent markdown file to Codex SKILL.md format
+   * Uses content-transformer module for consistent transformations
    * @param {string} content - Original agent markdown content
    * @param {string} agentName - Agent name (e.g., 'database')
    * @returns {string} Codex SKILL.md content
    */
   convertAgentToSkill(content, agentName) {
-    // Extract frontmatter using shared parser
-    let description = `AgileFlow ${agentName} agent`;
-    let model = 'default';
-
-    const frontmatter = parseFrontmatter(content);
-    if (frontmatter && Object.keys(frontmatter).length > 0) {
-      if (frontmatter.description) {
-        description = frontmatter.description;
-      }
-      if (frontmatter.model) {
-        model = frontmatter.model;
-      }
-    }
+    // Extract frontmatter using content-transformer
+    const frontmatter = getFrontmatter(content);
+    const description = frontmatter.description || `AgileFlow ${agentName} agent`;
 
     // Create SKILL.md with YAML frontmatter
     const skillFrontmatter = yaml
@@ -83,8 +79,8 @@ class CodexSetup extends BaseIdeSetup {
       })
       .trim();
 
-    // Remove original frontmatter from content
-    let bodyContent = content.replace(/^---\n[\s\S]*?\n---\n*/, '');
+    // Remove original frontmatter from content using content-transformer
+    let bodyContent = stripFrontmatter(content);
 
     // Add Codex-specific header
     const codexHeader = `# AgileFlow: ${agentName.charAt(0).toUpperCase() + agentName.slice(1)} Agent
@@ -93,12 +89,8 @@ class CodexSetup extends BaseIdeSetup {
 
 `;
 
-    // Replace Claude-specific references
-    bodyContent = bodyContent
-      .replace(/Claude Code/gi, 'Codex CLI')
-      .replace(/CLAUDE\.md/g, 'AGENTS.md')
-      .replace(/\.claude\//g, '.codex/')
-      .replace(/Task tool/gi, 'skill invocation');
+    // Replace Claude-specific references using content-transformer
+    bodyContent = replaceReferences(bodyContent, IDE_REPLACEMENTS.codex);
 
     return `---
 ${skillFrontmatter}
@@ -109,35 +101,25 @@ ${codexHeader}${bodyContent}`;
 
   /**
    * Convert an AgileFlow command markdown file to Codex prompt format
+   * Uses content-transformer module for consistent transformations
    * @param {string} content - Original command markdown content
    * @param {string} commandName - Command name (e.g., 'board')
    * @returns {string} Codex prompt content
    */
   convertCommandToPrompt(content, commandName) {
-    // Extract description from frontmatter if present
-    let description = `AgileFlow ${commandName} command`;
-
-    const frontmatterMatch = content.match(/^---\n([\s\S]*?)\n---/);
-    if (frontmatterMatch) {
-      try {
-        const frontmatter = safeLoad(frontmatterMatch[1]);
-        if (frontmatter.description) {
-          description = frontmatter.description;
-        }
-      } catch (e) {
-        // Ignore YAML parse errors
-      }
-    }
-
-    // Remove original frontmatter from content
-    let bodyContent = content.replace(/^---\n[\s\S]*?\n---\n*/, '');
-
-    // Replace Claude-specific references
-    bodyContent = bodyContent
-      .replace(/Claude Code/gi, 'Codex CLI')
-      .replace(/CLAUDE\.md/g, 'AGENTS.md')
-      .replace(/\.claude\//g, '.codex/')
-      .replace(/\/agileflow:/g, '$agileflow-');
+    // Extract description from frontmatter using content-transformer
+    const frontmatter = getFrontmatter(content);
+    const description = frontmatter.description || `AgileFlow ${commandName} command`;
+
+    // Remove original frontmatter from content using content-transformer
+    let bodyContent = stripFrontmatter(content);
+
+    // Replace Claude-specific references using content-transformer
+    // Use codex replacements plus command-specific pattern
+    bodyContent = replaceReferences(bodyContent, {
+      ...IDE_REPLACEMENTS.codex,
+      '/agileflow:': '$agileflow-',
+    });
 
     // Add Codex prompt header
     const header = `# AgileFlow: ${commandName}

package/tools/cli/lib/config-manager.js

@@ -13,6 +13,7 @@
 const path = require('path');
 const fs = require('fs-extra');
 const { safeLoad, safeDump } = require('../../../lib/yaml-utils');
+const { hasUnsafePathPatterns } = require('../../../lib/validate-paths');
 
 /**
  * Configuration schema definition
@@ -50,13 +51,27 @@ const CONFIG_SCHEMA = {
     type: 'string',
     default: '.agileflow',
     required: true,
-    validate: v => typeof v === 'string' && v.length > 0 && !v.includes('..'),
+    // Security: Use proper path validation instead of simple string check
+    validate: v => {
+      if (typeof v !== 'string' || v.length === 0) return false;
+      // Must be a relative path without unsafe patterns
+      if (path.isAbsolute(v)) return false;
+      const check = hasUnsafePathPatterns(v);
+      return check.safe;
+    },
   },
   docsFolder: {
     type: 'string',
     default: 'docs',
     required: true,
-    validate: v => typeof v === 'string' && v.length > 0 && !v.includes('..'),
+    // Security: Use proper path validation instead of simple string check
+    validate: v => {
+      if (typeof v !== 'string' || v.length === 0) return false;
+      // Must be a relative path without unsafe patterns
+      if (path.isAbsolute(v)) return false;
+      const check = hasUnsafePathPatterns(v);
+      return check.safe;
+    },
   },
   installedAt: {
     type: 'string',