claude-code-orchestrator-kit 1.0.0 → 1.2.0

package/.claude/agents/health/workers/dependency-auditor.md

@@ -72,7 +72,36 @@ When invoked, you must follow these steps systematically:
    ```bash
    pnpm outdated --json || npm outdated --json
    ```
-6. Categorize by update type:
+
+6. **CRITICAL: Filter Unstable Versions**
+
+   The `outdated` command shows the "latest" tag from npm, which may include unstable pre-release versions. You MUST filter these out:
+
+   **Unstable version patterns to EXCLUDE**:
+   - `alpha` (e.g., `2.0.0-alpha.1`)
+   - `beta` (e.g., `2.0.0-beta.3`)
+   - `rc` (e.g., `2.0.0-rc.1`)
+   - `canary` (e.g., `2.0.0-canary.123`)
+   - `next` (e.g., `2.0.0-next.5`)
+   - `experimental` (e.g., `2.0.0-experimental.0`)
+   - `dev` (e.g., `2.0.0-dev.1`)
+   - `preview` (e.g., `2.0.0-preview.2`)
+   - `nightly` (e.g., `2.0.0-nightly.20250101`)
+
+   **For each package with unstable "latest" version**:
+   ```bash
+   # Get all available versions and find latest stable
+   npm view package-name versions --json
+   ```
+   Then select the highest version WITHOUT prerelease suffix.
+
+   **Example**:
+   - `pnpm outdated` shows: `react` latest = `19.0.0-rc.1`
+   - Run: `npm view react versions --json`
+   - Find latest stable: `18.3.1` (no prerelease suffix)
+   - Report `18.3.1` as target version, NOT `19.0.0-rc.1`
+
+7. Categorize by update type:
    - **Critical**: Security fixes (from audit)
    - **High**: Major version updates with breaking changes
    - **Medium**: Minor version updates (new features)
@@ -200,12 +229,13 @@ pnpm update lodash@^4.17.21
 
 #### 3. Major Version Update - react@17.0.2
 
-**Category**: Outdated Package  
-**Priority**: high  
-**Package**: react  
-**Current Version**: 17.0.2  
-**Latest Version**: 18.2.0  
-**Update Type**: major  
+**Category**: Outdated Package
+**Priority**: high
+**Package**: react
+**Current Version**: 17.0.2
+**Latest Stable Version**: 18.3.1
+**Update Type**: major
+**Note**: Unstable versions (e.g., 19.0.0-rc.1) were excluded  
 
 **Analysis**:
 - React 18 includes new features:
@@ -228,12 +258,12 @@ Requires manual migration - create separate task
 
 #### 4. Minor Update - @types/node@16.11.7
 
-**Category**: Outdated Package  
-**Priority**: medium  
-**Package**: @types/node  
-**Current Version**: 16.11.7  
-**Latest Version**: 16.18.0  
-**Update Type**: minor  
+**Category**: Outdated Package
+**Priority**: medium
+**Package**: @types/node
+**Current Version**: 16.11.7
+**Latest Stable Version**: 16.18.0
+**Update Type**: minor
 
 **Suggested Fix**:
 ```bash

package/.claude/agents/health/workers/dependency-updater.md

@@ -68,6 +68,14 @@ When invoked, you must follow these steps:
    - Complete validation before next package
    - If validation fails, rollback immediately
 
+   **Version Stability Check**:
+   Before updating, verify target version is stable (no prerelease suffix):
+   ```bash
+   # If target version looks unstable (alpha, beta, rc, canary, next, etc.)
+   npm view package-name versions --json
+   # Select highest version WITHOUT prerelease suffix
+   ```
+
 5. **Update Categories**
 
    ### A. Security Fixes (Critical/High Priority)
@@ -399,6 +407,7 @@ When invoked, you must follow these steps:
 4. **Rollback on ANY failure** - restore backups immediately
 5. **Check migration guides** - for ALL major version updates
 6. **Document manual items** - don't skip difficult updates silently
+7. **STABLE VERSIONS ONLY** - Never update to pre-release versions (alpha, beta, rc, canary, next, experimental, dev, preview, nightly). If target version is unstable, find latest stable version instead
 
 ### Rollback Protocol
 

package/.claude/commands/speckit.implement.md

@@ -58,16 +58,22 @@ You **MUST** consider the user input before proceeding (if not empty).
 
 4. **PLANNING PHASE** (Execute Before Implementation):
    - Review all tasks and classify execution model (parallel vs sequential)
-   - **Subagent Assignment** (Phase 0):
-     * [EXECUTOR: MAIN] - ONLY for trivial tasks (1-2 line fixes, simple imports, single dependency install)
-     * For complex tasks: thoroughly examine existing subagents, assign only if 100% match
-     * If no 100% match: assign FUTURE agent name (to be created) - `[EXECUTOR: future-agent-name]`
-     * After all assignments: if FUTURE agents exist, launch N meta-agent-v3 calls in single message
+   - **Step 1: Task Analysis**:
+     * Analyze all tasks and identify required agent capabilities
+     * Determine which tasks need MAIN (trivial only), existing agents, or new agents
+     * Create list of missing agent types with specifications
+   - **Step 2: Agent Creation** (if needed):
+     * Launch N meta-agent-v3 calls in single message (1 call per missing agent)
      * After agent creation: ask user to restart claude-code
-   - Annotate tasks with `[EXECUTOR: name]` and `[SEQUENTIAL]`/`[PARALLEL-GROUP-X]`
-   - Handle research tasks:
-     * Simple: solve with agent tools (Grep, Read, WebSearch, Context7, Supabase docs)
-     * Complex: create research prompt in research/, wait for user deepresearch, then incorporate results
+     * After restart: verify new agents exist before proceeding
+   - **Step 3: Executor Assignment**:
+     * [EXECUTOR: MAIN] - ONLY for trivial tasks (1-2 line fixes, simple imports, single dependency install)
+     * [EXECUTOR: existing-agent] - ONLY if 100% capability match after thorough examination
+     * [EXECUTOR: specific-agent-name] - For all other tasks using existing or newly created agents
+     * Annotate all tasks with `[EXECUTOR: name]` and `[SEQUENTIAL]`/`[PARALLEL-GROUP-X]`
+   - **Step 4: Research Resolution**:
+     * Simple research: solve with agent tools (Grep, Read, WebSearch, Context7, Supabase docs)
+     * Complex research: create research prompt in research/, wait for user deepresearch, incorporate results
    - Output: Updated tasks.md with executor annotations
    - **Atomicity Rule (CRITICAL)**: 1 Task = 1 Agent Invocation
      * Never give multiple tasks to one agent in single run

package/.claude/commands/speckit.tasks.md

@@ -60,9 +60,10 @@ The tasks.md should be immediately executable - each task must be specific enoug
 - **Complex**: Create research prompt in research/ → wait for deepresearch → incorporate
 
 **Planning Phase**: After generating tasks, Phase 0: Planning will be added automatically by the template. This phase includes:
-- **P001**: Executor assignment (MAIN for trivial only, existing if 100% match, FUTURE otherwise)
-- **P002**: Research resolution (simple vs complex)
-- **P003**: FUTURE agent creation via meta-agent-v3 in single message, then ask restart
+- **P001**: Task analysis (identify required agent types and capabilities)
+- **P002**: Agent creation via meta-agent-v3 in single message, then ask restart
+- **P003**: Executor assignment (MAIN for trivial only, existing if 100% match, specific agents otherwise)
+- **P004**: Research resolution (simple: solve now, complex: create prompts)
 
 ## Task Generation Rules
 

package/.claude/scripts/release.sh

@@ -6,12 +6,24 @@
 # Features:
 # - Auto-syncs package.json versions with latest git tag (prevents version conflicts)
 # - Auto-detects version bump from conventional commits
-# - Generates CHANGELOG.md entries
+# - Generates CHANGELOG.md entries with Keep a Changelog format
+# - Supports security, deprecated, and removed categories
+# - Safe rollback with file backups (no data loss on errors)
 # - Rollback support for failed releases
 #
 # Usage: ./release.sh [patch|minor|major] [--yes]
 #        Leave empty for auto-detection from conventional commits
 #        --yes: Skip confirmation prompt (for automation)
+#
+# Supported conventional commit types:
+#   security:   → Security section (patch version)
+#   feat:       → Added section (minor version)
+#   fix:        → Fixed section (patch version)
+#   deprecate:  → Deprecated section
+#   remove:     → Removed section
+#   refactor:   → Changed section
+#   perf:       → Changed section
+#   type!:      → Breaking changes (major version)
 
 set -euo pipefail
 
@@ -30,8 +42,8 @@ readonly NC='\033[0m' # No Color
 # State tracking for rollback
 CREATED_COMMIT=""
 CREATED_TAG=""
-STASH_CREATED=""
 declare -a MODIFIED_FILES=()
+declare -a BACKUP_FILES=()  # Track backup files for safe rollback
 
 # Commit categorization arrays
 declare -a ALL_COMMITS=()
@@ -40,6 +52,9 @@ declare -a FIXES=()
 declare -a BREAKING_CHANGES=()
 declare -a REFACTORS=()
 declare -a PERF=()
+declare -a SECURITY_FIXES=()      # Security vulnerability fixes
+declare -a DEPRECATIONS=()        # Deprecated features
+declare -a REMOVALS=()            # Removed features
 declare -a OTHER_CHANGES=()
 
 # === UTILITY FUNCTIONS ===
@@ -60,6 +75,53 @@ log_error() {
     echo -e "${RED}❌ $*${NC}" >&2
 }
 
+# === BACKUP AND RESTORE ===
+
+create_backup() {
+    local file="$1"
+
+    # Only create backup if file exists
+    if [ ! -f "$file" ]; then
+        return 0
+    fi
+
+    local backup="${file}.backup.$$"
+    cp "$file" "$backup" || {
+        log_error "Failed to create backup of $file"
+        exit 1
+    }
+
+    BACKUP_FILES+=("$backup")
+    log_info "Created backup: ${backup##*/}"
+}
+
+restore_from_backups() {
+    if [ ${#BACKUP_FILES[@]} -eq 0 ]; then
+        return 0
+    fi
+
+    log_info "Restoring files from backups..."
+
+    for backup in "${BACKUP_FILES[@]}"; do
+        # Extract original filename by removing .backup.$$ suffix
+        local original="${backup%.backup.*}"
+
+        if [ -f "$backup" ]; then
+            mv "$backup" "$original"
+            log_success "Restored: ${original##*/}"
+        fi
+    done
+}
+
+cleanup_backups() {
+    # Clean up backup files after successful release
+    for backup in "${BACKUP_FILES[@]}"; do
+        if [ -f "$backup" ]; then
+            rm -f "$backup"
+        fi
+    done
+}
+
 # === CLEANUP AND ROLLBACK ===
 
 cleanup() {
@@ -83,28 +145,17 @@ cleanup() {
             log_success "Rolled back commit (working directory preserved)"
         fi
 
-        # Restore modified files only (not untracked files)
-        if [ ${#MODIFIED_FILES[@]} -gt 0 ]; then
-            git restore --staged "${MODIFIED_FILES[@]}" 2>/dev/null || true
-            git restore "${MODIFIED_FILES[@]}" 2>/dev/null || true
-            log_success "Restored modified package.json files"
-        fi
-
-        # Restore stash if we created one
-        if [ -n "$STASH_CREATED" ]; then
-            if git stash list | grep -q "release.sh: temporary stash"; then
-                git stash pop >/dev/null 2>&1 || {
-                    log_warning "Stash pop failed with conflicts. Use 'git stash list' to see stashes."
-                    log_info "Manually restore with: git stash pop"
-                }
-            fi
-            log_success "Stashed changes restored (or available in stash list)"
-        fi
+        # SAFE ROLLBACK: Restore from backups instead of git restore
+        # This preserves any manual edits made before running the script
+        restore_from_backups
 
         echo ""
-        log_info "Rollback complete. Repository state restored."
+        log_info "Rollback complete. Files restored from backups."
         echo ""
         exit $exit_code
+    else
+        # Success - clean up backup files
+        cleanup_backups
     fi
 }
 
@@ -132,15 +183,141 @@ run_preflight_checks() {
     fi
     log_success "On branch: $BRANCH"
 
-    # Stash uncommitted changes to preserve user work
+    # Auto-commit uncommitted changes before release
     if ! git diff-index --quiet HEAD -- 2>/dev/null; then
-        log_warning "Uncommitted changes detected. Stashing for safety..."
-        git stash push -m "release.sh: temporary stash $(date +%Y%m%d-%H%M%S)" >/dev/null 2>&1 || {
-            log_error "Failed to stash changes. Please commit or stash manually."
+        log_info "Uncommitted changes detected. Auto-committing before release..."
+
+        # Get file counts by status
+        MODIFIED_COUNT=$(git diff --name-only | wc -l)
+        STAGED_COUNT=$(git diff --cached --name-only | wc -l)
+        UNTRACKED_COUNT=$(git ls-files --others --exclude-standard | wc -l)
+        TOTAL_COUNT=$((MODIFIED_COUNT + STAGED_COUNT + UNTRACKED_COUNT))
+
+        # Stage ALL changes (modified, deleted, new files)
+        git add -A
+
+        # Get detailed file list for commit body
+        FILE_LIST=$(git diff --cached --name-status | sed 's/^/  /')
+
+        # Detect commit type based on changed files
+        local commit_type="chore"
+        local commit_scope=""
+        local commit_desc="update project files"
+
+        # Get file changes with status (A=added, M=modified, D=deleted)
+        local file_status=$(git diff --cached --name-status)
+
+        # Count different types of changes
+        local new_agents=$(echo "$file_status" | grep "^A.*\.claude/agents/.*\.md$" | wc -l)
+        local new_skills=$(echo "$file_status" | grep "^A.*\.claude/skills/.*/SKILL\.md$" | wc -l)
+        local new_commands=$(echo "$file_status" | grep "^A.*\.claude/commands/.*\.md$" | wc -l)
+        local modified_agents=$(echo "$file_status" | grep "^M.*\.claude/agents/.*\.md$" | wc -l)
+        local modified_scripts=$(echo "$file_status" | grep "^M.*\.claude/scripts/.*\.sh$" | wc -l)
+        local modified_skills=$(echo "$file_status" | grep "^M.*\.claude/skills/.*/SKILL\.md$" | wc -l)
+        local modified_commands=$(echo "$file_status" | grep "^M.*\.claude/commands/.*\.md$" | wc -l)
+        local modified_docs=$(echo "$file_status" | grep "\.md$" | grep -v "\.claude/" | wc -l)
+        local modified_mcp=$(echo "$file_status" | grep "mcp/.*\.json$" | wc -l)
+
+        # Priority-based commit type detection (most specific first)
+
+        # 1. New agents (highest priority for features)
+        if [ "$new_agents" -gt 0 ]; then
+            commit_type="feat"
+            commit_scope="agents"
+            local agent_file=$(echo "$file_status" | grep "^A.*\.claude/agents/.*\.md$" | head -1 | awk '{print $2}')
+            local agent_name=$(basename "$agent_file" .md)
+            if [ "$new_agents" -eq 1 ]; then
+                commit_desc="add ${agent_name} agent"
+            else
+                commit_desc="add ${new_agents} new agents (${agent_name}, ...)"
+            fi
+
+        # 2. New skills
+        elif [ "$new_skills" -gt 0 ]; then
+            commit_type="feat"
+            commit_scope="skills"
+            local skill_file=$(echo "$file_status" | grep "^A.*\.claude/skills/.*/SKILL\.md$" | head -1 | awk '{print $2}')
+            local skill_name=$(echo "$skill_file" | cut -d'/' -f4)
+            if [ "$new_skills" -eq 1 ]; then
+                commit_desc="add ${skill_name} skill"
+            else
+                commit_desc="add ${new_skills} new skills (${skill_name}, ...)"
+            fi
+
+        # 3. New commands
+        elif [ "$new_commands" -gt 0 ]; then
+            commit_type="feat"
+            commit_scope="commands"
+            local cmd_file=$(echo "$file_status" | grep "^A.*\.claude/commands/.*\.md$" | head -1 | awk '{print $2}')
+            local cmd_name=$(basename "$cmd_file" .md)
+            if [ "$new_commands" -eq 1 ]; then
+                commit_desc="add ${cmd_name} command"
+            else
+                commit_desc="add ${new_commands} new commands"
+            fi
+
+        # 4. Modified skills (features)
+        elif [ "$modified_skills" -gt 0 ]; then
+            commit_type="feat"
+            commit_scope="skills"
+            commit_desc="update skill implementations"
+
+        # 5. Modified commands (features)
+        elif [ "$modified_commands" -gt 0 ]; then
+            commit_type="feat"
+            commit_scope="commands"
+            commit_desc="update slash commands"
+
+        # 6. Modified scripts (chore)
+        elif [ "$modified_scripts" -gt 0 ]; then
+            commit_type="chore"
+            commit_scope="scripts"
+            commit_desc="update automation scripts"
+
+        # 7. Modified agents (chore)
+        elif [ "$modified_agents" -gt 0 ]; then
+            commit_type="chore"
+            commit_scope="agents"
+            commit_desc="update agent configurations"
+
+        # 8. Modified MCP configs (chore)
+        elif [ "$modified_mcp" -gt 0 ]; then
+            commit_type="chore"
+            commit_scope="mcp"
+            commit_desc="update MCP server configurations"
+
+        # 9. Documentation changes
+        elif [ "$modified_docs" -gt 0 ]; then
+            commit_type="docs"
+            commit_desc="update documentation"
+        fi
+
+        # Generate commit message with detected type
+        if [ -n "$commit_scope" ]; then
+            COMMIT_MSG="${commit_type}(${commit_scope}): ${commit_desc}"
+        else
+            COMMIT_MSG="${commit_type}: ${commit_desc}"
+        fi
+
+        COMMIT_MSG="${COMMIT_MSG}
+
+Auto-committed ${TOTAL_COUNT} file(s) before creating release.
+
+Files changed:
+${FILE_LIST}
+
+🤖 Generated with [Claude Code](https://claude.com/claude-code)
+
+Co-Authored-By: Claude <noreply@anthropic.com>"
+
+        # Create commit
+        git commit -m "$COMMIT_MSG" >/dev/null 2>&1 || {
+            log_error "Failed to auto-commit changes"
             exit 1
         }
-        STASH_CREATED="true"
-        log_success "Changes stashed (will be restored on exit)"
+
+        log_success "Changes committed (${TOTAL_COUNT} files)"
+        log_info "Commit type: ${commit_type}${commit_scope:+(${commit_scope})}: ${commit_desc}"
     fi
 
     # Check if remote is configured
@@ -226,6 +403,9 @@ parse_commits() {
     local fix_pattern='^fix(\([^)]+\))?:'
     local refactor_pattern='^refactor(\([^)]+\))?:'
     local perf_pattern='^perf(\([^)]+\))?:'
+    local security_pattern='^security(\([^)]+\))?:'
+    local deprecate_pattern='^deprecate(\([^)]+\))?:'
+    local remove_pattern='^remove(\([^)]+\))?:'
 
     for commit in "${ALL_COMMITS[@]}"; do
         local hash=$(echo "$commit" | awk '{print $1}')
@@ -234,12 +414,21 @@ parse_commits() {
         # Check for breaking changes
         if [[ "$message" =~ $breaking_pattern ]] || echo "$message" | grep -q "BREAKING CHANGE:"; then
             BREAKING_CHANGES+=("$commit")
+        # Check for security fixes (high priority!)
+        elif [[ "$message" =~ $security_pattern ]]; then
+            SECURITY_FIXES+=("$commit")
         # Check for features
         elif [[ "$message" =~ $feat_pattern ]]; then
             FEATURES+=("$commit")
         # Check for fixes
         elif [[ "$message" =~ $fix_pattern ]]; then
             FIXES+=("$commit")
+        # Check for deprecations
+        elif [[ "$message" =~ $deprecate_pattern ]]; then
+            DEPRECATIONS+=("$commit")
+        # Check for removals
+        elif [[ "$message" =~ $remove_pattern ]]; then
+            REMOVALS+=("$commit")
         # Check for refactors
         elif [[ "$message" =~ $refactor_pattern ]]; then
             REFACTORS+=("$commit")
@@ -255,8 +444,11 @@ parse_commits() {
     # Display commit summary
     log_info "Commit summary:"
     [ ${#BREAKING_CHANGES[@]} -gt 0 ] && echo "  🔥 ${#BREAKING_CHANGES[@]} breaking changes"
+    [ ${#SECURITY_FIXES[@]} -gt 0 ] && echo "  🔒 ${#SECURITY_FIXES[@]} security fixes"
     [ ${#FEATURES[@]} -gt 0 ] && echo "  ✨ ${#FEATURES[@]} features"
     [ ${#FIXES[@]} -gt 0 ] && echo "  🐛 ${#FIXES[@]} bug fixes"
+    [ ${#DEPRECATIONS[@]} -gt 0 ] && echo "  ⚠️  ${#DEPRECATIONS[@]} deprecations"
+    [ ${#REMOVALS[@]} -gt 0 ] && echo "  🗑️  ${#REMOVALS[@]} removals"
     [ ${#REFACTORS[@]} -gt 0 ] && echo "  ♻️  ${#REFACTORS[@]} refactors"
     [ ${#PERF[@]} -gt 0 ] && echo "  ⚡ ${#PERF[@]} performance improvements"
     [ ${#OTHER_CHANGES[@]} -gt 0 ] && echo "  📝 ${#OTHER_CHANGES[@]} other changes"
@@ -286,6 +478,9 @@ detect_version_bump() {
         elif [ ${#FEATURES[@]} -gt 0 ]; then
             BUMP_TYPE="minor"
             AUTO_DETECT_REASON="Found ${#FEATURES[@]} new feature(s)"
+        elif [ ${#SECURITY_FIXES[@]} -gt 0 ]; then
+            BUMP_TYPE="patch"
+            AUTO_DETECT_REASON="Found ${#SECURITY_FIXES[@]} security fix(es)"
         elif [ ${#FIXES[@]} -gt 0 ]; then
             BUMP_TYPE="patch"
             AUTO_DETECT_REASON="Found ${#FIXES[@]} bug fix(es)"
@@ -338,6 +533,15 @@ generate_changelog_entry() {
 
 EOF
 
+    # Security section (FIRST - highest priority!)
+    if [ ${#SECURITY_FIXES[@]} -gt 0 ]; then
+        echo "### Security"
+        for commit in "${SECURITY_FIXES[@]}"; do
+            format_changelog_line "$commit"
+        done
+        echo ""
+    fi
+
     # Added section (features)
     if [ ${#FEATURES[@]} -gt 0 ]; then
         echo "### Added"
@@ -362,6 +566,24 @@ EOF
         echo ""
     fi
 
+    # Deprecated section
+    if [ ${#DEPRECATIONS[@]} -gt 0 ]; then
+        echo "### Deprecated"
+        for commit in "${DEPRECATIONS[@]}"; do
+            format_changelog_line "$commit"
+        done
+        echo ""
+    fi
+
+    # Removed section
+    if [ ${#REMOVALS[@]} -gt 0 ]; then
+        echo "### Removed"
+        for commit in "${REMOVALS[@]}"; do
+            format_changelog_line "$commit"
+        done
+        echo ""
+    fi
+
     # Fixed section
     if [ ${#FIXES[@]} -gt 0 ]; then
         echo "### Fixed"
@@ -414,6 +636,9 @@ update_package_files() {
 
     while IFS= read -r pkg; do
         if [ -n "$pkg" ]; then
+            # Create backup BEFORE modifying
+            create_backup "$pkg"
+
             # Track for rollback
             MODIFIED_FILES+=("$pkg")
 
@@ -448,6 +673,9 @@ update_changelog() {
 
     local changelog_file="$PROJECT_ROOT/CHANGELOG.md"
 
+    # Create backup BEFORE modifying
+    create_backup "$changelog_file"
+
     # Track for rollback
     MODIFIED_FILES+=("$changelog_file")
 
@@ -514,8 +742,11 @@ show_preview() {
 EOF
 
     [ ${#BREAKING_CHANGES[@]} -gt 0 ] && echo "   🔥 ${#BREAKING_CHANGES[@]} breaking changes"
+    [ ${#SECURITY_FIXES[@]} -gt 0 ] && echo "   🔒 ${#SECURITY_FIXES[@]} security fixes"
     [ ${#FEATURES[@]} -gt 0 ] && echo "   ✨ ${#FEATURES[@]} features"
     [ ${#FIXES[@]} -gt 0 ] && echo "   🐛 ${#FIXES[@]} bug fixes"
+    [ ${#DEPRECATIONS[@]} -gt 0 ] && echo "   ⚠️  ${#DEPRECATIONS[@]} deprecations"
+    [ ${#REMOVALS[@]} -gt 0 ] && echo "   🗑️  ${#REMOVALS[@]} removals"
     [ ${#REFACTORS[@]} -gt 0 ] && echo "   ♻️  ${#REFACTORS[@]} refactors"
     [ ${#PERF[@]} -gt 0 ] && echo "   ⚡ ${#PERF[@]} performance improvements"
     [ ${#OTHER_CHANGES[@]} -gt 0 ] && echo "   📝 ${#OTHER_CHANGES[@]} other changes"
@@ -591,6 +822,9 @@ execute_release() {
     log_info "Executing release..."
     echo ""
 
+    # Clean up backup files BEFORE staging
+    cleanup_backups
+
     # Stage all changes
     log_info "Staging changes..."
     git add -A
@@ -706,17 +940,6 @@ main() {
     update_changelog "$NEW_VERSION" "$DATE"
     execute_release
 
-    # Success! Restore stash if created
-    if [ -n "$STASH_CREATED" ]; then
-        log_info "Restoring stashed changes..."
-        if git stash list | grep -q "release.sh: temporary stash"; then
-            git stash pop >/dev/null 2>&1 || {
-                log_warning "Stash pop had conflicts. Check 'git stash list'"
-                log_info "Manually restore with: git stash pop"
-            }
-        fi
-    fi
-
     echo ""
     echo "╔═══════════════════════════════════════════════════════════╗"
     echo "║              RELEASE SUCCESSFUL! 🎉                       ║"
@@ -725,9 +948,6 @@ main() {
     log_success "Released v$NEW_VERSION"
     log_success "Tag: v$NEW_VERSION"
     log_success "Branch: $BRANCH"
-    if [ -n "$STASH_CREATED" ]; then
-        log_success "Stashed changes restored"
-    fi
     echo ""
     log_info "Next steps:"
     echo "  • Verify release on GitHub: git remote -v"