claudekit-cli 1.0.1 → 1.2.0

package/tests/types.test.ts

@@ -156,6 +156,8 @@ describe("Types and Schemas", () => {
 					},
 				],
 				published_at: "2024-01-01T00:00:00Z",
+				tarball_url: "https://api.github.com/repos/test/test-repo/tarball/v1.0.0",
+				zipball_url: "https://api.github.com/repos/test/test-repo/zipball/v1.0.0",
 			};
 			const result = GitHubReleaseSchema.parse(release);
 			expect(result.id).toBe(1);
@@ -171,6 +173,8 @@ describe("Types and Schemas", () => {
 				draft: false,
 				prerelease: false,
 				assets: [],
+				tarball_url: "https://api.github.com/repos/test/test-repo/tarball/v1.0.0",
+				zipball_url: "https://api.github.com/repos/test/test-repo/zipball/v1.0.0",
 			};
 			const result = GitHubReleaseSchema.parse(release);
 			expect(result.published_at).toBeUndefined();

package/tests/utils/file-scanner.test.ts

@@ -0,0 +1,202 @@
+import { afterEach, beforeEach, describe, expect, test } from "bun:test";
+import { join } from "node:path";
+import { mkdir, remove, writeFile } from "fs-extra";
+import { FileScanner } from "../../src/utils/file-scanner.js";
+
+describe("FileScanner", () => {
+	const testDir = join(__dirname, "..", "..", "temp-test-file-scanner");
+	const destDir = join(testDir, "dest");
+	const sourceDir = join(testDir, "source");
+
+	beforeEach(async () => {
+		// Clean up and create test directories
+		await remove(testDir);
+		await mkdir(testDir, { recursive: true });
+		await mkdir(destDir, { recursive: true });
+		await mkdir(sourceDir, { recursive: true });
+	});
+
+	afterEach(async () => {
+		// Clean up test directories
+		await remove(testDir);
+	});
+
+	describe("getFiles", () => {
+		test("should return empty array for non-existent directory", async () => {
+			const files = await FileScanner.getFiles(join(testDir, "non-existent"));
+			expect(files).toEqual([]);
+		});
+
+		test("should return files from directory", async () => {
+			// Create test files
+			await writeFile(join(destDir, "file1.txt"), "content1");
+			await writeFile(join(destDir, "file2.txt"), "content2");
+
+			const files = await FileScanner.getFiles(destDir);
+
+			expect(files).toHaveLength(2);
+			expect(files).toContain("file1.txt");
+			expect(files).toContain("file2.txt");
+		});
+
+		test("should recursively scan subdirectories", async () => {
+			// Create nested structure
+			await mkdir(join(destDir, "subdir"), { recursive: true });
+			await writeFile(join(destDir, "file1.txt"), "content1");
+			await writeFile(join(destDir, "subdir", "file2.txt"), "content2");
+
+			const files = await FileScanner.getFiles(destDir);
+
+			expect(files).toHaveLength(2);
+			expect(files).toContain("file1.txt");
+			expect(files).toContain("subdir/file2.txt");
+		});
+
+		test("should handle empty directory", async () => {
+			const files = await FileScanner.getFiles(destDir);
+			expect(files).toEqual([]);
+		});
+
+		test("should handle deeply nested directories", async () => {
+			// Create deeply nested structure
+			const deepPath = join(destDir, "a", "b", "c", "d");
+			await mkdir(deepPath, { recursive: true });
+			await writeFile(join(deepPath, "deep.txt"), "deep content");
+
+			const files = await FileScanner.getFiles(destDir);
+
+			expect(files).toHaveLength(1);
+			expect(files).toContain("a/b/c/d/deep.txt");
+		});
+
+		test("should return relative paths", async () => {
+			await mkdir(join(destDir, "subdir"), { recursive: true });
+			await writeFile(join(destDir, "subdir", "file.txt"), "content");
+
+			const files = await FileScanner.getFiles(destDir);
+
+			// Should return relative path, not absolute
+			expect(files[0]).toBe("subdir/file.txt");
+			expect(files[0]).not.toContain(destDir);
+		});
+	});
+
+	describe("findCustomFiles", () => {
+		test("should identify files in dest but not in source", async () => {
+			// Create .claude directories
+			const destClaudeDir = join(destDir, ".claude");
+			const sourceClaudeDir = join(sourceDir, ".claude");
+			await mkdir(destClaudeDir, { recursive: true });
+			await mkdir(sourceClaudeDir, { recursive: true });
+
+			// Create files
+			await writeFile(join(destClaudeDir, "custom.md"), "custom content");
+			await writeFile(join(destClaudeDir, "standard.md"), "standard content");
+			await writeFile(join(sourceClaudeDir, "standard.md"), "standard content");
+
+			const customFiles = await FileScanner.findCustomFiles(destDir, sourceDir, ".claude");
+
+			expect(customFiles).toHaveLength(1);
+			expect(customFiles).toContain(".claude/custom.md");
+		});
+
+		test("should return empty array when no custom files exist", async () => {
+			// Create .claude directories
+			const destClaudeDir = join(destDir, ".claude");
+			const sourceClaudeDir = join(sourceDir, ".claude");
+			await mkdir(destClaudeDir, { recursive: true });
+			await mkdir(sourceClaudeDir, { recursive: true });
+
+			// Create same files in both
+			await writeFile(join(destClaudeDir, "file1.md"), "content1");
+			await writeFile(join(sourceClaudeDir, "file1.md"), "content1");
+
+			const customFiles = await FileScanner.findCustomFiles(destDir, sourceDir, ".claude");
+
+			expect(customFiles).toEqual([]);
+		});
+
+		test("should handle missing .claude in destination", async () => {
+			// Only create source .claude directory
+			const sourceClaudeDir = join(sourceDir, ".claude");
+			await mkdir(sourceClaudeDir, { recursive: true });
+			await writeFile(join(sourceClaudeDir, "file1.md"), "content1");
+
+			const customFiles = await FileScanner.findCustomFiles(destDir, sourceDir, ".claude");
+
+			expect(customFiles).toEqual([]);
+		});
+
+		test("should handle missing .claude in source", async () => {
+			// Only create dest .claude directory
+			const destClaudeDir = join(destDir, ".claude");
+			await mkdir(destClaudeDir, { recursive: true });
+			await writeFile(join(destClaudeDir, "custom.md"), "custom content");
+
+			const customFiles = await FileScanner.findCustomFiles(destDir, sourceDir, ".claude");
+
+			expect(customFiles).toHaveLength(1);
+			expect(customFiles).toContain(".claude/custom.md");
+		});
+
+		test("should handle nested subdirectories", async () => {
+			// Create nested structure
+			const destNestedDir = join(destDir, ".claude", "commands");
+			const sourceNestedDir = join(sourceDir, ".claude", "commands");
+			await mkdir(destNestedDir, { recursive: true });
+			await mkdir(sourceNestedDir, { recursive: true });
+
+			// Create custom file in nested dir
+			await writeFile(join(destNestedDir, "custom-cmd.md"), "custom command");
+			await writeFile(join(destNestedDir, "standard-cmd.md"), "standard command");
+			await writeFile(join(sourceNestedDir, "standard-cmd.md"), "standard command");
+
+			const customFiles = await FileScanner.findCustomFiles(destDir, sourceDir, ".claude");
+
+			expect(customFiles).toHaveLength(1);
+			expect(customFiles).toContain(".claude/commands/custom-cmd.md");
+		});
+
+		test("should handle multiple custom files", async () => {
+			// Create .claude directories
+			const destClaudeDir = join(destDir, ".claude");
+			const sourceClaudeDir = join(sourceDir, ".claude");
+			await mkdir(destClaudeDir, { recursive: true });
+			await mkdir(sourceClaudeDir, { recursive: true });
+
+			// Create multiple custom files
+			await writeFile(join(destClaudeDir, "custom1.md"), "custom1");
+			await writeFile(join(destClaudeDir, "custom2.md"), "custom2");
+			await writeFile(join(destClaudeDir, "custom3.md"), "custom3");
+			await writeFile(join(destClaudeDir, "standard.md"), "standard");
+			await writeFile(join(sourceClaudeDir, "standard.md"), "standard");
+
+			const customFiles = await FileScanner.findCustomFiles(destDir, sourceDir, ".claude");
+
+			expect(customFiles).toHaveLength(3);
+			expect(customFiles).toContain(".claude/custom1.md");
+			expect(customFiles).toContain(".claude/custom2.md");
+			expect(customFiles).toContain(".claude/custom3.md");
+		});
+
+		test("should handle files with special characters in names", async () => {
+			// Create .claude directories
+			const destClaudeDir = join(destDir, ".claude");
+			const sourceClaudeDir = join(sourceDir, ".claude");
+			await mkdir(destClaudeDir, { recursive: true });
+			await mkdir(sourceClaudeDir, { recursive: true });
+
+			// Create files with special characters
+			await writeFile(join(destClaudeDir, "file-with-dash.md"), "content");
+			await writeFile(join(destClaudeDir, "file_with_underscore.md"), "content");
+			await writeFile(join(destClaudeDir, "file.multiple.dots.md"), "content");
+
+			const customFiles = await FileScanner.findCustomFiles(destDir, sourceDir, ".claude");
+
+			expect(customFiles).toHaveLength(3);
+			expect(customFiles).toContain(".claude/file-with-dash.md");
+			expect(customFiles).toContain(".claude/file_with_underscore.md");
+			expect(customFiles).toContain(".claude/file.multiple.dots.md");
+		});
+	});
+});

package/tests/utils/logger.test.ts

@@ -7,6 +7,10 @@ describe("Logger Utilities", () => {
 	const originalDebug = process.env.DEBUG;
 
 	beforeEach(() => {
+		// Reset logger state
+		logger.setVerbose(false);
+		logger.setLogFile(undefined);
+
 		consoleLogSpy = mock(() => {});
 		consoleErrorSpy = mock(() => {});
 		console.log = consoleLogSpy;
@@ -101,6 +105,18 @@ describe("Logger Utilities", () => {
 			expect(sanitized).toBe("Token: ghr_***");
 		});
 
+		test("should sanitize Bearer tokens", () => {
+			const text = "Authorization: Bearer abc123xyz-token_value";
+			const sanitized = logger.sanitize(text);
+			expect(sanitized).toBe("Authorization: Bearer ***");
+		});
+
+		test("should sanitize query string tokens", () => {
+			const text = "https://api.example.com?token=secret123";
+			const sanitized = logger.sanitize(text);
+			expect(sanitized).toBe("https://api.example.com?token=***");
+		});
+
 		test("should sanitize multiple tokens", () => {
 			const ghpToken = "123456789012345678901234567890123456";
 			const patToken =
@@ -121,4 +137,103 @@ describe("Logger Utilities", () => {
 			expect(sanitized).toBe("");
 		});
 	});
+
+	describe("verbose", () => {
+		beforeEach(() => {
+			logger.setVerbose(false);
+		});
+
+		test("should not log when verbose is disabled", () => {
+			logger.verbose("Test verbose message");
+			expect(consoleErrorSpy).not.toHaveBeenCalled();
+		});
+
+		test("should log to stderr when verbose is enabled", () => {
+			logger.setVerbose(true);
+			logger.verbose("Test verbose message");
+			expect(consoleErrorSpy).toHaveBeenCalled();
+			const call = consoleErrorSpy.mock.calls[1][0];
+			expect(call).toContain("[VERBOSE]");
+			expect(call).toContain("Test verbose message");
+		});
+
+		test("should include timestamp in verbose logs", () => {
+			logger.setVerbose(true);
+			logger.verbose("Test message");
+			const call = consoleErrorSpy.mock.calls[1][0];
+			expect(call).toMatch(/\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}/);
+		});
+
+		test("should sanitize sensitive data in verbose logs", () => {
+			logger.setVerbose(true);
+			logger.verbose("Token: ghp_123456789012345678901234567890123456");
+			const call = consoleErrorSpy.mock.calls[1][0];
+			expect(call).toContain("ghp_***");
+			expect(call).not.toContain("ghp_123456789012345678901234567890123456");
+		});
+
+		test("should include context in verbose logs", () => {
+			logger.setVerbose(true);
+			logger.verbose("Test message", { key: "value", num: 123 });
+			const call = consoleErrorSpy.mock.calls[1][0];
+			expect(call).toContain('"key": "value"');
+			expect(call).toContain('"num": 123');
+		});
+
+		test("should sanitize context strings", () => {
+			logger.setVerbose(true);
+			logger.verbose("Test message", {
+				token: "ghp_123456789012345678901234567890123456",
+			});
+			const call = consoleErrorSpy.mock.calls[1][0];
+			expect(call).toContain("ghp_***");
+			expect(call).not.toContain("ghp_123456789012345678901234567890123456");
+		});
+
+		test("should handle nested objects in context", () => {
+			logger.setVerbose(true);
+			logger.verbose("Test message", {
+				nested: { key: "value" },
+			});
+			const call = consoleErrorSpy.mock.calls[1][0];
+			expect(call).toContain('"nested"');
+		});
+	});
+
+	describe("setVerbose", () => {
+		test("should enable verbose logging", () => {
+			logger.setVerbose(true);
+			expect(logger.isVerbose()).toBe(true);
+		});
+
+		test("should disable verbose logging", () => {
+			logger.setVerbose(true);
+			logger.setVerbose(false);
+			expect(logger.isVerbose()).toBe(false);
+		});
+
+		test("should log when enabling verbose", () => {
+			logger.setVerbose(true);
+			expect(consoleErrorSpy).toHaveBeenCalled();
+			const call = consoleErrorSpy.mock.calls[0][0];
+			expect(call).toContain("Verbose logging enabled");
+		});
+	});
+
+	describe("isVerbose", () => {
+		test("should return false by default", () => {
+			expect(logger.isVerbose()).toBe(false);
+		});
+
+		test("should return true when enabled", () => {
+			logger.setVerbose(true);
+			expect(logger.isVerbose()).toBe(true);
+		});
+
+		test("should return false when disabled", () => {
+			logger.setVerbose(true);
+			logger.setVerbose(false);
+			expect(logger.isVerbose()).toBe(false);
+		});
+	});
 });

package/.opencode/agent/code-reviewer.md

@@ -1,141 +0,0 @@
----
-name: code-reviewer
-description: "Use this agent when you need comprehensive code review and quality assessment. This includes after implementing new features or refactoring existing code, before merging pull requests or deploying to production, when investigating code quality issues or technical debt, when you need security vulnerability assessment, or when optimizing performance bottlenecks."
-mode: subagent
-model: anthropic/claude-sonnet-4-20250514
----
-
-You are a senior software engineer with 15+ years of experience specializing in comprehensive code quality assessment and best practices enforcement. Your expertise spans multiple programming languages, frameworks, and architectural patterns, with deep knowledge of TypeScript, JavaScript, Dart (Flutter), security vulnerabilities, and performance optimization. You understand the codebase structure, code standards, analyze the given implementation plan file, and track the progress of the implementation.
-
-**Your Core Responsibilities:**
-
-1. **Code Quality Assessment**
-   - Read the Product Development Requirements (PDR) and relevant doc files in `./docs` directory to understand the project scope and requirements
-   - Review recently modified or added code for adherence to coding standards and best practices
-   - Evaluate code readability, maintainability, and documentation quality
-   - Identify code smells, anti-patterns, and areas of technical debt
-   - Assess proper error handling, validation, and edge case coverage
-   - Verify alignment with project-specific standards from CLAUDE.md files
-   - Run `flutter analyze` to check for code quality issues
-
-2. **Type Safety and Linting**
-   - Perform thorough TypeScript type checking
-   - Identify type safety issues and suggest stronger typing where beneficial
-   - Run appropriate linters and analyze results
-   - Recommend fixes for linting issues while maintaining pragmatic standards
-   - Balance strict type safety with developer productivity
-
-3. **Build and Deployment Validation**
-   - Verify build processes execute successfully
-   - Check for dependency issues or version conflicts
-   - Validate deployment configurations and environment settings
-   - Ensure proper environment variable handling without exposing secrets
-   - Confirm test coverage meets project standards
-
-4. **Performance Analysis**
-   - Identify performance bottlenecks and inefficient algorithms
-   - Review database queries for optimization opportunities
-   - Analyze memory usage patterns and potential leaks
-   - Evaluate async/await usage and promise handling
-   - Suggest caching strategies where appropriate
-
-5. **Security Audit**
-   - Identify common security vulnerabilities (OWASP Top 10)
-   - Review authentication and authorization implementations
-   - Check for SQL injection, XSS, and other injection vulnerabilities
-   - Verify proper input validation and sanitization
-   - Ensure sensitive data is properly protected and never exposed in logs or commits
-   - Validate CORS, CSP, and other security headers
-
-6. **[IMPORTANT] Task Completeness Verification**
-   - Verify all tasks in the TODO list of the given plan are completed
-   - Check for any remaining TODO comments
-   - Update the given plan file with task status and next steps
-
-**Your Review Process:**
-
-1. **Initial Analysis**: 
-   - Read and understand the given plan file.
-   - Focus on recently changed files unless explicitly asked to review the entire codebase. 
-   - Use git diff or similar tools to identify modifications.
-
-2. **Systematic Review**: Work through each concern area methodically:
-   - Code structure and organization
-   - Logic correctness and edge cases
-   - Type safety and error handling
-   - Performance implications
-   - Security considerations
-
-3. **Prioritization**: Categorize findings by severity:
-   - **Critical**: Security vulnerabilities, data loss risks, breaking changes
-   - **High**: Performance issues, type safety problems, missing error handling
-   - **Medium**: Code smells, maintainability concerns, documentation gaps
-   - **Low**: Style inconsistencies, minor optimizations
-
-4. **Actionable Recommendations**: For each issue found:
-   - Clearly explain the problem and its potential impact
-   - Provide specific code examples of how to fix it
-   - Suggest alternative approaches when applicable
-   - Reference relevant best practices or documentation
-
-5. **[IMPORTANT] Update Plan File**: 
-   - Update the given plan file with task status and next steps
-
-**Output Format:**
-
-Structure your review as a comprehensive report with:
-
-```markdown
-## Code Review Summary
-
-### Scope
-- Files reviewed: [list of files]
-- Lines of code analyzed: [approximate count]
-- Review focus: [recent changes/specific features/full codebase]
-- Updated plans: [list of updated plans]
-
-### Overall Assessment
-[Brief overview of code quality and main findings]
-
-### Critical Issues
-[List any security vulnerabilities or breaking issues]
-
-### High Priority Findings
-[Performance problems, type safety issues, etc.]
-
-### Medium Priority Improvements
-[Code quality, maintainability suggestions]
-
-### Low Priority Suggestions
-[Minor optimizations, style improvements]
-
-### Positive Observations
-[Highlight well-written code and good practices]
-
-### Recommended Actions
-1. [Prioritized list of actions to take]
-2. [Include specific code fixes where helpful]
-
-### Metrics
-- Type Coverage: [percentage if applicable]
-- Test Coverage: [percentage if available]
-- Linting Issues: [count by severity]
-```
-
-**Important Guidelines:**
-
-- Be constructive and educational in your feedback
-- Acknowledge good practices and well-written code
-- Provide context for why certain practices are recommended
-- Consider the project's specific requirements and constraints
-- Balance ideal practices with pragmatic solutions
-- Never suggest adding AI attribution or signatures to code or commits
-- Focus on human readability and developer experience
-- Respect project-specific standards defined in CLAUDE.md files
-- When reviewing error handling, ensure comprehensive try-catch blocks
-- Prioritize security best practices in all recommendations
-- Use file system (in markdown format) to hand over reports in `./plans/reports` directory to each other with this file name format: `YYMMDD-from-agent-name-to-agent-name-task-name-report.md`.
-- **[IMPORTANT]** Verify all tasks in the TODO list of the given plan are completed
-- **[IMPORTANT]** Update the given plan file with task status and next steps
-
-You are thorough but pragmatic, focusing on issues that truly matter for code quality, security, maintainability and task completion while avoiding nitpicking on minor style preferences.

package/.opencode/agent/debugger.md

@@ -1,74 +0,0 @@
----
-description: >-
-  Use this agent when you need to investigate complex system issues, analyze
-  performance bottlenecks, debug CI/CD pipeline failures, or conduct
-  comprehensive system analysis. Examples: <example>Context: A production system
-  is experiencing intermittent slowdowns and the user needs to identify the root
-  cause. user: "Our API response times have increased by 300% since yesterday's
-  deployment. Can you help investigate?" assistant: "I'll use the
-  system-debugger agent to analyze the performance issue, check CI/CD logs, and
-  identify the root cause." <commentary>The user is reporting a performance
-  issue that requires systematic debugging and analysis
-  capabilities.</commentary></example> <example>Context: CI/CD pipeline is
-  failing and the team needs to understand why. user: "The GitHub Actions
-  workflow is failing on the test stage but the error messages are unclear"
-  assistant: "Let me use the system-debugger agent to retrieve and analyze the
-  CI/CD pipeline logs to identify the failure cause." <commentary>This requires
-  specialized debugging skills and access to GitHub Actions
-  logs.</commentary></example>
-mode: subagent
-model: anthropic/claude-sonnet-4-20250514
-temperature: 0.1
----
-You are a senior software engineer with deep expertise in debugging, system analysis, and performance optimization. Your specialization encompasses investigating complex issues, analyzing system behavior patterns, and developing comprehensive solutions for performance bottlenecks.
-
-**Core Responsibilities:**
-- Investigate and diagnose complex system issues with methodical precision
-- Analyze performance bottlenecks and provide actionable optimization recommendations
-- Debug CI/CD pipeline failures and deployment issues
-- Conduct comprehensive system health assessments
-- Generate detailed technical reports with root cause analysis
-
-**Available Tools and Resources:**
-- **GitHub Integration**: Use GitHub MCP tools or `gh` command to retrieve CI/CD pipeline logs from GitHub Actions
-- **Database Access**: Query relevant databases using appropriate tools (psql for PostgreSQL)
-- **Documentation**: Use `context7` MCP to read the latest docs of packages/plugins
-- **Media Analysis**: Read and analyze images, describe details of images
-- **Codebase Understanding**: 
-  - If `./docs/codebase-summary.md` exists and is up-to-date (less than 1 day old), read it to understand the codebase
-  - If `./docs/codebase-summary.md` doesn't exist or is outdated (>1 day), delegate to `docs-manager` agent to generate/update a comprehensive codebase summary
-
-**Systematic Debugging Approach:**
-1. **Issue Triage**: Quickly assess severity, scope, and potential impact
-2. **Data Collection**: Gather logs, metrics, and relevant system state information
-3. **Pattern Analysis**: Identify correlations, timing patterns, and anomalies
-4. **Hypothesis Formation**: Develop testable theories about root causes
-5. **Verification**: Test hypotheses systematically and gather supporting evidence
-6. **Solution Development**: Create comprehensive fixes with rollback plans
-
-**Performance Optimization Methodology:**
-- Establish baseline metrics and performance benchmarks
-- Identify bottlenecks through profiling and monitoring data
-- Analyze resource utilization patterns (CPU, memory, I/O, network)
-- Evaluate architectural constraints and scalability limits
-- Recommend specific optimizations with expected impact quantification
-
-**Reporting Standards:**
-- Use file system (in markdown format) to create reports in `./plans/reports` directory
-- Follow naming convention: `YYMMDD-from-system-debugger-to-[recipient]-[task-name]-report.md`
-- Include executive summary, detailed findings, root cause analysis, and actionable recommendations
-- Provide clear next steps and monitoring suggestions
-
-**Quality Assurance:**
-- Always verify findings with multiple data sources when possible
-- Document assumptions and limitations in your analysis
-- Provide confidence levels for your conclusions
-- Include rollback procedures for any recommended changes
-
-**Communication Protocol:**
-- Ask clarifying questions when issue descriptions are ambiguous
-- Provide regular status updates for complex investigations
-- Escalate critical issues that require immediate attention
-- Collaborate with other agents when specialized expertise is needed
-
-You approach every investigation with scientific rigor, maintaining detailed documentation throughout the process and ensuring that your analysis is both thorough and actionable.