claudeos-core 2.3.1 → 2.4.0

package/content-validator/index.js

@@ -409,7 +409,7 @@ async function main() {
   }
 
   // ─── 10. Path-claim verification ──────────────────────────
-  // Catches two dogfood-surfaced failure classes:
+  // Catches two failure classes:
   //   (a) Pass 3 hallucinations: rules/standard files reference
   //       src/... paths the LLM fabricated from directory context
   //       (e.g., `src/feature/routers/featureRoutePath.ts` when the actual
@@ -427,9 +427,118 @@ async function main() {
   // inline code already fenced. We still strip fenced blocks first so
   // example blocks inside ```...``` don't produce false positives.
   const SRC_PATH_RE = /\bsrc\/[\w\-./]+\.(?:ts|tsx|js|jsx)\b/g;
-  // Placeholder paths like `src/{domain}/...` are scaffold templates,
-  // not real path claims. Skip them.
-  const hasPlaceholder = (p) => /\{[^}]+\}/.test(p);
+
+  // Placeholder paths are scaffold templates / teaching examples, not
+  // real path claims. We skip them. Three patterns qualify:
+  //   1. Curly-brace placeholder  — `src/{domain}/api/{Entity}.ts`
+  //      (the original v2.3.0 form).
+  //   2. Xxx-style placeholder    — `src/hooks/useXxx.ts` or
+  //      `src/pages/PageXxx.tsx`  (LLMs commonly use `Xxx`/`XXX` as
+  //      "insert-your-name-here"; this form has been observed in
+  //      `naming-conventions-rules.md`). We match any segment
+  //      containing `Xxx` or `XXX` as a distinctive token.
+  //   3. Glob-star placeholder    — `src/test/*.setup.ts` or
+  //      `src/*/mocks/handlers.ts` (conventional glob syntax that an
+  //      LLM may use to describe a *class* of files rather than one
+  //      specific file).
+  // Literal paths that happen to contain `x`/`X` as part of a real
+  // identifier (e.g., `src/utils/xyzParser.ts`) do NOT match these
+  // patterns — the placeholder regex requires the `Xxx` pattern
+  // (capital-lower-lower, a distinctive convention) OR three or more
+  // consecutive uppercase X's. The uppercase-XXX rule has NO word-
+  // boundary anchor because placeholder tokens commonly appear in
+  // the middle of a compound identifier (`useXXX`, `useXXX_CONFIG`,
+  // `nameXXXvalue`, `XXXParser`) — requiring a boundary would skip
+  // those cases. Three consecutive uppercase X's in a row is a
+  // distinctive signal that essentially never appears in ordinary
+  // identifiers (lowercase `xxx` CAN appear in words like `taxXxxRate`,
+  // but three uppercase X's do not occur outside placeholder convention).
+  // v2.4.0 — Ellipsis (`...`) added as a placeholder marker.
+  //
+  // LLMs commonly use `...` to denote "any subdirectory" in illustrative
+  // path examples, e.g. `src/app/api/.../route.ts` to mean "any API
+  // route under app/api/". Treating these as STALE_PATH false-positives
+  // because `...` doesn't match the literal directory regex `[^/]+\.`,
+  // and because `...` can never be a real directory name (filesystems
+  // refuse it on most platforms — `.` and `..` are the only legal
+  // dot-only directory names). Three consecutive dots in a path segment
+  // are unambiguous placeholder signal.
+  const hasPlaceholder = (p) =>
+    /\{[^}]+\}/.test(p) ||       // {domain} style
+    /X{3,}/.test(p) || /Xxx/.test(p) ||  // XXX+ anywhere, or Xxx token
+    /\*/.test(p) ||              // glob star
+    /\/\.\.\.\//.test(p);        // /.../ ellipsis path segment (v2.4.0)
+
+  // File-level exclusion: some generated rule files are DESIGNED to cite
+  // convention-trap paths as teaching examples — they tell the reader
+  // "don't invent paths like these". `content-validator`'s path-claim
+  // check is content-blind, so literal example paths inside such a file
+  // would be flagged as STALE_PATH even though the author intentionally
+  // listed them as cautionary illustrations.
+  //
+  // The exclusion is strictly opt-in, named by relative path, and
+  // limited to files whose purpose is educational-about-paths. Adding a
+  // file here is a deliberate design choice — the alternative is for
+  // the LLM to rewrite those examples as placeholders (Xxx / glob /
+  // prose), which the prompt now nudges toward but cannot strictly
+  // enforce.
+  //
+  // Current exclusions:
+  //   - 00.core/52.ai-work-rules.md — the canonical "AI work rules"
+  //     file, which by design lists convention-trap paths as warnings
+  //     to future AI sessions. This file has been observed to
+  //     accumulate STALE_PATH false positives when a prompt-level
+  //     denylist primed the LLM to cite those exact paths as
+  //     educational examples (the denylist has since been removed;
+  //     this exclusion is the validator-side defense-in-depth).
+  //   - 00.core/51.doc-writing-rules.md — the documentation writing
+  //     rules file (v2.4.0). Same meta-doc class as 52.ai-work-rules.md:
+  //     it teaches "verify file paths before writing them in documents"
+  //     and naturally cites example paths (`src/middleware.ts`,
+  //     `src/app/api/<route>/route.ts`) as illustrations of the rule.
+  //     Those examples are NOT path claims — they are the lesson. The
+  //     content-blind validator would otherwise flag every cited example
+  //     as STALE_PATH on every project that doesn't happen to contain
+  //     all the cited illustrative files. Excluded for the same reason
+  //     and via the same mechanism as 52.ai-work-rules.md.
+  const PATH_CLAIM_EXCLUDE_FILES = new Set([
+    "00.core/52.ai-work-rules.md",
+    "00.core/51.doc-writing-rules.md",
+  ]);
+
+  // v2.4.0 — Resolve a `src/...` path claim against monorepo workspaces.
+  //
+  // Pre-v2.4.0 the validator only checked `<ROOT>/<claimed>` directly,
+  // which produced false-positive STALE_PATH advisories on Turborepo /
+  // pnpm-workspace projects where source files live under
+  // `apps/<app-name>/src/...` or `packages/<pkg-name>/src/...`. A rule
+  // citing `src/app/layout.tsx` is the natural single-app shorthand
+  // even when the actual file is at `apps/<app-name>/src/app/layout.tsx`.
+  //
+  // Resolution order (first match wins):
+  //   1. Direct: `<ROOT>/<claimed>` (single-app project)
+  //   2. Monorepo apps: `<ROOT>/apps/*/<claimed>`
+  //   3. Monorepo packages: `<ROOT>/packages/*/<claimed>`
+  //
+  // Returns true on first match, false if no match found anywhere.
+  // The monorepo fallback only fires for paths starting with `src/`,
+  // which is the conventional workspace-relative form. Non-`src/` paths
+  // (e.g., `claudeos-core/skills/...`) are checked direct-only.
+  function resolvePathClaim(ROOT, claimed) {
+    if (fs.existsSync(path.join(ROOT, claimed))) return true;
+    if (!claimed.startsWith("src/")) return false;
+    for (const workspace of ["apps", "packages"]) {
+      const wsDir = path.join(ROOT, workspace);
+      let entries;
+      try { entries = fs.readdirSync(wsDir, { withFileTypes: true }); }
+      catch (_e) { continue; }
+      for (const entry of entries) {
+        if (!entry.isDirectory()) continue;
+        if (fs.existsSync(path.join(wsDir, entry.name, claimed))) return true;
+      }
+    }
+    return false;
+  }
 
   // Strip fenced code blocks (``` and ~~~) so examples inside code
   // blocks don't trigger the check — they're illustrations, not claims.
@@ -459,10 +568,19 @@ async function main() {
   ];
   let pathClaimsChecked = 0;
   let pathClaimErrors = 0;
+  let pathClaimFilesExcluded = 0;
   for (const target of pathClaimTargets) {
     if (!fs.existsSync(target.dir)) continue;
     const files = await glob(target.glob, { cwd: target.dir, absolute: true });
     for (const file of files) {
+      // File-level exclusion: the path is relative to the target dir
+      // (e.g., "00.core/52.ai-work-rules.md" inside .claude/rules/).
+      // Normalize to forward slashes for cross-platform match.
+      const relToTargetDir = path.relative(target.dir, file).split(path.sep).join("/");
+      if (PATH_CLAIM_EXCLUDE_FILES.has(relToTargetDir)) {
+        pathClaimFilesExcluded++;
+        continue;
+      }
       const raw = fs.readFileSync(file, "utf-8");
       const stripped = stripFences(raw);
       const seen = new Set(); // dedupe within a single file
@@ -474,8 +592,7 @@ async function main() {
         seen.add(claimed);
         if (hasPlaceholder(claimed)) continue;
         pathClaimsChecked++;
-        const absolutePath = path.join(ROOT, claimed);
-        if (!fs.existsSync(absolutePath)) {
+        if (!resolvePathClaim(ROOT, claimed)) {
           pathClaimErrors++;
           errors.push({
             file: rel(file),
@@ -488,7 +605,8 @@ async function main() {
       }
     }
   }
-  console.log(`    ${pathClaimsChecked} path claim(s) checked, ${pathClaimErrors} stale`);
+  console.log(`    ${pathClaimsChecked} path claim(s) checked, ${pathClaimErrors} stale` +
+              (pathClaimFilesExcluded > 0 ? ` (${pathClaimFilesExcluded} file(s) excluded by design)` : ""));
 
   // MANIFEST ↔ CLAUDE.md §6 Skills drift check.
   // MANIFEST registers skills in a 4-column table; each row's second
@@ -583,8 +701,13 @@ async function main() {
       // file of the form `skills/{category}/*{parent}*.md` (excluding
       // the sub-skill itself) counts as a plausible orchestrator.
       function orchestratorFor(subSkillPath) {
+        // Sub-skill path forms accepted (v2.4.0 generalization):
+        //   skills/{category}/{parent-stem}/NN.{name}.md   (legacy NN. prefix)
+        //   skills/{category}/{parent-stem}/SKILL.md       (v2.4.0 SKILL.md convention)
+        //   skills/{category}/{parent-stem}/{name}.md      (no NN. prefix)
+        // Captures `parent-stem` and the category directory.
         const m = subSkillPath.match(
-          /^(claudeos-core\/skills\/[^/]+\/)([^/]+)\/\d+\.[^/]+\.md$/
+          /^(claudeos-core\/skills\/[^/]+\/)([^/]+)\/(?:\d+\.)?[^/]+\.md$/
         );
         if (!m) return null;
         return { categoryDir: m[1], stem: m[2] };
@@ -594,15 +717,47 @@ async function main() {
         // basename (minus leading number + dot) matches the sub-skill
         // parent stem. This accepts `01.scaffold-crud-feature.md`,
         // `scaffold-crud-feature.md`, etc.
+        // v2.4.0: a category-level `SKILL.md` (the orchestrator file
+        // colocated with `{category}/SKILL.md`) is treated as the
+        // orchestrator for ALL sub-skills under that category — this
+        // matches the new generator convention where each category has
+        // a single top-level orchestrator at `{category}/SKILL.md`.
         if (!ref.startsWith(categoryDir)) return false;
         const tail = ref.slice(categoryDir.length);
         // Must be a sibling file, not a nested path.
         if (tail.includes("/")) return false;
+        // v2.4.0 SKILL.md convention: a category-level SKILL.md covers
+        // every sub-skill in that category.
+        if (tail === "SKILL.md") return true;
         // Strip leading "NN." if present, then compare stem.
         const base = tail.replace(/^\d+\./, "").replace(/\.md$/, "");
         return base === stem;
       }
 
+      // Pre-compute: is any MANIFEST.md (the global skill registry)
+      // referenced anywhere in CLAUDE.md? Used as an additional
+      // sub-skill coverage rule below.
+      //
+      // Observed scenario: Pass 3c sometimes invents new sub-skill
+      // folder structures (e.g. `{category}/domains/{domain}.md` for
+      // per-domain notes) that weren't anticipated by the orchestrator
+      // pattern (which expects `{category}/{parent-stem}/{name}.md` paired
+      // with `{category}/{parent-stem}.md`). When this happens, every new
+      // sub-skill registration drifts because no sibling orchestrator exists.
+      //
+      // The architectural intent is that MANIFEST.md IS the registry — if
+      // CLAUDE.md §6 tells the reader "see MANIFEST.md for the full list",
+      // the reader can navigate to find every sub-skill. So mentioning
+      // MANIFEST.md anywhere in CLAUDE.md covers ALL sub-skill paths
+      // transitively. Top-level skills (direct `{category}/{file}.md`
+      // entries — those that don't match `orchestratorFor`) still require
+      // direct mention; this exception only applies to deep paths.
+      //
+      // Note: `referenced` Set above filters out MANIFEST.md entries (line
+      // 666), so we must scan the raw mdStripped text directly to detect
+      // MANIFEST.md mention.
+      const manifestReferencedGlobally = /`claudeos-core\/skills\/[\w\-./]*MANIFEST\.md`/.test(mdStripped);
+
       for (const p of registered) {
         if (referenced.has(p)) continue;              // direct mention → OK
 
@@ -613,6 +768,7 @@ async function main() {
             isOrchestratorReferenced(ref, oc)
           );
           if (orchestratorMentioned) continue;        // covered via orchestrator
+          if (manifestReferencedGlobally) continue;   // covered via global MANIFEST
         }
 
         manifestErrors++;
@@ -634,14 +790,26 @@ async function main() {
   }
 
   // ─── Output results ─────────────────────────────────────────
+  //
+  // Terminology note (v2.3.3): the internal arrays stay named `errors` and
+  // `warnings` because they encode *severity* for programmatic consumers
+  // (health-checker's pass/fail gate, stale-report.json's schema, CI
+  // pipelines). The user-visible labels, however, are "advisories" and
+  // "notes" — because these are quality observations about LLM-generated
+  // documents, not test failures. A STALE_PATH doesn't mean `init` crashed;
+  // it means "AI guessed a filename that doesn't exist on disk — worth
+  // reviewing". Calling that an "error" made users think generation had
+  // actually failed. The exit code behavior is unchanged — this tool still
+  // returns 1 when advisories exist so `npx claudeos-core health` remains
+  // a real gate for CI.
   console.log(`\n  Checked ${checked} files\n`);
   if (errors.length) {
-    console.log(`  ❌ ERRORS (${errors.length}):`);
+    console.log(`  ℹ️  ADVISORIES (${errors.length}):`);
     errors.forEach(e => console.log(`     [${e.type}] ${e.file}: ${e.msg}`));
     console.log();
   }
   if (warnings.length) {
-    console.log(`  ⚠️  WARNINGS (${warnings.length}):`);
+    console.log(`  ⚠️  NOTES (${warnings.length}):`);
     warnings.forEach(w => console.log(`     [${w.type}] ${w.file}: ${w.msg}`));
     console.log();
   }
@@ -649,13 +817,18 @@ async function main() {
     console.log("  ✅ All content validation passed\n");
   }
 
-  // Record in stale-report
+  // Record in stale-report. Field names (`contentErrors`, `contentWarnings`)
+  // stay stable because they are part of stale-report.json's public schema
+  // that health-checker and external CI consumers read.
   updateStaleReport(GEN_DIR, "contentValidation",
     { checkedAt: new Date().toISOString(), checked, errors: errors.length, warnings: warnings.length, details: { errors, warnings } },
     { contentErrors: errors.length, contentWarnings: warnings.length }
   );
 
-  console.log(`  Total: ${errors.length} errors, ${warnings.length} warnings\n`);
+  console.log(`  Total: ${errors.length} advisories, ${warnings.length} notes\n`);
+  // Exit code preserved (advisories → 1) so health-checker can still gate
+  // on this tool. The `init` orchestrator displays the result as a soft
+  // advisory regardless (see runContentValidator in bin/commands/init.js).
   process.exit(errors.length > 0 ? 1 : 0);
 }
 

package/health-checker/index.js

@@ -61,11 +61,29 @@ function main() {
   console.log();
 
   // ─── [1-4] Run verification tools sequentially ────────────────────
+  //
+  // Tool status tiers (3-way):
+  //   - default       : non-zero exit → "fail" (❌, sets hasErr, blocks `health` exit code)
+  //   - warnOnly:true  : non-zero exit → "warn" (⚠️, does not set hasErr)
+  //   - softFail:true  : non-zero exit → "advisory" (ℹ️, does not set hasErr)
+  //
+  // The `softFail` tier (v2.4.0) was added for `content-validator` after
+  // user feedback: its findings are documentation quality notes
+  // (STALE_PATH suggestions, MANIFEST_DRIFT, NO_BAD_EXAMPLE) not generation
+  // failures, but pre-fix it surfaced as "❌ fail" alongside the
+  // "non-fatal" message — a confusing dual signal. `ℹ️ advisory` separates
+  // the visual from real structural failures (plan-validator,
+  // sync-checker, manifest-generator).
+  //
+  // `warnOnly` (existing) and `softFail` (new) are functionally similar at
+  // the gate level; the tier name encodes intent: warn = "watch this",
+  // advisory = "review when convenient". Both keep the health-check gate
+  // green.
   const tools = [
-    { name: "plan-validator",      script: path.join(TOOLS, "plan-validator/index.js"),      desc: "Plan consistency"           },
-    { name: "sync-checker",        script: path.join(TOOLS, "sync-checker/index.js"),        desc: "Sync status"                },
-    { name: "content-validator",   script: path.join(TOOLS, "content-validator/index.js"),   desc: "Content quality"            },
-    { name: "pass-json-validator", script: path.join(TOOLS, "pass-json-validator/index.js"), desc: "JSON format", warnOnly: true },
+    { name: "plan-validator",      script: path.join(TOOLS, "plan-validator/index.js"),      desc: "Plan consistency"                          },
+    { name: "sync-checker",        script: path.join(TOOLS, "sync-checker/index.js"),        desc: "Sync status"                               },
+    { name: "content-validator",   script: path.join(TOOLS, "content-validator/index.js"),   desc: "Content quality", softFail: true            },
+    { name: "pass-json-validator", script: path.join(TOOLS, "pass-json-validator/index.js"), desc: "JSON format",     warnOnly: true            },
   ];
 
   const results = [];
@@ -88,6 +106,9 @@ function main() {
     if (r.ok) {
       console.log(" ✅");
       results.push({ name: t.name, status: "pass" });
+    } else if (t.softFail) {
+      console.log(" ℹ️");
+      results.push({ name: t.name, status: "advisory" });
     } else if (t.warnOnly) {
       console.log(" ⚠️");
       results.push({ name: t.name, status: "warn" });
@@ -101,15 +122,28 @@ function main() {
   // ─── Results summary ──────────────────────────────────────────
   console.log("\n  ══════════════════════════════");
   results.forEach((r) => {
-    const icon = r.status === "pass" ? "✅" : r.status === "fail" ? "❌" : r.status === "warn" ? "⚠️" : "⏭️";
+    const icon = r.status === "pass" ? "✅"
+      : r.status === "fail" ? "❌"
+      : r.status === "warn" ? "⚠️"
+      : r.status === "advisory" ? "ℹ️"
+      : "⏭️";
     console.log(`  ${icon} ${r.name.padEnd(22)} ${r.status}`);
   });
   console.log("  ──────────────────────────────");
-  console.log(
-    hasErr
-      ? `  ⚠️  ${results.filter((r) => r.status === "fail").length} failed`
-      : "  ✅ All systems operational"
-  );
+  // Summary line: distinguish real failures (block the gate) from
+  // advisory/warn results (informational, gate stays green).
+  const failCount = results.filter((r) => r.status === "fail").length;
+  const advisoryCount = results.filter((r) => r.status === "advisory").length;
+  const warnCount = results.filter((r) => r.status === "warn").length;
+  if (hasErr) {
+    console.log(`  ⚠️  ${failCount} failed`);
+  } else {
+    const tail = [];
+    if (advisoryCount) tail.push(`${advisoryCount} advisory`);
+    if (warnCount) tail.push(`${warnCount} warning`);
+    const suffix = tail.length ? ` (${tail.join(", ")})` : "";
+    console.log(`  ✅ All systems operational${suffix}`);
+  }
   console.log("  ══════════════════════════════\n");
 
   // ─── Update stale-report.json ────────────────────────────

package/package.json

@@ -1,90 +1,92 @@
-{
-  "name": "claudeos-core",
-  "version": "2.3.1",
-  "description": "Auto-generate Claude Code documentation from your actual source code — Standards, Rules, Skills, and Guides tailored to your project",
-  "main": "bin/cli.js",
-  "bin": {
-    "claudeos-core": "bin/cli.js"
-  },
-  "files": [
-    "bin/",
-    "lib/",
-    "claude-md-validator/",
-    "content-validator/",
-    "health-checker/",
-    "manifest-generator/",
-    "pass-json-validator/",
-    "pass-prompts/",
-    "plan-installer/",
-    "plan-validator/",
-    "sync-checker/",
-    "bootstrap.sh",
-    "README.md",
-    "README.ko.md",
-    "LICENSE",
-    "CHANGELOG.md",
-    "CONTRIBUTING.md",
-    "README.zh-CN.md",
-    "README.ja.md",
-    "README.es.md",
-    "README.vi.md",
-    "README.hi.md",
-    "README.ru.md",
-    "README.fr.md",
-    "README.de.md"
-  ],
-  "scripts": {
-    "init": "node bin/cli.js init",
-    "lint": "node bin/cli.js lint",
-    "health": "node bin/cli.js health",
-    "validate": "node bin/cli.js validate",
-    "refresh": "node bin/cli.js refresh",
-    "restore": "node bin/cli.js restore",
-    "pretest": "node -e \"try{require('glob')}catch(e){process.exit(1)}\" || npm install",
-    "test": "node scripts/run-tests.js",
-    "test:health": "node health-checker/index.js"
-  },
-  "keywords": [
-    "claude-code",
-    "automation",
-    "code-analysis",
-    "CLAUDE.md",
-    "standards",
-    "rules",
-    "skills",
-    "scaffolding",
-    "i18n",
-    "multi-language",
-    "spring-boot",
-    "kotlin",
-    "exposed",
-    "jooq",
-    "cqrs",
-    "bff",
-    "multi-module",
-    "monorepo",
-    "nextjs",
-    "express",
-    "fastify",
-    "angular",
-    "django",
-    "fastapi"
-  ],
-  "author": "claudeos-core <claudeoscore@gmail.com> (https://github.com/claudeos-core)",
-  "license": "ISC",
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/claudeos-core/claudeos-core.git"
-  },
-  "homepage": "https://github.com/claudeos-core/claudeos-core#readme",
-  "bugs": {
-    "url": "https://github.com/claudeos-core/claudeos-core/issues"
-  },
-  "engines": {
-    "node": ">=18.0.0"
-  },
-  "dependencies": {
-    "glob": "^13.0.6",
-    "gray-matter": "^4.0.3"
-  }
-}
+{
+  "name": "claudeos-core",
+  "version": "2.4.0",
+  "description": "Auto-generate Claude Code documentation from your actual source code — Standards, Rules, Skills, and Guides tailored to your project",
+  "main": "bin/cli.js",
+  "bin": {
+    "claudeos-core": "bin/cli.js"
+  },
+  "files": [
+    "bin/",
+    "lib/",
+    "claude-md-validator/",
+    "content-validator/",
+    "health-checker/",
+    "manifest-generator/",
+    "pass-json-validator/",
+    "pass-prompts/",
+    "plan-installer/",
+    "plan-validator/",
+    "sync-checker/",
+    "bootstrap.sh",
+    "README.md",
+    "README.ko.md",
+    "LICENSE",
+    "CHANGELOG.md",
+    "CONTRIBUTING.md",
+    "CODE_OF_CONDUCT.md",
+    "SECURITY.md",
+    "README.zh-CN.md",
+    "README.ja.md",
+    "README.es.md",
+    "README.vi.md",
+    "README.hi.md",
+    "README.ru.md",
+    "README.fr.md",
+    "README.de.md"
+  ],
+  "scripts": {
+    "init": "node bin/cli.js init",
+    "lint": "node bin/cli.js lint",
+    "health": "node bin/cli.js health",
+    "validate": "node bin/cli.js validate",
+    "refresh": "node bin/cli.js refresh",
+    "restore": "node bin/cli.js restore",
+    "pretest": "node -e \"try{require('glob')}catch(e){process.exit(1)}\" || npm install",
+    "test": "node scripts/run-tests.js",
+    "test:health": "node health-checker/index.js"
+  },
+  "keywords": [
+    "claude-code",
+    "automation",
+    "code-analysis",
+    "CLAUDE.md",
+    "standards",
+    "rules",
+    "skills",
+    "scaffolding",
+    "i18n",
+    "multi-language",
+    "spring-boot",
+    "kotlin",
+    "exposed",
+    "jooq",
+    "cqrs",
+    "bff",
+    "multi-module",
+    "monorepo",
+    "nextjs",
+    "express",
+    "fastify",
+    "angular",
+    "django",
+    "fastapi"
+  ],
+  "author": "claudeos-core <claudeoscore@gmail.com> (https://github.com/claudeos-core)",
+  "license": "ISC",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/claudeos-core/claudeos-core.git"
+  },
+  "homepage": "https://github.com/claudeos-core/claudeos-core#readme",
+  "bugs": {
+    "url": "https://github.com/claudeos-core/claudeos-core/issues"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "dependencies": {
+    "glob": "^13.0.6",
+    "gray-matter": "^4.0.3"
+  }
+}