code-warden 3.3.0 → 3.3.1

package/install.ps1

@@ -1,32 +1,32 @@
-# PowerShell installer for CodeWarden.
-# Run from the skill folder: .\install.ps1
-param(
-  [ValidateSet('agents', 'codex', 'claude')]
-  [string]$Target = 'agents'
-)
-
-$ErrorActionPreference = 'Stop'
-
-$targetMap = @{
-  agents = Join-Path $HOME '.agents\skills\code-warden'
-  codex = Join-Path $HOME '.codex\skills\code-warden'
-  claude = Join-Path $HOME '.claude\skills\code-warden'
-}
-
-$targetDir = $targetMap[$Target]
-$skillsDir = Split-Path -Parent $targetDir
-
-Write-Host "Installing CodeWarden skill for $Target..."
-
-if (Test-Path $targetDir) {
-  Remove-Item -Recurse -Force $targetDir
-}
-
-if (-not (Test-Path $skillsDir)) {
-  New-Item -ItemType Directory -Force -Path $skillsDir | Out-Null
-}
-
-Copy-Item -Recurse -Force . $targetDir
-
-Write-Host "CodeWarden installed successfully to: $targetDir"
-Write-Host "Restart or refresh your agent session so the updated skill metadata is loaded."
+# PowerShell installer for CodeWarden.
+# Run from the skill folder: .\install.ps1
+param(
+  [ValidateSet('agents', 'codex', 'claude')]
+  [string]$Target = 'agents'
+)
+
+$ErrorActionPreference = 'Stop'
+
+$targetMap = @{
+  agents = Join-Path $HOME '.agents\skills\code-warden'
+  codex = Join-Path $HOME '.codex\skills\code-warden'
+  claude = Join-Path $HOME '.claude\skills\code-warden'
+}
+
+$targetDir = $targetMap[$Target]
+$skillsDir = Split-Path -Parent $targetDir
+
+Write-Host "Installing CodeWarden skill for $Target..."
+
+if (Test-Path $targetDir) {
+  Remove-Item -Recurse -Force $targetDir
+}
+
+if (-not (Test-Path $skillsDir)) {
+  New-Item -ItemType Directory -Force -Path $skillsDir | Out-Null
+}
+
+Copy-Item -Recurse -Force . $targetDir
+
+Write-Host "CodeWarden installed successfully to: $targetDir"
+Write-Host "Restart or refresh your agent session so the updated skill metadata is loaded."

package/install.sh

@@ -1,33 +1,33 @@
-#!/bin/bash
-set -euo pipefail
-
-TARGET="${1:-agents}"
-
-case "$TARGET" in
-  agents)
-    TARGET_DIR="$HOME/.agents/skills/code-warden"
-    ;;
-  codex)
-    TARGET_DIR="$HOME/.codex/skills/code-warden"
-    ;;
-  claude)
-    TARGET_DIR="$HOME/.claude/skills/code-warden"
-    ;;
-  *)
-    echo "Usage: install.sh [agents|codex|claude]" >&2
-    exit 1
-    ;;
-esac
-
-echo "Installing CodeWarden skill for $TARGET..."
-mkdir -p "$(dirname "$TARGET_DIR")"
-
-if [ -d "$TARGET_DIR" ]; then
-  rm -rf "$TARGET_DIR"
-fi
-
-cp -r . "$TARGET_DIR"
-chmod +x "$TARGET_DIR/tools/"*.js 2>/dev/null || true
-
-echo "CodeWarden installed successfully to $TARGET_DIR"
-echo "Restart or refresh your agent session so the updated skill metadata is loaded."
+#!/bin/bash
+set -euo pipefail
+
+TARGET="${1:-agents}"
+
+case "$TARGET" in
+  agents)
+    TARGET_DIR="$HOME/.agents/skills/code-warden"
+    ;;
+  codex)
+    TARGET_DIR="$HOME/.codex/skills/code-warden"
+    ;;
+  claude)
+    TARGET_DIR="$HOME/.claude/skills/code-warden"
+    ;;
+  *)
+    echo "Usage: install.sh [agents|codex|claude]" >&2
+    exit 1
+    ;;
+esac
+
+echo "Installing CodeWarden skill for $TARGET..."
+mkdir -p "$(dirname "$TARGET_DIR")"
+
+if [ -d "$TARGET_DIR" ]; then
+  rm -rf "$TARGET_DIR"
+fi
+
+cp -r . "$TARGET_DIR"
+chmod +x "$TARGET_DIR/tools/"*.js 2>/dev/null || true
+
+echo "CodeWarden installed successfully to $TARGET_DIR"
+echo "Restart or refresh your agent session so the updated skill metadata is loaded."

package/package.json

@@ -1,62 +1,62 @@
-{
-  "name": "code-warden",
-  "version": "3.3.0",
-  "description": "Verifiable governance for AI-assisted development — checks, hooks, and evidence.",
-  "main": "SKILL.md",
-  "bin": {
-    "code-warden": "bin/code-warden.js"
-  },
-  "files": [
-    "bin/",
-    "tools/",
-    "references/",
-    "templates/",
-    "examples/",
-    "SKILL.md",
-    "CONFIGURE.md",
-    "DECISIONS.md",
-    "README.md",
-    "codewarden.json",
-    "install.js",
-    "install.ps1",
-    "install.sh"
-  ],
-  "scripts": {
-    "lint": "node tools/warden-lint.js .",
-    "check-secrets": "node tools/verify-secrets.js .",
-    "get-context": "node tools/get-context.js",
-    "report": "node tools/governance-report.js .",
-    "report:json": "node tools/governance-report.js . --format=json",
-    "report:md": "node tools/governance-report.js . --format=md",
-    "install-auto": "node install.js",
-    "install-dry-run": "node install.js --dry-run",
-    "install-list": "node install.js --list",
-    "install-doctor": "node install.js --doctor",
-    "test": "node tools/tests/run-tests.js",
-    "ci": "npm run lint && npm run check-secrets && npm run test && node install.js --doctor"
-  },
-  "engines": {
-    "node": ">=18"
-  },
-  "keywords": [
-    "ai",
-    "governance",
-    "claude",
-    "codex",
-    "cursor",
-    "windsurf",
-    "code-review",
-    "linter",
-    "secrets",
-    "ci",
-    "hooks"
-  ],
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/Kodaxadev/Code-Warden.git"
-  },
-  "homepage": "https://github.com/Kodaxadev/Code-Warden",
-  "bugs": "https://github.com/Kodaxadev/Code-Warden/issues",
-  "author": "Justin Davis",
-  "license": "MIT"
-}
+{
+  "name": "code-warden",
+  "version": "3.3.1",
+  "description": "Verifiable governance for AI-assisted development — checks, hooks, and evidence.",
+  "main": "SKILL.md",
+  "bin": {
+    "code-warden": "bin/code-warden.js"
+  },
+  "files": [
+    "bin/",
+    "tools/",
+    "references/",
+    "templates/",
+    "examples/",
+    "SKILL.md",
+    "CONFIGURE.md",
+    "DECISIONS.md",
+    "README.md",
+    "codewarden.json",
+    "install.js",
+    "install.ps1",
+    "install.sh"
+  ],
+  "scripts": {
+    "lint": "node tools/warden-lint.js .",
+    "check-secrets": "node tools/verify-secrets.js .",
+    "get-context": "node tools/get-context.js",
+    "report": "node tools/governance-report.js .",
+    "report:json": "node tools/governance-report.js . --format=json",
+    "report:md": "node tools/governance-report.js . --format=md",
+    "install-auto": "node install.js",
+    "install-dry-run": "node install.js --dry-run",
+    "install-list": "node install.js --list",
+    "install-doctor": "node install.js --doctor",
+    "test": "node tools/tests/run-tests.js",
+    "ci": "npm run lint && npm run check-secrets && npm run test && node install.js --doctor"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "keywords": [
+    "ai",
+    "governance",
+    "claude",
+    "codex",
+    "cursor",
+    "windsurf",
+    "code-review",
+    "linter",
+    "secrets",
+    "ci",
+    "hooks"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/Kodaxadev/Code-Warden.git"
+  },
+  "homepage": "https://github.com/Kodaxadev/Code-Warden",
+  "bugs": "https://github.com/Kodaxadev/Code-Warden/issues",
+  "author": "Justin Davis",
+  "license": "MIT"
+}

package/references/anti-drift.md

@@ -1,55 +1,55 @@
-# Context Integrity and Anti-Drift
-
-## Anchor Check (Pre-Flight)
-
-Before delivering any contiguous code block exceeding the `pre_flight_trigger_lines`
-from `codewarden.json` (default 150 lines), output a structurally valid JSON
-pre-flight manifest:
-
-```json
-{
-  "pre_flight": {
-    "file": "[filename]",
-    "estimated_lines": "[count]",
-    "concern": "[single stated responsibility of this file]",
-    "secrets": ["[none]", "env-var sourced: [vars]"],
-    "files_changed_this_action": ["[filenames]"]
-  }
-}
-```
-
-This JSON manifest is parsed by downstream UI/tools. The human should be able to
-spot-check every field. If any field cannot be filled accurately, stop and re-scope.
-
-## Session Scoping
-
-- Start a fresh session at each logical module boundary.
-- Never carry one session across unrelated modules or features.
-- When switching domains, start clean.
-
-## Re-injection Rule
-
-- Output the architecture state block from `SKILL.md` as the first response in any session.
-- Do not greet, ask questions, or gather requirements until the architecture state block has been output and the user has confirmed or provided missing info.
-- If no doc exists, apply the Re-injection Fallback from `architecture.md`.
-- Never assume prior context survived a session boundary.
-
-## Drift Trigger Response Protocol
-
-When a drift signal is detected:
-1. Stop generating output immediately.
-2. State which rule was violated.
-3. Re-state the relevant rule from the appropriate reference file.
-4. Correct and continue only after re-anchoring.
-
-Drift signals:
-- Guessed syntax without searching live docs.
-- Used stale training data for current facts.
-- Chose a familiar default stack or product shape without a fit check.
-- Unexplained block >150 lines contiguous.
-- Skipped Blast Radius Check before a rewrite.
-- Claimed completion without verification evidence.
-- Changed dependencies without version/source evidence.
-- Edited in a dirty repo without checking ownership.
-- No `[AWAITING CONFIRMATION]` before a >2-file change.
-- Monolithic output without module split.
+# Context Integrity and Anti-Drift
+
+## Anchor Check (Pre-Flight)
+
+Before delivering any contiguous code block exceeding the `pre_flight_trigger_lines`
+from `codewarden.json` (default 150 lines), output a structurally valid JSON
+pre-flight manifest:
+
+```json
+{
+  "pre_flight": {
+    "file": "[filename]",
+    "estimated_lines": "[count]",
+    "concern": "[single stated responsibility of this file]",
+    "secrets": ["[none]", "env-var sourced: [vars]"],
+    "files_changed_this_action": ["[filenames]"]
+  }
+}
+```
+
+This JSON manifest is parsed by downstream UI/tools. The human should be able to
+spot-check every field. If any field cannot be filled accurately, stop and re-scope.
+
+## Session Scoping
+
+- Start a fresh session at each logical module boundary.
+- Never carry one session across unrelated modules or features.
+- When switching domains, start clean.
+
+## Re-injection Rule
+
+- Output the architecture state block from `SKILL.md` as the first response in any session.
+- Do not greet, ask questions, or gather requirements until the architecture state block has been output and the user has confirmed or provided missing info.
+- If no doc exists, apply the Re-injection Fallback from `architecture.md`.
+- Never assume prior context survived a session boundary.
+
+## Drift Trigger Response Protocol
+
+When a drift signal is detected:
+1. Stop generating output immediately.
+2. State which rule was violated.
+3. Re-state the relevant rule from the appropriate reference file.
+4. Correct and continue only after re-anchoring.
+
+Drift signals:
+- Guessed syntax without searching live docs.
+- Used stale training data for current facts.
+- Chose a familiar default stack or product shape without a fit check.
+- Unexplained block >150 lines contiguous.
+- Skipped Blast Radius Check before a rewrite.
+- Claimed completion without verification evidence.
+- Changed dependencies without version/source evidence.
+- Edited in a dirty repo without checking ownership.
+- No `[AWAITING CONFIRMATION]` before a >2-file change.
+- Monolithic output without module split.

package/references/architecture.md

@@ -1,26 +1,26 @@
-# Architecture & Memory Management
-
-## Blueprint Rule
-Before generating any new module:
-- Verify alignment with the master architecture doc or PRD
-- Explicitly state which other files or modules will be impacted
-- Never generate a module in isolation without tracing upstream/downstream dependencies
-
-## State Update Rule
-If a change alters data flow or architecture:
-- Prompt to update the architecture doc or dependency map immediately
-- Do not leave docs out of sync with code
-- Flag affected interface contracts or type definitions
-
-## Re-injection Rule
-Any session involving structural changes must open by re-stating:
-- The architecture doc or PRD summary
-- Never assume prior session context has carried over
-
-## Re-injection Fallback
-If no architecture doc exists in context:
-- Execute `~/.claude/skills/code-warden/tools/get-context.js` to attempt to automatically locate and parse the project's foundational documents.
-- If the tool fails or no docs exist:
-  - Restate the last 3 file dependencies
-  - Restate the current data flow
-  - Flag that a formal architecture doc should be created
+# Architecture & Memory Management
+
+## Blueprint Rule
+Before generating any new module:
+- Verify alignment with the master architecture doc or PRD
+- Explicitly state which other files or modules will be impacted
+- Never generate a module in isolation without tracing upstream/downstream dependencies
+
+## State Update Rule
+If a change alters data flow or architecture:
+- Prompt to update the architecture doc or dependency map immediately
+- Do not leave docs out of sync with code
+- Flag affected interface contracts or type definitions
+
+## Re-injection Rule
+Any session involving structural changes must open by re-stating:
+- The architecture doc or PRD summary
+- Never assume prior session context has carried over
+
+## Re-injection Fallback
+If no architecture doc exists in context:
+- Execute `~/.claude/skills/code-warden/tools/get-context.js` to attempt to automatically locate and parse the project's foundational documents.
+- If the tool fails or no docs exist:
+  - Restate the last 3 file dependencies
+  - Restate the current data flow
+  - Flag that a formal architecture doc should be created

package/references/cleanup.md

@@ -1,30 +1,30 @@
-# Refactoring and Cleanup
-
-## Leave It Better
-
-When touching a file to add a feature or fix a bug:
-- Flag any obvious technical debt, deprecated methods, or unhandled edge cases.
-- Use this exact format:
-  `TECH DEBT FLAGGED: [file:line] [issue] [suggested fix]`
-- Do not fix flagged debt without asking first; fixes expand scope unexpectedly.
-
-## Test Contract
-
-- Structural modules ship with unit tests.
-- Any rewritten logic includes regression tests before merge.
-- **Exempt:** Standalone utility scripts under 200 lines with no external dependencies.
-
-## Decision Log
-
-Append to `DECISIONS.md` when:
-- A change affects >2 files.
-- A change alters data flow or module boundaries.
-
-Each entry must include:
-- Decision made.
-- Alternatives considered.
-- Reasoning or citation link.
-- Date.
-
-`DECISIONS.md` is created on first use if it does not exist.
-Do not log minor fixes or cosmetic changes.
+# Refactoring and Cleanup
+
+## Leave It Better
+
+When touching a file to add a feature or fix a bug:
+- Flag any obvious technical debt, deprecated methods, or unhandled edge cases.
+- Use this exact format:
+  `TECH DEBT FLAGGED: [file:line] [issue] [suggested fix]`
+- Do not fix flagged debt without asking first; fixes expand scope unexpectedly.
+
+## Test Contract
+
+- Structural modules ship with unit tests.
+- Any rewritten logic includes regression tests before merge.
+- **Exempt:** Standalone utility scripts under 200 lines with no external dependencies.
+
+## Decision Log
+
+Append to `DECISIONS.md` when:
+- A change affects >2 files.
+- A change alters data flow or module boundaries.
+
+Each entry must include:
+- Decision made.
+- Alternatives considered.
+- Reasoning or citation link.
+- Date.
+
+`DECISIONS.md` is created on first use if it does not exist.
+Do not log minor fixes or cosmetic changes.

package/references/cognition.md

@@ -1,36 +1,36 @@
-# Cognitive Routing
-
-## Think Before Coding
-
-For any complex logic or architecture decision:
-- Write a step-by-step execution plan before writing code.
-- Wait for explicit confirmation if structural changes are involved.
-
-Complex means any of the following:
-- >2 file changes
-- >3 conditional branches
-- Any async or concurrent logic
-- Any change to a public interface or shared data model
-
-## Don't Guess Syntax
-
-For niche libraries, newly released APIs, or unfamiliar frameworks:
-- Stop. Do not approximate from training data.
-- Search live documentation.
-- Output only verified, exact usage.
-
-## Don't Guess Direction
-
-For stack, architecture, or product-shape choices:
-- Stop before using the most familiar pattern.
-- Run the fit check in `references/research-and-fit.md`.
-- Prefer the shape that matches the user's domain and constraints, not the easiest pattern to generate.
-
-## Human Checkpoint
-
-Output `[AWAITING CONFIRMATION]` and pause before execution when:
-- Changes affect **>2 files**
-- Changes generate **>300 lines** total
-- Changes alter architecture or data flow in any way
-
-Do not proceed until explicit confirmation is received.
+# Cognitive Routing
+
+## Think Before Coding
+
+For any complex logic or architecture decision:
+- Write a step-by-step execution plan before writing code.
+- Wait for explicit confirmation if structural changes are involved.
+
+Complex means any of the following:
+- >2 file changes
+- >3 conditional branches
+- Any async or concurrent logic
+- Any change to a public interface or shared data model
+
+## Don't Guess Syntax
+
+For niche libraries, newly released APIs, or unfamiliar frameworks:
+- Stop. Do not approximate from training data.
+- Search live documentation.
+- Output only verified, exact usage.
+
+## Don't Guess Direction
+
+For stack, architecture, or product-shape choices:
+- Stop before using the most familiar pattern.
+- Run the fit check in `references/research-and-fit.md`.
+- Prefer the shape that matches the user's domain and constraints, not the easiest pattern to generate.
+
+## Human Checkpoint
+
+Output `[AWAITING CONFIRMATION]` and pause before execution when:
+- Changes affect **>2 files**
+- Changes generate **>300 lines** total
+- Changes alter architecture or data flow in any way
+
+Do not proceed until explicit confirmation is received.

package/references/operations.md

@@ -1,45 +1,45 @@
-# Operational Discipline
-
-## Verification Before Completion
-
-Before claiming work is complete, fixed, or safe:
-- Run the narrowest meaningful verification command for the change.
-- Report the exact command and result.
-- If verification cannot run, state why and name the residual risk.
-- Do not say tests pass unless the relevant command was run in this session.
-
-Minimum verification by change type:
-- Code behavior: unit, integration, or smoke test that exercises the changed path.
-- Frontend UI: browser or screenshot check for the touched workflow.
-- Build/config: build, typecheck, or config validation.
-- Documentation-only: link, formatting, or spelling check when available.
-
-## Source-Control Hygiene
-
-Before editing files in a repository:
-- Check whether the workspace is under git.
-- Inspect dirty files when git metadata is available.
-- Never revert user changes unless the user explicitly requests it.
-- Keep unrelated local changes out of the patch, commit, or summary.
-
-Before destructive operations:
-- State the exact target path.
-- Verify the target resolves inside the intended workspace or explicitly named directory.
-- Prefer reversible operations or a one-step rollback.
-
-## Dependency and Supply-Chain Control
-
-Before adding, removing, upgrading, or replacing dependencies:
-- Identify the current package manager and lockfile.
-- Prefer existing dependencies and local patterns over new packages.
-- Use official package docs or registry metadata for version-specific behavior.
-- Explain why the dependency change is necessary and what alternative was rejected.
-- Run the package manager's lockfile/update command intentionally; never hand-edit lockfiles.
-
-## Evidence Standard
-
-For technical claims and recommendations:
-- Cite local evidence with file paths, command output, or linked official docs.
-- Use live documentation for time-sensitive, version-specific, or rapidly changing APIs.
-- Clearly label unverified assumptions.
-- Record durable decisions in `DECISIONS.md` when the choice affects architecture, dependencies, safety, or workflow.
+# Operational Discipline
+
+## Verification Before Completion
+
+Before claiming work is complete, fixed, or safe:
+- Run the narrowest meaningful verification command for the change.
+- Report the exact command and result.
+- If verification cannot run, state why and name the residual risk.
+- Do not say tests pass unless the relevant command was run in this session.
+
+Minimum verification by change type:
+- Code behavior: unit, integration, or smoke test that exercises the changed path.
+- Frontend UI: browser or screenshot check for the touched workflow.
+- Build/config: build, typecheck, or config validation.
+- Documentation-only: link, formatting, or spelling check when available.
+
+## Source-Control Hygiene
+
+Before editing files in a repository:
+- Check whether the workspace is under git.
+- Inspect dirty files when git metadata is available.
+- Never revert user changes unless the user explicitly requests it.
+- Keep unrelated local changes out of the patch, commit, or summary.
+
+Before destructive operations:
+- State the exact target path.
+- Verify the target resolves inside the intended workspace or explicitly named directory.
+- Prefer reversible operations or a one-step rollback.
+
+## Dependency and Supply-Chain Control
+
+Before adding, removing, upgrading, or replacing dependencies:
+- Identify the current package manager and lockfile.
+- Prefer existing dependencies and local patterns over new packages.
+- Use official package docs or registry metadata for version-specific behavior.
+- Explain why the dependency change is necessary and what alternative was rejected.
+- Run the package manager's lockfile/update command intentionally; never hand-edit lockfiles.
+
+## Evidence Standard
+
+For technical claims and recommendations:
+- Cite local evidence with file paths, command output, or linked official docs.
+- Use live documentation for time-sensitive, version-specific, or rapidly changing APIs.
+- Clearly label unverified assumptions.
+- Record durable decisions in `DECISIONS.md` when the choice affects architecture, dependencies, safety, or workflow.