npm - codebyplan - Versions diffs - 1.13.46 → 1.13.49 - Mend

codebyplan 1.13.46 → 1.13.49

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (134) hide show

package/dist/cli.js CHANGED Viewed

@@ -39,7 +39,7 @@ var VERSION, PACKAGE_NAME;
 var init_version = __esm({
   "src/lib/version.ts"() {
     "use strict";
-    VERSION = "1.13.46";
+    VERSION = "1.13.49";
     PACKAGE_NAME = "codebyplan";
   }
 });
@@ -35130,8 +35130,10 @@ function checkScopeMarkers(opts) {
   const {
     claudeDir,
     scanDirs = SCAN_DIRS,
-    allowlist = /* @__PURE__ */ new Set()
+    allowlist = /* @__PURE__ */ new Set(),
+    templatesDir
   } = opts;
+  const twinDetectionActive = templatesDir != null && fs11.existsSync(templatesDir);
   const violations = [];
   for (const scanDir of scanDirs) {
     const baseDir = path12.join(claudeDir, scanDir);
@@ -35158,10 +35160,16 @@ function checkScopeMarkers(opts) {
         });
         continue;
       }
-      if (isMd) {
-        const scopeValue = extractFrontmatterScope(content);
+      const scopeValue = isMd ? extractFrontmatterScope(content) : extractShScope(content);
+      const managed = twinDetectionActive && fs11.existsSync(path12.join(templatesDir, relPath));
+      if (managed) {
         if (scopeValue === null) {
-          violations.push({ type: "missing-scope", path: relPath });
+        } else if (scopeValue === "org-shared") {
+          violations.push({
+            type: "redundant-scope",
+            path: relPath,
+            detail: "redundant org-shared marker \u2014 org-shared is the implicit default, remove the key"
+          });
         } else if (!isValidScope(scopeValue)) {
           violations.push({
             type: "invalid-scope",
@@ -35170,7 +35178,6 @@ function checkScopeMarkers(opts) {
           });
         }
       } else {
-        const scopeValue = extractShScope(content);
         if (scopeValue === null) {
           violations.push({ type: "missing-scope", path: relPath });
         } else if (!isValidScope(scopeValue)) {
@@ -35187,14 +35194,20 @@ function checkScopeMarkers(opts) {
 }
 function runVerifyParity(opts) {
   const { claudeDir, templatesDir, expectedOneSided } = opts;
-  const violations = [];
-  violations.push(...checkScopeMarkers({ claudeDir }));
+  const allScopeItems = [];
+  const parityItems = [];
+  allScopeItems.push(...checkScopeMarkers({ claudeDir, templatesDir }));
   if (templatesDir != null && fs11.existsSync(templatesDir)) {
-    violations.push(
+    parityItems.push(
       ...checkSiblingParity({ claudeDir, templatesDir, expectedOneSided })
     );
   }
-  return { violations };
+  const warnings = allScopeItems.filter((v) => v.type === "redundant-scope");
+  const scopeViolations = allScopeItems.filter(
+    (v) => v.type !== "redundant-scope"
+  );
+  const violations = [...scopeViolations, ...parityItems];
+  return { violations, warnings };
 }
 function readdirRecursive(dir, rel = "", visited = /* @__PURE__ */ new Set()) {
   const realDir = fs11.realpathSync(dir);
@@ -35258,7 +35271,7 @@ var init_verify_parity = __esm({
       "hooks",
       "rules"
     ];
-    REPO_ONLY_RE = /^repo-only:[a-z0-9-]+$/;
+    REPO_ONLY_RE = /^repo-only:[a-z0-9]([a-z0-9-]*[a-z0-9])?$/;
     DEFAULT_EXPECTED_ONE_SIDED = /* @__PURE__ */ new Set([
       "hooks/cbp-mcp-migration-guard.sh",
       // repo-only:codebyplan — monorepo-only skill (references the in-repo
@@ -35312,12 +35325,19 @@ function verifyParity(args, deps = {}) {
     );
     return 2;
   }
-  const { violations } = result;
+  const { violations, warnings } = result;
   if (jsonMode) {
-    process.stdout.write(JSON.stringify(violations, null, 2) + "\n");
+    process.stdout.write(
+      JSON.stringify({ violations, warnings }, null, 2) + "\n"
+    );
     if (violations.length > 0 && !warnOnly) return 1;
     return 0;
   }
+  for (const w of warnings) {
+    const detail = w.detail ? `: ${w.detail}` : "";
+    process.stderr.write(`verify-parity: WARN ${w.path}${detail}
+`);
+  }
   if (violations.length === 0) {
     process.stdout.write("verify-parity: OK \u2014 no violations found.\n");
     return 0;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "codebyplan",
-  "version": "1.13.46",
+  "version": "1.13.49",
   "description": "CLI for CodeByPlan — AI-powered development planning and tracking",
   "type": "module",
   "bin": {

package/templates/agents/cbp-cc-executor.md CHANGED Viewed

@@ -1,5 +1,4 @@
 ---
-scope: org-shared
 name: cbp-cc-executor
 description: Authoring executor for `.claude/` infrastructure. Applies approved changes across rules, skills, agents, context, CLAUDE.md, settings, and hooks — with update-first discipline, scope-marker enforcement, and length-limit awareness. Callable by the main conversation, `/cbp-checkpoint-end`, and `round-executor` (for in-scope `.claude/` infra deliverables).
 tools: Read, Write, Edit, Glob, Grep, Skill, Task, AskUserQuestion, Bash(npx codebyplan task create *)

package/templates/agents/cbp-database-agent.md CHANGED Viewed

@@ -1,5 +1,4 @@
 ---
-scope: org-shared
 name: cbp-database-agent
 description: Supabase database specialist. Handles migrations, RLS policies, type generation, and schema changes. Spawned as sub-executor by round-executor when plan includes DB work.
 tools: Read, Write, Edit, Glob, Grep, Bash, mcp__supabase__apply_migration, mcp__supabase__execute_sql, mcp__supabase__list_tables, mcp__supabase__list_migrations, mcp__supabase__get_advisors, mcp__supabase__generate_typescript_types, mcp__supabase__search_docs

package/templates/agents/cbp-e2e-maestro.md CHANGED Viewed

@@ -4,7 +4,6 @@ description: Maestro E2E flow authoring + execution for Expo/React Native mobile
 tools: Read, Write, Edit, Glob, Grep, Bash, AskUserQuestion, mcp__codebyplan__get_repos
 model: sonnet
 effort: xhigh
-scope: org-shared
 ---
 # Maestro E2E Agent

package/templates/agents/cbp-e2e-playwright.md CHANGED Viewed

@@ -4,7 +4,6 @@ description: Playwright E2E test authoring + execution for web app routes. Spawn
 tools: Read, Write, Edit, Glob, Grep, Bash, AskUserQuestion, mcp__codebyplan__get_repos
 model: sonnet
 effort: xhigh
-scope: org-shared
 ---
 # Playwright E2E Agent

package/templates/agents/cbp-e2e-tauri.md CHANGED Viewed

@@ -4,7 +4,6 @@ description: WebDriverIO + tauri-driver E2E test authoring + execution for Tauri
 tools: Read, Write, Edit, Glob, Grep, Bash, AskUserQuestion, mcp__codebyplan__get_repos
 model: sonnet
 effort: xhigh
-scope: org-shared
 ---
 # Tauri E2E Agent

package/templates/agents/cbp-e2e-vscode.md CHANGED Viewed

@@ -4,7 +4,6 @@ description: VS Code extension E2E test authoring + execution using @vscode/test
 tools: Read, Write, Edit, Glob, Grep, Bash, AskUserQuestion, mcp__codebyplan__get_repos
 model: sonnet
 effort: xhigh
-scope: org-shared
 ---
 # VS Code Extension E2E Agent

package/templates/agents/cbp-e2e-xcuitest.md CHANGED Viewed

@@ -4,7 +4,6 @@ description: XCUITest native iOS E2E test authoring + execution for Expo apps ta
 tools: Read, Write, Edit, Glob, Grep, Bash, AskUserQuestion, mcp__codebyplan__get_repos
 model: sonnet
 effort: xhigh
-scope: org-shared
 ---
 # XCUITest E2E Agent

package/templates/agents/cbp-improve-claude.md CHANGED Viewed

@@ -1,5 +1,4 @@
 ---
-scope: org-shared
 name: cbp-improve-claude
 description: Broad analysis agent for retrospective task analysis. Analyzes full task history, conversation efficiency, patterns, root causes by domain, and proposes .claude/ infrastructure improvements.
 tools: Read, Glob, Grep, Task, AskUserQuestion

package/templates/agents/cbp-improve-round.md CHANGED Viewed

@@ -1,5 +1,4 @@
 ---
-scope: org-shared
 name: cbp-improve-round
 description: Code quality review agent. Analyzes round changes for bugs, business logic errors, gaps, and improvements. Spawned by /cbp-round-end.
 tools: Read, Glob, Grep, Task

package/templates/agents/cbp-map-architecture.md CHANGED Viewed

@@ -1,5 +1,4 @@
 ---
-scope: org-shared
 name: cbp-map-architecture
 description: Read-only agent that analyzes a repository module and produces a structured architecture map following the canonical spec. Invoke when generating or refreshing a module's .claude/architecture/<module>.md map file. Returns the full map content as text for the caller to write.
 tools: Read, Glob, Grep

package/templates/agents/cbp-mechanical-edits.md CHANGED Viewed

@@ -1,5 +1,4 @@
 ---
-scope: org-shared
 name: cbp-mechanical-edits
 description: Cheap mechanical-edits subagent — performs renames, moves, string substitutions, frontmatter field edits, and free-form index/manifest regeneration. Spawned by the round-execute skill's Mechanical-Edits Delegation Gate when task-planner classifies a task as work_mode: mechanical. Never authors new code logic.
 tools: Read, Write, Edit, Glob, Grep, Bash

package/templates/agents/cbp-research.md CHANGED Viewed

@@ -1,5 +1,4 @@
 ---
-scope: org-shared
 name: cbp-research
 description: Intelligent on-demand research with discovery levels (0-3). Consults stack first, produces DISCOVERY.md for Level 2+. Callable by other agents.
 tools: Read, Glob, Grep, WebSearch, WebFetch, Write, Task

package/templates/agents/cbp-round-executor.md CHANGED Viewed

@@ -1,5 +1,4 @@
 ---
-scope: org-shared
 name: cbp-round-executor
 description: Execute approved plan. Receives pre-analyzed deliverables and files list. Focuses on quality implementation. Communicates with user when blocked or needs decisions.
 tools: Read, Write, Edit, Glob, Grep, Bash, TaskUpdate, AskUserQuestion, Skill, Task
@@ -316,6 +315,7 @@ When the approved plan includes specialized work, delegate to sub-executor agent
 | Work Type | Agent | When to Delegate |
 |-----------|-------|-----------------|
 | Supabase migrations, RLS, types | `cbp-database-agent` | Plan includes DB schema changes, RLS policies, or type generation |
+| Stripe integration (Checkout, webhooks, subscriptions, customer portal) | `cbp-stripe-agent` | Plan includes Stripe work (files under `stripe/`, or steps referencing `payment`, `checkout`, `webhook`, `subscription`, or `approved_plan.stripe_work === true`) |
 | Batch identical-structure file writes (≥4 files) | `general-purpose` (background) | Plan has 4+ independent files, no shared state, no ordered dependency |
 | `.claude/` infrastructure deliverables | `cbp-cc-executor` | `files_to_modify[]` includes **≥2** `.claude/` files (rules, skills, agents, context, hooks, settings, CLAUDE.md). A single `.claude/` file edit stays on Step 0 Skill-tool routing |
@@ -325,6 +325,12 @@ When the approved plan includes specialized work, delegate to sub-executor agent
 3. Wait for completion, merge files_changed into executor output
 4. Continue with remaining non-DB steps
+**How to delegate to `cbp-stripe-agent`:**
+1. Collect all Stripe-related steps from the plan
+2. Spawn `cbp-stripe-agent` via Agent tool with those steps and `files_changed_scope` set to the executor's current `files_to_modify[]` paths
+3. Wait for completion, merge files_changed into executor output
+4. Continue with remaining non-Stripe steps
 **When NOT to delegate:**
 - Simple Supabase queries in application code (executor handles these)
 - Only delegate schema/migration/RLS/type generation work

package/templates/agents/cbp-security-agent.md CHANGED Viewed

@@ -1,5 +1,4 @@
 ---
-scope: org-shared
 name: cbp-security-agent
 description: Security review specialist. Checks for OWASP top 10 vulnerabilities, hardcoded secrets, SQL injection, XSS, CSRF, and dependency vulnerabilities.
 tools: Read, Glob, Grep, Bash

package/templates/agents/cbp-stripe-agent.md ADDED Viewed

@@ -0,0 +1,173 @@
+---
+scope: org-shared
+name: cbp-stripe-agent
+description: Stripe integration specialist. Writes Stripe code (Checkout, webhooks, subscriptions, customer portal) in the consuming app and optionally drives live Stripe via MCP. Spawned as sub-executor by round-executor when the plan includes Stripe work.
+tools: Read, Write, Edit, Glob, Grep, Bash, AskUserQuestion
+model: sonnet
+effort: xhigh
+---
+# Stripe Agent
+Stripe integration specialist for payments, billing, webhooks, Connect, Tax, and Treasury.
+## Purpose
+Handles Stripe integration work when a round's plan includes payment code. Spawned by
+round-executor as a sub-executor, not directly by `/cbp-round-start`. Two operating modes:
+- **Primary (always)** — writes/modifies Stripe integration code in the consuming app using
+  the current Stripe Node SDK, guided by the `cbp-stripe` skill's API-selection routing.
+- **Optional (opt-in)** — when a Stripe MCP server is configured AND a restricted/test key is
+  present, scaffolds live test data (products, prices, payment links) via that server. Absent
+  either, it degrades silently to code-only — never a hard failure.
+## Input Contract
+```yaml
+input:
+  stripe_tasks: [{step_number, description, type}]  # Stripe-related plan steps
+  files_changed_scope: string[]                     # paths the round is allowed to touch
+  repo_id: string
+  context:
+    checkpoint_goal: string
+    task_requirements: string
+```
+## Output Contract
+```yaml
+output:
+  status: 'completed' | 'blocked' | 'failed'
+  live_path_used: boolean                # true only when the optional MCP path ran
+  files_changed:
+    - path: string
+      action: 'created' | 'modified' | 'deleted'
+  stripe_resources_created:              # populated only when live_path_used === true
+    - type: string                       # e.g. 'product' | 'price' | 'payment_link'
+      id: string
+      mode: 'test'                       # ALWAYS test — live mode is never scaffolded here
+  issues_encountered: string[]
+```
+## Workflow
+### Pre-flight: Load Guidance + Resolve Live-Path Availability
+Run both checks before writing any code:
+1. **Load the `cbp-stripe` skill** for API-selection routing and security rules. Invoke the
+   `cbp-stripe` Skill (or Read `.claude/skills/cbp-stripe/SKILL.md` and the relevant
+   `reference/*.md` when Skill dispatch is unavailable). This is the source of truth for
+   which Stripe API to use per intent — do not select APIs from memory.
+2. **Resolve live-path availability.** The optional MCP path runs ONLY when ALL hold:
+   - `STRIPE_SECRET_KEY` (or an equivalent restricted-key env var) is present AND is a
+     **test-mode** key. Check presence + prefix WITHOUT printing the secret (never `echo` or
+     `printenv` the raw value):
+     ```bash
+     case "${STRIPE_SECRET_KEY:-}" in
+       sk_test_*|rk_test_*) echo "live path: eligible (test key)" ;;
+       sk_live_*|rk_live_*) echo "live path: refused (live-mode key)" ;;
+       "")                  echo "live path: skipped (no key)" ;;
+       *)                   echo "live path: refused (unknown prefix ${STRIPE_SECRET_KEY:0:8})" ;;
+     esac
+     ```
+     Only `sk_test_`/`rk_test_` enable the live path; live-mode keys (`sk_live_`, `rk_live_`)
+     are refused so a dev round never scaffolds real Stripe data.
+   - A Stripe MCP server is reachable. Stripe MCP tools (`mcp__stripe__*`) are NOT listed in
+     this agent's frontmatter because the server is optional and absent by default; discover
+     them at runtime via `ToolSearch` (query `mcp__stripe`). Setup is documented in
+     `.claude/skills/cbp-stripe/reference/stripe-mcp-setup.md`.
+   If any condition fails, set `live_path_used = false` and proceed code-only. Record the
+   reason in `issues_encountered[]` (e.g. `live path skipped: no STRIPE_SECRET_KEY`). This is
+   a normal outcome, NOT a block.
+### Step 1: Analyze Stripe Tasks
+Read `stripe_tasks` and categorize by type, mapping each to the `cbp-stripe` routing table:
+- **One-time payments** → Checkout Sessions (`reference/payments.md`)
+- **Custom payment UI** → Checkout Sessions + Payment Element (`reference/payments.md`)
+- **Saving a payment method** → Setup Intents (`reference/payments.md`)
+- **Subscriptions / recurring billing** → Billing APIs + Checkout Sessions, Customer Portal
+  (`reference/billing.md`)
+- **Webhooks** → signed event handler (`reference/security.md`)
+- **Marketplace / platform** → Connect Accounts v2 (`reference/connect.md`)
+- **Tax** → Stripe Tax (`reference/tax.md`); **embedded finance** → Treasury
+  (`reference/treasury.md`)
+### Step 2: Write Stripe Integration Code (PRIMARY)
+For each task, write or modify code in `files_changed_scope` using the current Stripe Node SDK:
+1. **Honor the critical rules from the skill**: never pass `payment_method_types` except for
+   the documented Terminal and Treasury-bank-account exceptions; prefer dynamic payment
+   methods.
+2. **Server-side key handling**: read the key from `process.env` only; never hardcode or log
+   it. Prefer a restricted key (`rk_`) over a secret key.
+3. **Next.js API routes that import `stripe` MUST export `export const dynamic =
+   'force-dynamic'`** at the top of the file (the SDK reads a runtime env var; static analysis
+   at build time fails without it). Source: `.claude/skills/cbp-frontend-design/reference/nextjs-scss.md`
+   Rule 6.
+4. **Webhook routes** must verify the signature with `stripe.webhooks.constructEvent(rawBody,
+   sig, secret)` against the raw (unparsed) body, and guard the `stripe-signature` header
+   (it is typed `string | string[] | undefined`) before use.
+5. Match the consuming app's existing conventions (error handling, response shape, file
+   layout). Verify the installed `stripe` major version (`grep '"stripe"' package.json`) and
+   write code for that version — the skill notes the latest API version, but consumer repos
+   may pin an older SDK.
+### Step 3: Scaffold Live Test Data (OPTIONAL — only when Pre-flight enabled the live path)
+When `live_path_used` is eligible AND a task explicitly needs live test data (e.g. "create a
+test product + price for the checkout demo"):
+1. Re-confirm the key prefix is `sk_test_` or `rk_test_` immediately before the first call.
+   Abort the live path on any live-mode key (`sk_live_` or `rk_live_`).
+2. Use the discovered Stripe MCP tools to create only what the task requires (products,
+   prices, payment links, test customers). Record each in `stripe_resources_created[]`.
+3. On ANY MCP error (server unreachable, auth rejected, rate limit), fall back to code-only:
+   set `live_path_used = false`, record the error in `issues_encountered[]`, and continue —
+   never block the round on the optional path.
+### Step 4: Verify
+1. For each changed `.ts`/`.tsx` file, run a scoped `npx tsc --noEmit` (or the app's
+   typecheck) on the changed set and confirm no new type errors.
+2. Confirm every API route importing `stripe` exports `dynamic = 'force-dynamic'`
+   (`grep -L "force-dynamic"` across the changed route files).
+3. Confirm no secret was committed: `grep -rE 'sk_live_|rk_live_|sk_test_[A-Za-z0-9]{16,}|rk_test_[A-Za-z0-9]{16,}'`
+   over the changed files returns nothing real. Live-key prefixes (`sk_live_`, `rk_live_`)
+   match with no length floor — a committed live key is never acceptable; test-key prefixes
+   carry a `{16,}` floor so doc placeholders like `sk_test_…` don't false-positive.
+### Step 5: Return Output
+Populate all output-contract fields. Include every file changed. Report the live-path outcome
+(used / skipped + reason) in `issues_encountered[]` for the audit trail.
+## When NOT to Use This Agent
+- Non-payment application code (round-executor handles these).
+- Reading Stripe data for display only with no integration change.
+- Designing the payment UX/visual layer — that is the frontend skills' job; this agent writes
+  the Stripe wiring beneath it.
+- Production / live-mode Stripe operations (`sk_live_`, `rk_live_`) — this agent refuses
+  live-mode keys by design; only test-mode keys enable the optional live path.
+## Integration
+- **Spawned by**: `round-executor` (as sub-executor when the plan includes Stripe work — see
+  `cbp-round-executor` Step 3.5 and `/cbp-round-execute` Step 3b-stripe dispatch).
+- **Returns to**: `round-executor` (merges `files_changed[]` into the round output).
+- **Loads**: the `cbp-stripe` skill (`.claude/skills/cbp-stripe/SKILL.md` + `reference/*.md`)
+  for API selection and security rules.
+- **Optional tools**: Stripe MCP (`mcp__stripe__*`) discovered at runtime via `ToolSearch`
+  when a server is configured per `.claude/skills/cbp-stripe/reference/stripe-mcp-setup.md` —
+  intentionally absent from frontmatter because the server is opt-in.
+- **Rule**: never commit Stripe secrets; restricted/test keys only; degrade to code-only when
+  the live path is unavailable.

package/templates/agents/cbp-task-check.md CHANGED Viewed

@@ -1,5 +1,4 @@
 ---
-scope: org-shared
 name: cbp-task-check
 description: Task verification agent. Verifies requirements, checkpoint alignment, QA status, file approvals, code review, shippable gate, round outcome analysis, and user satisfaction discussion.
 tools: Read, Glob, Grep, Bash, AskUserQuestion

package/templates/agents/cbp-task-planner.md CHANGED Viewed

@@ -1,5 +1,4 @@
 ---
-scope: org-shared
 name: cbp-task-planner
 description: Analyze codebase and create implementation plan. Reads context from DB. Uses Explore subagent for fast analysis. Communicates with user for clarifications.
 tools: Read, Glob, Grep, Task, TaskCreate, AskUserQuestion

package/templates/agents/cbp-testing-qa-agent.md CHANGED Viewed

@@ -1,5 +1,4 @@
 ---
-scope: org-shared
 name: cbp-testing-qa-agent
 description: Combined testing, QA generation, and default checklists. Runs build/lint/types/unit-tests/audit, generates auto QA items, applies default production checklists. Does NOT consume e2e screenshots or frontend-ui findings.
 tools: Read, Glob, Grep, Bash, AskUserQuestion

package/templates/hooks/cbp-auto-test-hooks.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # @hook: PostToolUse Edit|Write
 # Hook: PostToolUse for Edit|Write on hook files
 # Purpose: Run test-hooks.sh when a plugin hook file is modified.

package/templates/hooks/cbp-canonical-templates-nudge.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/usr/bin/env bash
-# @scope: org-shared
 # @event: PreToolUse
 # @matcher: Edit|Write|MultiEdit
 # Advisory source-of-truth nudge. When editing a GATE-6-tracked .claude/ file

package/templates/hooks/cbp-context-window-notify.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # Hook: UserPromptSubmit
 # Purpose: Emit a one-time notice into Claude's context when the session's total
 #          context-window usage crosses CBP_CONTEXT_WARN_TOKENS (default 200000).

package/templates/hooks/cbp-e2e-spec-patterns.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/usr/bin/env bash
-# @scope: org-shared
 # @event: PreToolUse
 # @matcher: Edit|Write|MultiEdit
 # Guard spec files against two patterns banned by rules/e2e-mandatory.md and

package/templates/hooks/cbp-lint-format-on-edit.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # @hook: PostToolUse Edit|Write
 # Hook: Auto-format and auto-fix lint on edited source files
 # Purpose: Continuous Prettier + ESLint --fix after every Edit/Write.

package/templates/hooks/cbp-maestro-yaml-validate.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/usr/bin/env bash
-# @scope: org-shared
 # @event: PreToolUse
 # @matcher: Edit|Write|MultiEdit
 # Validate maestro flow YAML against the installed CLI's accepted property set.

package/templates/hooks/cbp-mcp-caller-worktree-inject.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # @hook: PreToolUse mcp__codebyplan__(update_checkpoint|complete_checkpoint|update_task|complete_task|add_round|update_round|complete_round|create_standalone_task|update_standalone_task|complete_standalone_task|add_standalone_round|update_standalone_round|complete_standalone_round|update_standalone_file_change)
 # Hook: PreToolUse for MCP write tools
 #

package/templates/hooks/cbp-mcp-migration-guard.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # @hook: PreToolUse for MCP mutation tools
 # Hook: PreToolUse for MCP mutation tools
 # Purpose: Warn once per session if a legacy .codebyplan.json exists at repo root (post-CHK-120).

package/templates/hooks/cbp-mcp-round-sync.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # Hook: PostToolUse mcp__codebyplan__complete_round
 # Purpose: After complete_round succeeds, delegate git-diff drift merge,
 #          staging-status flip, and web-UI flag sync to the codebyplan CLI.

package/templates/hooks/cbp-plugin-dispatch.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # Hook: universal plugin-script dispatcher
 # Purpose: Resolve a plugin-shipped hook/statusLine script path with auto-detect fallback.
 # Workaround: ${CLAUDE_PLUGIN_ROOT} is set in the plugin's own hook context but may not

package/templates/hooks/cbp-pre-commit-quality-gate.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # @hook: PreToolUse Bash
 # Hook: PreToolUse for Bash (git commit commands)
 # Purpose: Block git commits that violate greenfield-lint-zero-warnings,

package/templates/hooks/cbp-session-start-hook.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # Hook: SessionStart
 # Purpose: Hydrate .codebyplan/state/ via `codebyplan sync` and ensure the
 #          per-worktree watch daemon is running. Hook-safe: all errors

package/templates/hooks/cbp-statusline.mjs CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/usr/bin/env node
-// @scope: org-shared
 // @hook: NOT-A-HOOK (statusLine renderer, invoked via the cbp-statusline.sh dispatcher)
 // Claude Code Status Line — node renderer (ESM; .mjs forces ESM regardless of the
 // host repo's package.json "type", so the script is portable into any consumer).

package/templates/hooks/cbp-statusline.py CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/usr/bin/env python3
-# @scope: org-shared
 # @hook: NOT-A-HOOK (statusLine renderer, invoked via the cbp-statusline.sh dispatcher)
 # Claude Code Status Line — python renderer.
 # Byte-identical output to the bash renderer in cbp-statusline.sh and the node

package/templates/hooks/cbp-statusline.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # @hook: NOT-A-HOOK (statusLine renderer, invoked by settings.json statusLine.command)
 # Claude Code Status Line — multi-runtime dispatcher + bash renderer
 # Purpose: Renders up to 6 structured lines of Claude Code status from stdin JSON.

package/templates/hooks/cbp-subagent-statusline.mjs CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/usr/bin/env node
-// @scope: org-shared
 // @hook: NOT-A-HOOK (subagentStatusLine renderer, invoked via the cbp-subagent-statusline.sh dispatcher)
 // Claude Code Subagent Status Line — node renderer (ESM; .mjs forces ESM regardless
 // of the host repo's package.json "type"). Byte-identical output to the bash renderer

package/templates/hooks/cbp-subagent-statusline.py CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/usr/bin/env python3
-# @scope: org-shared
 # @hook: NOT-A-HOOK (subagentStatusLine renderer, invoked via the cbp-subagent-statusline.sh dispatcher)
 # Claude Code Subagent Status Line — python renderer. Byte-identical output to the
 # bash renderer in cbp-subagent-statusline.sh and the node renderer in

package/templates/hooks/cbp-subagent-statusline.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # Portability: bash 3.2+ (macOS default /bin/bash). UTF-8 multibyte chars in
 # user-controlled fields are byte-iterated under 3.2 (over-counts visible width
 # for non-ASCII content); acceptable safe-direction approximation — and the node

package/templates/hooks/cbp-test-coverage-gate.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # @hook: PreToolUse Bash
 # Hook: PreToolUse for Bash (git commit commands)
 # Purpose: Block git commits when new source files lack test companions

package/templates/hooks/cbp-test-hooks.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # @hook: NOT-A-HOOK (test suite for plugin hooks; invoked by cbp-auto-test-hooks.sh)
 # Purpose: Test suite for plugin's shipped hooks. Invoked by cbp-auto-test-hooks.sh whenever a
 #          plugin hook file is edited. Not a PreToolUse/PostToolUse/Notification hook itself —

package/templates/hooks/validate-context-usage.sh CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/bin/bash
-# @scope: org-shared
 # Hook Helper: Context file usage validation for validate-structure.sh
 # Purpose: Ensure context files are referenced by at least one agent or skill
 # Sourced by validate-structure.sh - not run directly