npm - skillrepo - Versions diffs - 3.2.0 → 4.1.0 - Mend

skillrepo 3.2.0 → 4.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (53) hide show

package/README.md +137 -27
package/bin/skillrepo.mjs +5 -5
package/package.json +1 -1
package/src/commands/add.mjs +21 -6
package/src/commands/get.mjs +20 -4
package/src/commands/init-cohort-hooks.mjs +127 -0
package/src/commands/init-session-sync.mjs +1 -1
package/src/commands/init.mjs +480 -117
package/src/commands/list.mjs +1 -1
package/src/commands/remove.mjs +10 -2
package/src/commands/uninstall.mjs +13 -2
package/src/commands/update.mjs +112 -19
package/src/lib/agent-hook-merge.mjs +203 -0
package/src/lib/agent-registry.mjs +399 -0
package/src/lib/artifact-registry.mjs +111 -2
package/src/lib/cli-config.mjs +146 -44
package/src/lib/detect-agents.mjs +112 -0
package/src/lib/file-write.mjs +162 -77
package/src/lib/fs-utils.mjs +16 -1
package/src/lib/mcp-merge.mjs +17 -36
package/src/lib/mergers/agent-hook-claude-shape.mjs +519 -0
package/src/lib/mergers/agent-hook-cursor-shape.mjs +318 -0
package/src/lib/mergers/gitignore.mjs +55 -28
package/src/lib/paths.mjs +27 -25
package/src/lib/prompt-multiselect.mjs +324 -0
package/src/lib/removers/agent-hooks.mjs +83 -0
package/src/lib/sync.mjs +18 -19
package/src/test/commands/add.test.mjs +18 -3
package/src/test/commands/init-picker.test.mjs +144 -0
package/src/test/commands/init.test.mjs +508 -41
package/src/test/commands/remove.test.mjs +4 -1
package/src/test/commands/update.test.mjs +148 -3
package/src/test/e2e/cli-agent-permutations.test.mjs +631 -0
package/src/test/e2e/cli-cohort-hooks.test.mjs +393 -0
package/src/test/e2e/cli-commands.test.mjs +39 -13
package/src/test/integration/agent-hooks.integration.test.mjs +340 -0
package/src/test/integration/file-write.integration.test.mjs +31 -10
package/src/test/lib/agent-hook-merge.test.mjs +172 -0
package/src/test/lib/agent-registry.test.mjs +215 -0
package/src/test/lib/artifact-registry.test.mjs +39 -0
package/src/test/lib/cli-config.test.mjs +222 -38
package/src/test/lib/detect-agents.test.mjs +336 -0
package/src/test/lib/file-write-placement.test.mjs +264 -0
package/src/test/lib/file-write.test.mjs +231 -30
package/src/test/lib/mcp-merge.test.mjs +23 -15
package/src/test/lib/paths.test.mjs +53 -17
package/src/test/lib/prompt-multiselect.test.mjs +448 -0
package/src/test/lib/sync.test.mjs +157 -0
package/src/test/mergers/agent-hook-claude-shape.test.mjs +518 -0
package/src/test/mergers/agent-hook-cursor-shape.test.mjs +306 -0
package/src/test/removers/agent-hooks.test.mjs +206 -0
package/src/lib/detect-ides.mjs +0 -44
package/src/test/detect-ides.test.mjs +0 -65

package/src/test/commands/update.test.mjs CHANGED Viewed

@@ -157,16 +157,26 @@ describe("runUpdate — flag handling", () => {
     assert.ok(dir.startsWith(process.env.HOME));
   });
-  it("--ide cursor writes to the project /skills/ fallback", async () => {
+  it("--agent cursor writes to .agents/skills/", async () => {
     server.setLibraryResponse({
       skills: [makeSkill("cursor-test")],
       removals: [],
       syncedAt: "x",
     });
-    await runUpdate(["--key", VALID_KEY, "--url", serverUrl, "--ide", "cursor"]);
-    const dir = resolvePlacementDir("projectFallback", "cursor-test");
+    await runUpdate(["--key", VALID_KEY, "--url", serverUrl, "--agent", "cursor"]);
+    const dir = resolvePlacementDir("agentsProject", "cursor-test");
     assert.ok(existsSync(dir));
   });
+  it("rejects --agent none with a validation error (no targets to sync)", async () => {
+    await assert.rejects(
+      () => runUpdate(["--key", VALID_KEY, "--url", serverUrl, "--agent", "none"]),
+      (err) =>
+        err instanceof CliError &&
+        err.exitCode === EXIT_VALIDATION &&
+        /--agent none has no effect on `skillrepo update`/.test(err.message),
+    );
+  });
 });
 // ── --session-hook mode (#884) ────────────────────────────────────────
@@ -326,3 +336,138 @@ describe("runUpdate — --session-hook contract", () => {
     assert.equal(stdout.text(), "", "zero-delta 200 is silent");
   });
 });
+// ── --silent mode (#1240) ─────────────────────────────────────────────
+//
+// Silent mode is what the cohort SessionStart hooks Cursor / Gemini CLI /
+// Codex CLI / VS Code + Copilot install via the universal command
+// `npx --yes skillrepo update --silent`. Contract:
+//
+//   - stdout produces ONE line on success: `{}` (Gemini's hook stdout
+//     must be valid JSON; the others tolerate empty JSON).
+//   - On failure, stdout writes nothing extra; the typed CliError
+//     propagates and the dispatcher exits non-zero with an stderr
+//     message.
+//   - sync.mjs's non-fatal warnings (e.g. "failed to persist last-sync
+//     state") still go to stderr — operators running `update --silent`
+//     in a terminal still see them.
+//
+// Distinct from `--session-hook`. That mode is exit-0-on-everything
+// because Claude Code blocks session start on hook failures. Cohort
+// vendors do not block, so `--silent` propagates real exit codes.
+describe("runUpdate — --silent contract", () => {
+  beforeEach(setup);
+  afterEach(teardown);
+  it("accepts the --silent flag without throwing Unknown argument", async () => {
+    // Same regression-guard pattern as the --session-hook test —
+    // resolveFlags would normally reject the flag, so an
+    // acceptPositional callback must consume it.
+    server.setLibraryResponse({ skills: [], removals: [], syncedAt: "x" });
+    await assert.doesNotReject(
+      () =>
+        runUpdate(
+          ["--key", VALID_KEY, "--url", serverUrl, "--silent"],
+          { stdout },
+        ),
+      "update --silent must NOT throw Unknown argument",
+    );
+  });
+  it("emits exactly `{}\\n` on a successful empty sync (Gemini contract)", async () => {
+    // INTENT: Gemini specifically requires hook stdout to be valid JSON.
+    // The minimal valid value `{}` injects no model context.
+    server.setLibraryResponse({ skills: [], removals: [], syncedAt: "x" });
+    await runUpdate(
+      ["--key", VALID_KEY, "--url", serverUrl, "--silent"],
+      { stdout },
+    );
+    assert.equal(stdout.text(), "{}\n");
+  });
+  it("emits `{}\\n` even when the sync produced changes (no progress lines on stdout)", async () => {
+    server.setLibraryResponse({
+      skills: [makeSkill("silent-test")],
+      removals: [],
+      syncedAt: "x",
+    });
+    await runUpdate(
+      ["--key", VALID_KEY, "--url", serverUrl, "--silent"],
+      { stdout },
+    );
+    // Stdout still ONLY `{}` — progress is not part of the hook
+    // contract. The skill files themselves still landed on disk
+    // (verified separately in the integration tests).
+    assert.equal(stdout.text(), "{}\n");
+  });
+  it("propagates a real exit code on failure (does NOT silently swallow errors)", async () => {
+    // INTENT: distinct from --session-hook. Cohort vendors do not
+    // block session start on non-zero hook exit, so a failure should
+    // surface as a typed CliError that the dispatcher maps to the
+    // documented exit code. Silent-on-success does NOT mean
+    // silent-on-failure.
+    server.setForcedStatus(401, { error: "Invalid access key" });
+    await assert.rejects(
+      () =>
+        runUpdate(
+          ["--key", VALID_KEY, "--url", serverUrl, "--silent"],
+          { stdout },
+        ),
+      (err) => err instanceof CliError && err.exitCode === EXIT_AUTH,
+      "auth error must propagate as CliError under --silent",
+    );
+    // No `{}` was written — failure surfaces via the throw, not a
+    // half-success stdout line.
+    assert.equal(stdout.text(), "", "no stdout on failure");
+  });
+  it("propagates validation error (e.g. missing --agent value) under --silent", async () => {
+    // resolveFlags throws validationError on a malformed --agent.
+    // Silent mode must NOT catch that — same rationale as the auth
+    // error case.
+    await assert.rejects(
+      () =>
+        runUpdate(
+          ["--key", VALID_KEY, "--url", serverUrl, "--silent", "--agent"],
+          { stdout },
+        ),
+      (err) => err instanceof CliError && err.exitCode === EXIT_VALIDATION,
+    );
+  });
+  it("--silent + --session-hook simultaneously: session-hook wins (defensive precedence) (#1239 QA)", async () => {
+    // INTENT: defensive precedence test. The two flags have different
+    // exit-code contracts: --session-hook is exit-0-on-everything
+    // (Claude blocks session start on non-zero), --silent propagates
+    // real exit codes. Today no installer writes a hook command
+    // containing both flags, but a future code path or manual user
+    // edit could. The branches in update.mjs check sessionHook FIRST,
+    // so when both are present, the session-hook contract wins.
+    //
+    // We force a failure (unreachable server) and assert the
+    // resolveFlags-doesnt-throw + emit-failure-line-on-stdout pattern
+    // of session-hook mode, NOT silent mode's exit-non-zero pattern.
+    server.setForcedStatus(401, { error: "bad key" });
+    await assert.doesNotReject(
+      () =>
+        runUpdate(
+          [
+            "--key", VALID_KEY,
+            "--url", serverUrl,
+            "--silent",
+            "--session-hook",
+          ],
+          { stdout },
+        ),
+      "session-hook precedence over --silent must NOT throw on auth failure",
+    );
+    // Session-hook mode emits the one-line failure marker on stdout
+    assert.match(
+      stdout.text(),
+      /\[SkillRepo\] Sync failed:/,
+      "session-hook precedence must produce the session-hook failure line, not silent's empty stdout",
+    );
+  });
+});