specweave 1.0.550 → 1.0.552

package/plugins/specweave/hooks/v2/guards/interview-enforcement-guard.sh

@@ -1,171 +0,0 @@
-#!/bin/bash
-# interview-enforcement-guard.sh - Enforces Deep Interview completion before spec creation
-#
-# PURPOSE:
-# When Deep Interview Mode is enabled with "enforcement": "strict", this guard
-# BLOCKS spec.md completion until all interview categories have been covered.
-#
-# WORKFLOW ENFORCED:
-# 1. User starts /sw:increment
-# 2. Interview state file created: .specweave/state/interview-{increment-id}.json
-# 3. PM skill marks categories as covered during interview
-# 4. Spec.md writing BLOCKED until all categories are marked complete
-#
-# DETECTION LOGIC:
-# - CHECK: deepInterview.enabled && deepInterview.enforcement == "strict"
-# - CHECK: Interview state file exists and has all categories covered
-# - BLOCK: If categories are missing, show which ones
-# - ALLOW: All categories covered OR enforcement != "strict"
-#
-# @since 1.0.198
-
-set -e
-
-# Read hook input
-INPUT=$(cat)
-
-# Extract file path and tool from input
-TOOL_NAME=$(echo "$INPUT" | jq -r '.tool_name // .toolName // ""')
-FILE_PATH=$(echo "$INPUT" | jq -r '.tool_input.file_path // .toolInput.file_path // ""')
-CONTENT=$(echo "$INPUT" | jq -r '.tool_input.content // .toolInput.content // ""')
-
-# Only check Write operations to spec.md in increment folders
-if [[ "$TOOL_NAME" != "Write" ]]; then
-  echo '{"decision":"allow"}'
-  exit 0
-fi
-
-# Check if this is a spec.md in an increment folder
-if [[ ! "$FILE_PATH" =~ \.specweave/increments/[0-9]{4}-[^/]+/spec\.md$ ]]; then
-  echo '{"decision":"allow"}'
-  exit 0
-fi
-
-# Extract increment ID from path
-INCREMENT_ID=$(echo "$FILE_PATH" | grep -oE '[0-9]{4}-[^/]+' | head -1)
-
-# Find project root (where .specweave/ is)
-PROJECT_ROOT=$(echo "$FILE_PATH" | sed 's|/.specweave/.*|/|')
-CONFIG_PATH="${PROJECT_ROOT}.specweave/config.json"
-
-# Check if Deep Interview Mode is enabled with strict enforcement
-if [[ ! -f "$CONFIG_PATH" ]]; then
-  echo '{"decision":"allow"}'
-  exit 0
-fi
-
-DEEP_INTERVIEW_ENABLED=$(jq -r '.planning.deepInterview.enabled // false' "$CONFIG_PATH" 2>/dev/null)
-ENFORCEMENT=$(jq -r '.planning.deepInterview.enforcement // "advisory"' "$CONFIG_PATH" 2>/dev/null)
-
-# If not enabled or not strict, allow
-if [[ "$DEEP_INTERVIEW_ENABLED" != "true" ]] || [[ "$ENFORCEMENT" != "strict" ]]; then
-  echo '{"decision":"allow"}'
-  exit 0
-fi
-
-# Get required categories from config
-REQUIRED_CATEGORIES=$(jq -r '.planning.deepInterview.categories // ["architecture","integrations","ui-ux","performance","security","edge-cases"] | .[]' "$CONFIG_PATH" 2>/dev/null)
-
-# Check if this is a template being created (allow templates through)
-TEMPLATE_MARKERS=(
-  "[Story Title]"
-  "[user type]"
-  "[goal]"
-  "[benefit]"
-  "TEMPLATE FILE"
-  "{{RESOLVED_PROJECT}}"
-)
-
-for marker in "${TEMPLATE_MARKERS[@]}"; do
-  if [[ "$CONTENT" == *"$marker"* ]]; then
-    # Template creation - allow
-    echo '{"decision":"allow"}'
-    exit 0
-  fi
-done
-
-# Check interview state file
-STATE_DIR="${PROJECT_ROOT}.specweave/state"
-INTERVIEW_STATE="${STATE_DIR}/interview-${INCREMENT_ID}.json"
-
-if [[ ! -f "$INTERVIEW_STATE" ]]; then
-  # No interview state - BLOCK
-  REASON="⛔ **STRICT INTERVIEW ENFORCEMENT: Interview Required**
-
-You're attempting to write to spec.md but **Deep Interview has not been conducted**.
-
-**Strict Interview Mode is enabled** for this project.
-
-Before creating spec.md, you MUST:
-
-1. **Start the interview**:
-   \`\`\`
-   Mark interview started for increment ${INCREMENT_ID}
-   \`\`\`
-
-2. **Cover all 6 categories** (ask thorough questions):
-   - [ ] Architecture - system design, components, data flow
-   - [ ] Integrations - external APIs, databases, auth providers
-   - [ ] UI/UX - user flows, error handling, accessibility
-   - [ ] Performance - load expectations, caching, response times
-   - [ ] Security - auth, authorization, data protection
-   - [ ] Edge Cases - failures, concurrency, rollback
-
-3. **Mark each category as covered**:
-   \`\`\`
-   Mark architecture covered for ${INCREMENT_ID}: [summary of decisions]
-   \`\`\`
-
-4. **Then complete the spec** - this guard will allow it.
-
-**Why This Matters:**
-Thorough requirements gathering prevents rework. Strict mode ensures all bases are covered before implementation begins.
-
-**To disable strict mode** (not recommended):
-Set \`planning.deepInterview.enforcement: \"advisory\"\` in config.json"
-
-  REASON_ESCAPED=$(echo "$REASON" | jq -Rs .)
-  echo "{\"decision\":\"block\",\"reason\":${REASON_ESCAPED}}"
-  exit 0
-fi
-
-# Interview state exists - check if all categories are covered
-COVERED_CATEGORIES=$(jq -r '.coveredCategories // {} | keys[]' "$INTERVIEW_STATE" 2>/dev/null || echo "")
-
-# Find missing categories
-MISSING=""
-for cat in $REQUIRED_CATEGORIES; do
-  if ! echo "$COVERED_CATEGORIES" | grep -qx "$cat"; then
-    MISSING="$MISSING\n   - [ ] $cat"
-  fi
-done
-
-if [[ -n "$MISSING" ]]; then
-  # Some categories not covered - BLOCK
-  REASON="⛔ **STRICT INTERVIEW ENFORCEMENT: Incomplete Interview**
-
-Interview started but **not all categories have been covered**.
-
-**Missing Categories:**
-$MISSING
-
-**Covered Categories:**
-$(jq -r '.coveredCategories // {} | to_entries[] | \"   - [x] \\(.key): \\(.value.summary // \"covered\")\"' "$INTERVIEW_STATE" 2>/dev/null || echo "   (none)")
-
-**To Continue:**
-Ask questions about the missing categories, then mark each as covered:
-\`\`\`
-Mark [category] covered for ${INCREMENT_ID}: [summary of what was decided]
-\`\`\`
-
-**Why This Matters:**
-Strict Interview Mode ensures comprehensive requirements gathering. Skipping categories leads to rework and missed requirements."
-
-  REASON_ESCAPED=$(echo "$REASON" | jq -Rs .)
-  echo "{\"decision\":\"block\",\"reason\":${REASON_ESCAPED}}"
-  exit 0
-fi
-
-# All categories covered - ALLOW
-echo '{"decision":"allow"}'
-exit 0

package/plugins/specweave/hooks/v2/guards/metadata-json-guard.sh

@@ -1,14 +0,0 @@
-#!/bin/bash
-# metadata-json-guard.sh - DISABLED (v1.0.38)
-#
-# This guard was converted to WARNING-only in v1.0.37, and now completely
-# disabled in v1.0.38 per user feedback: "you MUST NEVER block such operations"
-#
-# Metadata validation should be handled by agents/scripts with proper business logic,
-# not by hooks that can interfere with file operations.
-#
-# This guard now does NOTHING - just allows all operations.
-
-set +e
-echo '{"decision":"allow"}'
-exit 0

package/plugins/specweave/hooks/v2/guards/skill-chain-enforcement-guard.sh

@@ -1,222 +0,0 @@
-#!/bin/bash
-# DEPRECATED: v1.0.352 — No longer referenced by /sw:increment SKILL.md
-# The increment skill now uses Agent() delegation (sw-pm, sw-architect, sw-planner agents)
-# instead of Skill() chains with marker-based enforcement.
-# This guard remains on disk for backward compatibility with older cached plugin versions.
-# It can be safely removed in a future version.
-#
-# --- Original documentation below ---
-#
-# skill-chain-enforcement-guard.sh - Enforces skill delegation in /sw:increment
-#
-# PURPOSE:
-# The /sw:increment skill MUST delegate to sub-skills (PM, Architect, Test-Aware-Planner)
-# for creating spec.md, plan.md, and tasks.md. Analytics show the LLM writes these files
-# inline 97% of the time instead of invoking the specialized skills via Skill() calls.
-#
-# This guard BLOCKS direct writes to spec.md, plan.md, and tasks.md from the increment
-# skill unless the corresponding sub-skill has registered its invocation marker.
-#
-# WORKFLOW ENFORCED:
-# 1. /sw:increment creates folder + metadata.json (ALLOWED)
-# 2. /sw:increment MUST invoke Skill("sw:pm") for spec.md
-# 3. /sw:increment MUST invoke Skill("sw:architect") for plan.md
-# 4. /sw:increment MUST delegate to sw-planner agent for tasks.md
-# 5. Each sub-skill writes a marker to .specweave/state/skill-chain-{increment-id}.json
-# 6. This guard checks for that marker before allowing the write
-#
-# DETECTION LOGIC:
-# - ALLOW: metadata.json writes (always)
-# - ALLOW: File has skill invocation marker in state file
-# - ALLOW: File is a template (has template markers)
-# - ALLOW: Config has skillChainEnforcement disabled
-# - BLOCK: Direct spec.md/plan.md/tasks.md writes without skill marker
-#
-# @since 1.0.314
-
-set -e
-
-# Read hook input
-INPUT=$(cat)
-
-# Extract file path and tool from input
-TOOL_NAME=$(echo "$INPUT" | jq -r '.tool_name // .toolName // ""')
-FILE_PATH=$(echo "$INPUT" | jq -r '.tool_input.file_path // .toolInput.file_path // ""')
-CONTENT=$(echo "$INPUT" | jq -r '.tool_input.content // .toolInput.content // ""')
-
-# Only check Write and Edit operations
-if [[ "$TOOL_NAME" != "Write" ]] && [[ "$TOOL_NAME" != "Edit" ]]; then
-  echo '{"decision":"allow"}'
-  exit 0
-fi
-
-# Check if this targets an increment folder
-if [[ ! "$FILE_PATH" =~ \.specweave/increments/[0-9]{4}-[^/]+/ ]]; then
-  echo '{"decision":"allow"}'
-  exit 0
-fi
-
-# Extract the filename
-FILENAME=$(basename "$FILE_PATH")
-
-# Only guard spec.md, plan.md, and tasks.md
-case "$FILENAME" in
-  spec.md|plan.md|tasks.md) ;;
-  *)
-    echo '{"decision":"allow"}'
-    exit 0
-    ;;
-esac
-
-# Extract increment ID from path
-INCREMENT_ID=$(echo "$FILE_PATH" | grep -oE '[0-9]{4}-[^/]+' | head -1)
-
-# Find project root (where .specweave/ is)
-PROJECT_ROOT=$(echo "$FILE_PATH" | sed 's|/.specweave/.*|/|')
-CONFIG_PATH="${PROJECT_ROOT}.specweave/config.json"
-
-# Check if skill chain enforcement is enabled (default: strict)
-ENFORCEMENT="strict"
-if [[ -f "$CONFIG_PATH" ]]; then
-  ENFORCEMENT=$(jq -r '.planning.skillChainEnforcement // "strict"' "$CONFIG_PATH" 2>/dev/null)
-  if [[ "$ENFORCEMENT" == "off" ]] || [[ "$ENFORCEMENT" == "disabled" ]]; then
-    echo '{"decision":"allow"}'
-    exit 0
-  fi
-fi
-
-# Template markers — allow template creation through
-TEMPLATE_MARKERS=(
-  "[Story Title]"
-  "[user type]"
-  "[goal]"
-  "[benefit]"
-  "[Specific, testable criterion]"
-  "{{RESOLVED_PROJECT}}"
-  "TEMPLATE FILE"
-)
-
-# Check if content has template markers (template creation is ALLOWED)
-for marker in "${TEMPLATE_MARKERS[@]}"; do
-  if [[ "$CONTENT" == *"$marker"* ]]; then
-    echo '{"decision":"allow"}'
-    exit 0
-  fi
-done
-
-# For Edit operations, allow small edits (status updates, checkbox toggles)
-# These are operational updates, not full file creation
-if [[ "$TOOL_NAME" == "Edit" ]]; then
-  OLD_STRING=$(echo "$INPUT" | jq -r '.tool_input.old_string // .toolInput.old_string // ""')
-  NEW_STRING=$(echo "$INPUT" | jq -r '.tool_input.new_string // .toolInput.new_string // ""')
-  OLD_LEN=${#OLD_STRING}
-  NEW_LEN=${#NEW_STRING}
-
-  # Allow small edits (status toggles, checkbox changes, minor corrections)
-  # Threshold: edits where both old and new are under 500 chars are likely operational
-  if [[ $OLD_LEN -lt 500 ]] && [[ $NEW_LEN -lt 500 ]]; then
-    echo '{"decision":"allow"}'
-    exit 0
-  fi
-fi
-
-# Determine which skill should have been invoked
-case "$FILENAME" in
-  spec.md)
-    REQUIRED_SKILL="sw:pm"
-    SKILL_LABEL="PM (Product Manager)"
-    STATE_KEY="pm_invoked"
-    ;;
-  plan.md)
-    REQUIRED_SKILL="sw:architect"
-    SKILL_LABEL="Architect"
-    STATE_KEY="architect_invoked"
-    ;;
-  tasks.md)
-    REQUIRED_SKILL="sw-planner"
-    SKILL_LABEL="Planner"
-    STATE_KEY="planner_invoked"
-    ;;
-esac
-
-# Check for skill invocation marker
-STATE_DIR="${PROJECT_ROOT}.specweave/state"
-STATE_FILE="${STATE_DIR}/skill-chain-${INCREMENT_ID}.json"
-
-if [[ -f "$STATE_FILE" ]]; then
-  INVOKED=$(jq -r ".${STATE_KEY} // false" "$STATE_FILE" 2>/dev/null)
-  if [[ "$INVOKED" == "true" ]]; then
-    echo '{"decision":"allow"}'
-    exit 0
-  fi
-fi
-
-# Check if the file already exists with content (this is an update, not creation)
-# Allow updates to existing files that already have substantive content
-if [[ -f "$FILE_PATH" ]]; then
-  EXISTING_SIZE=$(wc -c < "$FILE_PATH" 2>/dev/null || echo "0")
-  # If existing file has real content (>200 bytes, not just a template), allow edits
-  if [[ "$EXISTING_SIZE" -gt 200 ]]; then
-    # But check if this is the first substantive write to a template file
-    EXISTING_CONTENT=$(head -5 "$FILE_PATH" 2>/dev/null || echo "")
-    HAS_TEMPLATE=false
-    for marker in "${TEMPLATE_MARKERS[@]}"; do
-      if [[ "$EXISTING_CONTENT" == *"$marker"* ]]; then
-        HAS_TEMPLATE=true
-        break
-      fi
-    done
-    # If existing file is NOT a template, allow updates (sub-skill already wrote it)
-    if [[ "$HAS_TEMPLATE" == "false" ]]; then
-      echo '{"decision":"allow"}'
-      exit 0
-    fi
-  fi
-fi
-
-# BLOCK: No skill invocation marker found
-if [[ "$ENFORCEMENT" == "warn" ]]; then
-  # Warn mode: allow but show warning
-  REASON="**SKILL CHAIN WARNING**: You are writing ${FILENAME} directly without invoking the ${SKILL_LABEL} skill.
-
-Best practice: Use \`Skill({ skill: \"${REQUIRED_SKILL}\", args: \"... for increment ${INCREMENT_ID}\" })\`
-
-To suppress: Set \`planning.skillChainEnforcement: \"off\"\` in config.json"
-
-  REASON_ESCAPED=$(echo "$REASON" | jq -Rs .)
-  echo "{\"decision\":\"allow\",\"reason\":${REASON_ESCAPED}}"
-  exit 0
-fi
-
-# Strict mode: BLOCK
-REASON="SKILL CHAIN ENFORCEMENT: Delegation Required
-
-You are attempting to write ${FILENAME} directly. The /sw:increment skill MUST delegate
-to specialized sub-skills instead of writing increment files inline.
-
-REQUIRED ACTION for ${FILENAME}:
-  Invoke: Skill({ skill: \"${REQUIRED_SKILL}\", args: \"... for increment ${INCREMENT_ID}\" })
-
-The ${SKILL_LABEL} skill will:
-  1. Register its invocation marker (this unblocks the guard)
-  2. Apply specialized expertise (research, architecture, test planning)
-  3. Write ${FILENAME} with proper structure and coverage
-
-SKILL CHAIN (all 3 MUST be invoked):
-  spec.md  --> Skill({ skill: \"sw:pm\", args: \"...\" })
-  plan.md  --> Skill({ skill: \"sw:architect\", args: \"...\" })
-  tasks.md --> Agent({ subagent_type: \"sw:sw-planner\", ... })
-
-Each skill writes its marker to:
-  ${STATE_DIR}/skill-chain-${INCREMENT_ID}.json
-
-WHY THIS MATTERS:
-  Analytics show 82 increment invocations but only 6 PM, 1 Architect, 1 TAP calls.
-  Inlining bypasses specialized expertise and produces lower-quality specs.
-
-TO DISABLE (not recommended):
-  Set planning.skillChainEnforcement: \"off\" in .specweave/config.json"
-
-REASON_ESCAPED=$(echo "$REASON" | jq -Rs .)
-echo "{\"decision\":\"block\",\"reason\":${REASON_ESCAPED}}"
-exit 0

package/plugins/specweave/hooks/v2/guards/spec-template-enforcement-guard.sh

@@ -1,21 +0,0 @@
-#!/bin/bash
-# spec-template-enforcement-guard.sh - DISABLED (v1.0.38)
-#
-# This guard was disabled in v1.0.38 per user feedback and error dashboard
-# analysis showing 322+ false positive tool_failure errors across 92 sessions.
-#
-# The guard blocked legitimate spec.md writes when /sw:increment creates
-# spec.md in a single pass (no template intermediate step).
-#
-# Sibling guards (spec-validation-guard.sh, increment-duplicate-guard.sh)
-# were already disabled for the same reason.
-#
-# Spec template workflow should be encouraged via documentation and skill
-# defaults, not enforced by hooks that block file operations.
-#
-# @since 1.0.167
-# @disabled 1.0.38
-
-set +e
-echo '{"decision":"allow"}'
-exit 0

package/plugins/specweave/hooks/v2/guards/spec-validation-guard.sh

@@ -1,14 +0,0 @@
-#!/bin/bash
-# spec-validation-guard.sh - DISABLED (v1.0.38)
-#
-# This guard was converted to WARNING-only in v1.0.37, and now completely
-# disabled in v1.0.38 per user feedback: "you MUST NEVER block such operations"
-#
-# Spec validation should be handled by agents/scripts with proper business logic,
-# not by hooks that can interfere with file operations.
-#
-# This guard now does NOTHING - just allows all operations.
-
-set +e
-echo '{"decision":"allow"}'
-exit 0

package/plugins/specweave/hooks/v2/guards/status-completion-guard.sh

@@ -1,84 +0,0 @@
-#!/bin/bash
-# status-completion-guard.sh - Prevents direct status changes to "completed"
-#
-# RULE: Increment status should NEVER be changed to "completed" directly!
-#
-# ALLOWED paths to completion:
-# 1. /sw:done command (validates ACs, tests, docs)
-# 2. /sw:auto mode when all tests pass (auto-verified closure)
-#
-# @since 1.0.196
-# @see CLAUDE.md "Status Workflow" section
-
-set +e  # CRITICAL: Never exit on error - consistent with non-blocking hook principle
-
-INPUT=$(cat)
-
-# Extract tool parameters
-TOOL_NAME=$(echo "$INPUT" | jq -r '.tool_name // .toolName // ""')
-FILE_PATH=$(echo "$INPUT" | jq -r '.tool_input.file_path // ""')
-OLD_STRING=$(echo "$INPUT" | jq -r '.tool_input.old_string // ""')
-NEW_STRING=$(echo "$INPUT" | jq -r '.tool_input.new_string // ""')
-
-# Only check Edit operations on metadata.json files
-if [[ "$TOOL_NAME" != "Edit" ]]; then
-  echo '{"decision":"allow"}'
-  exit 0
-fi
-
-# Only check metadata.json files in increments
-if [[ ! "$FILE_PATH" =~ \.specweave/increments/.*/metadata\.json$ ]]; then
-  echo '{"decision":"allow"}'
-  exit 0
-fi
-
-# Check if this is a status change to "completed"
-# Pattern: "status": "active" -> "status": "completed"
-# Or: "status": "paused" -> "status": "completed"
-# Or: "status": "ready_for_review" -> "status": "completed"
-if echo "$NEW_STRING" | grep -qE '"status":\s*"completed"'; then
-  # Detect project root via walk-up
-  _DIR="$PWD"
-  _LIMIT=0
-  while [[ "$_DIR" != "/" ]] && [[ ! -f "$_DIR/.specweave/config.json" ]] && [[ $_LIMIT -lt 50 ]]; do
-    _DIR=$(dirname "$_DIR")
-    _LIMIT=$((_LIMIT + 1))
-  done
-  _ROOT="$_DIR"
-
-  # Check if auto-mode is active with verified completion
-  AUTO_STATE_FILE="$_ROOT/.specweave/state/auto/session.json"
-  if [[ -f "$AUTO_STATE_FILE" ]]; then
-    AUTO_STATUS=$(jq -r '.status // "unknown"' "$AUTO_STATE_FILE" 2>/dev/null || echo "unknown")
-    AUTO_VERIFIED=$(jq -r '.testsVerified // false' "$AUTO_STATE_FILE" 2>/dev/null || echo "false")
-
-    # Allow if auto-mode is active AND tests are verified
-    if [[ "$AUTO_STATUS" == "active" && "$AUTO_VERIFIED" == "true" ]]; then
-      echo '{"decision":"allow"}'
-      exit 0
-    fi
-  fi
-
-  # Check if called from /sw:done command (look for marker file)
-  DONE_MARKER="$_ROOT/.specweave/state/.sw-done-in-progress"
-  if [[ -f "$DONE_MARKER" ]]; then
-    echo '{"decision":"allow"}'
-    exit 0
-  fi
-
-  # Extract increment ID for the message
-  INCREMENT_ID=$(echo "$FILE_PATH" | grep -oE '[0-9]{4}[E]?-[^/]+' || echo "unknown")
-
-  # Block the direct status change
-  cat << EOF
-{
-  "decision": "block",
-  "reason": "Direct status change to 'completed' is blocked",
-  "systemMessage": "⛔ **STATUS PROTECTION ACTIVE**\\n\\n❌ Cannot directly edit metadata.json to set status='completed'\\n\\n**Why?** Completion requires validation:\\n- All tasks marked complete\\n- Acceptance criteria satisfied\\n- Tests passing\\n- Documentation updated\\n\\n**Correct approach:**\\n\`\`\`\\n/sw:done ${INCREMENT_ID}\\n\`\`\`\\n\\nOr in auto-mode:\\n\`\`\`\\n/sw:auto ${INCREMENT_ID}\\n\`\`\`\\n(auto-closes when all tests pass)"
-}
-EOF
-  exit 0
-fi
-
-echo '{"decision":"allow"}'
-exit 0