tlc-claude-code 1.4.5 → 1.4.7

package/docker-compose.dev.yml

@@ -101,18 +101,18 @@ services:
     working_dir: /project
     command: >
       sh -c "
-        cd /tlc/dashboard && npm install && npm run build &&
-        cd /tlc/server && npm install &&
-        cd /project && node /tlc/server/index.js --proxy-only
+        npm install -g tlc-claude-code &&
+        TLC_DIR=$$(npm root -g)/tlc-claude-code &&
+        cd /project && node $$TLC_DIR/server/index.js --proxy-only
       "
     environment:
       - TLC_PORT=3147
       - TLC_PROXY_ONLY=true
       - TLC_APP_PORT=5001
+      - TLC_AUTH=false
     ports:
       - "${DASHBOARD_PORT:-3147}:3147"
     volumes:
-      - ./server:/tlc/server
       - ..:/project
     depends_on:
       - app

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "tlc-claude-code",
-  "version": "1.4.5",
+  "version": "1.4.7",
   "description": "TLC - Test Led Coding for Claude Code",
   "bin": {
     "tlc": "./bin/tlc.js",
@@ -55,5 +55,8 @@
     "@playwright/test": "^1.58.1",
     "playwright": "^1.58.1",
     "text-to-image": "^8.0.1"
+  },
+  "dependencies": {
+    "cookie-parser": "^1.4.7"
   }
 }

package/server/dashboard/index.html

@@ -951,7 +951,9 @@
           <span id="status-text">Connecting...</span>
         </div>
         <span style="color: #30363d">|</span>
-        <span class="version">v1.4.2</span>
+        <span class="version">v1.4.5</span>
+        <span style="color: #30363d">|</span>
+        <button id="logout-btn" onclick="logout()" style="background: transparent; border: 1px solid #30363d; color: #8b949e; padding: 4px 12px; border-radius: 4px; cursor: pointer; font-size: 12px; display: none;">Logout</button>
       </div>
     </header>
 
@@ -1342,6 +1344,33 @@
     let appPort = 5001;
 
     const views = ['projects', 'tasks', 'chat', 'agents', 'preview', 'logs', 'github', 'health', 'router', 'settings'];
+
+    // Auth functions
+    async function checkAuth() {
+      try {
+        const res = await fetch('/api/auth/status');
+        const data = await res.json();
+        if (data.authEnabled) {
+          document.getElementById('logout-btn').style.display = 'inline-block';
+        }
+      } catch (e) {
+        console.log('Auth check failed:', e);
+      }
+    }
+
+    async function logout() {
+      try {
+        await fetch('/api/auth/logout', { method: 'POST' });
+        window.location.href = '/login.html';
+      } catch (e) {
+        console.error('Logout failed:', e);
+        window.location.href = '/login.html';
+      }
+    }
+
+    // Check auth on load
+    checkAuth();
+
     const viewTitles = {
       projects: '📁 Projects',
       tasks: '📋 Tasks',
@@ -1822,19 +1851,63 @@
         if (data.coverage) {
           document.getElementById('stat-coverage').textContent = data.coverage + '%';
         }
+        // Update app port for preview
+        if (data.appPort) {
+          updateAppPort(data.appPort);
+        }
       } catch (e) {
         console.error('Failed to load stats:', e);
       }
     }
 
+    async function refreshProject() {
+      try {
+        const res = await fetch('/api/project');
+        const data = await res.json();
+
+        document.getElementById('project-name').textContent = data.name || 'Unknown Project';
+        document.getElementById('project-desc').textContent = data.description || data.projectDir || '';
+
+        if (data.phase && data.phaseName) {
+          document.getElementById('phase-badge').textContent = `Phase ${data.phase}: ${data.phaseName}`;
+        } else if (data.branch) {
+          document.getElementById('phase-badge').textContent = `Branch: ${data.branch}`;
+        }
+
+        // Update progress bar
+        const progress = data.tasks?.progress || 0;
+        document.getElementById('progress-fill').style.width = `${progress}%`;
+
+        // Update stats if available
+        if (data.tasks) {
+          document.getElementById('stat-passing').textContent = data.tasks.done || 0;
+          document.getElementById('stat-failing').textContent = (data.tasks.total - data.tasks.done) || 0;
+        }
+      } catch (e) {
+        console.error('Failed to load project:', e);
+      }
+    }
+
     async function refreshTasks() {
       try {
         const res = await fetch('/api/tasks');
-        const data = await res.json();
+        const json = await res.json();
+        // Handle both { items: [...] } and direct array
+        const data = json.items || json || [];
+
+        // Normalize status values: done -> completed, working -> in_progress
+        const normalizeStatus = (s) => {
+          if (s === 'done' || s === 'complete') return 'completed';
+          if (s === 'working') return 'in_progress';
+          if (s === 'available') return 'pending';
+          return s || 'pending';
+        };
+
+        const tasks = data.map(t => ({ ...t, status: normalizeStatus(t.status) }));
 
-        const pending = data.filter(t => t.status === 'pending');
-        const inProgress = data.filter(t => t.status === 'in_progress');
-        const completed = data.filter(t => t.status === 'completed');
+        const pending = tasks.filter(t => t.status === 'pending');
+        const inProgress = tasks.filter(t => t.status === 'in_progress');
+        const completed = tasks.filter(t => t.status === 'completed');
 
         document.getElementById('tasks-pending').innerHTML = pending.map(t => `
           <div class="task-item">
@@ -1959,6 +2032,7 @@
 
     // Refresh All
     function refreshAll() {
+      refreshProject();
       refreshStats();
       refreshTasks();
       refreshGitHub();

package/server/dashboard/login.html

@@ -0,0 +1,262 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>TLC Dashboard - Login</title>
+  <style>
+    * {
+      margin: 0;
+      padding: 0;
+      box-sizing: border-box;
+    }
+
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+      background: linear-gradient(135deg, #1a1a2e 0%, #16213e 50%, #0f3460 100%);
+      min-height: 100vh;
+      display: flex;
+      align-items: center;
+      justify-content: center;
+      color: #e4e4e7;
+    }
+
+    .login-container {
+      background: rgba(30, 30, 46, 0.95);
+      border: 1px solid #3f3f5a;
+      border-radius: 12px;
+      padding: 40px;
+      width: 100%;
+      max-width: 400px;
+      box-shadow: 0 20px 60px rgba(0, 0, 0, 0.5);
+    }
+
+    .logo {
+      text-align: center;
+      margin-bottom: 30px;
+    }
+
+    .logo pre {
+      font-size: 10px;
+      line-height: 1.1;
+      color: #60a5fa;
+      font-family: monospace;
+    }
+
+    .logo h1 {
+      font-size: 18px;
+      color: #a5b4fc;
+      margin-top: 10px;
+      font-weight: 500;
+    }
+
+    .form-group {
+      margin-bottom: 20px;
+    }
+
+    label {
+      display: block;
+      margin-bottom: 8px;
+      font-size: 14px;
+      color: #9ca3af;
+    }
+
+    input {
+      width: 100%;
+      padding: 12px 16px;
+      background: #27273a;
+      border: 1px solid #3f3f5a;
+      border-radius: 8px;
+      color: #e4e4e7;
+      font-size: 16px;
+      transition: border-color 0.2s, box-shadow 0.2s;
+    }
+
+    input:focus {
+      outline: none;
+      border-color: #60a5fa;
+      box-shadow: 0 0 0 3px rgba(96, 165, 250, 0.2);
+    }
+
+    input::placeholder {
+      color: #6b7280;
+    }
+
+    button {
+      width: 100%;
+      padding: 14px;
+      background: linear-gradient(135deg, #3b82f6 0%, #2563eb 100%);
+      border: none;
+      border-radius: 8px;
+      color: white;
+      font-size: 16px;
+      font-weight: 600;
+      cursor: pointer;
+      transition: transform 0.2s, box-shadow 0.2s;
+    }
+
+    button:hover {
+      transform: translateY(-1px);
+      box-shadow: 0 4px 20px rgba(59, 130, 246, 0.4);
+    }
+
+    button:active {
+      transform: translateY(0);
+    }
+
+    button:disabled {
+      opacity: 0.6;
+      cursor: not-allowed;
+      transform: none;
+    }
+
+    .error {
+      background: rgba(239, 68, 68, 0.15);
+      border: 1px solid rgba(239, 68, 68, 0.3);
+      color: #f87171;
+      padding: 12px;
+      border-radius: 8px;
+      margin-bottom: 20px;
+      font-size: 14px;
+      display: none;
+    }
+
+    .error.visible {
+      display: block;
+    }
+
+    .footer {
+      text-align: center;
+      margin-top: 24px;
+      font-size: 12px;
+      color: #6b7280;
+    }
+
+    .footer a {
+      color: #60a5fa;
+      text-decoration: none;
+    }
+
+    .setup-hint {
+      background: rgba(96, 165, 250, 0.1);
+      border: 1px solid rgba(96, 165, 250, 0.2);
+      border-radius: 8px;
+      padding: 16px;
+      margin-bottom: 24px;
+      font-size: 13px;
+      line-height: 1.5;
+    }
+
+    .setup-hint code {
+      background: rgba(0, 0, 0, 0.3);
+      padding: 2px 6px;
+      border-radius: 4px;
+      font-family: monospace;
+      font-size: 12px;
+    }
+  </style>
+</head>
+<body>
+  <div class="login-container">
+    <div class="logo">
+      <pre>
+████████╗██╗     ██████╗
+╚══██╔══╝██║    ██╔════╝
+   ██║   ██║    ██║
+   ██║   ██║    ██║
+   ██║   ███████╗╚██████╗
+   ╚═╝   ╚══════╝ ╚═════╝</pre>
+      <h1>Dashboard Login</h1>
+    </div>
+
+    <div id="setup-hint" class="setup-hint" style="display: none;">
+      <strong>Setup Required</strong><br>
+      Set credentials in <code>.tlc.json</code>:
+      <pre style="margin-top: 8px; background: rgba(0,0,0,0.3); padding: 8px; border-radius: 4px;">
+{
+  "auth": {
+    "adminEmail": "you@example.com",
+    "adminPassword": "your-password"
+  }
+}</pre>
+      Or use environment variables:<br>
+      <code>TLC_ADMIN_EMAIL</code> / <code>TLC_ADMIN_PASSWORD</code>
+    </div>
+
+    <div id="error" class="error"></div>
+
+    <form id="login-form">
+      <div class="form-group">
+        <label for="email">Email</label>
+        <input type="email" id="email" name="email" placeholder="admin@localhost" required>
+      </div>
+
+      <div class="form-group">
+        <label for="password">Password</label>
+        <input type="password" id="password" name="password" placeholder="Enter your password" required>
+      </div>
+
+      <button type="submit" id="submit-btn">Sign In</button>
+    </form>
+
+    <div class="footer">
+      TLC Dev Server &middot; <a href="https://github.com/anthropics/tlc">Documentation</a>
+    </div>
+  </div>
+
+  <script>
+    const form = document.getElementById('login-form');
+    const errorEl = document.getElementById('error');
+    const submitBtn = document.getElementById('submit-btn');
+    const setupHint = document.getElementById('setup-hint');
+
+    // Check if this is first visit with failed login
+    const urlParams = new URLSearchParams(window.location.search);
+    if (urlParams.get('setup') === 'true') {
+      setupHint.style.display = 'block';
+    }
+
+    form.addEventListener('submit', async (e) => {
+      e.preventDefault();
+
+      const email = document.getElementById('email').value;
+      const password = document.getElementById('password').value;
+
+      errorEl.classList.remove('visible');
+      submitBtn.disabled = true;
+      submitBtn.textContent = 'Signing in...';
+
+      try {
+        const res = await fetch('/api/auth/login', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ email, password }),
+        });
+
+        const data = await res.json();
+
+        if (!res.ok) {
+          throw new Error(data.error || 'Login failed');
+        }
+
+        // Redirect to dashboard
+        window.location.href = '/';
+      } catch (err) {
+        errorEl.textContent = err.message;
+        errorEl.classList.add('visible');
+
+        // Show setup hint on first failed login
+        if (err.message === 'Invalid credentials') {
+          setupHint.style.display = 'block';
+        }
+      } finally {
+        submitBtn.disabled = false;
+        submitBtn.textContent = 'Sign In';
+      }
+    });
+
+    // Auto-focus email field
+    document.getElementById('email').focus();
+  </script>
+</body>
+</html>

package/server/index.js

@@ -12,6 +12,14 @@ const chokidar = require('chokidar');
 const { detectProject } = require('./lib/project-detector');
 const { parsePlan, parseBugs } = require('./lib/plan-parser');
 const { autoProvision, stopDatabase } = require('./lib/auto-database');
+const {
+  createUserStore,
+  createAuthMiddleware,
+  generateJWT,
+  verifyJWT,
+  hashPassword,
+  verifyPassword,
+} = require('./lib/auth-system');
 
 // Handle PGlite WASM crashes gracefully
 process.on('uncaughtException', (err) => {
@@ -48,6 +56,149 @@ const wss = new WebSocketServer({ server });
 
 // Middleware
 app.use(express.json());
+const cookieParser = require('cookie-parser');
+app.use(cookieParser());
+
+// ============================================
+// Authentication Setup
+// ============================================
+const userStore = createUserStore();
+const JWT_SECRET = process.env.TLC_JWT_SECRET || 'tlc-dashboard-secret-change-in-production';
+const AUTH_ENABLED = process.env.TLC_AUTH !== 'false';
+
+// Initialize admin user from config or environment
+async function initializeAuth() {
+  const tlcConfigPath = path.join(PROJECT_DIR, '.tlc.json');
+  let adminEmail = process.env.TLC_ADMIN_EMAIL || 'admin@localhost';
+  let adminPassword = process.env.TLC_ADMIN_PASSWORD;
+
+  // Try to read from .tlc.json
+  if (fs.existsSync(tlcConfigPath)) {
+    try {
+      const config = JSON.parse(fs.readFileSync(tlcConfigPath, 'utf-8'));
+      if (config.auth?.adminEmail) adminEmail = config.auth.adminEmail;
+      if (config.auth?.adminPassword) adminPassword = config.auth.adminPassword;
+    } catch (e) {
+      // Ignore parse errors
+    }
+  }
+
+  // Create admin user if password is set
+  if (adminPassword) {
+    try {
+      await userStore.createUser({
+        email: adminEmail,
+        password: adminPassword,
+        name: 'Admin',
+        role: 'admin',
+      }, { skipValidation: true }); // Dev tool - allow simple passwords
+      console.log(`[TLC] Admin user initialized: ${adminEmail}`);
+    } catch (e) {
+      if (!e.message.includes('already registered')) {
+        console.error('[TLC] Failed to create admin user:', e.message);
+      }
+    }
+  }
+}
+
+// Auth middleware for protected routes
+const authMiddleware = createAuthMiddleware({
+  userStore,
+  jwtSecret: JWT_SECRET,
+  requireAuth: true,
+});
+
+// Public paths that don't require auth
+const publicPaths = ['/api/auth/login', '/api/auth/status', '/login.html', '/login'];
+
+// Apply auth to API routes (except public paths)
+app.use((req, res, next) => {
+  // Skip auth if disabled
+  if (!AUTH_ENABLED) return next();
+
+  // Allow public paths
+  if (publicPaths.some(p => req.path === p || req.path.startsWith(p))) {
+    return next();
+  }
+
+  // Allow static assets
+  if (req.path.match(/\.(js|css|png|jpg|ico|svg|woff|woff2)$/)) {
+    return next();
+  }
+
+  // Check for auth cookie or header
+  const token = req.cookies?.tlc_token || req.headers.authorization?.replace('Bearer ', '');
+
+  if (!token) {
+    // Redirect browser requests to login, return 401 for API
+    if (req.path.startsWith('/api/')) {
+      return res.status(401).json({ error: 'Authentication required' });
+    }
+    return res.redirect('/login.html');
+  }
+
+  // Verify token
+  const payload = verifyJWT(token, JWT_SECRET);
+  if (!payload) {
+    if (req.path.startsWith('/api/')) {
+      return res.status(401).json({ error: 'Invalid or expired token' });
+    }
+    return res.redirect('/login.html');
+  }
+
+  // Attach user to request
+  req.user = payload;
+  next();
+});
+
+// Auth routes
+app.get('/api/auth/status', (req, res) => {
+  res.json({ authEnabled: AUTH_ENABLED });
+});
+
+app.post('/api/auth/login', async (req, res) => {
+  const { email, password } = req.body;
+
+  if (!email || !password) {
+    return res.status(400).json({ error: 'Email and password required' });
+  }
+
+  const user = await userStore.authenticate(email, password);
+  if (!user) {
+    return res.status(401).json({ error: 'Invalid credentials' });
+  }
+
+  // Generate JWT
+  const token = generateJWT(
+    { sub: user.id, email: user.email, role: user.role, name: user.name },
+    JWT_SECRET,
+    { expiresIn: 86400 * 7 } // 7 days
+  );
+
+  // Set cookie
+  res.cookie('tlc_token', token, {
+    httpOnly: true,
+    secure: process.env.NODE_ENV === 'production',
+    sameSite: 'lax',
+    maxAge: 86400 * 7 * 1000, // 7 days
+  });
+
+  res.json({ success: true, user: { email: user.email, name: user.name, role: user.role } });
+});
+
+app.post('/api/auth/logout', (req, res) => {
+  res.clearCookie('tlc_token');
+  res.json({ success: true });
+});
+
+app.get('/api/auth/me', (req, res) => {
+  if (!req.user) {
+    return res.status(401).json({ error: 'Not authenticated' });
+  }
+  res.json({ user: req.user });
+});
+
+// Serve static files (after auth middleware)
 app.use(express.static(path.join(__dirname, 'dashboard')));
 
 // Broadcast to all WebSocket clients
@@ -203,6 +354,86 @@ function runTests() {
 }
 
 // API Routes
+
+// Project info endpoint - returns real project data
+app.get('/api/project', (req, res) => {
+  try {
+    const { execSync } = require('child_process');
+
+    // Get project name and description from package.json or .tlc.json
+    let projectName = 'Unknown Project';
+    let projectDesc = '';
+    let version = '';
+
+    const pkgPath = path.join(PROJECT_DIR, 'package.json');
+    if (fs.existsSync(pkgPath)) {
+      const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf-8'));
+      projectName = pkg.name || projectName;
+      projectDesc = pkg.description || '';
+      version = pkg.version || '';
+    }
+
+    const tlcPath = path.join(PROJECT_DIR, '.tlc.json');
+    if (fs.existsSync(tlcPath)) {
+      const tlc = JSON.parse(fs.readFileSync(tlcPath, 'utf-8'));
+      if (tlc.project) projectName = tlc.project;
+      if (tlc.description) projectDesc = tlc.description;
+    }
+
+    // Get git info
+    let branch = 'unknown';
+    let lastCommit = null;
+    try {
+      branch = execSync('git rev-parse --abbrev-ref HEAD', { cwd: PROJECT_DIR, encoding: 'utf-8' }).trim();
+      const commitInfo = execSync('git log -1 --pretty=format:"%h|%s|%ar"', { cwd: PROJECT_DIR, encoding: 'utf-8' }).trim();
+      const [hash, message, time] = commitInfo.split('|');
+      lastCommit = { hash, message, time };
+    } catch (e) {
+      // Not a git repo
+    }
+
+    // Get phase info
+    const plan = parsePlan(PROJECT_DIR);
+
+    // Count phases from roadmap
+    let totalPhases = 0;
+    let completedPhases = 0;
+    const roadmapPath = path.join(PROJECT_DIR, '.planning', 'ROADMAP.md');
+    if (fs.existsSync(roadmapPath)) {
+      const content = fs.readFileSync(roadmapPath, 'utf-8');
+      const phases = content.match(/##\s+Phase\s+\d+/g) || [];
+      totalPhases = phases.length;
+      const completed = content.match(/##\s+Phase\s+\d+[^[]*\[x\]/gi) || [];
+      completedPhases = completed.length;
+    }
+
+    // Calculate progress
+    const tasksDone = plan.tasks?.filter(t => t.status === 'done' || t.status === 'complete').length || 0;
+    const tasksTotal = plan.tasks?.length || 0;
+    const progress = tasksTotal > 0 ? Math.round((tasksDone / tasksTotal) * 100) : 0;
+
+    res.json({
+      name: projectName,
+      description: projectDesc,
+      version,
+      branch,
+      lastCommit,
+      phase: plan.currentPhase,
+      phaseName: plan.currentPhaseName,
+      totalPhases,
+      completedPhases,
+      tasks: {
+        total: tasksTotal,
+        done: tasksDone,
+        progress
+      },
+      projectDir: PROJECT_DIR
+    });
+  } catch (err) {
+    res.status(500).json({ error: err.message });
+  }
+});
+
 app.get('/api/status', (req, res) => {
   const bugs = parseBugs(PROJECT_DIR);
   const plan = parsePlan(PROJECT_DIR);
@@ -834,9 +1065,17 @@ async function main() {
   TLC Dev Server
 `);
 
+  // Initialize authentication
+  await initializeAuth();
+
   server.listen(TLC_PORT, () => {
     console.log(`  Dashboard: http://localhost:${TLC_PORT}`);
     console.log(`  Share:     http://${getLocalIP()}:${TLC_PORT}`);
+    if (AUTH_ENABLED) {
+      console.log(`  Auth:      ENABLED (set TLC_AUTH=false to disable)`);
+    } else {
+      console.log(`  Auth:      DISABLED`);
+    }
     console.log('');
   });
 

package/server/lib/auth-system.js

@@ -318,8 +318,9 @@ function createUserStore() {
 
   return {
     // User methods
-    async createUser(data) {
-      if (!validateEmail(data.email)) {
+    async createUser(data, options = {}) {
+      // Skip email validation for dev setup (allows plain usernames)
+      if (!options.skipValidation && !validateEmail(data.email) && data.email.includes('@')) {
         throw new Error('Invalid email format');
       }
 
@@ -331,9 +332,12 @@ function createUserStore() {
         throw new Error('Email already registered');
       }
 
-      const passwordValidation = validatePassword(data.password);
-      if (!passwordValidation.valid) {
-        throw new Error(passwordValidation.errors.join(', '));
+      // Skip password validation for dev/config-based setup
+      if (!options.skipValidation) {
+        const passwordValidation = validatePassword(data.password);
+        if (!passwordValidation.valid) {
+          throw new Error(passwordValidation.errors.join(', '));
+        }
       }
 
       const user = createUser(data);

package/server/lib/debug.test.js

@@ -3,8 +3,8 @@ import {
   findOrphanedAgents,
   resetCleanup,
 } from './agent-cleanup.js';
-import { getAgentRegistry, resetRegistry } from './server/lib/agent-registry.js';
-import { STATES } from './server/lib/agent-state.js';
+import { getAgentRegistry, resetRegistry } from './agent-registry.js';
+import { STATES } from './agent-state.js';
 
 describe('debug', () => {
   const BASE_TIME = new Date('2025-01-01T12:00:00Z').getTime();

package/server/lib/plan-parser.js

@@ -53,41 +53,84 @@ function parsePlan(projectDir) {
 
 /**
  * Parse task entries from PLAN.md content
- * Supports formats:
+ * Supports multiple formats:
  *   ### Task 1: Title [ ]
  *   ### Task 1: Title [>@user]
  *   ### Task 1: Title [x@user]
+ *   - [ ] Task description
+ *   - [x] Completed task
+ *   - [>] In progress task
+ *   ## Task 1: Title
  */
 function parseTasksFromPlan(content) {
   const tasks = [];
-  const taskRegex = /###\s+Task\s+(\d+)[:\s]+(.+?)\s*\[([^\]]*)\]/g;
 
+  // Format 1: ### Task N: Title [status]
+  const taskRegex1 = /###\s+Task\s+(\d+)[:\s]+(.+?)\s*\[([^\]]*)\]/g;
   let match;
-  while ((match = taskRegex.exec(content)) !== null) {
+  while ((match = taskRegex1.exec(content)) !== null) {
     const [, num, title, statusMarker] = match;
+    tasks.push(parseTaskEntry(num, title, statusMarker));
+  }
+
+  // Format 2: Checkbox format - [ ] Task or - [x] Task
+  if (tasks.length === 0) {
+    const checkboxRegex = /^[-*]\s*\[([ x>])\]\s*(.+)$/gm;
+    let num = 1;
+    while ((match = checkboxRegex.exec(content)) !== null) {
+      const [, marker, title] = match;
+      // Skip if title looks like a sub-item or criterion
+      if (title.match(/^(Has|Should|Must|Can|Is|Are|The)\s/i)) continue;
+      const statusMarker = marker === 'x' ? 'x' : marker === '>' ? '>' : ' ';
+      tasks.push(parseTaskEntry(num++, title, statusMarker));
+    }
+  }
+
+  // Format 3: ## Task N: Title (without status marker)
+  if (tasks.length === 0) {
+    const taskRegex3 = /##\s+Task\s+(\d+)[:\s]+(.+?)$/gm;
+    while ((match = taskRegex3.exec(content)) !== null) {
+      const [, num, title] = match;
+      tasks.push(parseTaskEntry(num, title, ' '));
+    }
+  }
+
+  // Format 4: Numbered list - 1. Task title
+  if (tasks.length === 0) {
+    const numberedRegex = /^(\d+)\.\s+(.+)$/gm;
+    while ((match = numberedRegex.exec(content)) !== null) {
+      const [, num, title] = match;
+      // Skip if looks like a sub-point
+      if (title.length < 10) continue;
+      tasks.push(parseTaskEntry(num, title, ' '));
+    }
+  }
 
-    let status = 'available';
-    let owner = null;
+  return tasks;
+}
 
-    if (statusMarker.startsWith('x')) {
+function parseTaskEntry(num, title, statusMarker) {
+  let status = 'pending';
+  let owner = null;
+
+  if (typeof statusMarker === 'string') {
+    if (statusMarker.startsWith('x') || statusMarker === 'x') {
       status = 'done';
       const ownerMatch = statusMarker.match(/@(\w+)/);
       if (ownerMatch) owner = ownerMatch[1];
-    } else if (statusMarker.startsWith('>')) {
-      status = 'working';
+    } else if (statusMarker.startsWith('>') || statusMarker === '>') {
+      status = 'in_progress';
       const ownerMatch = statusMarker.match(/@(\w+)/);
       if (ownerMatch) owner = ownerMatch[1];
     }
-
-    tasks.push({
-      num: parseInt(num),
-      title: title.trim(),
-      status,
-      owner
-    });
   }
 
-  return tasks;
+  return {
+    num: parseInt(num),
+    title: title.trim(),
+    status,
+    owner
+  };
 }
 
 /**