xtrm-cli 2.1.4 → 2.1.14

package/test/hooks.test.ts

@@ -20,11 +20,13 @@ function runHook(
   hookFile: string,
   input: Record<string, unknown>,
   env: Record<string, string> = {},
+  cwd?: string,
 ) {
   return spawnSync('node', [path.join(HOOKS_DIR, hookFile)], {
     input: JSON.stringify(input),
     encoding: 'utf8',
     env: { ...process.env, ...env },
+    cwd,
   });
 }
 
@@ -48,16 +50,13 @@ function withFakeBdDir(scriptBody: string) {
 
 describe('main-guard.mjs — MAIN_GUARD_PROTECTED_BRANCHES', () => {
   it('blocks Write when current branch is listed in MAIN_GUARD_PROTECTED_BRANCHES', () => {
-    // Set env var to the actual current branch — without this env var the
-    // hook only checks hardcoded main/master, so a feature branch always exits 0.
     const r = runHook(
       'main-guard.mjs',
       { tool_name: 'Write', tool_input: { file_path: '/tmp/x' } },
       { MAIN_GUARD_PROTECTED_BRANCHES: CURRENT_BRANCH },
     );
-    expect(r.status).toBe(0);
+    expect(r.status).toBe(2);
     const out = parseHookJson(r.stdout);
-    expect(out?.hookSpecificOutput?.permissionDecision).toBe('deny');
     expect(out?.systemMessage).toContain(CURRENT_BRANCH);
   });
 
@@ -76,9 +75,8 @@ describe('main-guard.mjs — MAIN_GUARD_PROTECTED_BRANCHES', () => {
       { tool_name: 'Bash', tool_input: { command: 'cat > file.txt << EOF\nhello\nEOF' } },
       { MAIN_GUARD_PROTECTED_BRANCHES: CURRENT_BRANCH },
     );
-    expect(r.status).toBe(0);
+    expect(r.status).toBe(2);
     const out = parseHookJson(r.stdout);
-    expect(out?.hookSpecificOutput?.permissionDecision).toBe('deny');
     expect(out?.systemMessage).toContain('Bash is restricted');
   });
 
@@ -93,6 +91,7 @@ describe('main-guard.mjs — MAIN_GUARD_PROTECTED_BRANCHES', () => {
       'git pull',
       'gh pr list',
       'bd list',
+      `git reset --hard origin/${CURRENT_BRANCH}`,
     ];
     for (const command of safeCommands) {
       const r = runHook(
@@ -116,9 +115,8 @@ describe('main-guard.mjs — MAIN_GUARD_PROTECTED_BRANCHES', () => {
         { tool_name: 'Bash', tool_input: { command } },
         { MAIN_GUARD_PROTECTED_BRANCHES: CURRENT_BRANCH },
       );
-      expect(r.status, `expected structured deny for: ${command}`).toBe(0);
+      expect(r.status, `expected exit 2 for: ${command}`).toBe(2);
       const out = parseHookJson(r.stdout);
-      expect(out?.hookSpecificOutput?.permissionDecision).toBe('deny');
       expect(out?.systemMessage).toContain('Bash is restricted');
     }
   });
@@ -138,11 +136,117 @@ describe('main-guard.mjs — MAIN_GUARD_PROTECTED_BRANCHES', () => {
       { tool_name: 'Bash', tool_input: { command: 'git commit -m "oops"' } },
       { MAIN_GUARD_PROTECTED_BRANCHES: CURRENT_BRANCH },
     );
-    expect(r.status).toBe(0);
+    expect(r.status).toBe(2);
     const out = parseHookJson(r.stdout);
-    expect(out?.hookSpecificOutput?.permissionDecision).toBe('deny');
     expect(out?.systemMessage).toContain('feature branch');
   });
+
+  it('post-push hook sync guidance uses reset --hard, consistent with main-guard', () => {
+    const postPush = readFileSync(path.join(HOOKS_DIR, 'main-guard-post-push.mjs'), 'utf8');
+    expect(postPush).toContain('reset --hard');
+    expect(postPush).not.toContain('pull --ff-only');
+  });
+
+  it('hooks.json wires Bash to main-guard so git commit protection fires', () => {
+    const hooksJson = JSON.parse(readFileSync(path.join(__dirname, '../../config/hooks.json'), 'utf8'));
+    const mainGuardEntries = hooksJson.hooks.PreToolUse.filter(
+      (h: { script: string }) => h.script === 'main-guard.mjs',
+    );
+    const matchers: string[] = mainGuardEntries.map((h: { matcher: string }) => h.matcher ?? '');
+    const coversBash = matchers.some((m: string) => m.split('|').includes('Bash'));
+    expect(coversBash, 'main-guard.mjs must have a PreToolUse entry with Bash in its matcher').toBe(true);
+  });
+
+});
+
+// ── main-guard-post-push.mjs ────────────────────────────────────────────────
+
+describe('main-guard-post-push.mjs', () => {
+  function createTempGitRepo(branch: string): string {
+    const repoDir = mkdtempSync(path.join(os.tmpdir(), 'xtrm-post-push-'));
+    spawnSync('git', ['init'], { cwd: repoDir, stdio: 'pipe' });
+    spawnSync('git', ['config', 'user.email', 'test@example.com'], { cwd: repoDir, stdio: 'pipe' });
+    spawnSync('git', ['config', 'user.name', 'Test User'], { cwd: repoDir, stdio: 'pipe' });
+    writeFileSync(path.join(repoDir, 'README.md'), '# test\n', 'utf8');
+    spawnSync('git', ['add', 'README.md'], { cwd: repoDir, stdio: 'pipe' });
+    spawnSync('git', ['commit', '-m', 'init'], { cwd: repoDir, stdio: 'pipe' });
+    const current = spawnSync('git', ['branch', '--show-current'], { cwd: repoDir, encoding: 'utf8', stdio: 'pipe' }).stdout.trim();
+    if (current !== branch) {
+      spawnSync('git', ['checkout', '-B', branch], { cwd: repoDir, stdio: 'pipe' });
+    }
+    return repoDir;
+  }
+
+  it('injects PR workflow reminder after successful feature-branch push command', () => {
+    const repoDir = createTempGitRepo('feature/test-push');
+    try {
+      const r = runHook(
+        'main-guard-post-push.mjs',
+        { tool_name: 'Bash', tool_input: { command: 'git push -u origin feature/test-push' }, cwd: repoDir },
+        { MAIN_GUARD_PROTECTED_BRANCHES: 'main,master' },
+        repoDir,
+      );
+      expect(r.status).toBe(0);
+      const out = parseHookJson(r.stdout);
+      expect(out?.systemMessage).toContain('gh pr create --fill');
+      expect(out?.systemMessage).toContain('gh pr merge --squash');
+    } finally {
+      rmSync(repoDir, { recursive: true, force: true });
+    }
+  });
+
+  it('does not emit reminder for non-push Bash commands', () => {
+    const repoDir = createTempGitRepo('feature/test-nopush');
+    try {
+      const r = runHook(
+        'main-guard-post-push.mjs',
+        { tool_name: 'Bash', tool_input: { command: 'git status' }, cwd: repoDir },
+        { MAIN_GUARD_PROTECTED_BRANCHES: 'main,master' },
+        repoDir,
+      );
+      expect(r.status).toBe(0);
+      expect(r.stdout.trim()).toBe('');
+    } finally {
+      rmSync(repoDir, { recursive: true, force: true });
+    }
+  });
+
+  it('does not emit reminder when current branch is protected', () => {
+    const repoDir = createTempGitRepo('main');
+    try {
+      const r = runHook(
+        'main-guard-post-push.mjs',
+        { tool_name: 'Bash', tool_input: { command: 'git push -u origin main' }, cwd: repoDir },
+        { MAIN_GUARD_PROTECTED_BRANCHES: 'main,master' },
+        repoDir,
+      );
+      expect(r.status).toBe(0);
+      expect(r.stdout.trim()).toBe('');
+    } finally {
+      rmSync(repoDir, { recursive: true, force: true });
+    }
+  });
+
+  it('does not emit reminder when push command reports failure', () => {
+    const repoDir = createTempGitRepo('feature/test-failed-push');
+    try {
+      const r = runHook(
+        'main-guard-post-push.mjs',
+        {
+          tool_name: 'Bash',
+          tool_input: { command: 'git push -u origin feature/test-failed-push' },
+          tool_response: { exit_code: 1, stderr: 'remote rejected' },
+          cwd: repoDir,
+        },
+        { MAIN_GUARD_PROTECTED_BRANCHES: 'main,master' },
+        repoDir,
+      );
+      expect(r.status).toBe(0);
+      expect(r.stdout.trim()).toBe('');
+    } finally {
+      rmSync(repoDir, { recursive: true, force: true });
+    }
+  });
 });
 
 // ── beads-gate-utils.mjs ─────────────────────────────────────────────────────
@@ -236,42 +340,249 @@ describe('beads-stop-gate.mjs', () => {
     const content = readFileSync(path.join(HOOKS_DIR, 'beads-stop-gate.mjs'), 'utf8');
     expect(content).toContain("from './beads-gate-utils.mjs'");
   });
+
+  it('allows stop (exit 0) when session has a stale claim but no in_progress issues', () => {
+    const projectDir = mkdtempSync(path.join(os.tmpdir(), 'xtrm-beads-stopgate-'));
+    mkdirSync(path.join(projectDir, '.beads'));
+    const fake = withFakeBdDir(`#!/usr/bin/env bash
+set -euo pipefail
+if [[ "$1" == "kv" && "$2" == "get" ]]; then
+  echo "jaggers-stale-claim"
+  exit 0
+fi
+if [[ "$1" == "list" ]]; then
+  cat <<'EOF'
+
+--------------------------------------------------------------------------------
+Total: 0 issues (0 open, 0 in progress)
+EOF
+  exit 0
+fi
+exit 1
+`);
+
+    try {
+      const r = runHook(
+        'beads-stop-gate.mjs',
+        { session_id: 'session-stale-claim', cwd: projectDir },
+        { PATH: `${fake.tempDir}:${process.env.PATH ?? ''}` },
+      );
+      expect(r.status).toBe(0);
+    } finally {
+      rmSync(fake.tempDir, { recursive: true, force: true });
+      rmSync(projectDir, { recursive: true, force: true });
+    }
+  });
 });
 
-// ── beads-commit-gate.mjs ─────────────────────────────────────────────────────
 
-describe('beads-commit-gate.mjs', () => {
+describe('beads-memory-gate.mjs', () => {
   it('fails open (exit 0) when no .beads directory exists', () => {
-    const r = runHook('beads-commit-gate.mjs', {
-      session_id: 'test',
-      tool_name: 'Bash',
-      tool_input: { command: 'git commit -m test' },
-      cwd: '/tmp',
-    });
+    const r = runHook('beads-memory-gate.mjs', { session_id: 'test', cwd: '/tmp' });
     expect(r.status).toBe(0);
   });
 
-  it('imports from beads-gate-utils.mjs', () => {
-    const content = readFileSync(path.join(HOOKS_DIR, 'beads-commit-gate.mjs'), 'utf8');
-    expect(content).toContain("from './beads-gate-utils.mjs'");
+  it('allows stop (exit 0) when marker file exists', () => {
+    const projectDir = mkdtempSync(path.join(os.tmpdir(), 'xtrm-memgate-'));
+    mkdirSync(path.join(projectDir, '.beads'));
+    writeFileSync(path.join(projectDir, '.beads', '.memory-gate-done'), '');
+    try {
+      const r = runHook('beads-memory-gate.mjs', { session_id: 'test', cwd: projectDir });
+      expect(r.status).toBe(0);
+    } finally {
+      rmSync(projectDir, { recursive: true, force: true });
+    }
+  });
+
+  it('allows stop (exit 0) when no closed issues exist', () => {
+    const projectDir = mkdtempSync(path.join(os.tmpdir(), 'xtrm-memgate-'));
+    mkdirSync(path.join(projectDir, '.beads'));
+    const fake = withFakeBdDir(`#!/usr/bin/env bash
+set -euo pipefail
+if [[ "$1" == "list" ]]; then
+  cat <<'EOF'
+
+--------------------------------------------------------------------------------
+Total: 0 issues (0 open, 0 in progress)
+EOF
+  exit 0
+fi
+exit 1
+`);
+    try {
+      const r = runHook(
+        'beads-memory-gate.mjs',
+        { session_id: 'test', cwd: projectDir },
+        { PATH: `${fake.tempDir}:${process.env.PATH ?? ''}` },
+      );
+      expect(r.status).toBe(0);
+    } finally {
+      rmSync(fake.tempDir, { recursive: true, force: true });
+      rmSync(projectDir, { recursive: true, force: true });
+    }
+  });
+
+  it('blocks stop (exit 2) when closed issues exist and no marker', () => {
+    const projectDir = mkdtempSync(path.join(os.tmpdir(), 'xtrm-memgate-'));
+    mkdirSync(path.join(projectDir, '.beads'));
+    const fake = withFakeBdDir(`#!/usr/bin/env bash
+set -euo pipefail
+if [[ "$1" == "list" ]]; then
+  cat <<'EOF'
+✓ issue-abc P2 Fix the thing
+
+--------------------------------------------------------------------------------
+Total: 1 issues (0 open, 0 in progress, 1 closed)
+EOF
+  exit 0
+fi
+exit 1
+`);
+    try {
+      const r = runHook(
+        'beads-memory-gate.mjs',
+        { session_id: 'test', cwd: projectDir },
+        { PATH: `${fake.tempDir}:${process.env.PATH ?? ''}` },
+      );
+      expect(r.status).toBe(2);
+      expect(r.stderr).toContain('MEMORY GATE');
+    } finally {
+      rmSync(fake.tempDir, { recursive: true, force: true });
+      rmSync(projectDir, { recursive: true, force: true });
+    }
   });
 });
 
-// ── beads-close-memory-prompt.mjs ────────────────────────────────────────────
 
-describe('beads-close-memory-prompt.mjs', () => {
-  it('exits 0 for non-bd-close bash commands', () => {
-    const r = runHook('beads-close-memory-prompt.mjs', {
-      session_id: 'test',
-      tool_name: 'Bash',
-      tool_input: { command: 'git status' },
-      cwd: '/tmp',
+// ── tdd-guard-pretool-bridge.cjs ─────────────────────────────────────────────
+
+const TDD_BRIDGE_DIR = path.join(__dirname, '../../project-skills/tdd-guard/.claude/hooks');
+
+describe('tdd-guard-pretool-bridge.cjs', () => {
+  it('does not forward tdd-guard stderr when stdout already contains the message', () => {
+    const fakeDir = mkdtempSync(path.join(os.tmpdir(), 'xtrm-fake-tddguard-'));
+    const fakeBin = path.join(fakeDir, 'tdd-guard');
+    // Simulate tdd-guard writing the same message to both stdout and stderr (the bug)
+    writeFileSync(fakeBin, `#!/usr/bin/env bash\nMSG='{"reason":"Premature implementation"}'\necho "$MSG"\necho "$MSG" >&2\nexit 2\n`, { encoding: 'utf8' });
+    chmodSync(fakeBin, 0o755);
+
+    try {
+      const r = spawnSync('node', [path.join(TDD_BRIDGE_DIR, 'tdd-guard-pretool-bridge.cjs')], {
+        input: JSON.stringify({ tool_name: 'Write', tool_input: { file_path: 'test.ts' } }),
+        encoding: 'utf8',
+        env: { ...process.env, PATH: `${fakeDir}:${process.env.PATH ?? ''}` },
+      });
+      expect(r.stderr).toBe('');
+    } finally {
+      rmSync(fakeDir, { recursive: true, force: true });
+    }
+  });
+
+  it('forces sdk validation client and strips api-mode env vars', () => {
+    const fakeDir = mkdtempSync(path.join(os.tmpdir(), 'xtrm-fake-tddguard-env-'));
+    const fakeBin = path.join(fakeDir, 'tdd-guard');
+    writeFileSync(
+      fakeBin,
+      `#!/usr/bin/env bash
+if [[ "$VALIDATION_CLIENT" != "sdk" ]]; then exit 12; fi
+if [[ -n "\${MODEL_TYPE:-}" ]]; then exit 13; fi
+if [[ -n "\${TDD_GUARD_ANTHROPIC_API_KEY:-}" ]]; then exit 14; fi
+if [[ -n "\${ANTHROPIC_API_KEY:-}" ]]; then exit 15; fi
+if [[ -n "\${ANTHROPIC_BASE_URL:-}" ]]; then exit 16; fi
+exit 0
+`,
+      { encoding: 'utf8' },
+    );
+    chmodSync(fakeBin, 0o755);
+
+    try {
+      const r = spawnSync('node', [path.join(TDD_BRIDGE_DIR, 'tdd-guard-pretool-bridge.cjs')], {
+        input: JSON.stringify({ tool_name: 'Write', tool_input: { file_path: 'test.py' } }),
+        encoding: 'utf8',
+        env: {
+          ...process.env,
+          PATH: `${fakeDir}:${process.env.PATH ?? ''}`,
+          VALIDATION_CLIENT: 'api',
+          MODEL_TYPE: 'anthropic_api',
+          TDD_GUARD_ANTHROPIC_API_KEY: 'x',
+          ANTHROPIC_API_KEY: 'y',
+          ANTHROPIC_BASE_URL: 'https://example.invalid',
+        },
+      });
+      expect(r.status).toBe(0);
+    } finally {
+      rmSync(fakeDir, { recursive: true, force: true });
+    }
+  });
+
+  it('fails open for known API response JSON-parse errors', () => {
+    const fakeDir = mkdtempSync(path.join(os.tmpdir(), 'xtrm-fake-tddguard-apierr-'));
+    const fakeBin = path.join(fakeDir, 'tdd-guard');
+    writeFileSync(
+      fakeBin,
+      `#!/usr/bin/env bash
+echo 'Error during validation: Unexpected token '\\''A'\\'', "API Error:"... is not valid JSON'
+exit 2
+`,
+      { encoding: 'utf8' },
+    );
+    chmodSync(fakeBin, 0o755);
+
+    try {
+      const r = spawnSync('node', [path.join(TDD_BRIDGE_DIR, 'tdd-guard-pretool-bridge.cjs')], {
+        input: JSON.stringify({ tool_name: 'Write', tool_input: { file_path: 'test.py' } }),
+        encoding: 'utf8',
+        env: { ...process.env, PATH: `${fakeDir}:${process.env.PATH ?? ''}` },
+      });
+      expect(r.status).toBe(0);
+    } finally {
+      rmSync(fakeDir, { recursive: true, force: true });
+    }
+  });
+});
+
+
+// ── gitnexus-impact-reminder.py ──────────────────────────────────────────────
+
+function runPythonHook(
+  hookFile: string,
+  input: Record<string, unknown>,
+) {
+  return spawnSync('python3', [path.join(HOOKS_DIR, hookFile)], {
+    input: JSON.stringify(input),
+    encoding: 'utf8',
+    env: { ...process.env },
+  });
+}
+
+describe('gitnexus-impact-reminder.py', () => {
+  it('injects additionalContext when prompt contains an edit-intent keyword', () => {
+    const r = runPythonHook('gitnexus-impact-reminder.py', {
+      hook_event_name: 'UserPromptSubmit',
+      prompt: 'fix the broken auth logic in login.ts',
     });
     expect(r.status).toBe(0);
+    const out = parseHookJson(r.stdout);
+    expect(out?.hookSpecificOutput?.additionalContext).toContain('gitnexus impact');
   });
 
-  it('imports from beads-gate-utils.mjs', () => {
-    const content = readFileSync(path.join(HOOKS_DIR, 'beads-close-memory-prompt.mjs'), 'utf8');
-    expect(content).toContain("from './beads-gate-utils.mjs'");
+  it('does nothing (no output) when prompt has no edit-intent keywords', () => {
+    const r = runPythonHook('gitnexus-impact-reminder.py', {
+      hook_event_name: 'UserPromptSubmit',
+      prompt: 'explain how the beads gate works',
+    });
+    expect(r.status).toBe(0);
+    expect(r.stdout.trim()).toBe('');
+  });
+
+  it('does nothing for non-UserPromptSubmit events', () => {
+    const r = runPythonHook('gitnexus-impact-reminder.py', {
+      hook_event_name: 'PreToolUse',
+      tool_name: 'Edit',
+      tool_input: { file_path: 'foo.ts' },
+      prompt: 'fix something',
+    });
+    expect(r.status).toBe(0);
+    expect(r.stdout.trim()).toBe('');
   });
 });

package/test/install-pi.test.ts

@@ -0,0 +1,119 @@
+import { describe, it, expect } from 'vitest';
+import { createInstallPiCommand } from '../src/commands/install-pi.js';
+
+describe('createInstallPiCommand', () => {
+    it('exports a createInstallPiCommand function', () => {
+        expect(typeof createInstallPiCommand).toBe('function');
+    });
+
+    it('returns a Command named "pi"', () => {
+        const cmd = createInstallPiCommand();
+        expect((cmd as any).name()).toBe('pi');
+    });
+
+    it('fillTemplate replaces {{PLACEHOLDERS}} with values', async () => {
+        const { fillTemplate } = await import('../src/commands/install-pi.js');
+        expect(fillTemplate('{"k":"{{MY_KEY}}"}' , { MY_KEY: 'abc' })).toBe('{"k":"abc"}');
+    });
+
+    it('fillTemplate leaves missing placeholders empty', async () => {
+        const { fillTemplate } = await import('../src/commands/install-pi.js');
+        expect(fillTemplate('{"k":"{{MISSING}}"}', {})).toBe('{"k":""}');
+    });
+
+    it('models.json.template contains {{DASHSCOPE_API_KEY}}', () => {
+        const fs = require('node:fs');
+        const p = require('node:path');
+        const content = fs.readFileSync(p.resolve(__dirname, '..', '..', 'config', 'pi', 'models.json.template'), 'utf8');
+        expect(content).toContain('{{DASHSCOPE_API_KEY}}');
+    });
+
+    it('auth.json.template contains {{DASHSCOPE_API_KEY}} and {{ZAI_API_KEY}}', () => {
+        const fs = require('node:fs');
+        const p = require('node:path');
+        const content = fs.readFileSync(p.resolve(__dirname, '..', '..', 'config', 'pi', 'auth.json.template'), 'utf8');
+        expect(content).toContain('{{DASHSCOPE_API_KEY}}');
+        expect(content).toContain('{{ZAI_API_KEY}}');
+    });
+
+    it('auth.json.template contains no real API keys or tokens', () => {
+        const fs = require('node:fs');
+        const p = require('node:path');
+        const content = fs.readFileSync(p.resolve(__dirname, '..', '..', 'config', 'pi', 'auth.json.template'), 'utf8');
+        expect(content).not.toMatch(/sk-[a-zA-Z0-9]{20,}/);
+        expect(content).not.toMatch(/ya29\.[a-zA-Z0-9_-]{20,}/);
+    });
+
+    it('settings.json.template includes pi-serena-tools package', () => {
+        const fs = require('node:fs');
+        const p = require('node:path');
+        const settings = JSON.parse(fs.readFileSync(p.resolve(__dirname, '..', '..', 'config', 'pi', 'settings.json.template'), 'utf8'));
+        expect(settings.packages).toContain('npm:pi-serena-tools');
+    });
+
+    it('install-schema.json defines DASHSCOPE_API_KEY and ZAI_API_KEY fields', () => {
+        const fs = require('node:fs');
+        const p = require('node:path');
+        const schema = JSON.parse(fs.readFileSync(p.resolve(__dirname, '..', '..', 'config', 'pi', 'install-schema.json'), 'utf8'));
+        const keys = schema.fields.map((f) => f.key);
+        expect(keys).toContain('DASHSCOPE_API_KEY');
+        expect(keys).toContain('ZAI_API_KEY');
+    });
+
+    it('install-schema.json lists anthropic and qwen-cli as oauth_providers', () => {
+        const fs = require('node:fs');
+        const p = require('node:path');
+        const schema = JSON.parse(fs.readFileSync(p.resolve(__dirname, '..', '..', 'config', 'pi', 'install-schema.json'), 'utf8'));
+        const keys = schema.oauth_providers.map((o) => o.key);
+        expect(keys).toContain('anthropic');
+        expect(keys).toContain('qwen-cli');
+    });
+
+    it('extensions directory contains all expected .ts files', () => {
+        const fs = require('node:fs');
+        const p = require('node:path');
+        const extDir = p.resolve(__dirname, '..', '..', 'config', 'pi', 'extensions');
+        const files = ['auto-session-name.ts','auto-update.ts','bg-process.ts','compact-header.ts','custom-footer.ts','git-checkpoint.ts','git-guard.ts','safe-guard.ts','todo.ts'];
+        for (const f of files) expect(fs.existsSync(p.join(extDir, f))).toBe(true);
+    });
+
+    it('custom-provider-qwen-cli extension has index.ts and package.json', () => {
+        const fs = require('node:fs');
+        const p = require('node:path');
+        const base = p.resolve(__dirname, '..', '..', 'config', 'pi', 'extensions', 'custom-provider-qwen-cli');
+        expect(fs.existsSync(p.join(base, 'index.ts'))).toBe(true);
+        expect(fs.existsSync(p.join(base, 'package.json'))).toBe(true);
+    });
+
+    it('readExistingPiValues extracts DASHSCOPE_API_KEY from existing auth.json', async () => {
+        const { readExistingPiValues } = await import('../src/commands/install-pi.js?t=' + Date.now());
+        const tmpDir = require('node:fs').mkdtempSync(require('node:path').join(require('node:os').tmpdir(), 'pi-test-'));
+        require('node:fs').writeFileSync(require('node:path').join(tmpDir, 'auth.json'), JSON.stringify({ dashscope: { type: 'api_key', key: 'sk-existing-123' } }));
+        const result = readExistingPiValues(tmpDir);
+        require('node:fs').rmSync(tmpDir, { recursive: true });
+        expect(result['DASHSCOPE_API_KEY']).toBe('sk-existing-123');
+    });
+
+    it('readExistingPiValues extracts ZAI_API_KEY from existing auth.json', async () => {
+        const { readExistingPiValues } = await import('../src/commands/install-pi.js?t=' + Date.now());
+        const tmpDir = require('node:fs').mkdtempSync(require('node:path').join(require('node:os').tmpdir(), 'pi-test-'));
+        require('node:fs').writeFileSync(require('node:path').join(tmpDir, 'auth.json'), JSON.stringify({ zai: { type: 'api_key', key: 'zai-existing-456' } }));
+        const result = readExistingPiValues(tmpDir);
+        require('node:fs').rmSync(tmpDir, { recursive: true });
+        expect(result['ZAI_API_KEY']).toBe('zai-existing-456');
+    });
+
+    it('readExistingPiValues returns empty object when auth.json missing', async () => {
+        const { readExistingPiValues } = await import('../src/commands/install-pi.js?t=' + Date.now());
+        expect(readExistingPiValues('/nonexistent/path')).toEqual({});
+    });
+
+    it('readExistingPiValues extracts DASHSCOPE_API_KEY from models.json when auth.json missing', async () => {
+        const { readExistingPiValues } = await import('../src/commands/install-pi.js?t=models' + Date.now());
+        const tmpDir = require('node:fs').mkdtempSync(require('node:path').join(require('node:os').tmpdir(), 'pi-test-'));
+        require('node:fs').writeFileSync(require('node:path').join(tmpDir, 'models.json'), JSON.stringify({ providers: { dashscope: { apiKey: 'sk-from-models-789' } } }));
+        const result = readExistingPiValues(tmpDir);
+        require('node:fs').rmSync(tmpDir, { recursive: true });
+        expect(result['DASHSCOPE_API_KEY']).toBe('sk-from-models-789');
+    });
+});

package/test/install-project.test.ts

@@ -15,13 +15,14 @@ import {
 } from '../src/commands/install-project.js';
 
 describe('buildProjectInitGuide', () => {
-    it('includes recommended quality-gate skills and required config checks', () => {
+    it('includes complete onboarding guidance (quality gates, beads workflow, and git workflow)', () => {
         const guide = buildProjectInitGuide();
-        expect(guide).toContain('ts-quality-gate');
-        expect(guide).toContain('py-quality-gate');
+        expect(guide).toContain('quality-gates');
         expect(guide).toContain('tdd-guard');
-        expect(guide.toLowerCase()).toContain('lint');
-        expect(guide.toLowerCase()).toContain('mypy');
+        expect(guide).toContain('service-skills-set');
+        expect(guide.toLowerCase()).toContain('beads workflow');
+        expect(guide).toContain('bd ready --json');
+        expect(guide).toContain('gh pr create --fill');
         expect(guide.toLowerCase()).toContain('service-skills-set');
     });
 });
@@ -86,6 +87,34 @@ describe('deepMergeHooks', () => {
         expect(matcher).toContain('mcp__serena__insert_after_symbol');
         expect(matcher).toContain('mcp__serena__insert_before_symbol');
     });
+
+    it('upgrades matcher when command path differs but hook script is the same', () => {
+        const existing = {
+            hooks: {
+                PostToolUse: [{
+                    matcher: 'Write|Edit|MultiEdit',
+                    hooks: [{ command: 'python3 "$CLAUDE_PROJECT_DIR/hooks/quality-check.py"' }],
+                }],
+            },
+        };
+
+        const incoming = {
+            hooks: {
+                PostToolUse: [{
+                    matcher: 'Write|Edit|MultiEdit|mcp__serena__rename_symbol|mcp__serena__replace_symbol_body|mcp__serena__insert_after_symbol|mcp__serena__insert_before_symbol',
+                    hooks: [{ command: 'python3 "$CLAUDE_PROJECT_DIR/.claude/hooks/quality-check.py"' }],
+                }],
+            },
+        };
+
+        const merged = deepMergeHooks(existing, incoming);
+        expect(merged.hooks.PostToolUse).toHaveLength(1);
+        const matcher = merged.hooks.PostToolUse[0].matcher as string;
+        expect(matcher).toContain('mcp__serena__rename_symbol');
+        expect(matcher).toContain('mcp__serena__replace_symbol_body');
+        expect(matcher).toContain('mcp__serena__insert_after_symbol');
+        expect(matcher).toContain('mcp__serena__insert_before_symbol');
+    });
 });
 
 describe('extractReadmeDescription', () => {

package/test/install-service-skills.test.ts

@@ -1,5 +1,6 @@
 import { describe, it, expect, beforeEach, afterEach } from 'vitest';
 import { mkdtemp, rm } from 'node:fs/promises';
+import { spawnSync } from 'node:child_process';
 import { tmpdir } from 'node:os';
 import path from 'node:path';
 import fsExtra from 'fs-extra';
@@ -108,4 +109,23 @@ describe('installGitHooks', () => {
         const count = (content.match(/# \[jaggers\] doc-reminder/g) ?? []).length;
         expect(count).toBe(1);
     });
+
+    it('chains hooks into configured core.hooksPath when beads owns hooks path', async () => {
+        spawnSync('git', ['init'], { cwd: tmpDir, stdio: 'pipe' });
+        spawnSync('git', ['config', 'core.hooksPath', '.beads/hooks'], { cwd: tmpDir, stdio: 'pipe' });
+
+        await installGitHooks(tmpDir, ACTUAL_CLAUDE_SRC);
+
+        const beadsPreCommit = path.join(tmpDir, '.beads', 'hooks', 'pre-commit');
+        const beadsPrePush = path.join(tmpDir, '.beads', 'hooks', 'pre-push');
+        expect(await fsExtra.pathExists(beadsPreCommit)).toBe(true);
+        expect(await fsExtra.pathExists(beadsPrePush)).toBe(true);
+
+        const preCommitContent = await fsExtra.readFile(beadsPreCommit, 'utf8');
+        const prePushContent = await fsExtra.readFile(beadsPrePush, 'utf8');
+        expect(preCommitContent).toContain('# [jaggers] chain-githooks');
+        expect(prePushContent).toContain('# [jaggers] chain-githooks');
+        expect(preCommitContent).toContain(path.join(tmpDir, '.githooks', 'pre-commit'));
+        expect(prePushContent).toContain(path.join(tmpDir, '.githooks', 'pre-push'));
+    });
 });