docguard-cli 0.21.0__tar.gz → 0.22.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {docguard_cli-0.21.0/extensions/spec-kit-docguard → docguard_cli-0.22.0/.agent}/skills/docguard-fix/SKILL.md +2 -2
- {docguard_cli-0.21.0/extensions/spec-kit-docguard → docguard_cli-0.22.0/.agent}/skills/docguard-guard/SKILL.md +2 -2
- {docguard_cli-0.21.0/extensions/spec-kit-docguard → docguard_cli-0.22.0/.agent}/skills/docguard-review/SKILL.md +2 -2
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/skills/docguard-score/SKILL.md +2 -2
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/skills/docguard-sync/SKILL.md +1 -1
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.docguard.json +36 -1
- docguard_cli-0.22.0/.github/dependabot.yml +23 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.github/workflows/ci.yml +2 -2
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.github/workflows/release.yml +142 -6
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.github/workflows/sync-speckit-catalog.yml +14 -11
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/AGENTS.md +1 -1
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/CHANGELOG.md +173 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/PKG-INFO +21 -8
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/README.md +20 -7
- docguard_cli-0.22.0/assets/bin/docguard +2 -0
- docguard_cli-0.22.0/assets/demo.gif +0 -0
- docguard_cli-0.22.0/assets/demo.tape +27 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/explain.mjs +11 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/guard.mjs +2 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/init.mjs +13 -8
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/memory.mjs +11 -1
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/upgrade.mjs +12 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/docguard.mjs +1 -1
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/ensure-skills.mjs +50 -8
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/scanners/routes.mjs +8 -2
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/shared-source.mjs +9 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/docs-diff.mjs +18 -3
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/environment.mjs +13 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/freshness.mjs +33 -3
- docguard_cli-0.22.0/cli/validators/surface-sync.mjs +365 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/traceability.mjs +65 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs/quickstart.md +1 -1
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs-canonical/CI-RECIPES.md +2 -2
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/README.md +1 -1
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/extension.yml +1 -1
- {docguard_cli-0.21.0/.agent → docguard_cli-0.22.0/extensions/spec-kit-docguard}/skills/docguard-fix/SKILL.md +2 -2
- {docguard_cli-0.21.0/.agent → docguard_cli-0.22.0/extensions/spec-kit-docguard}/skills/docguard-guard/SKILL.md +2 -2
- {docguard_cli-0.21.0/.agent → docguard_cli-0.22.0/extensions/spec-kit-docguard}/skills/docguard-review/SKILL.md +2 -2
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/skills/docguard-score/SKILL.md +2 -2
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/skills/docguard-sync/SKILL.md +1 -1
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/package.json +1 -1
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/pyproject.toml +1 -1
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/schemas/docguard-config.schema.json +26 -0
- docguard_cli-0.22.0/specs/004-v020-env-var-false-negative/spec.md +147 -0
- docguard_cli-0.22.0/specs/005-hugocross-next-bugs/spec.md +365 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/docs-diff.test.mjs +23 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/environment.test.mjs +62 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/freshness.test.mjs +76 -0
- docguard_cli-0.22.0/tests/routes-nextjs-app-router.test.mjs +72 -0
- docguard_cli-0.22.0/tests/security-init-injection.test.mjs +145 -0
- docguard_cli-0.22.0/tests/surface-sync.test.mjs +339 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/traceability.test.mjs +45 -0
- docguard_cli-0.21.0/.github/dependabot.yml +0 -20
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/commands/speckit.analyze.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/commands/speckit.checklist.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/commands/speckit.clarify.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/commands/speckit.constitution.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/commands/speckit.implement.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/commands/speckit.plan.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/commands/speckit.specify.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/commands/speckit.tasks.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/commands/speckit.taskstoissues.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/skills/speckit-analyze/SKILL.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/skills/speckit-checklist/SKILL.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/skills/speckit-clarify/SKILL.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/skills/speckit-constitution/SKILL.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/skills/speckit-implement/SKILL.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/skills/speckit-plan/SKILL.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/skills/speckit-specify/SKILL.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/skills/speckit-tasks/SKILL.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.agent/skills/speckit-taskstoissues/SKILL.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.docguardignore +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.github/ISSUE_TEMPLATE/bug_report.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.github/ISSUE_TEMPLATE/feature_request.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.github/scripts/patch-catalog.py +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.github/workflows/supply-chain.yml +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.gitignore +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.jules/bolt.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.jules/palette.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.jules/sentinel.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.npmignore +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.npmrc +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/extensions/.cache/catalog-ebf165086500aab1-metadata.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/extensions/.cache/catalog-ebf165086500aab1.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/extensions/.cache/catalog-metadata.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/extensions/.cache/catalog.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/init-options.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/memory/constitution.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/scripts/bash/check-prerequisites.sh +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/scripts/bash/common.sh +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/scripts/bash/create-new-feature.sh +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/scripts/bash/setup-plan.sh +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/scripts/bash/update-agent-context.sh +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/templates/agent-file-template.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/templates/checklist-template.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/templates/constitution-template.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/templates/plan-template.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/templates/spec-template.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/.specify/templates/tasks-template.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/CODE_OF_CONDUCT.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/COMPARISONS.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/CONTRIBUTING.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/DRIFT-LOG.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/LICENSE +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/PHILOSOPHY.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/ROADMAP.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/SECURITY.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/STANDARD.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/SUPPLY-CHAIN-AUDIT.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/SUPPORT.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/action.yml +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/agents.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/badge.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/ci.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/demo.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/diagnose.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/diff.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/fix.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/generate.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/hooks.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/impact.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/llms.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/publish.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/score.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/setup.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/sync.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/trace.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/commands/watch.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/scanners/api-doc.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/scanners/cdk.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/scanners/doc-tools.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/scanners/frontend.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/scanners/iac.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/scanners/integrations.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/scanners/memory-plan.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/scanners/project-type.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/scanners/schemas.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/scanners/speckit.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/shared-git.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/shared-ignore.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/shared.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/api-surface.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/architecture.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/canonical-sync.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/changelog.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/cross-reference.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/doc-quality.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/docs-coverage.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/docs-sync.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/drift.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/generated-staleness.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/metadata-sync.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/metrics-consistency.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/schema-sync.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/security.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/spec-kit.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/structure.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/test-spec.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/validators/todo-tracking.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/writers/api-reference.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/writers/fix-memory.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/writers/mechanical.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/cli/writers/sections.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/commands/docguard.fix.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/commands/docguard.guard.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/commands/docguard.review.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/commands/docguard.score.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/configs/fastify.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/configs/generic.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/configs/nextjs.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/configs/python.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docguard_cli/__init__.py +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docguard_cli/wrapper.py +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs/ai-integration.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs/commands.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs/configuration.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs/doc-sections.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs/faq.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs/installation.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs/profiles.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs-canonical/ARCHITECTURE.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs-canonical/DATA-MODEL.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs-canonical/ENVIRONMENT.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs-canonical/REQUIREMENTS.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs-canonical/SECURITY.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs-canonical/SURFACE-AUDIT.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs-canonical/TEST-SPEC.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/docs-implementation/MIGRATION-v0.20.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/01-express-api/README.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/01-express-api/package.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/01-express-api/server.js +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/02-python-flask/README.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/02-python-flask/app.py +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/02-python-flask/docs-canonical/ARCHITECTURE.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/02-python-flask/requirements.txt +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/03-spec-kit-project/CHANGELOG.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/03-spec-kit-project/README.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/03-spec-kit-project/docs-canonical/ARCHITECTURE.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/03-spec-kit-project/docs-canonical/TEST-SPEC.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/03-spec-kit-project/package.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/03-spec-kit-project/src/index.js +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/03-spec-kit-project/tests/basic.test.js +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/examples/README.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/LICENSE +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/commands/diagnose.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/commands/fix.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/commands/generate.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/commands/guard.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/commands/init.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/commands/score.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/commands/sync.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/commands/trace.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/scripts/bash/common.sh +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/scripts/bash/docguard-check-docs.sh +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/scripts/bash/docguard-init-doc.sh +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/scripts/bash/docguard-suggest-fix.sh +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/templates/extensions.yml +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/templates/github-workflows/docguard-autofix.yml +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/extensions/spec-kit-docguard/templates/github-workflows/docguard-guard.yml +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/pr_description.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/specs/001-fix-ignore-validators/plan.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/specs/001-fix-ignore-validators/spec.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/specs/001-fix-ignore-validators/tasks.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/specs/002-fix-test-discovery/plan.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/specs/002-fix-test-discovery/spec.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/specs/002-fix-test-discovery/tasks.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/specs/003-v011-false-positives/plan.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/specs/003-v011-false-positives/spec.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/specs/003-v011-false-positives/tasks.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/ADR.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/AGENTS.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/ARCHITECTURE.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/CHANGELOG.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/CURRENT-STATE.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/DATA-MODEL.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/DEPLOYMENT.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/DRIFT-LOG.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/ENVIRONMENT.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/KNOWN-GOTCHAS.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/REQUIREMENTS.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/ROADMAP.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/RUNBOOKS.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/SECURITY.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/TEST-SPEC.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/TROUBLESHOOTING.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/VENDOR-BUGS.md.template +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/ci/github-actions.yml +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/commands/docguard.fix.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/commands/docguard.guard.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/commands/docguard.init.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/commands/docguard.review.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/commands/docguard.update.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/.docguard.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/.env.example +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/AGENTS.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/CHANGELOG.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/DRIFT-LOG.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/README.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/docs-canonical/API-REFERENCE.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/docs-canonical/ARCHITECTURE.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/docs-canonical/DATA-MODEL.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/docs-canonical/ENVIRONMENT.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/docs-canonical/SECURITY.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/docs-canonical/TEST-SPEC.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/package.json +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/src/api.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/src/notifier.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/src/scheduler.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/templates/demo-fixture/src/worker.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/test-draft.js +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/test-metrics.js +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/anchor-autofix.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/api-doc.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/api-surface.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/api-write.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/architecture.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/b7-node-env-symmetry.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/backup-failure.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/canonical-sync.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/cdk-detection.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/changed-only-scoping.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/changed-only.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/changelog.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/commands.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/cross-reference.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/demo-command.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/doc-quality.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/docguardignore.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/docs-coverage.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/docs-sync.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/drift.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/fix-memory.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/fix-suppression.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/fixture-projects.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/frontend-deep.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/frontend.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/generated-staleness.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/guard-classify.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/guard-no-throw.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/hooks.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/i18n.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/impact.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/init-smart-detection.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/integrations.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/mechanical.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/memory-plan.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/metadata-sync.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/metrics-consistency.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/metrics-dedup.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/monorepo-scanning.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/multi-spec.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/npm-pack-smoke.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/patch-0.11.2.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/plan-disk-cache.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/profile-flag.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/project-type.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/regenerate-section.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/routes-multilang.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/schema-sync.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/schemas-multilang.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/schemas.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/scoping-extended.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/section-na-markers.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/sections.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/security.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/severity.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/shared-git.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/shared-source.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/stress-test.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/structure.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/sweep-nudge.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/sync-since.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/sync.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/test-spec.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/todo-tracking.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/trace-multilang.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/trace-reverse.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/upgrade-pr-e2e.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/upgrade-pr.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/upgrade.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/v020-consolidation.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/validator-naming.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/version-pin.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/tests/whats-new.test.mjs +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/vscode-extension/.vscodeignore +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/vscode-extension/README.md +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/vscode-extension/extension.js +0 -0
- {docguard_cli-0.21.0 → docguard_cli-0.22.0}/vscode-extension/package.json +0 -0
|
@@ -6,10 +6,10 @@ description: AI-driven documentation repair with structured research workflow, t
|
|
|
6
6
|
compatibility: Requires DocGuard CLI installed (npm i -g docguard-cli or npx docguard-cli)
|
|
7
7
|
metadata:
|
|
8
8
|
author: docguard
|
|
9
|
-
version: 0.
|
|
9
|
+
version: 0.22.0
|
|
10
10
|
source: extensions/spec-kit-docguard/skills/docguard-fix
|
|
11
11
|
---
|
|
12
|
-
<!-- docguard:version: 0.
|
|
12
|
+
<!-- docguard:version: 0.22.0 -->
|
|
13
13
|
|
|
14
14
|
# DocGuard Fix Skill
|
|
15
15
|
|
|
@@ -7,10 +7,10 @@ description: Run DocGuard guard validation against Canonical-Driven Development
|
|
|
7
7
|
compatibility: Requires DocGuard CLI installed (npm i -g docguard-cli or npx docguard-cli)
|
|
8
8
|
metadata:
|
|
9
9
|
author: docguard
|
|
10
|
-
version: 0.
|
|
10
|
+
version: 0.22.0
|
|
11
11
|
source: extensions/spec-kit-docguard/skills/docguard-guard
|
|
12
12
|
---
|
|
13
|
-
<!-- docguard:version: 0.
|
|
13
|
+
<!-- docguard:version: 0.22.0 -->
|
|
14
14
|
|
|
15
15
|
# DocGuard Guard Skill
|
|
16
16
|
|
|
@@ -6,10 +6,10 @@ description: Cross-document consistency analysis and quality assessment. Perform
|
|
|
6
6
|
compatibility: Requires DocGuard CLI installed (npm i -g docguard-cli or npx docguard-cli)
|
|
7
7
|
metadata:
|
|
8
8
|
author: docguard
|
|
9
|
-
version: 0.
|
|
9
|
+
version: 0.22.0
|
|
10
10
|
source: extensions/spec-kit-docguard/skills/docguard-review
|
|
11
11
|
---
|
|
12
|
-
<!-- docguard:version: 0.
|
|
12
|
+
<!-- docguard:version: 0.22.0 -->
|
|
13
13
|
|
|
14
14
|
# DocGuard Review Skill
|
|
15
15
|
|
|
@@ -6,10 +6,10 @@ description: CDD maturity assessment with category-aware improvement roadmap. Ru
|
|
|
6
6
|
compatibility: Requires DocGuard CLI installed (npm i -g docguard-cli or npx docguard-cli)
|
|
7
7
|
metadata:
|
|
8
8
|
author: docguard
|
|
9
|
-
version: 0.
|
|
9
|
+
version: 0.22.0
|
|
10
10
|
source: extensions/spec-kit-docguard/skills/docguard-score
|
|
11
11
|
---
|
|
12
|
-
<!-- docguard:version: 0.
|
|
12
|
+
<!-- docguard:version: 0.22.0 -->
|
|
13
13
|
|
|
14
14
|
# DocGuard Score Skill
|
|
15
15
|
|
|
@@ -4,7 +4,7 @@ description: Keep canonical documentation ALWAYS UP TO DATE. Refreshes code-trut
|
|
|
4
4
|
compatibility: Requires DocGuard CLI installed (npm i -g docguard-cli or npx docguard-cli)
|
|
5
5
|
metadata:
|
|
6
6
|
author: docguard
|
|
7
|
-
version: 0.
|
|
7
|
+
version: 0.22.0
|
|
8
8
|
source: extensions/spec-kit-docguard/skills/docguard-sync
|
|
9
9
|
---
|
|
10
10
|
|
|
@@ -40,5 +40,40 @@
|
|
|
40
40
|
"environment": true,
|
|
41
41
|
"freshness": true
|
|
42
42
|
},
|
|
43
|
-
"severity": {}
|
|
43
|
+
"severity": {},
|
|
44
|
+
"surfaceSync": {
|
|
45
|
+
"surfaces": [
|
|
46
|
+
{
|
|
47
|
+
"name": "commands",
|
|
48
|
+
"glob": "cli/commands/*.mjs",
|
|
49
|
+
"extract": "basename-no-ext",
|
|
50
|
+
"ignore": [
|
|
51
|
+
"agents", "hooks", "ci", "badge", "llms", "publish",
|
|
52
|
+
"setup", "impact"
|
|
53
|
+
],
|
|
54
|
+
"docs": ["README.md"],
|
|
55
|
+
"section": "Usage"
|
|
56
|
+
},
|
|
57
|
+
{
|
|
58
|
+
"name": "validators",
|
|
59
|
+
"glob": "cli/validators/*.mjs",
|
|
60
|
+
"extract": "basename-no-ext",
|
|
61
|
+
"ignore": [
|
|
62
|
+
"drift",
|
|
63
|
+
"doc",
|
|
64
|
+
"doc-sections",
|
|
65
|
+
"drift-comments"
|
|
66
|
+
],
|
|
67
|
+
"docs": ["README.md"],
|
|
68
|
+
"section": "Validators"
|
|
69
|
+
},
|
|
70
|
+
{
|
|
71
|
+
"name": "slash-commands",
|
|
72
|
+
"glob": "templates/commands/*.md",
|
|
73
|
+
"extract": "basename-no-ext",
|
|
74
|
+
"docs": ["README.md"],
|
|
75
|
+
"section": "Slash Commands"
|
|
76
|
+
}
|
|
77
|
+
]
|
|
78
|
+
}
|
|
44
79
|
}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
version: 2
|
|
2
|
+
updates:
|
|
3
|
+
- package-ecosystem: "npm"
|
|
4
|
+
directory: "/"
|
|
5
|
+
schedule:
|
|
6
|
+
interval: "monthly"
|
|
7
|
+
groups:
|
|
8
|
+
all-npm:
|
|
9
|
+
patterns: ["*"]
|
|
10
|
+
- package-ecosystem: "pip"
|
|
11
|
+
directory: "/"
|
|
12
|
+
schedule:
|
|
13
|
+
interval: "monthly"
|
|
14
|
+
groups:
|
|
15
|
+
all-pip:
|
|
16
|
+
patterns: ["*"]
|
|
17
|
+
- package-ecosystem: "github-actions"
|
|
18
|
+
directory: "/"
|
|
19
|
+
schedule:
|
|
20
|
+
interval: "monthly"
|
|
21
|
+
groups:
|
|
22
|
+
all-actions:
|
|
23
|
+
patterns: ["*"]
|
|
@@ -15,7 +15,7 @@ jobs:
|
|
|
15
15
|
node-version: [18, 20, 22]
|
|
16
16
|
|
|
17
17
|
steps:
|
|
18
|
-
- uses: actions/checkout@
|
|
18
|
+
- uses: actions/checkout@v6
|
|
19
19
|
with:
|
|
20
20
|
fetch-depth: 0 # Full git history for freshness validator
|
|
21
21
|
|
|
@@ -81,7 +81,7 @@ jobs:
|
|
|
81
81
|
if: startsWith(github.ref, 'refs/tags/v')
|
|
82
82
|
needs: test
|
|
83
83
|
steps:
|
|
84
|
-
- uses: actions/checkout@
|
|
84
|
+
- uses: actions/checkout@v6
|
|
85
85
|
- uses: actions/setup-node@v6
|
|
86
86
|
with:
|
|
87
87
|
node-version: 20
|
|
@@ -19,7 +19,7 @@ jobs:
|
|
|
19
19
|
version: ${{ steps.check.outputs.version }}
|
|
20
20
|
changed: ${{ steps.check.outputs.changed }}
|
|
21
21
|
steps:
|
|
22
|
-
- uses: actions/checkout@
|
|
22
|
+
- uses: actions/checkout@v6
|
|
23
23
|
with:
|
|
24
24
|
fetch-depth: 2 # Need previous commit to compare
|
|
25
25
|
|
|
@@ -49,7 +49,7 @@ jobs:
|
|
|
49
49
|
matrix:
|
|
50
50
|
node-version: [18, 20, 22]
|
|
51
51
|
steps:
|
|
52
|
-
- uses: actions/checkout@
|
|
52
|
+
- uses: actions/checkout@v6
|
|
53
53
|
with:
|
|
54
54
|
fetch-depth: 0
|
|
55
55
|
- uses: actions/setup-node@v6
|
|
@@ -68,7 +68,7 @@ jobs:
|
|
|
68
68
|
outputs:
|
|
69
69
|
tag: v${{ needs.detect-version.outputs.version }}
|
|
70
70
|
steps:
|
|
71
|
-
- uses: actions/checkout@
|
|
71
|
+
- uses: actions/checkout@v6
|
|
72
72
|
with:
|
|
73
73
|
fetch-depth: 0 # Fetch all history + tags for reliable tag detection
|
|
74
74
|
|
|
@@ -125,7 +125,7 @@ jobs:
|
|
|
125
125
|
needs: [detect-version, create-release]
|
|
126
126
|
runs-on: ubuntu-latest
|
|
127
127
|
steps:
|
|
128
|
-
- uses: actions/checkout@
|
|
128
|
+
- uses: actions/checkout@v6
|
|
129
129
|
|
|
130
130
|
- name: Build extension ZIP
|
|
131
131
|
run: |
|
|
@@ -150,7 +150,7 @@ jobs:
|
|
|
150
150
|
needs: [detect-version, test, create-release]
|
|
151
151
|
runs-on: ubuntu-latest
|
|
152
152
|
steps:
|
|
153
|
-
- uses: actions/checkout@
|
|
153
|
+
- uses: actions/checkout@v6
|
|
154
154
|
- uses: actions/setup-node@v6
|
|
155
155
|
with:
|
|
156
156
|
node-version: 20
|
|
@@ -166,7 +166,7 @@ jobs:
|
|
|
166
166
|
needs: [detect-version, test, create-release]
|
|
167
167
|
runs-on: ubuntu-latest
|
|
168
168
|
steps:
|
|
169
|
-
- uses: actions/checkout@
|
|
169
|
+
- uses: actions/checkout@v6
|
|
170
170
|
- uses: actions/setup-python@v6
|
|
171
171
|
with:
|
|
172
172
|
python-version: '3.12'
|
|
@@ -189,3 +189,139 @@ jobs:
|
|
|
189
189
|
env:
|
|
190
190
|
TWINE_USERNAME: __token__
|
|
191
191
|
TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
|
|
192
|
+
|
|
193
|
+
# ── Step 7: Sync Spec Kit community catalog ────────────────────────────
|
|
194
|
+
# Inlined here (rather than triggered via workflow_run from a sibling
|
|
195
|
+
# workflow) because workflow_run-triggered jobs get 401 on the
|
|
196
|
+
# `gh repo sync … --source github/spec-kit` API call even with a valid
|
|
197
|
+
# PAT in secrets. Same-workflow secret access is consistent — fixes the
|
|
198
|
+
# auto-sync that was failing on every release since the workflow_run
|
|
199
|
+
# auth quirk surfaced.
|
|
200
|
+
sync-catalog:
|
|
201
|
+
needs: [detect-version, build-extension, publish-npm, publish-pypi]
|
|
202
|
+
if: needs.detect-version.outputs.changed == 'true'
|
|
203
|
+
runs-on: ubuntu-latest
|
|
204
|
+
steps:
|
|
205
|
+
- name: Checkout docguard repo
|
|
206
|
+
uses: actions/checkout@v6
|
|
207
|
+
|
|
208
|
+
- name: Get version and metadata
|
|
209
|
+
id: meta
|
|
210
|
+
run: |
|
|
211
|
+
VERSION="${{ needs.detect-version.outputs.version }}"
|
|
212
|
+
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
|
|
213
|
+
echo "tag=v${VERSION}" >> "$GITHUB_OUTPUT"
|
|
214
|
+
echo "download_url=https://github.com/raccioly/docguard/releases/download/v${VERSION}/spec-kit-docguard-v${VERSION}.zip" >> "$GITHUB_OUTPUT"
|
|
215
|
+
echo "updated_at=$(date -u +%Y-%m-%dT%H:%M:%SZ)" >> "$GITHUB_OUTPUT"
|
|
216
|
+
echo "✅ Version: $VERSION"
|
|
217
|
+
|
|
218
|
+
- name: Extract release notes from CHANGELOG
|
|
219
|
+
id: notes
|
|
220
|
+
run: |
|
|
221
|
+
VERSION="${{ steps.meta.outputs.version }}"
|
|
222
|
+
NOTES=$(awk "/^## \\[${VERSION}\\]/{found=1; next} /^## \\[/{if(found) exit} found{print}" CHANGELOG.md)
|
|
223
|
+
if [ -z "$NOTES" ]; then
|
|
224
|
+
NOTES="Updated to v${VERSION}. See [CHANGELOG](https://github.com/raccioly/docguard/blob/main/CHANGELOG.md) for details."
|
|
225
|
+
fi
|
|
226
|
+
echo "$NOTES" > /tmp/changelog-section.md
|
|
227
|
+
echo "✅ Release notes extracted ($(wc -l < /tmp/changelog-section.md) lines)"
|
|
228
|
+
|
|
229
|
+
- name: Sync fork with upstream
|
|
230
|
+
env:
|
|
231
|
+
GH_TOKEN: ${{ secrets.SPECKIT_PR_TOKEN }}
|
|
232
|
+
run: |
|
|
233
|
+
gh repo sync raccioly/spec-kit --source github/spec-kit --branch main --force
|
|
234
|
+
echo "✅ Fork synced with upstream"
|
|
235
|
+
|
|
236
|
+
- name: Checkout spec-kit fork (fresh after sync)
|
|
237
|
+
uses: actions/checkout@v6
|
|
238
|
+
with:
|
|
239
|
+
repository: raccioly/spec-kit
|
|
240
|
+
token: ${{ secrets.SPECKIT_PR_TOKEN }}
|
|
241
|
+
path: spec-kit-fork
|
|
242
|
+
ref: main
|
|
243
|
+
|
|
244
|
+
- name: Update catalog.community.json
|
|
245
|
+
working-directory: spec-kit-fork
|
|
246
|
+
run: |
|
|
247
|
+
VERSION="${{ steps.meta.outputs.version }}"
|
|
248
|
+
DOWNLOAD_URL="${{ steps.meta.outputs.download_url }}"
|
|
249
|
+
UPDATED_AT="${{ steps.meta.outputs.updated_at }}"
|
|
250
|
+
cp ${{ github.workspace }}/.github/scripts/patch-catalog.py /tmp/patch-catalog.py
|
|
251
|
+
python3 /tmp/patch-catalog.py "$VERSION" "$DOWNLOAD_URL" "$UPDATED_AT"
|
|
252
|
+
|
|
253
|
+
- name: Create or update branch
|
|
254
|
+
working-directory: spec-kit-fork
|
|
255
|
+
run: |
|
|
256
|
+
BRANCH="update-docguard"
|
|
257
|
+
git config user.name "github-actions[bot]"
|
|
258
|
+
git config user.email "github-actions[bot]@users.noreply.github.com"
|
|
259
|
+
git checkout -B "$BRANCH"
|
|
260
|
+
git add extensions/catalog.community.json extensions/README.md
|
|
261
|
+
git commit -m "chore: update DocGuard extension to v${{ steps.meta.outputs.version }}" || echo "No changes to commit"
|
|
262
|
+
git push --force origin "$BRANCH"
|
|
263
|
+
echo "✅ Branch $BRANCH pushed"
|
|
264
|
+
|
|
265
|
+
- name: Create or update PR
|
|
266
|
+
working-directory: spec-kit-fork
|
|
267
|
+
env:
|
|
268
|
+
GH_TOKEN: ${{ secrets.SPECKIT_PR_TOKEN }}
|
|
269
|
+
run: |
|
|
270
|
+
VERSION="${{ steps.meta.outputs.version }}"
|
|
271
|
+
BRANCH="update-docguard"
|
|
272
|
+
PR_TITLE="chore: update DocGuard extension to v${VERSION}"
|
|
273
|
+
|
|
274
|
+
cat > /tmp/pr-body.md << 'HEADER'
|
|
275
|
+
## DocGuard Community Extension Update
|
|
276
|
+
|
|
277
|
+
Updates the DocGuard community extension catalog entry.
|
|
278
|
+
|
|
279
|
+
### Changes
|
|
280
|
+
HEADER
|
|
281
|
+
|
|
282
|
+
echo "- Version: **v${VERSION}**" >> /tmp/pr-body.md
|
|
283
|
+
echo "- Download: \`spec-kit-docguard-v${VERSION}.zip\`" >> /tmp/pr-body.md
|
|
284
|
+
echo "- Repository: https://github.com/raccioly/docguard" >> /tmp/pr-body.md
|
|
285
|
+
echo "" >> /tmp/pr-body.md
|
|
286
|
+
echo "### Release Notes" >> /tmp/pr-body.md
|
|
287
|
+
echo "" >> /tmp/pr-body.md
|
|
288
|
+
cat /tmp/changelog-section.md >> /tmp/pr-body.md
|
|
289
|
+
echo "" >> /tmp/pr-body.md
|
|
290
|
+
echo "---" >> /tmp/pr-body.md
|
|
291
|
+
echo "*This PR was automatically generated by the DocGuard release pipeline.*" >> /tmp/pr-body.md
|
|
292
|
+
|
|
293
|
+
EXISTING_PR=$(gh pr list \
|
|
294
|
+
--repo github/spec-kit \
|
|
295
|
+
--head "raccioly:${BRANCH}" \
|
|
296
|
+
--state open \
|
|
297
|
+
--json number \
|
|
298
|
+
--jq '.[0].number' 2>/dev/null || echo "")
|
|
299
|
+
|
|
300
|
+
if [ -z "$EXISTING_PR" ] || [ "$EXISTING_PR" = "null" ]; then
|
|
301
|
+
EXISTING_PR=$(gh pr list \
|
|
302
|
+
--repo github/spec-kit \
|
|
303
|
+
--state open \
|
|
304
|
+
--search "head:raccioly:${BRANCH}" \
|
|
305
|
+
--json number \
|
|
306
|
+
--jq '.[0].number' 2>/dev/null || echo "")
|
|
307
|
+
fi
|
|
308
|
+
|
|
309
|
+
if [ -n "$EXISTING_PR" ] && [ "$EXISTING_PR" != "null" ]; then
|
|
310
|
+
echo "Found existing PR #${EXISTING_PR} — updating title and body..."
|
|
311
|
+
gh pr edit "$EXISTING_PR" \
|
|
312
|
+
--repo github/spec-kit \
|
|
313
|
+
--title "$PR_TITLE" \
|
|
314
|
+
--body-file /tmp/pr-body.md
|
|
315
|
+
echo "✅ Updated existing PR #${EXISTING_PR} to v${VERSION}"
|
|
316
|
+
else
|
|
317
|
+
PR_URL=$(gh pr create \
|
|
318
|
+
--repo github/spec-kit \
|
|
319
|
+
--head "raccioly:${BRANCH}" \
|
|
320
|
+
--base main \
|
|
321
|
+
--title "$PR_TITLE" \
|
|
322
|
+
--body-file /tmp/pr-body.md 2>&1) && {
|
|
323
|
+
echo "✅ Created new PR: $PR_URL"
|
|
324
|
+
} || {
|
|
325
|
+
echo "⚠️ Could not create or find PR — branch was force-pushed with v${VERSION} content"
|
|
326
|
+
}
|
|
327
|
+
fi
|
|
@@ -1,11 +1,16 @@
|
|
|
1
|
-
name: Sync DocGuard to Spec Kit Community Catalog
|
|
2
|
-
|
|
3
|
-
#
|
|
1
|
+
name: Sync DocGuard to Spec Kit Community Catalog (Manual)
|
|
2
|
+
|
|
3
|
+
# Manual recovery only. The automatic post-release sync now runs inside
|
|
4
|
+
# release.yml itself (see the `sync-catalog` job there). This workflow
|
|
5
|
+
# is kept for one-off catalog updates outside the release flow, e.g.
|
|
6
|
+
# fixing a stale entry, retrying after upstream maintenance, or pushing
|
|
7
|
+
# a metadata-only refresh.
|
|
8
|
+
#
|
|
9
|
+
# The previous workflow_run trigger was removed because it caused
|
|
10
|
+
# repeatable HTTP 401s on `gh repo sync ... --source github/spec-kit`
|
|
11
|
+
# despite the PAT being valid — a known GitHub Actions auth quirk for
|
|
12
|
+
# cross-workflow secret usage in workflow_run contexts.
|
|
4
13
|
on:
|
|
5
|
-
workflow_run:
|
|
6
|
-
workflows: ["Auto Release — Tag, GitHub Release, npm, PyPI"]
|
|
7
|
-
types: [completed]
|
|
8
|
-
branches: [main]
|
|
9
14
|
workflow_dispatch:
|
|
10
15
|
inputs:
|
|
11
16
|
version:
|
|
@@ -19,12 +24,10 @@ permissions:
|
|
|
19
24
|
jobs:
|
|
20
25
|
sync-catalog:
|
|
21
26
|
runs-on: ubuntu-latest
|
|
22
|
-
# Only run if the release workflow succeeded (or manual trigger)
|
|
23
|
-
if: ${{ github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success' }}
|
|
24
27
|
|
|
25
28
|
steps:
|
|
26
29
|
- name: Checkout docguard repo
|
|
27
|
-
uses: actions/checkout@
|
|
30
|
+
uses: actions/checkout@v6
|
|
28
31
|
|
|
29
32
|
- name: Get version and metadata
|
|
30
33
|
id: meta
|
|
@@ -71,7 +74,7 @@ jobs:
|
|
|
71
74
|
echo "✅ Fork synced with upstream"
|
|
72
75
|
|
|
73
76
|
- name: Checkout spec-kit fork (fresh after sync)
|
|
74
|
-
uses: actions/checkout@
|
|
77
|
+
uses: actions/checkout@v6
|
|
75
78
|
with:
|
|
76
79
|
repository: raccioly/spec-kit
|
|
77
80
|
token: ${{ secrets.SPECKIT_PR_TOKEN }}
|
|
@@ -41,7 +41,7 @@
|
|
|
41
41
|
| Command | Purpose |
|
|
42
42
|
|---------|---------|
|
|
43
43
|
| `diagnose` | **Primary** — identify issues + generate AI fix prompts |
|
|
44
|
-
| `guard` | Validate project (CI gate) —
|
|
44
|
+
| `guard` | Validate project (CI gate) — 24 validators |
|
|
45
45
|
| `generate` | Reverse-engineer docs from code |
|
|
46
46
|
| `fix --doc <name>` | AI prompt for specific document |
|
|
47
47
|
| `score` | CDD maturity score (0-100) |
|
|
@@ -7,6 +7,179 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [0.22.0] - 2026-05-28
|
|
11
|
+
|
|
12
|
+
### Added — Surface-Sync validator (item-level enumerable drift)
|
|
13
|
+
|
|
14
|
+
`canonical-sync` already checks NUMERIC count claims in the README (ships
|
|
15
|
+
N commands, N validators, mermaid diagram counts). But running the docguard
|
|
16
|
+
repo through itself showed `canonical-sync` passing 3/3 while the README's
|
|
17
|
+
command table silently omitted `demo` — the count matched, the table was
|
|
18
|
+
wrong, the user hit "command not found" anyway. Count-level checks miss
|
|
19
|
+
item-level drift.
|
|
20
|
+
|
|
21
|
+
**Surface-Sync** is the item-level complement. For each configured surface
|
|
22
|
+
(commands, validators, slash commands, templates — anything enumerable), it
|
|
23
|
+
compares code-truth (from a glob) against the names appearing in table rows
|
|
24
|
+
and bullet items in target docs. Warns on items present in code but missing
|
|
25
|
+
from the doc, and on items listed in the doc but missing from code.
|
|
26
|
+
|
|
27
|
+
Key behaviors:
|
|
28
|
+
|
|
29
|
+
- **N/A by default.** Returns "nothing to validate" unless the project's
|
|
30
|
+
`.docguard.json` declares at least one surface under `surfaceSync.surfaces`.
|
|
31
|
+
Existing docguard projects upgrade safely with zero new noise.
|
|
32
|
+
- **Section-scoped scanning.** Each surface can specify a `section` heading;
|
|
33
|
+
the validator restricts scanning to that section so a README containing
|
|
34
|
+
both a Commands table and a Validators table doesn't produce cross-table
|
|
35
|
+
false positives.
|
|
36
|
+
- **Format-aware extraction.** Recognises documented entries written as
|
|
37
|
+
`` `name` ``, `**Name**`, `| `name` |`, `| N | **Name** |`, and bullet
|
|
38
|
+
items. Strips leading `docguard ` / `/` prefixes and folds case so README's
|
|
39
|
+
`**API-Surface**` matches file basename `api-surface.mjs`.
|
|
40
|
+
- **Code-block immune.** Fenced code blocks are stripped before scanning so
|
|
41
|
+
shell examples don't inflate the documented set.
|
|
42
|
+
- **`ignore` list per surface.** Known deprecation aliases, scaffolders
|
|
43
|
+
behind `init --with`, and display-name-vs-filename mismatches can be
|
|
44
|
+
silenced without disabling the surface entirely.
|
|
45
|
+
|
|
46
|
+
Config shape (in `.docguard.json`):
|
|
47
|
+
|
|
48
|
+
```json
|
|
49
|
+
{
|
|
50
|
+
"surfaceSync": {
|
|
51
|
+
"surfaces": [
|
|
52
|
+
{
|
|
53
|
+
"name": "commands",
|
|
54
|
+
"glob": "cli/commands/*.mjs",
|
|
55
|
+
"extract": "basename-no-ext",
|
|
56
|
+
"ignore": ["setup", "impact"],
|
|
57
|
+
"docs": ["README.md"],
|
|
58
|
+
"section": "Usage"
|
|
59
|
+
}
|
|
60
|
+
]
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
DocGuard's own `.docguard.json` now declares three surfaces (commands,
|
|
66
|
+
validators, slash-commands) so the project polices its own README on every
|
|
67
|
+
`guard` run. Run `docguard explain surfaceSync` for fix guidance.
|
|
68
|
+
|
|
69
|
+
### Fixed — eight field-test bugs from v0.20.0
|
|
70
|
+
|
|
71
|
+
Confirmed running v0.20.0 against two real projects (a Python codebase for
|
|
72
|
+
the v0.20.0 cycle and a Next.js 15 App Router codebase). All eight were
|
|
73
|
+
reproduced in the source, fixed surgically, and pinned with regression
|
|
74
|
+
tests. Specs: `specs/004-v020-env-var-false-negative/`, `specs/005-hugocross-next-bugs/`.
|
|
75
|
+
|
|
76
|
+
- **API-Surface emits wrong path for Next.js App Router with `src/` layout**
|
|
77
|
+
— `src/app/api/health/route.ts` was reported as `GET /app/api/health`
|
|
78
|
+
instead of `GET /api/health`. Caused the validator to fire two false
|
|
79
|
+
warnings per route (documented-missing + undocumented-in-code) on every
|
|
80
|
+
`src/app/api/` file. `cli/scanners/routes.mjs`.
|
|
81
|
+
|
|
82
|
+
- **Freshness validator ignored `<!-- docguard:last-reviewed YYYY-MM-DD -->`**
|
|
83
|
+
— header was generated into every template, recommended in the freshness
|
|
84
|
+
fix text itself, checked by `score` for ALCOA+, but never read by
|
|
85
|
+
`validateFreshness`. The reviewer's explicit "I reviewed this" signal
|
|
86
|
+
had zero effect. The header now overrides the git-log fallback.
|
|
87
|
+
`cli/validators/freshness.mjs`.
|
|
88
|
+
|
|
89
|
+
- **Environment-vars in pipe-table rows (no backticks) were treated as
|
|
90
|
+
undocumented** — projects using `| VAR_NAME | description | required |`
|
|
91
|
+
table syntax were silently flagged for every var. The doc parser only
|
|
92
|
+
matched backtick-quoted names; it now also extracts the first column of
|
|
93
|
+
markdown pipe-table rows. `cli/validators/environment.mjs`.
|
|
94
|
+
|
|
95
|
+
- **Docs-Diff warning was unactionable** — emitted `"N documented but not
|
|
96
|
+
found in code"` with no filename. Now lists up to 5 paths inline with
|
|
97
|
+
`(+N more)` for the long-tail. `cli/validators/docs-diff.mjs`.
|
|
98
|
+
|
|
99
|
+
- **Traceability ignored `// @doc` annotations AND missed Next.js App
|
|
100
|
+
Router paths** — templates told users `// @doc API-REFERENCE.md` would
|
|
101
|
+
link a source file to a canonical doc; the scanner never read the
|
|
102
|
+
annotation. Compound: the `API-REFERENCE.md` TRACE_MAP only matched
|
|
103
|
+
`routes/`, `controllers/`, `handlers/`, `openapi/swagger`, and
|
|
104
|
+
`middleware/` — none of which cover `app/api/`. Added an annotation
|
|
105
|
+
scanner (top-of-file, multi-language comment syntax) and an
|
|
106
|
+
`(app|pages)/api/` glob. `cli/validators/traceability.mjs`.
|
|
107
|
+
|
|
108
|
+
- **`docguard upgrade --apply` silently broke Metrics-Consistency** — when
|
|
109
|
+
a CLI upgrade added or removed validators, the project's hardcoded "N
|
|
110
|
+
validators" counts in markdown went stale and the very next
|
|
111
|
+
`docguard guard` failed Metrics-Consistency. The user did nothing wrong.
|
|
112
|
+
`upgrade --apply` now prints an explicit nudge to run `fix --write`
|
|
113
|
+
using the just-installed binary (the current process holds the OLD CLI's
|
|
114
|
+
validator list, so it cannot apply the fix itself). `cli/commands/upgrade.mjs`.
|
|
115
|
+
|
|
116
|
+
- **Python env-vars were never scanned at all** — `grepEnvUsage` walked
|
|
117
|
+
`.py` files but the regex list was JS-only (`process.env.*`,
|
|
118
|
+
`import.meta.env.*`). Every documented Python env var read as "in docs,
|
|
119
|
+
not in code". Added patterns for `os.environ["X"]`, `os.environ.get("X")`,
|
|
120
|
+
and `os.getenv("X")`. The `explain` command's claim that Python was
|
|
121
|
+
supported now actually holds. `cli/shared-source.mjs`.
|
|
122
|
+
|
|
123
|
+
- **`docguard memory` "Accuracy" overlapped `docguard score` "Accuracy"
|
|
124
|
+
with different denominators** — same word, same project, wildly different
|
|
125
|
+
numbers. Renamed the per-claim metric in `memory` to **"Claim match
|
|
126
|
+
rate"** (matched claims / total claims) so it no longer collides with
|
|
127
|
+
the score's weighted accuracy axis across all signals. JSON field name
|
|
128
|
+
unchanged for backward compatibility. `cli/commands/memory.mjs`.
|
|
129
|
+
|
|
130
|
+
## [0.21.1] - 2026-05-26
|
|
131
|
+
|
|
132
|
+
**Security patch — closes issue #190.** Command injection vulnerability in
|
|
133
|
+
`docguard init` via the `ai` field of `.specify/init-options.json` is fixed.
|
|
134
|
+
|
|
135
|
+
### Security
|
|
136
|
+
|
|
137
|
+
- **Issue #190: command injection in `cli/commands/init.mjs` and
|
|
138
|
+
`cli/ensure-skills.mjs`.** The `detectAIAgent()` helper returned the
|
|
139
|
+
`ai` field from `.specify/init-options.json` without validation, and
|
|
140
|
+
that value was then shell-interpolated into an `execSync` invocation:
|
|
141
|
+
```js
|
|
142
|
+
const aiFlag = `--ai ${detectedAgent}`;
|
|
143
|
+
execSync(`specify init ... ${aiFlag} ...`);
|
|
144
|
+
```
|
|
145
|
+
A local attacker with file-system write access to a victim's repo
|
|
146
|
+
could plant `{"ai": "claude; touch /tmp/pwned;"}` and trigger
|
|
147
|
+
arbitrary command execution on the victim's next `docguard init`.
|
|
148
|
+
|
|
149
|
+
**Severity:** Medium (requires local file-system access; pre-fix
|
|
150
|
+
`detectAIAgent` consumed configs from any project DocGuard ran in).
|
|
151
|
+
|
|
152
|
+
**Discovered:** 23 duplicate auto-generated draft PRs from the
|
|
153
|
+
"Sentinel" AI agent flagged this during the v0.19 cleanup sweep.
|
|
154
|
+
The drafts were closed as noise but the underlying finding was
|
|
155
|
+
tracked in #190 — fixed properly here.
|
|
156
|
+
|
|
157
|
+
**Fix (two layers, defense in depth):**
|
|
158
|
+
1. `getDetectedAgent()` now allowlist-validates the `ai` field against
|
|
159
|
+
`/^[a-zA-Z0-9_-]{1,32}$/`. Anything else (shell metacharacters,
|
|
160
|
+
non-strings, oversized values) returns `null`.
|
|
161
|
+
2. New `safeSpawnSpecify(args, opts)` helper uses `execFileSync` with
|
|
162
|
+
args passed as an array — no shell interpolation possible. Both
|
|
163
|
+
unsafe call sites (`init.mjs` and `ensure-skills.mjs`) now use
|
|
164
|
+
this helper. Cross-platform (POSIX direct exec / Windows
|
|
165
|
+
`cmd.exe /c specify.cmd`).
|
|
166
|
+
|
|
167
|
+
### Tests
|
|
168
|
+
|
|
169
|
+
- 596 → **610** (+14): `tests/security-init-injection.test.mjs` pins
|
|
170
|
+
both defense layers. Tests every shell metacharacter (`;`, backtick,
|
|
171
|
+
`$()`, `|`, `&&`, newline), oversized values, non-string types,
|
|
172
|
+
malformed JSON, missing config files. Asserts the legitimate
|
|
173
|
+
allowlist (claude, cursor-agent, gemini, agy, copilot, windsurf,
|
|
174
|
+
codex, roo, amp, kiro-cli, tabnine, underscore-bearing future names).
|
|
175
|
+
|
|
176
|
+
### Audit
|
|
177
|
+
|
|
178
|
+
`grep -rn execSync cli/` was re-run; remaining call sites are all
|
|
179
|
+
hardcoded literals (no attacker-influenced interpolation): freshness
|
|
180
|
+
git probes, score's git probe, setup/doc-quality `which`-style
|
|
181
|
+
detection. Documented in commit message.
|
|
182
|
+
|
|
10
183
|
## [0.21.0] - 2026-05-26
|
|
11
184
|
|
|
12
185
|
**Time-to-value.** The funnel-unblocker release. Until v0.21, a dev shopping
|