50 Commits

  • feat(opencode): 全面升级OpenCode集成 (#2251)
    - 修复ecc-hooks.ts中的硬编码ECC_VERSION(从package.json读取)
    - 改进错误处理机制(统一模式、详细错误信息)
    - 增强类型安全(添加ToolArgs、ToolInput等类型定义)
    - 改进跨平台兼容性(支持macOS、Windows、Linux)
    - 添加dependency-analyzer工具(依赖分析)
    - 改进format-code工具(错误处理、跨平台支持)
    - 改进lint-check工具(错误处理、跨平台支持)
    - 更新文档(代理26个、工具8个、命令26个)
    - 添加工具测试(6个测试用例)
    - 改进现有测试(7个测试用例)
    
    所有测试通过(16/16)
    
    Co-authored-by: Pual-LI-6 <dj2112236494@outlook.com>
  • fix(security): add host/origin allowlist + validate git refs + quote workflow input (#2185)
    Three defense-in-depth fixes around untrusted input flowing to subprocess execution:
    
    1. **Control-pane HTTP server (scripts/lib/control-pane/server.js)**
       The local control-pane API binds to 127.0.0.1 but had no Host or Origin
       validation, so a DNS-rebinding attack from a malicious website could pivot
       into the loopback endpoints — including POST /api/actions/:id, which spawns
       'cargo run -- graph ...' with caller-supplied query strings. Add a hostname
       allowlist (loopback variants plus the explicitly configured --host) and
       reject mismatched Host (421) or non-loopback Origin (403) before any route
       handler runs.
    
    2. **OpenCode git-summary tool (.opencode/tools/git-summary.ts)**
       The tool was building 'git diff ${baseBranch}...HEAD --stat' with execSync
       and a raw model-supplied baseBranch string. Switch run() to execFileSync
       with an args array (no shell), validate baseBranch against a conservative
       git-ref allowlist (rejects shell metacharacters, leading -, embedded ..),
       and clamp the depth arg to a small positive integer before interpolating
       into 'git log --oneline -<N>'.
    
    3. **Reusable test workflow (.github/workflows/reusable-test.yml)**
       The 'Install dependencies' step interpolated ${{ inputs.package-manager }}
       directly into a bash 'case' and into an echo, so a downstream caller that
       forwarded attacker-controllable input could inject into the runner. Move
       the input into a PACKAGE_MANAGER env var and reference $PACKAGE_MANAGER
       inside the script per the GitHub script-injection guidance.
    
    Detected by Aeon + semgrep p/security-audit (host check via threat-model
    manual-review axis; git-summary via detect-child-process; workflow via
    run-shell-injection).
    
    Verification: node tests/run-all.js — 2686/2687 pre-existing tests pass; the
    one failure (observe.sh legacy output fallback) reproduces on main without
    this branch applied. Added 2 new control-pane tests covering the allowlist
    classifier and the DNS-rebinding-gate behavior end-to-end.
    
    ---
    Filed by [Aeon](https://github.com/aaronjmars/aeon-aaron).
    
    Co-authored-by: aeonframework <aeon@aaronjmars.com>
  • release: 2.0.0 — the agent harness operating system
    Graduate 2.0.0-rc.1 to stable. Bump version across package, plugin,
    marketplace, OpenCode, agent metadata, VERSION, and all localized docs.
    Add 2.0.0 release notes + README sections (en/zh/pt-BR/tr), CHANGELOG
    entry, and the ECC community Discord bot (dependency-free gateway client
    + guild command registrar). Update copilot-support and release-surface
    tests for the sponsored-review migration and the 2.0.0 surface.
  • feat(skills): add laravel-security, laravel-tdd, and php-reviewer agent (#2122)
    * feat(skills): add laravel-security, laravel-tdd, and php-reviewer agent
    
    * fix: resolve code review findings across laravel-security, laravel-tdd, and php-reviewer
    
    - laravel-security: replace env() with config() in runtime code,
      replace wildcard trusted proxies with CIDR ranges, remove blanket
      api/* CSRF exclusion, fix validated() return type, add null-safe
      rate limiter user access, sync mimes/extensions allowlists,
      replace #[Encrypted] with ShouldBeEncrypted, fix RateLimited args
    - laravel-tdd: remove global withoutExceptionHandling() from setUp,
      remove contradictory assertNothingOutgoing(), fix undefined
      variable, replace invalid PHPUnit --min-coverage flag
    - php-reviewer: fix Python contamination, add automated check
      requirement to approval criteria
    
    * fix: align php-reviewer approval criteria and use config dot-notation keys
    
    - agents/php-reviewer.md: sync approval criteria with .txt file version
      (add automated checks requirement for consistency across harnesses)
    - skills/laravel-security/SKILL.md: replace raw env names with proper
      Laravel dot-notation config keys (app.key, services.stripe.*, etc.)
      so config() returns valid values instead of null
    
    * fix: remove unnecessary secret validation for SMTP password
  • fix(commands): resolve active plugin root in /instinct-status (#2037) (#2059)
    The `/instinct-status` slash command template expanded
    `${CLAUDE_PLUGIN_ROOT}` directly and documented a manual-install
    fallback to `~/.claude/skills/continuous-learning-v2/scripts/instinct-cli.py`.
    When users had both an active plugin install (under
    `~/.claude/plugins/cache/<slug>/<org>/<version>/`) and a legacy
    `~/.claude/skills/continuous-learning-v2/` directory left over from a
    previous manual install, an empty `CLAUDE_PLUGIN_ROOT` (which Claude
    Code does not always populate in slash-command shell contexts) silently
    made the command read the stale legacy install while the active plugin
    hooks and observer wrote to the new XDG path. The user saw "No
    instincts found" while the system was actively learning — exactly the
    divergence the bug reporter spent hours diagnosing.
    
    Replace the brittle two-block template with the same inline resolver
    pattern that `hooks/hooks.json` and `/sessions` / `/skill-health`
    already use: env var → standard install → known plugin roots → plugin
    cache walk → fallback. The resolver is the canonical `INLINE_RESOLVE`
    constant from `scripts/lib/resolve-ecc-root.js`, so no new code is
    introduced — just consistent adoption of the existing pattern.
    
    Apply the same fix to all five copies of the command:
      - commands/instinct-status.md (canonical)
      - .opencode/commands/instinct-status.md
      - docs/zh-CN/commands/instinct-status.md
      - docs/ja-JP/commands/instinct-status.md
      - docs/tr/commands/instinct-status.md
    
    Extend tests/lib/command-plugin-root.test.js with an assertion that the
    canonical instinct-status.md uses the inline resolver and no longer
    hard-codes the legacy `~/.claude/skills/...` fallback (regression
    guard).
    
    zh-CN copy: polish the Chinese phrasing per LanguageTool feedback
    (`使用与 ... 相同的解析器` → `以与 ... 相同的解析器`) so the verb is
    introduced by an explicit preposition instead of reading as an awkward
    verb-object construction.
  • fix(install-targets): validate compiled OpenCode plugin before install (#2041)
    Fail fast when the OpenCode home install is attempted from a source checkout without the compiled .opencode/dist payload. PR had the full CI matrix green.
  • feat: extend harness audit integration scoring (#1990)
    Salvages the useful harness-audit scoring work from #1989 while preserving the current hook registry and newer plugin install detection. Adds GitHub integration checks, conditional deploy-provider categories, dynamic applicable category metadata, and CODEOWNERS coverage.
  • feat: add Quarkus handling
    Adds Quarkus handling across the Java skill/reviewer surface, with maintainer follow-up fixes for duplicate catalog entries, required skill sections, localized snippet structure, and current main alignment.\n\nValidation run locally on the final PR head:\n- NODE_PATH=/Users/affoon/GitHub/ECC/everything-claude-code/node_modules node scripts/ci/validate-install-manifests.js\n- NODE_PATH=/Users/affoon/GitHub/ECC/everything-claude-code/node_modules node scripts/ci/validate-skills.js\n- NODE_PATH=/Users/affoon/GitHub/ECC/everything-claude-code/node_modules node scripts/ci/catalog.js --text\n- npx --yes markdownlint-cli docs/ECC-2.0-GA-ROADMAP.md\n- git diff --check\n- NODE_PATH=/Users/affoon/GitHub/ECC/everything-claude-code/node_modules node tests/run-all.js (2324 passed, 0 failed)
  • feat(opencode): add changed-files tree with change indicators (#815)
    * feat(opencode): add changed-files tree with change indicators
    
    * feat(opencode): address changed-files review feedback
    
    ---------
    
    Co-authored-by: Affaan Mustafa <me@affaanmustafa.com>
  • feat(opencode): complete OpenCode agent setup - add 10 missing agent prompts (#726)
    * feat(opencode): complete OpenCode agent setup - add 11 missing agent prompts
    
    Summary:
    - Add 11 missing OpenCode agent prompt files for: chief-of-staff, cpp-reviewer, cpp-build-resolver, docs-lookup, harness-optimizer, java-reviewer, java-build-resolver, kotlin-reviewer, kotlin-build-resolver, loop-operator, python-reviewer
    - Update opencode.json to register all 25 agents (previously only 14 were configured)
    
    Type:
    - [x] Agent
    
    Testing:
    - Verified JSON syntax is valid
    - All 25 agents now have corresponding prompt files in .opencode/prompts/agents/
    - opencode.json updated with all agent configurations
    
    * fix: address PR review comments - add SOUL.md, update AGENTS.md, fix tool configs, and refine agent prompts
    
    * fix: remove chief-of-staff agent and SOUL.md per affaan-m review
    
    - Remove chief-of-staff agent from opencode.json (outside ECC scope)
    - Remove chief-of-staff.txt prompt file
    - Remove SOUL.md file
    - Remove chief-of-staff from AGENTS.md table and orchestration section
    - Update agent count from 28 to 27
    
    ---------
    
    Co-authored-by: Nayan Jaiswal <jaiswal2062@gmail.com>
  • fix: audit consumer projects from cwd (#1014)
    * fix: audit consumer projects from cwd
    
    * fix: unblock unicode safety CI lint
    
    * fix: unblock shared CI regressions
    
    * test: isolate package-manager dependent hooks and formatter tests
  • perf(hooks): move post-edit-format and post-edit-typecheck to strict-only (#757)
    * perf(hooks): move post-edit-format and post-edit-typecheck to strict-only
    
    These hooks fire synchronously on every Edit call with 15-30s timeouts
    each. During multi-file refactors this adds 5-10 minutes of overhead.
    
    Moving them from standard,strict to strict-only means they won't fire
    in the default profile but are still available for users who want the
    extra validation.
    
    Fixes #735
    
    * Also update OpenCode plugin to strict-only for format/typecheck
    
    The OpenCode plugin had the same standard,strict profile for
    post:edit:format and post:edit:typecheck, so OpenCode users on the
    default profile would still get the per-edit overhead.
  • chore: prepare v1.9.0 release (#666)
    - Bump version to 1.9.0 in package.json, package-lock.json, .opencode/package.json
    - Add v1.9.0 changelog with 212 commits covering selective install architecture,
      6 new agents, 15+ new skills, session/state infrastructure, observer fixes,
      12 language ecosystems, and community contributions
    - Update README with v1.9.0 release notes and complete agents tree (27 agents)
    - Add pytorch-build-resolver to AGENTS.md agent table
    - Update documentation counts to 27 agents, 109 skills, 57 commands
    - Update version references in zh-CN README
    - All 1421 tests passing, catalog counts verified
  • feat(agents): add Rust language support (#523)
    * feat(agents): add Rust language support — reviewer, build resolver, patterns, and testing
    
    Add Rust-specific agents and skills following the established Go/Kotlin pattern:
    - agents/rust-reviewer.md: ownership, lifetimes, unsafe audit, clippy, error handling
    - agents/rust-build-resolver.md: cargo build errors, borrow checker, dependency resolution
    - skills/rust-patterns/SKILL.md: idiomatic Rust patterns and best practices
    - skills/rust-testing/SKILL.md: TDD, unit/integration/async/property-based testing
    
    * fix(agents): correct Rust examples for accuracy and consistency
    
    - unsafe fn: add inner unsafe {} block for Rust 2024 edition compliance
    - edition: update from 2021 to 2024 as current default
    - rstest: add missing fixture import
    - mockall: add missing predicate::eq import
    - concurrency: use sync_channel (bounded) and expect() over unwrap()
      to align with rust-reviewer's HIGH-priority review checks
    
    * fix(skills): correct compilation issues in Rust code examples
    
    - collect: add .copied() for &str iterator into String
    - tokio import: remove unused sleep, keep Duration
    - async test: add missing Duration import
    
    * fix(skills): move --no-fail-fast before test-binary args
    
    --no-fail-fast is a Cargo option, not a test binary flag.
    Placing it after -- forwards it to the test harness where it is
    unrecognized.
    
    * fix(agents): distinguish missing cargo-audit from real audit failures
    
    Check if cargo-audit is installed before running it, so actual
    vulnerability findings are not suppressed by the fallback message.
    
    * fix: address automated review findings across all Rust files
    
    - build-resolver: prefer scoped cargo update over full refresh
    - testing: add Cargo.toml bench config with harness = false for criterion
    - testing: condense TDD example to stay under 500-line limit
    - patterns: use expect() over unwrap() on JoinHandle for consistency
    - patterns: add explicit lifetime to unsafe FFI return reference
    - reviewer: replace misleading "string interpolation" with concrete alternatives
    
    * fix: align with CONTRIBUTING.md conventions
    
    - skills: rename "When to Activate" to "When to Use" per template
    - reviewer: add cargo check gate before starting review
    
    * fix(agents): guard cargo-audit and cargo-deny with availability checks
    
    Match the pattern used in rust-build-resolver to avoid command-not-found
    errors when optional tools are not installed.
    
    * fix: address second round of automated review findings
    
    - testing: split TDD example into separate code blocks to avoid
      duplicate fn definition in single block
    - build-resolver/reviewer: use if/then/else instead of && ... ||
      chaining for cargo-audit/deny to avoid masking real failures
    - build-resolver: add MSRV caveat to edition upgrade guidance
    
    * feat: add Rust slash commands for build, review, and test
    
    Add commands/rust-build.md, commands/rust-review.md, and
    commands/rust-test.md to provide consistent user entrypoints
    matching the existing Go and Kotlin command patterns.
    
    * fix(commands): improve rust-build accuracy and tone
    
    - Restructure-first borrow fix example instead of clone-first
    - Realistic cargo test output format (per-test lines, not per-file)
    - Align "Parse Errors" step with actual resolver behavior
    - Prefer restructuring over cloning in common errors table
    
    * fix: address cubic-dev-ai review findings on commands
    
    - Gate review on all automated checks, not just cargo check
    - Use git diff HEAD~1 / git diff main...HEAD for PR file selection
    - Fix #[must_use] guidance: Result is already must_use by type
    - Remove error-masking fallback on cargo tree --duplicates
    
    * fix: address remaining review findings across all bots
    
    - Add rust-reviewer and rust-build-resolver to AGENTS.md registry
    - Update agent count from 16 to 18
    - Mark parse_config doctest as no_run (body is todo!())
    - Add "How It Works" section to both Rust skills
    - Replace cargo install with taiki-e/install-action in CI snippet
    - Trim tarpaulin section to stay under 500-line limit
    
    * fix(agents): align rust-reviewer invocation with command spec
    
    - Use git diff HEAD~1 / main...HEAD instead of bare git diff
    - Add cargo test as explicit step before review begins
    
    * fix(skills): address cubic review on patterns and testing
    
    - Remove Tokio-specific language from How It Works summary
    - Add cargo-llvm-cov install note in coverage section
    - Revert no_run on doctest examples (illustrative code, not compiled)
    
    * fix(skills): use expect on thread join for consistency
    
    Replace handle.join().unwrap() with .expect("worker thread panicked")
    to match the .expect("mutex poisoned") pattern used above.
    
    * fix(agents): gate review on all automated checks, not just cargo check
    
    Consolidate check/clippy/fmt/test into a single gate step that
    stops and reports if any fail, matching the command spec.
    
    * fix(skills): replace unwrap with expect in channel example
    
    Use .expect("receiver disconnected") on tx.send() for consistency
    with the .expect() convention used in all other concurrency examples.
    
    * fix: address final review round — OpenCode mirrors, counts, examples
    
    - Add .opencode/commands/rust-{build,review,test}.md mirrors
    - Add .opencode/prompts/agents/rust-{build-resolver,reviewer}.txt mirrors
    - Fix AGENTS.md count to 20 (add missing kotlin agents to table)
    - Fix review example: all checks pass (consistent with gate policy)
    - Replace should_panic doctest with is_err() (consistent with best practices)
    - Trim testing commands to stay at 500-line limit
    
    * fix: address cubic and greptile review on OpenCode files and agents
    
    - Fix crate::module import guidance (internal path, not Cargo.toml)
    - Add cargo fmt --check to verification steps
    - Fix TDD GREEN example to handle error path (validate(input)?)
    - Scope .context() guidance to anyhow/eyre application code
    - Update command count from 40 to 51
    - Add tokio channel variants to unbounded channel warning
    - Preserve JoinError context in spawned task panic message
    
    * fix: stale command count, channel guidance, cargo tree fallback
    
    - Fix stale command count in Project Structure section (40→51)
    - Clarify unbounded channel rule: context-appropriate bounded alternatives
    - Remove dead cargo tree fallback (exits 0 even with no duplicates)
    - Sync OpenCode reviewer mirror with tokio channel coverage
  • fix: remove internal sponsor/partner notes from public README
    The "Traction & Distribution" section contained internal business
    context (sponsor-call checklists, partner reporting instructions)
    that doesn't belong in a user-facing README. Moved to docs/business/.
  • feat: project-scoped instinct isolation
    * feat: add project-scoped instinct isolation
    
    * fix(continuous-learning-v2): harden instinct loading and promotion safety; sync v2.1 command docs
    
    * fix(ci): make copilot-setup-steps a valid GitHub Actions workflow
    
    * fix(hooks): stabilize docs warning inline JS regex parsing
  • feat: add Cursor, Codex, and OpenCode harnesses — maximize every AI coding tool
    - AGENTS.md: universal cross-tool file read by Claude Code, Cursor, Codex, and OpenCode
    - .cursor/: 15 hook events via hooks.json, 16 hook scripts with DRY adapter pattern,
      29 rules (9 common + 20 language-specific) with Cursor YAML frontmatter
    - .codex/: reference config.toml, Codex-specific AGENTS.md supplement,
      10 skills ported to .agents/skills/ with openai.yaml metadata
    - .opencode/: 3 new tools (format-code, lint-check, git-summary), 3 new hooks
      (shell.env, experimental.session.compacting, permission.ask), expanded instructions,
      version bumped to 1.6.0
    - README: fixed Cursor section, added Codex section, added cross-tool parity table
    - install.sh: now copies hooks.json + hooks/ for --target cursor
  • feat(ecc): prune plugin 43→12 items, promote 7 rules to .claude/rules/ (#245)
    ECC community plugin pruning: removed 530+ non-essential files
    (.cursor/, .opencode/, docs/ja-JP, docs/zh-CN, docs/zh-TW,
    language-specific skills/agents/rules). Retained 4 agents,
    3 commands, 5 skills. Promoted 13 rule files (8 common + 5
    typescript) to .claude/rules/ for CC native loading. Extracted
    reusable patterns to EXTRACTED-PATTERNS.md.
  • fix: sync .opencode/ package version to 1.4.1
    The OpenCode sub-package had stale 1.0.0 versions in package.json,
    index.ts VERSION export, and package-lock.json while the main package
    is at 1.4.1. Updated all three to match.
  • fix: box alignment in test runner, update metadata counts, add 18 tests
    - Fix run-all.js box alignment (hardcoded spaces 1 char short, now using dynamic padEnd)
    - Update .opencode/index.ts metadata (12→13 agents, 24→31 commands, 16→37 skills)
    - Add commandExists edge case tests (empty, spaces, path separators, metacharacters)
    - Add findFiles edge case tests (? wildcard, mtime sorting, maxAge filtering)
    - Add ensureDir race condition and return value tests
    - Add runCommand output trimming and failure tests
    - Add pre-compact session annotation and compaction log timestamp tests
    - Add check-console-log invalid JSON handling test
    - Add replaceInFile capture group test
    - Add readStdinJson Promise type check
  • docs(opencode): clarify OpenCode-specific usage (#214)
    * docs(opencode): clarify OpenCode-specific usage
    
    Signed-off-by: Siddhi Khandelwal <siddhi.200727@gmail.com>
    
    * docs(opencode): close bash code fence in CLI example
    
    Signed-off-by: Siddhi Khandelwal <siddhi.200727@gmail.com>
    
    ---------
    
    Signed-off-by: Siddhi Khandelwal <siddhi.200727@gmail.com>
  • fix: correct stale counts and broken paths across docs
    - .cursor/README.md: skills 30→37, commands ~28→31
    - .opencode/MIGRATION.md: fix rules paths (rules/ → rules/common/)
    - README.zh-CN.md: fix agent/skill/command counts
    - docs/ja-JP/README.md: fix agent/skill/command counts
  • fix: rename opencode package from opencode-ecc to ecc-universal
    Update all references in .opencode/ to use the published npm package
    name ecc-universal instead of the old opencode-ecc name.
  • fix: update opencode-ecc plugin for SDK v1.1.53 and refresh README stats
    - Fix PluginContext → PluginInput type rename in @opencode-ai/plugin
    - Import tool from @opencode-ai/plugin/tool subpath (fixes broken barrel export)
    - Update client.app.log() calls to use new options-object API signature
    - Stringify tool execute return values (SDK now requires Promise<string>)
    - Add .js extensions to relative imports for NodeNext module resolution
    - Update README star count (42K+) and contributor count (24)
  • feat: complete OpenCode plugin support with hooks, tools, and commands
    Major OpenCode integration overhaul:
    
    - llms.txt: Comprehensive OpenCode documentation for LLMs (642 lines)
    - .opencode/plugins/ecc-hooks.ts: All Claude Code hooks translated to OpenCode's plugin system
    - .opencode/tools/*.ts: 3 custom tools (run-tests, check-coverage, security-audit)
    - .opencode/commands/*.md: All 24 commands in OpenCode format
    - .opencode/package.json: npm package structure for opencode-ecc
    - .opencode/index.ts: Main plugin entry point
    
    - Delete incorrect LIMITATIONS.md (hooks ARE supported via plugins)
    - Rewrite MIGRATION.md with correct hook event mapping
    - Update README.md OpenCode section to show full feature parity
    
    OpenCode has 20+ events vs Claude Code's 3 phases:
    - PreToolUse → tool.execute.before
    - PostToolUse → tool.execute.after
    - Stop → session.idle
    - SessionStart → session.created
    - SessionEnd → session.deleted
    - Plus: file.edited, file.watcher.updated, permission.asked, todo.updated
    
    - 12 agents: Full parity
    - 24 commands: Full parity (+1 from original 23)
    - 16 skills: Full parity
    - Hooks: OpenCode has MORE (20+ events vs 3 phases)
    - Custom Tools: 3 native OpenCode tools
    
    The OpenCode configuration can now be:
    1. Used directly: cd everything-claude-code && opencode
    2. Installed via npm: npm install opencode-ecc