Commit Graph

81 Commits

  • fix(scripts): add os.homedir() fallback for Windows compatibility
    On Windows (native cmd/PowerShell), process.env.HOME is undefined.
    Seven CLI entry points and two library files pass process.env.HOME
    directly as homeDir without a cross-platform fallback, causing all
    path resolutions to silently fail (resolving to "undefined/.claude/...").
    
    Node.js os.homedir() correctly handles all platforms (HOME on Unix,
    USERPROFILE on Windows, OS-level fallback). The project already uses
    this pattern in scripts/lib/state-store/index.js and has a getHomeDir()
    utility in scripts/lib/utils.js, but it was not applied consistently.
    
    Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
    
    Signed-off-by: Lidang-Jiang <lidangjiang@gmail.com>
  • fix(install): add rust, cpp, csharp to legacy language alias map (#747)
    * fix(install): add rust, cpp, csharp to legacy language alias map
    
    The legacy installer compatibility layer in install-manifests.js was
    missing entries for rust, cpp, and csharp — languages that have
    rules/ directories and (for rust/cpp) install-components.json entries.
    
    Running `./install.sh rust` fails with "Unknown legacy language: rust"
    because LEGACY_LANGUAGE_ALIAS_TO_CANONICAL and
    LEGACY_LANGUAGE_EXTRA_MODULE_IDS didn't include these languages.
    
    Fixes the issue reported in #694 by @mpiton.
    
    Generated with [Claude Code](https://claude.ai/code)
    via [Happy](https://happy.engineering)
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    Co-Authored-By: Happy <yesreply@happy.engineering>
    
    * fix(install): complete csharp legacy support and add resolution tests
    
    - Add lang:csharp component to install-components.json with
      framework-language module (matching cpp/rust pattern)
    - Update csharp mapping in LEGACY_LANGUAGE_EXTRA_MODULE_IDS from
      empty array to ['framework-language']
    - Add end-to-end resolution tests for rust, cpp, and csharp verifying
      framework-language module is included in resolved moduleIds
    
    Addresses review feedback from Copilot, Greptile, CodeRabbit, and Cubic.
    
    Generated with [Claude Code](https://claude.ai/code)
    via [Happy](https://happy.engineering)
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    Co-Authored-By: Happy <yesreply@happy.engineering>
    
    ---------
    
    Co-authored-by: Claude <noreply@anthropic.com>
    Co-authored-by: Happy <yesreply@happy.engineering>
  • feat: agent description compression with lazy loading (#696)
    * feat: add agent description compression with lazy loading (#491)
    
    Agent descriptions consume ~26k tokens (121KB across 27 agents). This adds
    a compression library with three modes:
    - catalog: metadata only (~2-3k tokens) for agent selection
    - summary: metadata + first paragraph (~4-5k tokens) for routing
    - full: no compression, for when agent is invoked
    
    Includes lazy-load function to fetch full agent body on demand.
    21 tests covering parsing, compression, filtering, and real agents dir.
    
    * fix: update JSDoc to include all stats fields in buildAgentCatalog
    
    Add compressedBytes and mode to the documented return type, matching
    the actual implementation.
  • fix: auto-detect ECC root from plugin cache when CLAUDE_PLUGIN_ROOT is unset (#547) (#691)
    When ECC is installed as a Claude Code plugin via the marketplace,
    scripts live in the plugin cache (~/.claude/plugins/cache/...) but
    commands fallback to ~/.claude/ which doesn't have the scripts.
    
    Add resolve-ecc-root.js with a 3-step fallback chain:
      1. CLAUDE_PLUGIN_ROOT env var (existing)
      2. Standard install at ~/.claude/ (existing)
      3. NEW: auto-scan the plugin cache directory
    
    Update sessions.md and skill-health.md commands to use the new
    inline resolver. Includes 15 tests covering all fallback paths
    including env var priority, standard install, cache discovery,
    and the compact INLINE_RESOLVE used in command .md files.
  • feat: agent compression, inspection logic, governance hooks (#491, #485, #482) (#688)
    Implements three roadmap features:
    
    - Agent description compression (#491): New `agent-compress` module with
      catalog/summary/full compression modes and lazy-loading. Reduces ~26k
      token agent descriptions to ~2-3k catalog entries for context efficiency.
    
    - Inspection logic (#485): New `inspection` module that detects recurring
      failure patterns in skill_runs. Groups by skill + normalized failure
      reason, generates structured reports with suggested remediation actions.
      Configurable threshold (default: 3 failures).
    
    - Governance event capture hook (#482): PreToolUse/PostToolUse hook that
      detects secrets, policy violations, approval-required commands, and
      elevated privilege usage. Gated behind ECC_GOVERNANCE_CAPTURE=1 flag.
      Writes to governance_events table via JSON-line stderr output.
    
    59 new tests (16 + 16 + 27), all passing.
  • fix: strip ANSI escape codes from session persistence hooks (#642) (#684)
    Windows terminals emit control sequences (cursor movement, screen
    clearing) that leaked into session.tmp files and were injected
    verbatim into Claude's context on the next session start.
    
    Add a comprehensive stripAnsi() to utils.js that handles CSI, OSC,
    charset selection, and bare ESC sequences. Apply it in session-end.js
    (when extracting user messages from the transcript) and in
    session-start.js (safety net before injecting session content).
  • feat: implement --with/--without selective install flags (#679)
    Add agent: and skill: component families to the install component
    catalog, enabling fine-grained selective install via CLI flags:
    
      ecc install --profile developer --with lang:typescript --without capability:orchestration
      ecc install --with lang:python --with agent:security-reviewer
    
    Changes:
    - Add agent: family (9 entries) and skill: family (10 entries) to
      manifests/install-components.json for granular component addressing
    - Update install-components.schema.json to accept agent: and skill:
      family prefixes
    - Register agent and skill family prefixes in COMPONENT_FAMILY_PREFIXES
      (scripts/lib/install-manifests.js)
    - Add 41 comprehensive tests covering CLI parsing, request normalization,
      component catalog validation, plan resolution, target filtering,
      error handling, and end-to-end install with --with/--without flags
    
    Closes #470
  • fix: resolve 8 test failures on main (install pipeline, orchestrator, repair) (#564)
    - Add duplicate slug detection in buildOrchestrationPlan to reject
      worker names that collapse to the same slug
    - Use buildTemplateVariables() for launcher command interpolation
      so _sh and _raw suffixes are available in templates
  • feat(design): skill health dashboard mockup (#518)
    * feat(Design): skill health dashboard mockup
    
    * fix(comments): code according to comments
  • Add PowerShell installer wrapper and update documentation (#532)
    * Add install.ps1 PowerShell wrapper and tests
    
    Add a Windows-native PowerShell wrapper (install.ps1) that resolves symlinks and delegates to the Node-based installer runtime. Update README with PowerShell usage examples and cross-platform npx entrypoint guidance. Point the ecc-install bin to the Node installer (scripts/install-apply.js) in package.json (and refresh package-lock), include install.ps1 in package files, and add tests: a new install-ps1.test.js and a tweak to install-sh.test.js to skip on Windows. These changes provide native Windows installer support while keeping npm-compatible cross-platform invocation.
    
    * Improve tests for Windows HOME/USERPROFILE
    
    Make tests more cross-platform by ensuring HOME and USERPROFILE are kept in sync and by normalizing test file paths for display.
    
    - tests/lib/session-adapters.test.js: set USERPROFILE when temporarily setting HOME and restore previous USERPROFILE on teardown.
    - tests/run-all.js: use a normalized displayPath (forward-slash separated) for logging and error messages so output is consistent across platforms.
    - tests/scripts/ecc.test.js & tests/scripts/session-inspect.test.js: build envOverrides from options.env and add HOME <-> USERPROFILE fallbacks so spawned child processes receive both variables when only one is provided.
    
    These changes prevent test failures and inconsistent logs on Windows where USERPROFILE is used instead of HOME.
    
    * Fix Windows paths and test flakiness
    
    Improve cross-platform behavior and test stability.
    
    - Remove unused createLegacyInstallPlan import from install-lifecycle.js.
    - Change resolveInstallConfigPath to use path.normalize(path.join(cwd, configPath)) to produce normalized relative paths.
    - Tests: add toBashPath and normalizedRelativePath helpers to normalize Windows paths for bash and comparisons.
    - Make cleanupTestDir retry rmSync on transient Windows errors (EPERM/EBUSY/ENOTEMPTY) with short backoff using sleepMs.
    - Ensure spawned test processes receive USERPROFILE and convert repo/detect paths to bash format when invoking bash.
    
    These changes reduce Windows-specific failures and flakiness in the test suite and tidy up a small unused import.
  • fix: resolve all CI test failures (19 fixes across 6 files) (#519)
    - canonical-session: fall back to JSON file recording when the loaded
      state-store module has no writer methods (factory vs instance)
    - install-executor: skip node_modules and .git dirs in listFilesRecursive
      to prevent ETIMEDOUT copying thousands of .opencode dependency files
    - ecc.js: increase maxBuffer to 10MB for spawned subcommands to prevent
      ENOBUFS on large install plan JSON output
    - install-apply.test: update Cursor and Antigravity path assertions to
      match flattened rule layout and remapped dirs (workflows, skills)
    - ecc.test: increase maxBuffer in test runner to handle large output
    - orchestrate-codex-worker.sh: guard against unreadable task file before
      cat, write failure status and handoff artifacts on early exit
  • feat: add SQLite state store and query CLI (#510)
    * feat: add SQLite state store and ECC status CLI
    
    * fix: replace better-sqlite3 with sql.js to eliminate native module CI failures
    
    better-sqlite3 requires native C++ compilation (node-gyp, prebuild-install)
    which fails in CI across npm/pnpm on all platforms:
    - npm ci: lock file out of sync with native transitive deps
    - pnpm: native bindings not found at runtime
    - Windows: native compilation fails entirely
    
    sql.js is a pure JavaScript/WASM SQLite implementation with zero native
    dependencies. The adapter in index.js wraps the sql.js API to match the
    better-sqlite3 interface used by migrations.js and queries.js.
    
    Key implementation detail: sql.js db.export() implicitly ends active
    transactions, so the adapter defers disk writes (saveToDisk) until
    after transaction commit via an inTransaction guard flag.
    
    createStateStore is now async (sql.js requires async WASM init).
    Updated status.js, sessions-cli.js, and tests accordingly.
  • feat: strengthen install lifecycle and target adapters (#512)
    * fix: strengthen install lifecycle adapters
    
    * fix: restore template content on uninstall
  • feat: self-improving skills loop — observe, inspect, amend, evaluate
    - Add skill health observation layer (execution logging, success/failure tracking)
    - Add skill health inspector (trace recurring failures across runs)
    - Add amendify mechanism (propose SKILL.md patches from failure evidence)
    - Add evaluation scaffolding (compare amended vs original performance)
    - Wire into session-inspect CLI: skills:health, skills:amendify, skills:evaluate
    - 1145/1145 tests passing (+3 new)
  • feat: expand session adapter registry with structured targets
    - Registry accepts { type, value } structured targets
    - Add --list-adapters and --target-type CLI flags to session-inspect
    - Export adapter type from claude-history and dmux-tmux adapters
    - 71 new session adapter tests, 34 new session-inspect tests
    - All 1142 tests passing
  • refactor: deduplicate config lists and unify resolveFormatterBin branches
    Extract BIOME_CONFIGS and PRETTIER_CONFIGS as shared constants to eliminate
    duplication between PROJECT_ROOT_MARKERS and detectFormatter(). Unify the
    biome/prettier branches in resolveFormatterBin() via a FORMATTER_PACKAGES
    map. Remove redundant path.resolve() in quality-gate.js.
  • fix(hooks): add Windows .cmd support with shell injection guard
    Handle Windows .cmd shim resolution via spawnSync with strict path
    validation. Removes shell:true injection risk, uses strict equality,
    and restores .cmd support with path injection guard.
  • perf(hooks): use direct require() instead of spawning child process
    Invoke hook scripts directly via require() when they export a
    run(rawInput) function, eliminating one Node.js process spawn per
    hook invocation (~50-100ms).
    
    Includes path traversal guard, timeouts, error logging, PR review
    feedback, legacy hooks guard, normalized filePath, and restored
    findProjectRoot config detection with package manager support.
  • feat(hooks): add shared resolve-formatter utility with caching
    Extract project-root discovery, formatter detection, and binary
    resolution into a reusable module. Caches results per-process to
    avoid redundant filesystem lookups on every Edit hook invocation.
    
    This is the foundation for eliminating npx overhead in format hooks.
  • fix(hooks): allow tmux-wrapped dev server commands (#321)
    * fix(hooks): fix shell splitter redirection/escape bugs, extract shared module
    
    - Fix single & incorrectly splitting redirection operators (&>, >&, 2>&1)
    - Fix escaped quotes (\", \') not being handled inside quoted strings
    - Extract splitShellSegments into shared scripts/lib/shell-split.js
      to eliminate duplication between hooks.json, before-shell-execution.js,
      and pre-bash-dev-server-block.js
    - Add comprehensive tests for shell splitting edge cases
    
    * fix(hooks): handle backslash escapes outside quotes in shell splitter
    
    Escaped operators like \&& and \; outside quotes were still being
    treated as separators. Add escape handling for unquoted context.
  • fix(hooks): scrub secrets and harden hook security (#348)
    * fix(hooks): scrub secrets and harden hook security
    
    - Scrub common secret patterns (api_key, token, password, etc.) from
      observation logs before persisting to JSONL (observe.sh)
    - Auto-purge observation files older than 30 days (observe.sh)
    - Strip embedded credentials from git remote URLs before saving to
      projects.json (detect-project.sh)
    - Add command prefix allowlist to runCommand — only git, node, npx,
      which, where are permitted (utils.js)
    - Sanitize CLAUDE_SESSION_ID in temp file paths to prevent path
      traversal (suggest-compact.js)
    
    Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
    
    * fix(hooks): address review feedback from CodeRabbit and Cubic
    
    - Reject shell command-chaining operators (;|&`) in runCommand, strip
      quoted sections before checking to avoid false positives (utils.js)
    - Remove command string from blocked error message to avoid leaking
      secrets (utils.js)
    - Fix Python regex quoting: switch outer shell string from double to
      single quotes so regex compiles correctly (observe.sh)
    - Add optional auth scheme match (Bearer, Basic) to secret scrubber
      regex (observe.sh)
    - Scope auto-purge to current project dir and match only archived
      files (observations-*.jsonl), not live queue (observe.sh)
    - Add second fallback after session ID sanitization to prevent empty
      string (suggest-compact.js)
    - Preserve backward compatibility when credential stripping changes
      project hash — detect and migrate legacy directories
      (detect-project.sh)
    
    Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
    
    * fix(hooks): block $() substitution, fix Bearer redaction, add security tests
    
    - Add $ and \n to blocked shell metacharacters in runCommand to prevent
      command substitution via $(cmd) and newline injection (utils.js)
    - Make auth scheme group capturing so Bearer/Basic is preserved in
      redacted output instead of being silently dropped (observe.sh)
    - Add 10 unit tests covering runCommand allowlist blocking (rm, curl,
      bash prefixes) and metacharacter rejection (;|&`$ chaining), plus
      error message leak prevention (utils.test.js)
    
    Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
    
    * fix(hooks): scrub parse-error fallback, strengthen security tests
    
    Address remaining reviewer feedback from CodeRabbit and Cubic:
    
    - Scrub secrets in observe.sh parse-error fallback path (was writing
      raw unsanitized input to observations file)
    - Remove redundant re.IGNORECASE flag ((?i) inline flag already set)
    - Add inline comment documenting quote-stripping limitation trade-off
    - Fix misleading test name for error-output test
    - Add 5 new security tests: single-quote passthrough, mixed
      quoted+unquoted metacharacters, prefix boundary (no trailing space),
      npx acceptance, and newline injection
    - Improve existing quoted-metacharacter test to actually exercise
      quote-stripping logic
    
    Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
    
    * fix(security): block $() and backtick inside quotes in runCommand
    
    Shell evaluates $() and backticks inside double quotes, so checking
    only the unquoted portion was insufficient. Now $ and ` are rejected
    anywhere in the command string, while ; | & remain quote-aware.
    
    Addresses CodeRabbit and Cubic review feedback on PR #348.
    
    Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
    
    ---------
    
    Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
  • fix(lint): remove unnecessary escape characters in regex patterns
    - doc-file-warning.js: \/ → / inside character classes (4 occurrences)
    - project-detect.js: \[ → [ inside character classes (2 occurrences)
    
    These are pre-existing no-useless-escape errors on upstream main.
  • feat: automatic project type and framework detection (#293)
    Add SessionStart hook integration that auto-detects project languages
    and frameworks by inspecting marker files and dependency manifests.
    
    Supports 12 languages (Python, TypeScript, Go, Rust, Ruby, Java, C#,
    Swift, Kotlin, Elixir, PHP, JavaScript) and 25+ frameworks (Next.js,
    React, Django, FastAPI, Rails, Laravel, Spring, etc.).
    
    Detection output is injected into Claude's context as JSON, enabling
    context-aware recommendations without loading irrelevant rules.
    
    - New: scripts/lib/project-detect.js (cross-platform detection library)
    - Modified: scripts/hooks/session-start.js (integration)
    - New: tests/lib/project-detect.test.js (28 tests, all passing)
    
    Co-authored-by: Claude <noreply@anthropic.com>