Commit Graph

184 Commits

  • test: add 6 tests for command validation and session content verification
    - validate-commands: creates: line skipping, valid cross-refs, unclosed
      code blocks, valid workflow diagrams
    - session-end: backtick escaping in session files, tools/files in output
  • fix: use execFileSync with input option for Windows-compatible stdin tests
    Windows cmd.exe treats single quotes literally, so `echo '...' | node -e '...'`
    fails. Switched to execFileSync with the `input` option to pipe stdin data
    directly without shell quoting issues.
  • fix: add 7 missing commands to README, remove phantom /security entry
    Added: /python-review, /multi-plan, /multi-execute, /multi-backend,
    /multi-frontend, /multi-workflow, /pm2, /sessions
    Removed: /security (no matching command file; use security-review skill)
    Updated count: 24 → 31 commands
  • test: add regression tests for empty frontmatter field rejection
    Add 2 tests verifying validate-agents correctly rejects agents with
    empty model and empty tools values in YAML frontmatter.
  • fix: correct stale counts and broken paths across docs
    - .cursor/README.md: skills 30→37, commands ~28→31
    - .opencode/MIGRATION.md: fix rules paths (rules/ → rules/common/)
    - README.zh-CN.md: fix agent/skill/command counts
    - docs/ja-JP/README.md: fix agent/skill/command counts
  • fix: box() off-by-one alignment, add 5 tests for readStdinJson and box alignment
    - skill-create-output.js: fix top border being 1 char narrower than
      middle/bottom lines (width - title - 5 → width - title - 4)
    - Add box alignment regression test verifying all lines have equal width
    - Add 4 readStdinJson tests via subprocess (valid JSON, invalid JSON,
      empty stdin, nested objects) — last untested exported utility function
    - All 338 tests passing
  • fix: remove unused imports in test files (ESLint)
    - validators.test.js: remove unused execSync (only execFileSync used)
    - skill-create-output.test.js: remove unused path module
  • fix: add word boundary to dev server hook regex, fix box() crash, add 27 tests
    - hooks.json: add \b word boundary anchors to dev server blocking regex
      to prevent false positives matching "npm run develop", "npm run devtools" etc.
    - skill-create-output.js: guard box() horizontal repeat with Math.max(0, ...)
      to prevent RangeError when title exceeds container width
    - Add 13 tests for setup-package-manager.js CLI argument parsing
    - Add 14 tests for skill-create-output.js SkillCreateOutput class
    - All 333 tests passing
  • fix: set USERPROFILE in tests for Windows os.homedir() compatibility
    On Windows, os.homedir() uses USERPROFILE env var instead of HOME.
    Tests that override HOME to a temp dir must also set USERPROFILE for
    the session-manager, session-aliases, and session-start hook tests
    to find files in the correct directory.
  • fix: capture stderr in typecheck hook, add 13 tests for session-end and utils
    - post-edit-typecheck.js: capture both stdout and stderr from tsc
    - hooks.test.js: 7 extractSessionSummary tests (JSONL parsing, array content,
      malformed lines, empty transcript, long message truncation, env var fallback)
    - utils.test.js: 6 tests (replaceInFile g-flag behavior, string replace,
      capture groups, writeFile overwrite, unicode content)
    
    Total test count: 294 → 307
  • test: add 33 edge case tests for session-manager, session-aliases, and hooks
    - session-manager: CRLF handling, empty sections, multi-heading title, context
      extraction, notes/context detection, MB file size, uppercase ID rejection
    - session-aliases: missing timestamps sort, title search, createdAt preservation,
      whitespace-only path rejection, empty string title behavior
    - hooks: session-start isolated HOME, template vs real session injection,
      learned skills count, check-console-log passthrough
    
    Total test count: 261 → 294
  • test: add cross-reference validation tests for validate-commands
    - Add runValidatorWithDirs() helper for multi-constant overrides
    - Test broken command references (e.g., /nonexistent-cmd)
    - Test broken agent path references (e.g., agents/fake-agent.md)
    - Test fenced code block exclusion (refs inside ``` are skipped)
    - Test broken workflow agent references (e.g., planner -> ghost-agent)
    - Total tests: 261 → 287 (+26)
  • fix: add event type enum to hooks schema and avoid shared RegExp state
    - hooks.schema.json: add enum constraint for hook event types
      (PreToolUse, PostToolUse, PreCompact, SessionStart, SessionEnd,
      Stop, Notification, SubagentStop) — enables IDE autocompletion
      and compile-time validation
    - utils.js countInFile: always create fresh RegExp to avoid shared
      lastIndex state when reusing global regex instances
    - README: update AgentShield stats (751 tests, 73 rules)
  • fix: broken cross-references, version sync, and enhanced command validator
    - Fix /build-and-fix → /build-fix in tdd.md, plan.md (+ cursor, zh-CN)
    - Fix non-existent explorer agent → planner in orchestrate.md (+ cursor, zh-CN, zh-TW)
    - Fix /python-test → /tdd in python-review.md (+ cursor, zh-CN)
    - Sync package.json version from 1.0.0 to 1.4.1 to match plugin.json
    - Enhance validate-commands.js with cross-reference checking:
      command refs, agent path refs, skill dir refs, workflow diagrams
    - Strip fenced code blocks before scanning to avoid false positives
    - Skip hypothetical "Creates:" lines in evolve.md examples
    - Add 46 new tests (suggest-compact, session-manager, utils, hooks)
  • fix: skip code blocks in command cross-reference validation
    The validator was matching example/template content inside fenced code
    blocks as real cross-references, causing false positives for evolve.md
    (example /new-table command and debugger agent).
    
    - Strip ``` blocks before running cross-reference checks
    - Change evolve.md examples to use bold instead of backtick formatting
      for hypothetical outputs
    
    All 261 tests pass.
  • feat: add docker-patterns skill for containerized development
    Docker Compose for local dev, networking, volume strategies, container
    security hardening, debugging commands, and anti-patterns.
    
    Complements the existing deployment-patterns skill which covers CI/CD
    and production Dockerfiles.
    
    Closes #121
  • fix: resolve symlinks in install.sh for npm/bun bin usage
    When installed via `npm install ecc-universal`, the `ecc-install` bin
    entry creates a symlink from the package manager's bin directory to
    install.sh. The old `$(dirname "$0")` resolved to the bin directory
    instead of the actual package directory, causing `cp` to fail with
    "cannot stat '.../rules/common/.'".
    
    Now follows the symlink chain with readlink before resolving SCRIPT_DIR.
    
    Fixes #199
  • fix: 3 bugs fixed, stdin encoding hardened, 37 CI validator tests added
    Bug fixes:
    - utils.js: glob-to-regex conversion now escapes all regex special chars
      (+, ^, $, |, (), {}, [], \) before converting * and ? wildcards
    - validate-hooks.js: escape sequence processing order corrected —
      \\\\ now processed before \\n and \\t to prevent double-processing
    - 6 hooks: added process.stdin.setEncoding('utf8') to prevent
      multi-byte UTF-8 character corruption at chunk boundaries
      (check-console-log, post-edit-format, post-edit-typecheck,
      post-edit-console-warn, session-end, evaluate-session)
    
    New tests (37):
    - CI validator test suite (tests/ci/validators.test.js):
      - validate-agents: 9 tests (real project, frontmatter parsing,
        BOM/CRLF, colons in values, missing fields, non-md skip)
      - validate-hooks: 13 tests (real project, invalid JSON, invalid
        event types, missing fields, async/timeout validation, inline JS
        syntax, array commands, legacy format)
      - validate-skills: 6 tests (real project, missing SKILL.md, empty
        files, non-directory entries)
      - validate-commands: 5 tests (real project, empty files, non-md skip)
      - validate-rules: 4 tests (real project, empty files)
    
    Total test count: 228 (up from 191)
  • refactor: slim down 4 remaining oversized agents (73% reduction)
    - go-build-resolver: 368 -> 94 lines (-74%), references golang-patterns skill
    - refactor-cleaner: 306 -> 85 lines (-72%), removed project-specific rules & templates
    - tdd-guide: 280 -> 80 lines (-71%), references tdd-workflow skill
    - go-reviewer: 267 -> 76 lines (-72%), references golang-patterns skill
    
    Combined with prior round: 10 agents optimized, 3,710 lines saved total.
    All agents now under 225 lines. Largest: code-reviewer (224).
  • fix: 2 bugs fixed, 17 tests added for hook scripts
    Bug fixes:
    - evaluate-session.js: whitespace-tolerant regex for counting user
      messages in JSONL transcripts (/"type":"user"/ → /"type"\s*:\s*"user"/)
    - session-end.js: guard against null elements in content arrays
      (c.text → (c && c.text) to prevent TypeError)
    
    New tests (17):
    - evaluate-session: whitespace JSON regression test
    - session-end: null content array elements regression test
    - post-edit-console-warn: 5 tests (warn, skip non-JS, clean files,
      missing file, stdout passthrough)
    - post-edit-format: 3 tests (empty stdin, non-JS skip, invalid JSON)
    - post-edit-typecheck: 4 tests (empty stdin, non-TS skip, missing file,
      no tsconfig)
    
    Total test count: 191 (up from 164)
  • fix: use tests/run-all.js in npm test to avoid test file drift
    The package.json test script listed individual test files, which fell
    out of sync when session-manager.test.js and session-aliases.test.js
    were added to tests/run-all.js but not to package.json. Now npm test
    delegates to run-all.js so new test files are automatically included.
  • test: add 13 tests for package-manager.js untested functions
    - setProjectPackageManager: creates config, rejects unknown PM
    - setPreferredPackageManager: rejects unknown PM
    - detectFromPackageJson: invalid JSON, unknown PM name
    - getExecCommand: without args
    - getRunCommand: build, dev, and custom scripts
    - DETECTION_PRIORITY: order verification
    - getCommandPattern: install and custom action patterns
    
    Total tests: 164 → 177
  • fix: add async/timeout to hooks schema and validate in CI
    - hooks.schema.json: add async (boolean) and timeout (number) properties
      to hookItem definition, matching fields used in hooks.json
    - validate-hooks.js: validate async and timeout types when present
    - hooks.test.js: add SessionEnd to required event types check
  • fix: Windows path support, error handling, and dedup in validators
    - session-manager.js: fix getSessionStats path detection to handle
      Windows paths (C:\...) in addition to Unix paths (/)
    - package-manager.js: add try-catch to setPreferredPackageManager for
      consistent error handling with setProjectPackageManager
    - validate-hooks.js: extract duplicated hook entry validation into
      reusable validateHookEntry() helper
    - Update .d.ts JSDoc for both fixes
  • fix: 6 bugs fixed, 67 tests added for session-manager and session-aliases
    Bug fixes:
    - utils.js: prevent duplicate 'g' flag in countInFile regex construction
    - validate-agents.js: handle CRLF line endings in frontmatter parsing
    - validate-hooks.js: handle \t and \\ escape sequences in inline JS validation
    - session-aliases.js: prevent NaN in date sort when timestamps are missing
    - session-aliases.js: persist rollback on rename failure instead of silent loss
    - session-manager.js: require absolute paths in getSessionStats to prevent
      content strings ending with .tmp from being treated as file paths
    
    New tests (164 total, up from 97):
    - session-manager.test.js: 27 tests covering parseSessionFilename,
      parseSessionMetadata, getSessionStats, CRUD operations, getSessionSize,
      getSessionTitle, edge cases (null input, non-existent files, directories)
    - session-aliases.test.js: 40 tests covering loadAliases (corrupted JSON,
      invalid structure), setAlias (validation, reserved names), resolveAlias,
      listAliases (sort, search, limit), deleteAlias, renameAlias, updateAliasTitle,
      resolveSessionAlias, getAliasesForSession, cleanupAliases, atomic write
    
    Also includes hook-generated improvements:
    - utils.d.ts: document that readStdinJson never rejects
    - session-aliases.d.ts: fix updateAliasTitle type to accept null
    - package-manager.js: add try-catch to setProjectPackageManager writeFile
  • refactor: move embedded patterns from agents to skills (#174)
    Reduces the 6 largest agent prompts by 79-87%, saving ~2,800 lines
    that loaded into subagent context on every invocation.
    
    Changes:
    - e2e-runner.md: 797 → 107 lines (-87%)
    - database-reviewer.md: 654 → 91 lines (-86%)
    - security-reviewer.md: 545 → 108 lines (-80%)
    - build-error-resolver.md: 532 → 114 lines (-79%)
    - doc-updater.md: 452 → 107 lines (-76%)
    - python-reviewer.md: 469 → 98 lines (-79%)
    
    Patterns moved to on-demand skills (loaded only when referenced):
    - New: skills/e2e-testing/SKILL.md (Playwright patterns, POM, CI/CD)
    - Existing: postgres-patterns, security-review, python-patterns
  • fix: handle Windows EOF error in large-input hook test
    Windows pipes raise EOF instead of EPIPE when the child process
    exits before stdin finishes flushing. Added EOF to the ignored
    error codes in runHookWithInput.
  • docs: enhance 5 thin commands and add Rust API example
    Commands enhanced with multi-language support, error recovery strategies,
    and structured step-by-step workflows:
    - build-fix: build system detection table, fix loop, recovery strategies
    - test-coverage: framework detection, test generation rules, before/after report
    - refactor-clean: safety tiers (SAFE/CAUTION/DANGER), multi-language tools
    - update-codemaps: codemap format spec, diff detection, metadata headers
    - update-docs: source-of-truth mapping, staleness checks, generated markers
    
    New example:
    - rust-api-CLAUDE.md: Axum + SQLx + PostgreSQL with layered architecture,
      thiserror patterns, compile-time SQL verification, integration test examples
  • docs: add token optimization guide with recommended settings (#175)
    Adds a comprehensive Token Optimization section to the README with:
    - Recommended settings (model, MAX_THINKING_TOKENS, AUTOCOMPACT_PCT)
    - Daily workflow commands table (/model, /clear, /compact, /cost)
    - Strategic compaction guidance (when to compact vs not)
    - Context window management (MCP tool description costs)
    - Agent Teams cost warning
  • fix: add global ignores to ESLint config for dist and cursor dirs
    Prevent ESLint from parsing .opencode/dist/ (ES modules with
    sourceType: commonjs mismatch) and .cursor/ (duplicated files).
    Uses flat config global ignores pattern (standalone ignores object).
  • fix: pass transcript_path via stdin JSON in integration tests (#209)
    Integration tests were still passing CLAUDE_TRANSCRIPT_PATH as an env
    var, but evaluate-session.js now reads transcript_path from stdin JSON.
    Also improves strategic-compact skill with decision guide and survival table.
  • docs: add 'When to Activate' sections to 14 skill definitions
    Add activation triggers to skills that were missing them, helping
    Claude Code determine when to load each skill contextually.
  • fix: migrate hooks to stdin JSON input, fix duplicate main() calls, add threshold validation
    - Migrate session-end.js and evaluate-session.js from CLAUDE_TRANSCRIPT_PATH
      env var to stdin JSON transcript_path (correct hook input mechanism)
    - Remove duplicate main() calls that ran before stdin was read, causing
      session files to be created with empty data
    - Add range validation (1-10000) on COMPACT_THRESHOLD in suggest-compact.js
      to prevent negative or absurdly large thresholds
    - Add integration/hooks.test.js to tests/run-all.js so CI runs all 97 tests
    - Update evaluate-session.sh to parse transcript_path from stdin JSON
    - Update hooks.test.js to pass transcript_path via stdin instead of env var
    - Sync .cursor/ copies
  • fix: remove unused fs imports in 3 hook scripts
    readFile utility replaced direct fs usage but the imports weren't
    removed, causing ESLint no-unused-vars failures in CI.
  • fix: use readFile utility in hooks and add pattern type safety
    - Replace raw fs.readFileSync with readFile() from utils in
      check-console-log.js and post-edit-console-warn.js to eliminate
      TOCTOU race conditions (file deleted between existsSync and read)
    - Remove redundant existsSync in post-edit-format.js (exec already
      handles missing files via its catch block)
    - Resolve path upfront in post-edit-typecheck.js before tsconfig walk
    - Add type guard in getGitModifiedFiles() to skip non-string and
      empty patterns before regex compilation
  • feat: add 3 new skills, JS syntax validation in hooks CI, and edge case tests
    - New skills: api-design, database-migrations, deployment-patterns
    - validate-hooks.js: validate inline JS syntax in node -e hook commands
    - utils.test.js: edge case tests for findFiles with null/undefined inputs
    - README: update skill count to 35, add new skills to directory tree
  • fix: harden utils.js edge cases and add input validation
    - Guard findFiles() against null/undefined dir and pattern parameters
      (previously crashed with TypeError on .replace() or fs.existsSync())
    - Wrap countInFile() and grepFile() regex construction in try-catch to
      handle invalid regex strings like '(unclosed' (previously crashed with
      SyntaxError: Invalid regular expression)
    - Add try-catch to replaceInFile() with descriptive error logging
    - Add 1MB size limit to readStdinJson() matching the PostToolUse hooks
      (previously had unbounded stdin accumulation)
    - Improve ensureDir() error message to include the directory path
    - Add 128-char length limit to setAlias() to prevent oversized alias
      names from inflating the JSON store
    - Update utils.d.ts with new maxSize option on ReadStdinJsonOptions
  • fix: add try-catch to inline hooks, fix schema drift
    - Wrap JSON.parse in try-catch for all 6 inline hooks in hooks.json
      (dev-server blocker, tmux reminder, git-push reminder, doc blocker,
      PR create logger, build analysis) — previously unguarded JSON.parse
      would crash on empty/malformed stdin, preventing data passthrough
    - Add config parse error logging to evaluate-session.js
    - Fix plugin.schema.json: author can be string or {name,url} object,
      add version (semver pattern), homepage, keywords, skills, agents
    - Fix package-manager.schema.json: add setAt (date-time) field and
      make packageManager required to match actual code behavior