Commit Graph

778 Commits

  • Apply suggestions from code review
    Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
  • Apply suggestions from code review
    Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
  • Merge pull request #762 from affaan-m/feat/ecc2-tui-scaffold
    feat: ECC 2.0 — Rust TUI agentic IDE control plane
  • feat: scaffold ECC 2.0 Rust TUI — agentic IDE control plane
    Initial scaffold for ECC 2.0, a terminal-native agentic IDE built with
    Ratatui. Compiles to a 3.4MB single binary.
    
    Core modules:
    - Session manager with SQLite-backed state store
    - TUI dashboard with split-pane layout (sessions, output, metrics)
    - Worktree orchestration (auto-create per agent session)
    - Observability with tool call risk scoring
    - Inter-agent communication via SQLite mailbox
    - Background daemon with heartbeat monitoring
    - CLI with start/stop/sessions/status/daemon subcommands
    
    Tech stack: Rust + Ratatui + Crossterm + Tokio + rusqlite + git2 + clap
  • feat: add 6 gap-closing skills — browser QA, design system, product lens, canary watch, benchmark, safety guard
    Closes competitive gaps with gstack:
    - browser-qa: automated visual testing via browser MCP
    - design-system: generate, audit, and detect AI slop in UI
    - product-lens: product diagnostic, founder review, feature prioritization
    - canary-watch: post-deploy monitoring with alert thresholds
    - benchmark: performance baseline and regression detection
    - safety-guard: prevent destructive operations in autonomous sessions
  • fix(commands): replace py_compile with compileall in build-fix (#804)
    py_compile requires explicit filenames and exits with status 2 when
    invoked without them. compileall -q . recursively validates Python
    syntax across the entire project, which is what the build-fix
    command actually needs.
    
    Fixes #759
  • fix: add antigravity to platform-configs targets
    Fixes #813. The platform-configs module was missing antigravity from its
    targets array, causing all 13+ dependent modules to be skipped when
    installing with --target antigravity --profile full.
  • feat(skills): add skill-comply — automated behavioral compliance measurement (#724)
    * feat(skills): add skill-comply — automated behavioral compliance measurement
    
    Automated compliance measurement for skills, rules, and agent definitions.
    Generates behavioral specs, runs scenarios at 3 strictness levels,
    classifies tool calls via LLM, and produces self-contained reports.
    
    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
    
    * fix(skill-comply): address bot review feedback
    
    - AGENTS.md: fix stale skill count (115 → 117) in project structure
    - run.py: replace remaining print() with logger, add zero-division guard,
      create parent dirs for --output path
    - runner.py: add returncode check for claude subprocess, clarify
      relative_to path traversal validation
    - parser.py: use is_file() instead of exists(), catch KeyError for
      missing trace fields, add file check in parse_spec
    - classifier.py: log warnings on malformed classification output,
      guard against non-dict JSON responses
    - grader.py: filter negative indices from LLM classification
    
    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
    
    ---------
    
    Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
  • docs: add ECC 2.0 reference architecture from competitor research
    Summarizes patterns from superset-sh/superset (Electron, 7.7K stars),
    standardagents/dmux (Ink TUI, 1.2K stars), and others. Defines the
    three-layer architecture (daemon + runtime + TUI) and patterns to adopt.
  • feat(skills): add santa-method - multi-agent adversarial verification (#760)
    * feat(skills): add santa-method
    
    Multi-agent adversarial verification with convergence loop. Two independent review agents evaluate output against a shared rubric. Both must pass before shipping. Includes architecture diagram, implementation patterns (subagent, inline, batch sampling), domain-specific rubric extensions, failure mode mitigations, and integration guidance with existing ECC skills.
    
    * Enhance SKILL.md with detailed Santa Method documentation
    
    Expanded the SKILL.md documentation for the Santa Method, detailing architecture, phases, implementation patterns, failure modes, integration with other skills, metrics, and cost analysis.
  • feat: pending instinct TTL pruning and /prune command (#725)
    * feat: add pending instinct TTL pruning and /prune command
    
    Pending instincts generated by the observer accumulate indefinitely
    with no cleanup mechanism. This adds lifecycle management:
    
    - `instinct-cli.py prune` — delete pending instincts older than 30 days
      (configurable via --max-age). Supports --dry-run and --quiet flags.
    - Enhanced `status` command — shows pending count, warns at 5+,
      highlights instincts expiring within 7 days.
    - `observer-loop.sh` — runs prune before each analysis cycle.
    - `/prune` slash command — user-facing command for manual pruning.
    
    Design rationale: council consensus (4/4) rejected auto-promote in
    favor of TTL-based garbage collection. Frequency of observation does
    not establish correctness. Unreviewed pending instincts auto-delete
    after 30 days; if the pattern is real, the observer will regenerate it.
    
    Generated with [Claude Code](https://claude.ai/code)
    via [Happy](https://happy.engineering)
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    Co-Authored-By: Happy <yesreply@happy.engineering>
    
    * fix: remove duplicate functions, broaden extension filter, fix prune output
    
    - Remove duplicate _collect_pending_dirs and _parse_created_date defs
    - Use ALLOWED_INSTINCT_EXTENSIONS (.md/.yaml/.yml) instead of .md-only
    - Track actually-deleted items separately from expired for accurate output
    - Update README.md and AGENTS.md command counts: 59 → 60
    
    Generated with [Claude Code](https://claude.ai/code)
    via [Happy](https://happy.engineering)
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    Co-Authored-By: Happy <yesreply@happy.engineering>
    
    * fix: address Copilot and CodeRabbit review findings
    
    - Use is_dir() instead of exists() for pending path checks
    - Change > to >= for --max-age boundary (--max-age 0 now prunes all)
    - Use CLV2_PYTHON_CMD env var in observer-loop.sh prune call
    - Remove unused source_dupes variable
    - Remove extraneous f-string prefix on static string
    
    Generated with [Claude Code](https://claude.ai/code)
    via [Happy](https://happy.engineering)
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    Co-Authored-By: Happy <yesreply@happy.engineering>
    
    * fix: update AGENTS.md project structure command count 59 → 60
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    
    * fix: address cubic and coderabbit review findings
    
    - Fix status early return skipping pending instinct warnings (cubic #1)
    - Exclude already-expired items from expiring-soon filter (cubic #2)
    - Warn on unparseable pending instinct age instead of silent skip (cubic #4)
    - Log prune failures to observer.log instead of silencing (cubic #5)
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    
    * fix: YAML single-quote unescaping, f-string cleanup, add /prune to README
    
    - Fix single-quoted YAML unescaping: use '' doubling (YAML spec) not
      backslash escaping which only applies to double-quoted strings (greptile P1)
    - Remove extraneous f-string prefix on static string (coderabbit)
    - Add /prune to README command catalog and file tree (cubic)
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    
    ---------
    
    Co-authored-by: Claude <noreply@anthropic.com>
    Co-authored-by: Happy <yesreply@happy.engineering>
  • feat: add click-path-audit skill — finds state interaction bugs (#729)
    New debugging skill that traces every button/touchpoint through its full
    state change sequence. Catches bugs where functions individually work but
    cancel each other out via shared state side effects.
    
    Covers 6 bug patterns:
    1. Sequential Undo — call B resets what call A just set
    2. Async Race — double-click bypasses state-based loading guards
    3. Stale Closure — useCallback captures old value
    4. Missing State Transition — handler doesn't do what label says
    5. Conditional Dead Path — condition always false, action unreachable
    6. useEffect Interference — effect undoes button action
    
    Battle-tested: found 48 bugs in a production React+Zustand app that
    systematic debugging (54 bugs found separately) completely missed.
  • feat(skills): add Kysely migration patterns to database-migrations (#731)
    * feat(skills): add Kysely migration patterns to database-migrations
    
    Add Kysely section covering kysely-ctl CLI workflow, migration file
    structure (up/down with Kysely<any>), and programmatic Migrator setup
    with FileMigrationProvider and allowUnorderedMigrations option.
    
    * fix(skills): address PR review feedback for Kysely migration patterns
    
    - Replace redundant email index with avatar_url index (unique already creates index)
    - Add ESM-compatible __dirname using import.meta.url
    - Comment out allowUnorderedMigrations with production safety warning
    - Add clarifying comment for db variable
    
    * fix(skills): fix migration filename mismatch and clarify ESM-only pattern
    
    - Rename migration file to create_user_profile to match actual content
    - Restructure ESM import pattern to be clearly ESM-only with CJS note
  • perf(hooks): move post-edit-format and post-edit-typecheck to strict-only (#757)
    * perf(hooks): move post-edit-format and post-edit-typecheck to strict-only
    
    These hooks fire synchronously on every Edit call with 15-30s timeouts
    each. During multi-file refactors this adds 5-10 minutes of overhead.
    
    Moving them from standard,strict to strict-only means they won't fire
    in the default profile but are still available for users who want the
    extra validation.
    
    Fixes #735
    
    * Also update OpenCode plugin to strict-only for format/typecheck
    
    The OpenCode plugin had the same standard,strict profile for
    post:edit:format and post:edit:typecheck, so OpenCode users on the
    default profile would still get the per-edit overhead.
  • feat(hooks): add config protection hook to block linter config manipulation (#758)
    * feat(hooks): add config protection hook to block linter config manipulation
    
    Agents frequently modify linter/formatter configs (.eslintrc, biome.json,
    .prettierrc, .ruff.toml, etc.) to make checks pass instead of fixing
    the actual code.
    
    This PreToolUse hook intercepts Write/Edit/MultiEdit calls targeting
    known config files and blocks them with a steering message that directs
    the agent to fix the source code instead.
    
    Covers: ESLint, Prettier, Biome, Ruff, ShellCheck, Stylelint, and
    Markdownlint configs.
    
    Fixes #733
    
    * Address review: fix dead code, add missing configs, export run()
    
    - Removed pyproject.toml from PROTECTED_FILES (was dead code since
      it was also in PARTIAL_CONFIG_FILES). Added comment explaining why
      it's intentionally excluded.
    - Removed PARTIAL_CONFIG_FILES entirely (no longer needed).
    - Added missing ESLint v9 TypeScript flat configs: eslint.config.ts,
      eslint.config.mts, eslint.config.cts
    - Added missing Prettier ESM config: prettier.config.mjs
    - Exported run() function for in-process execution via run-with-flags,
      avoiding the spawnSync overhead (~50-100ms per call).
    
    * Handle stdin truncation gracefully, log warning instead of fail-open
    
    If stdin exceeds 1MB, the JSON would be malformed and the catch
    block would silently pass through. Now we detect truncation and
    log a warning. The in-process run() path is not affected.
  • fix: safe Codex config sync — merge AGENTS.md + add-only MCP servers (#723)
    * fix: replace bash TOML surgery with Node add-only MCP merge
    
    The old sync script used awk/sed to remove and re-append MCP server
    sections in config.toml, causing credential extraction races, duplicate
    TOML tables, and 3 fragile code paths with 9 remove_section_inplace
    calls each.
    
    Replace with a Node script (scripts/codex/merge-mcp-config.js) that
    uses @iarna/toml to parse the config, then appends only missing ECC
    servers — preserving all existing content byte-for-byte. Warns on
    config drift, supports legacy aliases (context7 → context7-mcp), and
    adds --update-mcp flag for explicit refresh.
    
    Generated with [Claude Code](https://claude.ai/code)
    via [Happy](https://happy.engineering)
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    Co-Authored-By: Happy <yesreply@happy.engineering>
    
    * fix: address PR #723 review findings for Codex MCP merge
    
    - Use package-manager abstraction (scripts/lib/package-manager.js)
      instead of hardcoding pnpm — respects CLAUDE_PACKAGE_MANAGER,
      lock files, and project config
    - Add Yarn 1.x fallback to npx (yarn dlx unsupported in classic)
    - Add missing exa server to match .codex/config.toml baseline
    - Wire up findSubSections for --update-mcp nested subtable removal
      (fixes Greptile P1: Object.keys only returned top-level keys)
    - Fix resolvedLabel to prefer canonical entry over legacy alias
      when both exist (fixes context7/context7-mcp spurious warning)
    - Fix removeSectionFromText to handle inline TOML comments
    - Fix dry-run + --update-mcp to show removals before early return
    - Update README parity table: 4 → 7 servers, TOML-parser-based
    - Add non-npm install variants to README Codex quick start
    - Update package-lock.json for @iarna/toml
    
    Generated with [Claude Code](https://claude.ai/code)
    via [Happy](https://happy.engineering)
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    Co-Authored-By: Happy <yesreply@happy.engineering>
    
    * fix: address PR #723 review comments (preflight, marker validation)
    
    - Add Node.js and merge-mcp-config.js to preflight checks so the
      script fails fast before partial writes (CodeRabbit)
    - Validate marker counts: require exactly 1 BEGIN + 1 END in correct
      order for clean replacement (CodeRabbit)
    - Corrupted markers: strip all marker lines and re-append fresh block,
      preserving user content outside markers instead of overwriting
    - Move MCP_MERGE_SCRIPT to preflight section, remove duplicate
    
    Generated with [Claude Code](https://claude.ai/code)
    via [Happy](https://happy.engineering)
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    Co-Authored-By: Happy <yesreply@happy.engineering>
    
    ---------
    
    Co-authored-by: Claude <noreply@anthropic.com>
    Co-authored-by: Happy <yesreply@happy.engineering>
  • fix(install): add rust, cpp, csharp to legacy language alias map (#747)
    * fix(install): add rust, cpp, csharp to legacy language alias map
    
    The legacy installer compatibility layer in install-manifests.js was
    missing entries for rust, cpp, and csharp — languages that have
    rules/ directories and (for rust/cpp) install-components.json entries.
    
    Running `./install.sh rust` fails with "Unknown legacy language: rust"
    because LEGACY_LANGUAGE_ALIAS_TO_CANONICAL and
    LEGACY_LANGUAGE_EXTRA_MODULE_IDS didn't include these languages.
    
    Fixes the issue reported in #694 by @mpiton.
    
    Generated with [Claude Code](https://claude.ai/code)
    via [Happy](https://happy.engineering)
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    Co-Authored-By: Happy <yesreply@happy.engineering>
    
    * fix(install): complete csharp legacy support and add resolution tests
    
    - Add lang:csharp component to install-components.json with
      framework-language module (matching cpp/rust pattern)
    - Update csharp mapping in LEGACY_LANGUAGE_EXTRA_MODULE_IDS from
      empty array to ['framework-language']
    - Add end-to-end resolution tests for rust, cpp, and csharp verifying
      framework-language module is included in resolved moduleIds
    
    Addresses review feedback from Copilot, Greptile, CodeRabbit, and Cubic.
    
    Generated with [Claude Code](https://claude.ai/code)
    via [Happy](https://happy.engineering)
    
    Co-Authored-By: Claude <noreply@anthropic.com>
    Co-Authored-By: Happy <yesreply@happy.engineering>
    
    ---------
    
    Co-authored-by: Claude <noreply@anthropic.com>
    Co-authored-by: Happy <yesreply@happy.engineering>
  • Add Turkish (tr) docs and update README (#744)
    * Add Turkish (tr) docs and update README
    
    Add a full set of Turkish documentation under docs/tr (agents, changelog, CLAUDE guide, contributing, code of conduct, and many agents/commands/skills/rules files). Update README to include a link to the Turkish docs and increment the supported language count from 5 to 6. This commit adds localized guidance and references to help Turkish-speaking contributors and users.
    
    * Update docs/tr/TROUBLESHOOTING.md
    
    Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
    
    * Update docs/tr/README.md
    
    Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
    
    * docs(tr): fix license link and update readmes
    
    Update Turkish docs: change license badge link to point to repository root (../../LICENSE), increment displayed language count from 5 to 6, and remove two outdated related links from docs/tr/examples/README.md to keep references accurate.
    
    * Update docs/tr/commands/instinct-import.md
    
    Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
    
    * Update docs/tr/commands/checkpoint.md
    
    Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
    
    ---------
    
    Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
  • fix: bump plugin.json and marketplace.json to v1.9.0
    Both files were stuck at v1.8.0, blocking upgrades via claudepluginhub.
  • Update docs/pt-BR/commands/eval.md
    Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
  • Update docs/pt-BR/commands/plan.md
    Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
  • Update docs/pt-BR/commands/orchestrate.md
    Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
  • Update docs/pt-BR/agents/go-build-resolver.md
    Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
  • security: remove supply chain risks, external promotions, and unauthorized credits
    - Remove zenith.chat references and @DRodriguezFX shoutout from README
    - Remove Inspiration Credits section (already in CHANGELOG.md)
    - Remove awesome-agent-skills reference from Links
    - Remove Plankton H3 section by @alxfazio (skill stays in skills/)
    - Remove brand names (InsAIts, VideoDB, Evos) from v1.9.0 notes
    - Remove @ericcai0814 individual credit from README (kept in CHANGELOG)
    - Add Security Guide to Links section
    - Replace curl-pipe-to-bash in autonomous-loops with review warning
    - Replace git clone in plankton-code-quality with review warning
    - Replace pip install git+ in agent-eval with review warning
    - Replace npm install -g in dmux-workflows with review warning
    - Add commercial API notice to nutrient-document-processing
    - Remove VideoDB maintainer credit from videodb skill
    - Replace skill-creator.app link with ECC-Tools GitHub App reference
  • Update docs/pt-BR/commands/go-review.md
    Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
  • Update docs/pt-BR/commands/eval.md
    Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
  • Update docs/pt-BR/commands/plan.md
    Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
  • Merge pull request #728 from zdocapp/zh-CN-pr
    docs(zh-CN): sync Chinese docs with latest upstream changes