|
1 | 1 | # CodeForge Devcontainer Changelog |
2 | 2 |
|
3 | | -## [v1.13.0] - 2026-02-21 |
| 3 | +## [v1.14.0] - 2026-02-24 |
| 4 | + |
| 5 | +### Fixed (CodeRabbit review) |
| 6 | +- **chromaterm/install.sh** — username auto-detection now resets to empty before candidate loop, so `${USERNAME:-root}` fallback works correctly |
| 7 | +- **biome/install.sh** — nvm.sh sourcing wrapped in `set +u` / `set -u` to prevent unbound variable abort under `set -euo pipefail` |
| 8 | +- **setup.js** — `ccstatusline-settings.json` added to DEFAULT_PRESERVE so user customizations survive `--force` package updates |
| 9 | +- **docs agent-system.md** — spec-writer moved from Full-Access to Read-Only agents table (matches its `permissionMode: plan` definition) |
| 10 | +- **guard-readonly-bash.py** — docstring corrected from "Returns JSON on stdout" to "Outputs block reason to stderr" |
| 11 | +- **git-forensics/SKILL.md** — misleading "Blame through renames" comment fixed to "Show patch history through renames" |
| 12 | + |
| 13 | +### Added |
| 14 | + |
| 15 | +#### Nuclear Workspace Scope Enforcement |
| 16 | +- **Blacklist system** — `/workspaces/.devcontainer/` permanently blocked for ALL operations (read, write, bash). Checked before allowlist, scope check, and cwd bypass. Cannot be overridden, even from workspace root |
| 17 | +- **Bash enforcement** — two-layer detection in `guard-workspace-scope.py`: |
| 18 | + - Layer 1: 20+ regex patterns extract write targets (`>`, `tee`, `cp`, `mv`, `touch`, `mkdir`, `rm`, `ln`, `rsync`, `chmod`, `chown`, `dd`, `wget -O`, `curl -o`, `tar -C`, `unzip -d`, `gcc -o`, `sqlite3`). System command exemption only when ALL targets resolve to system paths |
| 19 | + - Layer 2: regex scans entire command for any `/workspaces/` path string — catches inline scripts, variable assignments, quoted paths. No exemptions, always runs |
| 20 | +- **CWD context injector** (`inject-workspace-cwd.py`) — fires on SessionStart, UserPromptSubmit, PreToolUse, SubagentStart to reinforce working directory scope |
| 21 | +- **Fail-closed error handling** — JSON parse errors, exceptions, and unknown tools now exit 2 (block) instead of exit 0 (allow) |
| 22 | + |
| 23 | +#### Agent System Enhancements |
| 24 | +- **`task-completed-check.py`** — quality gate hook (TaskCompleted) runs test suite before allowing task completion |
| 25 | +- **`teammate-idle-check.py`** — quality gate hook (TeammateIdle) prevents teammates from going idle with incomplete tasks |
| 26 | +- **`skills/debug/SKILL.md`** — structured log investigation skill replacing the old `/debug` slash command |
| 27 | +- **`permissionMode`** declared on all 17 agent definitions (plan for read-only, default for write-capable) |
| 28 | +- **Agent-system README** — full plugin documentation with hook lifecycle, agent table, quality gates |
| 29 | + |
| 30 | +#### Skill Engine Enhancements |
| 31 | +- **6 new skill matchers** in `skill-suggester.py`: `spec-check`, `spec-init`, `spec-new`, `spec-refine`, `spec-update`, `team` |
| 32 | +- **Team skill expanded** (v0.2.0) — quality gate hooks, plan approval workflow, keyboard shortcuts, use case examples, best practices, limitations |
| 33 | +- **Skill-engine README** — full plugin documentation |
| 34 | + |
| 35 | +#### New Features |
| 36 | +- **chromaterm** — terminal output colorizer via ChromaTerm2 YAML rules |
| 37 | +- **kitty-terminfo** — xterm-kitty terminfo for Kitty terminal compatibility |
| 38 | + |
| 39 | +#### Documentation Site |
| 40 | +- **Astro/Starlight docs** (`docs/`) — full documentation portal with getting-started guides, plugin reference (12 pages), feature docs, customization, and API reference |
| 41 | +- **GitHub Actions** — `deploy-docs.yml` (docs deployment), `publish-features.yml` (GHCR feature publishing), `release.yml` (release workflow) |
| 42 | +- **Logos** — CodeForgeLogo.png, CodeForgeLogoTr.png, github-avatar.png |
| 43 | + |
| 44 | +#### Plugin Installation Documentation |
| 45 | +- **Remote install instructions** added to all 11 plugin READMEs — "From GitHub" section with clone + enabledPlugins setup from `https://github.com/AnExiledDev/CodeForge` |
| 46 | +- **GHCR feature paths** — features README updated with `ghcr.io/anexileddev/codeforge/<feature-name>:<version>` and devcontainer.json usage examples |
| 47 | +- **READMEs added** to session-context, skill-engine, spec-workflow plugins |
| 48 | +- **Install sections added** to workspace-scope-guard, codeforge-lsp, dangerous-command-blocker, protected-files-guard, notify-hook, ticket-workflow |
| 49 | + |
| 50 | +#### Other |
| 51 | +- **Marketplace metadata** — `marketplace.json` restructured with `metadata` object, `pluginRoot`, and `keywords` arrays for all plugins |
| 52 | +- **Port forwarding** for Claude Dashboard (port 7847) in devcontainer.json |
| 53 | +- **ChromaTerm wrapper** in setup-aliases.sh — `cc`/`claude`/`ccw` aliases pipe through `ct` when available |
| 54 | +- **`package.json` scripts** — added `prepublishOnly`, `docs:dev`, `docs:build`, `docs:preview` |
| 55 | + |
| 56 | +#### ccstatusline Config Externalization |
| 57 | +- **Widget config extracted** from inline `jq -n` generation in `install.sh` into `config/defaults/ccstatusline-settings.json` — editable JSON file, single source of truth |
| 58 | +- **File-manifest deployment** — two new entries deploy the config to `~/.config/ccstatusline/settings.json` (if-changed) and `/usr/local/share/ccstatusline/settings.template.json` (always) |
| 59 | +- **`${HOME}` variable expansion** added to `setup-config.sh` — enables manifest entries targeting user home directory paths |
| 60 | + |
| 61 | +#### Development Rules |
| 62 | +- **CLAUDE.md** (project root) — added changelog and documentation update rules: all changes must have a changelog entry and update relevant docs |
| 63 | + |
| 64 | +### Changed |
| 65 | + |
| 66 | +#### ccstatusline Feature |
| 67 | +- `install.sh` simplified — removed ~90 lines of inline JSON config generation, validation, and template creation. Config deployment now handled by file-manifest system |
| 68 | + |
| 69 | +#### Workspace Scope Guard |
| 70 | +- Reads (Read, Glob, Grep) now **hard-blocked** outside scope — upgraded from warning (exit 0) to block (exit 2) |
| 71 | +- Allowlist trimmed to `/workspaces/.claude/` and `/tmp/` only — removed `/workspaces/.devcontainer/`, `/workspaces/.tmp/`, `/home/vscode/` |
| 72 | +- Hook timeout increased from 5s to 10s |
| 73 | +- Matcher expanded to include Bash tool |
| 74 | + |
| 75 | +#### Hook Output Schema Migration |
| 76 | +- All hooks migrated to `hookSpecificOutput` wrapper with explicit `hookEventName` |
| 77 | +- `commit-reminder.py` — upgraded from advisory to blocking (`decision: block`) |
| 78 | +- `spec-reminder.py` — upgraded from advisory to blocking (`decision: block`) |
| 79 | +- `advisory-test-runner.py` — test failures now block with `decision: block`; passes/timeouts use `systemMessage` |
| 80 | +- `ticket-linker.py` — output wrapped in `hookSpecificOutput` |
| 81 | +- `git-state-injector.py`, `todo-harvester.py` — output wrapped in `hookSpecificOutput` |
| 82 | + |
| 83 | +#### Ticket Workflow |
| 84 | +- Migrated from slash commands to skill-based approach — 4 slash commands and system-prompt.md replaced by skills directory |
4 | 85 |
|
5 | | -Claude Code is an idiot sandwich and ignored my instructions and workspace scope because it's a god damned idiot. |
| 86 | +#### Skill Definitions |
| 87 | +- All 21+ SKILL.md files rewritten with USE WHEN / DO NOT USE guidance, action-oriented descriptions, bumped to v0.2.0 |
| 88 | +- `skill-suggester.py` keyword maps overhauled with natural phrases and concrete identifiers |
| 89 | +- Skill suggestion output changed to mandatory directive format |
| 90 | +- SubagentStart hook removed — suggestions now fire on UserPromptSubmit only |
| 91 | + |
| 92 | +#### Error Output |
| 93 | +- `block-dangerous.py` — errors now written to stderr (was JSON on stdout) |
| 94 | +- `guard-protected.py`, `guard-protected-bash.py` — errors now written to stderr |
| 95 | + |
| 96 | +#### Features |
| 97 | +- `ccstatusline` — compact 3-line layout (was 8-line), `rawValue: true` on token widgets |
| 98 | +- `claude-session-dashboard` — default port 3000 → 7847, `--host 0.0.0.0` for external access |
| 99 | +- `ccms` — build cache moved from `.devcontainer/.build-cache/` to `${TMPDIR:-/tmp}/ccms-build-cache` |
| 100 | + |
| 101 | +#### Configuration |
| 102 | +- `CLAUDE.md` (devcontainer) — condensed from ~308 to ~90 lines, removed redundant sections |
| 103 | +- `spec-workflow.md` rule — condensed, defers to system prompt `<specification_management>` section |
| 104 | +- `main-system-prompt.md` — expanded Agent Teams guidance: file ownership, task sizing, quality gate hooks, plan approval |
| 105 | +- Plugin `plugin.json` files — `version` field removed across all plugins |
| 106 | + |
| 107 | +### Fixed |
| 108 | +- Stale references to deleted features (mcp-reasoner, splitrail, claude-code) removed from docs |
| 109 | +- Documentation counts updated (features: 21, agents: 17, skills: 34) |
| 110 | +- Version mismatch in README.md corrected |
| 111 | +- Auto-formatter/auto-linter references consolidated to auto-code-quality throughout |
| 112 | +- Code-directive plugin references updated to agent-system, skill-engine, spec-workflow |
| 113 | +- Personal project paths removed from .gitignore and .npmignore |
| 114 | +- setup.js stale feature references fixed (Reasoner MCP, Go → Rust) |
| 115 | +- `.secrets` added to .npmignore for npm publish safety |
| 116 | +- Duplicate "### Fixed" header in v1.5.3 changelog entry |
| 117 | +- NVM sourcing added to biome install script |
| 118 | +- Cleanup trap added to shellcheck install script |
| 119 | + |
| 120 | +### Removed |
| 121 | +- **`auto-formatter` plugin** — deleted entirely (consolidated into auto-code-quality) |
| 122 | +- **`auto-linter` plugin** — deleted entirely (consolidated into auto-code-quality) |
| 123 | +- **`/debug` slash command** from agent-system (replaced by debug skill) |
| 124 | +- **4 ticket-workflow slash commands** (`ticket:new`, `ticket:work`, `ticket:review-commit`, `ticket:create-pr`) and `system-prompt.md` (replaced by skills) |
| 125 | +- **Optional features docs** for mcp-reasoner and splitrail (features no longer exist) |
| 126 | +- **SubagentStart hook** from skill-engine (suggestion now UserPromptSubmit only) |
| 127 | + |
| 128 | +--- |
| 129 | + |
| 130 | +## [v1.13.0] - 2026-02-21 |
6 | 131 |
|
7 | 132 | ### Fixed |
8 | 133 |
|
@@ -488,8 +613,6 @@ Claude Code is an idiot sandwich and ignored my instructions and workspace scope |
488 | 613 | - **ccstatusline powerline glyphs**: Powerline separators/caps were empty strings, rendering as underscores. Now uses proper Nerd Font glyphs (U+E0B0, U+E0B4, U+E0B6) |
489 | 614 | - **Unicode rendering in external terminals**: tmux rendered ALL Unicode as underscores because `docker exec` doesn't propagate locale vars. External terminal scripts now pass `LANG`/`LC_ALL=en_US.UTF-8` and use `tmux -u` to force UTF-8 mode. Locale exports also added to `.bashrc`/`.zshrc` as permanent fallback |
490 | 615 |
|
491 | | -### Fixed |
492 | | - |
493 | 616 | - **cc/claude aliases**: Converted from shell functions to simple aliases — functions were not reliably invoked across shell contexts (tmux, docker exec, external terminals), causing Claude to launch without config |
494 | 617 | - **CLAUDE_CONFIG_DIR export**: Now exported in `.bashrc`/`.zshrc` directly, so credentials are found in all shells (not just VS Code terminals where `remoteEnv` applies) |
495 | 618 |
|
|
0 commit comments