Fill all 568 missing translation keys in en_GB.json (765→1357 lines):
- 97 --help description keys (collect, ci, docs, dev, php, pkg, sdk, vm)
- 471 runtime keys (labels, errors, hints, progress, status messages)
- Add common.flag.follow, common.flag.tag, common.prompt.abort
Add completeness_test.go that scans all T() calls in source code and
verifies every cmd.*/common.* key exists using ModeStrict (panics on
missing). Catches translation gaps at test time instead of showing raw
keys in the CLI.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add security logging and fix framework regressions
This commit implements comprehensive security event logging and resolves critical regressions in the core framework.
Security Logging:
- Enhanced `pkg/log` with a `Security` level and helper.
- Added `log.Username()` to consistently identify the executing user.
- Instrumented GitHub CLI auth, Agentic configuration, filesystem sandbox, MCP handlers, and MCP TCP transport with security logs.
- Added `SecurityStyle` to the CLI for consistent visual representation of security events.
UniFi Security (CodeQL):
- Refactored `pkg/unifi` to remove hardcoded `InsecureSkipVerify`, resolving a high-severity alert.
- Added a `--verify-tls` flag and configuration option to control TLS verification.
- Updated command handlers to support the new verification parameter.
Framework Fixes:
- Restored original signatures for `MustServiceFor`, `Config()`, and `Display()` in `pkg/framework/core`, which had been corrupted during a merge.
- Fixed `pkg/framework/framework.go` and `pkg/framework/core/runtime_pkg.go` to match the restored signatures.
- These fixes resolve project-wide compilation errors caused by the signature mismatches.
I encountered significant blockers due to a corrupted state of the `dev` branch after a merge, which introduced breaking changes in the core framework's DI system. I had to manually reconcile these signatures with the expected usage across the codebase to restore build stability.
* feat(mcp): add RAG tools (query, ingest, collections)
Add vector database tools to the MCP server for RAG operations:
- rag_query: Search for relevant documentation using semantic similarity
- rag_ingest: Ingest files or directories into the vector database
- rag_collections: List available collections
Uses existing internal/cmd/rag exports (QueryDocs, IngestDirectory, IngestFile)
and pkg/rag for Qdrant client access. Default collection is "hostuk-docs"
with topK=5 for queries.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(mcp): add metrics tools (record, query)
Add MCP tools for recording and querying AI/security metrics events.
The metrics_record tool writes events to daily JSONL files, and the
metrics_query tool provides aggregated statistics by type, repo, and agent.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: add 'core mcp serve' command
Add CLI command to start the MCP server for AI tool integration.
- Create internal/cmd/mcpcmd package with serve subcommand
- Support --workspace flag for directory restriction
- Handle SIGINT/SIGTERM for clean shutdown
- Register in full.go build variant
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(ws): add WebSocket hub package for real-time streaming
Add pkg/ws package implementing a hub pattern for WebSocket connections:
- Hub manages client connections, broadcasts, and channel subscriptions
- Client struct represents connected WebSocket clients
- Message types: process_output, process_status, event, error, ping/pong
- Channel-based subscription system (subscribe/unsubscribe)
- SendProcessOutput and SendProcessStatus for process streaming integration
- Full test coverage including concurrency tests
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(mcp): add process management and WebSocket MCP tools
Add MCP tools for process management:
- process_start: Start a new external process
- process_stop: Gracefully stop a running process
- process_kill: Force kill a process
- process_list: List all managed processes
- process_output: Get captured process output
- process_input: Send input to process stdin
Add MCP tools for WebSocket:
- ws_start: Start WebSocket server for real-time streaming
- ws_info: Get hub statistics (clients, channels)
Update Service struct with optional process.Service and ws.Hub fields,
new WithProcessService and WithWSHub options, getter methods, and
Shutdown method for cleanup.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(webview): add browser automation package via Chrome DevTools Protocol
Add pkg/webview package for browser automation:
- webview.go: Main interface with Connect, Navigate, Click, Type, QuerySelector, Screenshot, Evaluate
- cdp.go: Chrome DevTools Protocol WebSocket client implementation
- actions.go: DOM action types (Click, Type, Hover, Scroll, etc.) and ActionSequence builder
- console.go: Console message capture and filtering with ConsoleWatcher and ExceptionWatcher
- angular.go: Angular-specific helpers for router navigation, component access, and Zone.js stability
Add MCP tools for webview:
- webview_connect/disconnect: Connection management
- webview_navigate: Page navigation
- webview_click/type/query/wait: DOM interaction
- webview_console: Console output capture
- webview_eval: JavaScript execution
- webview_screenshot: Screenshot capture
Add documentation:
- docs/mcp/angular-testing.md: Guide for Angular application testing
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* docs: document new packages and BugSETI application
- Update CLAUDE.md with documentation for:
- pkg/ws (WebSocket hub for real-time streaming)
- pkg/webview (Browser automation via CDP)
- pkg/mcp (MCP server tools: process, ws, webview)
- BugSETI application overview
- Add comprehensive README for BugSETI with:
- Installation and configuration guide
- Usage workflow documentation
- Architecture overview
- Contributing guidelines
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(bugseti): add BugSETI system tray app with auto-update
BugSETI - Distributed Bug Fixing like SETI@home but for code
Features:
- System tray app with Wails v3
- GitHub issue fetching with label filters
- Issue queue with priority management
- AI context seeding via seed-agent-developer skill
- Automated PR submission flow
- Stats tracking and leaderboard
- Cross-platform notifications
- Self-updating with stable/beta/nightly channels
Includes:
- cmd/bugseti: Main application with Angular frontend
- internal/bugseti: Core services (fetcher, queue, seeder, submit, config, stats, notify)
- internal/bugseti/updater: Auto-update system (checker, downloader, installer)
- .github/workflows/bugseti-release.yml: CI/CD for all platforms
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: resolve import cycle and code duplication
- Remove pkg/log import from pkg/io/local to break import cycle
(pkg/log/rotation.go imports pkg/io, creating circular dependency)
- Use stderr logging for security events in sandbox escape detection
- Remove unused sync/atomic import from core.go
- Fix duplicate LogSecurity function declarations in cli/log.go
- Update workspace/service.go Crypt() call to match interface
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: update tests for new function signatures and format code
- Update core_test.go: Config(), Display() now panic instead of returning error
- Update runtime_pkg_test.go: sr.Config() now panics instead of returning error
- Update MustServiceFor tests to use assert.Panics
- Format BugSETI, MCP tools, and webview packages with gofmt
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Snider <631881+Snider@users.noreply.github.com>
Co-authored-by: Claude <developers@lethean.io>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* docs: add configuration documentation to README
Added a new 'Configuration' section to README.md as per the
Documentation Audit Report (PR #209).
Included:
- Default configuration file location (~/.core/config.yaml)
- Configuration file format (YAML) with examples
- Layered configuration resolution order
- Environment variable mapping for config overrides (CORE_CONFIG_*)
- Common environment variables (CORE_DAEMON, NO_COLOR, MCP_ADDR, etc.)
* docs: add configuration documentation and fix CI/CD auto-merge
README.md:
- Added comprehensive 'Configuration' section as per audit report #209.
- Documented file format, location, and layered resolution order.
- Provided environment variable mapping rules and common examples.
.github/workflows/auto-merge.yml:
- Replaced broken reusable workflow with a local implementation.
- Added actions/checkout step to provide necessary Git context.
- Fixed 'not a git repository' error by providing explicit repo context
to the 'gh' CLI via the -R flag.
- Maintained existing bot trust and author association logic.
pkg/io/local/client.go:
- Fixed code formatting to ensure QA checks pass.
* docs: update environment variable description and fix merge conflict
- Refined the description of environment variable mapping to be more accurate,
clarifying that the prefix is stripped before conversion.
- Resolved merge conflict in .github/workflows/auto-merge.yml.
- Maintained the local auto-merge implementation to ensure Git context
for the 'gh' CLI.
* docs: configuration documentation, security fixes, and CI improvements
README.md:
- Added comprehensive 'Configuration' section as per audit report #209.
- Documented file format, location, and layered resolution order.
- Provided environment variable mapping rules and common examples.
- Added documentation for UniFi configuration options.
.github/workflows/auto-merge.yml:
- Replaced broken reusable workflow with a local implementation.
- Added actions/checkout step to provide necessary Git context.
- Fixed 'not a git repository' error by providing explicit repo context
to the 'gh' CLI via the -R flag.
pkg/unifi:
- Fixed security vulnerability (CodeQL) by making TLS verification
configurable instead of always skipped.
- Added 'unifi.insecure' config key and UNIFI_INSECURE env var.
- Updated New and NewFromConfig signatures to handle insecure flag.
internal/cmd/unifi:
- Added --insecure flag to 'config' command to skip TLS verification.
- Updated all UniFi subcommands to support the new configuration logic.
pkg/io/local/client.go:
- Fixed code formatting to ensure QA checks pass.
* docs: configuration documentation, tests, and CI/CD fixes
README.md:
- Added comprehensive 'Configuration' section as per audit report #209.
- Documented file format, location, and layered resolution order.
- Provided environment variable mapping rules and common examples.
- Documented UniFi configuration options.
pkg/unifi:
- Fixed security vulnerability by making TLS verification configurable.
- Added pkg/unifi/config_test.go and pkg/unifi/client_test.go to provide
unit test coverage for new and existing logic (satisfying Codecov).
.github/workflows/auto-merge.yml:
- Added actions/checkout@v4 to provide the required Git context for the
'gh' CLI, fixing 'not a git repository' errors.
pkg/framework/core/core.go:
- Fixed compilation errors in Workspace() and Crypt() methods due to
upstream changes in MustServiceFor() return signature.
- Added necessary error handling to pkg/workspace/service.go.
These changes ensure that the project documentation is up-to-date and that
the CI/CD pipeline is stable and secure.
* fix(i18n): add British English verb forms and fix locale-dependent tests
- Add British English spellings for verbs: format, analyse, organise,
recognise, realise, customise, optimise, initialise, synchronise
- Clear LANG/LC_ALL/LC_MESSAGES env vars in tests to ensure consistent
en-GB fallback behavior regardless of system locale
- Fixes qa test failures on systems with en_US locale
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* style: gofmt types.go
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude <developers@lethean.io>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* Remove StrictHostKeyChecking=no and implement proper host key verification
This commit addresses security concerns from the OWASP audit by enforcing
strict host key verification for all SSH and SCP commands.
Key changes:
- Replaced StrictHostKeyChecking=accept-new with yes in pkg/container and pkg/devops.
- Removed insecure host key verification from pkg/ansible SSH client.
- Implemented a synchronous host key discovery mechanism during VM boot
using ssh-keyscan to populate ~/.core/known_hosts.
- Updated the devops Boot lifecycle to wait until the host key is verified.
- Ensured pkg/ansible correctly handles missing known_hosts files.
- Refactored hardcoded SSH port 2222 to a package constant DefaultSSHPort.
- Added CORE_SKIP_SSH_SCAN environment variable for test environments.
* Remove StrictHostKeyChecking=no and implement proper host key verification
Addresses security concerns from OWASP audit by enforcing strict host key
verification.
Changes:
- Replaced StrictHostKeyChecking=accept-new with yes in pkg/container and devops.
- Removed insecure host key verification from pkg/ansible.
- Added synchronous host key discovery using ssh-keyscan during VM boot.
- Updated Boot lifecycle to wait for host key verification.
- Handled missing known_hosts file in pkg/ansible.
- Refactored hardcoded SSH port to DefaultSSHPort constant.
- Fixed formatting issues identified by QA check.
* Secure SSH commands and fix auto-merge CI failure
Addresses OWASP security audit by enforcing strict host key verification
and fixes a CI failure in the auto-merge workflow.
Key changes:
- Replaced StrictHostKeyChecking=accept-new with yes in pkg/container and pkg/devops.
- Removed insecure host key verification from pkg/ansible.
- Implemented synchronous host key discovery using ssh-keyscan during VM boot.
- Handled missing known_hosts file in pkg/ansible.
- Refactored hardcoded SSH port to DefaultSSHPort constant.
- Added pkg/ansible/ssh_test.go to verify SSH client initialization.
- Fixed formatting in pkg/io/local/client.go.
- Fixed auto-merge.yml by inlining the script and providing repository context
to 'gh' command, resolving the "not a git repository" error in CI.
* Secure SSH, fix CI auto-merge, and resolve merge conflicts
This commit addresses the OWASP security audit by enforcing strict host key
verification and resolves persistent CI issues.
Security Changes:
- Replaced StrictHostKeyChecking=accept-new with yes in pkg/container and devops.
- Removed insecure host key verification from pkg/ansible.
- Implemented synchronous host key discovery using ssh-keyscan during VM boot.
- Updated Boot lifecycle to wait for host key verification.
- Handled missing known_hosts file in pkg/ansible.
- Refactored hardcoded SSH port to DefaultSSHPort constant.
CI and Maintenance:
- Fixed auto-merge.yml by inlining the script and adding repository context
to 'gh' command, resolving the "not a git repository" error in CI.
- Resolved merge conflicts in .github/workflows/auto-merge.yml with dev branch.
- Added pkg/ansible/ssh_test.go for SSH client verification.
- Fixed formatting in pkg/io/local/client.go to pass QA checks.
* Secure SSH and TLS connections, and fix CI issues
Addresses security concerns from OWASP audit and CodeQL by enforcing strict
host key verification and TLS certificate verification.
Security Changes:
- Enforced strict SSH host key checking in pkg/container and devops.
- Removed insecure SSH host key verification from pkg/ansible.
- Added synchronous host key discovery during VM boot using ssh-keyscan.
- Updated UniFi client to enforce TLS certificate verification by default.
- Added --insecure flag and config option for UniFi to allow opt-in to
skipping TLS verification for self-signed certificates.
CI and Maintenance:
- Fixed auto-merge workflow by providing repository context to 'gh' command.
- Resolved merge conflicts in .github/workflows/auto-merge.yml.
- Added unit tests for secured Ansible SSH client.
- Fixed formatting issues identified by QA checks.
* fix: gofmt alignment in cmd_config.go
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Secure connections, fix CI auto-merge, and resolve formatting
Addresses OWASP security audit and CodeQL security alerts by enforcing
secure defaults for SSH and TLS connections.
Key changes:
- Enforced strict SSH host key checking (StrictHostKeyChecking=yes).
- Implemented synchronous host key verification during VM boot using ssh-keyscan.
- Updated UniFi client to enforce TLS certificate verification by default.
- Added --insecure flag and config option for UniFi to allow opt-in to
skipping TLS verification.
- Fixed auto-merge workflow by providing repository context to 'gh' command.
- Resolved merge conflicts in .github/workflows/auto-merge.yml.
- Fixed formatting in internal/cmd/unifi/cmd_config.go and pkg/io/local/client.go.
- Added unit tests for secured Ansible SSH client.
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Claude <developers@lethean.io>
* security: sanitize user input in execInContainer
This change implements command injection protection for the 'vm exec' command
by adding a command whitelist and robust shell argument escaping.
Changes:
- Added `escapeShellArg` utility in `pkg/container/linuxkit.go` to safely quote
arguments for the remote shell.
- Updated `LinuxKitManager.Exec` to escape all command arguments before
passing them to SSH.
- Implemented `allowedExecCommands` whitelist in `internal/cmd/vm/cmd_container.go`.
- Added i18n support for new security-related error messages.
- Added unit tests for escaping logic and whitelist validation.
Fixes findings from OWASP Top 10 Security Audit (PR #205).
* security: sanitize user input in execInContainer
This change implements command injection protection for the 'vm exec' command
by adding a command whitelist and robust shell argument escaping.
Changes:
- Added `escapeShellArg` utility in `pkg/container/linuxkit.go` to safely quote
arguments for the remote shell.
- Updated `LinuxKitManager.Exec` to escape all command arguments before
passing them to SSH.
- Implemented `allowedExecCommands` whitelist in `internal/cmd/vm/cmd_container.go`.
- Added i18n support for new security-related error messages.
- Added unit tests for escaping logic and whitelist validation.
- Fixed minor formatting issue in `pkg/io/local/client.go`.
Fixes findings from OWASP Top 10 Security Audit (PR #205).
* security: sanitize user input in execInContainer
This change implements command injection protection for the 'vm exec' command
by adding a command whitelist and robust shell argument escaping.
Changes:
- Added `escapeShellArg` utility in `pkg/container/linuxkit.go` to safely quote
arguments for the remote shell (mitigates SSH command injection).
- Updated `LinuxKitManager.Exec` to escape all command arguments.
- Implemented `allowedExecCommands` whitelist in `internal/cmd/vm/cmd_container.go`.
- Added i18n support for new security-related error messages in `en_GB.json`.
- Added unit tests for escaping logic and whitelist validation.
- Fixed a minor pre-existing formatting issue in `pkg/io/local/client.go`.
Note: The 'merge / auto-merge' CI failure was identified as an external
reusable workflow issue (missing repository context for the 'gh' CLI), and
has been left unchanged to maintain PR scope and security policies.
Fixes findings from OWASP Top 10 Security Audit (PR #205).
* feat(cli): wire release command and add installer scripts
- Wire up `core build release` subcommand (was orphaned)
- Wire up `core monitor` command (missing import in full variant)
- Add installer scripts for Unix (.sh) and Windows (.bat)
- setup: Interactive with variant selection
- ci: Minimal for CI/CD environments
- dev: Full development variant
- go/php/agent: Targeted development variants
- All scripts include security hardening:
- Secure temp directories (mktemp -d)
- Architecture validation
- Version validation after GitHub API call
- Proper cleanup on exit
- PowerShell PATH updates on Windows (avoids setx truncation)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(build): add tar.xz support and unified installer scripts
- Add tar.xz archive support using Borg's compress package
- ArchiveXZ() and ArchiveWithFormat() for configurable compression
- Better compression ratio than gzip for release artifacts
- Consolidate 12 installer scripts into 2 unified scripts
- install.sh and install.bat with BunnyCDN edge variable support
- Subdomains: setup.core.help, ci.core.help, dev.core.help, etc.
- MODE and VARIANT transformed at edge based on subdomain
- Installers prefer tar.xz with automatic fallback to tar.gz
- Fixed CodeRabbit issues: HTTP status patterns, tar error handling,
verify_install params, VARIANT validation, CI PATH persistence
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* chore: add build and release config files
- .core/build.yaml - cross-platform build configuration
- .core/release.yaml - release workflow configuration
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* chore: move plans from docs/ to tasks/
Consolidate planning documents in tasks/plans/ directory.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(install): address CodeRabbit review feedback
- Add curl timeout (--max-time) to prevent hanging on slow networks
- Rename TMPDIR to WORK_DIR to avoid clobbering system env var
- Add chmod +x to ensure binary has execute permissions
- Add error propagation after subroutine calls in batch file
- Remove System32 install attempt in CI mode (use consistent INSTALL_DIR)
- Fix HTTP status regex for HTTP/2 compatibility
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(rag): add Go RAG implementation with Qdrant + Ollama
Add RAG (Retrieval Augmented Generation) tools for storing documentation
in Qdrant vector database and querying with semantic search. This replaces
the Python tools/rag implementation with a native Go solution.
New commands:
- core rag ingest [directory] - Ingest markdown files into Qdrant
- core rag query [question] - Query vector database with semantic search
- core rag collections - List and manage Qdrant collections
Features:
- Markdown chunking by sections and paragraphs with overlap
- UTF-8 safe text handling for international content
- Automatic category detection from file paths
- Multiple output formats: text, JSON, LLM context injection
- Environment variable support for host configuration
Dependencies:
- github.com/qdrant/go-client (gRPC client)
- github.com/ollama/ollama/api (embeddings API)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(deploy): add pure-Go Ansible executor and Coolify API integration
Implement infrastructure deployment system with:
- pkg/ansible: Pure Go Ansible executor
- Playbook/inventory parsing (types.go, parser.go)
- Full execution engine with variable templating, loops, blocks,
conditionals, handlers, and fact gathering (executor.go)
- SSH client with key/password auth and privilege escalation (ssh.go)
- 35+ module implementations: shell, command, copy, template, file,
apt, service, systemd, user, group, git, docker_compose, etc. (modules.go)
- pkg/deploy/coolify: Coolify API client wrapping Python swagger client
- List/get servers, projects, applications, databases, services
- Generic Call() for any OpenAPI operation
- pkg/deploy/python: Embedded Python runtime for swagger client integration
- internal/cmd/deploy: CLI commands
- core deploy servers/projects/apps/databases/services/team
- core deploy call <operation> [params-json]
This enables Docker-free infrastructure deployment with Ansible-compatible
playbooks executed natively in Go.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(deploy): address linter warnings and build errors
- Fix fmt.Sprintf format verb error in ssh.go (remove unused stat command)
- Fix errcheck warnings by explicitly ignoring best-effort operations
- Fix ineffassign warning in cmd_ansible.go
All golangci-lint checks now pass for deploy packages.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* style(deploy): fix gofmt formatting
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(deploy): use known_hosts for SSH host key verification
Address CodeQL security alert by using the user's known_hosts file
for SSH host key verification when available. Falls back to accepting
any key only when known_hosts doesn't exist (common in containerized
or ephemeral environments).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(ai,security,ide): add agentic MVP, security jobs, and Core IDE desktop app
Wire up AI infrastructure with unified pkg/ai package (metrics JSONL,
RAG integration), move RAG under `core ai rag`, add `core ai metrics`
command, and enrich task context with Qdrant documentation.
Add `--target` flag to all security commands for external repo scanning,
`core security jobs` for distributing findings as GitHub Issues, and
consistent error logging across scan/deps/alerts/secrets commands.
Add Core IDE Wails v3 desktop app with Angular 20 frontend, MCP bridge
(loopback-only HTTP server), WebSocket hub, and Claude Code bridge.
Production-ready with Lethean CIC branding, macOS code signing support,
and security hardening (origin validation, body size limits, URL scheme
checks, memory leak prevention, XSS mitigation).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: address PR review comments from CodeRabbit, Copilot, and Gemini
Fixes across 25 files addressing 46+ review comments:
- pkg/ai/metrics.go: handle error from Close() on writable file handle
- pkg/ansible: restore loop vars after loop, restore become settings,
fix Upload with become=true and no password (use sudo -n), honour
SSH timeout config, use E() helper for contextual errors, quote git
refs in checkout commands
- pkg/rag: validate chunk config, guard negative-to-uint64 conversion,
use E() helper for errors, add context timeout to Ollama HTTP calls
- pkg/deploy/python: fix exec.ExitError type assertion (was os.PathError),
handle os.UserHomeDir() error
- pkg/build/buildcmd: use cmd.Context() instead of context.Background()
for proper Ctrl+C cancellation
- install.bat: add curl timeouts, CRLF line endings, use --connect-timeout
for archive downloads
- install.sh: use absolute path for version check in CI mode
- tools/rag: fix broken ingest.py function def, escape HTML in query.py,
pin qdrant-client version, add markdown code block languages
- internal/cmd/rag: add chunk size validation, env override handling
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(build): make release dry-run by default and remove darwin/amd64 target
Replace --dry-run (default false) with --we-are-go-for-launch (default
false) so `core build release` is safe by default. Remove darwin/amd64
from default build targets (arm64 only for macOS). Fix cmd_project.go
to use command context instead of context.Background().
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(go): make go fmt git-aware by default
- By default, only check changed Go files (modified, staged, untracked)
- Add --all flag to check all files (previous behaviour)
- Reduces noise when running fmt on large codebases
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(build): minimal output by default, add missing i18n
- Default output now shows single line: "Success Built N artifacts (dir)"
- Add --verbose/-v flag to show full detailed output
- Add all missing i18n translations for build commands
- Errors still show failure reason in minimal mode
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: add root-level `core git` command
- Create pkg/gitcmd with git workflow commands as root menu
- Export command builders from pkg/dev (AddCommitCommand, etc.)
- Commands available under both `core git` and `core dev` for compatibility
- Git commands: health, commit, push, pull, work, sync, apply
- GitHub orchestration stays in dev: issues, reviews, ci, impact
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add docblock coverage checking
Implement docblock/docstring coverage analysis for Go code:
- New `core qa docblock` command to check coverage
- Shows compact file:line list when under threshold
- Integrate with `core go qa` as a default check
- Add --docblock-threshold flag (default 80%)
The checker uses Go AST parsing to find exported symbols
(functions, types, consts, vars) without documentation.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: address CodeRabbit review feedback
- Fix doc comment: "status" → "health" in gitcmd package
- Implement --check flag for `core go fmt` (exits non-zero if files need formatting)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* docs: add docstrings for 100% coverage
Add documentation comments to all exported symbols:
- pkg/build: ProjectType constants
- pkg/cli: LogLevel, RenderStyle, TableStyle
- pkg/framework: ServiceFor, MustServiceFor, Core.Core
- pkg/git: GitError.Error, GitError.Unwrap
- pkg/i18n: Handler Match/Handle methods
- pkg/log: Level constants
- pkg/mcp: Tool input/output types
- pkg/php: Service constants, QA types, service methods
- pkg/process: ServiceError.Error
- pkg/repos: RepoType constants
- pkg/setup: ChangeType, ChangeCategory constants
- pkg/workspace: AddWorkspaceCommands
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* chore: standardize line endings to LF
Add .gitattributes to enforce LF line endings for all text files.
Normalize all existing files to use Unix-style line endings.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: address CodeRabbit review feedback
- cmd_format.go: validate --check/--fix mutual exclusivity, capture stderr
- cmd_docblock.go: return error instead of os.Exit(1) for proper error handling
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: address CodeRabbit review feedback (round 2)
- linuxkit.go: propagate state update errors, handle cmd.Wait() errors in waitForExit
- mcp.go: guard against empty old_string in editDiff to prevent runaway edits
- cmd_docblock.go: log parse errors instead of silently skipping
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Fix loader to properly detect noun form objects by checking for
one/other structure before processing, preventing false positives
on objects that happen to be under gram.noun.* path
- Add comprehensive i18n strings for CLI commands including long
descriptions, flag help text, and status labels
- Add .claude/ project settings for Claude Code integration
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(github): add issue templates and auto-labeler
- Add bug_report.yml and feature_request.yml templates
- Add config.yml for issue creation options
- Add auto-label.yml workflow to label issues based on content
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(php): add --json and --sarif flags to QA commands
Adds machine-readable output support to PHP quality assurance commands:
- test: --json flag for JUnit XML output
- fmt: --json flag for JSON formatted output from Pint
- stan: --json and --sarif flags for PHPStan output
- psalm: --json and --sarif flags for Psalm output
- qa: --json flag for JSON summary output
SARIF output enables integration with GitHub Security tab for
static analysis results.
Closes#51
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(php): address CodeRabbit review feedback
- Guard progress messages when JSON/SARIF output is enabled
- Guard success messages when JSON/SARIF output is enabled
- Guard QA results display when JSON output is enabled
- Rename misleading JSON field to JUnit in TestOptions (outputs JUnit XML)
- Add mutual exclusion validation for --json and --sarif flags
- Remove empty conditional block in auto-label workflow
- Add i18n translation for json_sarif_exclusive error
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(php): additional CodeRabbit fixes
- Rename test --json flag to --junit (outputs JUnit XML, not JSON)
- Add actual JSON marshaling for QA command JSON output
- Add JSON tags to QARunResult and QACheckRunResult structs
- Add i18n translation for junit flag
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(dev): add safe git operations for AI agents
Adds agent-safe commands to prevent common git mistakes:
- `core dev sync <file> --to="pattern"`: Sync files across repos
- Auto-pulls before copying (safe sync)
- Optional commit with --message
- Optional push with --push
- Dry-run mode with --dry-run
- `core dev apply --command="..."`: Run commands across repos
- Execute shell commands in each repo
- Execute scripts with --script
- Optional commit/push after changes
- Continue on error with --continue
- Filter repos with --repos
Safety features:
- Never force push
- Auto-pull before push on rejection
- Report failures without stopping other repos
- Dry-run support for previewing changes
Closes#53
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(dev): address CodeRabbit review feedback
- Use errors.E() for consistent error handling in cmd_apply.go and cmd_file_sync.go
- Add path traversal validation to reject ".." in source paths
- Execute scripts directly to honor shebangs (not via sh)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(php): add CI/CD pipeline command
Adds `core php ci` command for CI/CD integration:
- Runs all QA checks in optimal order (test, stan, psalm, fmt, audit, security)
- Generates combined reports in multiple formats:
- JSON (--json) for machine consumption
- Markdown summary (--summary) for PR comments
- SARIF (--sarif) for static analysis tools
- Uploads SARIF to GitHub Security tab (--upload-sarif)
- Configurable failure threshold (--fail-on=critical|high|warning)
Example usage:
core php ci # Run full pipeline
core php ci --json # Output JSON report
core php ci --summary # Output markdown for PR
core php ci --sarif --upload-sarif # Generate and upload SARIF
Closes#52
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(php): address CodeRabbit review feedback on CI command
- Remove unused --parallel flag
- Validate git SHA before SARIF upload
- Properly handle and validate SARIF generation output
- Exit with correct code when --json flag is used and pipeline fails
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(security): add core security command for vulnerability alerts
Adds `core security` command area to expose GitHub security data:
- `core security alerts` - aggregated view of all security alerts
- `core security deps` - Dependabot vulnerability alerts with upgrade paths
- `core security scan` - CodeQL and code scanning alerts
- `core security secrets` - secret scanning alerts
Features:
- Filter by --repo, --severity (critical,high,medium,low)
- JSON output with --json for AI agent consumption
- Aggregated summary with severity breakdown
- Shows patched versions for easy upgrades
Closes#48
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(security): address CodeRabbit review feedback
- Remove unused flattened fields from DependabotAlert struct
- Add Unknown field to AlertSummary for unrecognized severities
- Add doc comments for exported Add and String methods
- Use cli.Wrap for contextual error wrapping
- Fix secret scanning summary counting after filter
- Remove unused --vulnerable flag from deps command
- Fix JSON output to only include open alerts in secrets command
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(security): handle json.MarshalIndent errors
Address CodeRabbit review feedback by properly handling errors from
json.MarshalIndent in all security subcommands instead of ignoring them.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(monitor): add security findings aggregation command
Implements `core monitor` to aggregate security findings from GitHub:
- Code scanning alerts (Semgrep, Trivy, Gitleaks, CodeQL, etc.)
- Dependabot vulnerability alerts
- Secret scanning alerts
Features:
- Scan current repo, specific repo, or all repos via registry
- Filter by severity (--severity critical,high)
- JSON output for piping to other tools (--json)
- Grouped output by repo with severity highlighting
Closes#49
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(monitor): address CodeRabbit review feedback
- Fix DependabotAlert JSON parsing with proper nested struct for
dependency.manifest_path field
- Remove unnecessary --jq flag from code scanning API call
- Fix truncate() to use runes for proper UTF-8 handling
- Sort repo names for deterministic output ordering
- Document hardcoded org fallback behavior
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(monitor): improve error handling per CodeRabbit review
- Use errors.E() consistently instead of errors.Wrap()
- Pass underlying errors to errors.E() for better context
- Return errors from fetch functions instead of swallowing
- Distinguish expected conditions (feature not enabled) from real errors
- Display fetch warnings in non-JSON mode
- Continue scanning other repos even if one fails
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add qa watch command for CI monitoring (#47)
Implements `core qa watch` to monitor GitHub Actions after a push:
- Polls workflow runs for a commit until completion
- Shows live progress with pass/fail counts
- On failure, shows job name, failed step, and link to logs
- Exits with appropriate code (0 = passed, 1 = failed)
Usage:
core qa watch # Watch current repo's HEAD
core qa watch --repo X # Watch specific repo
core qa watch --timeout 5m # Custom timeout
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(qa): address CodeRabbit feedback on watch command
- Add length check before slicing commitSha to prevent panic on short SHAs
- Count all non-success conclusions as failures (cancelled, timed_out, etc.)
- Use errors.E/Wrap pattern for consistent error handling with operation context
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add context-aware commands and log parsing
- Use exec.CommandContext with timeout context for all gh invocations
so commands are cancelled when deadline expires
- Implement fetchErrorFromLogs using 'gh run view --log-failed'
to extract first meaningful error line from failed workflows
- Pass context through call chain for proper timeout propagation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add review command for PR status (#62)
Add `core qa review` command to show PR review status with actionable
next steps. Answers: "What do I need to do to get my PRs merged?"
and "What reviews am I blocking?"
Features:
- Shows your open PRs with merge status (CI, reviews, conflicts)
- Shows PRs where your review is requested
- Provides actionable suggestions (rebase, address feedback, etc.)
- Flags: --mine, --requested, --repo
Closes#62
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add review command for PR status (#62)
Add `core qa review` command to show PR review status with actionable
next steps. Answers: "What do I need to do to get my PRs merged?"
and "What reviews am I blocking?"
Features:
- Shows your open PRs with merge status (CI, reviews, conflicts)
- Shows PRs where your review is requested
- Provides actionable suggestions (rebase, address feedback, etc.)
- Flags: --mine, --requested, --repo
Closes#62
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(qa): address CodeRabbit feedback on review command
- Fix truncate to use runes for UTF-8 safe string slicing
- Remove unused user parameter from showMyPRs and showRequestedReviews
- Remove unused getCurrentUser function
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(qa): remove duplicate i18n block and improve error handling
- Remove duplicate cmd.qa block in en_GB.json
- Use errors.E consistently for error wrapping
- Require --repo flag when not in a git repository
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* fix(i18n): restore missing translation keys for health command
The locale consolidation in 39de3c2 removed keys still used by
cmd_health.go. Added back:
- cmd.dev.health.* keys (long, repos, to_push, to_pull, etc.)
- common.status.* keys (dirty, clean, synced, up_to_date)
- common.flag.registry
Also fixed workspace.LoadConfig() returning default PackagesDir
when no .core/workspace.yaml exists, which was overriding repo
paths from repos.yaml.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: add nil checks for workspace.LoadConfig callers
LoadConfig now returns nil when no .core/workspace.yaml exists.
Added defensive nil checks to all callers to prevent panics.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor: align workspace.LoadConfig error handling
Both call sites now gracefully ignore errors and fall back to defaults,
since workspace config is optional for setup commands.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add qa watch command for CI monitoring (#47)
Implements `core qa watch` to monitor GitHub Actions after a push:
- Polls workflow runs for a commit until completion
- Shows live progress with pass/fail counts
- On failure, shows job name, failed step, and link to logs
- Exits with appropriate code (0 = passed, 1 = failed)
Usage:
core qa watch # Watch current repo's HEAD
core qa watch --repo X # Watch specific repo
core qa watch --timeout 5m # Custom timeout
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(qa): address CodeRabbit feedback on watch command
- Add length check before slicing commitSha to prevent panic on short SHAs
- Count all non-success conclusions as failures (cancelled, timed_out, etc.)
- Use errors.E/Wrap pattern for consistent error handling with operation context
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add context-aware commands and log parsing
- Use exec.CommandContext with timeout context for all gh invocations
so commands are cancelled when deadline expires
- Implement fetchErrorFromLogs using 'gh run view --log-failed'
to extract first meaningful error line from failed workflows
- Pass context through call chain for proper timeout propagation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(setup): add github command for repo configuration (#45)
Implements `core setup github` to configure GitHub repos with org
standards including labels, webhooks, branch protection, and security
settings. Supports dry-run mode, per-repo or all-repos operation, and
selective sync of specific settings.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(setup): address CodeRabbit feedback on github command
- Sort map keys for deterministic diff output in github_diff.go
- Preserve partial results by adding changes before continue on errors
- Reject conflicting --repo and --all flags with clear error message
- Allow empty webhook URLs (skip instead of error) for optional env vars
- Add content_type comparison in webhook sync
- Add required_status_checks comparison in branch protection sync
- Add DisableDependabotSecurityUpdates for bidirectional security control
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(setup): address additional CodeRabbit feedback
- Use filepath.Join for OS-portable path construction in github_config.go
- Fix stringSliceEqual to use frequency counting for proper duplicate handling
- Simplify change accumulation with variadic append
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Add i18n.RegisterLocales(fsys, dir) for packages to register translations
- Locales are automatically loaded when i18n.Init() is called
- Fix gram.word.* loading bug (strings were in wrong switch case)
- Fix loadJSON to merge messages instead of replacing
- Add common.* keys to base locale (labels, flags, progress, etc.)
- Add pkg/php/locales with PHP-specific translations
- pkg/php/i18n.go registers locales via init()
This enables the idiomatic pattern where packages register their
locale files and they're automatically loaded by the i18n system.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- LoadFS: Use path.Join instead of filepath.Join for fs.FS compatibility
- AddHandler: Document handler chain lock behavior
- getEffectiveFormality: Support string values ("formal", "informal")
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- service.go: Simplify Default() to just call Init() (sync.Once handles idempotency)
- service.go: Add nil check to SetDefault() with panic
- service.go: Add documentation for ModeStrict panic behavior
- loader.go: Add LanguagesErr() to expose directory scan errors
- loader.go: Use path.Join instead of filepath.Join for fs.FS compatibility
- transform.go: Add uint, uint8-64, int8, int16 support to type converters
- grammar.go: Replace deprecated strings.Title with unicode-aware implementation
- i18n_test.go: Add comprehensive concurrency tests with race detector
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- hooks.go: Use atomic.Value for missingKeyHandler global
- loader.go: Use sync.Once for FSLoader.Languages() caching
- service.go: Use atomic.Pointer[Service] for defaultService
All globals that could race between goroutines now use proper
synchronization primitives.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add NewWithLoader(loader, opts...) for custom storage backends
- Add Option type with WithFallback, WithFormality, WithHandlers,
WithDefaultHandlers, WithMode, WithDebug options
- Update New() and NewWithFS() to accept options
- Add loader field to Service struct
- Remove NewSubject() alias (use S() instead)
- Add tests for new options and NewWithLoader
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Article("") now returns "" for consistency with other grammar
functions (PastTense, Gerund, PluralForm, Label all return "")
- Add doc comment to getMessage() for consistency with other
internal helpers
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- CurrentLanguage() now returns "en-GB" (fallback) instead of "" when
service is nil, consistent with other getters returning defaults
- Document why SetLanguage returns error (validates language tag) while
SetMode, SetFormality, SetDebug do not (just set values)
- Add "Does nothing if service not initialized" to Set* doc comments
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add explicit nil checks to toInt, toInt64, toFloat64 for consistency
- Standardize error messages to use %q for user-provided strings
- Export GetGrammarData for symmetry with SetGrammarData
- Standardize String() doc comments to "the TypeName" pattern
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add int32 and float32 handling to toInt() for consistency with
toInt64() and toFloat64()
- Remove unusable _() function (can't be called as i18n._())
- SetLanguage() now returns ErrServiceNotInitialized when service
is nil instead of silently succeeding
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove incorrect "Panics if called on nil receiver" from chainable
Subject methods (they actually return nil safely)
- Add Raw() as named alias for _() matching Service.Raw()
- Add package-level wrappers: SetLanguage(), CurrentLanguage(),
SetMode(), CurrentMode()
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add CountString() to return count as string
- Fix FormalityString() to return string instead of Formality type
- Both Int and String getters now available for count field
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Rename Subject getters from GetX() to idiomatic Go naming:
- GetCount → CountValue
- GetGender → GenderValue
- GetLocation → Location
- GetNoun → NounValue
- GetFormality → FormalityValue
Add comprehensive tests for checks.go and mutate.go functions
that will be useful for future CLDR plural category support.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Remove since this is a new package with no external users:
- SetActionHandler() - use OnMissingKey() instead
- MissingKeyAction type alias - use MissingKey instead
Update tests to use current API.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Move all exported types to interfaces.go for consistent organisation.
Rename interface.go → interfaces.go.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Move handler functions from mode.go to actions.go:
- OnMissingKey, SetActionHandler, dispatchMissingKey
mode.go now contains only Mode type and constants.
interface.go keeps all types/interfaces.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Consolidate all compose-related tests into a single file for better
organisation. The grammar composition tests that verify intent templates
now live alongside the Subject tests.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The "intents" concept is gone - this is now just test data for
verifying the grammar composition functions produce correct strings.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add compose_intents_test.go with comprehensive tests that verify
the grammar engine can compose the same strings as intent templates
- Add irregular verbs: overwrite, reset, reboot
- Fix PastTense for words ending in -eed (proceed, succeed, exceed)
that were incorrectly treated as already being past tense
- Tests verify ActionResult, ActionFailed, Progress work for all
43 core intent verbs
- Demonstrates that semantic intents can be replaced by grammar
composition functions
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
