Docker containers were creating files as root, causing Go test cleanup
to fail with "permission denied". Now passes --user flag on Unix systems
to run containers as the current user.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add qa watch command for CI monitoring (#47)
Implements `core qa watch` to monitor GitHub Actions after a push:
- Polls workflow runs for a commit until completion
- Shows live progress with pass/fail counts
- On failure, shows job name, failed step, and link to logs
- Exits with appropriate code (0 = passed, 1 = failed)
Usage:
core qa watch # Watch current repo's HEAD
core qa watch --repo X # Watch specific repo
core qa watch --timeout 5m # Custom timeout
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(qa): address CodeRabbit feedback on watch command
- Add length check before slicing commitSha to prevent panic on short SHAs
- Count all non-success conclusions as failures (cancelled, timed_out, etc.)
- Use errors.E/Wrap pattern for consistent error handling with operation context
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add context-aware commands and log parsing
- Use exec.CommandContext with timeout context for all gh invocations
so commands are cancelled when deadline expires
- Implement fetchErrorFromLogs using 'gh run view --log-failed'
to extract first meaningful error line from failed workflows
- Pass context through call chain for proper timeout propagation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add review command for PR status (#62)
Add `core qa review` command to show PR review status with actionable
next steps. Answers: "What do I need to do to get my PRs merged?"
and "What reviews am I blocking?"
Features:
- Shows your open PRs with merge status (CI, reviews, conflicts)
- Shows PRs where your review is requested
- Provides actionable suggestions (rebase, address feedback, etc.)
- Flags: --mine, --requested, --repo
Closes#62
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add review command for PR status (#62)
Add `core qa review` command to show PR review status with actionable
next steps. Answers: "What do I need to do to get my PRs merged?"
and "What reviews am I blocking?"
Features:
- Shows your open PRs with merge status (CI, reviews, conflicts)
- Shows PRs where your review is requested
- Provides actionable suggestions (rebase, address feedback, etc.)
- Flags: --mine, --requested, --repo
Closes#62
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(qa): address CodeRabbit feedback on review command
- Fix truncate to use runes for UTF-8 safe string slicing
- Remove unused user parameter from showMyPRs and showRequestedReviews
- Remove unused getCurrentUser function
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(qa): remove duplicate i18n block and improve error handling
- Remove duplicate cmd.qa block in en_GB.json
- Use errors.E consistently for error wrapping
- Require --repo flag when not in a git repository
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* fix(i18n): restore missing translation keys for health command
The locale consolidation in 39de3c2 removed keys still used by
cmd_health.go. Added back:
- cmd.dev.health.* keys (long, repos, to_push, to_pull, etc.)
- common.status.* keys (dirty, clean, synced, up_to_date)
- common.flag.registry
Also fixed workspace.LoadConfig() returning default PackagesDir
when no .core/workspace.yaml exists, which was overriding repo
paths from repos.yaml.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: add nil checks for workspace.LoadConfig callers
LoadConfig now returns nil when no .core/workspace.yaml exists.
Added defensive nil checks to all callers to prevent panics.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor: align workspace.LoadConfig error handling
Both call sites now gracefully ignore errors and fall back to defaults,
since workspace config is optional for setup commands.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add qa watch command for CI monitoring (#47)
Implements `core qa watch` to monitor GitHub Actions after a push:
- Polls workflow runs for a commit until completion
- Shows live progress with pass/fail counts
- On failure, shows job name, failed step, and link to logs
- Exits with appropriate code (0 = passed, 1 = failed)
Usage:
core qa watch # Watch current repo's HEAD
core qa watch --repo X # Watch specific repo
core qa watch --timeout 5m # Custom timeout
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(qa): address CodeRabbit feedback on watch command
- Add length check before slicing commitSha to prevent panic on short SHAs
- Count all non-success conclusions as failures (cancelled, timed_out, etc.)
- Use errors.E/Wrap pattern for consistent error handling with operation context
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(qa): add context-aware commands and log parsing
- Use exec.CommandContext with timeout context for all gh invocations
so commands are cancelled when deadline expires
- Implement fetchErrorFromLogs using 'gh run view --log-failed'
to extract first meaningful error line from failed workflows
- Pass context through call chain for proper timeout propagation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(setup): add github command for repo configuration (#45)
Implements `core setup github` to configure GitHub repos with org
standards including labels, webhooks, branch protection, and security
settings. Supports dry-run mode, per-repo or all-repos operation, and
selective sync of specific settings.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(setup): address CodeRabbit feedback on github command
- Sort map keys for deterministic diff output in github_diff.go
- Preserve partial results by adding changes before continue on errors
- Reject conflicting --repo and --all flags with clear error message
- Allow empty webhook URLs (skip instead of error) for optional env vars
- Add content_type comparison in webhook sync
- Add required_status_checks comparison in branch protection sync
- Add DisableDependabotSecurityUpdates for bidirectional security control
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(setup): address additional CodeRabbit feedback
- Use filepath.Join for OS-portable path construction in github_config.go
- Fix stringSliceEqual to use frequency counting for proper duplicate handling
- Simplify change accumulation with variadic append
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Add pkg/workspace package with config and commands
- Integrate with pkg/php/cmd.go for context switching
- Refactor pkg/repos to use pkg/workspace for config
- Register workspace commands in full variant
* fix(docs): respect workspace.yaml packages_dir setting (fixes#46)
* fix(workspace): improve config loading logic (CR feedback)
- Expand ~ before resolving relative paths in cmd_registry
- Handle LoadWorkspaceConfig errors properly
- Update Repo.Path when PackagesDir overrides default
- Validate workspace config version
- Add unit tests for workspace config loading
* docs: add comments and increase test coverage (CR feedback)
- Add docstrings to exported functions in pkg/cli
- Add unit tests for Semantic Output (pkg/cli/output.go)
- Add unit tests for CheckBuilder (pkg/cli/check.go)
- Add unit tests for IPC Query/Perform (pkg/framework/core)
* fix(test): fix panics and failures in php package tests
- Fix panic in TestLookupLinuxKit_Bad by mocking paths
- Fix assertion errors in TestGetSSLDir_Bad and TestGetPackageInfo_Bad
- Fix formatting in test files
* fix(test): correct syntax in services_extended_test.go
* fix(ci): point coverage workflow to go.mod instead of go.work
* fix(ci): build CLI before running coverage
* fix(ci): run go generate for updater package in coverage workflow
* fix(github): allow dry-run publish without gh CLI authentication
Moves validation check after dry-run check so tests can verify dry-run behavior in CI environments.
Add build tags to separate Unix and Windows process handling in pkg/php:
- services_unix.go: Unix-specific process group handling (Setpgid, Getpgid, Kill)
- services_windows.go: Windows-compatible alternatives using os.Signal
- services.go: Use platform-agnostic helper functions
The pkg/php package now compiles on Windows. Process termination works
via os.Interrupt/os.Kill instead of Unix signals.
Fixes#56
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
LinuxKit v1.8.2+ requires double-dash flags (--format, --name, etc.)
instead of single-dash flags. The old flags were being parsed incorrectly,
e.g., `-name` was interpreted as `-n` with value `ame`.
Files updated:
- pkg/build/builders/linuxkit.go
- pkg/php/container.go
- pkg/release/publishers/linuxkit.go
- pkg/release/publishers/linuxkit_test.go
Fixes#50
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Replaces lipgloss/fmt with cli.* functions
- Adds unit tests for new cli components
- Fixes all build errors
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Check() fluent builder for check results
- Task() for task headers
- Section() for section headers
- Hint() for labelled hints
- Severity() for severity-styled output
- Result() for pass/fail results
Consuming packages now have zero display logic.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Replaces lipgloss with internal ANSI styling
- Updates output functions to use new style and glyph system
- Removes external dependencies from strings.go and errors.go
- Fixes redeclarations in utils.go and runtime.go
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replaces lipgloss with ~100 lines of owned code.
Supports bold, dim, italic, underline, RGB/hex colors.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implements trust model for distributed agent work:
- Tracks implementer when agent:wip is added
- Requests verification when agent:review is added
- Blocks self-verification (implementer != verifier)
- Records verification result
- Resets to agent:ready on verify-failed
Labels flow: agent:ready → agent:wip → agent:review → verified/verify-failed
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add `core go qa` command with subcommands:
- fmt: check/fix code formatting (gofmt)
- vet: run go vet
- lint: run golangci-lint
- test: run tests
- race: run tests with race detector
- vuln: check for vulnerabilities (govulncheck)
- sec: run security scanner (gosec)
- quick: fmt, vet, lint only
- full: all checks
Default (no subcommand) runs fmt, vet, lint, test.
All commands support --fix flag where applicable.
Also update Taskfile.yml to use core CLI commands throughout.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add cli.Fatal(err) that prints styled error and exits
- Change cli.Main() to handle errors internally via Fatal()
- Simplify main.go to just: cli.Main()
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Extract logging to pkg/log for use outside CLI:
- Logger with Debug/Info/Warn/Error levels
- Key-value pairs for structured logging
- Customisable styling and output
- Optional Core framework integration via Service
Enhance pkg/errors with:
- Wrap() and WrapCode() helpers
- Code() for error codes
- Op(), ErrCode(), Message(), Root() extractors
- Standard library wrappers (Is, As, New, Join)
Update pkg/cli/log.go to use pkg/log with CLI styling.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implements defence in depth through build variants - only compiled code
exists in the binary. Commands now self-register via cli.RegisterCommands()
in their init() functions, mirroring the i18n.RegisterLocales() pattern.
Structure changes:
- cmd/{ai,build,ci,dev,docs,doctor,go,php,pkg,sdk,setup,test,vm}/ → pkg/*/cmd_*.go
- cmd/core_dev.go, cmd/core_ci.go → cmd/variants/{full,ci,php,minimal}.go
- Added pkg/cli/commands.go with RegisterCommands API
- Updated pkg/cli/runtime.go to attach registered commands
Build variants:
- go build → full (21MB, all 13 command groups)
- go build -tags ci → ci (18MB, build/ci/sdk/doctor)
- go build -tags php → php (14MB, php/doctor)
- go build -tags minimal → minimal (11MB, doctor only)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Design for moving cmd/ into self-registering packages in pkg/:
- RegisterCommands() pattern like RegisterLocales()
- rootCmd stored in core.App
- Build variants via import files with build tags
- Smaller attack surface through selective compilation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add i18n.RegisterLocales(fsys, dir) for packages to register translations
- Locales are automatically loaded when i18n.Init() is called
- Fix gram.word.* loading bug (strings were in wrong switch case)
- Fix loadJSON to merge messages instead of replacing
- Add common.* keys to base locale (labels, flags, progress, etc.)
- Add pkg/php/locales with PHP-specific translations
- pkg/php/i18n.go registers locales via init()
This enables the idiomatic pattern where packages register their
locale files and they're automatically loaded by the i18n system.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add i18n.SetDefault() in CLI service for global i18n.T() access
- Replace explicit cmd.php.qa.* keys with grammar-based composition
- Use i18n.Label(), i18n.ProgressSubject() for structured messages
- Use i18n.done.*, i18n.fail.*, i18n.count.* magic namespaces
- Simplify GetIssueMessage() to use grammar patterns
This reduces translation key explosion by composing messages from
grammar primitives rather than defining explicit keys for every phrase.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Rename "analyse" check to "stan" (PHPStan is commonly called "stan")
- Command: `core php stan` (with "analyse" alias for compatibility)
- Update QA pipeline to use "stan" for check name
- Update dependency chain: fmt → stan → psalm → test
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add QARunner that wraps process.Service and process.Runner
- Replace sequential runQACheck() with dependency-ordered execution
- Checks run in proper sequence: audit → fmt → analyse → psalm → test → rector/infection
- Process events broadcast via Core ACTION() messages
- Display results with stage grouping and duration tracking
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Address code review findings:
- Add global wrappers: StartWithOptions, RunWithOptions, Running
- Add global_test.go with concurrent access tests for Default(),
SetDefault(), and concurrent operations
- Add process_test.go with dedicated Process struct method tests
- All tests pass with race detector
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add pkg/process for spawning, monitoring, and orchestrating external
processes with Core ACTION integration:
- Service with framework.ServiceRuntime integration
- ACTION messages: ProcessStarted, ProcessOutput, ProcessExited
- RingBuffer for output capture
- Runner for orchestration (RunAll, RunSequential, RunParallel)
- Dependency graph support for QA pipelines
- Global convenience functions following i18n patterns
Also add docs/pkg/PACKAGE_STANDARDS.md defining how to create Core
packages, using pkg/i18n as the reference implementation.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add comprehensive daemon mode support to pkg/cli:
- Mode detection (Interactive/Pipe/Daemon) based on TTY and CORE_DAEMON env
- TTY helpers using golang.org/x/term (IsTTY, IsStdinTTY, IsStderrTTY)
- PIDFile for single-instance enforcement with stale PID detection
- HealthServer with /health and /ready endpoints for orchestration
- Daemon lifecycle manager combining PID, health, and graceful shutdown
- SIGHUP support for configuration reloading in runtime.go
- Fix i18n.go type references (MissingKey, OnMissingKey)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- LoadFS: Use path.Join instead of filepath.Join for fs.FS compatibility
- AddHandler: Document handler chain lock behavior
- getEffectiveFormality: Support string values ("formal", "informal")
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- service.go: Simplify Default() to just call Init() (sync.Once handles idempotency)
- service.go: Add nil check to SetDefault() with panic
- service.go: Add documentation for ModeStrict panic behavior
- loader.go: Add LanguagesErr() to expose directory scan errors
- loader.go: Use path.Join instead of filepath.Join for fs.FS compatibility
- transform.go: Add uint, uint8-64, int8, int16 support to type converters
- grammar.go: Replace deprecated strings.Title with unicode-aware implementation
- i18n_test.go: Add comprehensive concurrency tests with race detector
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- hooks.go: Use atomic.Value for missingKeyHandler global
- loader.go: Use sync.Once for FSLoader.Languages() caching
- service.go: Use atomic.Pointer[Service] for defaultService
All globals that could race between goroutines now use proper
synchronization primitives.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add NewWithLoader(loader, opts...) for custom storage backends
- Add Option type with WithFallback, WithFormality, WithHandlers,
WithDefaultHandlers, WithMode, WithDebug options
- Update New() and NewWithFS() to accept options
- Add loader field to Service struct
- Remove NewSubject() alias (use S() instead)
- Add tests for new options and NewWithLoader
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
